Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Windows 7 Laptop sluggish, trouble updating spyware


  • Please log in to reply

#1
blues71

blues71

    Member

  • Member
  • PipPip
  • 46 posts

Not sure what's happening, but my computer keeps bogging down, even after I run ccleaner and defrag the hard drive. I've run Avira, Malware Bytes, and SuperAntiSpyware. Now SuperAntiSpyware is having trouble updating its databases. Please help me figure this out.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 08-07-2017
Ran by Smash (administrator) on SIDEKICK (11-07-2017 13:57:02)
Running from C:\Users\Smash\Desktop
Loaded Profiles: Smash (Available Profiles: Smash & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 5\program\soffice.exe
(The Document Foundation) C:\Program Files (x86)\LibreOffice 5\program\soffice.bin
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Microsoft Corporation) C:\Windows\splwow64.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AdobeCollabSync.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Adobe Systems Incorporated) C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\RdrCEF.exe
(Apple Inc.) C:\Program Files\iTunes\iTunes.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceHelper.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\distnoted.exe
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Thunderbird\thunderbird.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(Dropbox, Inc.) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-12-06] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 1999-12-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [VAIO Boot Manager] => C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [734608 2010-12-08] (Sony Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-08] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-06-14] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [66656 2017-06-28] (Avira Operations GmbH & Co. KG)
HKLM Group Policy restriction on software: *.divx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <==== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <==== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <==== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <==== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <==== ATTENTION
HKLM Group Policy restriction on software: ** <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <==== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <==== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7963552 2017-06-12] (SUPERAntiSpyware)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-17] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78140506-3DA9-43FC-9C03-501AECB1EB41}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8B8DA989-FDFB-41C7-BB78-976F220F8519}: [NameServer] 8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{C9223372-2268-4123-9BCD-5BEE223CA547}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.startpage.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_121\bin\ssv.dll [2017-01-17] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-17] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-17] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-17] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805 [2017-07-11]
FF Extension: (Bookmarks menu) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\bookmarks-menu@dio.gr.xpi [2016-08-18]
FF Extension: (FAYT Revived) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\fayt_revived@iceberg.it.xpi [2016-08-18]
FF Extension: (Email This! Bookmarklet Extension) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\gmailthis@lazyrussian.com.xpi [2016-08-22]
FF Extension: (HTTPS Everywhere) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\https-everywhere-eff@eff.org.xpi [2017-07-06]
FF Extension: (RECAP) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\info@recapthelaw.org.xpi [2017-06-09]
FF Extension: (Privacy Badger) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\jid1-MnnxcxisBPnSXQ-eff@jetpack.xpi [2017-06-15]
FF Extension: (DuckDuckGo Plus) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2017-06-19]
FF Extension: (NoScript) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-07-03]
FF ProfilePath: C:\Users\Smash\AppData\Roaming\Greyfirst\Celtx\Profiles\fibddcfp.default [2015-03-02]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2011-10-03] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2011-10-03] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2011-10-03] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2011-10-03] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2011-10-03] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2011-10-03] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2011-10-03] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-25] ()
FF Plugin: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-17] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-17] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1225196.dll [2017-02-10] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-17] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-17] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Smash\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @talk.google.com/O1DPlugin -> C:\Users\Smash\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Smash\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smash\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Smash\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch
CHR StartupUrls: Default -> "hxxps://search.yahoo.com/?type=926458&fr=yo-yhp-ch"
CHR DefaultSearchURL: Default -> hxxps://duckduckgo.com/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> duckduckgo.com
CHR Profile: C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default [2017-07-11]
CHR Extension: (Rapport) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2016-02-25]
CHR Extension: (Avira Browser Safety) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-06-23]
CHR Extension: (PolitEcho) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\jcindbcjkekiofoogdiohbdleddkpbbm [2017-03-28]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-03]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-06-14] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [356256 2017-06-08] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2014-08-31] (CleverFiles)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S4 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-06-26] (Dropbox, Inc.)
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2408432 2017-05-23] (IBM Corp.)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-06-28] (Avira Operations GmbH & Co. KG)
S4 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-06] ()
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-06] ()
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [185032 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [149976 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-21] (Avira Operations GmbH & Co. KG)
S3 bpenum; C:\Windows\System32\DRIVERS\bpenum.sys [75264 2010-11-18] (Intel Corporation) [File not signed]
S3 bpmp; C:\Windows\System32\DRIVERS\bpmp.sys [173568 2010-11-18] (Intel Corporation) [File not signed]
S3 bpusb; C:\Windows\System32\Drivers\bpusb.sys [81408 2010-11-18] (Intel Corporation) [File not signed]
S3 intaud_WaveExtensible; no ImagePath
S3 iwdbus; no ImagePath
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [384256 2017-05-23] (IBM Corp.)
R1 RapportCerberus_1804058; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804058.sys [1271232 2017-06-07] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [585376 2017-05-23] (IBM Corp.)
S3 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [253856 2017-05-23] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [507904 2017-05-23] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [610560 2017-05-23] (IBM Corp.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-04-29] ()
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-14] (support.com, Inc)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-11 13:57 - 2017-07-11 14:03 - 00050897 _____ C:\Users\Smash\Desktop\FRST.txt
2017-07-11 13:55 - 2017-07-11 13:57 - 00000000 ____D C:\FRST
2017-07-11 13:54 - 2017-07-11 13:54 - 02437120 _____ (Farbar) C:\Users\Smash\Downloads\FRST64.exe
2017-07-11 13:54 - 2017-07-11 13:54 - 02437120 _____ (Farbar) C:\Users\Smash\Desktop\FRST64.exe
2017-07-11 13:51 - 2017-07-11 13:51 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
2017-07-11 13:47 - 2017-07-11 13:48 - 30310176 _____ (SUPERAntiSpyware) C:\Users\Smash\Downloads\SUPERAntiSpyware.exe
2017-07-11 10:37 - 2017-07-11 10:37 - 31517673 _____ C:\Users\Smash\Downloads\Photos.zip
2017-07-11 10:36 - 2017-07-11 10:36 - 01832798 _____ C:\Users\Smash\Downloads\workality-lite.1.5.1.zip
2017-07-11 10:35 - 2017-07-11 10:35 - 00773466 _____ C:\Users\Smash\Downloads\regain-blog.1.0.1.zip
2017-07-10 10:32 - 2017-07-10 10:32 - 00000000 ____D C:\Users\Smash\Desktop\New folder
2017-07-10 10:19 - 2017-07-11 10:19 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-07-06 19:32 - 2017-07-06 19:33 - 00000000 ____D C:\Users\Smash\Downloads\Lado Sur Vol. IV
2017-07-06 13:17 - 2017-07-06 13:17 - 01082880 _____ C:\Users\Smash\Downloads\founder.1.33.zip
2017-07-06 13:17 - 2017-07-06 13:17 - 00839308 _____ C:\Users\Smash\Downloads\libretto.1.0.5.zip
2017-07-06 13:17 - 2017-07-06 13:17 - 00194535 _____ C:\Users\Smash\Downloads\keepwriting.1.03.zip
2017-07-06 13:17 - 2017-07-06 13:17 - 00091161 _____ C:\Users\Smash\Downloads\unit.1.12.zip
2017-07-06 13:15 - 2017-07-06 13:15 - 00907994 _____ C:\Users\Smash\Downloads\badjohnny.1.04.zip
2017-07-06 13:04 - 2017-07-06 13:04 - 04674635 _____ C:\Users\Smash\Downloads\jomsom.1.2.zip
2017-07-05 16:04 - 2017-07-05 16:04 - 01828124 _____ C:\Users\Smash\Downloads\piclectic.1.0.9.zip
2017-07-05 12:21 - 2017-07-05 12:21 - 00148607 _____ C:\Users\Smash\Downloads\min.zip
2017-07-05 12:20 - 2017-07-05 12:20 - 16179244 _____ C:\Users\Smash\Downloads\cudazi-mono-unzip-before-use.zip
2017-07-04 12:24 - 2017-07-04 12:24 - 05809371 _____ C:\Users\Smash\Downloads\longform.1.7.1.zip
2017-07-04 11:36 - 2017-07-04 11:36 - 00000000 ____D C:\Users\Smash\Downloads\miniorange-2-factor-authentication
2017-07-04 11:13 - 2017-07-04 11:13 - 00003150 _____ C:\Users\Smash\Downloads\wp-config-backup(2).txt
2017-07-03 13:55 - 2017-07-03 13:58 - 00021128 _____ C:\Windows\SysWOW64\Defrag.debuglog
2017-07-03 13:33 - 2017-07-03 13:33 - 00117624 _____ C:\Users\Smash\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-03 13:31 - 2017-07-03 13:31 - 00520736 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-03 13:26 - 2017-07-11 14:02 - 00295182 _____ C:\Windows\ntbtlog.txt
2017-07-03 13:24 - 2017-07-03 13:24 - 00008526 _____ C:\Users\Smash\Desktop\startup.txt
2017-07-03 13:22 - 2017-07-03 13:22 - 00028412 _____ C:\Users\Smash\Documents\cc_20170703_132233.reg
2017-07-03 12:56 - 2017-07-03 12:56 - 09598376 _____ (Piriform Ltd) C:\Users\Smash\Downloads\ccsetup531.exe
2017-07-01 14:33 - 2017-07-03 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 18:47 - 2017-06-29 18:59 - 458141708 _____ C:\Users\Smash\Downloads\newvigil170615.tar.gz
2017-06-29 18:47 - 2017-06-29 18:58 - 479530788 _____ C:\Users\Smash\Downloads\newvigil170430.tar.gz
2017-06-29 18:37 - 2017-06-29 18:38 - 00001505 _____ C:\Users\Smash\Downloads\wp.26_83329.2015-05-07_13-25-50
2017-06-29 18:10 - 2017-06-29 19:30 - 00000000 ____D C:\Users\Smash\Downloads\chadnielsen.newvigilante.com-Jun-2017
2017-06-29 18:10 - 2017-06-29 18:10 - 00000000 ____D C:\Users\Smash\Downloads\chadnielsen.newvigilante.com-ssl_log-Jun-2017
2017-06-29 13:32 - 2017-06-29 13:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-06-26 04:27 - 2017-06-26 04:27 - 00049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-06-26 04:27 - 2017-06-26 04:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-06-26 04:27 - 2017-06-26 04:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-06-26 04:27 - 2017-06-26 04:27 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-06-23 18:24 - 2017-06-23 18:25 - 00000000 ____D C:\Users\Smash\Desktop\Website Hack
2017-06-23 18:12 - 2017-06-23 18:12 - 00003491 _____ C:\Users\Smash\Downloads\wp-config-backup(1).txt
2017-06-23 17:40 - 2017-06-23 17:40 - 00003491 _____ C:\Users\Smash\Downloads\wp-config-backup.txt
2017-06-23 17:32 - 2017-06-23 17:32 - 00000000 ____D C:\Users\Smash\Downloads\newvigil-cPanel-2017-04-30-09-00-03.tar
2017-06-17 13:05 - 2017-06-17 13:05 - 00000000 ____D C:\Users\Smash\AppData\Local\AviraSpeedup
2017-06-17 12:44 - 2017-06-17 12:44 - 00000000 ____D C:\Windows\System32\Tasks\Avira
2017-06-17 12:44 - 2017-06-17 12:44 - 00000000 ____D C:\Users\Smash\AppData\Local\Avira
2017-06-17 12:43 - 2017-07-10 10:19 - 00003658 _____ C:\Windows\System32\Tasks\AviraSystemSpeedupUpdate
2017-06-14 19:19 - 2017-06-14 19:21 - 479535829 _____ C:\Users\Smash\Downloads\newvigil-cPanel-2017-04-30-09-00-03.tar.gz
2017-06-14 18:46 - 2017-06-14 18:47 - 01425698 _____ C:\Users\Smash\Downloads\1340334706_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:47 - 01423186 _____ C:\Users\Smash\Downloads\1339122884_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:47 - 01422494 _____ C:\Users\Smash\Downloads\1338518202_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:47 - 01419060 _____ C:\Users\Smash\Downloads\1337927898_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:47 - 01417068 _____ C:\Users\Smash\Downloads\1337311262_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:46 - 01490512 _____ C:\Users\Smash\Downloads\1342749317_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:46 - 01490283 _____ C:\Users\Smash\Downloads\1342154298_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:46 - 01489613 _____ C:\Users\Smash\Downloads\1341542742_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:46 - 01425799 _____ C:\Users\Smash\Downloads\1340934925_-_newvigil_cnpro.sql
2017-06-14 18:46 - 2017-06-14 18:46 - 01424764 _____ C:\Users\Smash\Downloads\1339727697_-_newvigil_cnpro.sql
2017-06-14 18:42 - 2017-06-14 18:45 - 479558319 _____ C:\Users\Smash\Downloads\newvigil-cPanel-2017-06-08-09-00-09.tar.gz
2017-06-14 16:49 - 2017-06-14 16:49 - 00064504 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avdevprot.sys
2017-06-14 12:55 - 2017-05-14 14:19 - 25738752 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-06-14 12:55 - 2017-05-14 13:55 - 05975040 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-06-14 12:55 - 2017-05-14 13:11 - 20274688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-06-14 12:55 - 2017-05-14 12:54 - 15252992 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-06-14 12:55 - 2017-05-14 12:52 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-06-14 12:55 - 2017-05-14 12:44 - 04549120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-06-14 12:55 - 2017-05-14 12:30 - 13664768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-06-14 12:55 - 2017-05-14 12:15 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-06-14 12:55 - 2017-05-12 12:26 - 05547752 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2017-06-14 12:55 - 2017-05-12 11:52 - 03222528 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-06-14 12:55 - 2017-05-10 09:29 - 14183936 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2017-06-14 12:55 - 2017-05-10 09:14 - 02651136 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2017-06-14 12:55 - 2017-04-27 16:50 - 03550208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\D3DCompiler_47.dll
2017-06-14 12:55 - 2017-04-12 07:05 - 04296704 _____ (Microsoft Corporation) C:\Windows\system32\D3DCompiler_47.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 02317824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-06-14 12:54 - 2017-06-02 02:28 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-06-14 12:54 - 2017-06-02 02:11 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-06-14 12:54 - 2017-06-02 02:11 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-06-14 12:54 - 2017-06-02 02:10 - 00733696 _____ (Microsoft Corporation) C:\Windows\HelpPane.exe
2017-06-14 12:54 - 2017-06-02 02:10 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-06-14 12:54 - 2017-06-02 02:09 - 01549824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-06-14 12:54 - 2017-06-02 02:09 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-06-14 12:54 - 2017-06-02 02:09 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-06-14 12:54 - 2017-06-02 02:09 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-06-14 12:54 - 2017-06-02 02:09 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-06-14 12:54 - 2017-06-02 02:09 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-06-14 12:54 - 2017-06-02 02:09 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-06-14 12:54 - 2017-06-02 02:09 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-06-14 12:54 - 2017-06-02 01:58 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-06-14 12:54 - 2017-06-02 01:58 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-06-14 12:54 - 2017-06-02 01:57 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-06-14 12:54 - 2017-06-02 01:57 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-06-14 12:54 - 2017-05-20 22:28 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-06-14 12:54 - 2017-05-20 22:28 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-06-14 12:54 - 2017-05-20 22:24 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-06-14 12:54 - 2017-05-20 22:24 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-06-14 12:54 - 2017-05-20 22:06 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-06-14 12:54 - 2017-05-20 21:55 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-06-14 12:54 - 2017-05-20 21:48 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-06-14 12:54 - 2017-05-20 21:48 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-06-14 12:54 - 2017-05-20 21:48 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-06-14 12:54 - 2017-05-20 21:47 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-06-14 12:54 - 2017-05-20 21:46 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-06-14 12:54 - 2017-05-20 21:42 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-06-14 12:54 - 2017-05-16 12:19 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-06-14 12:54 - 2017-05-16 11:35 - 00346320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-06-14 12:54 - 2017-05-14 14:46 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-06-14 12:54 - 2017-05-14 14:46 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-06-14 12:54 - 2017-05-14 14:28 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-06-14 12:54 - 2017-05-14 14:27 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-06-14 12:54 - 2017-05-14 14:27 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-06-14 12:54 - 2017-05-14 14:27 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-06-14 12:54 - 2017-05-14 14:26 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-06-14 12:54 - 2017-05-14 14:24 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-06-14 12:54 - 2017-05-14 14:17 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-06-14 12:54 - 2017-05-14 14:16 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-06-14 12:54 - 2017-05-14 14:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-06-14 12:54 - 2017-05-14 14:10 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-06-14 12:54 - 2017-05-14 14:10 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-06-14 12:54 - 2017-05-14 14:10 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-06-14 12:54 - 2017-05-14 14:10 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-06-14 12:54 - 2017-05-14 14:01 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-06-14 12:54 - 2017-05-14 13:57 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-06-14 12:54 - 2017-05-14 13:48 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-06-14 12:54 - 2017-05-14 13:47 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-06-14 12:54 - 2017-05-14 13:46 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-06-14 12:54 - 2017-05-14 13:42 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-06-14 12:54 - 2017-05-14 13:41 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-06-14 12:54 - 2017-05-14 13:38 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-06-14 12:54 - 2017-05-14 13:37 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-06-14 12:54 - 2017-05-14 13:36 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-06-14 12:54 - 2017-05-14 13:23 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-06-14 12:54 - 2017-05-14 13:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-06-14 12:54 - 2017-05-14 13:22 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-06-14 12:54 - 2017-05-14 13:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-06-14 12:54 - 2017-05-14 13:22 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-06-14 12:54 - 2017-05-14 13:21 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-06-14 12:54 - 2017-05-14 13:20 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-06-14 12:54 - 2017-05-14 13:19 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-06-14 12:54 - 2017-05-14 13:18 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-06-14 12:54 - 2017-05-14 13:17 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-06-14 12:54 - 2017-05-14 13:16 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-06-14 12:54 - 2017-05-14 13:15 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-06-14 12:54 - 2017-05-14 13:14 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-06-14 12:54 - 2017-05-14 13:12 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-06-14 12:54 - 2017-05-14 13:11 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-06-14 12:54 - 2017-05-14 13:10 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-06-14 12:54 - 2017-05-14 13:10 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-06-14 12:54 - 2017-05-14 13:02 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-06-14 12:54 - 2017-05-14 12:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-06-14 12:54 - 2017-05-14 12:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-06-14 12:54 - 2017-05-14 12:56 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-06-14 12:54 - 2017-05-14 12:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-06-14 12:54 - 2017-05-14 12:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-06-14 12:54 - 2017-05-14 12:50 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-06-14 12:54 - 2017-05-14 12:49 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-06-14 12:54 - 2017-05-14 12:42 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-06-14 12:54 - 2017-05-14 12:40 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-06-14 12:54 - 2017-05-14 12:39 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-06-14 12:54 - 2017-05-14 12:38 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-06-14 12:54 - 2017-05-14 12:37 - 01544704 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-06-14 12:54 - 2017-05-14 12:27 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-06-14 12:54 - 2017-05-14 12:11 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-06-14 12:54 - 2017-05-14 12:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-06-14 12:54 - 2017-05-12 12:27 - 00631176 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2017-06-14 12:54 - 2017-05-12 12:26 - 00706792 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2017-06-14 12:54 - 2017-05-12 12:26 - 00382696 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-06-14 12:54 - 2017-05-12 12:24 - 01732864 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 01163264 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00880640 _____ (Microsoft Corporation) C:\Windows\system32\advapi32.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\usp10.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00419840 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00215552 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\setbcdlocale.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00059904 _____ (Microsoft Corporation) C:\Windows\system32\appidapi.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\appidsvc.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:22 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:07 - 04001000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
2017-06-14 12:54 - 2017-05-12 12:07 - 03945704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
2017-06-14 12:54 - 2017-05-12 12:07 - 00308456 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2017-06-14 12:54 - 2017-05-12 12:04 - 01314112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00644096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\advapi32.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00629760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usp10.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00313344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00275456 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00050688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\appidapi.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\srclient.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 12:03 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 11:55 - 00148480 _____ (Microsoft Corporation) C:\Windows\system32\appidpolicyconverter.exe
2017-06-14 12:54 - 2017-05-12 11:54 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2017-06-14 12:54 - 2017-05-12 11:54 - 00017920 _____ (Microsoft Corporation) C:\Windows\system32\appidcertstorecheck.exe
2017-06-14 12:54 - 2017-05-12 11:51 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2017-06-14 12:54 - 2017-05-12 11:50 - 00296960 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe
2017-06-14 12:54 - 2017-05-12 11:46 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
2017-06-14 12:54 - 2017-05-12 11:43 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2017-06-14 12:54 - 2017-05-12 11:41 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
2017-06-14 12:54 - 2017-05-12 11:41 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
2017-06-14 12:54 - 2017-05-12 11:41 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
2017-06-14 12:54 - 2017-05-12 11:41 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
2017-06-14 12:54 - 2017-05-12 11:40 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 11:40 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 11:40 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 11:40 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
2017-06-14 12:54 - 2017-05-12 10:25 - 01251328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWrite.dll
2017-06-14 12:54 - 2017-05-12 09:58 - 01648128 _____ (Microsoft Corporation) C:\Windows\system32\DWrite.dll
2017-06-14 12:54 - 2017-05-12 09:58 - 01180160 _____ (Microsoft Corporation) C:\Windows\system32\FntCache.dll
2017-06-14 12:54 - 2017-05-10 09:33 - 00091368 _____ (Microsoft Corporation) C:\Windows\system32\MigAutoPlay.exe
2017-06-14 12:54 - 2017-05-10 09:29 - 03165184 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2017-06-14 12:54 - 2017-05-10 09:29 - 01867776 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-06-14 12:54 - 2017-05-10 09:29 - 00192512 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2017-06-14 12:54 - 2017-05-10 09:29 - 00098816 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2017-06-14 12:54 - 2017-05-10 09:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2017-06-14 12:54 - 2017-05-10 09:16 - 00091368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MigAutoPlay.exe
2017-06-14 12:54 - 2017-05-10 09:13 - 00709120 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2017-06-14 12:54 - 2017-05-10 09:13 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2017-06-14 12:54 - 2017-05-10 09:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2017-06-14 12:54 - 2017-05-10 09:13 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2017-06-14 12:54 - 2017-05-10 09:13 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2017-06-14 12:54 - 2017-05-10 09:13 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2017-06-14 12:54 - 2017-05-10 09:12 - 12880896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2017-06-14 12:54 - 2017-05-10 09:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-06-14 12:54 - 2017-05-10 09:12 - 00174080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2017-06-14 12:54 - 2017-05-10 09:00 - 00573440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2017-06-14 12:54 - 2017-05-10 09:00 - 00093696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2017-06-14 12:54 - 2017-05-10 09:00 - 00035328 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2017-06-14 12:54 - 2017-05-10 09:00 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2017-06-14 12:54 - 2017-05-10 08:52 - 00117248 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys
2017-06-14 12:54 - 2017-05-09 09:30 - 00757248 _____ (Microsoft Corporation) C:\Windows\system32\win32spl.dll
2017-06-14 12:54 - 2017-05-09 09:29 - 00970240 _____ (Microsoft Corporation) C:\Windows\system32\localspl.dll
2017-06-14 12:54 - 2017-05-09 09:11 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\win32spl.dll
2017-06-14 12:54 - 2017-05-07 09:33 - 00094440 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mountmgr.sys
2017-06-14 12:54 - 2017-05-07 09:29 - 00011264 _____ (Microsoft Corporation) C:\Windows\system32\msmmsp.dll
2017-06-14 12:54 - 2017-03-30 09:03 - 00046080 _____ (Microsoft Corporation) C:\Windows\system32\rundll32.exe
2017-06-14 12:54 - 2017-03-30 08:58 - 00045056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-11 13:58 - 2009-07-13 22:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-11 13:58 - 2009-07-13 22:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-11 13:52 - 2012-11-06 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-07-11 13:51 - 2013-11-01 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-07-11 12:06 - 2015-10-02 13:26 - 00000000 ____D C:\Users\Smash\Dropbox
2017-07-11 09:58 - 2016-11-18 16:24 - 00000000 ____D C:\Users\Smash\AppData\LocalLow\Mozilla
2017-07-10 15:13 - 2015-04-21 11:45 - 00000000 ____D C:\Users\Smash\AppData\Roaming\vlc
2017-07-10 11:08 - 2011-08-19 12:23 - 00000000 ____D C:\Users\Smash\Documents\Admin
2017-07-10 10:33 - 2017-02-23 19:37 - 00000000 ____D C:\Users\Smash\Desktop\Mexico
2017-07-10 10:19 - 2016-04-27 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-10 10:19 - 2016-04-27 08:32 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-10 10:11 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-06 19:47 - 2016-03-01 17:27 - 00000000 ____D C:\Users\Smash\AppData\Roaming\uTorrent
2017-07-05 15:38 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2017-07-05 12:54 - 2013-06-12 16:46 - 00382638 _____ C:\Users\Smash\Downloads\mono.zip
2017-07-03 14:18 - 2011-10-05 23:54 - 00000000 ____D C:\Users\Smash\AppData\Local\CrashDumps
2017-07-03 13:32 - 2015-04-01 15:21 - 00894976 ___SH C:\Users\Smash\Desktop\Thumbs.db
2017-07-03 13:31 - 2015-10-02 13:23 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-03 13:31 - 2015-10-02 13:23 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-03 13:23 - 2015-10-02 13:23 - 00003914 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-07-03 13:23 - 2015-10-02 13:23 - 00003662 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-07-03 13:23 - 2015-02-26 11:23 - 00003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-03 13:23 - 2015-01-15 19:44 - 00003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-03 13:23 - 2014-05-05 00:04 - 00003510 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA
2017-07-03 13:23 - 2014-05-05 00:04 - 00003238 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core
2017-07-03 13:23 - 2012-10-03 13:22 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-07-03 11:00 - 2012-05-04 12:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-29 19:29 - 2013-10-13 10:53 - 00000544 _____ C:\Users\Smash\Documents\keychain.txt
2017-06-29 13:46 - 2013-04-29 16:15 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 13:32 - 2015-10-02 13:23 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-06-29 13:16 - 2016-04-27 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-06-29 13:14 - 2015-05-27 09:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-25 13:14 - 2014-08-19 15:24 - 00000000 ____D C:\Users\Smash\AppData\Local\Adobe
2017-06-25 13:13 - 2012-04-14 18:06 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-25 13:13 - 2011-10-05 23:57 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-25 13:13 - 2011-10-05 23:57 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-25 13:13 - 2011-09-30 19:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-22 14:33 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2017-06-19 15:59 - 2011-10-17 12:47 - 00000000 ____D C:\Users\Smash\AppData\Roaming\IPublish
2017-06-18 03:48 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\rescache
2017-06-18 03:44 - 2011-09-30 20:12 - 00000000 ____D C:\Users\Smash
2017-06-18 01:54 - 2017-02-25 16:44 - 00000000 ____D C:\Users\Guest
2017-06-18 01:54 - 2014-04-09 12:45 - 00000000 ____D C:\Users\TEMP
2017-06-18 01:53 - 2011-09-30 21:00 - 00000000 ____D C:\Windows\System32\Tasks\Sony Corporation
2017-06-18 01:53 - 2011-09-30 20:10 - 00000000 ____D C:\ProgramData\Sony Corporation
2017-06-18 01:53 - 2011-09-16 00:53 - 00000000 ___RD C:\Users\Smash\Desktop\Investigation
2017-06-18 01:53 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\registration
2017-06-17 13:21 - 2015-11-26 10:48 - 00000000 ____D C:\Users\Smash\AppData\Roaming\WinRarPwdRemoverAppData
2017-06-17 13:21 - 2015-10-24 09:03 - 00000000 ____D C:\Users\Smash\AppData\Local\AvgSetupLog
2017-06-17 13:20 - 2015-06-17 11:18 - 00000000 ____D C:\Users\Smash\AppData\Roaming\VideoEditor
2017-06-17 12:42 - 2016-04-27 08:32 - 00000000 ____D C:\ProgramData\Avira
2017-06-16 22:35 - 2009-07-13 23:13 - 00782510 _____ C:\Windows\system32\PerfStringBackup.INI
2017-06-14 21:03 - 2015-10-02 13:23 - 00000000 ____D C:\Users\Smash\AppData\Local\Dropbox
2017-06-14 20:49 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\SysWOW64\migwiz
2017-06-14 20:48 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\migwiz
2017-06-14 19:37 - 2012-05-16 01:36 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2017-06-14 19:36 - 2013-07-26 22:13 - 00000000 ____D C:\Windows\system32\MRT
2017-06-14 19:36 - 2012-05-16 01:35 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2017-06-14 19:36 - 2012-05-16 01:35 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2017-06-14 19:31 - 2011-10-01 15:31 - 133627792 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-06-14 17:06 - 2014-07-12 11:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-06-14 16:49 - 2016-10-10 01:26 - 00034128 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avusbflt.sys
2017-06-14 16:49 - 2016-04-27 08:34 - 00185032 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avgntflt.sys
2017-06-14 16:49 - 2016-04-27 08:34 - 00149976 _____ (Avira Operations GmbH & Co. KG) C:\Windows\system32\Drivers\avipbb.sys

==================== Files in the root of some directories =======

2011-12-02 16:44 - 2011-12-02 16:44 - 0000278 _____ () C:\Users\Smash\AppData\Roaming\Fopydo.cfg
2011-12-02 16:44 - 2011-12-02 16:44 - 0000000 _____ () C:\Users\Smash\AppData\Roaming\FopydoContacts.db.dir
2011-12-02 16:44 - 2011-12-02 17:40 - 0001024 _____ () C:\Users\Smash\AppData\Roaming\FopydoContacts.db.pag
2011-12-02 16:44 - 2011-12-02 16:47 - 0004096 _____ () C:\Users\Smash\AppData\Roaming\FopydoTesseract.db.dir
2011-12-02 16:44 - 2011-12-02 17:40 - 0002048 _____ () C:\Users\Smash\AppData\Roaming\FopydoTesseract.db.pag
2016-07-15 11:22 - 2016-07-15 11:24 - 0002057 _____ () C:\Users\Smash\AppData\Roaming\vidiot.ini
2016-04-16 18:43 - 2016-04-16 18:43 - 0392102 _____ () C:\Users\Smash\AppData\Local\ars.cache
2016-04-16 18:44 - 2016-04-16 18:44 - 0527432 _____ () C:\Users\Smash\AppData\Local\census.cache
2013-03-28 12:07 - 2016-06-07 08:15 - 0008192 _____ () C:\Users\Smash\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-30 00:59 - 2011-10-30 00:59 - 0002412 _____ () C:\Users\Smash\AppData\Local\FastClean.20111030.005958.txt
2011-11-07 23:50 - 2011-11-07 23:50 - 0002423 _____ () C:\Users\Smash\AppData\Local\FastClean.20111107.225031.txt
2012-09-26 13:53 - 2012-09-26 13:53 - 0000036 _____ () C:\Users\Smash\AppData\Local\housecall.guid.cache
2011-10-17 12:46 - 2017-06-03 16:10 - 0006269 _____ () C:\Users\Smash\AppData\Local\ipublish.ini
2011-10-30 01:02 - 2011-10-30 01:02 - 0020956 _____ () C:\Users\Smash\AppData\Local\IWDAudHelper.20111030.010200.txt
2011-11-30 00:58 - 2011-11-30 00:58 - 0002507 _____ () C:\Users\Smash\AppData\Local\IWDAudHelper.20111129.235800.txt
2011-10-28 18:58 - 2011-10-28 18:58 - 0001544 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111028.185833.txt
2011-10-29 21:39 - 2011-10-29 21:39 - 0001544 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111029.213921.txt
2011-10-30 01:00 - 2011-10-30 01:00 - 0001690 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010044.txt
2011-10-30 01:00 - 2011-10-30 01:00 - 0000844 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010056.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0000673 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010118.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001665 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010125.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001283 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010136.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010148.txt
2011-10-30 01:02 - 2011-10-30 01:02 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010227.txt
2011-10-30 12:18 - 2011-10-30 12:18 - 0001632 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.121845.txt
2011-10-30 22:47 - 2011-10-30 22:47 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.224744.txt
2011-10-30 23:34 - 2011-10-30 23:34 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.233445.txt
2011-11-07 17:22 - 2011-11-07 17:22 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.162224.txt
2011-11-07 20:51 - 2011-11-07 20:51 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.195107.txt
2011-11-07 20:51 - 2011-11-07 20:51 - 0001632 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.195132.txt
2011-11-07 21:57 - 2011-11-07 21:57 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.205752.txt
2011-11-07 21:59 - 2011-11-07 21:59 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.205923.txt
2011-11-07 23:26 - 2011-11-07 23:26 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.222653.txt
2011-11-07 23:50 - 2011-11-07 23:50 - 0001559 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.225052.txt
2011-11-07 23:55 - 2011-11-07 23:55 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.225509.txt
2011-11-08 00:36 - 2011-11-08 00:36 - 0001630 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.233620.txt
2011-11-08 09:16 - 2011-11-08 09:16 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111108.081621.txt
2011-11-30 00:57 - 2011-11-30 00:57 - 0000663 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111129.235743.txt
2011-11-30 00:57 - 2011-11-30 00:57 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111129.235759.txt
2013-02-02 23:54 - 2013-02-02 23:54 - 0007608 _____ () C:\Users\Smash\AppData\Local\Resmon.ResmonCfg
2016-04-16 18:25 - 2016-04-16 18:25 - 0000010 _____ () C:\Users\Smash\AppData\Local\sponge.last.runtime.cache
2015-12-07 10:34 - 2015-12-07 10:34 - 0000000 _____ () C:\Users\Smash\AppData\Local\{BB0833BE-4241-46E7-8141-B04A6DBB28DB}
2014-06-21 00:47 - 2014-06-21 00:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-04-07 12:50 - 2014-01-31 13:19 - 0009101 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-18 03:37

==================== End of FRST.txt ============================

 

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 08-07-2017
Ran by Smash (11-07-2017 14:05:21)
Running from C:\Users\Smash\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-01 02:12:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4071271752-2530744919-2841666311-500 - Administrator - Disabled)
Guest (S-1-5-21-4071271752-2530744919-2841666311-501 - Limited - Enabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-4071271752-2530744919-2841666311-1007 - Limited - Enabled)
Smash (S-1-5-21-4071271752-2530744919-2841666311-1001 - Administrator - Enabled) => C:\Users\Smash

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\uTorrent) (Version: 3.5.0.43804 - BitTorrent Inc.)
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20044 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 24.0.0.180 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.5.196 - Adobe Systems, Inc.)
Agent Ransack x64 (HKLM\...\{FD8C1365-2229-4F37-A126-558DB2471CBE}) (Version: 7.0.828.1 - Mythicsoft Ltd)
Akamai NetSession Interface (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.369 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{158BEEC4-CC30-BF2F-248D-B52AF953E9C1}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}) (Version: 2.3.0.0 - ATI Technologies Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.27.34 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM-x32\...\{14d00649-a178-473f-bf48-eec016dc4bfa}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG)
Avira Connect (HKLM-x32\...\{271D5399-34AF-4611-BCD9-B09185B2BBE0}) (Version: 1.2.89.29905 - Avira Operations GmbH & Co. KG) Hidden
Avira System Speedup (HKLM-x32\...\Avira System Speedup_is1) (Version: 3.7.1.5481 - Avira Operations GmbH & Co. KG)
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (HKLM-x32\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Celtx (2.9.1) (HKLM-x32\...\Celtx (2.9.1)) (Version: 2.9.1 (en-US) - Greyfirst)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Disk Drill 1.0.0.188 (HKLM-x32\...\{232BCE66-B89D-4561-AEE0-AA25057B171B}) (Version: 1.0.189 - CleverFiles)
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 29.4.20 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Express Scribe (HKLM-x32\...\Scribe) (Version:  - NCH Software)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
ICMV Audio Codec (HKLM-x32\...\{2767EE80-D340-41F2-A922-F7F8114F9642}) (Version: 1.0.0 - PCS Inc.)
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® Processor ID Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.40.0000 - Intel® Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPublish Vista Fix (HKLM-x32\...\{AA4258DE-83B2-4FAE-A36B-D5246B1CC529}) (Version: 1.00.0000 - IPRO Tech)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
iTunes Export (HKLM-x32\...\{3FFF605A-B4CE-0706-16C3-7313BBF32DFA}) (Version: 2.2.2 - UNKNOWN) Hidden
iTunes Export (HKLM-x32\...\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1) (Version: 2.2.2 - UNKNOWN)
Java 8 Update 121 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
LibreOffice 5.2 Help Pack (English (United States)) (HKLM-x32\...\{CB65587B-28CB-49C3-928D-DC39B143A745}) (Version: 5.2.7.2 - The Document Foundation)
LibreOffice 5.2.7.2 (HKLM-x32\...\{C89BB248-1889-4D6B-B310-A744A0545123}) (Version: 5.2.7.2 - The Document Foundation)
Medieval CUE Splitter (HKLM-x32\...\{B96D2269-568B-4CBF-9332-12FAE8B158F7}) (Version: 1.2.0 - Medieval Software)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Filter Pack 2.0 (HKLM\...\{95140000-2000-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 en-US)) (Version: 52.2.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Nextiva Codec (HKLM-x32\...\{8A6EA3B1-3357-4E2D-852E-A536C9A35624}) (Version: 61.7.5194 - Verint Video Solutions) Hidden
Nextiva Codec (HKLM-x32\...\{BE18FDC3-7E2E-4DE5-B471-DB74491768F2}) (Version: 61.7.5194 - Verint Video Solutions)
OpenVPN 2.3.10-I602  (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
PDFill FREE PDF Tools (HKLM\...\{60724DF0-7436-48B8-BEF9-07BA4C3880EE}) (Version: 9.0 - PlotSoft LLC)
PDFill FREE PDF Writer (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC)
Pixlr-o-matic (HKLM-x32\...\{41A63ADA-088B-1C2D-43B3-E4087FE79881}) (Version: 2.1 - UNKNOWN) Hidden
Pixlr-o-matic (HKLM-x32\...\Pixlromatic) (Version: 2.1 - UNKNOWN)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{163E8878-383D-D084-6FD7-7306DE3526DC}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{EFBEE79D-E49D-9451-459E-F776AC857F99}) (Version: 1.00.1. - AMD) Hidden
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1205.20 - Trusteer) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1804.112 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scribus 1.4.5 (HKLM-x32\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SQLite Studio 1.0.0.0 (HKLM-x32\...\SQLite Studio) (Version: 1.0.0.0 - SQLite Studio)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Trelby (HKLM-x32\...\Trelby) (Version: 2.2.0.0 - Trelby.org)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1804.112 - Trusteer)
Unity Web Player (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
VAIO Care (HKLM-x32\...\{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}) (Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.4.0.11260 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{F8B48758-410A-4B09-A734-C5DEA282C7C9}) (Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (HKLM-x32\...\{31ABC808-794B-4710-B3E4-85F77784882E}) (Version: 4.1.0.10120 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{884A242B-BE5C-4F9F-9177-F44156A5D081}) (Version: 13.00.0927 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.2.0.11040 - Sony Corporation) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.4.0.12090 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO Wireless Wizard (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 4.0.0.02180 - Sony) Hidden
VESx86 (HKLM-x32\...\{6883A6BD-37B5-4314-BB66-FA581D15A906}) (Version: 1.0.0 - Sony Corporation) Hidden
Vista Fix for IPublish 8.5 (HKLM-x32\...\{8BFECAC4-E1ED-45A6-A237-1EED091D6674}) (Version: 1.00.0000 - IPRO Tech)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VU5x64 (HKLM\...\{6B7DE186-374B-4873-AEC1-7464DA337DD6}) (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{9D12A8B5-9D41-4465-BF11-70719EB0CD02}) (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Apple Inc. Apple Keyboard (04/06/2009 3.0.0.0) (HKLM\...\831BF8DFEC5520D988361807D534A2041AE4AAB3) (Version: 04/06/2009 3.0.0.0 - Apple Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers01: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-14] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers02: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers02: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers04: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers04: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers04: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-12-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.16.0.dll [2017-06-26] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-05-24] (Intel Corporation)
ContextMenuHandlers05: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers06: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-06-14] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D3968C-35F4-4561-86FB-A1293AB7AC50} - System32\Tasks\SONY\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {0A1BF919-5BB0-4F31-B13E-98D51CCCFD36} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {0FF12B22-A136-4635-AB96-3F104735A8D1} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {219E6605-38D3-43A6-8108-AF814A3B4A66} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {29FC249D-D34F-43D5-B31D-181F9C8A56AC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3C46779F-35B5-4001-9DDA-58C81235B229} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {40A096EE-B83B-4AAB-A5AE-A2934C93CF5C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {4E09540A-4C54-42BE-973A-9677E6D2BAEE} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-07-10] (Avira Operations GmbH & Co. KG                              )
Task: {4EB1F4E6-6137-47B0-A9B2-A8B2F75B157B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {51B4A5F6-6823-490A-BB5C-AA90A70C35DC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {57090A8A-30A7-47EC-9D0F-9BE28D4E7098} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {5E4B7954-36B3-4FB7-87C6-D91AE43B797E} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {6AEEF879-56E0-4431-93EB-DA5E6C2698D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {730B2DA9-8BBF-4E60-A933-E303EBE344A2} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {78069684-4946-4080-A41A-57D9BA3E8EEA} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {9516CD2E-05B8-4C67-B3FC-2F3F0D94664C} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {A1311EF3-BCB8-4B7E-AC7B-2E688698C22A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {C4192730-EE4E-4D47-A048-B4B834F27125} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {C5DB83F2-4D6D-419A-9CE2-24B70BEA2775} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {D75AD3A9-032C-4E12-A79F-2BEA1493016A} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {E61F915B-D378-46A2-BBDB-4BBCC3302DAF} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {F1458236-19DB-471D-AA9A-2A02E2110BFF} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {F1A658EA-E1BE-42AD-B91A-EC9F534FE772} - System32\Tasks\Sony Corporation\VAIO Boot Manager\VAIO Boot Manager => C:\Program Files (x86)\Sony\VAIO Boot Manager\SetProcessTask.exe [2010-12-08] (Sony Corporation)
Task: {F978F1FB-15CE-42F7-8942-5F69635C319E} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {FA0A6FB8-6183-4D1B-B859-75260E204460} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Smash\Desktop\Investigation\Done\DVF Garcia Perez\Disco\04.04.12\001059 Walmart\VerintVideoSolutionsCodecs.lnk -> hxxp://www.verint.com/video_solutions/overview.cfm?article_level1_category_id=40

==================== Loaded Modules (Whitelisted) ==============

2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-01-14 02:20 - 2011-01-14 01:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-11-09 11:55 - 2011-11-09 11:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-12-22 03:53 - 2011-12-22 03:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2017-05-09 03:05 - 2017-05-09 03:05 - 01354040 _____ () C:\Program Files\iTunes\libxml2.dll
2017-05-09 03:05 - 2017-05-09 03:05 - 00092472 _____ () C:\Program Files\iTunes\zlib1.dll
2017-05-09 03:04 - 2017-05-09 03:04 - 00236856 _____ () C:\Program Files\iTunes\libxslt.dll
2012-12-09 20:08 - 2010-12-23 17:24 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2017-04-27 12:06 - 2017-04-27 12:06 - 01034856 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxml2.dll
2017-04-27 12:06 - 2017-04-27 12:06 - 00404072 _____ () C:\Program Files (x86)\LibreOffice 5\program\glew32.dll
2017-04-27 12:06 - 2017-04-27 12:06 - 00182888 _____ () C:\Program Files (x86)\LibreOffice 5\program\libxslt.dll
2017-04-27 12:07 - 2017-04-27 12:07 - 00116328 _____ () C:\Program Files (x86)\LibreOffice 5\program\python3.dll
2017-04-27 08:50 - 2017-04-27 08:50 - 00049152 _____ () C:\Program Files (x86)\LibreOffice 5\program\python-core-3.3.0\lib\_socket.pyd
2017-05-14 14:22 - 2017-05-14 14:22 - 00169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e02990982d5c841556f4bc4041a38de0\IsdiInterop.ni.dll
2011-09-30 19:36 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll
2017-04-04 18:38 - 2017-04-04 18:38 - 23772240 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroRd32.dll
2016-12-23 12:10 - 2016-12-23 12:10 - 00323152 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\sqlite.dll
2017-04-04 18:38 - 2017-04-04 18:38 - 69743184 _____ () C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AcroCEF\libcef.dll
2017-05-09 00:45 - 2017-05-09 00:45 - 01041720 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:13 - 2016-09-01 18:13 - 00080184 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2017-06-29 13:31 - 2017-06-26 04:27 - 00801600 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
2017-06-29 13:31 - 2017-06-26 04:27 - 01787200 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
2017-05-17 17:59 - 2017-06-26 04:26 - 00100296 _____ () C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00018888 _____ () C:\Program Files (x86)\Dropbox\Client\select.pyd
2017-05-17 17:59 - 2017-06-26 04:29 - 00019776 _____ () C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00035792 _____ () C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
2017-06-29 13:31 - 2017-06-26 04:28 - 00020824 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00123856 _____ () C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00694224 _____ () C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 01729360 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00020816 _____ () C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
2017-06-29 13:31 - 2017-06-26 04:26 - 00145864 _____ () C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
2017-06-29 13:31 - 2017-06-26 04:26 - 00019408 _____ () C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
2017-06-29 13:31 - 2017-06-26 04:27 - 00116688 _____ () C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
2017-05-17 17:59 - 2017-06-26 04:26 - 00105928 _____ () C:\Program Files (x86)\Dropbox\Client\win32api.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00060736 _____ () C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00038712 _____ () C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00024528 _____ () C:\Program Files (x86)\Dropbox\Client\win32event.pyd
2017-06-29 13:31 - 2017-06-26 04:27 - 00392656 _____ () C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
2017-06-29 13:31 - 2017-06-26 04:26 - 00020936 _____ () C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00116176 _____ () C:\Program Files (x86)\Dropbox\Client\win32security.pyd
2017-05-17 17:59 - 2017-06-26 04:29 - 00392512 _____ () C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00124880 _____ () C:\Program Files (x86)\Dropbox\Client\win32file.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00175560 _____ () C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00030160 _____ () C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00043472 _____ () C:\Program Files (x86)\Dropbox\Client\win32process.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00048592 _____ () C:\Program Files (x86)\Dropbox\Client\win32service.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00057808 _____ () C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00024016 _____ () C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
2017-06-29 13:31 - 2017-06-26 04:28 - 00022336 _____ () C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00082264 _____ () C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00025432 _____ () C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
2017-06-29 13:31 - 2017-06-26 04:28 - 00246608 _____ () C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00027488 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 03928896 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00083912 _____ () C:\Program Files (x86)\Dropbox\Client\sip.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 01826104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 01972024 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00028616 _____ () C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00171336 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00042816 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00531264 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00133432 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00224064 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00207680 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00060880 _____ () C:\Program Files (x86)\Dropbox\Client\win32print.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00054608 _____ () C:\Program Files (x86)\Dropbox\Client\winrpcserver.compiled._RPCServer.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00022864 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00021848 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00022872 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd
2017-05-17 17:59 - 2017-06-26 04:26 - 00349128 _____ () C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd
2017-05-17 17:59 - 2017-06-26 04:30 - 00023896 _____ () C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00025936 _____ () C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd
2017-06-29 13:31 - 2017-06-26 04:27 - 00036296 _____ () C:\Program Files (x86)\Dropbox\Client\librsync.dll
2017-06-29 13:31 - 2017-06-26 04:29 - 00084288 _____ () C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL
2017-05-17 17:59 - 2017-06-26 04:30 - 00030536 _____ () C:\Program Files (x86)\Dropbox\Client\wind3d11.compiled._wind3d11.pyd
2017-06-29 13:31 - 2017-06-26 04:27 - 00017864 _____ () C:\Program Files (x86)\Dropbox\Client\libEGL.dll
2017-06-29 13:31 - 2017-06-26 04:27 - 01631184 _____ () C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll
2017-05-17 17:59 - 2017-06-26 04:30 - 00026456 _____ () C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd
2017-05-17 17:59 - 2017-06-26 04:29 - 00023368 _____ () C:\Program Files (x86)\Dropbox\Client\wincrashpad.compiled._Crashpad.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00546104 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd
2017-06-29 13:31 - 2017-06-26 04:29 - 00357688 _____ () C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5315 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2012-09-30 12:42 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Smash\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: cfbackd => 3
MSCONFIG\Services: CLKMSVC10_9EC60124 => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostServiceSony => 3
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: SampleCollector => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDms => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Update service => 2
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VcmIAlzMgr => 3
MSCONFIG\Services: VcmINSMgr => 3
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Smash^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Smash\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: FoneLabAppService => C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
MSCONFIG\startupreg: Google Update => C:\Users\Smash\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PCTD Service Activation => "C:\Program Files (x86)\OakTree\PCTDServiceActivation\PCTDServiceActivation.exe" -checkcounter
MSCONFIG\startupreg: PMBVolumeWatcher => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Smash\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [TCP Query User{023C3592-320C-4971-9C93-4C75C7AC6B76}C:\users\smash\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\smash\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{B13813CD-6B5E-459F-B7A1-804F20038605}C:\users\smash\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\smash\appdata\local\akamai\netsession_win.exe
FirewallRules: [{14544FC5-913F-4AD1-A367-22CEC5E88444}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD9\PowerDVD9.EXE
FirewallRules: [{08E3B29B-087A-498A-9AA4-9D4B14630EA5}] => (Allow) C:\Users\Smash\AppData\Local\Chromium\Application\chrome.exe
FirewallRules: [{0FB0AF28-BDCB-49A7-A3D6-C53077361EE8}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
FirewallRules: [{43E4E20D-54A2-4507-8507-A9997CCF1F1A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{F403A9BC-C366-4599-9508-4666038E0037}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22686F09-5D7C-470B-9CE9-3E2AE058EAB0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{3926585F-199C-4884-9D55-C868AC2101A5}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{907646CD-68AD-4E56-A17D-52EFE1726DE1}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{2EFCB86C-68E7-4432-A2D5-840903AFDEE4}] => (Allow) C:\Program Files (x86)\Popcorn Time\Updater.exe
FirewallRules: [{E418575D-E8C8-49FD-8B3C-B8183D3C9CF0}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{7C2E2B5F-0D14-4A24-87A6-C1090DAFEA09}] => (Allow) C:\Program Files (x86)\Popcorn Time\PopcornTimeDesktop.exe
FirewallRules: [{3E491B7C-2BA9-44A2-BF30-1EC4D0B90F35}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{4384C372-CED3-4A1E-AC6B-9D635D21490B}] => (Allow) C:\Program Files (x86)\Popcorn Time\chromecast\node.exe
FirewallRules: [{61019C97-75A2-41A7-97F9-294B7C6EF390}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{87BC04C5-E56B-40CC-A5FA-63DC13A34796}] => (Allow) LPort=2869
FirewallRules: [{3093A95B-4816-4CC1-996F-20E7D133163C}] => (Allow) LPort=1900
FirewallRules: [{2B546B05-E7A8-4D8C-A0AE-EEBACF834785}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{A6ABC26A-5D24-45D1-B352-E25D4357FC43}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E586744B-9AE0-4D72-AADF-F76A668AD8F9}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{E9123649-9321-4505-A048-32332A89E488}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{378C59B8-922A-493C-A35A-448FF5CC3BC8}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{4A838782-A3D6-4BE5-A740-4120C11E6328}] => (Allow) C:\Users\Smash\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{0CC236CF-1E4B-499E-8E0B-038BAA5DFE5F}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{0CCD8663-D654-4AF8-B574-C902B1A7EF40}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{E8A0667A-13BF-4FD5-B743-5D5BCBA87431}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00004 1d-3\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00004 1d-3\hawk\player.exe
FirewallRules: [UDP Query User{E40B64F1-D4EA-4CE0-99E5-E3F582EC9687}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00004 1d-3\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00004 1d-3\hawk\player.exe
FirewallRules: [TCP Query User{6B8C55EC-7B38-4373-8273-BAF7554DDB11}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00004 1d-3\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00004 1d-3\hawk\player.exe
FirewallRules: [UDP Query User{A3992CD7-417A-4278-9EAD-DE30214FB708}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00004 1d-3\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00004 1d-3\hawk\player.exe
FirewallRules: [TCP Query User{D27789EB-4E47-4BE2-832A-52B9A42F54E1}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00005 1d-6\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00005 1d-6\hawk\player.exe
FirewallRules: [UDP Query User{78C38FF6-03E2-49A5-A57F-F9358E70AABB}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00005 1d-6\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00005 1d-6\hawk\player.exe
FirewallRules: [TCP Query User{D26E9EFF-A82A-4779-8B29-13EE79568FDB}C:\hawk\player.exe] => (Block) C:\hawk\player.exe
FirewallRules: [UDP Query User{39C50C82-3EA0-43C9-88D1-4EEBF80F3AF1}C:\hawk\player.exe] => (Block) C:\hawk\player.exe
FirewallRules: [TCP Query User{653FD0CC-E183-4636-B925-A740602FDED6}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00008 1d-11\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00008 1d-11\hawk\player.exe
FirewallRules: [UDP Query User{1A94E2EF-A526-4A1C-8310-A94726D6E001}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00008 1d-11\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00008 1d-11\hawk\player.exe
FirewallRules: [TCP Query User{0EE9CB39-49D2-4FAE-98E5-3563A650EAE2}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00009 1d-12\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00009 1d-12\hawk\player.exe
FirewallRules: [UDP Query User{0440121C-8618-4713-BB02-10FEDC7ECB65}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00009 1d-12\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00009 1d-12\hawk\player.exe
FirewallRules: [TCP Query User{2225B3AA-9B28-49C5-9D75-08C870236EF1}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00005 1d-6\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00005 1d-6\hawk\player.exe
FirewallRules: [UDP Query User{DA161B09-8C35-4AE9-A286-354770871351}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00005 1d-6\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00005 1d-6\hawk\player.exe
FirewallRules: [TCP Query User{7A4A2FBC-828A-4202-9AAD-811A50BB64BA}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00007 1d-9\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00007 1d-9\hawk\player.exe
FirewallRules: [UDP Query User{7F53DE6B-E588-4D6B-B88B-E62743E150DE}C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00007 1d-9\hawk\player.exe] => (Block) C:\users\smash\desktop\investigation\cases\dvf martinez\disco\av-00007 1d-9\hawk\player.exe
FirewallRules: [TCP Query User{EC009A3E-7C57-4987-A65A-45B587DF3AAC}C:\hawk\player.exe] => (Block) C:\hawk\player.exe
FirewallRules: [UDP Query User{EE363DFF-9D22-41C9-A865-153F6C5F062A}C:\hawk\player.exe] => (Block) C:\hawk\player.exe
FirewallRules: [{EEFF830A-C19C-4A71-A7B4-F1632A051501}] => (Allow) C:\Program Files\iTunes\iTunes.exe
FirewallRules: [{3E7600CA-1E7A-4618-AFED-01E3059B5DF0}] => (Allow) C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
FirewallRules: [{3C1B0B0F-F5FD-494D-9B64-5DD76BBC5C08}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

07-07-2017 18:17:51 Windows Update

==================== Faulty Device Manager Devices =============

Name: Intel® Centrino® Advanced-N + WiMAX 6250
Description: Intel® Centrino® Advanced-N + WiMAX 6250
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: USB Camera
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/11/2017 09:46:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 66568559

Error: (07/11/2017 09:46:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 66568559

Error: (07/11/2017 09:46:21 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/11/2017 09:46:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 66567530

Error: (07/11/2017 09:46:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 66567530

Error: (07/11/2017 09:46:20 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/11/2017 09:46:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 66566531

Error: (07/11/2017 09:46:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 66566531

Error: (07/11/2017 09:46:19 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/11/2017 09:46:18 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 66565533


System errors:
=============
Error: (07/08/2017 02:18:53 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (07/08/2017 02:18:48 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (07/08/2017 02:18:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F32D97DF-E3E5-4CB9-9E3E-0EB5B4E49801} did not register with DCOM within the required timeout.

Error: (07/07/2017 06:17:44 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (07/07/2017 06:17:40 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (07/06/2017 04:57:56 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (07/06/2017 04:57:50 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (07/05/2017 05:58:11 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.

Error: (07/05/2017 02:19:27 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (07/05/2017 02:19:25 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {E10F6C3A-F1AE-4ADC-AA9D-2FE65525666E} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
  Date: 2013-07-09 11:13:47.671
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 10:20:16.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 08:24:19.270
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 08:08:10.015
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 21:20:44.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:57:00.982
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:43:03.037
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:07:19.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 15:59:19.376
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 15:39:20.097
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 91%
Total physical RAM: 4011.86 MB
Available physical RAM: 353.38 MB
Total Virtual: 8021.9 MB
Available Virtual: 2434.88 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454.75 GB) (Free:40.64 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 05776A7F)
Partition 1: (Not Active) - (Size=10.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


Edited by blues71, 13 July 2017 - 11:14 AM.

  • 0

Advertisements


#2
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,804 posts
Hi blues71,

Welcome to :welcome:. My name is Jr0x and I'll be helping you with your problem.

Before we get started, there are a few things I need you to take note of.
  • Please read through the instructions before attempting to follow those procedures. I would recommend printing them out as some of the instructions would requires you to be in safe mode / offline.
  • If there is anything you are unclear of, please ask before you start the fix.
  • Do not run any scripts / tools on your own, unsupervised usage may cause more harm than good.
  • Please stay with me on this thread, do not start another thread in here (Geeks To Go) or any other forum until I've declared you clean and good to go.
  • There may be delayed response to you as we may live in different timezone.
  • Inform me of anything that happens unexpectedly during the fix at any point of time.
  • As much as we like to make this a easy process for you. Malware removal is a complex multi-step process, and things may happen such as data loss or render your machine unbootable. I would recommend that you backup your personal data before we proceed.
  • Posts that are not replied to in four (4) days will result in the topic being closed. We have not forgotten you; this is just an effort to keep the boards organized and flowing. To continue on your closed topic, please PM me or any Moderator to have the topic reactivated. If, at any time during our working together, I have not responded to you in 2 days (48 hours), then please PM me.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • As we go along please tell me how the computer is running now. Please be as descriptive as possible e.g. I'm still getting web redirects, I am unable to access the internet etc.
Let's get started.

Did you knowingly installed CryptoPrevent?

warning.gif!!! P2P Warning !!!

Please note that as long as you are using any form of Peer-to-Peer networking and downloading files from non-documented sources, you can expect infestations of malware to occur.
Once upon a time, P2P file sharing was fairly safe. That is no longer true. You may continue to use P2P sharing at your own risk; however, please keep in mind that this practice may be the source of your current malware infestation

I'd like you to read the Guidelines for P2P Programs where we explain why it's not a good idea to have them.

Please read these short reports on the dangers of peer-2-peer programs and file sharing.

FBI Cyber Education Letter
USAToday

I would recommend that you uninstall any P2P Programs, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.

uTorrent

If you decide to keep the program in spite of the risks involved, do not use it until I have finished cleaning your computer and have given you the all clear.

Now that we are clear with the rules, let's proceed with the actual removal process. :thumbsup:

FRST.gif Re-Scan with Farbar's Recovery Scan Tool (FRST)
  • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File).
  • Please ensure you place a check mark in the Addition.txt check box at the bottom of the form before running.
  • Press Scan button.
  • It will produce a log called FRST.txt in the same directory the tool is run from.
  • Please copy and paste log back here.
  • Because you selected the Addition.txt check box this log will be created as well. Please also paste that along with the FRST.txt into your reply.

  • 0

#3
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts
Ok. I uninstalled uTorrent, but now I'm having a much bigger problem.
 
I am unable to run FRST64.exe from the desktop. Something moved it and is preventing me from saving any file with that name to the desktop.
 
About an hour ago, I was using the Chrome browser to access whitepages.com and was redirected through a series of URLs to the following site: hxxp://security-issue-notice1o4.stream/guest/0(I don't recommended clicking through). It seemed to take over my system. It opened a false notification window stating that Windows Defender had detected the "Zeus virus" and was sandboxing my system until I called a certain toll-free telephone number to ask Microsoft how to reactivate it. Of course, I ignored it. It opened about a thousand iterations of itself in succession. I was able to regain control by deactivating wifi and eventually accessing the task manager to end the Chrome processes (using 2.2 MB). Avira flagged and quarantined a temp file "FS.dll" as PUA/FusionCore.ME.3. Then when I tried to run FRST64.exe, Avira flagged it [HEUR/APC (Cloud)] and quarantined it, but then I found a folder on the Desktop labeled FRST64-OlderVersion containing a file named FRST64.exe. I have not accessed that file nor do I intend to, unless you instruct me to.
 
I get different error messages from Firefox, Chrome and Explorer, but none will let me save FRST64.exe to the desktop. I tried to save a text file under that name from Notepad and got a similar message.
 
Please help ASAP. Thank you.
  • 0

#4
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I was able to restart my computer in safe mode + networking, which allowed me to save FRST64.exe to my desktop and run it from there. Pasted below.

 

Thanks

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
Ran by Smash (administrator) on SIDEKICK (19-07-2017 10:03:59)
Running from C:\Users\Smash\Desktop
Loaded Profiles: Smash (Available Profiles: Smash & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Mythicsoft Ltd) C:\Program Files\Mythicsoft\Agent Ransack\AgentRansack.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Irfan Skiljan) C:\Program Files (x86)\IrfanView\i_view32.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-12-06] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 1999-12-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [VAIO Boot Manager] => C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [734608 2010-12-08] (Sony Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-07-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [66656 2017-06-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM Group Policy restriction on software: *.divx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <==== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <==== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <==== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <==== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <==== ATTENTION
HKLM Group Policy restriction on software: ** <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <==== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <==== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7963552 2017-06-12] (SUPERAntiSpyware)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-17] (Microsoft Corporation)
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-07-15]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\Smash\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-07-15]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
Startup: C:\Users\TEMP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\zSpeedup.lnk [2017-07-15]
ShortcutTarget: zSpeedup.lnk -> C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe (Avira Operations GmbH & Co. KG)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76
Tcpip\..\Interfaces\{78140506-3DA9-43FC-9C03-501AECB1EB41}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8B8DA989-FDFB-41C7-BB78-976F220F8519}: [NameServer] 8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{C9223372-2268-4123-9BCD-5BEE223CA547}: [DhcpNameServer] 75.75.75.75 75.75.76.76

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.startpage.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-07-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-14] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-14] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-14] (Oracle Corporation)
Toolbar: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805 [2017-07-19]
FF Extension: (Bookmarks menu) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\bookmarks-menu@dio.gr.xpi [2016-08-18]
FF Extension: (FAYT Revived) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\fayt_revived@iceberg.it.xpi [2016-08-18]
FF Extension: (Email This! Bookmarklet Extension) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\gmailthis@lazyrussian.com.xpi [2016-08-22]
FF Extension: (HTTPS Everywhere) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\https-everywhere-eff@eff.org.xpi [2017-07-19]
FF Extension: (RECAP) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\info@recapthelaw.org.xpi [2017-06-09]
FF Extension: (Privacy Badger) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\jid1-MnnxcxisBPnSXQ-eff@jetpack.xpi [2017-06-15]
FF Extension: (DuckDuckGo Plus) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2017-06-19]
FF Extension: (NoScript) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-07-03]
FF ProfilePath: C:\Users\Smash\AppData\Roaming\Greyfirst\Celtx\Profiles\fibddcfp.default [2015-03-02]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2011-10-03] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2011-10-03] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2011-10-03] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2011-10-03] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2011-10-03] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2011-10-03] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2011-10-03] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-25] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-14] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-14] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Smash\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @talk.google.com/O1DPlugin -> C:\Users\Smash\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Smash\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smash\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Smash\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR Profile: C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default [2017-07-19]
CHR Extension: (Google Slides) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-19]
CHR Extension: (Docs) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-19]
CHR Extension: (Google Drive) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-19]
CHR Extension: (Rapport) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-07-19]
CHR Extension: (YouTube) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-19]
CHR Extension: (Avira Browser Safety) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-07-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-19]
CHR Extension: (Gmail) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-19]
CHR Extension: (Chrome Media Router) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-07-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-07-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-07-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-07-15] (Avira Operations GmbH & Co. KG)
S2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
S2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2014-08-31] (CleverFiles)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2340336 2017-06-27] (IBM Corp.)
S2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-06-28] (Avira Operations GmbH & Co. KG)
S4 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
S3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-06] ()
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-06] ()
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-14] (Avira Operations GmbH & Co. KG)
S2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [185032 2017-06-14] (Avira Operations GmbH & Co. KG)
S1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [149976 2017-06-14] (Avira Operations GmbH & Co. KG)
S1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-21] (Avira Operations GmbH & Co. KG)
S2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-21] (Avira Operations GmbH & Co. KG)
S3 bpenum; C:\Windows\System32\DRIVERS\bpenum.sys [75264 2010-11-18] (Intel Corporation) [File not signed]
S3 bpmp; C:\Windows\System32\DRIVERS\bpmp.sys [173568 2010-11-18] (Intel Corporation) [File not signed]
S3 bpusb; C:\Windows\System32\Drivers\bpusb.sys [81408 2010-11-18] (Intel Corporation) [File not signed]
S3 intaud_WaveExtensible; no ImagePath
S3 iwdbus; no ImagePath
S1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [384288 2017-06-27] (IBM Corp.)
S1 RapportCerberus_1804063; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804063.sys [1271264 2017-07-13] (IBM Corp.)
S1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [585408 2017-06-27] (IBM Corp.)
S3 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [253880 2017-06-27] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [507936 2017-06-27] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [610592 2017-06-27] (IBM Corp.)
S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-04-29] ()
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-14] (support.com, Inc)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-19 10:03 - 2017-07-19 10:05 - 00047745 _____ C:\Users\Smash\Desktop\FRST.txt
2017-07-19 10:02 - 2017-07-19 10:02 - 02382336 _____ (Farbar) C:\Users\Smash\Desktop\FRST64.exe
2017-07-18 16:18 - 2017-07-18 17:02 - 00000371 _____ C:\Users\Smash\Desktop\[bleep]ED.txt
2017-07-18 16:04 - 2017-07-18 16:04 - 00000000 ____D C:\Users\Smash\Desktop\FRST-OlderVersion
2017-07-14 13:56 - 2017-07-14 13:56 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-07-14 13:56 - 2017-07-14 13:42 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2017-07-14 13:37 - 2017-07-14 13:37 - 57495104 _____ (Oracle Corporation) C:\Users\Smash\Downloads\jre-8u131-windows-i586.exe
2017-07-14 13:35 - 2017-07-14 13:35 - 14706712 _____ (Adobe Systems Inc.) C:\Users\Smash\Downloads\Shockwave_Installer_Full(1).exe
2017-07-14 13:35 - 2017-07-14 13:35 - 07094520 _____ C:\Users\Smash\Downloads\paint.net.4.0.16.install.exe
2017-07-14 13:35 - 2017-07-14 13:35 - 01632736 _____ (Skype Technologies S.A.) C:\Users\Smash\Downloads\SkypeSetup.exe
2017-07-14 13:17 - 2017-07-14 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-13 12:21 - 2017-07-13 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-07-13 11:24 - 2017-07-13 11:24 - 00428714 _____ C:\Users\Smash\Downloads\Verizon-Bill-06-18-2017.pdf
2017-07-13 10:40 - 2017-07-13 10:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2017-07-13 10:40 - 2017-07-13 10:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2017-07-12 13:58 - 2017-07-12 13:58 - 00049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-07-12 13:58 - 2017-07-12 13:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-07-12 13:58 - 2017-07-12 13:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-07-12 13:58 - 2017-07-12 13:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-07-12 11:54 - 2017-06-29 00:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-12 11:54 - 2017-06-28 23:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-12 11:54 - 2017-05-03 09:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-12 11:54 - 2017-05-03 09:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-12 11:54 - 2017-03-22 20:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-12 11:53 - 2017-07-05 22:56 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2017-07-12 11:53 - 2017-06-29 22:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-12 11:53 - 2017-06-29 21:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-12 11:53 - 2017-06-29 20:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-12 11:53 - 2017-06-29 20:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-12 11:53 - 2017-06-29 20:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-12 11:53 - 2017-06-29 20:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-12 11:53 - 2017-06-29 20:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-12 11:53 - 2017-06-29 20:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-12 11:53 - 2017-06-29 20:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-12 11:53 - 2017-06-29 20:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-12 11:53 - 2017-06-29 20:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-12 11:53 - 2017-06-29 00:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-12 11:53 - 2017-06-29 00:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-12 11:53 - 2017-06-29 00:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-12 11:53 - 2017-06-29 00:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-12 11:53 - 2017-06-29 00:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-12 11:53 - 2017-06-29 00:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-12 11:53 - 2017-06-29 00:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-12 11:53 - 2017-06-29 00:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-12 11:53 - 2017-06-28 23:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-12 11:53 - 2017-06-28 23:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-12 11:53 - 2017-06-28 23:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-12 11:53 - 2017-06-28 23:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-12 11:53 - 2017-06-28 23:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-12 11:53 - 2017-06-28 23:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-12 11:53 - 2017-06-28 23:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-12 11:53 - 2017-06-28 23:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-12 11:53 - 2017-06-28 23:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-12 11:53 - 2017-06-28 23:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-12 11:53 - 2017-06-28 23:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-12 11:53 - 2017-06-28 23:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-12 11:53 - 2017-06-28 23:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-12 11:53 - 2017-06-28 23:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-12 11:53 - 2017-06-28 23:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-12 11:53 - 2017-06-28 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-12 11:53 - 2017-06-28 23:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-12 11:53 - 2017-06-28 23:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-12 11:53 - 2017-06-28 23:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-12 11:53 - 2017-06-28 23:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-12 11:53 - 2017-06-28 23:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-12 11:53 - 2017-06-28 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-12 11:53 - 2017-06-28 23:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-12 11:53 - 2017-06-28 23:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-12 11:53 - 2017-06-28 23:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-12 11:53 - 2017-06-28 23:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-12 11:53 - 2017-06-28 23:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-12 11:53 - 2017-06-28 23:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-12 11:53 - 2017-06-28 23:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-12 11:53 - 2017-06-28 23:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-12 11:53 - 2017-06-28 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-12 11:53 - 2017-06-28 23:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-12 11:53 - 2017-06-28 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-12 11:53 - 2017-06-28 23:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-12 11:53 - 2017-06-28 23:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-12 11:53 - 2017-06-28 23:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-12 11:53 - 2017-06-28 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-12 11:53 - 2017-06-28 23:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-12 11:53 - 2017-06-28 23:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-12 11:53 - 2017-06-28 22:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-12 11:53 - 2017-06-28 22:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-12 11:53 - 2017-06-28 22:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-12 11:53 - 2017-06-28 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-12 11:53 - 2017-06-28 22:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-12 11:53 - 2017-06-28 22:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-12 11:53 - 2017-06-28 22:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-12 11:53 - 2017-06-28 22:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-12 11:53 - 2017-06-28 22:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-12 11:53 - 2017-06-28 22:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-12 11:53 - 2017-06-28 22:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-12 11:53 - 2017-06-28 22:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-12 11:53 - 2017-06-28 22:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-12 11:53 - 2017-06-28 22:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-12 11:53 - 2017-06-28 22:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-12 11:53 - 2017-06-28 22:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-12 11:53 - 2017-06-28 22:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-12 11:53 - 2017-06-22 08:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-12 11:53 - 2017-06-15 14:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-12 11:53 - 2017-06-12 16:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-12 11:53 - 2017-06-12 16:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-12 11:53 - 2017-06-12 16:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-12 11:53 - 2017-06-12 16:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-12 11:53 - 2017-06-12 16:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-12 11:53 - 2017-06-12 16:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-12 11:53 - 2017-06-12 16:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-12 11:53 - 2017-06-12 16:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-12 11:53 - 2017-06-12 16:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-12 11:53 - 2017-06-12 16:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-12 11:53 - 2017-06-12 16:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-12 11:53 - 2017-06-12 16:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-12 11:53 - 2017-06-12 16:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-12 11:53 - 2017-06-12 16:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-12 11:53 - 2017-06-12 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-12 11:53 - 2017-06-12 16:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-12 11:53 - 2017-06-12 16:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-12 11:53 - 2017-06-12 16:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-12 11:53 - 2017-06-12 16:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-12 11:53 - 2017-06-10 09:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-12 11:53 - 2017-06-10 09:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-12 11:53 - 2017-06-09 09:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-12 11:53 - 2017-06-06 09:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-12 11:53 - 2017-06-06 09:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-12 11:53 - 2017-05-29 22:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-12 11:53 - 2017-05-29 22:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-12 11:53 - 2017-05-29 22:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-12 11:53 - 2017-05-20 22:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-12 11:53 - 2017-05-20 22:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-12 11:53 - 2017-05-16 09:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-12 11:53 - 2017-05-16 09:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-12 11:53 - 2017-05-16 09:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-11 13:55 - 2017-07-19 10:03 - 00000000 ____D C:\FRST
2017-07-11 13:54 - 2017-07-11 13:54 - 02437120 _____ (Farbar) C:\Users\Smash\Downloads\FRST64.exe
2017-07-11 13:47 - 2017-07-11 13:48 - 30310176 _____ (SUPERAntiSpyware) C:\Users\Smash\Downloads\SUPERAntiSpyware.exe
2017-07-11 10:36 - 2017-07-11 10:36 - 01832798 _____ C:\Users\Smash\Downloads\workality-lite.1.5.1.zip
2017-07-11 10:35 - 2017-07-11 10:35 - 00773466 _____ C:\Users\Smash\Downloads\regain-blog.1.0.1.zip
2017-07-10 10:32 - 2017-07-10 10:32 - 00000000 ____D C:\Users\Smash\Desktop\New folder
2017-07-10 10:19 - 2017-07-17 19:23 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-07-06 19:32 - 2017-07-06 19:33 - 00000000 ____D C:\Users\Smash\Downloads\Lado Sur Vol. IV
2017-07-06 13:17 - 2017-07-06 13:17 - 01082880 _____ C:\Users\Smash\Downloads\founder.1.33.zip
2017-07-06 13:17 - 2017-07-06 13:17 - 00839308 _____ C:\Users\Smash\Downloads\libretto.1.0.5.zip BAD
2017-07-06 13:17 - 2017-07-06 13:17 - 00194535 _____ C:\Users\Smash\Downloads\keepwriting.1.03.zip
2017-07-06 13:17 - 2017-07-06 13:17 - 00091161 _____ C:\Users\Smash\Downloads\unit.1.12.zip
2017-07-06 13:15 - 2017-07-06 13:15 - 00907994 _____ C:\Users\Smash\Downloads\badjohnny.1.04.zip
2017-07-06 13:04 - 2017-07-06 13:04 - 04674635 _____ C:\Users\Smash\Downloads\jomsom.1.2.zip
2017-07-05 16:04 - 2017-07-05 16:04 - 01828124 _____ C:\Users\Smash\Downloads\piclectic.1.0.9.zip
2017-07-05 12:21 - 2017-07-05 12:21 - 00148607 _____ C:\Users\Smash\Downloads\min.zip
2017-07-05 12:20 - 2017-07-05 12:20 - 16179244 _____ C:\Users\Smash\Downloads\cudazi-mono-unzip-before-use.zip
2017-07-04 12:24 - 2017-07-04 12:24 - 05809371 _____ C:\Users\Smash\Downloads\longform.1.7.1.zip
2017-07-04 11:36 - 2017-07-04 11:36 - 00000000 ____D C:\Users\Smash\Downloads\miniorange-2-factor-authentication
2017-07-04 11:13 - 2017-07-04 11:13 - 00003150 _____ C:\Users\Smash\Downloads\wp-config-backup(2).txt
2017-07-03 13:55 - 2017-07-03 13:58 - 00021128 _____ C:\Windows\SysWOW64\Defrag.debuglog
2017-07-03 13:33 - 2017-07-13 13:30 - 00118448 _____ C:\Users\Smash\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-03 13:31 - 2017-07-15 11:58 - 00522304 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-03 13:26 - 2017-07-19 09:22 - 00604540 _____ C:\Windows\ntbtlog.txt
2017-07-03 13:24 - 2017-07-03 13:24 - 00008526 _____ C:\Users\Smash\Desktop\startup.txt
2017-07-03 13:22 - 2017-07-03 13:22 - 00028412 _____ C:\Users\Smash\Documents\cc_20170703_132233.reg
2017-07-03 12:56 - 2017-07-03 12:56 - 09598376 _____ (Piriform Ltd) C:\Users\Smash\Downloads\ccsetup531.exe
2017-07-01 14:33 - 2017-07-03 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 18:47 - 2017-06-29 18:59 - 458141708 _____ C:\Users\Smash\Downloads\newvigil170615.tar.gz
2017-06-29 18:47 - 2017-06-29 18:58 - 479530788 _____ C:\Users\Smash\Downloads\newvigil170430.tar.gz
2017-06-29 18:37 - 2017-06-29 18:38 - 00001505 _____ C:\Users\Smash\Downloads\wp.26_83329.2015-05-07_13-25-50
2017-06-29 18:10 - 2017-06-29 19:30 - 00000000 ____D C:\Users\Smash\Downloads\chadnielsen.newvigilante.com-Jun-2017
2017-06-29 18:10 - 2017-06-29 18:10 - 00000000 ____D C:\Users\Smash\Downloads\chadnielsen.newvigilante.com-ssl_log-Jun-2017
2017-06-23 18:24 - 2017-06-23 18:25 - 00000000 ____D C:\Users\Smash\Desktop\Website Hack
2017-06-23 18:12 - 2017-06-23 18:12 - 00003491 _____ C:\Users\Smash\Downloads\wp-config-backup(1).txt
2017-06-23 17:40 - 2017-06-23 17:40 - 00003491 _____ C:\Users\Smash\Downloads\wp-config-backup.txt
2017-06-23 17:32 - 2017-06-23 17:32 - 00000000 ____D C:\Users\Smash\Downloads\newvigil-cPanel-2017-04-30-09-00-03.tar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-19 10:05 - 2014-07-12 11:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-19 09:56 - 2016-11-18 16:24 - 00000000 ____D C:\Users\Smash\AppData\LocalLow\Mozilla
2017-07-19 09:21 - 2015-04-01 15:21 - 00894976 ___SH C:\Users\Smash\Desktop\Thumbs.db
2017-07-18 16:06 - 2016-03-01 17:27 - 00000000 ____D C:\Users\Smash\AppData\Roaming\uTorrent
2017-07-18 14:55 - 2011-08-19 12:23 - 00000000 ____D C:\Users\Smash\Documents\Admin
2017-07-17 19:38 - 2009-07-13 22:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-17 19:38 - 2009-07-13 22:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-15 17:42 - 2015-04-21 11:45 - 00000000 ____D C:\Users\Smash\AppData\Roaming\vlc
2017-07-15 17:42 - 2011-08-18 23:54 - 00000000 ____D C:\Users\Smash\Desktop\Mission
2017-07-15 17:41 - 2012-08-13 19:01 - 00000000 ____D C:\Users\Smash\Desktop\Reading
2017-07-15 17:38 - 2017-02-23 19:37 - 00000000 ____D C:\Users\Smash\Desktop\Mexico
2017-07-15 17:13 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-15 12:54 - 2016-04-27 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-15 12:40 - 2014-12-10 22:38 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-15 12:01 - 2016-04-27 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-15 11:55 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2017-07-15 11:30 - 2013-07-26 22:13 - 00000000 ____D C:\Windows\system32\MRT
2017-07-15 11:20 - 2011-10-01 15:31 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-15 11:12 - 2013-02-07 20:59 - 00775124 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-07-15 11:12 - 2009-07-13 23:13 - 00775124 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-14 13:56 - 2013-09-14 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-07-14 13:56 - 2011-10-01 21:44 - 00000000 ____D C:\Program Files (x86)\Java
2017-07-14 13:45 - 2011-10-01 21:45 - 00000000 ____D C:\Program Files\Java
2017-07-14 13:42 - 2015-11-21 20:37 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-07-14 13:17 - 2015-10-02 13:23 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-07-13 14:29 - 2015-10-02 13:26 - 00000000 ___RD C:\Users\Smash\Dropbox
2017-07-13 12:20 - 2015-10-24 10:07 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-07-13 10:56 - 2015-06-29 15:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-13 10:55 - 2014-12-26 12:00 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-07-13 10:40 - 2013-08-23 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2017-07-12 17:03 - 2016-04-17 22:51 - 03083174 ____H C:\Users\Smash\AppData\Local\IconCache.db.backup
2017-07-11 13:52 - 2012-11-06 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-07-11 13:51 - 2013-11-01 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-07-10 10:19 - 2017-06-17 12:43 - 00003658 _____ C:\Windows\System32\Tasks\AviraSystemSpeedupUpdate
2017-07-10 10:19 - 2016-04-27 08:32 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-05 12:54 - 2013-06-12 16:46 - 00382638 _____ C:\Users\Smash\Downloads\mono.zip
2017-07-03 14:18 - 2011-10-05 23:54 - 00000000 ____D C:\Users\Smash\AppData\Local\CrashDumps
2017-07-03 13:31 - 2015-10-02 13:23 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-03 13:31 - 2015-10-02 13:23 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-03 13:23 - 2015-10-02 13:23 - 00003914 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-07-03 13:23 - 2015-10-02 13:23 - 00003662 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-07-03 13:23 - 2015-02-26 11:23 - 00003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-03 13:23 - 2015-01-15 19:44 - 00003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-03 13:23 - 2014-05-05 00:04 - 00003510 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA
2017-07-03 13:23 - 2014-05-05 00:04 - 00003238 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core
2017-07-03 13:23 - 2012-10-03 13:22 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-07-03 11:00 - 2012-05-04 12:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-29 19:29 - 2013-10-13 10:53 - 00000544 _____ C:\Users\Smash\Documents\keychain.txt
2017-06-29 13:46 - 2013-04-29 16:15 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 13:14 - 2015-05-27 09:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-27 15:11 - 2015-06-04 08:34 - 00253880 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2017-06-27 15:11 - 2011-10-03 15:22 - 00507936 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2017-06-25 13:14 - 2014-08-19 15:24 - 00000000 ____D C:\Users\Smash\AppData\Local\Adobe
2017-06-25 13:13 - 2012-04-14 18:06 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-25 13:13 - 2011-10-05 23:57 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-25 13:13 - 2011-10-05 23:57 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-25 13:13 - 2011-09-30 19:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-22 14:33 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF
2017-06-19 15:59 - 2011-10-17 12:47 - 00000000 ____D C:\Users\Smash\AppData\Roaming\IPublish

==================== Files in the root of some directories =======

2011-12-02 16:44 - 2011-12-02 16:44 - 0000278 _____ () C:\Users\Smash\AppData\Roaming\Fopydo.cfg
2011-12-02 16:44 - 2011-12-02 16:44 - 0000000 _____ () C:\Users\Smash\AppData\Roaming\FopydoContacts.db.dir
2011-12-02 16:44 - 2011-12-02 17:40 - 0001024 _____ () C:\Users\Smash\AppData\Roaming\FopydoContacts.db.pag
2011-12-02 16:44 - 2011-12-02 16:47 - 0004096 _____ () C:\Users\Smash\AppData\Roaming\FopydoTesseract.db.dir
2011-12-02 16:44 - 2011-12-02 17:40 - 0002048 _____ () C:\Users\Smash\AppData\Roaming\FopydoTesseract.db.pag
2016-07-15 11:22 - 2016-07-15 11:24 - 0002057 _____ () C:\Users\Smash\AppData\Roaming\vidiot.ini
2016-04-16 18:43 - 2016-04-16 18:43 - 0392102 _____ () C:\Users\Smash\AppData\Local\ars.cache
2016-04-16 18:44 - 2016-04-16 18:44 - 0527432 _____ () C:\Users\Smash\AppData\Local\census.cache
2013-03-28 12:07 - 2016-06-07 08:15 - 0008192 _____ () C:\Users\Smash\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-30 00:59 - 2011-10-30 00:59 - 0002412 _____ () C:\Users\Smash\AppData\Local\FastClean.20111030.005958.txt
2011-11-07 23:50 - 2011-11-07 23:50 - 0002423 _____ () C:\Users\Smash\AppData\Local\FastClean.20111107.225031.txt
2012-09-26 13:53 - 2012-09-26 13:53 - 0000036 _____ () C:\Users\Smash\AppData\Local\housecall.guid.cache
2011-10-17 12:46 - 2017-06-03 16:10 - 0006269 _____ () C:\Users\Smash\AppData\Local\ipublish.ini
2011-10-30 01:02 - 2011-10-30 01:02 - 0020956 _____ () C:\Users\Smash\AppData\Local\IWDAudHelper.20111030.010200.txt
2011-11-30 00:58 - 2011-11-30 00:58 - 0002507 _____ () C:\Users\Smash\AppData\Local\IWDAudHelper.20111129.235800.txt
2011-10-28 18:58 - 2011-10-28 18:58 - 0001544 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111028.185833.txt
2011-10-29 21:39 - 2011-10-29 21:39 - 0001544 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111029.213921.txt
2011-10-30 01:00 - 2011-10-30 01:00 - 0001690 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010044.txt
2011-10-30 01:00 - 2011-10-30 01:00 - 0000844 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010056.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0000673 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010118.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001665 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010125.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001283 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010136.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010148.txt
2011-10-30 01:02 - 2011-10-30 01:02 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010227.txt
2011-10-30 12:18 - 2011-10-30 12:18 - 0001632 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.121845.txt
2011-10-30 22:47 - 2011-10-30 22:47 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.224744.txt
2011-10-30 23:34 - 2011-10-30 23:34 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.233445.txt
2011-11-07 17:22 - 2011-11-07 17:22 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.162224.txt
2011-11-07 20:51 - 2011-11-07 20:51 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.195107.txt
2011-11-07 20:51 - 2011-11-07 20:51 - 0001632 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.195132.txt
2011-11-07 21:57 - 2011-11-07 21:57 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.205752.txt
2011-11-07 21:59 - 2011-11-07 21:59 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.205923.txt
2011-11-07 23:26 - 2011-11-07 23:26 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.222653.txt
2011-11-07 23:50 - 2011-11-07 23:50 - 0001559 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.225052.txt
2011-11-07 23:55 - 2011-11-07 23:55 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.225509.txt
2011-11-08 00:36 - 2011-11-08 00:36 - 0001630 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.233620.txt
2011-11-08 09:16 - 2011-11-08 09:16 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111108.081621.txt
2011-11-30 00:57 - 2011-11-30 00:57 - 0000663 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111129.235743.txt
2011-11-30 00:57 - 2011-11-30 00:57 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111129.235759.txt
2013-02-02 23:54 - 2013-02-02 23:54 - 0007608 _____ () C:\Users\Smash\AppData\Local\Resmon.ResmonCfg
2016-04-16 18:25 - 2016-04-16 18:25 - 0000010 _____ () C:\Users\Smash\AppData\Local\sponge.last.runtime.cache
2015-12-07 10:34 - 2015-12-07 10:34 - 0000000 _____ () C:\Users\Smash\AppData\Local\{BB0833BE-4241-46E7-8141-B04A6DBB28DB}
2014-06-21 00:47 - 2014-06-21 00:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-04-07 12:50 - 2014-01-31 13:19 - 0009101 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-18 03:37

==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2017
Ran by Smash (19-07-2017 10:05:57)
Running from C:\Users\Smash\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-01 02:12:07)
Boot Mode: Safe Mode (with Networking)
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4071271752-2530744919-2841666311-500 - Administrator - Disabled)
Guest (S-1-5-21-4071271752-2530744919-2841666311-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-4071271752-2530744919-2841666311-1007 - Limited - Enabled)
Smash (S-1-5-21-4071271752-2530744919-2841666311-1001 - Administrator - Enabled) => C:\Users\Smash

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Enabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Enabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
Agent Ransack x64 (HKLM\...\{FD8C1365-2229-4F37-A126-558DB2471CBE}) (Version: 7.0.828.1 - Mythicsoft Ltd)
Akamai NetSession Interface (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.369 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{158BEEC4-CC30-BF2F-248D-B52AF953E9C1}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}) (Version: 2.3.0.0 - ATI Technologies Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (HKLM-x32\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy) Hidden
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Celtx (2.9.1) (HKLM-x32\...\Celtx (2.9.1)) (Version: 2.9.1 (en-US) - Greyfirst)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Disk Drill 1.0.0.188 (HKLM-x32\...\{232BCE66-B89D-4561-AEE0-AA25057B171B}) (Version: 1.0.189 - CleverFiles)
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Express Scribe (HKLM-x32\...\Scribe) (Version:  - NCH Software)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
ICMV Audio Codec (HKLM-x32\...\{2767EE80-D340-41F2-A922-F7F8114F9642}) (Version: 1.0.0 - PCS Inc.)
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® Processor ID Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.40.0000 - Intel® Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPublish Vista Fix (HKLM-x32\...\{AA4258DE-83B2-4FAE-A36B-D5246B1CC529}) (Version: 1.00.0000 - IPRO Tech)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
iTunes Export (HKLM-x32\...\{3FFF605A-B4CE-0706-16C3-7313BBF32DFA}) (Version: 2.2.2 - UNKNOWN) Hidden
iTunes Export (HKLM-x32\...\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1) (Version: 2.2.2 - UNKNOWN)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LibreOffice 5.3 Help Pack (English (United States)) (HKLM-x32\...\{8ECEE533-41B5-455D-8226-7D247060570C}) (Version: 5.3.4.2 - The Document Foundation)
LibreOffice 5.3.4.2 (HKLM-x32\...\{E8FF8837-CDA1-462A-925B-2DA1FE7E263E}) (Version: 5.3.4.2 - The Document Foundation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Filter Pack 2.0 (HKLM\...\{95140000-2000-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 en-US)) (Version: 52.2.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Nextiva Codec (HKLM-x32\...\{8A6EA3B1-3357-4E2D-852E-A536C9A35624}) (Version: 61.7.5194 - Verint Video Solutions) Hidden
Nextiva Codec (HKLM-x32\...\{BE18FDC3-7E2E-4DE5-B471-DB74491768F2}) (Version: 61.7.5194 - Verint Video Solutions)
OpenVPN 2.3.10-I602  (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
PDFill FREE PDF Tools (HKLM\...\{60724DF0-7436-48B8-BEF9-07BA4C3880EE}) (Version: 9.0 - PlotSoft LLC)
PDFill FREE PDF Writer (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC)
Pixlr-o-matic (HKLM-x32\...\{41A63ADA-088B-1C2D-43B3-E4087FE79881}) (Version: 2.1 - UNKNOWN) Hidden
Pixlr-o-matic (HKLM-x32\...\Pixlromatic) (Version: 2.1 - UNKNOWN)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{163E8878-383D-D084-6FD7-7306DE3526DC}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{EFBEE79D-E49D-9451-459E-F776AC857F99}) (Version: 1.00.1. - AMD) Hidden
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1205.20 - Trusteer) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1804.121 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scribus 1.4.5 (HKLM-x32\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SQLite Studio 1.0.0.0 (HKLM-x32\...\SQLite Studio) (Version: 1.0.0.0 - SQLite Studio)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Trelby (HKLM-x32\...\Trelby) (Version: 2.2.0.0 - Trelby.org)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1804.121 - Trusteer)
Unity Web Player (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
VAIO Care (HKLM-x32\...\{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}) (Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.4.0.11260 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{F8B48758-410A-4B09-A734-C5DEA282C7C9}) (Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (HKLM-x32\...\{31ABC808-794B-4710-B3E4-85F77784882E}) (Version: 4.1.0.10120 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{884A242B-BE5C-4F9F-9177-F44156A5D081}) (Version: 13.00.0927 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.2.0.11040 - Sony Corporation) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.4.0.12090 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO Wireless Wizard (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 4.0.0.02180 - Sony) Hidden
VESx86 (HKLM-x32\...\{6883A6BD-37B5-4314-BB66-FA581D15A906}) (Version: 1.0.0 - Sony Corporation) Hidden
Vista Fix for IPublish 8.5 (HKLM-x32\...\{8BFECAC4-E1ED-45A6-A237-1EED091D6674}) (Version: 1.00.0000 - IPRO Tech)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VU5x64 (HKLM\...\{6B7DE186-374B-4873-AEC1-7464DA337DD6}) (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{9D12A8B5-9D41-4465-BF11-70719EB0CD02}) (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Apple Inc. Apple Keyboard (04/06/2009 3.0.0.0) (HKLM\...\831BF8DFEC5520D988361807D534A2041AE4AAB3) (Version: 04/06/2009 3.0.0.0 - Apple Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers01: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers02: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers02: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers04: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers04: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers04: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-12-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-05-24] (Intel Corporation)
ContextMenuHandlers05: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers06: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-15] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D3968C-35F4-4561-86FB-A1293AB7AC50} - System32\Tasks\SONY\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {0A1BF919-5BB0-4F31-B13E-98D51CCCFD36} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {0F2C2E09-544F-40D6-A17B-D450A71973A1} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {0FF12B22-A136-4635-AB96-3F104735A8D1} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {219E6605-38D3-43A6-8108-AF814A3B4A66} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {29FC249D-D34F-43D5-B31D-181F9C8A56AC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3C46779F-35B5-4001-9DDA-58C81235B229} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {40A096EE-B83B-4AAB-A5AE-A2934C93CF5C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {4E09540A-4C54-42BE-973A-9677E6D2BAEE} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-07-10] (Avira Operations GmbH & Co. KG                              )
Task: {4EB1F4E6-6137-47B0-A9B2-A8B2F75B157B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {51B4A5F6-6823-490A-BB5C-AA90A70C35DC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {57090A8A-30A7-47EC-9D0F-9BE28D4E7098} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {5E4B7954-36B3-4FB7-87C6-D91AE43B797E} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {6AEEF879-56E0-4431-93EB-DA5E6C2698D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {730B2DA9-8BBF-4E60-A933-E303EBE344A2} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {78069684-4946-4080-A41A-57D9BA3E8EEA} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {9C60ED51-BAAC-4D03-B696-2686F2D76F07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {A1311EF3-BCB8-4B7E-AC7B-2E688698C22A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {C4192730-EE4E-4D47-A048-B4B834F27125} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {C5DB83F2-4D6D-419A-9CE2-24B70BEA2775} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {D75AD3A9-032C-4E12-A79F-2BEA1493016A} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {F1458236-19DB-471D-AA9A-2A02E2110BFF} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {F1A658EA-E1BE-42AD-B91A-EC9F534FE772} - System32\Tasks\Sony Corporation\VAIO Boot Manager\VAIO Boot Manager => C:\Program Files (x86)\Sony\VAIO Boot Manager\SetProcessTask.exe [2010-12-08] (Sony Corporation)
Task: {F978F1FB-15CE-42F7-8942-5F69635C319E} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {FA0A6FB8-6183-4D1B-B859-75260E204460} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Smash\Desktop\Investigation\Done\DVF Garcia Perez\Disco\04.04.12\001059 Walmart\VerintVideoSolutionsCodecs.lnk -> hxxp://www.verint.com/video_solutions/overview.cfm?article_level1_category_id=40

==================== Loaded Modules (Whitelisted) ==============

2014-11-21 17:33 - 2014-11-21 17:33 - 00211976 _____ () C:\Program Files\Mythicsoft\Agent Ransack\CrashRpt1402.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
e"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMSwissArmy => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMSwissArmy => ""="Driver"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5315 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 20:34 - 2012-09-30 12:42 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts

127.0.0.1       localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Smash\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 75.75.75.75 - 75.75.76.76
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: cfbackd => 3
MSCONFIG\Services: CLKMSVC10_9EC60124 => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostServiceSony => 3
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: SampleCollector => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDms => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Update service => 2
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VcmIAlzMgr => 3
MSCONFIG\Services: VcmINSMgr => 3
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Smash^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Smash\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: FoneLabAppService => C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
MSCONFIG\startupreg: Google Update => C:\Users\Smash\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PCTD Service Activation => "C:\Program Files (x86)\OakTree\PCTDServiceActivation\PCTDServiceActivation.exe" -checkcounter
MSCONFIG\startupreg: PMBVolumeWatcher => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Smash\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

18-07-2017 17:05:43 Windows Update

==================== Faulty Device Manager Devices =============

Name: AMD Radeon™ HD 6470M
Description: AMD Radeon™ HD 6470M
Class Guid: {4d36e968-e325-11ce-bfc1-08002be10318}
Manufacturer: ATI Technologies Inc.
Service: amdkmdap
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Realtek PCIE CardReader
Description: Realtek PCIE CardReader
Class Guid: {4d36e970-e325-11ce-bfc1-08002be10318}
Manufacturer: Realtek Semiconduct Corp.
Service: RSPCIESTOR
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Security Processor Loader Driver
Description: Security Processor Loader Driver
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: spldr
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Unknown Device
Description: Unknown Device
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standard USB Host Controller)
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® Centrino® Advanced-N + WiMAX 6250
Description: Intel® Centrino® Advanced-N + WiMAX 6250
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2017 09:17:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 56920053

Error: (07/19/2017 09:17:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 56920053

Error: (07/19/2017 09:17:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2017 05:05:43 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4071271752-2530744919-2841666311-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {76fc957b-bdc1-4ad5-a95c-dfac34d01693}

Error: (07/18/2017 12:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60712843

Error: (07/18/2017 12:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60712843

Error: (07/18/2017 12:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/17/2017 07:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8112

Error: (07/17/2017 07:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8112

Error: (07/17/2017 07:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/19/2017 09:21:19 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/19/2017 09:21:19 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/19/2017 09:21:15 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/19/2017 09:21:01 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/19/2017 09:20:56 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
avipbb
avkmgr
discache
SASDIFSV
SASKUTIL
spldr
truecrypt
Wanarpv6

Error: (07/19/2017 09:19:34 AM) (Source: Service Control Manager) (EventID: 7043) (User: )
Description: The Windows Update service did not shut down properly after receiving a preshutdown control.

Error: (07/19/2017 09:19:28 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
Access is denied.

Error: (07/19/2017 09:18:58 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Windows Modules Installer service terminated with the following error:
Access is denied.

Error: (07/19/2017 09:18:57 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {995C996E-D918-4A8C-A302-45719A6F4EA7} did not register with DCOM within the required timeout.

Error: (07/19/2017 09:18:29 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: The server {F9717507-6651-4EDB-BFF7-AE615179BCCF} did not register with DCOM within the required timeout.


CodeIntegrity:
===================================
  Date: 2013-07-09 11:13:47.671
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 10:20:16.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 08:24:19.270
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 08:08:10.015
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 21:20:44.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:57:00.982
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:43:03.037
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:07:19.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 15:59:19.376
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 15:39:20.097
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 42%
Total physical RAM: 4011.86 MB
Available physical RAM: 2323.64 MB
Total Virtual: 8021.9 MB
Available Virtual: 6597.96 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454.75 GB) (Free:19.15 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 05776A7F)
Partition 1: (Not Active) - (Size=10.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================


  • 0

#5
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,804 posts

Alright, let's try to clean up some stuff, and see whether we can run FRST in normal mode.

Boot into Safe Mode, and run the instruction below.

FRST.gifFix with FRST

  • Open notepad (Start =>All Programs => Accessories => Notepad). Please copy the entire contents of the code box below. To do this highlight the contents of the box, right click on it and select copy.
  • Right-click in the open notepad and select Paste.
  • Save it on the desktop as fixlist.txt

NOTE. It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.

Start
CreateRestorePoint:
CloseProcesses:
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.startpage.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 intaud_WaveExtensible; no ImagePath
S3 iwdbus; no ImagePath
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (HKLM-x32\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy) Hidden
ContextMenuHandlers01: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers02: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers04: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File

C:\ProgramData\Best Buy pc app
Emptytemp:
End

NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

Run FRST and press the Fix button just once and wait. The tool will make a log on the desktop (Fixlog.txt) please post it in your next reply.

Note: Your machine will reboot after the fix.

Allow your machine to boot into Normal Mode.

Try to run FRST again, if you are unable to do so, then follow the instruction below.

RKill

Note: If your security software warns about Rkill, ignore & allow the download to continue.
Download RKill by Grinler from Here & save it to your Desktop.
Alternate download links:
Two
Three
Four

  • Double click Rkill to run it
  • A command window will open then disappear upon completion, this is normal
    • If this does not happen... delete the file, then download & use the next link provided
    • If it does not work, repeat the process & attempt to use one of the remaining links until the tool runs
  • Do not reboot your machine until asked to do so. If no version of Rkill would run, please let me know
  • When finished, Notepad will open with a log file, automatically saved at C:\rkill.log
  • Copy/paste the contents of the rkill.log file in your next reply
  • Leave Rkill on the Desktop unless instructed otherwise

Note: If you get an alert that Rkill is infected, ignore it. The alert is a fake warning given by the rogue software, trying to "protect" itself from being terminated or removed. If you see such a warning, leave the warning on the screen, then run Rkill again. By not closing the warning, this sometimes allows you to bypass the malware's attempt to protect itself, so that Rkill can perform its routine.

After running RKill continue to do the following, it is important in this time you do not reboot your PC.

Run FRST immediately after RKill.

 

Let me know if you face with any issue.

 

In your next reply, please include the following:

  • FRST fixlog (from safe mode)
  • FRST log (from normal mode)
  • FRST additional log (from normal mode)

  • 0

#6
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I followed your instructions. RKill opened the command window and closed it on completion, then opened "rkill.txt" (not rkill.log). However, as soon as I selected FRST64.exe it disappeared. I downloaded the file again and double-clicked. I received the following error message: "Insufficient system resources exist to complete the requested service." Avira immediately flagged the file as malware and quarantined it. I downloaded it again and right-clicked it and ran as administrator, but I got the same error and another quarantine by Avira. When I opened Avira to try to whitelist the file, the process avscan.exe started a spontaneous scan. I couldn't kill the process, so I restarted the computer in safe mode.

 

I'm pasting the contents of fixlog.txt and Rkill.txt below:

 

Fix result of Farbar Recovery Scan Tool (x64) Version: 18-07-2017
Ran by Smash (19-07-2017 11:12:20) Run:1
Running from C:\Users\Smash\Desktop
Loaded Profiles: Smash (Available Profiles: Smash & Guest)
Boot Mode: Safe Mode (with Networking)
==============================================
 
fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
Startup: C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
Startup: C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk [2011-09-30]
ShortcutTarget: Best Buy pc app.lnk -> C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe (No File)
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.startpage.com/
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
Toolbar: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001 -> No Name - {71576546-354D-41C9-AAE8-31F2EC22BF0D} -  No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=2.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.0 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.2 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
S3 intaud_WaveExtensible; no ImagePath
S3 iwdbus; no ImagePath
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy) Hidden
Best Buy pc app (HKLM-x32\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy) Hidden
ContextMenuHandlers01: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers02: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
ContextMenuHandlers04: [BRUMenuHandler] -> {5D924130-4CB1-11DB-B0DE-0800200C9A66} =>  -> No File
 
C:\ProgramData\Best Buy pc app
Emptytemp:
End
*****************
 
Error: Restore point can only be created in normal mode.
Processes closed successfully.
C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk => moved successfully
C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe => not found.
C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk => not found.
C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe => not found.
C:\Users\Guest\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Best Buy pc app.lnk => moved successfully
C:\ProgramData\Best Buy pc app\ClickOnceSetup.exe => not found.
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => value removed successfully
HKLM\Software\Classes\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D} => key not found. 
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.4 => key removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.5 => key removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.8 => key removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.0 => key removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.1 => key removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.2 => key removed successfully
HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.1.3 => key removed successfully
HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully
HKLM\System\CurrentControlSet\Services\intaud_WaveExtensible => key removed successfully
intaud_WaveExtensible => service removed successfully
HKLM\System\CurrentControlSet\Services\iwdbus => key removed successfully
iwdbus => service removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}\\SystemComponent => value removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{FBBC4667-2521-4E78-B1BD-8706F774549B}\\SystemComponent => value removed successfully
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\BRUMenuHandler => key removed successfully
HKLM\Software\Classes\CLSID\{5D924130-4CB1-11DB-B0DE-0800200C9A66} => key not found. 
HKLM\Software\Classes\Drive\ShellEx\ContextMenuHandlers\BRUMenuHandler => key removed successfully
HKLM\Software\Classes\CLSID\{5D924130-4CB1-11DB-B0DE-0800200C9A66} => key not found. 
HKLM\Software\Classes\Directory\ShellEx\ContextMenuHandlers\BRUMenuHandler => key removed successfully
HKLM\Software\Classes\CLSID\{5D924130-4CB1-11DB-B0DE-0800200C9A66} => key not found. 
"C:\ProgramData\Best Buy pc app" => not found.
 
=========== EmptyTemp: ==========
 
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 22993087 B
Java, Flash, Steam htmlcache => 506 B
Windows/system/drivers => 81763560 B
Edge => 0 B
Chrome => 6433353 B
Firefox => 395348355 B
Opera => 0 B
 
Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 0 B
NetworkService => 3986 B
Smash => 180226950 B
TEMP => 0 B
Guest => 85371 B
 
RecycleBin => 2779311 B
EmptyTemp: => 657.7 MB temporary data Removed.
 
================================
 
 
The system needed a reboot.
 
==== End of Fixlog 11:13:40 ====
 
 
Rkill 2.8.4 by Lawrence Abrams (Grinler)
Copyright 2008-2017 BleepingComputer.com
More Information about Rkill can be found at this link:
 
Program started at: 07/19/2017 11:17:07 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1
 
Checking for Windows services to stop:
 
 * No malware services found to stop.
 
Checking for processes to terminate:
 
 * No malware processes found to kill.
 
Checking Registry for malware related settings:
 
 * No issues found in the Registry.
 
Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
 
Performing miscellaneous checks:
 
 * No issues found.
 
Checking Windows Service Integrity: 
 
 * TBS [Missing Service]
 
Searching for Missing Digital Signatures: 
 
 * No issues found.
 
Checking HOSTS File: 
 
 * Cannot edit the HOSTS file.
 * Permissions could not be fixed. Use Hosts-perm.bat to fix permissions: http://www.bleepingc.../hosts-permbat/
 
 * HOSTS file entries found: 
 
  127.0.0.1       localhost
 
Program finished at: 07/19/2017 11:22:25 AM
Execution time: 0 hours(s), 5 minute(s), and 18 seconds(s)
 

  • 0

#7
Jr0x

Jr0x

    Malware removal team

  • Malware Removal
  • 1,804 posts

Hi,
 
Could you boot into Normal mode, and disable Avira temporarily then try to run FRST and see if it is possible.

If you can run FRST after, please run and post the log (both FRST and Additional).
 
Disable Avira
 
Right-click on the icon of Avira Antivir found in the system tray (near the clock) and uncheck "Activate AntiVir Guard".


TDSSKiller_Kaspersky.pngScan with TDSSKiller

Please download TDSSKiller by Kaspersky and save it to your desktop.
Alternate download is here.

Select the executable(.EXE) package as the download.

  • Right-click on TDSSKiller_Kaspersky.png icon and select RunAsAdmin.jpg Run as Administrator to start the tool. If it won't run please right click on tdskiller.exe and rename it to winlogon.exe and see if that allows you to run it.
  • When the main GUI (graphical user interface) window opens, click on Change Parameters.
  • Put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
  • TDSSKiller will run automatically after reboot. Click on Change parameters.
  • Make sure that Verify driver digital signatures & Detect TDLFS File System are checked and click OK.
  • Click the Start Scan button and wait patiently.

If anything will be found follow this guidelines:

  • If a suspicious object is detected, the default action will be Skip, click on Continue.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    > Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    > If Cure is not available, please choose Skip instead.
  • Do not choose Delete unless instructed!

A report will be created in your root directory, (usually C:\ drive) in the form of TDSSKiller.[Version]_[Date]_[Time]_log.txt. Please include the contents of that file in your next post.


  • 0

#8
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

I was able to execute FRST64.exe as described. Logs pasted below.

 

I had no trouble running TDSSKiller, but it did not find anything. Log below. Because Avira had re-activated during the reboot, I deactivated it and ran TDSSKiller again. Still, nothing came up.

 

I just had a posting error so I'm posting TDSSKiller log in a separate reply.

 

Thanks!
Chad

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 18-07-2017
Ran by Smash (administrator) on SIDEKICK (20-07-2017 10:51:39)
Running from C:\Users\Smash\Desktop
Loaded Profiles: Smash (Available Profiles: Smash & Guest)
Platform: Windows 7 Home Premium Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\sched.exe
(SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avguard.exe
(Apple Inc.) C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Dropbox, Inc.) C:\Windows\System32\DbxSvc.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Sony Corporation) C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Microsoft Corporation) C:\Windows\SysWOW64\dllhost.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\Apoint.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
(IBM Corp.) C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApMsgFwd.exe
(ALPS) C:\Program Files\Apoint\Apvfb.exe
(Alps Electric Co., Ltd.) C:\Program Files\Apoint\ApntEx.exe
(Avira Operations GmbH & Co. KG) C:\Program Files (x86)\Avira\Launcher\Avira.Systray.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Update\VUAgent.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
(Realsil Microelectronics Inc.) C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
(Sony Corporation) C:\Program Files\Sony\VAIO Power Management\SPMService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\CompatTelRunner.exe
(Microsoft Corporation) C:\Windows\System32\DeviceDisplayObjectProvider.exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [Apoint] => C:\Program Files\Apoint\Apoint.exe [226672 2010-12-06] (Alps Electric Co., Ltd.)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1385840 1999-12-31] (Realtek Semiconductor)
HKLM-x32\...\Run: [VAIO Boot Manager] => C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe [734608 2010-12-08] (Sony Corporation)
HKLM-x32\...\Run: [Avira SystrayStartTrigger] => C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe [97512 2017-06-13] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [avgnt] => C:\Program Files (x86)\Avira\Antivirus\avgnt.exe [918008 2017-07-15] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Avira System Speedup User Starter] => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [66656 2017-06-28] (Avira Operations GmbH & Co. KG)
HKLM-x32\...\Run: [Dropbox] => C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [3486520 2017-07-12] (Dropbox, Inc.)
HKLM Group Policy restriction on software: *.divx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.exe <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\Appdata\Roaming\Microsoft\Windows\IEUpdate\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.js <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.com <==== ATTENTION
HKLM Group Policy restriction on software: cipher.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.exe <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.bat <==== ATTENTION
HKLM Group Policy restriction on software: syskey.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.com <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.bat <==== ATTENTION
HKLM Group Policy restriction on software: scsvserv.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.jse <==== ATTENTION
HKLM Group Policy restriction on software: lsassvrtdbks.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.com <==== ATTENTION
HKLM Group Policy restriction on software: ** <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.com <==== ATTENTION
HKLM Group Policy restriction on software: %programfiles(x86)%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.scr <==== ATTENTION
HKLM Group Policy restriction on software: lsassw86s.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.avi*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpg*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp3*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.jse <==== ATTENTION
HKLM Group Policy restriction on software: %systemdrive%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.pub*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.js <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\LocalLow\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.divx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.exe <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.jpeg*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\Microsoft\Windows\Start Menu\Programs\Startup\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: vssadmin.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.js <==== ATTENTION
HKLM Group Policy restriction on software: %programdata%\*\svchost.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.gif*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.png*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.7z*.js <==== ATTENTION
HKLM Group Policy restriction on software: C:\Users\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.wmv*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.docx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.bmp*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: *:\$Recycle.Bin <==== ATTENTION
HKLM Group Policy restriction on software: *.rtf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\*.com <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Local\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.xls*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.doc*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.wma*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.js <==== ATTENTION
HKLM Group Policy restriction on software: %allusersprofile%\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.cmd <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.js <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.bat <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.com <==== ATTENTION
HKLM Group Policy restriction on software: *.ppt*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %appdata%\*\*.scr <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.rar*.bat <==== ATTENTION
HKLM Group Policy restriction on software: *.wav*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.scr <==== ATTENTION
HKLM Group Policy restriction on software: *.mp4*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.xlsx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: *.pdf*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.pptx*.pif <==== ATTENTION
HKLM Group Policy restriction on software: %userprofile%\AppData\*.exe <==== ATTENTION
HKLM Group Policy restriction on software: *.zip*.jse <==== ATTENTION
HKLM Group Policy restriction on software: *.txt*.bat <==== ATTENTION
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7963552 2017-06-12] (SUPERAntiSpyware)
HKU\S-1-5-18\...\Run: [ZoneAlarm Windows 10 Upgrader] => "C:\ProgramData\CheckPoint\ZoneAlarm\Data\Updates\unpacked==win10=update_win10.zip\upgrade.exe" /delay
HKU\S-1-5-18\...\RunOnce: [osk.exe] => C:\Windows\system32\osk.exe [692736 2014-06-17] (Microsoft Corporation)
BootExecute: autocheck autochk *

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{78140506-3DA9-43FC-9C03-501AECB1EB41}: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{8B8DA989-FDFB-41C7-BB78-976F220F8519}: [NameServer] 8.26.56.26,156.154.70.22
Tcpip\..\Interfaces\{C9223372-2268-4123-9BCD-5BEE223CA547}: [DhcpNameServer] 192.168.1.1

Internet Explorer:
==================
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll [2017-07-14] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-14] (Oracle Corporation)
BHO-x32: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll [2017-07-14] (Oracle Corporation)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO-x32: AviraBrowserSafety.BrowserSafety -> {c3c77255-42c0-499f-b664-6e981a0b1647} -> C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll [2017-07-14] (Oracle Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} hxxp://download.eset.com/special/eos/OnlineScanner.cab
Handler-x32: abs - {E00957BD-D0E1-4eb9-A025-7743FDC8B27B} - C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805 [2017-07-20]
FF Extension: (Bookmarks menu) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\bookmarks-menu@dio.gr.xpi [2016-08-18]
FF Extension: (FAYT Revived) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\fayt_revived@iceberg.it.xpi [2016-08-18]
FF Extension: (Email This! Bookmarklet Extension) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\gmailthis@lazyrussian.com.xpi [2016-08-22]
FF Extension: (HTTPS Everywhere) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\https-everywhere-eff@eff.org.xpi [2017-07-19]
FF Extension: (RECAP) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\info@recapthelaw.org.xpi [2017-06-09]
FF Extension: (Privacy Badger) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\jid1-MnnxcxisBPnSXQ-eff@jetpack.xpi [2017-06-15]
FF Extension: (DuckDuckGo Plus) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\jid1-ZAdIEUB7XOzOJw@jetpack.xpi [2017-06-19]
FF Extension: (NoScript) - C:\Users\Smash\AppData\Roaming\Mozilla\Firefox\Profiles\pl70c19x.default-1470982959805\Extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2017-07-03]
FF ProfilePath: C:\Users\Smash\AppData\Roaming\Greyfirst\Celtx\Profiles\fibddcfp.default [2015-03-02]
FF Extension: (Timezone Definitions for Mozilla Calendar) - C:\Program Files (x86)\Celtx\extensions\calendar-timezones@mozilla.org [2011-10-03] [not signed]
FF Extension: (Default Shot Palette) - C:\Program Files (x86)\Celtx\extensions\default-palette@celtx.com [2011-10-03] [not signed]
FF Extension: (MSN-Smileys) - C:\Program Files (x86)\Celtx\extensions\emoticons-msn-smileys@m513901.de [2011-10-03] [not signed]
FF Extension: (DOM Inspector) - C:\Program Files (x86)\Celtx\extensions\inspector@mozilla.org [2011-10-03] [not signed]
FF Extension: (Blackened) - C:\Program Files (x86)\Celtx\extensions\messagestyle-blackened@addons.instantbird.org [2011-10-03] [not signed]
FF Extension: (Depth) - C:\Program Files (x86)\Celtx\extensions\messagestyle-depth@addons.instantbird.org [2011-10-03] [not signed]
FF Extension: (Minimal) - C:\Program Files (x86)\Celtx\extensions\messagestyle-minimal20@addons.instantbird.org [2011-10-03] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_26_0_0_131.dll [2017-06-25] ()
FF Plugin: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-14] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-14] (Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_26_0_0_131.dll [2017-06-25] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1229199.dll [2017-03-31] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\dtplugin\npDeployJava1.dll [2017-07-14] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.131.2 -> C:\Program Files (x86)\Java\jre1.8.0_131\bin\plugin2\npjp2.dll [2017-07-14] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3528.0331 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2014-03-31] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-27] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.6 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @talk.google.com/GoogleTalkPlugin -> C:\Users\Smash\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @talk.google.com/O1DPlugin -> C:\Users\Smash\AppData\Roaming\Mozilla\plugins\npo1d.dll [2015-12-08] (Google)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-04-28] (Google Inc.)
FF Plugin HKU\S-1-5-21-4071271752-2530744919-2841666311-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Smash\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2016-07-14] (Unity Technologies ApS)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll [2017-04-04] (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Users\Smash\AppData\Roaming\mozilla\plugins\npgoogletalk.dll [2015-12-08] (Google)
FF Plugin ProgramFiles/Appdata: C:\Users\Smash\AppData\Roaming\mozilla\plugins\npo1d.dll [2015-12-08] (Google)

Chrome:
=======
CHR Profile: C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default [2017-07-19]
CHR Extension: (Google Slides) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-07-19]
CHR Extension: (Google Docs) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-07-19]
CHR Extension: (Google Drive) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-07-19]
CHR Extension: (Rapport) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbjllphbppobebmjpjcijfbakobcheof [2017-07-19]
CHR Extension: (YouTube) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-07-19]
CHR Extension: (Avira Browser Safety) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\flliilndjeohchalpbbcdekjklbdgfkk [2017-07-19]
CHR Extension: (Google Docs Offline) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-07-19]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-07-19]
CHR Extension: (Gmail) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-07-19]
CHR Extension: (Chrome Media Router) - C:\Users\Smash\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-07-19]
CHR HKLM\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [bbjllphbppobebmjpjcijfbakobcheof] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [efaidnbmnnnibpcajpcglclefindmkaj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [flliilndjeohchalpbbcdekjklbdgfkk] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [173472 2017-01-30] (SUPERAntiSpyware.com)
S3 ACDaemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [113152 2010-03-18] (ArcSoft Inc.)
S2 AntiVirMailService; C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe [1128432 2017-07-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirSchedulerService; C:\Program Files (x86)\Avira\Antivirus\sched.exe [490968 2017-07-15] (Avira Operations GmbH & Co. KG)
R2 AntiVirService; C:\Program Files (x86)\Avira\Antivirus\avguard.exe [490968 2017-07-15] (Avira Operations GmbH & Co. KG)
S2 AntiVirWebService; C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe [1524216 2017-07-15] (Avira Operations GmbH & Co. KG)
R2 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [83768 2017-04-03] (Apple Inc.)
R2 Avira.ServiceHost; C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe [377976 2017-06-13] (Avira Operations GmbH & Co. KG)
S3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [245760 2010-01-25] (Brother Industries, Ltd.) [File not signed]
S4 cfbackd; C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe [211520 2014-08-31] (CleverFiles)
S4 dbupdate; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
S4 dbupdatem; C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [143144 2016-11-05] (Dropbox, Inc.)
R2 DbxSvc; C:\Windows\system32\DbxSvc.exe [49992 2017-07-12] (Dropbox, Inc.)
S4 DirMngr; C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe [218112 2013-10-07] () [File not signed]
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
S4 OpenVPNService; C:\Program Files\OpenVPN\bin\openvpnserv.exe [38240 2016-02-01] (The OpenVPN Project)
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
R2 RapportMgmtService; C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe [2340336 2017-06-27] (IBM Corp.)
R2 SpeedupService; C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe [74800 2017-06-28] (Avira Operations GmbH & Co. KG)
S4 Update service; C:\Program Files (x86)\Popcorn Time\Updater.exe [339968 2015-10-19] (Popcorn Time) [File not signed]
R3 VUAgent; C:\Program Files\Sony\VAIO Update\vuagent.exe [1642544 2014-02-28] (Sony Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U5 AppMgmt; C:\Windows\system32\svchost.exe [27136 2009-07-13] (Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65336 2013-03-06] ()
S3 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [178624 2013-03-06] ()
R0 avdevprot; C:\Windows\System32\DRIVERS\avdevprot.sys [64504 2017-06-14] (Avira Operations GmbH & Co. KG)
R2 avgntflt; C:\Windows\System32\DRIVERS\avgntflt.sys [185032 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avipbb; C:\Windows\System32\DRIVERS\avipbb.sys [149976 2017-06-14] (Avira Operations GmbH & Co. KG)
R1 avkmgr; C:\Windows\System32\DRIVERS\avkmgr.sys [35328 2017-03-21] (Avira Operations GmbH & Co. KG)
R2 avnetflt; C:\Windows\System32\DRIVERS\avnetflt.sys [78600 2017-03-21] (Avira Operations GmbH & Co. KG)
S3 bpenum; C:\Windows\System32\DRIVERS\bpenum.sys [75264 2010-11-18] (Intel Corporation) [File not signed]
S3 bpmp; C:\Windows\System32\DRIVERS\bpmp.sys [173568 2010-11-18] (Intel Corporation) [File not signed]
S3 bpusb; C:\Windows\System32\Drivers\bpusb.sys [81408 2010-11-18] (Intel Corporation) [File not signed]
R1 RapportAegle64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys [384288 2017-06-27] (IBM Corp.)
R1 RapportCerberus_1804063; C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804063.sys [1271264 2017-07-13] (IBM Corp.)
R1 RapportEI64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys [585408 2017-06-27] (IBM Corp.)
S3 RapportHades64; C:\Windows\System32\Drivers\RapportHades64.sys [253880 2017-06-27] (IBM Corp.)
S3 RapportKE64; C:\Windows\System32\Drivers\RapportKE64.sys [507936 2017-06-27] (IBM Corp.)
S3 RapportPG64; C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys [610592 2017-06-27] (IBM Corp.)
R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
S3 semav6thermal64ro; C:\Windows\system32\drivers\semav6thermal64ro.sys [13792 2015-04-29] ()
S3 ssmirrdr; C:\Windows\System32\DRIVERS\ssmirrdr.sys [10112 2011-03-14] (support.com, Inc)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-20 10:51 - 2017-07-20 10:54 - 00048860 _____ C:\Users\Smash\Desktop\FRST.txt
2017-07-20 10:50 - 2017-07-20 10:50 - 02382336 _____ (Farbar) C:\Users\Smash\Desktop\FRST64.exe
2017-07-19 19:36 - 2017-07-19 19:36 - 00000000 _____ C:\Windows\system32\Drivers\etc\New Text Document.txt
2017-07-19 19:12 - 2017-07-19 19:12 - 00000194 _____ C:\Users\Smash\Desktop\hosts-perm.bat
2017-07-19 19:06 - 2017-07-19 19:06 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Smash\Desktop\rkill.scr
2017-07-19 12:01 - 2017-07-19 12:01 - 00000000 ____D C:\Users\Smash\AppData\Local\ElevatedDiagnostics
2017-07-19 11:17 - 2017-07-19 19:13 - 00002462 _____ C:\Users\Smash\Desktop\Rkill.txt
2017-07-19 11:12 - 2017-07-19 11:13 - 00006883 _____ C:\Users\Smash\Desktop\Fixlog.txt
2017-07-19 11:06 - 2017-07-19 11:06 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Smash\Downloads\rkill.com
2017-07-19 11:06 - 2017-07-19 11:06 - 02030536 _____ (Bleeping Computer, LLC) C:\Users\Smash\Desktop\rkill.com
2017-07-18 16:04 - 2017-07-18 16:04 - 00000000 ____D C:\Users\Smash\Desktop\FRST-OlderVersion
2017-07-14 13:56 - 2017-07-14 13:56 - 00097856 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
2017-07-14 13:56 - 2017-07-14 13:42 - 00110144 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-64.dll
2017-07-14 13:37 - 2017-07-14 13:37 - 57495104 _____ (Oracle Corporation) C:\Users\Smash\Downloads\jre-8u131-windows-i586.exe
2017-07-14 13:35 - 2017-07-14 13:35 - 14706712 _____ (Adobe Systems Inc.) C:\Users\Smash\Downloads\Shockwave_Installer_Full(1).exe
2017-07-14 13:35 - 2017-07-14 13:35 - 07094520 _____ C:\Users\Smash\Downloads\paint.net.4.0.16.install.exe
2017-07-14 13:35 - 2017-07-14 13:35 - 01632736 _____ (Skype Technologies S.A.) C:\Users\Smash\Downloads\SkypeSetup.exe
2017-07-14 13:17 - 2017-07-14 13:17 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Dropbox
2017-07-13 12:21 - 2017-07-13 12:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LibreOffice 5.3
2017-07-13 11:24 - 2017-07-13 11:24 - 00428714 _____ C:\Users\Smash\Downloads\Verizon-Bill-06-18-2017.pdf
2017-07-13 10:40 - 2017-07-13 10:40 - 00000000 ____D C:\Users\Default\AppData\Roaming\Mozilla
2017-07-13 10:40 - 2017-07-13 10:40 - 00000000 ____D C:\Users\Default User\AppData\Roaming\Mozilla
2017-07-12 13:58 - 2017-07-12 13:58 - 00049992 _____ (Dropbox, Inc.) C:\Windows\system32\DbxSvc.exe
2017-07-12 13:58 - 2017-07-12 13:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-stable.sys
2017-07-12 13:58 - 2017-07-12 13:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-dev.sys
2017-07-12 13:58 - 2017-07-12 13:58 - 00045640 _____ (Dropbox, Inc.) C:\Windows\system32\Drivers\dbx-canary.sys
2017-07-12 11:54 - 2017-06-29 00:27 - 25734656 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-07-12 11:54 - 2017-06-28 23:23 - 20270592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2017-07-12 11:54 - 2017-05-03 09:34 - 00094952 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-07-12 11:54 - 2017-05-03 09:29 - 01206272 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 01555968 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00620544 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00535552 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00325632 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00311296 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00217088 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-07-12 11:54 - 2017-05-03 07:05 - 00127488 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-07-12 11:54 - 2017-03-22 20:06 - 01691136 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-07-12 11:53 - 2017-07-05 22:56 - 00119296 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\bthpan.sys
2017-07-12 11:53 - 2017-06-29 22:15 - 00394448 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-07-12 11:53 - 2017-06-29 21:32 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 02319872 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 02222080 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 02058240 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00778240 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00288256 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00115200 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00099840 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-07-12 11:53 - 2017-06-29 20:57 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-07-12 11:53 - 2017-06-29 20:40 - 00591872 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-07-12 11:53 - 2017-06-29 20:40 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-07-12 11:53 - 2017-06-29 20:39 - 01549312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tquery.dll
2017-07-12 11:53 - 2017-06-29 20:39 - 00113664 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-07-12 11:53 - 2017-06-29 20:38 - 01400320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssrch.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 01363968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Query.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00666624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssvp.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssph.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00197120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssphtb.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00104448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssitlb.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00059392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msscntrs.dll
2017-07-12 11:53 - 2017-06-29 20:38 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mssprxy.dll
2017-07-12 11:53 - 2017-06-29 20:27 - 00427520 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchIndexer.exe
2017-07-12 11:53 - 2017-06-29 20:27 - 00164352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchProtocolHost.exe
2017-07-12 11:53 - 2017-06-29 20:26 - 00086528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFilterHost.exe
2017-07-12 11:53 - 2017-06-29 20:26 - 00009728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msshooks.dll
2017-07-12 11:53 - 2017-06-29 00:19 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-07-12 11:53 - 2017-06-29 00:18 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-07-12 11:53 - 2017-06-29 00:04 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-07-12 11:53 - 2017-06-29 00:03 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-07-12 11:53 - 2017-06-29 00:03 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-07-12 11:53 - 2017-06-29 00:02 - 02899456 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-07-12 11:53 - 2017-06-29 00:02 - 00576512 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-07-12 11:53 - 2017-06-29 00:02 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-07-12 11:53 - 2017-06-28 23:55 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-07-12 11:53 - 2017-06-28 23:54 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-07-12 11:53 - 2017-06-28 23:51 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-07-12 11:53 - 2017-06-28 23:50 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-07-12 11:53 - 2017-06-28 23:50 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-07-12 11:53 - 2017-06-28 23:50 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-07-12 11:53 - 2017-06-28 23:50 - 00116224 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-07-12 11:53 - 2017-06-28 23:44 - 05975552 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-07-12 11:53 - 2017-06-28 23:43 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-07-12 11:53 - 2017-06-28 23:39 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-07-12 11:53 - 2017-06-28 23:35 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2017-07-12 11:53 - 2017-06-28 23:31 - 00087552 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-07-12 11:53 - 2017-06-28 23:31 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-07-12 11:53 - 2017-06-28 23:30 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-07-12 11:53 - 2017-06-28 23:27 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-07-12 11:53 - 2017-06-28 23:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-07-12 11:53 - 2017-06-28 23:23 - 00499200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2017-07-12 11:53 - 2017-06-28 23:23 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-07-12 11:53 - 2017-06-28 23:23 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2017-07-12 11:53 - 2017-06-28 23:23 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2017-07-12 11:53 - 2017-06-28 23:22 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2017-07-12 11:53 - 2017-06-28 23:22 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-07-12 11:53 - 2017-06-28 23:22 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2017-07-12 11:53 - 2017-06-28 23:19 - 02290176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2017-07-12 11:53 - 2017-06-28 23:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2017-07-12 11:53 - 2017-06-28 23:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2017-07-12 11:53 - 2017-06-28 23:14 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2017-07-12 11:53 - 2017-06-28 23:13 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2017-07-12 11:53 - 2017-06-28 23:13 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2017-07-12 11:53 - 2017-06-28 23:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2017-07-12 11:53 - 2017-06-28 23:11 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-07-12 11:53 - 2017-06-28 23:09 - 00806912 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-07-12 11:53 - 2017-06-28 23:09 - 00725504 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-07-12 11:53 - 2017-06-28 23:08 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-07-12 11:53 - 2017-06-28 23:07 - 02132992 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-07-12 11:53 - 2017-06-28 23:05 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2017-07-12 11:53 - 2017-06-28 23:01 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2017-07-12 11:53 - 2017-06-28 23:00 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
2017-07-12 11:53 - 2017-06-28 23:00 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdc.ocx
2017-07-12 11:53 - 2017-06-28 22:58 - 15253504 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-07-12 11:53 - 2017-06-28 22:58 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2017-07-12 11:53 - 2017-06-28 22:56 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2017-07-12 11:53 - 2017-06-28 22:56 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2017-07-12 11:53 - 2017-06-28 22:54 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
2017-07-12 11:53 - 2017-06-28 22:53 - 03240960 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-07-12 11:53 - 2017-06-28 22:52 - 04549632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2017-07-12 11:53 - 2017-06-28 22:48 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
2017-07-12 11:53 - 2017-06-28 22:47 - 00693248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2017-07-12 11:53 - 2017-06-28 22:46 - 02057216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2017-07-12 11:53 - 2017-06-28 22:46 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2017-07-12 11:53 - 2017-06-28 22:43 - 13663744 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2017-07-12 11:53 - 2017-06-28 22:41 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-07-12 11:53 - 2017-06-28 22:29 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-07-12 11:53 - 2017-06-28 22:28 - 02767872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2017-07-12 11:53 - 2017-06-28 22:24 - 01314816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2017-07-12 11:53 - 2017-06-28 22:23 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2017-07-12 11:53 - 2017-06-22 08:58 - 03223040 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-07-12 11:53 - 2017-06-15 14:23 - 00753664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2017-07-12 11:53 - 2017-06-12 16:54 - 00370920 _____ (Microsoft Corporation) C:\Windows\system32\clfs.sys
2017-07-12 11:53 - 2017-06-12 16:54 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2017-07-12 11:53 - 2017-06-12 16:54 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2017-07-12 11:53 - 2017-06-12 16:49 - 01460736 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 01363456 _____ (Microsoft Corporation) C:\Windows\system32\wdc.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00731648 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00594432 _____ (Microsoft Corporation) C:\Windows\system32\wvc.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00475136 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2017-07-12 11:53 - 2017-06-12 16:49 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00345600 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\bcrypt.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00058880 _____ (Microsoft Corporation) C:\Windows\system32\pdhui.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2017-07-12 11:53 - 2017-06-12 16:49 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 01227264 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdc.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wvc.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00390144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2017-07-12 11:53 - 2017-06-12 16:29 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00082944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\bcrypt.dll
2017-07-12 11:53 - 2017-06-12 16:29 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00554496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00261120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00254464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pdhui.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2017-07-12 11:53 - 2017-06-12 16:28 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2017-07-12 11:53 - 2017-06-12 16:19 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2017-07-12 11:53 - 2017-06-12 16:14 - 00379392 _____ (Microsoft Corporation) C:\Windows\system32\msinfo32.exe
2017-07-12 11:53 - 2017-06-12 16:14 - 00172544 _____ (Microsoft Corporation) C:\Windows\system32\perfmon.exe
2017-07-12 11:53 - 2017-06-12 16:14 - 00103936 _____ (Microsoft Corporation) C:\Windows\system32\resmon.exe
2017-07-12 11:53 - 2017-06-12 16:12 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2017-07-12 11:53 - 2017-06-12 16:12 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2017-07-12 11:53 - 2017-06-12 16:12 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2017-07-12 11:53 - 2017-06-12 16:11 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2017-07-12 11:53 - 2017-06-12 16:09 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2017-07-12 11:53 - 2017-06-12 16:06 - 00303616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msinfo32.exe
2017-07-12 11:53 - 2017-06-12 16:06 - 00157184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\perfmon.exe
2017-07-12 11:53 - 2017-06-12 16:06 - 00103424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\resmon.exe
2017-07-12 11:53 - 2017-06-12 16:05 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2017-07-12 11:53 - 2017-06-10 09:59 - 00313856 _____ (Microsoft Corporation) C:\Windows\system32\Wldap32.dll
2017-07-12 11:53 - 2017-06-10 09:39 - 00271360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Wldap32.dll
2017-07-12 11:53 - 2017-06-09 09:33 - 01680616 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-07-12 11:53 - 2017-06-06 09:30 - 01867264 _____ (Microsoft Corporation) C:\Windows\system32\ExplorerFrame.dll
2017-07-12 11:53 - 2017-06-06 09:12 - 01499648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ExplorerFrame.dll
2017-07-12 11:53 - 2017-05-29 22:56 - 01895656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2017-07-12 11:53 - 2017-05-29 22:56 - 00377576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\netio.sys
2017-07-12 11:53 - 2017-05-29 22:56 - 00287976 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\FWPKCLNT.SYS
2017-07-12 11:53 - 2017-05-20 22:24 - 00002048 _____ (Microsoft Corporation) C:\Windows\system32\tzres.dll
2017-07-12 11:53 - 2017-05-20 22:06 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tzres.dll
2017-07-12 11:53 - 2017-05-16 09:35 - 00986856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2017-07-12 11:53 - 2017-05-16 09:35 - 00265448 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2017-07-12 11:53 - 2017-05-16 09:30 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\cdd.dll
2017-07-11 13:55 - 2017-07-20 10:51 - 00000000 ____D C:\FRST
2017-07-11 13:54 - 2017-07-11 13:54 - 02437120 _____ (Farbar) C:\Users\Smash\Downloads\FRST64.exe
2017-07-11 13:47 - 2017-07-11 13:48 - 30310176 _____ (SUPERAntiSpyware) C:\Users\Smash\Downloads\SUPERAntiSpyware.exe
2017-07-11 10:36 - 2017-07-11 10:36 - 01832798 _____ C:\Users\Smash\Downloads\workality-lite.1.5.1.zip
2017-07-11 10:35 - 2017-07-11 10:35 - 00773466 _____ C:\Users\Smash\Downloads\regain-blog.1.0.1.zip
2017-07-10 10:32 - 2017-07-10 10:32 - 00000000 ____D C:\Users\Smash\Desktop\New folder
2017-07-10 10:19 - 2017-07-20 10:48 - 00000000 ____D C:\Users\Public\Speedup Sessions
2017-07-06 19:32 - 2017-07-06 19:33 - 00000000 ____D C:\Users\Smash\Downloads\Lado Sur Vol. IV
2017-07-06 13:17 - 2017-07-06 13:17 - 01082880 _____ C:\Users\Smash\Downloads\founder.1.33.zip
2017-07-06 13:17 - 2017-07-06 13:17 - 00839308 _____ C:\Users\Smash\Downloads\libretto.1.0.5.zip BAD
2017-07-06 13:17 - 2017-07-06 13:17 - 00194535 _____ C:\Users\Smash\Downloads\keepwriting.1.03.zip
2017-07-06 13:17 - 2017-07-06 13:17 - 00091161 _____ C:\Users\Smash\Downloads\unit.1.12.zip
2017-07-06 13:15 - 2017-07-06 13:15 - 00907994 _____ C:\Users\Smash\Downloads\badjohnny.1.04.zip
2017-07-06 13:04 - 2017-07-06 13:04 - 04674635 _____ C:\Users\Smash\Downloads\jomsom.1.2.zip
2017-07-05 16:04 - 2017-07-05 16:04 - 01828124 _____ C:\Users\Smash\Downloads\piclectic.1.0.9.zip
2017-07-05 12:21 - 2017-07-05 12:21 - 00148607 _____ C:\Users\Smash\Downloads\min.zip
2017-07-05 12:20 - 2017-07-05 12:20 - 16179244 _____ C:\Users\Smash\Downloads\cudazi-mono-unzip-before-use.zip
2017-07-04 12:24 - 2017-07-04 12:24 - 05809371 _____ C:\Users\Smash\Downloads\longform.1.7.1.zip
2017-07-04 11:36 - 2017-07-04 11:36 - 00000000 ____D C:\Users\Smash\Downloads\miniorange-2-factor-authentication
2017-07-04 11:13 - 2017-07-04 11:13 - 00003150 _____ C:\Users\Smash\Downloads\wp-config-backup(2).txt
2017-07-03 13:55 - 2017-07-03 13:58 - 00021128 _____ C:\Windows\SysWOW64\Defrag.debuglog
2017-07-03 13:33 - 2017-07-13 13:30 - 00118448 _____ C:\Users\Smash\AppData\Local\GDIPFONTCACHEV1.DAT
2017-07-03 13:31 - 2017-07-15 11:58 - 00522304 _____ C:\Windows\system32\FNTCACHE.DAT
2017-07-03 13:26 - 2017-07-20 10:52 - 00978920 _____ C:\Windows\ntbtlog.txt
2017-07-03 13:24 - 2017-07-03 13:24 - 00008526 _____ C:\Users\Smash\Desktop\startup.txt
2017-07-03 13:22 - 2017-07-03 13:22 - 00028412 _____ C:\Users\Smash\Documents\cc_20170703_132233.reg
2017-07-03 12:56 - 2017-07-03 12:56 - 09598376 _____ (Piriform Ltd) C:\Users\Smash\Downloads\ccsetup531.exe
2017-07-01 14:33 - 2017-07-03 11:00 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
2017-06-29 18:47 - 2017-06-29 18:59 - 458141708 _____ C:\Users\Smash\Downloads\newvigil170615.tar.gz
2017-06-29 18:47 - 2017-06-29 18:58 - 479530788 _____ C:\Users\Smash\Downloads\newvigil170430.tar.gz
2017-06-29 18:37 - 2017-06-29 18:38 - 00001505 _____ C:\Users\Smash\Downloads\wp.26_83329.2015-05-07_13-25-50
2017-06-29 18:10 - 2017-06-29 19:30 - 00000000 ____D C:\Users\Smash\Downloads\chadnielsen.newvigilante.com-Jun-2017
2017-06-29 18:10 - 2017-06-29 18:10 - 00000000 ____D C:\Users\Smash\Downloads\chadnielsen.newvigilante.com-ssl_log-Jun-2017
2017-06-23 18:24 - 2017-06-23 18:25 - 00000000 ____D C:\Users\Smash\Desktop\Website Hack
2017-06-23 18:12 - 2017-06-23 18:12 - 00003491 _____ C:\Users\Smash\Downloads\wp-config-backup(1).txt
2017-06-23 17:40 - 2017-06-23 17:40 - 00003491 _____ C:\Users\Smash\Downloads\wp-config-backup.txt
2017-06-23 17:32 - 2017-06-23 17:32 - 00000000 ____D C:\Users\Smash\Downloads\newvigil-cPanel-2017-04-30-09-00-03.tar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-20 10:48 - 2016-11-18 16:24 - 00000000 ____D C:\Users\Smash\AppData\LocalLow\Mozilla
2017-07-20 10:47 - 2009-07-13 23:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2017-07-19 21:07 - 2009-07-13 22:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-07-19 21:07 - 2009-07-13 22:45 - 00022976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-07-19 12:26 - 2011-08-18 23:54 - 00000000 ____D C:\Users\Smash\Desktop\Mission
2017-07-19 11:35 - 2015-04-01 15:21 - 00894976 ___SH C:\Users\Smash\Desktop\Thumbs.db
2017-07-19 11:13 - 2011-10-10 12:49 - 00000000 ____D C:\Users\Smash\AppData\LocalLow\Temp
2017-07-19 10:06 - 2014-07-12 11:51 - 00192216 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2017-07-18 16:06 - 2016-03-01 17:27 - 00000000 ____D C:\Users\Smash\AppData\Roaming\uTorrent
2017-07-18 14:55 - 2011-08-19 12:23 - 00000000 ____D C:\Users\Smash\Documents\Admin
2017-07-15 17:42 - 2015-04-21 11:45 - 00000000 ____D C:\Users\Smash\AppData\Roaming\vlc
2017-07-15 17:41 - 2012-08-13 19:01 - 00000000 ____D C:\Users\Smash\Desktop\Reading
2017-07-15 17:38 - 2017-02-23 19:37 - 00000000 ____D C:\Users\Smash\Desktop\Mexico
2017-07-15 12:54 - 2016-04-27 08:32 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avira
2017-07-15 12:40 - 2014-12-10 22:38 - 00000000 ____D C:\Windows\system32\appraiser
2017-07-15 12:01 - 2016-04-27 08:31 - 00000000 ____D C:\ProgramData\Package Cache
2017-07-15 11:55 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\inf
2017-07-15 11:30 - 2013-07-26 22:13 - 00000000 ____D C:\Windows\system32\MRT
2017-07-15 11:20 - 2011-10-01 15:31 - 135225752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-07-15 11:12 - 2013-02-07 20:59 - 00775124 _____ C:\Windows\SysWOW64\PerfStringBackup.INI
2017-07-15 11:12 - 2009-07-13 23:13 - 00775124 _____ C:\Windows\system32\PerfStringBackup.INI
2017-07-14 13:56 - 2013-09-14 23:48 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-07-14 13:56 - 2011-10-01 21:44 - 00000000 ____D C:\Program Files (x86)\Java
2017-07-14 13:45 - 2011-10-01 21:45 - 00000000 ____D C:\Program Files\Java
2017-07-14 13:42 - 2015-11-21 20:37 - 00110144 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge-64.dll
2017-07-14 13:17 - 2015-10-02 13:23 - 00000000 ____D C:\Program Files (x86)\Dropbox
2017-07-13 14:29 - 2015-10-02 13:26 - 00000000 ___RD C:\Users\Smash\Dropbox
2017-07-13 12:20 - 2015-10-24 10:07 - 00000000 ____D C:\Program Files (x86)\LibreOffice 5
2017-07-13 10:56 - 2015-06-29 15:44 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-07-13 10:55 - 2014-12-26 12:00 - 00004476 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2017-07-13 10:40 - 2013-08-23 20:15 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Trusteer Endpoint Protection
2017-07-12 17:03 - 2016-04-17 22:51 - 03083174 ____H C:\Users\Smash\AppData\Local\IconCache.db.backup
2017-07-11 13:52 - 2012-11-06 21:03 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
2017-07-11 13:51 - 2013-11-01 15:11 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
2017-07-10 10:19 - 2017-06-17 12:43 - 00003658 _____ C:\Windows\System32\Tasks\AviraSystemSpeedupUpdate
2017-07-10 10:19 - 2016-04-27 08:32 - 00000000 ____D C:\Program Files (x86)\Avira
2017-07-05 12:54 - 2013-06-12 16:46 - 00382638 _____ C:\Users\Smash\Downloads\mono.zip
2017-07-03 14:18 - 2011-10-05 23:54 - 00000000 ____D C:\Users\Smash\AppData\Local\CrashDumps
2017-07-03 13:31 - 2015-10-02 13:23 - 00000906 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job
2017-07-03 13:31 - 2015-10-02 13:23 - 00000902 _____ C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job
2017-07-03 13:23 - 2015-10-02 13:23 - 00003914 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineUA
2017-07-03 13:23 - 2015-10-02 13:23 - 00003662 _____ C:\Windows\System32\Tasks\DropboxUpdateTaskMachineCore
2017-07-03 13:23 - 2015-02-26 11:23 - 00003332 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2017-07-03 13:23 - 2015-01-15 19:44 - 00003204 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2017-07-03 13:23 - 2014-05-05 00:04 - 00003510 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA
2017-07-03 13:23 - 2014-05-05 00:04 - 00003238 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core
2017-07-03 13:23 - 2012-10-03 13:22 - 00002774 _____ C:\Windows\System32\Tasks\CCleanerSkipUAC
2017-07-03 11:00 - 2012-05-04 12:54 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2017-06-29 19:29 - 2013-10-13 10:53 - 00000544 _____ C:\Users\Smash\Documents\keychain.txt
2017-06-29 13:46 - 2013-04-29 16:15 - 00002195 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2017-06-29 13:14 - 2015-05-27 09:57 - 00000000 ____D C:\Program Files (x86)\Mozilla Thunderbird
2017-06-27 15:11 - 2015-06-04 08:34 - 00253880 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportHades64.sys
2017-06-27 15:11 - 2011-10-03 15:22 - 00507936 _____ (IBM Corp.) C:\Windows\system32\Drivers\RapportKE64.sys
2017-06-25 13:14 - 2014-08-19 15:24 - 00000000 ____D C:\Users\Smash\AppData\Local\Adobe
2017-06-25 13:13 - 2012-04-14 18:06 - 00803328 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2017-06-25 13:13 - 2011-10-05 23:57 - 00144896 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2017-06-25 13:13 - 2011-10-05 23:57 - 00000000 ____D C:\Windows\system32\Macromed
2017-06-25 13:13 - 2011-09-30 19:58 - 00000000 ____D C:\Windows\SysWOW64\Macromed
2017-06-22 14:33 - 2009-07-13 21:20 - 00000000 ____D C:\Windows\system32\NDF

==================== Files in the root of some directories =======

2011-12-02 16:44 - 2011-12-02 16:44 - 0000278 _____ () C:\Users\Smash\AppData\Roaming\Fopydo.cfg
2011-12-02 16:44 - 2011-12-02 16:44 - 0000000 _____ () C:\Users\Smash\AppData\Roaming\FopydoContacts.db.dir
2011-12-02 16:44 - 2011-12-02 17:40 - 0001024 _____ () C:\Users\Smash\AppData\Roaming\FopydoContacts.db.pag
2011-12-02 16:44 - 2011-12-02 16:47 - 0004096 _____ () C:\Users\Smash\AppData\Roaming\FopydoTesseract.db.dir
2011-12-02 16:44 - 2011-12-02 17:40 - 0002048 _____ () C:\Users\Smash\AppData\Roaming\FopydoTesseract.db.pag
2016-07-15 11:22 - 2016-07-15 11:24 - 0002057 _____ () C:\Users\Smash\AppData\Roaming\vidiot.ini
2016-04-16 18:43 - 2016-04-16 18:43 - 0392102 _____ () C:\Users\Smash\AppData\Local\ars.cache
2016-04-16 18:44 - 2016-04-16 18:44 - 0527432 _____ () C:\Users\Smash\AppData\Local\census.cache
2013-03-28 12:07 - 2016-06-07 08:15 - 0008192 _____ () C:\Users\Smash\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2011-10-30 00:59 - 2011-10-30 00:59 - 0002412 _____ () C:\Users\Smash\AppData\Local\FastClean.20111030.005958.txt
2011-11-07 23:50 - 2011-11-07 23:50 - 0002423 _____ () C:\Users\Smash\AppData\Local\FastClean.20111107.225031.txt
2012-09-26 13:53 - 2012-09-26 13:53 - 0000036 _____ () C:\Users\Smash\AppData\Local\housecall.guid.cache
2011-10-17 12:46 - 2017-06-03 16:10 - 0006269 _____ () C:\Users\Smash\AppData\Local\ipublish.ini
2011-10-30 01:02 - 2011-10-30 01:02 - 0020956 _____ () C:\Users\Smash\AppData\Local\IWDAudHelper.20111030.010200.txt
2011-11-30 00:58 - 2011-11-30 00:58 - 0002507 _____ () C:\Users\Smash\AppData\Local\IWDAudHelper.20111129.235800.txt
2011-10-28 18:58 - 2011-10-28 18:58 - 0001544 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111028.185833.txt
2011-10-29 21:39 - 2011-10-29 21:39 - 0001544 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111029.213921.txt
2011-10-30 01:00 - 2011-10-30 01:00 - 0001690 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010044.txt
2011-10-30 01:00 - 2011-10-30 01:00 - 0000844 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010056.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0000673 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010118.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001665 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010125.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001283 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010136.txt
2011-10-30 01:01 - 2011-10-30 01:01 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010148.txt
2011-10-30 01:02 - 2011-10-30 01:02 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.010227.txt
2011-10-30 12:18 - 2011-10-30 12:18 - 0001632 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.121845.txt
2011-10-30 22:47 - 2011-10-30 22:47 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.224744.txt
2011-10-30 23:34 - 2011-10-30 23:34 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111030.233445.txt
2011-11-07 17:22 - 2011-11-07 17:22 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.162224.txt
2011-11-07 20:51 - 2011-11-07 20:51 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.195107.txt
2011-11-07 20:51 - 2011-11-07 20:51 - 0001632 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.195132.txt
2011-11-07 21:57 - 2011-11-07 21:57 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.205752.txt
2011-11-07 21:59 - 2011-11-07 21:59 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.205923.txt
2011-11-07 23:26 - 2011-11-07 23:26 - 0001654 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.222653.txt
2011-11-07 23:50 - 2011-11-07 23:50 - 0001559 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.225052.txt
2011-11-07 23:55 - 2011-11-07 23:55 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.225509.txt
2011-11-08 00:36 - 2011-11-08 00:36 - 0001630 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111107.233620.txt
2011-11-08 09:16 - 2011-11-08 09:16 - 0001656 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111108.081621.txt
2011-11-30 00:57 - 2011-11-30 00:57 - 0000663 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111129.235743.txt
2011-11-30 00:57 - 2011-11-30 00:57 - 0001247 _____ () C:\Users\Smash\AppData\Local\PDLSetup.20111129.235759.txt
2013-02-02 23:54 - 2013-02-02 23:54 - 0007608 _____ () C:\Users\Smash\AppData\Local\Resmon.ResmonCfg
2016-04-16 18:25 - 2016-04-16 18:25 - 0000010 _____ () C:\Users\Smash\AppData\Local\sponge.last.runtime.cache
2015-12-07 10:34 - 2015-12-07 10:34 - 0000000 _____ () C:\Users\Smash\AppData\Local\{BB0833BE-4241-46E7-8141-B04A6DBB28DB}
2014-06-21 00:47 - 2014-06-21 00:47 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
2012-04-07 12:50 - 2014-01-31 13:19 - 0009101 _____ () C:\ProgramData\hpzinstall.log

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-06-18 03:37

==================== End of FRST.txt ============================

 

 

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 18-07-2017
Ran by Smash (20-07-2017 10:54:43)
Running from C:\Users\Smash\Desktop
Windows 7 Home Premium Service Pack 1 (X64) (2011-10-01 02:12:07)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4071271752-2530744919-2841666311-500 - Administrator - Disabled)
Guest (S-1-5-21-4071271752-2530744919-2841666311-501 - Limited - Disabled) => C:\Users\Guest
HomeGroupUser$ (S-1-5-21-4071271752-2530744919-2841666311-1007 - Limited - Enabled)
Smash (S-1-5-21-4071271752-2530744919-2841666311-1001 - Administrator - Enabled) => C:\Users\Smash

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Avira Antivirus (Disabled - Up to date) {B3F630BD-538D-1B4A-14FA-14B63235278F}
AS: Avira Antivirus (Disabled - Up to date) {0897D159-75B7-14C4-2E4A-2FC449B26D32}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 17.009.20058 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 26.0.0.127 - Adobe Systems Incorporated)
Adobe Flash Player 26 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 26.0.0.131 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.2 (HKLM-x32\...\Adobe Shockwave Player) (Version: 12.2.9.199 - Adobe Systems, Inc.)
Agent Ransack x64 (HKLM\...\{FD8C1365-2229-4F37-A126-558DB2471CBE}) (Version: 7.0.828.1 - Mythicsoft Ltd)
Akamai NetSession Interface (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\Akamai) (Version:  - Akamai Technologies, Inc)
Alps Pointing-device for VAIO (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version:  - ALPS ELECTRIC CO., LTD.)
Apple Application Support (32-bit) (HKLM-x32\...\{E92BB800-BCC5-4C25-8102-AC2C3B7C7C1E}) (Version: 5.5 - Apple Inc.)
Apple Application Support (64-bit) (HKLM\...\{9C912B1E-06DD-43EF-BB2B-45CB2C88BAAE}) (Version: 5.5 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{0A596141-97D5-45FA-9281-98DFAF48D579}) (Version: 10.3.2.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{52D87F32-70E4-4348-8148-C0B9F35B1314}) (Version: 2.3.0.177 - Apple Inc.)
Application Manager for VAIO (HKLM-x32\...\Application Manager for VAIO) (Version:  - )
ArcSoft WebCam Companion 4 (HKLM-x32\...\{C793AD32-2BB8-4CC4-ABD3-A1469C21593C}) (Version: 4.0.21.369 - ArcSoft)
ATI Catalyst Install Manager (HKLM\...\{158BEEC4-CC30-BF2F-248D-B52AF953E9C1}) (Version: 3.0.829.0 - ATI Technologies, Inc.)
ATI Stream SDK v2 Developer (HKLM\...\{22441735-5983-AD2A-5CC5-FA2CCD7EF732}) (Version: 2.3.0.0 - ATI Technologies Inc.)
Avira Antivirus (HKLM-x32\...\Avira Antivirus) (Version: 15.0.28.28 - Avira Operations GmbH & Co. KG)
Avira Browser Safety (HKLM-x32\...\{9E10EA90-5E97-43B7-A246-FC7B4F5E9493}) (Version: 1.4.5.509 - Avira Operations GmbH & Co KG)
Avira Connect (HKLM-x32\...\{661C79C2-D156-419C-81CA-D1A2523B0841}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG) Hidden
Avira Connect (HKLM-x32\...\{dd9049b8-31d1-40bd-8c8c-97a7b087a78f}) (Version: 1.2.91.10326 - Avira Operations GmbH & Co. KG)
Best Buy pc app (HKLM\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy)
Best Buy pc app (HKLM-x32\...\{FBBC4667-2521-4E78-B1BD-8706F774549B}) (Version: 3.1.1.0 - Best Buy)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
CCleaner (HKLM\...\CCleaner) (Version: 5.31 - Piriform)
Celtx (2.9.1) (HKLM-x32\...\Celtx (2.9.1)) (Version: 2.9.1 (en-US) - Greyfirst)
CyberLink PowerDVD (HKLM-x32\...\InstallShield_{A8516AC9-AAF1-47F9-9766-03E2D4CDBCF8}) (Version: 9.0.6426.52 - CyberLink Corp.)
D3DX10 (HKLM-x32\...\{E09C4DB7-630C-4F06-A631-8EA7239923AF}) (Version: 15.4.2368.0902 - Microsoft) Hidden
Disk Drill 1.0.0.188 (HKLM-x32\...\{232BCE66-B89D-4561-AEE0-AA25057B171B}) (Version: 1.0.189 - CleverFiles)
Doxillion Document Converter (HKLM-x32\...\Doxillion) (Version: 2.17 - NCH Software)
Dropbox (HKLM-x32\...\Dropbox) (Version: 30.4.22 - Dropbox, Inc.)
Dropbox Update Helper (HKLM-x32\...\{099218A5-A723-43DC-8DB5-6173656A1E94}) (Version: 1.3.59.1 - Dropbox, Inc.) Hidden
Express Scribe (HKLM-x32\...\Scribe) (Version:  - NCH Software)
FileHippo App Manager (HKLM-x32\...\FileHippo.com) (Version:  - FileHippo.com)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 59.0.3071.115 - Google Inc.)
Google Earth (HKLM-x32\...\{F6430171-B86B-4639-839E-374913E7911D}) (Version: 7.1.8.3036 - Google)
Google Talk Plugin (HKLM-x32\...\{F9B579C2-D854-300A-BE62-A09EB9D722E4}) (Version: 5.41.3.0 - Google)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Gpg4win (2.2.1) (HKLM-x32\...\GPG4Win) (Version: 2.2.1 - The Gpg4win Project)
HL-2270DW (HKLM-x32\...\{E2A97415-BD97-4867-B906-05E39E9EE51F}) (Version: 1.0.7.0 - Brother Industries, Ltd.)
ICMV Audio Codec (HKLM-x32\...\{2767EE80-D340-41F2-A922-F7F8114F9642}) (Version: 1.0.0 - PCS Inc.)
Inkscape 0.48.2 (HKLM-x32\...\Inkscape) (Version: 0.48.2 - )
inSSIDer 2.0 (HKLM\...\{57019733-78E6-43DE-8E6D-55349F0FDE6F}) (Version: 2.0.7 - MetaGeek)
Intel WiMAX Tutorial (HKLM\...\{4F26C164-9373-4974-8F43-E0F2176AF937}) (Version: 1.5.3.1 - Intel Corporation)
Intel® Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3223 - Intel Corporation)
Intel® Processor ID Utility (HKLM-x32\...\{A92A4DB0-CD37-42D1-BE1D-603D53C24328}) (Version: 4.40.0000 - Intel® Corporation)
Intel® Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 10.1.0.1008 - Intel Corporation)
Intel® SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
IPublish Vista Fix (HKLM-x32\...\{AA4258DE-83B2-4FAE-A36B-D5246B1CC529}) (Version: 1.00.0000 - IPRO Tech)
IrfanView (remove only) (HKLM-x32\...\IrfanView) (Version: 4.38 - Irfan Skiljan)
iTunes (HKLM\...\{F0C7385A-9D20-45F3-8101-05D383885180}) (Version: 12.6.1.25 - Apple Inc.)
iTunes Export (HKLM-x32\...\{3FFF605A-B4CE-0706-16C3-7313BBF32DFA}) (Version: 2.2.2 - UNKNOWN) Hidden
iTunes Export (HKLM-x32\...\iTunesExport.9816BF1711E8C5ABC4CED8E503841951211D8E5D.1) (Version: 2.2.2 - UNKNOWN)
Java 8 Update 131 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
Java 8 Update 131 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180131F0}) (Version: 8.0.1310.11 - Oracle Corporation)
LibreOffice 5.3 Help Pack (English (United States)) (HKLM-x32\...\{8ECEE533-41B5-455D-8226-7D247060570C}) (Version: 5.3.4.2 - The Document Foundation)
LibreOffice 5.3.4.2 (HKLM-x32\...\{E8FF8837-CDA1-462A-925B-2DA1FE7E263E}) (Version: 5.3.4.2 - The Document Foundation)
Microsoft .NET Framework 4.7 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.7.02053 - Microsoft Corporation)
Microsoft Filter Pack 2.0 (HKLM\...\{95140000-2000-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP1 English (HKLM-x32\...\{E59113EB-0285-4BFD-A37A-B79EAC6B8F4B}) (Version: 3.5.5692.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30411 (HKLM-x32\...\{5DA8F6CD-C70E-39D8-8430-3D9808D6BD17}) (Version: 9.0.30411 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Movie Maker (HKLM-x32\...\{38F03569-A636-4CF3-BDDE-032C8C251304}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
Movie Maker (HKLM-x32\...\{DD67BE4B-7E62-4215-AFA3-F123A800A389}) (Version: 16.4.3528.0331 - Microsoft Corporation) Hidden
MozBackup 1.5.1 (HKLM-x32\...\MozBackup) (Version:  - Pavel Cvrcek)
Mozilla Firefox 54.0.1 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 54.0.1 (x86 en-US)) (Version: 54.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 54.0.1.6388 - Mozilla)
Mozilla Thunderbird 52.2.1 (x86 en-US) (HKLM-x32\...\Mozilla Thunderbird 52.2.1 (x86 en-US)) (Version: 52.2.1 - Mozilla)
MSXML 4.0 SP3 Parser (HKLM-x32\...\{196467F1-C11F-4F76-858B-5812ADC83B94}) (Version: 4.30.2100.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
MSXML 4.0 SP3 Parser (KB973685) (HKLM-x32\...\{859DFA95-E4A6-48CD-B88E-A3E483E89B44}) (Version: 4.30.2107.0 - Microsoft Corporation)
MusicBrainz Picard (HKLM-x32\...\MusicBrainz Picard) (Version: 1.3.2 - MusicBrainz)
Nextiva Codec (HKLM-x32\...\{8A6EA3B1-3357-4E2D-852E-A536C9A35624}) (Version: 61.7.5194 - Verint Video Solutions) Hidden
Nextiva Codec (HKLM-x32\...\{BE18FDC3-7E2E-4DE5-B471-DB74491768F2}) (Version: 61.7.5194 - Verint Video Solutions)
OpenVPN 2.3.10-I602  (HKLM\...\OpenVPN) (Version: 2.3.10-I602 - )
paint.net (HKLM\...\{A1D05314-DC32-4668-A97E-51060EC8BCCE}) (Version: 4.0.12 - dotPDN LLC)
PDFill FREE PDF Tools (HKLM\...\{60724DF0-7436-48B8-BEF9-07BA4C3880EE}) (Version: 9.0 - PlotSoft LLC)
PDFill FREE PDF Writer (HKLM\...\{D1399216-81B2-457C-A0F7-73B9A2EF6902}) (Version: 9.0 - PlotSoft LLC)
Pixlr-o-matic (HKLM-x32\...\{41A63ADA-088B-1C2D-43B3-E4087FE79881}) (Version: 2.1 - UNKNOWN) Hidden
Pixlr-o-matic (HKLM-x32\...\Pixlromatic) (Version: 2.1 - UNKNOWN)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PX Profile Update (HKLM-x32\...\{163E8878-383D-D084-6FD7-7306DE3526DC}) (Version: 1.00.1. - AMD) Hidden
PX Profile Update (HKLM-x32\...\{EFBEE79D-E49D-9451-459E-F776AC857F99}) (Version: 1.00.1. - AMD) Hidden
Rapport (HKLM\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1205.20 - Trusteer) Hidden
Rapport (HKLM-x32\...\{1DD81E7D-0D28-4CEB-87B2-C041A4FCB215}) (Version: 3.5.1804.121 - Trusteer) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.72.410.2013 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7240 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.92 - Realtek Semiconductor Corp.)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.1.16.0 - Renesas Electronics Corporation)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Scribus 1.4.5 (HKLM-x32\...\Scribus 1.4.5) (Version: 1.4.5 - The Scribus Team)
Skype™ 7.28 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.28.101 - Skype Technologies S.A.)
SQLite Studio 1.0.0.0 (HKLM-x32\...\SQLite Studio) (Version: 1.0.0.0 - SQLite Studio)
SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1244 - SUPERAntiSpyware.com)
swMSM (HKLM-x32\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
TAP-Windows 9.21.1 (HKLM\...\TAP-Windows) (Version: 9.21.1 - )
Trelby (HKLM-x32\...\Trelby) (Version: 2.2.0.0 - Trelby.org)
TrueCrypt (HKLM-x32\...\TrueCrypt) (Version: 7.2 - TrueCrypt Foundation)
Trusteer Endpoint Protection (HKLM-x32\...\Rapport_msi) (Version: 3.5.1804.121 - Trusteer)
Unity Web Player (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\UnityWebPlayer) (Version: 5.3.6f1 - Unity Technologies ApS)
VAIO Care (HKLM-x32\...\{00B03993-F5A1-47B1-9C54-EC8FBDDDE17E}) (Version: 6.4.2.11150 - Sony Corporation) Hidden
VAIO Control Center (HKLM-x32\...\{72042FA6-5609-489F-A8EA-3C2DD650F667}) (Version: 4.4.0.11260 - Sony Corporation)
VAIO Data Restore Tool (HKLM-x32\...\{57B955CE-B5D3-495D-AF1B-FAEE0540BFEF}) (Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Data Restore Tool (HKLM-x32\...\{F8B48758-410A-4B09-A734-C5DEA282C7C9}) (Version: 1.5.0.10140 - Sony Corporation) Hidden
VAIO Hardware Diagnostics (HKLM-x32\...\{31ABC808-794B-4710-B3E4-85F77784882E}) (Version: 4.1.0.10120 - Sony Corporation) Hidden
VAIO Help and Support (HKLM-x32\...\{884A242B-BE5C-4F9F-9177-F44156A5D081}) (Version: 13.00.0927 - Sony Corporation)
VAIO Manual (HKLM-x32\...\{C6E893E7-E5EA-4CD5-917C-5443E753FCBD}) (Version: 1.2.0.11040 - Sony Corporation) Hidden
VAIO Smart Network (HKLM-x32\...\{0899D75A-C2FC-42EA-A702-5B9A5F24EAD5}) (Version: 3.4.0.12090 - Sony Corporation)
VAIO Update (HKLM-x32\...\{9FF95DA2-7DA1-4228-93B7-DED7EC02B6B2}) (Version: 7.0.1.02280 - Sony Corporation)
VAIO Wireless Wizard (HKLM-x32\...\{7C80D30A-AC02-4E3F-B95D-29F0E4FF937B}) (Version: 4.0.0.02180 - Sony) Hidden
VESx86 (HKLM-x32\...\{6883A6BD-37B5-4314-BB66-FA581D15A906}) (Version: 1.0.0 - Sony Corporation) Hidden
Vista Fix for IPublish 8.5 (HKLM-x32\...\{8BFECAC4-E1ED-45A6-A237-1EED091D6674}) (Version: 1.00.0000 - IPRO Tech)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.6 - VideoLAN)
VU5x64 (HKLM\...\{6B7DE186-374B-4873-AEC1-7464DA337DD6}) (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{9D12A8B5-9D41-4465-BF11-70719EB0CD02}) (Version: 1.1.0 - Sony Corporation ) Hidden
VU5x86 (HKLM-x32\...\{D2D23D08-D10E-43D6-883C-78E0B2AC9CC6}) (Version: 1.0.0 - Sony Corporation ) Hidden
WIDCOMM Bluetooth Software (HKLM\...\{436E0B79-2CFB-4E5F-9380-E17C1B25D0C5}) (Version: 6.3.0.6300 - Broadcom Corporation)
WinDirStat 1.1.2 (HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\WinDirStat) (Version:  - )
Windows Driver Package - Apple Inc. Apple Keyboard (04/06/2009 3.0.0.0) (HKLM\...\831BF8DFEC5520D988361807D534A2041AE4AAB3) (Version: 04/06/2009 3.0.0.0 - Apple Inc.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3528.0331 - Microsoft Corporation)
Xvid Video Codec (HKLM-x32\...\Xvid Video Codec 1.3.2) (Version: 1.3.2 - Xvid Team)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001_Classes\CLSID\{144DF3B2-2402-47AE-9583-5A045929A8D4}\InprocServer32 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
CustomCLSID: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001_Classes\CLSID\{E8CF3E55-F919-49D9-ABC0-948E6CB34B9F}\InprocServer32 -> C:\Users\Smash\AppData\Local\Google\Update\1.3.33.5\psuser_64.dll (Google Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt01] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt02] -> {FB314EDF-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt03] -> {FB314EE1-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt04] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt05] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt06] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt07] -> {FB314EDD-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt08] -> {FB314EE0-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt09] -> {FB314EE2-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ShellIconOverlayIdentifiers-x32: [   DropboxExt10] -> {FB314EDE-A251-47B7-93E1-CDD82E34AF8B} => C:\Program Files (x86)\Dropbox\Client\DropboxExt.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers01: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers01: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-15] (Avira Operations GmbH & Co. KG)
ContextMenuHandlers01: [SystemSpeedupFilesMenu] -> {ef263503-8f0e-3e6a-ae2e-fe0b4b441d52} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers02: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers03: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers04: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers04: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers04: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers04: [SystemSpeedupFoldersMenu] -> {3d52b24d-33bb-3895-99ea-a0156f24a3f9} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers05: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2011-12-22] (Advanced Micro Devices, Inc.)
ContextMenuHandlers05: [DropboxExt] -> {ECD97DE5-3C8F-4ACB-AEEE-CCAB78F7711C} => C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll [2017-07-12] (Dropbox, Inc.)
ContextMenuHandlers05: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2012-05-24] (Intel Corporation)
ContextMenuHandlers05: [SystemSpeedupDesktopMenu] -> {cefaf456-bc17-3f4b-b7d9-75070925911b} => C:\Windows\system32\mscoree.dll [2010-11-04] (Microsoft Corporation)
ContextMenuHandlers06: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers06: [AgentRansack] -> {2AE9D6D8-E348-4853-B266-C78844D31B97} => C:\Program Files\Mythicsoft\Agent Ransack\ShellExt.dll [2014-11-21] (Mythicsoft Ltd)
ContextMenuHandlers06: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamext.dll [2016-03-10] (Malwarebytes)
ContextMenuHandlers06: [Shell Extension for Malware scanning] -> {45AC2688-0253-4ED8-97DE-B5370FA7D48A} => C:\Program Files (x86)\Avira\Antivirus\shlext64.dll [2017-07-15] (Avira Operations GmbH & Co. KG)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {05D3968C-35F4-4561-86FB-A1293AB7AC50} - System32\Tasks\SONY\VAIO Smart Network\VSN Logon Start => C:\Program Files\Sony\VAIO Smart Network\VSNClient [Argument = /Start]
Task: {0A1BF919-5BB0-4F31-B13E-98D51CCCFD36} - System32\Tasks\Avira\System Speedup\SpeedupSysTray => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {0FF12B22-A136-4635-AB96-3F104735A8D1} - System32\Tasks\Adobe online update program => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {219E6605-38D3-43A6-8108-AF814A3B4A66} - System32\Tasks\SONY\VAIO Power Management\VPM Logon Start => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {29FC249D-D34F-43D5-B31D-181F9C8A56AC} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001Core => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {3C46779F-35B5-4001-9DDA-58C81235B229} - System32\Tasks\SONY\VAIO Power Management\VPM Session Change => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {40A096EE-B83B-4AAB-A5AE-A2934C93CF5C} - System32\Tasks\DropboxUpdateTaskMachineCore => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {4E09540A-4C54-42BE-973A-9677E6D2BAEE} - System32\Tasks\AviraSystemSpeedupUpdate => C:\ProgramData\Avira\SystemSpeedup\Update\avira_speedup_setup_update.exe [2017-07-10] (Avira Operations GmbH & Co. KG                              )
Task: {4EB1F4E6-6137-47B0-A9B2-A8B2F75B157B} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4071271752-2530744919-2841666311-1001UA => C:\Users\Smash\AppData\Local\Google\Update\GoogleUpdate.exe [2015-08-29] (Google Inc.)
Task: {51B4A5F6-6823-490A-BB5C-AA90A70C35DC} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update Self Repair => C:\Program Files\Sony\VAIO Update\VUSR.exe [2014-03-01] (Sony Corporation)
Task: {57090A8A-30A7-47EC-9D0F-9BE28D4E7098} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {5E4B7954-36B3-4FB7-87C6-D91AE43B797E} - System32\Tasks\SONY\VAIO Power Management\VPM Unlock => C:\Program Files\Sony\VAIO Power Management\SPMgr.exe [2010-12-06] (Sony Corporation)
Task: {6AEEF879-56E0-4431-93EB-DA5E6C2698D1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-02-26] (Google Inc.)
Task: {730B2DA9-8BBF-4E60-A933-E303EBE344A2} - System32\Tasks\Avira Browser Safety Updater Task => C:\Program Files (x86)\Avira\Browser Safety\AviraBrowserSafetyUpdater.exe [2015-03-11] (Avira Operations GmbH & Co. KG)
Task: {78069684-4946-4080-A41A-57D9BA3E8EEA} - System32\Tasks\Avira\System Speedup\TestScheduler => C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe [2017-06-28] (Avira Operations GmbH & Co. KG)
Task: {924D51DC-354D-47D1-A3D1-5F79AAB294E2} - System32\Tasks\Sony Corporation\VAIO Update\VAIO Update => C:\Program Files\Sony\VAIO Update\VAIOUpdt.exe [2014-02-28] (Sony Corporation)
Task: {9C60ED51-BAAC-4D03-B696-2686F2D76F07} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-04-25] (Adobe Systems Incorporated)
Task: {A1311EF3-BCB8-4B7E-AC7B-2E688698C22A} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\Windows\ehome\ehrec.exe
Task: {C4192730-EE4E-4D47-A048-B4B834F27125} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2017-06-13] (Piriform Ltd)
Task: {C5DB83F2-4D6D-419A-9CE2-24B70BEA2775} - System32\Tasks\DropboxUpdateTaskMachineUA => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe [2016-11-05] (Dropbox, Inc.)
Task: {D75AD3A9-032C-4E12-A79F-2BEA1493016A} - System32\Tasks\SONY\SUS-BCF\Level4Month => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {F1458236-19DB-471D-AA9A-2A02E2110BFF} - System32\Tasks\SONY\SUS-BCF\Level4Daily => C:\Program Files (x86)\Sony\Setting Utility Series\WBCBatteryCare.exe [2010-12-23] (Sony Corporation)
Task: {F1A658EA-E1BE-42AD-B91A-EC9F534FE772} - System32\Tasks\Sony Corporation\VAIO Boot Manager\VAIO Boot Manager => C:\Program Files (x86)\Sony\VAIO Boot Manager\SetProcessTask.exe [2010-12-08] (Sony Corporation)
Task: {F978F1FB-15CE-42F7-8942-5F69635C319E} - System32\Tasks\Sony Corporation\VAIO Update\Launch Application => C:\Program Files\SONY\VAIO Update\ShellExeProxy.exe [2014-02-28] (Sony Corporation)
Task: {FA0A6FB8-6183-4D1B-B859-75260E204460} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2017-02-14] (Apple Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\DropboxUpdateTaskMachineCore.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
Task: C:\Windows\Tasks\DropboxUpdateTaskMachineUA.job => C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


Shortcut: C:\Users\Smash\Desktop\Investigation\Done\DVF Garcia Perez\Disco\04.04.12\001059 Walmart\VerintVideoSolutionsCodecs.lnk -> hxxp://www.verint.com/video_solutions/overview.cfm?article_level1_category_id=40

==================== Loaded Modules (Whitelisted) ==============

2017-05-09 00:44 - 2017-05-09 00:44 - 01354040 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
2016-09-01 18:12 - 2016-09-01 18:12 - 00092472 _____ () C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
2011-01-14 02:20 - 2011-01-14 01:03 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2011-11-09 11:55 - 2011-11-09 11:55 - 00016384 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Branding\Branding.dll
2011-12-22 03:53 - 2011-12-22 03:53 - 00243712 _____ () C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLI.Aspect.CrossDisplay.Graphics.Dashboard.dll
2012-12-09 20:08 - 2010-12-23 17:24 - 00013824 _____ () C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
2015-06-02 15:51 - 2015-06-02 15:51 - 00545792 _____ () C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
2017-05-14 14:22 - 2017-05-14 14:22 - 00169984 _____ () C:\Windows\assembly\NativeImages_v2.0.50727_32\IsdiInterop\e02990982d5c841556f4bc4041a38de0\IsdiInterop.ni.dll
2011-09-30 19:36 - 2010-11-06 00:50 - 00058880 _____ () C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IsdiInterop.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKLM\...\.scr: CryptoPreventSCR => "C:\Program Files (x86)\Foolish IT\CryptoPrevent\CryptoPreventFilterMod.CryptoPreventEXEC" "%1" /S %*

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\...\100sexlinks.com -> 100sexlinks.com

There are 5315 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 18:55 - 2017-07-19 19:37 - 00000824 _____ C:\Windows\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4071271752-2530744919-2841666311-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Smash\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 2) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\Services: !SASCORE => 2
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: btwdins => 2
MSCONFIG\Services: cfbackd => 3
MSCONFIG\Services: CLKMSVC10_9EC60124 => 2
MSCONFIG\Services: dbupdate => 2
MSCONFIG\Services: dbupdatem => 3
MSCONFIG\Services: DbxSvc => 2
MSCONFIG\Services: DirMngr => 2
MSCONFIG\Services: gupdate => 2
MSCONFIG\Services: gupdatem => 3
MSCONFIG\Services: MBAMService => 2
MSCONFIG\Services: McComponentHostServiceSony => 3
MSCONFIG\Services: OpenVPNService => 3
MSCONFIG\Services: SampleCollector => 3
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\Services: SOHCImp => 3
MSCONFIG\Services: SOHDms => 3
MSCONFIG\Services: SOHDs => 3
MSCONFIG\Services: SpfService => 3
MSCONFIG\Services: ss_conn_service => 2
MSCONFIG\Services: Update service => 2
MSCONFIG\Services: VCFw => 3
MSCONFIG\Services: VcmIAlzMgr => 3
MSCONFIG\Services: VcmINSMgr => 3
MSCONFIG\Services: VcmXmlIfHelper => 3
MSCONFIG\Services: VCService => 3
MSCONFIG\Services: WbioSrvc => 3
MSCONFIG\Services: wlidsvc => 2
MSCONFIG\Services: WMPNetworkSvc => 3
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Bluetooth.lnk => C:\Windows\pss\Bluetooth.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^Smash^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^OpenOffice.org 3.4.1.lnk => C:\Windows\pss\OpenOffice.org 3.4.1.lnk.Startup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
MSCONFIG\startupreg: Akamai NetSession Interface => "C:\Users\Smash\AppData\Local\Akamai\netsession_win.exe"
MSCONFIG\startupreg: APSDaemon => "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
MSCONFIG\startupreg: BDRegion => C:\Program Files (x86)\Cyberlink\Shared files\brs.exe
MSCONFIG\startupreg: BrStsMon00 => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
MSCONFIG\startupreg: Dropbox => "C:\Program Files (x86)\Dropbox\Client\Dropbox.exe" /systemstartup
MSCONFIG\startupreg: FileHippo.com => "C:\Program Files (x86)\FileHippo.com\UpdateChecker.exe" /background
MSCONFIG\startupreg: FoneLabAppService => C:\Program Files (x86)\Aiseesoft Studio\FoneLab\AppService.exe
MSCONFIG\startupreg: Google Update => C:\Users\Smash\AppData\Local\Google\Update\1.3.32.7\GoogleUpdateCore.exe
MSCONFIG\startupreg: iTunesHelper => "C:\Program Files\iTunes\iTunesHelper.exe"
MSCONFIG\startupreg: PCTD Service Activation => "C:\Program Files (x86)\OakTree\PCTDServiceActivation\PCTDServiceActivation.exe" -checkcounter
MSCONFIG\startupreg: PMBVolumeWatcher => c:\Program Files (x86)\Sony\PMB\PMBVolumeWatcher.exe
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: Spotify Web Helper => "C:\Users\Smash\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe"
MSCONFIG\startupreg: SUPERAntiSpyware => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
MSCONFIG\startupreg: Xvid => C:\Program Files (x86)\Xvid\CheckUpdate.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

18-07-2017 17:05:43 Windows Update

==================== Faulty Device Manager Devices =============

Name: USB Camera
Description: USB Video Device
Class Guid: {6bdd1fc6-810f-11d0-bec7-08002be2092f}
Manufacturer: Microsoft
Service: usbvideo
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel® Centrino® Advanced-N + WiMAX 6250
Description: Intel® Centrino® Advanced-N + WiMAX 6250
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/19/2017 09:17:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 56920053

Error: (07/19/2017 09:17:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 56920053

Error: (07/19/2017 09:17:50 AM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/18/2017 05:05:43 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Volume Shadow Copy Service error: Unexpected error calling routine ConvertStringSidToSid(S-1-5-21-4071271752-2530744919-2841666311-1001.bak).  hr = 0x80070539, The security ID structure is invalid.
.


Operation:
   OnIdentify event
   Gathering Writer Data

Context:
   Execution Context: Shadow Copy Optimization Writer
   Writer Class Id: {4dc3bdd4-ab48-4d07-adb0-3bee2926fd7f}
   Writer Name: Shadow Copy Optimization Writer
   Writer Instance ID: {76fc957b-bdc1-4ad5-a95c-dfac34d01693}

Error: (07/18/2017 12:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 60712843

Error: (07/18/2017 12:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 60712843

Error: (07/18/2017 12:43:47 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second

Error: (07/17/2017 07:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 8112

Error: (07/17/2017 07:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 8112

Error: (07/17/2017 07:52:02 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second


System errors:
=============
Error: (07/20/2017 10:43:43 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The HomeGroup Provider service depends on the Function Discovery Provider Host service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (07/20/2017 10:25:20 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (07/20/2017 10:25:20 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server:
{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (07/20/2017 10:25:19 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server:
{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (07/20/2017 10:25:14 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server:
{DD522ACC-F821-461A-A407-50B198B896DC}

Error: (07/20/2017 10:25:04 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
avipbb
avkmgr
discache
SASDIFSV
SASKUTIL
spldr
truecrypt
Wanarpv6

Error: (07/20/2017 10:24:14 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: The Security Center service terminated with the following error:
The authentication service is unknown.

Error: (07/19/2017 08:59:45 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 8:54:41 PM on ‎7/‎19/‎2017 was unexpected.

Error: (07/19/2017 08:58:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Windows Firewall service depends on the Base Filtering Engine service which failed to start because of the following error:
The dependency service or group failed to start.

Error: (07/19/2017 08:58:16 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Base Filtering Engine service depends on the Remote Procedure Call (RPC) service which failed to start because of the following error:
The dependency service or group failed to start.


CodeIntegrity:
===================================
  Date: 2013-07-09 11:13:47.671
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 10:20:16.638
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 08:24:19.270
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-09 08:08:10.015
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 21:20:44.011
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:57:00.982
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:43:03.037
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 16:07:19.812
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 15:59:19.376
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.

  Date: 2013-07-08 15:39:20.097
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Program Files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll because the set of per-page image hashes could not be found on the system.


==================== Memory info ===========================

Processor: Intel® Core™ i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 57%
Total physical RAM: 4011.86 MB
Available physical RAM: 1696.3 MB
Total Virtual: 8021.9 MB
Available Virtual: 5081.46 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:454.75 GB) (Free:19.33 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 05776A7F)
Partition 1: (Not Active) - (Size=10.9 GB) - (Type=27)
Partition 2: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=454.7 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================
 


  • 0

#9
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

As mentioned above, I'm having trouble getting the TDSSKiller log to post because it's too long and causes an error. I'll try splitting it into three separate posts.

 

11:02:18.0669 0x05e8  TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
11:02:19.0075 0x05e8  ============================================================
11:02:19.0075 0x05e8  Current date / time: 2017/07/20 11:02:19.0075
11:02:19.0075 0x05e8  SystemInfo:
11:02:19.0075 0x05e8  
11:02:19.0075 0x05e8  OS Version: 6.1.7601 ServicePack: 1.0
11:02:19.0075 0x05e8  Product type: Workstation
11:02:19.0075 0x05e8  ComputerName: SIDEKICK
11:02:19.0075 0x05e8  UserName: Smash
11:02:19.0075 0x05e8  Windows directory: C:\Windows
11:02:19.0075 0x05e8  System windows directory: C:\Windows
11:02:19.0075 0x05e8  Running under WOW64
11:02:19.0075 0x05e8  Processor architecture: Intel x64
11:02:19.0075 0x05e8  Number of processors: 4
11:02:19.0075 0x05e8  Page size: 0x1000
11:02:19.0075 0x05e8  Boot type: Normal boot
11:02:19.0075 0x05e8  CodeIntegrityOptions = 0x00000001
11:02:19.0075 0x05e8  ============================================================
11:02:19.0075 0x05e8  KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 7601.23807, osProperties = 0x1
11:02:19.0075 0x05e8  KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 7601.23807, osProperties = 0x1
11:02:19.0075 0x05e8  BG loaded
11:02:24.0456 0x05e8  System UUID: {8FBE0A93-7378-5FD2-5D32-9C6D143A42B9}
11:02:30.0745 0x05e8  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
11:02:30.0745 0x05e8  ============================================================
11:02:30.0745 0x05e8  \Device\Harddisk0\DR0:
11:02:30.0745 0x05e8  MBR partitions:
11:02:30.0745 0x05e8  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x15D5000, BlocksNum 0x32000
11:02:30.0745 0x05e8  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1607000, BlocksNum 0x38D7E800
11:02:30.0745 0x05e8  ============================================================
11:02:30.0932 0x05e8  C: <-> \Device\Harddisk0\DR0\Partition2
11:02:30.0932 0x05e8  ============================================================
11:02:30.0932 0x05e8  Initialize success
11:02:30.0932 0x05e8  ============================================================
11:02:44.0286 0x1528  ============================================================
11:02:44.0286 0x1528  Scan started
11:02:44.0286 0x1528  Mode: Manual; SigCheck; TDLFS;
11:02:44.0286 0x1528  ============================================================
11:02:44.0286 0x1528  KSN ping started
11:02:44.0457 0x1528  KSN ping finished: true
11:02:50.0666 0x1528  ================ Scan system memory ========================
11:02:50.0666 0x1528  System memory - ok
11:02:50.0666 0x1528  ================ Scan services =============================
11:02:50.0822 0x1528  [ 98E06CAC2C508118450095E581202230, 8FC6C08487F2A481A28F1E5E500B61A21B7A0D44B342F9F887017D6FAE4F87F4 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:02:50.0947 0x1528  !SASCORE - ok
11:02:51.0836 0x1528  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:02:51.0992 0x1528  1394ohci - ok
11:02:52.0054 0x1528  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:02:52.0117 0x1528  ACDaemon - ok
11:02:52.0132 0x1528  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:02:52.0148 0x1528  ACPI - ok
11:02:52.0195 0x1528  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:02:52.0522 0x1528  AcpiPmi - ok
11:02:52.0866 0x1528  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:02:52.0881 0x1528  AdobeARMservice - ok
11:02:53.0053 0x1528  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:02:53.0084 0x1528  adp94xx - ok
11:02:53.0131 0x1528  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:02:53.0146 0x1528  adpahci - ok
11:02:53.0271 0x1528  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:02:53.0287 0x1528  adpu320 - ok
11:02:53.0302 0x1528  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:02:53.0396 0x1528  AeLookupSvc - ok
11:02:53.0458 0x1528  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD             C:\Windows\system32\drivers\afd.sys
11:02:53.0536 0x1528  AFD - ok
11:02:53.0583 0x1528  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:02:53.0599 0x1528  agp440 - ok
11:02:53.0614 0x1528  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:02:53.0661 0x1528  ALG - ok
11:02:53.0661 0x1528  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:02:53.0677 0x1528  aliide - ok
11:02:53.0880 0x1528  [ 0EE274476C3E5F05F2B79B8C63FCCCFC, 7D1861FCC975AD85D793DD6945113DA06CDD2B8F118AA61D0147FFA3315E8A48 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:02:54.0457 0x1528  AMD External Events Utility - ok
11:02:54.0550 0x1528  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:02:54.0597 0x1528  amdide - ok
11:02:54.0644 0x1528  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:02:54.0722 0x1528  AmdK8 - ok
11:02:56.0953 0x1528  [ B18018924D6ADB6E64BC39BD37D6A4D8, 6EEB593A50AD5AA9633E6F97AB2314D674C13FAA7A6D03000A5F6C074CAF7BAF ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:02:57.0358 0x1528  amdkmdag - ok
11:02:57.0390 0x1528  [ 3249B112D48D29BE86984CF4594C9755, 089712B872F92AB0614665F8B5EA869EAB4F6035164921EE0021158D457DE83F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:02:57.0452 0x1528  amdkmdap - ok
11:02:57.0468 0x1528  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:02:57.0499 0x1528  AmdPPM - ok
11:02:57.0514 0x1528  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:02:57.0530 0x1528  amdsata - ok
11:02:57.0546 0x1528  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:02:57.0577 0x1528  amdsbs - ok
11:02:57.0577 0x1528  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:02:57.0592 0x1528  amdxata - ok
11:02:57.0796 0x1528  [ A587017D8CAF0B67FCD4B589C1ABF22B, 5B8024C0BAB30C9F850D189A1D3B5B385177BD7EA54C5FE6FD8506686B2A886E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
11:02:57.0859 0x1528  AntiVirMailService - ok
11:02:57.0921 0x1528  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
11:02:57.0968 0x1528  AntiVirSchedulerService - ok
11:02:58.0046 0x1528  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
11:02:58.0077 0x1528  AntiVirService - ok
11:02:58.0171 0x1528  [ B2868F2E2057D4EA9E7EA061102D8921, 1FCB309421FC58E68E162282816ACB88A1E20C148A0B5C423FEC49123D033EA0 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
11:02:58.0264 0x1528  AntiVirWebService - ok
11:02:58.0280 0x1528  [ 9DC1A45BA81C923DB68A162B0F0D0149, 0B3EC531651B22DFC3F4EB0A19F4F5B5C094F77BFC245FBB1A1BE28DD8B6516D ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
11:02:58.0295 0x1528  ApfiltrService - ok
11:02:58.0327 0x1528  [ FD481DB6ACCAEE727E64043FB2E456F4, 2724A3D0B7F979AF5F485000F555495FA21A443159F29BC1B042C4800D7A368A ] AppID           C:\Windows\system32\drivers\appid.sys
11:02:58.0373 0x1528  AppID - ok
11:02:58.0373 0x1528  [ 89263F9C4A1BC46D350BAD1DD24EE878, B9B0FCBCF53D6739329C93350DB0DB4A0FE8C347F7922ABFEA452CF6EF33DE91 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:02:58.0389 0x1528  AppIDSvc - ok
11:02:58.0405 0x1528  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
11:02:58.0436 0x1528  Appinfo - ok
11:02:58.0483 0x1528  [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:02:58.0483 0x1528  Apple Mobile Device Service - ok
11:02:58.0514 0x1528  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:02:58.0529 0x1528  arc - ok
11:02:58.0545 0x1528  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:02:58.0561 0x1528  arcsas - ok
11:02:58.0639 0x1528  [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:02:58.0717 0x1528  aspnet_state - ok
11:02:58.0732 0x1528  [ DE6759B8D8E62BF0FFF2B05F05AFCEE6, AB153A2544BA5681D9874523EFB2CA361EFD1F74137404E24EFC33FB15FC4333 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
11:02:58.0763 0x1528  aswRvrt - ok
11:02:58.0811 0x1528  [ 7E44C2684A6CA779B9D07CB4BD3F649D, D1BBEB57A7F4B7AAAA2C4AE66D77962A89DB2DB7DAA11A8767653C02734F9977 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:02:58.0827 0x1528  aswVmm - ok
11:02:58.0827 0x1528  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:02:58.0920 0x1528  AsyncMac - ok
11:02:58.0936 0x1528  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:02:58.0952 0x1528  atapi - ok
11:02:58.0983 0x1528  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:02:59.0030 0x1528  AudioEndpointBuilder - ok
11:02:59.0061 0x1528  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:02:59.0076 0x1528  AudioSrv - ok
11:02:59.0139 0x1528  [ 6C94D74033458BC2BDF11EED4E78F027, E52134268B2CED17801EE1D7ABA713CECE4CD960AF24749B74CD84B707CB344B ] avdevprot       C:\Windows\system32\DRIVERS\avdevprot.sys
11:02:59.0154 0x1528  avdevprot - ok
11:02:59.0186 0x1528  [ 801250C350F2905E67AB007F8BE9066B, 03A43B88A166711C8C160EBE7F53E8FA7D9D16E258622CF09B0C51B9DF14E5D1 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
11:02:59.0201 0x1528  avgntflt - ok
11:02:59.0264 0x1528  [ 19F7A17EEA887F11D18055645F8D3F74, 4FF6118D02D6149B38778E86351EFDB88E52E0A66152C7ECC8D523C1EE445DA4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
11:02:59.0279 0x1528  avipbb - ok
11:02:59.0326 0x1528  [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
11:02:59.0357 0x1528  Avira.ServiceHost - ok
11:02:59.0373 0x1528  [ 3E0AB8C453FA433B15A30BAA8BD4B275, 30453E68013DF1A3CD9197F28E8591A67BFA6CA784129666A6F7DF9D2E12440B ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
11:02:59.0388 0x1528  avkmgr - ok
11:02:59.0404 0x1528  [ 19B6F9073BD606B7ABEC03A0328FDC1B, 639E6A05BB0E52CDBDF887A3FA209B32F84253D274F2A9A89E1D96F1BE4C8143 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
11:02:59.0420 0x1528  avnetflt - ok
11:02:59.0435 0x1528  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:02:59.0482 0x1528  AxInstSV - ok
11:02:59.0498 0x1528  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:02:59.0544 0x1528  b06bdrv - ok
11:02:59.0560 0x1528  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:02:59.0607 0x1528  b57nd60a - ok
11:02:59.0622 0x1528  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:02:59.0638 0x1528  BDESVC - ok
11:02:59.0638 0x1528  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:02:59.0685 0x1528  Beep - ok
11:02:59.0716 0x1528  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:02:59.0778 0x1528  BFE - ok
11:02:59.0841 0x1528  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:02:59.0981 0x1528  BITS - ok
11:02:59.0981 0x1528  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:03:00.0028 0x1528  blbdrive - ok
11:03:00.0059 0x1528  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:03:00.0075 0x1528  Bonjour Service - ok
11:03:00.0090 0x1528  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:03:00.0184 0x1528  bowser - ok
11:03:00.0215 0x1528  [ B19ABB2DC3B769EC55B3B722AA40244E, 393097F5E8E86E574C00EB1F074DC3BF328F405E26F708B2F42FAC8D9B0F0F24 ] bpenum          C:\Windows\system32\DRIVERS\bpenum.sys
11:03:00.0262 0x1528  bpenum - detected UnsignedFile.Multi.Generic ( 1 )
11:03:02.0274 0x1528  Detect skipped due to KSN trusted
11:03:02.0274 0x1528  bpenum - ok
11:03:02.0337 0x1528  [ 58792339EBA9764877406FF739CDF1EE, AD473DEC7224A420B9092666F35F09736582FC731031E480EC3EAAB5F6FE877A ] bpmp            C:\Windows\system32\DRIVERS\bpmp.sys
11:03:02.0430 0x1528  bpmp - detected UnsignedFile.Multi.Generic ( 1 )
11:03:05.0394 0x1528  Detect skipped due to KSN trusted
11:03:05.0394 0x1528  bpmp - ok
11:03:05.0613 0x1528  [ 44D822D62101E645901FE13750DBD84D, 7A20AF8BEF69E39CF77661054A5A23C5AA7DA2F9185A0ABB4F11214B3A7BE910 ] bpusb           C:\Windows\system32\Drivers\bpusb.sys
11:03:06.0018 0x1528  bpusb - detected UnsignedFile.Multi.Generic ( 1 )
11:03:06.0315 0x1528  Detect skipped due to KSN trusted
11:03:06.0315 0x1528  bpusb - ok
11:03:06.0424 0x1528  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:03:06.0674 0x1528  BrFiltLo - ok
11:03:06.0767 0x1528  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:03:06.0954 0x1528  BrFiltUp - ok
11:03:07.0001 0x1528  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:03:07.0079 0x1528  BridgeMP - ok
11:03:07.0095 0x1528  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:03:07.0126 0x1528  Browser - ok
11:03:07.0142 0x1528  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:03:07.0204 0x1528  Brserid - ok
11:03:07.0235 0x1528  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:03:07.0329 0x1528  BrSerWdm - ok
11:03:07.0344 0x1528  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:03:07.0391 0x1528  BrUsbMdm - ok
11:03:07.0422 0x1528  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:03:07.0438 0x1528  BrUsbSer - ok
11:03:07.0516 0x1528  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
11:03:07.0610 0x1528  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:03:07.0797 0x1528  Detect skipped due to KSN trusted
11:03:07.0797 0x1528  BrYNSvc - ok
11:03:07.0828 0x1528  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:03:07.0875 0x1528  BthEnum - ok
11:03:07.0922 0x1528  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:03:07.0968 0x1528  BTHMODEM - ok
11:03:08.0031 0x1528  [ 5A8951D195AFEF979C4AB02A129EBC37, 48FD4A921E51B6DD306A1248EB9A1A6AEC5F59E49528423BF2F40600B3AF1D08 ] BthPan          C:\Windows\system32\drivers\bthpan.sys
11:03:08.0078 0x1528  BthPan - ok
11:03:08.0156 0x1528  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:03:08.0202 0x1528  BTHPORT - ok
11:03:08.0234 0x1528  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:03:08.0280 0x1528  bthserv - ok
11:03:08.0312 0x1528  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:03:08.0327 0x1528  BTHUSB - ok
11:03:08.0343 0x1528  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
11:03:08.0374 0x1528  btwampfl - ok
11:03:08.0405 0x1528  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
11:03:08.0421 0x1528  btwaudio - ok
11:03:08.0452 0x1528  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
11:03:08.0468 0x1528  btwavdt - ok
11:03:08.0561 0x1528  [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:03:08.0639 0x1528  btwdins - ok
11:03:08.0686 0x1528  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
11:03:08.0686 0x1528  btwl2cap - ok
11:03:08.0702 0x1528  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
11:03:08.0717 0x1528  btwrchid - ok
11:03:08.0764 0x1528  catchme - ok
11:03:08.0795 0x1528  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:03:08.0826 0x1528  cdfs - ok
11:03:08.0842 0x1528  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
11:03:08.0858 0x1528  cdrom - ok
11:03:08.0858 0x1528  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:03:08.0889 0x1528  CertPropSvc - ok
11:03:09.0014 0x1528  [ F71B5B79DD8F2E48523065AECE0AF9C1, 15CBF59E3BFD8769AF1BDBCA13F7D53E567DF66694872B82468297708E913C8A ] cfbackd         C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe
11:03:09.0029 0x1528  cfbackd - ok
11:03:09.0045 0x1528  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:03:09.0092 0x1528  circlass - ok
11:03:09.0201 0x1528  [ E465632DC8D34C3FA7CAB4F4B4A407C1, 3180089514024C5640568117F139BDACC7CABE1C6D11B8A427FBE21F77AE6C7B ] CLFS            C:\Windows\system32\CLFS.sys
11:03:09.0232 0x1528  CLFS - ok
11:03:09.0279 0x1528  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:03:09.0279 0x1528  clr_optimization_v2.0.50727_32 - ok
11:03:09.0326 0x1528  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:03:09.0341 0x1528  clr_optimization_v2.0.50727_64 - ok
11:03:09.0372 0x1528  [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:03:09.0638 0x1528  clr_optimization_v4.0.30319_32 - ok
11:03:09.0638 0x1528  [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:03:09.0762 0x1528  clr_optimization_v4.0.30319_64 - ok
11:03:09.0778 0x1528  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:03:09.0809 0x1528  CmBatt - ok
11:03:09.0825 0x1528  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:03:09.0872 0x1528  cmdide - ok
11:03:09.0965 0x1528  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:03:10.0106 0x1528  CNG - ok
11:03:10.0121 0x1528  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:03:10.0152 0x1528  Compbatt - ok
11:03:10.0168 0x1528  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:03:10.0215 0x1528  CompositeBus - ok
11:03:10.0215 0x1528  COMSysApp - ok
11:03:10.0496 0x1528  [ 61D0FDF2D2269F13D44C23EF951AD36C, 40ED0D8787335AB929D7DB2624D0B3AC1D8DE3494E95987A4DE2ECFD13870D19 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:03:10.0620 0x1528  cphs - ok
11:03:10.0636 0x1528  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:03:10.0683 0x1528  crcdisk - ok
11:03:10.0714 0x1528  [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:03:10.0808 0x1528  CryptSvc - ok
11:03:10.0995 0x1528  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11:03:11.0057 0x1528  dbupdate - ok
11:03:11.0073 0x1528  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11:03:11.0120 0x1528  dbupdatem - ok
11:03:11.0166 0x1528  dbx - ok
11:03:11.0229 0x1528  [ F0A3CA65871C39CB5BE6475A139536DD, 4715426A4F5AAA27BBC359D8F810005613A26A31439CC4C59C98E7220308238D ] DbxSvc          C:\Windows\system32\DbxSvc.exe
11:03:11.0307 0x1528  DbxSvc - ok
11:03:11.0354 0x1528  [ 5E9F8D029D9B03110D835CBFC058068B, 038FDF99C643C8102026BA26A75899A56E91AD0C239DF71AA5443FD35C718C78 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:03:11.0432 0x1528  DcomLaunch - ok
11:03:11.0588 0x1528  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:03:11.0759 0x1528  defragsvc - ok
11:03:11.0790 0x1528  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:03:11.0962 0x1528  DfsC - ok
11:03:12.0009 0x1528  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
11:03:12.0087 0x1528  Dhcp - ok
11:03:12.0492 0x1528  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] DiagTrack       C:\Windows\system32\diagtrack.dll
11:03:12.0680 0x1528  DiagTrack - ok
11:03:13.0038 0x1528  [ 05F99DFF3A8D705F9AA6B87224F7BEB1, DDE133A44A330A07A0EB961559C840BBFC9D9E0CCA27DE0B4284C76BCAD31EDE ] DirMngr         C:\Program Files (x86)\GNU\GnuPG\dirmngr.exe
11:03:13.0163 0x1528  DirMngr - detected UnsignedFile.Multi.Generic ( 1 )
11:03:13.0382 0x1528  Detect skipped due to KSN trusted
11:03:13.0382 0x1528  DirMngr - ok
11:03:13.0397 0x1528  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
11:03:13.0506 0x1528  discache - ok
11:03:13.0538 0x1528  [ 616387BBD83372220B09DE95F4E67BBC, 5E2D5280BB775576E7CDE3FA6BDE494E183123635E5908CF7EBF1FF52966D07D ] Disk            C:\Windows\system32\drivers\disk.sys
11:03:13.0569 0x1528  Disk - ok
11:03:13.0584 0x1528  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
11:03:13.0694 0x1528  Dnscache - ok
11:03:13.0725 0x1528  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
11:03:14.0302 0x1528  dot3svc - ok
11:03:14.0458 0x1528  [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4            C:\Windows\system32\DRIVERS\Dot4.sys
11:03:14.0536 0x1528  Dot4 - ok
11:03:14.0957 0x1528  [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print       C:\Windows\system32\DRIVERS\Dot4Prt.sys
11:03:15.0035 0x1528  Dot4Print - ok
11:03:15.0300 0x1528  [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb         C:\Windows\system32\DRIVERS\dot4usb.sys
11:03:15.0363 0x1528  dot4usb - ok
11:03:15.0363 0x1528  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
11:03:15.0394 0x1528  DPS - ok
11:03:15.0488 0x1528  [ 26FE888505E5A945B0536AF9A2A27A6F, A6B16ED498BAFE300E1F0E0A241E3D62F7A1C5973EE775904ED14F33A2BC08A6 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
11:03:15.0503 0x1528  drmkaud - ok
11:03:15.0722 0x1528  [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
11:03:15.0768 0x1528  DXGKrnl - ok
11:03:15.0987 0x1528  [ 50AD8FC1DC800FF36087994C8F7FDFF2, E3DA8DCE76599E0E1F0D80AA1483D6BECFE0F7242147D986A6AF3A4362FC2C80 ] e1yexpress      C:\Windows\system32\DRIVERS\e1y60x64.sys
11:03:16.0439 0x1528  e1yexpress - ok
11:03:16.0455 0x1528  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
11:03:16.0486 0x1528  EapHost - ok
11:03:17.0157 0x1528  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
11:03:17.0594 0x1528  ebdrv - ok
11:03:17.0594 0x1528  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] EFS             C:\Windows\System32\lsass.exe
11:03:17.0687 0x1528  EFS - ok
11:03:18.0764 0x1528  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
11:03:18.0795 0x1528  elxstor - ok
11:03:18.0857 0x1528  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
11:03:18.0873 0x1528  ErrDev - ok
11:03:18.0951 0x1528  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
11:03:18.0982 0x1528  EventSystem - ok
11:03:19.0044 0x1528  [ 7E45F8B117419ABA3BB26579F6E70324, 03FE86519860153E1BE571F10ACC9BA58FFB5A661C5C3EBDF3B77973BCD96C84 ] exfat           C:\Windows\system32\drivers\exfat.sys
11:03:19.0122 0x1528  exfat - ok
11:03:19.0169 0x1528  [ 6EDFA237D25433C03F42FBFDB16BDD24, A30F89A40F7AFC475D3C2D3591FB9AFC06AE3FEBC915FDCB24ED77946FBA4E2C ] fastfat         C:\Windows\system32\drivers\fastfat.sys
11:03:19.0247 0x1528  fastfat - ok
11:03:19.0325 0x1528  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
11:03:19.0356 0x1528  Fax - ok
11:03:19.0403 0x1528  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
11:03:19.0419 0x1528  fdc - ok
11:03:19.0419 0x1528  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
11:03:19.0450 0x1528  fdPHost - ok
11:03:19.0512 0x1528  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
11:03:19.0590 0x1528  FDResPub - ok
11:03:19.0606 0x1528  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
11:03:19.0606 0x1528  FileInfo - ok
11:03:19.0622 0x1528  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
11:03:19.0653 0x1528  Filetrace - ok
11:03:19.0653 0x1528  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
11:03:19.0668 0x1528  flpydisk - ok
11:03:19.0684 0x1528  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
11:03:19.0700 0x1528  FltMgr - ok
11:03:19.0824 0x1528  [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] FontCache       C:\Windows\system32\FntCache.dll
11:03:19.0918 0x1528  FontCache - ok
11:03:19.0934 0x1528  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
11:03:19.0949 0x1528  FontCache3.0.0.0 - ok
11:03:19.0949 0x1528  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
11:03:19.0965 0x1528  FsDepends - ok
11:03:19.0965 0x1528  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
11:03:19.0980 0x1528  Fs_Rec - ok
11:03:19.0996 0x1528  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
11:03:20.0012 0x1528  fvevol - ok
11:03:20.0074 0x1528  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
11:03:20.0105 0x1528  gagp30kx - ok
11:03:20.0105 0x1528  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
11:03:20.0121 0x1528  GEARAspiWDM - ok
11:03:20.0152 0x1528  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] gpsvc           C:\Windows\System32\gpsvc.dll
11:03:20.0183 0x1528  gpsvc - ok
11:03:20.0261 0x1528  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:03:20.0292 0x1528  gupdate - ok
11:03:20.0292 0x1528  [ E1B44A75947137F4143308D566889837, EC7E883E7AF38BF3AC0AC513CFDE0186038443E9ACC7AD616EE6BD0EC09AACB9 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
11:03:20.0308 0x1528  gupdatem - ok
11:03:20.0370 0x1528  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
11:03:20.0386 0x1528  hcw85cir - ok
11:03:20.0480 0x1528  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
11:03:20.0558 0x1528  HdAudAddService - ok
11:03:20.0573 0x1528  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
11:03:20.0589 0x1528  HDAudBus - ok
11:03:20.0682 0x1528  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
11:03:21.0540 0x1528  HidBatt - ok
11:03:21.0587 0x1528  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
11:03:21.0665 0x1528  HidBth - ok
11:03:21.0696 0x1528  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
11:03:21.0759 0x1528  HidIr - ok
11:03:21.0774 0x1528  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\System32\hidserv.dll
11:03:21.0852 0x1528  hidserv - ok
11:03:21.0899 0x1528  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
11:03:21.0915 0x1528  HidUsb - ok
11:03:21.0915 0x1528  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
11:03:22.0055 0x1528  hkmsvc - ok
11:03:22.0071 0x1528  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
11:03:22.0102 0x1528  HomeGroupListener - ok
11:03:22.0102 0x1528  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
11:03:22.0133 0x1528  HomeGroupProvider - ok
11:03:22.0211 0x1528  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
11:03:22.0227 0x1528  HpSAMD - ok
11:03:22.0274 0x1528  [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
11:03:22.0570 0x1528  HTTP - ok
11:03:22.0586 0x1528  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
11:03:22.0586 0x1528  hwpolicy - ok
11:03:22.0601 0x1528  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
11:03:22.0617 0x1528  i8042prt - ok
11:03:22.0664 0x1528  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
11:03:22.0679 0x1528  iaStor - ok
11:03:22.0679 0x1528  [ 8FFF9083252C16FE3960173722605E9E, 6546FDA34B9AF94C5E86E5269BBC2F02F1E78D6D4BE5B5EC01F4B284CC934994 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
11:03:22.0695 0x1528  IAStorDataMgrSvc - ok
11:03:22.0851 0x1528  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
11:03:22.0882 0x1528  iaStorV - ok
11:03:22.0976 0x1528  [ 83FF82FE209E7997067B375DAD6CF23D, E312DD068E51DBF96A8232D7D1C9F158652FDA23649655F1102928B320795091 ] ICCS            C:\Program Files (x86)\Intel\Intel® Integrated Clock Controller Service\ICCProxy.exe
11:03:23.0007 0x1528  ICCS - ok
11:03:23.0835 0x1528  [ 3CC7B3BB1A9EA201A040883EDFAA67A0, F543A779BA8CBFD5E0B939844B9CB47A2C05A400C693635F520438C18FFDFAF1 ] IconMan_R       C:\Program Files (x86)\Realtek\Realtek PCIE Card Reader\RIconMan.exe
11:03:24.0131 0x1528  IconMan_R - ok
11:03:24.0349 0x1528  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
11:03:24.0412 0x1528  idsvc - ok
11:03:24.0537 0x1528  IEEtwCollectorService - ok
11:03:27.0751 0x1528  [ E5C11F3689D9448CCC1D782FC2C4CC46, 7E259FB3AC209778945F485C5850E8258F9E9215667836EBA5966CC6E6A24254 ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
11:03:29.0994 0x1528  igfx - ok
11:03:30.0056 0x1528  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
11:03:30.0072 0x1528  iirsp - ok
11:03:30.0181 0x1528  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
11:03:30.0337 0x1528  IKEEXT - ok
11:03:30.0728 0x1528  [ F94E2C3BA6D4B57C2E1DD03E950CBBC4, C0C4F779E1BA0A6C68937A2F6A0AEA5F49F0476A8520AC1323775536FA585A3C ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
11:03:30.0900 0x1528  IntcAzAudAddService - ok
11:03:30.0915 0x1528  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] IntcDAud        C:\Windows\system32\DRIVERS\IntcDAud.sys
11:03:30.0931 0x1528  IntcDAud - ok
11:03:31.0009 0x1528  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
11:03:31.0025 0x1528  intelide - ok
11:03:33.0739 0x1528  [ E5C11F3689D9448CCC1D782FC2C4CC46, 7E259FB3AC209778945F485C5850E8258F9E9215667836EBA5966CC6E6A24254 ] intelkmd        C:\Windows\system32\DRIVERS\igdpmd64.sys
11:03:34.0488 0x1528  intelkmd - ok
11:03:34.0535 0x1528  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
11:03:34.0566 0x1528  intelppm - ok
11:03:34.0567 0x1528  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
11:03:34.0629 0x1528  IPBusEnum - ok
11:03:34.0707 0x1528  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
11:03:34.0754 0x1528  IpFilterDriver - ok
11:03:34.0785 0x1528  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
11:03:34.0957 0x1528  iphlpsvc - ok
11:03:35.0004 0x1528  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
11:03:35.0019 0x1528  IPMIDRV - ok
11:03:35.0050 0x1528  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
11:03:35.0097 0x1528  IPNAT - ok
11:03:35.0830 0x1528  [ 8A2A79444C72D6342976724F6908495B, 11F1246457C2171BA73C9B2BB78BC88662B3DD174C0249980528911F794C6A62 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
11:03:36.0033 0x1528  iPod Service - ok
11:03:36.0049 0x1528  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
11:03:36.0127 0x1528  IRENUM - ok
11:03:36.0189 0x1528  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
11:03:36.0205 0x1528  isapnp - ok
11:03:36.0376 0x1528  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
11:03:36.0518 0x1528  iScsiPrt - ok
11:03:36.0549 0x1528  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
11:03:36.0580 0x1528  kbdclass - ok
11:03:36.0596 0x1528  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
11:03:36.0627 0x1528  kbdhid - ok
11:03:36.0658 0x1528  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] KeyIso          C:\Windows\system32\lsass.exe
11:03:36.0689 0x1528  KeyIso - ok
11:03:36.0830 0x1528  [ 5111D419808BF6B3BC5BC67C052F0286, 159348B645D6B5CBAD4410DA5B9CD0E9D551CAAD310E03D96C6902439604F97C ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
11:03:36.0892 0x1528  KSecDD - ok
11:03:36.0923 0x1528  [ 46D16E5879A3F874EEDCE243AE17EF45, EB72E1DBA5611D16A8D80BBC4F9A7921A268E5D38F20915849EB2311121757FA ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
11:03:37.0001 0x1528  KSecPkg - ok
11:03:37.0017 0x1528  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
11:03:37.0157 0x1528  ksthunk - ok
11:03:37.0267 0x1528  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
11:03:37.0485 0x1528  KtmRm - ok
11:03:38.0156 0x1528  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\System32\srvsvc.dll
11:03:38.0265 0x1528  LanmanServer - ok
11:03:38.0327 0x1528  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
11:03:38.0468 0x1528  LanmanWorkstation - ok
11:03:38.0733 0x1528  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
11:03:38.0951 0x1528  lltdio - ok
11:03:39.0139 0x1528  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
11:03:39.0326 0x1528  lltdsvc - ok
11:03:39.0373 0x1528  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
11:03:39.0544 0x1528  lmhosts - ok
11:03:39.0700 0x1528  [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
11:03:39.0809 0x1528  LMS - ok
11:03:39.0903 0x1528  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
11:03:39.0981 0x1528  LSI_FC - ok
11:03:40.0106 0x1528  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
11:03:40.0246 0x1528  LSI_SAS - ok
11:03:40.0418 0x1528  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
11:03:40.0558 0x1528  LSI_SAS2 - ok
11:03:40.0621 0x1528  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
11:03:40.0683 0x1528  LSI_SCSI - ok
11:03:40.0730 0x1528  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
11:03:41.0042 0x1528  luafv - ok
11:03:41.0198 0x1528  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
11:03:41.0245 0x1528  megasas - ok
11:03:41.0354 0x1528  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
11:03:41.0447 0x1528  MegaSR - ok
11:03:41.0463 0x1528  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64          C:\Windows\system32\DRIVERS\HECIx64.sys
11:03:41.0525 0x1528  MEIx64 - ok
11:03:41.0541 0x1528  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
11:03:41.0713 0x1528  MMCSS - ok
11:03:41.0837 0x1528  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
11:03:41.0978 0x1528  Modem - ok
11:03:42.0071 0x1528  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
11:03:42.0243 0x1528  monitor - ok
11:03:42.0274 0x1528  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
11:03:42.0305 0x1528  mouclass - ok
11:03:42.0383 0x1528  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
11:03:42.0446 0x1528  mouhid - ok
11:03:42.0524 0x1528  [ 072D8646E23ECF8A3F5F0157017B4DB6, EBFB1459ECC5AF94C94FB49CEBC724542612680F0777E24B5AA6E062C0EE5D94 ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
11:03:42.0571 0x1528  mountmgr - ok
11:03:42.0758 0x1528  [ 86C9215967686BB8A6AEE8008D914BF8, 907A156AADC880F06EB7BBBC0C57EC14A205CEE43A2AD509F6BD4040CA4F327D ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
11:03:42.0836 0x1528  MozillaMaintenance - ok
11:03:42.0898 0x1528  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
11:03:42.0945 0x1528  mpio - ok
11:03:42.0961 0x1528  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
11:03:43.0070 0x1528  mpsdrv - ok
11:03:43.0241 0x1528  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
11:03:43.0444 0x1528  MpsSvc - ok
11:03:43.0522 0x1528  [ 98DB1790F0A584E0A2528B92B052417F, 9AA04CA73AFE599810CD233B9CEC212E16D44DCEDF5C7D0181C7257F498068B5 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
11:03:43.0569 0x1528  MRxDAV - ok
11:03:43.0600 0x1528  [ EE88FE7F43A53B376142FAE2DAA50EF1, 9048C87484A87481B4F227AF628E573024FB252620C4BD1C9193225ACB9A6BE2 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
11:03:43.0663 0x1528  mrxsmb - ok
11:03:43.0725 0x1528  [ 119CE8CFC2073AE576D92A9A0E164012, 9A9FFF962E851DADAE6E0BE852F251557FF242B385659BAD99A84D4DB929FAE8 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
11:03:43.0819 0x1528  mrxsmb10 - ok
11:03:43.0850 0x1528  [ 84EE9DC885665DB9A78CC22F365E77D0, 7ADD647A8E5AF3EDA873CA1467A961CDB5CAEF12F689CF0E47C83E8BB382FF73 ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
11:03:43.0975 0x1528  mrxsmb20 - ok
11:03:43.0990 0x1528  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
11:03:45.0425 0x1528  msahci - ok
11:03:45.0503 0x1528  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
11:03:45.0566 0x1528  msdsm - ok
11:03:45.0722 0x1528  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
11:03:45.0769 0x1528  MSDTC - ok
11:03:45.0800 0x1528  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
11:03:45.0971 0x1528  Msfs - ok
11:03:45.0971 0x1528  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
11:03:46.0018 0x1528  mshidkmdf - ok
11:03:46.0034 0x1528  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
11:03:46.0034 0x1528  msisadrv - ok
11:03:46.0127 0x1528  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
11:03:46.0221 0x1528  MSiSCSI - ok
11:03:46.0221 0x1528  msiserver - ok
11:03:46.0268 0x1528  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
11:03:46.0299 0x1528  MSKSSRV - ok
11:03:46.0299 0x1528  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
11:03:46.0330 0x1528  MSPCLOCK - ok
11:03:46.0346 0x1528  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
11:03:46.0377 0x1528  MSPQM - ok
11:03:46.0502 0x1528  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
11:03:46.0658 0x1528  MsRPC - ok
11:03:46.0673 0x1528  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
11:03:46.0673 0x1528  mssmbios - ok
11:03:46.0798 0x1528  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
11:03:46.0907 0x1528  MSTEE - ok
11:03:47.0017 0x1528  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
11:03:47.0032 0x1528  MTConfig - ok
11:03:47.0048 0x1528  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
11:03:47.0063 0x1528  Mup - ok
11:03:47.0344 0x1528  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
11:03:47.0843 0x1528  napagent - ok
11:03:47.0859 0x1528  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
11:03:47.0921 0x1528  NativeWifiP - ok
11:03:48.0124 0x1528  [ F7309F42555F8AAB7144A51A1F2585B0, 065277A8AFAEE3888C997A76D2F751070F92DF4C3354D16B194860B4BDAFF937 ] NDIS            C:\Windows\system32\drivers\ndis.sys
11:03:48.0202 0x1528  NDIS - ok
11:03:48.0327 0x1528  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
11:03:48.0436 0x1528  NdisCap - ok
11:03:48.0436 0x1528  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
11:03:48.0499 0x1528  NdisTapi - ok
11:03:48.0514 0x1528  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
11:03:48.0561 0x1528  Ndisuio - ok
11:03:48.0577 0x1528  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
11:03:48.0623 0x1528  NdisWan - ok
11:03:48.0639 0x1528  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
11:03:48.0733 0x1528  NDProxy - ok
11:03:48.0795 0x1528  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
11:03:48.0795 0x1528  Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:03:48.0998 0x1528  Detect skipped due to KSN trusted
11:03:48.0998 0x1528  Net Driver HPZ12 - ok
11:03:49.0247 0x1528  [ EE00C544C025958AF50C7B199F3C8595, D774DB020D9C46D1AA0B2DB9FA2C36C4A9C38D904CC6929695321D32ACA0D4D1 ] Netaapl         C:\Windows\system32\DRIVERS\netaapl64.sys
11:03:49.0325 0x1528  Netaapl - ok
11:03:49.0372 0x1528  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
11:03:49.0497 0x1528  NetBIOS - ok
11:03:49.0544 0x1528  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
11:03:49.0622 0x1528  NetBT - ok
11:03:49.0637 0x1528  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] Netlogon        C:\Windows\system32\lsass.exe
11:03:49.0762 0x1528  Netlogon - ok
11:03:49.0809 0x1528  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
11:03:50.0012 0x1528  Netman - ok
11:03:50.0183 0x1528  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:03:50.0293 0x1528  NetMsmqActivator - ok
11:03:50.0324 0x1528  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:03:50.0402 0x1528  NetPipeActivator - ok
11:03:50.0464 0x1528  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
11:03:50.0651 0x1528  netprofm - ok
11:03:50.0714 0x1528  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:03:50.0776 0x1528  NetTcpActivator - ok
11:03:50.0807 0x1528  [ 10D5997E2F5F16FE3BC3BD1A4BF31EA8, 0DDC4855C00A581A35AB2A11D2AAACC844C460F13F524DD9B92B8F00C31173A7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
11:03:50.0885 0x1528  NetTcpPortSharing - ok
11:03:52.0570 0x1528  [ 64428DFDAF6E88366CB51F45A79C5F69, 31187D38C1AB52120A3CB7AC3CE47ED9682AC37B0F06B9A9610C0065DD4E7B13 ] netw5v64        C:\Windows\system32\DRIVERS\netw5v64.sys
11:03:53.0522 0x1528  netw5v64 - ok
11:03:55.0035 0x1528  [ 262225F08B891FD7F16B3B93A3177C1F, 40F82431C26617B40573BBB6715D13294B10CBE6B357E26D5406FA7321F4554F ] NETwNs64        C:\Windows\system32\DRIVERS\Netwsw00.sys
11:03:56.0533 0x1528  NETwNs64 - ok
11:03:56.0611 0x1528  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
11:03:56.0891 0x1528  nfrd960 - ok
11:03:56.0938 0x1528  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
11:03:57.0110 0x1528  NlaSvc - ok
11:03:57.0141 0x1528  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
11:03:57.0297 0x1528  Npfs - ok
11:03:57.0359 0x1528  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
11:03:57.0562 0x1528  nsi - ok
11:03:57.0593 0x1528  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
11:03:57.0890 0x1528  nsiproxy - ok
11:03:58.0311 0x1528  [ 7FD5A7FB8F55254E9AF5666C653AF3CA, 5EE9805BB4A952AE455D08953FF12E55879776A521B3333F2730AC552DC17C48 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
11:03:58.0623 0x1528  Ntfs - ok
11:03:58.0639 0x1528  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
11:03:58.0763 0x1528  Null - ok
11:03:58.0779 0x1528  [ 01266516E6E88D183A2B58722EEB4443, A49647084161A95DAD1B9D941C6A9AAC3B34CAA2C853D9DD65C046CEB7C6A004 ] nusb3hub        C:\Windows\system32\DRIVERS\nusb3hub.sys
11:03:58.0873 0x1528  nusb3hub - ok
11:03:58.0919 0x1528  [ 5EC04F55CC5F165F21752712437DF638, B59907C583E1FD9FA6D4747D696AB0E67A6D01969CC48E687DF6A8D51851847A ] nusb3xhc        C:\Windows\system32\DRIVERS\nusb3xhc.sys
11:03:59.0044 0x1528  nusb3xhc - ok
11:03:59.0107 0x1528  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
11:03:59.0200 0x1528  nvraid - ok
11:03:59.0278 0x1528  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
11:03:59.0356 0x1528  nvstor - ok
11:03:59.0419 0x1528  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
11:03:59.0528 0x1528  nv_agp - ok
11:03:59.0622 0x1528  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
11:03:59.0684 0x1528  ohci1394 - ok
11:03:59.0731 0x1528  [ 36D57FBAF3242472C6F30021ED96D54A, 6595ED89E44DB4D6E093B5A291AA2864F0EFBD41618076CB4BF23CE128D69182 ] OpenVPNService  C:\Program Files\OpenVPN\bin\openvpnserv.exe
11:03:59.0793 0x1528  OpenVPNService - ok
11:03:59.0856 0x1528  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
11:03:59.0996 0x1528  p2pimsvc - ok
11:04:00.0058 0x1528  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
11:04:00.0152 0x1528  p2psvc - ok
11:04:00.0183 0x1528  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
11:04:00.0277 0x1528  Parport - ok
11:04:00.0308 0x1528  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
11:04:00.0355 0x1528  partmgr - ok
11:04:00.0386 0x1528  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] PcaSvc          C:\Windows\System32\pcasvc.dll
11:04:00.0782 0x1528  PcaSvc - ok
11:04:00.0828 0x1528  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
11:04:00.0898 0x1528  pci - ok
11:04:00.0976 0x1528  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
11:04:01.0020 0x1528  pciide - ok
11:04:01.0088 0x1528  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
11:04:01.0185 0x1528  pcmcia - ok
11:04:01.0211 0x1528  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
11:04:01.0289 0x1528  pcw - ok
11:04:01.0455 0x1528  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
11:04:01.0583 0x1528  PEAUTH - ok
11:04:01.0791 0x1528  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
11:04:01.0859 0x1528  PerfHost - ok
11:04:02.0237 0x1528  [ BC5F8C5C7ACCD0B884FCB8B67616F537, 5C99E9D7E7095CED52B1F5F4A569E54F124602C573DD2B25731E0D57FDA22A27 ] pla             C:\Windows\system32\pla.dll
11:04:02.0507 0x1528  pla - ok
11:04:02.0607 0x1528  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
11:04:02.0860 0x1528  PlugPlay - ok
11:04:02.0975 0x1528  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
11:04:03.0013 0x1528  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
11:04:04.0769 0x1528  Detect skipped due to KSN trusted
11:04:04.0769 0x1528  Pml Driver HPZ12 - ok
11:04:04.0778 0x1528  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
11:04:04.0937 0x1528  PNRPAutoReg - ok
11:04:04.0955 0x1528  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
11:04:05.0103 0x1528  PNRPsvc - ok
11:04:06.0107 0x1528  [ 80D6B0563ED2BF10656B1D4748331082, B7E6B5E1148B7EE537E8D5C3A65450876B61CD45A395267D08699746E98AD574 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
11:04:06.0370 0x1528  PolicyAgent - ok
11:04:06.0413 0x1528  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
11:04:06.0568 0x1528  Power - ok
11:04:06.0593 0x1528  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
11:04:06.0727 0x1528  PptpMiniport - ok
11:04:06.0755 0x1528  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\DRIVERS\processr.sys
11:04:06.0904 0x1528  Processor - ok
11:04:06.0936 0x1528  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
11:04:07.0128 0x1528  ProfSvc - ok
11:04:07.0147 0x1528  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] ProtectedStorage C:\Windows\system32\lsass.exe
11:04:07.0186 0x1528  ProtectedStorage - ok
11:04:07.0214 0x1528  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
11:04:07.0356 0x1528  Psched - ok
11:04:08.0036 0x1528  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
11:04:08.0648 0x1528  ql2300 - ok
11:04:09.0228 0x1528  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
11:04:09.0314 0x1528  ql40xx - ok
11:04:09.0653 0x1528  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
11:04:09.0690 0x1528  QWAVE - ok
11:04:09.0700 0x1528  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
11:04:09.0771 0x1528  QWAVEdrv - ok
11:04:10.0248 0x1528  [ 10E1A5B2FD2D1B3BBF40C0256D584F1C, DE7CDCAB501DE3C19775749C72774EFCB04AABEB4DE3CC115443E2B72D5461E1 ] RapportAegle64  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys
11:04:10.0305 0x1528  RapportAegle64 - ok
11:04:12.0619 0x1528  [ 019865C529709619E2D16B0797E29C32, 5E5E9495FFCC61011C816508DF9ABC225C468163F93A761E084946BBB2DC8B72 ] RapportCerberus_1804063 C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804063.sys
11:04:12.0858 0x1528  RapportCerberus_1804063 - ok
11:04:13.0026 0x1528  [ 2EF55A892B5C7A1F8E1562458CD861B8, 757475B1E8376D5661AF4A9A6250E5C79E102F6943CB32AB33DF9E3A32712F09 ] RapportEI64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
11:04:13.0141 0x1528  RapportEI64 - ok
11:04:13.0409 0x1528  [ 5ED84F3295C8B87FEEFA672E60ED3909, FAA757EA2B6970465BE118FA1A95D986E37D7C0CA8B9B9E4F960091F57234066 ] RapportHades64  C:\Windows\system32\Drivers\RapportHades64.sys
11:04:13.0531 0x1528  RapportHades64 - ok
11:04:14.0588 0x1528  [ 0FAAA3DE22434F4C3D209990AED79A20, 73A6438FE9B2D5181CFAD243F79F020963B47C71505B8C99BF852B85B7CF7F71 ] RapportKE64     C:\Windows\system32\Drivers\RapportKE64.sys
11:04:15.0094 0x1528  RapportKE64 - ok
11:04:16.0470 0x1528  [ 940657AFAF4D8353336EE2BD0B73579C, C0DA3EE072831C736AC453BC240050BEE9142BDB370DF78117AC33B22F474A21 ] RapportMgmtService C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
11:04:16.0568 0x1528  RapportMgmtService - ok
11:04:16.0606 0x1528  [ 56F6BCC6E84732FB390BA4603CE57012, B70BB633AEDF12E8A81DA179A49043A87A5B90F7CD966966B57408143FF6B962 ] RapportPG64     C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
11:04:16.0667 0x1528  RapportPG64 - ok
11:04:16.0675 0x1528  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
11:04:16.0721 0x1528  RasAcd - ok
11:04:16.0732 0x1528  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
11:04:16.0817 0x1528  RasAgileVpn - ok
11:04:16.0863 0x1528  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
11:04:16.0974 0x1528  RasAuto - ok
11:04:17.0022 0x1528  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
11:04:17.0155 0x1528  Rasl2tp - ok
11:04:17.0356 0x1528  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
11:04:17.0530 0x1528  RasMan - ok
11:04:17.0560 0x1528  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
11:04:17.0698 0x1528  RasPppoe - ok
11:04:17.0730 0x1528  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
11:04:17.0894 0x1528  RasSstp - ok
11:04:18.0011 0x1528  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
11:04:18.0183 0x1528  rdbss - ok
11:04:18.0205 0x1528  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
11:04:18.0454 0x1528  rdpbus - ok
11:04:18.0481 0x1528  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
11:04:18.0621 0x1528  RDPCDD - ok
11:04:18.0693 0x1528  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
11:04:18.0856 0x1528  RDPENCDD - ok
11:04:18.0887 0x1528  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
11:04:19.0001 0x1528  RDPREFMP - ok
11:04:19.0453 0x1528  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
11:04:19.0570 0x1528  RdpVideoMiniport - ok
11:04:19.0610 0x1528  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
11:04:19.0667 0x1528  RDPWD - ok
11:04:19.0728 0x1528  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
11:04:19.0790 0x1528  rdyboost - ok
11:04:19.0899 0x1528  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
11:04:20.0027 0x1528  RemoteAccess - ok
11:04:20.0058 0x1528  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
11:04:20.0179 0x1528  RemoteRegistry - ok
11:04:20.0291 0x1528  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
11:04:20.0355 0x1528  RFCOMM - ok
11:04:20.0381 0x1528  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
11:04:20.0510 0x1528  RpcEptMapper - ok
11:04:20.0529 0x1528  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
11:04:20.0570 0x1528  RpcLocator - ok
11:04:20.0654 0x1528  [ 5E9F8D029D9B03110D835CBFC058068B, 038FDF99C643C8102026BA26A75899A56E91AD0C239DF71AA5443FD35C718C78 ] RpcSs           C:\Windows\System32\rpcss.dll
11:04:20.0752 0x1528  RpcSs - ok
11:04:20.0860 0x1528  [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] RSPCIESTOR      C:\Windows\system32\DRIVERS\RtsPStor.sys
11:04:20.0952 0x1528  RSPCIESTOR - ok
11:04:20.0982 0x1528  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
11:04:21.0115 0x1528  rspndr - ok
11:04:21.0494 0x1528  [ 130DD683DCC902F47A4AC35201D07E2F, A1E7082D93C170CF5855007B26F96E8F8183B15126D34A9DB16CBF190BD8EF53 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
11:04:21.0667 0x1528  RTL8167 - ok
11:04:21.0712 0x1528  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] SamSs           C:\Windows\system32\lsass.exe
11:04:21.0753 0x1528  SamSs - ok
11:04:21.0813 0x1528  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] SASDIFSV        C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
11:04:21.0848 0x1528  SASDIFSV - ok
11:04:21.0917 0x1528  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] SASKUTIL        C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
11:04:21.0947 0x1528  SASKUTIL - ok
11:04:22.0088 0x1528  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
11:04:22.0164 0x1528  sbp2port - ok
11:04:22.0213 0x1528  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
11:04:22.0377 0x1528  SCardSvr - ok
11:04:22.0402 0x1528  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
11:04:22.0531 0x1528  scfilter - ok
11:04:22.0674 0x1528  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] Schedule        C:\Windows\system32\schedsvc.dll
11:04:22.0838 0x1528  Schedule - ok
11:04:22.0890 0x1528  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
11:04:23.0117 0x1528  SCPolicySvc - ok
11:04:23.0150 0x1528  [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus           C:\Windows\system32\drivers\sdbus.sys
11:04:23.0230 0x1528  sdbus - ok
11:04:23.0282 0x1528  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
11:04:23.0357 0x1528  SDRSVC - ok
11:04:23.0451 0x1528  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
11:04:23.0562 0x1528  secdrv - ok
11:04:23.0665 0x1528  [ A19623BDD61E66A12AB53992002B4F3A, E351CEEC086084A417BA3BD0EEF46114D3147EC38E3EF8BE49B724F9D028CC56 ] seclogon        C:\Windows\system32\seclogon.dll
11:04:23.0824 0x1528  seclogon - ok
11:04:23.0938 0x1528  [ 1ED7A8574A28357097A5CB4063C96B00, 4E248CA66B7DE930AEC501A85F507AB813FC3CEBCBA347DFF3B05CE6CB8E496B ] semav6thermal64ro C:\Windows\system32\drivers\semav6thermal64ro.sys
11:04:23.0996 0x1528  semav6thermal64ro - ok
11:04:24.0033 0x1528  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\system32\sens.dll
11:04:24.0221 0x1528  SENS - ok
11:04:24.0243 0x1528  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
11:04:24.0337 0x1528  SensrSvc - ok
11:04:24.0361 0x1528  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
11:04:24.0432 0x1528  Serenum - ok
11:04:24.0536 0x1528  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
11:04:24.0612 0x1528  Serial - ok
11:04:24.0683 0x1528  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
11:04:24.0736 0x1528  sermouse - ok
11:04:24.0839 0x1528  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
11:04:25.0044 0x1528  SessionEnv - ok
11:04:25.0067 0x1528  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] SFEP            C:\Windows\system32\DRIVERS\SFEP.sys
11:04:25.0130 0x1528  SFEP - ok
11:04:25.0164 0x1528  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
11:04:25.0237 0x1528  sffdisk - ok
11:04:25.0262 0x1528  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
11:04:25.0387 0x1528  sffp_mmc - ok
11:04:25.0407 0x1528  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
11:04:25.0531 0x1528  sffp_sd - ok
11:04:25.0631 0x1528  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
11:04:25.0732 0x1528  sfloppy - ok
11:04:25.0868 0x1528  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
11:04:26.0040 0x1528  SharedAccess - ok
11:04:26.0107 0x1528  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
11:04:26.0302 0x1528  ShellHWDetection - ok
11:04:26.0362 0x1528  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
11:04:26.0437 0x1528  SiSRaid2 - ok
11:04:26.0481 0x1528  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
11:04:26.0555 0x1528  SiSRaid4 - ok
11:04:26.0738 0x1528  [ 4E6FAEE3F259DAC82213D935785991FB, ADA019AD261BBEAE78495B508B4D375BEC1005DF119F20897D29C3C613A0CA46 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
11:04:26.0862 0x1528  SkypeUpdate - ok
11:04:26.0915 0x1528  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
11:04:27.0079 0x1528  Smb - ok
11:04:27.0139 0x1528  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
11:04:27.0210 0x1528  SNMPTRAP - ok
11:04:27.0318 0x1528  [ 124AABF93F9721543E2C6B71DACBB214, 812E578EF56D3B4AA3CF4EDCD5D8692CCFC0AA836EBE18E2B6797ED7400102F0 ] SpeedupService  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
11:04:27.0370 0x1528  SpeedupService - ok
11:04:27.0407 0x1528  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
11:04:27.0447 0x1528  spldr - ok
11:04:27.0531 0x1528  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
11:04:27.0650 0x1528  Spooler - ok
11:04:28.0034 0x1528  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
11:04:28.0455 0x1528  sppsvc - ok
11:04:28.0600 0x1528  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
11:04:28.0720 0x1528  sppuinotify - ok
11:04:28.0797 0x1528  [ 546C81F238F084A393EC54114741A0A8, AA223A2A8E8503CBDB0CE6A70620B372E0591070F9FF7D8532A93B54EF7B7E51 ] srv             C:\Windows\system32\DRIVERS\srv.sys
11:04:28.0875 0x1528  srv - ok
11:04:29.0084 0x1528  [ 431D2B06E8F93EAEC53E8FA37FCFF2F1, 4CB94D250E9D2646FCE7284D4D3CED1BB02E4D79AD33A414D16EF794195868CA ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
11:04:30.0369 0x1528  srv2 - ok
11:04:30.0614 0x1528  [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA       C:\Windows\system32\DRIVERS\VSTAZL6.SYS
11:04:30.0699 0x1528  SrvHsfHDA - ok
11:04:31.0075 0x1528  [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
11:04:32.0558 0x1528  SrvHsfV92 - ok
11:04:32.0616 0x1528  [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac     C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
11:04:33.0031 0x1528  SrvHsfWinac - ok
11:04:33.0083 0x1528  [ 42EDAB3E3E8E25C7093674936C2DB4BD, B2D5E006B748F24F0FF2CEFFC3D056F3D50E8A818BDFF4231C87C022A25F44ED ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
11:04:33.0430 0x1528  srvnet - ok
11:04:33.0447 0x1528  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
11:04:33.0813 0x1528  SSDPSRV - ok
11:04:33.0997 0x1528  [ 1100066057FBF612B573EFD3B21383F1, 894F5A999E03807DFFEA67938D2E456D50D9E5511FE91D2E2293C51D98B3D87D ] ssmirrdr        C:\Windows\system32\DRIVERS\ssmirrdr.sys
11:04:34.0018 0x1528  ssmirrdr - ok
11:04:34.0028 0x1528  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
11:04:34.0090 0x1528  SstpSvc - ok
11:04:34.0351 0x1528  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
11:04:34.0395 0x1528  stexstor - ok
11:04:34.0448 0x1528  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
11:04:34.0493 0x1528  stisvc - ok
11:04:34.0500 0x1528  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\drivers\swenum.sys
11:04:34.0514 0x1528  swenum - ok
11:04:34.0668 0x1528  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
11:04:34.0713 0x1528  swprv - ok
11:04:34.0928 0x1528  [ 2E730941CC5BF6200A4F56D1E9C24AAD, 758836D55DC84F3EBE9917DC6FAB8E6170A5B238FEDBCFDB6D7C5C6EA98E08B2 ] SysMain         C:\Windows\system32\sysmain.dll
11:04:35.0069 0x1528  SysMain - ok
11:04:35.0097 0x1528  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
11:04:35.0147 0x1528  TabletInputService - ok
11:04:35.0365 0x1528  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] tap0901         C:\Windows\system32\DRIVERS\tap0901.sys
11:04:35.0403 0x1528  tap0901 - ok
11:04:35.0423 0x1528  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
11:04:35.0480 0x1528  TapiSrv - ok
11:04:35.0794 0x1528  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
11:04:36.0012 0x1528  Tcpip - ok
11:04:36.0087 0x1528  [ 7FB36A0A036ADDACE0A868E4A43C1C27, AFDCD57C49D06F31C02F37C81B67BA148CDC9B62AD62B771925D31339DDA9012 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
11:04:36.0261 0x1528  TCPIP6 - ok
11:04:36.0286 0x1528  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
11:04:36.0435 0x1528  tcpipreg - ok
11:04:36.0465 0x1528  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
11:04:36.0496 0x1528  TDPIPE - ok
11:04:36.0508 0x1528  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
11:04:36.0531 0x1528  TDTCP - ok
11:04:36.0546 0x1528  [ 028D61D9803FBEFB7426696A7840BB48, 344448F41EB93AF01FF624665C0D582C0ABB19AFDA1DA18EE5141E26407F58BE ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
11:04:36.0702 0x1528  tdx - ok
11:04:36.0716 0x1528  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\drivers\termdd.sys
11:04:36.0734 0x1528  TermDD - ok
11:04:39.0498 0x1528  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
11:04:40.0086 0x1528  TermService - ok
11:04:40.0107 0x1528  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
11:04:40.0935 0x1528  Themes - ok
11:04:40.0960 0x1528  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
11:04:41.0093 0x1528  THREADORDER - ok
11:04:41.0152 0x1528  [ 48DDEF0B921DD331536CC82C1A8FF64F, 540107E278E4C7DE4F43D37F7EA7BC094B6755399C22EE3A68574AA8A7719ACC ] TPM             C:\Windows\system32\drivers\tpm.sys
11:04:41.0200 0x1528  TPM - ok
11:04:41.0229 0x1528  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
11:04:41.0340 0x1528  TrkWks - ok
11:04:41.0374 0x1528  [ 643F853A22B405E2D5AAB5927AE32DEC, E6A62D6E99C61A0903F671C0EB692488DA1493904ED913107D50527647F505FE ] truecrypt       C:\Windows\system32\drivers\truecrypt.sys
11:04:41.0411 0x1528  truecrypt - ok
11:04:41.0433 0x1528  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
11:04:41.0469 0x1528  TrustedInstaller - ok
11:04:41.0625 0x1528  [ 19BEDA57F3E0A06B8D5EB6D619BD5624, 952D5FAFD662C93628C12A6F7EB8E240A44216C0A15CBD2F5016BC357CBFE821 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
11:04:41.0721 0x1528  tssecsrv - ok
11:04:41.0847 0x1528  [ E9981ECE8D894CEF7038FD1D040EB426, DCDDCE933CAECE8180A3447199B07F2F0413704EEC1A09606EE357901A84A7CF ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
11:04:41.0966 0x1528  TsUsbFlt - ok
11:04:41.0977 0x1528  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
11:04:42.0076 0x1528  tunnel - ok
11:04:42.0118 0x1528  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
11:04:42.0135 0x1528  uagp35 - ok
11:04:42.0268 0x1528  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
11:04:42.0307 0x1528  udfs - ok
11:04:42.0351 0x1528  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
11:04:42.0456 0x1528  UI0Detect - ok
11:04:42.0495 0x1528  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
11:04:42.0515 0x1528  uliagpkx - ok
11:04:42.0523 0x1528  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
11:04:42.0536 0x1528  umbus - ok
11:04:42.0711 0x1528  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
11:04:42.0830 0x1528  UmPass - ok
11:04:44.0188 0x1528  [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS             C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
11:04:46.0180 0x1528  UNS - ok
11:04:46.0725 0x1528  [ BD93D1A0E0A7A96BEA4585F17C9B3307, 6F895E70E5E560B4B8189A8F7EDDF59EA1D237C3D69AF7C9E55CFBD76F334827 ] Update service  C:\Program Files (x86)\Popcorn Time\Updater.exe
11:04:46.0932 0x1528  Update service - detected UnsignedFile.Multi.Generic ( 1 )
11:04:47.0169 0x1528  Detect skipped due to KSN trusted
11:04:47.0169 0x1528  Update service - ok
11:04:47.0410 0x1528  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
11:04:47.0519 0x1528  upnphost - ok
11:04:47.0651 0x1528  [ F957092C63CD71D85903CA0D8370F473, 4DEC2FC20329F248135DA24CB6694FD972DCCE8B1BBEA8D872FDE41939E96AAF ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
11:04:47.0675 0x1528  USBAAPL64 - ok
11:04:47.0694 0x1528  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
11:04:47.0710 0x1528  usbccgp - ok
11:04:47.0771 0x1528  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
11:04:48.0023 0x1528  usbcir - ok
11:04:48.0034 0x1528  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
11:04:48.0052 0x1528  usbehci - ok
11:04:48.0093 0x1528  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] usbhub          C:\Windows\system32\drivers\usbhub.sys
11:04:48.0121 0x1528  usbhub - ok
11:04:48.0224 0x1528  [ B4DF0F4C1D9D25DFE1DAD1D8670F1D4F, 4317C2DEDC639527B53864BAEC46CBE022D298C0503E29E1072DD1C851D92BFC ] usbohci         C:\Windows\system32\drivers\usbohci.sys
11:04:48.0336 0x1528  usbohci - ok
11:04:48.0396 0x1528  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
11:04:48.0545 0x1528  usbprint - ok
11:04:49.0036 0x1528  [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan         C:\Windows\system32\DRIVERS\usbscan.sys
11:04:49.0134 0x1528  usbscan - ok
11:04:49.0289 0x1528  [ D029DD09E22EB24318A8FC3D8138BA43, C95805E8BF75ECB939520AE86420B16467B0771C161C51C9F1A37649ADFADCD0 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
11:04:49.0395 0x1528  USBSTOR - ok
11:04:49.0431 0x1528  [ CFEAAF96E666E3DCBD8F6DFF516784AE, 006218A3DB5851790CC0A7F3DCD7B3AF82F624DA679296DE507AFD36C5468317 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
11:04:49.0447 0x1528  usbuhci - ok
11:04:49.0525 0x1528  [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\Windows\system32\Drivers\usbvideo.sys
11:04:49.0624 0x1528  usbvideo - ok
11:04:49.0634 0x1528  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
11:04:49.0724 0x1528  UxSms - ok
11:04:49.0740 0x1528  [ 2C9732B39F81395CC9FE40F181CD3433, AEC8D7B2E8E96CEA2F7A9D01F909520FF95C1C95D34632D7D5BB7C64C22E738B ] VAIO Event Service C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
11:04:49.0753 0x1528  VAIO Event Service - ok
11:04:49.0842 0x1528  [ C994F2B3B45C9987049CA511EE1F2768, 9429D3BB66A272A27C9C3BCDA1A9EAFE7BF781BCAF49148C9D9085E8D6403489 ] VAIO Power Management C:\Program Files\Sony\VAIO Power Management\SPMService.exe
11:04:49.0881 0x1528  VAIO Power Management - ok
11:04:49.0890 0x1528  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] VaultSvc        C:\Windows\system32\lsass.exe
11:04:49.0902 0x1528  VaultSvc - ok
11:04:49.0910 0x1528  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
11:04:49.0922 0x1528  vdrvroot - ok
11:04:50.0045 0x1528  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
11:04:50.0194 0x1528  vds - ok
11:04:50.0212 0x1528  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
11:04:50.0235 0x1528  vga - ok
11:04:50.0249 0x1528  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
11:04:50.0302 0x1528  VgaSave - ok
11:04:50.0400 0x1528  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
11:04:50.0414 0x1528  vhdmp - ok
11:04:50.0464 0x1528  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
11:04:50.0480 0x1528  viaide - ok
11:04:50.0490 0x1528  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
11:04:50.0507 0x1528  volmgr - ok
11:04:50.0563 0x1528  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
11:04:50.0589 0x1528  volmgrx - ok
11:04:50.0618 0x1528  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
11:04:50.0638 0x1528  volsnap - ok
11:04:50.0724 0x1528  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
11:04:50.0747 0x1528  vsmraid - ok
11:04:50.0814 0x1528  [ 028E420B12654492D25625688055108C, 04DFBBB8170FD63E25F9C78622F1F487A9F2C3AF7A3E9C5E42C53674BF2B60E6 ] VSNService      C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
11:04:50.0859 0x1528  VSNService - ok
11:04:51.0115 0x1528  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
11:04:51.0194 0x1528  VSS - ok
11:04:51.0364 0x1528  [ C1FAE2E81955DCCD79034A23EC4F3F37, 61B6477C6068B5542D3EE9C6336FBD7589F1CFFD3E850473A539619033533286 ] VUAgent         C:\Program Files\Sony\VAIO Update\vuagent.exe
11:04:51.0419 0x1528  VUAgent - ok
11:04:51.0455 0x1528  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
11:04:51.0507 0x1528  vwifibus - ok
11:04:51.0518 0x1528  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
11:04:51.0565 0x1528  vwififlt - ok
11:04:51.0579 0x1528  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
11:04:51.0605 0x1528  vwifimp - ok
11:04:51.0740 0x1528  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
11:04:51.0789 0x1528  W32Time - ok
11:04:51.0956 0x1528  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
11:04:52.0016 0x1528  WacomPen - ok
11:04:52.0027 0x1528  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
11:04:52.0098 0x1528  WANARP - ok
11:04:52.0127 0x1528  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
11:04:52.0371 0x1528  Wanarpv6 - ok
11:04:52.0605 0x1528  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
11:04:52.0740 0x1528  WatAdminSvc - ok
11:04:52.0927 0x1528  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
11:04:53.0176 0x1528  wbengine - ok
11:04:53.0243 0x1528  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
11:04:53.0322 0x1528  WbioSrvc - ok
11:04:53.0397 0x1528  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
11:04:53.0498 0x1528  wcncsvc - ok
11:04:53.0546 0x1528  [ BC00873272B3771CCDA38336AF2B4D4B, 3E412DEC5F172B4C5FD5C227CD790EE56B90A00A8B538704E8F973D230BE2289 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
11:04:53.0641 0x1528  WcsPlugInService - ok
11:04:53.0686 0x1528  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\DRIVERS\wd.sys
11:04:53.0732 0x1528  Wd - ok
11:04:54.0137 0x1528  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
11:04:54.0278 0x1528  Wdf01000 - ok
11:04:54.0310 0x1528  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
11:04:54.0430 0x1528  WdiServiceHost - ok
11:04:54.0452 0x1528  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
11:04:54.0506 0x1528  WdiSystemHost - ok
11:04:54.0541 0x1528  [ 63CE387483E74A0BD79EE4E5EBA1FD2E, BD5DA884D7F0C478B49D15A3902B41302434A0D290B9AF07D74C664C2C562705 ] wdkmd           C:\Windows\system32\DRIVERS\WDKMD.sys
11:04:54.0585 0x1528  wdkmd - ok
11:04:54.0694 0x1528  [ EE841B6D1F2B9508D3ABAE52AC05A94F, F1AE981FCDBFC4672A4EABABD41382E93762EFC2EDAD96E75530E7ACA5AF1FD8 ] WebClient       C:\Windows\System32\webclnt.dll
11:04:54.0803 0x1528  WebClient - ok
11:04:54.0867 0x1528  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
11:04:55.0014 0x1528  Wecsvc - ok
11:04:55.0047 0x1528  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
11:04:55.0180 0x1528  wercplsupport - ok
11:04:55.0215 0x1528  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
11:04:55.0358 0x1528  WerSvc - ok
11:04:55.0411 0x1528  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
11:04:55.0519 0x1528  WfpLwf - ok
11:04:55.0609 0x1528  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
11:04:55.0642 0x1528  WIMMount - ok
11:04:55.0660 0x1528  WinDefend - ok
11:04:55.0718 0x1528  WinHttpAutoProxySvc - ok
11:04:55.0857 0x1528  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
11:04:56.0002 0x1528  Winmgmt - ok
11:04:56.0387 0x1528  [ EBDA1B0F15CB9B2CBCC6C94824E4E054, C51314F7D611E4903DA00EFA8EB99365414436324D256083CE0B5A8E055E8E06 ] WinRM           C:\Windows\system32\WsmSvc.dll
11:04:56.0668 0x1528  WinRM - ok
11:04:56.0781 0x1528  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
11:04:56.0838 0x1528  WinUsb - ok
11:04:56.0978 0x1528  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
11:04:57.0133 0x1528  Wlansvc - ok
11:04:57.0476 0x1528  [ 357CABBF155AFD1D3926E62539D2A3A7, C43CFF84E7D930B4999DC061AB0766B57AAD7540B3E6EE54605B10ECE90825F5 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
11:04:57.0804 0x1528  wlidsvc - ok
11:04:57.0915 0x1528  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
11:04:57.0969 0x1528  WmiAcpi - ok
11:04:58.0045 0x1528  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
11:04:58.0193 0x1528  wmiApSrv - ok
11:04:58.0254 0x1528  WMPNetworkSvc - ok
11:04:58.0291 0x1528  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
11:04:58.0412 0x1528  WPCSvc - ok
11:04:58.0443 0x1528  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
11:04:58.0613 0x1528  WPDBusEnum - ok
11:04:58.0650 0x1528  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
11:04:58.0766 0x1528  ws2ifsl - ok
11:04:58.0797 0x1528  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\system32\wscsvc.dll
11:04:58.0861 0x1528  wscsvc - ok
11:04:58.0882 0x1528  [ 8D918B1DB190A4D9B1753A66FA8C96E8, DB7D2714DC04D2D6999A207D7399A5647C8653E5A1AD80856A65C5B6065AEDFE ] WSDPrintDevice  C:\Windows\system32\DRIVERS\WSDPrint.sys
11:04:58.0950 0x1528  WSDPrintDevice - ok
11:04:59.0048 0x1528  [ 4A2A5C50DD1A63577D3ACA94269FBC7F, F75C1906D431CF871AD954218DF32A0F206E45FF49332DEF9F13C0A36A407047 ] WSDScan         C:\Windows\system32\DRIVERS\WSDScan.sys
11:04:59.0118 0x1528  WSDScan - ok
11:04:59.0142 0x1528  WSearch - ok
11:04:59.0539 0x1528  [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] wuauserv        C:\Windows\system32\wuaueng.dll
11:04:59.0877 0x1528  wuauserv - ok
11:04:59.0930 0x1528  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
11:05:00.0015 0x1528  WudfPf - ok
11:05:00.0061 0x1528  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
11:05:00.0170 0x1528  WUDFRd - ok
11:05:00.0203 0x1528  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
11:05:00.0275 0x1528  wudfsvc - ok
11:05:00.0451 0x1528  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
11:05:00.0583 0x1528  WwanSvc - ok
11:05:00.0828 0x1528  ================ Scan global ===============================
11:05:00.0983 0x1528  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\system32\basesrv.dll
11:05:01.0024 0x1528  [ 825C29BE302D5A4697EF19A2FFC53486, DEE04A0BCCFEC5F126C5FBF91D23790628AE79FAF4B61D7960F1592D0B432613 ] C:\Windows\system32\winsrv.dll
11:05:01.0077 0x1528  [ 825C29BE302D5A4697EF19A2FFC53486, DEE04A0BCCFEC5F126C5FBF91D23790628AE79FAF4B61D7960F1592D0B432613 ] C:\Windows\system32\winsrv.dll
11:05:01.0117 0x1528  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
11:05:01.0173 0x1528  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
11:05:01.0207 0x1528  [ Global ] - ok
11:05:01.0208 0x1528  ================ Scan MBR ==================================
11:05:01.0336 0x1528  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
11:05:02.0249 0x1528  \Device\Harddisk0\DR0 - ok
11:05:02.0250 0x1528  ================ Scan VBR ==================================
11:05:02.0256 0x1528  [ 7268ECBF6B8A730B808361E59A8BA80C ] \Device\Harddisk0\DR0\Partition1
11:05:02.0263 0x1528  \Device\Harddisk0\DR0\Partition1 - ok
11:05:02.0270 0x1528  [ 8664F3B5653EEA629668C6B2AF2CE1B8 ] \Device\Harddisk0\DR0\Partition2
11:05:02.0274 0x1528  \Device\Harddisk0\DR0\Partition2 - ok
11:05:02.0275 0x1528  ================ Scan active images ========================
11:05:02.0280 0x1528  [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
11:05:02.0280 0x1528  C:\Windows\System32\drivers\crashdmp.sys - ok
11:05:02.0290 0x1528  [ D7921D5A870B11CC1ADAB198A519D50A, 5DF99EB5D5504E9D9EB21658E8B4A58DEE2AD143A1875DB7F9B7BF4877FCB57F ] C:\Windows\System32\drivers\iaStor.sys
11:05:02.0290 0x1528  C:\Windows\System32\drivers\iaStor.sys - ok
11:05:02.0299 0x1528  [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
11:05:02.0299 0x1528  C:\Windows\System32\drivers\dumpfve.sys - ok
11:05:02.0306 0x1528  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
11:05:02.0306 0x1528  C:\Windows\System32\drivers\cdrom.sys - ok
11:05:02.0317 0x1528  [ 019865C529709619E2D16B0797E29C32, 5E5E9495FFCC61011C816508DF9ABC225C468163F93A761E084946BBB2DC8B72 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804063.sys
11:05:02.0317 0x1528  C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus64_1804063.sys - ok
11:05:02.0327 0x1528  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
11:05:02.0327 0x1528  C:\Windows\System32\drivers\null.sys - ok
11:05:02.0338 0x1528  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
11:05:02.0338 0x1528  C:\Windows\System32\drivers\beep.sys - ok
11:05:02.0351 0x1528  [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
11:05:02.0351 0x1528  C:\Windows\System32\drivers\videoprt.sys - ok
11:05:02.0366 0x1528  [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
11:05:02.0366 0x1528  C:\Windows\System32\drivers\watchdog.sys - ok
11:05:02.0380 0x1528  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
11:05:02.0380 0x1528  C:\Windows\System32\drivers\RDPCDD.sys - ok
11:05:02.0395 0x1528  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
11:05:02.0395 0x1528  C:\Windows\System32\drivers\RDPENCDD.sys - ok
11:05:02.0409 0x1528  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
11:05:02.0409 0x1528  C:\Windows\System32\drivers\vga.sys - ok
11:05:02.0422 0x1528  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
11:05:02.0422 0x1528  C:\Windows\System32\drivers\msfs.sys - ok
11:05:02.0434 0x1528  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
11:05:02.0434 0x1528  C:\Windows\System32\drivers\npfs.sys - ok
11:05:02.0444 0x1528  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
11:05:02.0444 0x1528  C:\Windows\System32\drivers\RDPREFMP.sys - ok
11:05:02.0455 0x1528  [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
11:05:02.0455 0x1528  C:\Windows\System32\drivers\tdi.sys - ok
11:05:02.0464 0x1528  [ 028D61D9803FBEFB7426696A7840BB48, 344448F41EB93AF01FF624665C0D582C0ABB19AFDA1DA18EE5141E26407F58BE ] C:\Windows\System32\drivers\tdx.sys
11:05:02.0464 0x1528  C:\Windows\System32\drivers\tdx.sys - ok
11:05:02.0476 0x1528  [ E47D571FEC2C76E867935109AB2A770C, F349D25890B6F476B106FD75BFB081DB737CA9B224D95E44927942FFF2DF82CD ] C:\Windows\System32\drivers\netbt.sys
11:05:02.0477 0x1528  C:\Windows\System32\drivers\netbt.sys - ok
11:05:02.0486 0x1528  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] C:\Windows\System32\drivers\afd.sys
11:05:02.0486 0x1528  C:\Windows\System32\drivers\afd.sys - ok
11:05:02.0497 0x1528  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
11:05:02.0497 0x1528  C:\Windows\System32\drivers\wfplwf.sys - ok
11:05:02.0512 0x1528  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys
11:05:02.0512 0x1528  C:\Windows\System32\drivers\ws2ifsl.sys - ok
11:05:02.0523 0x1528  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
11:05:02.0523 0x1528  C:\Windows\System32\drivers\pacer.sys - ok
11:05:02.0534 0x1528  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
11:05:02.0534 0x1528  C:\Windows\System32\drivers\netbios.sys - ok
11:05:02.0543 0x1528  [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
11:05:02.0543 0x1528  C:\Windows\System32\drivers\vwififlt.sys - ok
11:05:02.0554 0x1528  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
11:05:02.0554 0x1528  C:\Windows\System32\drivers\wanarp.sys - ok
11:05:02.0561 0x1528  [ 643F853A22B405E2D5AAB5927AE32DEC, E6A62D6E99C61A0903F671C0EB692488DA1493904ED913107D50527647F505FE ] C:\Windows\System32\drivers\truecrypt.sys
11:05:02.0562 0x1528  C:\Windows\System32\drivers\truecrypt.sys - ok
11:05:02.0580 0x1528  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
11:05:02.0580 0x1528  C:\Windows\System32\drivers\termdd.sys - ok
11:05:02.0590 0x1528  [ 3289766038DB2CB14D07DC84392138D5, A7790B787690CC1A8B97E4532090C5295350A836A9474DEA74CEB3E81CF26124 ] C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys
11:05:02.0590 0x1528  C:\Program Files\SUPERAntiSpyware\sasdifsv64.sys - ok
11:05:02.0600 0x1528  [ 58A38E75F3316A83C23DF6173D41F2B5, B0A8CDA1D164B7534FB41AB80792861384709BF0F914F44553275CF20194F1A1 ] C:\Program Files\SUPERAntiSpyware\saskutil64.sys
11:05:02.0600 0x1528  C:\Program Files\SUPERAntiSpyware\saskutil64.sys - ok
11:05:02.0609 0x1528  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
11:05:02.0609 0x1528  C:\Windows\System32\drivers\rdbss.sys - ok
11:05:02.0619 0x1528  [ 2EF55A892B5C7A1F8E1562458CD861B8, 757475B1E8376D5661AF4A9A6250E5C79E102F6943CB32AB33DF9E3A32712F09 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys
11:05:02.0619 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportEI64.sys - ok
11:05:02.0629 0x1528  [ 10E1A5B2FD2D1B3BBF40C0256D584F1C, DE7CDCAB501DE3C19775749C72774EFCB04AABEB4DE3CC115443E2B72D5461E1 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys
11:05:02.0629 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportAegle64.sys - ok
11:05:02.0639 0x1528  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
11:05:02.0639 0x1528  C:\Windows\System32\drivers\discache.sys - ok
11:05:02.0648 0x1528  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
11:05:02.0648 0x1528  C:\Windows\System32\drivers\mssmbios.sys - ok
11:05:02.0657 0x1528  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
11:05:02.0657 0x1528  C:\Windows\System32\drivers\nsiproxy.sys - ok
11:05:02.0667 0x1528  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] C:\Windows\System32\drivers\dfsc.sys
11:05:02.0667 0x1528  C:\Windows\System32\drivers\dfsc.sys - ok
11:05:02.0676 0x1528  [ 3E0AB8C453FA433B15A30BAA8BD4B275, 30453E68013DF1A3CD9197F28E8591A67BFA6CA784129666A6F7DF9D2E12440B ] C:\Windows\System32\drivers\avkmgr.sys
11:05:02.0676 0x1528  C:\Windows\System32\drivers\avkmgr.sys - ok
11:05:02.0685 0x1528  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
11:05:02.0685 0x1528  C:\Windows\System32\drivers\blbdrive.sys - ok
11:05:02.0694 0x1528  [ 19F7A17EEA887F11D18055645F8D3F74, 4FF6118D02D6149B38778E86351EFDB88E52E0A66152C7ECC8D523C1EE445DA4 ] C:\Windows\System32\drivers\avipbb.sys
11:05:02.0695 0x1528  C:\Windows\System32\drivers\avipbb.sys - ok
11:05:02.0706 0x1528  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
11:05:02.0706 0x1528  C:\Windows\System32\drivers\tunnel.sys - ok
11:05:02.0711 0x1528  [ 3249B112D48D29BE86984CF4594C9755, 089712B872F92AB0614665F8B5EA869EAB4F6035164921EE0021158D457DE83F ] C:\Windows\System32\drivers\atikmpag.sys
11:05:02.0711 0x1528  C:\Windows\System32\drivers\atikmpag.sys - ok
11:05:02.0715 0x1528  [ E91646940A9395CBA3A165CC2CB4CCE2, 6A0257BA8EE123100826DDD282C74978D3C00EBF5C2B07C981C332554E112666 ] C:\Windows\System32\smss.exe
11:05:02.0715 0x1528  C:\Windows\System32\smss.exe - ok
11:05:02.0720 0x1528  [ 77BA8B92862C5D2749509C96260B31D3, 5AF98558D9603D0171001587D46C9DEE3C3A8D7476E28AD5D3E8339D574A76A5 ] C:\Windows\System32\ntdll.dll
11:05:02.0720 0x1528  C:\Windows\System32\ntdll.dll - ok
11:05:02.0723 0x1528  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
11:05:02.0723 0x1528  C:\Windows\System32\autochk.exe - ok
11:05:02.0726 0x1528  [ B18018924D6ADB6E64BC39BD37D6A4D8, 6EEB593A50AD5AA9633E6F97AB2314D674C13FAA7A6D03000A5F6C074CAF7BAF ] C:\Windows\System32\drivers\atikmdag.sys
11:05:02.0726 0x1528  C:\Windows\System32\drivers\atikmdag.sys - ok
11:05:02.0729 0x1528  [ 60D5C8C8682D04B845207B5C2CB78208, F9A9EA2F50A843836D3629C46AE18A97C6CD231239310F35564697ED76115084 ] C:\Windows\System32\rpcrt4.dll
11:05:02.0729 0x1528  C:\Windows\System32\rpcrt4.dll - ok
11:05:02.0733 0x1528  [ BE1E6CB629B8CB98ADDD38B0B36AA360, 3948222D8A939B125F65C69E4D963AFB047B3F9F76042444B70EA806841D19E3 ] C:\Windows\System32\kernel32.dll
11:05:02.0733 0x1528  C:\Windows\System32\kernel32.dll - ok
11:05:02.0736 0x1528  [ E3AF5026D27D53C2CC98A0C57C2F49AB, 8F782B3D691926B35D9C31D172B38D727D3ECA7C3AFCB751041A0ECE6F3EECF6 ] C:\Windows\System32\urlmon.dll
11:05:02.0736 0x1528  C:\Windows\System32\urlmon.dll - ok
11:05:02.0739 0x1528  [ A15B2949219541629C2D43F4545BCB33, 35A7FCA3F2280A2FC767B0D7145AD5CDA115DC758D1044D2D6EC3B2D1CB8EF4A ] C:\Windows\System32\wininet.dll
11:05:02.0739 0x1528  C:\Windows\System32\wininet.dll - ok
11:05:02.0742 0x1528  [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
11:05:02.0742 0x1528  C:\Windows\System32\msvcrt.dll - ok
11:05:02.0745 0x1528  [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
11:05:02.0745 0x1528  C:\Windows\System32\normaliz.dll - ok
11:05:02.0749 0x1528  [ 73859D072F8F34BB195877423771FCBF, 6273A29505D455659E4140C5192291765351AE3B5C4F2B729148EDB68C2CA456 ] C:\Windows\System32\gdi32.dll
11:05:02.0749 0x1528  C:\Windows\System32\gdi32.dll - ok
11:05:02.0752 0x1528  [ 6ED4CA9C4C50C3AD9CF30D3BA431EEEE, 079360E0C1234730F508A658F1AA99C892839F81A03EB5A74901C0041367C256 ] C:\Windows\System32\shell32.dll
11:05:02.0752 0x1528  C:\Windows\System32\shell32.dll - ok
11:05:02.0755 0x1528  [ E5C11F3689D9448CCC1D782FC2C4CC46, 7E259FB3AC209778945F485C5850E8258F9E9215667836EBA5966CC6E6A24254 ] C:\Windows\System32\drivers\igdpmd64.sys
11:05:02.0755 0x1528  C:\Windows\System32\drivers\igdpmd64.sys - ok
11:05:02.0758 0x1528  [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
11:05:02.0758 0x1528  C:\Windows\System32\imagehlp.dll - ok
11:05:02.0761 0x1528  [ F37631025EF7DD40C6BCB6F18F6055D3, 604A15B8C406F2DB30666428127E0A8AE78D63B388693AFD6C40C0ACC1BE7082 ] C:\Windows\System32\lpk.dll
11:05:02.0762 0x1528  C:\Windows\System32\lpk.dll - ok
11:05:02.0765 0x1528  [ 2BD854856DF675F355871E572B4010A5, C1900FFCFD876A7A07F2AB10699E4D8ECEF58A952CF95906AFE5BCA6D42D5DB0 ] C:\Windows\System32\iertutil.dll
11:05:02.0765 0x1528  C:\Windows\System32\iertutil.dll - ok
11:05:02.0768 0x1528  [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
11:05:02.0768 0x1528  C:\Windows\System32\difxapi.dll - ok
11:05:02.0772 0x1528  [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
11:05:02.0772 0x1528  C:\Windows\System32\comdlg32.dll - ok
11:05:02.0775 0x1528  [ 4F90A7A0FCBC0ED18E573917860062FF, D0CAA6A1335824C4D6416D7077B143FBF8C7E5AEE0A338BC345C27A10C3F519C ] C:\Windows\System32\sechost.dll
11:05:02.0775 0x1528  C:\Windows\System32\sechost.dll - ok
11:05:02.0778 0x1528  [ 27BACCB4856BEC0DD4A794531BB13AAA, BF3BF2A8C338EAF29C1E5B999BB21970BC9935CC9CD7F94E0E80A3DF577D0E5C ] C:\Windows\System32\msctf.dll
11:05:02.0778 0x1528  C:\Windows\System32\msctf.dll - ok
11:05:02.0782 0x1528  [ 5CEF80AE869336376F550ECAE91E424A, 49152AC35556A5629AE7A4A762FDB2112FAD1C9CDB91E6196172809F74A3149A ] C:\Windows\System32\drivers\dxgkrnl.sys
11:05:02.0782 0x1528  C:\Windows\System32\drivers\dxgkrnl.sys - ok
11:05:02.0785 0x1528  [ 1792FCF97D2420514F9102C18B015B29, 6829D00401F0D510FDEA01EF6D06C8A6C43E6D0822CE4837CA4FD21E46E7E0DA ] C:\Windows\System32\drivers\dxgmms1.sys
11:05:02.0785 0x1528  C:\Windows\System32\drivers\dxgmms1.sys - ok
11:05:02.0788 0x1528  [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] C:\Windows\System32\drivers\HECIx64.sys
11:05:02.0789 0x1528  C:\Windows\System32\drivers\HECIx64.sys - ok
11:05:02.0792 0x1528  [ 2AF6175FF16989C39F8A9A1B9C88CC6E, F26160AC585F00328AD5DBC15D2C730B2A5621D098EB5397A5743425B44EDAE9 ] C:\Windows\System32\usp10.dll
11:05:02.0792 0x1528  C:\Windows\System32\usp10.dll - ok
11:05:02.0795 0x1528  [ 43F6BED028FA27D3F3CE852EDBBE0F81, 72085A3B9F8B3C47E7848A5C7EA069CE57E5C12812D3615ACE289FC55A6DAA04 ] C:\Windows\System32\drivers\usbport.sys
11:05:02.0795 0x1528  C:\Windows\System32\drivers\usbport.sys - ok
11:05:02.0798 0x1528  [ B626F048318DAE65A3317F0592BE592C, 284D8FFE1D35F852EFDA182A72288AC3A10D6ED825FE2CC5812497D3FE291AF1 ] C:\Windows\System32\drivers\usbehci.sys
11:05:02.0798 0x1528  C:\Windows\System32\drivers\usbehci.sys - ok
11:05:02.0802 0x1528  [ EEA5B578920744F717964B4D9F35F15B, 3FF4AB07555CFC336F43FA9D915EE7D8E1C4FB6472AE4BE6123A216CC71D2AE7 ] C:\Windows\System32\Wldap32.dll
11:05:02.0802 0x1528  C:\Windows\System32\Wldap32.dll - ok
11:05:02.0805 0x1528  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
11:05:02.0805 0x1528  C:\Windows\System32\drivers\hdaudbus.sys - ok
11:05:02.0809 0x1528  [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
11:05:02.0809 0x1528  C:\Windows\System32\nsi.dll - ok
11:05:02.0811 0x1528  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
11:05:02.0811 0x1528  C:\Windows\System32\psapi.dll - ok
11:05:02.0814 0x1528  [ FBE1086227040618A569C27F74A12F3D, 1631C78ED9C35EB62FC66ECBB536B251329134A866A783875AEE7D85C7DD0E02 ] C:\Windows\System32\ws2_32.dll
11:05:02.0814 0x1528  C:\Windows\System32\ws2_32.dll - ok
11:05:02.0818 0x1528  [ 34BA256FBF83457F9D5E51A56DB54542, 935D99FF23F559ACBA51971AC342D2EE12B1D3E9F698F9E6ACED614A2F4C287B ] C:\Windows\System32\user32.dll
11:05:02.0818 0x1528  C:\Windows\System32\user32.dll - ok
11:05:02.0821 0x1528  [ 54446D31BC63E51B1C45565BFD9C03B7, D5D554E17C55DDE486F6D6A827412D08AF9293E245196192736CD6703A9ED7DB ] C:\Windows\System32\ole32.dll
11:05:02.0821 0x1528  C:\Windows\System32\ole32.dll - ok
11:05:02.0825 0x1528  [ 7FC5FABD622CE66D6415038132F29A4D, D5B609D0393F24B6CDDE73B6226349C4110BBC9B6521BC91A4F967C5EB2EC20B ] C:\Windows\System32\advapi32.dll
11:05:02.0825 0x1528  C:\Windows\System32\advapi32.dll - ok
11:05:02.0829 0x1528  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
11:05:02.0829 0x1528  C:\Windows\System32\imm32.dll - ok
11:05:02.0832 0x1528  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
11:05:02.0832 0x1528  C:\Windows\System32\setupapi.dll - ok
11:05:02.0835 0x1528  [ 262225F08B891FD7F16B3B93A3177C1F, 40F82431C26617B40573BBB6715D13294B10CBE6B357E26D5406FA7321F4554F ] C:\Windows\System32\drivers\Netwsw00.sys
11:05:02.0836 0x1528  C:\Windows\System32\drivers\Netwsw00.sys - ok
11:05:02.0840 0x1528  [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
11:05:02.0840 0x1528  C:\Windows\System32\shlwapi.dll - ok
11:05:02.0844 0x1528  [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
11:05:02.0844 0x1528  C:\Windows\System32\clbcatq.dll - ok
11:05:02.0849 0x1528  [ 1F7BDC85BF2A1723815F4228467E7F97, 082AE4223DCB0747324294C44B68B32ADFD2524110DF9802804609932F4A1AC1 ] C:\Windows\System32\oleaut32.dll
11:05:02.0849 0x1528  C:\Windows\System32\oleaut32.dll - ok
11:05:02.0854 0x1528  [ 51F89CE2D0FEC66070354504E6C4C3E4, 565CC85156C39FB89762757EF6A935FC42DB2599A5E49643447D30C8B9371133 ] C:\Windows\System32\comctl32.dll
11:05:02.0854 0x1528  C:\Windows\System32\comctl32.dll - ok
11:05:02.0858 0x1528  [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
11:05:02.0859 0x1528  C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
11:05:02.0864 0x1528  [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
11:05:02.0864 0x1528  C:\Windows\System32\userenv.dll - ok
11:05:02.0868 0x1528  [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
11:05:02.0868 0x1528  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
11:05:02.0873 0x1528  [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
11:05:02.0873 0x1528  C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
11:05:02.0878 0x1528  [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
11:05:02.0878 0x1528  C:\Windows\System32\cfgmgr32.dll - ok
11:05:02.0884 0x1528  [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
11:05:02.0884 0x1528  C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
11:05:02.0889 0x1528  [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
11:05:02.0889 0x1528  C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
11:05:02.0894 0x1528  [ 9BD7B79E00A02EA420170EE752D37A80, 0BEC2197DFA1A0227A854454061894B04DE0017880E52BA18594B16B26C7C8C8 ] C:\Windows\System32\wintrust.dll
11:05:02.0894 0x1528  C:\Windows\System32\wintrust.dll - ok
11:05:02.0899 0x1528  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
11:05:02.0899 0x1528  C:\Windows\System32\devobj.dll - ok
11:05:02.0902 0x1528  [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
11:05:02.0902 0x1528  C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
11:05:02.0906 0x1528  [ 84FF66AE12FF94E126D309896839A8A9, 72D584C247C772B2E06336CB8BBA27CCEC56AC45AD27B2247E5A4E1145B88DB1 ] C:\Windows\System32\crypt32.dll
11:05:02.0906 0x1528  C:\Windows\System32\crypt32.dll - ok
11:05:02.0909 0x1528  [ 5B858C8A969E3D4EB7993963266D4226, 8BC7D1315499FD7363CCC9EB1175189BE9CEF6D9FB525DD0C64BC3C45CC709F0 ] C:\Windows\System32\KernelBase.dll
11:05:02.0909 0x1528  C:\Windows\System32\KernelBase.dll - ok
11:05:02.0913 0x1528  [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
11:05:02.0913 0x1528  C:\Windows\System32\msasn1.dll - ok
11:05:02.0916 0x1528  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
11:05:02.0916 0x1528  C:\Windows\System32\profapi.dll - ok
11:05:02.0920 0x1528  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
11:05:02.0920 0x1528  C:\Windows\SysWOW64\normaliz.dll - ok
11:05:02.0923 0x1528  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
11:05:02.0923 0x1528  C:\Windows\System32\drivers\vwifibus.sys - ok
11:05:02.0927 0x1528  [ EBBFA2B4E317AF86E93FEC4C04D7A9B3, 29480CCA0ACAB2D53D664042A0D7713247EDEBBBD4734783348669EFDE579CA9 ] C:\Windows\System32\drivers\RtsPStor.sys
11:05:02.0927 0x1528  C:\Windows\System32\drivers\RtsPStor.sys - ok
11:05:02.0930 0x1528  [ 5EC04F55CC5F165F21752712437DF638, B59907C583E1FD9FA6D4747D696AB0E67A6D01969CC48E687DF6A8D51851847A ] C:\Windows\System32\drivers\nusb3xhc.sys
11:05:02.0930 0x1528  C:\Windows\System32\drivers\nusb3xhc.sys - ok
11:05:02.0934 0x1528  [ 614A71B78C6807D95A30A89B5A69669A, 0D612B2D857F0C2B1492D1DB4C4C1F2A8A58EBDAAFCEE72E4FBD1824BDC1A669 ] C:\Windows\System32\drivers\usbd.sys
11:05:02.0934 0x1528  C:\Windows\System32\drivers\usbd.sys - ok
11:05:02.0937 0x1528  [ 130DD683DCC902F47A4AC35201D07E2F, A1E7082D93C170CF5855007B26F96E8F8183B15126D34A9DB16CBF190BD8EF53 ] C:\Windows\System32\drivers\Rt64win7.sys
11:05:02.0937 0x1528  C:\Windows\System32\drivers\Rt64win7.sys - ok
11:05:02.0941 0x1528  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
11:05:02.0941 0x1528  C:\Windows\System32\drivers\CmBatt.sys - ok
11:05:02.0944 0x1528  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
11:05:02.0944 0x1528  C:\Windows\System32\drivers\i8042prt.sys - ok
11:05:02.0948 0x1528  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
11:05:02.0948 0x1528  C:\Windows\System32\drivers\kbdclass.sys - ok
11:05:02.0951 0x1528  [ 9DC1A45BA81C923DB68A162B0F0D0149, 0B3EC531651B22DFC3F4EB0A19F4F5B5C094F77BFC245FBB1A1BE28DD8B6516D ] C:\Windows\System32\drivers\Apfiltr.sys
11:05:02.0952 0x1528  C:\Windows\System32\drivers\Apfiltr.sys - ok
11:05:02.0955 0x1528  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
11:05:02.0955 0x1528  C:\Windows\System32\drivers\mouclass.sys - ok
11:05:02.0958 0x1528  [ 286D3889E6AB5589646FF8A63CB928AE, 98D9D34521328F4F0B0B7C2CAB97BA0EC998B9F3F996B5ED08E17292F1CD9452 ] C:\Windows\System32\drivers\SFEP.sys
11:05:02.0959 0x1528  C:\Windows\System32\drivers\SFEP.sys - ok
11:05:02.0962 0x1528  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
11:05:02.0962 0x1528  C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
11:05:02.0966 0x1528  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
11:05:02.0966 0x1528  C:\Windows\System32\drivers\intelppm.sys - ok
11:05:02.0969 0x1528  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
11:05:02.0969 0x1528  C:\Windows\System32\drivers\CompositeBus.sys - ok
11:05:02.0973 0x1528  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
11:05:02.0973 0x1528  C:\Windows\System32\drivers\agilevpn.sys - ok
11:05:02.0976 0x1528  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
11:05:02.0976 0x1528  C:\Windows\System32\drivers\rasl2tp.sys - ok
11:05:02.0980 0x1528  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
11:05:02.0980 0x1528  C:\Windows\System32\drivers\ndistapi.sys - ok
11:05:02.0984 0x1528  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
11:05:02.0984 0x1528  C:\Windows\System32\drivers\ndiswan.sys - ok
11:05:02.0987 0x1528  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
11:05:02.0987 0x1528  C:\Windows\System32\drivers\raspppoe.sys - ok
11:05:02.0991 0x1528  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
11:05:02.0991 0x1528  C:\Windows\System32\drivers\raspptp.sys - ok
11:05:02.0994 0x1528  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
11:05:02.0994 0x1528  C:\Windows\System32\drivers\rassstp.sys - ok
11:05:02.0998 0x1528  [ 134B275751051C5D03F9ACCDC4F8CAAB, D50F96485AF6F26EA9A5A3A2ADEACC2DFD3B2ABCDAB88195B75CC72EAC543BE2 ] C:\Windows\System32\drivers\tap0901.sys
11:05:02.0998 0x1528  C:\Windows\System32\drivers\tap0901.sys - ok
11:05:03.0001 0x1528  [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
11:05:03.0001 0x1528  C:\Windows\System32\drivers\ks.sys - ok
11:05:03.0005 0x1528  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
11:05:03.0005 0x1528  C:\Windows\System32\drivers\swenum.sys - ok
11:05:03.0009 0x1528  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
11:05:03.0009 0x1528  C:\Windows\System32\drivers\umbus.sys - ok
11:05:03.0014 0x1528  [ 390109E8E05BA00375DCB1ED64DC60AF, B8628502590B423BEFB6F7C8C69FAD0667AD0746FF6B444EE02016E8E1052B78 ] C:\Windows\System32\drivers\usbhub.sys
11:05:03.0014 0x1528  C:\Windows\System32\drivers\usbhub.sys - ok
11:05:03.0019 0x1528  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
11:05:03.0019 0x1528  C:\Windows\System32\drivers\ndproxy.sys - ok
11:05:03.0024 0x1528  [ C51B07394A087DA666A410DBFD26663A, 962656610FB78A0392518AF282FD3AE96BD4B0BB438DE23E1B6890DA52B60362 ] C:\Windows\System32\drivers\drmk.sys
11:05:03.0024 0x1528  C:\Windows\System32\drivers\drmk.sys - ok
11:05:03.0028 0x1528  [ 647599CAE8CA0EF2FB09C4B150BC97FF, E29DB684530746214D845777982CE9B156E8DB2056F8B66DCF7241B351D9BB4C ] C:\Windows\System32\drivers\portcls.sys
11:05:03.0028 0x1528  C:\Windows\System32\drivers\portcls.sys - ok
11:05:03.0033 0x1528  [ F94E2C3BA6D4B57C2E1DD03E950CBBC4, C0C4F779E1BA0A6C68937A2F6A0AEA5F49F0476A8520AC1323775536FA585A3C ] C:\Windows\System32\drivers\RTKVHD64.sys
11:05:03.0033 0x1528  C:\Windows\System32\drivers\RTKVHD64.sys - ok
11:05:03.0037 0x1528  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
11:05:03.0037 0x1528  C:\Windows\System32\drivers\ksthunk.sys - ok
11:05:03.0042 0x1528  [ F5495B38BFB9149925F54F65AB40EFBF, 7CBB72C41E2343DACBFB967A39CA04788561EDECB289C41BC2D6A06B80882AC4 ] C:\Windows\System32\drivers\IntcDAud.sys
11:05:03.0042 0x1528  C:\Windows\System32\drivers\IntcDAud.sys - ok
11:05:03.0047 0x1528  [ 01266516E6E88D183A2B58722EEB4443, A49647084161A95DAD1B9D941C6A9AAC3B34CAA2C853D9DD65C046CEB7C6A004 ] C:\Windows\System32\drivers\nusb3hub.sys
11:05:03.0047 0x1528  C:\Windows\System32\drivers\nusb3hub.sys - ok
11:05:03.0051 0x1528  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
11:05:03.0051 0x1528  C:\Windows\System32\drivers\dxapi.sys - ok
11:05:03.0055 0x1528  [ 53DF3A0D289BF4B9377C0DB4E430AC3D, F0FA4206DBE3B79E86D53401192D0AC1C3BB3822D0B85407314977C27B4A74F9 ] C:\Windows\System32\win32k.sys
11:05:03.0055 0x1528  C:\Windows\System32\win32k.sys - ok
11:05:03.0060 0x1528  [ DC954F025CC631958E389C1D1AB35BAE, F49EB4D8E39F5B4E2555DC216BB19F86D1B01B04D5A64E761E4BC5ECCA38229C ] C:\Windows\System32\csrsrv.dll
11:05:03.0060 0x1528  C:\Windows\System32\csrsrv.dll - ok
11:05:03.0062 0x1528  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
11:05:03.0062 0x1528  C:\Windows\System32\csrss.exe - ok
11:05:03.0067 0x1528  [ 168EA9CD9BD6056BB6F60B57D5304BBE, 5A2F98754F042A7D80E7483842967EB362F01D57CE9720B24C7EDAA047F24C6F ] C:\Windows\System32\basesrv.dll
11:05:03.0067 0x1528  C:\Windows\System32\basesrv.dll - ok
11:05:03.0071 0x1528  [ 825C29BE302D5A4697EF19A2FFC53486, DEE04A0BCCFEC5F126C5FBF91D23790628AE79FAF4B61D7960F1592D0B432613 ] C:\Windows\System32\winsrv.dll
11:05:03.0071 0x1528  C:\Windows\System32\winsrv.dll - ok
11:05:03.0075 0x1528  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
11:05:03.0075 0x1528  C:\Windows\System32\drivers\monitor.sys - ok
11:05:03.0080 0x1528  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
11:05:03.0080 0x1528  C:\Windows\System32\tsddd.dll - ok
11:05:03.0084 0x1528  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
11:05:03.0084 0x1528  C:\Windows\System32\sxssrv.dll - ok
11:05:03.0087 0x1528  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
11:05:03.0088 0x1528  C:\Windows\System32\wininit.exe - ok
11:05:03.0091 0x1528  [ 62379E30C5842B0751E84D99881A5C31, D70E39C64F46AC5A1065034AB55B60B375A149FC721CFBF6B6AAF17AC6080EE3 ] C:\Windows\System32\cdd.dll
11:05:03.0091 0x1528  C:\Windows\System32\cdd.dll - ok
11:05:03.0094 0x1528  [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
11:05:03.0094 0x1528  C:\Windows\System32\RpcRtRemote.dll - ok
11:05:03.0098 0x1528  [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
11:05:03.0098 0x1528  C:\Windows\System32\KBDUS.DLL - ok
11:05:03.0102 0x1528  [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
11:05:03.0102 0x1528  C:\Windows\System32\sxs.dll - ok
11:05:03.0106 0x1528  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
11:05:03.0106 0x1528  C:\Windows\System32\WlS0WndH.dll - ok
11:05:03.0111 0x1528  [ B3549C23D15C80CF501B1C7609DDEDA5, 4A7D57FD538D38D6CAE437F95E9D02ECF7A24F465D500B78C340332AA2C9D988 ] C:\Windows\System32\cryptbase.dll
11:05:03.0111 0x1528  C:\Windows\System32\cryptbase.dll - ok
11:05:03.0116 0x1528  [ 07EAEA9D3E09340E64918EED526A5FFE, A1AFD2FD6DA5968F6D83733C98D301C82BA33988D28EBFCF2F50EB3B40EF5611 ] C:\Windows\System32\apphelp.dll
11:05:03.0116 0x1528  C:\Windows\System32\apphelp.dll - ok
11:05:03.0120 0x1528  [ 79B5DEC7098CF4A66CAB4DBE8E6485F0, B9156B9D5C827D5DD0A9D516E8F73F45F270B1106401803C9DCC5F56A684F3D5 ] C:\Windows\System32\lsass.exe
11:05:03.0120 0x1528  C:\Windows\System32\lsass.exe - ok
11:05:03.0124 0x1528  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\System32\services.exe
11:05:03.0124 0x1528  C:\Windows\System32\services.exe - ok
11:05:03.0127 0x1528  [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
11:05:03.0128 0x1528  C:\Windows\System32\lsm.exe - ok
11:05:03.0131 0x1528  [ F531825C5A48CC70B47689A330F5B76A, FADC69633BF69D59D724E5607ED31637953239EE917EF317BDBF0B3247D7E68F ] C:\Windows\System32\sspisrv.dll
11:05:03.0131 0x1528  C:\Windows\System32\sspisrv.dll - ok
11:05:03.0136 0x1528  [ EEB563761B3ECF2AC9453CD34195214D, 909D56659AD80316992C1D1C2EBB6CDAE7C5F19176E19523A128D0274FB7055E ] C:\Windows\System32\lsasrv.dll
11:05:03.0136 0x1528  C:\Windows\System32\lsasrv.dll - ok
11:05:03.0139 0x1528  [ 56968047A3187C334C9A00A67844C5E9, 8367530F26089B1EC8C7BA036111D09B6B1501F38133CD09DFA4A175F38A2106 ] C:\Windows\System32\sspicli.dll
11:05:03.0140 0x1528  C:\Windows\System32\sspicli.dll - ok
11:05:03.0144 0x1528  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
11:05:03.0144 0x1528  C:\Windows\System32\scext.dll - ok
11:05:03.0149 0x1528  [ 38E9B042F3BA252A43ED9E1FE8053ABC, 90DF80236D094223334FEC022CBF7FA30B967DC56D9B32E753257071F2F4AA76 ] C:\Windows\System32\secur32.dll
11:05:03.0149 0x1528  C:\Windows\System32\secur32.dll - ok
11:05:03.0153 0x1528  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
11:05:03.0153 0x1528  C:\Windows\System32\sysntfy.dll - ok
11:05:03.0157 0x1528  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
11:05:03.0157 0x1528  C:\Windows\System32\wmsgapi.dll - ok
11:05:03.0162 0x1528  [ FE72C89986E1BA32AD926A820491F23F, 610A51FB6934A33EA15B1C00EB77B39A21B877BE30D424280DFAC47F3BF3365B ] C:\Windows\System32\scesrv.dll
11:05:03.0162 0x1528  C:\Windows\System32\scesrv.dll - ok
11:05:03.0167 0x1528  [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
11:05:03.0167 0x1528  C:\Windows\System32\srvcli.dll - ok
11:05:03.0172 0x1528  [ 1BB87BFFCB8F38C3F05A76031585B64E, A0E911760D73570F76CCF84CA656A355002E74F35E2742E1D715AAF99A0EE298 ] C:\Windows\System32\samsrv.dll
11:05:03.0172 0x1528  C:\Windows\System32\samsrv.dll - ok
11:05:03.0177 0x1528  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
11:05:03.0177 0x1528  C:\Windows\System32\cryptdll.dll - ok
11:05:03.0182 0x1528  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
11:05:03.0182 0x1528  C:\Windows\System32\wevtapi.dll - ok
11:05:03.0186 0x1528  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
11:05:03.0186 0x1528  C:\Windows\System32\authz.dll - ok
11:05:03.0189 0x1528  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
11:05:03.0189 0x1528  C:\Windows\System32\cngaudit.dll - ok
11:05:03.0193 0x1528  [ 12C950F062B6426CCCA1742211AE84B1, 08138B086E136D3C13B6594B4F4D106C9A72CDF7B2E7A32FEDFA61FC6E5A4F3C ] C:\Windows\System32\ncrypt.dll
11:05:03.0193 0x1528  C:\Windows\System32\ncrypt.dll - ok
11:05:03.0196 0x1528  [ BADA0CEB1581787D7D8E35B707433C8C, 9B4F9620ABCC22149C009B22C98CBED765681F07EF2F4740069769095DA7E0E5 ] C:\Windows\System32\bcrypt.dll
11:05:03.0196 0x1528  C:\Windows\System32\bcrypt.dll - ok
11:05:03.0200 0x1528  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
11:05:03.0200 0x1528  C:\Windows\System32\msprivs.dll - ok
11:05:03.0205 0x1528  [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
11:05:03.0205 0x1528  C:\Windows\System32\netjoin.dll - ok
11:05:03.0209 0x1528  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
11:05:03.0209 0x1528  C:\Windows\System32\negoexts.dll - ok
11:05:03.0214 0x1528  [ 7879925BE14509DFB81F172FEBDC228E, A9FE897AB09687D5C40A5251BB14090DA03229E50E4CAD8CF694D45F85755987 ] C:\Windows\System32\kerberos.dll
11:05:03.0214 0x1528  C:\Windows\System32\kerberos.dll - ok
11:05:03.0218 0x1528  [ 8CEBD9D0A0A879CDE9F36F4383B7CAEA, 7AA73B8E7D4D700C164D0410DCF84EA1CCCB0F7DD513E47A2EF0DAE5F16CAE45 ] C:\Windows\System32\winlogon.exe
11:05:03.0218 0x1528  C:\Windows\System32\winlogon.exe - ok
11:05:03.0222 0x1528  [ C23B6D9D16FD86F446BE607CA18389D9, 331FA37B5A059FE85C5D1368A42293A7BAE2581F3F1F15B48364644136066C14 ] C:\Windows\System32\winsta.dll
11:05:03.0222 0x1528  C:\Windows\System32\winsta.dll - ok
11:05:03.0227 0x1528  [ E75C0FEF3E9DF899A58657C2D1115DB7, 806FE8342388EA3EAA86905DFCB84F328F058240AE2AA091E7DB84B7A2495406 ] C:\Windows\System32\cryptsp.dll
11:05:03.0227 0x1528  C:\Windows\System32\cryptsp.dll - ok
11:05:03.0231 0x1528  [ BBFA2BDEC57B5C619BE15CA17E9F722D, D798A56047BCF3F3233FA4B076BDBCA985455E3720FB8765FE0F2C20E966C026 ] C:\Windows\System32\atmfd.dll
11:05:03.0231 0x1528  C:\Windows\System32\atmfd.dll - ok
11:05:03.0236 0x1528  [ 963D7FA2110EB9E03AB0D200E6AE2614, 5FE5AE6EFB5D47EF867A6E4F635EF707122FF3A5B34C7CDFE8F019D321B9971D ] C:\Windows\System32\mswsock.dll
11:05:03.0236 0x1528  C:\Windows\System32\mswsock.dll - ok
11:05:03.0240 0x1528  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
11:05:03.0240 0x1528  C:\Windows\System32\version.dll - ok
11:05:03.0245 0x1528  [ A75854C2D39517A2295FA1DFBC5DACDB, 69A6600C44592CBA5B9D8953C1A8515CE47FE01EA39940230D376700D0BE7FAD ] C:\Windows\System32\msv1_0.dll
11:05:03.0245 0x1528  C:\Windows\System32\msv1_0.dll - ok
11:05:03.0249 0x1528  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
11:05:03.0249 0x1528  C:\Windows\System32\wship6.dll - ok
11:05:03.0252 0x1528  [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
11:05:03.0252 0x1528  C:\Windows\System32\netlogon.dll - ok
11:05:03.0257 0x1528  [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
11:05:03.0257 0x1528  C:\Windows\System32\dnsapi.dll - ok
11:05:03.0262 0x1528  [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
11:05:03.0262 0x1528  C:\Windows\System32\logoncli.dll - ok
11:05:03.0266 0x1528  [ D96EF09E05972F78C85B2EE37B841A5A, 0ACEEE4AB344B04F011DE36A0DBE4094BB9173BE1F4CF6AE537ADD64A4125BA5 ] C:\Windows\System32\schannel.dll
11:05:03.0267 0x1528  C:\Windows\System32\schannel.dll - ok
11:05:03.0270 0x1528  [ 73971D7540DC1BB3881B0F92B0E651EB, 3B93649BE2D18AAAEF46F11FB9894EF79241615A56645DC722D26CC1CD6704FA ] C:\Windows\System32\wdigest.dll
11:05:03.0271 0x1528  C:\Windows\System32\wdigest.dll - ok
11:05:03.0275 0x1528  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
11:05:03.0275 0x1528  C:\Windows\System32\rsaenh.dll - ok
11:05:03.0278 0x1528  [ 3B734617C5C3B1FD7DC59A89D11AD2C9, 047C44B7155257A26B4A14125280328265689ECB00DB27CB92BCB3307E2A39F8 ] C:\Windows\System32\TSpkg.dll
11:05:03.0279 0x1528  C:\Windows\System32\TSpkg.dll - ok
11:05:03.0282 0x1528  [ 1306E6A1BF4D506CD687DF9F947270F2, 3ED566F618D90BCCB3C76BA976911536FFC5631F7A6A91BF322628F8AAE498B4 ] C:\Windows\System32\pku2u.dll
11:05:03.0282 0x1528  C:\Windows\System32\pku2u.dll - ok
11:05:03.0286 0x1528  [ 94AA2DFFF94DF789AAA0081333A6CADA, 07A3F01F06D27D1582642A165533649B83895304928AFE3DAC09924FBE22F7B3 ] C:\Windows\System32\LIVESSP.DLL
11:05:03.0286 0x1528  C:\Windows\System32\LIVESSP.DLL - ok
11:05:03.0291 0x1528  [ CDA14CCE4D7495BB2FC4D7D664C4FD93, 715977E616E206724F91660EF5BD0C4F2C6D66E3891F03C28A864419102CE5B6 ] C:\Windows\System32\bcryptprimitives.dll
11:05:03.0291 0x1528  C:\Windows\System32\bcryptprimitives.dll - ok
11:05:03.0296 0x1528  [ 39FEE6DD0172ECA6E382A657D981A796, 125F9317FCFE5B1092359A0E33903E44B4D412DF6C9630A64F6E0C2F9DECDD2A ] C:\Windows\System32\credssp.dll
11:05:03.0296 0x1528  C:\Windows\System32\credssp.dll - ok
11:05:03.0300 0x1528  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
11:05:03.0300 0x1528  C:\Windows\System32\efslsaext.dll - ok
11:05:03.0305 0x1528  [ 1FB81632476857E8451DDA8A456EF3CE, 29D672F0D642D601FD0AC0BB406423AE71039556A882122BBEE3F4F6F61F3C89 ] C:\Windows\System32\ubpm.dll
11:05:03.0305 0x1528  C:\Windows\System32\ubpm.dll - ok
11:05:03.0309 0x1528  [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
11:05:03.0309 0x1528  C:\Windows\System32\scecli.dll - ok
11:05:03.0313 0x1528  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
11:05:03.0313 0x1528  C:\Windows\System32\svchost.exe - ok
11:05:03.0317 0x1528  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
11:05:03.0317 0x1528  C:\Windows\System32\umpnpmgr.dll - ok
11:05:03.0322 0x1528  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
11:05:03.0322 0x1528  C:\Windows\System32\devrtl.dll - ok
11:05:03.0327 0x1528  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
11:05:03.0327 0x1528  C:\Windows\System32\SPInf.dll - ok
11:05:03.0331 0x1528  [ B0759657CB9718C2CA21A7C239C93676, 82EBEB5DDD3D2E8D8877B5645868DF8E2F0B07E6CE943D36CEF05205905AE835 ] C:\Windows\System32\gpapi.dll
11:05:03.0331 0x1528  C:\Windows\System32\gpapi.dll - ok
11:05:03.0336 0x1528  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
11:05:03.0336 0x1528  C:\Windows\System32\pcwum.dll - ok
11:05:03.0341 0x1528  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
11:05:03.0341 0x1528  C:\Windows\System32\umpo.dll - ok
11:05:03.0345 0x1528  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
11:05:03.0345 0x1528  C:\Windows\System32\powrprof.dll - ok
11:05:03.0348 0x1528  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
11:05:03.0348 0x1528  C:\Windows\System32\drivers\luafv.sys - ok
11:05:03.0352 0x1528  [ 801250C350F2905E67AB007F8BE9066B, 03A43B88A166711C8C160EBE7F53E8FA7D9D16E258622CF09B0C51B9DF14E5D1 ] C:\Windows\System32\drivers\avgntflt.sys
11:05:03.0352 0x1528  C:\Windows\System32\drivers\avgntflt.sys - ok
11:05:03.0357 0x1528  [ 5E9F8D029D9B03110D835CBFC058068B, 038FDF99C643C8102026BA26A75899A56E91AD0C239DF71AA5443FD35C718C78 ] C:\Windows\System32\rpcss.dll
11:05:03.0357 0x1528  C:\Windows\System32\rpcss.dll - ok
11:05:03.0362 0x1528  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
11:05:03.0362 0x1528  C:\Windows\System32\RpcEpMap.dll - ok
11:05:03.0367 0x1528  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
11:05:03.0367 0x1528  C:\Windows\System32\wshqos.dll - ok
11:05:03.0371 0x1528  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
11:05:03.0371 0x1528  C:\Windows\System32\WSHTCPIP.DLL - ok
11:05:03.0376 0x1528  [ 7CBB1D4D13DC62D7F529D87151FD3CD3, DA75C5E64777F6ACE6F77A72D3362A40F8BE59DF3E6BC83550A81D9E20730401 ] C:\Program Files\Windows Defender\MpSvc.dll
11:05:03.0376 0x1528  C:\Program Files\Windows Defender\MpSvc.dll - ok
11:05:03.0381 0x1528  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
11:05:03.0381 0x1528  C:\Windows\System32\FirewallAPI.dll - ok
11:05:03.0386 0x1528  [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
11:05:03.0386 0x1528  C:\Windows\System32\LogonUI.exe - ok
11:05:03.0391 0x1528  [ C44560F142B85256707D688EEA23AC61, 1B52631B1998E9A0C7B3F5533D4DED5E0D72AE51C35CA5CE199E60ABF0079CEA ] C:\Windows\System32\authui.dll
11:05:03.0391 0x1528  C:\Windows\System32\authui.dll - ok
11:05:03.0395 0x1528  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
11:05:03.0395 0x1528  C:\Windows\System32\wtsapi32.dll - ok
11:05:03.0400 0x1528  [ 662BA98309818AF2C17D4E48BF4021C4, 57B3FFAECE3DF5E22B6764A95D2B8523AA02CCCB4BD0779025C11D02EEBF4B1E ] C:\Program Files\Windows Defender\MpClient.dll
11:05:03.0400 0x1528  C:\Program Files\Windows Defender\MpClient.dll - ok
11:05:03.0404 0x1528  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
11:05:03.0404 0x1528  C:\Windows\System32\sfc.dll - ok
11:05:03.0408 0x1528  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
11:05:03.0408 0x1528  C:\Windows\System32\sfc_os.dll - ok
11:05:03.0412 0x1528  [ 3B5411975BE627B9A705F76B82E0DA87, 321164575BB1751D7099A24CFD6C03C144BF54467E30F717212827B0DE20C6CC ] C:\Windows\System32\cryptui.dll
11:05:03.0412 0x1528  C:\Windows\System32\cryptui.dll - ok
11:05:03.0415 0x1528  [ 940657AFAF4D8353336EE2BD0B73579C, C0DA3EE072831C736AC453BC240050BEE9142BDB370DF78117AC33B22F474A21 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe
11:05:03.0415 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportMgmtService.exe - ok
11:05:03.0419 0x1528  [ 271DC9A33422D9A85E3790A0AF0A91EF, DFF1B06D2F095AE766C1C67E8DF97268C8D194FC39B23F1A8BB963EACB0BFE1F ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll
11:05:03.0419 0x1528  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_fa3b1e3d17594757\comctl32.dll - ok
11:05:03.0423 0x1528  [ CC5B58DC5C72997FAB82B4EE883DA443, A8E4FC60EE0C35F4A971300EA4D07A01EA5DBA702D655F0AC51996BA5B20B050 ] C:\Windows\SysWOW64\ntdll.dll
11:05:03.0423 0x1528  C:\Windows\SysWOW64\ntdll.dll - ok
11:05:03.0426 0x1528  [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
11:05:03.0426 0x1528  C:\Windows\System32\shacct.dll - ok
11:05:03.0429 0x1528  [ 8BC6CAA37159AE5F3BECD8FB96EC30F4, D1E9A67772108FFF9083E31ED8CE8A8805AD43465AD4A21B93BC86045212C813 ] C:\Windows\System32\samlib.dll
11:05:03.0430 0x1528  C:\Windows\System32\samlib.dll - ok
11:05:03.0433 0x1528  [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
11:05:03.0433 0x1528  C:\Windows\System32\propsys.dll - ok
11:05:03.0437 0x1528  [ 0B9D551BD9D8C99A7AEC21F07B4C3E9B, 1763D51526E3F63C1881ED53D8100E01C3BEF785C940B462712C481899454665 ] C:\Windows\System32\wow64.dll
11:05:03.0437 0x1528  C:\Windows\System32\wow64.dll - ok
11:05:03.0441 0x1528  [ B2D67E8F7BEC78FC611D2B77410C634A, 085EDD662F7146428F02159B1326237A74C469A2DDD5D422AF89203CF9A0AE41 ] C:\Windows\System32\wow64win.dll
11:05:03.0441 0x1528  C:\Windows\System32\wow64win.dll - ok
11:05:03.0446 0x1528  [ 219B3C920555C860666D6FD6A094DCFC, 51E6B3C9EA373A00E65A3BF62E2EC56BE359526D5C41C043283DCE38624C6C00 ] C:\Windows\System32\wow64cpu.dll
11:05:03.0446 0x1528  C:\Windows\System32\wow64cpu.dll - ok
11:05:03.0451 0x1528  [ CA19CD229D6DA8F7A6CFDEEDEEEEE4D5, 16D8DC8499FB9EC78C88FAE587BDC9E831F733B336BD59E8FF54CAA4DC59BC87 ] C:\Windows\SysWOW64\kernel32.dll
11:05:03.0451 0x1528  C:\Windows\SysWOW64\kernel32.dll - ok
11:05:03.0455 0x1528  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
11:05:03.0455 0x1528  C:\Windows\System32\uxtheme.dll - ok
11:05:03.0460 0x1528  [ 3922E1F0F23F972ED4BDEEB3B0CF7E8D, 5B193DF7F3CE660877288E790E24B474278A0BAABF8C8F218E28ABBA9306C89C ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23807_none_14556b8e8b95d1fc\GdiPlus.dll
11:05:03.0460 0x1528  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23807_none_14556b8e8b95d1fc\GdiPlus.dll - ok
11:05:03.0465 0x1528  [ 6A537E2F554259AAF5EF31356FA812BF, C5E8E866CD1E3122AD5B0962CB342C237769DD8BC4526CB77479CCF61693EA7E ] C:\Windows\SysWOW64\KernelBase.dll
11:05:03.0465 0x1528  C:\Windows\SysWOW64\KernelBase.dll - ok
11:05:03.0469 0x1528  [ D1CF25CA9B7F4E17289D7B457509875B, E14C2B14AD0D0BA8C9AFB5F5BFEABC5538E3398EBEEC56FDFAB3F66AF18685DF ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll
11:05:03.0469 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportUtil.dll - ok
11:05:03.0473 0x1528  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
11:05:03.0473 0x1528  C:\Windows\System32\dui70.dll - ok
11:05:03.0478 0x1528  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
11:05:03.0478 0x1528  C:\Windows\System32\duser.dll - ok
11:05:03.0483 0x1528  [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
11:05:03.0483 0x1528  C:\Windows\System32\SndVolSSO.dll - ok
11:05:03.0486 0x1528  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
11:05:03.0486 0x1528  C:\Windows\System32\hid.dll - ok
11:05:03.0491 0x1528  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
11:05:03.0491 0x1528  C:\Windows\System32\MMDevAPI.dll - ok
11:05:03.0494 0x1528  [ B8542140074D2B51FDC55E6907996CC4, A1ABD4DCF2CC8623AF6E18F1449BF144342D49176FD25501E0F33EE4C41FC5A6 ] C:\Windows\System32\dwmapi.dll
11:05:03.0494 0x1528  C:\Windows\System32\dwmapi.dll - ok
11:05:03.0498 0x1528  [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
11:05:03.0498 0x1528  C:\Windows\System32\xmllite.dll - ok
11:05:03.0502 0x1528  [ 7B1377FEF37A1A05B964660025D6FC76, 01C818C45400352E9437E5484F3DD89D2189D3ED11F635F32B845B5A8B1E1703 ] C:\Windows\System32\WindowsCodecs.dll
11:05:03.0502 0x1528  C:\Windows\System32\WindowsCodecs.dll - ok
11:05:03.0507 0x1528  [ 24EEE0D3F2E64F438D038EDF14AE456A, ECE777348D8712C1B6A3D49953CE8155E03255AE8EE685DB51432D660CA3EBE0 ] C:\Program Files (x86)\Trusteer\Rapport\bin\TRF.dll
11:05:03.0507 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\TRF.dll - ok
11:05:03.0511 0x1528  [ 6B1E1D3D3DB1C1FAD675E01C6FBEF330, 2D90E7DFBBA8ACE01A6D97642A57F6DA869B96BE2C255881913891459D42FB36 ] C:\Windows\SysWOW64\crypt32.dll
11:05:03.0511 0x1528  C:\Windows\SysWOW64\crypt32.dll - ok
11:05:03.0516 0x1528  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
11:05:03.0516 0x1528  C:\Windows\System32\winbrand.dll - ok
11:05:03.0520 0x1528  [ 9B939C443502922BD4D596C9E026BFAD, 5721730800E46EAEFCC28C409377B8C30CD22949FBC59247A99F84C59F45B458 ] C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll
11:05:03.0520 0x1528  C:\Program Files\WIDCOMM\Bluetooth Software\BtwCP.dll - ok
11:05:03.0525 0x1528  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
11:05:03.0525 0x1528  C:\Windows\System32\VaultCredProvider.dll - ok
11:05:03.0529 0x1528  [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
11:05:03.0529 0x1528  C:\Windows\SysWOW64\msvcrt.dll - ok
11:05:03.0534 0x1528  [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
11:05:03.0534 0x1528  C:\Windows\System32\winspool.drv - ok
11:05:03.0539 0x1528  [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
11:05:03.0539 0x1528  C:\Windows\SysWOW64\msasn1.dll - ok
11:05:03.0543 0x1528  [ 59EA5753EBDAE42CF92FD5B6E7AE4D53, D99C852E324D2ABE6B1DBD9A11F3BAAFEF50E955D17EB97DBE9C528AD8740C0E ] C:\Windows\SysWOW64\ws2_32.dll
11:05:03.0543 0x1528  C:\Windows\SysWOW64\ws2_32.dll - ok
11:05:03.0547 0x1528  [ F22BB9394B966E0B8ABC5D6DFF53DEAF, CD08999A58D18AF380F6E7F358FEAE2106CADD083E95A2F8E3432D30040CB022 ] C:\Windows\SysWOW64\rpcrt4.dll
11:05:03.0548 0x1528  C:\Windows\SysWOW64\rpcrt4.dll - ok
11:05:03.0552 0x1528  [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
11:05:03.0552 0x1528  C:\Windows\System32\bthprops.cpl - ok
11:05:03.0556 0x1528  [ FD064F18F29DA56102E0877E30AF6EF3, 9D5B00D5951CEE7FEEC24BCD8909F05FC46F01EE76A5CD57918586A0566FE7DE ] C:\Windows\SysWOW64\sspicli.dll
11:05:03.0556 0x1528  C:\Windows\SysWOW64\sspicli.dll - ok
11:05:03.0561 0x1528  [ 813868B12CE290B94021ECDBF37FC043, CA5EF5D174F31FC77BDDAD8700C171F31FACAFEC92D3BABCE3E407BDC0EAE7B7 ] C:\Windows\SysWOW64\cryptbase.dll
11:05:03.0561 0x1528  C:\Windows\SysWOW64\cryptbase.dll - ok
11:05:03.0564 0x1528  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
11:05:03.0564 0x1528  C:\Windows\SysWOW64\nsi.dll - ok
11:05:03.0569 0x1528  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
11:05:03.0569 0x1528  C:\Windows\SysWOW64\psapi.dll - ok
11:05:03.0573 0x1528  [ 65A5E27C2217D606E212B6088CCD6104, 3D2E4CB0956D30307FE6440E4FCA0E327DCD2643113860BE526383E7934A495C ] C:\Windows\SysWOW64\sechost.dll
11:05:03.0573 0x1528  C:\Windows\SysWOW64\sechost.dll - ok
11:05:03.0577 0x1528  [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
11:05:03.0577 0x1528  C:\Windows\SysWOW64\shlwapi.dll - ok
11:05:03.0582 0x1528  [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
11:05:03.0582 0x1528  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
11:05:03.0586 0x1528  [ 2037FD0DD3595AB46936C6598E8E97E2, 0ED08352B5958785DC28391941FE087BAC8B1D73EF9FA2E783E301D0A5769008 ] C:\Windows\SysWOW64\gdi32.dll
11:05:03.0586 0x1528  C:\Windows\SysWOW64\gdi32.dll - ok
11:05:03.0591 0x1528  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
11:05:03.0591 0x1528  C:\Windows\System32\BioCredProv.dll - ok
11:05:03.0595 0x1528  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
11:05:03.0595 0x1528  C:\Windows\System32\winbio.dll - ok
11:05:03.0600 0x1528  [ 3CB074875AC88A7C1010A2A7F9881A8C, 186B5BFE4601BFBBF6612EAE1276D0FB91E2B4FADBD84FC23148D79E2D8D88CD ] C:\Windows\SysWOW64\user32.dll
11:05:03.0600 0x1528  C:\Windows\SysWOW64\user32.dll - ok
11:05:03.0605 0x1528  [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
11:05:03.0605 0x1528  C:\Windows\System32\credui.dll - ok
11:05:03.0609 0x1528  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
11:05:03.0610 0x1528  C:\Windows\System32\vaultcli.dll - ok
11:05:03.0614 0x1528  [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
11:05:03.0615 0x1528  C:\Windows\System32\netapi32.dll - ok
11:05:03.0619 0x1528  [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
11:05:03.0619 0x1528  C:\Windows\System32\netutils.dll - ok
11:05:03.0623 0x1528  [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
11:05:03.0623 0x1528  C:\Windows\System32\wkscli.dll - ok
11:05:03.0628 0x1528  [ F5C3A7DC4A3C2E1A518D1D9BF5CE35EE, DEAF04BCDA4557239DAD1AA383B94DCBE3DF0034295DF1FF9E67EB8E2B395F98 ] C:\Windows\SysWOW64\advapi32.dll
11:05:03.0628 0x1528  C:\Windows\SysWOW64\advapi32.dll - ok
11:05:03.0632 0x1528  [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
11:05:03.0632 0x1528  C:\Windows\System32\samcli.dll - ok
11:05:03.0637 0x1528  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
11:05:03.0637 0x1528  C:\Windows\System32\certCredProvider.dll - ok
11:05:03.0641 0x1528  [ 71ED0B7AB6D3CB42604A924598B06B97, BEF57D0C7927351599B0C3506AF5F9234C9CF3A72D21AE067403BE332CB21E47 ] C:\Windows\SysWOW64\lpk.dll
11:05:03.0641 0x1528  C:\Windows\SysWOW64\lpk.dll - ok
11:05:03.0646 0x1528  [ 1ECB3FFBF22B8A7C958CCF8F96119FC0, 9DF42A27F486CD55F8141DAC4335B2A98764ED05E3F2342255854A35AB8A32FF ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
11:05:03.0646 0x1528  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
11:05:03.0651 0x1528  [ 25FACE67FAECD9E98A712048BF11A623, D8FF869666EF465ED66B0E1461BD303D58CB96A6C2A596C896097991E35A4910 ] C:\Windows\SysWOW64\usp10.dll
11:05:03.0651 0x1528  C:\Windows\SysWOW64\usp10.dll - ok
11:05:03.0655 0x1528  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
11:05:03.0655 0x1528  C:\Windows\System32\rasplap.dll - ok
11:05:03.0660 0x1528  [ 36A48A1471CEE37D11CFDAB2C9EF63B2, 4F2244403E371987872422A82E5AC43C370020C6B9FA995E867514D9DB095814 ] C:\Windows\SysWOW64\shell32.dll
11:05:03.0660 0x1528  C:\Windows\SysWOW64\shell32.dll - ok
11:05:03.0664 0x1528  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
11:05:03.0664 0x1528  C:\Windows\SysWOW64\version.dll - ok
11:05:03.0668 0x1528  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
11:05:03.0668 0x1528  C:\Windows\System32\rasapi32.dll - ok
11:05:03.0672 0x1528  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
11:05:03.0672 0x1528  C:\Windows\System32\rasman.dll - ok
11:05:03.0677 0x1528  [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
11:05:03.0677 0x1528  C:\Windows\System32\rtutils.dll - ok
11:05:03.0682 0x1528  [ 94E1C3A20358DB82B31677318BBEB120, 5BAD3AB85AA076E6F28FA117E6CE07F2FF533A8BDF03253CE5C92FDFBA4A94AD ] C:\Windows\SysWOW64\oleaut32.dll
11:05:03.0682 0x1528  C:\Windows\SysWOW64\oleaut32.dll - ok
11:05:03.0686 0x1528  [ 6CC7F7093B490721EAFA260DEC766528, 110739E8CBC892CDB4B6D7869D753FA4E63A759E4A49E6AB0898774902127867 ] C:\Windows\SysWOW64\ole32.dll
11:05:03.0686 0x1528  C:\Windows\SysWOW64\ole32.dll - ok
11:05:03.0689 0x1528  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files (x86)\Trusteer\Rapport\bin\msvcr120.dll
11:05:03.0689 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\msvcr120.dll - ok
11:05:03.0693 0x1528  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files (x86)\Trusteer\Rapport\bin\msvcp120.dll
11:05:03.0694 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\msvcp120.dll - ok
11:05:03.0699 0x1528  [ 28966A123ABD645C138445396F537B27, 3EBC964A3DAEA725B677059FBD2F1FD75B5B1CA47CBB0318495DFD292868338C ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23807_none_5c02a265a011fb02\GdiPlus.dll
11:05:03.0699 0x1528  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.23807_none_5c02a265a011fb02\GdiPlus.dll - ok
11:05:03.0704 0x1528  [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
11:05:03.0704 0x1528  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
11:05:03.0709 0x1528  [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
11:05:03.0709 0x1528  C:\Windows\SysWOW64\wtsapi32.dll - ok
11:05:03.0714 0x1528  [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
11:05:03.0714 0x1528  C:\Windows\SysWOW64\winmm.dll - ok
11:05:03.0719 0x1528  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
11:05:03.0719 0x1528  C:\Windows\SysWOW64\winnsi.dll - ok
11:05:03.0723 0x1528  [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
11:05:03.0723 0x1528  C:\Windows\SysWOW64\dnsapi.dll - ok
11:05:03.0727 0x1528  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
11:05:03.0727 0x1528  C:\Windows\SysWOW64\profapi.dll - ok
11:05:03.0731 0x1528  [ A0B2E298CECF1ECABB9B82672EAF956F, FA9AEDF614FE52D5B9B0EEEF26E6615E9E19101D3A8E31415FD6A2D1E737A29C ] C:\Windows\SysWOW64\secur32.dll
11:05:03.0731 0x1528  C:\Windows\SysWOW64\secur32.dll - ok
11:05:03.0735 0x1528  [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
11:05:03.0735 0x1528  C:\Windows\SysWOW64\userenv.dll - ok
11:05:03.0740 0x1528  [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
11:05:03.0740 0x1528  C:\Windows\SysWOW64\imm32.dll - ok
11:05:03.0745 0x1528  [ 4C7A52467D41DE158258A551C49CC169, 831AB568549A4A08883BB126FAA5150F971524C445C8DC05EA77BBD2089647D3 ] C:\Windows\SysWOW64\msctf.dll
11:05:03.0745 0x1528  C:\Windows\SysWOW64\msctf.dll - ok
11:05:03.0750 0x1528  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
11:05:03.0750 0x1528  C:\Windows\SysWOW64\wsock32.dll - ok
11:05:03.0755 0x1528  [ D161CB594609D47C8E9B7599F3195E56, C073AA83C47D9BAF76874EFB3F822A54A63A95A015C05A444ED662005C2A39B6 ] C:\Windows\SysWOW64\cryptsp.dll
11:05:03.0755 0x1528  C:\Windows\SysWOW64\cryptsp.dll - ok
11:05:03.0760 0x1528  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
11:05:03.0760 0x1528  C:\Windows\SysWOW64\rsaenh.dll - ok
11:05:03.0765 0x1528  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
11:05:03.0765 0x1528  C:\Windows\SysWOW64\ntmarta.dll - ok
11:05:03.0770 0x1528  [ B35EB84A9510414B7DFEBF594DC80501, 5D61CD05697BF36E400F796561C75774FE2FD5AEDEECE95A0A0E278E4F319130 ] C:\Windows\SysWOW64\Wldap32.dll
11:05:03.0770 0x1528  C:\Windows\SysWOW64\Wldap32.dll - ok
11:05:03.0775 0x1528  [ 0EE274476C3E5F05F2B79B8C63FCCCFC, 7D1861FCC975AD85D793DD6945113DA06CDD2B8F118AA61D0147FFA3315E8A48 ] C:\Windows\System32\atiesrxx.exe
11:05:03.0775 0x1528  C:\Windows\System32\atiesrxx.exe - ok
11:05:03.0780 0x1528  [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
11:05:03.0780 0x1528  C:\Windows\System32\wevtsvc.dll - ok
11:05:03.0785 0x1528  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] C:\Windows\System32\audiosrv.dll
11:05:03.0785 0x1528  C:\Windows\System32\audiosrv.dll - ok
11:05:03.0790 0x1528  [ 785F474FB5E67E448E1931C98E8D0ABC, 911697D580CBF508A6F4A52D4F95A6976CF9A0EC3549076A8D0B5C8BD947C989 ] C:\Windows\System32\FntCache.dll
11:05:03.0790 0x1528  C:\Windows\System32\FntCache.dll - ok
11:05:03.0793 0x1528  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
11:05:03.0794 0x1528  C:\Windows\System32\mmcss.dll - ok
11:05:03.0797 0x1528  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
11:05:03.0797 0x1528  C:\Windows\System32\avrt.dll - ok
11:05:03.0801 0x1528  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
11:05:03.0801 0x1528  C:\Windows\System32\netprofm.dll - ok
11:05:03.0804 0x1528  [ FD67683FBA9B2C4BB551780BD8846F64, 4BB7C956EA8D2CE63F5BF80FAE652F98416A7635202AEE04FC8D81000E6363DF ] C:\Windows\SysWOW64\winsta.dll
11:05:03.0804 0x1528  C:\Windows\SysWOW64\winsta.dll - ok
11:05:03.0808 0x1528  [ D204193AE858F18F901EF2B004A01CD6, 0A8EB4FD5ED38CDC5401BF61E6A9A25E7F26ADDFC83DF95A20D58B2BFC9F7ECE ] C:\Windows\System32\audiodg.exe
11:05:03.0808 0x1528  C:\Windows\System32\audiodg.exe - ok
11:05:03.0812 0x1528  [ 028560222612866320D1607942D1E456, 2A0174D1591BE0379AAA3D74EEE8D3BFE67C7C2DA38EEFCE8235479C3C85F3B2 ] C:\Windows\System32\adtschema.dll
11:05:03.0812 0x1528  C:\Windows\System32\adtschema.dll - ok
11:05:03.0815 0x1528  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
11:05:03.0815 0x1528  C:\Windows\System32\ntmarta.dll - ok
11:05:03.0818 0x1528  [ DCA0CDEE5B6EE1759987F118D5B53573, 5D1EA72E26418E9AA6D8201B852C7E636EDF4D992BB6990073658739FD3A7447 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportCP.dll.data
11:05:03.0818 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportCP.dll.data - ok
11:05:03.0821 0x1528  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
11:05:03.0821 0x1528  C:\Windows\System32\wlansvc.dll - ok
11:05:03.0825 0x1528  [ 05B1F2FC74A1E24DAB43993A30A992CD, 1C2894C0B1104043A9ED2359EEF5E04982F18708DB6E2FEFFD1F47701928485B ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportCP.dll
11:05:03.0825 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportCP.dll - ok
11:05:03.0829 0x1528  [ C6E0DF6E48FA218B9C8F23D1D373342E, A6B14E4A9E5A1ECBC13B36372A18AF909643C38313709CCB9B7720A998E26043 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportCP_x64.dll.data
11:05:03.0829 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportCP_x64.dll.data - ok
11:05:03.0833 0x1528  [ E4AE497857409127ED57562AF913A903, 262ADD713B1FBF6200550967D1F8635B55D01BBD8FA2E753536E71A4EC87867B ] C:\Windows\System32\gpsvc.dll
11:05:03.0833 0x1528  C:\Windows\System32\gpsvc.dll - ok
11:05:03.0838 0x1528  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] C:\Windows\System32\profsvc.dll
11:05:03.0838 0x1528  C:\Windows\System32\profsvc.dll - ok
11:05:03.0841 0x1528  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
11:05:03.0841 0x1528  C:\Windows\System32\atl.dll - ok
11:05:03.0846 0x1528  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
11:05:03.0846 0x1528  C:\Windows\System32\themeservice.dll - ok
11:05:03.0850 0x1528  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
11:05:03.0850 0x1528  C:\Windows\System32\es.dll - ok
11:05:03.0854 0x1528  [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
11:05:03.0854 0x1528  C:\Windows\System32\nlaapi.dll - ok
11:05:03.0859 0x1528  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
11:05:03.0859 0x1528  C:\Windows\System32\comres.dll - ok
11:05:03.0863 0x1528  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
11:05:03.0864 0x1528  C:\Windows\System32\dsrole.dll - ok
11:05:03.0868 0x1528  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
11:05:03.0868 0x1528  C:\Windows\System32\Sens.dll - ok
11:05:03.0872 0x1528  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
11:05:03.0872 0x1528  C:\Windows\System32\slc.dll - ok
11:05:03.0876 0x1528  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
11:05:03.0876 0x1528  C:\Windows\System32\uxsms.dll - ok
11:05:03.0880 0x1528  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
11:05:03.0880 0x1528  C:\Windows\System32\drivers\lltdio.sys - ok
11:05:03.0884 0x1528  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
11:05:03.0884 0x1528  C:\Windows\System32\drivers\nwifi.sys - ok
11:05:03.0887 0x1528  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
11:05:03.0887 0x1528  C:\Windows\System32\drivers\ndisuio.sys - ok
11:05:03.0891 0x1528  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
11:05:03.0891 0x1528  C:\Windows\System32\UXInit.dll - ok
11:05:03.0894 0x1528  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
11:05:03.0894 0x1528  C:\Windows\System32\winmm.dll - ok
11:05:03.0898 0x1528  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
11:05:03.0898 0x1528  C:\Windows\System32\drivers\rspndr.sys - ok
11:05:03.0901 0x1528  [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
11:05:03.0902 0x1528  C:\Windows\System32\wdmaud.drv - ok
11:05:03.0905 0x1528  [ 2B0E8D30A917DAC66B17140970E2AA63, ECD791A828A6D4B738EF406174F7A18F53182A7BF997A2990CDD9E9D05966E77 ] C:\Windows\System32\atieclxx.exe
11:05:03.0905 0x1528  C:\Windows\System32\atieclxx.exe - ok
11:05:03.0909 0x1528  [ 6D21051C8EA17C1DD0A6FD07CCAB8232, 72F1C48EC0860101249577ADC4734F43BFC9A528E6B730E0B043CC1B8BA4DBD3 ] C:\Windows\System32\ksuser.dll
11:05:03.0909 0x1528  C:\Windows\System32\ksuser.dll - ok
11:05:03.0912 0x1528  [ 6EFB469A53093341D411687C7082E8A6, 07B88133DAFE963EFD0218045F5589C627D16FCCEED6AEFEF6B3C5A10524597B ] C:\Windows\System32\atiadlxx.dll
11:05:03.0912 0x1528  C:\Windows\System32\atiadlxx.dll - ok
11:05:03.0916 0x1528  [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
11:05:03.0916 0x1528  C:\Windows\System32\IPHLPAPI.DLL - ok
11:05:03.0920 0x1528  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
11:05:03.0920 0x1528  C:\Windows\System32\lmhsvc.dll - ok
11:05:03.0924 0x1528  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
11:05:03.0924 0x1528  C:\Windows\System32\nsisvc.dll - ok
11:05:03.0929 0x1528  [ 9692E124D6D190E45FE6711A56D57B0E, 8138EE638D4CC3026E23211542172DA39E3198DE246B7912EE8D7DE12590B0AD ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportCP_x64.dll
11:05:03.0929 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportCP_x64.dll - ok
11:05:03.0934 0x1528  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
11:05:03.0934 0x1528  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
11:05:03.0940 0x1528  [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
11:05:03.0940 0x1528  C:\Windows\System32\nrpsrv.dll - ok
11:05:03.0944 0x1528  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
11:05:03.0944 0x1528  C:\Windows\System32\winnsi.dll - ok
11:05:03.0949 0x1528  [ 774A965EE0932641E0ABE88EB3FE7D12, 159A872DE38FEE5E7DE3C88FBDC9F6FCB2E034600614B8D12BC0147D835FC911 ] C:\Windows\System32\AudioSes.dll
11:05:03.0949 0x1528  C:\Windows\System32\AudioSes.dll - ok
11:05:03.0954 0x1528  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
11:05:03.0954 0x1528  C:\Windows\System32\dhcpcore.dll - ok
11:05:03.0958 0x1528  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
11:05:03.0959 0x1528  C:\Windows\System32\dnsrslvr.dll - ok
11:05:03.0964 0x1528  [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
11:05:03.0964 0x1528  C:\Windows\System32\keyiso.dll - ok
11:05:03.0968 0x1528  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
11:05:03.0969 0x1528  C:\Windows\System32\eapsvc.dll - ok
11:05:03.0972 0x1528  [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
11:05:03.0973 0x1528  C:\Windows\System32\dhcpcore6.dll - ok
11:05:03.0977 0x1528  [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
11:05:03.0977 0x1528  C:\Windows\System32\eapphost.dll - ok
11:05:03.0982 0x1528  [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
11:05:03.0982 0x1528  C:\Windows\System32\FWPUCLNT.DLL - ok
11:05:03.0986 0x1528  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
11:05:03.0986 0x1528  C:\Windows\System32\msacm32.dll - ok
11:05:03.0991 0x1528  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
11:05:03.0991 0x1528  C:\Windows\System32\msacm32.drv - ok
11:05:03.0995 0x1528  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
11:05:03.0995 0x1528  C:\Windows\System32\drivers\fltMgr.sys - ok
11:05:04.0000 0x1528  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
11:05:04.0000 0x1528  C:\Windows\System32\midimap.dll - ok
11:05:04.0004 0x1528  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
11:05:04.0005 0x1528  C:\Windows\System32\dnsext.dll - ok
11:05:04.0009 0x1528  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
11:05:04.0009 0x1528  C:\Windows\System32\MPSSVC.dll - ok
11:05:04.0013 0x1528  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
11:05:04.0013 0x1528  C:\Windows\System32\dhcpcsvc.dll - ok
11:05:04.0018 0x1528  [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
11:05:04.0018 0x1528  C:\Windows\System32\umb.dll - ok
11:05:04.0023 0x1528  [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
11:05:04.0023 0x1528  C:\Windows\System32\wlanmsm.dll - ok
11:05:04.0028 0x1528  [ 4434678251E0588AA1A5F51B04183AB7, B5DB6E25A102FAB5A5A7C699827FCD765123FEB535F57D2B96E0A385DD92D877 ] C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll.data
11:05:04.0028 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll.data - ok
11:05:04.0033 0x1528  [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
11:05:04.0033 0x1528  C:\Windows\System32\dhcpcsvc6.dll - ok
11:05:04.0037 0x1528  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
11:05:04.0037 0x1528  C:\Windows\System32\imageres.dll - ok
11:05:04.0040 0x1528  [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
11:05:04.0040 0x1528  C:\Windows\System32\wlansec.dll - ok
11:05:04.0044 0x1528  [ FBE484A6F52433170CAE73EC61A6018E, 2C526F0E2CE2DADA0F491EFB3D0680FE895BD43A18C6BC77BBAB6FAA25F70CB6 ] C:\Windows\System32\AudioEng.dll
11:05:04.0044 0x1528  C:\Windows\System32\AudioEng.dll - ok
11:05:04.0049 0x1528  [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
11:05:04.0049 0x1528  C:\Windows\System32\onex.dll - ok
11:05:04.0054 0x1528  [ C6F9222F39A035540D6D53C139C5740C, F08DC783F61EE4CCFDB37CFB5424DBE982133421327458544B8E2106715CC054 ] C:\Windows\System32\AUDIOKSE.dll
11:05:04.0054 0x1528  C:\Windows\System32\AUDIOKSE.dll - ok
11:05:04.0059 0x1528  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
11:05:04.0059 0x1528  C:\Windows\System32\eappprxy.dll - ok
11:05:04.0064 0x1528  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
11:05:04.0064 0x1528  C:\Windows\System32\PSHED.DLL - ok
11:05:04.0067 0x1528  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
11:05:04.0067 0x1528  C:\Windows\System32\eappcfg.dll - ok
11:05:04.0072 0x1528  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
11:05:04.0072 0x1528  C:\Windows\System32\wlgpclnt.dll - ok
11:05:04.0077 0x1528  [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
11:05:04.0077 0x1528  C:\Windows\System32\l2gpstore.dll - ok
11:05:04.0082 0x1528  [ 5074CC957DA0E2A167A3A40549016029, 5122B2EA65829D4FD62C71F07A9C7E85B43AA46B7F68C012ACB27D10983211DD ] C:\Windows\System32\RltkAPO64.dll
11:05:04.0082 0x1528  C:\Windows\System32\RltkAPO64.dll - ok
11:05:04.0087 0x1528  [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
11:05:04.0087 0x1528  C:\Windows\System32\WinSCard.dll - ok
11:05:04.0090 0x1528  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
11:05:04.0091 0x1528  C:\Windows\System32\wlanutil.dll - ok
11:05:04.0094 0x1528  [ FDE5C7F271A8424B019EEFDAFD8CBD75, C58ABF814490343374F6F248F0F8671D87673BB504DEB402DC270A7ADD49B422 ] C:\Windows\System32\msxml6.dll
11:05:04.0094 0x1528  C:\Windows\System32\msxml6.dll - ok
11:05:04.0098 0x1528  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
11:05:04.0098 0x1528  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
11:05:04.0101 0x1528  [ FE05D03B73000CFF476E1D29109F3A84, 7880B025413338A7B114BECB5DC67605FC7A97142C26FD12F765A64A21805842 ] C:\Program Files\Windows Defender\MpEvMsg.dll
11:05:04.0101 0x1528  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
11:05:04.0105 0x1528  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
11:05:04.0105 0x1528  C:\Windows\System32\shsvcs.dll - ok
11:05:04.0108 0x1528  [ 40686B59C127F0C93B4234E4A1E3472A, B2DD61CB796C6AA8AFD285D43472B94646CA6D331D282818E0FDC9DE28DDE9CF ] C:\Windows\System32\schedsvc.dll
11:05:04.0108 0x1528  C:\Windows\System32\schedsvc.dll - ok
11:05:04.0112 0x1528  [ 69786C01ED6457AB01FD749AA8547C43, A13AEBF4553FF2B48B2835CC709B773481A9E5B3C3AA95B3D00B97AE8FEFF520 ] C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll
11:05:04.0112 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\rooksbas.dll - ok
11:05:04.0116 0x1528  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
11:05:04.0116 0x1528  C:\Windows\System32\ktmw32.dll - ok
11:05:04.0119 0x1528  [ ECAEC5FBBBEF8612AF0A866AFA5F7EF2, BB0C2C34033FC1FA8D19CA83F6020E3B057C62F6F0B91E3A2E2DA90CEF72673C ] C:\Windows\System32\RTEEL64A.dll
11:05:04.0119 0x1528  C:\Windows\System32\RTEEL64A.dll - ok
11:05:04.0123 0x1528  [ A6286A6C7A1BBFCBA17AA54384A21D1C, BF694684C1860F4D53D546D756B97AAF051770AB24316AF955BCB0762CF4EADE ] C:\Windows\System32\RTEED64A.dll
11:05:04.0123 0x1528  C:\Windows\System32\RTEED64A.dll - ok
11:05:04.0126 0x1528  [ EF7F85527404DF16DEE0ADC611155F0B, 30132BF984CB7BFE95BA4E6C278293D460F7770D570A6F1A13BD28A982481D16 ] C:\Windows\System32\WMALFXGFXDSP.dll
11:05:04.0126 0x1528  C:\Windows\System32\WMALFXGFXDSP.dll - ok
11:05:04.0130 0x1528  [ D1035B8EFC83165612F7AAB1816A81B4, CF8DC9349DE9B787BB8D1E15B39397B356BAF7A3098A6A12EF6E0235EF8A58C9 ] C:\Windows\System32\fveapi.dll
11:05:04.0130 0x1528  C:\Windows\System32\fveapi.dll - ok
11:05:04.0133 0x1528  [ 09AD5C5E9A19D14AE73461AB9A376713, 31FED638AB5E2CCA71C6B2BB14DBC650031EBCE3615B9C2B85C806D06EB190F1 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll.data
11:05:04.0133 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll.data - ok
11:05:04.0137 0x1528  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
11:05:04.0137 0x1528  C:\Windows\System32\fvecerts.dll - ok
11:05:04.0140 0x1528  [ 8F39E301AD8B219DADF83BD7DBE9842E, AB214857E10822EB71652463BD2F595DDD45AEE02E569CEB80BA1BDC3C1D685A ] C:\Windows\System32\tbs.dll
11:05:04.0140 0x1528  C:\Windows\System32\tbs.dll - ok
11:05:04.0144 0x1528  [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
11:05:04.0144 0x1528  C:\Windows\System32\taskcomp.dll - ok
11:05:04.0147 0x1528  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
11:05:04.0147 0x1528  C:\Windows\System32\wiarpc.dll - ok
11:05:04.0150 0x1528  [ 2188DE5FA5C741FB2B81EB9F37D26BA7, 81C13718B01E698DDC31D13F60335CC6182C9F4CEF9E29ECE2A5BA5A4F138A1C ] C:\Windows\System32\mfplat.dll
11:05:04.0151 0x1528  C:\Windows\System32\mfplat.dll - ok
11:05:04.0154 0x1528  [ CF5C9BD985120781200D35FD445D0BD5, 91B37F595A196542458CBBCDAD80779721D228A7030A34E55995DDBB06649248 ] C:\Windows\System32\drivers\http.sys
11:05:04.0154 0x1528  C:\Windows\System32\drivers\http.sys - ok
11:05:04.0158 0x1528  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
11:05:04.0158 0x1528  C:\Windows\System32\spoolsv.exe - ok
11:05:04.0161 0x1528  [ 5F31EE47AFA5D40DC37971D27076DE04, 88070AF9A71BBFD87E66BB036BC58AA69DE98407D0874582314CCBE13DB0DAD4 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll
11:05:04.0161 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksbas_x64.dll - ok
11:05:04.0165 0x1528  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] C:\Program Files (x86)\Avira\Antivirus\sched.exe
11:05:04.0165 0x1528  C:\Program Files (x86)\Avira\Antivirus\sched.exe - ok
11:05:04.0170 0x1528  [ A5CA8AC1E903C893A89F8039A994FB20, 07407F2769DC2187826FBA965F81BBE24453789FBC3C6F2CC2D6B7A95006CEF6 ] C:\Program Files (x86)\Trusteer\Rapport\bin\rookscom.dll.data
11:05:04.0170 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\rookscom.dll.data - ok
11:05:04.0175 0x1528  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files (x86)\Avira\Antivirus\msvcp120.dll
11:05:04.0175 0x1528  C:\Program Files (x86)\Avira\Antivirus\msvcp120.dll - ok
11:05:04.0179 0x1528  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files (x86)\Avira\Antivirus\msvcr120.dll
11:05:04.0179 0x1528  C:\Program Files (x86)\Avira\Antivirus\msvcr120.dll - ok
11:05:04.0184 0x1528  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
11:05:04.0184 0x1528  C:\Windows\SysWOW64\dbghelp.dll - ok
11:05:04.0188 0x1528  [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
11:05:04.0188 0x1528  C:\Windows\System32\netcfgx.dll - ok
11:05:04.0193 0x1528  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] C:\Windows\System32\drivers\vwifimp.sys
11:05:04.0193 0x1528  C:\Windows\System32\drivers\vwifimp.sys - ok
11:05:04.0197 0x1528  [ A62751353537E7E83B077E0BE9F6FA0E, 604C06735611A27C13AFFBD470D325617EF8014654F65EFDE787A0139831161D ] C:\Program Files (x86)\Avira\Antivirus\productutilities.dll
11:05:04.0198 0x1528  C:\Program Files (x86)\Avira\Antivirus\productutilities.dll - ok
11:05:04.0202 0x1528  [ 35086E6C8691C0D8D976B06FD74FEDC6, 8BD71FFA509BD27A37B529BFB1C6DCB33B8FB56AE26503C4F63C71F68BA09455 ] C:\Program Files (x86)\Avira\Antivirus\systemutilities.dll
11:05:04.0203 0x1528  C:\Program Files (x86)\Avira\Antivirus\systemutilities.dll - ok
11:05:04.0207 0x1528  [ EAD314F2142162AE4DE91355580F6607, AA0628AFBCF56678B14E2617F4596379BE67E1CE91AEE2A23DDBB3CFDA36F8C4 ] C:\Windows\SysWOW64\winhttp.dll
11:05:04.0207 0x1528  C:\Windows\SysWOW64\winhttp.dll - ok
11:05:04.0212 0x1528  [ CB52DEF1B1E1B9950F29548F2F19115A, 42A60BC707DB0B42214A8C679E0A15AE46944D9D97C35D8293AB294DC759A800 ] C:\Windows\SysWOW64\webio.dll
11:05:04.0212 0x1528  C:\Windows\SysWOW64\webio.dll - ok
11:05:04.0218 0x1528  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
11:05:04.0218 0x1528  C:\Windows\SysWOW64\mpr.dll - ok
11:05:04.0222 0x1528  [ 82CA6549FA0CA77B7DEC84544F687A1A, 402FC384522C416CBB8218CC9AEAB78D12C0780CDD084A6B6C8457276710883F ] C:\Program Files (x86)\Trusteer\Rapport\bin\rookscom.dll
11:05:04.0222 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\rookscom.dll - ok
11:05:04.0227 0x1528  [ 32B93AF76C3EE06059D8A0E5BD3FAF04, D64D4A45CE55F7B8F830C5DBDD9B5F91B47659F2642B4934464FB28A2C711AD2 ] C:\Program Files (x86)\Avira\Antivirus\grdcore.dll
11:05:04.0227 0x1528  C:\Program Files (x86)\Avira\Antivirus\grdcore.dll - ok
11:05:04.0233 0x1528  [ 40F41DBD89E3B06C09E5880BA2AC3744, 61896DE039E75738639F6A3C4309EBF38E79948365B046D2CE54114E7FED985A ] C:\Program Files (x86)\Avira\Antivirus\avwinll.dll
11:05:04.0233 0x1528  C:\Program Files (x86)\Avira\Antivirus\avwinll.dll - ok
11:05:04.0237 0x1528  [ 1C29E47EA684E7D27EBDC92093CB56B8, F65F750A18FC2A37A4EA1FE8A035D4E454D5A52354947B2F29A16099FF5DBF57 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rookscom_x64.dll.data
11:05:04.0238 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rookscom_x64.dll.data - ok
11:05:04.0243 0x1528  [ F865E2F31E6B8D12F3B61AAF2A2EBD40, 6FB17D7008BD5FF6080E51B6761543519F2174067E47BBE777A988AB9FA2262A ] C:\Program Files (x86)\Avira\Antivirus\scewxmlw.dll
11:05:04.0243 0x1528  C:\Program Files (x86)\Avira\Antivirus\scewxmlw.dll - ok
11:05:04.0248 0x1528  [ A03C447E38CCC16BA2B9366ADB289E69, 6603CD1136F6FB4D714D4667779A8A7C848094516FEDAE13F53008F22AA5422F ] C:\Program Files (x86)\Avira\Antivirus\cfglib.dll
11:05:04.0248 0x1528  C:\Program Files (x86)\Avira\Antivirus\cfglib.dll - ok
11:05:04.0253 0x1528  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
11:05:04.0253 0x1528  C:\Windows\System32\BFE.DLL - ok
11:05:04.0258 0x1528  [ A19252942F60309704A97DD945DF1FE7, F4DE9742FD9032ADA599E1C378D0DAB39CA877C622AB99B9FD407D2F90E580B6 ] C:\Program Files (x86)\Avira\Antivirus\gpipc.dll
11:05:04.0258 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpipc.dll - ok
11:05:04.0263 0x1528  [ 7BF58D6E0626F303169863B91B263EB1, 7885107A133FBC28529D595148A8464A9C078164E33C332CE317449C0A1E02D4 ] C:\Program Files (x86)\Avira\Antivirus\gpgen.dll
11:05:04.0263 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpgen.dll - ok
11:05:04.0268 0x1528  [ ECE67BBC8708EEBFC21378D2FB188249, 50948E2738D71511E02C0844F0B46898547F71C3733166DDAFEC678996949BE2 ] C:\Program Files (x86)\Avira\Antivirus\gpschd.dll
11:05:04.0268 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpschd.dll - ok
11:05:04.0272 0x1528  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] C:\Windows\System32\drivers\bowser.sys
11:05:04.0273 0x1528  C:\Windows\System32\drivers\bowser.sys - ok
11:05:04.0277 0x1528  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
11:05:04.0277 0x1528  C:\Windows\System32\drivers\mpsdrv.sys - ok
11:05:04.0282 0x1528  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
11:05:04.0282 0x1528  C:\Windows\SysWOW64\rasapi32.dll - ok
11:05:04.0287 0x1528  [ 4EAE27FD78BDCB9A36B60C33C19DA45F, 8062EF469D1926FE2A47D7AC77768280661BE2FFD0167DF1EAE482A109FD2114 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rookscom_x64.dll
11:05:04.0287 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rookscom_x64.dll - ok
11:05:04.0291 0x1528  [ EE88FE7F43A53B376142FAE2DAA50EF1, 9048C87484A87481B4F227AF628E573024FB252620C4BD1C9193225ACB9A6BE2 ] C:\Windows\System32\drivers\mrxsmb.sys
11:05:04.0291 0x1528  C:\Windows\System32\drivers\mrxsmb.sys - ok
11:05:04.0295 0x1528  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
11:05:04.0295 0x1528  C:\Windows\SysWOW64\rasman.dll - ok
11:05:04.0298 0x1528  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
11:05:04.0298 0x1528  C:\Windows\System32\wfapigp.dll - ok
11:05:04.0302 0x1528  [ 119CE8CFC2073AE576D92A9A0E164012, 9A9FFF962E851DADAE6E0BE852F251557FF242B385659BAD99A84D4DB929FAE8 ] C:\Windows\System32\drivers\mrxsmb10.sys
11:05:04.0302 0x1528  C:\Windows\System32\drivers\mrxsmb10.sys - ok
11:05:04.0305 0x1528  [ 84EE9DC885665DB9A78CC22F365E77D0, 7ADD647A8E5AF3EDA873CA1467A961CDB5CAEF12F689CF0E47C83E8BB382FF73 ] C:\Windows\System32\drivers\mrxsmb20.sys
11:05:04.0305 0x1528  C:\Windows\System32\drivers\mrxsmb20.sys - ok
11:05:04.0309 0x1528  [ 86B8C938B983DEE334D58AE6D6495DDF, 80B48345564AB1DAA452F474F555647D918F33D1F5D13E6552C70222C3AE931E ] C:\Program Files (x86)\Trusteer\Rapport\bin\rooksdol.dll.data
11:05:04.0309 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\rooksdol.dll.data - ok
11:05:04.0312 0x1528  [ 192B3B21FDDBC21AA3E8ADFE8ADBC9AA, 7C8324F496092CA2591198DE766F8E1099026A960156B20C1AD2A748498A8AD4 ] C:\Windows\System32\mscms.dll
11:05:04.0312 0x1528  C:\Windows\System32\mscms.dll - ok
11:05:04.0316 0x1528  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
11:05:04.0316 0x1528  C:\Windows\System32\wkssvc.dll - ok
11:05:04.0318 0x1528  [ 61F1FDBE16EDF0EB510B5BDF90728E95, 256DF2D0D10D13872CE741D4FF5AFED89D82F1B2A0F6CF60B1000E77158B0A66 ] C:\Program Files (x86)\Avira\Antivirus\CommonTextRc.dll
11:05:04.0318 0x1528  C:\Program Files (x86)\Avira\Antivirus\CommonTextRc.dll - ok
11:05:04.0322 0x1528  [ 3CD83692C43D87088E85E3C916146FFB, 9E812535E8FBA045FDA30F68E9EB2031132C37721D542A2DC9D4C33E2B137FCF ] C:\Windows\System32\pcasvc.dll
11:05:04.0322 0x1528  C:\Windows\System32\pcasvc.dll - ok
11:05:04.0325 0x1528  [ CF57371C24869C6E1670346D9A821444, 555FB706ADAD599ECB1D1C63A5CA9080FE1F93A8DAD9A70724B44002074F82BA ] C:\Program Files (x86)\Avira\Antivirus\57\ProductTextRc.dll
11:05:04.0325 0x1528  C:\Program Files (x86)\Avira\Antivirus\57\ProductTextRc.dll - ok
11:05:04.0329 0x1528  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
11:05:04.0329 0x1528  C:\Windows\System32\snmptrap.exe - ok
11:05:04.0333 0x1528  [ 2A4227B52AB2785AA83A9E5E4F830D36, E1B34EEE943B43E1F841BA7DBCBAA839BA290741CD8DC871167BE4220C28A4BF ] C:\Program Files (x86)\Avira\Antivirus\sqlite3.dll
11:05:04.0333 0x1528  C:\Program Files (x86)\Avira\Antivirus\sqlite3.dll - ok
11:05:04.0336 0x1528  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
11:05:04.0336 0x1528  C:\Windows\System32\sstpsvc.dll - ok
11:05:04.0340 0x1528  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
11:05:04.0340 0x1528  C:\Windows\System32\provsvc.dll - ok
11:05:04.0343 0x1528  [ 75789EBB70D13627650165AAB46229FB, 9E590207D0AC17D3A8A6D48EBED47E3AF50EAA11956C2102D427257879D320B4 ] C:\Program Files (x86)\Trusteer\Rapport\bin\rooksdol.dll
11:05:04.0343 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\rooksdol.dll - ok
11:05:04.0348 0x1528  [ DC1BC5F2B1C54EA6725734BF4C0E5454, 5E9A1491118037F77356F18C6DE20495C302CC944A8400CC87DC0C67C6AAE9A7 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
11:05:04.0348 0x1528  C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
11:05:04.0352 0x1528  [ D0B150C6CD6DF12D6AB5FFEA8275C5AE, 9CD03AD04BEBA66FDDA49A9EC7E2091AD61B4C7FFD0159DA6E93BA0AC6D82129 ] C:\Program Files (x86)\Avira\Antivirus\libcurl.dll
11:05:04.0352 0x1528  C:\Program Files (x86)\Avira\Antivirus\libcurl.dll - ok
11:05:04.0355 0x1528  [ BDC129F7A4DB09E15094F6816E80B4EA, AD2D44874F61A1D21B7DF0ED5A73B0320926698C75FA52E1C2A4E093A3EB2AC7 ] C:\Program Files (x86)\Avira\Antivirus\libeay32.dll
11:05:04.0355 0x1528  C:\Program Files (x86)\Avira\Antivirus\libeay32.dll - ok
11:05:04.0359 0x1528  [ 0BCEE7E6277609920A4DB94894056C70, 2099ADAC84B8A5A0AEE20854287E90C522C741CF8DA5193CB526A895EAD6B77F ] C:\Program Files (x86)\Avira\Antivirus\ssleay32.dll
11:05:04.0359 0x1528  C:\Program Files (x86)\Avira\Antivirus\ssleay32.dll - ok
11:05:04.0363 0x1528  [ 208E2B124B1DB825D956730DC46738E6, 111BD28BF20802FBD256ECB8CA9BBC7307B4D9FE35CEA76147EC4878FC1329B0 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksdol_x64.dll.data
11:05:04.0363 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksdol_x64.dll.data - ok
11:05:04.0366 0x1528  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
11:05:04.0366 0x1528  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
11:05:04.0370 0x1528  [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
11:05:04.0370 0x1528  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
11:05:04.0374 0x1528  [ A88241C2A519AFD2C99A40000F9113E6, 9E3E7A4AF64A0173E61A2D6464ED1CEBB128EFA72E8FE57683EBA3505934A894 ] C:\Windows\SysWOW64\mswsock.dll
11:05:04.0374 0x1528  C:\Windows\SysWOW64\mswsock.dll - ok
11:05:04.0378 0x1528  [ F6D02735DE16705C1EBE6429592CD355, 356C49C5E1328FB181C295A84292471C566E11099E46D7A34C017931863D86A4 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
11:05:04.0378 0x1528  C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
11:05:04.0383 0x1528  [ 4355CF8BD07B0E48C111FC3D2F36D313, B3C5837C29A71E82CA4C7A887FE219C26A5CAA1230AD7E5853C4B3035C7CC94D ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
11:05:04.0383 0x1528  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
11:05:04.0389 0x1528  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
11:05:04.0389 0x1528  C:\Windows\SysWOW64\rasadhlp.dll - ok
11:05:04.0394 0x1528  [ 5408C196DF7D219B2B752B6DF7C3C215, 13D7D38BD3119758F2D6A530349CD15784972A8CC83FD290E73B2FA13ED7EECF ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksdol_x64.dll
11:05:04.0394 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\rooksdol_x64.dll - ok
11:05:04.0399 0x1528  [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
11:05:04.0399 0x1528  C:\Windows\SysWOW64\cfgmgr32.dll - ok
11:05:04.0404 0x1528  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
11:05:04.0404 0x1528  C:\Windows\SysWOW64\clbcatq.dll - ok
11:05:04.0409 0x1528  [ E98278865E8DABA21CFE5FE4BE34210A, 3BB431A9F6476EA98C17DF46BA5DFA265E74328D84875E402236ED12E50B6330 ] C:\Windows\SysWOW64\PortableDeviceApi.dll
11:05:04.0410 0x1528  C:\Windows\SysWOW64\PortableDeviceApi.dll - ok
11:05:04.0415 0x1528  [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
11:05:04.0415 0x1528  C:\Windows\SysWOW64\setupapi.dll - ok
11:05:04.0419 0x1528  [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
11:05:04.0419 0x1528  C:\Windows\SysWOW64\devobj.dll - ok
11:05:04.0423 0x1528  [ 09E512220E90ADDA6E818120BB528B0A, 3C15E136748D3AC6E9641C93C79A0C447F300E0770EF228FB2ECE4DFA07D85BA ] C:\Windows\SysWOW64\wintrust.dll
11:05:04.0424 0x1528  C:\Windows\SysWOW64\wintrust.dll - ok
11:05:04.0427 0x1528  [ 03A271835C0F4B340A47B3CB05C7CEB3, 6239A687DE5254785746C97B6ECFCB0BFBBB511D2F23A855F24FB15259E78FC3 ] C:\Program Files (x86)\Avira\Antivirus\avipc.dll
11:05:04.0427 0x1528  C:\Program Files (x86)\Avira\Antivirus\avipc.dll - ok
11:05:04.0431 0x1528  [ D5AFC3A476925CE740B7079D9BD2D269, 201313175BEA013DE47B00F9F563614641959FCAD937FB873B587B7F8C87166C ] C:\Windows\SysWOW64\apphelp.dll
11:05:04.0431 0x1528  C:\Windows\SysWOW64\apphelp.dll - ok
11:05:04.0435 0x1528  [ BDFDA182BD6C4D2B3010D24AAFAD8288, BEF20ED5397E0F49C12048CEAF0BAA65A17EE920616ADDE08EB7529CB0B5AFC4 ] C:\Program Files (x86)\Avira\Antivirus\ccuac.exe
11:05:04.0435 0x1528  C:\Program Files (x86)\Avira\Antivirus\ccuac.exe - ok
11:05:04.0439 0x1528  [ 98E06CAC2C508118450095E581202230, 8FC6C08487F2A481A28F1E5E500B61A21B7A0D44B342F9F887017D6FAE4F87F4 ] C:\Program Files\SUPERAntiSpyware\SASCore64.exe
11:05:04.0440 0x1528  C:\Program Files\SUPERAntiSpyware\SASCore64.exe - ok
11:05:04.0444 0x1528  [ 8157B86C6F1BECD41967BCF4A6AFE172, 87298C4E159F86638DBF6F1B7E4BCCE7EBF5C7A26A51F979E17ED25825127701 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe
11:05:04.0444 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportInjService_x64.exe - ok
11:05:04.0449 0x1528  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
11:05:04.0449 0x1528  C:\Windows\SysWOW64\rtutils.dll - ok
11:05:04.0453 0x1528  [ E316B2838D6EA3F8DA61BFB30B8F1B30, 880156BA7F5F9B91EE88637A8C39D437CE1BAA7AC14430665D20AE69671F30BA ] C:\Program Files (x86)\Avira\Antivirus\ccwkrlib.dll
11:05:04.0453 0x1528  C:\Program Files (x86)\Avira\Antivirus\ccwkrlib.dll - ok
11:05:04.0457 0x1528  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:05:04.0457 0x1528  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
11:05:04.0467 0x1528  [ 94D648747CB348C9DF7D64B0F59B2B2C, 216E191F2107D0A17E3F38E31A5F32639FA036708E281056983A391D01742EEA ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportUtil_x64.dll
11:05:04.0467 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportUtil_x64.dll - ok
11:05:04.0486 0x1528  [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
11:05:04.0486 0x1528  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
11:05:04.0495 0x1528  [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
11:05:04.0495 0x1528  C:\Windows\SysWOW64\netapi32.dll - ok
11:05:04.0501 0x1528  [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
11:05:04.0501 0x1528  C:\Windows\SysWOW64\netutils.dll - ok
11:05:04.0509 0x1528  [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
11:05:04.0509 0x1528  C:\Windows\SysWOW64\srvcli.dll - ok
11:05:04.0527 0x1528  [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
11:05:04.0527 0x1528  C:\Windows\SysWOW64\wkscli.dll - ok
11:05:04.0533 0x1528  [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
11:05:04.0533 0x1528  C:\Windows\SysWOW64\logoncli.dll - ok
11:05:04.0542 0x1528  [ 72910F1DEB838E6E08A9017BFB7D4F0B, A2EAE06069778605765ECB4734760BA296707ED6E166F85F31603F5D79ACC125 ] C:\Windows\SysWOW64\browcli.dll
11:05:04.0542 0x1528  C:\Windows\SysWOW64\browcli.dll - ok
11:05:04.0549 0x1528  [ 521B748A7F9923302CA18B7E6AA2EEAE, 6243D4F29B28242E308359624B5E68AC8A57D811521193487973794EDCE55787 ] C:\Windows\SysWOW64\activeds.dll
11:05:04.0549 0x1528  C:\Windows\SysWOW64\activeds.dll - ok
11:05:04.0558 0x1528  [ 51F5CC1E7DA3D9C664C2D0D61F315E06, 0A50A35863C9679E8DFC0783D5F1F6411010873738C6B1D90B7E993D2C6CFB06 ] C:\Windows\SysWOW64\adsldpc.dll
11:05:04.0558 0x1528  C:\Windows\SysWOW64\adsldpc.dll - ok
11:05:04.0562 0x1528  [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
11:05:04.0562 0x1528  C:\Windows\SysWOW64\atl.dll - ok
11:05:04.0567 0x1528  [ B32F69C4D7B6C4711CE9BAB61FD5182D, 6E021F6E73FEDE270C221CC90C797B7F93C93E36B83F071C0C6AF8EAB89C7C69 ] C:\Windows\SysWOW64\wininet.dll
11:05:04.0568 0x1528  C:\Windows\SysWOW64\wininet.dll - ok
11:05:04.0575 0x1528  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] C:\Program Files (x86)\Avira\Antivirus\avguard.exe
11:05:04.0575 0x1528  C:\Program Files (x86)\Avira\Antivirus\avguard.exe - ok
11:05:04.0579 0x1528  [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
11:05:04.0579 0x1528  C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
11:05:04.0585 0x1528  [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
11:05:04.0586 0x1528  C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
11:05:04.0594 0x1528  [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
11:05:04.0594 0x1528  C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
11:05:04.0600 0x1528  [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
11:05:04.0600 0x1528  C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
11:05:04.0608 0x1528  [ 9AB34CAA02F10537485412A47B16B3A3, 21B1ACD096EBE54044134A6232AA80BE56D4DC7C53CDD0ADB92F113CEDA1E764 ] C:\Windows\SysWOW64\iertutil.dll
11:05:04.0608 0x1528  C:\Windows\SysWOW64\iertutil.dll - ok
11:05:04.0613 0x1528  [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:05:04.0613 0x1528  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok
11:05:04.0618 0x1528  [ D029339C0F59CF662094EDDF8C42B2B5, 934D882EFD3C0F3F1EFBC238EF87708F3879F5BB456D30AF62F3368D58B6AA4C ] C:\Windows\System32\msvcp100.dll
11:05:04.0618 0x1528  C:\Windows\System32\msvcp100.dll - ok
11:05:04.0626 0x1528  [ 366FD6F3A451351B5DF2D7C4ECF4C73A, AE3CB6C6AFBA9A4AA5C85F66023C35338CA579B30326DD02918F9D55259503D5 ] C:\Windows\System32\msvcr100.dll
11:05:04.0626 0x1528  C:\Windows\System32\msvcr100.dll - ok
11:05:04.0630 0x1528  [ FA28656B9A7F654FE88E86DA74B1AA0F, 816FBD6480E5F782CCFEF57F4FCD191E2C8F3263AB9CCCAD7A6ECB5F0D8F909B ] C:\Program Files (x86)\Avira\Antivirus\gpgrd.dll
11:05:04.0630 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpgrd.dll - ok
11:05:04.0635 0x1528  [ 6C47A5230F20295F7CDBB56940DDD35A, 25162628839990FF7F8E47A0E1D1517A5FB976272BE7D6DA001F8F9BD1B63F06 ] C:\Program Files (x86)\Avira\Antivirus\gpgui.dll
11:05:04.0635 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpgui.dll - ok
11:05:04.0641 0x1528  [ 50989D92A41537449454EC70D4445487, A2AE3F06C15298465172A792FF866091EF1A117D37542121A1CEB91EA585CE88 ] C:\Program Files (x86)\Avira\Antivirus\gpgavid.dll
11:05:04.0641 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpgavid.dll - ok
11:05:04.0645 0x1528  [ 47AD4678356BB125A8C0F0C7E8E10B0F, 86BD407C22057A55992CCB30EEC59470AFC5D9A3C902E5B0311BFEFF1781C6B1 ] C:\Program Files (x86)\Avira\Antivirus\gplegacy.dll
11:05:04.0645 0x1528  C:\Program Files (x86)\Avira\Antivirus\gplegacy.dll - ok
11:05:04.0651 0x1528  [ 4D585B74188EA93CADD34D16A9DF1DEE, 2C446DFA5B2239870F1BC7EC1C1D2848C924C2492A8ABE81C88A04404D1E183C ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\TRF_x64.dll
11:05:04.0651 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\TRF_x64.dll - ok
11:05:04.0656 0x1528  [ 3960EEEE2D7978939447F178CC51BDE7, 10710BC7AF702489D60EE5D014FE1382C5A7ED9AD1E8C6C2D4CC81411147A719 ] C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll
11:05:04.0656 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok
11:05:04.0661 0x1528  [ 31E1A8973EE262977557F571CEF1C873, C0B034F47AB35E1182E370A2169F766555CD50632E81033916B778C94176A2C6 ] C:\Program Files (x86)\Avira\Antivirus\gpgenrep.dll
11:05:04.0661 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpgenrep.dll - ok
11:05:04.0666 0x1528  [ 22CC15236574408BEF691D200B7D418D, 3FCDDD152EE8804CC0DEEEF7A1DBC81685329FFDA33221A484756CFD929943A4 ] C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll
11:05:04.0666 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok
11:05:04.0671 0x1528  [ FE563EBC14309A7C0E972C7902E8245A, C6DFE5E8C91BF196EDC062EB46F4450DBB6E2C1412345FEE3CD0DE38B0159B36 ] C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll
11:05:04.0671 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok
11:05:04.0675 0x1528  [ B9CBCD6136AA0AE05A7B7BBD3F76880A, 22BDE23DF8144CD88B45B19DC177FCB640A5964D7B35B6828EB38E16374A3D0F ] C:\Program Files (x86)\Avira\Antivirus\onlcfg.dll
11:05:04.0675 0x1528  C:\Program Files (x86)\Avira\Antivirus\onlcfg.dll - ok
11:05:04.0678 0x1528  [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
11:05:04.0678 0x1528  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
11:05:04.0682 0x1528  [ B43E4F277B542F6A21552D549BC0A8F9, A15F94D4E11CB7C2FAD17721C223E4B96A2A9B00D3ACC23590342C9E9B5F10EE ] C:\Program Files (x86)\Avira\Antivirus\gavidb.dll
11:05:04.0682 0x1528  C:\Program Files (x86)\Avira\Antivirus\gavidb.dll - ok
11:05:04.0686 0x1528  [ F4F2A4C459DD3AA22DD3984D13B15746, C2D0E285E2333A9C620BE04A5747881AF0D5615DA32226886E659FF31A9761CC ] C:\Program Files (x86)\Avira\Antivirus\mfc120u.dll
11:05:04.0686 0x1528  C:\Program Files (x86)\Avira\Antivirus\mfc120u.dll - ok
11:05:04.0690 0x1528  [ 9C861C079DD81762B6C54E37597B7712, AD32240BB1DE55C3F5FCAC8789F583A17057F9D14914C538C2A7A5AD346B341C ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\msvcr120.dll
11:05:04.0690 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\msvcr120.dll - ok
11:05:04.0695 0x1528  [ 5C3F9DBA818CD93379D1A0F215270374, 6A4D96AC83989D47D80332E41E627F2607A3B2167E1A5D8E21361136C4424633 ] C:\Windows\SysWOW64\esent.dll
11:05:04.0695 0x1528  C:\Windows\SysWOW64\esent.dll - ok
11:05:04.0700 0x1528  [ C3EF71A9684DFC755ACEB39C5D16CDEF, 14767F21391D41A7616C37EB6C6895F02CE1C249E96C7D8309924F3B8749F0FA ] C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll
11:05:04.0700 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\objc.dll - ok
11:05:04.0705 0x1528  [ 69874E69BB39CEB2188713ECC65FBC06, 84A34035D61D22010DB4743EF98D8525112DC187C5F4823939ADFAEE43DF190E ] C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll
11:05:04.0705 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\ASL.dll - ok
11:05:04.0709 0x1528  [ FE4AD7D13B0D9564D9242F21FF554E84, D48BD9A8A596D398FD82180CB757AB7CD720CEC5F239DCD690BCB53A63C84400 ] C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll
11:05:04.0709 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\libdispatch.dll - ok
11:05:04.0713 0x1528  [ 46060C35F697281BC5E7337AEE3722B1, 2ABF0AAB5A3C5AE9424B64E9D19D9D6D4AEBC67814D7E92E4927B9798FEF2848 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\msvcp120.dll
11:05:04.0714 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\msvcp120.dll - ok
11:05:04.0717 0x1528  [ F11F8589FB574B65F226BC20A7B0D39E, 0DA2C532C1E06DA63A2196910860E8E1E09E7C32BBE274CA71F095E93EFE4953 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll
11:05:04.0717 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\libicuin.dll - ok
11:05:04.0722 0x1528  [ 3A970502DEE87B874DBB8B32ACAE3141, 0C5942E9BF432877B4DFE89400DC5A6674BEBA41329C0B8185D854F7895B6120 ] C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll
11:05:04.0722 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\libicuuc.dll - ok
11:05:04.0726 0x1528  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
11:05:04.0726 0x1528  C:\Windows\SysWOW64\uxtheme.dll - ok
11:05:04.0732 0x1528  [ 84657EBC51EA861208EEF2422C5B5DD0, BA35B27BF779EF65DF512ECA349E5E3439E394DD9259AEC677C87DF350D3368C ] C:\Program Files\Common Files\Apple\Apple Application Support\icudt55.dll
11:05:04.0732 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\icudt55.dll - ok
11:05:04.0737 0x1528  [ 7983C9D11527212D8A597275C4F16901, EEA7F2A2D698BFFBC58F71CE1E7451836D4CC7BB8403E966ECC7D3076E395CC8 ] C:\Program Files (x86)\Avira\Antivirus\avlode.dll
11:05:04.0738 0x1528  C:\Program Files (x86)\Avira\Antivirus\avlode.dll - ok
11:05:04.0741 0x1528  [ C4C57F0F1FC7A584F257EA0A0E4F5524, FAF4066A93982F539E7E8D670D0AF9E98DF9F543C2903FB8A425587C212A740C ] C:\Program Files (x86)\Avira\Antivirus\apcfile.dll
11:05:04.0742 0x1528  C:\Program Files (x86)\Avira\Antivirus\apcfile.dll - ok
11:05:04.0745 0x1528  [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
11:05:04.0745 0x1528  C:\Windows\SysWOW64\samcli.dll - ok
11:05:04.0749 0x1528  [ FBA3B4698DB8A604DB69C476282520F0, 8B579903D236B1A5FAE5ACC98C4FECFAA4A99A73BC913FF20FB5FC7F40019B0B ] C:\Program Files (x86)\Avira\Antivirus\firewall.dll
11:05:04.0749 0x1528  C:\Program Files (x86)\Avira\Antivirus\firewall.dll - ok
11:05:04.0753 0x1528  [ 6720EC6A81F6A2B1323A890F5ADBB34F, A298C9492D6B37C2B6E2F55E93ED985E086E73C40A245074622586854A680379 ] C:\Program Files (x86)\Avira\Antivirus\libaprutil-1.dll
11:05:04.0753 0x1528  C:\Program Files (x86)\Avira\Antivirus\libaprutil-1.dll - ok
11:05:04.0756 0x1528  [ EB207C17B82F6CA49042D563965FD54D, C9EAD5A07C445034B128C6AFEB2B3E59AFC5553B8440058550DB1447A93F5F0F ] C:\Program Files (x86)\Avira\Antivirus\libapriconv-1.dll
11:05:04.0756 0x1528  C:\Program Files (x86)\Avira\Antivirus\libapriconv-1.dll - ok
11:05:04.0760 0x1528  [ 5FC9113BC55F676D0D2B3A857A03C540, 2BF6AD9CECAE794331643DE86611F460646B3655D89C45D0724166A89C48075D ] C:\Program Files (x86)\Avira\Antivirus\libapr-1.dll
11:05:04.0760 0x1528  C:\Program Files (x86)\Avira\Antivirus\libapr-1.dll - ok
11:05:04.0764 0x1528  [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\SysWOW64\FirewallAPI.dll
11:05:04.0764 0x1528  C:\Windows\SysWOW64\FirewallAPI.dll - ok
11:05:04.0767 0x1528  [ FCD8DABEC886A7576401454368976188, 395491DC6BE9133D3F598826431926812469D5EFF208D1E7FB1609F0176662EA ] C:\Program Files (x86)\Avira\Antivirus\aecore.dll
11:05:04.0767 0x1528  C:\Program Files (x86)\Avira\Antivirus\aecore.dll - ok
11:05:04.0771 0x1528  [ FBC82A63B8A533E0C1DF4A301C4C351F, B2CBCFDEF97C28CD53D6315C8DCBA3E3BC15C35561BF4E0DB12B0BC9AAEA2EC9 ] C:\Program Files (x86)\Avira\Antivirus\aebb.dll
11:05:04.0771 0x1528  C:\Program Files (x86)\Avira\Antivirus\aebb.dll - ok
11:05:04.0774 0x1528  [ 6E3A1135A9C41A82CA25F5806111A270, 230046764BB7A20BBE613AE055D965767736192E37AD5DE2D36714925E4A96FA ] C:\Program Files (x86)\Avira\Antivirus\aecrypto.dll
11:05:04.0775 0x1528  C:\Program Files (x86)\Avira\Antivirus\aecrypto.dll - ok
11:05:04.0779 0x1528  [ 1CEBE00891BE582877493B33F5BA3B72, B1F25A50420450F699D7311453A073FF2B2753BF7B9C384CCF59F24006FA2AD3 ] C:\Program Files (x86)\Avira\Antivirus\aedroid.dll
11:05:04.0779 0x1528  C:\Program Files (x86)\Avira\Antivirus\aedroid.dll - ok
11:05:04.0784 0x1528  [ 99A10AD06433D0D9F44FEC554E59FC98, 0025D325A398478BAFD956C8E8D1DE4C821F555117CDEED0F8BCC08880B05BF9 ] C:\Program Files (x86)\Avira\Antivirus\aeemu.dll
11:05:04.0784 0x1528  C:\Program Files (x86)\Avira\Antivirus\aeemu.dll - ok
11:05:04.0788 0x1528  [ 5026D928EDB9E0D86FECC7B8D3B1E09A, 4241A59B126E089D42B6759D4F5AF5DF0D4D8F59661BFE0999A340166D86AEFA ] C:\Program Files (x86)\Avira\Antivirus\aeexp.dll
11:05:04.0788 0x1528  C:\Program Files (x86)\Avira\Antivirus\aeexp.dll - ok
11:05:04.0792 0x1528  [ 4C1C3C5AC67559F5EF206550369B31BD, E815220452F88490523EACDC12D826E6EF5CCDEDF1F2F3C6CBF820D53041C7E9 ] C:\Program Files (x86)\Avira\Antivirus\aegen.dll
11:05:04.0792 0x1528  C:\Program Files (x86)\Avira\Antivirus\aegen.dll - ok
11:05:04.0795 0x1528  [ F4C042BCACC168C290473A23CB6C2233, BD4F02D3796E17DBB89D394FAAFC8D87E775459D84783CC66AA977AB064C35EE ] C:\Program Files (x86)\Avira\Antivirus\aehelp.dll
11:05:04.0796 0x1528  C:\Program Files (x86)\Avira\Antivirus\aehelp.dll - ok
11:05:04.0799 0x1528  [ 4175D823F02CF59FEEEF2DAC8DBE4E09, 07115F5E5E88D41950765A9D49692FF48C30173A1EF08BD89CF7E9FAF16F16DE ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus.dll
11:05:04.0799 0x1528  C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportCerberus.dll - ok
11:05:04.0803 0x1528  [ 26EFD4FB15B467986AA2B4609279EBAF, 125195B5B8210E381D1C171264E29AD695C63703371871C030394AE8BD3299FA ] C:\Program Files (x86)\Avira\Antivirus\aeheur.dll
11:05:04.0803 0x1528  C:\Program Files (x86)\Avira\Antivirus\aeheur.dll - ok
11:05:04.0807 0x1528  [ 56BB455E00FCA288838934453F9CF725, 9535D42231CBF4B35A482C7DC7F96632DDDE5FFA165B9B1DB8E4F0C6D7765FC7 ] C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll
11:05:04.0807 0x1528  C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService_main.dll - ok
11:05:04.0810 0x1528  [ B6007E246A75102EF6B7A8B9F15A09AF, 48CE4BF3CA578D7EA01E5825C8F0CA53CE0F4BC001279B355F0CEC0548CD339B ] C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll
11:05:04.0811 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok
11:05:04.0814 0x1528  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
11:05:04.0814 0x1528  C:\Windows\System32\wsock32.dll - ok
11:05:04.0817 0x1528  [ 6A2B52668B8E46B78BD8B907169661D7, 4E49F4EF499D7593379995D7C06C2CCACEDFF9141C93DD21B009295340270864 ] C:\Windows\System32\dnssd.dll
11:05:04.0817 0x1528  C:\Windows\System32\dnssd.dll - ok
11:05:04.0819 0x1528  [ 19B6F9073BD606B7ABEC03A0328FDC1B, 639E6A05BB0E52CDBDF887A3FA209B32F84253D274F2A9A89E1D96F1BE4C8143 ] C:\Windows\System32\drivers\avnetflt.sys
11:05:04.0819 0x1528  C:\Windows\System32\drivers\avnetflt.sys - ok
11:05:04.0823 0x1528  [ 4425AE19F173A378A86E4EE01882E05E, 68B2F9E4EC999F685602B6A592463BEEBF0F6D9B75ED7593E97126DA424DF91A ] C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll
11:05:04.0823 0x1528  C:\Program Files\Common Files\Apple\Mobile Device Support\MobileDevice.dll - ok
11:05:04.0827 0x1528  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] C:\Program Files\Bonjour\mDNSResponder.exe
11:05:04.0827 0x1528  C:\Program Files\Bonjour\mDNSResponder.exe - ok
11:05:04.0831 0x1528  [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] C:\Windows\System32\cryptsvc.dll
11:05:04.0831 0x1528  C:\Windows\System32\cryptsvc.dll - ok
11:05:04.0834 0x1528  [ F0A3CA65871C39CB5BE6475A139536DD, 4715426A4F5AAA27BBC359D8F810005613A26A31439CC4C59C98E7220308238D ] C:\Windows\System32\DbxSvc.exe
11:05:04.0834 0x1528  C:\Windows\System32\DbxSvc.exe - ok
11:05:04.0838 0x1528  [ A1E41E09424E90F4A059776F30520465, BD968BDEE067B54BB2E63EE459538DC6B7127B6832BE5F5AA046E87753A95DE8 ] C:\Windows\System32\cryptnet.dll
11:05:04.0838 0x1528  C:\Windows\System32\cryptnet.dll - ok
11:05:04.0841 0x1528  [ F3D202F53A222D5F6944D459B73CF967, E9F1D48EB333D32331BCFD0348FE07BEE7D5352292E6020571DA395F596AFFE7 ] C:\Windows\System32\fltLib.dll
11:05:04.0841 0x1528  C:\Windows\System32\fltLib.dll - ok
11:05:04.0845 0x1528  [ 76B3780BA1BA4CD5BBFE2493D0476C3A, 98892581ADA9B05FD2E5F512661DE67A6B4B127ED2BBA8865CA10D662AABB73E ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportGH.dll
11:05:04.0845 0x1528  C:\ProgramData\Trusteer\Rapport\store\exts\RapportCerberus\baseline\RapportGH.dll - ok
11:05:04.0848 0x1528  [ 990EA3103E06D68CE0E755A9C3D70107, 39AC7F6D2A348BA50C3FBF50E23EAFEDAE232F0FA2F82937F18934E2D7C53CB7 ] C:\Windows\System32\dbgeng.dll
11:05:04.0849 0x1528  C:\Windows\System32\dbgeng.dll - ok
11:05:04.0852 0x1528  [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
11:05:04.0852 0x1528  C:\Windows\System32\vssapi.dll - ok
11:05:04.0856 0x1528  [ 2992AA1D80C5D81AD74397E036415EF7, 12EC19F6A4836FD5AFA6A27CA051EA860122AEDF30EEE9A61DF521BEBFC7F92A ] C:\Program Files (x86)\Avira\Antivirus\aelibinf.dll
11:05:04.0856 0x1528  C:\Program Files (x86)\Avira\Antivirus\aelibinf.dll - ok
11:05:04.0860 0x1528  [ 313C69DD8CB76B3AA414C0EB97A3F429, 09719E8B4CF06F6AFEE21E4372E20AA4DC34D1A042985B184627F0671D75232F ] C:\Program Files (x86)\Avira\Antivirus\aemobile.dll
11:05:04.0860 0x1528  C:\Program Files (x86)\Avira\Antivirus\aemobile.dll - ok
11:05:04.0864 0x1528  [ 96862EE6D1B4C3D2B96002DA7A4DAB9D, 6DA1E0A9B489CDC53E3313B342AED52851C538BCAF6CB9515012486A5F5C16A1 ] C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll
11:05:04.0864 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\CFNetwork.dll - ok
11:05:04.0867 0x1528  [ E5B275453F148553D7B5AE3A061BCC99, 55095D5B698B2C5839813DCB54F04E67440F0C217CB03DE989D3D6ABB858047E ] C:\Program Files (x86)\Avira\Antivirus\aeoffice.dll
11:05:04.0867 0x1528  C:\Program Files (x86)\Avira\Antivirus\aeoffice.dll - ok
11:05:04.0872 0x1528  [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
11:05:04.0872 0x1528  C:\Windows\System32\dbghelp.dll - ok
11:05:04.0876 0x1528  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
11:05:04.0876 0x1528  C:\Windows\System32\vsstrace.dll - ok
11:05:04.0880 0x1528  [ B691AEE56DAE1E003B3C48BB185C5F0A, 18A270FE455D7C6AD7780CB35667C0D7AD776210E69DC657A2A987441AB0DC6B ] C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
11:05:04.0880 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll - ok
11:05:04.0884 0x1528  [ 4A41E1FF50F0C840871A6C1C53BA4201, 54B476EFE92847BB71C592EF75CBE55D3474BF922807DBDB56580DD414FF6EA1 ] C:\Program Files (x86)\Avira\Antivirus\aepack.dll
11:05:04.0884 0x1528  C:\Program Files (x86)\Avira\Antivirus\aepack.dll - ok
11:05:04.0888 0x1528  [ EE9954237F15BE4DD9304D12E4D305ED, F295C9BAF20F0E669B673AFCC16B4969EE31B6A3808980DAB93D9B0F167DA3C0 ] C:\Windows\System32\diagtrack.dll
11:05:04.0888 0x1528  C:\Windows\System32\diagtrack.dll - ok
11:05:04.0891 0x1528  [ 0C043B0ABBB5E14E68906AB80365395B, A57A6FAF713EA4F46566A941DE7C2273ED4EB50F9E30B70276E810873AF6900B ] C:\Windows\System32\efssvc.dll
11:05:04.0891 0x1528  C:\Windows\System32\efssvc.dll - ok
11:05:04.0894 0x1528  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
11:05:04.0894 0x1528  C:\Windows\System32\dps.dll - ok
11:05:04.0898 0x1528  [ 7F8E83B9466A0A002D4AB15C104062A7, D2D64B95079243F04479A7950AFB9DD086C43BF0236E72E74FC45C6945A765E4 ] C:\Windows\System32\efscore.dll
11:05:04.0898 0x1528  C:\Windows\System32\efscore.dll - ok
11:05:04.0901 0x1528  [ 9C861C079DD81762B6C54E37597B7712, AD32240BB1DE55C3F5FCAC8789F583A17057F9D14914C538C2A7A5AD346B341C ] C:\Windows\System32\msvcr120.dll
11:05:04.0901 0x1528  C:\Windows\System32\msvcr120.dll - ok
11:05:04.0905 0x1528  [ 58283053C781AD3A579C95D7765C1FA0, 9F7641C9B5E64797E14A2E307D94E31D6F51A721964BD5CE8CEFF6B523A69DB8 ] C:\Windows\System32\efsutil.dll
11:05:04.0905 0x1528  C:\Windows\System32\efsutil.dll - ok
11:05:04.0908 0x1528  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
11:05:04.0908 0x1528  C:\Windows\System32\taskschd.dll - ok
11:05:04.0912 0x1528  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
11:05:04.0912 0x1528  C:\Windows\System32\FDResPub.dll - ok
11:05:04.0915 0x1528  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
11:05:04.0915 0x1528  C:\Windows\System32\IKEEXT.DLL - ok
11:05:04.0919 0x1528  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
11:05:04.0919 0x1528  C:\Windows\System32\netman.dll - ok
11:05:04.0923 0x1528  [ 2334DC48997BA203B794DF3EE70521DB, 832F4EC1586C9669F2D54AB3B212943E43B87A33B24DCC8CDAD6A0264291EE2F ] C:\Windows\System32\HPZinw12.dll
11:05:04.0923 0x1528  C:\Windows\System32\HPZinw12.dll - ok
11:05:04.0926 0x1528  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] C:\Windows\System32\nlasvc.dll
11:05:04.0926 0x1528  C:\Windows\System32\nlasvc.dll - ok
11:05:04.0930 0x1528  [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
11:05:04.0930 0x1528  C:\Windows\System32\WSDApi.dll - ok
11:05:04.0934 0x1528  [ 0750556E1471FC9D823C30BC99B77A38, 54FCEE03FAF469D814F970390699CBB7D0551FFE7B4A8108544072D8ABBFEE55 ] C:\Program Files (x86)\Avira\Antivirus\aerdl.dll
11:05:04.0934 0x1528  C:\Program Files (x86)\Avira\Antivirus\aerdl.dll - ok
11:05:04.0937 0x1528  [ F38C24DBC2E94A9D4C55380B939F4C2B, 4D00FB182BC797B39EE122740B9D2BC01B2A58C078FA3E0FA7AB4EBED33BCF47 ] C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll
11:05:04.0938 0x1528  C:\ProgramData\Trusteer\Rapport\store\exts\RapportMS\baseline\RapportMS.dll - ok
11:05:04.0941 0x1528  [ EA4D67448BE493D543F1730D6CD04694, 24717C5E41B7CA522F3330EF2228B6685E710A5259396E9887A1C1E7A413F8CA ] C:\Windows\System32\drivers\PEAuth.sys
11:05:04.0941 0x1528  C:\Windows\System32\drivers\PEAuth.sys - ok
11:05:04.0945 0x1528  [ AB9F91D747A3AE9D380237426C58A0E8, F24AB75E1D0146C3FFCD8E7C3125AA21306E972A30858BB52ECE57793415BA9F ] C:\Windows\System32\aepic.dll
11:05:04.0945 0x1528  C:\Windows\System32\aepic.dll - ok
11:05:04.0948 0x1528  [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
11:05:04.0948 0x1528  C:\Windows\System32\ncsi.dll - ok
11:05:04.0952 0x1528  [ B2ED0DC061D3C83A1AF47626E1F23B78, 07F820E462885E671023074EBF69C99A87352BF5F00A47B9EFBE164463F8DBA9 ] C:\Windows\System32\winhttp.dll
11:05:04.0952 0x1528  C:\Windows\System32\winhttp.dll - ok
11:05:04.0955 0x1528  [ 55A042FF1C3F82A00D63A51F0534BC51, 36748FD405172461E55A9A1CE2C5CB5B7B58291045891A47F904536D5040A931 ] C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll
11:05:04.0955 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\SQLite3.dll - ok
11:05:04.0959 0x1528  [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
11:05:04.0959 0x1528  C:\Windows\System32\webservices.dll - ok
11:05:04.0962 0x1528  [ 1351A63BEC87BF81E540251966648C5D, D3B888B3FCD2E345B11374868BB4C99DD7A8D1DEF9DD923D8B7CF5F4B97AA49F ] C:\Windows\System32\webio.dll
11:05:04.0962 0x1528  C:\Windows\System32\webio.dll - ok
11:05:04.0965 0x1528  [ FF0125FBDAE63521D6A13D91C0F6DC97, EB998E57798D3C85458D13297F97F2594EC8511CEFFD9B47AD2139F4BDCFB6AD ] C:\Program Files (x86)\Avira\Antivirus\aesbx.dll
11:05:04.0965 0x1528  C:\Program Files (x86)\Avira\Antivirus\aesbx.dll - ok
11:05:04.0969 0x1528  [ AC78DF349F0E4CFB8B667C0CFFF83CCE, 7E635AA2E7350FCA0C954E697F1480A6204920AEFBCF06B90FFA02398DA82822 ] C:\Windows\System32\HPZipm12.dll
11:05:04.0969 0x1528  C:\Windows\System32\HPZipm12.dll - ok
11:05:04.0972 0x1528  [ 124AABF93F9721543E2C6B71DACBB214, 812E578EF56D3B4AA3CF4EDCD5D8692CCFC0AA836EBE18E2B6797ED7400102F0 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe
11:05:04.0972 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.SpeedupService.exe - ok
11:05:04.0976 0x1528  [ 71F6D587A517F5E36A5BCE8D5F4119DF, C6D3AB7964E7128509EEB11CA154845B3CCB93E86F46339FAA89DB15A5662E48 ] C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
11:05:04.0976 0x1528  C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll - ok
11:05:04.0979 0x1528  [ 86D5821B72DE71722001E9558B89C242, DE12ECE6F758340387B0F4104B18305C5695DEF315110DE6CC8A876589141262 ] C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll
11:05:04.0980 0x1528  C:\Windows\System32\api-ms-win-core-synch-l1-2-0.dll - ok
11:05:04.0983 0x1528  [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
11:05:04.0983 0x1528  C:\Windows\SysWOW64\mscoree.dll - ok
11:05:04.0986 0x1528  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
11:05:04.0987 0x1528  C:\Windows\System32\ssdpapi.dll - ok
11:05:04.0991 0x1528  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
11:05:04.0991 0x1528  C:\Windows\System32\fundisc.dll - ok
11:05:04.0994 0x1528  [ E54D1EF2D901652031E7647A127369AA, A5E073781A44CCB7A929A46F6B16E2746B05CF5095EFC6D338CA08FCB4F937F7 ] C:\Program Files (x86)\Avira\Antivirus\aescn.dll
11:05:04.0995 0x1528  C:\Program Files (x86)\Avira\Antivirus\aescn.dll - ok
11:05:04.0998 0x1528  [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
11:05:04.0998 0x1528  C:\Windows\System32\vpnikeapi.dll - ok
11:05:05.0002 0x1528  [ 73C572F073317BA2D9B6CF6AC58CFA09, 91CD9844DF08D20A244EC03F445A7D615310D3F24FF50DEF46FFD6CADA975ABD ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
11:05:05.0002 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
11:05:05.0007 0x1528  [ 20FB16E4D0E9C67F657C616BC001985A, 7F2F885FBFB31A327119EB9CEFD2F3E6DC2C50FA72AA149E5AD6C2544712C62F ] C:\Program Files (x86)\Avira\Antivirus\aescript.dll
11:05:05.0007 0x1528  C:\Program Files (x86)\Avira\Antivirus\aescript.dll - ok
11:05:05.0010 0x1528  [ 852877D335F2EA01CCFC041791EB9539, B9A03656D116EEE3BC397C804F264434ABFBA38751CE8C8DCFC869533A542E93 ] C:\Program Files (x86)\Avira\Antivirus\aevdf.dll
11:05:05.0010 0x1528  C:\Program Files (x86)\Avira\Antivirus\aevdf.dll - ok
11:05:05.0013 0x1528  [ BA4C095F458491A1923EBBDF42790656, 6875729810877BA5CF66D95ED5B261E4666F3CFA096F75DFD396FFCE714DDA38 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
11:05:05.0013 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
11:05:05.0017 0x1528  [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
11:05:05.0018 0x1528  C:\Windows\System32\httpapi.dll - ok
11:05:05.0021 0x1528  [ CD602D91D93543EA9FD29AFF0555CC1C, 1DAE037FF27D1B08D7FECCD9981D368DDC623EEB5694A26859711B31F0E8A897 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportGP.dll
11:05:05.0021 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportGP.dll - ok
11:05:05.0025 0x1528  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
11:05:05.0025 0x1528  C:\Windows\System32\aeevts.dll - ok
11:05:05.0028 0x1528  [ 05D721CABA1C90ACDA8A780DA97602E2, DC18CC80C68D13EF9030730688AE15FE7D9AA8D9273AE299EAD5C49766E4FCE1 ] C:\Windows\SysWOW64\msvcr120_clr0400.dll
11:05:05.0028 0x1528  C:\Windows\SysWOW64\msvcr120_clr0400.dll - ok
11:05:05.0032 0x1528  [ 41CAB9BCD4CD86E437F4C448970A5F03, 807B5F63EF51B1CAFBD0BD268719C81806060EB0C61752F53AB740667F42A307 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c63857e47a917e45ff227d52324d08a1\mscorlib.ni.dll
11:05:05.0032 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\c63857e47a917e45ff227d52324d08a1\mscorlib.ni.dll - ok
11:05:05.0036 0x1528  [ F27238D38E284B65C68A1C8872AC4338, 648EA07A96BB1BE0E751C8170C5840024EB254FCDA81A3A46451D5C2B0CBFAF1 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportKoan.dll
11:05:05.0036 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportKoan.dll - ok
11:05:05.0039 0x1528  [ ED08CED42574CE89A4F0038A804CD170, 854CF16E8C1143EA256207DC3FBF73AB402F820C58B7CE22988746B62822E35B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
11:05:05.0039 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
11:05:05.0043 0x1528  [ 02557844BEED284D64D43AE4D2407073, 52920ADCDADBCD731C6AE515A6E720774D65054CEF0668F733FE8AA0E594016E ] C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll
11:05:05.0043 0x1528  C:\Windows\SysWOW64\api-ms-win-core-xstate-l2-1-0.dll - ok
11:05:05.0046 0x1528  [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
11:05:05.0046 0x1528  C:\Windows\SysWOW64\oleacc.dll - ok
11:05:05.0049 0x1528  [ 1A017B670EA115083A2D697CA53A0712, 5C3DA81782CA8F33B37012AE4982F7E008370DFC03B804D276527FE171900367 ] C:\Windows\SysWOW64\urlmon.dll
11:05:05.0050 0x1528  C:\Windows\SysWOW64\urlmon.dll - ok
11:05:05.0053 0x1528  [ B54A4FBC507FCB3E6139B6FDC7D2BC24, 7224669F34A1834C88E7D2BE47FCEE51CC6823948F3DC3201CCD5B62F548EA62 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Library.dll
11:05:05.0053 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Library.dll - ok
11:05:05.0056 0x1528  [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
11:05:05.0056 0x1528  C:\Windows\System32\esent.dll - ok
11:05:05.0060 0x1528  [ 532E5E068B29F391D02BC1655D1688E3, 2A5E1C25812AD26FED80EF407215D7C11C2552516D853BF5FAAA557E5FB77A0F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\7f93837e87869a6f9b9c7d21e544bd78\System.ni.dll
11:05:05.0060 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\7f93837e87869a6f9b9c7d21e544bd78\System.ni.dll - ok
11:05:05.0064 0x1528  [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
11:05:05.0064 0x1528  C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
11:05:05.0067 0x1528  [ 7BEFFF5FD80A9126C77DE30EC49D9891, BF3EE4B9AF53744F7FD0F66E9F559E51C64C71D7893F31D5B70237DECB4E26DE ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportEjo.dll
11:05:05.0068 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportEjo.dll - ok
11:05:05.0070 0x1528  [ FCE0E7D4AD8796D49F3F2B26338B4197, F856BBB0C60BA7326FAD26E14DA30AFBBFB199F8E6C192FA128A0709D31F0CC9 ] C:\Program Files (x86)\Avira\System Speedup\Newtonsoft.Json.dll
11:05:05.0070 0x1528  C:\Program Files (x86)\Avira\System Speedup\Newtonsoft.Json.dll - ok
11:05:05.0074 0x1528  [ BFD55AFD3A5E25D366CF0E210AB729C2, 4AB000730D2D668A2D8CFB2A79BFAA87099FDB8D0D4F010266A28EC871E4080F ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzan36.dll
11:05:05.0074 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzan36.dll - ok
11:05:05.0078 0x1528  [ 0E4003F547CEE774DD3567BB7F68A5E2, 74CE8F3D46B67637A734BB22874655E9A00C1A5C861154EA2BDC51B28F25EF3A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9b3323c270e11b1c7785ed988e60ff92\System.Core.ni.dll
11:05:05.0078 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\9b3323c270e11b1c7785ed988e60ff92\System.Core.ni.dll - ok
11:05:05.0081 0x1528  [ B403B8B4E177D7BDCF2F34EB36847ABA, FD5FC257715F73E3C613C3802F1DD7CF7FB5C21BAD510B324D0EED7F9EE9F9ED ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx450.dll
11:05:05.0082 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx450.dll - ok
11:05:05.0085 0x1528  [ 2AC09E973BA0CF16C3B4A30210234252, 417B00CBAF54783EA5255E04C443F8744A367B40EE2620FAE825C8C004C455FA ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx480.dll
11:05:05.0085 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx480.dll - ok
11:05:05.0089 0x1528  [ D013BEE7BA20F221F8E3585685BF8C20, ACF09736F70C11A03623713282843F27F935D4FED785ABEACA6CA80691345E10 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx490.dll
11:05:05.0089 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx490.dll - ok
11:05:05.0093 0x1528  [ A0C5E41678738009033A13D7D51A0F57, 3C6C2D2A6FCECC555DA466E77AE70779F769F94BFC90E303160F6E31918E62F0 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.IPBBConnector.dll
11:05:05.0093 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.IPBBConnector.dll - ok
11:05:05.0097 0x1528  [ D68FF83C2D44A0C57DC1B2299C782909, 31DB66DA051C50AD832887AF9A07DE481B3FE8931FA1A4A88A262B1240B68D5F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systea5256926#\323ecbc54f15b1cee91a32095d67d6bb\Avira.SystemSpeedup.Core.Common.Library.ni.dll
11:05:05.0097 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systea5256926#\323ecbc54f15b1cee91a32095d67d6bb\Avira.SystemSpeedup.Core.Common.Library.ni.dll - ok
11:05:05.0100 0x1528  [ 76E9F52E190F3CD41C820751B961C398, CEC81C3262047B31E02EFD867921C7F3D2EC1F1B0913BF3E1FA52C966810B2D1 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
11:05:05.0100 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
11:05:05.0104 0x1528  [ EDF87DF65A010F18BE996B8B4EF9427B, 4D5F5EF9CBA6306F3D22610E7CB5EAE3C61026389E542C2F8D9D2534EE2B1515 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx500.dll
11:05:05.0104 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx500.dll - ok
11:05:05.0107 0x1528  [ C07FAD00BEDC042FC5691F944D35F01C, 59030A17BFDCA4250EF4BB17B9472FBA6C8E5894760EEB08A518A5FE2A07674A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\46a1c421b74e2db0acf8f48f96fcc460\System.Configuration.ni.dll
11:05:05.0108 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\46a1c421b74e2db0acf8f48f96fcc460\System.Configuration.ni.dll - ok
11:05:05.0112 0x1528  [ DB02FD7EF88E51D2E70A4E7A674A1C31, D1AFE588527B00F17791488EDBB780655723ECAEDC8D2A645BDEC7FAA893F5BA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d3f60c73523fe26dafd69911d7a0e02\System.Xml.ni.dll
11:05:05.0112 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\3d3f60c73523fe26dafd69911d7a0e02\System.Xml.ni.dll - ok
11:05:05.0116 0x1528  [ B27163008C9F663A8D1DD76593D723C7, B06EC146B2D9E3987BE1F0BAA1706C7B773FE010CCBD9B27C0CDF287A01BD146 ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx510.dll
11:05:05.0116 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportTanzanEx510.dll - ok
11:05:05.0119 0x1528  [ B3190ACBA998749ACD6EA1522092FB1C, 40113DCD52C72F0C212D6D2979C710EA2A805D52CE8E8146F418194A55A5D33C ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportNikko.dll
11:05:05.0119 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportNikko.dll - ok
11:05:05.0123 0x1528  [ 403FA3109F6129B37CEA8544C508621C, 3566984AC1552D061F41B9AF3F2F8CE5849920B10C0A0CB5DC73E3BE22085BB7 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\89d73d34ca2374704707cc1e7c0923f4\System.ServiceProcess.ni.dll
11:05:05.0123 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\89d73d34ca2374704707cc1e7c0923f4\System.ServiceProcess.ni.dll - ok
11:05:05.0126 0x1528  [ 42EDAB3E3E8E25C7093674936C2DB4BD, B2D5E006B748F24F0FF2CEFFC3D056F3D50E8A818BDFF4231C87C022A25F44ED ] C:\Windows\System32\drivers\srvnet.sys
11:05:05.0127 0x1528  C:\Windows\System32\drivers\srvnet.sys - ok
11:05:05.0130 0x1528  [ 8BB973283D503C9DEE003476810018C1, CFF20CF01155DEE730337A5684285B7A39C59B8321BDC242170AE189C3841A19 ] C:\Program Files (x86)\Avira\System Speedup\Microsoft.Practices.Unity.dll
11:05:05.0130 0x1528  C:\Program Files (x86)\Avira\System Speedup\Microsoft.Practices.Unity.dll - ok
11:05:05.0134 0x1528  [ 92A533BE83B7FA43A1B18F009A7D450B, 34005D6A80434542780C6D192E6ABD07BEA49B2EEB7E43FBFDFE90C2889986E5 ] C:\Program Files (x86)\Avira\System Speedup\Microsoft.Practices.ServiceLocation.dll
11:05:05.0134 0x1528  C:\Program Files (x86)\Avira\System Speedup\Microsoft.Practices.ServiceLocation.dll - ok
11:05:05.0138 0x1528  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] C:\Windows\System32\tapisrv.dll
11:05:05.0138 0x1528  C:\Windows\System32\tapisrv.dll - ok
11:05:05.0144 0x1528  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
11:05:05.0144 0x1528  C:\Windows\System32\wiaservc.dll - ok
11:05:05.0148 0x1528  [ 7FE5586314EE7D6AA8483264A089E5AF, 4E3EA68713A45C22F1B9A1AA125E15D06D0C5E637B815537431ADFB6D7563879 ] C:\Windows\System32\drivers\tcpipreg.sys
11:05:05.0148 0x1528  C:\Windows\System32\drivers\tcpipreg.sys - ok
11:05:05.0153 0x1528  [ 13D35080CF1ECD3AD0B8D8C973373085, 88610E0188161765D52ED45F14B4F3A9CB71B96BA6D4A10E2A9D5914F8A6766C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Pd001c906#\7fad5cd3683f38b53a2ed4bfe18b22db\Microsoft.Practices.Unity.ni.dll
11:05:05.0153 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Pd001c906#\7fad5cd3683f38b53a2ed4bfe18b22db\Microsoft.Practices.Unity.ni.dll - ok
11:05:05.0158 0x1528  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
11:05:05.0158 0x1528  C:\Windows\System32\trkwks.dll - ok
11:05:05.0163 0x1528  [ D6D3AF082478D2013DF44B19225E7FFF, 83F17FC9BD4C05C45DBE83261D61784FAF4545E4723AAAE1356C1B09C9D2124F ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Exception.dll
11:05:05.0163 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Exception.dll - ok
11:05:05.0166 0x1528  [ 2C9732B39F81395CC9FE40F181CD3433, AEC8D7B2E8E96CEA2F7A9D01F909520FF95C1C95D34632D7D5BB7C64C22E738B ] C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe
11:05:05.0166 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESMgr.exe - ok
11:05:05.0170 0x1528  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
11:05:05.0170 0x1528  C:\Windows\System32\wiatrace.dll - ok
11:05:05.0175 0x1528  [ 7C0B7A572B71272ACC692F09ED5F160C, 7278E91A52A4693402083BBE6686CD2C28A8CC92E059B52A5F4D04D3EF71CE69 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Presentation.ViewModel.dll
11:05:05.0175 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Presentation.ViewModel.dll - ok
11:05:05.0179 0x1528  [ 2E3877AA7D5AE29FFE96112FCEFF497B, 79F571B11F6D3F48052858319127DB4158A3D737B0FAC9C5EA197A32F3BA8FB5 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Common.dll
11:05:05.0179 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Common.dll - ok
11:05:05.0184 0x1528  [ 1488C726A98F80C3DDC6A1D00A8D0B8B, 3E4EF152246EB9D1EBF58C2BB93EA038232AFA0C1DF03B6D3A9E398620938759 ] C:\Program Files (x86)\Avira\System Speedup\Microsoft.Practices.Prism.dll
11:05:05.0184 0x1528  C:\Program Files (x86)\Avira\System Speedup\Microsoft.Practices.Prism.dll - ok
11:05:05.0186 0x1528  [ CE3C119318CDC3A7CB8CABEC3F84F8E6, 5065395DFA71D9A8E8EC7D9E40751DF82F19E9E9FC79C63CF891E7B480C32330 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Resources.dll
11:05:05.0187 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Resources.dll - ok
11:05:05.0190 0x1528  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
11:05:05.0190 0x1528  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
11:05:05.0194 0x1528  [ E05F8555C1F7C75EDBCCBE1AC1274B8A, 6100DB23365D32ECAB947F103B93F031A6A5CCD8AB403260B59415D19B1B5AAC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systea666a8d1#\c62fe0fcb4d828b4c8b70d93cb6986d9\Avira.SystemSpeedup.Infrastructure.Exception.ni.dll
11:05:05.0194 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systea666a8d1#\c62fe0fcb4d828b4c8b70d93cb6986d9\Avira.SystemSpeedup.Infrastructure.Exception.ni.dll - ok
11:05:05.0198 0x1528  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
11:05:05.0198 0x1528  C:\Windows\System32\wbem\WMIsvc.dll - ok
11:05:05.0201 0x1528  [ DDCEE8B9FD66EFD66A0BC32FEB4F13B7, C98C3353CF0A7D933BCDA331A765DE98F681F4442FA17296163B7E723E3184BF ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systebb8c882b#\d70c0a3775bcd01f7a81556e654e6c6e\Avira.SystemSpeedup.Infrastructure.Common.ni.dll
11:05:05.0202 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systebb8c882b#\d70c0a3775bcd01f7a81556e654e6c6e\Avira.SystemSpeedup.Infrastructure.Common.ni.dll - ok
11:05:05.0205 0x1528  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
11:05:05.0205 0x1528  C:\Windows\System32\wbemcomn.dll - ok
11:05:05.0208 0x1528  [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
11:05:05.0208 0x1528  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
11:05:05.0213 0x1528  [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
11:05:05.0213 0x1528  C:\Windows\SysWOW64\imagehlp.dll - ok
11:05:05.0216 0x1528  [ CA948362FC767F2D6091F424689B52E9, D3DA3F4C2300720360B3DAB450206A8B685A944C7C0053F98A71622C37424235 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Pcfd8586c#\29b9f5163348a8292216352cd7d890cd\Microsoft.Practices.Prism.ni.dll
11:05:05.0216 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.Pcfd8586c#\29b9f5163348a8292216352cd7d890cd\Microsoft.Practices.Prism.ni.dll - ok
11:05:05.0219 0x1528  [ 431D2B06E8F93EAEC53E8FA37FCFF2F1, 4CB94D250E9D2646FCE7284D4D3CED1BB02E4D79AD33A414D16EF794195868CA ] C:\Windows\System32\drivers\srv2.sys
11:05:05.0219 0x1528  C:\Windows\System32\drivers\srv2.sys - ok
11:05:05.0223 0x1528  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] C:\Windows\System32\rasmans.dll
11:05:05.0223 0x1528  C:\Windows\System32\rasmans.dll - ok
11:05:05.0226 0x1528  [ 6243ACC0197317B57D379C615123835E, 635730D6F101D0BEB137D8CCB0B8CC964F6B57A80B5C5EBFEA2B0A78B8CC8C18 ] C:\Windows\SysWOW64\ncrypt.dll
11:05:05.0226 0x1528  C:\Windows\SysWOW64\ncrypt.dll - ok
11:05:05.0229 0x1528  [ 538AD00E38C324F7E93FC9632DFE79A7, C04A4879EF8309CA71BE8DB9CC77B74026B46B21BA3CA5BA5B7A9443663D72E9 ] C:\Windows\SysWOW64\bcrypt.dll
11:05:05.0229 0x1528  C:\Windows\SysWOW64\bcrypt.dll - ok
11:05:05.0233 0x1528  [ C5E3519A7EC8833AEF27629F873F2B83, A332D6D58D6AB6F3F02158B67697C1D1389E54C059D40D70684390828BB598C7 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Host.Services.dll
11:05:05.0233 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Host.Services.dll - ok
11:05:05.0237 0x1528  [ 6B98026761228F913E9FA3F974920A20, D80DCEC4B5554E84491B06C624098123033B840F88157EF402EDAD2163B0A734 ] C:\Windows\SysWOW64\bcryptprimitives.dll
11:05:05.0237 0x1528  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
11:05:05.0240 0x1528  [ 44C96B48112EB24AE7764EBF1C527000, 6691D008C834686906B4841EF27604B0F0E70E668C09CEE19369426BF168AF44 ] C:\Windows\System32\rastapi.dll
11:05:05.0240 0x1528  C:\Windows\System32\rastapi.dll - ok
11:05:05.0244 0x1528  [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
11:05:05.0244 0x1528  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
11:05:05.0247 0x1528  [ FAFAE01E889DC9C05A6CA2138CFC220B, 192CFDE3593ED0A9B397461D912074C0F062015C23E6F6658571C7C2864D9A51 ] C:\Windows\System32\tapi32.dll
11:05:05.0247 0x1528  C:\Windows\System32\tapi32.dll - ok
11:05:05.0251 0x1528  [ AD65BDAC9EF936E90270AA24E9C0C2E6, 7BE4870F08607FB56862BAF7C9634AED54FDEC3F8F45B011C0FB94D9A91A2E73 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Services.Interface.dll
11:05:05.0251 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Services.Interface.dll - ok
11:05:05.0254 0x1528  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
11:05:05.0254 0x1528  C:\Windows\System32\wbem\fastprox.dll - ok
11:05:05.0258 0x1528  [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
11:05:05.0258 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe - ok
11:05:05.0262 0x1528  [ 9CFC65F06A81153F1B098796F220F84F, 6784C2B55680CA5690816FFBC2A8C3B7D77B8952EFF298FD8FBCCD8C2BE06883 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Communication.Interface.dll
11:05:05.0262 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Communication.Interface.dll - ok
11:05:05.0266 0x1528  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
11:05:05.0266 0x1528  C:\Windows\System32\wbem\WinMgmtR.dll - ok
11:05:05.0269 0x1528  [ FBE4E7975289230F84D9DA2222448AC3, B6D6F1122ED153E25D280EE96FF16BBB36AD4A4D8363F09289DDFF77A228F967 ] C:\Windows\SysWOW64\gpapi.dll
11:05:05.0269 0x1528  C:\Windows\SysWOW64\gpapi.dll - ok
11:05:05.0273 0x1528  [ 19575BE1D067398A2E7FDADCF472D052, A7CBD0270D9A4525F8479A599BB0D8545503CA6A870D353398D3F8B1F316FFD3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste768be01f#\f8ea00d96a6a17661710e4272388b029\Avira.SystemSpeedup.Core.Services.Interface.ni.dll
11:05:05.0273 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste768be01f#\f8ea00d96a6a17661710e4272388b029\Avira.SystemSpeedup.Core.Services.Interface.ni.dll - ok
11:05:05.0276 0x1528  [ D2A0FFA75AB181B19B5EB93BB29C7686, AC282D5EFFB191492F14638EB80F18E53C4A3D26C94A00A949366B3564D6C3E2 ] C:\Windows\System32\unimdm.tsp
11:05:05.0276 0x1528  C:\Windows\System32\unimdm.tsp - ok
11:05:05.0280 0x1528  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
11:05:05.0280 0x1528  C:\Windows\System32\ntdsapi.dll - ok
11:05:05.0284 0x1528  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
11:05:05.0284 0x1528  C:\Windows\System32\wbem\wbemprox.dll - ok
11:05:05.0287 0x1528  [ 94B7DF336815B47236724019FAB24B7C, 43549F1FB89D0585A0E0333BB8E1DDED2EBD0F3C0EC3EA93B238EA037188AA41 ] C:\Windows\System32\uniplat.dll
11:05:05.0287 0x1528  C:\Windows\System32\uniplat.dll - ok
11:05:05.0291 0x1528  [ 23FE2249F45382DB2BA61236AE2DF45E, 423D30CF354655002B3151ECE1C2A774E03C35E1790325D9169249245DCC62E2 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Communication.Pipes.dll
11:05:05.0291 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Communication.Pipes.dll - ok
11:05:05.0294 0x1528  [ 41326DD08ACC0CDC5F8177AF96C066E8, 9C21BB553EEDD28272E865396C9EF94655EC1CF216290A56581AEF7908B7AFDD ] C:\Windows\System32\kmddsp.tsp
11:05:05.0294 0x1528  C:\Windows\System32\kmddsp.tsp - ok
11:05:05.0298 0x1528  [ 25375A4B811EC5170E38B6F81EE35E65, CED707028CC67DDFEC197AC23D970493918BC84A8A5B7E9FAC7068B80E5DD84C ] C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe
11:05:05.0298 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESMgrSub.exe - ok
11:05:05.0302 0x1528  [ 1D6BC2769DA66C1145F4DA5A65F52E61, B38EFF16652E751BF3B3BD85DA6EA33AB9B7F4228C59F741074E33085DB66ED0 ] C:\Windows\System32\ndptsp.tsp
11:05:05.0302 0x1528  C:\Windows\System32\ndptsp.tsp - ok
11:05:05.0307 0x1528  [ B331231F2EAAF5B80B9D75F1F31179FB, C3D459B49E0CDABCC358E6EBB3CF84F964BBCC3091D2938B6AAE8334C58CE24C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste3138d277#\b386263531fa82c3eee2e8915b1df168\Avira.SystemSpeedup.Infrastructure.Communication.Pipes.ni.dll
11:05:05.0307 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste3138d277#\b386263531fa82c3eee2e8915b1df168\Avira.SystemSpeedup.Infrastructure.Communication.Pipes.ni.dll - ok
11:05:05.0311 0x1528  [ 7C1BAE7D23D4874FEE256A2B9C00E019, 4EE87C2F0CACE557AA159349133474A5857B6667DDB976BA5A18489A3333F798 ] C:\Windows\System32\hidphone.tsp
11:05:05.0311 0x1528  C:\Windows\System32\hidphone.tsp - ok
11:05:05.0315 0x1528  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
11:05:05.0315 0x1528  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
11:05:05.0320 0x1528  [ 6DD93A6F38589F529346A225304A0AA4, 0F5A986D74327E8B1C1A3ABE81F809A0C676E8BA4EB51E16F52D969D140D7805 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systebdfe079c#\b3066707c47693a0025def44fe00b9ab\Avira.SystemSpeedup.Infrastructure.Presentation.ViewModel.ni.dll
11:05:05.0320 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systebdfe079c#\b3066707c47693a0025def44fe00b9ab\Avira.SystemSpeedup.Infrastructure.Presentation.ViewModel.ni.dll - ok
11:05:05.0324 0x1528  [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
11:05:05.0324 0x1528  C:\Windows\System32\wbem\wbemcore.dll - ok
11:05:05.0328 0x1528  [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
11:05:05.0328 0x1528  C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
11:05:05.0332 0x1528  [ 2032B7698A8DCA5E157FD4ED153E9A76, F8C070BE68C2E7551756B991CC1ACA1B2CFC9D2110B45969D89357659FB63BA1 ] C:\Windows\SysWOW64\msxml6.dll
11:05:05.0332 0x1528  C:\Windows\SysWOW64\msxml6.dll - ok
11:05:05.0336 0x1528  [ DEFECFB6DF61408CCA88346808A9AFCA, 8F0CE82C42F8529EB9E66FA74B450310C92B43E169B4A53D666279C3D4ED439A ] C:\Program Files (x86)\Avira\Launcher\Avira.OE.WinCore.dll
11:05:05.0336 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.OE.WinCore.dll - ok
11:05:05.0339 0x1528  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
11:05:05.0340 0x1528  C:\Windows\System32\wbem\esscli.dll - ok
11:05:05.0343 0x1528  [ 8214411C522D604244751F8FBA866285, 39C64BF1CA77C4BEE8A1CA85B7D64AE1D712E34BD3EC7616133A1E47E3E30021 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\edcbf3f2627ad07022071eb699fae256\WindowsBase.ni.dll
11:05:05.0343 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\edcbf3f2627ad07022071eb699fae256\WindowsBase.ni.dll - ok
11:05:05.0347 0x1528  [ A717A35120DBAB5AB707AB40662AF9DD, DE117E70D0AC7FC26BBCEAAB45A0270A1065B36CC8B062B4128B561F2AAA9E04 ] C:\Windows\System32\rasppp.dll
11:05:05.0347 0x1528  C:\Windows\System32\rasppp.dll - ok
11:05:05.0351 0x1528  [ 16F74CA98D84F88B1FD4CA50ECB43721, 32DDFCD797B3313FD1B5FDD8B695CADE46494803F13FF12DC4BDF87A2774E4DB ] C:\Program Files (x86)\Avira\Launcher\Avira.OE.WinCore.Interface.dll
11:05:05.0351 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.OE.WinCore.Interface.dll - ok
11:05:05.0355 0x1528  [ EB4F1322004A634B0BB4DF2EC94D5E16, 4F943B01C637A7D58E6AC8E5177871178A3485652B9BFC4703901CD78AAA8801 ] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
11:05:05.0355 0x1528  C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll - ok
11:05:05.0358 0x1528  [ 0FE5CD5F9C9248F42D1EF56E495B182E, 1EBD40C119A3D3251A19A8D15669D9DCB5D3CFBC3AFCF1CD00101C31320243E1 ] C:\Windows\System32\vpnike.dll
11:05:05.0358 0x1528  C:\Windows\System32\vpnike.dll - ok
11:05:05.0362 0x1528  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
11:05:05.0362 0x1528  C:\Windows\System32\wbem\wbemsvc.dll - ok
11:05:05.0366 0x1528  [ A28FA9F8A2F35DD336C6AFC7E3F940B5, 1E6C65C824B7AE1B03425BCD54DD71B168B262C7EB8197E41BFEBE461EF95B52 ] C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll
11:05:05.0366 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESStorageProtect.dll - ok
11:05:05.0369 0x1528  [ 8ADEED3DC1B85B58758086A2948EA269, DDEAC5E3F7CEE5CC22CF45EFFB634FAD0DEFF8DF45C6F39E08D461DDCBCCB370 ] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll
11:05:05.0370 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsg.dll - ok
11:05:05.0373 0x1528  [ 6A84E68B538B8B04608BF2F0D426CE6F, 59CE1C06364D1BBEE853DA4AEC1E8B678D6E181723ACCF6DB9F9776CAD47BBDA ] C:\Windows\System32\raschap.dll
11:05:05.0373 0x1528  C:\Windows\System32\raschap.dll - ok
11:05:05.0376 0x1528  [ 872EDC56712C5898DA10C6F6891A343E, 4BCF211A174691A3AC0F5E93AE9F708BA28FCDD1A55357349568DF408EA681B9 ] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll
11:05:05.0377 0x1528  C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SonyInfo.dll - ok
11:05:05.0380 0x1528  [ 7D85B3B4212D0CCF4169F0EC9B0FF8F8, F57524DB4FC50D3B5E1D68657256EEAC0BEBE5C0FD347AC7DEF72FB73CC76AD6 ] C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll
11:05:05.0380 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESBasePS.dll - ok
11:05:05.0384 0x1528  [ 6C00AA2CFC95E9EC62C2C27FC9422B13, 7A17A163C15DC19EFA385140627902B62C7EFB892941A5518C8E9168570DCE3F ] C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll
11:05:05.0384 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESPerform.dll - ok
11:05:05.0388 0x1528  [ CFBBFC52D917E2156EA5C207A74DE87F, 0EC6FC8FF56B8FC01EEBABDA438DA94130C8E01021CB26F48E1D56E5792C44BB ] C:\Program Files (x86)\Sony\VAIO Event Service\VESUSBKeyboard.dll
11:05:05.0388 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESUSBKeyboard.dll - ok
11:05:05.0391 0x1528  [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll
11:05:05.0391 0x1528  C:\Windows\SysWOW64\hid.dll - ok
11:05:05.0395 0x1528  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
11:05:05.0395 0x1528  C:\Windows\SysWOW64\powrprof.dll - ok
11:05:05.0398 0x1528  [ 654978B4F3F329BDAB614BA05B86B876, D291D7CAD4F9F2A9DE078B393DAC7D1B5A04FB70CF634845F2F892354783899B ] C:\Program Files (x86)\Sony\VAIO Event Service\VESStaminaSwitch.dll
11:05:05.0398 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESStaminaSwitch.dll - ok
11:05:05.0402 0x1528  [ 52213D271F6804AAA44F57AEFD2B778A, 3409EA885C9C332A997C81B3CA60352AEEA30950304CDD128F29043D2CF7D194 ] C:\Windows\SysWOW64\dwmapi.dll
11:05:05.0402 0x1528  C:\Windows\SysWOW64\dwmapi.dll - ok
11:05:05.0405 0x1528  [ 099A87E7B94BC9D74B80613DFAF739E7, AD0C742A4A2815A52CE757A003A248EADBC0ACE7A42087EDBA53FF7FB37ADBCF ] C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsgHook.dll
11:05:05.0406 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESWndMsgHook.dll - ok
11:05:05.0409 0x1528  [ B90349154CD2DC2AB22CBE0317026DA5, E83BE61E0473CA3A8680F173F13D3C633EAC134CC764D74BA55AA35ED1F1A53B ] C:\Program Files (x86)\Sony\VAIO Event Service\VESRemoteKey.dll
11:05:05.0409 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESRemoteKey.dll - ok
11:05:05.0413 0x1528  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
11:05:05.0413 0x1528  C:\Windows\System32\iphlpsvc.dll - ok
11:05:05.0417 0x1528  [ 546C81F238F084A393EC54114741A0A8, AA223A2A8E8503CBDB0CE6A70620B372E0591070F9FF7D8532A93B54EF7B7E51 ] C:\Windows\System32\drivers\srv.sys
11:05:05.0417 0x1528  C:\Windows\System32\drivers\srv.sys - ok
11:05:05.0421 0x1528  [ 737EEA4997A3FA1F0DC30DF757644974, 3CD5BB6B42B905FBAD7F1D00566A515188145648BE7E7B4FFFF4E120B5976267 ] C:\Program Files (x86)\Sony\VAIO Event Service\VESColorMgr.dll
11:05:05.0421 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESColorMgr.dll - ok
11:05:05.0426 0x1528  [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
11:05:05.0426 0x1528  C:\Windows\System32\sqmapi.dll - ok
11:05:05.0430 0x1528  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
11:05:05.0430 0x1528  C:\Windows\System32\wdscore.dll - ok
11:05:05.0433 0x1528  [ 5507083BCC8EFC3E17C4A9787724F27C, DE9D8E4B74970D0ABF7BEF5F179F95B3F59F0917C9828ABA155113332ED6DB6F ] C:\Windows\SysWOW64\mscms.dll
11:05:05.0433 0x1528  C:\Windows\SysWOW64\mscms.dll - ok
11:05:05.0437 0x1528  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
11:05:05.0437 0x1528  C:\Windows\System32\srvsvc.dll - ok
11:05:05.0440 0x1528  [ DC130187EE36D2D6285E9986C01F9D7D, CB1F8305619035688EE6ADC59298D9736F9EFC678443DC292647634F97834152 ] C:\Windows\SysWOW64\atipdlxx.dll
11:05:05.0440 0x1528  C:\Windows\SysWOW64\atipdlxx.dll - ok
11:05:05.0445 0x1528  [ A02826992B642044D977C55BA901FE43, 84669797F3F5BD48BD30EBBF70179CF2A093A29B06C4A9DF08FB601DE8DA7797 ] C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll
11:05:05.0445 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESSuEvent.dll - ok
11:05:05.0450 0x1528  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
11:05:05.0450 0x1528  C:\Windows\System32\browser.dll - ok
11:05:05.0454 0x1528  [ A1BC1B5847A17DCC5C83A2B9C5FF1033, 4B7FC00F31FDAD56CDBC8E92542D58D2CD0805CA34732731E19DBF83A41078A5 ] C:\Program Files (x86)\Sony\VAIO Event Service\VESCommonUI.dll
11:05:05.0454 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESCommonUI.dll - ok
11:05:05.0458 0x1528  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
11:05:05.0458 0x1528  C:\Windows\System32\wbem\wmiutils.dll - ok
11:05:05.0461 0x1528  [ 1E35898FEC544FCC90C56C62792D7784, 0CAF192D7B2A3CC9BE7ED5017F56FC9E3247C6FE76002DCA9D65BC6047E131B1 ] C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll
11:05:05.0461 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESAppMon.dll - ok
11:05:05.0465 0x1528  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] C:\Windows\System32\ipnathlp.dll
11:05:05.0465 0x1528  C:\Windows\System32\ipnathlp.dll - ok
11:05:05.0468 0x1528  [ A63DC5C2EA944E6657203E0C8EDEAF61, F7AD4B09AFB301CE46DF695B22114331A57D52E6D4163FF74787BF68CCF44C78 ] C:\Windows\SysWOW64\dllhost.exe
11:05:05.0468 0x1528  C:\Windows\SysWOW64\dllhost.exe - ok
11:05:05.0472 0x1528  [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
11:05:05.0472 0x1528  C:\Windows\System32\mprapi.dll - ok
11:05:05.0476 0x1528  [ 2A5BDD3F4C6B5515717BDF12CF6B2526, A07A402B9A01CF3EF28E359C62CE30C7A2D5770F369C404CDD9C8055FC023AC9 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\aa14bb52ecdd83643b175bfdbbce3e74\PresentationCore.ni.dll
11:05:05.0476 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\aa14bb52ecdd83643b175bfdbbce3e74\PresentationCore.ni.dll - ok
11:05:05.0480 0x1528  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
11:05:05.0480 0x1528  C:\Windows\System32\netshell.dll - ok
11:05:05.0484 0x1528  [ EC546E99AD2A4CE11D1186C6F770B6E8, 97598746B947F5A30DC15EB9CEE822364090B148B0BB04F9AC08614A5AE5D7D0 ] C:\Windows\SysWOW64\cryptnet.dll
11:05:05.0484 0x1528  C:\Windows\SysWOW64\cryptnet.dll - ok
11:05:05.0488 0x1528  [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
11:05:05.0488 0x1528  C:\Windows\SysWOW64\MMDevAPI.dll - ok
11:05:05.0492 0x1528  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
11:05:05.0492 0x1528  C:\Windows\SysWOW64\SensApi.dll - ok
11:05:05.0495 0x1528  [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
11:05:05.0495 0x1528  C:\Windows\SysWOW64\sxs.dll - ok
11:05:05.0499 0x1528  [ 4FDFA3F219692D17011BF1B428857C1E, 0422101F9D47633DFF47DF022031C4221B9D395F3E23C0C6E0A54CE55D76565D ] C:\Program Files\Windows Defender\MpRTP.dll
11:05:05.0499 0x1528  C:\Program Files\Windows Defender\MpRTP.dll - ok
11:05:05.0502 0x1528  [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
11:05:05.0502 0x1528  C:\Windows\SysWOW64\propsys.dll - ok
11:05:05.0506 0x1528  [ 3B5D6CAC765E86BE07AA7959A35D553C, A774DE8D3E67561360E911DBBAA5D001D8DF57A327A6BACC372C6A8B78018B6A ] C:\Windows\System32\tdh.dll
11:05:05.0506 0x1528  C:\Windows\System32\tdh.dll - ok
11:05:05.0510 0x1528  [ 7E8750DA70C2130A423F2D45888F7779, EEC5640DE5943D97EE26576B866B36AE1AF58B15AB57AD519BA81D70C4E60A93 ] C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SSLProxyCOM.dll
11:05:05.0510 0x1528  C:\Program Files (x86)\Common Files\Sony Shared\Sony Utilities\SSLProxyCOM.dll - ok
11:05:05.0514 0x1528  [ F85BEA4423D0562923D813B6DDB19B9D, 17D361E7747B87021453DB9BF5A422524D45A5491E96A8EEE7225FA22A040099 ] C:\Program Files (x86)\Sony\Setting Utility Series\SUSSoundProxy.exe
11:05:05.0514 0x1528  C:\Program Files (x86)\Sony\Setting Utility Series\SUSSoundProxy.exe - ok
11:05:05.0518 0x1528  [ 606478656C3D025A1B9E974DA7FABC1E, 3100472191BAE6B725CBAE8488CE4B852B482A913C0428A66E7D5ABDD7DC9F27 ] C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll
11:05:05.0518 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESTransform.dll - ok
11:05:05.0522 0x1528  [ 8BC7F8F0B7AE856D910B3FDD895EC50E, CEBE62829BD416D961F9A779A60ED60366095F557DDE5350ADB09C53B3A23A8D ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
11:05:05.0522 0x1528  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
11:05:05.0526 0x1528  [ EF6606041A4640721BFEEA16B4E5311C, 7F36D9E27B838001CAAC111EC1F06B6A6CD2774FBA07464937AF3D1F1AC8D1AD ] C:\Program Files (x86)\Sony\VAIO Event Service\VESAutoDimmer2.dll
11:05:05.0526 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESAutoDimmer2.dll - ok
11:05:05.0529 0x1528  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
11:05:05.0529 0x1528  C:\Windows\System32\netmsg.dll - ok
11:05:05.0533 0x1528  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
11:05:05.0533 0x1528  C:\Windows\System32\wbem\repdrvfs.dll - ok
11:05:05.0536 0x1528  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
11:05:05.0536 0x1528  C:\Windows\System32\hnetcfg.dll - ok
11:05:05.0540 0x1528  [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
11:05:05.0540 0x1528  C:\Windows\System32\clusapi.dll - ok
11:05:05.0543 0x1528  [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
11:05:05.0543 0x1528  C:\Windows\System32\sscore.dll - ok
11:05:05.0546 0x1528  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
11:05:05.0547 0x1528  C:\Windows\System32\resutils.dll - ok
11:05:05.0550 0x1528  [ E9ED8C16F6944E7EA80E5479B4E0277E, BA921D95F97F09F1C0E9F4921BDEB9E5BFBF9D3DC11B13A41AAF4B7C4C500769 ] C:\Program Files (x86)\Sony\VAIO Control Center\CommonSetting.dll
11:05:05.0550 0x1528  C:\Program Files (x86)\Sony\VAIO Control Center\CommonSetting.dll - ok
11:05:05.0553 0x1528  [ C542BDBA0FBB443615EFE5AC734EBEC4, 6E1BB55BCCF94EA2BFD85F80329059D83C9CD1278E08DF751424437D306D3E78 ] C:\Windows\System32\RtkApi64.dll
11:05:05.0554 0x1528  C:\Windows\System32\RtkApi64.dll - ok
11:05:05.0557 0x1528  [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
11:05:05.0557 0x1528  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
11:05:05.0560 0x1528  [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
11:05:05.0561 0x1528  C:\Windows\System32\RtkCfg64.dll - ok
11:05:05.0564 0x1528  [ A96E734A0E63B7F9B95317125DDEA2BC, 12579B7F19E1FF38656EBFBB6684D901AD27988560D900E1E7734A6EAE29389B ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
11:05:05.0564 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll - ok
11:05:05.0568 0x1528  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
11:05:05.0568 0x1528  C:\Windows\System32\ncobjapi.dll - ok
11:05:05.0572 0x1528  [ EAAA2B83C4764FDCFBEE4A4D6546DE92, 043779B2C684699C89D6E8363D65BAA9F31DFF17D250059B56A8E3AE48C89B5B ] C:\Program Files\Bonjour\mdnsNSP.dll
11:05:05.0572 0x1528  C:\Program Files\Bonjour\mdnsNSP.dll - ok
11:05:05.0574 0x1528  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
11:05:05.0574 0x1528  C:\Windows\System32\wbem\wbemess.dll - ok
11:05:05.0577 0x1528  [ AF528B4ECA925F63D437F76E87D8971D, 8BA0A8343AF6499A121B8B8E6D0C42E9CBCE069919F7E5DD41F1AA64899E190C ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
11:05:05.0577 0x1528  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
11:05:05.0581 0x1528  [ E41C5E0050F1C4E6CE58508BE83928FB, D34A676B2740381F6D6A572615427226B410A12D0E61E7631BE4D378B46A7741 ] C:\Windows\System32\localspl.dll
11:05:05.0581 0x1528  C:\Windows\System32\localspl.dll - ok
11:05:05.0584 0x1528  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
11:05:05.0584 0x1528  C:\Windows\System32\rasadhlp.dll - ok
11:05:05.0588 0x1528  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
11:05:05.0588 0x1528  C:\Windows\System32\spoolss.dll - ok
11:05:05.0592 0x1528  [ 2E21840342850A8A7F28D28D6DD3A1CD, 2AB76495C8C7F9221718A8FB9062E6B6D48C84C957D1CCFED305CC00E389CE21 ] C:\Windows\System32\E_YLMBKDE.DLL
11:05:05.0592 0x1528  C:\Windows\System32\E_YLMBKDE.DLL - ok
11:05:05.0595 0x1528  [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
11:05:05.0595 0x1528  C:\Windows\System32\PrintIsolationProxy.dll - ok
11:05:05.0599 0x1528  [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
11:05:05.0599 0x1528  C:\Windows\System32\FXSMON.dll - ok
11:05:05.0603 0x1528  [ 9DA93C9EC5B84CA11BEB6F35C3A1224B, A6EF11A0280C8957D75952326428001A5317407FF8B5C7D18A237EA900A90EE8 ] C:\Windows\System32\hpf3l02t.dll
11:05:05.0603 0x1528  C:\Windows\System32\hpf3l02t.dll - ok
11:05:05.0606 0x1528  [ 2E1729779D60F4003508F393E8343ED8, A263BB2C1CC63BB18C1460D9B9CA331DEDE783D823E77FCAFA9D20F72E95A29A ] C:\Windows\System32\hpf3lw73.dll
11:05:05.0606 0x1528  C:\Windows\System32\hpf3lw73.dll - ok
11:05:05.0610 0x1528  [ 8884D0BC7565319D08654438DAF53191, 9374A5BDCDDB594447632BE233F6C30D200EE802535A9401C3DA92E76053BA83 ] C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll
11:05:05.0610 0x1528  C:\Program Files (x86)\PlotSoft\PDFill\PDFWriter\Driver\PDFillWriterMon.dll - ok
11:05:05.0613 0x1528  [ 88388067BB86CD2C475582ED895209B9, 051949086CA86CEA9181B67D539284A44C653FD4916D0BF3936A36F1B924260D ] C:\Windows\SysWOW64\atiadlxy.dll
11:05:05.0613 0x1528  C:\Windows\SysWOW64\atiadlxy.dll - ok
11:05:05.0617 0x1528  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
11:05:05.0617 0x1528  C:\Windows\System32\tcpmon.dll - ok
11:05:05.0620 0x1528  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
11:05:05.0620 0x1528  C:\Windows\System32\snmpapi.dll - ok
11:05:05.0624 0x1528  [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
11:05:05.0624 0x1528  C:\Windows\System32\wsnmp32.dll - ok
11:05:05.0627 0x1528  [ F2A89C032C131ED8BFBD600558CFFE12, F9B7A091A4D9D3995FADCEDE34324A862DDAF0CA60D0EF0229A21C053C5BC7B4 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\1d3239102d5b94204fc5f9cb4289f4a6\PresentationFramework.ni.dll
11:05:05.0627 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Presentatio5ae0f00f#\1d3239102d5b94204fc5f9cb4289f4a6\PresentationFramework.ni.dll - ok
11:05:05.0631 0x1528  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
11:05:05.0631 0x1528  C:\Windows\System32\usbmon.dll - ok
11:05:05.0634 0x1528  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
11:05:05.0634 0x1528  C:\Windows\System32\WSDMon.dll - ok
11:05:05.0638 0x1528  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
11:05:05.0638 0x1528  C:\Windows\System32\fdPnp.dll - ok
11:05:05.0641 0x1528  [ D1133529BF02C417410B2D7FA5182E50, 3366A1771C83203DE08ECBB45D74CB48EF1533C8CD8043FA0D96B8BFECC4BB94 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
11:05:05.0641 0x1528  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
11:05:05.0645 0x1528  [ 3A26618C0E59C83D01FACA625986C51F, 33DC99700250E7E827987C971603AE9AAB3913F5712C1670F44897E202C8081A ] C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll
11:05:05.0645 0x1528  C:\Windows\System32\spool\prtprocs\x64\hpfpp02t.dll - ok
11:05:05.0649 0x1528  [ AD911EBC4FADCCAA243E379FF23AB959, 3FA9524D0AE28BF5673361FEAEA87383B46B3F2B0FD58A69D1F646A9D72F1D45 ] C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll
11:05:05.0649 0x1528  C:\Windows\System32\spool\prtprocs\x64\hpfppw73.dll - ok
11:05:05.0652 0x1528  [ 1D4C0C34EEE34AE77D0E0647F3956D46, D64A65C1E83FE86BA46642BF97499B0EBD5215525C11A563D6B43D66917D8E6E ] C:\Windows\System32\win32spl.dll
11:05:05.0652 0x1528  C:\Windows\System32\win32spl.dll - ok
11:05:05.0656 0x1528  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
11:05:05.0656 0x1528  C:\Windows\System32\dllhost.exe - ok
11:05:05.0660 0x1528  [ 51F89CE2D0FEC66070354504E6C4C3E4, 565CC85156C39FB89762757EF6A935FC42DB2599A5E49643447D30C8B9371133 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll
11:05:05.0660 0x1528  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_a4d981ff711297b6\comctl32.dll - ok
11:05:05.0666 0x1528  [ F58223A8B772E419330A7A8BB7575647, F182456C637579D1EDC006191E6FB0FAABE819727B48A09FDA1FFC3B980E6709 ] C:\Windows\System32\inetpp.dll
11:05:05.0666 0x1528  C:\Windows\System32\inetpp.dll - ok
11:05:05.0671 0x1528  [ 1644B12B83E6AFF9E840BB118BFAFAD0, 4859F065DE21841603033CAB2B587B2429329396099528A68CA7D5E29F199DB5 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\498a90426038c4d1b987fc709c387f11\System.ComponentModel.Composition.ni.dll
11:05:05.0671 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Compba577418#\498a90426038c4d1b987fc709c387f11\System.ComponentModel.Composition.ni.dll - ok
11:05:05.0674 0x1528  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
11:05:05.0674 0x1528  C:\Windows\System32\IDStore.dll - ok
11:05:05.0678 0x1528  [ 35CE09B28ECA4DCBBF913289DCBDA513, 3083AD5E1D2783801B6DC13AC4D7C6ECDBBDE2A29B45CE4D96CA8961072D5A4A ] C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe
11:05:05.0678 0x1528  C:\Program Files (x86)\Sony\VAIO Event Service\VESGfxMgr.exe - ok
11:05:05.0683 0x1528  [ 1E920C78686E24164AD2F30BE180B8D7, 1FBC81174B5EA420BAEB68444241DCC07959AC75F7687D410F0E6D0EBD6E14BC ] C:\Windows\System32\KBDSP.DLL
11:05:05.0683 0x1528  C:\Windows\System32\KBDSP.DLL - ok
11:05:05.0687 0x1528  [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
11:05:05.0687 0x1528  C:\Windows\System32\taskhost.exe - ok
11:05:05.0690 0x1528  [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
11:05:05.0690 0x1528  C:\Windows\System32\AtBroker.exe - ok
11:05:05.0694 0x1528  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
11:05:05.0694 0x1528  C:\Windows\System32\mpr.dll - ok
11:05:05.0697 0x1528  [ 7E7A53370FA9EBA07E46D385D2F2100C, BC9EA953DF0365CBDCF559084633A3BDB1519C05558FB63A0C84E9F423F364D8 ] C:\Program Files (x86)\Avira\Launcher\Avira.OE.Communicator.Interface.dll
11:05:05.0698 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.OE.Communicator.Interface.dll - ok
11:05:05.0701 0x1528  [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
11:05:05.0701 0x1528  C:\Windows\System32\userinit.exe - ok
11:05:05.0705 0x1528  [ CC963A1F51D461392801B50538D540C8, BADAE6ED0C7EB3D304CFB47702E855ACAB2650F024A1DF9DFF5B47D11BBF2974 ] C:\Program Files (x86)\Avira\Launcher\Avira.Acp.dll
11:05:05.0705 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.Acp.dll - ok
11:05:05.0708 0x1528  [ FC8DC6081B90907B6F214B581602782A, 5A92D26F426784249D2C0000CBBF6E5889B8C0B2F7294FF897E15EE164064345 ] C:\Program Files (x86)\Avira\Launcher\Avira.OE.AvConnector.dll
11:05:05.0708 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.OE.AvConnector.dll - ok
11:05:05.0754 0x1528  [ EA5B1D21152D8A9000F944E923A30925, F4F147A5E4EE612C949934128F71EFB4FB6629E958532DEACD368B487B104F63 ] C:\Program Files (x86)\Avira\Launcher\NLog.dll
11:05:05.0754 0x1528  C:\Program Files (x86)\Avira\Launcher\NLog.dll - ok
11:05:05.0757 0x1528  [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
11:05:05.0757 0x1528  C:\Windows\System32\taskeng.exe - ok
11:05:05.0761 0x1528  [ F59E095B0BEF0CEED72DB039DAC3CD68, AEB52F99D488C723BC254C2C4828636D901B4138F7E9B9E09285A65A51F8E920 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
11:05:05.0761 0x1528  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
11:05:05.0764 0x1528  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
11:05:05.0764 0x1528  C:\Windows\System32\dwm.exe - ok
11:05:05.0768 0x1528  [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
11:05:05.0768 0x1528  C:\Windows\System32\dwmredir.dll - ok
11:05:05.0771 0x1528  [ 502237267638281B1365D1F20082AECF, 723C43ABD722F848A0DA8F0CB831FCE66E447B5EAA356E66A5031DDF83ADCADC ] C:\Windows\System32\dwmcore.dll
11:05:05.0771 0x1528  C:\Windows\System32\dwmcore.dll - ok
11:05:05.0775 0x1528  [ 67B7A0F3C4868F3CB223FEF36861E307, 33AB853758691CD82D5454E38140F0C604CD5A3F6C82959AFFFF9F7F7BC00411 ] C:\Windows\System32\igfxext.exe
11:05:05.0775 0x1528  C:\Windows\System32\igfxext.exe - ok
11:05:05.0778 0x1528  [ 680E34EA30B9A0D50A1BF0F88F23003D, B83E99DDC5D8FA9B9289A1A70537D3F4BC9BC11DB243C3CDD8C00D78EFA28CB9 ] C:\Windows\System32\igfxsrvc.exe
11:05:05.0778 0x1528  C:\Windows\System32\igfxsrvc.exe - ok
11:05:05.0782 0x1528  [ 38AE1B3C38FAEF56FE4907922F0385BA, D5BC504277172BE5C54B60AD5C13209DC1F729131DEF084DE3EC8C72E54C58EF ] C:\Windows\explorer.exe
11:05:05.0782 0x1528  C:\Windows\explorer.exe - ok
11:05:05.0785 0x1528  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
11:05:05.0785 0x1528  C:\Windows\System32\PlaySndSrv.dll - ok
11:05:05.0789 0x1528  [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
11:05:05.0789 0x1528  C:\Windows\System32\d3d10_1.dll - ok
11:05:05.0792 0x1528  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
11:05:05.0792 0x1528  C:\Windows\System32\TSChannel.dll - ok
11:05:05.0796 0x1528  [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
11:05:05.0796 0x1528  C:\Windows\System32\d3d10_1core.dll - ok
11:05:05.0800 0x1528  [ 4FD06F797CEB120C712C5A0143DB2A17, 609F2C4FB9FB3C82667E92ABFE8B3168FA47F150826D762FD6783491D3261B48 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
11:05:05.0800 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe - ok
11:05:05.0803 0x1528  [ C612FA2DAA07AE0C7BC105A0B0DC0B44, 7E94C2AA266DCE638AA6D6A1CFF226522C7725196FC3006871B95A143E7C544D ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe
11:05:05.0804 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Systray.exe - ok
11:05:05.0807 0x1528  [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
11:05:05.0807 0x1528  C:\Windows\System32\dxgi.dll - ok
11:05:05.0810 0x1528  [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
11:05:05.0810 0x1528  C:\Windows\System32\HotStartUserAgent.dll - ok
11:05:05.0814 0x1528  [ 50518D3962374933B947B8098B9FC194, 6D8B48EFC04BFFE73D579BD987A163DD693EA925F9685672FF9C489C9D843D68 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\2db768fdc0ca1f00d5f3488c963ad190\System.ServiceModel.ni.dll
11:05:05.0814 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\2db768fdc0ca1f00d5f3488c963ad190\System.ServiceModel.ni.dll - ok
11:05:05.0818 0x1528  [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
11:05:05.0818 0x1528  C:\Windows\System32\d3d11.dll - ok
11:05:05.0821 0x1528  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
11:05:05.0821 0x1528  C:\Windows\System32\MsCtfMonitor.dll - ok
11:05:05.0823 0x1528  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
11:05:05.0823 0x1528  C:\Windows\System32\msutb.dll - ok
11:05:05.0827 0x1528  [ B2742EA6ED844D747E2348A504E491CB, 38D2A3B32A77FE2ADCCACB74F7A8EAD6A4589A5E22D2A6E7DFEADACDAE66DA85 ] C:\Windows\System32\dxva2.dll
11:05:05.0827 0x1528  C:\Windows\System32\dxva2.dll - ok
11:05:05.0830 0x1528  [ 80FB9F0C937133C40155562CD5D98BF6, A052F1A8C16AE76C0F6DAA3675E72C7316B3025409D9C7D65FE10A259B2D182D ] C:\Windows\System32\igfxdev.dll
11:05:05.0830 0x1528  C:\Windows\System32\igfxdev.dll - ok
11:05:05.0834 0x1528  [ 175D6CBBC93090169679E7E4852C04F2, 4E656766DEACB0BD1C17C92F5026F922C74FC0AC66BA7AAFBDD82A08000D5D86 ] C:\Windows\System32\igfxsrvc.dll
11:05:05.0834 0x1528  C:\Windows\System32\igfxsrvc.dll - ok
11:05:05.0839 0x1528  [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
11:05:05.0840 0x1528  C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
11:05:05.0844 0x1528  [ E6FECB617393497710F8DD1D952E7E22, D47872B9F106AD0E0FFCC00D11300342B9B7A99524B009EABAD82ACEB6AA9B29 ] C:\Windows\System32\igfxexps.dll
11:05:05.0844 0x1528  C:\Windows\System32\igfxexps.dll - ok
11:05:05.0846 0x1528  [ E41E54274B82496631A882E2CF2D47C6, 3383698A157E0F6BD08E36105CFDC97333FF826755858174F948B108F947A70A ] C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe
11:05:05.0846 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\RapportService.exe - ok
11:05:05.0850 0x1528  [ 801646FF2BB82239C46A1F97BE915139, 9D3C85F39ACCCEFDD7855216225FCDDB6C14DD41BB948D6FD94D302865794666 ] C:\Windows\System32\aticfx64.dll
11:05:05.0850 0x1528  C:\Windows\System32\aticfx64.dll - ok
11:05:05.0853 0x1528  [ DF809BFCC08E72063DF51E48B18E73AF, E4D33598C3525C0EC6A3077742E24BACF1CEF6681E2CD5A72577E6B8802A6BAD ] C:\Windows\System32\ExplorerFrame.dll
11:05:05.0853 0x1528  C:\Windows\System32\ExplorerFrame.dll - ok
11:05:05.0857 0x1528  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
11:05:05.0857 0x1528  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok

 

 


  • 0

#10
blues71

blues71

    Member

  • Topic Starter
  • Member
  • PipPip
  • 46 posts

11:05:05.0861 0x1528  [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
11:05:05.0861 0x1528  C:\Windows\SysWOW64\wbemcomn.dll - ok
11:05:05.0864 0x1528  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
11:05:05.0864 0x1528  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
11:05:05.0868 0x1528  [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
11:05:05.0868 0x1528  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
11:05:05.0871 0x1528  [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
11:05:05.0872 0x1528  C:\Windows\SysWOW64\comdlg32.dll - ok
11:05:05.0875 0x1528  [ 58788565442368B0615DDAF1D452B843, 4D7A635EB64179A9EF6506189C380CA9710ACE27136D5CA0D25B63575401682B ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll
11:05:05.0875 0x1528  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18837_none_ec86b8d6858ec0bc\comctl32.dll - ok
11:05:05.0879 0x1528  [ DDD7DD4E92908D8C57E231F8BC1608A6, A74F0D0E18980ADAA0531F1646D1057BBA6874CE06896536BD91919EF763AC42 ] C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll
11:05:05.0879 0x1528  C:\Program Files (x86)\Dropbox\Client\DropboxExt64.17.0.dll - ok
11:05:05.0882 0x1528  [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
11:05:05.0882 0x1528  C:\Windows\System32\actxprxy.dll - ok
11:05:05.0886 0x1528  [ 49D3B7E8E57CF8EFDBE8BD2CFA109691, 6AA812B75032AD11964837CB734FA31D744969D65B13F2E5B6585DBE91F52EB2 ] C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll
11:05:05.0886 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\js32.dll - ok
11:05:05.0889 0x1528  [ 1EBA3D7B9D0D611DC605CD844C2F2EE1, B2B87ABDD07E9139560AA3FE0D134459075806C7BDA2F776278C1ACC015D7591 ] C:\Windows\System32\atiuxp64.dll
11:05:05.0889 0x1528  C:\Windows\System32\atiuxp64.dll - ok
11:05:05.0893 0x1528  [ D5304008A209828D3552FAD9B58AA793, AFD5AFFD5C7ADC5CA05AF894CE32110559F73DEBF84EF9BE14AD7C81CBA5742F ] C:\Windows\System32\igd10umd64.dll
11:05:05.0893 0x1528  C:\Windows\System32\igd10umd64.dll - ok
11:05:05.0896 0x1528  [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
11:05:05.0896 0x1528  C:\Windows\System32\thumbcache.dll - ok
11:05:05.0901 0x1528  [ FC3001B4B9DF50B61F3CCA615759EFE7, 9AAE3665AD2893E7DB41965D430A7230B826AC4580603F20102E21C19C15535F ] C:\Windows\System32\PhotoMetadataHandler.dll
11:05:05.0901 0x1528  C:\Windows\System32\PhotoMetadataHandler.dll - ok
11:05:05.0910 0x1528  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
11:05:05.0910 0x1528  C:\Windows\SysWOW64\ntdsapi.dll - ok
11:05:05.0921 0x1528  [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
11:05:05.0921 0x1528  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
11:05:05.0930 0x1528  [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
11:05:05.0931 0x1528  C:\Windows\System32\wbem\wmiprov.dll - ok
11:05:05.0940 0x1528  [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
11:05:05.0940 0x1528  C:\Windows\System32\cscapi.dll - ok
11:05:05.0949 0x1528  [ 5AC3CB53406CB9AABB25D46B3385528F, D5213E1C8CBD9E82922CE7F0E49611119EC6C2C1A0DC3F5912199AF5F39830C0 ] C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll
11:05:05.0949 0x1528  C:\Windows\System32\spool\drivers\x64\3\unidrvui.dll - ok
11:05:05.0958 0x1528  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
11:05:05.0958 0x1528  C:\Windows\System32\EhStorShell.dll - ok
11:05:05.0967 0x1528  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
11:05:05.0967 0x1528  C:\Windows\System32\IconCodecService.dll - ok
11:05:05.0976 0x1528  [ 22F020C76E339EB2B2187BA73A7E4173, 4605BF0C708441D146D2F902BB340858E314FCA70A4C88EB31CF3544C865C123 ] C:\Windows\System32\PrintIsolationHost.exe
11:05:05.0976 0x1528  C:\Windows\System32\PrintIsolationHost.exe - ok
11:05:05.0986 0x1528  [ E9C7D2AF5E05C97469415CDE2A444632, C4767210A3DF2F9EEE9A029F64D7242CE68F4A57685800EA554A11A073F3EBBC ] C:\Windows\System32\spool\drivers\x64\3\BRUIMB0A.DLL
11:05:05.0986 0x1528  C:\Windows\System32\spool\drivers\x64\3\BRUIMB0A.DLL - ok
11:05:05.0996 0x1528  [ 305318EFCDAC51EF919E505340BCDAAB, 822E0B61BBEC2DCE4F8D6FE073AD929E6329962E56D3FB9553825684C5E3A0CF ] C:\Windows\System32\spool\drivers\x64\3\BRDSMA80.DLL
11:05:05.0996 0x1528  C:\Windows\System32\spool\drivers\x64\3\BRDSMA80.DLL - ok
11:05:06.0009 0x1528  [ DDB157C46151B5563365D7AC58057F8D, BB7A8459CF5DF2B71B26F4A516479E9279850338F47EFC342D4414FE21ECEC80 ] C:\Windows\System32\spool\drivers\x64\3\BRLGMB0A_0000.DLL
11:05:06.0009 0x1528  C:\Windows\System32\spool\drivers\x64\3\BRLGMB0A_0000.DLL - ok
11:05:06.0018 0x1528  [ EFEC3847B47CC9357D5C33BBAB59B7EB, C093AF387AC9B7C5FA92D90DB1C3EC228A2C64CE4229539A25C8A47AD7E6D133 ] C:\Windows\System32\mgmtapi.dll
11:05:06.0019 0x1528  C:\Windows\System32\mgmtapi.dll - ok
11:05:06.0029 0x1528  [ E81F5A2F6D52215C0E84F2849503EBA8, D372F90035F38A91703E8C017A26D6BB91FDF9B65B7B6DA24BB9D25485A91942 ] C:\Windows\System32\tcpmib.dll
11:05:06.0029 0x1528  C:\Windows\System32\tcpmib.dll - ok
11:05:06.0039 0x1528  [ ADE2BCD1FDE5C9669FCE1F4541AB46DD, 1C12491CDC2C91BC24F560CFCA82A1459F6FC96D13C92A68CB9D67213F5AA779 ] C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL
11:05:06.0039 0x1528  C:\Windows\System32\spool\drivers\x64\3\UNIDRV.DLL - ok
11:05:06.0050 0x1528  [ A1D819886D958756B2928B00BFF297CE, 5461A1DF2260601A04AAA16DEF4D2A5C2C2C9DC57322803D2BA228FAC9106E63 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5d6247236b53d2db261f5f10eb6ad29d\System.Xaml.ni.dll
11:05:06.0050 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\5d6247236b53d2db261f5f10eb6ad29d\System.Xaml.ni.dll - ok
11:05:06.0060 0x1528  [ C6C5207CBC834E97AB78C720F7EBC16B, C3C786A425E2BD647C7E2F73E720B5F2334B3B7FD73B190E4F61E587497E7B6C ] C:\Windows\System32\spool\drivers\x64\3\BROHLB0A.DLL
11:05:06.0060 0x1528  C:\Windows\System32\spool\drivers\x64\3\BROHLB0A.DLL - ok
11:05:06.0070 0x1528  [ 8390A4D9A0D35FE3F9F5EE2670EF3685, 662055378902AE90C019541BD73205346393AF72804E8EDD223CED4BF0DF40AB ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Host.Database.dll
11:05:06.0070 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Host.Database.dll - ok
11:05:06.0077 0x1528  [ 6F729D63CB5562249B2FE541982DA852, 7CB1A58BE44BB68C363BCB396AF9D389C2CB98020A74BFF10A0E0128E5B86D01 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systecd1ad9ed#\603cddcbd797b2feefc58b36e60290d9\Avira.SystemSpeedup.Infrastructure.Communication.Interface.ni.dll
11:05:06.0077 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systecd1ad9ed#\603cddcbd797b2feefc58b36e60290d9\Avira.SystemSpeedup.Infrastructure.Communication.Interface.ni.dll - ok
11:05:06.0088 0x1528  [ EF01EA31466895AA04A6E7D8F4BA6AAD, D745E9A1A12E880109511C84B7F90F3597C0AC656BFE8C0C56FD5427CAF01267 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Host.Interfaces.dll
11:05:06.0089 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Host.Interfaces.dll - ok
11:05:06.0099 0x1528  [ C7B12FE4AE2FDEE3D59938EBEB02183E, F751855B7C38D5CE6A281B09932BBE33757701A7FF1EAD15E07E5F8E0283C7DB ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Database.dll
11:05:06.0099 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Database.dll - ok
11:05:06.0110 0x1528  [ DE7A5C2D58B7549BB2D2B3D6FA6F8906, F72A2CEA83DE8393EDB1268D5EDBA5D5EF7B3F9D2DC7CA133147B3086AACD10E ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Database.SQLite.dll
11:05:06.0110 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Infrastructure.Database.SQLite.dll - ok
11:05:06.0121 0x1528  [ F698D2D133CEB4582BC9B3FBCD5698EF, 9ED32EA5144D2D1FA063632ECE44C45A09D72AE0C3A77649B53584FC42B56901 ] C:\Program Files (x86)\Avira\System Speedup\System.Data.SQLite.dll
11:05:06.0121 0x1528  C:\Program Files (x86)\Avira\System Speedup\System.Data.SQLite.dll - ok
11:05:06.0131 0x1528  [ 5BC6DCD5C01964749A2BF5404957B5DB, 97749121902EBF8441E11F2F6ACDD57873C0E98A830A50B93BCB7CC521BCC081 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\537b63e1fe3e0eca6d83964a4d01281a\System.Data.ni.dll
11:05:06.0132 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\537b63e1fe3e0eca6d83964a4d01281a\System.Data.ni.dll - ok
11:05:06.0144 0x1528  [ 4C702BBAF7B3824E1A91841D7DCC4E26, C39BC9A977CCED53EEB2D014127DD00EF83D591B60DDBDBB9D8D2C43447D02EF ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll
11:05:06.0144 0x1528  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.ServiceModel\v4.0_4.0.0.0__b77a5c561934e089\System.ServiceModel.dll - ok
11:05:06.0153 0x1528  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
11:05:06.0153 0x1528  C:\Windows\System32\uDWM.dll - ok
11:05:06.0163 0x1528  [ EA40AB1806C79096FCC8A73AF1D770AD, C8A2F31D639B1CB774B277059882F2E7F26AB04635C7607AF913E9794CAFFEDD ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
11:05:06.0163 0x1528  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
11:05:06.0176 0x1528  [ 9047B1746345AC2A4E611D782A76C311, 0F160AC42E777E254DDBB9B1142A07F6C7C5FD13D7367E6D0B3270E9B2B6CA6E ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\380681c1f99aca2a3a01ef5d2347ace4\System.Transactions.ni.dll
11:05:06.0176 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\380681c1f99aca2a3a01ef5d2347ace4\System.Transactions.ni.dll - ok
11:05:06.0184 0x1528  [ E85A0C1C6174E99EB4A6D8A4FBE6BF6E, 02163C9F1C3A182FA1CE8AD9C6BF8EB4A4B1263ED18AC1FE59A5B1F10C5A1BD7 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\9c544e977c420f7a94f0892097b8a6a7\System.Runtime.Serialization.ni.dll
11:05:06.0184 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\9c544e977c420f7a94f0892097b8a6a7\System.Runtime.Serialization.ni.dll - ok
11:05:06.0195 0x1528  [ EF5D474EF484D3E39201FC30D4A1B0E3, 9C23DBEEBBA9027027443BF5E902D9E3C0C434764BEC2E345D7843904CFB4E46 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
11:05:06.0196 0x1528  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
11:05:06.0206 0x1528  [ 0759A4D44A356392EF1752A135D59104, 30E4D50F3CD9A827DFFD3D508CED2C71090754E27C88F9BD0600D30FB41777DE ] C:\Program Files (x86)\Avira\System Speedup\x86\SQLite.Interop.dll
11:05:06.0207 0x1528  C:\Program Files (x86)\Avira\System Speedup\x86\SQLite.Interop.dll - ok
11:05:06.0216 0x1528  [ A8B0C40979E00D3E85AC8F09D4CB416F, 5E671FFF27C19C1BF9A7300BD6C577503009C48EBD6899215F319BDCAB38C146 ] C:\Program Files (x86)\Avira\Launcher\Avira.FileDownloader.dll
11:05:06.0216 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.FileDownloader.dll - ok
11:05:06.0227 0x1528  [ 91C5C42312BE8D7B91A232E6C1D33EAB, D84CE0558D5A4D566053DB2272B16D47730F6FCE689C529CBA13E2391640EC0D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\e40a165b5544a461ccb50ba34b6673ac\System.EnterpriseServices.ni.dll
11:05:06.0227 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\e40a165b5544a461ccb50ba34b6673ac\System.EnterpriseServices.ni.dll - ok
11:05:06.0245 0x1528  [ 1D26D143386EF4C850D4C4DB10D3E95F, 30E87E7D40ACD80BD55B1A2AF24A25E5EEC8EA7C90DD6074C8FB92BB4C2AE8A5 ] C:\Program Files (x86)\Avira\Launcher\ServiceStack.Text.dll
11:05:06.0245 0x1528  C:\Program Files (x86)\Avira\Launcher\ServiceStack.Text.dll - ok
11:05:06.0252 0x1528  [ 1CF84FA6A36798A12ACD9A188F4CD855, 0C6B3A29E318B4DF93C8F7E69E6FE6313F230B46023D898F8DA9207ED7FFF3E4 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d74a2ce554547ea112ddc70e4935db81\System.Xml.Linq.ni.dll
11:05:06.0252 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml.Linq\d74a2ce554547ea112ddc70e4935db81\System.Xml.Linq.ni.dll - ok
11:05:06.0263 0x1528  [ 748A6F678EB7FE22F639ABF0CF60AE3A, CA6A32980E3BDEA463059A4B5919F8A74BA695DB5FEB56C65E7C8D91691F1AA6 ] C:\Program Files (x86)\Avira\Launcher\Interop.UPNPLib.dll
11:05:06.0263 0x1528  C:\Program Files (x86)\Avira\Launcher\Interop.UPNPLib.dll - ok
11:05:06.0276 0x1528  [ 8885768571F14456379BBBEFE2DA1453, 7C19552A0466A35C46A655645E948D607D49D7A78D1D1F6791795C2FF036925F ] C:\Program Files (x86)\Avira\Launcher\Avira.Mixpanel.dll
11:05:06.0277 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.Mixpanel.dll - ok
11:05:06.0289 0x1528  [ 5D09C2314839296FA770D0E8851C92B5, 0B68E78938D2F191C13A3E4EA25763AC23A09DDF91AEEE6252E65DFAC4668184 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
11:05:06.0289 0x1528  C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
11:05:06.0302 0x1528  [ 81D2F5D51D4E59365D275FF47657E8D5, EC5CE98D641F223F332A7E8165CAB0E8085F999E4168FEA32F9B7109EA00A9C2 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\e40a165b5544a461ccb50ba34b6673ac\System.EnterpriseServices.Wrapper.dll
11:05:06.0302 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\e40a165b5544a461ccb50ba34b6673ac\System.EnterpriseServices.Wrapper.dll - ok
11:05:06.0316 0x1528  [ 27F788A1E164C01250C0C01A46A77844, 7D0894594EE16613E1FAD0D3238F54DA754AE2335814716C301F2E73DEF6B248 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste43592960#\fb1ad52f6355f42d3dca19ede4502ec6\Avira.SystemSpeedup.Core.IPBBConnector.ni.dll
11:05:06.0316 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste43592960#\fb1ad52f6355f42d3dca19ede4502ec6\Avira.SystemSpeedup.Core.IPBBConnector.ni.dll - ok
11:05:06.0329 0x1528  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files (x86)\Avira\System Speedup\msvcr120.dll
11:05:06.0329 0x1528  C:\Program Files (x86)\Avira\System Speedup\msvcr120.dll - ok
11:05:06.0337 0x1528  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files (x86)\Avira\System Speedup\msvcp120.dll
11:05:06.0337 0x1528  C:\Program Files (x86)\Avira\System Speedup\msvcp120.dll - ok
11:05:06.0347 0x1528  [ 9072F117079F8AF3E8E511DD42053A00, 332A41975E994B305A5A3BF86A0088D549A3F3B8E9431C75CBB4D2058143706E ] C:\Program Files (x86)\Avira\System Speedup\Avira.Acp.dll
11:05:06.0347 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.Acp.dll - ok
11:05:06.0357 0x1528  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
11:05:06.0357 0x1528  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
11:05:06.0366 0x1528  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
11:05:06.0366 0x1528  C:\Windows\SysWOW64\wship6.dll - ok
11:05:06.0375 0x1528  [ 1C2A1451FDA413F6CA85CA7B7C509EF0, 6A9EE79124B2CEE0CD9761C0903426E97D87202BB653FDF0B974AE30D352D883 ] C:\Program Files (x86)\Avira\Launcher\Avira.OE.NativeCore.dll
11:05:06.0375 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.OE.NativeCore.dll - ok
11:05:06.0385 0x1528  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files (x86)\Avira\Launcher\msvcp120.dll
11:05:06.0385 0x1528  C:\Program Files (x86)\Avira\Launcher\msvcp120.dll - ok
11:05:06.0395 0x1528  [ 6796D2A7AA8AF38A85B5D0DD5C05401D, C297381AC679F8161BB2236DEBEC172C44DADFA46086AD140E6DC37C86E9E42A ] C:\PROGRA~2\Avira\SYSTEM~1\Speedup.dll
11:05:06.0395 0x1528  C:\PROGRA~2\Avira\SYSTEM~1\Speedup.dll - ok
11:05:06.0405 0x1528  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files (x86)\Avira\Launcher\msvcr120.dll
11:05:06.0405 0x1528  C:\Program Files (x86)\Avira\Launcher\msvcr120.dll - ok
11:05:06.0416 0x1528  [ BD0CF6C55B329DCCFFFC1AB0AADEC323, C877A9880206314F3DBAED9E9C88D5A4DE61F423D0A98F4FA7F6ACE037CC374A ] C:\Program Files (x86)\Avira\Launcher\Avira.OE.Communicator.dll
11:05:06.0416 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.OE.Communicator.dll - ok
11:05:06.0429 0x1528  [ 74BFBB72073110CE8D622A09CFA155F6, DAC750D02EF35A0E3975FE62AE84A5CFBB5C7D0205102AE59A55DD9DB6BF9B39 ] C:\Program Files (x86)\Avira\Launcher\Avira.OE.BrowserExtension.dll
11:05:06.0429 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.OE.BrowserExtension.dll - ok
11:05:06.0441 0x1528  [ 90E2B44E95D4855A7CFC8586DB54A4D5, E7143F637FE7A0340160F24D00F7FD662AA7E313770A5D7F30663F60C913082C ] C:\Program Files (x86)\Avira\Launcher\Avira.SystemSpeedup.Analyzer.dll
11:05:06.0441 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.SystemSpeedup.Analyzer.dll - ok
11:05:06.0452 0x1528  [ 8EACE71D3A3BFAAB9C7F6C9A56E49D33, EAB08A0EA0CFFBACCA53249A80EC709B4C123FB07CFE9A96D36C52E560D3AF47 ] C:\Program Files (x86)\Avira\Launcher\Avira.Core.dll
11:05:06.0452 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.Core.dll - ok
11:05:06.0466 0x1528  [ 94A9D8F4306EC2D433DD05385F7A3441, 18D372C899C5802DE6D7BC52A561B6819679BEEEA409B271EE246553173B2BB8 ] C:\Program Files (x86)\Avira\Launcher\WebSocket4Net.dll
11:05:06.0467 0x1528  C:\Program Files (x86)\Avira\Launcher\WebSocket4Net.dll - ok
11:05:06.0480 0x1528  [ 7B072191834330E7D99864F3DEDC395D, 396B938BA3EE60E83B0A76F561047BBD7B299013BCDFA0A84DDA4C75C986F7D2 ] C:\Program Files (x86)\Avira\Launcher\Avira.OE.AvConnector.Interface.dll
11:05:06.0480 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.OE.AvConnector.Interface.dll - ok
11:05:06.0492 0x1528  [ 48BF0414666ED2D04453C0CAD3AF8110, D7E428EE2D645DA2F6680729C11C51E09183E6E052B5B554D87D2864A94DF2BA ] C:\Program Files (x86)\Avira\Launcher\Ionic.Zip.Reduced.dll
11:05:06.0492 0x1528  C:\Program Files (x86)\Avira\Launcher\Ionic.Zip.Reduced.dll - ok
11:05:06.0503 0x1528  [ 38DF7BED27AEA41B10A9E95FF99034D5, FF7DCAB1887A4E886CF8AAAF35D95C9C134AD95333E18D6F10245FB262056648 ] C:\Program Files (x86)\Avira\Launcher\Avira.Connect.Plugin.Interface.dll
11:05:06.0503 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.Connect.Plugin.Interface.dll - ok
11:05:06.0513 0x1528  [ 5F449D0668C775D01DCB86139F78061F, BEFA5D191704189AE0AE2B220767F883516081CE30B44FAF423D8CFF1E5FBCCA ] C:\Windows\SysWOW64\credssp.dll
11:05:06.0513 0x1528  C:\Windows\SysWOW64\credssp.dll - ok
11:05:06.0522 0x1528  [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
11:05:06.0522 0x1528  C:\Windows\SysWOW64\winspool.drv - ok
11:05:06.0532 0x1528  [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
11:05:06.0532 0x1528  C:\Windows\SysWOW64\Faultrep.dll - ok
11:05:06.0542 0x1528  [ 9C11D851979D4E8BF71091580AA073C2, F733E7C110AC288BAF25DD49D779C508E3AE22BFAFE2CE1B33CFB0E536AF2C61 ] C:\Windows\SysWOW64\msi.dll
11:05:06.0542 0x1528  C:\Windows\SysWOW64\msi.dll - ok
11:05:06.0551 0x1528  [ 38A3DA3D4C41D07A27F8F7ECB9BACB92, CAF5443BB6363D4D65423E1A2CD9A7F689EFCF5A0E6499F420A6CC7C932975B6 ] C:\Windows\SysWOW64\srclient.dll
11:05:06.0552 0x1528  C:\Windows\SysWOW64\srclient.dll - ok
11:05:06.0561 0x1528  [ 971A36C4827AD1AE2A54E6407478921A, 22FC1DD7476F6A9E8C6272D982F2F10600AE97D2157C8531EA2F4C7874E6D24D ] C:\Windows\SysWOW64\spp.dll
11:05:06.0561 0x1528  C:\Windows\SysWOW64\spp.dll - ok
11:05:06.0570 0x1528  [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08E6B253855A01CA ] C:\Windows\SysWOW64\vssapi.dll
11:05:06.0570 0x1528  C:\Windows\SysWOW64\vssapi.dll - ok
11:05:06.0581 0x1528  [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC079748E1D6D625F0DF ] C:\Windows\SysWOW64\vsstrace.dll
11:05:06.0581 0x1528  C:\Windows\SysWOW64\vsstrace.dll - ok
11:05:06.0591 0x1528  [ D46BCA4F80BEB626591EEE911F2F3454, 9B2D64A9B9C3E5AC49335DEC10C3409AE0A14B8AC1D0AEB7F0E4EE4D4DA1AAB8 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\616561b2436ee4fe041b95419511b34f\Microsoft.CSharp.ni.dll
11:05:06.0591 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.CSharp\616561b2436ee4fe041b95419511b34f\Microsoft.CSharp.ni.dll - ok
11:05:06.0601 0x1528  [ E973F1FFC8433CBA7EE80E5DC9ABC423, C1ABB8B9E4A9531F99D949D275427DBB34CE7E14A6E92337DB045DC2594C96EC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste9f3c62ee#\eaacb8b36359173e0190ced86f3ae2d9\Avira.SystemSpeedup.Core.Common.Starter.ni.exe
11:05:06.0601 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste9f3c62ee#\eaacb8b36359173e0190ced86f3ae2d9\Avira.SystemSpeedup.Core.Common.Starter.ni.exe - ok
11:05:06.0611 0x1528  [ 09F65975C1C9793B923BB52A7FA83453, EB965B61F0C08F584A461F574936EDF2CB45F121EF742CC5072221122D7CFA41 ] C:\Windows\SysWOW64\wshom.ocx
11:05:06.0611 0x1528  C:\Windows\SysWOW64\wshom.ocx - ok
11:05:06.0620 0x1528  [ A3B1D1312602280839A4A2AFBDFD066E, 607D1E78E76F2DEB1982172E93AE68420825A1B6153B413451AE306A27594B17 ] C:\Windows\SysWOW64\scrrun.dll
11:05:06.0620 0x1528  C:\Windows\SysWOW64\scrrun.dll - ok
11:05:06.0629 0x1528  [ 522648E68E053273B6198CE1F2163D96, 8CB5221B9E059E4CB259C272226B768C717C3358CA018E857B2C61D80F1C4119 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\4b4621378b0e4b0d48ffaf0ff219fae4\System.Dynamic.ni.dll
11:05:06.0629 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Dynamic\4b4621378b0e4b0d48ffaf0ff219fae4\System.Dynamic.ni.dll - ok
11:05:06.0639 0x1528  [ 885E18B2D0A445FB637850282530EB72, 005BE9EC30390E88C429622EEEE4E2D2840CC3C75992C4A7F0E8A69756B0A2FD ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll
11:05:06.0639 0x1528  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18837_none_41e855142bd5705d\comctl32.dll - ok
11:05:06.0648 0x1528  [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
11:05:06.0649 0x1528  C:\Windows\SysWOW64\linkinfo.dll - ok
11:05:06.0658 0x1528  [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
11:05:06.0658 0x1528  C:\Windows\SysWOW64\ntshrui.dll - ok
11:05:06.0667 0x1528  [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
11:05:06.0667 0x1528  C:\Windows\SysWOW64\cscapi.dll - ok
11:05:06.0676 0x1528  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
11:05:06.0676 0x1528  C:\Windows\SysWOW64\slc.dll - ok
11:05:06.0686 0x1528  [ 154467C9606CC11544182828D42CBD44, D54A7BD6F0EA4986A589A01D09B8FEF36C8A30D2484DC98E7194C21CD63C720D ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\161bf26ea58a00810515847a2c551741\System.Drawing.ni.dll
11:05:06.0686 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\161bf26ea58a00810515847a2c551741\System.Drawing.ni.dll - ok
11:05:06.0696 0x1528  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
11:05:06.0697 0x1528  C:\Windows\SysWOW64\NapiNSP.dll - ok
11:05:06.0706 0x1528  [ FE48346938C1CDDDF4E4097DB9B99764, AC01FE84504B863DFA19D38BE854F518521072AB697DF51C888545CFBC839F4F ] C:\Windows\SysWOW64\nlaapi.dll
11:05:06.0706 0x1528  C:\Windows\SysWOW64\nlaapi.dll - ok
11:05:06.0715 0x1528  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
11:05:06.0715 0x1528  C:\Windows\SysWOW64\pnrpnsp.dll - ok
11:05:06.0724 0x1528  [ AC122407B29378FF9646F03404AC7C54, 01F03A11C4419665557C3CB7E712B8AD59B13703115CB10C9F39FBE82D177BE6 ] C:\Windows\SysWOW64\wshbth.dll
11:05:06.0725 0x1528  C:\Windows\SysWOW64\wshbth.dll - ok
11:05:06.0735 0x1528  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
11:05:06.0735 0x1528  C:\Windows\SysWOW64\winrnr.dll - ok
11:05:06.0746 0x1528  [ 56F6BCC6E84732FB390BA4603CE57012, B70BB633AEDF12E8A81DA179A49043A87A5B90F7CD966966B57408143FF6B962 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys
11:05:06.0746 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportPG64.sys - ok
11:05:06.0759 0x1528  [ 0FAAA3DE22434F4C3D209990AED79A20, 73A6438FE9B2D5181CFAD243F79F020963B47C71505B8C99BF852B85B7CF7F71 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys
11:05:06.0759 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKE64.sys - ok
11:05:06.0769 0x1528  [ F66D1A251ED39E6A1CD3432718176A9C, AF1F3960AC21BE377E310F972B7DF6BB77B8B3E2A0BE28152E634AFA2A495D06 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportGP_x64.dll
11:05:06.0769 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportGP_x64.dll - ok
11:05:06.0783 0x1528  [ D61950768371D619D69042595F3A66FC, 34DB1D7980C0FAFC891DD0C4AF6085C7A394B0916973E203EE0B5F9A149E9F77 ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKoan_x64.dll
11:05:06.0783 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportKoan_x64.dll - ok
11:05:06.0798 0x1528  [ D21938FFFD674CBF219DB559D44BDCAB, 6F898B3C70039C0CF06A9A1F8A340529C4050EBCCFDC3BC2D232D97588D47D9A ] C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportNikko_x64.dll
11:05:06.0798 0x1528  C:\Program Files (x86)\Trusteer\Rapport\bin\x64\RapportNikko_x64.dll - ok
11:05:06.0810 0x1528  [ DCB85EF4D6484A96696744EE59783440, 02B6D24134F557470BFAFF2AC80F2DEFDA0BF0B1AF6B4E41E07A7C2B5533FA79 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\30da8fa10e06e0f8e06a23dd42775744\System.Windows.Forms.ni.dll
11:05:06.0810 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\30da8fa10e06e0f8e06a23dd42775744\System.Windows.Forms.ni.dll - ok
11:05:06.0820 0x1528  [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
11:05:06.0820 0x1528  C:\Windows\System32\wbem\cimwin32.dll - ok
11:05:06.0831 0x1528  [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
11:05:06.0831 0x1528  C:\Windows\System32\framedynos.dll - ok
11:05:06.0838 0x1528  [ C3B4631AEA2EE375796FE15818A0F6F8, B1EDAC49A4AEA2001CD3DF35E5826B6063E4A4573F55E0039D8D0C2772F37926 ] C:\Windows\SysWOW64\wuapi.dll
11:05:06.0838 0x1528  C:\Windows\SysWOW64\wuapi.dll - ok
11:05:06.0848 0x1528  [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
11:05:06.0848 0x1528  C:\Windows\SysWOW64\cabinet.dll - ok
11:05:06.0857 0x1528  [ 7612127B53E3486A080A64EB67A0ED95, ADF1ABAC9813F043115B0750A8E838EFA2E094B1A93A8A2174BB41B203E31879 ] C:\Windows\SysWOW64\wups.dll
11:05:06.0857 0x1528  C:\Windows\SysWOW64\wups.dll - ok
11:05:06.0866 0x1528  [ D6A2D23C1386E88B67B62A2ED5590B34, EA0BF1A6E0D3FD55A4FB3EDB9960C1CD65F3F7A04D117E6CF92274C08CE85385 ] C:\Program Files (x86)\Avira\Antivirus\avpref.dll
11:05:06.0866 0x1528  C:\Program Files (x86)\Avira\Antivirus\avpref.dll - ok
11:05:06.0878 0x1528  [ 54A1F4C1A92CAB5204ADEFA2C0E85A52, 60233139C67FA2B033B485389BF306BD97430C3B1B9108D50D71F509A5AFA519 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Client.Services.dll
11:05:06.0878 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Client.Services.dll - ok
11:05:06.0891 0x1528  [ FF58472A9BE1148D773DDF43F95179CC, F497183F0A716AF5C517E55DB9B983E2E21BAC8F04AB5CAD262402DCCCEADC1B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste639b4fe3#\ac476eeb7ce218f6271b24b5aeb29829\Avira.SystemSpeedup.Core.Client.Services.ni.dll
11:05:06.0891 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste639b4fe3#\ac476eeb7ce218f6271b24b5aeb29829\Avira.SystemSpeedup.Core.Client.Services.ni.dll - ok
11:05:06.0904 0x1528  [ 6D56B52F6EADF3FF84E5EEC624BD1F59, CFF4A4DA1B9E1B5CDC8A6CE045B02FB3433AF475450CAA2D555E1A1BFC685183 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll
11:05:06.0904 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\PresentationNative_v0400.dll - ok
11:05:06.0915 0x1528  [ 1F24304663529C8A352BA0D95BAC44BE, 9A0171234A02524DFEB040FD25ADE9F5DAA99F9E7D6D0237EFFF3C5A55519AF1 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll
11:05:06.0915 0x1528  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.Windows.Forms\v4.0_4.0.0.0__b77a5c561934e089\System.Windows.Forms.dll - ok
11:05:06.0925 0x1528  [ 125BC4B8001B1259641203F1D2D2E32E, E1E880DC1C9067F36CD1DD599D11C21E23A1C1A1D74A14CE1D021DE942926FDC ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Common.dll
11:05:06.0925 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Common.dll - ok
11:05:06.0935 0x1528  [ 05A21D5A0CEE00D2FAFC405692D4A5DD, D711EF303513AC219443E3B5BD3FE960240C7E76FA7B0FAF03C7B5946D6DA1A3 ] C:\Program Files (x86)\Avira\System Speedup\Microsoft.Expression.Interactions.dll
11:05:06.0935 0x1528  C:\Program Files (x86)\Avira\System Speedup\Microsoft.Expression.Interactions.dll - ok
11:05:06.0946 0x1528  [ 612D4EFDCDDD68B429F8745317DD69DA, D1792741BC2FC498E1CBEC4FCEC845D869F6BE25500A577511EAE94892085F8A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste78a60bd0#\30b7e455ae8dbc943f43a802059840b7\Avira.SystemSpeedup.UI.Common.ni.dll
11:05:06.0946 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste78a60bd0#\30b7e455ae8dbc943f43a802059840b7\Avira.SystemSpeedup.UI.Common.ni.dll - ok
11:05:06.0956 0x1528  [ 5A68C52B98AB3A2542DA9C101863B514, 59A156E0C520236545E88D94A6404BB2D07FE0A2DDBCF2EB7A6EC576025E73B1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systed5a24264#\359ed7c7900c080a01259643dfa915fc\Avira.SystemSpeedup.UI.Resources.ni.dll
11:05:06.0957 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systed5a24264#\359ed7c7900c080a01259643dfa915fc\Avira.SystemSpeedup.UI.Resources.ni.dll - ok
11:05:06.0967 0x1528  [ 9F4190869F1D5856A20ABD50A2B2EEB8, 9211E828E27A354C06599CAB486F335F902AE10B1B70258F7FEB493EC1691EFD ] C:\Program Files (x86)\Avira\System Speedup\en-US\Avira.SystemSpeedup.UI.Resources.resources.dll
11:05:06.0967 0x1528  C:\Program Files (x86)\Avira\System Speedup\en-US\Avira.SystemSpeedup.UI.Resources.resources.dll - ok
11:05:06.0980 0x1528  [ 8743A5F5FFDF79B440A313C8C21900AA, 6C59F535941A689F5236930BD2902D8968007429CE80BCDA0BC67CBEEE7DB42A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasbase.vdm
11:05:06.0980 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasbase.vdm - ok
11:05:06.0991 0x1528  [ 51FFE01D07FA3009AE5C4B3C266E7FF5, B7106103B7DD946571D6618036C1C12F15667D0E9B6BEEB4610C83B50AED71E4 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Views.dll
11:05:06.0991 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Views.dll - ok
11:05:07.0001 0x1528  [ DC7DF06D9D2A98C248342466C02E899F, E793E098C27E85DFA131CB7C88F5FD76FE0393D7CBAD48DD34312754D4D44559 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Styles.Standard.dll
11:05:07.0002 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.Styles.Standard.dll - ok
11:05:07.0012 0x1528  [ 02C12DC66DB43EB9A56CB4361E71018C, 045FD0F0B1AAE59C4653539B8FF9918570C8C5F5F608E9508602A315C8DCDA49 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ViewModels.dll
11:05:07.0012 0x1528  C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.UI.ViewModels.dll - ok
11:05:07.0023 0x1528  [ 22BFE14452FCCD025557C116DB0B6DD5, 908B43C6A93C9F9E46510D76FB184F46910D81E18B28915A1713853431BC6FBF ] C:\Program Files (x86)\Avira\System Speedup\Microsoft.Expression.Drawing.dll
11:05:07.0024 0x1528  C:\Program Files (x86)\Avira\System Speedup\Microsoft.Expression.Drawing.dll - ok
11:05:07.0036 0x1528  [ 83EB1F3B1491565837D2335EBAE92E8A, 35A26A105356914C1A3D81AB847F46FCA10A12187D1264EAF451BACA6C1C88C3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systef2d068c3#\f30bbf374d87c0dee89d845b477f2f5c\Avira.SystemSpeedup.UI.Views.ni.dll
11:05:07.0036 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systef2d068c3#\f30bbf374d87c0dee89d845b477f2f5c\Avira.SystemSpeedup.UI.Views.ni.dll - ok
11:05:07.0047 0x1528  [ 7B2A38D436703BDF144981F4E02D1581, CBF2C078E5DFC7EDC70293824011A54545DA09AA0715DEED8126CA9C48F02322 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste029d7e0c#\c0785dcb84f94a0a9bcc2299e1dee945\Avira.SystemSpeedup.UI.Styles.Standard.ni.dll
11:05:07.0047 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Syste029d7e0c#\c0785dcb84f94a0a9bcc2299e1dee945\Avira.SystemSpeedup.UI.Styles.Standard.ni.dll - ok
11:05:07.0057 0x1528  [ 07A8C8031FD7A9F468ECD30258574F72, 746059CC80A62266390988005831E98F62866A906F2F6584E70BF5E495FEACA8 ] C:\Program Files (x86)\Avira\System Speedup\ServiceStack.Text.dll
11:05:07.0057 0x1528  C:\Program Files (x86)\Avira\System Speedup\ServiceStack.Text.dll - ok
11:05:07.0072 0x1528  [ 643A9AE76E70A15C03D85B297D0CBDC2, B072CFD3EDC41D10C2327E8DAC471C404BBC90EF5F159BF605D1DF75F5198259 ] C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe
11:05:07.0072 0x1528  C:\Program Files\Sony\VAIO Smart Network\VSNClient.exe - ok
11:05:07.0085 0x1528  [ 056165064F9A0FD67671408B61935DCA, 214E99FDAE96A06765C7F2D635A8BE9837DCEACBB495D593D139589B9516E73F ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\7fae9c3cff6954538f24087c842fa367\System.Data.Linq.ni.dll
11:05:07.0085 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data.Linq\7fae9c3cff6954538f24087c842fa367\System.Data.Linq.ni.dll - ok
11:05:07.0093 0x1528  [ 9879BCB67A014CEB8AE1D2E8DFBC6752, AE928FEE332E9FEBC03FE717422148B8AA0F529FB21DF88667F0844FEF64C887 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm
11:05:07.0094 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm - ok
11:05:07.0105 0x1528  [ BF28576A7FA8A45BC96AC1CE7773DDD0, FF2440BD04CBBFC6D95F9F12486EAA546A994EF70A6E6130157259B36CDEFDCC ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF15E0B0-8C10-4BAA-BE42-5ED4318F147C}\mpengine.dll
11:05:07.0105 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF15E0B0-8C10-4BAA-BE42-5ED4318F147C}\mpengine.dll - ok
11:05:07.0116 0x1528  [ FBFA29238A39FB781FC08F58C0BA082B, D8C45267593AD8162F305A93AE337AB7629757D3981A0F52197D55AEA75BF5D1 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF15E0B0-8C10-4BAA-BE42-5ED4318F147C}\mpasbase.vdm
11:05:07.0116 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF15E0B0-8C10-4BAA-BE42-5ED4318F147C}\mpasbase.vdm - ok
11:05:07.0126 0x1528  [ 28B81917A195B67617AF7DCF4DFE5736, 40A4D2AAE1BDE5ABA8708ED150396E913C566ECD5CDA40D6C6DB256F1B9FD4A9 ] C:\Windows\System32\drivers\usbccgp.sys
11:05:07.0126 0x1528  C:\Windows\System32\drivers\usbccgp.sys - ok
11:05:07.0137 0x1528  [ 06AF3856E91BC870A54052198E835CDC, 8AC4C49EA56FCEF82A8054A222D29F4144D2760C5FA8582839DD8C0E9BBDD9FC ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF15E0B0-8C10-4BAA-BE42-5ED4318F147C}\mpasdlta.vdm
11:05:07.0137 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{EF15E0B0-8C10-4BAA-BE42-5ED4318F147C}\mpasdlta.vdm - ok
11:05:07.0148 0x1528  [ A96E734A0E63B7F9B95317125DDEA2BC, 12579B7F19E1FF38656EBFBB6684D901AD27988560D900E1E7734A6EAE29389B ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA30604D-6E95-47DA-B74B-08289527F690}\mpengine.dll
11:05:07.0148 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA30604D-6E95-47DA-B74B-08289527F690}\mpengine.dll - ok
11:05:07.0158 0x1528  [ 8743A5F5FFDF79B440A313C8C21900AA, 6C59F535941A689F5236930BD2902D8968007429CE80BCDA0BC67CBEEE7DB42A ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA30604D-6E95-47DA-B74B-08289527F690}\mpasbase.vdm
11:05:07.0158 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA30604D-6E95-47DA-B74B-08289527F690}\mpasbase.vdm - ok
11:05:07.0169 0x1528  [ 9879BCB67A014CEB8AE1D2E8DFBC6752, AE928FEE332E9FEBC03FE717422148B8AA0F529FB21DF88667F0844FEF64C887 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA30604D-6E95-47DA-B74B-08289527F690}\mpasdlta.vdm
11:05:07.0169 0x1528  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA30604D-6E95-47DA-B74B-08289527F690}\mpasdlta.vdm - ok
11:05:07.0179 0x1528  [ 93BB66044FA76734E882C6F3E8EE1900, E00FE1028C999FFED3F8335F9D760929CB3A11B6EEF8D8D2F2CA4A32DEC56B26 ] C:\Program Files\Windows Defender\MsMpLics.dll
11:05:07.0179 0x1528  C:\Program Files\Windows Defender\MsMpLics.dll - ok
11:05:07.0188 0x1528  [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
11:05:07.0188 0x1528  C:\Windows\System32\wscapi.dll - ok
11:05:07.0197 0x1528  [ B84E2D174DC84916A536572BB8F691A8, 94E3D68F102439D3A585D2D796F3F3FC27CB41C640058DDC14AF99A723B2CD99 ] C:\Windows\System32\wscisvif.dll
11:05:07.0197 0x1528  C:\Windows\System32\wscisvif.dll - ok
11:05:07.0207 0x1528  [ 6C1E3C43B35268C17833244C8ED96430, 9C571AA762E71177B6FF486D1DB500E3530E13CAFD87316AD2C64F5A55EB4A93 ] C:\Windows\System32\wscproxystub.dll
11:05:07.0207 0x1528  C:\Windows\System32\wscproxystub.dll - ok
11:05:07.0217 0x1528  [ 6A482EFD9047D26548C8DE3051A9856B, A8C5647D69C0685B2C853DEBAFF7D0D624308B5C540DDCD0B14875445352BB83 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\f75840c10d7cd95e3f03f3ea70037663\Newtonsoft.Json.ni.dll
11:05:07.0217 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Newtonsoft.Json\f75840c10d7cd95e3f03f3ea70037663\Newtonsoft.Json.ni.dll - ok
11:05:07.0227 0x1528  [ 8E255F6B70FFD68740A2B6F813F00E43, 1321CF207CA9B17E1A154CEA612BF2EB7A8488BDF429C3AC3B5E5B8ADE2E03A7 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\ded4c301a3f6a9c519ffdea2d351fb35\System.Numerics.ni.dll
11:05:07.0227 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Numerics\ded4c301a3f6a9c519ffdea2d351fb35\System.Numerics.ni.dll - ok
11:05:07.0238 0x1528  [ FD4A303F00CA26CEFE988FB307A78BF0, F34CA6E192AACE54BAA90EAFA9379CC96ADC0CA81EAA0701C3D7BBC31722F695 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systecb66536c#\d155ad143b9cc5169d9af4f86e3b3e80\Avira.SystemSpeedup.UI.ViewModels.ni.dll
11:05:07.0238 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\Avira.Systecb66536c#\d155ad143b9cc5169d9af4f86e3b3e80\Avira.SystemSpeedup.UI.ViewModels.ni.dll - ok
11:05:07.0247 0x1528  [ C2E787F8373A8287B06ECFA373B88CC2, 75AF0E2BF98EBCC64F8D9CACDE2C226F5A5784406523A5D3241495F7E007BC83 ] C:\Windows\SysWOW64\DWrite.dll
11:05:07.0247 0x1528  C:\Windows\SysWOW64\DWrite.dll - ok
11:05:07.0257 0x1528  [ 0971D28BA24BE88E559A841E3255CE9B, 280D74EAF69EA082CAE30558801CB33D736E501A51E687E3A3149C4CCC1B2BBE ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll
11:05:07.0257 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\wpfgfx_v0400.dll - ok
11:05:07.0267 0x1528  [ 2737D2D6DD6DCE9FD51EAA026E3ED0C0, 6411B98C6500D2E6BA5546A0F141AB7A4D185DBD6CE626C76DB4BE59514340A3 ] C:\Windows\SysWOW64\msvcp120_clr0400.dll
11:05:07.0267 0x1528  C:\Windows\SysWOW64\msvcp120_clr0400.dll - ok
11:05:07.0276 0x1528  [ 960AE99A15B1C8C9FBDDDE97606478F9, E3009E3738FAB1F7CD685567C5AA1EB0A408AC51D0CDA5DA788841174D7625B1 ] C:\Windows\SysWOW64\D3DCompiler_47.dll
11:05:07.0276 0x1528  C:\Windows\SysWOW64\D3DCompiler_47.dll - ok
11:05:07.0285 0x1528  [ 525B93B761DCCB2D33A58ED603178228, D033B7A05BB35738471E4CFC48249061F7433DF010C3A32C181541EB2E41B41D ] C:\Windows\SysWOW64\WindowsCodecs.dll
11:05:07.0285 0x1528  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
11:05:07.0300 0x1528  [ C5B48547330A22FF362404BF1114A60A, 6DB21055EF55BCA65D81D4D14EFD39D667F11B5E45C5E9F971F85E250C168550 ] C:\Program Files (x86)\Avira\Antivirus\gpavgio.dll
11:05:07.0300 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpavgio.dll - ok
11:05:07.0307 0x1528  [ 3BD671A60BC41AF7346E061D40CB6303, 0855B4BDC197A1941C88CCF7B20CC54BFDB5710F48E11433BCB133A000A0262C ] C:\Program Files (x86)\Avira\Antivirus\avgio.dll
11:05:07.0307 0x1528  C:\Program Files (x86)\Avira\Antivirus\avgio.dll - ok
11:05:07.0321 0x1528  [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
11:05:07.0321 0x1528  C:\Windows\SysWOW64\fltLib.dll - ok
11:05:07.0342 0x1528  [ 5FA7E45A1D09EDDFE481A5C4FD86FE9A, 52502EE9E6EF47D0D28CA74F690D24F577AB32C902E66C79C0E515C66EA11C8C ] C:\Program Files (x86)\Avira\Antivirus\avesvc.dll
11:05:07.0343 0x1528  C:\Program Files (x86)\Avira\Antivirus\avesvc.dll - ok
11:05:07.0361 0x1528  [ 3371A06F45C6920B45FA5CF20FCAD56B, 8E0CC5935CED9E1DA91727FC69835F7E4EFF326103A83AE382F2658F33923784 ] C:\Program Files (x86)\Avira\Antivirus\gpacp.dll
11:05:07.0361 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpacp.dll - ok
11:05:07.0372 0x1528  [ F5A133257F3284E5F0EBCF8E1466B3B0, B8CA740E614A13CF45DA21699D79573DE0143DABF6859FC9D95D136782815A03 ] C:\Program Files (x86)\Avira\Antivirus\communicationprotocol.dll
11:05:07.0372 0x1528  C:\Program Files (x86)\Avira\Antivirus\communicationprotocol.dll - ok
11:05:07.0384 0x1528  [ 38AEF244AA9059296901F9508C585A48, F8CC385189EA028B546517747042C0B52381278F22A13A08BCC1FD120821A5B8 ] C:\Program Files (x86)\Avira\Antivirus\gpscan.dll
11:05:07.0384 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpscan.dll - ok
11:05:07.0396 0x1528  [ 7B8A70D5E9C57BE93D7B7B8F2862557C, BEE794CC4BD45131C4266B0808AC11C7360782ED49C08AD7ADF1F45CAD48F271 ] C:\Program Files (x86)\Avira\Antivirus\repair.dll
11:05:07.0396 0x1528  C:\Program Files (x86)\Avira\Antivirus\repair.dll - ok
11:05:07.0407 0x1528  [ 427CC8362B53406BC1D03B6AAD65184F, 9AF4032D07FB64E6DC7056120019F4C615EEA168AFF95F48B6024E71C46468AE ] C:\Program Files (x86)\Avira\Antivirus\gpDeviceProtection.dll
11:05:07.0407 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpDeviceProtection.dll - ok
11:05:07.0421 0x1528  [ 169177E8B1434474B1208B3039EB2629, 12A398A3FDA179E26FEFBE5ECDDF5C6B1887E8457E99AC437BCDDF1F2950B8EF ] C:\Program Files (x86)\Avira\Antivirus\gpfirewall.dll
11:05:07.0421 0x1528  C:\Program Files (x86)\Avira\Antivirus\gpfirewall.dll - ok
11:05:07.0438 0x1528  [ 9602CA7BF24A012EBD2403ED8CF908A9, FE5301A3EE73EA616B4792586306478AF8A5DDFD41456EAFB6467A904620C951 ] C:\Program Files (x86)\Avira\Antivirus\avshadow.exe
11:05:07.0438 0x1528  C:\Program Files (x86)\Avira\Antivirus\avshadow.exe - ok
11:05:07.0452 0x1528  [ 31427CD9653262F53009FD79E4F474F4, C182B049C969788333E4F9814D8B2C6C171D25A9EA462BED61C936397049A7F2 ] C:\Program Files (x86)\Avira\Antivirus\avreg.dll
11:05:07.0452 0x1528  C:\Program Files (x86)\Avira\Antivirus\avreg.dll - ok
11:05:07.0464 0x1528  [ 7C0B4332ADCDB431E0E7E24961E534AC, D52568771E1DD2EFE970F3C156494CB5EF31E08F7052D88694C81907DB2AE607 ] C:\Program Files (x86)\Avira\Antivirus\avipc64.dll
11:05:07.0464 0x1528  C:\Program Files (x86)\Avira\Antivirus\avipc64.dll - ok
11:05:07.0481 0x1528  [ C21450BBD3C299CE079DAFDEEDD7352F, DA175696BFEBC7DFAF5F1DAB8C487CC1F4D7AD5A3FDE83E37EC6E26C9D6BCE27 ] C:\Program Files (x86)\Avira\Antivirus\msgclient.dll
11:05:07.0481 0x1528  C:\Program Files (x86)\Avira\Antivirus\msgclient.dll - ok
11:05:07.0497 0x1528  [ 7765809FE4DEA7EACB255FEF503BB7F9, 1FF596FBF036B21DF69ACB83863963F142D57C8B3B8BFA2C23395E6850DF45F8 ] C:\Program Files (x86)\Avira\Antivirus\avesvcr.dll
11:05:07.0497 0x1528  C:\Program Files (x86)\Avira\Antivirus\avesvcr.dll - ok
11:05:07.0513 0x1528  [ 00428ADCD066AE1D507D8AB269C2D66C, 6342F94B1CC7DB08EC13434B19ABC6955270A2D73EC994A0C03A0B143574DC82 ] C:\Program Files\Sony\VAIO Power Management\SPMgr.exe
11:05:07.0513 0x1528  C:\Program Files\Sony\VAIO Power Management\SPMgr.exe - ok
11:05:07.0525 0x1528  [ 135C06F80A7C03934693B67A6D1ECC74, D6E8872BFB6FA26ECA1778D6C8E42D029748797800B8B7EA45E6CF8A6F4F1037 ] C:\Program Files (x86)\Avira\Antivirus\avscanrc.dll
11:05:07.0525 0x1528  C:\Program Files (x86)\Avira\Antivirus\avscanrc.dll - ok
11:05:07.0535 0x1528  [ C753781FE101BA13156872D24FEF2A36, 88C5FC4EB731C914CB124F9F07BDAFD7EB909CA8FB986C04069E83A164AECC07 ] C:\Program Files (x86)\Avira\Antivirus\ccfwmgtrc.dll
11:05:07.0535 0x1528  C:\Program Files (x86)\Avira\Antivirus\ccfwmgtrc.dll - ok
11:05:07.0549 0x1528  [ 350D5451C4FE985508E28E38D1F982F8, E1A8C9E8116A15584AE63ED8F999C6F71AC86DF8304CE3E0041BE791533287CD ] C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe
11:05:07.0549 0x1528  C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe - ok
11:05:07.0562 0x1528  [ A587017D8CAF0B67FCD4B589C1ABF22B, 5B8024C0BAB30C9F850D189A1D3B5B385177BD7EA54C5FE6FD8506686B2A886E ] C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
11:05:07.0562 0x1528  C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe - ok
11:05:07.0572 0x1528  [ 94C091951860F968F812626C776A310C, 41FAC537E195221BD7F67197E44A5CAF3705AE2B1B95E644C67B72EF21119087 ] C:\Program Files (x86)\Avira\Antivirus\guardmsg.dll
11:05:07.0572 0x1528  C:\Program Files (x86)\Avira\Antivirus\guardmsg.dll - ok
11:05:07.0583 0x1528  [ 983B84B6794580EE8316C62DEB1E7256, FF74E848F6321CA099AE32430D1536CD1F789E93311AC085543D4AEA4227A9F0 ] C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll
11:05:07.0583 0x1528  C:\Program Files\Common Files\Sony Shared\Sony Utilities\SnyUtils.dll - ok
11:05:07.0598 0x1528  [ B2868F2E2057D4EA9E7EA061102D8921, 1FCB309421FC58E68E162282816ACB88A1E20C148A0B5C423FEC49123D033EA0 ] C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
11:05:07.0598 0x1528  C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe - ok
11:05:07.0606 0x1528  [ FDE80AD32CF3E245AE278D97C2306A1C, 4A991A08A456D3C782D0E7B9FDF132F2D53D412B390D39058D424E5C58B8AE94 ] C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll
11:05:07.0607 0x1528  C:\Program Files\Sony\VAIO Power Management\SPMDrv.dll - ok
11:05:07.0620 0x1528  [ 3A92587F19DF0A2BD15E9D169E5CCF77, B1E6B0AF76D14599968203E15B0A0A512E4A3AE3DA02D6AE967A32C1A83BCBFD ] C:\Program Files\Sony\VAIO Power Management\SPMDam.dll
11:05:07.0620 0x1528  C:\Program Files\Sony\VAIO Power Management\SPMDam.dll - ok
11:05:07.0629 0x1528  [ 3F384F744B35D339B42C8982A7A8BCB2, 7841069E5EA35762AA1464DF67143FAAC3A8C14D1445B8D81E07B1BA97DD9E9C ] C:\Program Files (x86)\Avira\Antivirus\avwebgrc.dll
11:05:07.0629 0x1528  C:\Program Files (x86)\Avira\Antivirus\avwebgrc.dll - ok
11:05:07.0639 0x1528  [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
11:05:07.0639 0x1528  C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
11:05:07.0648 0x1528  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
11:05:07.0648 0x1528  C:\Windows\System32\wscsvc.dll - ok
11:05:07.0657 0x1528  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
11:05:07.0657 0x1528  C:\Windows\System32\p2pcollab.dll - ok
11:05:07.0666 0x1528  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
11:05:07.0666 0x1528  C:\Windows\System32\wbem\NCProv.dll - ok
11:05:07.0675 0x1528  [ 028E420B12654492D25625688055108C, 04DFBBB8170FD63E25F9C78622F1F487A9F2C3AF7A3E9C5E42C53674BF2B60E6 ] C:\Program Files\Sony\VAIO Smart Network\VSNService.exe
11:05:07.0675 0x1528  C:\Program Files\Sony\VAIO Smart Network\VSNService.exe - ok
11:05:07.0685 0x1528  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
11:05:07.0685 0x1528  C:\Windows\System32\QAGENTRT.DLL - ok
11:05:07.0694 0x1528  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
11:05:07.0694 0x1528  C:\Windows\System32\fveui.dll - ok
11:05:07.0707 0x1528  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] C:\Windows\System32\wdi.dll
11:05:07.0707 0x1528  C:\Windows\System32\wdi.dll - ok
11:05:07.0717 0x1528  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
11:05:07.0717 0x1528  C:\Windows\System32\wpdbusenum.dll - ok
11:05:07.0726 0x1528  [ 88009DB9E1166B6B6713A858C176FECD, CBF4C63D3C5D14AF3C3F0D9C48E5AC9E7A4323BFB0363E9948FD801963BE1467 ] C:\Windows\System32\wuaueng.dll
11:05:07.0727 0x1528  C:\Windows\System32\wuaueng.dll - ok
11:05:07.0736 0x1528  [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
11:05:07.0736 0x1528  C:\Windows\System32\diagperf.dll - ok
11:05:07.0745 0x1528  [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
11:05:07.0745 0x1528  C:\Windows\System32\PortableDeviceApi.dll - ok
11:05:07.0755 0x1528  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
11:05:07.0755 0x1528  C:\Windows\System32\npmproxy.dll - ok
11:05:07.0764 0x1528  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
11:05:07.0765 0x1528  C:\Windows\System32\NapiNSP.dll - ok
11:05:07.0774 0x1528  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
11:05:07.0774 0x1528  C:\Windows\System32\pnrpnsp.dll - ok
11:05:07.0783 0x1528  [ 748849C42DEA24C723048E24BCA1BD55, 517DDE70E7CB8E94C6E8B9B05CCD4BC6490A8837FD8BB874C9E1186D8EF07659 ] C:\Windows\System32\wshbth.dll
11:05:07.0783 0x1528  C:\Windows\System32\wshbth.dll - ok
11:05:07.0794 0x1528  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
11:05:07.0795 0x1528  C:\Windows\System32\winrnr.dll - ok
11:05:07.0803 0x1528  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
11:05:07.0803 0x1528  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
11:05:07.0813 0x1528  [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
11:05:07.0813 0x1528  C:\Windows\System32\cabinet.dll - ok
11:05:07.0823 0x1528  [ D713D6446DDBB474D801F361B4B186EA, C21091309C2407684D429C5601B3959A67BAAE88DCF1412239774109301AF5B9 ] C:\Windows\System32\perftrack.dll
11:05:07.0823 0x1528  C:\Windows\System32\perftrack.dll - ok
11:05:07.0833 0x1528  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
11:05:07.0833 0x1528  C:\Windows\System32\pnpts.dll - ok
11:05:07.0854 0x1528  [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
11:05:07.0854 0x1528  C:\Windows\System32\wdiasqmmodule.dll - ok
11:05:07.0862 0x1528  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] C:\Windows\System32\appinfo.dll
11:05:07.0862 0x1528  C:\Windows\System32\appinfo.dll - ok
11:05:07.0871 0x1528  [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll
11:05:07.0871 0x1528  C:\Windows\System32\mspatcha.dll - ok
11:05:07.0881 0x1528  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
11:05:07.0881 0x1528  C:\Windows\System32\Apphlpdm.dll - ok
11:05:07.0892 0x1528  [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
11:05:07.0892 0x1528  C:\Windows\System32\wer.dll - ok
11:05:07.0902 0x1528  [ 89F6D2DD21C8907B8A73C9397DFD0FA8, CBE414502522BF7DF4873256A1A4D3090BB8758DA98C38A20F604594EB0204EB ] C:\Windows\System32\wuapi.dll
11:05:07.0902 0x1528  C:\Windows\System32\wuapi.dll - ok
11:05:07.0912 0x1528  [ D281F540EACC72662E4A1253F5F1B1C7, 64A67A9FB4987CF03CE91F170DDE65817F7BB22DBAE4A50FBC66A43BF1FFDB7A ] C:\Windows\System32\wups.dll
11:05:07.0912 0x1528  C:\Windows\System32\wups.dll - ok
11:05:07.0922 0x1528  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
11:05:07.0922 0x1528  C:\Windows\System32\wlanapi.dll - ok
11:05:07.0933 0x1528  [ 1E996B320783C723F81631AF1EFBAD2C, 89B97DBC636A3C2C952524A5211397ACDF3C15FBEB743B1C0EDE4B890919CE58 ] C:\Windows\System32\wups2.dll
11:05:07.0933 0x1528  C:\Windows\System32\wups2.dll - ok
11:05:07.0942 0x1528  [ B88DFE76310A4A486C30DD6C8C37A89F, 717302727447A292D02BD0BE48052567344C163497853641D68F1A317FFA91A6 ] C:\Windows\System32\wu.upgrade.ps.dll
11:05:07.0942 0x1528  C:\Windows\System32\wu.upgrade.ps.dll - ok
11:05:07.0953 0x1528  [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
11:05:07.0953 0x1528  C:\Windows\System32\SensApi.dll - ok
11:05:07.0964 0x1528  [ 65AFF15AB5EE98A2A025F9BBB7BFD0BD, F69E86403ABCB48181D68F6C9FDF52811842D112513A7178023F2502BE4EC9B8 ] C:\Windows\System32\msxml3.dll
11:05:07.0964 0x1528  C:\Windows\System32\msxml3.dll - ok
11:05:07.0974 0x1528  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
11:05:07.0974 0x1528  C:\Windows\System32\radardt.dll - ok
11:05:07.0985 0x1528  [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
11:05:07.0985 0x1528  C:\Windows\System32\pnidui.dll - ok
11:05:07.0996 0x1528  [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
11:05:07.0996 0x1528  C:\Windows\System32\runonce.exe - ok
11:05:08.0010 0x1528  [ 0D893F8D145D3B125B0226727C243A69, B344A18C5D5324A891B6E2121EC375AFB9E83D4C59D64EDD2E63854ABEC5D734 ] C:\Windows\System32\security.dll
11:05:08.0010 0x1528  C:\Windows\System32\security.dll - ok
11:05:08.0021 0x1528  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
11:05:08.0021 0x1528  C:\Windows\System32\dssenh.dll - ok
11:05:08.0032 0x1528  [ 1539E704316A2E9576F8557AD58B8764, 956AB469005C3E216A82D5C696711CD9346EBBF662C5D13AFB2C208DEB825B19 ] C:\Windows\System32\wmp.dll
11:05:08.0032 0x1528  C:\Windows\System32\wmp.dll - ok
11:05:08.0042 0x1528  [ 8128D79D325A1F95FBFDE2105BC10A83, 7A52263360EE626D34AB5C9455836D4FCB3862155DA7EB422258F26E0CF358FF ] C:\Program Files (x86)\Avira\Launcher\en-US\Avira.OE.WinCore.resources.dll
11:05:08.0042 0x1528  C:\Program Files (x86)\Avira\Launcher\en-US\Avira.OE.WinCore.resources.dll - ok
11:05:08.0051 0x1528  [ 012787CEB35505EB78DF82E0A0072888, FE082EF9F8462589F8C8BEEFB1D10AB06E1E3D6F4494CABF34097328C109C03E ] C:\Windows\System32\browcli.dll
11:05:08.0051 0x1528  C:\Windows\System32\browcli.dll - ok
11:05:08.0060 0x1528  [ C4BFE4B61086416B0529212F92BCE081, A5EE6FB81229885C7A4A4EF0A9C3E9EE9E7F85C1EDE9BEEE236EB0503093D8F3 ] C:\Windows\System32\schedcli.dll
11:05:08.0060 0x1528  C:\Windows\System32\schedcli.dll - ok
11:05:08.0070 0x1528  [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
11:05:08.0070 0x1528  C:\Windows\SysWOW64\runonce.exe - ok
11:05:08.0080 0x1528  [ 72460AA5D07E44A639880F0AA129F3DB, CE266BF6964B64B4E76C015D5E511DC498996709A16CCFB14A6BECE223AA9D2A ] C:\Program Files\Internet Explorer\iexplore.exe
11:05:08.0080 0x1528  C:\Program Files\Internet Explorer\iexplore.exe - ok
11:05:08.0093 0x1528  [ 5EA9A0950F322BFA382AF277801C0307, A2C00A3E22A484A00620FF801E0B6EB475C9593C80AF321564E5A0DD2B1C38B7 ] C:\Windows\System32\wbem\wmipcima.dll
11:05:08.0093 0x1528  C:\Windows\System32\wbem\wmipcima.dll - ok
11:05:08.0105 0x1528  [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
11:05:08.0105 0x1528  C:\Windows\SysWOW64\wscisvif.dll - ok
11:05:08.0113 0x1528  [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
11:05:08.0113 0x1528  C:\Windows\SysWOW64\wscapi.dll - ok
11:05:08.0122 0x1528  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
11:05:08.0122 0x1528  C:\Windows\System32\dimsjob.dll - ok
11:05:08.0131 0x1528  [ 7DF186D86CF8C571A12AAB788C777F84, A2C1064BFDEF2A85CB12A11E55728BCC09933C115C278403F07B27DB2C36C710 ] C:\Windows\SysWOW64\wscproxystub.dll
11:05:08.0131 0x1528  C:\Windows\SysWOW64\wscproxystub.dll - ok
11:05:08.0140 0x1528  [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
11:05:08.0140 0x1528  C:\Windows\System32\wmi.dll - ok
11:05:08.0149 0x1528  [ DB76DB15EFC6E4D1153A6C5BC895948D, 71DDF02C7EE2DF66A08F1A2A08DA39802C354624880A2BE93A706EA7476422A3 ] C:\Windows\System32\sppc.dll
11:05:08.0149 0x1528  C:\Windows\System32\sppc.dll - ok
11:05:08.0157 0x1528  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] C:\Windows\System32\sppsvc.exe
11:05:08.0157 0x1528  C:\Windows\System32\sppsvc.exe - ok
11:05:08.0166 0x1528  [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
11:05:08.0166 0x1528  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
11:05:08.0175 0x1528  [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
11:05:08.0175 0x1528  C:\Windows\SysWOW64\cmd.exe - ok
11:05:08.0185 0x1528  [ 43B3403C7C625D05375338DE3EB9B874, CB5870BFFD650DB66BABE29FC93D63F8AFA77291077AEAB00DC65418EF893F1C ] C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\67849d7735cb99c03d3a8add69b211b4\SMDiagnostics.ni.dll
11:05:08.0185 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\67849d7735cb99c03d3a8add69b211b4\SMDiagnostics.ni.dll - ok
11:05:08.0196 0x1528  [ 98136D5C10013144B9F9BA25F42BF0CD, C7A9E179019B1E1ED601D3BCE9C148FD796C070B613E2179CD30B8C7735716A4 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\8668b61d526100cf5acb802c57f29f9c\System.ServiceModel.Internals.ni.dll
11:05:08.0196 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\8668b61d526100cf5acb802c57f29f9c\System.ServiceModel.Internals.ni.dll - ok
11:05:08.0206 0x1528  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
11:05:08.0206 0x1528  C:\Windows\SysWOW64\wlanapi.dll - ok
11:05:08.0216 0x1528  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
11:05:08.0216 0x1528  C:\Windows\SysWOW64\wlanutil.dll - ok
11:05:08.0228 0x1528  [ 954EA9B34F155C844B11F4047A8F6F89, 44703118AE57D44C802DFA5619DC1CA55C5C046D666CE546E5870D722786E395 ] C:\Windows\SysWOW64\upnp.dll
11:05:08.0228 0x1528  C:\Windows\SysWOW64\upnp.dll - ok
11:05:08.0240 0x1528  [ 28E2231BD34A39C854BDF3923AB2FF86, A95179068F7B86E04F976B724F155DA86253B7F4414F43DBD95F2058282B99E4 ] C:\Windows\SysWOW64\ssdpapi.dll
11:05:08.0240 0x1528  C:\Windows\SysWOW64\ssdpapi.dll - ok
11:05:08.0251 0x1528  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
11:05:08.0251 0x1528  C:\Windows\System32\ssdpsrv.dll - ok
11:05:08.0260 0x1528  [ F5869CBB2612BAE125ACE8142976BDFF, BE5B59EDD6484FC56C0D192783CBAAC16568149627F1E7E8218F0EB8C954BE0A ] C:\Windows\System32\conhost.exe
11:05:08.0260 0x1528  C:\Windows\System32\conhost.exe - ok
11:05:08.0270 0x1528  [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
11:05:08.0270 0x1528  C:\Windows\System32\drivers\spsys.sys - ok
11:05:08.0279 0x1528  [ F6F22291024906E43D135A4B1705FEAC, C1B66012799D247033E8AB8386B51BC86A4E2255E6D0B163AC000B215C51B42A ] C:\Windows\System32\sppwinob.dll
11:05:08.0279 0x1528  C:\Windows\System32\sppwinob.dll - ok
11:05:08.0289 0x1528  [ DEDE9DCCF8772357A27B7719F19601D1, 2F597DBDFCD09DDD7F094C2CDA32F6A8101BCDBBD650CE11C3A73B77B53AEE69 ] C:\Program Files (x86)\Avira\Launcher\en-US\Avira.ServiceHost.resources.dll
11:05:08.0289 0x1528  C:\Program Files (x86)\Avira\Launcher\en-US\Avira.ServiceHost.resources.dll - ok
11:05:08.0299 0x1528  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
11:05:08.0299 0x1528  C:\Windows\SysWOW64\winbrand.dll - ok
11:05:08.0312 0x1528  [ E601860AA04CE2198DBC6AC2AF80AFF7, B9D2BAEF2F6F8EA687414E73DFC5207F11A406D53C3444FCDAFD9CE1B4940053 ] C:\Windows\System32\perfos.dll
11:05:08.0312 0x1528  C:\Windows\System32\perfos.dll - ok
11:05:08.0321 0x1528  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] C:\Windows\System32\aelupsvc.dll
11:05:08.0321 0x1528  C:\Windows\System32\aelupsvc.dll - ok
11:05:08.0334 0x1528  [ 2B373B5F7E36B5ED5DA176D4400EF091, A7E220CC3661429D786693B277A7F39D5D9E24284B1D9E55DB6295AF7D97D104 ] C:\Windows\System32\sppobjs.dll
11:05:08.0334 0x1528  C:\Windows\System32\sppobjs.dll - ok
11:05:08.0346 0x1528  [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
11:05:08.0346 0x1528  C:\Windows\System32\pautoenr.dll - ok
11:05:08.0356 0x1528  [ C2926E8C10A4A69C40C7EB8D2B477F15, 47C797E74E9B8D136B0C948D8755CC6247BD51C9D95FAD6F481C7B878FE4792C ] C:\Windows\System32\certcli.dll
11:05:08.0356 0x1528  C:\Windows\System32\certcli.dll - ok
11:05:08.0365 0x1528  [ AA7079AD52B8BFBAE94167D54C32F84F, CB05C1B298376D38412FA48C74601197B79EBF7C957D8F22061E2B213C8DE0BC ] C:\Windows\System32\powertracker.dll
11:05:08.0365 0x1528  C:\Windows\System32\powertracker.dll - ok
11:05:08.0379 0x1528  [ FE85BA4C38779D184D41A95A0909EA87, C1381F07974C098F7C0D51EE3FCFB16E2B3BF4DCFA7941347970ECBC6C888D71 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d2fd6d45096ef600a667e7ba5b84090\System.Management.ni.dll
11:05:08.0380 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\5d2fd6d45096ef600a667e7ba5b84090\System.Management.ni.dll - ok
11:05:08.0390 0x1528  [ 534DC8A971497E8C5915666376FB24D0, 2BF65B223B7B0558923EDDF9125B02FA98DB0F569DB6A43EB9C854D6D9FF5020 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll
11:05:08.0390 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\WMINet_Utils.dll - ok
11:05:08.0402 0x1528  [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
11:05:08.0402 0x1528  C:\Windows\System32\CertEnroll.dll - ok
11:05:08.0415 0x1528  [ 28C16C7F29B4B98DAE042B69DFDB2332, 483A6FCC411960F7FF5A401E7CCB23F4B0240D6F40F44D5F4923FACADF5E19D7 ] C:\Windows\SysWOW64\ieframe.dll
11:05:08.0415 0x1528  C:\Windows\SysWOW64\ieframe.dll - ok
11:05:08.0427 0x1528  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
11:05:08.0427 0x1528  C:\Windows\System32\ndiscapCfg.dll - ok
11:05:08.0439 0x1528  [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
11:05:08.0439 0x1528  C:\Windows\System32\rascfg.dll - ok
11:05:08.0449 0x1528  [ 5610B0425518D185331CB8E968D060E6, E235186C3BF266EE9EC733D2CFF35E3A65DE039C19B14260F4054F34B5E8AD41 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
11:05:08.0449 0x1528  C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
11:05:08.0460 0x1528  [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
11:05:08.0460 0x1528  C:\Windows\System32\mprmsg.dll - ok
11:05:08.0470 0x1528  [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
11:05:08.0470 0x1528  C:\Windows\System32\tcpipcfg.dll - ok
11:05:08.0480 0x1528  [ E36431CA70B26EE1D3CFEA8C8F7CE307, 9AF7FCDD3169A581AEA9C3B7052C42839ACF396A995216AD0B7991853C021A55 ] C:\Windows\System32\srwmi.dll
11:05:08.0480 0x1528  C:\Windows\System32\srwmi.dll - ok
11:05:08.0490 0x1528  [ 607D269406CF402E47B08EB3951C7810, 9F551E1AB1AEABBF794844818CC19F008D4C28E7339D18DAB1E7B38D4D66F2B9 ] C:\Windows\System32\srclient.dll
11:05:08.0490 0x1528  C:\Windows\System32\srclient.dll - ok
11:05:08.0499 0x1528  [ B7AC66C1CCD87D7C49256B5451DED4FA, 2BA412A69605D75CF10B9446725917B850A29369BD3970CA14796CC24C9BFD72 ] C:\Windows\System32\spp.dll
11:05:08.0499 0x1528  C:\Windows\System32\spp.dll - ok
11:05:08.0509 0x1528  [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
11:05:08.0509 0x1528  C:\Windows\System32\nci.dll - ok
11:05:08.0519 0x1528  [ 73658637F233B9972D4D1B144FD71E56, C58921202685DC5E70E29EA69A3FF108D8A42A16AC4793F92B1CB6D2B33CBDDD ] C:\Windows\SysWOW64\certcli.dll
11:05:08.0519 0x1528  C:\Windows\SysWOW64\certcli.dll - ok
11:05:08.0529 0x1528  [ 2F040CF0613A6D64DCBBA9EE81F5A5AE, DA16117429AF47230CD7C136407C81951B8D2E45A8B7A9DC6948407AA2EC4ADD ] C:\Windows\SysWOW64\dsrole.dll
11:05:08.0529 0x1528  C:\Windows\SysWOW64\dsrole.dll - ok
11:05:08.0538 0x1528  [ AC0C9CEA1218DAB1994AF8B28E680BD9, 7C79144AD91C5B578B48DD6412884A58F4E6C23732612655A73486FC7BCE68A0 ] C:\Windows\System32\wlaninst.dll
11:05:08.0538 0x1528  C:\Windows\System32\wlaninst.dll - ok
11:05:08.0548 0x1528  [ E397AAC317A041D0A266F735EF62E484, 83D28BC034A732BDF584948DC8B02D477180029BF436314C8A676654E5570F87 ] C:\Windows\SysWOW64\schannel.dll
11:05:08.0548 0x1528  C:\Windows\SysWOW64\schannel.dll - ok
11:05:08.0563 0x1528  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE, D3228D81B30A37DDDBF2E9FECC8885404FB95DBD11C5F55A425B27BD361BC2C1 ] C:\Windows\System32\wwaninst.dll
11:05:08.0563 0x1528  C:\Windows\System32\wwaninst.dll - ok
11:05:08.0574 0x1528  [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
11:05:08.0574 0x1528  C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
11:05:08.0586 0x1528  [ C36BB659F08F046B139C8D1B980BF1AC, 405F03534BE8B45185695F68DEB47D4DAF04DCD6DF9D351CA6831D3721B1EFC4 ] C:\Windows\System32\rundll32.exe
11:05:08.0586 0x1528  C:\Windows\System32\rundll32.exe - ok
11:05:08.0599 0x1528  [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
11:05:08.0599 0x1528  C:\Windows\SysWOW64\shdocvw.dll - ok
11:05:08.0610 0x1528  [ F23AAC505B29FC073A05A596BFCE7A2B, 9841CF5C86A118622E8028A30E6CF4EE44DC0461EA0D32F7EF6ABDC40DD55156 ] C:\Windows\System32\srcore.dll
11:05:08.0610 0x1528  C:\Windows\System32\srcore.dll - ok
11:05:08.0619 0x1528  [ 55BA6C87FFB2C478E1C9351FA631CC1A, F773D20745034F3A2D0F9AE832BDFCD47F0DC9AE0E9AC3236407DB953EC4C12C ] C:\Windows\System32\sxproxy.dll
11:05:08.0619 0x1528  C:\Windows\System32\sxproxy.dll - ok
11:05:08.0632 0x1528  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] C:\Windows\System32\VSSVC.exe
11:05:08.0632 0x1528  C:\Windows\System32\VSSVC.exe - ok
11:05:08.0645 0x1528  [ 14768274399730DC93EB2BA4E51C507D, C46716CFFB26D7DDB12F08A743076B5D027AE6765AD9B3230E8E1B633A640F8D ] C:\Windows\System32\xolehlp.dll
11:05:08.0645 0x1528  C:\Windows\System32\xolehlp.dll - ok
11:05:08.0655 0x1528  [ BBB44E9207E7F5A8D931AA6C74962C77, 87AA8452B9E05E4108B73FC5CFECED2326E7404313F7A4456CAF44438577C70E ] C:\Windows\System32\virtdisk.dll
11:05:08.0656 0x1528  C:\Windows\System32\virtdisk.dll - ok
11:05:08.0669 0x1528  [ 4D85B1B44DC19C0C46E6DDE35895FD0F, BB711DE8D59C4AD52858F7C39A77CE5439B92F78779FDF85BD445FB9C359C642 ] C:\Windows\System32\vss_ps.dll
11:05:08.0669 0x1528  C:\Windows\System32\vss_ps.dll - ok
11:05:08.0681 0x1528  [ 75DFE3CE6A8BFC995CC1D615B74DF8B0, C823B3C7F72C5EE19A2A85617F2E90D1A92365A2D0D3237A20B15E5D37098050 ] C:\Windows\System32\catsrvut.dll
11:05:08.0681 0x1528  C:\Windows\System32\catsrvut.dll - ok
11:05:08.0691 0x1528  [ 5893EBDCE371174AC89ECD7731DD6D77, 31CC55F4724CFD95E48954B38C0A04D674399FD243083A816893ED5E5A770086 ] C:\Windows\SysWOW64\pcwum.dll
11:05:08.0691 0x1528  C:\Windows\SysWOW64\pcwum.dll - ok
11:05:08.0700 0x1528  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] C:\Windows\System32\swprv.dll
11:05:08.0700 0x1528  C:\Windows\System32\swprv.dll - ok
11:05:08.0709 0x1528  [ AA066E1BE74A2C9DA50092E7245BC33C, E8D25DB4F22673A28B456215D105B7F4212FAF2FB6D2DB9864A51241877FDBE7 ] C:\Windows\System32\mfcsubs.dll
11:05:08.0709 0x1528  C:\Windows\System32\mfcsubs.dll - ok
11:05:08.0720 0x1528  [ 0FCD7D2758D6BE850DC25D10FB44CC2A, 67F882BB87AC5E53C2C9D09292216E90AB3A039D5937FA167E3B99A2019B3C65 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\e060dce4f5208d23b113a76c35fcd064\System.IdentityModel.ni.dll
11:05:08.0720 0x1528  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\e060dce4f5208d23b113a76c35fcd064\System.IdentityModel.ni.dll - ok
11:05:08.0730 0x1528  [ 91818AEDADFC5D18951E333A31CE35A7, FFA6F264D0894F9BFE013A33410544F42E7A03FBD13C80E7DACEBB4BD56378F0 ] C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll
11:05:08.0730 0x1528  C:\Windows\Microsoft.NET\assembly\GAC_MSIL\System.IdentityModel\v4.0_4.0.0.0__b77a5c561934e089\System.IdentityModel.dll - ok
11:05:08.0739 0x1528  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
11:05:08.0739 0x1528  C:\Windows\SysWOW64\wevtapi.dll - ok
11:05:08.0749 0x1528  [ 198803E5E93E29967DFB0BCFD0186151, 72C3B0FA35578A71E9988FA31A7AD91A9CF31A6BA6EC00EA1F153E99277807BF ] C:\Windows\System32\spfileq.dll
11:05:08.0749 0x1528  C:\Windows\System32\spfileq.dll - ok
11:05:08.0758 0x1528  [ 0DDF0EABD633212060E31E3A24A10E12, 95EB9027E9EAD90B581D7A148181B0123D0AE75DA7D949D0F444FCE92A73031B ] C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll
11:05:08.0759 0x1528  C:\Program Files (x86)\Java\jre1.8.0_131\bin\ssv.dll - ok
11:05:08.0771 0x1528  [ E527FAC0EC3AA363C09C2E0AD13BC882, 06A745C80B334AF467740FC1F8B5F609EA1C3B83BB1BD9F53B42C94AB6CD2212 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll
11:05:08.0771 0x1528  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WindowsLiveLogin.dll - ok
11:05:08.0789 0x1528  [ 510FB616264FE12BC3B4561AF35CCBC7, 1D410CA508264C971B2E9D2A9EC6E87DC09597EF3A3C383E86A009E5A1DA9CF8 ] C:\Users\Smash\AppData\Local\Temp\{D5BE0966-F253-418A-9601-79E6AA318998}\{E32D1595-5DCD-4FBA-AF2F-5388D3E42D32}.exe
11:05:08.0789 0x1528  C:\Users\Smash\AppData\Local\Temp\{D5BE0966-F253-418A-9601-79E6AA318998}\{E32D1595-5DCD-4FBA-AF2F-5388D3E42D32}.exe - ok
11:05:08.0800 0x1528  [ 462165DF2CC1002ABF0BB556A97CC666, F72DCEB0E7E6A14F835F62D25AA11C304E6D05A254B10D1A7092539BA7E75C88 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll
11:05:08.0800 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\diasymreader.dll - ok
11:05:08.0810 0x1528  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
11:05:08.0810 0x1528  C:\Windows\SysWOW64\sfc.dll - ok
11:05:08.0820 0x1528  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
11:05:08.0820 0x1528  C:\Windows\SysWOW64\sfc_os.dll - ok
11:05:08.0829 0x1528  [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
11:05:08.0829 0x1528  C:\Windows\SysWOW64\devrtl.dll - ok
11:05:08.0838 0x1528  [ 2C647ABE9A424E55B5F3DAE4629B4277, 7B33009D253BAFFF87535C075E75498B6A06F334035DDC0DF51E10A142B4DF9E ] C:\Windows\System32\themeui.dll
11:05:08.0838 0x1528  C:\Windows\System32\themeui.dll - ok
11:05:08.0848 0x1528  [ 14F57FB1F3DA1502E8D3E25AC67C9974, 52315E4FE3D57E5542B392CD7C422D4687849A5F9E78BAECF98FB8A39947DAC0 ] C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll
11:05:08.0848 0x1528  C:\Program Files (x86)\Java\jre1.8.0_131\bin\jp2ssv.dll - ok
11:05:08.0862 0x1528  [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
11:05:08.0862 0x1528  C:\Windows\System32\timedate.cpl - ok
11:05:08.0871 0x1528  [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
11:05:08.0871 0x1528  C:\Windows\System32\shdocvw.dll - ok
11:05:08.0881 0x1528  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
11:05:08.0881 0x1528  C:\Windows\System32\linkinfo.dll - ok
11:05:08.0890 0x1528  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
11:05:08.0890 0x1528  C:\Windows\System32\msftedit.dll - ok
11:05:08.0899 0x1528  [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
11:05:08.0899 0x1528  C:\Windows\System32\msls31.dll - ok
11:05:08.0908 0x1528  [ C777B221B4C2A429B1DDAA54F198FFE1, C8113987970AD91B2663E7A47ADDFF8013B87085F6BB63197C55C4215079CFBF ] C:\Program Files\Apoint\Apoint.exe
11:05:08.0908 0x1528  C:\Program Files\Apoint\Apoint.exe - ok
11:05:08.0917 0x1528  [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
11:05:08.0917 0x1528  C:\Windows\System32\DeviceCenter.dll - ok
11:05:08.0926 0x1528  [ D387A06CD4BF5FCC1B50C3882F41A44E, 34FCB083CD01B1BD89FC467FD3C2CD292DE92F915A5CB43A36EDAED39CE2689A ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
11:05:08.0926 0x1528  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
11:05:08.0935 0x1528  [ D12DB4DE151806E3EF15B3B31DA3B247, 3C2CE4C5A7391F8B9F9592AF4A89F1C0E6DF768316D07AB63039E780A31AA071 ] C:\Windows\System32\Vxdif.dll
11:05:08.0935 0x1528  C:\Windows\System32\Vxdif.dll - ok
11:05:08.0944 0x1528  [ FEC83014EA8FDC5910983FCE9AEB794A, 9C90D03DE50A2520F9DA4E5A6C9B3051F2657F08A7F25CF4C9DE3D16A5BA6ED6 ] C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll
11:05:08.0944 0x1528  C:\Program Files\Java\jre1.8.0_131\bin\ssv.dll - ok
11:05:08.0953 0x1528  [ 340ACAAD76DE94000DCEAC541349A27C, 053D7C1797DEE1D98B62B54688CF747A2E0E440FDF428EDFF91D8295E1886E9A ] C:\Program Files\Apoint\ApMsgFwd.exe
11:05:08.0953 0x1528  C:\Program Files\Apoint\ApMsgFwd.exe - ok
11:05:08.0962 0x1528  [ BDDD20CEB520E59863C62BA74CDBA997, 9869D6091A1740CC6FD147649B83A692A5B41FC7F895FF2C33FBB7C1A0FAD6D3 ] C:\Windows\System32\consent.exe
11:05:08.0962 0x1528  C:\Windows\System32\consent.exe - ok
11:05:08.0971 0x1528  [ 0932D22D72FBFC2391D2647F2206CEC5, 11D7B51E1E7F573223A8C107CBB68DCA036EE0C7DD4545E36B5AD78584AB6770 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:05:08.0971 0x1528  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
11:05:08.0980 0x1528  [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
11:05:08.0980 0x1528  C:\Windows\System32\gameux.dll - ok
11:05:08.0993 0x1528  [ 4439E8B55CF0B2EA122F4FDC780270A2, D147653A140C5E9DE5433C60A31241ADC056F9B684F407E218F7FE21AB8A5772 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
11:05:08.0993 0x1528  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll - ok
11:05:09.0003 0x1528  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
11:05:09.0003 0x1528  C:\Windows\System32\msimg32.dll - ok
11:05:09.0013 0x1528  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
11:05:09.0013 0x1528  C:\Windows\System32\oledlg.dll - ok
11:05:09.0023 0x1528  [ A74F58039D4D538123D7C58D3B0E6228, 27A183B38ED4B060437A4250E127F34CDF288E517CAD6D2C8A3EA541298A5C2A ] C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll
11:05:09.0023 0x1528  C:\Program Files\Java\jre1.8.0_131\bin\jp2ssv.dll - ok
11:05:09.0033 0x1528  [ 4FB2568EB6F53E87718728454FE9BEF6, 48E3031922DEC44DBA02ECA7AC6F3779C2B3CDB5B40F249DA2FA3BA46CEB6E3A ] C:\Program Files\Apoint\Apoint.dll
11:05:09.0033 0x1528  C:\Program Files\Apoint\Apoint.dll - ok
11:05:09.0045 0x1528  [ 67611DEA70471375E1913A4CFC6A6575, A176C6DFCFB69D053FEC446D81AAF67E2BB713C00A5D87BEBE21D3AEE5C7A227 ] C:\Program Files\Apoint\EzAuto.dll
11:05:09.0045 0x1528  C:\Program Files\Apoint\EzAuto.dll - ok
11:05:09.0055 0x1528  [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
11:05:09.0055 0x1528  C:\Windows\System32\networkexplorer.dll - ok
11:05:09.0065 0x1528  [ 594F91C5985AC402ECD2D7F1376AFFFD, 0FFF6B17EB116A7A5D4AEC246D7D5C690F6A19DCF0E0F56BFFC58ED65FDF32BE ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
11:05:09.0065 0x1528  C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
11:05:09.0074 0x1528  [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
11:05:09.0075 0x1528  C:\Windows\System32\ntshrui.dll - ok
11:05:09.0084 0x1528  [ D3E38DCD73E8F6C529F10802654F81B5, 1E5DCDEC809C8F6C7325B5F64966623745D83B18C59686CD9979472F16AC1E3A ] C:\Windows\System32\igfxtray.exe
11:05:09.0084 0x1528  C:\Windows\System32\igfxtray.exe - ok
11:05:09.0094 0x1528  [ FD97807051658AE27799BE3A557D3776, 114E111F1E195BE203BF35B12B2C1442B6708E12D0B68E9577D31A778B116D25 ] C:\Program Files\Apoint\ApntEx.exe
11:05:09.0094 0x1528  C:\Program Files\Apoint\ApntEx.exe - ok
11:05:09.0103 0x1528  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
11:05:09.0103 0x1528  C:\Windows\System32\msiltcfg.dll - ok
11:05:09.0114 0x1528  [ 439B0973C025FF5663A07D76FAB85EE2, 7A358CC2F2527CB19AB4DBC59AD3A810F3650AF646CD34822E408CA8237D857F ] C:\Windows\System32\msi.dll
11:05:09.0642 0x1528  C:\Windows\System32\msi.dll - ok
11:05:09.0648 0x1528  [ 8462BAA243547AE8E925F8F51C15419D, 200F29106EB42496AFB481E691EACBB75EE8149952F31035ADCF6C98783F1506 ] C:\Program Files\Apoint\Apvfb.exe
11:05:09.0648 0x1528  C:\Program Files\Apoint\Apvfb.exe - ok
11:05:09.0657 0x1528  [ C2A0898E662DE91DEA4037686DFD4EEA, 02292E97344053F855E6EAEAE2B8E2E1D09D0191A925F77C113C0FCC4B7B0945 ] C:\Windows\System32\hccutils.dll
11:05:09.0657 0x1528  C:\Windows\System32\hccutils.dll - ok
11:05:09.0667 0x1528  [ 0B953E0228F4F390B11BD4FB02433D5D, DCDA5ABF7843CC1AFA9E91B6771DF28002DF86085CF5E18A4E3DE4F402432A2C ] C:\Program Files\Apoint\ApRes.dll
11:05:09.0667 0x1528  C:\Program Files\Apoint\ApRes.dll - ok
11:05:09.0676 0x1528  [ EF841D467E5DE7D096A507C345C259BC, 8571925382B59CA598A4063621A3BB59FBCE75DF705FAA4547F12827545AA0EA ] C:\Windows\System32\igfxpers.exe
11:05:09.0676 0x1528  C:\Windows\System32\igfxpers.exe - ok
11:05:09.0686 0x1528  [ 443352B4F9C5948C80FF531A72DC3DAB, 3AFCF664B359711FF7E332A8C74B8CE71E87525068981BBADE4825FF67505570 ] C:\Program Files\Apoint\EzLaunch.dll
11:05:09.0686 0x1528  C:\Program Files\Apoint\EzLaunch.dll - ok
11:05:09.0696 0x1528  [ 105CFE016CCB20175BEACEC146F175AB, BA21F40CDBF159EE4EACCBFB2A7D20EB9E1C2758883AF089A8E53EE478002E83 ] C:\Windows\System32\IccLibDll_x64.dll
11:05:09.0696 0x1528  C:\Windows\System32\IccLibDll_x64.dll - ok
11:05:09.0706 0x1528  [ AFBE6BD990862888882E6E30BBD9AF3F, 42D738BFEAA82718A8B5B42109D9B1C20FDB73B3EE98F514D948B59A62362C6F ] C:\Program Files (x86)\LibreOffice 5\program\shlxthdl\shlxthdl_x64.dll
11:05:09.0706 0x1528  C:\Program Files (x86)\LibreOffice 5\program\shlxthdl\shlxthdl_x64.dll - ok
11:05:09.0717 0x1528  [ 333B21363F104AB3639099E5DC4B04A4, E75E806FA3CCA6A82DE6915DD0D64037C54F4C76AC4C0778A8A757CF3AF44051 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
11:05:09.0717 0x1528  C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe - ok
11:05:09.0728 0x1528  [ 7C3FF57FFF40B3B84C3FF97C12F3A0F5, 46899AFAD17B2B2CBB03E69D619622E327C194FF603189C927CB4372DD511FCE ] C:\Program Files (x86)\LibreOffice 5\program\shlxthdl\msvcp120.dll
11:05:09.0728 0x1528  C:\Program Files (x86)\LibreOffice 5\program\shlxthdl\msvcp120.dll - ok
11:05:09.0738 0x1528  [ 433FD20D477FCA6CDD60F63200E88CDB, 67AF51F39ABA39337F57BC89D734121FF2A30422E3361CF5C65D53AF9918F0AA ] C:\Program Files (x86)\LibreOffice 5\program\shlxthdl\msvcr120.dll
11:05:09.0738 0x1528  C:\Program Files (x86)\LibreOffice 5\program\shlxthdl\msvcr120.dll - ok
11:05:09.0748 0x1528  [ EF4248D28C2940AE6D46470AC2479A4F, 7C0DBCED93823E918A3DB9785E68A24743DECB03D378F1AEDCB0BF9705B4AC9A ] C:\Windows\System32\msisip.dll
11:05:09.0748 0x1528  C:\Windows\System32\msisip.dll - ok
11:05:09.0757 0x1528  [ 6E74D0AE00231D87CD213CD7BDC27E37, 29BD01036687B16670DECB1720592B7F2EA75C359784D4F89663D7B8523DF9C2 ] C:\Windows\System32\wshext.dll
11:05:09.0757 0x1528  C:\Windows\System32\wshext.dll - ok
11:05:09.0767 0x1528  [ 1908FFADF1D45F0EEB0FFA541B677AEB, 61ACB031987C0B5E3295DC1331AD93F32E7127F5D5DD4F28F649CD3765208014 ] C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll
11:05:09.0767 0x1528  C:\Windows\System32\WindowsPowerShell\v1.0\pwrshsip.dll - ok
11:05:09.0778 0x1528  [ 0F3E78851052EBC10E2D368A35F92D7A, 3DA2A3D20483A676BF3A38F7989F1792E20F269694BF0E0E3680BB8470CA9E25 ] C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll
11:05:09.0778 0x1528  C:\Program Files\Microsoft Silverlight\xapauthenticodesip.dll - ok
11:05:09.0791 0x1528  [ C15CE54E69E634DE86A7D44B5C3FED4B, 457512BA215E1B6D6659CABA6368C5E95C1AA853978471A6366F116A999E1C34 ] C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe
11:05:09.0791 0x1528  C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe - ok
11:05:09.0805 0x1528  [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
11:05:09.0806 0x1528  C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe - ok
11:05:09.0818 0x1528  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
11:05:09.0818 0x1528  C:\Windows\SysWOW64\oledlg.dll - ok
11:05:09.0828 0x1528  [ 26765B5C617F2BC199C29FA5643F6177, A871D14CB830D7B13D9C3A451E1448D66D28CEECB08DDD6E7075B58A1AB1779C ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
11:05:09.0828 0x1528  C:\Program Files (x86)\Avira\Antivirus\avgnt.exe - ok
11:05:09.0837 0x1528  [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
11:05:09.0838 0x1528  C:\Windows\System32\stobject.dll - ok
11:05:09.0849 0x1528  [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
11:05:09.0849 0x1528  C:\Windows\System32\batmeter.dll - ok
11:05:09.0859 0x1528  [ C02F50BBC064689FE3FCD89348C884EB, 9E262C3CACE20363A37CAD6E438FA2747A056B3CABBCA231C89FF56610544BC6 ] C:\Windows\SysWOW64\netfxperf.dll
11:05:09.0859 0x1528  C:\Windows\SysWOW64\netfxperf.dll - ok
11:05:09.0871 0x1528  [ 3868CE5A8147981AD3A67A82E34DEB2F, 1BC958AFC7B30262BC85E9A31BC2E4C48067674BC04C7ACFFF8CE0B444D47E76 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
11:05:09.0871 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok
11:05:09.0879 0x1528  [ C8C5D6F1B47CB63DAC39FD3D35B888E1, 0C735CAC8ECF65FB4D8FEE80696FD6180F6D119848EB261C3891D6E49E5F77BA ] C:\Windows\SysWOW64\pdh.dll
11:05:09.0879 0x1528  C:\Windows\SysWOW64\pdh.dll - ok
11:05:09.0891 0x1528  [ 2A214CACDC308A56CF6A12A374E81F12, D5577C1C5204D8BBB8821859EC3F4015E057A8F0A79F20278A2BA1AA11CE2480 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
11:05:09.0891 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
11:05:09.0903 0x1528  [ D5EB6E4154952E64C215B5D8BCE06432, 7F0B94ED4AA314274EDFEFAA384DA54BAC8A78B832808F3EF03308F78404FFE0 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
11:05:09.0903 0x1528  C:\Program Files (x86)\Dropbox\Client\Dropbox.exe - ok
11:05:09.0916 0x1528  [ E027A6E99EF709AFD195FD6329224C47, B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C43E7373A3E6874 ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{69438BB4-53E6-42D9-B2FE-E58A74855BC8}.tmp
11:05:09.0916 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{69438BB4-53E6-42D9-B2FE-E58A74855BC8}.tmp - ok
11:05:09.0929 0x1528  [ F7F0127C5C539CC4CD239FD6FD107490, 559256FFCF99FAB634A96ADC88292DFB462093A704B149D1ABFBE399D0521199 ] C:\Windows\SysWOW64\aspnet_counters.dll
11:05:09.0929 0x1528  C:\Windows\SysWOW64\aspnet_counters.dll - ok
11:05:09.0940 0x1528  [ 4817923FEE64551B884696A647E49588, 22FDFCC4A171EC9F722E3B2EDEB048CA31614594930D487D6A081819FD38373D ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
11:05:09.0940 0x1528  C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll - ok
11:05:09.0953 0x1528  [ 0552A8684BF7566F744D5B19FF6AEC6B, D1EB44C75A0AE0C9ABFE3B1B7AD648DF77B56B4358E522DFF732911906B20B49 ] C:\Windows\SysWOW64\bitsperf.dll
11:05:09.0953 0x1528  C:\Windows\SysWOW64\bitsperf.dll - ok
11:05:09.0966 0x1528  [ 8C9179609935F84202028849112D355A, FBDD3BB4BF8F6854AA4E7E6AD4F86EA3E62363C86D87D2DE884DC343A58C7D07 ] C:\Windows\SysWOW64\esentprf.dll
11:05:09.0966 0x1528  C:\Windows\SysWOW64\esentprf.dll - ok
11:05:09.0978 0x1528  [ E991956ACE9E57BFB9F8BB077D11B34E, FF7D5652E9A20D5B757B2DE83B1B4E9439D40B12B2456FDB786C3C040A765847 ] C:\Windows\SysWOW64\msdtcuiu.dll
11:05:09.0978 0x1528  C:\Windows\SysWOW64\msdtcuiu.dll - ok
11:05:09.0990 0x1528  [ 19B8C44BC54C7859E57E0EC1312D5B92, F1117313A292B3D05712585328D007156474BE491E19A7215A7E85645885AF96 ] C:\Windows\SysWOW64\msdtcprx.dll
11:05:09.0990 0x1528  C:\Windows\SysWOW64\msdtcprx.dll - ok
11:05:10.0002 0x1528  [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\SysWOW64\actxprxy.dll
11:05:10.0002 0x1528  C:\Windows\SysWOW64\actxprxy.dll - ok
11:05:10.0016 0x1528  [ AB67816718E5C65CC326BE56AC0B9E73, D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE530574B16ADB2D5 ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{977E1903-95F9-4C8E-8B79-0E635DC88EF2}.tmp
11:05:10.0016 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{977E1903-95F9-4C8E-8B79-0E635DC88EF2}.tmp - ok
11:05:10.0029 0x1528  [ 8483DD8F87DBE86AAB55BBF95C207061, D18080095DACEBA219D5839C04AB7FBF960BE2D41AFF164A153130EB849EF1C1 ] C:\Windows\SysWOW64\mtxclu.dll
11:05:10.0029 0x1528  C:\Windows\SysWOW64\mtxclu.dll - ok
11:05:10.0040 0x1528  [ 99851AEF40CCC89527358327FA3AC645, 89861E803E5281D4BA890CE1FF997F5BF2B7E2B61E37D56AF8B0CD89408D4616 ] C:\Program Files\SUPERAntiSpyware\SSUpdate64.exe
11:05:10.0040 0x1528  C:\Program Files\SUPERAntiSpyware\SSUpdate64.exe - ok
11:05:10.0053 0x1528  [ 034CCADC1C073E4216E9466B720F9849, 86E39B5995AF0E042FCDAA85FE2AEFD7C9DDC7AD65E6327BD5E7058BC3AB615F ] C:\Program Files (x86)\Dropbox\Client\msvcr120.dll
11:05:10.0053 0x1528  C:\Program Files (x86)\Dropbox\Client\msvcr120.dll - ok
11:05:10.0065 0x1528  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
11:05:10.0065 0x1528  C:\Windows\System32\prnfldr.dll - ok
11:05:10.0078 0x1528  [ AE9898D5600A232CD8AE3298692162E5, 8B94BA9C404B8A21CE023335960E77C73245FB30015161EEFF48573DDB7E6922 ] C:\Windows\SysWOW64\clusapi.dll
11:05:10.0078 0x1528  C:\Windows\SysWOW64\clusapi.dll - ok
11:05:10.0089 0x1528  [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
11:05:10.0089 0x1528  C:\Windows\SysWOW64\cryptdll.dll - ok
11:05:10.0098 0x1528  [ 2AF094C822BD6094F14A8E85FB51D52A, F70A4FEC66E64245237D9D1A4C2C87168A26F224FCE648A3D7065E95259887D2 ] C:\Windows\SysWOW64\resutils.dll
11:05:10.0098 0x1528  C:\Windows\SysWOW64\resutils.dll - ok
11:05:10.0112 0x1528  [ FD5CABBE52272BD76007B68186EBAF00, 87C42CA155473E4E71857D03497C8CBC28FA8FF7F2C8D72E8A1F39B71078F608 ] C:\Program Files (x86)\Dropbox\Client\msvcp120.dll
11:05:10.0112 0x1528  C:\Program Files (x86)\Dropbox\Client\msvcp120.dll - ok
11:05:10.0124 0x1528  [ 321FF1DF7F4CEF3FA690419110BEE55A, 41243293C9876D8B94F83B28C98F1797CD217140153DDEE631C2EEB8E102C6A0 ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{DAA01B77-D5EF-4FF5-B84D-BD2AF0D69503}.tmp
11:05:10.0124 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{DAA01B77-D5EF-4FF5-B84D-BD2AF0D69503}.tmp - ok
11:05:10.0131 0x1528  [ 38B13C0DF479DBA23ECFA815159BA86E, C289C65AF3FB689AD6B770AB0E815860D9EA36FB2A8DE9F1818C63AD0FE47CBD ] C:\Windows\SysWOW64\ktmw32.dll
11:05:10.0131 0x1528  C:\Windows\SysWOW64\ktmw32.dll - ok
11:05:10.0144 0x1528  [ 88AF9EF76D4DA6010D2A2C1166E5DB66, A89E8C113876415E7A5C55B9310DEACEF6D19D836772768C57479C2D1705F48B ] C:\Windows\SysWOW64\msscntrs.dll
11:05:10.0144 0x1528  C:\Windows\SysWOW64\msscntrs.dll - ok
11:05:10.0155 0x1528  [ B92E9318F7E4AEF633B8EC3A873565AF, DA378AE1283B941B4251B7DD37FB21F37F7282750D94900D96EE413ADD316883 ] C:\Windows\SysWOW64\perfdisk.dll
11:05:10.0155 0x1528  C:\Windows\SysWOW64\perfdisk.dll - ok
11:05:10.0165 0x1528  [ 84BD7908A54ECB454AA8381E3D0B517D, 8535A9633E86AA4427FE219383B44E89343B4B90173D843A89DDD535CFCCFDF1 ] C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll
11:05:10.0165 0x1528  C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll - ok
11:05:10.0174 0x1528  [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
11:05:10.0175 0x1528  C:\Windows\System32\DXP.dll - ok
11:05:10.0184 0x1528  [ 771607646227D7EA45C45118DB631EF1, EDD0951E1F7EB6077AF90202A81D3800FE24C05C6D191091B42597B491B8F608 ] C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll
11:05:10.0184 0x1528  C:\Program Files (x86)\Dropbox\Client\dropbox_crashpad.dll - ok
11:05:10.0194 0x1528  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
11:05:10.0194 0x1528  C:\Windows\System32\Syncreg.dll - ok
11:05:10.0204 0x1528  [ AA034968F2EE73616912EC81FA8D39BA, 13720DAB3968CFD3C69F3A2BC1A589A5CE864F55D4704B443D67FF6D483CE502 ] C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll
11:05:10.0204 0x1528  C:\Windows\SysWOW64\api-ms-win-core-synch-l1-2-0.dll - ok
11:05:10.0213 0x1528  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
11:05:10.0213 0x1528  C:\Windows\System32\AltTab.dll - ok
11:05:10.0223 0x1528  [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
11:05:10.0223 0x1528  C:\Windows\System32\WPDShServiceObj.dll - ok
11:05:10.0233 0x1528  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
11:05:10.0233 0x1528  C:\Windows\System32\PortableDeviceTypes.dll - ok
11:05:10.0242 0x1528  [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
11:05:10.0242 0x1528  C:\Windows\System32\QUTIL.DLL - ok
11:05:10.0254 0x1528  [ DC6DB08D85337C9675F94B01043279AE, B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A10AEA9B9E52032B ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{2E9EEA09-481D-42B1-B0EA-AC937783E33F}.tmp
11:05:10.0255 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{2E9EEA09-481D-42B1-B0EA-AC937783E33F}.tmp - ok
11:05:10.0265 0x1528  [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
11:05:10.0265 0x1528  C:\Windows\System32\srchadmin.dll - ok
11:05:10.0277 0x1528  [ 335ADE6974C32A057B2EFD9FD66870DA, A1385B564EAA814416546406FBEA83817837F3DCC4B744363A6A9E4DBDA137E9 ] C:\Windows\System32\SearchIndexer.exe
11:05:10.0278 0x1528  C:\Windows\System32\SearchIndexer.exe - ok
11:05:10.0288 0x1528  [ 1ACC2484F3F111D577ABE4FFB1CAF2A5, 7B93481DD6BE2021C7C7B939FB90C430CB70E1BE4A14E24A8D4D34EEA5AE5F15 ] C:\Windows\SysWOW64\perfnet.dll
11:05:10.0289 0x1528  C:\Windows\SysWOW64\perfnet.dll - ok
11:05:10.0300 0x1528  [ D223E8DA11DEAEBEA3866F50F7A0798F, 783080E4ECC4E9194B8340B963B2BC4FC327019B748CCBB947BEECEB4C18B47E ] C:\Program Files\Internet Explorer\sqmapi.dll
11:05:10.0300 0x1528  C:\Program Files\Internet Explorer\sqmapi.dll - ok
11:05:10.0310 0x1528  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF, D18758C5A33B4C596EA6E87A16B53D7CF68EA9586C7F11C9518577BC8D7CBC9B ] C:\Windows\SysWOW64\perfos.dll
11:05:10.0310 0x1528  C:\Windows\SysWOW64\perfos.dll - ok
11:05:10.0321 0x1528  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
11:05:10.0321 0x1528  C:\Windows\System32\rasdlg.dll - ok
11:05:10.0332 0x1528  [ 13805BC102EC60EE184B4EEAA79E0941, 62D167B905F7E412972AFB0DE825260C9967DDB4F496908E0B39EACF7B716BA3 ] C:\Program Files (x86)\Dropbox\Client\python27.dll
11:05:10.0332 0x1528  C:\Program Files (x86)\Dropbox\Client\python27.dll - ok
11:05:10.0343 0x1528  [ 752F8E96BAB993517838315508FB82CB, E2D40BC51CAA147EBCEB9898D3D75540CEF83376E088942D289CD58FFAE654DE ] C:\Windows\SysWOW64\perfproc.dll
11:05:10.0343 0x1528  C:\Windows\SysWOW64\perfproc.dll - ok
11:05:10.0354 0x1528  [ C74D46C1F542F5FEB9B7E1A8EC04986D, FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9AE1343DA47A63D ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{DF635811-A9EA-41F1-9F83-4957C855DF01}.tmp
11:05:10.0354 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{DF635811-A9EA-41F1-9F83-4957C855DF01}.tmp - ok
11:05:10.0363 0x1528  [ 6E608664EBEEAB5A03BA32324016695B, 1137E97697E85D866622AA1F6AA2F08F9DFECABED9652A997F44E65B2F5D72EF ] C:\Windows\SysWOW64\rasctrs.dll
11:05:10.0364 0x1528  C:\Windows\SysWOW64\rasctrs.dll - ok
11:05:10.0374 0x1528  [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
11:05:10.0375 0x1528  C:\Windows\System32\ActionCenter.dll - ok
11:05:10.0384 0x1528  [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
11:05:10.0384 0x1528  C:\Windows\System32\dot3api.dll - ok
11:05:10.0390 0x1528  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
11:05:10.0390 0x1528  C:\Windows\System32\wlanhlp.dll - ok
11:05:10.0400 0x1528  [ 5BBD1F824741AA1FDA9A9DFD3A9D5416, C9F3EAA48AF158A3377ADD36EA8C0C115A562BCF323D3D4AF41BD7C62285B39B ] C:\Windows\SysWOW64\tapiperf.dll
11:05:10.0400 0x1528  C:\Windows\SysWOW64\tapiperf.dll - ok
11:05:10.0409 0x1528  [ BA32509D9B340162327B341013DE6522, 478A96ED44326BFAA3CFA9C721A6B00D4C52965909E166D7208F714890BF6CF3 ] C:\Windows\SysWOW64\tapi32.dll
11:05:10.0409 0x1528  C:\Windows\SysWOW64\tapi32.dll - ok
11:05:10.0418 0x1528  [ EDD2AD141DEBD425D74A52A4D7BE6AC4, DB32FA1033D9F1231E8A51CA345AD9EB47D08626127EBBEDCEF13D40DAA64FFD ] C:\Windows\SysWOW64\perfctrs.dll
11:05:10.0418 0x1528  C:\Windows\SysWOW64\perfctrs.dll - ok
11:05:10.0427 0x1528  [ FB1BA42D1A1440E99C6B8667E141CFB1, 9ABE7692169AF82150F9B33FB197363DFC37A5DA280E2C53722F9FF4AC68EA95 ] C:\Windows\SysWOW64\perfts.dll
11:05:10.0427 0x1528  C:\Windows\SysWOW64\perfts.dll - ok
11:05:10.0436 0x1528  [ D25958B2A71EF488959272878EF934BE, 3DD6204CDBB2AA9A1C61907E37F37ABDA06091C62E53DEFCFB2DF6791B9EFEF2 ] C:\Windows\SysWOW64\utildll.dll
11:05:10.0436 0x1528  C:\Windows\SysWOW64\utildll.dll - ok
11:05:10.0446 0x1528  [ 517ECD823EB9A03368294C6C33A695D0, 7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06C9E71BBA0CD40C ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{7B3AD05D-CD1B-48AD-AC1B-5F3E8E613B4F}.tmp
11:05:10.0446 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{7B3AD05D-CD1B-48AD-AC1B-5F3E8E613B4F}.tmp - ok
11:05:10.0455 0x1528  [ 109007869CB95CBD9B92FDF35B96D7B5, 397228F01E7808C3883248D89D9A6E462857971F2FF2A456143EB30001F6BCE3 ] C:\Windows\SysWOW64\usbperf.dll
11:05:10.0456 0x1528  C:\Windows\SysWOW64\usbperf.dll - ok
11:05:10.0465 0x1528  [ 91429E9A7458899034952047B2B58842, CF2C5DDC0CD86C68F77565B2B25C4D932244190E7F434B76C2F35B96EC88D423 ] C:\Windows\SysWOW64\wbem\WmiApRpl.dll
11:05:10.0465 0x1528  C:\Windows\SysWOW64\wbem\WmiApRpl.dll - ok
11:05:10.0475 0x1528  [ 529879612A7FAE235914E3AA6A9A669C, 715843BDDCB7BFB9C6A968F6DC7BBDE0844883FD57CB72608E2D7352F385C7A8 ] C:\Windows\SysWOW64\loadperf.dll
11:05:10.0475 0x1528  C:\Windows\SysWOW64\loadperf.dll - ok
11:05:10.0486 0x1528  [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
11:05:10.0486 0x1528  C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
11:05:10.0501 0x1528  [ 3428F170E1953B4C4EA10A5F58B55908, B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A7F6AC02E54B306 ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{FB4417E7-695D-436B-87D1-53C5D00A5FF2}.tmp
11:05:10.0501 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{FB4417E7-695D-436B-87D1-53C5D00A5FF2}.tmp - ok
11:05:10.0515 0x1528  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
11:05:10.0516 0x1528  C:\Windows\System32\WWanAPI.dll - ok
11:05:10.0529 0x1528  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
11:05:10.0529 0x1528  C:\Windows\System32\wwapi.dll - ok
11:05:10.0540 0x1528  [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
11:05:10.0540 0x1528  C:\Windows\System32\QAGENT.DLL - ok
11:05:10.0553 0x1528  [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
11:05:10.0553 0x1528  C:\Windows\System32\mstask.dll - ok
11:05:10.0567 0x1528  [ 96D681B7DE0BA6BFA1DC55915003CD05, 26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD271A757833285939 ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{C0A72FCC-D53F-4ED7-B557-959B4361FD40}.tmp
11:05:10.0568 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{C0A72FCC-D53F-4ED7-B557-959B4361FD40}.tmp - ok
11:05:10.0581 0x1528  [ FB355B817AE641BBAE08607E58CB5CE2, 983BEF9F3FAF520632DF9150299FC378F76721746DF2D066DF5CAE391E685AA0 ] C:\Windows\System32\hhctrl.ocx
11:05:10.0581 0x1528  C:\Windows\System32\hhctrl.ocx - ok
11:05:10.0594 0x1528  [ 29B73F389AE0B9C7581EB71ED1ACFA22, 2F2BAB6A673439638FBB25CAA1A57F7EC62C023066574892BC83405669DE9044 ] C:\Windows\System32\hkcmd.exe
11:05:10.0594 0x1528  C:\Windows\System32\hkcmd.exe - ok
11:05:10.0607 0x1528  [ C973B2FC3E6B97C54CF633A4517C076A, 1350B2863A720309C0F653E97EF2129A8956294D8360BBA566EF3D92173E7F63 ] C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe
11:05:10.0607 0x1528  C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe - ok
11:05:10.0622 0x1528  [ 85D8D497E3CFCD66607DAD332378DE8B, FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A9129881E148769C7F ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{E09F5E59-145A-4A80-BD9E-E7B97CDABA5A}.tmp
11:05:10.0622 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{E09F5E59-145A-4A80-BD9E-E7B97CDABA5A}.tmp - ok
11:05:10.0636 0x1528  [ 4A73AB8412D3AA6CFAD24051FF9DBFA7, 7C1F6BDECE92F2A58E88FC603F1BEE9B0F72130136AE9A368892323A9A327FD1 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe
11:05:10.0636 0x1528  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorIcon.exe - ok
11:05:10.0646 0x1528  [ 4A0278D3317382C5DA098D174C2DA9D0, 9B4A5B8BB52542A732262661979527B1A7337F81446C3DB7BF9ACA1257EC2D64 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
11:05:10.0646 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
11:05:10.0660 0x1528  [ CD0DAF878147B723108C428370FF0355, A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413EAA4DC1FAB76303 ] C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{92B13725-74FF-4567-98E4-48366824A40A}.tmp
11:05:10.0660 0x1528  C:\Users\Smash\AppData\Local\Temp\{1E852472-9F2B-44D1-87B7-48ABB466C931}\{92B13725-74FF-4567-98E4-48366824A40A}.tmp - ok
11:05:10.0673 0x1528  [ 395C10A36E8D002CE13EDA72743AFD7F, B168C40AEEED1EA5C4354912C049B7B837200501F187D37B421AF958E16F9120 ] C:\Windows\System32\tquery.dll
11:05:10.0673 0x1528  C:\Windows\System32\tquery.dll - ok
11:05:10.0686 0x1528  [ 655BE6764315B8D5E519C7FF0DDCF1E1, 5E5A20648B08308AD79E691C94BDE423696BD658249C9BEEC16EFAD74CBF3FAF ] C:\Windows\System32\mssrch.dll
11:05:10.0686 0x1528  C:\Windows\System32\mssrch.dll - ok
11:05:10.0697 0x1528  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
11:05:10.0697 0x1528  C:\Windows\System32\FXSST.dll - ok
11:05:10.0709 0x1528  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
11:05:10.0709 0x1528  C:\Windows\System32\msidle.dll - ok
11:05:10.0723 0x1528  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] C:\Windows\System32\wbem\WmiApSrv.exe
11:05:10.0723 0x1528  C:\Windows\System32\wbem\WmiApSrv.exe - ok
11:05:10.0736 0x1528  [ 9FE3ED67345F0FF829A4A53B90E09672, F70CD131DCF101B26CD55A57876DB3765B3E15C9D3A8B508FF041C91226EC504 ] C:\Windows\System32\loadperf.dll
11:05:10.0736 0x1528  C:\Windows\System32\loadperf.dll - ok
11:05:10.0750 0x1528  [ B95A9C57E2262061DF848828709B3CB8, 35448689E533D188D4D5FCA251329D9C05AE3DB66F0C6E1BD02DD4F8C71FD967 ] C:\Windows\System32\mssprxy.dll
11:05:10.0750 0x1528  C:\Windows\System32\mssprxy.dll - ok
11:05:10.0762 0x1528  [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
11:05:10.0762 0x1528  C:\Windows\System32\FXSAPI.dll - ok
11:05:10.0776 0x1528  [ 2640B083BB33CC6095CB0E6E2F8ACC98, 550CEAE946515CF892DBBEE249D72D22BF44A11AF3DB16B578196FDCA8170B1E ] C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL
11:05:10.0776 0x1528  C:\Program Files\SUPERAntiSpyware\SASCTXMN64.DLL - ok
11:05:10.0790 0x1528  [ E906DCE65E00ECB8DF5FBE468594169C, D7E083E2676FD192F22EAE736187B0E580B7D468503F432A8E986E390980B7F7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1891023534ddd04062884640c0f5b11e\mscorlib.ni.dll
11:05:10.0790 0x1528  C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\1891023534ddd04062884640c0f5b11e\mscorlib.ni.dll - ok
11:05:10.0804 0x1528  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
11:05:10.0804 0x1528  C:\Windows\System32\en-US\tquery.dll.mui - ok
11:05:10.0818 0x1528  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
11:05:10.0818 0x1528  C:\Windows\System32\FXSRESM.dll - ok
11:05:10.0830 0x1528  [ 75EB35FBAB92EC0A08372B4595DA7833, BC4139A5A0E4533FDC1E273876DD1F2136A9B1B255EC3572D38D7832A026F044 ] C:\Windows\SysWOW64\tquery.dll
11:05:10.0830 0x1528  C:\Windows\SysWOW64\tquery.dll - ok
11:05:10.0844 0x1528  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
11:05:10.0844 0x1528  C:\Windows\System32\FXSSVC.exe - ok
11:05:10.0855 0x1528  [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
11:05:10.0855 0x1528  C:\Windows\SysWOW64\riched20.dll - ok
11:05:10.0865 0x1528  [ 5CD9B178321F00EC8A26570DC2749259, 27DED78723205B026642BFCA0094E4B0DE4D3E114953191915F7373F280C9D57 ] C:\Windows\SysWOW64\ExplorerFrame.dll
11:05:10.0865 0x1528  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
11:05:10.0878 0x1528  [ BE25400C4E879AFC04CF73310C1D90C8, E544AA4E522841CE396A395E949A889694143D9D7CDFFBCDDE33716BB71C94DA ] C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd
11:05:10.0878 0x1528  C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd - ok
11:05:10.0889 0x1528  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
11:05:10.0889 0x1528  C:\Windows\SysWOW64\duser.dll - ok
11:05:10.0895 0x1528  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
11:05:10.0895 0x1528  C:\Windows\SysWOW64\dui70.dll - ok
11:05:10.0908 0x1528  [ 09A116FB06C5E362EF8938D29CDAB27B, 887B39388C39FF262FBBE3047FA1F5F47EB649AF3D760865AFE614DE64160D33 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
11:05:10.0908 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
11:05:10.0915 0x1528  [ 580F0361EA7A878E62D7E4E2DD0ABBE0, 8D74B1F99FE3667F9D5B7EB290C27F94393DBD32C6AE92413CCA34396D69469C ] C:\Program Files (x86)\Dropbox\Client\select.pyd
11:05:10.0915 0x1528  C:\Program Files (x86)\Dropbox\Client\select.pyd - ok
11:05:10.0925 0x1528  [ F6A4C495CF98D918AE290D1E87A8B97A, 253E7D92D43C788CE7D2A6F473AC45DF0562E590E65180F09A1E7028B15FD0B3 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll
11:05:10.0925 0x1528  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorUtil.dll - ok
11:05:10.0936 0x1528  [ F782627589E39C269B935ECE2C3168B4, DEF59CD951910C791D14AAF9CBDBAC0066A5B427B68B2DF9C78887347483AC83 ] C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd
11:05:10.0936 0x1528  C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd - ok
11:05:10.0946 0x1528  [ 654A930D43A7B21D431F32456EA5806B, FF866208F50D7F27DD6C09DB1449D9F9D42AB85366B15AA94C1C80748037970D ] C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd
11:05:10.0946 0x1528  C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd - ok
11:05:10.0957 0x1528  [ 05E1EC0474C4BA9B6E5D75DDA98EEB33, 7DBFD9115AA3E6D3D432EAA413C1DEFE3744AAC8A8E1ACADF49A8C6DC4102E2A ] C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd
11:05:10.0957 0x1528  C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd - ok
11:05:10.0967 0x1528  [ C366201539354FD5B0FF3AFD48B8F850, 64FF89AA2087C1B30BDFAAD00FD54CC61CFB18F079033D149135A4BE6D5F940F ] C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd
11:05:10.0967 0x1528  C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd - ok
11:05:10.0977 0x1528  [ 06542B428FC9BAA7D6CF5B802A05D340, 4FAC54FD2E594D81249FB94595DF99A6E1E12B908320A35996E463200A1708AF ] C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd
11:05:10.0977 0x1528  C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd - ok
11:05:10.0988 0x1528  [ 8ABF1AD0366527C7D66203FF337A73F2, A50968977817F7D1A641BC990E68F22C6DED859573F9BE79ACB6154309D8FB08 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\700c62887c59347e6727435224bdeb5e\System.ni.dll
11:05:10.0988 0x1528  C:\Windows\assembly\NativeImages_v2.0.50727_32\System\700c62887c59347e6727435224bdeb5e\System.ni.dll - ok
11:05:10.0998 0x1528  [ 804B816DC517EE2A6A75AB418931FDD5, 637ADD5FA817ECAA66BB5716372BEC98C5AF6C8A2A180992504BB5D53ED826CA ] C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd
11:05:10.0998 0x1528  C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd - ok
11:05:11.0010 0x1528  [ 913F7CC72E41A1B269B0F6C8905EFFB2, 7C5EFFE3245C390EFC21BD63A3F0ACBFB7A0F6A8137A386BC4B395743A5DDEA3 ] C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd
11:05:11.0010 0x1528  C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd - ok
11:05:11.0020 0x1528  [ 2D66BBA0EA822A540B69327722C6A914, F0692E92C4E3111577B2D8809C6B05EAFE8A2A3BDE3A6C93A70928E92279D1CD ] C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd
11:05:11.0020 0x1528  C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd - ok
11:05:11.0030 0x1528  [ DDA1FE4F03B0E92AEDC04975BAE48FA1, 228662EB4D870C4C814B81C46386724FDC58DDC83F2D27838992A535D0A71637 ] C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd
11:05:11.0030 0x1528  C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd - ok
11:05:11.0040 0x1528  [ 7B1CBA3D79A645A83A34459780427FE0, AA4F221EB77A84AC52AC142190D1BA362CD2954088A2B157BA9B22AA48C6D12B ] C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll
11:05:11.0040 0x1528  C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll - ok
11:05:11.0050 0x1528  [ DC79066DE4B47577F8B10E9EF8C6D349, FFF5F7BFE5CE3D1EBCFFD642A9333199E7AEE35480B44A38EA19BE4CCA591D8F ] C:\Program Files (x86)\Dropbox\Client\win32api.pyd
11:05:11.0050 0x1528  C:\Program Files (x86)\Dropbox\Client\win32api.pyd - ok
11:05:11.0062 0x1528  [ DDA2F96E8B0C34162AAB59D5F32ACBFF, BF26694EB28F5C2F84A8FC99F57258F02FB4EA8B41DBF37D75DFBE25C938C7BA ] C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd
11:05:11.0062 0x1528  C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd - ok
11:05:11.0073 0x1528  [ C8DFF35C41A4CE8B16E05E990234C112, 7EECE8934E96FFA3EAB5731BEBFEBEDD95DC6BCD0F633E76AB6F04C6D4BADF19 ] C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd
11:05:11.0073 0x1528  C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd - ok
11:05:11.0083 0x1528  [ F624C9DBF6A047CF8A9F15AFC29DCA9C, F5CF44ECEA1B3939085B72C29A3DBE5CA59EFFC54E815A3B07F3A854FE9982C6 ] C:\Program Files (x86)\Dropbox\Client\fastpath.pyd
11:05:11.0083 0x1528  C:\Program Files (x86)\Dropbox\Client\fastpath.pyd - ok
11:05:11.0093 0x1528  [ CE058AD307B80A5C0F2789E4EF43EEA3, 35A3FB5D85B8144758BA85A63D094CC134A34C969216ECE78C4C0A8100B517A0 ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll
11:05:11.0094 0x1528  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorCommon.dll - ok
11:05:11.0104 0x1528  [ 0694412C56EFC5060399C4F4F86635A1, 46FCF774BB2EA000E07524F633EFE8332680CF15E0D359DD4A1F3BECD43FD55A ] C:\Program Files (x86)\Dropbox\Client\win32event.pyd
11:05:11.0104 0x1528  C:\Program Files (x86)\Dropbox\Client\win32event.pyd - ok
11:05:11.0115 0x1528  [ C6F6B2C70E769B360AA2E6A5396C0301, 0A2E3F7FE858FD1FA1035B226712A55021F3BE1EC617679B0D5E4A41BB395CDF ] C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c4567e8c65362a53073a764b72c67b4e\IAStorUtil.ni.dll
11:05:11.0115 0x1528  C:\Windows\assembly\NativeImages_v2.0.50727_32\IAStorUtil\c4567e8c65362a53073a764b72c67b4e\IAStorUtil.ni.dll - ok
11:05:11.0127 0x1528  [ 9745C3E99B15912E8712E3E58EC46FB3, 749B1B0509DEBABF632CBDB62FB47282A687744AC447A9DED08D9D564F327FF5 ] C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll
11:05:11.0128 0x1528  C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll - ok
11:05:11.0138 0x1528  [ CD0451A03503EC3611229900217FAAC7, 28FF1EAB6EFE86A4B849335CD712113338FAD363C98EA94F8C1A2C0D475F6C30 ] C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd
11:05:11.0138 0x1528  C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd - ok
11:05:11.0144 0x1528  [ FD6367C337A54F40D7F20E0807BD40F9, FE6ACD0547782B707A230B1C5BE5F83258CE887965C3E5C3E0C2388D7132AD73 ] C:\Program Files (x86)\Dropbox\Client\win32security.pyd
11:05:11.0144 0x1528  C:\Program Files (x86)\Dropbox\Client\win32security.pyd - ok
11:05:11.0154 0x1528  [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A03B595733AEBC2 ] C:\Windows\SysWOW64\security.dll
11:05:11.0154 0x1528  C:\Windows\SysWOW64\security.dll - ok
11:05:11.0164 0x1528  [ B8D8A3DD36F9BD21681EAB9DA61CDB4A, 913B7DA0F267E631321647F148C34C7197529C992B7560BB47F45D518C982A55 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\187d51c0a96cf8ffe1bbd17cf4df0092\System.Drawing.ni.dll
11:05:11.0164 0x1528  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\187d51c0a96cf8ffe1bbd17cf4df0092\System.Drawing.ni.dll - ok
11:05:11.0175 0x1528  [ B44409F4C122ADA7DDE26034F29F1983, BDCE7A58D57DD3DB2AABEFBE5416F36B6B9912D4C4C64759EA35AF086FF157E6 ] C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd
11:05:11.0175 0x1528  C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd - ok
11:05:11.0185 0x1528  [ 011BA8FB52B4A51C0483E63D43327835, EB721E13F0C2A46757C88228D7000AF6644EA52076EFFED3FFABAAC47566E673 ] C:\Program Files (x86)\Dropbox\Client\win32file.pyd
11:05:11.0185 0x1528  C:\Program Files (x86)\Dropbox\Client\win32file.pyd - ok
11:05:11.0195 0x1528  [ D831F12881208F8E95E2C2EF0B2FE4A3, D4DE4EBA4BD55AE5835E4F191509DE6D1A82E9348616FE4588756992CCA6818B ] C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd
11:05:11.0195 0x1528  C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd - ok
11:05:11.0206 0x1528  [ BAD8605CFD8CE5266787E23453FED43F, F96C859C81C9AF6BDEC7D3E0ECA578460056E54E78A5E37D6A770C59AC57949B ] C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd
11:05:11.0206 0x1528  C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd - ok
11:05:11.0216 0x1528  [ 55C94BC68B80224885C5C65C851D4D62, D6336BCAC6EF1FADEF8E19B527ADC3BB75D0B914AF0011A49412FEB4328D7911 ] C:\Program Files (x86)\Dropbox\Client\win32gui.pyd
11:05:11.0216 0x1528  C:\Program Files (x86)\Dropbox\Client\win32gui.pyd - ok
11:05:11.0226 0x1528  [ 9DE9E5749FDA6E2DF559E7F6D880E793, 1DE48372B93567A826DA43956EF3A5DA9AE3CAB8479BBDF1323158750261400C ] C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd
11:05:11.0226 0x1528  C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd - ok
11:05:11.0236 0x1528  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
11:05:11.0236 0x1528  C:\Windows\SysWOW64\msimg32.dll - ok
11:05:11.0246 0x1528  [ 682E7F3507B5A7F5B300E84F20DF2D26, 0DD60C02F3639FC4DCEB466B40284DBF33A87D0E93D6389C74BEDD95ECACA68F ] C:\Program Files (x86)\Dropbox\Client\win32process.pyd
11:05:11.0246 0x1528  C:\Program Files (x86)\Dropbox\Client\win32process.pyd - ok
11:05:11.0256 0x1528  [ B2846427725A68A270CDB7A8358EB088, EB9FA148A839F1303D4E1D2F54E69487CCB37E9C96F038CD13DE5273EECB5E86 ] C:\Program Files (x86)\Dropbox\Client\win32service.pyd
11:05:11.0256 0x1528  C:\Program Files (x86)\Dropbox\Client\win32service.pyd - ok
11:05:11.0267 0x1528  [ 73EC865B79584A335D87F03980126BCC, 7240487A95B829051D3A08C0935BCF33CE919CDB7633292E25CB3470B4C79039 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e3ce7f8da0264d1663b66690e2a090b4\System.Windows.Forms.ni.dll
11:05:11.0267 0x1528  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\e3ce7f8da0264d1663b66690e2a090b4\System.Windows.Forms.ni.dll - ok
11:05:11.0277 0x1528  [ 0A7507CCF1E77A1303AEF35A461DD589, C2826B5CFF6D73116A5B7A1920EF83417539008A189FBFD6E8456EC3F2213EFF ] C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd
11:05:11.0277 0x1528  C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd - ok
11:05:11.0287 0x1528  [ 1791897F84008D708E6BD076FB3CC180, 9D2A05DB6EB054415B075A0C548C312D6623C5E8F5569BD8A364F9F70539BD54 ] C:\Program Files (x86)\Dropbox\Client\win32profile.pyd
11:05:11.0287 0x1528  C:\Program Files (x86)\Dropbox\Client\win32profile.pyd - ok
11:05:11.0297 0x1528  [ 5164EE53F67A1654CACB29CDAC52BAD7, A3199DBE7D1B447D6E7F3B0AE9419CC0E7AB064008D51546C99F6437EE8E7A3A ] C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd
11:05:11.0297 0x1528  C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd - ok
11:05:11.0308 0x1528  [ FEA2E9D09FB4B91EC4F93CBC9018440A, B943297A8896C57AFDF1925A1B00FF496679E11AF4CCA2DE4CA0E52BB03CE8C4 ] C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd
11:05:11.0308 0x1528  C:\Program Files (x86)\Dropbox\Client\winenumhandles.compiled._WinEnumHandles.pyd - ok
11:05:11.0319 0x1528  [ 08B92F52772FED968149638050CEC514, 2572EA9566CBE3512C2A0C017CE7C46496574F3D7DC0EA5AB63C59F1CDF53F82 ] C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd
11:05:11.0319 0x1528  C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd - ok
11:05:11.0329 0x1528  [ 6A37E016E80D37B4296A85BAFD14DC59, 9810F301BB61FD7142F8F2C99A042DD66B79C430B3DB23A83D36D62F8E1EBAB6 ] C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd
11:05:11.0329 0x1528  C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd - ok
11:05:11.0340 0x1528  [ 45518DB1EE20B2B6C0F4573801BCAF1A, 4D4584EB6F90CEBD29A2DE13EE76E37247FA54A77F8463D7B0A31E712A42AF38 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd
11:05:11.0340 0x1528  C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd - ok
11:05:11.0350 0x1528  [ B4B46115D1AB84751A2D21A7A72DFCEC, 31EB7296A8D696103BCAC8999154B630FC97B19D8DFDFDA691198A3571CB84DB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4018fa4fd06bf2bdf72eb2465aa90da7\System.Configuration.ni.dll
11:05:11.0350 0x1528  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\4018fa4fd06bf2bdf72eb2465aa90da7\System.Configuration.ni.dll - ok
11:05:11.0361 0x1528  [ 7D3DC3088C45754BFE0B0BAB2ADD4F56, 99A790EB3AAE59131ACA1A424A82A80EDE33400BB810DFDE0EDBDF420589AB5A ] C:\Windows\System32\SearchProtocolHost.exe
11:05:11.0361 0x1528  C:\Windows\System32\SearchProtocolHost.exe - ok
11:05:11.0370 0x1528  [ 537C2E6E57DA23A161F6391CC35D6DAF, 30DE1DAB1A58DFF54F9D429D449ABACE0B07A4509673E6E83E263C857A1F54E4 ] C:\Windows\System32\webcheck.dll
11:05:11.0370 0x1528  C:\Windows\System32\webcheck.dll - ok
11:05:11.0380 0x1528  [ EF0322001203CCF4915E4EEDFA25AEE5, 694EE99B3C7B6EC235F4732E2037F015B5CF765736924DD296DEFF6484DD7FDC ] C:\Windows\System32\ieframe.dll
11:05:11.0380 0x1528  C:\Windows\System32\ieframe.dll - ok
11:05:11.0390 0x1528  [ CD767A54456C15DC6733D80E55F33106, D1CD88D5C22A8AAF506D4B87DDBAEE8987C3183FBC8C23309CDBD0D5A7D898A5 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\239dbde93c39754961734a2612693e74\System.Xml.ni.dll
11:05:11.0390 0x1528  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\239dbde93c39754961734a2612693e74\System.Xml.ni.dll - ok
11:05:11.0397 0x1528  [ 3B1C387E34F9D466BC4B5CFFD8CFA69B, 0516499D41CB6A7D4969805E3D372C84F9CF29A48FF586C779A5C91DA7EEA668 ] C:\Windows\System32\msshooks.dll
11:05:11.0397 0x1528  C:\Windows\System32\msshooks.dll - ok
11:05:11.0407 0x1528  [ 65DFAAB764EF388A8289EAE298DD0F7A, E907B1126A6B540F72FECFE7DF0759A42C3F50776C954B39CF556478A6D1E9E1 ] C:\Program Files (x86)\Dropbox\Client\Qt5Widgets.dll
11:05:11.0407 0x1528  C:\Program Files (x86)\Dropbox\Client\Qt5Widgets.dll - ok
11:05:11.0417 0x1528  [ 8E2C7D68DD53A47B309FBA44C1C27372, A34202AA2EF8E348DFF1E731417EDD15BA0B0677A961C27EB3EDBBE5004DF08E ] C:\Windows\System32\SearchFilterHost.exe
11:05:11.0418 0x1528  C:\Windows\System32\SearchFilterHost.exe - ok
11:05:11.0427 0x1528  [ 6B3E89D52BDA9724FF2EAF8B6691E878, 15F6646A4375D25A39AB862E444231E934583251DB75414AAC78F8BEA133AC87 ] C:\Program Files (x86)\Avira\Antivirus\ccmainrc.dll
11:05:11.0428 0x1528  C:\Program Files (x86)\Avira\Antivirus\ccmainrc.dll - ok
11:05:11.0437 0x1528  [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
11:05:11.0437 0x1528  C:\Windows\System32\mscoree.dll - ok
11:05:11.0447 0x1528  [ 81AB42CB6807A6B1B6F5ED7BCBF6C56E, 992B88A418FB23A352DC8E1C4E3473FBA416241195E4A143F70EC5E12870CE57 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
11:05:11.0447 0x1528  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
11:05:11.0458 0x1528  [ 32BFAE767DE0B73DC0B9F2ACC976F068, 65B1AE831FD99F661CBBD53BE737DAB6F77F504C7D6C474D955A6374971500C8 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
11:05:11.0458 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
11:05:11.0467 0x1528  [ 0A1C81BDCB030222A0B0A652B2C89D8D, 729AA4033009AC894C1EF2A57DFD097BE5D562DDA70533820540904C2EF7882A ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe
11:05:11.0467 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\csc.exe - ok
11:05:11.0477 0x1528  [ A3F25CD0FC2D5A29B31BE8435CFD6698, C5F369BCCA47D4437D53E7EDF1ACDA92D7D16FBAFFAD8BE23B058D73C3DA2C23 ] C:\Windows\System32\mssph.dll
11:05:11.0477 0x1528  C:\Windows\System32\mssph.dll - ok
11:05:11.0486 0x1528  [ 73DC9840FE246158ECCBC8270847CCBC, 1C64CE16FBFD47D9D4E439BA0076DA71269C9E249FC7A474463592948F3A96D7 ] C:\Windows\System32\mapi32.dll
11:05:11.0486 0x1528  C:\Windows\System32\mapi32.dll - ok
11:05:11.0496 0x1528  [ 683E294E37E451681D17979F1C3F4FCA, B8C727C237FC93DB2D83EE70210A61B0C614486F1D0909BD759F28FCCC74F9A1 ] C:\Program Files (x86)\Dropbox\Client\Qt5Gui.dll
11:05:11.0496 0x1528  C:\Program Files (x86)\Dropbox\Client\Qt5Gui.dll - ok
11:05:11.0506 0x1528  [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
11:05:11.0506 0x1528  C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
11:05:11.0517 0x1528  [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
11:05:11.0517 0x1528  C:\Windows\System32\SyncCenter.dll - ok
11:05:11.0528 0x1528  [ DEEE1639E9E6AA2C7688C23212513A25, 2F865C9D8CE9C6930E7AC33DB3F46332A717EBA3FC186DBE3A65569E73D1AF49 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll
11:05:11.0529 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cscomp.dll - ok
11:05:11.0539 0x1528  [ A060B9D3F7AFFE353FD85C7554776CAC, B0BBFE24AA9557526FA8772E0CC58D6DEFBEDF7E98007F2579D9B22E0B0CCBDC ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll
11:05:11.0539 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\alink.dll - ok
11:05:11.0548 0x1528  [ DA9CCB0D6FF672BC5922943110996D3D, 2A90AAAD42006DB9A5BBBB6396747019DA0491BA39500D5C1D315A91EB1BDC9A ] C:\Program Files (x86)\Dropbox\Client\Qt5Core.dll
11:05:11.0549 0x1528  C:\Program Files (x86)\Dropbox\Client\Qt5Core.dll - ok
11:05:11.0558 0x1528  [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
11:05:11.0558 0x1528  C:\Windows\System32\imapi2.dll - ok
11:05:11.0568 0x1528  [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
11:05:11.0568 0x1528  C:\Windows\System32\hgcpl.dll - ok
11:05:11.0577 0x1528  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] C:\Windows\System32\fdPHost.dll
11:05:11.0577 0x1528  C:\Windows\System32\fdPHost.dll - ok
11:05:11.0587 0x1528  [ 171D7DB433314A868507C4326E8209DC, 254E0D9F99CE47104CF21D8E968D89D6A09B9CE47168E760BAB28AD5A1E9E6A3 ] C:\Windows\System32\fdWSD.dll
11:05:11.0587 0x1528  C:\Windows\System32\fdWSD.dll - ok
11:05:11.0596 0x1528  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
11:05:11.0596 0x1528  C:\Windows\System32\mlang.dll - ok
11:05:11.0606 0x1528  [ A2E5B2D20954210DCE1A75A1FC8CC36D, 1EA240AC37ECA4EC3E542F9E6DF72753EBA1DF76CBA8691EC61ABCC51EE6FCB2 ] C:\Windows\System32\fdSSDP.dll
11:05:11.0606 0x1528  C:\Windows\System32\fdSSDP.dll - ok
11:05:11.0615 0x1528  [ 2A436796758BF2555A26C770FE8A6FEE, 9E42AF3A3CB05E323CBB7F93FE7C454CD251672C5D9F5E94909131A5D8F9204A ] C:\Windows\System32\fdProxy.dll
11:05:11.0615 0x1528  C:\Windows\System32\fdProxy.dll - ok
11:05:11.0625 0x1528  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] C:\Windows\System32\ListSvc.dll
11:05:11.0625 0x1528  C:\Windows\System32\ListSvc.dll - ok
11:05:11.0634 0x1528  [ 211C0F02B8546EDCC8FD5695FB3A9E4E, 2D3AD05C2D1C420B100AD9659934DFFC3A47F3E75D3F5926E73A067115750988 ] C:\Program Files (x86)\Dropbox\Client\icuin55.dll
11:05:11.0635 0x1528  C:\Program Files (x86)\Dropbox\Client\icuin55.dll - ok
11:05:11.0644 0x1528  [ B6411CED931AFD059E48C52DBFBA95B4, 4E275A691E6A1C07D72DC8DA16B58B6634286A5058C3F4AC0ABD92B9A57FB5D5 ] C:\Windows\System32\P2P.dll
11:05:11.0644 0x1528  C:\Windows\System32\P2P.dll - ok
11:05:11.0650 0x1528  [ 4A82EA2807B16FF577AEAF8ADB8779FF, C7F9A45FF80DFDE804D81BEE23C748A465AEB729DF2C9E327374CDD94E300547 ] C:\Windows\System32\IdListen.dll
11:05:11.0650 0x1528  C:\Windows\System32\IdListen.dll - ok
11:05:11.0661 0x1528  [ E955300DF949977878C705EC8681009A, 8DF0532317D5A00DF1A1CED769D1944EA5C29FED35C1038C5C9E5486EDA6CCBC ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll
11:05:11.0661 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorpe.dll - ok
11:05:11.0670 0x1528  [ A0524499F4C63CADA7E1529FC77F5DC1, DCAF3C89B7363139EB128C6240CA2B301090BF18C57688B0990FC2BBF680752F ] C:\Windows\System32\hgprint.dll
11:05:11.0670 0x1528  C:\Windows\System32\hgprint.dll - ok
11:05:11.0680 0x1528  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] C:\Windows\System32\pnrpsvc.dll
11:05:11.0680 0x1528  C:\Windows\System32\pnrpsvc.dll - ok
11:05:11.0690 0x1528  [ 200FC355F85ECD4DB77FB3CAB2D01364, C97F276B4C70682C8F8D39B91E30F938BC6E86A42CD6B71E3AD08092DBA528E9 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe
11:05:11.0690 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\cvtres.exe - ok
11:05:11.0699 0x1528  [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll
11:05:11.0699 0x1528  C:\Windows\SysWOW64\shfolder.dll - ok
11:05:11.0710 0x1528  [ 8189D2FDFF0BA4F507834FCD34422DE5, EA24F76B4E375256A9CF9389123E4B4E0D96D163DF66246EA4BC34D292371C9E ] C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll
11:05:11.0710 0x1528  C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IntelVisualDesign.dll - ok
11:05:11.0720 0x1528  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] C:\Windows\System32\p2psvc.dll
11:05:11.0720 0x1528  C:\Windows\System32\p2psvc.dll - ok
11:05:11.0729 0x1528  [ 3AEE02CEDAA3ACD14F9D7E038E44D6D1, 13E0350F82C61ED03E9A09FF991610EEDA214B2EBAF042396F29D3D49A6298A9 ] C:\Windows\System32\P2PGraph.dll
11:05:11.0729 0x1528  C:\Windows\System32\P2PGraph.dll - ok
11:05:11.0739 0x1528  [ 14858D5948E6618FD15423FFA6207781, 308A918ADF6DE580CBC44B68EE1D654B09E3ADDB83320B2FD5B8E3250D9D31E5 ] C:\Program Files (x86)\Dropbox\Client\icuuc55.dll
11:05:11.0739 0x1528  C:\Program Files (x86)\Dropbox\Client\icuuc55.dll - ok
11:05:11.0748 0x1528  [ FF6FE02DEF7F102C2E6EE1AE99DEB5DA, D3B15B28FA79BD273AF2E49AD91077A6B7B48398483ED6594E75DD53FD8C4253 ] C:\Program Files (x86)\Dropbox\Client\icudt55.dll
11:05:11.0749 0x1528  C:\Program Files (x86)\Dropbox\Client\icudt55.dll - ok
11:05:11.0759 0x1528  [ 7BE499B2CCDF982C54CD83AE4AC3D618, CD9AAC69A6F91259023BC9724394AAAF92736BD2BDA75682949A5C994B76C5A3 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8f82774f9d31a420fb32bd6c42578ca3\System.Runtime.Remoting.ni.dll
11:05:11.0759 0x1528  C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\8f82774f9d31a420fb32bd6c42578ca3\System.Runtime.Remoting.ni.dll - ok
11:05:11.0770 0x1528  [ 1598DB790793A396298825C1CA17FB47, 0B9FEB84220C1EB1DBB85C1CF0FFF163FD1050F7B00932619562DA4B3C4209D6 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
11:05:11.0770 0x1528  C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
11:05:11.0779 0x1528  [ 95E129EAF086B52FC3885C7330AC3456, E9C591418413FAB5EBD5603757DE462B1C32017F740339BB0F2B9C753816A6BD ] C:\Program Files\Internet Explorer\ieproxy.dll
11:05:11.0779 0x1528  C:\Program Files\Internet Explorer\ieproxy.dll - ok
11:05:11.0789 0x1528  [ 36A410898140E037A2C2B5432CB269F0, CEBCD80CFF524A977E6B0FD06222B596CFEFB65E5F1039955B4A20C38049125F ] C:\Program Files (x86)\Dropbox\Client\sip.pyd
11:05:11.0789 0x1528  C:\Program Files (x86)\Dropbox\Client\sip.pyd - ok
11:05:11.0799 0x1528  [ E04C34379145355B8E9A48149F77BEF5, A43D714E0357E32BDC5BF167012E92D0A0DD60646DDE2E1BBA10581351501E33 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd
11:05:11.0799 0x1528  C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd - ok
11:05:11.0903 0x1528  [ 29D86BB4480D4E71E3C2AAED16C38524, F5D86DA15EA224EFDD8473DCFBC6DE699F1DA4D5E092B1D519E7EA986331E25B ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd
11:05:11.0903 0x1528  C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd - ok
11:05:11.0919 0x1528  [ 94D82DB97ED9494E7702DF6A3F8BAB85, F02EBC9AC8FCB56F4599406CFA8C8C128CA59A58208B7D0C4CD06F28A5102C36 ] C:\Program Files (x86)\Dropbox\Client\win32ts.pyd
11:05:11.0919 0x1528  C:\Program Files (x86)\Dropbox\Client\win32ts.pyd - ok
11:05:11.0937 0x1528  [ AE52114593C3715FAF5A3C3AC5968F04, A3B6F450A67A04E7EEAC953BF0275D22B189040EE965873EBDC4ECB979738DC9 ] C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd
11:05:11.0937 0x1528  C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd - ok
11:05:11.0953 0x1528  [ B016CDE98E0680EB10674AFCE363D0C0, DB0938C75F6140ECC7DCFABCAC134A19468D24ABC1399B0FF525157600436F95 ] C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineWidgets.dll
11:05:11.0953 0x1528  C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineWidgets.dll - ok
11:05:11.0974 0x1528  [ A9C257193303F7F2C65D18C10ACA0C7A, 513128038C80A1E1DFF8D3F4013D5A0B8C8381EF2767ACBE4F443322452A3709 ] C:\Program Files (x86)\Dropbox\Client\Qt5WebEngine.dll
11:05:11.0974 0x1528  C:\Program Files (x86)\Dropbox\Client\Qt5WebEngine.dll - ok
11:05:11.0981 0x1528  ================ Scan generic autorun ======================
11:05:11.0982 0x1528  Apoint - ok
11:05:12.0158 0x1528  [ 0932D22D72FBFC2391D2647F2206CEC5, 11D7B51E1E7F573223A8C107CBB68DCA036EE0C7DD4545E36B5AD78584AB6770 ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
11:05:12.0352 0x1528  RtHDVBg_Dolby - ok
11:05:12.0381 0x1528  [ D3E38DCD73E8F6C529F10802654F81B5, 1E5DCDEC809C8F6C7325B5F64966623745D83B18C59686CD9979472F16AC1E3A ] C:\Windows\system32\igfxtray.exe
11:05:12.0430 0x1528  IgfxTray - ok
11:05:12.0480 0x1528  [ EF841D467E5DE7D096A507C345C259BC, 8571925382B59CA598A4063621A3BB59FBCE75DF705FAA4547F12827545AA0EA ] C:\Windows\system32\igfxpers.exe
11:05:12.0539 0x1528  Persistence - ok
11:05:12.0766 0x1528  [ C15CE54E69E634DE86A7D44B5C3FED4B, 457512BA215E1B6D6659CABA6368C5E95C1AA853978471A6366F116A999E1C34 ] C:\Program Files (x86)\Sony\VAIO Boot Manager\StartUpProcessDelayTool.exe
11:05:12.0873 0x1528  VAIO Boot Manager - ok
11:05:12.0914 0x1528  [ 36828A828CEAA19A0FEA14C8723DC60C, 005627B96A08AC88BE3813DCB73228D8668A8270021D824FFC5EEA26C29027FA ] C:\Program Files (x86)\Avira\Launcher\Avira.SystrayStartTrigger.exe
11:05:12.0976 0x1528  Avira SystrayStartTrigger - ok
11:05:13.0162 0x1528  [ 26765B5C617F2BC199C29FA5643F6177, A871D14CB830D7B13D9C3A451E1448D66D28CEECB08DDD6E7075B58A1AB1779C ] C:\Program Files (x86)\Avira\Antivirus\avgnt.exe
11:05:13.0267 0x1528  avgnt - ok
11:05:13.0284 0x1528  [ 4FD06F797CEB120C712C5A0143DB2A17, 609F2C4FB9FB3C82667E92ABFE8B3168FA47F150826D762FD6783491D3261B48 ] C:\Program Files (x86)\Avira\System Speedup\Avira.SystemSpeedup.Core.Common.Starter.exe
11:05:13.0322 0x1528  Avira System Speedup User Starter - ok
11:05:14.0172 0x1528  [ D5EB6E4154952E64C215B5D8BCE06432, 7F0B94ED4AA314274EDFEFAA384DA54BAC8A78B832808F3EF03308F78404FFE0 ] C:\Program Files (x86)\Dropbox\Client\Dropbox.exe
11:05:14.0506 0x1528  Dropbox - ok
11:05:15.0966 0x1528  [ 333B21363F104AB3639099E5DC4B04A4, E75E806FA3CCA6A82DE6915DD0D64037C54F4C76AC4C0778A8A757CF3AF44051 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
11:05:16.0938 0x1528  SUPERAntiSpyware - ok
11:05:16.0960 0x1528  Sidebar - ok
11:05:17.0014 0x1528  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
11:05:17.0107 0x1528  mctadmin - ok
11:05:17.0109 0x1528  Sidebar - ok
11:05:17.0118 0x1528  Waiting for KSN requests completion. In queue: 10
11:05:18.0118 0x1528  Waiting for KSN requests completion. In queue: 10
11:05:19.0180 0x1528  AV detected via SS2: Avira Antivirus, C:\Program Files (x86)\Avira\Antivirus\WindowsSecurityCenter.exe ( 15.0.28.21 ), 0x41000 ( enabled : updated )
11:05:19.0345 0x1528  Win FW state via NFP2: enabled ( trusted )
11:05:19.0663 0x1528  ============================================================
11:05:19.0663 0x1528  Scan finished
11:05:19.0663 0x1528  ============================================================
11:05:19.0700 0x14d8  Detected object count: 0
11:05:19.0700 0x14d8  Actual detected object count: 0
11:07:19.0932 0x058c  ============================================================
11:07:19.0932 0x058c  Scan started
11:07:19.0932 0x058c  Mode: Manual; SigCheck; TDLFS;
11:07:19.0932 0x058c  ============================================================
11:07:19.0932 0x058c  KSN ping started
11:07:20.0087 0x058c  KSN ping finished: true
11:07:21.0222 0x058c  ================ Scan system memory ========================
11:07:21.0223 0x058c  System memory - ok
11:07:21.0223 0x058c  ================ Scan services =============================
11:07:21.0258 0x058c  [ 98E06CAC2C508118450095E581202230, 8FC6C08487F2A481A28F1E5E500B61A21B7A0D44B342F9F887017D6FAE4F87F4 ] !SASCORE        C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
11:07:21.0289 0x058c  !SASCORE - ok
11:07:21.0396 0x058c  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
11:07:21.0421 0x058c  1394ohci - ok
11:07:21.0454 0x058c  [ ADC420616C501B45D26C0FD3EF1E54E4, 29FC41D40A35AC5476E2A673CE5B12684E0CFA12A1AEBEEBE5883FBA5CA68B67 ] ACDaemon        C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
11:07:21.0469 0x058c  ACDaemon - ok
11:07:21.0494 0x058c  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
11:07:21.0520 0x058c  ACPI - ok
11:07:21.0528 0x058c  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
11:07:21.0553 0x058c  AcpiPmi - ok
11:07:21.0564 0x058c  [ 8D6BA8E7676038A27FD4ECF12CC744B0, F5D59B764DCB4A06A51939533DC7B2391FD68E3979C48939C023A60DCE0D2101 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
11:07:21.0582 0x058c  AdobeARMservice - ok
11:07:21.0619 0x058c  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
11:07:21.0658 0x058c  adp94xx - ok
11:07:21.0765 0x058c  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
11:07:21.0793 0x058c  adpahci - ok
11:07:21.0808 0x058c  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
11:07:21.0827 0x058c  adpu320 - ok
11:07:21.0839 0x058c  [ 262D7C87D0AC20B96EF9877D3CA478A0, 54F7E5A5F8991C5525500C1ECCF3D3135D13F48866C366E52DF1D052DB2EE15B ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
11:07:21.0856 0x058c  AeLookupSvc - ok
11:07:21.0917 0x058c  [ 0DC2A9882540DEA4A55B08785E09D8FC, 69B15724B0034F9915AACE109A6C596D6AF2DA350FC18C9A0CD98C81CB7EDEE3 ] AFD             C:\Windows\system32\drivers\afd.sys
11:07:21.0945 0x058c  AFD - ok
11:07:21.0951 0x058c  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
11:07:21.0961 0x058c  agp440 - ok
11:07:21.0968 0x058c  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
11:07:21.0981 0x058c  ALG - ok
11:07:21.0986 0x058c  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
11:07:21.0998 0x058c  aliide - ok
11:07:22.0011 0x058c  [ 0EE274476C3E5F05F2B79B8C63FCCCFC, 7D1861FCC975AD85D793DD6945113DA06CDD2B8F118AA61D0147FFA3315E8A48 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
11:07:22.0087 0x058c  AMD External Events Utility - ok
11:07:22.0092 0x058c  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
11:07:22.0103 0x058c  amdide - ok
11:07:22.0111 0x058c  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
11:07:22.0123 0x058c  AmdK8 - ok
11:07:22.0389 0x058c  [ B18018924D6ADB6E64BC39BD37D6A4D8, 6EEB593A50AD5AA9633E6F97AB2314D674C13FAA7A6D03000A5F6C074CAF7BAF ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
11:07:22.0619 0x058c  amdkmdag - ok
11:07:22.0649 0x058c  [ 3249B112D48D29BE86984CF4594C9755, 089712B872F92AB0614665F8B5EA869EAB4F6035164921EE0021158D457DE83F ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
11:07:22.0671 0x058c  amdkmdap - ok
11:07:22.0678 0x058c  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
11:07:22.0691 0x058c  AmdPPM - ok
11:07:22.0700 0x058c  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
11:07:22.0712 0x058c  amdsata - ok
11:07:22.0738 0x058c  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
11:07:22.0754 0x058c  amdsbs - ok
11:07:22.0759 0x058c  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
11:07:22.0772 0x058c  amdxata - ok
11:07:22.0876 0x058c  [ A587017D8CAF0B67FCD4B589C1ABF22B, 5B8024C0BAB30C9F850D189A1D3B5B385177BD7EA54C5FE6FD8506686B2A886E ] AntiVirMailService C:\Program Files (x86)\Avira\Antivirus\avmailc7.exe
11:07:22.0915 0x058c  AntiVirMailService - ok
11:07:22.0966 0x058c  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] AntiVirSchedulerService C:\Program Files (x86)\Avira\Antivirus\sched.exe
11:07:22.0995 0x058c  AntiVirSchedulerService - ok
11:07:23.0020 0x058c  [ 69681426797E0E78F4D9398BD789F1F8, 8B336406B009AF66D558998AE62466AAE24E84DC5D0E98EB2BE7AA38FABD1042 ] AntiVirService  C:\Program Files (x86)\Avira\Antivirus\avguard.exe
11:07:23.0046 0x058c  AntiVirService - ok
11:07:23.0104 0x058c  [ B2868F2E2057D4EA9E7EA061102D8921, 1FCB309421FC58E68E162282816ACB88A1E20C148A0B5C423FEC49123D033EA0 ] AntiVirWebService C:\Program Files (x86)\Avira\Antivirus\avwebg7.exe
11:07:23.0150 0x058c  AntiVirWebService - ok
11:07:23.0186 0x058c  [ 9DC1A45BA81C923DB68A162B0F0D0149, 0B3EC531651B22DFC3F4EB0A19F4F5B5C094F77BFC245FBB1A1BE28DD8B6516D ] ApfiltrService  C:\Windows\system32\DRIVERS\Apfiltr.sys
11:07:23.0200 0x058c  ApfiltrService - ok
11:07:23.0210 0x058c  [ FD481DB6ACCAEE727E64043FB2E456F4, 2724A3D0B7F979AF5F485000F555495FA21A443159F29BC1B042C4800D7A368A ] AppID           C:\Windows\system32\drivers\appid.sys
11:07:23.0226 0x058c  AppID - ok
11:07:23.0250 0x058c  [ 89263F9C4A1BC46D350BAD1DD24EE878, B9B0FCBCF53D6739329C93350DB0DB4A0FE8C347F7922ABFEA452CF6EF33DE91 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
11:07:23.0262 0x058c  AppIDSvc - ok
11:07:23.0268 0x058c  [ DE23E052E557580674785CDF45B613F3, A955ADC6CC7D816BA7CE1065F911E7A3295A1908C22BE0A3C506C38CFEE8DE0D ] Appinfo         C:\Windows\System32\appinfo.dll
11:07:23.0284 0x058c  Appinfo - ok
11:07:23.0314 0x058c  [ 7DEFAE8665BCEDDC2C9983138D69D7A5, BDD39E55DDFD33114EC36CBE79298149E6A920A6B8F440A8C1F7A7003D1867C9 ] Apple Mobile Device Service C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
11:07:23.0323 0x058c  Apple Mobile Device Service - ok
11:07:23.0333 0x058c  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\DRIVERS\arc.sys
11:07:23.0344 0x058c  arc - ok
11:07:23.0351 0x058c  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
11:07:23.0362 0x058c  arcsas - ok
11:07:23.0433 0x058c  [ 8637F3119057178364D200F2462E625C, 40CAE47AA6C6B23FEB95961FD06BB3EB075CA63BB91B54CB26215A368371B343 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
11:07:23.0445 0x058c  aspnet_state - ok
11:07:23.0451 0x058c  [ DE6759B8D8E62BF0FFF2B05F05AFCEE6, AB153A2544BA5681D9874523EFB2CA361EFD1F74137404E24EFC33FB15FC4333 ] aswRvrt         C:\Windows\system32\drivers\aswRvrt.sys
11:07:23.0461 0x058c  aswRvrt - ok
11:07:23.0471 0x058c  [ 7E44C2684A6CA779B9D07CB4BD3F649D, D1BBEB57A7F4B7AAAA2C4AE66D77962A89DB2DB7DAA11A8767653C02734F9977 ] aswVmm          C:\Windows\system32\drivers\aswVmm.sys
11:07:23.0484 0x058c  aswVmm - ok
11:07:23.0488 0x058c  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
11:07:23.0518 0x058c  AsyncMac - ok
11:07:23.0523 0x058c  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
11:07:23.0533 0x058c  atapi - ok
11:07:23.0564 0x058c  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
11:07:23.0589 0x058c  AudioEndpointBuilder - ok
11:07:23.0610 0x058c  [ 67C717EC24FCAAE7B518D9E06AD036AB, F08550E4FCEC2899FACEF2A18CEE3D068D5911FFD2FF5534E4921E56FB0AEF59 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
11:07:23.0635 0x058c  AudioSrv - ok
11:07:23.0643 0x058c  [ 6C94D74033458BC2BDF11EED4E78F027, E52134268B2CED17801EE1D7ABA713CECE4CD960AF24749B74CD84B707CB344B ] avdevprot       C:\Windows\system32\DRIVERS\avdevprot.sys
11:07:23.0656 0x058c  avdevprot - ok
11:07:23.0668 0x058c  [ 801250C350F2905E67AB007F8BE9066B, 03A43B88A166711C8C160EBE7F53E8FA7D9D16E258622CF09B0C51B9DF14E5D1 ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
11:07:23.0682 0x058c  avgntflt - ok
11:07:23.0693 0x058c  [ 19F7A17EEA887F11D18055645F8D3F74, 4FF6118D02D6149B38778E86351EFDB88E52E0A66152C7ECC8D523C1EE445DA4 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
11:07:23.0704 0x058c  avipbb - ok
11:07:23.0734 0x058c  [ 899C706D9C5A829BEA290CD02A95B07C, 40121149932C76E2377386D4C286E1C0CE5AE382515C8DE391B68A0E77478B28 ] Avira.ServiceHost C:\Program Files (x86)\Avira\Launcher\Avira.ServiceHost.exe
11:07:23.0760 0x058c  Avira.ServiceHost - ok
11:07:23.0767 0x058c  [ 3E0AB8C453FA433B15A30BAA8BD4B275, 30453E68013DF1A3CD9197F28E8591A67BFA6CA784129666A6F7DF9D2E12440B ] avkmgr          C:\Windows\system32\DRIVERS\avkmgr.sys
11:07:23.0777 0x058c  avkmgr - ok
11:07:23.0804 0x058c  [ 19B6F9073BD606B7ABEC03A0328FDC1B, 639E6A05BB0E52CDBDF887A3FA209B32F84253D274F2A9A89E1D96F1BE4C8143 ] avnetflt        C:\Windows\system32\DRIVERS\avnetflt.sys
11:07:23.0815 0x058c  avnetflt - ok
11:07:23.0823 0x058c  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
11:07:23.0842 0x058c  AxInstSV - ok
11:07:23.0891 0x058c  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
11:07:23.0912 0x058c  b06bdrv - ok
11:07:23.0958 0x058c  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
11:07:23.0980 0x058c  b57nd60a - ok
11:07:23.0988 0x058c  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
11:07:24.0003 0x058c  BDESVC - ok
11:07:24.0008 0x058c  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
11:07:24.0043 0x058c  Beep - ok
11:07:24.0073 0x058c  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
11:07:24.0104 0x058c  BFE - ok
11:07:24.0177 0x058c  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
11:07:24.0252 0x058c  BITS - ok
11:07:24.0259 0x058c  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
11:07:24.0273 0x058c  blbdrive - ok
11:07:24.0373 0x058c  [ B5C2F92EE1106DFE7BB1CCE4D35B6037, E399C390687589194D8AAD385055F0CFA7D52AD9E837D8FF95008B8EB2B34E50 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
11:07:24.0412 0x058c  Bonjour Service - ok
11:07:24.0435 0x058c  [ ABA3984C822E4D3F889699912D85D6C5, 2251FA135CC290DA13DAE4743F393C7CC9E6A737C054707CB8D72C369D1FFACB ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
11:07:24.0489 0x058c  bowser - ok
11:07:24.0507 0x058c  [ B19ABB2DC3B769EC55B3B722AA40244E, 393097F5E8E86E574C00EB1F074DC3BF328F405E26F708B2F42FAC8D9B0F0F24 ] bpenum          C:\Windows\system32\DRIVERS\bpenum.sys
11:07:24.0527 0x058c  bpenum - detected UnsignedFile.Multi.Generic ( 1 )
11:07:24.0527 0x058c  Detect skipped due to KSN trusted
11:07:24.0527 0x058c  bpenum - ok
11:07:24.0554 0x058c  [ 58792339EBA9764877406FF739CDF1EE, AD473DEC7224A420B9092666F35F09736582FC731031E480EC3EAAB5F6FE877A ] bpmp            C:\Windows\system32\DRIVERS\bpmp.sys
11:07:24.0583 0x058c  bpmp - detected UnsignedFile.Multi.Generic ( 1 )
11:07:24.0583 0x058c  Detect skipped due to KSN trusted
11:07:24.0583 0x058c  bpmp - ok
11:07:24.0600 0x058c  [ 44D822D62101E645901FE13750DBD84D, 7A20AF8BEF69E39CF77661054A5A23C5AA7DA2F9185A0ABB4F11214B3A7BE910 ] bpusb           C:\Windows\system32\Drivers\bpusb.sys
11:07:24.0621 0x058c  bpusb - detected UnsignedFile.Multi.Generic ( 1 )
11:07:24.0621 0x058c  Detect skipped due to KSN trusted
11:07:24.0622 0x058c  bpusb - ok
11:07:24.0632 0x058c  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
11:07:24.0678 0x058c  BrFiltLo - ok
11:07:24.0690 0x058c  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
11:07:24.0741 0x058c  BrFiltUp - ok
11:07:24.0759 0x058c  [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP        C:\Windows\system32\DRIVERS\bridge.sys
11:07:24.0881 0x058c  BridgeMP - ok
11:07:24.0922 0x058c  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
11:07:24.0973 0x058c  Browser - ok
11:07:25.0032 0x058c  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
11:07:25.0103 0x058c  Brserid - ok
11:07:25.0118 0x058c  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
11:07:25.0167 0x058c  BrSerWdm - ok
11:07:25.0179 0x058c  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
11:07:25.0227 0x058c  BrUsbMdm - ok
11:07:25.0239 0x058c  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
11:07:25.0296 0x058c  BrUsbSer - ok
11:07:25.0368 0x058c  [ EA7E57F87D6FEE5FD6C5F813C04E8CD2, 1EB84F4DEE3034FAFBEA2A3F84EECE036E803872DA94D54E958E9F2F09519E88 ] BrYNSvc         C:\Program Files (x86)\Browny02\BrYNSvc.exe
11:07:25.0398 0x058c  BrYNSvc - detected UnsignedFile.Multi.Generic ( 1 )
11:07:25.0398 0x058c  Detect skipped due to KSN trusted
11:07:25.0398 0x058c  BrYNSvc - ok
11:07:25.0411 0x058c  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
11:07:25.0449 0x058c  BthEnum - ok
11:07:25.0467 0x058c  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
11:07:25.0518 0x058c  BTHMODEM - ok
11:07:25.0542 0x058c  [ 5A8951D195AFEF979C4AB02A129EBC37, 48FD4A921E51B6DD306A1248EB9A1A6AEC5F59E49528423BF2F40600B3AF1D08 ] BthPan          C:\Windows\system32\drivers\bthpan.sys
11:07:25.0592 0x058c  BthPan - ok
11:07:25.0657 0x058c  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
11:07:25.0749 0x058c  BTHPORT - ok
11:07:25.0769 0x058c  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
11:07:25.0927 0x058c  bthserv - ok
11:07:25.0950 0x058c  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
11:07:26.0005 0x058c  BTHUSB - ok
11:07:26.0066 0x058c  [ 7A2CE8C1BF4DAA1F2766E21E9CA11078, 2AF02D206F60F95185894D829D7CC322C4986847153269DE186E11EE2353FBBC ] btwampfl        C:\Windows\system32\drivers\btwampfl.sys
11:07:26.0184 0x058c  btwampfl - ok
11:07:26.0211 0x058c  [ A75BF6802A967F5AACECC3C67FEBDF55, 7FD561C3817ABE48121926361ED12943A1EF5C0006689DCE3813697868D763B4 ] btwaudio        C:\Windows\system32\drivers\btwaudio.sys
11:07:26.0254 0x058c  btwaudio - ok
11:07:26.0280 0x058c  [ D895DC213EDBDA5FCC53AAD1F1E0E63B, FF3B483752E45911C267367B102EA0901BE13840FDBA083D0B7FF3379C37B898 ] btwavdt         C:\Windows\system32\DRIVERS\btwavdt.sys
11:07:26.0317 0x058c  btwavdt - ok
11:07:26.0448 0x058c  [ 692F8648D7686D91E34A65AC698019D8, CC7544513AA089BDB0FCE74156C88CBB4182C96F97785A64ED5D3061B039516E ] btwdins         C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
11:07:26.0608 0x058c  btwdins - ok
11:07:26.0626 0x058c  [ 07096D2BC22CCB6CEA5A532DF0BE8A75, A9B7F2EFFDF1E4EC0A5DC098F0ED2BE44E271844A4F1CBAD2FA1655DE1E03F6E ] btwl2cap        C:\Windows\system32\DRIVERS\btwl2cap.sys
11:07:26.0651 0x058c  btwl2cap - ok
11:07:26.0664 0x058c  [ 6D7AA2BDE0135599C5F230D69DB3B420, 5179F57976B3903B5D45C5B383C691BCB26411B5C98296F99C1F79EF863E1E0A ] btwrchid        C:\Windows\system32\DRIVERS\btwrchid.sys
11:07:26.0687 0x058c  btwrchid - ok
11:07:26.0695 0x058c  catchme - ok
11:07:26.0725 0x058c  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
11:07:26.0846 0x058c  cdfs - ok
11:07:26.0871 0x058c  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\drivers\cdrom.sys
11:07:26.0928 0x058c  cdrom - ok
11:07:26.0947 0x058c  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
11:07:27.0063 0x058c  CertPropSvc - ok
11:07:27.0105 0x058c  [ F71B5B79DD8F2E48523065AECE0AF9C1, 15CBF59E3BFD8769AF1BDBCA13F7D53E567DF66694872B82468297708E913C8A ] cfbackd         C:\Program Files (x86)\CleverFiles\Disk Drill\cfbackd.w32.exe
11:07:27.0146 0x058c  cfbackd - ok
11:07:27.0161 0x058c  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
11:07:27.0204 0x058c  circlass - ok
11:07:27.0270 0x058c  [ E465632DC8D34C3FA7CAB4F4B4A407C1, 3180089514024C5640568117F139BDACC7CABE1C6D11B8A427FBE21F77AE6C7B ] CLFS            C:\Windows\system32\CLFS.sys
11:07:27.0336 0x058c  CLFS - ok
11:07:27.0391 0x058c  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
11:07:27.0440 0x058c  clr_optimization_v2.0.50727_32 - ok
11:07:27.0466 0x058c  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
11:07:27.0511 0x058c  clr_optimization_v2.0.50727_64 - ok
11:07:27.0590 0x058c  [ 2BA609641FA64BAB02ACD3C0095672F5, FD1FE403864F0564CA4A2F1D7415649B8FFE16F8ED33C4B44ACB21767118AD5F ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
11:07:27.0632 0x058c  clr_optimization_v4.0.30319_32 - ok
11:07:27.0662 0x058c  [ 7C7502CD2A2CFAB399D0D8DA95DB03E7, 4AE53B468CF597FCFD912A6EEE27E87EE4D9BC73F2A794FB5DF5DA46C1DD1289 ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
11:07:27.0714 0x058c  clr_optimization_v4.0.30319_64 - ok
11:07:27.0729 0x058c  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
11:07:27.0776 0x058c  CmBatt - ok
11:07:27.0791 0x058c  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
11:07:27.0824 0x058c  cmdide - ok
11:07:27.0913 0x058c  [ A98CED39AD91B445E2E442A9BD67E8B4, B4189DEEF1C0EE22AE983119047B1A40FFDD8F3E163DFFABD7C2706231B0B1B0 ] CNG             C:\Windows\system32\Drivers\cng.sys
11:07:28.0001 0x058c  CNG - ok
11:07:28.0015 0x058c  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
11:07:28.0046 0x058c  Compbatt - ok
11:07:28.0060 0x058c  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
11:07:28.0111 0x058c  CompositeBus - ok
11:07:28.0122 0x058c  COMSysApp - ok
11:07:28.0234 0x058c  [ 61D0FDF2D2269F13D44C23EF951AD36C, 40ED0D8787335AB929D7DB2624D0B3AC1D8DE3494E95987A4DE2ECFD13870D19 ] cphs            C:\Windows\SysWow64\IntelCpHeciSvc.exe
11:07:28.0291 0x058c  cphs - ok
11:07:28.0305 0x058c  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
11:07:28.0333 0x058c  crcdisk - ok
11:07:28.0366 0x058c  [ 48FEDBE324F1EA9417BA1D62AE863011, 2C3D84F0842237A3BF2838DDB4126807977EB36588FA669B1E6671077584EF18 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
11:07:28.0414 0x058c  CryptSvc - ok
11:07:28.0436 0x058c  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdate        C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11:07:28.0489 0x058c  dbupdate - ok
11:07:28.0511 0x058c  [ A1F58FFF448E4099297D6EE0641D4D0E, 47839789332AAF8861F7731BF2D3FBB5E0991EA0D0B457BB4C8C1784F76C73DC ] dbupdatem       C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe
11:07:28.0552 0x058c  dbupdatem - ok
11:07:28.0562 0x058c  dbx - ok
11:07:28.0580 0x058c  [ F0A3CA65871C39CB5BE6475A139536DD, 4715426A4F5AAA27BBC359D8F810005613A26A31439CC4C59C98E7220308238D ] DbxSvc          C:\Windows\system32\DbxSvc.exe
11:07:28.0613 0x058c  DbxSvc - ok
11:07:28.0670 0x058c  [ 5E9F8D029D9B03110D835CBFC058068B, 038FDF99C643C8102026BA26A75899A56E91AD0C239DF71AA5443FD35C718C78 ] DcomLaunch      C:\Windows\system32\rpcss.dll
11:07:28.0743 0x058c  DcomLaunch - ok
11:07:28.0781 0x058c  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
11:07:28.0909 0x058c  defragsvc - ok
11:07:28.0929 0x058c  [ 9B38580063D281A99E68EF5813022A5F, D91676B0E0A8E2A090E3E5DD340ABCFC20AE0F55B4C82869D6CFB34239BD27DA ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
11:07:29.0011 0x058c  DfsC - ok
11:07:29.0051 0x058c  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp