Jump to content

Welcome to Geeks to Go - Register now for FREE

Need help with your computer or device? Want to learn new tech skills? You're in the right place!
Geeks to Go is a friendly community of tech experts who can solve any problem you have. Just create a free account and post your question. Our volunteers will reply quickly and guide you through the steps. Don't let tech troubles stop you. Join Geeks to Go now and get the support you need!

How it Works Create Account
Photo

Slow Computer, and "Smarter Shopper" Adware

Started by Spencer4134 , Aug 08 2014 07:40 PM
Slow Smarter Shopper

  • Please log in to reply

#1
Spencer4134
Posted 08 August 2014 - 07:40 PM

Spencer4134

    Member

  • Member
  • PipPip
  • 57 posts

I believe I have smarter shopper. I would like help removing this.

 

Also, My computer was working fine at the beginning of this year. Then my Antivirus couldn't do even a simple quick scan, then it couldn't update, then it couldn't check my subscription, then nothing on my windows 8.1 laptop had access to the internet that was a DESKTOP application, even though it said I had internet access. Then, BAM, everything came back to normal, except it is now a lot slower than it was. I am looking to try to speed it back up, I have already used CCleaner. Didn't do much.

 

Here are the logs:

 

FRST:

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 08-08-2014
Ran by Spencer (administrator) on LINK on 08-08-2014 19:37:56
Running from C:\Users\Spencer\Desktop\PC Repair Tools
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Malwarebytes Corporation) C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17200_none_fa7026dd9b04586e\TiWorker.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43848 2014-02-12] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKU\S-1-5-21-3730384798-2573950714-1100130627-1002\...\Run: [GoogleChromeAutoLaunch_3A0E3D8105F41419ED3F962F503F3C91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-3730384798-2573950714-1100130627-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-09] ()
HKU\S-1-5-21-3730384798-2573950714-1100130627-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
GroupPolicyUsers\S-1-5-21-3730384798-2573950714-1100130627-1002\User: Group Policy restriction detected <======= ATTENTION
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.goo...lt&ltmplcache=2
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKLM - {09E3BCA6-7FAF-4065-873C-A57F13519548} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKLM-x32 - {09E3BCA6-7FAF-4065-873C-A57F13519548} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKCU - {09E3BCA6-7FAF-4065-873C-A57F13519548} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ant.com browser helper (video detector) -> {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} -> C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin - C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-07-28]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-17]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Norton Identity Safe) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.43_0\npcoplgn.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2013-02-20]
CHR Extension: (Google Docs) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-28]
CHR Extension: (Google Drive) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-15]
CHR Extension: (YouTube) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-28]
CHR Extension: (Google Search) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-28]
CHR Extension: (Dislike on Facebook) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpdjlpboamepnnngafgepjcflmmcecc [2014-02-18]
CHR Extension: (Poppit!) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-02-20]
CHR Extension: (Norton Security Toolbar) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-01-28]
CHR Extension: (Google Wallet) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-28]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2122000 2012-02-13] (Blue Coat Systems, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-11] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-26] (Symantec Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 bckd; C:\Windows\System32\drivers\bckd.sys [108304 2012-02-13] (Blue Coat Systems, Inc.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys [1530160 2014-06-06] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-05] (Symantec Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.002\IDSvia64.sys [525016 2014-07-03] (Symantec Corporation)
R3 MBAMSwissArmy; C:\WINDOWS\system32\drivers\MBAMSwissArmy.sys [122584 2014-08-08] (Malwarebytes Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140808.003\ENG64.SYS [126040 2014-08-08] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140808.003\EX64.SYS [2099288 2014-08-08] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1504000.00D\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-17] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
U3 aswMBR; \??\C:\Users\Spencer\AppData\Local\Temp\aswMBR.sys [X]
U3 aswVmm; \??\C:\Users\Spencer\AppData\Local\Temp\aswVmm.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-08 17:25 - 2014-08-08 17:25 - 01288704 _____ () C:\Users\Spencer\Downloads\zoek.exe
2014-08-08 16:35 - 2014-08-08 19:38 - 00000000 ____D () C:\FRST
2014-08-08 16:31 - 2014-08-08 16:31 - 00753184 _____ () C:\Users\Spencer\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-08-08 16:15 - 2014-08-08 16:15 - 01016261 _____ (Thisisu) C:\Users\Spencer\Downloads\JRT.exe
2014-08-08 16:13 - 2014-08-08 16:13 - 00602112 _____ (OldTimer Tools) C:\Users\Spencer\Downloads\OTL.exe
2014-08-08 16:09 - 2014-08-08 16:09 - 01366203 _____ () C:\Users\Spencer\Downloads\AdwCleaner.exe
2014-08-08 16:06 - 2014-08-08 16:06 - 05185536 _____ (AVAST Software) C:\Users\Spencer\Downloads\aswmbr.exe
2014-08-08 15:59 - 2014-08-08 16:00 - 02094080 _____ (Farbar) C:\Users\Spencer\Downloads\FRST64.exe
2014-08-08 15:53 - 2014-08-08 19:37 - 00000000 ____D () C:\Users\Spencer\Desktop\PC Repair Tools
2014-07-30 21:21 - 2014-08-08 17:16 - 00221912 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-30 20:33 - 2014-07-30 20:33 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-07-30 20:33 - 2014-07-30 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-28 19:42 - 2014-07-30 20:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-28 19:42 - 2014-07-28 19:42 - 04813544 _____ (Piriform Ltd) C:\Users\Spencer\Downloads\ccsetup416.exe
2014-07-22 19:37 - 2014-04-13 21:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-22 17:47 - 2014-06-26 14:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-22 17:47 - 2014-06-26 14:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-20 20:49 - 2014-07-20 20:49 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-07-20 16:28 - 2014-07-28 21:04 - 00000000 ___RD () C:\Users\Spencer\Google Drive
2014-07-20 16:28 - 2014-06-16 16:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-20 16:28 - 2014-06-16 16:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-20 16:28 - 2014-06-06 08:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-20 16:28 - 2014-05-29 21:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-20 16:28 - 2014-05-29 06:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-20 16:28 - 2014-05-29 01:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-20 16:28 - 2014-05-29 00:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-20 16:28 - 2014-05-29 00:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-20 16:28 - 2014-05-28 23:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-20 16:28 - 2014-05-28 23:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-20 16:27 - 2014-06-18 19:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-20 16:27 - 2014-06-18 17:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-20 16:27 - 2014-06-18 16:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-20 16:26 - 2014-07-20 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-20 16:26 - 2014-06-18 18:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-20 16:25 - 2014-06-18 18:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-20 16:25 - 2014-06-18 18:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-20 16:25 - 2014-06-18 17:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-20 16:25 - 2014-06-18 17:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-20 16:25 - 2014-06-18 17:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-20 16:25 - 2014-06-18 17:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-20 16:25 - 2014-06-18 17:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-20 16:25 - 2014-06-18 17:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-20 16:25 - 2014-06-18 17:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-20 16:25 - 2014-06-18 17:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-20 16:25 - 2014-06-18 16:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-20 16:25 - 2014-06-18 16:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-20 16:25 - 2014-06-18 16:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-20 16:25 - 2014-06-18 16:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-20 16:25 - 2014-06-18 16:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-20 16:25 - 2014-06-18 16:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-20 16:25 - 2014-06-18 16:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-20 16:25 - 2014-06-18 16:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-20 16:25 - 2014-06-18 16:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-20 16:25 - 2014-06-18 16:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-20 16:25 - 2014-06-18 16:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-20 16:25 - 2014-06-18 16:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-20 16:24 - 2014-07-20 16:24 - 00895120 _____ (Google Inc.) C:\Users\Spencer\Downloads\googledrivesync.exe
2014-07-20 16:24 - 2014-06-18 16:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-20 16:24 - 2014-06-06 07:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-20 16:24 - 2014-06-06 06:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-20 16:24 - 2014-05-31 04:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-20 16:24 - 2014-05-31 04:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-20 16:24 - 2014-05-30 21:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-20 16:24 - 2014-05-30 21:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-20 16:24 - 2014-05-30 21:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-20 16:24 - 2014-05-30 21:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-20 16:24 - 2014-05-30 21:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-20 16:24 - 2014-05-30 21:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-20 16:24 - 2014-05-30 20:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-20 16:24 - 2014-05-30 20:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-20 16:24 - 2014-05-30 20:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-20 16:24 - 2014-05-30 20:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-20 16:24 - 2014-05-30 20:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-20 16:24 - 2014-05-30 20:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-20 16:24 - 2014-05-30 20:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-20 14:37 - 2014-07-20 14:37 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3730384798-2573950714-1100130627-1012
2014-07-20 13:38 - 2014-07-20 13:38 - 00039628 _____ () C:\Users\Spencer\Downloads\serifa-bt-bold[1].ttf
2014-07-20 10:19 - 2014-08-08 16:01 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 10:17 - 2014-08-05 18:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-20 10:17 - 2014-07-20 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 10:17 - 2014-07-20 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 10:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-20 10:17 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-20 10:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-08 19:38 - 2014-08-08 16:35 - 00000000 ____D () C:\FRST
2014-08-08 19:37 - 2014-08-08 15:53 - 00000000 ____D () C:\Users\Spencer\Desktop\PC Repair Tools
2014-08-08 19:37 - 2013-01-28 13:25 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-08 19:00 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-08 18:44 - 2014-02-18 21:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-08 17:25 - 2014-08-08 17:25 - 01288704 _____ () C:\Users\Spencer\Downloads\zoek.exe
2014-08-08 17:16 - 2014-07-30 21:21 - 00221912 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-08 16:41 - 2013-01-23 16:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3730384798-2573950714-1100130627-1002
2014-08-08 16:31 - 2014-08-08 16:31 - 00753184 _____ () C:\Users\Spencer\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-08-08 16:15 - 2014-08-08 16:15 - 01016261 _____ (Thisisu) C:\Users\Spencer\Downloads\JRT.exe
2014-08-08 16:13 - 2014-08-08 16:13 - 00602112 _____ (OldTimer Tools) C:\Users\Spencer\Downloads\OTL.exe
2014-08-08 16:09 - 2014-08-08 16:09 - 01366203 _____ () C:\Users\Spencer\Downloads\AdwCleaner.exe
2014-08-08 16:06 - 2014-08-08 16:06 - 05185536 _____ (AVAST Software) C:\Users\Spencer\Downloads\aswmbr.exe
2014-08-08 16:01 - 2014-07-20 10:19 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-08 16:00 - 2014-08-08 15:59 - 02094080 _____ (Farbar) C:\Users\Spencer\Downloads\FRST64.exe
2014-08-08 15:56 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-08 15:49 - 2013-01-23 15:53 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B121082A-65F9-436F-BC01-6923BEF2D7D4}
2014-08-05 18:02 - 2014-07-20 10:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-30 20:37 - 2014-04-16 16:02 - 00000000 ___DC () C:\WINDOWS\Panther
2014-07-30 20:37 - 2013-01-23 16:21 - 00000000 ___HD () C:\Users\Spencer\AppData\Local\CrashDumps
2014-07-30 20:33 - 2014-07-30 20:33 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-07-30 20:33 - 2014-07-30 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-30 20:33 - 2014-07-28 19:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-29 22:31 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-28 21:04 - 2014-07-20 16:28 - 00000000 ___RD () C:\Users\Spencer\Google Drive
2014-07-28 21:03 - 2013-01-28 13:27 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-28 21:03 - 2013-01-28 13:25 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-28 20:58 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-07-28 20:57 - 2014-04-16 14:18 - 00000000 ____D () C:\Users\Spencer
2014-07-28 19:42 - 2014-07-28 19:42 - 04813544 _____ (Piriform Ltd) C:\Users\Spencer\Downloads\ccsetup416.exe
2014-07-27 23:01 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-07-27 22:56 - 2013-08-22 07:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-07-27 22:56 - 2013-07-10 16:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 22:56 - 2013-07-10 16:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 22:54 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-27 22:54 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-27 22:53 - 2013-07-10 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-26 17:37 - 2013-01-24 15:39 - 00000000 ____D () C:\Users\Spencer\Documents\Visual Studio 2008
2014-07-22 19:48 - 2013-01-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-22 19:47 - 2013-07-18 17:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-22 19:43 - 2013-01-24 17:13 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-22 19:39 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-22 17:45 - 2013-08-22 08:44 - 00496096 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-22 17:43 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-22 17:43 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-22 17:42 - 2012-07-26 02:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-20 20:49 - 2014-07-20 20:49 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-07-20 20:48 - 2012-09-26 11:21 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-07-20 20:48 - 2012-09-26 11:19 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-07-20 20:47 - 2013-11-17 15:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-20 20:47 - 2012-09-26 11:21 - 00002521 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-07-20 18:46 - 2014-03-18 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-20 16:26 - 2014-07-20 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-20 16:26 - 2013-01-28 13:25 - 00000000 ___HD () C:\Users\Spencer\AppData\Local\Google
2014-07-20 16:26 - 2013-01-28 13:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-20 16:24 - 2014-07-20 16:24 - 00895120 _____ (Google Inc.) C:\Users\Spencer\Downloads\googledrivesync.exe
2014-07-20 16:18 - 2014-01-22 19:05 - 00000000 ____D () C:\Users\Spencer\AppData\Roaming\vlc
2014-07-20 14:37 - 2014-07-20 14:37 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3730384798-2573950714-1100130627-1012
2014-07-20 13:38 - 2014-07-20 13:38 - 00039628 _____ () C:\Users\Spencer\Downloads\serifa-bt-bold[1].ttf
2014-07-20 12:25 - 2014-03-18 04:03 - 01060864 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-20 10:17 - 2014-07-20 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 10:17 - 2014-07-20 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-12 13:44 - 2014-02-18 21:28 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
 
Files to move or delete:
====================
C:\Users\Spencer\jobq.dat
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-07-28 21:59
 
==================== End Of Log ============================
 
Addition.txt
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-08-2014
Ran by Spencer at 2014-08-08 19:41:45
Running from C:\Users\Spencer\Desktop\PC Repair Tools
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 4.65 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0465-000001000000}) (Version: 4.65.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.6.0.5970 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 3.6.0.5970 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Amazon MP3 Downloader 1.0.18 (HKCU\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{63ADEC24-A374-80A8-E89B-BE401C787F75}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Ant.com IE add-on (HKLM-x32\...\{B905CAA1-D6FF-4D21-8858-F8C610491C0B}) (Version: 2.2.4.1076 - Ant.com)
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
ChessBase 12 64-bit (HKLM\...\{83042F53-D60D-412E-8E6C-106A9200CB20}) (Version: 12.17.0.0 - ChessBase)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
FamilySearch Indexing 3.17.7 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.7 - FamilySearch)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{AE986BF5-B6E3-4F8D-B412-A3DD90DF5146}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Legacy 7.5 (HKLM-x32\...\Legacy 7.5) (Version: 7.5  - Millennia Corporation)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
LEGO MINDSTORMS NXT - English Language Pack (HKLM-x32\...\{53753510-7620-4D2B-9C0B-111F871615D9}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{74E85F31-573F-45BF-8939-4D2BCDCC2083}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM-x32\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LEGO MINDSTORMS NXT Software v2.0 (HKLM-x32\...\{CB263F8D-EF2D-4EB5-A368-A27056EE92D4}) (Version: 2.0.108.0 - LEGO)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (HKLM-x32\...\Microsoft Visual C++ 2008 Express Edition with SP1 - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Multimedia Fusion 2 (HKLM-x32\...\Multimedia Fusion 2) (Version:  - )
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Peshka Training Courses (HKLM-x32\...\Peshka_is1) (Version:  - )
PlayChess  (HKLM-x32\...\PlayChess) (Version:  - ChessBase GmbH)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SpyNet Field Office (HKLM-x32\...\com.jakks.spynet) (Version: 1.05 - UNKNOWN)
SpyNet Field Office (x32 Version: 1.05 - UNKNOWN) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Toby Deep Tactics 5.0 (HKLM-x32\...\{68B937E2-10B0-49DE-BB21-0042B3544856}) (Version: 1.0.0 - Toby Chess Products)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.7 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
20-07-2014 21:14:47 Scheduled Checkpoint
28-07-2014 04:47:00 Windows Update
09-08-2014 00:05:39 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-25 23:26 - 2014-07-28 20:58 - 00002524 ____A C:\WINDOWS\system32\Drivers\etc\hosts
216.239.32.20 www.google.ae # bck9
216.239.32.20 www.google.at # bck9
216.239.32.20 www.google.be # bck9
216.239.32.20 www.google.ca # bck9
216.239.32.20 www.google.ch # bck9
216.239.32.20 www.google.cl # bck9
216.239.32.20 www.google.co.il # bck9
216.239.32.20 www.google.co.in # bck9
216.239.32.20 www.google.co.jp # bck9
216.239.32.20 www.google.co.kr # bck9
216.239.32.20 www.google.co.nz # bck9
216.239.32.20 www.google.co.uk # bck9
216.239.32.20 www.google.co.ve # bck9
216.239.32.20 www.google.co.za # bck9
216.239.32.20 www.google.com # bck9
216.239.32.20 www.google.com.ar # bck9
216.239.32.20 www.google.com.au # bck9
216.239.32.20 www.google.com.br # bck9
216.239.32.20 www.google.com.co # bck9
216.239.32.20 www.google.com.gr # bck9
216.239.32.20 www.google.com.hk # bck9
216.239.32.20 www.google.com.mx # bck9
216.239.32.20 www.google.com.my # bck9
216.239.32.20 www.google.com.pe # bck9
216.239.32.20 www.google.com.ph # bck9
216.239.32.20 www.google.com.pk # bck9
216.239.32.20 www.google.com.sg # bck9
216.239.32.20 www.google.com.tr # bck9
216.239.32.20 www.google.com.tw # bck9
 
There are 13 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0537C634-73E8-4F7F-8D23-469C6F628938} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C976F87-7C33-4D5D-8745-F8B9757C8E66} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0FA4BFDB-B6AF-4E3B-8D8E-4A86FF7B226D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C139EC0-97C9-4379-9C86-326B7BC79FF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B415A82-36BD-4DBF-AFE1-F78199A772A0} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6B1A2A2C-26D2-4250-9147-7B5404082A93} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-22] (Microsoft Corporation)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {700739A8-2CA4-4F5F-B90B-7C85A3E8F722} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-16] (Synaptics Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75D93140-EDC0-4087-B716-AE425F96D8EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-12] (Adobe Systems Incorporated)
Task: {772CFF56-BF20-480A-885A-CA6CF86B98FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28] (Google Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B2D4D75-189B-40ED-8C62-D5202E1A40A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {821FD5B1-DA19-4F5F-B541-EA30C4215B3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28] (Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9DFFB140-09CC-4B6A-A93F-51722F1A7ED1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ACC2D668-6AA6-49BB-8D94-EE3B774D0307} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C3923A0E-D9FD-4A9B-B416-84DC617D92E7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-26] (Symantec Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D21B68D3-2FE1-45C2-B8EE-53E1489878D3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D408DAB0-87F3-4379-9311-F6C8B24093EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {D4AE3BAD-7E25-4705-AF7C-AD4612C0F3E3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{03CEC8FE-20AF-472B-8BBE-44AFF16348E9}.job => C:\WINDOWS\system32\msfeedssync.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-06 13:09 - 2012-08-06 13:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-05-09 14:37 - 2013-05-09 14:37 - 00400704 _____ () C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2013-04-05 12:58 - 2013-04-05 12:58 - 00954696 _____ () C:\Program Files\Common Files\Apple\Internet Services\ShellStreams64.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2012-09-26 11:07 - 2012-06-07 21:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
2014-07-28 21:03 - 2014-07-28 21:03 - 00098816 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32api.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00110080 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\pywintypes27.dll
2014-07-28 21:03 - 2014-07-28 21:03 - 00364544 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\pythoncom27.dll
2014-07-28 21:03 - 2014-07-28 21:03 - 00045568 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\_socket.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 01160704 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\_ssl.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00320512 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32com.shell.shell.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00713216 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\_hashlib.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 01175040 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\wx._core_.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00805888 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\wx._gdi_.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00811008 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\wx._windows_.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 01062400 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\wx._controls_.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00735232 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\wx._misc_.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00128512 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\_elementtree.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00127488 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\pyexpat.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00557056 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\pysqlite2._sqlite.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00007168 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\hashobjs_ext.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00087552 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\_ctypes.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00119808 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32file.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00108544 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32security.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00018432 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32event.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00038912 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32inet.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00070656 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\wx._html2.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00167936 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32gui.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00011264 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32crypt.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00027136 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\_multiprocessing.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00122368 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\wx._wizard.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00010240 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\select.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00024064 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32pipe.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00686080 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\unicodedata.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00025600 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32pdh.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00525640 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\windows._lib_cacheinvalidation.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00035840 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32process.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00017408 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32profile.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00022528 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\win32ts.pyd
2014-07-28 21:03 - 2014-07-28 21:03 - 00078336 ____N () C:\Users\Spencer\AppData\Local\Temp\_MEI48322\wx._animate.pyd
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/08/2014 04:09:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.3.9600.17039 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 8a4
 
Start Time: 01cfaad99aa8b17d
 
Termination Time: 0
 
Application Path: C:\WINDOWS\Explorer.EXE
 
Report Id: 13cbc547-1f48-11e4-becd-78e3b57fa3a0
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (08/05/2014 10:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10781
 
Error: (08/05/2014 10:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10781
 
Error: (08/05/2014 10:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 10:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9266
 
Error: (08/05/2014 10:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9266
 
Error: (08/05/2014 10:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 10:39:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7797
 
Error: (08/05/2014 10:39:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7797
 
Error: (08/05/2014 10:39:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/08/2014 05:50:10 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (08/08/2014 05:49:40 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (08/08/2014 04:42:25 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (08/08/2014 04:41:55 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (07/30/2014 06:44:25 PM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
Description: A fatal alert was received from the remote endpoint. The TLS protocol defined fatal alert code is 20.
 
Error: (07/29/2014 10:21:38 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (07/28/2014 10:00:22 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (07/28/2014 09:59:51 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (07/28/2014 08:57:43 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Superfetch service terminated with the following error: 
%%1062
 
Error: (07/28/2014 08:04:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 7:56:09 PM on ‎7/‎28/‎2014 was unexpected.
 
 
Microsoft Office Sessions:
=========================
Error: (08/08/2014 04:09:38 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.3.9600.170398a401cfaad99aa8b17d0C:\WINDOWS\Explorer.EXE13cbc547-1f48-11e4-becd-78e3b57fa3a0
 
Error: (08/05/2014 10:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 10781
 
Error: (08/05/2014 10:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 10781
 
Error: (08/05/2014 10:39:51 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 10:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 9266
 
Error: (08/05/2014 10:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 9266
 
Error: (08/05/2014 10:39:49 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/05/2014 10:39:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 7797
 
Error: (08/05/2014 10:39:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 7797
 
Error: (08/05/2014 10:39:48 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 53%
Total physical RAM: 3682.26 MB
Available physical RAM: 1714.98 MB
Total Pagefile: 4770.26 MB
Available Pagefile: 2229.15 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:441.16 GB) (Free:384.12 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:23.39 GB) (Free:2.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: C2C9F703)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================
 
aswMBR:
 
aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-08 19:45:36
-----------------------------
19:45:36.443    OS Version: Windows x64 6.2.9200 
19:45:36.444    Number of processors: 2 586 0x200
19:45:36.448    ComputerName: LINK  UserName: 
19:45:38.041    Initialize success
19:45:38.041    VM: initialized successfully
19:45:38.185    VM: Amd CPU supported 
19:45:39.262    VM: supported disk I/O storport.sys
19:46:48.256    AVAST engine defs: 14080801
19:46:56.406    Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\00000028
19:46:56.416    Disk 0 Vendor: Hitachi_HTS545050A7E380 GG2OA7A0 Size: 476940MB BusType: 11
19:46:56.779    Disk 0 MBR read successfully
19:46:56.793    Disk 0 MBR scan
19:46:56.849    Disk 0 unknown MBR code
19:46:56.865    Disk 0 Partition 1 00     EE          GPT           2097151 MB offset 1
19:46:57.175    Disk 0 scanning C:\WINDOWS\system32\drivers
19:47:40.784    Service scanning
19:47:49.412    Service BHDrvx64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys **LOCKED** 5
19:47:53.866    Service eeCtrl C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys **LOCKED** 5
19:47:54.266    Service EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys **LOCKED** 5
19:48:00.105    Service IDSVia64 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.001\IDSvia64.sys **LOCKED** 5
19:48:18.865    Service NAVENG C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140808.003\ENG64.SYS **LOCKED** 5
19:48:19.345    Service NAVEX15 C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140808.003\EX64.SYS **LOCKED** 5
19:48:49.270    Modules scanning
19:48:49.317    Disk 0 trace - called modules:
19:48:49.360    ntoskrnl.exe CLASSPNP.SYS disk.sys amdxata.sys storport.sys hal.dll amdsata.sys 
19:48:49.387    1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0xffffe001187fd770]
19:48:49.413    3 CLASSPNP.SYS[fffff80022d7d27b] -> nt!IofCallDriver -> [0xffffe001176a2040]
19:48:49.438    5 amdxata.sys[fffff800229ae6b4] -> nt!IofCallDriver -> \Device\00000028[0xffffe0011873c7f0]
19:48:50.992    AVAST engine scan C:\WINDOWS
19:49:39.216    AVAST engine scan C:\WINDOWS\system32
19:58:04.566    AVAST engine scan C:\WINDOWS\system32\drivers
19:58:38.290    AVAST engine scan C:\Users\Spencer
20:04:21.535    File: C:\Users\Spencer\Desktop\PC Repair Tools\zoek.exe  **INFECTED** Win32:Malware-gen
20:07:43.401    File: C:\Users\Spencer\Downloads\zoek.exe  **INFECTED** Win32:Malware-gen
20:08:27.930    AVAST engine scan C:\ProgramData
20:13:11.965    Scan finished successfully
20:22:11.009    Disk 0 MBR has been saved successfully to "C:\Users\Spencer\Desktop\PC Repair Tools\Log Files\aswmbr\MBR.dat"
20:22:11.054    The log file has been saved successfully to "C:\Users\Spencer\Desktop\PC Repair Tools\Log Files\aswmbr\aswMBR.txt"
 
Any help is appreciated!

 


Edited by Spencer4134, 08 August 2014 - 08:45 PM.

  • 0

Advertisements

#2
Spencer4134
Posted 10 August 2014 - 11:52 AM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Also, about smarter shopper. When I went to the malwarebytes download page, all these words were highlighted and if I hover over them, it shows an ad by Smarter Shopper. That is what concerns me.


  • 0

#3
emeraldnzl
Posted 12 August 2014 - 04:06 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello Spencer4134,

Sorry for the delay.

Looks like you have used the Zoek tool at some point and not removed it afterwards. Seems aswMBR is flagging it as malicious. A false positive I think but something to keep in mind.

For now

Please download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

After that

Please run another FRST scan with the Addition.txt box ticked and post back the two logs generated - FRST.txt and Addition.txt.

So when you return please post

  • Fixlog.txt
  • FRST.txt
  • Addition.txt

 


  • 0

#4
Spencer4134
Posted 12 August 2014 - 06:40 PM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-08-2014
Ran by Spencer at 2014-08-12 17:42:34 Run:1
Running from C:\Users\Spencer\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
GroupPolicyUsers\S-1-5-21-3730384798-2573950714-1100130627-1002\User: Group Policy restriction detected <======= ATTENTION
SearchScopes: HKLM - {09E3BCA6-7FAF-4065-873C-A57F13519548} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
SearchScopes: HKLM-x32 - {09E3BCA6-7FAF-4065-873C-A57F13519548} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKLM-x32 - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKLM-x32 - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
C:\Users\Spencer\jobq.dat
Hosts:
EmptyTemp:
*****************
 
C:\WINDOWS\system32\GroupPolicyUsers\S-1-5-21-3730384798-2573950714-1100130627-1002\User => Moved successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09E3BCA6-7FAF-4065-873C-A57F13519548}" => Key deleted successfully.
"HKCR\CLSID\{09E3BCA6-7FAF-4065-873C-A57F13519548}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully.
"HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key deleted successfully.
"HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{09E3BCA6-7FAF-4065-873C-A57F13519548}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{09E3BCA6-7FAF-4065-873C-A57F13519548}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
C:\Users\Spencer\jobq.dat => Moved successfully.
C:\Windows\System32\Drivers\etc\hosts => Moved successfully.
Hosts was reset successfully.
EmptyTemp: => Removed 767 MB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog ====
 
FRST:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-08-2014
Ran by Spencer (administrator) on LINK on 12-08-2014 18:15:56
Running from C:\Users\Spencer\Desktop
Platform: Windows 8.1 (X64) OS Language: English (United States)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Advanced Micro Devices, Inc.) C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Blue Coat Systems, Inc.) C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(WildTangent) C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSA_Service.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\nis.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
() C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(CyberLink Corp.) C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
(Hewlett-Packard Development Company, L.P.) C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
(Google) C:\Program Files (x86)\Google\Drive\googledrivesync.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(CyberLink) C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
(CyberLink) C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
(Microsoft Corporation) C:\Windows\WinStore\WSHost.exe
(Hewlett-Packard Company) C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6548112 2012-06-12] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3030256 2013-05-16] (Synaptics Incorporated)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-06] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe [491320 2012-07-26] (CyberLink Corp.)
HKLM-x32\...\Run: [RemoteControl10] => C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe [91432 2012-03-28] (CyberLink Corp.)
HKLM-x32\...\Run: [HP Quick Launch] => C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe [580512 2012-07-09] (Hewlett-Packard Development Company, L.P.)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959904 2013-11-21] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [43816 2014-07-31] (Apple Inc.)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [254336 2013-07-02] (Oracle Corporation)
HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-08-01] (Apple Inc.)
HKU\S-1-5-21-3730384798-2573950714-1100130627-1002\...\Run: [GoogleChromeAutoLaunch_3A0E3D8105F41419ED3F962F503F3C91] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [860488 2014-07-15] (Google Inc.)
HKU\S-1-5-21-3730384798-2573950714-1100130627-1002\...\Run: [AmazonMP3DownloaderHelper] => C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe [400704 2013-05-09] ()
HKU\S-1-5-21-3730384798-2573950714-1100130627-1002\...\Run: [GoogleDriveSync] => C:\Program Files (x86)\Google\Drive\googledrivesync.exe [24477056 2014-06-27] (Google)
ShellIconOverlayIdentifiers: GDriveBlacklistedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedEditOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D44} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSharedViewOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D43} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncedOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
ShellIconOverlayIdentifiers: GDriveSyncingOverlay -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://accounts.goo...lt&ltmplcache=2
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://g.msn.com/HPNOT13/1
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://g.msn.com/HPNOT13/1
SearchScopes: HKLM - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKLM-x32 - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKCU - DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKCU - {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = http://www.bing.com/...0TR&pc=CPNTDFJS
SearchScopes: HKCU - {09E3BCA6-7FAF-4065-873C-A57F13519548} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Ant.com browser helper (video detector) -> {346FDE31-DFF9-418A-90C8-BA31DC9FF2EF} -> C:\Program Files (x86)\Ant.com\IE add-on\Download.dll (Ant.com)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
BHO-x32: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll (Hewlett-Packard)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Ant.com Video Downloader toolbar - {2E924F4F-67F0-4BD8-9560-49F468E843D2} - C:\Program Files (x86)\Ant.com\IE add-on\AntToolbar.dll (Ant.com)
Toolbar: HKLM-x32 - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
Toolbar: HKCU - Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll (Google Inc.)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Internet Security\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - No Name - {2E924F4F-67F0-4BD8-9560-49F468E843D2} -  No File
DPF: HKLM-x32 {233C1507-6A77-46A4-9443-F871F945D258} http://download.macr...director/sw.cab
Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
 
FireFox:
========
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~3\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF Plugin-x32: @java.com/DTPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=10.51.2 -> C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll No File
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin HKCU: amazon.com/AmazonMP3DownloaderPlugin -> C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\coFFPlgn [2014-08-12]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NIS_21.1.0.18\IPSFF [2013-11-17]
 
Chrome: 
=======
CHR HomePage: hxxp://www.google.com/
CHR StartupUrls: "hxxp://www.google.com/"
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.2.464\_platform_specific\win_x86\widevinecdmadapter.dll No File
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Norton Identity Safe) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.0.43_0\npcoplgn.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin2.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin3.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin4.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin5.dll (Apple Inc.)
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin6.dll No File
CHR Plugin: (QuickTime Plug-in 7.7.3) - C:\Program Files (x86)\QuickTime\plugins\npqtplugin7.dll No File
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
CHR Plugin: (Microsoft Office 2010) - C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.22.5\npGoogleUpdate3.dll No File
CHR Plugin: (Java Deployment Toolkit 7.0.510.13) - C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
CHR Plugin: (Java™ Platform SE 7 U51) - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
CHR Plugin: (iTunes Application Detector) - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
CHR Plugin: (AmazonMP3DownloaderPlugin) - C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin10181.dll (Amazon.com, Inc.)
CHR Plugin: (Shockwave for Director) - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1200112.dll (Adobe Systems, Inc.)
CHR Plugin: (Shockwave Flash) - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_77.dll No File
CHR Plugin: (Silverlight Plug-In) - c:\Program Files (x86)\Microsoft Silverlight\5.1.30214.0\npctrl.dll No File
CHR Extension: (Entanglement Web App) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aciahcmjmecflokailenpkdchphgkefd [2013-02-20]
CHR Extension: (Google Docs) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2013-01-28]
CHR Extension: (Google Drive) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-01-28]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-06-15]
CHR Extension: (YouTube) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-01-28]
CHR Extension: (Google Search) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-01-28]
CHR Extension: (Dislike on Facebook) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\fnpdjlpboamepnnngafgepjcflmmcecc [2014-02-18]
CHR Extension: (Poppit!) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mcbkbpnkkkipelfledbfocopglifcfmi [2013-02-20]
CHR Extension: (Norton Security Toolbar) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2013-01-28]
CHR Extension: (Google Wallet) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-09-01]
CHR Extension: (Gmail) - C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-01-28]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-20]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AMD FUEL Service; C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe [361984 2012-08-06] (Advanced Micro Devices, Inc.) [File not signed]
R2 bckwfs; C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe [2122000 2012-02-13] (Blue Coat Systems, Inc.)
R2 GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [227904 2014-03-11] (WildTangent)
R2 HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [85504 2012-08-10] (Hewlett-Packard Company) [File not signed]
R2 MSSQL$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe [40999448 2008-07-10] (Microsoft Corporation)
S4 msvsmon90; C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe [4737024 2008-07-29] (Microsoft Corporation)
R2 NIS; C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe [276376 2014-06-26] (Symantec Corporation)
S4 SQLAgent$SQLEXPRESS; c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE [369688 2008-07-10] (Microsoft Corporation)
S3 w3logsvc; C:\Windows\system32\inetsrv\w3logsvc.dll [76800 2014-04-16] (Microsoft Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [347880 2014-03-23] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2014-03-23] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
R1 bckd; C:\Windows\System32\drivers\bckd.sys [108304 2012-02-13] (Blue Coat Systems, Inc.)
R3 BHDrvx64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys [1530160 2014-06-06] (Symantec Corporation)
R3 ccSet_NIS; C:\Windows\system32\drivers\NISx64\1504000.00D\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 CLVirtualDrive; C:\Windows\system32\DRIVERS\CLVirtualDrive.sys [92536 2012-06-25] (CyberLink)
R3 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-05] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-05] (Symantec Corporation)
R3 IDSVia64; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140812.002\IDSvia64.sys [525016 2014-07-03] (Symantec Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140812.008\ENG64.SYS [126040 2014-08-12] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140812.008\EX64.SYS [2099288 2014-08-12] (Symantec Corporation)
R3 RSP2STOR; C:\Windows\system32\DRIVERS\RtsP2Stor.sys [266896 2012-06-13] (Realtek Semiconductor Corp.)
S3 SmbDrv; C:\Windows\System32\drivers\Smb_driver_AMDASF.sys [41272 2012-08-24] (Synaptics Incorporated)
S3 SmbDrvI; C:\Windows\System32\drivers\Smb_driver_Intel.sys [43832 2012-08-24] (Synaptics Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS [875736 2014-02-12] (Symantec Corporation)
R3 SRTSPX; C:\Windows\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
R3 SymDS; C:\Windows\system32\drivers\NISx64\1504000.00D\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R3 SymEFA; C:\Windows\system32\drivers\NISx64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-03] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\NISx64\1504000.00D\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2013-11-17] (Symantec Corporation)
R3 SymIRON; C:\Windows\system32\drivers\NISx64\1504000.00D\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R3 SymNetS; C:\Windows\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS [593112 2014-02-17] (Symantec Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [123224 2014-03-23] (Microsoft Corporation)
R3 WirelessButtonDriver; C:\Windows\System32\drivers\WirelessButtonDriver64.sys [20288 2012-08-03] (Hewlett-Packard Development Company, L.P.)
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-12 18:15 - 2014-08-12 18:16 - 00024696 _____ () C:\Users\Spencer\Desktop\FRST.txt
2014-08-12 18:14 - 2014-08-12 18:15 - 02100224 _____ (Farbar) C:\Users\Spencer\Desktop\FRST64.exe
2014-08-12 17:45 - 2014-08-12 17:45 - 00000584 _____ () C:\WINDOWS\PFRO.log
2014-08-12 17:42 - 2014-08-12 18:15 - 00000000 ____D () C:\Users\Spencer\Desktop\FRST-OlderVersion
2014-08-12 17:40 - 2014-08-12 17:40 - 00001207 _____ () C:\Users\Spencer\Downloads\fixlist.txt
2014-08-12 14:40 - 2014-08-12 14:40 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-12 14:40 - 2014-08-12 14:40 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-08-11 19:06 - 2014-08-11 19:06 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-11 19:06 - 2014-08-11 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-11 19:04 - 2014-08-11 19:05 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 19:04 - 2014-08-11 19:05 - 00000000 ____D () C:\Program Files\iTunes
2014-08-11 19:04 - 2014-08-11 19:05 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-11 19:04 - 2014-08-11 19:04 - 00000000 ____D () C:\Program Files\iPod
2014-08-08 17:25 - 2014-08-08 17:25 - 01288704 _____ () C:\Users\Spencer\Downloads\zoek.exe
2014-08-08 16:35 - 2014-08-12 18:16 - 00000000 ____D () C:\FRST
2014-08-08 16:31 - 2014-08-08 16:31 - 00753184 _____ () C:\Users\Spencer\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-08-08 16:15 - 2014-08-08 16:15 - 01016261 _____ (Thisisu) C:\Users\Spencer\Downloads\JRT.exe
2014-08-08 16:13 - 2014-08-08 16:13 - 00602112 _____ (OldTimer Tools) C:\Users\Spencer\Downloads\OTL.exe
2014-08-08 16:09 - 2014-08-08 16:09 - 01366203 _____ () C:\Users\Spencer\Downloads\AdwCleaner.exe
2014-08-08 16:06 - 2014-08-08 16:06 - 05185536 _____ (AVAST Software) C:\Users\Spencer\Downloads\aswmbr.exe
2014-08-08 15:59 - 2014-08-08 16:00 - 02094080 _____ (Farbar) C:\Users\Spencer\Downloads\FRST64.exe
2014-08-08 15:53 - 2014-08-08 19:43 - 00000000 ____D () C:\Users\Spencer\Desktop\PC Repair Tools
2014-07-30 21:21 - 2014-08-12 18:15 - 00696207 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-30 20:33 - 2014-07-30 20:33 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-07-30 20:33 - 2014-07-30 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-28 19:42 - 2014-07-30 20:33 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-28 19:42 - 2014-07-28 19:42 - 04813544 _____ (Piriform Ltd) C:\Users\Spencer\Downloads\ccsetup416.exe
2014-07-22 19:37 - 2014-04-13 21:29 - 01018880 _____ (Microsoft Corporation) C:\WINDOWS\system32\termsrv.dll
2014-07-22 17:47 - 2014-06-26 14:55 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-22 17:47 - 2014-06-26 14:55 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-20 20:49 - 2014-07-20 20:49 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-07-20 16:28 - 2014-08-12 18:14 - 00000000 ___RD () C:\Users\Spencer\Google Drive
2014-07-20 16:28 - 2014-06-16 16:26 - 00779264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-20 16:28 - 2014-06-16 16:24 - 00834048 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-20 16:28 - 2014-06-06 08:20 - 04190720 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-20 16:28 - 2014-05-29 21:03 - 00563200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-20 16:28 - 2014-05-29 06:02 - 00565576 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-20 16:28 - 2014-05-29 01:55 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\system32\adtschema.dll
2014-07-20 16:28 - 2014-05-29 00:40 - 00735232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\adtschema.dll
2014-07-20 16:28 - 2014-05-29 00:37 - 00436224 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2014-07-20 16:28 - 2014-05-28 23:34 - 00318976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2014-07-20 16:28 - 2014-05-28 23:27 - 01417216 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-20 16:27 - 2014-06-18 19:39 - 23464448 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-20 16:27 - 2014-06-18 17:46 - 00250880 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-20 16:27 - 2014-06-18 16:57 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-20 16:26 - 2014-07-20 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-20 16:26 - 2014-06-18 18:16 - 17276416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-20 16:25 - 2014-06-18 18:48 - 02768384 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-20 16:25 - 2014-06-18 18:09 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-20 16:25 - 2014-06-18 17:51 - 05721088 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-20 16:25 - 2014-06-18 17:50 - 00085504 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-20 16:25 - 2014-06-18 17:48 - 00292864 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-20 16:25 - 2014-06-18 17:39 - 00608768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-20 16:25 - 2014-06-18 17:33 - 00631808 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-20 16:25 - 2014-06-18 17:32 - 02179072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-20 16:25 - 2014-06-18 17:27 - 02040832 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-20 16:25 - 2014-06-18 17:12 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-20 16:25 - 2014-06-18 16:59 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-20 16:25 - 2014-06-18 16:58 - 02266112 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-20 16:25 - 2014-06-18 16:58 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-20 16:25 - 2014-06-18 16:52 - 04254720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-20 16:25 - 2014-06-18 16:51 - 13527040 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-20 16:25 - 2014-06-18 16:49 - 00526336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-20 16:25 - 2014-06-18 16:45 - 01964544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-20 16:25 - 2014-06-18 16:35 - 11742208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-20 16:25 - 2014-06-18 16:34 - 01393664 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-20 16:25 - 2014-06-18 16:15 - 00846336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2014-07-20 16:25 - 2014-06-18 16:13 - 01791488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-20 16:25 - 2014-06-18 16:09 - 01139200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-20 16:24 - 2014-07-20 16:24 - 00895120 _____ (Google Inc.) C:\Users\Spencer\Downloads\googledrivesync.exe
2014-07-20 16:24 - 2014-06-18 16:07 - 00704512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2014-07-20 16:24 - 2014-06-06 07:04 - 00586240 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-20 16:24 - 2014-06-06 06:18 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-20 16:24 - 2014-05-31 04:07 - 00054776 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-20 16:24 - 2014-05-31 04:06 - 00555736 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.appcore.dll
2014-07-20 16:24 - 2014-05-30 21:40 - 13287936 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-20 16:24 - 2014-05-30 21:30 - 11792384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-20 16:24 - 2014-05-30 21:12 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-20 16:24 - 2014-05-30 21:06 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-20 16:24 - 2014-05-30 21:03 - 00827392 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-20 16:24 - 2014-05-30 21:01 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-20 16:24 - 2014-05-30 20:56 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-20 16:24 - 2014-05-30 20:54 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-20 16:24 - 2014-05-30 20:48 - 03463680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-20 16:24 - 2014-05-30 20:37 - 01054208 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.appcore.dll
2014-07-20 16:24 - 2014-05-30 20:36 - 00923136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-20 16:24 - 2014-05-30 20:35 - 00828928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.appcore.dll
2014-07-20 16:24 - 2014-05-30 20:32 - 00756224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-20 14:37 - 2014-07-20 14:37 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3730384798-2573950714-1100130627-1012
2014-07-20 13:38 - 2014-07-20 13:38 - 00039628 _____ () C:\Users\Spencer\Downloads\serifa-bt-bold[1].ttf
2014-07-20 10:19 - 2014-08-08 16:01 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-07-20 10:17 - 2014-08-05 18:02 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-20 10:17 - 2014-07-20 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 10:17 - 2014-07-20 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-07-20 10:17 - 2014-05-12 07:26 - 00091352 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2014-07-20 10:17 - 2014-05-12 07:26 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2014-07-20 10:17 - 2014-05-12 07:25 - 00025816 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mbam.sys
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2014-08-12 18:16 - 2014-08-12 18:15 - 00024696 _____ () C:\Users\Spencer\Desktop\FRST.txt
2014-08-12 18:16 - 2014-08-08 16:35 - 00000000 ____D () C:\FRST
2014-08-12 18:15 - 2014-08-12 18:14 - 02100224 _____ (Farbar) C:\Users\Spencer\Desktop\FRST64.exe
2014-08-12 18:15 - 2014-08-12 17:42 - 00000000 ____D () C:\Users\Spencer\Desktop\FRST-OlderVersion
2014-08-12 18:15 - 2014-07-30 21:21 - 00696207 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-12 18:14 - 2014-07-20 16:28 - 00000000 ___RD () C:\Users\Spencer\Google Drive
2014-08-12 18:13 - 2013-01-28 13:27 - 00002203 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-08-12 18:13 - 2013-01-28 13:25 - 00000906 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-12 18:00 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-12 17:48 - 2013-08-22 07:25 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-12 17:45 - 2014-08-12 17:45 - 00000584 _____ () C:\WINDOWS\PFRO.log
2014-08-12 17:45 - 2013-08-22 08:45 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-12 17:44 - 2014-02-18 21:28 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-12 17:44 - 2013-08-22 07:25 - 00524288 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-12 17:43 - 2014-04-16 14:18 - 00000000 ____D () C:\Users\Spencer
2014-08-12 17:40 - 2014-08-12 17:40 - 00001207 _____ () C:\Users\Spencer\Downloads\fixlist.txt
2014-08-12 17:37 - 2013-01-28 13:25 - 00000910 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-12 17:13 - 2013-01-23 16:00 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3730384798-2573950714-1100130627-1002
2014-08-12 17:04 - 2013-01-23 15:53 - 00003918 _____ () C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{B121082A-65F9-436F-BC01-6923BEF2D7D4}
2014-08-12 14:40 - 2014-08-12 14:40 - 00000000 _____ () C:\WINDOWS\setuperr.log
2014-08-12 14:40 - 2014-08-12 14:40 - 00000000 _____ () C:\WINDOWS\setupact.log
2014-08-11 19:06 - 2014-08-11 19:06 - 00001795 _____ () C:\Users\Public\Desktop\iTunes.lnk
2014-08-11 19:06 - 2014-08-11 19:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2014-08-11 19:05 - 2014-08-11 19:04 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-08-11 19:05 - 2014-08-11 19:04 - 00000000 ____D () C:\Program Files\iTunes
2014-08-11 19:05 - 2014-08-11 19:04 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-08-11 19:04 - 2014-08-11 19:04 - 00000000 ____D () C:\Program Files\iPod
2014-08-08 19:43 - 2014-08-08 15:53 - 00000000 ____D () C:\Users\Spencer\Desktop\PC Repair Tools
2014-08-08 17:25 - 2014-08-08 17:25 - 01288704 _____ () C:\Users\Spencer\Downloads\zoek.exe
2014-08-08 16:31 - 2014-08-08 16:31 - 00753184 _____ () C:\Users\Spencer\Downloads\Adware-Removal-Tool-v3.9.1.exe
2014-08-08 16:15 - 2014-08-08 16:15 - 01016261 _____ (Thisisu) C:\Users\Spencer\Downloads\JRT.exe
2014-08-08 16:13 - 2014-08-08 16:13 - 00602112 _____ (OldTimer Tools) C:\Users\Spencer\Downloads\OTL.exe
2014-08-08 16:09 - 2014-08-08 16:09 - 01366203 _____ () C:\Users\Spencer\Downloads\AdwCleaner.exe
2014-08-08 16:06 - 2014-08-08 16:06 - 05185536 _____ (AVAST Software) C:\Users\Spencer\Downloads\aswmbr.exe
2014-08-08 16:01 - 2014-07-20 10:19 - 00122584 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2014-08-08 16:00 - 2014-08-08 15:59 - 02094080 _____ (Farbar) C:\Users\Spencer\Downloads\FRST64.exe
2014-08-08 15:56 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\AppReadiness
2014-08-05 18:02 - 2014-07-20 10:17 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2014-07-30 20:37 - 2014-04-16 16:02 - 00000000 ___DC () C:\WINDOWS\Panther
2014-07-30 20:37 - 2013-01-23 16:21 - 00000000 ___HD () C:\Users\Spencer\AppData\Local\CrashDumps
2014-07-30 20:33 - 2014-07-30 20:33 - 00002776 _____ () C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2014-07-30 20:33 - 2014-07-30 20:33 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2014-07-30 20:33 - 2014-07-28 19:42 - 00000000 ____D () C:\Program Files\CCleaner
2014-07-29 22:31 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-28 19:42 - 2014-07-28 19:42 - 04813544 _____ (Piriform Ltd) C:\Users\Spencer\Downloads\ccsetup416.exe
2014-07-27 22:56 - 2013-07-10 16:57 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-07-27 22:56 - 2013-07-10 16:57 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-07-27 22:54 - 2013-08-22 09:36 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-27 22:54 - 2013-08-22 09:36 - 00000000 ____D () C:\WINDOWS\WinStore
2014-07-27 22:53 - 2013-07-10 17:00 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2014-07-26 17:37 - 2013-01-24 15:39 - 00000000 ____D () C:\Users\Spencer\Documents\Visual Studio 2008
2014-07-22 19:48 - 2013-01-24 15:36 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-07-22 19:47 - 2013-07-18 17:16 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-22 19:43 - 2013-01-24 17:13 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-22 19:39 - 2012-07-26 01:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-07-22 17:45 - 2013-08-22 08:44 - 00496096 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-22 17:43 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-22 17:43 - 2013-08-22 09:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-22 17:42 - 2012-07-26 02:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-07-20 20:49 - 2014-07-20 20:49 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton Internet Security
2014-07-20 20:48 - 2012-09-26 11:21 - 00003234 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-07-20 20:48 - 2012-09-26 11:19 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NISx64
2014-07-20 20:47 - 2013-11-17 15:42 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Internet Security
2014-07-20 20:47 - 2012-09-26 11:21 - 00002521 _____ () C:\Users\Public\Desktop\Norton Internet Security.lnk
2014-07-20 18:46 - 2014-03-18 03:45 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-20 16:26 - 2014-07-20 16:26 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive
2014-07-20 16:26 - 2013-01-28 13:25 - 00000000 ___HD () C:\Users\Spencer\AppData\Local\Google
2014-07-20 16:26 - 2013-01-28 13:25 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-20 16:24 - 2014-07-20 16:24 - 00895120 _____ (Google Inc.) C:\Users\Spencer\Downloads\googledrivesync.exe
2014-07-20 14:37 - 2014-07-20 14:37 - 00003598 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3730384798-2573950714-1100130627-1012
2014-07-20 13:38 - 2014-07-20 13:38 - 00039628 _____ () C:\Users\Spencer\Downloads\serifa-bt-bold[1].ttf
2014-07-20 12:25 - 2014-03-18 04:03 - 01060864 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-20 10:17 - 2014-07-20 10:17 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2014-07-20 10:17 - 2014-07-20 10:17 - 00000000 ____D () C:\ProgramData\Malwarebytes
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2014-08-12 12:04
 
==================== End Of Log ============================
 
Addition:
 
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-08-2014
Ran by Spencer at 2014-08-12 18:18:56
Running from C:\Users\Spencer\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Internet Security (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton Internet Security (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton Internet Security (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
4 Elements II (x32 Version: 2.2.0.98 - WildTangent) Hidden
7-Zip 4.65 (x64 edition) (HKLM\...\{23170F69-40C1-2702-0465-000001000000}) (Version: 4.65.00.0 - Igor Pavlov)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 14.0.0.110 - Adobe Systems Incorporated)
Adobe AIR (x32 Version: 14.0.0.110 - Adobe Systems Incorporated) Hidden
Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.07) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.07 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.0 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.0.0.112 - Adobe Systems, Inc.)
Amazon MP3 Downloader 1.0.18 (HKCU\...\Amazon MP3 Downloader) (Version: 1.0.18 - Amazon Services LLC)
AMD APP SDK Runtime (Version: 10.0.938.2 - Advanced Micro Devices Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{63ADEC24-A374-80A8-E89B-BE401C787F75}) (Version: 8.0.881.0 - Advanced Micro Devices, Inc.)
AMD Fuel (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
AMD VISION Engine Control Center (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Ant.com IE add-on (HKLM-x32\...\{B905CAA1-D6FF-4D21-8858-F8C610491C0B}) (Version: 2.2.4.1076 - Ant.com)
Apple Application Support (HKLM-x32\...\{78002155-F025-4070-85B3-7C0453561701}) (Version: 3.0.6 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{6AF2AC2A-3532-43FD-9F4D-BDC9C0D724C7}) (Version: 7.1.2.6 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Audacity 2.0.5 (HKLM-x32\...\Audacity_is1) (Version: 2.0.5 - Audacity Team)
Bejeweled 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Build-a-lot 4 - Power Source (x32 Version: 2.2.0.98 - WildTangent) Hidden
Canon MP495 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MP495_series) (Version:  - )
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center InstallProxy (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2012.0806.1155.19437 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2012.0806.1156.19437 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 4.16 - Piriform)
ChessBase 12 64-bit (HKLM\...\{83042F53-D60D-412E-8E6C-106A9200CB20}) (Version: 12.17.0.0 - ChessBase)
Chuzzle Deluxe (x32 Version: 2.2.0.95 - WildTangent) Hidden
Cradle Of Egypt Collector's Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Cradle of Rome 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
CyberLink LabelPrint (HKLM-x32\...\InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}) (Version: 2.5.1.5407 - CyberLink Corp.)
CyberLink LabelPrint (x32 Version: 2.5.1.5407 - CyberLink Corp.) Hidden
CyberLink Media Suite 10 (HKLM-x32\...\InstallShield_{1FBF6C24-C1fD-4101-A42B-0C564F9E8E79}) (Version: 10.0.1.1916 - CyberLink Corp.)
CyberLink Media Suite 10 (x32 Version: 10.0.1.1916 - CyberLink Corp.) Hidden
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.1.1926 - CyberLink Corp.)
CyberLink Power2Go 8 (x32 Version: 8.0.1.1926 - CyberLink Corp.) Hidden
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.6.4319 - CyberLink Corp.)
CyberLink PowerDVD (x32 Version: 10.0.6.4319 - CyberLink Corp.) Hidden
CyberLink YouCam (HKLM-x32\...\InstallShield_{01FB4998-33C4-4431-85ED-079E3EEFE75D}) (Version: 3.5.4.5527 - CyberLink Corp.)
CyberLink YouCam (x32 Version: 3.5.4.5527 - CyberLink Corp.) Hidden
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5C78021E-3C8E-4EDF-97EA-E9B8D808FD6D}) (Version:  - Microsoft)
Energy Star (HKLM\...\{0FA995CC-C849-4755-B14B-5404CC75DC24}) (Version: 1.0.8 - Hewlett-Packard)
FamilySearch Indexing 3.17.7 (HKLM-x32\...\0591-8077-9297-0833) (Version: 3.17.7 - FamilySearch)
Farm Frenzy (x32 Version: 2.2.0.98 - WildTangent) Hidden
FATE: The Cursed King (x32 Version: 2.2.0.97 - WildTangent) Hidden
FFmpeg v0.6.2 for Audacity (HKLM-x32\...\FFmpeg for Audacity_is1) (Version:  - )
Final Drive Fury (x32 Version: 2.2.0.95 - WildTangent) Hidden
FlatOut 2 (x32 Version: 2.2.0.98 - WildTangent) Hidden
GIMP 2.8.4 (HKLM\...\GIMP-2_is1) (Version: 2.8.4 - The GIMP Team)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Drive (HKLM-x32\...\{75939021-3B68-419D-8DC1-E9823BFF9658}) (Version: 1.16.7009.9618 - Google, Inc.)
Google Toolbar for Internet Explorer (HKLM-x32\...\{2318C2B1-4965-11d4-9B18-009027A5CD4F}) (Version: 7.5.5111.1712 - Google Inc.)
Google Toolbar for Internet Explorer (x32 Version: 1.0.0 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Governor of Poker 2 Premium Edition (x32 Version: 2.2.0.95 - WildTangent) Hidden
Hewlett-Packard ACLM.NET v1.2.0.0 (x32 Version: 1.00.0000 - Hewlett-Packard Company) Hidden
Hoyle Card Games (x32 Version: 2.2.0.95 - WildTangent) Hidden
HP Customer Experience Enhancements (x32 Version: 6.0.1.7 - Hewlett-Packard) Hidden
HP Documentation (HKLM-x32\...\{AE986BF5-B6E3-4F8D-B412-A3DD90DF5146}) (Version: 1.1.1.0 - Hewlett-Packard)
HP Games (HKLM-x32\...\WildTangent hp Master Uninstall) (Version: 1.0.3.0 - WildTangent)
HP MyRoom (HKLM-x32\...\{9C35EDE5-4B0F-45E7-A438-314BA889948E}) (Version: 9.0.0.0 - Hewlett-Packard Company)
HP Postscript Converter (Version: 3.1.3554 - Hewlett-Packard) Hidden
HP Quick Launch (HKLM-x32\...\{4ED7050C-9332-4FB2-AB07-E94F25A53D39}) (Version: 3.0.3 - Hewlett-Packard Company)
HP Recovery Manager (x32 Version: 7.00 - Hewlett-Packard) Hidden
HP Registration Service (HKLM\...\{E4D6CCF2-0AAF-4B9C-9DE5-893EDC9B4BAA}) (Version: 1.0.5976.4186 - Hewlett-Packard)
HP Software Framework (HKLM-x32\...\{835B275B-F29B-464B-BD4B-097FD55FAB0A}) (Version: 4.6.8.1 - Hewlett-Packard Company)
HP Support Assistant (HKLM-x32\...\{B8019B54-F9BE-490A-9619-6D06F18F129F}) (Version: 7.0.32.44 - Hewlett-Packard Company)
HP Utility Center (HKLM-x32\...\{0C57987A-A03A-4B95-A309-D23F78F406CA}) (Version: 1.0.7 - Hewlett-Packard)
HP Wireless Button Driver (HKLM-x32\...\{941DE69D-6CEE-4171-8F1F-3D7E352AA498}) (Version: 1.0.5.1 - Hewlett-Packard Company)
iCloud (HKLM\...\{704C0303-D20C-45AF-BD2B-556EAF31BE09}) (Version: 2.1.2.8 - Apple Inc.)
iTunes (HKLM\...\{77DE5105-D05E-448C-96CB-7FA381903753}) (Version: 11.3.1.2 - Apple Inc.)
Java 7 Update 51 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217040FF}) (Version: 7.0.510 - Oracle)
Java Auto Updater (x32 Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java™ 6 Update 18 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216018FF}) (Version: 6.0.180 - Sun Microsystems, Inc.)
Jewel Match 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
John Deere Drive Green (x32 Version: 2.2.0.95 - WildTangent) Hidden
Legacy 7.5 (HKLM-x32\...\Legacy 7.5) (Version: 7.5  - Millennia Corporation)
LEGO Digital Designer (HKLM-x32\...\New LEGO Digital Designer) (Version:  - LEGO A/S)
LEGO MINDSTORMS NXT - English Language Pack (HKLM-x32\...\{53753510-7620-4D2B-9C0B-111F871615D9}) (Version: 2.0.100.0 - The LEGO Group)
LEGO MINDSTORMS NXT Driver for x64 (HKLM\...\{74E85F31-573F-45BF-8939-4D2BCDCC2083}) (Version: 1.17.770 - LEGO)
LEGO MINDSTORMS NXT Migration Package (HKLM-x32\...\{6C1D47CC-682C-4673-8CA8-DEE659628599}) (Version: 1.2.8.0 - LEGO)
LEGO MINDSTORMS NXT Software v2.0 (HKLM-x32\...\{CB263F8D-EF2D-4EB5-A368-A27056EE92D4}) (Version: 2.0.108.0 - LEGO)
Luxor Evolved (x32 Version: 2.2.0.98 - WildTangent) Hidden
Mahjongg Dimensions Deluxe: Tiles in Time (x32 Version: 2.2.0.98 - WildTangent) Hidden
Malwarebytes Anti-Malware version 2.0.2.1012 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.2.1012 - Malwarebytes Corporation)
Microsoft Office Access MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Access Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Excel MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Publisher MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Single Image 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2008 (HKLM-x32\...\Microsoft SQL Server 10 Release) (Version:  - Microsoft Corporation)
Microsoft SQL Server 2008 (x32 Version:  - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Browser (HKLM-x32\...\{C688457E-03FD-4941-923B-A27F4D42A7DD}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Common Files (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Services (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Database Engine Shared (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Management Objects (HKLM-x32\...\{F5E87B12-3C27-452F-8E78-21D42164FD83}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 Native Client (HKLM\...\{C79A7EAB-9D6F-4072-8A6D-F8F54957CD93}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server 2008 RsFx Driver (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
Microsoft SQL Server 2008 Setup Support Files (English) (HKLM-x32\...\{9D6D76A6-4328-49E8-97A7-531A74841DA5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft SQL Server VSS Writer (HKLM\...\{0826F9E4-787E-481D-83E0-BC6A57B056D5}) (Version: 10.0.1600.22 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (HKLM-x32\...\Microsoft Visual C++ 2008 Express Edition with SP1 - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual C++ 2008 Express Edition with SP1 - ENU (x32 Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (HKLM\...\Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU) (Version:  - Microsoft Corporation)
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU (Version: 9.0.30729 - Microsoft Corporation) Hidden
Microsoft Visual Studio 2008 Remote Debugger Light (x64) - ENU Service Pack 1 (KB945140) (HKLM-x32\...\{90A80D89-A0E4-33C1-B13D-B93CB3496867}.KB945140) (Version: 1 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 Headers and Libraries (HKLM\...\{5DE154DF-A55E-4FA5-BE59-32E78FCACF3E}) (Version: 6.1.5288.17011 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for .NET Framework - enu (HKLM\...\{DFB3AD2B-4EE2-3077-BF1D-3CA164BC5336}) (Version: 3.5.30729 - Microsoft Corporation)
Microsoft Windows SDK for Visual Studio 2008 SP1 Express Tools for Win32 (HKLM\...\{F5C819A5-E068-4f7d-B91A-1BD18702AFFB}) (Version: 6.1.5295.17011 - Microsoft Corporation)
Mortimer Beckett and the Crimson Thief Premium Edition (x32 Version: 2.2.0.98 - WildTangent) Hidden
Multimedia Fusion 2 (HKLM-x32\...\Multimedia Fusion 2) (Version:  - )
Mystery P.I. - Curious Case of Counterfeit Cove (x32 Version: 2.2.0.98 - WildTangent) Hidden
Norton Internet Security (HKLM-x32\...\NIS) (Version: 21.4.0.13 - Symantec Corporation)
Peggle Nights (x32 Version: 2.2.0.98 - WildTangent) Hidden
Penguins! (x32 Version: 2.2.0.98 - WildTangent) Hidden
Peshka Training Courses (HKLM-x32\...\Peshka_is1) (Version:  - )
PlayChess  (HKLM-x32\...\PlayChess) (Version:  - ChessBase GmbH)
Polar Bowler (x32 Version: 2.2.0.97 - WildTangent) Hidden
Polar Golfer (x32 Version: 2.2.0.98 - WildTangent) Hidden
Qualcomm Atheros Driver Installation Program (HKLM-x32\...\{C3A32068-8AB1-4327-BB16-BED9C6219DC7}) (Version: 10.0 - Qualcomm Atheros)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.2.612.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6662 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.8400.29025 - Realtek Semiconductor Corp.)
Roads of Rome 3 (x32 Version: 2.2.0.98 - WildTangent) Hidden
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
SpyNet Field Office (HKLM-x32\...\com.jakks.spynet) (Version: 1.05 - UNKNOWN)
SpyNet Field Office (x32 Version: 1.05 - UNKNOWN) Hidden
Sql Server Customer Experience Improvement Program (x32 Version: 10.0.1600.22 - Microsoft Corporation) Hidden
SQL Server System CLR Types (HKLM-x32\...\{342D4AD7-EC4C-4EC8-AEA6-E70F5905A490}) (Version: 10.0.1600.22 - Microsoft Corporation)
swMSM (x32 Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.6.1.3 - Synaptics Incorporated)
Tales of Lagoona (x32 Version: 2.2.0.110 - WildTangent) Hidden
Toby Deep Tactics 5.0 (HKLM-x32\...\{68B937E2-10B0-49DE-BB21-0042B3544856}) (Version: 1.0.0 - Toby Chess Products)
Update for Microsoft Access 2010 (KB2553446) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B4A38370-2ADB-46B0-A1B0-0C4A2F7DCA31}) (Version:  - Microsoft)
Update for Microsoft Excel 2010 (KB2837600) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4ACD847E-547D-493F-9A86-F73EAE1B5174}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2878281) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{302A8FE3-EBF5-486C-A431-16A1CD914443}) (Version:  - Microsoft)
Update for Microsoft InfoPath 2010 (KB2817369) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{4EEA3D3E-989C-4DF4-AB0A-3042C0C12AA3}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760631) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{35698CB7-AAA2-4577-B505-DBFF504AEF23}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2825635) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{F1A20C69-9FE5-40FD-9CD5-84EABC2EF64A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837581) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{334FB202-28D7-4BA4-8BC9-4FE4AB233EA0}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2837606) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0D672F7-883E-4279-8E75-D97A5445AB46}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878252) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B0DB9F71-E0F7-4FE6-8925-35B860CAC0C4}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{C0BDC1DE-C35E-422B-8CBD-C1D555468720}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.SingleImage_{089DBFD7-8211-43B2-AAAE-5BDD8C23E3A8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2881028) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.SingleImage_{794A0574-4E2F-4D58-B2A0-D7460ACDC85C}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.SingleImage_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-0018-0409-0000-0000000FF1CE}_Office14.SingleImage_{334AA0A1-2BB1-4D74-B66A-2B2C4D9C2C87}) (Version:  - Microsoft)
Update for Microsoft PowerPoint 2010 (KB2837579) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{2BA40F82-F3A4-441C-BF1A-ED4C42FF4872}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
Update for Microsoft Visio 2010 (KB2880526) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{7B29D8B8-6A87-496C-A65E-B935E740448A}) (Version:  - Microsoft)
Update for Microsoft Visio Viewer 2010 (KB2837587) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{38CF30E4-3348-4BD1-A859-B630C355A56F}) (Version:  - Microsoft)
Update for Microsoft Word 2010 (KB2880529) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{B9B89E01-5B6B-4F73-BC34-B2C0D8ACB4CD}) (Version:  - Microsoft)
Update Installer for WildTangent Games App (x32 Version:  - WildTangent) Hidden
Vacation Quest™ - Australia (x32 Version: 2.2.0.98 - WildTangent) Hidden
WildTangent Games (HKLM-x32\...\WildTangent wildgames Master Uninstall) (Version: 1.0.3.0 - WildTangent)
WildTangent Games App (x32 Version: 4.0.11.7 - WildTangent) Hidden
WildTangent Games App (x32 Version: 4.0.9.6 - WildTangent) Hidden
Zuma's Revenge (x32 Version: 2.2.0.98 - WildTangent) Hidden
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
28-07-2014 04:47:00 Windows Update
09-08-2014 00:05:39 Scheduled Checkpoint
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2012-07-25 23:26 - 2014-08-12 17:45 - 00001715 ____A C:\WINDOWS\system32\Drivers\etc\hosts
216.239.32.20 www.google.ae # bck9
216.239.32.20 www.google.at # bck9
216.239.32.20 www.google.be # bck9
216.239.32.20 www.google.ca # bck9
216.239.32.20 www.google.ch # bck9
216.239.32.20 www.google.cl # bck9
216.239.32.20 www.google.co.il # bck9
216.239.32.20 www.google.co.in # bck9
216.239.32.20 www.google.co.jp # bck9
216.239.32.20 www.google.co.kr # bck9
216.239.32.20 www.google.co.nz # bck9
216.239.32.20 www.google.co.uk # bck9
216.239.32.20 www.google.co.ve # bck9
216.239.32.20 www.google.co.za # bck9
216.239.32.20 www.google.com # bck9
216.239.32.20 www.google.com.ar # bck9
216.239.32.20 www.google.com.au # bck9
216.239.32.20 www.google.com.br # bck9
216.239.32.20 www.google.com.co # bck9
216.239.32.20 www.google.com.gr # bck9
216.239.32.20 www.google.com.hk # bck9
216.239.32.20 www.google.com.mx # bck9
216.239.32.20 www.google.com.my # bck9
216.239.32.20 www.google.com.pe # bck9
216.239.32.20 www.google.com.ph # bck9
216.239.32.20 www.google.com.pk # bck9
216.239.32.20 www.google.com.sg # bck9
216.239.32.20 www.google.com.tr # bck9
216.239.32.20 www.google.com.tw # bck9
 
There are 13 more lines.
 
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0537C634-73E8-4F7F-8D23-469C6F628938} - System32\Tasks\CLMLSvc_P2G8 => C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe [2012-06-07] (CyberLink)
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {0C976F87-7C33-4D5D-8745-F8B9757C8E66} - System32\Tasks\Norton Internet Security\Norton Error Analyzer => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {0FA4BFDB-B6AF-4E3B-8D8E-4A86FF7B226D} - System32\Tasks\MirageAgent => C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe [2012-07-27] (CyberLink)
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {2C139EC0-97C9-4379-9C86-326B7BC79FF8} - System32\Tasks\Hewlett-Packard\HP Support Assistant\Update Check => C:\ProgramData\Hewlett-Packard\HP Support Framework\Resources\Updater7\HPSFUpdater.exe [2012-08-07] (Hewlett-Packard Company)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-21] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {4B415A82-36BD-4DBF-AFE1-F78199A772A0} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {700739A8-2CA4-4F5F-B90B-7C85A3E8F722} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-05-16] (Synaptics Incorporated)
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {75D93140-EDC0-4087-B716-AE425F96D8EE} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-12] (Adobe Systems Incorporated)
Task: {772CFF56-BF20-480A-885A-CA6CF86B98FF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28] (Google Inc.)
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {7B2D4D75-189B-40ED-8C62-D5202E1A40A4} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-07-23] (Piriform Ltd)
Task: {7D2652AD-CD4B-4A18-97D4-7C9F2A31546C} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-07-22] (Microsoft Corporation)
Task: {821FD5B1-DA19-4F5F-B541-EA30C4215B3C} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-28] (Google Inc.)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {9DFFB140-09CC-4B6A-A93F-51722F1A7ED1} - System32\Tasks\Norton Internet Security\Norton Error Processor => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {ACC2D668-6AA6-49BB-8D94-EE3B774D0307} - System32\Tasks\Hewlett-Packard\HP Support Assistant\PC Health Analysis => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {BF58E14B-1069-43E0-80DD-BB525A2FD9CD} - System32\Tasks\Microsoft\Windows\DiskFootprint\Diagnostics
Task: {C3923A0E-D9FD-4A9B-B416-84DC617D92E7} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe [2014-06-26] (Symantec Corporation)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D08F1AB1-8F5E-4779-937E-7A750E734C77} - System32\Tasks\Microsoft\Windows\DiskCleanup\SilentCleanup => C:\Windows\system32\cleanmgr.exe [2014-03-18] (Microsoft Corporation)
Task: {D21B68D3-2FE1-45C2-B8EE-53E1489878D3} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
Task: {D408DAB0-87F3-4379-9311-F6C8B24093EF} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Quick Start => C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\HPSF.exe [2012-08-10] (Hewlett-Packard Company)
Task: {D4AE3BAD-7E25-4705-AF7C-AD4612C0F3E3} - System32\Tasks\Microsoft\Windows\WindowsUpdate\Scheduled Start With Network => Sc.exe start wuauserv
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {E2ACF668-4308-4463-9ECA-B3DD4467FB01} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Validation
Task: {E3BDCA69-0278-4D27-AE94-D673C4802877} - System32\Tasks\Microsoft\Windows\WOF\WIM-Hash-Management
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
Task: C:\WINDOWS\Tasks\User_Feed_Synchronization-{03CEC8FE-20AF-472B-8BBE-44AFF16348E9}.job => C:\WINDOWS\system32\msfeedssync.exe
 
==================== Loaded Modules (whitelisted) =============
 
2012-08-06 13:09 - 2012-08-06 13:09 - 00073728 _____ () C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
2013-05-09 14:37 - 2013-05-09 14:37 - 00400704 _____ () C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
2014-02-12 20:58 - 2014-02-12 20:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-12 20:58 - 2014-02-12 20:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-08-12 18:14 - 2014-08-12 18:14 - 00098816 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32api.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00110080 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\pywintypes27.dll
2014-08-12 18:14 - 2014-08-12 18:14 - 00364544 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\pythoncom27.dll
2014-08-12 18:14 - 2014-08-12 18:14 - 00045568 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\_socket.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 01160704 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\_ssl.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00320512 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32com.shell.shell.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00713216 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\_hashlib.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 01175040 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\wx._core_.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00805888 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\wx._gdi_.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00811008 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\wx._windows_.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 01062400 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\wx._controls_.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00735232 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\wx._misc_.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00128512 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\_elementtree.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00127488 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\pyexpat.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00557056 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\pysqlite2._sqlite.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00007168 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\hashobjs_ext.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00087552 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\_ctypes.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00119808 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32file.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00108544 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32security.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00018432 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32event.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00038912 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32inet.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00070656 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\wx._html2.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00167936 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32gui.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00011264 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32crypt.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00027136 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\_multiprocessing.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00122368 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\wx._wizard.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00010240 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\select.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00024064 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32pipe.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00686080 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\unicodedata.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00025600 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32pdh.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00525640 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\windows._lib_cacheinvalidation.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00035840 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32process.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00017408 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32profile.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00022528 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\win32ts.pyd
2014-08-12 18:14 - 2014-08-12 18:14 - 00078336 _____ () C:\Users\Spencer\AppData\Local\Temp\_MEI47482\wx._animate.pyd
2012-09-26 11:07 - 2012-06-07 21:34 - 00627216 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
2012-06-08 12:34 - 2012-06-08 12:34 - 00016400 _____ () C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) =============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== MSCONFIG/TASK MANAGER disabled items =========
 
(Currently there is no automatic fix for this section.)
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (08/12/2014 06:02:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3344
 
Error: (08/12/2014 06:02:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3344
 
Error: (08/12/2014 06:02:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/12/2014 06:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1797
 
Error: (08/12/2014 06:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1797
 
Error: (08/12/2014 06:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/12/2014 02:49:34 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (08/11/2014 09:22:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17578
 
Error: (08/11/2014 09:22:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17578
 
Error: (08/11/2014 09:22:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (08/11/2014 06:27:13 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (08/11/2014 06:26:43 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (08/11/2014 05:30:03 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (08/11/2014 05:29:33 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (08/11/2014 05:00:39 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (08/11/2014 05:00:09 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (08/11/2014 04:44:05 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
Error: (08/11/2014 04:43:35 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (08/08/2014 05:50:10 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
 
Error: (08/08/2014 05:49:40 PM) (Source: DCOM) (EventID: 10010) (User: Link)
Description: {1B1F472E-3221-4826-97DB-2C2324D389AE}
 
 
Microsoft Office Sessions:
=========================
Error: (08/12/2014 06:02:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 3344
 
Error: (08/12/2014 06:02:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 3344
 
Error: (08/12/2014 06:02:15 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/12/2014 06:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1797
 
Error: (08/12/2014 06:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1797
 
Error: (08/12/2014 06:02:13 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (08/12/2014 02:49:34 PM) (Source: Microsoft-Windows-LocationProvider) (EventID: 2006) (User: NT AUTHORITY)
Description: -2147024883
 
Error: (08/11/2014 09:22:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 17578
 
Error: (08/11/2014 09:22:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 17578
 
Error: (08/11/2014 09:22:08 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
==================== Memory info =========================== 
 
Processor: AMD E1-1200 APU with Radeon™ HD Graphics
Percentage of memory in use: 33%
Total physical RAM: 3682.26 MB
Available physical RAM: 2460.98 MB
Total Pagefile: 4770.26 MB
Available Pagefile: 3512.65 MB
Total Virtual: 131072 MB
Available Virtual: 131071.85 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:441.16 GB) (Free:386.03 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive d: (RECOVERY) (Fixed) (Total:23.39 GB) (Free:2.82 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (Size: 466 GB) (Disk ID: C2C9F703)
 
Partition: GPT Partition Type.
 
==================== End Of Log ============================

 


  • 0

#5
emeraldnzl
Posted 12 August 2014 - 07:10 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello Spencer4134,

Download the attached fixlist.txt file and save it to the Desktop.

NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work.

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

Run FRST/FRST64 and press the Fix button just once and wait.
The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

Next

 

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

5350-113-187993.png


  • Then click on Change parameters in TDSSKiller.
  • Another window will appear.
  • Check all boxes then click OK.
  • Click the Start Scan button.

tdss_3.jpg


  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.

tdss_4.jpg


  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.

Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
tdss_5.jpg
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.

  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

 

 

 

So when you return please post

  • Fixlog.txt
  • TDSSKiller log.txt

 


  • 0

#6
Spencer4134
Posted 12 August 2014 - 08:40 PM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

The TDSSKiller log is so long that it won't post my reply. It just sits at a blank page. What should I do?

 

Here's the Fixlog:

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-08-2014
Ran by Spencer at 2014-08-12 20:19:01 Run:2
Running from C:\Users\Spencer\Desktop
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
SearchScopes: HKCU - {09E3BCA6-7FAF-4065-873C-A57F13519548} URL = http://www.amazon.co...s={searchTerms}
SearchScopes: HKCU - {2fa28606-de77-4029-af96-b231e3b8f827} URL = http://search.ask.co...&l=dis&o=HPNTDF
SearchScopes: HKCU - {b7fca997-d0fb-4fe0-8afd-255e89cf9671} URL = http://search.yahoo....psg&type=HPNTDF
 
*****************
 
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{09E3BCA6-7FAF-4065-873C-A57F13519548}" => Key deleted successfully.
"HKCR\CLSID\{09E3BCA6-7FAF-4065-873C-A57F13519548}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key deleted successfully.
"HKCR\CLSID\{2fa28606-de77-4029-af96-b231e3b8f827}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key deleted successfully.
"HKCR\CLSID\{b7fca997-d0fb-4fe0-8afd-255e89cf9671}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key deleted successfully.
"HKCR\CLSID\{D944BB61-2E34-4DBF-A683-47E505C587DC}" => Key not found.
 
==== End of Fixlog ====

Edited by Spencer4134, 12 August 2014 - 08:41 PM.

  • 0

#7
Spencer4134
Posted 12 August 2014 - 08:50 PM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

I am going to try to break it into parts:

 

TDSSKiller part 1:

 

20:26:28.0098 0x0ce8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
20:26:28.0099 0x0ce8  UEFI system
20:26:28.0903 0x0ce8  ============================================================
20:26:28.0903 0x0ce8  Current date / time: 2014/08/12 20:26:28.0903
20:26:28.0907 0x0ce8  SystemInfo:
20:26:28.0907 0x0ce8  
20:26:28.0907 0x0ce8  OS Version: 6.3.9600 ServicePack: 0.0
20:26:28.0907 0x0ce8  Product type: Workstation
20:26:28.0907 0x0ce8  ComputerName: LINK
20:26:28.0908 0x0ce8  UserName: Spencer
20:26:28.0908 0x0ce8  Windows directory: C:\WINDOWS
20:26:28.0908 0x0ce8  System windows directory: C:\WINDOWS
20:26:28.0908 0x0ce8  Running under WOW64
20:26:28.0908 0x0ce8  Processor architecture: Intel x64
20:26:28.0908 0x0ce8  Number of processors: 2
20:26:28.0908 0x0ce8  Page size: 0x1000
20:26:28.0908 0x0ce8  Boot type: Normal boot
20:26:28.0908 0x0ce8  ============================================================
20:26:28.0912 0x0ce8  BG loaded
20:26:29.0526 0x0ce8  System UUID: {797FA864-2AA7-3988-0804-C16DC7DF36EF}
20:26:30.0928 0x0ce8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
20:26:30.0981 0x0ce8  ============================================================
20:26:30.0981 0x0ce8  \Device\Harddisk0\DR0:
20:26:31.0046 0x0ce8  GPT partitions:
20:26:31.0118 0x0ce8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {FB02859B-D4A8-4134-885D-1F44D1174DD0}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
20:26:31.0118 0x0ce8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {DED2B018-FB30-416F-A4AF-A4528F2C0D39}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x82000
20:26:31.0118 0x0ce8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {FE02F3CE-FCA9-449C-BE14-233D0B20A468}, Name: Microsoft reserved partition, StartLBA 0x14A800, BlocksNum 0x40000
20:26:31.0119 0x0ce8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {60C8978A-209E-44C8-BE7D-80D75D1DABD0}, Name: Basic data partition, StartLBA 0x18A800, BlocksNum 0x37253800
20:26:31.0119 0x0ce8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {012B9108-8AD8-4FC8-A218-548C658C3E84}, Name: , StartLBA 0x373DE000, BlocksNum 0xE1000
20:26:31.0119 0x0ce8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {98B8E322-2EA9-41ED-AFE7-D961727C8AED}, Name: Basic data partition, StartLBA 0x374BF000, BlocksNum 0x2EC7000
20:26:31.0119 0x0ce8  MBR partitions:
20:26:31.0119 0x0ce8  ============================================================
20:26:31.0314 0x0ce8  C: <-> \Device\Harddisk0\DR0\Partition4
20:26:31.0472 0x0ce8  D: <-> \Device\Harddisk0\DR0\Partition6
20:26:31.0472 0x0ce8  ============================================================
20:26:31.0472 0x0ce8  Initialize success
20:26:31.0472 0x0ce8  ============================================================
20:27:05.0140 0x0fdc  ============================================================
20:27:05.0140 0x0fdc  Scan started
20:27:05.0141 0x0fdc  Mode: Manual; SigCheck; TDLFS; 
20:27:05.0141 0x0fdc  ============================================================
20:27:05.0141 0x0fdc  KSN ping started
20:27:07.0640 0x0fdc  KSN ping finished: true
20:27:11.0796 0x0fdc  ================ Scan system memory ========================
20:27:11.0796 0x0fdc  System memory - ok
20:27:11.0798 0x0fdc  ================ Scan services =============================
20:27:12.0170 0x0fdc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
20:27:12.0762 0x0fdc  1394ohci - ok
20:27:12.0821 0x0fdc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
20:27:12.0894 0x0fdc  3ware - ok
20:27:13.0074 0x0fdc  [ 9539F7917B4B6D92C90F0FAA6B86C605, B4C284E8EECC2E7025053A3320EFDC9F47BCA9828853AD2A805DB826CA4AC27E ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
20:27:13.0200 0x0fdc  ACPI - ok
20:27:13.0249 0x0fdc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
20:27:13.0311 0x0fdc  acpiex - ok
20:27:13.0358 0x0fdc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
20:27:13.0431 0x0fdc  acpipagr - ok
20:27:13.0479 0x0fdc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
20:27:13.0575 0x0fdc  AcpiPmi - ok
20:27:13.0614 0x0fdc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
20:27:13.0682 0x0fdc  acpitime - ok
20:27:13.0848 0x0fdc  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:27:13.0893 0x0fdc  AdobeARMservice - ok
20:27:14.0872 0x0fdc  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
20:27:14.0938 0x0fdc  AdobeFlashPlayerUpdateSvc - ok
20:27:15.0068 0x0fdc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\WINDOWS\system32\drivers\ADP80XX.SYS
20:27:15.0242 0x0fdc  ADP80XX - ok
20:27:15.0325 0x0fdc  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
20:27:15.0444 0x0fdc  AeLookupSvc - ok
20:27:15.0572 0x0fdc  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] AERTFilters     C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:27:15.0608 0x0fdc  AERTFilters - ok
20:27:15.0738 0x0fdc  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
20:27:15.0952 0x0fdc  AFD - ok
20:27:16.0010 0x0fdc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
20:27:16.0068 0x0fdc  agp440 - ok
20:27:16.0127 0x0fdc  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\WINDOWS\system32\DRIVERS\ahcache.sys
20:27:16.0252 0x0fdc  ahcache - ok
20:27:16.0311 0x0fdc  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\WINDOWS\System32\alg.exe
20:27:16.0445 0x0fdc  ALG - ok
20:27:16.0518 0x0fdc  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
20:27:16.0711 0x0fdc  AMD External Events Utility - ok
20:27:16.0762 0x0fdc  AMD FUEL Service - ok
20:27:16.0819 0x0fdc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
20:27:16.0944 0x0fdc  AmdK8 - ok
20:27:18.0367 0x0fdc  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
20:27:19.0792 0x0fdc  amdkmdag - ok
20:27:19.0941 0x0fdc  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
20:27:20.0057 0x0fdc  amdkmdap - ok
20:27:20.0109 0x0fdc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
20:27:20.0169 0x0fdc  AmdPPM - ok
20:27:20.0198 0x0fdc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
20:27:20.0235 0x0fdc  amdsata - ok
20:27:20.0298 0x0fdc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
20:27:20.0402 0x0fdc  amdsbs - ok
20:27:20.0440 0x0fdc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
20:27:20.0499 0x0fdc  amdxata - ok
20:27:20.0553 0x0fdc  [ A2EFE3869B976296E097DEF368280F95, 121CD4A16146A9DF59D6E415181F48CA0D1DCD4D2B6BC4CBDABC2F3D296E28C6 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
20:27:20.0671 0x0fdc  amd_sata - ok
20:27:20.0721 0x0fdc  [ 625396421C29FB305C6C6235D01130B8, 3FAF8D3B530F1B74B2C9B0ED3377836746CE2D0A4008E1BC454095671AC9E1AF ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
20:27:20.0749 0x0fdc  amd_xata - ok
20:27:20.0838 0x0fdc  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] AppHostSvc      C:\WINDOWS\system32\inetsrv\apphostsvc.dll
20:27:20.0980 0x0fdc  AppHostSvc - ok
20:27:21.0021 0x0fdc  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\WINDOWS\system32\drivers\appid.sys
20:27:21.0135 0x0fdc  AppID - ok
20:27:21.0202 0x0fdc  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
20:27:21.0270 0x0fdc  AppIDSvc - ok
20:27:21.0320 0x0fdc  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] Appinfo         C:\WINDOWS\System32\appinfo.dll
20:27:21.0428 0x0fdc  Appinfo - ok
20:27:21.0634 0x0fdc  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:27:21.0667 0x0fdc  Apple Mobile Device - ok
20:27:21.0769 0x0fdc  [ CB12C47647D8BDAFAA94C0856B14128B, 5590C98095357C92563EF94800107D3611AA6ECA1A70BE463C03B279E618A6C4 ] AppReadiness    C:\WINDOWS\system32\AppReadiness.dll
20:27:21.0920 0x0fdc  AppReadiness - ok
20:27:22.0087 0x0fdc  [ F7529BD3FFAC9C33D15F6DE3B7353B03, 8EF0A84C9687A246B60939A326E498121039E9CC617A7ABBA933EDD327F3467E ] AppXSvc         C:\WINDOWS\system32\appxdeploymentserver.dll
20:27:22.0403 0x0fdc  AppXSvc - ok
20:27:22.0486 0x0fdc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
20:27:22.0547 0x0fdc  arcsas - ok
20:27:22.0886 0x0fdc  [ AA2E8C6B8D7EA7BAF04C988801927F48, 4B82043F1B9C67CDCDC71102F7AEE05EEA8F9775A5CB33AE80F4DCDB42521C40 ] aspnet_state    C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
20:27:22.0958 0x0fdc  aspnet_state - ok
20:27:22.0994 0x0fdc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
20:27:23.0048 0x0fdc  atapi - ok
20:27:23.0489 0x0fdc  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
20:27:24.0025 0x0fdc  athr - ok
20:27:24.0111 0x0fdc  [ 506907D2E7F3A5B67DBD39C00A788B7C, 618C91FB9F49C69F88A993F164D7E9E4B7CAD0F34DCF77CF0C6F259A28448171 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
20:27:24.0152 0x0fdc  AtiHDAudioService - ok
20:27:24.0219 0x0fdc  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
20:27:24.0395 0x0fdc  AudioEndpointBuilder - ok
20:27:24.0521 0x0fdc  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
20:27:24.0675 0x0fdc  Audiosrv - ok
20:27:24.0730 0x0fdc  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
20:27:24.0819 0x0fdc  AxInstSV - ok
20:27:24.0918 0x0fdc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
20:27:25.0042 0x0fdc  b06bdrv - ok
20:27:25.0100 0x0fdc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
20:27:25.0192 0x0fdc  BasicDisplay - ok
20:27:25.0232 0x0fdc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
20:27:25.0367 0x0fdc  BasicRender - ok
20:27:25.0439 0x0fdc  [ B9B123DD438E0FA190BE10A77ADCF38E, D2253031DE650A3590127A0F3B2DBAD6B506D0713FA94727F62A21BF568FDA1C ] bckd            C:\WINDOWS\system32\drivers\bckd.sys
20:27:25.0483 0x0fdc  bckd - ok
20:27:25.0759 0x0fdc  [ 00BF725BFD0FE84EB196E9F45DAC091B, 7F1158E9BFC9581B29D5BDF6CA8E39474E9E3DB14629D50AC02FD3CB310C57C3 ] bckwfs          C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
20:27:26.0004 0x0fdc  bckwfs - ok
20:27:26.0085 0x0fdc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\WINDOWS\System32\drivers\bcmfn2.sys
20:27:26.0128 0x0fdc  bcmfn2 - ok
20:27:26.0190 0x0fdc  [ 5BD3A2351BEFCAC8757626271F8EFA89, 6508673210129CF7EFCA93EC7874208FAD361E37814EB4FE9E0EC034E73D5F16 ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
20:27:26.0332 0x0fdc  BDESVC - ok
20:27:26.0381 0x0fdc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
20:27:26.0488 0x0fdc  Beep - ok
20:27:26.0617 0x0fdc  [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] BFE             C:\WINDOWS\System32\bfe.dll
20:27:26.0838 0x0fdc  BFE - ok
20:27:27.0207 0x0fdc  [ F10EFCE086C794F8A7C2C7A3EA52AC5F, 498C4A75DCC560CE1A6B7F671572A4CB2F4D5EA402E45399B7CF471CFBC48241 ] BHDrvx64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001\BHDrvx64.sys
20:27:27.0468 0x0fdc  BHDrvx64 - ok
20:27:27.0614 0x0fdc  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\WINDOWS\System32\qmgr.dll
20:27:28.0367 0x0fdc  BITS - ok
20:27:28.0481 0x0fdc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
20:27:28.0557 0x0fdc  Bonjour Service - ok
20:27:28.0593 0x0fdc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
20:27:28.0713 0x0fdc  bowser - ok
20:27:28.0812 0x0fdc  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
20:27:28.0932 0x0fdc  BrokerInfrastructure - ok
20:27:29.0006 0x0fdc  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\WINDOWS\System32\browser.dll
20:27:29.0116 0x0fdc  Browser - ok
20:27:29.0164 0x0fdc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
20:27:29.0236 0x0fdc  BthAvrcpTg - ok
20:27:29.0285 0x0fdc  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
20:27:29.0383 0x0fdc  BthHFEnum - ok
20:27:29.0423 0x0fdc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
20:27:29.0490 0x0fdc  bthhfhid - ok
20:27:29.0546 0x0fdc  [ 66B791F6B11DC4303DD18A224A501542, 502AE4D6FFC6B0FCED081B0E0F61F699F96F20DFEE737B53828F5DEE3BD0FCB1 ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
20:27:29.0642 0x0fdc  BTHMODEM - ok
20:27:29.0717 0x0fdc  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\WINDOWS\system32\bthserv.dll
20:27:29.0790 0x0fdc  bthserv - ok
20:27:29.0913 0x0fdc  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_NIS       C:\WINDOWS\system32\drivers\NISx64\1504000.00D\ccSetx64.sys
20:27:29.0967 0x0fdc  ccSet_NIS - ok
20:27:30.0026 0x0fdc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
20:27:30.0098 0x0fdc  cdfs - ok
20:27:30.0168 0x0fdc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
20:27:30.0243 0x0fdc  cdrom - ok
20:27:30.0332 0x0fdc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
20:27:30.0461 0x0fdc  CertPropSvc - ok
20:27:30.0521 0x0fdc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
20:27:30.0591 0x0fdc  circlass - ok
20:27:30.0664 0x0fdc  [ 179A41249055D5F039F1B6703F3B6D2B, 886CF715D9E85DB5C9B991EBCB9B12E27AA0EEE52528E222C80CA5B5B0A7AF52 ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
20:27:30.0759 0x0fdc  CLFS - ok
20:27:30.0868 0x0fdc  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] CLVirtualDrive  C:\WINDOWS\system32\DRIVERS\CLVirtualDrive.sys
20:27:30.0912 0x0fdc  CLVirtualDrive - ok
20:27:30.0968 0x0fdc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
20:27:31.0070 0x0fdc  CmBatt - ok
20:27:31.0169 0x0fdc  [ 1CD3A907D64D08F49208DA00B69BF35E, ABBD70FFCA0DE2274D855AFC08BF7BC0AA6D44EFC9FDBF7DF44B73CD5C210E28 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
20:27:31.0294 0x0fdc  CNG - ok
20:27:31.0350 0x0fdc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
20:27:31.0418 0x0fdc  CompositeBus - ok
20:27:31.0437 0x0fdc  COMSysApp - ok
20:27:31.0480 0x0fdc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
20:27:31.0570 0x0fdc  condrv - ok
20:27:31.0639 0x0fdc  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
20:27:31.0759 0x0fdc  CryptSvc - ok
20:27:31.0800 0x0fdc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\WINDOWS\system32\drivers\dam.sys
20:27:31.0858 0x0fdc  dam - ok
20:27:31.0982 0x0fdc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
20:27:32.0202 0x0fdc  DcomLaunch - ok
20:27:32.0304 0x0fdc  [ AF3FF97AC2A73E70F8A8D11FB694175B, 3AA25BF9DED08056F52ACF246118C13C8816B5E8AA4D8606DB7DAB4E4E6A9169 ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
20:27:32.0470 0x0fdc  defragsvc - ok
20:27:32.0567 0x0fdc  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] DeviceAssociationService C:\WINDOWS\system32\das.dll
20:27:32.0655 0x0fdc  DeviceAssociationService - ok
20:27:32.0715 0x0fdc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
20:27:32.0849 0x0fdc  DeviceInstall - ok
20:27:32.0913 0x0fdc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
20:27:33.0030 0x0fdc  Dfsc - ok
20:27:33.0091 0x0fdc  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\WINDOWS\system32\DRIVERS\ssudbus.sys
20:27:33.0140 0x0fdc  dg_ssudbus - ok
20:27:33.0206 0x0fdc  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
20:27:33.0344 0x0fdc  Dhcp - ok
20:27:33.0420 0x0fdc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\WINDOWS\system32\drivers\disk.sys
20:27:33.0481 0x0fdc  disk - ok
20:27:33.0534 0x0fdc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
20:27:33.0638 0x0fdc  dmvsc - ok
20:27:33.0708 0x0fdc  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
20:27:33.0859 0x0fdc  Dnscache - ok
20:27:33.0926 0x0fdc  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
20:27:34.0013 0x0fdc  dot3svc - ok
20:27:34.0078 0x0fdc  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\WINDOWS\system32\dps.dll
20:27:34.0211 0x0fdc  DPS - ok
20:27:34.0247 0x0fdc  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
20:27:34.0295 0x0fdc  drmkaud - ok
20:27:34.0363 0x0fdc  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
20:27:34.0463 0x0fdc  DsmSvc - ok
20:27:34.0675 0x0fdc  [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
20:27:34.0942 0x0fdc  DXGKrnl - ok
20:27:35.0021 0x0fdc  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
20:27:35.0106 0x0fdc  Eaphost - ok
20:27:35.0513 0x0fdc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
20:27:36.0041 0x0fdc  ebdrv - ok
20:27:36.0188 0x0fdc  [ 5E346ADBAD5110EAB2E9808ABE877A00, 4B72C34E41B8AA15D166F65B5A037A1230A9FF65F827D18A57E2198573616EAD ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
20:27:36.0284 0x0fdc  eeCtrl - ok
20:27:36.0332 0x0fdc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\WINDOWS\System32\lsass.exe
20:27:36.0387 0x0fdc  EFS - ok
20:27:36.0443 0x0fdc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
20:27:36.0501 0x0fdc  EhStorClass - ok
20:27:36.0552 0x0fdc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
20:27:36.0616 0x0fdc  EhStorTcgDrv - ok
20:27:36.0697 0x0fdc  [ 773ACF5823046FA40D7FD898559A7228, 7DF39C42F781E7864CC791E3449CCDF0124930D128D168E8F9C80374640FFBE7 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
20:27:36.0751 0x0fdc  EraserUtilRebootDrv - ok
20:27:36.0790 0x0fdc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
20:27:36.0852 0x0fdc  ErrDev - ok
20:27:36.0965 0x0fdc  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\WINDOWS\system32\es.dll
20:27:37.0095 0x0fdc  EventSystem - ok
20:27:37.0161 0x0fdc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
20:27:37.0262 0x0fdc  exfat - ok
20:27:37.0323 0x0fdc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
20:27:37.0399 0x0fdc  fastfat - ok
20:27:37.0511 0x0fdc  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\WINDOWS\system32\fxssvc.exe
20:27:37.0684 0x0fdc  Fax - ok
20:27:37.0716 0x0fdc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
20:27:37.0785 0x0fdc  fdc - ok
20:27:37.0842 0x0fdc  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
20:27:37.0938 0x0fdc  fdPHost - ok
20:27:37.0973 0x0fdc  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
20:27:38.0082 0x0fdc  FDResPub - ok
20:27:38.0135 0x0fdc  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
20:27:38.0237 0x0fdc  fhsvc - ok
20:27:38.0289 0x0fdc  [ BCFD8B149B3ADF92D0DB1E909CAF0265, 002B085C131473642450176B4B8359F3E5B04350AFB659B9C0F9EB587D1181E7 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
20:27:38.0347 0x0fdc  FileInfo - ok
20:27:38.0382 0x0fdc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
20:27:38.0471 0x0fdc  Filetrace - ok
20:27:38.0532 0x0fdc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
20:27:38.0597 0x0fdc  flpydisk - ok
20:27:38.0679 0x0fdc  [ 6592D192E2823C043EDBC010E7774053, C025A0EC5517DC3BD5D6656DC0F0F19021FB3D2EE90EC6194E1BD74E638EBBDC ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
20:27:38.0772 0x0fdc  FltMgr - ok
20:27:38.0956 0x0fdc  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] FontCache       C:\WINDOWS\system32\FntCache.dll
20:27:39.0214 0x0fdc  FontCache - ok
20:27:39.0318 0x0fdc  [ 1C52387BF5A127F5F3BFB31288F30D93, 90D13F60170CD74304F3036A90D596AA3E1E134455A780310BDF67AC7815F2E7 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
20:27:39.0415 0x0fdc  FontCache3.0.0.0 - ok
20:27:39.0445 0x0fdc  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
20:27:39.0505 0x0fdc  FsDepends - ok
20:27:39.0533 0x0fdc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
20:27:39.0586 0x0fdc  Fs_Rec - ok
20:27:39.0690 0x0fdc  [ F152D55E497E12256290C43B31C7D0CE, FFC54B14CCFBC1548948C07FB3866E40A11D0C05AC352BD000E71CEF053F6A6E ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
20:27:39.0813 0x0fdc  fvevol - ok
20:27:39.0882 0x0fdc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
20:27:39.0932 0x0fdc  FxPPM - ok
20:27:39.0972 0x0fdc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
20:27:40.0026 0x0fdc  gagp30kx - ok
20:27:40.0177 0x0fdc  [ C2E4D92EB552380189B38D937EE2A131, 7C247E44780198A72C299B752CC047B195EA80D1EB104DF087F96F70811702CA ] GamesAppIntegrationService C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
20:27:40.0239 0x0fdc  GamesAppIntegrationService - ok
20:27:40.0286 0x0fdc  [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
20:27:40.0342 0x0fdc  GamesAppService - ok
20:27:40.0403 0x0fdc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
20:27:40.0432 0x0fdc  GEARAspiWDM - ok
20:27:40.0479 0x0fdc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
20:27:40.0570 0x0fdc  gencounter - ok
20:27:40.0643 0x0fdc  [ EF3AE7773394DF49CE74AF78A1C8D23D, CB12FF004C460A89F12AFF2467512B479A07CA10D4280CD4E624A5A9CDAB9C1B ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
20:27:40.0713 0x0fdc  GPIOClx0101 - ok
20:27:40.0883 0x0fdc  [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
20:27:41.0104 0x0fdc  gpsvc - ok
20:27:41.0215 0x0fdc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:27:41.0254 0x0fdc  gupdate - ok
20:27:41.0287 0x0fdc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:27:41.0325 0x0fdc  gupdatem - ok
20:27:41.0403 0x0fdc  [ 5D4BC124FAAE6730AC002CDB67BF1A1C, 00294F4DC7D17F6DD2A22B9C3299BED40146BA45C972367154D20DB502472551 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
20:27:41.0451 0x0fdc  gusvc - ok
20:27:41.0520 0x0fdc  [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
20:27:41.0611 0x0fdc  HDAudBus - ok
20:27:41.0655 0x0fdc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
20:27:41.0722 0x0fdc  HidBatt - ok
20:27:41.0812 0x0fdc  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
20:27:41.0885 0x0fdc  HidBth - ok
20:27:41.0937 0x0fdc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
20:27:42.0011 0x0fdc  hidi2c - ok
20:27:42.0047 0x0fdc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
20:27:42.0105 0x0fdc  HidIr - ok
20:27:42.0156 0x0fdc  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\WINDOWS\system32\hidserv.dll
20:27:42.0220 0x0fdc  hidserv - ok
20:27:42.0275 0x0fdc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
20:27:42.0403 0x0fdc  HidUsb - ok
20:27:42.0476 0x0fdc  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
20:27:42.0557 0x0fdc  hkmsvc - ok
20:27:42.0615 0x0fdc  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
20:27:42.0724 0x0fdc  HomeGroupListener - ok
20:27:42.0839 0x0fdc  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
20:27:42.0971 0x0fdc  HomeGroupProvider - ok
20:27:43.0114 0x0fdc  [ 6515296E8F9D81BB6C4588C4878A9AC1, 4102FCA9CC6CDAA52E68F030034C6C15DF036D5E9B6E0A8007B72655A3D1E3DD ] HP Support Assistant Service C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
20:27:43.0149 0x0fdc  HP Support Assistant Service - detected UnsignedFile.Multi.Generic ( 1 )
20:27:45.0754 0x0fdc  Detect skipped due to KSN trusted
20:27:45.0754 0x0fdc  HP Support Assistant Service - ok
20:27:45.0895 0x0fdc  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] hpqwmiex        C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:27:46.0024 0x0fdc  hpqwmiex - ok
20:27:46.0082 0x0fdc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
20:27:46.0140 0x0fdc  HpSAMD - ok
20:27:46.0212 0x0fdc  [ F50912B0A861ED396F6062E79C37A4A7, 9B53EA5A03BB664EF5343B766C760BB8A96697ED4F2A0C81A4F58C443B4BC329 ] HPWMISVC        C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:27:46.0238 0x0fdc  HPWMISVC - ok
20:27:46.0376 0x0fdc  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
20:27:46.0572 0x0fdc  HTTP - ok
20:27:46.0607 0x0fdc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
20:27:46.0659 0x0fdc  hwpolicy - ok
20:27:46.0713 0x0fdc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
20:27:46.0783 0x0fdc  hyperkbd - ok
20:27:46.0822 0x0fdc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
20:27:46.0877 0x0fdc  HyperVideo - ok
20:27:46.0953 0x0fdc  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
20:27:47.0023 0x0fdc  i8042prt - ok
20:27:47.0063 0x0fdc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\WINDOWS\System32\drivers\iaLPSSi_GPIO.sys
20:27:47.0098 0x0fdc  iaLPSSi_GPIO - ok
20:27:47.0138 0x0fdc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\WINDOWS\System32\drivers\iaLPSSi_I2C.sys
20:27:47.0193 0x0fdc  iaLPSSi_I2C - ok
20:27:47.0292 0x0fdc  [ 050F2539E14F9D5E90A4B61738EC29BD, 0E65468B9F452FA7DB6DF2C1B2B2E9439C79031E27054FBDBDFE28A9F98721D7 ] iaStorA         C:\WINDOWS\System32\drivers\iaStorA.sys
20:27:47.0392 0x0fdc  iaStorA - ok
20:27:47.0492 0x0fdc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\WINDOWS\system32\drivers\iaStorAV.sys
20:27:47.0595 0x0fdc  iaStorAV - ok
20:27:47.0692 0x0fdc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
20:27:47.0796 0x0fdc  iaStorV - ok
20:27:47.0978 0x0fdc  [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] IDSVia64        C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\IPSDefs\20140812.002\IDSvia64.sys
20:27:48.0106 0x0fdc  IDSVia64 - ok
20:27:48.0130 0x0fdc  IEEtwCollectorService - ok
20:27:48.0291 0x0fdc  [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
20:27:48.0455 0x0fdc  IKEEXT - ok
20:27:49.0447 0x0fdc  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
20:27:50.0323 0x0fdc  IntcAzAudAddService - ok
20:27:50.0395 0x0fdc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
20:27:50.0443 0x0fdc  intelide - ok
20:27:50.0507 0x0fdc  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\WINDOWS\system32\drivers\intelpep.sys
20:27:50.0566 0x0fdc  intelpep - ok
20:27:50.0627 0x0fdc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
20:27:50.0681 0x0fdc  intelppm - ok
20:27:50.0720 0x0fdc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
20:27:50.0788 0x0fdc  IpFilterDriver - ok
20:27:50.0911 0x0fdc  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
20:27:51.0084 0x0fdc  iphlpsvc - ok
20:27:51.0171 0x0fdc  [ FD9C9E9E3F0ED51502C7E8C066BE26B9, 290E74380F1543DD22C9F3821513B3E2FB42E995724238D8779CBBCB4FC386C8 ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
20:27:51.0253 0x0fdc  IPMIDRV - ok
20:27:51.0299 0x0fdc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
20:27:51.0403 0x0fdc  IPNAT - ok
20:27:51.0514 0x0fdc  [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
20:27:51.0585 0x0fdc  iPod Service - ok
20:27:51.0646 0x0fdc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
20:27:51.0692 0x0fdc  IRENUM - ok
20:27:51.0748 0x0fdc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
20:27:51.0789 0x0fdc  isapnp - ok
20:27:51.0954 0x0fdc  [ D90AB68D0FAC9F357F663670FDBB511E, A82AAA5DF1B38EFBDCF834535A0C520D1BB2D7A4A906C18CFDD22BCF16BDB97D ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
20:27:52.0141 0x0fdc  iScsiPrt - ok
20:27:52.0215 0x0fdc  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
20:27:52.0271 0x0fdc  kbdclass - ok
20:27:52.0325 0x0fdc  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
20:27:52.0455 0x0fdc  kbdhid - ok
20:27:52.0542 0x0fdc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
20:27:52.0621 0x0fdc  kdnic - ok
20:27:52.0688 0x0fdc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\WINDOWS\system32\lsass.exe
20:27:52.0733 0x0fdc  KeyIso - ok
20:27:52.0773 0x0fdc  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
20:27:52.0827 0x0fdc  KSecDD - ok
20:27:52.0961 0x0fdc  [ F88CC88F4A6D8476F1664E805CA18CC2, 2C61EE5EEA4FD45AA3FA927CC16E34EF90BD44324EAB14198AF65C3A27617991 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
20:27:53.0015 0x0fdc  KSecPkg - ok
20:27:53.0066 0x0fdc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
20:27:53.0135 0x0fdc  ksthunk - ok
20:27:53.0217 0x0fdc  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
20:27:53.0292 0x0fdc  KtmRm - ok
20:27:53.0482 0x0fdc  [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
20:27:53.0653 0x0fdc  LanmanServer - ok
20:27:53.0753 0x0fdc  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
20:27:53.0810 0x0fdc  LanmanWorkstation - ok
20:27:53.0891 0x0fdc  [ 626D19F1771E1AE72208AE9A8F3082F7, 78FDB64545ED2EAE9F51C08120E21D2C3285208F6846BD8BBA08CAA839E7A0C4 ] lfsvc           C:\WINDOWS\System32\GeofenceMonitorService.dll
20:27:53.0958 0x0fdc  lfsvc - ok
20:27:53.0990 0x0fdc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
20:27:54.0028 0x0fdc  lltdio - ok
20:27:54.0095 0x0fdc  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
20:27:54.0149 0x0fdc  lltdsvc - ok
20:27:54.0202 0x0fdc  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
20:27:54.0247 0x0fdc  lmhosts - ok
20:27:54.0326 0x0fdc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
20:27:54.0371 0x0fdc  LSI_SAS - ok
20:27:54.0409 0x0fdc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
20:27:54.0444 0x0fdc  LSI_SAS2 - ok
20:27:54.0487 0x0fdc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\WINDOWS\system32\drivers\lsi_sas3.sys
20:27:54.0530 0x0fdc  LSI_SAS3 - ok
20:27:54.0573 0x0fdc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
20:27:54.0615 0x0fdc  LSI_SSS - ok
20:27:54.0785 0x0fdc  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] LSM             C:\WINDOWS\System32\lsm.dll
20:27:54.0968 0x0fdc  LSM - ok
20:27:55.0057 0x0fdc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
20:27:55.0127 0x0fdc  luafv - ok
20:27:55.0195 0x0fdc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
20:27:55.0250 0x0fdc  megasas - ok
20:27:55.0356 0x0fdc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\WINDOWS\system32\drivers\megasr.sys
20:27:55.0444 0x0fdc  megasr - ok
20:27:55.0494 0x0fdc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
20:27:55.0550 0x0fdc  MMCSS - ok
20:27:55.0578 0x0fdc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
20:27:55.0634 0x0fdc  Modem - ok
20:27:55.0689 0x0fdc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
20:27:55.0764 0x0fdc  monitor - ok
20:27:55.0825 0x0fdc  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
20:27:55.0885 0x0fdc  mouclass - ok
20:27:56.0401 0x0fdc  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
20:27:56.0491 0x0fdc  mouhid - ok
20:27:56.0576 0x0fdc  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
20:27:56.0644 0x0fdc  mountmgr - ok
 
End of part 1

  • 0

#8
Spencer4134
Posted 12 August 2014 - 08:54 PM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

TDSSKiller Part 2:

 

20:27:56.0707 0x0fdc  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
20:27:56.0773 0x0fdc  mpsdrv - ok
20:27:56.0865 0x0fdc  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
20:27:56.0971 0x0fdc  MpsSvc - ok
20:27:57.0034 0x0fdc  [ 1D55DADC22D21883A2F80297F5A5AE48, B79DF4AFC2A9CBC54E74233596544D6E41C8CAA0516BD57CA695D051EC780265 ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
20:27:57.0140 0x0fdc  MRxDAV - ok
20:27:57.0208 0x0fdc  [ 0696F66E4D423793951A60562F794D14, E808E4E160C019F2F10762758F48C4565037974775CD267DF06B8B4A2CE26705 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
20:27:57.0333 0x0fdc  mrxsmb - ok
20:27:57.0405 0x0fdc  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
20:27:57.0498 0x0fdc  mrxsmb10 - ok
20:27:57.0583 0x0fdc  [ DBA635C6398782C549E3BE45CF1D0411, E9806E075F401D3E7357E876C7F941F7DAFFBBEE065DC3FE556014F5D92EDAC0 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
20:27:57.0624 0x0fdc  mrxsmb20 - ok
20:27:57.0657 0x0fdc  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
20:27:57.0719 0x0fdc  MsBridge - ok
20:27:57.0786 0x0fdc  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\WINDOWS\System32\msdtc.exe
20:27:57.0872 0x0fdc  MSDTC - ok
20:27:57.0915 0x0fdc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
20:27:58.0035 0x0fdc  Msfs - ok
20:27:58.0083 0x0fdc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
20:27:58.0133 0x0fdc  msgpiowin32 - ok
20:27:58.0179 0x0fdc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
20:27:58.0220 0x0fdc  mshidkmdf - ok
20:27:58.0252 0x0fdc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
20:27:58.0301 0x0fdc  mshidumdf - ok
20:27:58.0331 0x0fdc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
20:27:58.0387 0x0fdc  msisadrv - ok
20:27:58.0471 0x0fdc  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
20:27:58.0521 0x0fdc  MSiSCSI - ok
20:27:58.0538 0x0fdc  msiserver - ok
20:27:58.0578 0x0fdc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
20:27:58.0629 0x0fdc  MSKSSRV - ok
20:27:58.0654 0x0fdc  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
20:27:58.0716 0x0fdc  MsLldp - ok
20:27:58.0747 0x0fdc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
20:27:58.0791 0x0fdc  MSPCLOCK - ok
20:27:58.0818 0x0fdc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
20:27:58.0864 0x0fdc  MSPQM - ok
20:27:58.0935 0x0fdc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
20:27:58.0989 0x0fdc  MsRPC - ok
20:27:59.0032 0x0fdc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
20:27:59.0065 0x0fdc  mssmbios - ok
20:27:59.0153 0x0fdc  MSSQL$SQLEXPRESS - ok
20:27:59.0227 0x0fdc  [ F1761C8FB2B25A32C6D63E36BB88C3AE, C88F5EF7B547DAA2394888362916FA18F07241E0BF2B938297428A1C04FFD806 ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
20:27:59.0271 0x0fdc  MSSQLServerADHelper100 - ok
20:27:59.0294 0x0fdc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
20:27:59.0331 0x0fdc  MSTEE - ok
20:27:59.0908 0x0fdc  [ CB4A082AF58D1A0969F931816D5CFB05, 4C5EBAF60E320F671F0127635141BE4A7E13C4D640ECD113460A1915D9A7348D ] msvsmon90       C:\Program Files\Microsoft Visual Studio 9.0\Common7\IDE\Remote Debugger\x64\msvsmon.exe
20:28:00.0453 0x0fdc  msvsmon90 - ok
20:28:00.0512 0x0fdc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
20:28:00.0603 0x0fdc  MTConfig - ok
20:28:00.0659 0x0fdc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
20:28:00.0717 0x0fdc  Mup - ok
20:28:00.0764 0x0fdc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
20:28:00.0810 0x0fdc  mvumis - ok
20:28:00.0881 0x0fdc  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\WINDOWS\system32\qagentRT.dll
20:28:00.0964 0x0fdc  napagent - ok
20:28:01.0045 0x0fdc  [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
20:28:01.0224 0x0fdc  NativeWifiP - ok
20:28:01.0331 0x0fdc  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140812.008\ENG64.SYS
20:28:01.0372 0x0fdc  NAVENG - ok
20:28:01.0625 0x0fdc  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Internet Security\NortonData\21.1.0.18\Definitions\VirusDefs\20140812.008\EX64.SYS
20:28:01.0951 0x0fdc  NAVEX15 - ok
20:28:02.0042 0x0fdc  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
20:28:02.0107 0x0fdc  NcaSvc - ok
20:28:02.0142 0x0fdc  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\WINDOWS\System32\ncbservice.dll
20:28:02.0249 0x0fdc  NcbService - ok
20:28:02.0294 0x0fdc  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
20:28:02.0464 0x0fdc  NcdAutoSetup - ok
20:28:02.0613 0x0fdc  [ F21B77B4D74092A543807D3CEB711A88, 5C3C17A10E990070FAB317C0C5333DE768E408CAF43EC4FA9D18116C6EE3B3DC ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
20:28:02.0777 0x0fdc  NDIS - ok
20:28:02.0825 0x0fdc  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
20:28:02.0880 0x0fdc  NdisCap - ok
20:28:02.0911 0x0fdc  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
20:28:02.0975 0x0fdc  NdisImPlatform - ok
20:28:02.0996 0x0fdc  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
20:28:03.0044 0x0fdc  NdisTapi - ok
20:28:03.0066 0x0fdc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
20:28:03.0113 0x0fdc  Ndisuio - ok
20:28:03.0138 0x0fdc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\WINDOWS\System32\drivers\NdisVirtualBus.sys
20:28:03.0188 0x0fdc  NdisVirtualBus - ok
20:28:03.0235 0x0fdc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:28:03.0310 0x0fdc  NdisWan - ok
20:28:03.0335 0x0fdc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
20:28:03.0381 0x0fdc  NdisWanLegacy - ok
20:28:03.0405 0x0fdc  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
20:28:03.0452 0x0fdc  NDProxy - ok
20:28:03.0477 0x0fdc  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
20:28:03.0522 0x0fdc  Ndu - ok
20:28:03.0555 0x0fdc  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
20:28:03.0615 0x0fdc  NetBIOS - ok
20:28:03.0695 0x0fdc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
20:28:03.0855 0x0fdc  NetBT - ok
20:28:03.0921 0x0fdc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\WINDOWS\system32\lsass.exe
20:28:03.0997 0x0fdc  Netlogon - ok
20:28:04.0070 0x0fdc  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\WINDOWS\System32\netman.dll
20:28:04.0182 0x0fdc  Netman - ok
20:28:04.0288 0x0fdc  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
20:28:04.0390 0x0fdc  netprofm - ok
20:28:04.0511 0x0fdc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
20:28:04.0632 0x0fdc  NetTcpPortSharing - ok
20:28:04.0683 0x0fdc  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\WINDOWS\system32\DRIVERS\netvsc63.sys
20:28:04.0741 0x0fdc  netvsc - ok
20:28:05.0026 0x0fdc  [ F9FF75495330F23276EEADFE7E6DCBB9, 1213BAAD9297B560F77E3779DA28832A70F2C8C616809723D0BDF46E7E44800C ] NIS             C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\NIS.exe
20:28:05.0282 0x0fdc  NIS - ok
20:28:05.0372 0x0fdc  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
20:28:05.0488 0x0fdc  NlaSvc - ok
20:28:05.0531 0x0fdc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
20:28:05.0587 0x0fdc  Npfs - ok
20:28:05.0657 0x0fdc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
20:28:05.0740 0x0fdc  npsvctrig - ok
20:28:05.0787 0x0fdc  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\WINDOWS\system32\nsisvc.dll
20:28:05.0867 0x0fdc  nsi - ok
20:28:05.0918 0x0fdc  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
20:28:05.0969 0x0fdc  nsiproxy - ok
20:28:06.0210 0x0fdc  [ 1C80517BE6836A812F6A9B99B8321351, 7DBED4633820E201C9C242D961EF6F25BA2B1D5593BA60F707CC71A4014C2D4B ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
20:28:06.0542 0x0fdc  Ntfs - ok
20:28:06.0617 0x0fdc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\WINDOWS\system32\drivers\Null.sys
20:28:06.0669 0x0fdc  Null - ok
20:28:06.0737 0x0fdc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
20:28:06.0826 0x0fdc  nvraid - ok
20:28:06.0892 0x0fdc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
20:28:06.0957 0x0fdc  nvstor - ok
20:28:07.0033 0x0fdc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
20:28:07.0092 0x0fdc  nv_agp - ok
20:28:07.0202 0x0fdc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
20:28:07.0249 0x0fdc  ose - ok
20:28:07.0923 0x0fdc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
20:28:08.0493 0x0fdc  osppsvc - ok
20:28:08.0612 0x0fdc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
20:28:08.0719 0x0fdc  p2pimsvc - ok
20:28:08.0788 0x0fdc  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
20:28:08.0874 0x0fdc  p2psvc - ok
20:28:08.0930 0x0fdc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\WINDOWS\System32\drivers\parport.sys
20:28:08.0988 0x0fdc  Parport - ok
20:28:09.0021 0x0fdc  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
20:28:09.0065 0x0fdc  partmgr - ok
20:28:09.0145 0x0fdc  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
20:28:09.0254 0x0fdc  PcaSvc - ok
20:28:09.0379 0x0fdc  [ 275AFE3FA35E8D78BE97695DF49817C6, 447CEBB16285AE073B4251D2DA71399306EF2DCB7F56286ABE2F0BD6C83EB489 ] pci             C:\WINDOWS\system32\drivers\pci.sys
20:28:09.0465 0x0fdc  pci - ok
20:28:09.0520 0x0fdc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
20:28:09.0568 0x0fdc  pciide - ok
20:28:09.0637 0x0fdc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
20:28:09.0701 0x0fdc  pcmcia - ok
20:28:09.0747 0x0fdc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
20:28:09.0804 0x0fdc  pcw - ok
20:28:09.0855 0x0fdc  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
20:28:09.0918 0x0fdc  pdc - ok
20:28:10.0023 0x0fdc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
20:28:10.0170 0x0fdc  PEAUTH - ok
20:28:10.0905 0x0fdc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
20:28:11.0017 0x0fdc  PerfHost - ok
20:28:11.0228 0x0fdc  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\WINDOWS\system32\pla.dll
20:28:11.0490 0x0fdc  pla - ok
20:28:11.0572 0x0fdc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
20:28:11.0634 0x0fdc  PlugPlay - ok
20:28:11.0702 0x0fdc  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
20:28:11.0780 0x0fdc  PNRPAutoReg - ok
20:28:11.0861 0x0fdc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
20:28:11.0948 0x0fdc  PNRPsvc - ok
20:28:12.0043 0x0fdc  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
20:28:12.0155 0x0fdc  PolicyAgent - ok
20:28:12.0225 0x0fdc  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\WINDOWS\system32\umpo.dll
20:28:12.0315 0x0fdc  Power - ok
20:28:12.0846 0x0fdc  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
20:28:13.0323 0x0fdc  PrintNotify - ok
20:28:13.0468 0x0fdc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\WINDOWS\System32\drivers\processr.sys
20:28:13.0525 0x0fdc  Processor - ok
20:28:13.0596 0x0fdc  [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
20:28:13.0713 0x0fdc  ProfSvc - ok
20:28:13.0781 0x0fdc  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
20:28:13.0865 0x0fdc  Psched - ok
20:28:13.0945 0x0fdc  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\WINDOWS\system32\qwave.dll
20:28:14.0039 0x0fdc  QWAVE - ok
20:28:14.0082 0x0fdc  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
20:28:14.0156 0x0fdc  QWAVEdrv - ok
20:28:14.0213 0x0fdc  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
20:28:14.0276 0x0fdc  RasAcd - ok
20:28:14.0323 0x0fdc  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
20:28:14.0399 0x0fdc  RasAuto - ok
20:28:14.0484 0x0fdc  [ 5C7B86EE33505E36026AFAAB62DA6364, 903BB1A355AC746BF09C2A7C87B068168648DB79DEF39AB1DC710B6A7A5F6556 ] RasMan          C:\WINDOWS\System32\rasmans.dll
20:28:14.0620 0x0fdc  RasMan - ok
20:28:14.0656 0x0fdc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
20:28:14.0737 0x0fdc  RasPppoe - ok
20:28:14.0812 0x0fdc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
20:28:14.0911 0x0fdc  rdbss - ok
20:28:14.0963 0x0fdc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
20:28:15.0047 0x0fdc  rdpbus - ok
20:28:15.0111 0x0fdc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
20:28:15.0220 0x0fdc  RDPDR - ok
20:28:15.0319 0x0fdc  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
20:28:15.0373 0x0fdc  RdpVideoMiniport - ok
20:28:15.0424 0x0fdc  [ A26AEC49F318FEE141DDDB2C5F99B3E6, 246AD79FF27E79DEDCB0AAA7C22A8EA6349DEDAC863413A1E378E68FD94C9C4F ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
20:28:15.0501 0x0fdc  rdyboost - ok
20:28:15.0591 0x0fdc  [ E515A287C8FAE901EB8FB42F168E14F2, 9AE8D608587713FD18BB728BADD402C86FFF06A67359B22ED9431705522BC310 ] ReFS            C:\WINDOWS\system32\drivers\ReFS.sys
20:28:15.0704 0x0fdc  ReFS - ok
20:28:15.0773 0x0fdc  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
20:28:15.0842 0x0fdc  RemoteAccess - ok
20:28:15.0889 0x0fdc  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
20:28:15.0985 0x0fdc  RemoteRegistry - ok
20:28:16.0045 0x0fdc  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
20:28:16.0136 0x0fdc  RpcEptMapper - ok
20:28:16.0192 0x0fdc  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\WINDOWS\system32\locator.exe
20:28:16.0260 0x0fdc  RpcLocator - ok
20:28:16.0366 0x0fdc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
20:28:16.0495 0x0fdc  RpcSs - ok
20:28:16.0582 0x0fdc  [ A1D5FFEFDBEB3881EC3D74CC7136847F, B3D278267EF17CC6F2FAF92D3FE67734FB9689EDDFA2A78F620300409DA5D0BB ] RSP2STOR        C:\WINDOWS\system32\DRIVERS\RtsP2Stor.sys
20:28:16.0648 0x0fdc  RSP2STOR - ok
20:28:16.0700 0x0fdc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
20:28:16.0787 0x0fdc  rspndr - ok
20:28:16.0905 0x0fdc  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\WINDOWS\system32\DRIVERS\Rt630x64.sys
20:28:17.0029 0x0fdc  RTL8168 - ok
20:28:17.0083 0x0fdc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
20:28:17.0143 0x0fdc  s3cap - ok
20:28:17.0189 0x0fdc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\WINDOWS\system32\lsass.exe
20:28:17.0254 0x0fdc  SamSs - ok
20:28:17.0334 0x0fdc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
20:28:17.0404 0x0fdc  sbp2port - ok
20:28:17.0461 0x0fdc  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
20:28:17.0536 0x0fdc  SCardSvr - ok
20:28:17.0590 0x0fdc  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\WINDOWS\System32\ScDeviceEnum.dll
20:28:17.0646 0x0fdc  ScDeviceEnum - ok
20:28:17.0697 0x0fdc  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
20:28:17.0762 0x0fdc  scfilter - ok
20:28:17.0936 0x0fdc  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
20:28:18.0142 0x0fdc  Schedule - ok
20:28:18.0201 0x0fdc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
20:28:18.0276 0x0fdc  SCPolicySvc - ok
20:28:18.0370 0x0fdc  [ FDEC5799BA499D18AFA3A540538866E7, 551EE0945FE4EC213FFF623E524500B57531EFEA2D76FA7ED1D2D605E7E2168F ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
20:28:18.0449 0x0fdc  sdbus - ok
20:28:18.0520 0x0fdc  [ 0B1E929D11A8E358106955603FAC65E8, A5EC91BFC0873EC6AB1D0DB4E91654BD35339BD680E7E82DA2DC64996B4AE515 ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
20:28:18.0576 0x0fdc  sdstor - ok
20:28:18.0616 0x0fdc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
20:28:18.0666 0x0fdc  secdrv - ok
20:28:18.0728 0x0fdc  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\WINDOWS\system32\seclogon.dll
20:28:18.0813 0x0fdc  seclogon - ok
20:28:18.0852 0x0fdc  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\WINDOWS\System32\sens.dll
20:28:18.0952 0x0fdc  SENS - ok
20:28:19.0032 0x0fdc  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
20:28:19.0116 0x0fdc  SensrSvc - ok
20:28:19.0218 0x0fdc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
20:28:19.0275 0x0fdc  SerCx - ok
20:28:19.0369 0x0fdc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\WINDOWS\system32\drivers\SerCx2.sys
20:28:19.0455 0x0fdc  SerCx2 - ok
20:28:19.0517 0x0fdc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
20:28:19.0569 0x0fdc  Serenum - ok
20:28:19.0653 0x0fdc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
20:28:19.0723 0x0fdc  Serial - ok
20:28:19.0784 0x0fdc  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
20:28:19.0819 0x0fdc  sermouse - ok
20:28:19.0918 0x0fdc  [ D5C3776CBD8BC307DCCA3FD4CE667A37, 98E4253B770C25914C91A6148E2EA15ED0EF37ADCB042A47252DBA135972BF74 ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
20:28:20.0004 0x0fdc  SessionEnv - ok
20:28:20.0035 0x0fdc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
20:28:20.0070 0x0fdc  sfloppy - ok
20:28:20.0126 0x0fdc  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
20:28:20.0193 0x0fdc  SharedAccess - ok
20:28:20.0300 0x0fdc  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
20:28:20.0403 0x0fdc  ShellHWDetection - ok
20:28:20.0443 0x0fdc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
20:28:20.0481 0x0fdc  SiSRaid2 - ok
20:28:20.0503 0x0fdc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
20:28:20.0537 0x0fdc  SiSRaid4 - ok
20:28:20.0584 0x0fdc  [ AF5CC3F9B88F140D78FC967ABF0F4EC7, 7CE3AB7B0A36635CF00E35E84C14B8661FAF794ABCFA61AE45A0E5E8EA996A3B ] SmbDrv          C:\WINDOWS\System32\drivers\Smb_driver_AMDASF.sys
20:28:20.0617 0x0fdc  SmbDrv - ok
20:28:20.0641 0x0fdc  [ 19555D03CB179BED8B8AAA239A36BDA4, 7B975821D52ABE077496B3CFC010B33D478CD2C36E6A74D8F72D2BF582B8C84A ] SmbDrvI         C:\WINDOWS\System32\drivers\Smb_driver_Intel.sys
20:28:20.0660 0x0fdc  SmbDrvI - ok
20:28:20.0703 0x0fdc  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\WINDOWS\System32\smphost.dll
20:28:20.0749 0x0fdc  smphost - ok
20:28:20.0810 0x0fdc  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
20:28:20.0877 0x0fdc  SNMPTRAP - ok
20:28:20.0981 0x0fdc  [ 33977549C2CED09936E05BEE7659EAFF, EB95C72ED0EAC59A50E6882B2501049191A796542C42414FAF0028907C669B21 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
20:28:21.0080 0x0fdc  spaceport - ok
20:28:21.0145 0x0fdc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
20:28:21.0208 0x0fdc  SpbCx - ok
20:28:21.0328 0x0fdc  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\WINDOWS\System32\spoolsv.exe
20:28:21.0514 0x0fdc  Spooler - ok
20:28:22.0395 0x0fdc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
20:28:23.0054 0x0fdc  sppsvc - ok
20:28:23.0232 0x0fdc  [ EB2FD937449B7ACEB39372F875EB8E78, ED99556AF0E342F534FE8A1B24C254FEE841CBD683CD3528B2D05C809765EAC3 ] SQLAgent$SQLEXPRESS c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\SQLAGENT.EXE
20:28:23.0321 0x0fdc  SQLAgent$SQLEXPRESS - ok
20:28:23.0456 0x0fdc  [ 99DE6ACFA5CA83FAD6A765C81C6F129F, E152BEBFA302BDB1BEF53F1B4C710BE2EA6DC5AD9D04704575B73B1D464CD582 ] SQLBrowser      c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
20:28:23.0525 0x0fdc  SQLBrowser - ok
20:28:23.0673 0x0fdc  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] SQLWriter       c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:28:23.0700 0x0fdc  SQLWriter - ok
20:28:23.0877 0x0fdc  [ F718A57D946EAC76EFCB351D74E269F4, 473AE48BACEE64A9582814951B731BDDDEB48D2E9D407ACEAA3F0850B536DABA ] SRTSP           C:\WINDOWS\System32\Drivers\NISx64\1504000.00D\SRTSP64.SYS
20:28:23.0963 0x0fdc  SRTSP - ok
20:28:24.0058 0x0fdc  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\WINDOWS\system32\drivers\NISx64\1504000.00D\SRTSPX64.SYS
20:28:24.0083 0x0fdc  SRTSPX - ok
20:28:24.0152 0x0fdc  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
20:28:24.0233 0x0fdc  srv - ok
20:28:24.0393 0x0fdc  [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
20:28:25.0039 0x0fdc  srv2 - ok
20:28:25.0168 0x0fdc  [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
20:28:25.0232 0x0fdc  srvnet - ok
20:28:25.0345 0x0fdc  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
20:28:25.0521 0x0fdc  SSDPSRV - ok
20:28:25.0633 0x0fdc  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
20:28:25.0730 0x0fdc  SstpSvc - ok
20:28:25.0804 0x0fdc  [ 5252D7BC56E5E0ED715AEA8FE173A455, 1408B3E98B35A449434718777EE70595F0D306197A428279C6281D2F1953F259 ] ssudmdm         C:\WINDOWS\system32\DRIVERS\ssudmdm.sys
20:28:25.0845 0x0fdc  ssudmdm - ok
20:28:25.0934 0x0fdc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
20:28:25.0981 0x0fdc  stexstor - ok
20:28:26.0157 0x0fdc  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
20:28:26.0286 0x0fdc  stisvc - ok
20:28:26.0386 0x0fdc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
20:28:26.0475 0x0fdc  storahci - ok
20:28:26.0662 0x0fdc  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
20:28:26.0896 0x0fdc  storflt - ok
20:28:26.0943 0x0fdc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\WINDOWS\system32\drivers\stornvme.sys
20:28:27.0010 0x0fdc  stornvme - ok
20:28:27.0076 0x0fdc  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\WINDOWS\system32\storsvc.dll
20:28:27.0145 0x0fdc  StorSvc - ok
20:28:27.0236 0x0fdc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
20:28:27.0270 0x0fdc  storvsc - ok
20:28:27.0323 0x0fdc  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\WINDOWS\system32\svsvc.dll
20:28:27.0412 0x0fdc  svsvc - ok
20:28:27.0452 0x0fdc  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
20:28:27.0495 0x0fdc  swenum - ok
20:28:27.0594 0x0fdc  [ 850EBB87584484DC16F917E7B6F4A304, C253D1DFFCDFB018432063602FB01DBCBDDD6E03458E5C366AABD4670F114B0C ] swprv           C:\WINDOWS\System32\swprv.dll
20:28:27.0700 0x0fdc  swprv - ok
20:28:27.0759 0x0fdc  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\WINDOWS\system32\drivers\NISx64\1504000.00D\SYMDS64.SYS
20:28:27.0835 0x0fdc  SymDS - ok
20:28:27.0988 0x0fdc  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\WINDOWS\system32\drivers\NISx64\1504000.00D\SYMEFA64.SYS
20:28:28.0091 0x0fdc  SymEFA - ok
20:28:28.0140 0x0fdc  [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM         C:\WINDOWS\system32\drivers\NISx64\1504000.00D\SymELAM.sys
20:28:28.0195 0x0fdc  SymELAM - ok
20:28:28.0281 0x0fdc  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
20:28:28.0314 0x0fdc  SymEvent - ok
20:28:28.0367 0x0fdc  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\WINDOWS\system32\drivers\NISx64\1504000.00D\Ironx64.SYS
20:28:28.0416 0x0fdc  SymIRON - ok
20:28:28.0480 0x0fdc  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\WINDOWS\System32\Drivers\NISx64\1504000.00D\SYMNETS.SYS
20:28:28.0549 0x0fdc  SymNetS - ok
20:28:28.0636 0x0fdc  [ 1C9BC67929C728DED1091CA19C3F7D41, 78C7EA28E339FCDBD74470938298E33AB41A14CEE967E1B82CE1D11C54594135 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
20:28:28.0693 0x0fdc  SynTP - ok
20:28:28.0828 0x0fdc  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] SysMain         C:\WINDOWS\system32\sysmain.dll
20:28:28.0990 0x0fdc  SysMain - ok
20:28:29.0046 0x0fdc  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
20:28:29.0113 0x0fdc  SystemEventsBroker - ok
20:28:29.0169 0x0fdc  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
20:28:29.0242 0x0fdc  TabletInputService - ok
20:28:29.0316 0x0fdc  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
20:28:29.0435 0x0fdc  TapiSrv - ok
20:28:29.0813 0x0fdc  [ 4B666AE119D2ADBAC816BEA7DB4D6881, FCF90241548B893B01CE016D1F0B3D1564B6A4B39ADFBAE077A52F5D8240C8C4 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
20:28:30.0139 0x0fdc  Tcpip - ok
20:28:30.0445 0x0fdc  [ 4B666AE119D2ADBAC816BEA7DB4D6881, FCF90241548B893B01CE016D1F0B3D1564B6A4B39ADFBAE077A52F5D8240C8C4 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
20:28:30.0691 0x0fdc  TCPIP6 - ok
20:28:30.0776 0x0fdc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
20:28:30.0882 0x0fdc  tcpipreg - ok
20:28:31.0109 0x0fdc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
20:28:31.0301 0x0fdc  tdx - ok
20:28:31.0381 0x0fdc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
20:28:31.0411 0x0fdc  terminpt - ok
20:28:31.0590 0x0fdc  [ 3D748E5558FD9A9F03182CB2330698DC, 70B2069AB7912EB49AB3ABD18D4B42CB94AC99CA6DE3F63F4888B8EAAC78AAA2 ] TermService     C:\WINDOWS\System32\termsrv.dll
20:28:31.0825 0x0fdc  TermService - ok
20:28:31.0911 0x0fdc  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\WINDOWS\system32\themeservice.dll
20:28:31.0988 0x0fdc  Themes - ok
20:28:32.0140 0x0fdc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
20:28:32.0175 0x0fdc  THREADORDER - ok
20:28:32.0353 0x0fdc  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
20:28:32.0455 0x0fdc  TimeBroker - ok
20:28:32.0693 0x0fdc  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
20:28:32.0757 0x0fdc  TPM - ok
20:28:33.0245 0x0fdc  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
20:28:33.0396 0x0fdc  TrkWks - ok
20:28:33.0663 0x0fdc  [ 887CC44830D3F367CAD17A0CA7CCA5C8, D4022A76433A11FD66D0F41A1EB4D6893BC5B22317E7E9E021739109EB493B44 ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
20:28:33.0728 0x0fdc  TrustedInstaller - ok
20:28:33.0841 0x0fdc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
20:28:34.0029 0x0fdc  TsUsbFlt - ok
20:28:34.0095 0x0fdc  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
20:28:34.0224 0x0fdc  TsUsbGD - ok
20:28:34.0391 0x0fdc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
20:28:34.0482 0x0fdc  tunnel - ok
20:28:34.0581 0x0fdc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
20:28:34.0676 0x0fdc  uagp35 - ok
20:28:34.0777 0x0fdc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
20:28:34.0851 0x0fdc  UASPStor - ok
20:28:35.0013 0x0fdc  [ B034A41891A36457B994307DFA772293, CA5E6500764A9777AE0E15B2AFB6F05982C90F01374E3F6DDC6DF3852282C66B ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
20:28:35.0082 0x0fdc  UCX01000 - ok
20:28:35.0152 0x0fdc  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
20:28:35.0241 0x0fdc  udfs - ok
20:28:35.0311 0x0fdc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\WINDOWS\System32\drivers\UEFI.sys
20:28:35.0353 0x0fdc  UEFI - ok
20:28:35.0457 0x0fdc  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
20:28:35.0539 0x0fdc  UI0Detect - ok
20:28:35.0608 0x0fdc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
20:28:35.0645 0x0fdc  uliagpkx - ok
20:28:35.0686 0x0fdc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
20:28:35.0742 0x0fdc  umbus - ok
20:28:35.0873 0x0fdc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
20:28:35.0943 0x0fdc  UmPass - ok
20:28:36.0049 0x0fdc  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
20:28:36.0198 0x0fdc  UmRdpService - ok
20:28:36.0328 0x0fdc  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\WINDOWS\System32\upnphost.dll
20:28:36.0467 0x0fdc  upnphost - ok
20:28:36.0574 0x0fdc  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
20:28:36.0677 0x0fdc  usbccgp - ok
20:28:36.0882 0x0fdc  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
20:28:37.0130 0x0fdc  usbcir - ok
20:28:37.0208 0x0fdc  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
20:28:37.0279 0x0fdc  usbehci - ok
20:28:37.0369 0x0fdc  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
20:28:37.0413 0x0fdc  usbfilter - ok
20:28:37.0798 0x0fdc  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
20:28:38.0120 0x0fdc  usbhub - ok
20:28:38.0526 0x0fdc  [ CFC52C49BEFE4D70D87FFA900EAB9777, 09A2F5D8AB07C3AE3F2B092F4DD7AE5838736CDC263016F188B442B32EC928F8 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
20:28:39.0005 0x0fdc  USBHUB3 - ok
20:28:39.0059 0x0fdc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
20:28:39.0116 0x0fdc  usbohci - ok
20:28:39.0154 0x0fdc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
20:28:39.0203 0x0fdc  usbprint - ok
20:28:39.0464 0x0fdc  [ EA23453240137F6773174E0D93F61A69, 579AD09FB428C2BB8B4055128620A7AADD1B606C1EA44B87A01D69A84232A5D9 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
20:28:39.0675 0x0fdc  USBSTOR - ok
20:28:39.0753 0x0fdc  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
20:28:39.0809 0x0fdc  usbuhci - ok
20:28:40.0120 0x0fdc  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
20:28:40.0296 0x0fdc  usbvideo - ok
20:28:40.0524 0x0fdc  [ 48430B0313FC1CFE3D2400553F1A93CD, 92994DE6B131E904AFF2C9C4FBB4E6B0D58525A1539763327373DA18C9F08193 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
20:28:40.0617 0x0fdc  USBXHCI - ok
20:28:40.0703 0x0fdc  [ 3CAAB947B1F247A570DE15983BEDEBCF, 81480D999F67A1755D5C21CE046FB439F0FBD743F73D23C19BC8C4DEB78A4F91 ] usb_rndisx      C:\WINDOWS\system32\DRIVERS\usb8023x.sys
20:28:40.0899 0x0fdc  usb_rndisx - ok
20:28:41.0100 0x0fdc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\WINDOWS\system32\lsass.exe
20:28:41.0165 0x0fdc  VaultSvc - ok
20:28:41.0223 0x0fdc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
20:28:41.0314 0x0fdc  vdrvroot - ok
20:28:41.0555 0x0fdc  [ E3EF58D4123B5AA29C8E19825AF84A5E, FB1046722BC643E955DBC3B1459DBF2A6D575EBA2BCF7B20A0FA51E3993835E2 ] vds             C:\WINDOWS\System32\vds.exe
20:28:41.0790 0x0fdc  vds - ok
20:28:41.0998 0x0fdc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
20:28:42.0060 0x0fdc  VerifierExt - ok
20:28:42.0590 0x0fdc  [ 52E483A3701A5A61A75A06993720347D, 689E812755E485DF6960D1E049740FBAFB812467D23B673DCAA40C03FEBB544F ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
20:28:42.0987 0x0fdc  vhdmp - ok
20:28:43.0068 0x0fdc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
20:28:43.0116 0x0fdc  viaide - ok
20:28:43.0208 0x0fdc  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
20:28:43.0294 0x0fdc  vmbus - ok
20:28:43.0358 0x0fdc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
20:28:43.0437 0x0fdc  VMBusHID - ok
20:28:43.0565 0x0fdc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\WINDOWS\System32\ICSvc.dll
20:28:43.0687 0x0fdc  vmicguestinterface - ok
20:28:43.0756 0x0fdc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
20:28:43.0828 0x0fdc  vmicheartbeat - ok
20:28:43.0922 0x0fdc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
20:28:43.0986 0x0fdc  vmickvpexchange - ok
20:28:44.0054 0x0fdc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
20:28:44.0117 0x0fdc  vmicrdv - ok
20:28:44.0243 0x0fdc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
20:28:44.0308 0x0fdc  vmicshutdown - ok
20:28:44.0411 0x0fdc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
20:28:44.0471 0x0fdc  vmictimesync - ok
20:28:44.0561 0x0fdc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
20:28:44.0622 0x0fdc  vmicvss - ok
20:28:44.0759 0x0fdc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
20:28:45.0087 0x0fdc  volmgr - ok
20:28:45.0251 0x0fdc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
20:28:45.0430 0x0fdc  volmgrx - ok
20:28:45.0796 0x0fdc  [ 4BB9BC49DEE1A319EC58274A7BBED663, 624491089623A5B68C01A6A000E60D450E8E467619ACEBB90C6FDED0CF670F95 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
20:28:45.0908 0x0fdc  volsnap - ok
20:28:46.0019 0x0fdc  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
20:28:46.0078 0x0fdc  vpci - ok
20:28:46.0218 0x0fdc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
20:28:46.0283 0x0fdc  vsmraid - ok
20:28:46.0624 0x0fdc  [ E369C59F2C0852DDD090C07E0DDE0051, 4FAC94458EAAEED4F84A86FBAB8FBB332D0AF85BD528E63C0C058A2DA8E3011D ] VSS             C:\WINDOWS\system32\vssvc.exe
20:28:47.0056 0x0fdc  VSS - ok
20:28:47.0220 0x0fdc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
20:28:47.0369 0x0fdc  VSTXRAID - ok
20:28:47.0498 0x0fdc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
20:28:47.0663 0x0fdc  vwifibus - ok
20:28:47.0730 0x0fdc  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
20:28:47.0784 0x0fdc  vwififlt - ok
20:28:47.0846 0x0fdc  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
20:28:47.0944 0x0fdc  vwifimp - ok
20:28:48.0065 0x0fdc  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\WINDOWS\system32\w32time.dll
20:28:48.0196 0x0fdc  W32Time - ok
20:28:48.0442 0x0fdc  [ 8E553C859C83784DEC08B10AFC3EAC92, 41D8DBA1500DBD3AC9783169ACF545805EF05069F12866238992A30794369254 ] w3logsvc        C:\WINDOWS\system32\inetsrv\w3logsvc.dll
20:28:48.0542 0x0fdc  w3logsvc - ok
20:28:48.0598 0x0fdc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
20:28:48.0704 0x0fdc  WacomPen - ok
20:28:48.0902 0x0fdc  [ 9BAE40BD31E3EE0B0C70BEF167E0A2BC, 2419AC815C95F2629E1832973501983D06F788728755605D42D6C8565C3CBBF1 ] WAS             C:\WINDOWS\system32\inetsrv\iisw3adm.dll
20:28:49.0290 0x0fdc  WAS - ok
20:28:49.0655 0x0fdc  [ 61692DB39AD3DF2F29392D68EAA7BB93, 854D4B9C7DD1676968598ED973500650ECEC02C420E44C0B3957C24F073AA5FB ] wbengine        C:\WINDOWS\system32\wbengine.exe
20:28:50.0374 0x0fdc  wbengine - ok
20:28:50.0565 0x0fdc  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
20:28:50.0774 0x0fdc  WbioSrvc - ok
20:28:50.0947 0x0fdc  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
20:28:51.0087 0x0fdc  Wcmsvc - ok
20:28:51.0518 0x0fdc  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
20:28:51.0774 0x0fdc  wcncsvc - ok
20:28:51.0998 0x0fdc  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
20:28:52.0105 0x0fdc  WcsPlugInService - ok
20:28:52.0264 0x0fdc  [ F5D4FA3E1F4879C361FFF3855259D2C2, 48C60FE4AAB011E2250157506FF0624031BFA346F8F2F8C6DFDF6F3CAA4F3F42 ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
20:28:52.0321 0x0fdc  WdBoot - ok
20:28:52.0519 0x0fdc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
20:28:52.0641 0x0fdc  Wdf01000 - ok
20:28:52.0857 0x0fdc  [ 019CC610AD95FF47EAD7C08B7A683B96, BB9D42F8ED90ECA2E7B8C906E06A1EA859FAD9BD1B3492BB1E28C0D00004812A ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
20:28:52.0932 0x0fdc  WdFilter - ok
20:28:53.0081 0x0fdc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
20:28:53.0161 0x0fdc  WdiServiceHost - ok
20:28:53.0236 0x0fdc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
20:28:53.0321 0x0fdc  WdiSystemHost - ok
20:28:53.0554 0x0fdc  [ 6CC1BB8F6851A262E2E824F0E92D5EEF, 45A88A984179BBA38C1F4434C4D6C2823C1FE6AFBE8CB0F656DAE0092D1D5611 ] WdNisDrv        C:\WINDOWS\system32\Drivers\WdNisDrv.sys
20:28:53.0636 0x0fdc  WdNisDrv - ok
20:28:53.0773 0x0fdc  WdNisSvc - ok
20:28:53.0927 0x0fdc  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\WINDOWS\System32\webclnt.dll
20:28:54.0121 0x0fdc  WebClient - ok
20:28:54.0256 0x0fdc  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
20:28:54.0403 0x0fdc  Wecsvc - ok
20:28:54.0663 0x0fdc  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\WINDOWS\system32\wephostsvc.dll
20:28:54.0759 0x0fdc  WEPHOSTSVC - ok
20:28:54.0863 0x0fdc  [ 959534ACF085C137D2D094384EF89C45, D029F440789FE170A1C46217C6DE6D78DC0188A5CF33FCCC17FA65D3BC80C2B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
20:28:55.0083 0x0fdc  wercplsupport - ok
20:28:55.0197 0x0fdc  [ 82BCCF5FBE47AC9E8CBA2020994DFB3F, EA96C6BD98A701B465D0780EC10BDA92E45FE636D60C1385813AA3B456D8B931 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
20:28:55.0405 0x0fdc  WerSvc - ok
20:28:55.0587 0x0fdc  [ BFBE1C5F57FE7A885673A1962D5532B7, F0BD05B257108699FE6AB32EF11F927C31932F27062A705B3FEFA4F5B4C0D8C3 ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
20:28:55.0673 0x0fdc  WFPLWFS - ok
20:28:55.0742 0x0fdc  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
20:28:55.0810 0x0fdc  WiaRpc - ok
20:28:55.0956 0x0fdc  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
20:28:55.0995 0x0fdc  WIMMount - ok
20:28:56.0045 0x0fdc  WinDefend - ok
20:28:56.0186 0x0fdc  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
20:28:56.0289 0x0fdc  WinHttpAutoProxySvc - ok
20:28:56.0724 0x0fdc  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
20:28:56.0793 0x0fdc  Winmgmt - ok
20:28:57.0460 0x0fdc  [ C8D6344BDE2691A196E61C0D3372EAB7, FF8EB79D8A7E298343C22B83276FF68293D08A9DA438BB22600BEFC4CA93A91D ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
20:29:01.0696 0x0fdc  WinRM - ok
20:29:01.0839 0x0fdc  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\WINDOWS\system32\DRIVERS\WinUsb.sys
20:29:01.0910 0x0fdc  WinUsb - ok
20:29:02.0027 0x0fdc  [ DAF801153E8F33E13AB278332250D78A, 0F277DA63E8A058A474994CF3A8345DEA967B78E54F4F97FEC995499A1D541A0 ] WirelessButtonDriver C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys
20:29:02.0076 0x0fdc  WirelessButtonDriver - ok
20:29:02.0310 0x0fdc  [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
20:29:02.0488 0x0fdc  WlanSvc - ok
20:29:02.0716 0x0fdc  [ 5F56C0DE776C7AE43AF749845BFAA1EF, 837993C5853B7E682C7FB8401B7F5D951FFD15E5659EBB1B01DC3F5719ACEE19 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
20:29:02.0953 0x0fdc  wlidsvc - ok
20:29:03.0096 0x0fdc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
20:29:03.0153 0x0fdc  WmiAcpi - ok
20:29:03.0319 0x0fdc  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
20:29:03.0413 0x0fdc  wmiApSrv - ok
20:29:03.0462 0x0fdc  WMPNetworkSvc - ok
20:29:03.0510 0x0fdc  [ 7FC5667DF73D4B04AA457CC3A4180E09, CB7B014945DCA16B6D120DBE0E5876C4C867A4ACD3C3536AEADC14B908613D4E ] Wof             C:\WINDOWS\system32\drivers\Wof.sys
20:29:03.0553 0x0fdc  Wof - ok
20:29:03.0721 0x0fdc  [ 5071E71CC05346D88C5A08EB8B5A05E3, EA2B14130EDD1846B2E25D310B0D49253CFB43C22D3DC7B3179DF7349CC4AEFB ] workfolderssvc  C:\WINDOWS\system32\workfolderssvc.dll
20:29:03.0952 0x0fdc  workfolderssvc - ok
20:29:04.0034 0x0fdc  [ 182561A14F2E93E81E66FE3700D17A5A, FB9A06058A8BCCEDCDC5BF8899D9B2FBA5752C262C5FC6D2B8338884F3303D12 ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
20:29:04.0070 0x0fdc  wpcfltr - ok
20:29:04.0115 0x0fdc  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
20:29:04.0179 0x0fdc  WPCSvc - ok
20:29:04.0279 0x0fdc  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
20:29:04.0358 0x0fdc  WPDBusEnum - ok
20:29:04.0489 0x0fdc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
20:29:04.0542 0x0fdc  WpdUpFltr - ok
20:29:04.0596 0x0fdc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
20:29:04.0644 0x0fdc  ws2ifsl - ok
20:29:04.0770 0x0fdc  [ 9654DE19551093CD73874281E1573C94, 5E3513EC0CB180D90904BE8970AB64A4434279E8C467AE2CF693254E47B1D11E ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
20:29:04.0836 0x0fdc  wscsvc - ok
20:29:04.0957 0x0fdc  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] WSDPrintDevice  C:\WINDOWS\System32\drivers\WSDPrint.sys
20:29:05.0049 0x0fdc  WSDPrintDevice - ok
20:29:05.0101 0x0fdc  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] WSDScan         C:\WINDOWS\system32\DRIVERS\WSDScan.sys
20:29:05.0143 0x0fdc  WSDScan - ok
20:29:05.0223 0x0fdc  WSearch - ok
20:29:05.0652 0x0fdc  [ 95B6670E6933E1DEE19686C55BE709A0, 4B9EB8F1712B7959A71F6DA445D29BD09B25EEFC6B30D736EFE30163D79B233E ] WSService       C:\WINDOWS\System32\WSService.dll
20:29:06.0063 0x0fdc  WSService - ok
20:29:06.0406 0x0fdc  [ E66AC3CA92FC471BFE69F61549193A64, E2DD7EA4ED164EE8FB07546896BE743734B04DE4C9480E84231901CB2C63F31C ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
20:29:06.0767 0x0fdc  wuauserv - ok
20:29:06.0811 0x0fdc  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
20:29:06.0868 0x0fdc  WudfPf - ok
20:29:06.0959 0x0fdc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
20:29:07.0026 0x0fdc  WUDFRd - ok
20:29:07.0104 0x0fdc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:29:07.0181 0x0fdc  WUDFSensorLP - ok
 
End of Part 2

Edited by Spencer4134, 12 August 2014 - 08:55 PM.

  • 0

#9
Spencer4134
Posted 12 August 2014 - 08:59 PM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

TDSSKiller Part 3:

 

 
20:29:07.0239 0x0fdc  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
20:29:07.0306 0x0fdc  wudfsvc - ok
20:29:07.0420 0x0fdc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
20:29:07.0496 0x0fdc  WUDFWpdMtp - ok
20:29:07.0574 0x0fdc  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
20:29:07.0702 0x0fdc  WwanSvc - ok
20:29:08.0052 0x0fdc  ================ Scan global ===============================
20:29:08.0127 0x0fdc  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\WINDOWS\system32\basesrv.dll
20:29:08.0190 0x0fdc  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\WINDOWS\system32\winsrv.dll
20:29:08.0233 0x0fdc  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\WINDOWS\system32\sxssrv.dll
20:29:08.0311 0x0fdc  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\WINDOWS\system32\services.exe
20:29:08.0363 0x0fdc  [ Global ] - ok
20:29:08.0372 0x0fdc  ================ Scan MBR ==================================
20:29:08.0388 0x0fdc  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
20:29:08.0602 0x0fdc  \Device\Harddisk0\DR0 - ok
20:29:08.0610 0x0fdc  ================ Scan VBR ==================================
20:29:08.0628 0x0fdc  [ 579411A3BD9B7298A48DB38BF9283E86 ] \Device\Harddisk0\DR0\Partition1
20:29:08.0656 0x0fdc  \Device\Harddisk0\DR0\Partition1 - ok
20:29:08.0694 0x0fdc  [ 842A0DC8A5DC4D8722F0E3D247E04C76 ] \Device\Harddisk0\DR0\Partition2
20:29:08.0748 0x0fdc  \Device\Harddisk0\DR0\Partition2 - ok
20:29:08.0781 0x0fdc  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition3
20:29:08.0781 0x0fdc  \Device\Harddisk0\DR0\Partition3 - ok
20:29:08.0812 0x0fdc  [ 3CE1FB19C4F58800FE675048E3B3EDA6 ] \Device\Harddisk0\DR0\Partition4
20:29:08.0816 0x0fdc  \Device\Harddisk0\DR0\Partition4 - ok
20:29:08.0875 0x0fdc  [ CA5F8A41F76BFEC8EBC5CCA24BBD4D27 ] \Device\Harddisk0\DR0\Partition5
20:29:08.0987 0x0fdc  \Device\Harddisk0\DR0\Partition5 - ok
20:29:09.0031 0x0fdc  [ 0713EDB69973E1D27FC0A11B03534614 ] \Device\Harddisk0\DR0\Partition6
20:29:09.0148 0x0fdc  \Device\Harddisk0\DR0\Partition6 - ok
20:29:09.0156 0x0fdc  ================ Scan active images ========================
20:29:09.0161 0x0fdc  [ FA47B0AA255B7CF4519E995C6404AE22, F7B315B96E27D1CA00FDB181646B4DF10A0B5AAA7D407AAECAABD7C2348D339F ] C:\Windows\System32\drivers\crashdmp.sys
20:29:09.0161 0x0fdc  C:\Windows\System32\drivers\crashdmp.sys - ok
20:29:09.0175 0x0fdc  [ 224C2CB37497472C345CB2A02DF11363, 73FE60B2D1D7395E1B97B673CC296A5FE36BA4F4AD9EAD13F3F545134DAC7B70 ] C:\Windows\System32\drivers\Diskdump.sys
20:29:09.0175 0x0fdc  C:\Windows\System32\drivers\Diskdump.sys - ok
20:29:09.0194 0x0fdc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] C:\Windows\System32\drivers\amdsata.sys
20:29:09.0194 0x0fdc  C:\Windows\System32\drivers\amdsata.sys - ok
20:29:09.0210 0x0fdc  [ 61A1C2641321A6B89A2B41C5D481EF48, A88596BD3095AB603151BE1C9FB2299039C4A049F940A300FBBBD69EC9D30914 ] C:\Windows\System32\drivers\dumpfve.sys
20:29:09.0211 0x0fdc  C:\Windows\System32\drivers\dumpfve.sys - ok
20:29:09.0231 0x0fdc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] C:\Windows\System32\drivers\cdrom.sys
20:29:09.0231 0x0fdc  C:\Windows\System32\drivers\cdrom.sys - ok
20:29:09.0248 0x0fdc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] C:\Windows\System32\drivers\null.sys
20:29:09.0248 0x0fdc  C:\Windows\System32\drivers\null.sys - ok
20:29:09.0265 0x0fdc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] C:\Windows\System32\drivers\beep.sys
20:29:09.0265 0x0fdc  C:\Windows\System32\drivers\beep.sys - ok
20:29:09.0282 0x0fdc  [ 38A82F4EE8C416A6744B6D30381ED768, 9EAAE5F43BA09359130AC04B1DCA0F5D4DF32ED89C02DC5CEB640918948847F7 ] C:\Windows\System32\drivers\BasicRender.sys
20:29:09.0282 0x0fdc  C:\Windows\System32\drivers\BasicRender.sys - ok
20:29:09.0300 0x0fdc  [ C7D252742946DD395670649742FBD73D, 333CC984CF318D36EA8C5867077A1732A214445EB6B7CF7AC2E8F1C8259CD9C7 ] C:\Windows\System32\drivers\dxgkrnl.sys
20:29:09.0300 0x0fdc  C:\Windows\System32\drivers\dxgkrnl.sys - ok
20:29:09.0317 0x0fdc  [ 9CC0003FB8ED3763B977B43F1012FF63, 6FDB6FFE1D77F9BA0ABDCA387BFD9AE2C547DB8D89C20BB8D5C31798E569BFB7 ] C:\Windows\System32\drivers\watchdog.sys
20:29:09.0317 0x0fdc  C:\Windows\System32\drivers\watchdog.sys - ok
20:29:09.0333 0x0fdc  [ 4030CB06B8D963A45CED9E60C9F2A11E, 886EF96B7A8E8C503CBDFC64BBC8B01AB52978DDC9A5AC3A847CA25627E8ADD0 ] C:\Windows\System32\drivers\dxgmms1.sys
20:29:09.0333 0x0fdc  C:\Windows\System32\drivers\dxgmms1.sys - ok
20:29:09.0343 0x0fdc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] C:\Windows\System32\drivers\BasicDisplay.sys
20:29:09.0343 0x0fdc  C:\Windows\System32\drivers\BasicDisplay.sys - ok
20:29:09.0362 0x0fdc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] C:\Windows\System32\drivers\npfs.sys
20:29:09.0362 0x0fdc  C:\Windows\System32\drivers\npfs.sys - ok
20:29:09.0377 0x0fdc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] C:\Windows\System32\drivers\msfs.sys
20:29:09.0377 0x0fdc  C:\Windows\System32\drivers\msfs.sys - ok
20:29:09.0393 0x0fdc  [ 3C7361E0A5A6966DB957B94ECF924A9E, 6AE6BFD1E6987E85F4C134639F7AC2A92523B9E9A638A7FA0A98E3B195430D24 ] C:\Windows\System32\drivers\tdi.sys
20:29:09.0393 0x0fdc  C:\Windows\System32\drivers\tdi.sys - ok
20:29:09.0408 0x0fdc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] C:\Windows\System32\drivers\tdx.sys
20:29:09.0408 0x0fdc  C:\Windows\System32\drivers\tdx.sys - ok
20:29:09.0425 0x0fdc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] C:\Windows\System32\drivers\netbt.sys
20:29:09.0425 0x0fdc  C:\Windows\System32\drivers\netbt.sys - ok
20:29:09.0435 0x0fdc  [ B9B123DD438E0FA190BE10A77ADCF38E, D2253031DE650A3590127A0F3B2DBAD6B506D0713FA94727F62A21BF568FDA1C ] C:\Windows\System32\drivers\bckd.sys
20:29:09.0435 0x0fdc  C:\Windows\System32\drivers\bckd.sys - ok
20:29:09.0451 0x0fdc  [ 374E27295F0A9DCAA8FC96370F9BEEA5, 51C394E0C2322D7D093941A1B8766171B5D1F47DF2FE0834209492891EA7D999 ] C:\Windows\System32\drivers\afd.sys
20:29:09.0451 0x0fdc  C:\Windows\System32\drivers\afd.sys - ok
20:29:09.0466 0x0fdc  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] C:\Windows\System32\drivers\pacer.sys
20:29:09.0467 0x0fdc  C:\Windows\System32\drivers\pacer.sys - ok
20:29:09.0482 0x0fdc  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] C:\Windows\System32\drivers\netbios.sys
20:29:09.0482 0x0fdc  C:\Windows\System32\drivers\netbios.sys - ok
20:29:09.0498 0x0fdc  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] C:\Windows\System32\drivers\vwififlt.sys
20:29:09.0498 0x0fdc  C:\Windows\System32\drivers\vwififlt.sys - ok
20:29:09.0515 0x0fdc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] C:\Windows\System32\drivers\rdbss.sys
20:29:09.0515 0x0fdc  C:\Windows\System32\drivers\rdbss.sys - ok
20:29:09.0531 0x0fdc  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] C:\Windows\System32\drivers\nsiproxy.sys
20:29:09.0531 0x0fdc  C:\Windows\System32\drivers\nsiproxy.sys - ok
20:29:09.0548 0x0fdc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] C:\Windows\System32\drivers\npsvctrig.sys
20:29:09.0548 0x0fdc  C:\Windows\System32\drivers\npsvctrig.sys - ok
20:29:09.0565 0x0fdc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] C:\Windows\System32\drivers\mssmbios.sys
20:29:09.0565 0x0fdc  C:\Windows\System32\drivers\mssmbios.sys - ok
20:29:09.0580 0x0fdc  [ A03F362C5557E238CBFA914689C77248, BAD0A1124E6A384C15028FBE121ADF650F7716442555AD3737B9EA1F58A69246 ] C:\Windows\System32\drivers\dfsc.sys
20:29:09.0581 0x0fdc  C:\Windows\System32\drivers\dfsc.sys - ok
20:29:09.0596 0x0fdc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] C:\Windows\System32\drivers\dam.sys
20:29:09.0596 0x0fdc  C:\Windows\System32\drivers\dam.sys - ok
20:29:09.0607 0x0fdc  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] C:\Windows\System32\drivers\ahcache.sys
20:29:09.0607 0x0fdc  C:\Windows\System32\drivers\ahcache.sys - ok
20:29:09.0623 0x0fdc  [ 075CCE75090786F124573A788C8656E6, AA188CFF2F8EE2D9F50701AB2315D24E15D7715FD84F5054D3FC175D4BD35734 ] C:\Windows\System32\drivers\CLVirtualDrive.sys
20:29:09.0623 0x0fdc  C:\Windows\System32\drivers\CLVirtualDrive.sys - ok
20:29:09.0639 0x0fdc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] C:\Windows\System32\drivers\CompositeBus.sys
20:29:09.0639 0x0fdc  C:\Windows\System32\drivers\CompositeBus.sys - ok
20:29:09.0655 0x0fdc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] C:\Windows\System32\drivers\kdnic.sys
20:29:09.0655 0x0fdc  C:\Windows\System32\drivers\kdnic.sys - ok
20:29:09.0666 0x0fdc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] C:\Windows\System32\drivers\umbus.sys
20:29:09.0666 0x0fdc  C:\Windows\System32\drivers\umbus.sys - ok
20:29:09.0682 0x0fdc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] C:\Windows\System32\drivers\amdppm.sys
20:29:09.0682 0x0fdc  C:\Windows\System32\drivers\amdppm.sys - ok
20:29:09.0698 0x0fdc  [ D8564418BAC13776E43DB5F6B4FA775E, FC8EF5704C871187AE4945000DB3D3758E8B867E90F8E530B0F12C6438D17D35 ] C:\Windows\System32\smss.exe
20:29:09.0698 0x0fdc  C:\Windows\System32\smss.exe - ok
20:29:09.0713 0x0fdc  [ 939B63CB5C350802ACE33E5C7AC037FD, F376EE28D5183ABEA5BC96023C8D58F8DAF911D1204DB823094F899C5D2474B4 ] C:\Windows\System32\ntdll.dll
20:29:09.0714 0x0fdc  C:\Windows\System32\ntdll.dll - ok
20:29:09.0729 0x0fdc  [ A32BCAD9377E3B75D034CAFBA463A0AE, F504895D9C9CD1B4607806BCAF15A1CBFBAC2E5824903277A1350C9F35045602 ] C:\Windows\System32\drivers\atikmpag.sys
20:29:09.0729 0x0fdc  C:\Windows\System32\drivers\atikmpag.sys - ok
20:29:09.0745 0x0fdc  [ 387A1E98BE548E4F199343CBA01E9D6D, 4A2B66E5587BE0BDEC99C1EC758DB67F35D1988B1FCD916355D6473E3BCDD13E ] C:\Windows\System32\autochk.exe
20:29:09.0745 0x0fdc  C:\Windows\System32\autochk.exe - ok
20:29:09.0761 0x0fdc  [ FBB35875FEFE53D4280259842069ED72, B1A1B5799A6C50C244182CD201A1E9FCB7BE3B5ED4BB2E2E6BCF8E1BF53B75DB ] C:\Windows\System32\drivers\atikmdag.sys
20:29:09.0761 0x0fdc  C:\Windows\System32\drivers\atikmdag.sys - ok
20:29:09.0776 0x0fdc  [ 498288DD5CA42C2D36D125893E968C53, 03B62FA51F9195D77170DCEFF3A93A6898AA96FB610044DDAE83767DA12745C5 ] C:\Windows\System32\drivers\hdaudbus.sys
20:29:09.0776 0x0fdc  C:\Windows\System32\drivers\hdaudbus.sys - ok
20:29:09.0793 0x0fdc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
20:29:09.0793 0x0fdc  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
20:29:09.0809 0x0fdc  [ 32F2E6BAD9FA8E14B55E97280661801E, 5F0DAEE71A96262834759C897D3EE6F952978418A97F41B35E497D9A6A2E0E36 ] C:\Windows\System32\drivers\usbport.sys
20:29:09.0809 0x0fdc  C:\Windows\System32\drivers\usbport.sys - ok
20:29:09.0825 0x0fdc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] C:\Windows\System32\drivers\usbohci.sys
20:29:09.0825 0x0fdc  C:\Windows\System32\drivers\usbohci.sys - ok
20:29:09.0843 0x0fdc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] C:\Windows\System32\drivers\fastfat.sys
20:29:09.0843 0x0fdc  C:\Windows\System32\drivers\fastfat.sys - ok
20:29:09.0853 0x0fdc  [ 4875DC63E548812C75D4FDEF84970C89, 6A29306BAB6F95F0384E16533A9588A654A6E3CFC35D55A4CEB2B14EF34EEE19 ] C:\Windows\System32\drivers\usbfilter.sys
20:29:09.0853 0x0fdc  C:\Windows\System32\drivers\usbfilter.sys - ok
20:29:09.0869 0x0fdc  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] C:\Windows\System32\drivers\usbehci.sys
20:29:09.0869 0x0fdc  C:\Windows\System32\drivers\usbehci.sys - ok
20:29:09.0884 0x0fdc  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] C:\Windows\System32\drivers\i8042prt.sys
20:29:09.0885 0x0fdc  C:\Windows\System32\drivers\i8042prt.sys - ok
20:29:09.0897 0x0fdc  [ 882222A9961418A75A08CB68671679D5, 836E22C68E3BB08E612DA3680C772EB3AD94A30377D82CB35BFDE92493D5ED33 ] C:\Windows\System32\drivers\usbd.sys
20:29:09.0897 0x0fdc  C:\Windows\System32\drivers\usbd.sys - ok
20:29:09.0914 0x0fdc  [ 1C9BC67929C728DED1091CA19C3F7D41, 78C7EA28E339FCDBD74470938298E33AB41A14CEE967E1B82CE1D11C54594135 ] C:\Windows\System32\drivers\SynTP.sys
20:29:09.0914 0x0fdc  C:\Windows\System32\drivers\SynTP.sys - ok
20:29:09.0929 0x0fdc  [ 74B258D5896FC8F8256E8D03459AC2A2, B37DC91EA21A9E16DF4CA19099FA940063A690704E499D335F5104954E91715D ] C:\Windows\System32\lpk.dll
20:29:09.0930 0x0fdc  C:\Windows\System32\lpk.dll - ok
20:29:09.0945 0x0fdc  [ CC29613C244DA266D40DBACC108FEAB5, B92B10664D811EDF4A16A19AF01B0C5D9721748BDD2852B32F18DB9C9C267042 ] C:\Windows\System32\wow64cpu.dll
20:29:09.0945 0x0fdc  C:\Windows\System32\wow64cpu.dll - ok
20:29:09.0960 0x0fdc  [ AE7D8835A29FADB39C0D095BA32A9462, 93CAEC6A7069091F27573C8C93DB1B034DEBD955C24EAA68869D0331A7A890F0 ] C:\Windows\System32\shell32.dll
20:29:09.0960 0x0fdc  C:\Windows\System32\shell32.dll - ok
20:29:09.0976 0x0fdc  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] C:\Windows\System32\drivers\kbdclass.sys
20:29:09.0976 0x0fdc  C:\Windows\System32\drivers\kbdclass.sys - ok
20:29:09.0991 0x0fdc  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] C:\Windows\System32\drivers\mouclass.sys
20:29:09.0992 0x0fdc  C:\Windows\System32\drivers\mouclass.sys - ok
20:29:10.0008 0x0fdc  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] C:\Windows\System32\drivers\Rt630x64.sys
20:29:10.0008 0x0fdc  C:\Windows\System32\drivers\Rt630x64.sys - ok
20:29:10.0024 0x0fdc  [ 2C7676F892E88FD190F08D98048C7C6C, 44C13C103F61DA4D1A3823D37344F8C9465A611A9560808CE928925FB69604F7 ] C:\Windows\System32\drivers\athw8x.sys
20:29:10.0024 0x0fdc  C:\Windows\System32\drivers\athw8x.sys - ok
20:29:10.0040 0x0fdc  [ 1AEFA4B25F72772F131D760F664ED7E1, 13C4A554F34FBB54257EEA8832AAFB37453410B563D2589F9A533639D80B54C7 ] C:\Windows\System32\difxapi.dll
20:29:10.0040 0x0fdc  C:\Windows\System32\difxapi.dll - ok
20:29:10.0064 0x0fdc  [ 6AFE9D20019BA4C76188A458573F4461, B7E9C9E6FD59521672553947833AEC7BB84E6B1DFFD7E4850B64171EB67C7D7D ] C:\Windows\System32\combase.dll
20:29:10.0064 0x0fdc  C:\Windows\System32\combase.dll - ok
20:29:10.0078 0x0fdc  [ 332E5E35DE9E8175A9550501E57E0612, AA07A34F20225EE4619A7F1948DDD81EAC45BD499D9D2D1DCA979974FBB487F5 ] C:\Windows\System32\ole32.dll
20:29:10.0078 0x0fdc  C:\Windows\System32\ole32.dll - ok
20:29:10.0093 0x0fdc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] C:\Windows\System32\drivers\vwifibus.sys
20:29:10.0093 0x0fdc  C:\Windows\System32\drivers\vwifibus.sys - ok
20:29:10.0109 0x0fdc  [ A1D5FFEFDBEB3881EC3D74CC7136847F, B3D278267EF17CC6F2FAF92D3FE67734FB9689EDDFA2A78F620300409DA5D0BB ] C:\Windows\System32\drivers\RtsP2Stor.sys
20:29:10.0109 0x0fdc  C:\Windows\System32\drivers\RtsP2Stor.sys - ok
20:29:10.0120 0x0fdc  [ 99387C515F80270F097F6DD9B5315649, 01DBF3B69DCA897AD45271DF0DF96F3503274881800DAD36AB37FCE97167C6E5 ] C:\Windows\System32\drivers\battc.sys
20:29:10.0120 0x0fdc  C:\Windows\System32\drivers\battc.sys - ok
20:29:10.0131 0x0fdc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] C:\Windows\System32\drivers\CmBatt.sys
20:29:10.0132 0x0fdc  C:\Windows\System32\drivers\CmBatt.sys - ok
20:29:10.0147 0x0fdc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] C:\Windows\System32\drivers\wmiacpi.sys
20:29:10.0148 0x0fdc  C:\Windows\System32\drivers\wmiacpi.sys - ok
20:29:10.0163 0x0fdc  [ ABB7341766902F5AAB45E15F34D19E15, B9C1D2D5E7D781A4CEFF17BD5C8E4CBC586D00C4F8315892561EA52F4CB339D2 ] C:\Windows\System32\drivers\hidclass.sys
20:29:10.0163 0x0fdc  C:\Windows\System32\drivers\hidclass.sys - ok
20:29:10.0180 0x0fdc  [ 7FFB24B4A54B1ACD46CF6899D879CC9F, 7EBFADD2B35386226C69A21631A69FF82D66B855899C9B1CEE96987A3A64094D ] C:\Windows\System32\drivers\hidparse.sys
20:29:10.0180 0x0fdc  C:\Windows\System32\drivers\hidparse.sys - ok
20:29:10.0196 0x0fdc  [ DAF801153E8F33E13AB278332250D78A, 0F277DA63E8A058A474994CF3A8345DEA967B78E54F4F97FEC995499A1D541A0 ] C:\Windows\System32\drivers\WirelessButtonDriver64.sys
20:29:10.0196 0x0fdc  C:\Windows\System32\drivers\WirelessButtonDriver64.sys - ok
20:29:10.0211 0x0fdc  [ B65523C830308241407F6EBCC6484E70, 0045EE4010BF5FB60886F1B02EA73590BBEEED78CE4577989EE55B4BF2B74923 ] C:\Windows\System32\sechost.dll
20:29:10.0211 0x0fdc  C:\Windows\System32\sechost.dll - ok
20:29:10.0227 0x0fdc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] C:\Windows\System32\drivers\NdisVirtualBus.sys
20:29:10.0227 0x0fdc  C:\Windows\System32\drivers\NdisVirtualBus.sys - ok
20:29:10.0243 0x0fdc  [ 447CB6699A8EAD2BC516991738A16277, 1A58913C5A51B26FBB87AE26C34A0C9F2F4444D7F50CEF90635EDE17DBED77CC ] C:\Windows\System32\imagehlp.dll
20:29:10.0243 0x0fdc  C:\Windows\System32\imagehlp.dll - ok
20:29:10.0258 0x0fdc  [ 75428240F81D41B9F8F7CE5DDB07CA0F, B420AD4B2DE3C6222F86E2FDE7F8FAB73675D81E817CD81EAEFC7E8FD076E50B ] C:\Windows\System32\nsi.dll
20:29:10.0258 0x0fdc  C:\Windows\System32\nsi.dll - ok
20:29:10.0274 0x0fdc  [ D18EC2C83C2F773C9476A4FB0AA4C314, A8675D35C78E408FB3268B4A60E947EF42C1350A814167C3D5A6137A4CF3A0AD ] C:\Windows\System32\drivers\ks.sys
20:29:10.0274 0x0fdc  C:\Windows\System32\drivers\ks.sys - ok
20:29:10.0290 0x0fdc  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] C:\Windows\System32\drivers\swenum.sys
20:29:10.0290 0x0fdc  C:\Windows\System32\drivers\swenum.sys - ok
20:29:10.0306 0x0fdc  [ CFDEF7C849D5AFDB689473073B0EE82D, DFA9D516746FF563371F8614B386ACD3009C6297C812E2A13091109B059E7A8C ] C:\Windows\System32\comdlg32.dll
20:29:10.0306 0x0fdc  C:\Windows\System32\comdlg32.dll - ok
20:29:10.0320 0x0fdc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] C:\Windows\System32\drivers\rdpbus.sys
20:29:10.0321 0x0fdc  C:\Windows\System32\drivers\rdpbus.sys - ok
20:29:10.0335 0x0fdc  [ 5BCABCE516486337E39DDD005BCBB1CA, 6D04CF09BC3BA0B4917B30CBE11FEE0A4F6324BA6F177DB750AA02756B0A9FD4 ] C:\Windows\System32\GdiPlus.dll
20:29:10.0335 0x0fdc  C:\Windows\System32\GdiPlus.dll - ok
20:29:10.0351 0x0fdc  [ 561F1AB95F4F01C691BDABA5FD5C67FC, 4C6184C1A72B2F84BB1CA5A72F89CC44F9F37FF225D834EBCEFF26F820635BED ] C:\Windows\System32\advapi32.dll
20:29:10.0352 0x0fdc  C:\Windows\System32\advapi32.dll - ok
20:29:10.0363 0x0fdc  [ DACC0040F6BB7F524BAE1D653B9FC329, 1FD3FC4E7C7D3FADA6DA29D4CA4D8F124A23F3565CDAC92BDF987AD7B7EA89D7 ] C:\Windows\System32\Wldap32.dll
20:29:10.0364 0x0fdc  C:\Windows\System32\Wldap32.dll - ok
20:29:10.0374 0x0fdc  [ 7D7C2B72B81BABF192F1033460A3C434, 28B317BEBCC5EAA3A4694830637033CF7675CA2ABCE581908DC7D95991768218 ] C:\Windows\System32\msctf.dll
20:29:10.0374 0x0fdc  C:\Windows\System32\msctf.dll - ok
20:29:10.0390 0x0fdc  [ 9E2ABB0CAB26EBD775D968EAB1C1F6EC, C71BA2C89FDD1395BDD2E8C4F7B00C2CF0BE428EA8DF59945CDCC5575922BCA4 ] C:\Windows\System32\normaliz.dll
20:29:10.0390 0x0fdc  C:\Windows\System32\normaliz.dll - ok
20:29:10.0406 0x0fdc  [ 7CE4D5AB5626A26A6E6DFC7397179841, 871E24E52C58BBECB251083F1705261E7B3D3D8E017089FCD52D7582571B59F1 ] C:\Windows\System32\msvcrt.dll
20:29:10.0406 0x0fdc  C:\Windows\System32\msvcrt.dll - ok
20:29:10.0422 0x0fdc  [ E7F88B66FD5C0DA438371C998273FD0D, 674B6C08F58183949D775C5B2713A485F79AEBAAA86F8F67292576694C17F36C ] C:\Windows\System32\setupapi.dll
20:29:10.0422 0x0fdc  C:\Windows\System32\setupapi.dll - ok
20:29:10.0435 0x0fdc  [ 6F997D98C6A30D79C622811FBAB9119E, 730BD302DEF13201B7E197524F373CB2E422D167C8ACBE190F551F6AC153D13C ] C:\Windows\System32\ws2_32.dll
20:29:10.0436 0x0fdc  C:\Windows\System32\ws2_32.dll - ok
20:29:10.0451 0x0fdc  [ A4B86A08CEC7841895C817430CB76CE2, 1185171CDAB5373460EE225F5A2DBF7C89F5CFBEC19F2A02609F65241FFAD0DA ] C:\Windows\System32\clbcatq.dll
20:29:10.0451 0x0fdc  C:\Windows\System32\clbcatq.dll - ok
20:29:10.0466 0x0fdc  [ B7564AB4F8A12A16C568F256EC6C429B, DD4E34227A1227F10BFD2DF1BA40D3EEB905FF6E9FF4905BE3323102ACD45F28 ] C:\Windows\System32\psapi.dll
20:29:10.0466 0x0fdc  C:\Windows\System32\psapi.dll - ok
20:29:10.0482 0x0fdc  [ CEB069C882A0DFEDBE5C1590D44B1052, AF8AFB0B0F9818CCAD5C2EE336337A31FD9E8F8BE54569305904DFE82DB9414A ] C:\Windows\System32\user32.dll
20:29:10.0482 0x0fdc  C:\Windows\System32\user32.dll - ok
20:29:10.0497 0x0fdc  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] C:\Windows\System32\drivers\usbhub.sys
20:29:10.0497 0x0fdc  C:\Windows\System32\drivers\usbhub.sys - ok
20:29:10.0513 0x0fdc  [ 3103BBAB41F0C75BE6FA302439C9B9D6, CC0D62B5B5A0E6193B27CA7E3BCDD3E5FFB5F1EFDA97CE1EB76FCA7D1B159FEF ] C:\Windows\System32\drivers\drmk.sys
20:29:10.0513 0x0fdc  C:\Windows\System32\drivers\drmk.sys - ok
20:29:10.0529 0x0fdc  [ 8685379B82AC81187813225905531D1E, 9220153F68B58DF79B5847F53C9275CAD0BF1E47151EEA0C21BC55489DC2042C ] C:\Windows\System32\drivers\portcls.sys
20:29:10.0529 0x0fdc  C:\Windows\System32\drivers\portcls.sys - ok
20:29:10.0545 0x0fdc  [ 506907D2E7F3A5B67DBD39C00A788B7C, 618C91FB9F49C69F88A993F164D7E9E4B7CAD0F34DCF77CF0C6F259A28448171 ] C:\Windows\System32\drivers\AtihdW86.sys
20:29:10.0545 0x0fdc  C:\Windows\System32\drivers\AtihdW86.sys - ok
20:29:10.0561 0x0fdc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] C:\Windows\System32\drivers\ksthunk.sys
20:29:10.0561 0x0fdc  C:\Windows\System32\drivers\ksthunk.sys - ok
20:29:10.0577 0x0fdc  [ C2F868881D48A568B525255F084EF063, EFB1704AE223CF886EDA5F1411C8178EDE4B5E1F7EE373E3DA89A6EA1A57D91D ] C:\Windows\System32\drivers\RTKVHD64.sys
20:29:10.0577 0x0fdc  C:\Windows\System32\drivers\RTKVHD64.sys - ok
20:29:10.0590 0x0fdc  [ 905A32D35E8CC1F08F040F77B03697FF, CA1B6E1B52E9DA5977C5105C28E3FA5142B4CBF16391B532A6037B396A2F7884 ] C:\Windows\System32\shlwapi.dll
20:29:10.0590 0x0fdc  C:\Windows\System32\shlwapi.dll - ok
20:29:10.0606 0x0fdc  [ CFCDAAA210D62B277A2183F62FEE068F, 47450EAB0FBCBC24AEEBBAFB392D312B63DDF8F8D762ACB0C09F4143673EC284 ] C:\Windows\System32\rpcrt4.dll
20:29:10.0606 0x0fdc  C:\Windows\System32\rpcrt4.dll - ok
20:29:10.0622 0x0fdc  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] C:\Windows\System32\drivers\usbccgp.sys
20:29:10.0622 0x0fdc  C:\Windows\System32\drivers\usbccgp.sys - ok
20:29:10.0631 0x0fdc  [ 18F744E8CCEB2670040EBAF7AD77B8C6, C5E2DF4EA0D946B4DA67DE29FA9D0F079DED35EC59B98E532C4C2D5F8E86DA0A ] C:\Windows\System32\drivers\usbvideo.sys
20:29:10.0632 0x0fdc  C:\Windows\System32\drivers\usbvideo.sys - ok
20:29:10.0647 0x0fdc  [ 8DB8EAB9D0C6A5DF0BDCADEA239220B4, EDA23E6909EB83E5E148816DFB16CC29EA01BD6BD2F73AA46B3D820B85FB9C83 ] C:\Windows\System32\drivers\hidusb.sys
20:29:10.0647 0x0fdc  C:\Windows\System32\drivers\hidusb.sys - ok
20:29:10.0663 0x0fdc  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] C:\Windows\System32\drivers\mouhid.sys
20:29:10.0663 0x0fdc  C:\Windows\System32\drivers\mouhid.sys - ok
20:29:10.0679 0x0fdc  [ 4983684E2DDB7B617AA8EA94E037360F, B77720623D78D5BE64D041D4EC49E259C658D2637B3E1D778B8F6FA447B0BEBB ] C:\Windows\System32\imm32.dll
20:29:10.0679 0x0fdc  C:\Windows\System32\imm32.dll - ok
20:29:10.0694 0x0fdc  [ F3523E611AB0B0977B048263A12DCF2A, 85243102F253AD4FB3E593A4BC2E3801256995F9E1E2FCA28B28B1E326D57BEC ] C:\Windows\System32\kernel32.dll
20:29:10.0694 0x0fdc  C:\Windows\System32\kernel32.dll - ok
20:29:10.0709 0x0fdc  [ A4948EA65E584A88BE09029DB49E4D70, C95F0BFB5164D268758AC7C603E90F5EA77BF0DF7DBF688EE3A84CA05B09EFAF ] C:\Windows\System32\gdi32.dll
20:29:10.0709 0x0fdc  C:\Windows\System32\gdi32.dll - ok
20:29:10.0725 0x0fdc  [ 48EBD5B3241D2324A92BA8EB993B2076, D4714B0913F5A4E79A6302A8C849B7948277ACB1C2A6353C1D86D01D53D55B0C ] C:\Windows\System32\oleaut32.dll
20:29:10.0725 0x0fdc  C:\Windows\System32\oleaut32.dll - ok
20:29:10.0740 0x0fdc  [ D04D884242F02CC02E9264A4DBF532DB, 9240087846AB1975F7DFABD1A143E26A2F587CE8B8CD28C64CC448FAE2366036 ] C:\Windows\System32\wow64win.dll
20:29:10.0741 0x0fdc  C:\Windows\System32\wow64win.dll - ok
20:29:10.0756 0x0fdc  [ FADE737DEAFE3BF4CFC151AD0F548A47, D8E58838F966E69507EA60B3F2B15B088FA70F6A9536F5C8D7CA2794FD481894 ] C:\Windows\System32\wow64.dll
20:29:10.0756 0x0fdc  C:\Windows\System32\wow64.dll - ok
20:29:10.0772 0x0fdc  [ 8D2DF744C20A8960C022BF71505D3B45, CF29FDDA58CD2A30EEDFC44E7E8D8D2C378330CC71930A0BB65652AE7AD76B8B ] C:\Windows\System32\cfgmgr32.dll
20:29:10.0772 0x0fdc  C:\Windows\System32\cfgmgr32.dll - ok
20:29:10.0786 0x0fdc  [ B0630FEE31D7A9B73E49A2F31CF61C1C, 4BF013BB13407F3450BB6354D2A5B31FD12BAD25A79BC362C9DC8E4BA056DCD2 ] C:\Windows\System32\KernelBase.dll
20:29:10.0786 0x0fdc  C:\Windows\System32\KernelBase.dll - ok
20:29:10.0803 0x0fdc  [ 88ACBA95BB55B8226D52117462B76CD4, 0E1D19A202D664B8600D69E17C0A3DA659917474ECC2D6CD813AB9A326E5F649 ] C:\Windows\System32\wintrust.dll
20:29:10.0803 0x0fdc  C:\Windows\System32\wintrust.dll - ok
20:29:10.0814 0x0fdc  [ 980CDCBF3EDB80CA20921F2C88260406, 48CBFB7B8DB7A6B5F268D94D28D19711E93EE4E54415921AE233B66BEADAB9D0 ] C:\Windows\System32\comctl32.dll
20:29:10.0815 0x0fdc  C:\Windows\System32\comctl32.dll - ok
20:29:10.0830 0x0fdc  [ 6EFAF0D87291F9FBD7C0ED3BD56511AA, 039895A75791F7107B98428EAA797D240E1A160312DC841973F8D9D1DC4D30E8 ] C:\Windows\System32\crypt32.dll
20:29:10.0830 0x0fdc  C:\Windows\System32\crypt32.dll - ok
20:29:10.0850 0x0fdc  [ 7DA935827BC3F48AE146BA4B2755F1AD, BB5A9394BFCEAB681BDA3A32C9F5E6222BE4FA8D0D70BA9639FBA722F4D7B2C5 ] C:\Windows\System32\msasn1.dll
20:29:10.0850 0x0fdc  C:\Windows\System32\msasn1.dll - ok
20:29:10.0865 0x0fdc  [ 32F9650CD23F6F36706E9EA23ECCF484, 742C036C9018CCAE53719D50E3AAFDED2088C8EA67CE59595B7AA575BD116B06 ] C:\Windows\SysWOW64\lpk.dll
20:29:10.0865 0x0fdc  C:\Windows\SysWOW64\lpk.dll - ok
20:29:10.0875 0x0fdc  [ 00542019B2969529C5E9C68C83BD6F88, A5EA5B5DD71A05E16CA6E32622825D415FF1BEE2A9C5DA7F4B8A8065EDEAAE36 ] C:\Windows\SysWOW64\normaliz.dll
20:29:10.0875 0x0fdc  C:\Windows\SysWOW64\normaliz.dll - ok
20:29:10.0891 0x0fdc  [ 83E3C080E9B0E0677DBCDF9D7F434166, 2A30E0DB1B58DE46EFD3F326F0ECFB6F08BE77EB791EB9E287D6529218FB2B88 ] C:\Windows\System32\win32k.sys
20:29:10.0891 0x0fdc  C:\Windows\System32\win32k.sys - ok
20:29:10.0906 0x0fdc  [ 885901A37E73FA25F3F87A848BA8033F, 4335F74947E1C4FC8442E62D2BC61264D0019030F2F2D2E5D4D668548A411B01 ] C:\Windows\System32\csrsrv.dll
20:29:10.0906 0x0fdc  C:\Windows\System32\csrsrv.dll - ok
20:29:10.0922 0x0fdc  [ B2D3F07F5E8A13AF988A8B3C0A800880, CB41E9D0E8107AA9337DBD1C56F22461131AD0952A2472B4477E2649D16ECB15 ] C:\Windows\System32\csrss.exe
20:29:10.0922 0x0fdc  C:\Windows\System32\csrss.exe - ok
20:29:10.0936 0x0fdc  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\System32\basesrv.dll
20:29:10.0938 0x0fdc  C:\Windows\System32\basesrv.dll - ok
20:29:10.0951 0x0fdc  [ 00DD4D2ACC2E72155A8AAA82018BEC0D, 9D7CA68B4A81240477FCC85A3CC11EF986093F9D6228A6C5AC608EDAD664068C ] C:\Windows\System32\winsrv.dll
20:29:10.0951 0x0fdc  C:\Windows\System32\winsrv.dll - ok
20:29:10.0966 0x0fdc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] C:\Windows\System32\drivers\monitor.sys
20:29:10.0967 0x0fdc  C:\Windows\System32\drivers\monitor.sys - ok
20:29:10.0982 0x0fdc  [ 8D3421127B05432B743719C239ABF80F, 51BB0D8B68FB8AD9CF47DFB452DA633670D0B0183B912F512E807D92D2255517 ] C:\Windows\System32\tsddd.dll
20:29:10.0982 0x0fdc  C:\Windows\System32\tsddd.dll - ok
20:29:10.0997 0x0fdc  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\System32\sxssrv.dll
20:29:10.0997 0x0fdc  C:\Windows\System32\sxssrv.dll - ok
20:29:11.0013 0x0fdc  [ 48CFA7BE561A7BE144C29BB912055016, 64BE1AFD9F55C2BD636914D1F808AD209C68BF97AA3D0B73568C2C1E48BE2800 ] C:\Windows\System32\wininit.exe
20:29:11.0013 0x0fdc  C:\Windows\System32\wininit.exe - ok
20:29:11.0029 0x0fdc  [ 8ED638461EFFCF584AF5A8C291A2F9DF, C8414D68E423D345212E90524897B781B944034C385123DED4ACA508FADDD11E ] C:\Windows\System32\profapi.dll
20:29:11.0029 0x0fdc  C:\Windows\System32\profapi.dll - ok
20:29:11.0042 0x0fdc  [ 55D0BC5BA19B1BA3A82F75A33828BCC0, D30254D004A13746377D1554961C11BF3B5D7F06E361993D6FF396741A281D31 ] C:\Windows\System32\wininitext.dll
20:29:11.0042 0x0fdc  C:\Windows\System32\wininitext.dll - ok
20:29:11.0058 0x0fdc  [ 14BEA911F78B44E47CBD18210E541A43, 49228F2B8757D7FD12011E86B963DCE177CE330EE208BE9528386A386983362C ] C:\Windows\System32\cdd.dll
20:29:11.0058 0x0fdc  C:\Windows\System32\cdd.dll - ok
20:29:11.0073 0x0fdc  [ A7B9FCF37B64E878310EC62E6DCB9059, 44B1DB4BBE1F054FDEA79C6F8B7A97B300E21304F28471E96132D23AD2F6DAB6 ] C:\Windows\System32\KBDUS.DLL
20:29:11.0073 0x0fdc  C:\Windows\System32\KBDUS.DLL - ok
20:29:11.0089 0x0fdc  [ BC18914CB16B0A7BF5D103A65359FAE4, 3CFD06E3B377CA9E777C8D6C7E77B5CC914EC60D8EF8D7B50F0505F48834B4D9 ] C:\Windows\System32\WlS0WndH.dll
20:29:11.0089 0x0fdc  C:\Windows\System32\WlS0WndH.dll - ok
20:29:11.0105 0x0fdc  [ BCECD25BCFFE2FC4498374BF2E572DBE, E8DF45593BBD7D9387EE127DC9CDFCB9695723D0AC47F9A615CB7203ACC8F190 ] C:\Windows\System32\sxs.dll
20:29:11.0105 0x0fdc  C:\Windows\System32\sxs.dll - ok
20:29:11.0119 0x0fdc  [ 306EB21E5B480AE9065EA55AC8C35936, 50088738F54E9F7903DBD3E3C97E72B049C96025CD539523062D4FB0DA61C612 ] C:\Windows\System32\winlogon.exe
20:29:11.0119 0x0fdc  C:\Windows\System32\winlogon.exe - ok
20:29:11.0130 0x0fdc  [ B83B06508CADBC204B3DAEECC395A571, 10045637ABA4EF52F93602F5F78E8A50F2C2D9B2E646D0D0CC91E684C2AD1030 ] C:\Windows\System32\cryptbase.dll
20:29:11.0130 0x0fdc  C:\Windows\System32\cryptbase.dll - ok
20:29:11.0146 0x0fdc  [ CBFC4C292C125A86DA4D2BC831CD4634, D6EE5E0B1909C7D745BFB7FE0C72458B8C1A1487BF4144BC85ADD26100B91975 ] C:\Windows\System32\bcryptprimitives.dll
20:29:11.0146 0x0fdc  C:\Windows\System32\bcryptprimitives.dll - ok
20:29:11.0162 0x0fdc  [ 833D2DE53608A1C5B9DD71C867718448, E2BF767339E66053270B269C4D30CAAC2A9695F1BB95031D6EEA6EA62F696211 ] C:\Windows\System32\powrprof.dll
20:29:11.0162 0x0fdc  C:\Windows\System32\powrprof.dll - ok
20:29:11.0178 0x0fdc  [ 04F8A9CC544B08634EC932E017434457, FFA322DAB1C2FB6C56EF413210CBC4DF0981D9CE301F67A67DE38DE7CCEFB17E ] C:\Windows\System32\winlogonext.dll
20:29:11.0178 0x0fdc  C:\Windows\System32\winlogonext.dll - ok
20:29:11.0193 0x0fdc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] C:\Windows\System32\lsass.exe
20:29:11.0194 0x0fdc  C:\Windows\System32\lsass.exe - ok
20:29:11.0209 0x0fdc  [ 067CB90C277DB4A737D5DEABA3055972, C681BF013170F2D92A3FC4D783FC3F200CDC0C8173373B7ECC27FCF32A03CCBD ] C:\Windows\System32\services.exe
20:29:11.0209 0x0fdc  C:\Windows\System32\services.exe - ok
20:29:11.0224 0x0fdc  [ 0D85B43A59FB7A63782F6A8969B5BB43, 8B6C5BDC6DCDFE3A060D5147AE2DA40CC47009160E9667A68701A83246A4850C ] C:\Windows\System32\sspisrv.dll
20:29:11.0224 0x0fdc  C:\Windows\System32\sspisrv.dll - ok
20:29:11.0240 0x0fdc  [ 652D7E7BC8D6A909480FF2BBD0E46210, 9871C9EBA42B9385A62C20AB23AE6A99ADB8D2043E85083454482075611AA510 ] C:\Windows\System32\sspicli.dll
20:29:11.0240 0x0fdc  C:\Windows\System32\sspicli.dll - ok
20:29:11.0257 0x0fdc  [ 7A5CCEC20CF6AA21FF7CC51C0AEBF648, 8D03F0573B0ACC1776A7BC85FA88EFB43AF7C9E3EC1EEAA4AD8EB3ABA3E797E5 ] C:\Windows\System32\dabapi.dll
20:29:11.0257 0x0fdc  C:\Windows\System32\dabapi.dll - ok
20:29:11.0267 0x0fdc  [ 61BAE7A83A8650CFC976E8242CE2E4DE, 4277EB563DCE5882D7BF0913082A02E5B6797EDF9CC35BF30951AB1CF1B47B99 ] C:\Windows\System32\EventAggregation.dll
20:29:11.0267 0x0fdc  C:\Windows\System32\EventAggregation.dll - ok
20:29:11.0283 0x0fdc  [ 1B0FCDBFDA0AD5DFCE2D99832BAAF5EC, 10C4613831A829680106468924A7C5DCB36B8A5A4F5A22EB3149D0C79A30920F ] C:\Windows\System32\scext.dll
20:29:11.0283 0x0fdc  C:\Windows\System32\scext.dll - ok
20:29:11.0298 0x0fdc  [ AA9973F611039A02C8D1F71A65F8C775, 2CFCE559BED5BE35B1970DF544E0606AF6559E02EF8381BA09270ED5FB8E1BF5 ] C:\Windows\System32\srvcli.dll
20:29:11.0298 0x0fdc  C:\Windows\System32\srvcli.dll - ok
20:29:11.0313 0x0fdc  [ C3028569F244470F3D54026884E16E06, CEED78A46DB2977DD617C68414B2362AD3E818D9652C35FA7C58460A80D6BE2B ] C:\Windows\System32\lsasrv.dll
20:29:11.0313 0x0fdc  C:\Windows\System32\lsasrv.dll - ok
20:29:11.0329 0x0fdc  [ 13E04B8546D3F0D9533DA880A3357F12, F38A7F63E7D0D4AD61A575E874FE20EDF6DF8CAEC683441D2CC02A17BF3EF409 ] C:\Windows\System32\SPInf.dll
20:29:11.0329 0x0fdc  C:\Windows\System32\SPInf.dll - ok
20:29:11.0345 0x0fdc  [ 59245D8023A7C5D192C2ED7A1BD80F36, 6537220FC5E1D58575E4041BEC5C16E7A17B9CC749A57A1BDAAAF5B9A770D1CD ] C:\Windows\System32\samsrv.dll
20:29:11.0345 0x0fdc  C:\Windows\System32\samsrv.dll - ok
20:29:11.0360 0x0fdc  [ F56ACDD6374CAFC64E8339D387CB70E4, 59DFA1C33BFBE53C73B6F384816B0BA95F7C39A028B3EC1E9830B6F4DB1EC880 ] C:\Windows\System32\bcrypt.dll
20:29:11.0360 0x0fdc  C:\Windows\System32\bcrypt.dll - ok
20:29:11.0375 0x0fdc  [ BED41BC388BAF9D31152E9B0B4F88360, 2017B8D8F6A240E2940D7EC4ED39340F3A2B75464E22A4DFDEB2A46F17AB75C6 ] C:\Windows\System32\ncrypt.dll
20:29:11.0375 0x0fdc  C:\Windows\System32\ncrypt.dll - ok
20:29:11.0384 0x0fdc  [ 5AF14A9AEB3092F4304F5E5EC4328B67, 27D3C53087A952882CEEB66F02684863478D7BE96609095966546DD16115B62D ] C:\Windows\System32\ntasn1.dll
20:29:11.0384 0x0fdc  C:\Windows\System32\ntasn1.dll - ok
20:29:11.0400 0x0fdc  [ FF6AE8D9D0F0264656DC55C7F60C1EE5, 0D2275B424D72207ADFBFBAC37A6D1FE4B410C953DA03178B8BA395025B915EE ] C:\Windows\System32\msprivs.dll
20:29:11.0400 0x0fdc  C:\Windows\System32\msprivs.dll - ok
20:29:11.0415 0x0fdc  [ EECF7FE667129D5B52B1CCD54CB9EEF2, D01B2FCBF400AD3250CBE5467F3B42BD1DEC319E9E4CD013A098DDABC83ACDE7 ] C:\Windows\System32\netjoin.dll
20:29:11.0415 0x0fdc  C:\Windows\System32\netjoin.dll - ok
20:29:11.0431 0x0fdc  [ 7D4665483FF800B8972E517748726AB6, 9F1DF7095B4A1038DD33F808426AAB246ABD5FC61B60EEC473C63E8C3286E97B ] C:\Windows\System32\negoexts.dll
20:29:11.0431 0x0fdc  C:\Windows\System32\negoexts.dll - ok
20:29:11.0446 0x0fdc  [ 853037685DDFA140E8386BA66A096BF8, 0CA7E08FDDB210F6F4DC423331D275220191F1664387450661F4B18605A1904F ] C:\Windows\System32\cryptdll.dll
20:29:11.0446 0x0fdc  C:\Windows\System32\cryptdll.dll - ok
20:29:11.0462 0x0fdc  [ 7CDB6060224CFAD4D5AC49FFC5414F41, 2FDFD85E7B25069B077DD089D8DEBCBE8BDC3B118758B4BB4B9BF960F9365AA2 ] C:\Windows\System32\kerberos.dll
20:29:11.0462 0x0fdc  C:\Windows\System32\kerberos.dll - ok
20:29:11.0478 0x0fdc  [ 51DA757F8E4B7FB3DCB14184304C9328, 40181110E080C5D3B370D4F04DF0AB759FDC63073177AB972F6E6297A8FFFEAA ] C:\Windows\System32\cryptsp.dll
20:29:11.0478 0x0fdc  C:\Windows\System32\cryptsp.dll - ok
20:29:11.0490 0x0fdc  [ 896B307E803430F67EC772807F9CC023, 84EA5BAF8824631C28BFF0FEDF41A4B78F9C63E376D0CB01121177DF0D728397 ] C:\Windows\System32\mswsock.dll
20:29:11.0491 0x0fdc  C:\Windows\System32\mswsock.dll - ok
20:29:11.0506 0x0fdc  [ A41455649982EE080BE5CA8A72153808, 2C86808D30875C83CBE7F1D34834349D5BD429DFBCA8BD17B7ED4E8E75735FF7 ] C:\Windows\System32\winsta.dll
20:29:11.0506 0x0fdc  C:\Windows\System32\winsta.dll - ok
20:29:11.0522 0x0fdc  [ 53DC027553EB54B3F84B07122DEEE0CC, F6DDCA5EA12E2E79BBD3A59991A66486D54C82FA94348FDA1B1E6B19BF22B2B8 ] C:\Windows\System32\msv1_0.dll
20:29:11.0522 0x0fdc  C:\Windows\System32\msv1_0.dll - ok
20:29:11.0538 0x0fdc  [ 2468C21E34C49E4735B4BA430D448E91, B750294EB5076D44B814E01425594D33A281B2ED218997B1AFC2C9047CC95EB3 ] C:\Windows\System32\netlogon.dll
20:29:11.0539 0x0fdc  C:\Windows\System32\netlogon.dll - ok
20:29:11.0552 0x0fdc  [ B7E51F949ED8C3A75C1D3121AF9A4B6C, 6472E85CDB4D0FD393BEEFF48A41781317180D224DFD114A359FA1AE2648C69E ] C:\Windows\System32\dnsapi.dll
20:29:11.0552 0x0fdc  C:\Windows\System32\dnsapi.dll - ok
20:29:11.0569 0x0fdc  [ 66385FE1DDCEA70EDFB25F57C8507D7B, A32A2D23E6AE228CCE37302DB78B461811CBA3A00096F3EA07900B8ACA4A6997 ] C:\Windows\System32\logoncli.dll
20:29:11.0569 0x0fdc  C:\Windows\System32\logoncli.dll - ok
20:29:11.0584 0x0fdc  [ 16E9AD0F7A34C4F071E40CDD76E7C86D, D3846459CCD934642EB797D26EB4DC7B56D9939B39C9771969F9D16E75547FEB ] C:\Windows\System32\userenv.dll
20:29:11.0584 0x0fdc  C:\Windows\System32\userenv.dll - ok
20:29:11.0599 0x0fdc  [ 40B10EAB69F4087C60DC21B5C92A4702, D73A9C7D32383BDF305E1B0D9DDEC01CE8CBCC6F867FE31697A01E02A0576891 ] C:\Windows\System32\TSpkg.dll
20:29:11.0599 0x0fdc  C:\Windows\System32\TSpkg.dll - ok
20:29:11.0615 0x0fdc  [ C51CF4D9DA57EA894967752090F6E2CF, 0040F439FAFD4DAA6DE1CE653CD79BFAB147C4BF6476BC85BC5BA8402A6632E8 ] C:\Windows\System32\pku2u.dll
20:29:11.0615 0x0fdc  C:\Windows\System32\pku2u.dll - ok
20:29:11.0630 0x0fdc  [ D617071B11C99CFE5C4BD0FD82C0609C, BA1107A301771E0060FAC32590FA4F126E271D1780F1C6E742FDBFD0F5F65875 ] C:\Windows\System32\livessp.dll
20:29:11.0630 0x0fdc  C:\Windows\System32\livessp.dll - ok
20:29:11.0640 0x0fdc  [ 4CB3F50D37FD6CF3282D018011FE6E87, FF95089CF9F00C0127DC32B9643BC09AD2D9891803A7873B18E77667C67F7BBD ] C:\Windows\System32\rsaenh.dll
20:29:11.0640 0x0fdc  C:\Windows\System32\rsaenh.dll - ok
20:29:11.0656 0x0fdc  [ 45E4A2FADA3579F6DC68F2A0998C3419, 804DC0E59DA78591D6598A0ED3125A8F4A04C84E85FBB55BDC05D2E859FD8121 ] C:\Windows\System32\wdigest.dll
20:29:11.0657 0x0fdc  C:\Windows\System32\wdigest.dll - ok
20:29:11.0672 0x0fdc  [ 8F8356461CE4BF9CFBC8C31A9B118237, 12138F60FDBE6E176ACD61EB5D96421977A49EDCBECAD63674828445DD3FECDF ] C:\Windows\System32\schannel.dll
20:29:11.0672 0x0fdc  C:\Windows\System32\schannel.dll - ok
20:29:11.0688 0x0fdc  [ 995F43F02C9C99A895A72AAF8310CFE1, F2920363861198AF90C084384F91C4CA20A1E00AF81268E93ABA74C482564D9C ] C:\Windows\System32\dpapisrv.dll
20:29:11.0688 0x0fdc  C:\Windows\System32\dpapisrv.dll - ok
20:29:11.0702 0x0fdc  [ 5EBAF77D01D75CAFEF78B47840C75569, 29E2CC1E434BB35698E90C3E78B68E774EF511108EF8EC5A1D500BBF0819123B ] C:\Windows\System32\efslsaext.dll
20:29:11.0702 0x0fdc  C:\Windows\System32\efslsaext.dll - ok
20:29:11.0714 0x0fdc  [ 700BB3365D04B1606A03FB1D6B19C138, F784DA339E5AE4F4C7CF73C4FC745F178FB8352D686567FE0FA1EE797D95CB4F ] C:\Windows\System32\credssp.dll
20:29:11.0714 0x0fdc  C:\Windows\System32\credssp.dll - ok
20:29:11.0730 0x0fdc  [ 7172D44ED18787964B43146863466672, E87A98746079081395AD9BA2E7C048C470A5265A03182C542A4B9CF5B36A07C9 ] C:\Windows\System32\scesrv.dll
20:29:11.0730 0x0fdc  C:\Windows\System32\scesrv.dll - ok
20:29:11.0746 0x0fdc  [ 1F1B8D07708E40E54C55B392C78ECCE2, 965AC70B88E49B832204BA3710F5798FEAC08BBB794A079CC32035C326AB57A4 ] C:\Windows\System32\scecli.dll
20:29:11.0746 0x0fdc  C:\Windows\System32\scecli.dll - ok
20:29:11.0762 0x0fdc  [ 1A74CE3B49A227D0189712D9886D7772, 75DD245EF26DBDD430E65A894D1DFB4F15674F208E812005049DFFD9528C45E3 ] C:\Windows\System32\authz.dll
20:29:11.0762 0x0fdc  C:\Windows\System32\authz.dll - ok
20:29:11.0777 0x0fdc  [ 296823744D624E98A46759AD58911FC3, DFB6E863CB492E76AC970FC94BDF7DD1500D319B5DB52B5A7BD8F977EEA07E6E ] C:\Windows\System32\netutils.dll
20:29:11.0777 0x0fdc  C:\Windows\System32\netutils.dll - ok
20:29:11.0792 0x0fdc  [ E4CA434F251681590D0538BC21C32D2F, 99E7587D1744BF62086FEB06A778CF3966199F1CC2DFB91FDA53A9166A2A3AEC ] C:\Windows\System32\svchost.exe
20:29:11.0792 0x0fdc  C:\Windows\System32\svchost.exe - ok
20:29:11.0808 0x0fdc  [ BC6849C62DB407573C6AD8CB1A4D2628, 5BDE0D60F85E4C27CEAD1B301155B54D841FB773BD5BB8AC5DDAEE31F8E94627 ] C:\Windows\System32\umpnpmgr.dll
20:29:11.0808 0x0fdc  C:\Windows\System32\umpnpmgr.dll - ok
20:29:11.0823 0x0fdc  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] C:\Windows\System32\umpo.dll
20:29:11.0823 0x0fdc  C:\Windows\System32\umpo.dll - ok
20:29:11.0839 0x0fdc  [ 9FF64147DB9078337C15F41A6043C74F, 79ADBEE555855E9B27A30091632AB4EDECAD9E243CA7D533C437657FC329CCA6 ] C:\Windows\System32\umpoext.dll
20:29:11.0839 0x0fdc  C:\Windows\System32\umpoext.dll - ok
20:29:11.0857 0x0fdc  [ 7B12172CCE581F76C9335D7A47E0AD50, C236F4E61B021F0E37E9EDBA6752F499DB85F9023B4E1800ACE74AC450F7BCE6 ] C:\Windows\System32\gpapi.dll
20:29:11.0858 0x0fdc  C:\Windows\System32\gpapi.dll - ok
20:29:11.0873 0x0fdc  [ 85936A752E6BBE740D9FCF156E1AC5E1, 45C71EB035AA246A6774DB784F01DEA73285909805CBA42FC4B9616D69ADB8A8 ] C:\Windows\System32\hid.dll
20:29:11.0873 0x0fdc  C:\Windows\System32\hid.dll - ok
20:29:11.0889 0x0fdc  [ 45F36BBDFD50134488ECA96BB9231818, A02BAA2F6FA640E4FCE55A126EC983A03A406FE329134524D3BDDB6C1B32C7CF ] C:\Windows\System32\pcwum.dll
20:29:11.0889 0x0fdc  C:\Windows\System32\pcwum.dll - ok
20:29:11.0898 0x0fdc  [ 81979817943D830BF24571B7C1B28A1A, 9584D8F1FB3E6CF17BD465670B208C723A8E8B06775A3DA44F75D7710404EEA6 ] C:\Windows\System32\rpcss.dll
20:29:11.0898 0x0fdc  C:\Windows\System32\rpcss.dll - ok
20:29:11.0913 0x0fdc  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] C:\Windows\System32\RpcEpMap.dll
20:29:11.0914 0x0fdc  C:\Windows\System32\RpcEpMap.dll - ok
20:29:11.0929 0x0fdc  [ 0D86DEB93CC1D2B32CAF658439350241, 77E04DA09A6B59BCAA04BC8B99F56EF2F8A9C18C3A030A93C2934A5DAFC3F10C ] C:\Windows\System32\RpcRtRemote.dll
20:29:11.0929 0x0fdc  C:\Windows\System32\RpcRtRemote.dll - ok
20:29:11.0942 0x0fdc  [ F2559A492AF8D653D1F47ADABA4C3E97, 77347915FB433023769699DFC9511F54E69C7FC7AB75F57FDC1A58E64A7126DE ] C:\Windows\System32\bisrv.dll
20:29:11.0942 0x0fdc  C:\Windows\System32\bisrv.dll - ok
20:29:11.0958 0x0fdc  [ 3260D5308DD9AE069FE4881D65389A84, 22150707B4606964F9008A1734BD885D2824B2E1515D073729427049FA6B999C ] C:\Windows\System32\FirewallAPI.dll
20:29:11.0959 0x0fdc  C:\Windows\System32\FirewallAPI.dll - ok
20:29:11.0974 0x0fdc  [ E804E9734A493A01316F209BA99F1F48, 028741BA864F6F4AD473C53C1F6389F1EB304F1C11159575022EC3E41AD659DF ] C:\Windows\System32\psmsrv.dll
20:29:11.0975 0x0fdc  C:\Windows\System32\psmsrv.dll - ok
20:29:11.0990 0x0fdc  [ 8EBB271E4588D835784A3FF7E80076A8, A508BE95F6F5063A76F4C8726D9425BB1F00DE803EFE73A0BE145DD9AB82FF0A ] C:\Windows\System32\lsm.dll
20:29:11.0990 0x0fdc  C:\Windows\System32\lsm.dll - ok
20:29:12.0005 0x0fdc  [ 9A1175EF7B9E297FDC0ADD33783EF8FF, 0FC1A3942E0F3F1B5FBA09598247FCB073150D485B25C4784710904A392B6CCD ] C:\Windows\System32\sysntfy.dll
20:29:12.0006 0x0fdc  C:\Windows\System32\sysntfy.dll - ok
20:29:12.0021 0x0fdc  [ E55B850489F154F85110AE3B436A40D6, BF783B6EEDED6DE52F3C3217EEBF3B43A8A1FA549EC182EC52915011CB83FE55 ] C:\Windows\System32\wmsgapi.dll
20:29:12.0021 0x0fdc  C:\Windows\System32\wmsgapi.dll - ok
20:29:12.0035 0x0fdc  [ 5B19A3ED994EB972FBD99AC18D0AEA13, 5764DA74BB394013087AEFFD271C306207F98049B633352CB9F52C3805539826 ] C:\Windows\System32\devobj.dll
20:29:12.0035 0x0fdc  C:\Windows\System32\devobj.dll - ok
20:29:12.0051 0x0fdc  [ 48385DE15FCE72342DAC5A6AC518AB7E, 8AC37BB958AF4AAB07DAB261193BDAC4C914D1BC01FAB1639D00E8F92C7B1468 ] C:\Windows\System32\UXInit.dll
20:29:12.0051 0x0fdc  C:\Windows\System32\UXInit.dll - ok
20:29:12.0066 0x0fdc  [ 561A97E82FA0645CB786C19B8D442C31, 74671D2827E586C33C91B0B77268CE558F3B29CE11D9966EDFD73A7C0C58ACD6 ] C:\Windows\System32\uxtheme.dll
20:29:12.0066 0x0fdc  C:\Windows\System32\uxtheme.dll - ok
20:29:12.0081 0x0fdc  [ 0D50F3C3D50B878CEAE21B9BE3F6A638, BF0B1A5D4CEA656695FFB45D930F6ADD63519AEAE9F8AED21E4E50708FE5E84C ] C:\Windows\System32\kernel.appcore.dll
20:29:12.0082 0x0fdc  C:\Windows\System32\kernel.appcore.dll - ok
20:29:12.0129 0x0fdc  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] C:\Windows\System32\SystemEventsBrokerServer.dll
20:29:12.0129 0x0fdc  C:\Windows\System32\SystemEventsBrokerServer.dll - ok
20:29:12.0146 0x0fdc  [ CD45E3FE736150D45EFDC9145DA53757, 8E04D55117A6D44AF51528413DC0AAF347FD43580CB9FCA84F5928135A3B0FF3 ] C:\Windows\System32\bi.dll
20:29:12.0146 0x0fdc  C:\Windows\System32\bi.dll - ok
20:29:12.0159 0x0fdc  [ F5ED5BA1243201C5078764F916B0387E, 31285E78A6CEF4AC030A8765FC464BE666776A4721C45033E75F042FE5DE1C80 ] C:\Windows\System32\dab.dll
20:29:12.0159 0x0fdc  C:\Windows\System32\dab.dll - ok
20:29:12.0174 0x0fdc  [ 92ABF534E992C61730C24F003BBE192A, 5F7D4A471A066B53460193B3D9FB7217B87ACDB342E4258404699424D36E9C8D ] C:\Windows\System32\dpapi.dll
20:29:12.0175 0x0fdc  C:\Windows\System32\dpapi.dll - ok
20:29:12.0190 0x0fdc  [ DDEE191AB32DFC22C6465002ECDF5EE4, 190C3930A8449118F9FEDF43C482837EF1C255E6D67F9651156E66A1E2BC6553 ] C:\Windows\System32\drivers\luafv.sys
20:29:12.0190 0x0fdc  C:\Windows\System32\drivers\luafv.sys - ok
20:29:12.0206 0x0fdc  [ 1524579B894C9B99F42A695B86881254, F42AFBBD25B999D39526EAE376569BEE8ABE1E8AB74F308F3868563FAF652F15 ] C:\Windows\System32\apphelp.dll
20:29:12.0206 0x0fdc  C:\Windows\System32\apphelp.dll - ok
20:29:12.0221 0x0fdc  [ 2E3340A90140E1F0965DAD96C5B28A41, 4D4771F439A2D532C58A06F6DF81B4C4635E3FE438BDEC26173C0260B7267DB0 ] C:\Windows\System32\dwm.exe
20:29:12.0222 0x0fdc  C:\Windows\System32\dwm.exe - ok
20:29:12.0237 0x0fdc  [ 3710A8A7508B36AD96A97CE79E17403E, DD9807B58607825F1B4E13602B147B5FF6F3D72559136B718DB3B99D42D015F6 ] C:\Windows\System32\LogonUI.exe
20:29:12.0238 0x0fdc  C:\Windows\System32\LogonUI.exe - ok
20:29:12.0251 0x0fdc  [ 6EF180C3695A4C1745F4A32E1D9EE8A9, AE1FC5F41607B561A2FC4C734541B1952EADF0DD4EBA0BEC9343EA1AFAE66184 ] C:\Windows\System32\authui.dll
20:29:12.0251 0x0fdc  C:\Windows\System32\authui.dll - ok
20:29:12.0267 0x0fdc  [ 66B54471B5856E314947881E28263A6D, 2D60706B52A2CE98FF806337D62CD010C1DEB2AEDDF899C7B67173928B2D7C4C ] C:\Windows\System32\atiesrxx.exe
20:29:12.0267 0x0fdc  C:\Windows\System32\atiesrxx.exe - ok
20:29:12.0282 0x0fdc  [ 8C569B429D897647A26A83D9901D3225, 1C0634325661420E1A3E193463AA4CFBCDB763D68B1CE1CBD98B4E5ADD8070CE ] C:\Windows\System32\dwmredir.dll
20:29:12.0282 0x0fdc  C:\Windows\System32\dwmredir.dll - ok
20:29:12.0298 0x0fdc  [ 5886CF4473849179FC8D2831CD629340, E1E0803CB2FF2A1CBA2401D2E34C2287CCFDDD1D460D1792F3CF17B72C4C2380 ] C:\Windows\System32\dwmcore.dll
20:29:12.0298 0x0fdc  C:\Windows\System32\dwmcore.dll - ok
20:29:12.0313 0x0fdc  [ 8721643ED5447F245762DF0A976AB87A, 4208D723A105B22229C7502CBB6803C7A67F6BB1798D74F7EBE33BF58B177495 ] C:\Windows\System32\wtsapi32.dll
20:29:12.0313 0x0fdc  C:\Windows\System32\wtsapi32.dll - ok
20:29:12.0329 0x0fdc  [ CBE142AAF990CDA24CDEFF8FF3EBB201, 7188C5606E5CD23B45E5FE95B3374F17136B9AC022B9E7A78C613697A765E726 ] C:\Windows\System32\SHCore.dll
20:29:12.0329 0x0fdc  C:\Windows\System32\SHCore.dll - ok
20:29:12.0344 0x0fdc  [ C253B8484DCABB3EBE6D60E67CADB373, 681D29A4A6DD428D2013C82D41E302BB72BAD501E8C3F5E2A8E113E34E138C92 ] C:\Windows\System32\dcomp.dll
20:29:12.0344 0x0fdc  C:\Windows\System32\dcomp.dll - ok
20:29:12.0359 0x0fdc  [ 837F8649A2FE7880899711FAA25A2AE3, E178ABF12B4BF18DE71F7F5A69ED84CA737C30354EDFB5CAE68E222AC4307DCF ] C:\Windows\System32\dui70.dll
20:29:12.0360 0x0fdc  C:\Windows\System32\dui70.dll - ok
20:29:12.0375 0x0fdc  [ 9860C19010CFB3F70DC6EDAEB1F1A5E2, 9551D542B1F9398C468157BA0633072BEB339EC0955D1088F0F909769B03DA86 ] C:\Windows\System32\wevtsvc.dll
20:29:12.0375 0x0fdc  C:\Windows\System32\wevtsvc.dll - ok
20:29:12.0390 0x0fdc  [ 1517EE52367CABAA5615AC736DC96C7D, 5D85B798143552086505F517F1093446FB2FD0BF59E06A7457FE3F6C5203FC9F ] C:\Windows\System32\dwmapi.dll
20:29:12.0390 0x0fdc  C:\Windows\System32\dwmapi.dll - ok
20:29:12.0399 0x0fdc  [ B83C0950E4F89CE586C2D38BD50218C6, BE4DBAB4BA6D75C0BD3ECC8AEECAF3C40115B5294DCBDF7BBE7E382D92024072 ] C:\Windows\System32\WindowsCodecs.dll
20:29:12.0399 0x0fdc  C:\Windows\System32\WindowsCodecs.dll - ok
20:29:12.0417 0x0fdc  [ 5FF3970FE7577088F1C01E6E6707598C, 5AD0FF53092F430C28CA4900F8ECBE892760439FFE7B038CDB29ADCDB5054BDE ] C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll
20:29:12.0417 0x0fdc  C:\Windows\WinSxS\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_6242a4b3ecbb55a1\comctl32.dll - ok
20:29:12.0428 0x0fdc  [ 383DA813409316D69603C1D849834D24, E1AAD3AB567457B00B8A378D5BA37ED653EE451FF79D071A8815FB8B1EB90DAF ] C:\Windows\System32\gpsvc.dll
20:29:12.0428 0x0fdc  C:\Windows\System32\gpsvc.dll - ok
20:29:12.0444 0x0fdc  [ 37A1B06AB3493CB276195B7358A6A805, E175ACF33F519E21AD85CF2917AF7671D05F4F12EB5888D4B6EA82A58D3490C9 ] C:\Windows\System32\avrt.dll
20:29:12.0444 0x0fdc  C:\Windows\System32\avrt.dll - ok
20:29:12.0459 0x0fdc  [ 8E5C2B32EE4166A3084B133183A00F2A, B94A122E537FFDED0622AF1E002037AC33AF634390CCC4755E663CC404168CCB ] C:\Windows\System32\d3d11.dll
20:29:12.0459 0x0fdc  C:\Windows\System32\d3d11.dll - ok
20:29:12.0474 0x0fdc  [ 835D33D2EF07743028475486D0BA5696, 763BAD8395CDC537DE7B4A821117218187CC669410DFDDFB95C6759F32EBBE4F ] C:\Windows\System32\wevtapi.dll
20:29:12.0475 0x0fdc  C:\Windows\System32\wevtapi.dll - ok
20:29:12.0490 0x0fdc  [ 4C66C21B6244A09DD671485D67D13DB9, 842FA6DBE0B32D23E74E0A0165752C583C45A13D507208772A5A5ECD60DB9866 ] C:\Windows\System32\duser.dll
20:29:12.0490 0x0fdc  C:\Windows\System32\duser.dll - ok
20:29:12.0505 0x0fdc  [ 0341F92E52A8FF814671761179C103FB, 49037E34D4B572CAB85BBF29330D3DA188D1FBA65FA5E41728B47D1DD2206804 ] C:\Windows\System32\dsrole.dll
20:29:12.0505 0x0fdc  C:\Windows\System32\dsrole.dll - ok
20:29:12.0521 0x0fdc  [ 88225B3D5685777AFAA1297FD612DF9A, AFB21EAC838C2F40DFF485C6AE0FD1018A932E86F45B811753EFBC77FA2E4441 ] C:\Windows\System32\dxgi.dll
20:29:12.0521 0x0fdc  C:\Windows\System32\dxgi.dll - ok
20:29:12.0538 0x0fdc  [ E5DFD54D2DAA70738F581D1AC74C09CD, A07F817EE75AA84A60290A4074DE059CA891E9E4932972531A1771BBA69A103E ] C:\Windows\System32\nlaapi.dll
20:29:12.0538 0x0fdc  C:\Windows\System32\nlaapi.dll - ok
20:29:12.0551 0x0fdc  [ 389C4E97E3A498159B625A7A13EA4560, F493C5B5BC5353B13AED2B538DD947FA5E708E6D021E9F7830250F921F26B99A ] C:\Windows\System32\d3d10warp.dll
20:29:12.0551 0x0fdc  C:\Windows\System32\d3d10warp.dll - ok
20:29:12.0568 0x0fdc  [ AB6ADF3E3B774A1CF3FA83DB1A4D45DF, DBFF2D43620EA3356C772B0A7F7FB6722D7AD4239FE818DAB42EC6937590A2A2 ] C:\Windows\System32\SndVolSSO.dll
20:29:12.0568 0x0fdc  C:\Windows\System32\SndVolSSO.dll - ok
20:29:12.0584 0x0fdc  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] C:\Windows\System32\themeservice.dll
20:29:12.0584 0x0fdc  C:\Windows\System32\themeservice.dll - ok
20:29:12.0599 0x0fdc  [ B2A890D96C05E33FDD2BF3F3D4D0DF92, 3A29E17424429A5654D906E420D938148F09F57457356EFA72DA003B73F2D81E ] C:\Windows\System32\profsvc.dll
20:29:12.0599 0x0fdc  C:\Windows\System32\profsvc.dll - ok
20:29:12.0614 0x0fdc  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] C:\Windows\System32\es.dll
20:29:12.0614 0x0fdc  C:\Windows\System32\es.dll - ok
20:29:12.0631 0x0fdc  [ 1169646AAD0239C23CCF9C46BA00B2D6, 1CD37D98AD15EB9BD161AC126DD663054449C0C9AF8280489C696B9787EA1D3C ] C:\Windows\System32\MMDevAPI.dll
20:29:12.0631 0x0fdc  C:\Windows\System32\MMDevAPI.dll - ok
20:29:12.0642 0x0fdc  [ C77D967840F17DED03DA4BA9D3C40FDB, 53A2FFFD3060E000537963B3CBF7D38BD296137011F88A83804E39AA0ACF980A ] C:\Windows\System32\profsvcext.dll
20:29:12.0642 0x0fdc  C:\Windows\System32\profsvcext.dll - ok
20:29:12.0651 0x0fdc  [ A5F79CC03396AAC79F79C1368DA08A95, 5488DB19AADA6E711958A4FFF88AAE608DF27FCAF01058B5EC46AE76C9A10176 ] C:\Windows\System32\ntdsapi.dll
20:29:12.0651 0x0fdc  C:\Windows\System32\ntdsapi.dll - ok
20:29:12.0667 0x0fdc  [ B1C2856F8199A9386C22E8325BC34D87, 2BB32BCE899CA5D7E1EF40647B6C2ECB557F4E554DBB1D6E3CA9E2012CA081AD ] C:\Windows\System32\slc.dll
20:29:12.0667 0x0fdc  C:\Windows\System32\slc.dll - ok
20:29:12.0683 0x0fdc  [ 3B85C2DC57230C3EA71E2AF88EEB9DEC, 6CEF9EF6A02321C5968AA4560C376569E242A03BD0E68E8BA8E1BB842BA0C9E0 ] C:\Windows\System32\BCP47Langs.dll
20:29:12.0683 0x0fdc  C:\Windows\System32\BCP47Langs.dll - ok
20:29:12.0698 0x0fdc  [ C1D7228D5743995256A17D8225FDC704, B90360E706DECA71B418B2C1D61D99D47ACC26ECA94678035439C6EB902150DE ] C:\Windows\System32\sppc.dll
20:29:12.0698 0x0fdc  C:\Windows\System32\sppc.dll - ok
20:29:12.0714 0x0fdc  [ BA25717D6694B6C472129AD93893A03D, 28F38C38914E093CC7BDF720E358D9F9D8E518CA16CAF69A60CBB4807D2C672B ] C:\Windows\System32\netapi32.dll
20:29:12.0714 0x0fdc  C:\Windows\System32\netapi32.dll - ok
20:29:12.0730 0x0fdc  [ D60F99ECBFCE0C01BE4C5B06E09435DB, F45B7C70F23DF412E721FD50CF0197CA73A082A051B231C5D07929A346A07589 ] C:\Windows\System32\atl.dll
20:29:12.0730 0x0fdc  C:\Windows\System32\atl.dll - ok
20:29:12.0745 0x0fdc  [ 2898E39D1E0CB9074C18988A2F8B73D3, D397C26A4216603D369E136ABF6A8EF714FC23A7CAAB03B6AF1E37BC52BC7425 ] C:\Windows\System32\SmartcardCredentialProvider.dll
20:29:12.0746 0x0fdc  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
20:29:12.0761 0x0fdc  [ F71E12EBA575EBD58B499BC7C39D0CD0, 47B384EAB195C13C07CC56CA9245CD90F2C27C846F5DB4C97D3466304A75CE70 ] C:\Windows\System32\wkscli.dll
20:29:12.0761 0x0fdc  C:\Windows\System32\wkscli.dll - ok
20:29:12.0776 0x0fdc  [ 35109E2FBC865F881D5DC61684A513FE, FF83F25DD3753F233EE41DA48BD56815DFBD2F874CE87DA40763CA26F8AF3432 ] C:\Windows\System32\aticfx64.dll
20:29:12.0776 0x0fdc  C:\Windows\System32\aticfx64.dll - ok
20:29:12.0792 0x0fdc  [ D381B446466B468D27BF23A7A372D205, 833DABCC53EDE71667C7EE24AC63DB759D8B3DD878B034CEBDCEF1F2EF7BAE31 ] C:\Windows\System32\cngcredui.dll
20:29:12.0792 0x0fdc  C:\Windows\System32\cngcredui.dll - ok
20:29:12.0807 0x0fdc  [ 5E47B467A1CD51943C370BF781E1A4F1, 17B679389382129E6E1193F2FD3C236B5FA6EE8B5621219D54A859476116B8DD ] C:\Windows\System32\taskschd.dll
20:29:12.0807 0x0fdc  C:\Windows\System32\taskschd.dll - ok
20:29:12.0823 0x0fdc  [ 6C9C1917F2C29AFADDC3DD10F28A9F56, 1A3FDC26D3BD855E5A9D6BB7453F881C5AEAA98E695429DA1CA3C7B41EA8483C ] C:\Windows\System32\atieclxx.exe
20:29:12.0823 0x0fdc  C:\Windows\System32\atieclxx.exe - ok
20:29:12.0839 0x0fdc  [ 766B12FB02BD1E5D0BBA9488E091EE6D, 1F4FCABB403200447D2D41184612A2FC4D645436BFAE2C05D4B96C2CC320CE1A ] C:\Windows\System32\BioCredProv.dll
20:29:12.0839 0x0fdc  C:\Windows\System32\BioCredProv.dll - ok
20:29:12.0857 0x0fdc  [ D852B5E8CCB3ECB68B99449685CF5163, 6C9F1D39FCF46FC012673EAE3AA07B155E0E27F7D2C233F0F08898DF014D4081 ] C:\Windows\System32\atiadlxx.dll
20:29:12.0857 0x0fdc  C:\Windows\System32\atiadlxx.dll - ok
20:29:12.0868 0x0fdc  [ 8BDD004DC92D09CCD1F3922C59983019, 4471FD9A339D3AEB51BE33BC176E8BA10E5B3FC6E3C375C36FCC650D78D1C58E ] C:\Windows\System32\winbio.dll
20:29:12.0868 0x0fdc  C:\Windows\System32\winbio.dll - ok
20:29:12.0884 0x0fdc  [ 3B03178E65E6903328644E329B24D8B2, 5B951EF351DB32E3E3623992231ECC8DAB34171E28304916C5359D4710278EDE ] C:\Windows\System32\version.dll
20:29:12.0884 0x0fdc  C:\Windows\System32\version.dll - ok
20:29:12.0900 0x0fdc  [ A50621AF8812D32B9F83ADF5EDD05275, B2294462FFB32258C5A28D3BB96EAC5BABE3DD2E9AE89B081145409BDF7D76C3 ] C:\Windows\System32\atiuxp64.dll
20:29:12.0900 0x0fdc  C:\Windows\System32\atiuxp64.dll - ok
20:29:12.0910 0x0fdc  [ CC8E86B9C18BCA38D3C467CFD661A466, 55FFB33541A2329FB72C6436488FB81E28EA8B0C2EB6CEAFA5CC4E5570D94238 ] C:\Windows\System32\DWrite.dll
20:29:12.0910 0x0fdc  C:\Windows\System32\DWrite.dll - ok
20:29:12.0925 0x0fdc  [ 4684C8E852065C0A7937C395C165A24F, 394081DFF9E26D564370E98455477E6DB9FCD0AE309F91FC8ADF25F1D1F0FEDB ] C:\Windows\System32\propsys.dll
20:29:12.0926 0x0fdc  C:\Windows\System32\propsys.dll - ok
20:29:12.0941 0x0fdc  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] C:\Windows\System32\Sens.dll
20:29:12.0941 0x0fdc  C:\Windows\System32\Sens.dll - ok
20:29:12.0956 0x0fdc  [ 9F5405BA90DBD4E148FA0FD695145192, 3052893242A5EC4538802A18C78C9926B7E71D9A97524BD1AA1FA343B1468C0F ] C:\Windows\System32\atidxx64.dll
20:29:12.0956 0x0fdc  C:\Windows\System32\atidxx64.dll - ok
20:29:12.0972 0x0fdc  [ 886767FD022213F7885416134E9082E5, E248D82210FBEBF62C23EBEC74A976B2D1A4E62D3B7638D95B2574B77BA05DD0 ] C:\Windows\System32\AudioEndpointBuilder.dll
20:29:12.0972 0x0fdc  C:\Windows\System32\AudioEndpointBuilder.dll - ok
20:29:12.0988 0x0fdc  [ 3FA6DC6B29717E32E211C1FD821F2C75, E467F3775427C93CC2B87327B0A45669631A5FC460C558F6796BA26002A8BBFC ] C:\Windows\System32\FntCache.dll
20:29:12.0988 0x0fdc  C:\Windows\System32\FntCache.dll - ok
20:29:13.0004 0x0fdc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] C:\Windows\System32\mmcss.dll
20:29:13.0004 0x0fdc  C:\Windows\System32\mmcss.dll - ok
20:29:13.0018 0x0fdc  [ 0D12F606DE18A5739AF27F12A32C6A6E, 5F2231EDB58B3C81BC85CC94807D0DA4235034DD89C429EABE5DF540AA9100BC ] C:\Windows\System32\IPHLPAPI.DLL
20:29:13.0018 0x0fdc  C:\Windows\System32\IPHLPAPI.DLL - ok
20:29:13.0033 0x0fdc  [ FD9683552D97156E0C5B948BDABA2569, 5BB19966FAA3C5F786DBCC9F8416182BD865851906122AB84FF572E38AA8881F ] C:\Windows\System32\winnsi.dll
20:29:13.0033 0x0fdc  C:\Windows\System32\winnsi.dll - ok
20:29:13.0049 0x0fdc  [ F3C88687207F4F75773D288A6D4B61F7, D71AA9E00EE120FF8659770776405B3F15EAA0FC39E0D5834DFD88A621F14361 ] C:\Windows\System32\certCredProvider.dll
20:29:13.0049 0x0fdc  C:\Windows\System32\certCredProvider.dll - ok
20:29:13.0064 0x0fdc  [ E521CCD352373B1825BEA80DEC2B7D97, CFA01810D4531A07BD9749DBCA34634DA749B846887315D26671CBA53B8D12A4 ] C:\Windows\System32\oleacc.dll
20:29:13.0064 0x0fdc  C:\Windows\System32\oleacc.dll - ok
20:29:13.0080 0x0fdc  [ 629152E8745B63E63978FD1848ABC7AE, 62C104E98908100535DF7888DF17B9AEEC675D799DDC6141D0761097C311D596 ] C:\Windows\System32\wlidcredprov.dll
20:29:13.0080 0x0fdc  C:\Windows\System32\wlidcredprov.dll - ok
20:29:13.0092 0x0fdc  [ 119CE6CF93183EB144F5EA9A4A5A6AB3, A396903C90712CA8125D56AE690E36593EFEE6B7D9BE4B351CE36A3AD503FEA8 ] C:\Windows\System32\rasplap.dll
20:29:13.0092 0x0fdc  C:\Windows\System32\rasplap.dll - ok
20:29:13.0108 0x0fdc  [ 7C75BF2879AEAD311DAE25CB5F1A2C83, 9C25E41BADF1E2D216ADB29B75B8790AC4E4DFB1F631C416762FA2FCE52D1C1F ] C:\Windows\System32\rasapi32.dll
20:29:13.0108 0x0fdc  C:\Windows\System32\rasapi32.dll - ok
20:29:13.0124 0x0fdc  [ 79B134ECE836B406B212E28C24011538, 1B875DD23CCAD8A2759DCDBCDCF3DE14231B9DB5EEC8E84FE081E41A52A047A1 ] C:\Windows\System32\audiosrv.dll
20:29:13.0124 0x0fdc  C:\Windows\System32\audiosrv.dll - ok
20:29:13.0139 0x0fdc  [ 8420491FFA891600A88FD12F5059A54C, 7A8750A5827198168BC6B92E9CA3AD6CA1F4498764094302A7714B265DE84A58 ] C:\Windows\System32\ksuser.dll
20:29:13.0139 0x0fdc  C:\Windows\System32\ksuser.dll - ok
20:29:13.0155 0x0fdc  [ 9FB85E37238FEA836E5E6779A93DA461, 9CFBC92BB5C730AB194EC18A993640FD62F2FE3503D16B77C055242C7B84B800 ] C:\Windows\System32\rasman.dll
20:29:13.0155 0x0fdc  C:\Windows\System32\rasman.dll - ok
20:29:13.0165 0x0fdc  [ 950E87673E2AE1A536869BCC4E711D67, 1EE759FD810A3D199CF069454069D34522AE6AB332741E4F680CCF80A3AF9ED3 ] C:\Windows\System32\rtutils.dll
20:29:13.0165 0x0fdc  C:\Windows\System32\rtutils.dll - ok
20:29:13.0181 0x0fdc  [ A956CC9503FD75F2372A6B673E1C07B2, 334D9180357E6BF209C16BA680AB691B09DB36CF58EA4320DFC46946F6A9D94E ] C:\Windows\System32\UIAnimation.dll
20:29:13.0181 0x0fdc  C:\Windows\System32\UIAnimation.dll - ok
20:29:13.0196 0x0fdc  [ 23F2B10A7EDF5E6A87CAE43129F83495, 69D7CBE9E3D47BC360D24132C4E0DDF47DA8FDFE7E9A32B4A446EBDEEBB847AE ] C:\Windows\System32\uDWM.dll
20:29:13.0196 0x0fdc  C:\Windows\System32\uDWM.dll - ok
20:29:13.0212 0x0fdc  [ 61E9834E1CA04DB74F0053BD8AE67BFC, 5623E63A40CFA9913FA0B0F0DF2DEC2F621B96480D575C47B821AE0D4103BC53 ] C:\Windows\System32\winbrand.dll
20:29:13.0212 0x0fdc  C:\Windows\System32\winbrand.dll - ok
20:29:13.0228 0x0fdc  [ 1547E5B7D2EF477D422EBE0FE58508CC, 3EC11F4414C6C856972D654DB2627037AAF37F010C81B6E4612C2035C6EDD5B7 ] C:\Windows\System32\AuthExt.dll
20:29:13.0228 0x0fdc  C:\Windows\System32\AuthExt.dll - ok
20:29:13.0244 0x0fdc  [ EC2DB85DD72A3506D60B428A36F5E27E, 1E3DD6DD0DF3737E0207569A11F3AC9CDEB0A2D13EF4737E69F526EF1A00D91B ] C:\Windows\System32\NetworkStatus.dll
20:29:13.0244 0x0fdc  C:\Windows\System32\NetworkStatus.dll - ok
20:29:13.0259 0x0fdc  [ 053472337FDD116BD010C88DB0C34DF1, 970D80D6C67A9D66AF03D1223AE663C205484232C22A482584C55AB1E1BC49D4 ] C:\Windows\System32\d2d1.dll
20:29:13.0259 0x0fdc  C:\Windows\System32\d2d1.dll - ok
20:29:13.0273 0x0fdc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] C:\Windows\System32\drivers\lltdio.sys
20:29:13.0273 0x0fdc  C:\Windows\System32\drivers\lltdio.sys - ok
20:29:13.0321 0x0fdc  [ B8C9BC3542EDA9DB99B95543555877BC, AA812707DCCAAF172C6348FF4EBB93375AE40D0CE478651FFB3C44682FED191A ] C:\Windows\System32\samlib.dll
20:29:13.0321 0x0fdc  C:\Windows\System32\samlib.dll - ok
20:29:13.0334 0x0fdc  [ 78514B073CC5775800A65BFB82A0D66B, DCD18E277569F23921E899F508860F89ABD417C74A7776152A4463284A989488 ] C:\Windows\System32\drivers\nwifi.sys
20:29:13.0334 0x0fdc  C:\Windows\System32\drivers\nwifi.sys - ok
20:29:13.0349 0x0fdc  [ 1CE1F2BBF92DF79CF8638FDA04DB4F10, FBE8183204175B892DF543A0CC9296FE91C281E818CE9C343C6B16F4E6BEA006 ] C:\Windows\System32\shacct.dll
20:29:13.0349 0x0fdc  C:\Windows\System32\shacct.dll - ok
20:29:13.0365 0x0fdc  [ 9543FE667E9709640F1D9852BCF97A17, 3EF13E6A9E551AAF552A54CB2347CCD9C42099B941794F4AC9D2DFD9DFBBEEDC ] C:\Windows\System32\xmllite.dll
20:29:13.0365 0x0fdc  C:\Windows\System32\xmllite.dll - ok
 
End of Part 3

  • 0

#10
Spencer4134
Posted 12 August 2014 - 09:01 PM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

TDSSKiller Part 4:

 

 
20:29:13.0382 0x0fdc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] C:\Windows\System32\drivers\ndisuio.sys
20:29:13.0382 0x0fdc  C:\Windows\System32\drivers\ndisuio.sys - ok
20:29:13.0399 0x0fdc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] C:\Windows\System32\drivers\rspndr.sys
20:29:13.0399 0x0fdc  C:\Windows\System32\drivers\rspndr.sys - ok
20:29:13.0409 0x0fdc  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] C:\Windows\System32\lmhsvc.dll
20:29:13.0409 0x0fdc  C:\Windows\System32\lmhsvc.dll - ok
20:29:13.0426 0x0fdc  [ DB9657253BD51C172B3262B9CD5463F3, DCD61909A2A875E721EDBF312A1814D00B49F868F169396767E9FD2FA177991C ] C:\Windows\System32\nrpsrv.dll
20:29:13.0426 0x0fdc  C:\Windows\System32\nrpsrv.dll - ok
20:29:13.0442 0x0fdc  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] C:\Windows\System32\nsisvc.dll
20:29:13.0442 0x0fdc  C:\Windows\System32\nsisvc.dll - ok
20:29:13.0458 0x0fdc  [ A07CFC4B593D15B6BF06813C3B5B33BF, B57BD918E2AFF9943B51A24B95E0C4D3482B4DF73C0E2421E8CC67C2BC7A4C70 ] C:\Windows\System32\wcmsvc.dll
20:29:13.0458 0x0fdc  C:\Windows\System32\wcmsvc.dll - ok
20:29:13.0474 0x0fdc  [ 883B5FE0605EF11BCF90B0117AEBBA07, 24AB34D80E1D2A76A357C04C0CAEB730424C4288C522C9AF39112CFE2FFD3A49 ] C:\Windows\System32\wcmcsp.dll
20:29:13.0474 0x0fdc  C:\Windows\System32\wcmcsp.dll - ok
20:29:13.0491 0x0fdc  [ E475BEF9B460F4F678972F88C5FF50D2, 4437CA70280C5C41DF29B684AF2500D98FBBE28B225DF9C84428916BA0130B5F ] C:\Windows\System32\wmiclnt.dll
20:29:13.0491 0x0fdc  C:\Windows\System32\wmiclnt.dll - ok
20:29:13.0507 0x0fdc  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] C:\Windows\System32\dhcpcore.dll
20:29:13.0507 0x0fdc  C:\Windows\System32\dhcpcore.dll - ok
20:29:13.0523 0x0fdc  [ 8CF4AE81A247E1F6103FD1635C8816AF, 7C4CF85F036C404F8D3D09AE1EF01C0B3FE6FC68D60495CBB4A272A743261F0E ] C:\Windows\System32\InputSwitch.dll
20:29:13.0523 0x0fdc  C:\Windows\System32\InputSwitch.dll - ok
20:29:13.0539 0x0fdc  [ 1946308C7FF73E4CD47579F34F9F6E1B, EE9FE65762D95F0694188801D8B1A8427763EA6DC46382E0AA5AFE7B3B5AF396 ] C:\Windows\System32\dhcpcore6.dll
20:29:13.0540 0x0fdc  C:\Windows\System32\dhcpcore6.dll - ok
20:29:13.0555 0x0fdc  [ FE7656474448BE6A6C68E5C9BEB7CA94, 8B9F04CAA29A6EEFCA3D1E7BAFE340D5CCA8AF665474E69B1DF7E2A518B83A89 ] C:\Windows\System32\dnsrslvr.dll
20:29:13.0555 0x0fdc  C:\Windows\System32\dnsrslvr.dll - ok
20:29:13.0574 0x0fdc  [ EF252510DB6C3511E30418BD2AC95A2D, 75B496F5C611129D9D19B382503830FDB0E2E61D4880D2821AE381DF578C5E56 ] C:\Windows\System32\wlansvc.dll
20:29:13.0574 0x0fdc  C:\Windows\System32\wlansvc.dll - ok
20:29:13.0584 0x0fdc  [ 5ABA673EF6433BE68AAE77AE5C5FAFAA, EDD85F776957D1FAB93F27F27A2D60924C423E3EA161A5258F27FABCC6B45CF3 ] C:\Windows\System32\FWPUCLNT.DLL
20:29:13.0584 0x0fdc  C:\Windows\System32\FWPUCLNT.DLL - ok
20:29:13.0601 0x0fdc  [ 8D25DE2AC85BC807DC19D4DAF6AA6D27, CB6238AB8AC9DDDF7170511C6E512FF134E9E79831F58BCB670DE327F70D0AD8 ] C:\Windows\System32\dnsext.dll
20:29:13.0601 0x0fdc  C:\Windows\System32\dnsext.dll - ok
20:29:13.0617 0x0fdc  [ 11C2A9D3D34632FC17EF8B3411AA972B, 279261AF81308E7A256EC7A0F5E6511218697EA451425020AAF6DA459172BD0A ] C:\Windows\System32\Windows.UI.Immersive.dll
20:29:13.0617 0x0fdc  C:\Windows\System32\Windows.UI.Immersive.dll - ok
20:29:13.0633 0x0fdc  [ 3378C5241A1FE2F1D34BCC3ABC99F435, BE82C59E9CB0A7561401D956B97C2E4A9B383BB5CF00E5DC004633C031F35748 ] C:\Windows\System32\dhcpcsvc.dll
20:29:13.0633 0x0fdc  C:\Windows\System32\dhcpcsvc.dll - ok
20:29:13.0650 0x0fdc  [ D4CFAC89188EC0B887CFFCA7C80E495D, 2145D5DC03E79B361764F7281E2255318DA303B47E2D01BEC5E9E3D8DBFF586B ] C:\Windows\System32\dhcpcsvc6.dll
20:29:13.0650 0x0fdc  C:\Windows\System32\dhcpcsvc6.dll - ok
20:29:13.0660 0x0fdc  [ 977D67467950D8048E94651EE6081B99, F2A2C93D848B8B1671CB7838596AA6139872A8AEE5B85FDD27132FAE5A3BC00E ] C:\Windows\System32\wlanmsm.dll
20:29:13.0660 0x0fdc  C:\Windows\System32\wlanmsm.dll - ok
20:29:13.0677 0x0fdc  [ 59C04629522B5815BF39F8A310FD2C81, 02096C293E4D6726DD944D1A1D66D2A41D0CDBE887809E8A30ABA95F53D289FA ] C:\Windows\System32\onex.dll
20:29:13.0677 0x0fdc  C:\Windows\System32\onex.dll - ok
20:29:13.0693 0x0fdc  [ 88BCAEABEB2A46DB7B336B8432720AC8, 79D572FC0BD1DDCA5CE59DFAA79C95B4F6FEC9D607927BE03A956E8B8CE3BEF9 ] C:\Windows\System32\wlansec.dll
20:29:13.0693 0x0fdc  C:\Windows\System32\wlansec.dll - ok
20:29:13.0709 0x0fdc  [ 5EC234995AFB7356A8B1A22C9244F243, 28B890FD933638C110DD227CABA929795DA148964E3D7201A10E1B4DD48F3B85 ] C:\Windows\System32\wuaext.dll
20:29:13.0709 0x0fdc  C:\Windows\System32\wuaext.dll - ok
20:29:13.0725 0x0fdc  [ F5946BC89C6D350ADADDA9676DF28CF3, EA70848F403DE98A743C02D4020CEE31AAE01861A3EC6A4AE3CEA4DD971A3519 ] C:\Windows\System32\eappprxy.dll
20:29:13.0725 0x0fdc  C:\Windows\System32\eappprxy.dll - ok
20:29:13.0742 0x0fdc  [ F22BC2C1BD805F874540B7595F0C804D, C4AF63DC87DA9CC642C6E4942B77C081625FB4C1D7C3D5E7228DC4704E38643D ] C:\Windows\System32\IDStore.dll
20:29:13.0742 0x0fdc  C:\Windows\System32\IDStore.dll - ok
20:29:13.0758 0x0fdc  [ 46E0F92B51247ECCE5A837D613517182, CC45C388704E0D55C559AF9C79605B60820CA0A40B758B2B85B0D87CBD0D8845 ] C:\Windows\System32\samcli.dll
20:29:13.0758 0x0fdc  C:\Windows\System32\samcli.dll - ok
20:29:13.0774 0x0fdc  [ 3B04158DE50AB283B3A5FB5E70C48FB4, 4C50337D26E7AA6523E74212195A4AE9EE9971CE87EA7A2E4FA653F97A6221B1 ] C:\Windows\System32\wlansvcpal.dll
20:29:13.0774 0x0fdc  C:\Windows\System32\wlansvcpal.dll - ok
20:29:13.0790 0x0fdc  [ 1B2CAD40A6FD2E9DC336F3A338293B29, 7CB8C03D1ED687940BE55520887574138F457BB379824C52CC86BBB052A034F7 ] C:\Windows\System32\msxml6.dll
20:29:13.0790 0x0fdc  C:\Windows\System32\msxml6.dll - ok
20:29:13.0806 0x0fdc  [ 3BC1D1D56637A32CD91C8AE08E2484AA, 9EE1BD3FB0D289E25F3DDD0D8F67DC1C701A6B1D5418FADF348D0E642B1DEBEB ] C:\Windows\System32\wbiosrvc.dll
20:29:13.0806 0x0fdc  C:\Windows\System32\wbiosrvc.dll - ok
20:29:13.0817 0x0fdc  [ 0DF0FA32C2841537B0610B4179320A3A, 0B998280F28072CDF99BD9DE23A98D04CB07F5B83E412D941004FA3A20E6830C ] C:\Windows\System32\TetheringIeProvider.dll
20:29:13.0817 0x0fdc  C:\Windows\System32\TetheringIeProvider.dll - ok
20:29:13.0837 0x0fdc  [ 77BA0D87906CC2D86588D89A75372EC7, 8CCBFDF6197D76594B59FBF31F438495FCC074341D1101E14ADBD753369F3859 ] C:\Windows\System32\WiFiDisplay.dll
20:29:13.0837 0x0fdc  C:\Windows\System32\WiFiDisplay.dll - ok
20:29:13.0856 0x0fdc  [ F2895547FC275642A29692DC344A847F, 0647A8BB0FD2088F01FBC7B7847B0702AC235361766B945F9A11F94F5E5D6922 ] C:\Windows\System32\wlanapi.dll
20:29:13.0856 0x0fdc  C:\Windows\System32\wlanapi.dll - ok
20:29:13.0872 0x0fdc  [ 682C1B06C4E00A9DC995E4B2FD626CB2, 52B2820171D1A345EDB6FF61FA27D4B03F86ED91D9C0BC997F9820A5646B1ED2 ] C:\Windows\System32\wlgpclnt.dll
20:29:13.0872 0x0fdc  C:\Windows\System32\wlgpclnt.dll - ok
20:29:13.0888 0x0fdc  [ 03CC7C6D00212DF6D6CB5C93432410ED, C8ED6DAB3F69A4993AD41E40742E6ECBB848CFC3D3817CFEAEEFE99BDA50AB3F ] C:\Windows\System32\UIAutomationCore.dll
20:29:13.0888 0x0fdc  C:\Windows\System32\UIAutomationCore.dll - ok
20:29:13.0904 0x0fdc  [ 8DAE6957A4F0EC461575F68239E0A13E, DB788A4374618B111EAA052AB8FED6808F1426BE79FD5214A2A9751C6700216A ] C:\Windows\System32\l2gpstore.dll
20:29:13.0904 0x0fdc  C:\Windows\System32\l2gpstore.dll - ok
20:29:13.0913 0x0fdc  [ 059D36ABEC9F2D3F677B8EA9240405CD, B4CD58747DBA0E9C1C22DDFB049302662D7875C6ABF04DA76565FCDFE5AA82C3 ] C:\Windows\System32\batmeter.dll
20:29:13.0913 0x0fdc  C:\Windows\System32\batmeter.dll - ok
20:29:13.0930 0x0fdc  [ 82FE5F302FD7C7EF0E41465BB873EFC7, 274A2ECD7A60056354883CD9E061F35B2220B5508B1253D00739D51AA0EF173B ] C:\Windows\System32\wlanhlp.dll
20:29:13.0930 0x0fdc  C:\Windows\System32\wlanhlp.dll - ok
20:29:13.0946 0x0fdc  [ 4897A55EEBC1D3F6DFEB1CD94C241F48, A68C504A5BF10D4C4C082EA4E92EC4358B4E09E87FB8C49A16080ABB900C4523 ] C:\Windows\System32\SubscriptionMgr.dll
20:29:13.0946 0x0fdc  C:\Windows\System32\SubscriptionMgr.dll - ok
20:29:13.0962 0x0fdc  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] C:\Windows\System32\shsvcs.dll
20:29:13.0962 0x0fdc  C:\Windows\System32\shsvcs.dll - ok
20:29:13.0978 0x0fdc  [ D790CBCB9C38320B4438D697AA33FF55, AA37C9135CBB4DB3F8F523FF485ABB3C71403AABA94A7078811E390E3B298328 ] C:\Windows\System32\fveapi.dll
20:29:13.0978 0x0fdc  C:\Windows\System32\fveapi.dll - ok
20:29:13.0993 0x0fdc  [ 14CF2EAFCFA0BDC736BFDA130BD95EB2, F462FF5F64900F4069A55E58943FE9C9E9B25F3B0622922BA34BCB4ECC70562A ] C:\Windows\System32\bcd.dll
20:29:13.0994 0x0fdc  C:\Windows\System32\bcd.dll - ok
20:29:14.0009 0x0fdc  [ D50705D14E8C876A47FF14B999B4A6C3, 56D28EDB5F039F48DF1000FC7FB736556FF9A0A583D9A567F2533620F3A8FB96 ] C:\Windows\System32\fvecerts.dll
20:29:14.0009 0x0fdc  C:\Windows\System32\fvecerts.dll - ok
20:29:14.0025 0x0fdc  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] C:\Windows\System32\schedsvc.dll
20:29:14.0025 0x0fdc  C:\Windows\System32\schedsvc.dll - ok
20:29:14.0041 0x0fdc  [ 68CB2B575F0C67BB14590D1471285287, D3E8238CC5A63AEF556F3165F438745806A4827E627383CD0D48F09F3448EB20 ] C:\Windows\System32\ubpm.dll
20:29:14.0041 0x0fdc  C:\Windows\System32\ubpm.dll - ok
20:29:14.0058 0x0fdc  [ E04863DDDA4D5386895D316B9A26958F, 326E1DC9AB3871F86A0DBAACEC1952A5018A0440269AF84EF9129C121440CC16 ] C:\Windows\System32\ktmw32.dll
20:29:14.0058 0x0fdc  C:\Windows\System32\ktmw32.dll - ok
20:29:14.0070 0x0fdc  [ 5B9290D5540BDC461500DB84FC3606F0, 5F7DD7581C21D107A933460085C126751DA535D01878C86D9159320194EF886E ] C:\Windows\System32\CSystemEventsBrokerClient.dll
20:29:14.0071 0x0fdc  C:\Windows\System32\CSystemEventsBrokerClient.dll - ok
20:29:14.0086 0x0fdc  [ 1E10B23560C34A90A0FA6ECD26E8565F, 497927962EE856AF72DA6C3DBFA2A5F99E0EE576BFB34F75FCDD7498F75B5BC0 ] C:\Windows\System32\ProximityService.dll
20:29:14.0086 0x0fdc  C:\Windows\System32\ProximityService.dll - ok
20:29:14.0100 0x0fdc  [ 02C6DF84328E271C3F844E477CB25169, 04A345135E7150A869AC1B410B138746D53A7BE0934B748EF0C73D36E71487AF ] C:\Windows\System32\ProximityServicePal.dll
20:29:14.0100 0x0fdc  C:\Windows\System32\ProximityServicePal.dll - ok
20:29:14.0116 0x0fdc  [ 02E72187BE9329E4D9255BC5AE6D8286, F5CAF4A710052559715D2E7FBF6A6D04A83BFB31B76F8D7A758295936543E74A ] C:\Windows\System32\ProximityCommon.dll
20:29:14.0117 0x0fdc  C:\Windows\System32\ProximityCommon.dll - ok
20:29:14.0132 0x0fdc  [ DD5DF99540AB97806DF63B1494C809A8, 754575FDD0A256527B970D8EF347E2BB9FF93612294FE0604B9349FDF5CC51C6 ] C:\Windows\System32\netcfgx.dll
20:29:14.0132 0x0fdc  C:\Windows\System32\netcfgx.dll - ok
20:29:14.0148 0x0fdc  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] C:\Windows\System32\drivers\vwifimp.sys
20:29:14.0148 0x0fdc  C:\Windows\System32\drivers\vwifimp.sys - ok
20:29:14.0164 0x0fdc  [ 1EE65FEAA57FBC2050AE153D07C8DC3F, 5B3878780D3B3EE4EDA0B880E7D41949CB1D3C69937ACC56B8CDCA17014CF111 ] C:\Windows\System32\ProximityCommonPal.dll
20:29:14.0164 0x0fdc  C:\Windows\System32\ProximityCommonPal.dll - ok
20:29:14.0175 0x0fdc  [ 68DEABD4CB0CF3920D3B6CCAA36173BC, C87F86DE3E366975919D2A5722E9942F643D9B81185E06B49968D3A7BD1D76C0 ] C:\Windows\System32\taskcomp.dll
20:29:14.0175 0x0fdc  C:\Windows\System32\taskcomp.dll - ok
20:29:14.0191 0x0fdc  [ 070B4DE2729515E9F22E4AAFD7B2497C, 1353572251F10FAA92B586D5B483BD3684B86AA2292EF0D180B2E84910914624 ] C:\Windows\System32\ntmarta.dll
20:29:14.0191 0x0fdc  C:\Windows\System32\ntmarta.dll - ok
20:29:14.0207 0x0fdc  [ 9DDCA7F18983C5410DEFF79F819DF93C, CE97B4440377BFC5CA81BB600C3BD1DD9FB3951CA1EB70735F5E2050EBB74223 ] C:\Windows\System32\drivers\http.sys
20:29:14.0207 0x0fdc  C:\Windows\System32\drivers\http.sys - ok
20:29:14.0223 0x0fdc  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] C:\Windows\System32\spoolsv.exe
20:29:14.0223 0x0fdc  C:\Windows\System32\spoolsv.exe - ok
20:29:14.0239 0x0fdc  [ BA247631B40720DAEA89BEFAA4632EB6, D18B009631F89A350B9BA81B11EE49AADF9295E7CDC6B15EE61983A935551A64 ] C:\Windows\System32\PhotoMetadataHandler.dll
20:29:14.0239 0x0fdc  C:\Windows\System32\PhotoMetadataHandler.dll - ok
20:29:14.0255 0x0fdc  [ 3711306C8D1A859351D735D93090C1C0, 4FFFCB8BBDE656C5078BA890F0468556C4481FB21A1DA30803DB14461C234164 ] C:\Windows\System32\taskhost.exe
20:29:14.0255 0x0fdc  C:\Windows\System32\taskhost.exe - ok
20:29:14.0271 0x0fdc  [ BBE15881FE11BE37112F8320C41DAFB9, 5CE92563628812FF6E00556D8E2DAD6ADCAAF0F4C3B90123F1D98ED6E3BB6DAD ] C:\Windows\System32\BFE.DLL
20:29:14.0271 0x0fdc  C:\Windows\System32\BFE.DLL - ok
20:29:14.0287 0x0fdc  [ 865E3C79BB0DB64D4AB2F6BA8FF5BD2C, 4CD5500CAB1DE72F5D2E6032D7CFB0CC90166F45D1F20309FE907122DAE00813 ] C:\Windows\System32\Windows.Globalization.dll
20:29:14.0287 0x0fdc  C:\Windows\System32\Windows.Globalization.dll - ok
20:29:14.0296 0x0fdc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] C:\Windows\System32\drivers\bowser.sys
20:29:14.0297 0x0fdc  C:\Windows\System32\drivers\bowser.sys - ok
20:29:14.0315 0x0fdc  [ 398990EFC34218C3B6C4E6384502083B, CA1E756F89551B740465B01ACB2F41881CFC7BECA280299E7B78AB1A455F6DD7 ] C:\Windows\System32\msftedit.dll
20:29:14.0315 0x0fdc  C:\Windows\System32\msftedit.dll - ok
20:29:14.0331 0x0fdc  [ 6A5C1EA6E0B31B168FDE21A1FDC078C2, 7DB716456F61905F9D038FA0E518E9C416614A3F7ED990308BF6F899376FB8D2 ] C:\Windows\System32\msimg32.dll
20:29:14.0331 0x0fdc  C:\Windows\System32\msimg32.dll - ok
20:29:14.0347 0x0fdc  [ 7A1BAB2BDCF59A506588DDF58ED43E21, C7191778058E0CE498E6B21ADEA8A6928AE8B8669B2F00AB639728538ADDDA64 ] C:\Windows\System32\globinputhost.dll
20:29:14.0347 0x0fdc  C:\Windows\System32\globinputhost.dll - ok
20:29:14.0363 0x0fdc  [ ED3387CE1F9F848A3F3BAA3FCE86E315, 044706F8EFBF67CEE73FB5B406CC17815C3681B7859E8EDB59F80D3F8ADB019D ] C:\Windows\System32\ninput.dll
20:29:14.0363 0x0fdc  C:\Windows\System32\ninput.dll - ok
20:29:14.0380 0x0fdc  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] C:\Windows\System32\drivers\mpsdrv.sys
20:29:14.0380 0x0fdc  C:\Windows\System32\drivers\mpsdrv.sys - ok
20:29:14.0396 0x0fdc  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] C:\Windows\System32\MPSSVC.dll
20:29:14.0396 0x0fdc  C:\Windows\System32\MPSSVC.dll - ok
20:29:14.0409 0x0fdc  [ 0696F66E4D423793951A60562F794D14, E808E4E160C019F2F10762758F48C4565037974775CD267DF06B8B4A2CE26705 ] C:\Windows\System32\drivers\mrxsmb.sys
20:29:14.0409 0x0fdc  C:\Windows\System32\drivers\mrxsmb.sys - ok
20:29:14.0420 0x0fdc  [ DBA635C6398782C549E3BE45CF1D0411, E9806E075F401D3E7357E876C7F941F7DAFFBBEE065DC3FE556014F5D92EDAC0 ] C:\Windows\System32\drivers\mrxsmb20.sys
20:29:14.0421 0x0fdc  C:\Windows\System32\drivers\mrxsmb20.sys - ok
20:29:14.0435 0x0fdc  [ 9B95FCB49595A869F27034916382FE57, C9C98C5837D4562CF706B96C4B25AD264E3CA65BD442090F6093C235E1B7AE5E ] C:\Windows\System32\adhapi.dll
20:29:14.0435 0x0fdc  C:\Windows\System32\adhapi.dll - ok
20:29:14.0449 0x0fdc  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] C:\Windows\System32\wkssvc.dll
20:29:14.0450 0x0fdc  C:\Windows\System32\wkssvc.dll - ok
20:29:14.0474 0x0fdc  [ 5D9B166EFBA673C8221C5C97CCFB5BFE, 63F99158CB660FD4BC838B12DE1F4C2F3DAE43AF88EBC68FE73A43B62AF8D257 ] C:\Windows\System32\wcmapi.dll
20:29:14.0474 0x0fdc  C:\Windows\System32\wcmapi.dll - ok
20:29:14.0503 0x0fdc  [ 9DF590DEA96B6756CF8D73C2525797BE, 3FDF4B8794C800CD6586310A85A46F78AA0130E10712BF72CE442BC7C23715A0 ] C:\Windows\System32\wfapigp.dll
20:29:14.0504 0x0fdc  C:\Windows\System32\wfapigp.dll - ok
20:29:14.0519 0x0fdc  [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
20:29:14.0519 0x0fdc  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
20:29:14.0533 0x0fdc  [ 1F841EC579E4A3B1E3C0CE626C8F9F23, EEE376F01E4D1700B73E3ABEE212F0999ABF49D491563A8B2355A8F3AC648FD3 ] C:\Windows\SysWOW64\ntdll.dll
20:29:14.0533 0x0fdc  C:\Windows\SysWOW64\ntdll.dll - ok
20:29:14.0550 0x0fdc  [ 595653478434F2A8451EDA55CD954CED, B81A6648827D60CC2CD856344988F22A5A8570A5789F85835AA65745949EA598 ] C:\Windows\SysWOW64\kernel32.dll
20:29:14.0550 0x0fdc  C:\Windows\SysWOW64\kernel32.dll - ok
20:29:14.0565 0x0fdc  [ 55237559D07288EEEA3133451FE4F386, EF769338F34B96415F6C4E42EFA5A36493B4AD36266BCAE426835CC06039F2B8 ] C:\Windows\SysWOW64\KernelBase.dll
20:29:14.0565 0x0fdc  C:\Windows\SysWOW64\KernelBase.dll - ok
20:29:14.0578 0x0fdc  [ C7099D6A46B880EE194F7A4473D71E10, 0BCEA2731F27308DC51DE0390BA5C3190A602DDB28998AF4BE434449BFB7AA39 ] C:\Windows\SysWOW64\user32.dll
20:29:14.0579 0x0fdc  C:\Windows\SysWOW64\user32.dll - ok
20:29:14.0592 0x0fdc  [ 421D685787762BBAE821159279B3000C, 536A851E1D24F6468F6313830AB91AC4991129F8691F01606A7AE553CEF7CF7D ] C:\Windows\SysWOW64\advapi32.dll
20:29:14.0593 0x0fdc  C:\Windows\SysWOW64\advapi32.dll - ok
20:29:14.0607 0x0fdc  [ A5358F64D4EB5ABE2829981CD9734901, E7B2A7948DF9EDD9B50948B80646D325C6D4AE947D13B8834B1F1C036F57A7DC ] C:\Windows\SysWOW64\shell32.dll
20:29:14.0607 0x0fdc  C:\Windows\SysWOW64\shell32.dll - ok
20:29:14.0622 0x0fdc  [ BA0655E1856A16A14C9BC1FB27B111B9, 974BA0A5ABD08F2579B4A28DE5A8579641B4B3E40EFDFFAA3A0DD733AADE3D01 ] C:\Windows\System32\TpmTasks.dll
20:29:14.0622 0x0fdc  C:\Windows\System32\TpmTasks.dll - ok
20:29:14.0636 0x0fdc  [ 1B7F53CBD0429CC3EE15A545F5E2BF62, B2C58878E532E806F084D81191C310C5858C9D2732CAFB889EAE11864D5961F3 ] C:\Windows\System32\MrmCoreR.dll
20:29:14.0636 0x0fdc  C:\Windows\System32\MrmCoreR.dll - ok
20:29:14.0650 0x0fdc  [ F77C9F8A5F926CC77B41C45DB5ACAA26, F95C184A4F7330A47AE1F185BB200E5EF4B3C279CE5DB64E5B47E0045DBE1633 ] C:\Windows\System32\aepic.dll
20:29:14.0650 0x0fdc  C:\Windows\System32\aepic.dll - ok
20:29:14.0664 0x0fdc  [ D1A3B6C2F8F39EC7F75D03740A8112A1, CE3EC47954CCC70F78A4E49F8A585CC64B04A2B725A310034571902B663FEBED ] C:\Windows\System32\tbs.dll
20:29:14.0664 0x0fdc  C:\Windows\System32\tbs.dll - ok
20:29:14.0673 0x0fdc  [ 770D71782A90BE9C48C4310C5C35E25B, 00B9E8B04786D1E93A78F42896023AF2095D69ED70A56042B6C98EB531778779 ] C:\Windows\System32\sfc_os.dll
20:29:14.0674 0x0fdc  C:\Windows\System32\sfc_os.dll - ok
20:29:14.0688 0x0fdc  [ 73C7D1FCF6F58F3BF077FB42B0214BC0, D3C5AFACB8DCD9E8566576E8F22C7B8B5B2B8FAA65DDBD2DD8962CA3932E2408 ] C:\Windows\System32\urlmon.dll
20:29:14.0689 0x0fdc  C:\Windows\System32\urlmon.dll - ok
20:29:14.0703 0x0fdc  [ A21C6231459F4CAC212676A9367A1A68, E81DDC876AB50D483552D9440A8843C22F5C9830879FCBC17CD5F678C6A3498B ] C:\Windows\System32\iertutil.dll
20:29:14.0703 0x0fdc  C:\Windows\System32\iertutil.dll - ok
20:29:14.0717 0x0fdc  [ 2EE102DF0EDD8A1EDD3D1E9B99A91BEC, EB6256C57E4769669D9D8F1D3F36A492E65B75E1D8064550000EB8299A356356 ] C:\Windows\System32\wininet.dll
20:29:14.0717 0x0fdc  C:\Windows\System32\wininet.dll - ok
20:29:14.0731 0x0fdc  [ 2BDB085AA7ECA65D1793D150CEC960AF, EE8E25DEEC45230D85EBEFE7DC1FA7CB154427E6723AE401EA914C558B335A6B ] C:\Windows\SysWOW64\ole32.dll
20:29:14.0731 0x0fdc  C:\Windows\SysWOW64\ole32.dll - ok
20:29:14.0745 0x0fdc  [ 9DB8537C03BE40548968C445FC595753, 31BDE2BD41364DAB244C4A8143EB923C255C207190538DF1CC565C70739EA293 ] C:\Windows\SysWOW64\oleaut32.dll
20:29:14.0745 0x0fdc  C:\Windows\SysWOW64\oleaut32.dll - ok
20:29:14.0761 0x0fdc  [ 9FAC7693213C54B25D0DC48BC20686CF, 9C9485DA86EED0399A5E91EE8C687C442435C97B239424983E76E201DDF852F7 ] C:\Windows\SysWOW64\crypt32.dll
20:29:14.0761 0x0fdc  C:\Windows\SysWOW64\crypt32.dll - ok
20:29:14.0780 0x0fdc  [ 619C6E72B8433B3F67738F7E6C972A96, 2EF5F3D8E768CA2654AD004AD91818B4181BD7E77B8AC96E007C9CC9E01E39EF ] C:\Windows\SysWOW64\wintrust.dll
20:29:14.0780 0x0fdc  C:\Windows\SysWOW64\wintrust.dll - ok
20:29:14.0796 0x0fdc  [ 31D858C6F1C453AF516343758A4B2C69, 12ABCF99DD28BF35B3C224ACCFE2587BA5F4199D163224B344CDC770EED36130 ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll
20:29:14.0797 0x0fdc  C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcr90.dll - ok
20:29:14.0812 0x0fdc  [ CB1F941980DCC044542CEF180328D180, 8FB45ECA2C033032174EBC040AC0289FD25FDFA67FBE3E18D5753DFBC5F86520 ] C:\Windows\SysWOW64\gdi32.dll
20:29:14.0812 0x0fdc  C:\Windows\SysWOW64\gdi32.dll - ok
20:29:14.0828 0x0fdc  [ 6EBA4AA97BA64CEB363C1C8CE12214F9, 8DFCEF622E810C3AC2C3B0CED1303E18E3FB745460572B24722E556A5BE4E68F ] C:\Windows\SysWOW64\msvcrt.dll
20:29:14.0828 0x0fdc  C:\Windows\SysWOW64\msvcrt.dll - ok
20:29:14.0846 0x0fdc  [ 3503F1397CB9BEE0D9684A7CA4C1C315, A2F786D75653A46ED086A83CC85941DEA72F7F814325A9891F4420521BFED45D ] C:\Windows\SysWOW64\sechost.dll
20:29:14.0846 0x0fdc  C:\Windows\SysWOW64\sechost.dll - ok
20:29:14.0861 0x0fdc  [ 2294AB089A055F4621FDE40DDFAD4D7E, 5261EF53E78A3BE324609AF5A6D9E90C81B76204765118AFC53A1489992A47EC ] C:\Windows\SysWOW64\rpcrt4.dll
20:29:14.0862 0x0fdc  C:\Windows\SysWOW64\rpcrt4.dll - ok
20:29:14.0876 0x0fdc  [ D47C2645C635D42AE5C1F5B2644EA093, 8D6D0F178793EE4004C3A70F0572BCAE8B33DFFA885E56CC5EC024EA63C190F8 ] C:\Windows\SysWOW64\combase.dll
20:29:14.0876 0x0fdc  C:\Windows\SysWOW64\combase.dll - ok
20:29:14.0890 0x0fdc  [ 6CB5CFF7F48B8E226523BF2E849AA6E5, A92EEF4B85C2F246447F3061156527305D9C410B0491ED79F6FF11684CD4BD06 ] C:\Windows\SysWOW64\shlwapi.dll
20:29:14.0890 0x0fdc  C:\Windows\SysWOW64\shlwapi.dll - ok
20:29:14.0905 0x0fdc  [ 8685F31A9319FB0FA882C736783F5F5E, D772A7FEAEBC794B403EAB98C7E816DDE87A1C1F4AA7B756AA64DF117BD18085 ] C:\Windows\SysWOW64\msasn1.dll
20:29:14.0906 0x0fdc  C:\Windows\SysWOW64\msasn1.dll - ok
20:29:14.0920 0x0fdc  [ 1CF1F62F2484C996DFB99D511E18D662, F807C9B5F39F4A00101C411657DB585B5571E89D9D1B34EBEC757237E886BB9C ] C:\Windows\SysWOW64\sspicli.dll
20:29:14.0920 0x0fdc  C:\Windows\SysWOW64\sspicli.dll - ok
20:29:14.0929 0x0fdc  [ C70E652B7D507AAB25208E1602B29B89, AF903E8815CD60A23C9F91BF071A263D7B5D3202576AB92CFC30429F379DA947 ] C:\Windows\SysWOW64\cryptbase.dll
20:29:14.0929 0x0fdc  C:\Windows\SysWOW64\cryptbase.dll - ok
20:29:14.0944 0x0fdc  [ C6AD0070469803D274E1F828D637A107, F1B2F5E1448435EA6AE12E0E9C617FA940F1AB96BF5D0B7F2965698BEEBC1CFB ] C:\Windows\SysWOW64\bcryptprimitives.dll
20:29:14.0944 0x0fdc  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
20:29:14.0960 0x0fdc  [ AA21423B380157AFAA2F82E96D910E0F, 5E037AD0B3AF9D5B1A6F82BBA8026CEA8DD5C8C0AECB8ED71F1ADAA940954C5D ] C:\Windows\SysWOW64\kernel.appcore.dll
20:29:14.0960 0x0fdc  C:\Windows\SysWOW64\kernel.appcore.dll - ok
20:29:14.0975 0x0fdc  [ D1E343BC00136CE03C4D403194D06A80, 94F2543164A2CEA179EDE53E1294EE24391A59CAEFF83BA5CE9385E8E686E89C ] C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
20:29:14.0975 0x0fdc  C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe - ok
20:29:14.0990 0x0fdc  [ 8DE38AF0B0C159A6A4522051A4A69B40, 17E2EEFC686B2CF06FB09894792BF913168A4B2D7497D9EA4C55991C17594C7B ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe
20:29:14.0990 0x0fdc  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Service.exe - ok
20:29:15.0005 0x0fdc  [ D029339C0F59CF662094EDDF8C42B2B5, 934D882EFD3C0F3F1EFBC238EF87708F3879F5BB456D30AF62F3368D58B6AA4C ] C:\Windows\System32\msvcp100.dll
20:29:15.0005 0x0fdc  C:\Windows\System32\msvcp100.dll - ok
20:29:15.0021 0x0fdc  [ 366FD6F3A451351B5DF2D7C4ECF4C73A, AE3CB6C6AFBA9A4AA5C85F66023C35338CA579B30326DD02918F9D55259503D5 ] C:\Windows\System32\msvcr100.dll
20:29:15.0021 0x0fdc  C:\Windows\System32\msvcr100.dll - ok
20:29:15.0038 0x0fdc  [ 75CEE2772F755955B55A033253879D2B, 79F6EB212CF9C2FB91EDD4AFAA72EF7E9181E6A6A4D3228A6E3F721D2EC5B902 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll
20:29:15.0038 0x0fdc  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.PerformanceTuning.dll - ok
20:29:15.0055 0x0fdc  [ E2DEA77BAAAED15CA1CE0C8E017C7F2F, 0DCCEE0AE31A71CA7C3148FE6FFA404301CE8A78D4159BBE28E82970BC47212F ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll
20:29:15.0055 0x0fdc  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\device.dll - ok
20:29:15.0070 0x0fdc  [ 9DCB42905F1EBF9CEC57EE5DF0BDA965, 4C888AAD0DDE01565FD7FBB6B70A500158CF2E4CECF9ADD4AFD302A993587269 ] C:\Windows\System32\inetsrv\apphostsvc.dll
20:29:15.0070 0x0fdc  C:\Windows\System32\inetsrv\apphostsvc.dll - ok
20:29:15.0084 0x0fdc  [ 9C963A14F955AF99F6DF0C1F5FC5AF9B, 599FC69DEF21CF8BA031EBAB139A6B132D3678B980859215D40ED30C0D382447 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll
20:29:15.0085 0x0fdc  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\platform.dll - ok
20:29:15.0100 0x0fdc  [ 6B73E94F9FE82D45781B8C8A09483082, C35EEAE7457168387A7C77A315524A3703ABDE49D9F23F59057315D9249D3473 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
20:29:15.0100 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
20:29:15.0114 0x0fdc  [ 820DB03CB1D56D0016FB2136C7AB478E, 5BF8EA69F2D41E24062FBA6FED9DAB0AD24C826B7A1C6A07DD8EF7199D601B1E ] C:\Windows\System32\inetsrv\iisutil.dll
20:29:15.0114 0x0fdc  C:\Windows\System32\inetsrv\iisutil.dll - ok
20:29:15.0129 0x0fdc  [ BC83108B18756547013ED443B8CDB31B, B2AD109C15EAA92079582787B7772BA0A2F034F7D075907FF87028DF0EAEA671 ] C:\Windows\SysWOW64\msvcp100.dll
20:29:15.0130 0x0fdc  C:\Windows\SysWOW64\msvcp100.dll - ok
20:29:15.0145 0x0fdc  [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Windows\SysWOW64\msvcr100.dll
20:29:15.0145 0x0fdc  C:\Windows\SysWOW64\msvcr100.dll - ok
20:29:15.0159 0x0fdc  [ 29158B1DC3F86D4B0D6A127FE586ADFF, 03C17FA518200CE5C53AED55C5AF22D0A2D483110FB1E7EA6F990C56936570E6 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll
20:29:15.0160 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
20:29:15.0175 0x0fdc  [ DB530B4C83DC2439EA2397613C841AF4, 8ACB4700FF1A9F195E70D2FDD7326425B6197F8CD322A712080423BD973E5AF5 ] C:\Windows\SysWOW64\version.dll
20:29:15.0175 0x0fdc  C:\Windows\SysWOW64\version.dll - ok
20:29:15.0186 0x0fdc  [ ACEF41504E13FCDB2A75209D032A708C, D167DFF5AF4F70250AE22CA0D8190CDC64B255C6ADC15B2D07C7B80A96D3D1D9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll
20:29:15.0186 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
20:29:15.0202 0x0fdc  [ B0AEE5428D90D439AA4C4935B53B144C, 010D37DA5A18F124F9ECD7B56C4D753F94AB46FA81E80DACCA22277B28EBE905 ] C:\Windows\System32\inetsrv\nativerd.dll
20:29:15.0203 0x0fdc  C:\Windows\System32\inetsrv\nativerd.dll - ok
20:29:15.0219 0x0fdc  [ D387243179DCA6FCC252B2BCB216C7BF, 1161E64ED53EB04FE5CE4E39BDB821FA96FF759472DE437DECBF1A6FC80A09BB ] C:\Windows\System32\inetsrv\iisres.dll
20:29:15.0219 0x0fdc  C:\Windows\System32\inetsrv\iisres.dll - ok
20:29:15.0232 0x0fdc  [ 8FA4755F3BA513F4BAE0A2AF1BE8C5F7, 39748E6B58142793F44DDC89A0F3130022533D4BF38832B8D118915788C24461 ] C:\Windows\System32\vssapi.dll
20:29:15.0233 0x0fdc  C:\Windows\System32\vssapi.dll - ok
20:29:15.0247 0x0fdc  [ 941EDC6791A09356EEBEC309C1633CA2, 4E1F5843C96FAEE37D553D37FA25005D7412266A4E5DA47487C5420CE1F8ED42 ] C:\Windows\System32\vsstrace.dll
20:29:15.0247 0x0fdc  C:\Windows\System32\vsstrace.dll - ok
20:29:15.0261 0x0fdc  [ A7069E793D4434CC7F4E5D0AFF493939, 4E21568A4DB81549A9532FDE33F1555ABB6AC93BFD4A8D97E77C191D7BD9355C ] C:\Windows\System32\mlang.dll
20:29:15.0262 0x0fdc  C:\Windows\System32\mlang.dll - ok
20:29:15.0275 0x0fdc  [ 1E8C23B0C11090FFCB42679289855451, 908CBC925255162AFB3AF7FA2690FCD5A17E703D7CCA4C07CA78AA794DEB9155 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcp80.dll
20:29:15.0276 0x0fdc  C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcp80.dll - ok
20:29:15.0291 0x0fdc  [ D2D08C4A5EAFE12CEF7D48BC5A3CCED5, 276BB4F7E61C09EEA128B9A1E42FFDA5193C549E49C630E45A5581FD43814F25 ] C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll
20:29:15.0291 0x0fdc  C:\Windows\WinSxS\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_88dcdb0b2fb19957\msvcr80.dll - ok
20:29:15.0306 0x0fdc  [ FCB03B57E6DEAE7F83758BF8C03AD0DE, AC6F39B60932BB8679240551287B6A42AA943993FA9C1FFB68192FDC5A104AEC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll
20:29:15.0307 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
20:29:15.0321 0x0fdc  [ 8EAEB0ED23A98DE0F0C812D756E47CE9, D49AB526C0B0356AB1F778E3B6AFC4D148742942F8561C9C4C2183A649661A86 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll
20:29:15.0321 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\ASL.dll - ok
20:29:15.0336 0x0fdc  [ 7B96BF670ACC37F522CBCD3F564D2FD7, C0E74F1BBB25451CCCF88213BB041374E83B039EE3D6D6A96BA8CAF8421656C4 ] C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll
20:29:15.0336 0x0fdc  C:\Program Files\ATI Technologies\ATI.ACE\Fuel\Fuel.Container.Wlan.dll - ok
20:29:15.0353 0x0fdc  [ 428AF7FA03FF09CE1CD373ABFEBAD8A3, 43B3F6953DA33D87F58BA03295877ABA89FC9F36C0229A9D0D4A423B21629988 ] C:\Windows\SysWOW64\ws2_32.dll
20:29:15.0353 0x0fdc  C:\Windows\SysWOW64\ws2_32.dll - ok
20:29:15.0368 0x0fdc  [ A15D5424D20AAAB9189CCA44E67C4F2B, 83D42EE57971677E851E54E56345F1F148515AFC954C43DA416F53695A8B93A9 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll
20:29:15.0369 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok
20:29:15.0384 0x0fdc  [ 5760B2B5BAA3449C045B6FA222205F60, AC566245868530F6A8F80BEA9C6AB532DB2280F280CA4889C09BCCA9D057C1D4 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll
20:29:15.0384 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
20:29:15.0400 0x0fdc  [ BCE7DD8098CE6DD28EE2B0D5D5028B47, C48E1E455A0C6FC351CA2A8938C78D6D278B753FA7A621628B4E843C3A8F02FE ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll
20:29:15.0400 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok
20:29:15.0415 0x0fdc  [ 922563953E405AA9762F90778B711F77, 3DD35372DFC79F309BF419E9BF0043D1B1E00EDC47DCFF4D669416BDD5B094C5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll
20:29:15.0415 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
20:29:15.0430 0x0fdc  [ 64A5D80882CF405F515A1A1D3F136B6A, 954ECB5540F3DCDABCB4BDC738B2AB0ADC063E78F376247E5650DCA9C2B9F504 ] C:\Windows\SysWOW64\nsi.dll
20:29:15.0431 0x0fdc  C:\Windows\SysWOW64\nsi.dll - ok
20:29:15.0439 0x0fdc  [ 8A606C90276DCAC67F3D45A0A235ECD6, A6D717D28153C277CA1002A6AF901C7CCABAA1C8FF95D11751FC7B774D1AFE16 ] C:\Windows\SysWOW64\winmm.dll
20:29:15.0440 0x0fdc  C:\Windows\SysWOW64\winmm.dll - ok
20:29:15.0456 0x0fdc  [ 54023DF1A9A7D481B4762B09ECCA330F, 271B46804B2E944B7ABF707939CB498AE78B0EE6DDCE318E26BE0C7BA826DFA3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll
20:29:15.0456 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\icudt49.dll - ok
20:29:15.0471 0x0fdc  [ B232087914F1D97B79B712AF4CBF4AEF, 41068262D1440C6C03DB0FE32576A411FA6CBABDA9CF1912CBD823442DCE9EE5 ] C:\Windows\SysWOW64\winmmbase.dll
20:29:15.0471 0x0fdc  C:\Windows\SysWOW64\winmmbase.dll - ok
20:29:15.0486 0x0fdc  [ A56878CE81935A6E3269C1B1669F9354, 03E2544B3ED333FC735E2F49118BDA4F2DB2FA1E2AFCA58E344C970173F6A511 ] C:\Windows\SysWOW64\cfgmgr32.dll
20:29:15.0486 0x0fdc  C:\Windows\SysWOW64\cfgmgr32.dll - ok
20:29:15.0499 0x0fdc  [ E494AC90229C06ADB8ACC8D20A3F27CB, 2DDBA644739D3FC43C2444C104452E992B0D3FD6E3E2DB36C9496BEF52E8E6E0 ] C:\Windows\SysWOW64\devobj.dll
20:29:15.0499 0x0fdc  C:\Windows\SysWOW64\devobj.dll - ok
20:29:15.0513 0x0fdc  [ 81B57798E73112445D7F0F92315B729E, AEC06DE2D14AC63A8B23A45047D74BB5B17E09B8EB7DBEA48F11FF3AB022A093 ] C:\Windows\SysWOW64\SHCore.dll
20:29:15.0514 0x0fdc  C:\Windows\SysWOW64\SHCore.dll - ok
20:29:15.0529 0x0fdc  [ CC877931A205C47710456FFEE0BEF29D, 3A063C6B064BBE812FCB9A54AC3AFF946A86C022028B48416AB8A164953CC67E ] C:\Windows\SysWOW64\profapi.dll
20:29:15.0529 0x0fdc  C:\Windows\SysWOW64\profapi.dll - ok
20:29:15.0544 0x0fdc  [ 210E1480D89FFFC10D4E581392418C69, 85A99B3C7B9A8C7421D06CC379E14A8524D7624FB9EFFF62096034895436BCA3 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
20:29:15.0544 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
20:29:15.0560 0x0fdc  [ 2EC5693E2EE393F3A97BBB6C46D67779, 68CCECB20B55247B0DC2EF720FA8905CD039D91002D7450293BE585DF926462B ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll
20:29:15.0560 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
20:29:15.0574 0x0fdc  [ C500954647E81A00700D3767C2B3CC4B, C8B9BD1EF3BC4B9CC4DF9AC11752CDB750276DDF823F7FFD9791E182DEA821F1 ] C:\Windows\SysWOW64\setupapi.dll
20:29:15.0575 0x0fdc  C:\Windows\SysWOW64\setupapi.dll - ok
20:29:15.0589 0x0fdc  [ BD9306F715EA9B959EDB892614F6D581, C654ADB865FA1254FA0081D1DAAB47FCF91DA5EA7AD83CFB062DACF951639EC5 ] C:\Windows\SysWOW64\userenv.dll
20:29:15.0589 0x0fdc  C:\Windows\SysWOW64\userenv.dll - ok
20:29:15.0604 0x0fdc  [ 3510BDECCBCCFC97A5238BE65CE1EC42, EA678D5BA9CF4990628327A2C3765AFB5BC13139360660B04A755683C07EC6ED ] C:\Windows\SysWOW64\wsock32.dll
20:29:15.0605 0x0fdc  C:\Windows\SysWOW64\wsock32.dll - ok
20:29:15.0619 0x0fdc  [ 9EE220DEE3DA294D3815E2D4EB56A7D9, B6537D24229797ACD5BDDA7D69463F26706B2AF71DC9B8C3962B4C2DAF5733B0 ] C:\Windows\SysWOW64\wtsapi32.dll
20:29:15.0619 0x0fdc  C:\Windows\SysWOW64\wtsapi32.dll - ok
20:29:15.0633 0x0fdc  [ 062373995EAE5F0EAC9EAA9192136BFB, 0392D5656BD677C4C5CB74C96E7B85B0867F2535A37950AEC7F5C4A1A70D19AE ] C:\Windows\SysWOW64\dnssd.dll
20:29:15.0633 0x0fdc  C:\Windows\SysWOW64\dnssd.dll - ok
20:29:15.0649 0x0fdc  [ 00BF725BFD0FE84EB196E9F45DAC091B, 7F1158E9BFC9581B29D5BDF6CA8E39474E9E3DB14629D50AC02FD3CB310C57C3 ] C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe
20:29:15.0649 0x0fdc  C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe - ok
20:29:15.0664 0x0fdc  [ 5B4FF009D24F73F6FC6EB4870A789843, C542A72F67F667D7A83815CF434BDD12EB0C1CE03D98736862CCD763230BFDE5 ] C:\Windows\SysWOW64\mswsock.dll
20:29:15.0665 0x0fdc  C:\Windows\SysWOW64\mswsock.dll - ok
20:29:15.0680 0x0fdc  [ 01925140CF86E35FB9A9221F9784A890, 46E357E0DAA0C87EB92E1A42801B37DB4E5BC65870D77EEB33B98FBE1FA7E4A1 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll
20:29:15.0680 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
20:29:15.0696 0x0fdc  [ CCC198257901BEEA2FBF8EB1E7678356, 49171A3BDE4331F079424428D2308673F43E3F4CE6F45480C10A18FE5283F5AB ] C:\Windows\SysWOW64\wininet.dll
20:29:15.0696 0x0fdc  C:\Windows\SysWOW64\wininet.dll - ok
20:29:15.0705 0x0fdc  [ 725AB72D5DD462F2EDAF1A6C59C8CFB5, 2420B0D7D132444E79B646787B1B6D89F45C6188E03FC1A4467B154D4774EFC3 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
20:29:15.0705 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll - ok
20:29:15.0721 0x0fdc  [ CDF56764B26A7B88587FAB271F827B13, 637E34CFC0AEE209E712B677E940271051D54C3425B1B756B1AB0ED36482FCB8 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll
20:29:15.0721 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
20:29:15.0736 0x0fdc  [ 084FB28A790685F32A6D7D003777696D, A7227798EA4F4D069F9D560A8B699AA2E12603363FA89BC24EB86EB76AA7B7F6 ] C:\Windows\SysWOW64\iertutil.dll
20:29:15.0736 0x0fdc  C:\Windows\SysWOW64\iertutil.dll - ok
20:29:15.0750 0x0fdc  [ ACBA82820AF2B51B31969A0570A993F7, CCE1DB7255B3C0D1B3001EE8BFA322E25F1C955446F6A91B5DB3506803FD7462 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
20:29:15.0750 0x0fdc  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
20:29:15.0765 0x0fdc  [ 4EDB186C455CDEADA24A708AAB884AE3, 836B3176A4A1B57F89D5B950BDA2F6C6F785899ED54632D8CF35DF55B364DB81 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
20:29:15.0765 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll - ok
20:29:15.0781 0x0fdc  [ 57A6362D71B5003C48EE21F2DBB624B1, E6480D1F219BF3F8E7AC8347A8C50E48632B7BBC9618EEB36DAEA1079AA770B5 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll
20:29:15.0781 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
20:29:15.0795 0x0fdc  [ 3265F568468AB87950342764F6D77E78, 62D063F00323145860C3D2E21C99A4D961E01CED0DC142089FAD25BFFC6CEFE8 ] C:\Windows\SysWOW64\winnsi.dll
20:29:15.0796 0x0fdc  C:\Windows\SysWOW64\winnsi.dll - ok
20:29:15.0809 0x0fdc  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] C:\Windows\System32\winhttp.dll
20:29:15.0809 0x0fdc  C:\Windows\System32\winhttp.dll - ok
20:29:15.0823 0x0fdc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] C:\Program Files\Bonjour\mDNSResponder.exe
20:29:15.0823 0x0fdc  C:\Program Files\Bonjour\mDNSResponder.exe - ok
20:29:15.0839 0x0fdc  [ 521ED020A6708FECA2473AF00B73FC4D, 83BAB477E38AF04EBA694B84A27C8BF914294F55B7596FBF13E6F47E68077B08 ] C:\Windows\System32\dimsjob.dll
20:29:15.0839 0x0fdc  C:\Windows\System32\dimsjob.dll - ok
20:29:15.0854 0x0fdc  [ 5CEC21295040B8FA8F26CB07D650954D, 549240C2308AFDB19561940EC3B7DC98AEF39F6655DAB8D541B2A0D4C508E70D ] C:\Windows\System32\netprofm.dll
20:29:15.0854 0x0fdc  C:\Windows\System32\netprofm.dll - ok
20:29:15.0869 0x0fdc  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] C:\Windows\System32\cryptsvc.dll
20:29:15.0869 0x0fdc  C:\Windows\System32\cryptsvc.dll - ok
20:29:15.0883 0x0fdc  [ 6AB51A84C2400F1346CCD6B65766DDCD, EA4871C90E4026618A1415F394367599C5E005D33EBD590B6C8409BCC3DD01B7 ] C:\Windows\System32\cryptcatsvc.dll
20:29:15.0883 0x0fdc  C:\Windows\System32\cryptcatsvc.dll - ok
20:29:15.0898 0x0fdc  [ ED8901D9AF4023CAD4738D3A4DF9645B, 487DE071FAC1ACB1421DF9F3C770315795BC69031AA40ABB66627574110214C7 ] C:\Windows\System32\crypttpmeksvc.dll
20:29:15.0898 0x0fdc  C:\Windows\System32\crypttpmeksvc.dll - ok
20:29:15.0913 0x0fdc  [ 8F387C2C99EE09C6E2AC316205F86A17, EC9E8AE72A21992AA118964E17090BA4503EB051273AD18185C95172F57328CE ] C:\Windows\System32\das.dll
20:29:15.0913 0x0fdc  C:\Windows\System32\das.dll - ok
20:29:15.0927 0x0fdc  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] C:\Windows\System32\dps.dll
20:29:15.0927 0x0fdc  C:\Windows\System32\dps.dll - ok
20:29:15.0941 0x0fdc  [ F50912B0A861ED396F6062E79C37A4A7, 9B53EA5A03BB664EF5343B766C760BB8A96697ED4F2A0C81A4F58C443B4BC329 ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe
20:29:15.0942 0x0fdc  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPWMISVC.exe - ok
20:29:15.0951 0x0fdc  [ 76B7BB05C1BCC11C69162FB7C2CE8901, 7BE750CD2AE40A6632E9FEFC973B8AD66B1D31B19902D53851F4A1F5AF1037F9 ] C:\Windows\System32\dasHost.exe
20:29:15.0951 0x0fdc  C:\Windows\System32\dasHost.exe - ok
20:29:15.0967 0x0fdc  [ CFE7F0267B0C3077042FF291949B5546, 7B8C432632D0210119BFF57D4994F2B8F75307A9D6867353AF93BBA3F561595B ] C:\Windows\System32\IKEEXT.DLL
20:29:15.0968 0x0fdc  C:\Windows\System32\IKEEXT.DLL - ok
20:29:15.0982 0x0fdc  [ 234F79CD1226D634BBC6B154E4CC7A44, 5BD370BFEBD9D583C3D4AA556FEF3716220362917C78058909470B096A30B1DC ] C:\Windows\System32\vpnikeapi.dll
20:29:15.0982 0x0fdc  C:\Windows\System32\vpnikeapi.dll - ok
20:29:15.0997 0x0fdc  [ 3E28B99198B514DFEB152EACF913025E, 6C1D8353DCD5F811F39C0C3CB5DF3D2457F0D17EE80FB06196AA169E3D19E9B2 ] C:\Windows\System32\drivers\mrxsmb10.sys
20:29:15.0997 0x0fdc  C:\Windows\System32\drivers\mrxsmb10.sys - ok
20:29:16.0012 0x0fdc  [ B5D37852D666E863E8051C1001548328, 45F044C4E4FAE84CD43F1D016A24BB7B8BBFC2534E610973A53B8AB5C5969043 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe
20:29:16.0012 0x0fdc  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlservr.exe - ok
20:29:16.0026 0x0fdc  [ 4B76E621AFB97D0441F36978611A961C, 620C211E83325C609961413815BF301C10A3C00C57B7FA9E34A103CA1EE25EF1 ] C:\Windows\SysWOW64\apphelp.dll
20:29:16.0027 0x0fdc  C:\Windows\SysWOW64\apphelp.dll - ok
20:29:16.0041 0x0fdc  [ C041B668951D6D548C2F54C5A3DAA3E0, 669FF54D8E2F9B512CADC9902E357E9FB783236A158FD465C6BD8B976D5D9E11 ] C:\Windows\apppatch\AcRes.dll
20:29:16.0041 0x0fdc  C:\Windows\apppatch\AcRes.dll - ok
20:29:16.0056 0x0fdc  [ 6F531F98B8601A9E7A93F8FEC393E2D1, 00EAD4B89DA64A1F87511F7B2B940995EC6A6EF87D07684B849B681CE44D9362 ] C:\Windows\System32\pcaui.exe
20:29:16.0056 0x0fdc  C:\Windows\System32\pcaui.exe - ok
20:29:16.0071 0x0fdc  [ C406D128000E75E6D723CBDB6052211C, BBD6FF572B0F665D8A67FB102E9D2F7AD8A889027B6ED5B83567098D343BFAAC ] C:\Windows\apppatch\AcXtrnal.dll
20:29:16.0071 0x0fdc  C:\Windows\apppatch\AcXtrnal.dll - ok
20:29:16.0080 0x0fdc  [ A58E3C42883F36D743F9BE9B21BFC990, FE98BCA2B98568FD18B8E7F16CA8D258B71DA3D2DDED131712E066F51173B104 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll
20:29:16.0080 0x0fdc  C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcr80.dll - ok
20:29:16.0096 0x0fdc  [ C5928ACC75D5684516860CC7DD20A971, 14815B991507A466F63F83E71CDB4F4475B5F7FE049C45EDDAF18B423F6BB818 ] C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcp80.dll
20:29:16.0096 0x0fdc  C:\Windows\WinSxS\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.8428_none_d08a11e2442dc25d\msvcp80.dll - ok
20:29:16.0111 0x0fdc  [ D5AFE08B548AF0E80B0C6E421D81475C, 30754FECFC8319CF3B8497AFCA9FB4524E7723BDE3228920F57393BD868748B0 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlos.dll
20:29:16.0112 0x0fdc  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlos.dll - ok
20:29:16.0127 0x0fdc  [ 411201FFB3882554D5B833E6EC2EC649, 0F6C306BB5B7D6090DAAAD831DCDBCB4E267A448155F5BF24C757EA1497096B1 ] C:\Windows\SysWOW64\pdh.dll
20:29:16.0128 0x0fdc  C:\Windows\SysWOW64\pdh.dll - ok
20:29:16.0142 0x0fdc  [ E572557FD4CA855642A0B26CC9F3C788, 891D833853FB1CDEB57E6FBDF985360DADC7CB7642AD7A0107C15119CAD40C6E ] C:\Windows\SysWOW64\secur32.dll
20:29:16.0142 0x0fdc  C:\Windows\SysWOW64\secur32.dll - ok
20:29:16.0156 0x0fdc  [ B88613BE5B9939BD5DD63F9E196413AD, 1501A1CC224A194C440372392D4F9305944F6725F3B7BD849476197AA0839137 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\opends60.dll
20:29:16.0157 0x0fdc  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\opends60.dll - ok
20:29:16.0171 0x0fdc  [ A5BD16CF06D4ECB6445BFCAC9C0A366F, 07283D52AE5FB402A0155DCAD2141180D55C840F4E872C03F9F13EA66BADD719 ] C:\Windows\SysWOW64\netapi32.dll
20:29:16.0171 0x0fdc  C:\Windows\SysWOW64\netapi32.dll - ok
20:29:16.0187 0x0fdc  [ 0FB5AA33D26F7212963D832083CD0C5C, A5DDCD9B315A96631C7AE32CF79455DCAC48F2B5C3916153E252D99A19451A14 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\batchparser.dll
20:29:16.0187 0x0fdc  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\batchparser.dll - ok
20:29:16.0202 0x0fdc  [ 0E9317A95DD3E678AFCD457DAAD01DA5, E5790F6E2F526CE67C4DEE6277AEF29AD71ACC6C75FC865F96C9E9A86E693D0E ] C:\Windows\SysWOW64\netutils.dll
20:29:16.0202 0x0fdc  C:\Windows\SysWOW64\netutils.dll - ok
20:29:16.0211 0x0fdc  [ 522BF7088E69948A20DD5C89D359B2C4, 20949159376225C7DB8B4CBBA1F0C06113E2DED7369B59329AF00D3295BC627B ] C:\Windows\SysWOW64\srvcli.dll
20:29:16.0211 0x0fdc  C:\Windows\SysWOW64\srvcli.dll - ok
20:29:16.0225 0x0fdc  [ 46DAF6EFC4D7E1C8AC9E0179EFB4B3A9, 13FA959D4D82336A22A118EFC6B59E4F64B90AF0FDEB7FD10ACF0C2556AB4D44 ] C:\Windows\SysWOW64\wkscli.dll
20:29:16.0225 0x0fdc  C:\Windows\SysWOW64\wkscli.dll - ok
20:29:16.0239 0x0fdc  [ 2A2104AF3487D47A8B577A9BE0665D33, F314B3ED065D3D12742D638F8AD8C0199AE470F5BEA2CF131A0E7D157C6CB83A ] C:\Windows\SysWOW64\logoncli.dll
20:29:16.0239 0x0fdc  C:\Windows\SysWOW64\logoncli.dll - ok
20:29:16.0254 0x0fdc  [ A76A00A5244DA1CE40DE8BFBAD1E2C4E, F5035080E7629D0A0568F4F36F171D548331B99415A8EDC925FFE9401FB0D864 ] C:\Windows\SysWOW64\samcli.dll
20:29:16.0254 0x0fdc  C:\Windows\SysWOW64\samcli.dll - ok
 
End of Part 4

  • 0

Advertisements

#11
Spencer4134
Posted 12 August 2014 - 09:03 PM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

TDSSKiller Part 5:

 

 
20:29:16.0269 0x0fdc  [ 52EF8037A22F0EB0083AA29EAC706495, 31E4790C685DF7530E8E6A50CE73651144C51F82D91985D4F48F4B8696499122 ] C:\Windows\SysWOW64\psapi.dll
20:29:16.0269 0x0fdc  C:\Windows\SysWOW64\psapi.dll - ok
20:29:16.0282 0x0fdc  [ E31E4E9F644FBFE79DCA532D9781F71D, 8A06B14C315A0E9E1366A4AEF63FD61D7DFCB89680E551A704E3CB4EDA6C0A56 ] C:\Program Files (x86)\Microsoft SQL Server\100\Shared\instapi10.dll
20:29:16.0282 0x0fdc  C:\Program Files (x86)\Microsoft SQL Server\100\Shared\instapi10.dll - ok
20:29:16.0298 0x0fdc  [ B0FF455B1ED1BF859D24ACDB0855B985, 6F8A0EF39D01E9AF880A03E5BBCE105FF82EC49CBFCCFDAB1561FB17DFAC4D58 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlboot.dll
20:29:16.0298 0x0fdc  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlboot.dll - ok
20:29:16.0314 0x0fdc  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] C:\Windows\System32\drivers\Ndu.sys
20:29:16.0314 0x0fdc  C:\Windows\System32\drivers\Ndu.sys - ok
20:29:16.0328 0x0fdc  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] C:\Windows\System32\nlasvc.dll
20:29:16.0328 0x0fdc  C:\Windows\System32\nlasvc.dll - ok
20:29:16.0342 0x0fdc  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] C:\Windows\System32\pcasvc.dll
20:29:16.0343 0x0fdc  C:\Windows\System32\pcasvc.dll - ok
20:29:16.0357 0x0fdc  [ 2C4965FA375C7C2C1FBD18EFD75F61CF, 5E9870E2034272F0CA7661DA6AD49D90E5D62F5DF5AF1B873342DA65DE193630 ] C:\Windows\SysWOW64\cscapi.dll
20:29:16.0357 0x0fdc  C:\Windows\SysWOW64\cscapi.dll - ok
20:29:16.0372 0x0fdc  [ 080A55A56119B0EFFA809565A32ED8C3, 3C1A7315F38258EAF34B9C243244314C587A23EB614DA20D39CFF9DD6B883263 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\Resources\1033\sqlevn70.rll
20:29:16.0372 0x0fdc  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\Resources\1033\sqlevn70.rll - ok
20:29:16.0387 0x0fdc  [ 0ECEE590F2E2EF969FB74A6FC583A1E6, 1C611D9225C863CF32125F684B324C58BDE1942F4F283F5674133200AC505D44 ] C:\Windows\System32\drivers\PEAuth.sys
20:29:16.0387 0x0fdc  C:\Windows\System32\drivers\PEAuth.sys - ok
20:29:16.0404 0x0fdc  [ 380AA537624F698F4C51C55806D30E69, D27FC209A99E4EE175659590AD5CFD543D77667C0F0D2BC12535EA1E34C88430 ] C:\Windows\System32\ncsi.dll
20:29:16.0404 0x0fdc  C:\Windows\System32\ncsi.dll - ok
20:29:16.0418 0x0fdc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
20:29:16.0419 0x0fdc  C:\Windows\System32\drivers\secdrv.sys - ok
20:29:16.0433 0x0fdc  [ 90B06AD0BA271ABDD56A77040B39C525, 8838337E09B4555FBD165EB02119B3DE5BC074E33D1A9D39FFFB82B0402F12AE ] C:\Windows\System32\ssdpapi.dll
20:29:16.0433 0x0fdc  C:\Windows\System32\ssdpapi.dll - ok
20:29:16.0448 0x0fdc  [ 6D65985945B03CA59B67D0B73702FC7B, B491EEFBCA2BB1145047AAF6A2DA02B012F3530F8B9306425486462358BD82CA ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
20:29:16.0449 0x0fdc  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe - ok
20:29:16.0458 0x0fdc  [ 716059F37BCCB1ABEDE99EBE82E8E362, 05F27B0FABBBC0E324F06D20ABEF51EDA3316C9F7F85C1AD24639CD6DE1BC8AC ] C:\Windows\System32\drivers\srvnet.sys
20:29:16.0458 0x0fdc  C:\Windows\System32\drivers\srvnet.sys - ok
20:29:16.0472 0x0fdc  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] C:\Windows\System32\wiaservc.dll
20:29:16.0473 0x0fdc  C:\Windows\System32\wiaservc.dll - ok
20:29:16.0488 0x0fdc  [ 41CF802064F72E55F50CA0A221FD36D4, 70ABCDF9E96611E8C83042C581575E26649FE479475E8E118CD3FF6CB1C84C3F ] C:\Windows\System32\drivers\tcpipreg.sys
20:29:16.0488 0x0fdc  C:\Windows\System32\drivers\tcpipreg.sys - ok
20:29:16.0503 0x0fdc  [ 3DA26652B12E9AB43FD04976AC6DFD33, DEFE220D86197949E97342FE3487CD6A07DD2FFAF6D17A7C65419C2C1B9D1AB5 ] C:\Windows\System32\sysmain.dll
20:29:16.0503 0x0fdc  C:\Windows\System32\sysmain.dll - ok
20:29:16.0518 0x0fdc  [ 9D519CCC49EBEF2AB0F3282C097B141B, D1C88FA2DBD3D20C3FA5EB39472F49E5F43F9FC3C6B01B487FD8D31C963F756C ] C:\Windows\SysWOW64\cryptsp.dll
20:29:16.0518 0x0fdc  C:\Windows\SysWOW64\cryptsp.dll - ok
20:29:16.0532 0x0fdc  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] C:\Windows\System32\wbem\WMIsvc.dll
20:29:16.0532 0x0fdc  C:\Windows\System32\wbem\WMIsvc.dll - ok
20:29:16.0547 0x0fdc  [ FD163F487CBA9C98AFFEB546C80F49A2, 18DAAD173C0517F7BBF5D0C914302D98931E3BA6DAA36DC91D8DB0743EC40563 ] C:\Windows\System32\drivers\srv2.sys
20:29:16.0547 0x0fdc  C:\Windows\System32\drivers\srv2.sys - ok
20:29:16.0561 0x0fdc  [ 68516BC692B58959933B5029747F2A2A, 2984B01D549168AAEE6B7699D7AD76E9D7598C8EBC4631AADCB9FF7EC8D2A89B ] C:\Windows\SysWOW64\rsaenh.dll
20:29:16.0561 0x0fdc  C:\Windows\SysWOW64\rsaenh.dll - ok
20:29:16.0576 0x0fdc  [ 9281FA6B56D3B7A64CB140CE310686DE, D0854FA97D8C25A7F1308A7F46CA32BAFDE568C645B99F650E33C74A9888EA19 ] C:\Windows\SysWOW64\bcrypt.dll
20:29:16.0576 0x0fdc  C:\Windows\SysWOW64\bcrypt.dll - ok
20:29:16.0592 0x0fdc  [ 8245D8290D263BB655E15C5FEFE8B8A8, 536D94DED5328BAD1DF33BED09527FAB60F5AE5F5C28D3C1BD53EF995A832485 ] C:\Windows\SysWOW64\browcli.dll
20:29:16.0592 0x0fdc  C:\Windows\SysWOW64\browcli.dll - ok
20:29:16.0606 0x0fdc  [ 7A6B4C081B14750EE46CDB971589F961, 7872065076294A9085A84675E5E9885800E5569EDA1B6A8779125907738C9741 ] C:\Windows\SysWOW64\authz.dll
20:29:16.0606 0x0fdc  C:\Windows\SysWOW64\authz.dll - ok
20:29:16.0620 0x0fdc  [ 84F20198CAE435DE32ABDB4511550BD7, 89D1F58963BEFE5FE26E03292242F85F7D36731B9A177266B7B036E2C921594B ] C:\Windows\SysWOW64\mscoree.dll
20:29:16.0621 0x0fdc  C:\Windows\SysWOW64\mscoree.dll - ok
20:29:16.0636 0x0fdc  [ 8157346BD7FB8CE8D9B7D75436F44177, 3A8686E32A131749442E3A1F85FAFE56EB971DE8EBDDB91F8505506AFF3FF9C8 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
20:29:16.0636 0x0fdc  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
20:29:16.0649 0x0fdc  [ 2D426C1E984FFDDB240AB4D4B842838B, EECECC7D6DB1E59CABC6B1293FA12A0FD548DB7DE7CDD1A49D828832DCDA6DE3 ] C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll
20:29:16.0650 0x0fdc  C:\Program Files\Microsoft SQL Server\90\Shared\sqlwvss.dll - ok
20:29:16.0665 0x0fdc  [ 6E49FFDFBAC4AC6CB45238C67E3E15F2, AC2EC3D322E9227CD8C7637444D86F5737175BED5C770805A1782ED47BBCE50D ] C:\Windows\System32\wiatrace.dll
20:29:16.0665 0x0fdc  C:\Windows\System32\wiatrace.dll - ok
20:29:16.0679 0x0fdc  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] C:\Windows\System32\trkwks.dll
20:29:16.0679 0x0fdc  C:\Windows\System32\trkwks.dll - ok
20:29:16.0694 0x0fdc  [ 536175601D6FDA57917D18D21476915A, 3482E67616FACA092128498829B726791A921A40281ECBA00484375B89E93FA7 ] C:\Windows\System32\wsdchngr.dll
20:29:16.0695 0x0fdc  C:\Windows\System32\wsdchngr.dll - ok
20:29:16.0709 0x0fdc  [ C5784EFEEADA38050706FF368B6DD21F, 29515E525E4B21F90557E919BD9E7FE568AE0C11166E7A798871611FCA20A83D ] C:\Windows\System32\deviceassociation.dll
20:29:16.0709 0x0fdc  C:\Windows\System32\deviceassociation.dll - ok
20:29:16.0720 0x0fdc  [ 527429623E2A20C53DB246C51E6F2726, C3B714A70D58A2F31B6D3CB9527FF007E23D49A49EED4DF5F75BBE1BDA01D571 ] C:\Windows\System32\wbemcomn.dll
20:29:16.0720 0x0fdc  C:\Windows\System32\wbemcomn.dll - ok
20:29:16.0733 0x0fdc  [ 46378ECCB4A29AA81BF296641C2501EF, 5AB79BD824C00EF1338FDB8450692318AB14E0AE4145C30B37136767DFC1E4F9 ] C:\Windows\System32\srvsvc.dll
20:29:16.0733 0x0fdc  C:\Windows\System32\srvsvc.dll - ok
20:29:16.0748 0x0fdc  [ 830445350C7CDEC426FA5E1F9E1B0DAD, D32B25C7E7F093718DCA6E5BD348F3A2C2F4EAF95C4B4F59096B792B4C47D2FD ] C:\Windows\System32\sscore.dll
20:29:16.0748 0x0fdc  C:\Windows\System32\sscore.dll - ok
20:29:16.0766 0x0fdc  [ B801371569B9E310BBD068E21D486F1A, 9A98B5ABD1918BE548A4239B4C25C1604FDAE85D865DBE16F2E415399A09707D ] C:\Windows\System32\fundisc.dll
20:29:16.0766 0x0fdc  C:\Windows\System32\fundisc.dll - ok
20:29:16.0813 0x0fdc  [ 16BF6ADAED1427A7AF08125DD14BA52C, BE50645151FB85FA044FF29A23ADA5E46001A42ACD0BF204B9AE377CC78AD5DB ] C:\Windows\System32\fdPnp.dll
20:29:16.0813 0x0fdc  C:\Windows\System32\fdPnp.dll - ok
20:29:16.0828 0x0fdc  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] C:\Windows\System32\drivers\srv.sys
20:29:16.0828 0x0fdc  C:\Windows\System32\drivers\srv.sys - ok
20:29:16.0846 0x0fdc  [ 3A8A50121A2600AEC63E4713AF6F25E7, 16D93213978146DFAEA42DAB1F62BD450E379C695D8AF285EF3BB71E245A0309 ] C:\Windows\System32\sscoreext.dll
20:29:16.0846 0x0fdc  C:\Windows\System32\sscoreext.dll - ok
20:29:16.0863 0x0fdc  [ 056A7F991CCBDACB5A132419FA244C3E, DD979234DAD651999617EA4721679D2D9B12CF2B82F228448CE3E893066EBAB0 ] C:\Windows\System32\mi.dll
20:29:16.0863 0x0fdc  C:\Windows\System32\mi.dll - ok
20:29:16.0879 0x0fdc  [ E8E50E7703204AE06C6B5FEFE2F701E7, BFAA008194FE873F6EE36FD769CC8202F9C55C41B02098B96EB6CCF127587363 ] C:\Windows\System32\miutils.dll
20:29:16.0879 0x0fdc  C:\Windows\System32\miutils.dll - ok
20:29:16.0895 0x0fdc  [ 38DF4E3D3559F58793E70ED8093A6F2B, F20F4ABA2EC8F8AE488B029D002347356D5607E1C0507DECD2E66D942441D928 ] C:\Windows\System32\wmidcom.dll
20:29:16.0895 0x0fdc  C:\Windows\System32\wmidcom.dll - ok
20:29:16.0909 0x0fdc  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] C:\Windows\System32\iphlpsvc.dll
20:29:16.0909 0x0fdc  C:\Windows\System32\iphlpsvc.dll - ok
20:29:16.0925 0x0fdc  [ 95471DDCB3B3FF70015FD9AA13404F44, B8476161CA49B94BF89C64E9ACF961992FDE0B09525B749984E6093CFAADDEF8 ] C:\Windows\System32\resutils.dll
20:29:16.0925 0x0fdc  C:\Windows\System32\resutils.dll - ok
20:29:16.0940 0x0fdc  [ 7B3255A0B833908E4A7ACEA6245D344E, 1C45CF35F64ED2C5FFD5B731F6358CFA8DF71AEB73D24BE4D7FFA95A07FB4F06 ] C:\Windows\System32\clusapi.dll
20:29:16.0940 0x0fdc  C:\Windows\System32\clusapi.dll - ok
20:29:16.0955 0x0fdc  [ 70DAA70A39D15868A0DDEDC46B7A823F, 8AAE9195D41BB14C51EDC9C5D011CE6EE28C6960A52D8AB1CA8B386858715C54 ] C:\Windows\System32\httpprxm.dll
20:29:16.0956 0x0fdc  C:\Windows\System32\httpprxm.dll - ok
20:29:16.0964 0x0fdc  [ 1B8B4F73EE08B5A6EC5A70C96DA90667, 0C93947BC6326D1DC044D8A8198EF81B053EA2131E1F3217AAA050F456140E70 ] C:\Windows\System32\adhsvc.dll
20:29:16.0964 0x0fdc  C:\Windows\System32\adhsvc.dll - ok
20:29:16.0978 0x0fdc  [ F9D908DE6B166DAC9B89BF62FA291CE8, D0A918AD60221623BB0278EA94CD6938744617FDBB2054968AFAFC2940648F02 ] C:\Program Files\Bonjour\mdnsNSP.dll
20:29:16.0979 0x0fdc  C:\Program Files\Bonjour\mdnsNSP.dll - ok
20:29:16.0988 0x0fdc  [ 80D6B89F62395284E3CE5DE2E5F4D6A0, C40E1A61DCADE4EE3FF8F50489BBB4C9053F47B3EAE76022694C08CC44B64D4F ] C:\Windows\System32\webio.dll
20:29:16.0988 0x0fdc  C:\Windows\System32\webio.dll - ok
20:29:17.0003 0x0fdc  [ E372BBF897005442ECEB7843CEB394D2, 25EDE9135ECDBE26E1D07DA1292081532474B743F69E75AC895850A70B78AC58 ] C:\Windows\System32\rasadhlp.dll
20:29:17.0003 0x0fdc  C:\Windows\System32\rasadhlp.dll - ok
20:29:17.0017 0x0fdc  [ 4BA57ED44973409C15406EE0CAD58778, 1110AA8A14D5AE41E37F1C9E519C143DCA31E6797525861E40B14EE723588912 ] C:\Windows\System32\sqmapi.dll
20:29:17.0018 0x0fdc  C:\Windows\System32\sqmapi.dll - ok
20:29:17.0032 0x0fdc  [ 6E98157791491AEBF64B1392293E48A7, 89E6499C150341730113DBA193C0F778FC809E3AAE49A9227FC11A026DACD5EE ] C:\Windows\System32\nci.dll
20:29:17.0032 0x0fdc  C:\Windows\System32\nci.dll - ok
20:29:17.0046 0x0fdc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] C:\Windows\System32\drivers\tunnel.sys
20:29:17.0046 0x0fdc  C:\Windows\System32\drivers\tunnel.sys - ok
20:29:17.0061 0x0fdc  [ 5FE61B0E223FAC7316526A7B588E9F2D, 5AA77AA71A3BD0E0A6AB64A0771E51D3B1055A8D20D2A328C6BF77747633660B ] C:\Windows\System32\wdscore.dll
20:29:17.0061 0x0fdc  C:\Windows\System32\wdscore.dll - ok
20:29:17.0076 0x0fdc  [ 218F874A78CB670172280A39A58B8F8A, F5DFBC4502FBA2FB430C578744040C88129C94A3E8468227120B692D20907D22 ] C:\Windows\System32\winrnr.dll
20:29:17.0076 0x0fdc  C:\Windows\System32\winrnr.dll - ok
20:29:17.0090 0x0fdc  [ F916298AF3C6AC9887427E545C7E3A69, 5B346CED483C70A8B3A1B54E342D0522225CF56A5260AC5FF9C02324D9605B6D ] C:\Windows\System32\pnrpnsp.dll
20:29:17.0090 0x0fdc  C:\Windows\System32\pnrpnsp.dll - ok
20:29:17.0105 0x0fdc  [ 4CD5B246B2DB81DC403B7C9041456B0E, 333D19A56324AC3916B93DCD51EF3AFAD15256754EC306F0BE308B55352C1B37 ] C:\Windows\System32\NapiNSP.dll
20:29:17.0105 0x0fdc  C:\Windows\System32\NapiNSP.dll - ok
20:29:17.0120 0x0fdc  [ E90A3C2460984362BE38F572842C890A, 11EB6472B843FCF4CCDAA9C67EBDA071748AAE50C3D150C13143C6F90A352078 ] C:\Windows\System32\activeds.dll
20:29:17.0120 0x0fdc  C:\Windows\System32\activeds.dll - ok
20:29:17.0135 0x0fdc  [ E7CD6B5449030F4F9B29C742664B63B3, 290C95E4865E4F72EB849C458F8AE76BB31F86D20C9C02D2BDF075CA653D6E12 ] C:\Windows\System32\adsldpc.dll
20:29:17.0135 0x0fdc  C:\Windows\System32\adsldpc.dll - ok
20:29:17.0149 0x0fdc  [ 0488E461EEE18F5CFCE7C1774BBFCBB3, AE7BF9A458547DE3454958320CA97F65EF03430825117C96E53D8D53C7450E17 ] C:\Windows\System32\adsldp.dll
20:29:17.0149 0x0fdc  C:\Windows\System32\adsldp.dll - ok
20:29:17.0162 0x0fdc  [ DD02C0806C03506E03A24C984502B92B, 9CC961D4161D06F2AE49F5E98331C6D110A14DBD9255ED9C4C32A9490FB53329 ] C:\Windows\System32\secur32.dll
20:29:17.0163 0x0fdc  C:\Windows\System32\secur32.dll - ok
20:29:17.0177 0x0fdc  [ AB8DC63BB90A2A3DE13B38D8B64B4DC6, A6B9F9BD48C0EFFDB93C66F5C33607BCB32ABC1B36D183B1EF62FB9451E64585 ] C:\Windows\System32\cscapi.dll
20:29:17.0177 0x0fdc  C:\Windows\System32\cscapi.dll - ok
20:29:17.0191 0x0fdc  [ FC0B4A626881D7C5980D757214DB2D25, 0B9BC863E2807B6886760480083E51BA8A66118659F4FF274E7B73944D2219F5 ] C:\Windows\System32\cmd.exe
20:29:17.0192 0x0fdc  C:\Windows\System32\cmd.exe - ok
20:29:17.0206 0x0fdc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] C:\Windows\System32\drivers\condrv.sys
20:29:17.0206 0x0fdc  C:\Windows\System32\drivers\condrv.sys - ok
20:29:17.0215 0x0fdc  [ 3CA1EE5BE6C9D92DD672FC5A09E17AE2, B8D14953D307F7DBE6E7C8CA911FA3201AD63BEA3882F142A48E428A23DAB43A ] C:\Windows\System32\conhost.exe
20:29:17.0215 0x0fdc  C:\Windows\System32\conhost.exe - ok
20:29:17.0230 0x0fdc  [ E7CE015F89A0E54863528513BB081FDB, 953A356546F74F1240A27EC78E5D9C8E2B519F3595B54EB27483815F62F6EA55 ] C:\Windows\System32\ipconfig.exe
20:29:17.0231 0x0fdc  C:\Windows\System32\ipconfig.exe - ok
20:29:17.0245 0x0fdc  [ 722B1ED8A1C3115E0B215215FB56738D, 8528E7E9BD6A15F15D017DACDB0636A27D52F27AA1806CFFB51A89F6EED792D2 ] C:\Windows\System32\SettingSyncCore.dll
20:29:17.0245 0x0fdc  C:\Windows\System32\SettingSyncCore.dll - ok
20:29:17.0259 0x0fdc  [ 0934499394EB3D8027B8AB78C07D56CB, 83D97B1EDD425C391B686141DC3325AB653F4A6DC0F422D1B2BB2F925841507B ] C:\Windows\System32\dllhost.exe
20:29:17.0259 0x0fdc  C:\Windows\System32\dllhost.exe - ok
20:29:17.0274 0x0fdc  [ 9F0759C6D691E7030BF33105EDA2C690, 5EDDC4475FFA96287D25D203F7EA45E6D770635C1ED6532D713BD9E6C76F745E ] C:\Windows\System32\CredentialMigrationHandler.dll
20:29:17.0274 0x0fdc  C:\Windows\System32\CredentialMigrationHandler.dll - ok
20:29:17.0289 0x0fdc  [ 5878613C2E0EFB4F656DDADC452551B6, C77BA7BBBE979AE507114766681B7E9F28273DA77AC410CF5BF9C850C3469B2A ] C:\Windows\SysWOW64\winsta.dll
20:29:17.0289 0x0fdc  C:\Windows\SysWOW64\winsta.dll - ok
20:29:17.0304 0x0fdc  [ 48F25CC79C6CCFD4B776C8FDA9ED7271, 6D05A934678A8E0862C2F906FC7CAC277F30A0E187319D5D11BDE76B68C8B799 ] C:\Windows\System32\AppxAllUserStore.dll
20:29:17.0304 0x0fdc  C:\Windows\System32\AppxAllUserStore.dll - ok
20:29:17.0320 0x0fdc  [ 183360914EFC9D25E2A13D335D5E9EB8, 37A277D69DB0493410B58941D1B9C44B8C6D403AF6F31B2C47E910DF3056EF50 ] C:\Windows\System32\taskeng.exe
20:29:17.0320 0x0fdc  C:\Windows\System32\taskeng.exe - ok
20:29:17.0335 0x0fdc  [ 1D8303D3ED5F8C403984A8820E5E599A, EC63C7C6B7C07D088DE336C6148D2CEE9B130000286DA0E4C1970F9385FD72EF ] C:\Windows\System32\taskhostex.exe
20:29:17.0335 0x0fdc  C:\Windows\System32\taskhostex.exe - ok
20:29:17.0348 0x0fdc  [ 0DA4B7E7EFB6CC0546FA407DFE8C531D, 560D35A8D1CD6C645B675260267097154FB2E1D42E524B5096A2602657FB065F ] C:\Windows\System32\AtBroker.exe
20:29:17.0348 0x0fdc  C:\Windows\System32\AtBroker.exe - ok
20:29:17.0363 0x0fdc  [ 83DA4833D83D5626564B5404BD1F3A7B, B364C5F442306124F18683240D501A50D25D27416A6A4659F971E53D917C6AAD ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
20:29:17.0363 0x0fdc  C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
20:29:17.0378 0x0fdc  [ 494BB20A0251BC1315ED380687EEBAA1, 02A5ABCC313FB23086B9515F429F0CB0237F1C0E0A6094114F73C3800B46C9D8 ] C:\Windows\System32\TSChannel.dll
20:29:17.0378 0x0fdc  C:\Windows\System32\TSChannel.dll - ok
20:29:17.0393 0x0fdc  [ 6AA868B3C2A014AE76ECF53B667BF086, 51B4C02D0A48A98A3D5EF0E038BE423594A6349D5B1DDC36DE6706BA4EEF74A4 ] C:\Windows\System32\winmm.dll
20:29:17.0393 0x0fdc  C:\Windows\System32\winmm.dll - ok
20:29:17.0407 0x0fdc  [ E41C0291E2F2FDFBF2875E4473F81031, F0BE14072B7E40ACA27BDFC302C8F99B3ACDD28393339F5B4BA41075B10D6732 ] C:\Windows\System32\mpr.dll
20:29:17.0408 0x0fdc  C:\Windows\System32\mpr.dll - ok
20:29:17.0422 0x0fdc  [ 08C191B2917862BE90C33E31CB6B6D79, E8CC905FA3CF0D1A7BB631963BF7B7CCE1D4B52B8358CB76DDDBB2D442189A0B ] C:\Windows\System32\userinit.exe
20:29:17.0422 0x0fdc  C:\Windows\System32\userinit.exe - ok
20:29:17.0437 0x0fdc  [ D8EB154CC954E526970E7C56B724E659, A83E896C33FE43C24E0B077B8ED2CB86C90FF5E02BDE6CB5A588B9D6C071CA55 ] C:\Windows\System32\userinitext.dll
20:29:17.0437 0x0fdc  C:\Windows\System32\userinitext.dll - ok
20:29:17.0452 0x0fdc  [ F02A533F517EB38333CB12A9E8963773, 1F72CD1CF660766FA8F912E40B7323A0192A300B376186C10F6803DC5EFE28DF ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
20:29:17.0452 0x0fdc  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
20:29:17.0465 0x0fdc  [ 91F27BC87BEB6DFDC709FF484F64F1D4, F4D1AE178C714CA454D9447113D707AADA9E3AE3236955EE3171D071FC98F1F3 ] C:\Windows\System32\PlaySndSrv.dll
20:29:17.0465 0x0fdc  C:\Windows\System32\PlaySndSrv.dll - ok
20:29:17.0476 0x0fdc  [ 5E536FD2C9EBFB9388DD76BCC56C7232, BE0116CF45D5FE09219E6F8B4AA43EDFB717B2B323BC1ED8794DD2307D8FC3FA ] C:\Windows\System32\MsCtfMonitor.dll
20:29:17.0476 0x0fdc  C:\Windows\System32\MsCtfMonitor.dll - ok
20:29:17.0491 0x0fdc  [ 9729D3F9896B6F309DC50CE3769AC9C1, CA8BF2ADC0FFC87A1B3C5958D762010D308DC998C8727B963431FD2A6D07549A ] C:\Windows\System32\msutb.dll
20:29:17.0491 0x0fdc  C:\Windows\System32\msutb.dll - ok
20:29:17.0505 0x0fdc  [ CBCA90CF2ACE96038571ED0A7BD3D756, EF9031E493E9E1B4FBD556DA0FB2F0E89313CB8853F379AA277EE3519DED7D64 ] C:\Windows\System32\esent.dll
20:29:17.0505 0x0fdc  C:\Windows\System32\esent.dll - ok
20:29:17.0520 0x0fdc  [ 77E585EDD4C7EB7AB2ACC36BC1DC32A5, 57BF4D683CA66AAC2A4B7FEDF9F7FB254860BE77E1F4A6DD2C40410783B5C113 ] C:\Program Files (x86)\Google\Update\1.3.24.15\goopdate.dll
20:29:17.0520 0x0fdc  C:\Program Files (x86)\Google\Update\1.3.24.15\goopdate.dll - ok
20:29:17.0535 0x0fdc  [ 6180E1E88377D1A9834D98B4BF12094E, 28AE4A1C42A3515D2792B4D612F091C56C9C91153B0C500744043947A11249C3 ] C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7\comctl32.dll
20:29:17.0535 0x0fdc  C:\Windows\WinSxS\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.9600.17031_none_a9efdb8b01377ea7\comctl32.dll - ok
20:29:17.0549 0x0fdc  [ F12D8EB9E944BEB0FB4C5E4F1336401B, 9C09CE3AFB8E19851DFB6A684A759A3067263AE018C34E2CCF1E5C1F4835DC4D ] C:\Windows\System32\winmmbase.dll
20:29:17.0549 0x0fdc  C:\Windows\System32\winmmbase.dll - ok
20:29:17.0563 0x0fdc  [ 8491F03503076D67196436D29D153A2C, 6733FC235A99CC4E3564F2D8EEAF3A88F19B30BBF67CB414E54D329FE3072B06 ] C:\Windows\SysWOW64\msi.dll
20:29:17.0563 0x0fdc  C:\Windows\SysWOW64\msi.dll - ok
20:29:17.0578 0x0fdc  [ 81394C91B7B5A7C799E249AE82491F13, 17D641820B51A10F10872A609ED1E9A93EB97593ECC33BA48B049E6701A75C94 ] C:\Windows\explorer.exe
20:29:17.0578 0x0fdc  C:\Windows\explorer.exe - ok
20:29:17.0592 0x0fdc  [ 3D7B4D033FE80A86B1FC530A03A53754, F926597A11B05948282008F5A3CB959BD40C187700BE6D9B241B9334319A4274 ] C:\Windows\SysWOW64\msimg32.dll
20:29:17.0592 0x0fdc  C:\Windows\SysWOW64\msimg32.dll - ok
20:29:17.0607 0x0fdc  [ 2716EEC7A0B6016F11B0A0F8B423DBBE, C3A96C1C6DC9B98E84AF6F5173F6041FF4C6B6BDD775C011D8567E67CAE4328F ] C:\Windows\SysWOW64\uxtheme.dll
20:29:17.0607 0x0fdc  C:\Windows\SysWOW64\uxtheme.dll - ok
20:29:17.0622 0x0fdc  [ D6AE16663985EA7E81E17A1A810AC547, 550A0A765765BC3FDDDD5504FB6BA0159ED459541181F24FF7E9A5926E50621E ] C:\Windows\SysWOW64\ntmarta.dll
20:29:17.0622 0x0fdc  C:\Windows\SysWOW64\ntmarta.dll - ok
20:29:17.0636 0x0fdc  [ D6472B0CD0CE82922353CD996C1A56A2, 80372EB6EB5AFEB55A736A75A8636483D5AC134471A2F44F5BD8B3F9219DDB59 ] C:\Windows\System32\SynCOM.dll
20:29:17.0637 0x0fdc  C:\Windows\System32\SynCOM.dll - ok
20:29:17.0651 0x0fdc  [ F5033F3C6F8E706D78ACB9351EBF7B3E, 6E7C68A3BC532852860284B6D7687BE6BF1BC8F92D299A46C433F5BDCEB6F1F8 ] C:\Windows\SysWOW64\dbghelp.dll
20:29:17.0651 0x0fdc  C:\Windows\SysWOW64\dbghelp.dll - ok
20:29:17.0666 0x0fdc  [ 397D14958D6C9C2B365469A857B2AC4E, 1465D7DC50A27A2C75FFC477E8A453B0884D1E298F804233483B63A47634B7EA ] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe
20:29:17.0666 0x0fdc  C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler.exe - ok
20:29:17.0681 0x0fdc  [ F931D28F625BEB9FC7E8C6909B8DBC45, 06A28D229540F728C60DEA5E9BABA90CACE94AA8190A6A12D71783B7FE226243 ] C:\Windows\SysWOW64\msv1_0.dll
20:29:17.0681 0x0fdc  C:\Windows\SysWOW64\msv1_0.dll - ok
20:29:17.0695 0x0fdc  [ 1AAC18818613890FBBA093892E926CD8, 69B4636D214C2B9D3DDA00219BCE39B720B2C77025BC2109ED7B93BEC12EB7D8 ] C:\Windows\SysWOW64\cryptdll.dll
20:29:17.0695 0x0fdc  C:\Windows\SysWOW64\cryptdll.dll - ok
20:29:17.0712 0x0fdc  [ 775C3D06C408F4F093254B39637A6F1E, 44AB5FB5D9BF9C8CD72831208B19A4C5B8F6045651015912AB855F6247439702 ] C:\Windows\SysWOW64\kerberos.dll
20:29:17.0712 0x0fdc  C:\Windows\SysWOW64\kerberos.dll - ok
20:29:17.0724 0x0fdc  [ DA4AEA90705604A44AF5E06418A3AA79, 45D93A72CB3CC7E873760B3956BBB3C21F1A5C38D7083F43A7A373C453B13483 ] C:\Windows\SysWOW64\schannel.dll
20:29:17.0724 0x0fdc  C:\Windows\SysWOW64\schannel.dll - ok
20:29:17.0740 0x0fdc  [ 819DD1E488B32C71EDBA61618AA169C5, 9CC39DA52865F0CC55D4D2B350D6D9E639F0F2E7652B30294BE5B814D4559F0F ] C:\Windows\SysWOW64\security.dll
20:29:17.0740 0x0fdc  C:\Windows\SysWOW64\security.dll - ok
20:29:17.0754 0x0fdc  [ 2203F8DA390024C0EEF00DB8472C534D, BEC5AFEB9D3D342F3E3A827298BA358EADCD58F6E5920B3333DA6EE7E256C016 ] C:\Windows\System32\ncryptsslp.dll
20:29:17.0754 0x0fdc  C:\Windows\System32\ncryptsslp.dll - ok
20:29:17.0768 0x0fdc  [ 02959B2556E18276DE7DDE527CFCB502, 05CC7A39FF3A26640C3C9C49CD89438AF6265AB06FD3DA71411610603F228EBD ] C:\Windows\System32\ncryptprov.dll
20:29:17.0769 0x0fdc  C:\Windows\System32\ncryptprov.dll - ok
20:29:17.0782 0x0fdc  [ D9D960D70B1866A513BCBBA2FBEE6144, DB3AB9AAEFF452B6DC1ECEAFB23EEF8C5AD8AB8159F3C151CDFE06766EA992F3 ] C:\Windows\System32\dssenh.dll
20:29:17.0782 0x0fdc  C:\Windows\System32\dssenh.dll - ok
20:29:17.0799 0x0fdc  [ AB49D47E75D73B61EFBEC406AEDDD844, 6CBE00BB03FDC2FDE7238185FEDEB3A49379B2B7D843AC861A40EB81FF18DC49 ] C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlscriptupgrade.dll
20:29:17.0801 0x0fdc  C:\Program Files (x86)\Microsoft SQL Server\MSSQL10.SQLEXPRESS\MSSQL\Binn\sqlscriptupgrade.dll - ok
20:29:17.0818 0x0fdc  [ C9EEF96AFD41DD2C4E3FEE66EF217B34, 56E11E4B2C4D036D7BE56DCEA67793591FE930B8D301D05F101637AC1D4DCAD2 ] C:\Windows\System32\SynTPAPI.dll
20:29:17.0818 0x0fdc  C:\Windows\System32\SynTPAPI.dll - ok
20:29:17.0832 0x0fdc  [ 688FF87A0A328A880FBE32ABB1EE16BF, 9998D95045A2A55BC785378D5C4CC252E663FF0E9483CF1BE09DAE12195683F9 ] C:\Windows\SysWOW64\dpapi.dll
20:29:17.0832 0x0fdc  C:\Windows\SysWOW64\dpapi.dll - ok
20:29:17.0847 0x0fdc  [ F4E351BB95D473CB55BB7C1A1FEB2798, 5786F72B8147845A8852A667316D61B2918997386600C7E578F0BDC2802B1FAD ] C:\Windows\System32\AudioSes.dll
20:29:17.0847 0x0fdc  C:\Windows\System32\AudioSes.dll - ok
20:29:17.0862 0x0fdc  [ 88244F5A24F9CD98E74472FDFA827FA2, 40F2C8493A44F629A6D56D5A34721861A4CB7252FAFFD18FD33B7E895FF75F73 ] C:\Windows\SysWOW64\ncrypt.dll
20:29:17.0862 0x0fdc  C:\Windows\SysWOW64\ncrypt.dll - ok
20:29:17.0876 0x0fdc  [ 13B9417E93437480E168669EDE36298B, 6DA9F600805AF0D5C056E64387FCD17D593C7D57E1329CC90EA3ED6F13C2BF23 ] C:\Windows\SysWOW64\ntasn1.dll
20:29:17.0876 0x0fdc  C:\Windows\SysWOW64\ntasn1.dll - ok
20:29:17.0892 0x0fdc  [ 9A1190B2934CFAB102D1B62F74971A0B, 491958273AED58879BDF245789F105A68283C05E55B2CEABA9441A2E8C26E88D ] C:\Windows\System32\twinapi.dll
20:29:17.0892 0x0fdc  C:\Windows\System32\twinapi.dll - ok
20:29:17.0906 0x0fdc  [ 0E85438D4EDEE1548266F8BB22B73AAE, 04353C0FBD4223713F7070F94E9106176862F2136108199A31CE6BB87308F5C4 ] C:\Windows\SysWOW64\ntdsapi.dll
20:29:17.0906 0x0fdc  C:\Windows\SysWOW64\ntdsapi.dll - ok
20:29:17.0921 0x0fdc  [ F75B29DE2ADAB74C7CFA80C62973DE16, D7679BF28F1A9D8DD36A1DDF5A6886D9EAE0BC6098E47B9A261F8F1388E057D0 ] C:\Windows\SysWOW64\dsparse.dll
20:29:17.0921 0x0fdc  C:\Windows\SysWOW64\dsparse.dll - ok
20:29:17.0936 0x0fdc  [ D0BAD4E2BCA23BD0DC9930EE4DEA6658, 2B71B72A13DF699C4E5A9C98EF2FF13FDA82C7E6D534A0B61B2E058CB0BACA7D ] C:\Windows\System32\dafupnp.dll
20:29:17.0936 0x0fdc  C:\Windows\System32\dafupnp.dll - ok
20:29:17.0985 0x0fdc  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] C:\Windows\System32\netprofmsvc.dll
20:29:17.0985 0x0fdc  C:\Windows\System32\netprofmsvc.dll - ok
20:29:17.0998 0x0fdc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] C:\Windows\System32\wdi.dll
20:29:17.0999 0x0fdc  C:\Windows\System32\wdi.dll - ok
20:29:18.0013 0x0fdc  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] C:\Windows\System32\browser.dll
20:29:18.0013 0x0fdc  C:\Windows\System32\browser.dll - ok
20:29:18.0028 0x0fdc  [ 28C35503056748FA88499DAECF3D5557, 95CA9A24B5A782340D75A6268F8503513C4A51FDABE0897300471FD5EE78E960 ] C:\Windows\System32\npmproxy.dll
20:29:18.0028 0x0fdc  C:\Windows\System32\npmproxy.dll - ok
20:29:18.0075 0x0fdc  [ 03694A8350222AC9F0E8693986E92BE2, 44FB5A8143A5782CB2E6056B04B73CB8E967585BFBED6D98C4AB49CA5AAA3730 ] C:\Windows\System32\diagperf.dll
20:29:18.0075 0x0fdc  C:\Windows\System32\diagperf.dll - ok
20:29:18.0091 0x0fdc  [ 1062C1D05E95306D878FFFE0A23B84C0, 75E27BB97A24CB5161B3CC7C48B9F0A48B587643B8FBD56EC72AF0162F9B5EEE ] C:\Windows\System32\perftrack.dll
20:29:18.0091 0x0fdc  C:\Windows\System32\perftrack.dll - ok
20:29:18.0106 0x0fdc  [ 8D6F535461F6CFF75A8ADDF83024C904, F2A97EC4A6284F28B685A3CE2D450F61E75EE8692D718A6AA352D5734BBBAD7B ] C:\Windows\System32\appinfo.dll
20:29:18.0106 0x0fdc  C:\Windows\System32\appinfo.dll - ok
20:29:18.0121 0x0fdc  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] C:\Windows\System32\ssdpsrv.dll
20:29:18.0121 0x0fdc  C:\Windows\System32\ssdpsrv.dll - ok
20:29:18.0136 0x0fdc  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] C:\Windows\System32\wpdbusenum.dll
20:29:18.0136 0x0fdc  C:\Windows\System32\wpdbusenum.dll - ok
20:29:18.0151 0x0fdc  [ F0DF4F8D9F1F8FA36BA30ACAC213D03D, 1DC17A432EED9612E9A1308B319FEC037930B79A5E03B292909A3B0031F60A34 ] C:\Windows\System32\PortableDeviceApi.dll
20:29:18.0152 0x0fdc  C:\Windows\System32\PortableDeviceApi.dll - ok
20:29:18.0165 0x0fdc  [ 0BDB5190B3AFAEFF93800F149781F942, 7385F8DD65010ADF32EBF5F065C39FF18D8033F0A9BFF0DD9E619430EFF09B12 ] C:\Windows\System32\pautoenr.dll
20:29:18.0165 0x0fdc  C:\Windows\System32\pautoenr.dll - ok
20:29:18.0180 0x0fdc  [ B344479C30A24B05C2E08EE35EF69530, 2D48C2C27E93DF1781760BAD773F9E41F11E93D0E504397610B9D8B611777253 ] C:\Windows\System32\certca.dll
20:29:18.0180 0x0fdc  C:\Windows\System32\certca.dll - ok
20:29:18.0195 0x0fdc  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] C:\Windows\System32\FDResPub.dll
20:29:18.0195 0x0fdc  C:\Windows\System32\FDResPub.dll - ok
20:29:18.0209 0x0fdc  [ 448D8F8B51F785EAB56947D94EBDFC66, DFA1B360613DD5A8659313D7C390EE4989FEAF8D8BE0A75C3A617F90B8EA4E43 ] C:\Windows\System32\hnetcfg.dll
20:29:18.0209 0x0fdc  C:\Windows\System32\hnetcfg.dll - ok
20:29:18.0224 0x0fdc  [ 3958E82529DA716D1D2F0C44E6F14187, 4813DF3A12DFA72461CBDFB01DBC3FADAEFB9360245798F05A3416ADE4DAED34 ] C:\Windows\System32\pcadm.dll
20:29:18.0224 0x0fdc  C:\Windows\System32\pcadm.dll - ok
20:29:18.0238 0x0fdc  [ 22C3168D2AAA6C0546FE215CD079DBBB, 484D982D3BDAA4090D75C84226582D9B0344F19E32EFE3F12909C4ED125F5F6C ] C:\Windows\System32\wer.dll
20:29:18.0238 0x0fdc  C:\Windows\System32\wer.dll - ok
20:29:18.0247 0x0fdc  [ E0BC37F2051E1CB6B768A53D9514E3FA, FC7826A54D179321ACDA91115DB54DB427C185BE6AD0858127DB187E8E6692B9 ] C:\Windows\System32\pcacli.dll
20:29:18.0247 0x0fdc  C:\Windows\System32\pcacli.dll - ok
20:29:18.0261 0x0fdc  [ B4FC38795A0AFC18539E220F56348764, A7ACAD98BDE191EAE99E89145E476E92AE75AAA020406ABFFF36CC3DA2509A7C ] C:\Windows\System32\PortableDeviceConnectApi.dll
20:29:18.0261 0x0fdc  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
20:29:18.0276 0x0fdc  [ 93664065662467289E77F0982FA61D37, 8FC996A36B25988BE2773E3F3850B89415A49123E131BA8485536D44EC542ECA ] C:\Windows\System32\WSDApi.dll
20:29:18.0276 0x0fdc  C:\Windows\System32\WSDApi.dll - ok
20:29:18.0292 0x0fdc  [ F0D53BA526018350E227F6E3E80C3966, B070DEEF36B23A33142F7991B1F8655F61CD7761AE991F809B006FA50C519BDC ] C:\Windows\System32\webservices.dll
20:29:18.0292 0x0fdc  C:\Windows\System32\webservices.dll - ok
20:29:18.0307 0x0fdc  [ F99300CAF66307E295438355E9B11ACD, 3BFB0F6633011964B29ECA3BC54E6F7B79D99A01A16622F2196A935F6CDD30D2 ] C:\Windows\System32\CertEnroll.dll
20:29:18.0307 0x0fdc  C:\Windows\System32\CertEnroll.dll - ok
20:29:18.0322 0x0fdc  [ D9053149D55CEB13C66A69A00A1B6D7D, 5C90FDC824E17435C6A1C868D8DE0947380D01143097501F878017FFD8298AD1 ] C:\Windows\System32\wbem\wbemprox.dll
20:29:18.0322 0x0fdc  C:\Windows\System32\wbem\wbemprox.dll - ok
20:29:18.0336 0x0fdc  [ 3B806AFCDAC0FA8073A025CB0384E6B8, DD30400205039C836CBAE812A33B7029E43BCAB771F555A678338918EF2D0426 ] C:\Windows\System32\Apphlpdm.dll
20:29:18.0336 0x0fdc  C:\Windows\System32\Apphlpdm.dll - ok
20:29:18.0352 0x0fdc  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] C:\Windows\System32\fdPHost.dll
20:29:18.0352 0x0fdc  C:\Windows\System32\fdPHost.dll - ok
20:29:18.0367 0x0fdc  [ 45E8FB1F9A9191B1F7DF09DE346B81A7, AB31FBCB97E335BF3946BB3F77E5EC641784EA80C960A849FCB2018057DD973B ] C:\Windows\System32\fdWSD.dll
20:29:18.0367 0x0fdc  C:\Windows\System32\fdWSD.dll - ok
20:29:18.0380 0x0fdc  [ E1D793FCCD26B862839217612830ECFC, 4A96199D07370BB44B9BF73F945DC65C6B165593419B41E9F5A5CB82E1A2B7B9 ] C:\Windows\System32\wbem\wbemcore.dll
20:29:18.0381 0x0fdc  C:\Windows\System32\wbem\wbemcore.dll - ok
20:29:18.0395 0x0fdc  [ 7969580698D60958265942B9DDC12B63, 2EBA4EA7C2F5220C91259AA20D027A4CF6EFE024B8F174C48CC80FECBCFB9FDD ] C:\Windows\System32\fdSSDP.dll
20:29:18.0395 0x0fdc  C:\Windows\System32\fdSSDP.dll - ok
20:29:18.0409 0x0fdc  [ 17C9CEA667906DA7CAA1175DE437F4FC, 45677EA1918DD4D68C3342B333D0A57EB69E14BA88FFDD3D67DD21CED303B07C ] C:\Windows\System32\runonce.exe
20:29:18.0409 0x0fdc  C:\Windows\System32\runonce.exe - ok
20:29:18.0423 0x0fdc  [ 205B59C8B291A707B24C97B123834E70, 04034B153F3D9EF07E08615449250EAA6A3930AE28EB58B1CC1A40D34A812BD0 ] C:\Windows\System32\pnpts.dll
20:29:18.0423 0x0fdc  C:\Windows\System32\pnpts.dll - ok
20:29:18.0437 0x0fdc  [ 2C6B75D50B9917766FE7BA0C11A1FA23, C510F813EB9CE28E1AEB75740A068AAAEE4A21B21E7E8399CBDC96D95D8CEB9A ] C:\Windows\System32\wbem\esscli.dll
20:29:18.0438 0x0fdc  C:\Windows\System32\wbem\esscli.dll - ok
20:29:18.0452 0x0fdc  [ C510810D292782189F8BE12A1B0E366E, 486B8DE1FD5F8125276D423D153BEA653EB47E6C9358417A3F37D71730913B02 ] C:\Windows\System32\wbem\fastprox.dll
20:29:18.0452 0x0fdc  C:\Windows\System32\wbem\fastprox.dll - ok
20:29:18.0466 0x0fdc  [ 36BC2FF91264BB032FEB927B03DE4C29, 9073945F67C3833D6C4F4841BCFC972068EF9B74F86766B9BEF96DB26A398413 ] C:\Windows\System32\wbem\wbemsvc.dll
20:29:18.0466 0x0fdc  C:\Windows\System32\wbem\wbemsvc.dll - ok
20:29:18.0481 0x0fdc  [ 647B3E3A60DED8DAECF4F798A058EADB, 9A9DE6F0781FF01512E965D44514CD60DC645DCE8ECAAF0B3001DBA7379BB917 ] C:\Windows\System32\srumsvc.dll
20:29:18.0481 0x0fdc  C:\Windows\System32\srumsvc.dll - ok
20:29:18.0496 0x0fdc  [ 5FB52C4367FCABB27373F701C714192C, 99ECC9D01120A7FBAE2E47CF11A66F56ACC2B4ADC377AC6DB6BA377EF59BF6E1 ] C:\Windows\System32\wbem\wmiutils.dll
20:29:18.0496 0x0fdc  C:\Windows\System32\wbem\wmiutils.dll - ok
20:29:18.0505 0x0fdc  [ 4845FC917AB257CAE4F16A80ADC15412, 6267D746031947F05F08E7D95C98272E22020F89ACC75C545A1B42D03D1C13EA ] C:\Windows\System32\wbem\repdrvfs.dll
20:29:18.0505 0x0fdc  C:\Windows\System32\wbem\repdrvfs.dll - ok
20:29:18.0520 0x0fdc  [ 6AF7948D08E59B5690D3559AEB8E0F93, 66E825B05FE666BE7E8B79BB33E7AF9942D05F2CC6EB2702BA3D2183FB4C4598 ] C:\Windows\System32\wdiasqmmodule.dll
20:29:18.0520 0x0fdc  C:\Windows\System32\wdiasqmmodule.dll - ok
20:29:18.0534 0x0fdc  [ 8BE1C89BD0C6F659C3AE3A2C8D0955C4, 50D26482997BB44EBB55DA50D177459F76A708EBC23AB866330295E730EE71A9 ] C:\Windows\SysWOW64\runonce.exe
20:29:18.0534 0x0fdc  C:\Windows\SysWOW64\runonce.exe - ok
20:29:18.0547 0x0fdc  [ 62969A88DE12FD62D59A6C7821A929BC, 47B49F37B11DAB2E686DC47616623D2332F6F889529820DA82CB6DC67B81884E ] C:\Windows\SysWOW64\imm32.dll
20:29:18.0547 0x0fdc  C:\Windows\SysWOW64\imm32.dll - ok
20:29:18.0562 0x0fdc  [ F5C43BFE7EF27521ED25B912C9366CD9, A43758C33AB96CC2DE883B975C04B02B026663F9E7A523FEC99D15DA38DFFEE2 ] C:\Windows\SysWOW64\msctf.dll
20:29:18.0562 0x0fdc  C:\Windows\SysWOW64\msctf.dll - ok
20:29:18.0577 0x0fdc  [ 1FC8997292BE3362A5B40EBBBD137982, 68CE9F15131B4375987EF19D1FD66DAC9818C59CAD9C767112AE7B8075C4CE3B ] C:\Windows\System32\radardt.dll
20:29:18.0577 0x0fdc  C:\Windows\System32\radardt.dll - ok
20:29:18.0592 0x0fdc  [ A7DDBD5DA334F3BA342EB828012FD1A5, B9A86EC9BB107F1BB6FAE103EE9E571B639564AFBD036040F0A91C06E5C26522 ] C:\Windows\SysWOW64\clbcatq.dll
20:29:18.0592 0x0fdc  C:\Windows\SysWOW64\clbcatq.dll - ok
20:29:18.0606 0x0fdc  [ 824BC775A6B475D872431F6B36DD8BA3, B36C99A9B76DE63CE08794C8BFC49081E2D35D4BB7F993B949DD681F8EB991F8 ] C:\Windows\System32\wbem\WmiPrvSD.dll
20:29:18.0607 0x0fdc  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
20:29:18.0623 0x0fdc  [ A9A027378882FFA14000612AE6FDA7AB, 202DE6B1B6D6CA757AC456DF11599C48E6BB5225ACD52CCB7411B11B0F0EED6A ] C:\Windows\SysWOW64\propsys.dll
20:29:18.0624 0x0fdc  C:\Windows\SysWOW64\propsys.dll - ok
20:29:18.0638 0x0fdc  [ A19F9B39E739E89698E662896F4A76B5, 230D95FFE6A47CBB6619A9D66FD097AE83093C48C650E39B953139160F4135EF ] C:\Windows\System32\ncobjapi.dll
20:29:18.0638 0x0fdc  C:\Windows\System32\ncobjapi.dll - ok
20:29:18.0653 0x0fdc  [ B2CF1AF98C13B3C19FDD7EF1EF56C05F, 016BE1B76DE48572DABBF20797ABAD87F73FB1CBD0A8E293D69B8CA6A1063550 ] C:\Windows\System32\wbem\wbemess.dll
20:29:18.0653 0x0fdc  C:\Windows\System32\wbem\wbemess.dll - ok
20:29:18.0669 0x0fdc  [ 8449B6B3E281AF44BEA98D318D7481A5, 74463B6DC0D88B29F3CB28A55C922887102DDD9450EF99242314238FBF488CB7 ] C:\Windows\System32\nduprov.dll
20:29:18.0669 0x0fdc  C:\Windows\System32\nduprov.dll - ok
20:29:18.0684 0x0fdc  [ D3F794546CE8666B663A0A906CA97DCA, 9A9133B07FE27AC43716E018260ADB2B24519B2B582254E0FCA2B7DF7394BD36 ] C:\Windows\System32\wpnsruprov.dll
20:29:18.0684 0x0fdc  C:\Windows\System32\wpnsruprov.dll - ok
20:29:18.0698 0x0fdc  [ BEA157D1857FA63205558750720D9071, EC7FA0E0BBC2B0A826903D6E1989AFE73E5D06780306F478FE715A7E4A73EA7C ] C:\Windows\System32\appsruprov.dll
20:29:18.0698 0x0fdc  C:\Windows\System32\appsruprov.dll - ok
20:29:18.0713 0x0fdc  [ F06F60158842691FA4B5DE0E08F55B29, 240C38803AD124CB67CCBDB5F8BAC98E9094ADBC7E56221CC4D8AD5106CBCDED ] C:\Windows\System32\ncuprov.dll
20:29:18.0713 0x0fdc  C:\Windows\System32\ncuprov.dll - ok
20:29:18.0727 0x0fdc  [ F12B563360D2BA8AD323A74986AF8A5B, AACCCB30F031940CB04926D32F6ED9FE89B93FD58DCB7B207B9EC0AB65D9B9FE ] C:\Windows\System32\wwapi.dll
20:29:18.0728 0x0fdc  C:\Windows\System32\wwapi.dll - ok
20:29:18.0741 0x0fdc  [ 589DBCBC569A0536010D854928D10EA1, 177DEED3758CCE7BA40CF68190B06C99C453434EFE95E41838B0E85A9CCACAF2 ] C:\Windows\System32\httpapi.dll
20:29:18.0742 0x0fdc  C:\Windows\System32\httpapi.dll - ok
20:29:18.0751 0x0fdc  [ 5EE916C3272A19B459717A8D2397B07A, 7231A20E56EC571F6565DFEA348B2656E3032E56D207501620A212CC460897CA ] C:\Windows\System32\energyprov.dll
20:29:18.0751 0x0fdc  C:\Windows\System32\energyprov.dll - ok
20:29:18.0765 0x0fdc  [ 90AC8D4574103FCF8942C526998F46BF, 82B55E3C466526B04DC67EE8C2AEC30247C30C32C914DE34D63F0BF82CDB88D0 ] C:\Windows\System32\srumapi.dll
20:29:18.0765 0x0fdc  C:\Windows\System32\srumapi.dll - ok
20:29:18.0780 0x0fdc  [ 1A4DA1D6287B99033D144B436C23B656, D4D1EEB372E61512EA36A33F095E68C225B8E6C72CC57ED8BD00533F88012F40 ] C:\Windows\System32\provsvc.dll
20:29:18.0780 0x0fdc  C:\Windows\System32\provsvc.dll - ok
20:29:18.0795 0x0fdc  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] C:\Windows\System32\NcdAutoSetup.dll
20:29:18.0795 0x0fdc  C:\Windows\System32\NcdAutoSetup.dll - ok
20:29:18.0809 0x0fdc  [ AABABEF97D4863A3490163802D41B39F, 745F6E9DB7E30F78096AF7586E7097BB12EEF68C7DB84BC1991ED2C70B58506F ] C:\Windows\System32\ndiscapCfg.dll
20:29:18.0809 0x0fdc  C:\Windows\System32\ndiscapCfg.dll - ok
20:29:18.0824 0x0fdc  [ 23C9D50C50954642D5B9224AF35858EC, DB39C37E004DA4D2A61323D8FA5248753DD713555B2DB1F030228467A8BC57BA ] C:\Windows\System32\brdgcfg.dll
20:29:18.0824 0x0fdc  C:\Windows\System32\brdgcfg.dll - ok
20:29:18.0838 0x0fdc  [ D465E438E2356C21A51A416E67041F80, 6B967EE9BC1BCBCB8EB611BDB20A19EB91381503FB682109EB598B8678670A98 ] C:\Windows\System32\rascfg.dll
20:29:18.0839 0x0fdc  C:\Windows\System32\rascfg.dll - ok
20:29:18.0853 0x0fdc  [ 465E8A5B79FF5134CECE8E43031ADBE1, 093FA94EBF9B69247296DB9697F73809AED620808AD779DA68FE00F7D617555C ] C:\Windows\System32\dtsh.dll
20:29:18.0853 0x0fdc  C:\Windows\System32\dtsh.dll - ok
20:29:18.0868 0x0fdc  [ 95ED0EB4E1D30448AF1C55BB2B4F014C, 3E7569C5CC4E6D37551F474C43478BA66F36AC9DE183D83CC7116263DCAB3097 ] C:\Windows\System32\mprapi.dll
20:29:18.0868 0x0fdc  C:\Windows\System32\mprapi.dll - ok
20:29:18.0881 0x0fdc  [ A46C1D6EE4BC27E8A767079CECCADE9E, F2E3F1D30C954CE9B838D33EF1D0DDEE732CABE6EC9D1A9C2952591C25AD1130 ] C:\Windows\System32\mprmsg.dll
20:29:18.0881 0x0fdc  C:\Windows\System32\mprmsg.dll - ok
20:29:18.0895 0x0fdc  [ 3CD8F1967D355842CC044B25269EEDFE, F95699E97120FD48A7D0383AA7B57815151FB450615144EC1DC71DEC04DCC7D7 ] C:\Windows\System32\NdisImPlatform.dll
20:29:18.0895 0x0fdc  C:\Windows\System32\NdisImPlatform.dll - ok
20:29:18.0910 0x0fdc  [ 23B8FA7B494D249EF162C1FE4DE99567, ED2239FB4162ADD20EE7C3FD75AAA4929117E769EF9E71CB62201E7DE767C5B0 ] C:\Windows\System32\LldpNotify.dll
20:29:18.0910 0x0fdc  C:\Windows\System32\LldpNotify.dll - ok
20:29:18.0924 0x0fdc  [ D8F986E9781C4153EC73B52D19CF2E0D, A77F69BEC03D63B0C600B7EFA52F7CA4359C7262268AE7F34F75181CAE31C210 ] C:\Windows\System32\tcpipcfg.dll
20:29:18.0924 0x0fdc  C:\Windows\System32\tcpipcfg.dll - ok
20:29:18.0947 0x0fdc  [ 2F60047076D57730FFD1981F53ACE052, D107405E9FE819E193279FF34A5FEEBFF521ACD07A2110999DAD62C35041FB25 ] C:\Windows\System32\fdProxy.dll
20:29:18.0947 0x0fdc  C:\Windows\System32\fdProxy.dll - ok
20:29:18.0962 0x0fdc  [ 4F32FE0318A902949E461F699030DA45, 2B0FD05FC6F2BBD79B613BE03432075C38CB7EE33087E1CE2B3A4040F4368477 ] C:\Windows\System32\DAFWSD.dll
20:29:18.0962 0x0fdc  C:\Windows\System32\DAFWSD.dll - ok
20:29:18.0976 0x0fdc  [ 7C44C697BA6D0B698B91AC6516A731C3, AD563098060DC213FBE3E7490D8EA4FA34C070CA2BBA05D27166A4E3CC2C6825 ] C:\Windows\SysWOW64\urlmon.dll
20:29:18.0977 0x0fdc  C:\Windows\SysWOW64\urlmon.dll - ok
20:29:18.0991 0x0fdc  [ 59A1D4FACD7B333F76C4142CD42D3ABA, E1A080E61FB1BAF0DA629D34BAEE6F0F9D0E0337BF6CED9F4B3AB9B1C23D91BA ] C:\Windows\SysWOW64\cmd.exe
20:29:18.0991 0x0fdc  C:\Windows\SysWOW64\cmd.exe - ok
20:29:19.0006 0x0fdc  [ 98A184F6EC43B178901FCD5D4E2EC43B, 86EEB354F96B2FC344B93C5BD603D7C4F56A6CC9BFB2A1DCCAEF09E5AE7DDC9F ] C:\Windows\System32\Windows.Media.Streaming.dll
20:29:19.0006 0x0fdc  C:\Windows\System32\Windows.Media.Streaming.dll - ok
20:29:19.0015 0x0fdc  [ 16A19EB29CDE3883DF43DC83D14F1817, CED0BCDF22D12D79A35DC3A00F97E5E2AD27A0CE2CDBA7356D41BD705206B267 ] C:\Windows\System32\upnp.dll
20:29:19.0015 0x0fdc  C:\Windows\System32\upnp.dll - ok
20:29:19.0029 0x0fdc  [ F394A5D729075400ED603510855D227B, 6D6757480792AC0D7738E9C929A1B0D4E8F62A08AC168574D08BCB811DADD724 ] C:\Program Files\Synaptics\SynTP\SynTPRes.dll
20:29:19.0029 0x0fdc  C:\Program Files\Synaptics\SynTP\SynTPRes.dll - ok
20:29:19.0044 0x0fdc  [ 0C077C8BA649D2DFC0C50C5E6E447C9E, 86F6204F65FC9010DB30CF08100E36ADEA1E4E2CA983CC003FC540D9AE4EF88B ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
20:29:19.0044 0x0fdc  C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
20:29:19.0059 0x0fdc  [ 4C50680BDC98B551CE5C173BAB1C62D7, 040FA269D72978BC51F42BC3E056539F83F425CDCF1C20CB17C6E7D9FDEA2526 ] C:\Windows\SysWOW64\cmdext.dll
20:29:19.0059 0x0fdc  C:\Windows\SysWOW64\cmdext.dll - ok
20:29:19.0073 0x0fdc  [ CCF8BED843882F5C01FC93F6FEC5A8A7, 63CF7ADFC851304A06704976D157D292496F7DD57598E6B34414A745A1F04D76 ] C:\Windows\System32\consent.exe
20:29:19.0073 0x0fdc  C:\Windows\System32\consent.exe - ok
20:29:19.0088 0x0fdc  [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\Spencer\AppData\Local\Temp\{DDB703F5-B770-4003-9633-F67EDB7387EE}.exe
20:29:19.0088 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{DDB703F5-B770-4003-9633-F67EDB7387EE}.exe - ok
20:29:19.0103 0x0fdc  [ 7C2E3117F0BF7B6F010B8C071253404C, 51E936168C8E51F4352A26FDA591F23C0BE1BED6A27FA93BAC18654143A018D7 ] C:\Windows\System32\cryptnet.dll
20:29:19.0103 0x0fdc  C:\Windows\System32\cryptnet.dll - ok
20:29:19.0117 0x0fdc  [ 0320929A497A57A243ED157BA082896D, 8454D4EFA24D042A11550B2C6424B4F845D8167C86FBFF1BE411BF4F47C3410C ] C:\Windows\SysWOW64\pcacli.dll
20:29:19.0118 0x0fdc  C:\Windows\SysWOW64\pcacli.dll - ok
20:29:19.0131 0x0fdc  [ 5D7148704D8715482695A534887359FA, A194BE35CFB3B5B157E4DEF24E4615EBE8C04156ABFD19718AA906598D26487E ] C:\Windows\SysWOW64\mpr.dll
20:29:19.0131 0x0fdc  C:\Windows\SysWOW64\mpr.dll - ok
20:29:19.0145 0x0fdc  [ EB5BB44DBA9F55DB59076E58F6E42C03, DB19B33CC13427CB915BBB1C9AC564AD91A8663AAB4CC64168DA40FAB0711817 ] C:\Windows\SysWOW64\sfc_os.dll
20:29:19.0145 0x0fdc  C:\Windows\SysWOW64\sfc_os.dll - ok
20:29:19.0160 0x0fdc  [ C3C9B251ABFA347AA454B6AA17068FA1, 1909A393E1CB19FEE787095C3BAAEBF202BEADCEE40EF0BE4A5D9319A35179E3 ] C:\Windows\SysWOW64\devrtl.dll
20:29:19.0160 0x0fdc  C:\Windows\SysWOW64\devrtl.dll - ok
20:29:19.0174 0x0fdc  [ 0F17D49BE041B7EFF1D33BF1414E7AC6, F8B536B60903814DF88DAF535753288537EF0993E42AA4E734EDA8D68B24C7AB ] C:\Windows\System32\aelupsvc.dll
20:29:19.0174 0x0fdc  C:\Windows\System32\aelupsvc.dll - ok
20:29:19.0188 0x0fdc  [ E9286577AD0D3BE9158DCE178A879123, 5B404587CE415CF47A4ABC219FB2376002C6BFFAB6C010FC8DD1FA9DE815F6AC ] C:\Windows\System32\devrtl.dll
20:29:19.0188 0x0fdc  C:\Windows\System32\devrtl.dll - ok
20:29:19.0203 0x0fdc  [ 984B3226C7A4CFC9FE91D7BACA133D8D, B8058FC049217DE89F13730425207C19B1967194F3BE3C8CAE2F8AA3BD932721 ] C:\Windows\SysWOW64\winhttp.dll
20:29:19.0203 0x0fdc  C:\Windows\SysWOW64\winhttp.dll - ok
20:29:19.0224 0x0fdc  [ EEB074B2C0282AAE03ED54361DE23946, 081007D5FF0B1A7D011A456B78DD401E100CC5D93937A31F00EF44D1362CBBC9 ] C:\Windows\System32\actxprxy.dll
20:29:19.0224 0x0fdc  C:\Windows\System32\actxprxy.dll - ok
20:29:19.0240 0x0fdc  [ AACECE80A24B309935DF4023F25C129E, 044CDDF37BA1EA774C251F4B8C9FD1F361581C4B32978DBA76CEB2D2CE7163D6 ] C:\Windows\System32\SettingSyncPolicy.dll
20:29:19.0240 0x0fdc  C:\Windows\System32\SettingSyncPolicy.dll - ok
20:29:19.0255 0x0fdc  [ C5FA4562E9ACB7323B3FB333E6C021CF, 4481410844F5D8CDED5D4377F1EC566B13D13C9C97FEF4705F8D6C8215B26B42 ] C:\Windows\System32\twinui.dll
20:29:19.0255 0x0fdc  C:\Windows\System32\twinui.dll - ok
20:29:19.0264 0x0fdc  [ F586F3F1BF962FE9AE4316E0D896B22F, 8D0AD48D79294567123D943D0F5B6D5A32D7A82B129A24DC821D3095AFAA100B ] C:\Windows\System32\drivers\WSDPrint.sys
20:29:19.0264 0x0fdc  C:\Windows\System32\drivers\WSDPrint.sys - ok
20:29:19.0279 0x0fdc  [ 9FA466A42109F408AC6C2848E851C38A, 0CE75916186D19467D14E33E2CF6C1653D2CE854F05D0DBD0A1268FA413DF291 ] C:\Windows\System32\twinapi.appcore.dll
20:29:19.0279 0x0fdc  C:\Windows\System32\twinapi.appcore.dll - ok
20:29:19.0293 0x0fdc  [ D38297814FB6E33655342D869996E617, 3701892EEF87D1BF0E73322B90678802B6EA4AFA9CBF6111F39611C79DBA96C7 ] C:\Windows\System32\drivers\WSDScan.sys
20:29:19.0293 0x0fdc  C:\Windows\System32\drivers\WSDScan.sys - ok
20:29:19.0308 0x0fdc  [ C76D1DA491995D7108A817714A702133, 81EDD40306D77DD658D91BD9825C9ADD31CB2E766D4BB2886C662A0B3F96418E ] C:\Windows\System32\WSDScDrv.dll
20:29:19.0308 0x0fdc  C:\Windows\System32\WSDScDrv.dll - ok
20:29:19.0324 0x0fdc  [ 5BCABCE516486337E39DDD005BCBB1CA, 6D04CF09BC3BA0B4917B30CBE11FEE0A4F6324BA6F177DB750AA02756B0A9FD4 ] C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17056_none_932f2645474c8242\GdiPlus.dll
20:29:19.0324 0x0fdc  C:\Windows\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17056_none_932f2645474c8242\GdiPlus.dll - ok
20:29:19.0338 0x0fdc  [ 10B3D632CA42A042F9E38CC30830A800, B114B2E12B7FBCCCA34DBBABFB113AD3193EAD27F3DFCD7B4137AB9763FB2912 ] C:\Windows\System32\ExplorerFrame.dll
20:29:19.0338 0x0fdc  C:\Windows\System32\ExplorerFrame.dll - ok
20:29:19.0353 0x0fdc  [ 74541452095D89F4A9F5426AC53CB416, D1AB2EE30EB577A9D4C0450887914AA8F4EBA9233740C0BB15D21CC9F89545C8 ] C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
20:29:19.0353 0x0fdc  C:\Windows\System32\windows.immersiveshell.serviceprovider.dll - ok
20:29:19.0367 0x0fdc  [ 431C905A43C16D0D830B5703D23C1917, 9F012EA5E8E6C77BB8FA721FFF6DC885A0259CAE78AD1CD684EC64151B7073BC ] C:\Windows\System32\WSDScanProxy.dll
20:29:19.0368 0x0fdc  C:\Windows\System32\WSDScanProxy.dll - ok
20:29:19.0381 0x0fdc  [ 63CB763FE4CEADFFF5F047332814E8F9, 814EB47BE61F80D88C1B8877E86FB3DBEB85B95019F4005C9FD4F9EEE832A169 ] C:\Windows\System32\wldp.dll
20:29:19.0381 0x0fdc  C:\Windows\System32\wldp.dll - ok
20:29:19.0396 0x0fdc  [ 008368626F3EFAEDB0C2CD4565BA6797, 29E615B9F67EAAA274FE2341251FA06D0FC94472F02C841CEE155466BAC8733B ] C:\Windows\SysWOW64\dwmapi.dll
20:29:19.0396 0x0fdc  C:\Windows\SysWOW64\dwmapi.dll - ok
20:29:19.0411 0x0fdc  [ AA0E4F73727BFC8BA404884B1C1DB719, 0DEB88BBBC3DD37824B484FA38487280CB6A049D235519584DA562C3C91F18A7 ] C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe
20:29:19.0411 0x0fdc  C:\Program Files (x86)\Google\Update\1.3.24.15\GoogleCrashHandler64.exe - ok
20:29:19.0426 0x0fdc  [ CCC6D7250D01DA7E5499B0722CF6CAE3, F111CF6BF87B36C491E09D65B342362F6F9C9BBA77784502CEB45F2B15D87CB2 ] C:\Windows\System32\twinui.appcore.dll
20:29:19.0426 0x0fdc  C:\Windows\System32\twinui.appcore.dll - ok
20:29:19.0442 0x0fdc  [ CE10041A39A0E6F598BFA50A5AB64CF3, D9738F27B1F16D3F2666B12FF080D82360F3DFCD285081DB90E7D4E46AD762E4 ] C:\Windows\System32\wpncore.dll
20:29:19.0442 0x0fdc  C:\Windows\System32\wpncore.dll - ok
 
End of Part 5

  • 0

#12
Spencer4134
Posted 12 August 2014 - 09:04 PM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

TDSSKiller Part 6 (Final):

 

 
20:29:19.0453 0x0fdc  [ C7DFBE21051D5E44B479CBF74B968335, BF0759D9DF2DB1A7F8C39FCD8BB3BF742259B8CC47BA02F5214F4B44477FDCDC ] C:\Windows\System32\dbghelp.dll
20:29:19.0454 0x0fdc  C:\Windows\System32\dbghelp.dll - ok
20:29:19.0470 0x0fdc  [ 4CEC4C390F0B53AC8AEA2407D88A0ABF, EEC7FBC4B7087C669DAAC0EA07B305C762EDF18B7C02B3FBD8B895D1F4FDD0F6 ] C:\Windows\SysWOW64\webio.dll
20:29:19.0470 0x0fdc  C:\Windows\SysWOW64\webio.dll - ok
20:29:19.0484 0x0fdc  [ FF0EE1B87E5DD7A82F7BB124D5CA8BB6, 9C4DA645D6EC97AA88D81CDC81F87C8B7A3434AF35A16F8622A097839EBFAB16 ] C:\Windows\SysWOW64\dnsapi.dll
20:29:19.0484 0x0fdc  C:\Windows\SysWOW64\dnsapi.dll - ok
20:29:19.0498 0x0fdc  [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
20:29:19.0498 0x0fdc  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
20:29:19.0512 0x0fdc  [ B6C010F42053ED92E421EE5476E10645, 37B4DFF10DC8B276D979A1D04741A1D564720193E121B1D2A7B68020EF67DE38 ] C:\Windows\SysWOW64\rasadhlp.dll
20:29:19.0512 0x0fdc  C:\Windows\SysWOW64\rasadhlp.dll - ok
20:29:19.0527 0x0fdc  [ AFFB4EB53FC1D04495C8A5EC80B1EBCD, 60A43F23B6357BD9E6B6BEA099CE9C745CA297CC99910E8E79C46ADBBED2536D ] C:\Windows\SysWOW64\FWPUCLNT.DLL
20:29:19.0528 0x0fdc  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
20:29:19.0541 0x0fdc  [ DE6533132FC2BD8A2ED5D370D41CBED3, 4CF0CBCF3ADC42614CF4C132FA52EFBBAE6FB69059AB6FA72735FB53B326D162 ] C:\Windows\System32\SyncCenter.dll
20:29:19.0541 0x0fdc  C:\Windows\System32\SyncCenter.dll - ok
20:29:19.0556 0x0fdc  [ 2C727D11CDF4F8B2477FC2B1B305ECB9, B4F83DAA73E99EF8AD88A4A9C5553ABC4A99E2FD22234C968D90A0BAE97104F8 ] C:\Windows\System32\wlidprov.dll
20:29:19.0556 0x0fdc  C:\Windows\System32\wlidprov.dll - ok
20:29:19.0571 0x0fdc  [ 644D631AB867535F34B2A36F91239FB6, F5CD6E03090CDDED23E9620E2D22C647DD41C3480476795CA2E7B43A06291D70 ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\setup.exe
20:29:19.0572 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\Installer\setup.exe - ok
20:29:19.0587 0x0fdc  [ 152152B5EE3512ED85C526967C350355, 13E0C65D85E8905C05FAF41221C94773B730361122CA277B50E69B4D4CA22B1D ] C:\Windows\System32\thumbcache.dll
20:29:19.0587 0x0fdc  C:\Windows\System32\thumbcache.dll - ok
20:29:19.0603 0x0fdc  [ 812F9BECC3D67371B4B6A41E09E1AEFE, 8B6426F2409797E80BA6A91E83D3BDFE424E524D99DD5AEB3A9117A88E090362 ] C:\Windows\System32\Windows.Networking.Connectivity.dll
20:29:19.0603 0x0fdc  C:\Windows\System32\Windows.Networking.Connectivity.dll - ok
20:29:19.0619 0x0fdc  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] C:\Windows\System32\ncbservice.dll
20:29:19.0619 0x0fdc  C:\Windows\System32\ncbservice.dll - ok
20:29:19.0634 0x0fdc  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] C:\Windows\System32\TimeBrokerServer.dll
20:29:19.0634 0x0fdc  C:\Windows\System32\TimeBrokerServer.dll - ok
20:29:19.0647 0x0fdc  [ E8511D133B449BEE41CABFCA6EB35526, 38D635B18B195AC1626E3B54B63A7EB0807409D234620697D7FB520680CDDED5 ] C:\Windows\System32\BrokerLib.dll
20:29:19.0647 0x0fdc  C:\Windows\System32\BrokerLib.dll - ok
20:29:19.0662 0x0fdc  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{A68C292A-FB79-4EB9-8BB5-E5F0175AC71E}.tmp
20:29:19.0662 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{A68C292A-FB79-4EB9-8BB5-E5F0175AC71E}.tmp - ok
20:29:19.0677 0x0fdc  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{030ACCF9-3C7A-45DA-8A88-6298C809F3AD}.tmp
20:29:19.0677 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{030ACCF9-3C7A-45DA-8A88-6298C809F3AD}.tmp - ok
20:29:19.0693 0x0fdc  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{E22762CD-D6F7-40BC-B38E-D29E5582B00A}.tmp
20:29:19.0693 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{E22762CD-D6F7-40BC-B38E-D29E5582B00A}.tmp - ok
20:29:19.0708 0x0fdc  [ 8F464EE568C36C174DC403EFC8F85A21, 1FB87547C90A4ABFE40078C74C9C9E3DB9428AA6B2A0E15CEF6E1635C94C4686 ] C:\Windows\System32\stobject.dll
20:29:19.0708 0x0fdc  C:\Windows\System32\stobject.dll - ok
20:29:19.0723 0x0fdc  [ EB34CE5EFA1591915F973EB30C77A1D8, 86D608B89997A5BF9A6BFD5386A26CFCFACB88A6E3A2D6B4BC9C375085F2AE7E ] C:\Windows\System32\Windows.Globalization.Fontgroups.dll
20:29:19.0723 0x0fdc  C:\Windows\System32\Windows.Globalization.Fontgroups.dll - ok
20:29:19.0738 0x0fdc  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{C3A89B30-0870-44E1-AD7B-AE4009A9BE6F}.tmp
20:29:19.0738 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{C3A89B30-0870-44E1-AD7B-AE4009A9BE6F}.tmp - ok
20:29:19.0753 0x0fdc  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{C1F8F1B0-A6A7-4D3D-868F-A2988162BD8D}.tmp
20:29:19.0753 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{C1F8F1B0-A6A7-4D3D-868F-A2988162BD8D}.tmp - ok
20:29:19.0769 0x0fdc  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{4A09E6ED-B69C-4003-A24C-38BD1C542A6C}.tmp
20:29:19.0769 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{4A09E6ED-B69C-4003-A24C-38BD1C542A6C}.tmp - ok
20:29:19.0778 0x0fdc  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{A0D4DEC1-CD8F-4846-A5FB-3F4B740BB846}.tmp
20:29:19.0778 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{A0D4DEC1-CD8F-4846-A5FB-3F4B740BB846}.tmp - ok
20:29:19.0794 0x0fdc  [ 2B96525A8E9A3FDD6516A0FFB6E7C0AF, 09EA43A3309965049FE264C121F164FE0F63AC9BADE07F2529B3AA43F3CBFAFB ] C:\Windows\System32\prnfldr.dll
20:29:19.0794 0x0fdc  C:\Windows\System32\prnfldr.dll - ok
20:29:19.0809 0x0fdc  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{9988EDF4-9023-43C8-84F3-8ADB02F5AB8D}.tmp
20:29:19.0809 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{9988EDF4-9023-43C8-84F3-8ADB02F5AB8D}.tmp - ok
20:29:19.0824 0x0fdc  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{3B8401FE-4C0A-4DB0-91E1-10FAAB6BE157}.tmp
20:29:19.0824 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{3B8401FE-4C0A-4DB0-91E1-10FAAB6BE157}.tmp - ok
20:29:19.0839 0x0fdc  [ ED7C0A11E655CD8B89BE499F99D56098, ED9D92FCBB559EAF8CA7A4A60E48570D8F66A802F2ED2BDBEA5A276225616B5B ] C:\Windows\System32\winspool.drv
20:29:19.0839 0x0fdc  C:\Windows\System32\winspool.drv - ok
20:29:19.0854 0x0fdc  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{AAB37085-6AF6-4684-97E0-E70247223CE6}.tmp
20:29:19.0854 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\{571C8589-296D-4A95-8305-79F8B6CE1725}\{AAB37085-6AF6-4684-97E0-E70247223CE6}.tmp - ok
20:29:19.0869 0x0fdc  [ 9415D8364F64C603853D4CA27CECB3BA, 6D22ECE460948AEE682E72269C2907E2C04474FEE8ADFC4AC4619690F5DE7680 ] C:\Windows\System32\DXP.dll
20:29:19.0869 0x0fdc  C:\Windows\System32\DXP.dll - ok
20:29:19.0884 0x0fdc  [ 17F26A480391D5AB4935AE77D4F6F18A, 909A0F6DA49DC3E1D4200BA93C8690AFB5583B649AB135EE7EF6CFCC7B839FE0 ] C:\Windows\System32\shdocvw.dll
20:29:19.0884 0x0fdc  C:\Windows\System32\shdocvw.dll - ok
20:29:19.0897 0x0fdc  [ A6306E2A24C11555D5A4E572291C551D, 764337B658D24DDFBF370C5BBBC97F039D1B796DB8F1B735B419AB6F9846DE49 ] C:\Windows\System32\ntshrui.dll
20:29:19.0897 0x0fdc  C:\Windows\System32\ntshrui.dll - ok
20:29:19.0912 0x0fdc  [ 090E4DE444439DF828CB726D60EA9CFD, BCC7F55572FE855B264600F85A298007756A74A67FDFFDB92D856707C2F1240A ] C:\Windows\System32\ActionCenter.dll
20:29:19.0912 0x0fdc  C:\Windows\System32\ActionCenter.dll - ok
20:29:19.0926 0x0fdc  [ 9590CA2728AACAD7ECE35008D789C3B6, E8F0E0A09EE74EB4E1BCEB82FC166B08A1D5D98649C6478F02D74CD8BC0B2D5B ] C:\Windows\System32\Syncreg.dll
20:29:19.0927 0x0fdc  C:\Windows\System32\Syncreg.dll - ok
20:29:19.0941 0x0fdc  [ EB248189E980B367D09C36A1C2A6FC3D, 9D0AC50AA86E0650D0D3797FE5B38C82B919C2A16A9CD206A34793B412B31414 ] C:\Windows\System32\linkinfo.dll
20:29:19.0941 0x0fdc  C:\Windows\System32\linkinfo.dll - ok
20:29:19.0955 0x0fdc  [ 4A87A56606776CC9E1520D8A2741E9AE, 565A99728A5833D2DE0BB01BA6A2F1424BCD88DF895BD096E2D78EEE42B7B279 ] C:\Windows\System32\WinTypes.dll
20:29:19.0955 0x0fdc  C:\Windows\System32\WinTypes.dll - ok
20:29:19.0970 0x0fdc  [ C4D32A2A0032C65587993E637F2B78F6, 01384FCDEEDE02D88A49332CC6069345C5BA243C37ECC25F8BF9A45ACA7D4A26 ] C:\Windows\System32\AltTab.dll
20:29:19.0970 0x0fdc  C:\Windows\System32\AltTab.dll - ok
20:29:19.0984 0x0fdc  [ 9D2136DDE6753B36A0771FF34337B5D1, 8F139C765BFA080EE15BFC64EC357C9B5EB0BEB20A929E58AB00E19EDBE90254 ] C:\Windows\SysWOW64\riched20.dll
20:29:19.0984 0x0fdc  C:\Windows\SysWOW64\riched20.dll - ok
20:29:19.0998 0x0fdc  [ 7FF1EBF5A376F5B17421E6868F353627, 6ADE337B227FA50489287169979593E5E05DBED4DB8F3B4271CEEBC3CCD76A72 ] C:\Windows\System32\pnidui.dll
20:29:19.0998 0x0fdc  C:\Windows\System32\pnidui.dll - ok
20:29:20.0012 0x0fdc  [ A2D053D11E3756DB3C5642AACA84E69B, 0915A5CEF05CBCC0C8AB16A19DFE025CAF1BF04EE0EA80846D23973A372AF5CA ] C:\Windows\SysWOW64\usp10.dll
20:29:20.0013 0x0fdc  C:\Windows\SysWOW64\usp10.dll - ok
20:29:20.0027 0x0fdc  [ A030B48F73CB01B89AD5CF725240401A, 3334AFA0C57F2A9EFF0FC466B62AAD6513191360BF46CEB337E089650AD5A474 ] C:\Windows\System32\OnDemandConnRouteHelper.dll
20:29:20.0027 0x0fdc  C:\Windows\System32\OnDemandConnRouteHelper.dll - ok
20:29:20.0037 0x0fdc  [ 151427E526E96471A45FF6CC2257FBA0, 00E26857FCD7FA2985CB9B29E29A636E50879687595594D700A562D8C787CFA7 ] C:\Windows\System32\Windows.UI.Search.dll
20:29:20.0037 0x0fdc  C:\Windows\System32\Windows.UI.Search.dll - ok
20:29:20.0051 0x0fdc  [ 2FE534AC99FE081D9A6950C0C8032751, DF0AA724E9762B124B2B05EA7DA6061A44C470906A220D34017D3F912E64E3AA ] C:\Windows\SysWOW64\msls31.dll
20:29:20.0051 0x0fdc  C:\Windows\SysWOW64\msls31.dll - ok
20:29:20.0066 0x0fdc  [ F26EF8EB298CD2BE8A2F6B9BACA3EEF3, 44EE7145FEC69FACBFF75485E83F4258DD7EDD63BC7A554A5E12BA67B6B19398 ] C:\Windows\System32\VAN.dll
20:29:20.0066 0x0fdc  C:\Windows\System32\VAN.dll - ok
20:29:20.0080 0x0fdc  [ C3243F65447388A35107A996AC8B30C2, 51709134C24205DB62537F85CBC36B17DBD3BF034614115560CF72D379216880 ] C:\Windows\SysWOW64\ExplorerFrame.dll
20:29:20.0080 0x0fdc  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
20:29:20.0094 0x0fdc  [ CFE23A35E84A2CCA5DE8DF34DC238782, 1E570819CF4104F563D0895259A210E4062B29BD6AECE408793417E38B2422F3 ] C:\Windows\SysWOW64\duser.dll
20:29:20.0094 0x0fdc  C:\Windows\SysWOW64\duser.dll - ok
20:29:20.0109 0x0fdc  [ A5BFF3597F39015F18AC756F2B475D58, 9DFCC63C0010F4A988C64BEDD863A85B07FC7B068E6B3B07838B14C9ACF2FDF8 ] C:\Windows\SysWOW64\dui70.dll
20:29:20.0109 0x0fdc  C:\Windows\SysWOW64\dui70.dll - ok
20:29:20.0123 0x0fdc  [ 98A755F17458A425CCE6389346BA6540, D4B117BF19D6FD2D284D7CB6A7D24B91F023F5F8B0B3EB9894616BD60431552E ] C:\Windows\System32\wincorlib.dll
20:29:20.0123 0x0fdc  C:\Windows\System32\wincorlib.dll - ok
20:29:20.0137 0x0fdc  [ 30EC406493F585A43BC3F6E813E266A7, 0AF4F6941FA321AF916443443F268A15E1DA61342B7CDA9D1C911EBE17972749 ] C:\Windows\System32\WSClient.dll
20:29:20.0138 0x0fdc  C:\Windows\System32\WSClient.dll - ok
20:29:20.0152 0x0fdc  [ C2F515FC027867E5EAF12AC9815B3ABD, EEFAF2F751D0E4A2BFF6BC552E7E8D0DE6878B449AB38392BBF035B5139D2CFD ] C:\Windows\System32\WSShared.dll
20:29:20.0152 0x0fdc  C:\Windows\System32\WSShared.dll - ok
20:29:20.0167 0x0fdc  [ 839CF25B9B8614CE7319BC5CF1F5C01F, 586DA741CF98840E349EB08EE6102E42D69FD0CED41DCF5C34DD33411BDA5A4B ] C:\Windows\System32\WSSync.dll
20:29:20.0167 0x0fdc  C:\Windows\System32\WSSync.dll - ok
20:29:20.0180 0x0fdc  [ D4E3BC36A7A0D7A445DCF7342DCB3566, 1816BDBAAFC44D04947FA6B5AE93278E32C1E45E38CDB309EC352CB444AA9C87 ] C:\Windows\System32\ELSCore.dll
20:29:20.0180 0x0fdc  C:\Windows\System32\ELSCore.dll - ok
20:29:20.0195 0x0fdc  [ 776F9D8FA4186E2976DBC89D99CB59A6, 65CE3346E0149889494A7B6E05393D0AA24879D9B913571DA2F94DD01BE10E81 ] C:\Windows\System32\WPDShServiceObj.dll
20:29:20.0195 0x0fdc  C:\Windows\System32\WPDShServiceObj.dll - ok
20:29:20.0210 0x0fdc  [ 7101124E9C48FDBCD7C3DA690990010B, E4FC33B2D38CC75BF0C98A69DA2860F000BC17FFC86C96B342BDFDDE6C247C00 ] C:\Windows\System32\bthprops.cpl
20:29:20.0210 0x0fdc  C:\Windows\System32\bthprops.cpl - ok
20:29:20.0224 0x0fdc  [ 89C84BF2D5A2A5DD867E046488B8DDE3, 174C0BF9B1FB3504D36FEE0D37A0A957FB5D7B38A7878428399EEC6EB4537D44 ] C:\Windows\System32\BluetoothApis.dll
20:29:20.0224 0x0fdc  C:\Windows\System32\BluetoothApis.dll - ok
20:29:20.0239 0x0fdc  [ E6B65614304E4695C87FC4BD8894F3B3, 22B99BC0B863D6834D272B4AFF0A52F6C968056BFBFE8D73114C33C89CB8432A ] C:\Windows\System32\networkexplorer.dll
20:29:20.0239 0x0fdc  C:\Windows\System32\networkexplorer.dll - ok
20:29:20.0255 0x0fdc  [ 91AA701CC14DEDD1DD62E27CCADFD99B, 7977DAAC0F7584369D24C6DD6C14204F74DB99367367419469908738FF01A9A2 ] C:\Windows\System32\ThumbnailExtractionHost.exe
20:29:20.0255 0x0fdc  C:\Windows\System32\ThumbnailExtractionHost.exe - ok
20:29:20.0270 0x0fdc  [ 53FB52AC29DF3DF005273AC179141E62, A060C479E6F46CD0BB0438BCAB9259521DD8A0C5FB1D7480632D060ACA0C8CA6 ] C:\Windows\System32\drprov.dll
20:29:20.0270 0x0fdc  C:\Windows\System32\drprov.dll - ok
20:29:20.0286 0x0fdc  [ EDC796C4C9588D28CCB6031E365C4F32, 5526715B3B8D4D09750A8E400B97E1B8A8E475B0CD4EF650480B56B3783BD9D4 ] C:\Windows\System32\ntlanman.dll
20:29:20.0286 0x0fdc  C:\Windows\System32\ntlanman.dll - ok
20:29:20.0295 0x0fdc  [ DE320127B1ED10BF465AF9FB7EBD4557, BFF3F36E8398A089406F33C596398289CD20221E2F82235B3C9897540E6EE02E ] C:\Windows\System32\PortableDeviceTypes.dll
20:29:20.0295 0x0fdc  C:\Windows\System32\PortableDeviceTypes.dll - ok
20:29:20.0311 0x0fdc  [ 19F84D6153C06FE71203517BDAC9EA9F, 14B95B657CAE351D8E7E1400EAECDE66892C10B4B32FB37935B6C3CAE6203D72 ] C:\Windows\System32\davclnt.dll
20:29:20.0311 0x0fdc  C:\Windows\System32\davclnt.dll - ok
20:29:20.0327 0x0fdc  [ 8F37ADC302D59D09E0A9D29B9A78D3A6, D2438D5D5A1FE00ABEF14C1BBE1F89FD15F2CFD7DAE6773E35EEF371754884A9 ] C:\Windows\System32\davhlpr.dll
20:29:20.0327 0x0fdc  C:\Windows\System32\davhlpr.dll - ok
20:29:20.0339 0x0fdc  [ 7668892E7ABC6FE867DCB097B36B6F3C, D182F048289DA6F24A628A57E54E46C3E7CF4EFBC4E1815B9E933A75D8F8D632 ] C:\Windows\System32\Windows.UI.dll
20:29:20.0339 0x0fdc  C:\Windows\System32\Windows.UI.dll - ok
20:29:20.0355 0x0fdc  [ 29CAE0205F1749741308FC3D9E7433C0, EADD80911C65821FB9A335610E325BD49C0F0C5D1A17C2E7F053A9B8E6F9DE0A ] C:\Program Files\Windows Portable Devices\sqmapi.dll
20:29:20.0355 0x0fdc  C:\Program Files\Windows Portable Devices\sqmapi.dll - ok
20:29:20.0371 0x0fdc  [ 0512FCA695595018A289C032A409EA64, 608922D1970E8FAC02DA0F01920C4E3706BE75C116018322FBCB926DC90882E7 ] C:\Windows\System32\SettingMonitor.dll
20:29:20.0371 0x0fdc  C:\Windows\System32\SettingMonitor.dll - ok
20:29:20.0386 0x0fdc  [ D3EC1112BE0E06ED94308A7B97C929EF, 4BB9690070EC72713F656D9F08090EC579515A1806CC4FDE84BEF433F68A6996 ] C:\Windows\System32\srchadmin.dll
20:29:20.0386 0x0fdc  C:\Windows\System32\srchadmin.dll - ok
20:29:20.0402 0x0fdc  [ DBC61FE275917E75AE077A04E701C474, B9CE006FCC2B9892D689BD6DA831854514C6F6890B58FF8F87B19026266492E9 ] C:\Windows\System32\SearchIndexer.exe
20:29:20.0402 0x0fdc  C:\Windows\System32\SearchIndexer.exe - ok
20:29:20.0417 0x0fdc  [ 0C5C304C3A2D9E9633A7506CBB04929E, 5DD6B3C68BFB86D22F0344A54FD2356114CE30BAEE33C112026803BE84D94E08 ] C:\Windows\System32\Windows.UI.Xaml.dll
20:29:20.0418 0x0fdc  C:\Windows\System32\Windows.UI.Xaml.dll - ok
20:29:20.0432 0x0fdc  [ EFF09C9865290B159F79980113358299, DCBDB210155712CEBE3FADF082C1C622A4637639A7EED4F43C60D246EF80297D ] C:\Windows\System32\tquery.dll
20:29:20.0432 0x0fdc  C:\Windows\System32\tquery.dll - ok
20:29:20.0446 0x0fdc  [ 6B7B2211C293218706D491204FCE8695, 908DAE2FC3E0F032CA38A362D05B1D0B4B9C5A8DEA1FF0DA15784FFCCC27C504 ] C:\Windows\System32\SearchFolder.dll
20:29:20.0446 0x0fdc  C:\Windows\System32\SearchFolder.dll - ok
20:29:20.0461 0x0fdc  [ AB7892A876ED44FC9C1D80FD9F3046E0, F5AA37343F8BF3B6AD811F3F88CB227CDD7D02EA1A42BAF6A273087C0FAAA24A ] C:\Windows\System32\StructuredQuery.dll
20:29:20.0461 0x0fdc  C:\Windows\System32\StructuredQuery.dll - ok
20:29:20.0476 0x0fdc  [ 19AF77545FD61995E1062277320A92AF, 0A65204F9815AC2165387783F08D86382F33714439BD045C87DB766603B80634 ] C:\Windows\System32\mssrch.dll
20:29:20.0476 0x0fdc  C:\Windows\System32\mssrch.dll - ok
20:29:20.0490 0x0fdc  [ 951AECDFBE4925B59769D49873DD8051, B35B8ACFA0386A5E2BD3884498FF53BD676CF985D595D539F98A9C5183F6FD14 ] C:\Windows\System32\msidle.dll
20:29:20.0490 0x0fdc  C:\Windows\System32\msidle.dll - ok
20:29:20.0504 0x0fdc  [ 51E0339BAA4C418D894B0BF888A344A6, 0CBF88CEAB09615BCFE242BFF5E02872F2516EBFB19E6856E3B4710366140855 ] C:\Windows\System32\EhStorShell.dll
20:29:20.0504 0x0fdc  C:\Windows\System32\EhStorShell.dll - ok
20:29:20.0519 0x0fdc  [ 5B6EAF5BBB526E2B042016A1F061AC4D, 6E90F69E76C48F2ABD0E03B5DF2C2544C9AEA3BAD8B3DF0112528277CB05E380 ] C:\Windows\System32\mssprxy.dll
20:29:20.0519 0x0fdc  C:\Windows\System32\mssprxy.dll - ok
20:29:20.0534 0x0fdc  [ 5F43F4C1BE64D432DCF6FBB8006A4469, 348CDC13205B3B2AF14CB6A914A04493073ACD20723A7D77F05E9C5EEDC7247B ] C:\Program Files (x86)\Google\Drive\googledrivesync64.dll
20:29:20.0534 0x0fdc  C:\Program Files (x86)\Google\Drive\googledrivesync64.dll - ok
20:29:20.0543 0x0fdc  [ 8256A8312C19BB8E09798FB227D077F5, 8204CAD8889DD09A44E9C55AD338A1D2E9D7935F8FC693578AA594484F6C6850 ] C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll
20:29:20.0543 0x0fdc  C:\Program Files\Common Files\microsoft shared\ink\IpsPlugin.dll - ok
20:29:20.0553 0x0fdc  [ 8B4FF31A06DA3BFB82D37D77040B2019, 8C238DFBD66F2E656009787604113AB0799C03DB2E9DE0CCEAC3D2560FCF5A63 ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll
20:29:20.0554 0x0fdc  C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcp90.dll - ok
20:29:20.0569 0x0fdc  [ 4585BC6152F3F255EF1E10A663D0FB0D, 3DC8143FF4A75C583A6C4C53EABE2B3B06A130ADF3333D30BBEA6504FDBDF04A ] C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll
20:29:20.0569 0x0fdc  C:\Windows\WinSxS\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_08e793bfa83a89b5\msvcr90.dll - ok
20:29:20.0583 0x0fdc  [ FCD3596AC11042A543CF54294A54B579, 50373666C941D4DC61DF2F2FAB5C7C214D3C61DA11433A65B998843548460580 ] C:\Windows\System32\gameux.dll
20:29:20.0583 0x0fdc  C:\Windows\System32\gameux.dll - ok
20:29:20.0597 0x0fdc  [ 0515B5D282D87678EE47D23AF95A948A, FC0757685C1E3155058F7602CD4462FEFC584918F7EA3F218DC8E76C0DB630D6 ] C:\Windows\System32\imapi2.dll
20:29:20.0597 0x0fdc  C:\Windows\System32\imapi2.dll - ok
20:29:20.0611 0x0fdc  [ 2BDB77B4D90E70480A5FC8846EFDD953, A8B16C26FA96FBD8373CD84395AE8215D127B50C6A4900B214458472E6C5ED12 ] C:\Windows\System32\SNTSearch.dll
20:29:20.0611 0x0fdc  C:\Windows\System32\SNTSearch.dll - ok
20:29:20.0625 0x0fdc  [ 366FA6D38406DC8BED62825C196144D1, B5A507DDF854664C38E410C2AF841554BC0D459B13DD101691E77BD5E3AE82DA ] C:\Windows\System32\ieframe.dll
20:29:20.0625 0x0fdc  C:\Windows\System32\ieframe.dll - ok
20:29:20.0640 0x0fdc  [ 475FB7084CC6D2D11A2B6E56CF91C57B, DCB9A0B8047B6AB8B4D19961523D6B69FA0A9F72000C351CFD6FD243B529F3E4 ] C:\Windows\System32\msiltcfg.dll
20:29:20.0640 0x0fdc  C:\Windows\System32\msiltcfg.dll - ok
20:29:20.0654 0x0fdc  [ 7C514A95C3EAB34547DDBEA9AB09FC19, 9C807A35AB9C8B9EDB4DDFAB37B97A4C85BEF4EBE6ED8A3FDA6DC80C09CF044B ] C:\Windows\System32\hgcpl.dll
20:29:20.0654 0x0fdc  C:\Windows\System32\hgcpl.dll - ok
20:29:20.0669 0x0fdc  [ 3E9F09C81250B892623CCB5E5FC4EB33, 17828C771B61AC2928D9A15D965727A82EF144A95681BB5E5E32FA1B11E37210 ] C:\Windows\System32\msi.dll
20:29:20.0669 0x0fdc  C:\Windows\System32\msi.dll - ok
20:29:20.0683 0x0fdc  [ 629F14BFCF14C89D128618CA5A09CB03, C047EFDC352396DF58EDD900CA1B8FE86FC0C62585A2F7FF9E591F95AE982E7E ] C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll
20:29:20.0684 0x0fdc  C:\Program Files\Common Files\microsoft shared\ink\tiptsf.dll - ok
20:29:20.0697 0x0fdc  [ 2C161B551FDEEA7069CB87F3BE5E34C6, 515A0F1D71793D3C9509E929334557EB441D36BF4870273583E4D68A331B09FD ] C:\Windows\apppatch\AcGenral.dll
20:29:20.0697 0x0fdc  C:\Windows\apppatch\AcGenral.dll - ok
20:29:20.0711 0x0fdc  [ 0D70F07EB0BCCE2B13652EFFF0DDD75F, FC244FEC0A9745B94C772C68779DFFBE9A162BE8C03103ADE8CFA410B008B4F0 ] C:\Windows\SysWOW64\msacm32.dll
20:29:20.0711 0x0fdc  C:\Windows\SysWOW64\msacm32.dll - ok
20:29:20.0726 0x0fdc  [ 7AF1074DAB6D56D0A575F507B6AC266E, FAC5F0F88D4EE13505E04B2DF6EB01212ADEFA72637F54CE36DFF62473718B36 ] C:\Windows\SysWOW64\mstask.dll
20:29:20.0726 0x0fdc  C:\Windows\SysWOW64\mstask.dll - ok
20:29:20.0740 0x0fdc  [ C97E772120135CD320CB217C92105B12, B25E937F741C8E1AE230E36E9C151AC45A7DE567FE1BF043A044BE2C81FDE008 ] C:\Windows\SysWOW64\winspool.drv
20:29:20.0740 0x0fdc  C:\Windows\SysWOW64\winspool.drv - ok
20:29:20.0780 0x0fdc  [ E81AC183EE021B3EC81B4005F4CE2D7D, D2486FCE463B1392283A8F1E6AAF7BE0E79463EE83290BFFC19FE7DCF9643160 ] C:\Windows\SysWOW64\linkinfo.dll
20:29:20.0781 0x0fdc  C:\Windows\SysWOW64\linkinfo.dll - ok
20:29:20.0795 0x0fdc  [ EFD9B12C1CD8FDFD50C48153AF0A49F3, EB5F906324DD1BC62BA92605F07EE1C2A94BCBA18845394AC2A48B22CF57F971 ] C:\Windows\SysWOW64\ntshrui.dll
20:29:20.0795 0x0fdc  C:\Windows\SysWOW64\ntshrui.dll - ok
20:29:20.0805 0x0fdc  [ 04B470896143EA0BCCB210467DC69498, A2A577462A8C649D98D14C83EA88AA5A061768C86718BA09560FA6BB0E902DEA ] C:\Windows\System32\apprepapi.dll
20:29:20.0805 0x0fdc  C:\Windows\System32\apprepapi.dll - ok
20:29:20.0820 0x0fdc  [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:29:20.0820 0x0fdc  C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe - ok
20:29:20.0835 0x0fdc  [ 5F540AD6674AEFD64C1051648FF87DE3, BA4935185BD57AD6FB975F50AA49E8B6826A60DBCF1E3CB583582FC0BA09B503 ] C:\Windows\System32\dsound.dll
20:29:20.0835 0x0fdc  C:\Windows\System32\dsound.dll - ok
20:29:20.0849 0x0fdc  [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
20:29:20.0849 0x0fdc  C:\Windows\System32\RtkCfg64.dll - ok
20:29:20.0863 0x0fdc  [ BC34B8831FAE17E5E7BD8318EDDC90BB, E74E785D24AF719DBB1FA578081B044DEA3D08197FBBC1215AAE965AD304176B ] C:\Windows\System32\RtkAPO64.dll
20:29:20.0863 0x0fdc  C:\Windows\System32\RtkAPO64.dll - ok
20:29:20.0877 0x0fdc  [ 01851563CB6FB986A4C0221C15AB6ADC, 2B299A0281C2D28FFAA424E244B4381831983C7677EF009E0CF3CF4634910037 ] C:\Windows\System32\AudioEng.dll
20:29:20.0878 0x0fdc  C:\Windows\System32\AudioEng.dll - ok
20:29:20.0892 0x0fdc  [ B43E68B8A022FB00FF54360D408E871B, 414F8F45729CAEC81A09A72A473EB12DC2ED861C39DFD343ECE79652F65DCEA8 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:29:20.0892 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
20:29:20.0908 0x0fdc  [ A8428270F8958E460554698270E65EBF, 6CBB7BA1EA5757210D72ECD4564053EF702860E83F06F5F5024573EE9570BA8E ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\chrome_elf.dll
20:29:20.0908 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\chrome_elf.dll - ok
20:29:20.0924 0x0fdc  [ 0E48C278F9C2A71F48EEB644D30C4BAA, 0CE5A39271D11A604C41CC60B7CB0DFF957DD69D6B5AA77F41DB1556D5478910 ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\chrome.dll
20:29:20.0924 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\chrome.dll - ok
20:29:20.0939 0x0fdc  [ 6501CAF611A5A59992081A35BF62217F, 1F29334A37F2F6B4E412E02E78158C3FBCF790A8CBE0E5FB820754CE529399FE ] C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
20:29:20.0939 0x0fdc  C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe - ok
20:29:20.0954 0x0fdc  [ 8DB30DA1FA8620A5C4AF53DEB85194D8, D106A7F3970324ED13943CA6E81626D500A6B38C117FB77A4F4F6AB18B2BA0AB ] C:\Windows\SysWOW64\NapiNSP.dll
20:29:20.0954 0x0fdc  C:\Windows\SysWOW64\NapiNSP.dll - ok
20:29:20.0969 0x0fdc  [ 4947B4C100BE88C83F027D1C8DBC4B84, 1C35AE176FA15918A8FEA50ED5D74B2BE18E3AE19928EF74A69690234FF9810F ] C:\Windows\SysWOW64\pnrpnsp.dll
20:29:20.0969 0x0fdc  C:\Windows\SysWOW64\pnrpnsp.dll - ok
20:29:20.0985 0x0fdc  [ F604350906CE4E3F67D81384566DE3E4, 5A5AC4A42E40B34193DA41002133F2CBE4B48310408185A8846E3F112852029F ] C:\Windows\SysWOW64\nlaapi.dll
20:29:20.0985 0x0fdc  C:\Windows\SysWOW64\nlaapi.dll - ok
20:29:21.0000 0x0fdc  [ 8700883867FBD565BF6C2DAE8B2D7810, DAD073DA251EB1AF756EE7739427B305FBE6D8F74B63D8B1CEC301ED8A2023BA ] C:\Windows\SysWOW64\winrnr.dll
20:29:21.0001 0x0fdc  C:\Windows\SysWOW64\winrnr.dll - ok
20:29:21.0014 0x0fdc  [ 787648B9C1E7503D097D49EE46D9621F, BAA64BCC89190F073DDA287BEC15E2490F889FFB9F7AB3B1515ACEFA0B6E8290 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
20:29:21.0014 0x0fdc  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
20:29:21.0029 0x0fdc  [ DDE972537280676F685DEC67CE28932D, 781C862035C226C03008533B2CFAD3906661417C689E8A070C2D9639868F1C0B ] C:\Windows\System32\SearchProtocolHost.exe
20:29:21.0029 0x0fdc  C:\Windows\System32\SearchProtocolHost.exe - ok
20:29:21.0044 0x0fdc  [ 20CF6C36949E73BE4462F09E1CAA1951, 39F12C70D3AC3B411CA7AB7C5D6073011C98C321B427FC63EF1D74992FE168DB ] C:\Windows\SysWOW64\wbemcomn.dll
20:29:21.0044 0x0fdc  C:\Windows\SysWOW64\wbemcomn.dll - ok
20:29:21.0053 0x0fdc  [ 204A549F6AA4DC2F4CAF371FAA16747A, 323560257E409347D3BA1A3AC431C3EF0CD6C350F6BB1D5B5288A577F3F156ED ] C:\Windows\SysWOW64\oleacc.dll
20:29:21.0053 0x0fdc  C:\Windows\SysWOW64\oleacc.dll - ok
20:29:21.0067 0x0fdc  [ 8DB526FBAE35EAFBB25BA8BF5F491027, 68DC497E13F5AA9F79907719534DFB5FDCE2C282DBF6283EBFD32B69B523BB9A ] C:\Windows\SysWOW64\credui.dll
20:29:21.0068 0x0fdc  C:\Windows\SysWOW64\credui.dll - ok
20:29:21.0081 0x0fdc  [ 998AA337D8CA0E8832B3BB4AF8BBC7A0, BB80479723DD1E10006F8EA5C82095D37BB83A01D773D08D1CDA99DD0B51F2AB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
20:29:21.0081 0x0fdc  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
20:29:21.0096 0x0fdc  [ 8DE93017BA7F77E95DF57E753269623D, 92238DB2684D5A1352B4BB492DFB3CFE219073AC63CE0CAE0A8D12CCF23A9A7D ] C:\Windows\SysWOW64\wbem\fastprox.dll
20:29:21.0097 0x0fdc  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
20:29:21.0112 0x0fdc  [ A2A6F802D87CCE216C39B045FC118F60, 2CDE46BD38984D6382CA6E7E8055FFFE5E7110ABA582DAA463F20171CB465E07 ] C:\Windows\SysWOW64\hid.dll
20:29:21.0112 0x0fdc  C:\Windows\SysWOW64\hid.dll - ok
20:29:21.0126 0x0fdc  [ B117A586AF354814BA3BF653A8DBBEBB, 382EEADC2A4EE39FBB86902F5D43D83D1DD166B98128B061B6F72B881D37AB3F ] C:\Windows\System32\msshooks.dll
20:29:21.0126 0x0fdc  C:\Windows\System32\msshooks.dll - ok
20:29:21.0140 0x0fdc  [ 4B3F35E39B380B4E7CA504311C2E0816, D1BA5584E2EDA8CFCF09E0F997B827E6D2699B55AF35617B26B9A92BBD7C88F5 ] C:\Windows\SysWOW64\KBDUS.DLL
20:29:21.0140 0x0fdc  C:\Windows\SysWOW64\KBDUS.DLL - ok
20:29:21.0155 0x0fdc  [ FF48213516573E515185F3E03ED9DAFC, 890536A7BB3AC1BFD01EAC137D9DB9B1845A8599A0DE0647A42262C43AD30985 ] C:\Windows\System32\SearchFilterHost.exe
20:29:21.0155 0x0fdc  C:\Windows\System32\SearchFilterHost.exe - ok
20:29:21.0169 0x0fdc  [ 8F36F399F9EFBA4FA7B6A4E5305817EA, 1AB0A065FA6F58CBFCDCEFDBA282E44AFCBC131F360300D840D113A7022C3F7C ] C:\Windows\SysWOW64\dhcpcsvc6.dll
20:29:21.0169 0x0fdc  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
20:29:21.0183 0x0fdc  [ D229F8699331DE4F5E812CEC5701031D, B0D0151F342B069FF03436F79E6C309486E696E781FCB18BB36AAB4704EC03BB ] C:\Windows\SysWOW64\dhcpcsvc.dll
20:29:21.0183 0x0fdc  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
20:29:21.0197 0x0fdc  [ CE6D08350D0A1278E9A97D94023D1800, 54AACAADDD25CC44B59A7637C3A1E7E3A8392CC6D22F4D2C5A202D29BF44AFC1 ] C:\Windows\System32\wbem\WmiPrvSE.exe
20:29:21.0198 0x0fdc  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
20:29:21.0212 0x0fdc  [ A3ECC0F6960AA699895CB48BC69BEA3B, 35AE275C19130C4AEDA194E939AA7D924826651C611FBEDB88FF56C142C904CD ] C:\Windows\SysWOW64\AudioSes.dll
20:29:21.0212 0x0fdc  C:\Windows\SysWOW64\AudioSes.dll - ok
20:29:21.0226 0x0fdc  [ AA195EEF529D57407B4E75D0ADF2CEF1, C88B7C4B1747AABE0842471F4C8026718CE92AE7B0ACFF0760C2C948B9025DCA ] C:\Windows\SysWOW64\powrprof.dll
20:29:21.0226 0x0fdc  C:\Windows\SysWOW64\powrprof.dll - ok
20:29:21.0240 0x0fdc  [ 858E46BB06924EB01C3DF8AEF2DC1CDF, 9A1B03FB12FF5F9CA1E51F2B0CBBD67669561CE3D8728718FAE1547CAA6C230C ] C:\Windows\System32\mssph.dll
20:29:21.0240 0x0fdc  C:\Windows\System32\mssph.dll - ok
20:29:21.0255 0x0fdc  [ 7EC611582CF2124499A28946AEEBC3B4, C4B1837A67C9217822588AA43ADA21B98267DDB16B63C69980CB681FF2AD14AE ] C:\Windows\SysWOW64\MMDevAPI.dll
20:29:21.0256 0x0fdc  C:\Windows\SysWOW64\MMDevAPI.dll - ok
20:29:21.0270 0x0fdc  [ 5B672B6FA8986959988032DA24480748, E5F9F1148C8A03A7F361183DAE3B06F9847CB8DAC0659D73FDB76B0FAED02B80 ] C:\Program Files (x86)\Google\Drive\googledrivesync.exe
20:29:21.0270 0x0fdc  C:\Program Files (x86)\Google\Drive\googledrivesync.exe - ok
20:29:21.0284 0x0fdc  [ 4A895F718857F9A7F6198951F3B106CB, 8377EBDB9F8C1AA7A82F338A93B110DA1473D0B517E3D8B2A0E8187384899DAA ] C:\Windows\System32\mapi32.dll
20:29:21.0284 0x0fdc  C:\Windows\System32\mapi32.dll - ok
20:29:21.0300 0x0fdc  [ 33F5EE33BAAD7DEF96DA4270D0F4B308, 97A554E73AFC4BA6C638DF14F77D61423CF37C25A61509CABB17E930812C289D ] C:\Windows\System32\wbem\cimwin32.dll
20:29:21.0300 0x0fdc  C:\Windows\System32\wbem\cimwin32.dll - ok
20:29:21.0307 0x0fdc  [ 4874EB05C1BE374B8A4AC15DF3DB07B0, 05B8D5CC52006308BAA9A91584E4E49BE97C10B7FB2628F0DD8EB8C93E47E49E ] C:\Windows\SysWOW64\gpapi.dll
20:29:21.0307 0x0fdc  C:\Windows\SysWOW64\gpapi.dll - ok
20:29:21.0322 0x0fdc  [ 0094AEEC1FABFAF70383D5AF89464CB5, AA234CA70DF04655013085699544D576E497D2606C585FFBF63556D92C7AB4F3 ] C:\Windows\System32\Query.dll
20:29:21.0322 0x0fdc  C:\Windows\System32\Query.dll - ok
20:29:21.0336 0x0fdc  [ C32ADB033616D0409641BCD4439033F8, 195349D40A7B573DB382037BE3F49C9748F576CECCB9013FCB67A6407FA12E19 ] C:\Windows\System32\framedynos.dll
20:29:21.0336 0x0fdc  C:\Windows\System32\framedynos.dll - ok
20:29:21.0350 0x0fdc  [ AA99B1C1690199041C5DC25C65CABF32, 7B90EFCC7B678DE57DBBE8DBA7C576775B06A711042EF50CBC7BE84FC47848CE ] C:\Windows\SysWOW64\aticfx32.dll
20:29:21.0350 0x0fdc  C:\Windows\SysWOW64\aticfx32.dll - ok
20:29:21.0363 0x0fdc  [ E864425BF77080E8D780A3AEB3AF7E13, 4508C51327232983802B514704B70B9298B2952214F6EB454597DA5DEA2D569B ] C:\Windows\System32\wmi.dll
20:29:21.0364 0x0fdc  C:\Windows\System32\wmi.dll - ok
20:29:21.0378 0x0fdc  [ C158E0294DD92646A0634679D9413A42, 2106CC803039F588500DF6890C46F2D181966D8FA3302133E4D52FF27CE459C8 ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\chrome_child.dll
20:29:21.0378 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\chrome_child.dll - ok
20:29:21.0394 0x0fdc  [ 564B43AE09C66E6D7D442B0B5C5925CD, 8D1388AE0A068BBB96EECCCCCF3E9FA4FDA83DD14E65B15D7DCBF72710B0EC7E ] C:\Windows\SysWOW64\comctl32.dll
20:29:21.0394 0x0fdc  C:\Windows\SysWOW64\comctl32.dll - ok
20:29:21.0409 0x0fdc  [ 081E2D5A7875895A4A857B3DA8335695, 48D7968F2B6397B4090C4D6DCB3288041A92BF8207CD4AE807E66BCFC7DC7466 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:29:21.0409 0x0fdc  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
20:29:21.0424 0x0fdc  [ 260A56A8164CBDF9884BB9B2895F6AB2, 1822A5A788F2C4309CC82DA0B756B05AA70802AA65551EE022050C2AB6B8DD0E ] C:\Windows\SysWOW64\Wpc.dll
20:29:21.0424 0x0fdc  C:\Windows\SysWOW64\Wpc.dll - ok
20:29:21.0438 0x0fdc  [ 40B4AD535A454BE8B9344DE7C728DA2B, 30F69999A2487CF23CB65BEAF045AB6EBE0B1C76F372B1F511D569EF94D69224 ] C:\Windows\SysWOW64\atiadlxy.dll
20:29:21.0438 0x0fdc  C:\Windows\SysWOW64\atiadlxy.dll - ok
20:29:21.0452 0x0fdc  [ DC225130BCAE999B1A660EEBF3D2E813, 563CB862B9DA11739A66C4D7E6AAFC3BAADD1CF8638A354D4ABC5AC11C2C88D4 ] C:\Windows\System32\MSWB7.dll
20:29:21.0452 0x0fdc  C:\Windows\System32\MSWB7.dll - ok
20:29:21.0467 0x0fdc  [ 184A4B91C71A122B1E38FD1C7D35FE7F, 0D3B1C93AC5B822D26D1D4B52002A6647C4EB036DBBDDB8F50471DDAD0EB6E2B ] C:\Windows\SysWOW64\wevtapi.dll
20:29:21.0467 0x0fdc  C:\Windows\SysWOW64\wevtapi.dll - ok
20:29:21.0481 0x0fdc  [ 5BF8E37FA1E25227480F9CD2ACA21FB6, 58D9A00888AF693B2A5222FE74CFDED32CE83E74F85B474F1CBE5987217B5A9D ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\d3dcompiler_46.dll
20:29:21.0481 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\d3dcompiler_46.dll - ok
20:29:21.0495 0x0fdc  [ 83058B0F0CEC63A5A7438818B71C0935, 5D0B59AEEB24DF2755C1B8C23B4EE44130DFED432BD5EB6B2D064110BE3D83C0 ] C:\Windows\SysWOW64\msxml6.dll
20:29:21.0495 0x0fdc  C:\Windows\SysWOW64\msxml6.dll - ok
20:29:21.0510 0x0fdc  [ 121BCF3FB6C1F8AA214EB83C76B944FB, 601696238E353AF241C28B20A1FCBD75B3CE92D6FE6B1A427E9D653FCFA8BA5A ] C:\Windows\System32\elsTrans.dll
20:29:21.0511 0x0fdc  C:\Windows\System32\elsTrans.dll - ok
20:29:21.0525 0x0fdc  [ D1F33EF29B32562B7AE629351ACDB799, 5E3F0F217E9904F545B6DFC8E2C38EEDE71B23661D3C1E9FD79ECA0534D3CF00 ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll
20:29:21.0526 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libglesv2.dll - ok
20:29:21.0540 0x0fdc  [ 4CB85D450E4816BEDBBDB8ABD697F597, 8190B08A59FF468000D06C7F757201FDE437A82CF560929F47673FC3CD81514E ] C:\Windows\System32\elslad.dll
20:29:21.0540 0x0fdc  C:\Windows\System32\elslad.dll - ok
20:29:21.0556 0x0fdc  [ D6FF94ED4D086489A453134F0AE33FD3, 47E1CE640E9AB6B8DD148DACA80B1D07BCF69DF9F6B109285419447B9A4025FF ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
20:29:21.0556 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe - ok
20:29:21.0564 0x0fdc  [ 689ABA32B7C61B9B3E0153E83F638C57, C95CFB29680E9B11514842E79BE72D7E009C0BEE7619DA333A26684A2F03B7D1 ] C:\Windows\System32\NaturalLanguage6.dll
20:29:21.0564 0x0fdc  C:\Windows\System32\NaturalLanguage6.dll - ok
20:29:21.0579 0x0fdc  [ 8EAD5F0BC40579B106CDD9D2591CFEC5, 5ED195E892811FE93E5FD61B2EB94988A3189B486EDB8C98071DCD31A20B6185 ] C:\Windows\SysWOW64\d3d9.dll
20:29:21.0579 0x0fdc  C:\Windows\SysWOW64\d3d9.dll - ok
20:29:21.0594 0x0fdc  [ 724CB7A116F7E1A67009D751BCF86586, F0C4BE7451C5573AD584F5EF125C0702841E30D928909B5B3EA702831EF2FD9B ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe
20:29:21.0594 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvc_P2G8.exe - ok
20:29:21.0610 0x0fdc  [ 5545195EBABD09926365B0D9F58FAABB, 55EC0F40C682D82634FE3FBF817D41F582CBEA0FCF64650E0C61A4A2CE237E09 ] C:\Windows\System32\NlsData0003.dll
20:29:21.0610 0x0fdc  C:\Windows\System32\NlsData0003.dll - ok
20:29:21.0625 0x0fdc  [ 445400E755572A59D763C5C5A3139D79, 2CF0A96F5BA191EE1EEA397D075DE397BEA35C7159129763C846EC42FD024849 ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
20:29:21.0625 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll - ok
20:29:21.0641 0x0fdc  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
20:29:21.0641 0x0fdc  C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe - ok
20:29:21.0656 0x0fdc  [ B7F55E2AE978D3D34F7876EE5D689AAE, 2A950042529DC2C6495E691557043B5B15E483079F4135675E495C121F7C0ED0 ] C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe
20:29:21.0656 0x0fdc  C:\Program Files (x86)\CyberLink\YouCam\YCMMirage.exe - ok
20:29:21.0671 0x0fdc  [ C3A5FFD57C2563204CD9351F0C7A0DEA, 107899DBCF33DB6844B59D27C768069635B6A21E1BD20B9A1E7DCF3A7F895657 ] C:\Program Files (x86)\CyberLink\Power2Go8\msvcp71.dll
20:29:21.0671 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\msvcp71.dll - ok
20:29:21.0686 0x0fdc  [ 8C936BF16422C92B2F200088718014E0, 04CF872D857B28D7FFBF6A144EEAB80E426B461438BFA2519A6A2BA3253B6CEB ] C:\Windows\System32\NlsLexicons0003.dll
20:29:21.0686 0x0fdc  C:\Windows\System32\NlsLexicons0003.dll - ok
20:29:21.0701 0x0fdc  [ EBAE9EE13F51F38B57D616CF4A420682, E27969D5F0B796C2C8DA7C46680AB6C797A8F297B105477B71B4871F8F7B62FD ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
20:29:21.0701 0x0fdc  C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe - ok
20:29:21.0716 0x0fdc  [ A1A6FC56A1D0DADC164637FE43C40605, 8C43448D07F7827F5761B30EB0A903E1B2EFD8F460787F03404C8098B136AE33 ] C:\Program Files (x86)\CyberLink\Power2Go8\msvcr71.dll
20:29:21.0716 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\msvcr71.dll - ok
20:29:21.0730 0x0fdc  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:29:21.0730 0x0fdc  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
20:29:21.0745 0x0fdc  [ 809A1EC7868924B5E92421F018587AC9, ED35819B78C452D9A7DB07686F828A2353C07EAEBB3EA185301C47EC647B7681 ] C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll
20:29:21.0746 0x0fdc  C:\Program Files (x86)\CyberLink\PowerDVD10\CLRCEngine3.dll - ok
20:29:21.0760 0x0fdc  [ AD9751ABE2C60F251FBA6D7BAB646BE1, 9D513F321D1599BEB477E71E7F98CDDFC27213E6528E8D08B9D76F12FE3BE039 ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll
20:29:21.0761 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppgooglenaclpluginchrome.dll - ok
20:29:21.0776 0x0fdc  [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll
20:29:21.0776 0x0fdc  C:\Program Files (x86)\CyberLink\PowerDVD10\msvcr71.dll - ok
20:29:21.0790 0x0fdc  [ A9669D7EB8431CBCE3F1382ED625A5DD, AB05D278539EEA582F8B1885CFDC41CB813510A3CD501E81DBB7F3091669C524 ] C:\Windows\SysWOW64\devenum.dll
20:29:21.0790 0x0fdc  C:\Windows\SysWOW64\devenum.dll - ok
20:29:21.0805 0x0fdc  [ 9FAF625C560728E860517DF9DBB9D960, 2654C131A600EF2788DE77DC1330DADDF0BC5ABF2B3AC139434732303ED7433B ] C:\Windows\SysWOW64\samlib.dll
20:29:21.0805 0x0fdc  C:\Windows\SysWOW64\samlib.dll - ok
20:29:21.0820 0x0fdc  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:29:21.0820 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe - ok
20:29:21.0830 0x0fdc  [ A54B98E60D7536CC38157BE1B7E82E26, 76E8B9F2A429AD9E919299C3B0458927053DA36DDC5FF37B1FECAAADAC58D553 ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libpeerconnection.dll
20:29:21.0831 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\libpeerconnection.dll - ok
20:29:21.0849 0x0fdc  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:29:21.0849 0x0fdc  C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe - ok
20:29:21.0868 0x0fdc  [ A6880BA9A4F02D3C742DF956EA9CC44D, 00E57D66282AA4BE95AF32627B0BCEBA28C85DCE19517A53108E1CF2F41E4578 ] C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17056_none_dadc5d1c5bc8ab48\GdiPlus.dll
20:29:21.0868 0x0fdc  C:\Windows\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.9600.17056_none_dadc5d1c5bc8ab48\GdiPlus.dll - ok
20:29:21.0889 0x0fdc  [ DD51A0A01A20D1CFEAE681EAC9A789C6, 93B106BDA6B8DE9FDE481AF9D20E2F5D3F9CA921DAEAF24D0F02DA0871FB1BD0 ] C:\Windows\SysWOW64\msdmo.dll
20:29:21.0889 0x0fdc  C:\Windows\SysWOW64\msdmo.dll - ok
20:29:21.0904 0x0fdc  [ EF9F9C189AEEE9124CA3FCC9671EC5CC, 00823A8DBA8FD2CAC24ED825216F369921BCE8EB7D1A1350FAA002ADFF91F2D5 ] C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll
20:29:21.0904 0x0fdc  C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ffmpegsumo.dll - ok
20:29:21.0919 0x0fdc  [ 9CB652EAE0AB5EB27DD0B589D4A0D345, 4CC38FDBA128779BAC9F0495EC18C545C23619E4403C6A3B8E432BE4B294F132 ] C:\Windows\SysWOW64\SensApi.dll
20:29:21.0919 0x0fdc  C:\Windows\SysWOW64\SensApi.dll - ok
20:29:21.0932 0x0fdc  [ 9F534F974C13C3A94BBC515621AC0D35, 6DEF2E7A7D6BDA902570CA4FC9AD335936EEEE880DE619CB394D42469CEE05A1 ] C:\Windows\SysWOW64\comdlg32.dll
20:29:21.0932 0x0fdc  C:\Windows\SysWOW64\comdlg32.dll - ok
20:29:21.0949 0x0fdc  [ C0B4E207F403024DB67C79497D4B3546, 1B54F8F0EFE703E94C7D7147F0B4203115E0689F7208EFB530507769FAAAC983 ] C:\Windows\SysWOW64\avicap32.dll
20:29:21.0949 0x0fdc  C:\Windows\SysWOW64\avicap32.dll - ok
20:29:21.0966 0x0fdc  [ CA6ADE4F7761BB15B3325356DC3B82BB, 0EA4CD410DA764916EA201C0C1E16752E0D3DC9D8571510782AF4AAE62509AF7 ] C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
20:29:21.0966 0x0fdc  C:\Windows\WinSxS\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
20:29:21.0982 0x0fdc  [ 5433EE6EE9AD64B8D45729815221866B, 664A55F1ACAE07AEFC32EDDFD20BCB3EFD76DF7F78743ECACDF9500A08F630FD ] C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll
20:29:21.0982 0x0fdc  C:\Windows\WinSxS\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.8387_none_5094ca96bcb6b2bb\msvcp90.dll - ok
20:29:21.0997 0x0fdc  [ E83752042FBD63EA4D0FC27ABE20B162, FB3D1569E7D696946B65ED39AA30665A0EBD6B3ED226568BA85D4566919640CB ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll
20:29:21.0997 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon_main.dll - ok
20:29:22.0011 0x0fdc  [ BFC0069A46E1D1F38AFB253F76964471, A52ABDD2018F0D9C31CF08668A848E85897A7FB646F5082BA5DBD7000593011E ] C:\Windows\System32\wbem\wmiprov.dll
20:29:22.0012 0x0fdc  C:\Windows\System32\wbem\wmiprov.dll - ok
20:29:22.0026 0x0fdc  [ 2E86BBA86CFD3392FAB6BFEAD07DB43F, 20BC527A0B253DF36463FCD3E85C1439869B6D8C5EA5D5BA0C7445464C9D7C29 ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll
20:29:22.0026 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\CLMediaLibrary.dll - ok
20:29:22.0041 0x0fdc  [ 3F7CD7873FA942C38F9831F286698414, 5D7F7D7E999BD5A4DD0D31D5DFFC325E53F52496B14D2DA179192FDB149DCF0A ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
20:29:22.0041 0x0fdc  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
20:29:22.0055 0x0fdc  [ 2E8111191A367645DDAF84D49361B532, 279283AD95161CC6AD883627B40D301FBD3D154FA88FDE6B3EA44E42EA7F0F57 ] C:\Windows\SysWOW64\msvfw32.dll
20:29:22.0056 0x0fdc  C:\Windows\SysWOW64\msvfw32.dll - ok
20:29:22.0070 0x0fdc  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
20:29:22.0070 0x0fdc  C:\Program Files (x86)\QuickTime\QTTask.exe - ok
20:29:22.0078 0x0fdc  [ FBFCA1A574D47EE575448B719CBBF2E4, B7CAB2D0D95679B05EFC8E1303BAA65C9B3B80527C3FD3AECDC0D2E59919D36E ] C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
20:29:22.0078 0x0fdc  C:\Windows\WinSxS\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
20:29:22.0095 0x0fdc  [ EE06F41744E21F339881EEDD45079F20, 9BFB0838D1ED7C93B6875AB81544733CD80DA2F163E8349189CD71F2DE07E33B ] C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll
20:29:22.0095 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\UNO.dll - ok
20:29:22.0110 0x0fdc  [ 95599A40AA517A9C566DF79C62A4A97A, C45C49CE8A7B5332CB25C00EE76E8B14CA062B59AEF54B40FF58E1216075B1B7 ] C:\Program Files (x86)\CyberLink\Power2Go8\MUITransfer\MUITransfer.dll
20:29:22.0110 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\MUITransfer\MUITransfer.dll - ok
20:29:22.0125 0x0fdc  [ 3B5045DDD039FAB9782851BC486FD92B, 12C59F9E79EB37F26FE0805585EA6B0DAFB41FB8A4FAE972774BC8E3815A1673 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
20:29:22.0125 0x0fdc  C:\Program Files (x86)\iTunes\iTunesHelper.exe - ok
20:29:22.0139 0x0fdc  [ 55ADDA5B29D1151727470FA165460773, 19226A211E04B35BF5C0194A630E8F6B24F1C2F51192FB142B7AE30EACB156AB ] C:\Windows\SysWOW64\msxml3.dll
20:29:22.0139 0x0fdc  C:\Windows\SysWOW64\msxml3.dll - ok
20:29:22.0153 0x0fdc  [ 6E4AC3DFC1E1F06F3E179969823EF4E3, ED1B7293B6B5687999B7E35D9A8739209A4BBD2900FC3CA9EB6E53F03723D3F6 ] C:\Program Files (x86)\iTunes\iTunesHelper.dll
20:29:22.0154 0x0fdc  C:\Program Files (x86)\iTunes\iTunesHelper.dll - ok
20:29:22.0168 0x0fdc  [ 4469A2DE999F3B60E85AF4911673348F, 0D29D45D48CEC650F94A1242AE315FF97C7F79E6AD022AC74059B32454436EC5 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll
20:29:22.0168 0x0fdc  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\en.lproj\iTunesHelperLocalized.dll - ok
20:29:22.0183 0x0fdc  [ 549D695F13CBCECDF361CBA4059C2526, 88D52779EA6410B0CB5011A8C8CA71EAC45F44152D621426F5B3B626338E3A20 ] C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll
20:29:22.0183 0x0fdc  C:\Program Files (x86)\iTunes\iTunesHelper.Resources\iTunesHelper.dll - ok
20:29:22.0198 0x0fdc  [ 1EB4589BD34FB1C05AE164F1237BC04A, 51610B040A65B565C5A688FBCA2EC0EB6A4DBA9545D38EFDADDD0ACA1BF6194A ] C:\Windows\SysWOW64\wmp.dll
20:29:22.0199 0x0fdc  C:\Windows\SysWOW64\wmp.dll - ok
20:29:22.0213 0x0fdc  [ 9E408018F6B1AC9D0C6436C95BA2E925, D1E92282BF89F4034EC6B2B3A2F6F50FA5244E023698D0A18953521903A11960 ] C:\Program Files (x86)\CyberLink\Power2Go8\Language\Enu\P2GRC.dll
20:29:22.0213 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\Language\Enu\P2GRC.dll - ok
20:29:22.0228 0x0fdc  [ F29BCEE8C5666E458341CFE1E6BA0B2B, B46DBB5B46D2F840FA3A577AFD603398FE0FE7E882003D2FD67F4E79BF3D7E47 ] C:\Program Files (x86)\CyberLink\Power2Go8\Boomerang\x86\BoomerangLib.dll
20:29:22.0228 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\Boomerang\x86\BoomerangLib.dll - ok
20:29:22.0243 0x0fdc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] C:\Windows\System32\drivers\cdfs.sys
20:29:22.0243 0x0fdc  C:\Windows\System32\drivers\cdfs.sys - ok
20:29:22.0257 0x0fdc  [ 37C863F568421EE07CEAD1F181138F79, 64A7B34D4A0AA598637AB57181036928D28A3AA49863FF0BD09466EF8ABC771C ] C:\Windows\SysWOW64\WindowsCodecs.dll
20:29:22.0258 0x0fdc  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
20:29:22.0272 0x0fdc  [ 6403B9CB0267A6EAB6950DEA178C6121, FA718864395B049408837B560A36FC182864D0FC806B3AD48A3A4C55B2A75E32 ] C:\Windows\SysWOW64\wmploc.DLL
20:29:22.0272 0x0fdc  C:\Windows\SysWOW64\wmploc.DLL - ok
20:29:22.0287 0x0fdc  [ 7D6933075BA51F8F71AAB1EC23994174, 1AB830C81AB8839E3DED65C321B89538AFB5721C3E5BA50E9505194E0D08722E ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll
20:29:22.0287 0x0fdc  C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\iTunesMobileDevice.dll - ok
20:29:22.0303 0x0fdc  [ 8A59106032366B23D7A8FE7B8450E8B9, 688EF253507DC2E46232AF255F51A64A8A724B145ACB0C33B5A4941A8DF34596 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\python27.dll
20:29:22.0304 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\python27.dll - ok
20:29:22.0319 0x0fdc  [ CD646E722C515CD13540B4B3D0E46E4B, 9F3D6583A669CEB3CB5660786FBFBCD23472AA1AB76D9C0EB24302B6138BAF3D ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32api.pyd
20:29:22.0319 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32api.pyd - ok
20:29:22.0334 0x0fdc  [ F0469ABB4F2914C78CE875A430425958, C97E1AB93E2D18A76B4BB1C8C43605D7DE94D3BAAEAE0C9E28FD750E943D0335 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\PyWinTypes27.dll
20:29:22.0334 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\PyWinTypes27.dll - ok
20:29:22.0343 0x0fdc  [ 68A5EDD4843CF0033BAE537C9C495F69, 386C66A6562218D0F0A616D75457CDA4B82DB87DC3DA83935497819963DB6D86 ] C:\Program Files\iPod\bin\iPodService.exe
20:29:22.0343 0x0fdc  C:\Program Files\iPod\bin\iPodService.exe - ok
20:29:22.0357 0x0fdc  [ 72D8C1A1D90A3803CA16C8E49B3811A0, E502AAC9A5F0B66BDDD4C29C9986C6AA93DAA10ED4C02501FA27575369103BF6 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\pythoncom27.dll
20:29:22.0358 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\pythoncom27.dll - ok
20:29:22.0372 0x0fdc  [ 9DC16A5908B9D10014DFC930F61BACC3, 6FF3AA7BFF9391B01F3AC32EC3F2A92A89C24481E7816FBF49D4A852249AE6CE ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_socket.pyd
20:29:22.0372 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_socket.pyd - ok
20:29:22.0387 0x0fdc  [ 2F0F2F476B2BB266979F3A353064445D, 4F29A36B081C92706C66491EAB197E84E99D9DF09452047FD27DD405F391DF67 ] C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll
20:29:22.0387 0x0fdc  C:\Program Files\iPod\bin\iPodService.Resources\en.lproj\iPodServiceLocalized.dll - ok
20:29:22.0403 0x0fdc  [ 2CB3C1444813F48E96D95269329F36E7, 1FB2782AED5D6A538078086D78724C8EB498CA2FB8E1B9A3E57178D6854E6D91 ] C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll
20:29:22.0403 0x0fdc  C:\Program Files\iPod\bin\iPodService.Resources\iPodService.dll - ok
20:29:22.0418 0x0fdc  [ 2255A5542B4B225607CAC54C73AFEFB5, 9C3768DA214C41EEB8A0472917245056880D94545FE9130CB315053DF3127719 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_ssl.pyd
20:29:22.0418 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_ssl.pyd - ok
20:29:22.0432 0x0fdc  [ 45824A83060375F619C280D4519635AE, 29A56F50B7ADCBB3015A2EBFDB2514EDD5129BF3A7242D1E272551B09EF85227 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32com.shell.shell.pyd
20:29:22.0432 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32com.shell.shell.pyd - ok
20:29:22.0446 0x0fdc  [ 4A1780F986DC1EAE2FADF3219F211C8D, E321CFD28FD347BEF6AC894C92C4DC9B403795F0191D0DD04E3CE423DFD85E70 ] C:\Windows\SysWOW64\sxs.dll
20:29:22.0446 0x0fdc  C:\Windows\SysWOW64\sxs.dll - ok
20:29:22.0461 0x0fdc  [ 58B034A90C6D9A20C293FE22B03B8FBF, 5843085197E485B371634BCF8D1757C6BA040A19B3CFBF31ACFBD0A73A9B19FE ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_hashlib.pyd
20:29:22.0461 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_hashlib.pyd - ok
20:29:22.0476 0x0fdc  [ CE35F79BFD32A83B54F557E22A4BA1FA, 46BD3A44B3DAB1B309750243C6CCB2B222261928F7F01C0E9DF26BC3BB86A955 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._core_.pyd
20:29:22.0476 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._core_.pyd - ok
20:29:22.0492 0x0fdc  [ F4C68FEAB7183F021066F1B225CA6E03, E16FE8A5C9B833A6E19092ED80E0D4FFBF9ABA8AB3E073D1A90375CD58A5A1E0 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxbase294u_vc90.dll
20:29:22.0492 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxbase294u_vc90.dll - ok
20:29:22.0507 0x0fdc  [ 7A0E4EF476B09725D8ABE8CD3EDD4320, D07A54B3C78B2C194DB88A01439750AB2EC1146F8ADA75AB494A436C8010EDDA ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxbase294u_net_vc90.dll
20:29:22.0507 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxbase294u_net_vc90.dll - ok
20:29:22.0523 0x0fdc  [ 4BE77BB137B3BBFA9EC7F184F009EC7C, C666CC017CF7B1DC3FF046EA39CE3413405334CB558A3CB65F52AE149BD2BFCE ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxmsw294u_core_vc90.dll
20:29:22.0523 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxmsw294u_core_vc90.dll - ok
20:29:22.0538 0x0fdc  [ 170B8B74CF2C5A4B746D764F0237EF93, B83E89FC87670D7180FFE62855A29FED7C29F7892B312B00B74C48F736A726E0 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxmsw294u_adv_vc90.dll
20:29:22.0538 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxmsw294u_adv_vc90.dll - ok
20:29:22.0553 0x0fdc  [ 2AEE281FF2D945F3A47646FAF6C30894, 35EEF7076F5DCF2BD1795AFD79A2174CF158D274B713D0CF8A1E538E2BB13829 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._gdi_.pyd
20:29:22.0553 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._gdi_.pyd - ok
20:29:22.0568 0x0fdc  [ 9663DE6AAA1FD382E4F1313562EC3044, C5623DDDF875DDA2F18B884B74A87ACF1CBD36EFF554064F932395F19DC837E0 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._windows_.pyd
20:29:22.0568 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._windows_.pyd - ok
20:29:22.0582 0x0fdc  [ E17ABF63AF8FF1360537679E2F7DE3DE, 25D9194850C836838AC17010E74B607F6186C992289B5D6A3E52E5E6D22896DC ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxmsw294u_html_vc90.dll
20:29:22.0583 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxmsw294u_html_vc90.dll - ok
20:29:22.0592 0x0fdc  [ 8DE9B9AD93192F2C2C8D5C665587BA84, 61BF5C5EF185A311B659313D87A99A600105A4649707F861BBDFA5514BCAC9F1 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._controls_.pyd
20:29:22.0592 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._controls_.pyd - ok
20:29:22.0607 0x0fdc  [ 8CC6D8843BCD140286BBC54EC4CFCEF4, 3F98E7A28E1AA7F4E26E35634BD168AF7561E7EB377841EFC65EDD5A4E747964 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._misc_.pyd
20:29:22.0607 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._misc_.pyd - ok
20:29:22.0622 0x0fdc  [ 43B223C4799777C4DA008469DD913813, 0E112702AC194A2020577554381958ABB6FF08ABE949AD0DDA2BBEB1D4FD60E4 ] C:\Windows\System32\wbem\NCProv.dll
20:29:22.0622 0x0fdc  C:\Windows\System32\wbem\NCProv.dll - ok
20:29:22.0636 0x0fdc  [ 42FA37910133EF6E3D32FA9CB6BBC6A9, 8A943863C2ACE076D9FE9BACE08FDB934769F30F3774A75D20EBB582BFF6F400 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_elementtree.pyd
20:29:22.0636 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_elementtree.pyd - ok
20:29:22.0651 0x0fdc  [ 1B5DC0472165075D79215C3BF62452E7, 19993D1B4FD8B31031574CFE0B931C7F7B0137733AD1EC177DFA4B262DF00182 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\pyexpat.pyd
20:29:22.0651 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\pyexpat.pyd - ok
20:29:22.0666 0x0fdc  [ 1181F4B43FACB99832FDDBF02C832B51, BE53AF8CFD583D64608F71A7F572218C30F75BC8F89433B152B2A7F1A32B17E7 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\pysqlite2._sqlite.pyd
20:29:22.0666 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\pysqlite2._sqlite.pyd - ok
20:29:22.0679 0x0fdc  [ F572E51921A69EBE17E1DE89CB03DD5B, D8F9EC68CAA5CB15C8C270CC11E2C7106F5F0C19CA539836C2FED5D4CF6E0B58 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll
20:29:22.0679 0x0fdc  C:\Program Files (x86)\Hewlett-Packard\Shared\hputils.dll - ok
20:29:22.0694 0x0fdc  [ 8DDD5D4FBF9CBC9547CEE42BA5722BE7, FFD80375E3BC95B9866A4AE95E68EC664ED024C087A1CF7E50BF82B3EF76E344 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\hashobjs_ext.pyd
20:29:22.0694 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\hashobjs_ext.pyd - ok
20:29:22.0709 0x0fdc  [ C4FB890476CD65D28B6E86ED9E48E5A5, 289B76297E019DACDA97C9DACFF07A937399DBDE56C95262F2B6390941550C87 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_ctypes.pyd
20:29:22.0709 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_ctypes.pyd - ok
20:29:22.0723 0x0fdc  [ 7519D78535EC10FDC687DA7D90EA9CD7, 11609667FA37E2F6269D38D558DD42358360F97652BC37B80CB06A3F99B0E810 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32file.pyd
20:29:22.0723 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32file.pyd - ok
20:29:22.0738 0x0fdc  [ 3AA79A83EC7D1B16D296029035A9C399, 4674894D18CE9026CA54AFA9556987023C14A92EC24AFCB29030B80ABF7E0535 ] C:\Windows\SysWOW64\sfc.dll
20:29:22.0738 0x0fdc  C:\Windows\SysWOW64\sfc.dll - ok
20:29:22.0752 0x0fdc  [ A066A0070D7264F4E33E2B66BEA51AB9, E15B6B7167CFDAACD783F822AB6A9B471245CD0E7A9E57004E2859D168F194B9 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32security.pyd
20:29:22.0753 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32security.pyd - ok
20:29:22.0767 0x0fdc  [ BDA609A840CE71F839FB68CE146469E4, 194AFCEBC66E4FA6F42DDBB24FC4A439231C4C446B334A6198568CC01D763C18 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32event.pyd
20:29:22.0768 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32event.pyd - ok
20:29:22.0816 0x0fdc  [ 9B7EDD3FE7C211C36E921D34D18A3A0A, 03A450F85A042F9668D1560FA2B8B89783568C87CDB1A8685CDA2AC9FE3761C3 ] C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe
20:29:22.0816 0x0fdc  C:\Program Files (x86)\Hewlett-Packard\Shared\hpqWmiEx.exe - ok
20:29:22.0830 0x0fdc  [ F5D3C444C0C88996435784D2AA788EA1, 0F8D08E13E5E4CC0B23E02C3803932BE8D8524E73A60CF3A403EA4D274355133 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32inet.pyd
20:29:22.0830 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32inet.pyd - ok
20:29:22.0845 0x0fdc  [ F76DD68B735517E465A38DF7C1B798DB, 3E3D180AA5D42A0C96C2F54C06D8985296A5154A98E21FF8B49CBF75CC591C92 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._html2.pyd
20:29:22.0845 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._html2.pyd - ok
20:29:22.0855 0x0fdc  [ 8C35663E29829049F662DD5A6BB8C371, 2664705F47B68DE590E006DCDFB2EAA99925E07F0604DC750BA6260A0B75D0A6 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxmsw294u_webview_vc90.dll
20:29:22.0855 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wxmsw294u_webview_vc90.dll - ok
20:29:22.0869 0x0fdc  [ D0F1DCB9D3C02D8C9175EB1D8D8855A7, 32DDA26EF2C58ACD107F2E4916A5C22DD4111254CF708344C2073D7204C567D2 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32gui.pyd
20:29:22.0869 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32gui.pyd - ok
20:29:22.0886 0x0fdc  [ 83F65B02082862BB470703C1F1C14946, 6E46EB4EC69ABCFC63AFB7EACD66E22D9265E5733B67EA991054E7F7BAE6812E ] C:\Windows\System32\SystemEventsBrokerClient.dll
20:29:22.0886 0x0fdc  C:\Windows\System32\SystemEventsBrokerClient.dll - ok
20:29:22.0901 0x0fdc  [ 94044DDF85DA3D6D95035BDB417E5BEF, 1559D323213AF9962025FBDBD2F0F891D0995CB18D60BE944F239D4087FDF1D0 ] C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll
20:29:22.0901 0x0fdc  C:\Program Files (x86)\CyberLink\Power2Go8\CLMLSvcPS.dll - ok
20:29:22.0915 0x0fdc  [ 67657D13A483A6555F7B7838A9C1C634, 7D77032D4FB605DCA2574BAA048DED319E9E25CEDFDB936E9B18D2068E4D7F5C ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32crypt.pyd
20:29:22.0915 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32crypt.pyd - ok
20:29:22.0929 0x0fdc  [ 019692D386E8E06E79A6906DB8CA21C7, 58208E7374F2889702EC8A94ABF1E5F635196E0620EE1FAD6E12F773F50D753D ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_multiprocessing.pyd
20:29:22.0929 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\_multiprocessing.pyd - ok
20:29:22.0944 0x0fdc  [ 5E37D4345D89F0DA16A506DDC86459A9, E80C9E83072A8247DB6B63E263B1731BF7A19EFCA556FB176675877A5C1EC7CD ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._wizard.pyd
20:29:22.0944 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._wizard.pyd - ok
20:29:22.0959 0x0fdc  [ 19CAA07B984A322F0B7FA3D9972E6D32, 0A900A6BB37C3D3B37B781334C1C122D6504C9F328DF4F13B89FA4A7BC51B439 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\select.pyd
20:29:22.0959 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\select.pyd - ok
20:29:22.0973 0x0fdc  [ E1F9FC63175A0E6799CBB58A094A80FA, 955E1A98D2DDCAA64ACF4E47135434E6557427B52D6BAC59AAAE2DAFEA463CD3 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32pipe.pyd
20:29:22.0973 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32pipe.pyd - ok
20:29:22.0989 0x0fdc  [ 1E49C444B762AC895166CACF9B05BA43, E0771F0A97EDA5B163642C16239EB4A91B0B997E80589A481E94B0802209D03A ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\unicodedata.pyd
20:29:22.0989 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\unicodedata.pyd - ok
20:29:23.0003 0x0fdc  [ 0C70D89FF28838AC2CBF5479BA585B86, C28AF233D7BEA71F1094716F547B2059F10FC98CE8EDDDE7496E1A8E745ED640 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32pdh.pyd
20:29:23.0004 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32pdh.pyd - ok
20:29:23.0018 0x0fdc  [ 36B2B5619938F7DB154FFE0ED91656ED, 6CE42D7283CB71E3BEDF8FCA1A3A2D5ACA5B003E14568714F06638303598E00A ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\windows._lib_cacheinvalidation.pyd
20:29:23.0018 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\windows._lib_cacheinvalidation.pyd - ok
20:29:23.0033 0x0fdc  [ DFA9C2B1D1D0D33A4BC9F140CCD68857, FFA30E1701ADC5ABF10A4A55DC6A408B1376B5C458CBB1B7B6426073D2AA1661 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32process.pyd
20:29:23.0033 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32process.pyd - ok
20:29:23.0048 0x0fdc  [ F5D3ACC67980A80430ACD068898F0F97, 47D422F68CC2015B7109047415B8659640847E8F5C53ECF8E53A70CD6CDFF0B1 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32profile.pyd
20:29:23.0048 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32profile.pyd - ok
20:29:23.0062 0x0fdc  [ 71FE5EB3283E1CFE8DCC7075DC68F0E6, DB7954F8BBFF632E73C979460818529762D04F427DB8718C766823288A2B90DE ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32ts.pyd
20:29:23.0062 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\win32ts.pyd - ok
20:29:23.0076 0x0fdc  [ 6CF473A4C29EF4FE133C06E9C1D13198, 7FEE2EA814DF837C5B5D1AD92880811330904B07F8FF7144AF6627DFFC6B9FD6 ] C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._animate.pyd
20:29:23.0076 0x0fdc  C:\Users\Spencer\AppData\Local\Temp\_MEI30802\wx._animate.pyd - ok
20:29:23.0091 0x0fdc  [ 1697E09CDA4DD8741B8276F48A8514DE, 1E1E66660C93B12D5532CC699C432A60F2767AB0BC6DC07100459FA6E7789E7F ] C:\Windows\System32\ploptin.dll
20:29:23.0091 0x0fdc  C:\Windows\System32\ploptin.dll - ok
20:29:23.0098 0x0fdc  ================ Scan generic autorun ======================
20:29:23.0520 0x0fdc  [ AF04B6DDF123991C625472494BC1221C, D02BEC96FF466187130B5868DCB70E56CEE25101A8889A1AEF3CFE60ECBE6DC6 ] C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
20:29:23.0909 0x0fdc  RTHDVCPL - ok
20:29:23.0934 0x0fdc  SynTPEnh - ok
20:29:24.0093 0x0fdc  [ 081E2D5A7875895A4A857B3DA8335695, 48D7968F2B6397B4090C4D6DCB3288041A92BF8207CD4AE807E66BCFC7DC7466 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
20:29:24.0170 0x0fdc  StartCCC - ok
20:29:24.0357 0x0fdc  [ D6FF94ED4D086489A453134F0AE33FD3, 47E1CE640E9AB6B8DD148DACA80B1D07BCF69DF9F6B109285419447B9A4025FF ] C:\Program Files (x86)\CyberLink\Power2Go8\VirtualDrive.exe
20:29:24.0406 0x0fdc  CLVirtualDrive - ok
20:29:24.0487 0x0fdc  [ B7995C675014EEBE77A0BEB7AFCCFC08, 41D186C63273301CF0A1C1EE7B6EB0BB75A251DD441532C5CEB7A4095FB103CD ] C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
20:29:24.0512 0x0fdc  RemoteControl10 - ok
20:29:24.0687 0x0fdc  [ EBAE9EE13F51F38B57D616CF4A420682, E27969D5F0B796C2C8DA7C46680AB6C797A8F297B105477B71B4871F8F7B62FD ] C:\Program Files (x86)\Hewlett-Packard\HP Quick Launch\HPMSGSVC.exe
20:29:24.0739 0x0fdc  HP Quick Launch - ok
20:29:24.0915 0x0fdc  [ 048EA4B978851788E9F5E8E4F081DF7A, EB62719AC0DCC18FF056F2CD84438BF14B61E38F0619617C81961C6257BDFCEC ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
20:29:24.0991 0x0fdc  Adobe ARM - ok
20:29:25.0053 0x0fdc  [ 545676F48851A5C65A38CAE5B5518C95, F7CD893B8198AA22347CB96A61C258217FA0A1B1CC1733784B5FD84A7B208264 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
20:29:25.0076 0x0fdc  APSDaemon - ok
20:29:25.0147 0x0fdc  [ 5B6E8E09BE6401A7E022F52FDFCB2FF8, 471C556CF9405BBB380A8CEFE945C126B954B7C94F79CC72441B51F80141FC5E ] C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
20:29:25.0183 0x0fdc  SunJavaUpdateSched - ok
20:29:25.0390 0x0fdc  [ 08E7173D1B74095335052459200CB1EA, 5B6EB8A65B5F451BF6115EB7CD1355E5870E6D764F22D767D13216BF17C5668F ] C:\Program Files (x86)\QuickTime\QTTask.exe
20:29:25.0450 0x0fdc  QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
20:29:25.0630 0x0fdc  QuickTime Task ( UnsignedFile.Multi.Generic ) - warning
20:29:25.0715 0x0fdc  [ 3B5045DDD039FAB9782851BC486FD92B, 12C59F9E79EB37F26FE0805585EA6B0DAFB41FB8A4FAE972774BC8E3815A1673 ] C:\Program Files (x86)\iTunes\iTunesHelper.exe
20:29:25.0743 0x0fdc  iTunesHelper - ok
20:29:25.0878 0x0fdc  [ B43E68B8A022FB00FF54360D408E871B, 414F8F45729CAEC81A09A72A473EB12DC2ED861C39DFD343ECE79652F65DCEA8 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
20:29:25.0947 0x0fdc  GoogleChromeAutoLaunch_3A0E3D8105F41419ED3F962F503F3C91 - ok
20:29:26.0192 0x0fdc  [ 6501CAF611A5A59992081A35BF62217F, 1F29334A37F2F6B4E412E02E78158C3FBCF790A8CBE0E5FB820754CE529399FE ] C:\Users\Spencer\AppData\Local\Program Files\Amazon\MP3 Downloader\AmazonMP3DownloaderHelper.exe
20:29:26.0235 0x0fdc  AmazonMP3DownloaderHelper - ok
20:29:26.0269 0x0fdc  GoogleDriveSync - ok
20:29:26.0354 0x0fdc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
20:29:26.0356 0x0fdc  AV detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x51000 ( enabled : updated )
20:29:26.0360 0x0fdc  FW detected via SS2: Norton Internet Security, C:\Program Files (x86)\Norton Internet Security\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x51010 ( enabled )
20:29:26.0361 0x0fdc  ============================================================
20:29:26.0361 0x0fdc  Scan finished
20:29:26.0361 0x0fdc  ============================================================
20:29:26.0386 0x0858  Detected object count: 1
20:29:26.0386 0x0858  Actual detected object count: 1
20:29:55.0849 0x0858  QuickTime Task ( UnsignedFile.Multi.Generic ) - skipped by user
20:29:55.0849 0x0858  QuickTime Task ( UnsignedFile.Multi.Generic ) - User select action: Skip 
20:30:01.0124 0x0950  Deinitialize success
 
End of TDSSKiller log
 
...Finally

  • 0

#13
emeraldnzl
Posted 12 August 2014 - 09:29 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Yes it seems the upgrade that was recently undertaken by the site has limited the length of posts. My apologies for that. :)

 

Good result though and thank you for taking the time to do that. There were hints that there might be problem in the aswMBR log and the TDSS possibility is good to rule out.

 

Moving on then

 

Please download : ADWCleaner to your desktop  (use the Download Now @ BleepingComputer button)..

NOTE: If using Internet Explorer and get an alert that stops the program downloading, click on the warning and allow the download to complete.

Close  all programs and click on the AdwCleaner icon.

scan-results.jpg

Click on Scan  and follow the prompts. Let it run unhindered. When the "Please uncheck elements you don't want to remove" appears just go ahead and click on the Clean button, and follow the prompts. Allow the system to reboot. You will then be presented with the report. Copy and paste back here. If a report doesn't appear, press the report button and Copy & Paste the contents on your next reply.

A copy of the report is also saved in the C:\AdwCleaner folder.

 

After that

 

Please download Junkware Removal Tool to your desktop.
 

  • Shut down your protection software to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right click JRT.exe and "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

When you return please post

  • AdwCleaner log
  • JRT.txt

  • 0

#14
Spencer4134
Posted 15 August 2014 - 10:49 AM

Spencer4134

    Member

  • Topic Starter
  • Member
  • PipPip
  • 57 posts

For AdwCleaner there are two, one with an R, and one with an S. So I'll paste both:

 

AdwCleaner:

 

# AdwCleaner v3.304 - Report created 12/08/2014 at 21:44:35
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Spencer - LINK
# Running from : C:\Users\Spencer\Desktop\AdwCleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Found : C:\ProgramData\apn
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Found : HKCU\Software\Softonic
Key Found : [x64] HKCU\Software\Softonic
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Found : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [872 octets] - [12/08/2014 21:44:35]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [931 octets] ##########
 
AdwCleaner:
 
# AdwCleaner v3.304 - Report created 12/08/2014 at 21:46:54
# Updated 08/08/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Spencer - LINK
# Running from : C:\Users\Spencer\Desktop\AdwCleaner.exe
# Option : Clean
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\apn
 
***** [ Scheduled Tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKCU\Software\Softonic
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17126
 
 
-\\ Google Chrome v36.0.1985.125
 
[ File : C:\Users\Spencer\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [1014 octets] - [12/08/2014 21:44:35]
AdwCleaner[S0].txt - [903 octets] - [12/08/2014 21:46:54]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [962 octets] ##########
 
JRT:
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 8.1 x64
Ran by Spencer on Tue 08/12/2014 at 21:53:27.33
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
Successfully deleted: [Folder] "C:\Users\Spencer\AppData\Roaming\getrighttogo"
Successfully deleted: [Folder] "C:\WINDOWS\syswow64\ai_recyclebin"
Successfully deleted: [Empty Folder] C:\Users\Spencer\appdata\local\{DE52CF38-C89F-466D-BB40-4AF23533C65D}
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 08/12/2014 at 22:09:44.45
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 


  • 0

#15
emeraldnzl
Posted 15 August 2014 - 01:06 PM

emeraldnzl

    GeekU Instructor

  • GeekU Moderator
  • 20,051 posts

Hello again Spencer4134,

 

Please run a free online scan with the ESET Online Scanner

Vista / Win7 users: Right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator.

Note: This scan works with Internet Explorer or Mozilla FireFox.

If using Mozilla Firefox you may need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.

Disable your security programs.

  • Click the blue Run ESET Online Scanner box
  • Tick the box next to YES, I accept the Terms of Use
     then click on: Start
  • You may see a panel towards the top of the screen telling you the website wants to install an addon... click and allow/install to install. If your firewall asks whether you want to allow installation, say yes. If asked, click yes to allow the program to run on your computer.
  • Check "Enable detection of potentially unwanted applications"
  • Click on Start and say yes to allow the program to proceed.
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed click "List of found threats" and click again on Copy to clipboard. Open notepad and past in the clipboard list. Save it as ESET log somewhere that you can find .
  • After that click the button "Back"
  • Select and check Uninstall application on close and Delete quarantined files.
  • Then click on: Finish
  • Copy and paste the ESET log back here and tell me how your machine is now.

 

 


  • 0
Back to Virus, Spyware, Malware Removal · Next Unread Topic →




Similar Topics


Also tagged with one or more of these keywords: Slow, Smarter Shopper

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

  1. Geeks to Go Community
  2. Security
  3. Virus, Spyware, Malware Removal

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP