Page 1 of 2 12 LastLast
Results 1 to 10 of 19
  1. #1
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default Computer is slowing down

    Hey all. Been a while. My computer still starts up fine and fast. But it's having trouble loading webpages. I'm seeing slow scroll results, and it can't play gifs and other media files that show up on my page (fB and tumblr) without being jerky.

    I'm up to date on all my virus scans, and it says my plug ins are all up to date...I just took the back off and blew out some dust, but not a lot. I do sit with my laptop on my lap, but I make sure the 'breathing' vent, is always off to the side, so it can pull in cool air. This is a four, going on five year old Toshiba Satellite, is it maybe just time for a new laptop? I can't run minecraft anymore either, it just can't load it. Any other ideas I can try? I'm loathe to go out and drop another 900 dollars on a new laptop with a higher processor. This laptop has been a beast and I'd be sorry to see it go. Any help would be great! Thanks!

    I have Ccleaner and run it ALL the time. I clear my history every time I get offline. I ran defrag and disk cleanup. I've disabled a lot of background programs...thanks in advance!

  2. #2
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hello,

    Lets run a diagnostics scan and see what it looks like. You must download this to the desktop.

    Please download Farbar Recovery Scan Tool and save it to your Desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.

  3. #3
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    FIRST Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 17-12-2014
    Ran by Hiddendemon666 (administrator) on GLENN on 17-12-2014 17:55:02
    Running from C:\Users\Hiddendemon666\Downloads
    Loaded Profile: Hiddendemon666 (Available profiles: Hiddendemon666)
    Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 9
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgrsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgcsrva.exe
    (Microsoft Corporation) C:\Windows\System32\wlanext.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Memeo) C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgnsa.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgemca.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    (Memeo) C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    () C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe
    (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
    (TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\TecoService.exe
    (AVG Secure Search) C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
    (Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    (Microsoft Corporation) C:\Windows\System32\alg.exe
    (Microsoft Corporation) C:\Windows\System32\rundll32.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
    (TOSHIBA Corporation) C:\Windows\System32\ThpSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TECO\Teco.exe
    (Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    (TOSHIBA CORPORATION) C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
    (Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
    () C:\Program Files (x86)\AVG Secure Search\vprot.exe
    (AVG Technologies CZ, s.r.o.) C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
    (Intel Corporation) C:\Windows\System32\igfxext.exe
    (Intel Corporation) C:\Windows\System32\igfxsrvc.exe
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    (Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe
    (TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Farbar) C:\Users\Hiddendemon666\Downloads\FRST64(1).exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [] => [X]
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [10134560 2010-03-22] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [896032 2010-03-22] (Realtek Semiconductor)
    HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2052392 2010-03-10] (Synaptics Incorporated)
    HKLM\...\Run: [ThpSrv] => C:\windows\system32\thpsrv /logon
    HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [505696 2009-11-05] (TOSHIBA Corporation)
    HKLM\...\Run: [HSON] => C:\Program Files\TOSHIBA\TBS\HSON.exe [52600 2009-03-09] (TOSHIBA Corporation)
    HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
    HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [913720 2010-03-25] (TOSHIBA Corporation)
    HKLM\...\Run: [Teco] => C:\Program Files\TOSHIBA\TECO\Teco.exe [1489760 2010-04-06] (TOSHIBA Corporation)
    HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [705368 2010-02-23] (TOSHIBA Corporation)
    HKLM\...\Run: [IntelWireless] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [1926928 2010-01-19] (Intel(R) Corporation)
    HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
    HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-03-19] (TOSHIBA Corporation)
    HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [35672 2010-03-03] (TOSHIBA Corporation)
    HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
    HKLM-x32\...\Run: [KeNotify] => C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe [34160 2009-12-25] (TOSHIBA CORPORATION)
    HKLM-x32\...\Run: [HWSetup] => C:\Program Files\TOSHIBA\Utilities\HWSetup.exe [423936 2010-03-04] (TOSHIBA Electronics, Inc.)
    HKLM-x32\...\Run: [SVPWUTIL] => C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe [352256 2010-02-22] (TOSHIBA CORPORATION)
    HKLM-x32\...\Run: [TSleepSrv] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe [252728 2010-03-17] (TOSHIBA)
    HKLM-x32\...\Run: [vProt] => C:\Program Files (x86)\AVG Secure Search\vprot.exe [2640408 2014-08-26] ()
    HKLM-x32\...\Run: [AVG_UI] => C:\Program Files (x86)\AVG\AVG2015\avgui.exe [3653136 2014-11-09] (AVG Technologies CZ, s.r.o.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [946352 2012-12-02] (Adobe Systems Incorporated)
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [2957040 2010-07-19] (SUPERAntiSpyware.com)
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...\MountPoints2: {2f6d1888-95a7-11df-8107-705ab6c622e0} - E:\LaunchU3.exe -a
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...\Winlogon: [Shell]
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...409d6c4515e9\InprocServer32: [Default-shell32] C:\$Recycle.Bin\S-1-5-21-3092100664-2491022899-479283734-1000\$c236b97c3fcc86bc309d418570865fa5\n. ATTENTION! ====> ZeroAccess?
    HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\windows\System32\SPReview\SPReview.exe [301568 2014-12-17] (Microsoft Corporation)

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = Google
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\Software\Microsoft\Internet Explorer\Main,Start Page = Google
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = Google
    StartMenuInternet: IEXPLORE.EXE - C:\Program Files (x86)\Internet Explorer\iexplore.exe
    SearchScopes: HKLM -> DefaultScope {FB6C0C18-6317-4948-A327-191E364D6F6B} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM -> {FB6C0C18-6317-4948-A327-191E364D6F6B} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKLM-x32 -> DefaultScope {DB87984A-8B16-4486-90FC-9C987E311AB6} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {DB87984A-8B16-4486-90FC-9C987E311AB6} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> DefaultScope {DB87984A-8B16-4486-90FC-9C987E311AB6} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS389
    SearchScopes: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> {95B7759C-8C7F-4BF1-B163-73684A933233} URL = http://isearch.avg.com/search?cid={5541CE1C-0729-451E-960D-908A1E0D8DB9}&mid=f34ee44920a647d6a11ea113f022cb13-974a745a63313276e2cebbcbb4e040f305ef5aa1&lang=en&ds=AVG&pr=fr&d=2011-09-27 11:42:04&v=9.0.0.18&sap=dsp&q={searchTerms}
    SearchScopes: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> {B8B3A7A5-D246-4F15-AB03-6B706AF0FBAB} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA
    SearchScopes: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> {DB87984A-8B16-4486-90FC-9C987E311AB6} URL = http://www.google.com/search?sourceid=ie7&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNA_enUS389
    BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
    BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
    BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
    BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
    BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\JAVA\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll No File
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\JAVA\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll (TOSHIBA Corporation)
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll No File
    Toolbar: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Handler-x32: viprotocol - {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\18.1.9\ViProtocol.dll (AVG Secure Search)
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.216

    FireFox:
    ========
    FF ProfilePath: C:\Users\Hiddendemon666\AppData\Roaming\Mozilla\Firefox\Profiles\3sk6a3c7.default
    FF DefaultSearchEngine: Google
    FF Homepage: hxxp://www.google.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_16_0_0_235.dll ()
    FF Plugin: @microsoft.com/GENUINE -> disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_16_0_0_235.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
    FF Plugin-x32: @java.com/DTPlugin,version=10.9.2 -> C:\windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.9.2 -> C:\Program Files (x86)\JAVA\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin6.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin7.dll (Apple Inc.)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\avg-secure-search.xml
    FF Extension: Test Pilot - C:\Users\Hiddendemon666\AppData\Roaming\Mozilla\Firefox\Profiles\3sk6a3c7.default\Extensions\testpilot@labs.mozilla.com.xpi [2012-10-16]
    FF HKLM-x32\...\Firefox\Extensions: [avg@igeared] - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared
    FF Extension: AVG Security Toolbar - C:\Program Files (x86)\AVG\AVG10\Toolbar\Firefox\avg@igeared [2011-09-16]
    FF HKLM-x32\...\Firefox\Extensions: [avg@toolbar] - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799
    FF Extension: AVG Security Toolbar - C:\ProgramData\AVG Secure Search\FireFoxExt\18.1.9.799 [2014-08-26]
    FF HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Hiddendemon666\AppData\Roaming\IDM\idmmzcc5

    Chrome:
    =======

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [128752 2010-06-29] (SUPERAntiSpyware.com) [File not signed]
    S3 AVG Security Toolbar Service; C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe [947528 2011-03-18] ()
    R2 AVGIDSAgent; C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe [3488784 2014-11-09] (AVG Technologies CZ, s.r.o.)
    R2 avgwd; C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe [298080 2014-11-09] (AVG Technologies CZ, s.r.o.)
    S3 IDriverT; C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [69632 2005-04-03] (Macrovision Corporation) [File not signed]
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [315664 2010-01-19] ()
    R2 taisregispinger; C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe [297344 2009-08-13] ()
    R2 vToolbarUpdater18.1.9; C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe [1820184 2014-08-11] (AVG Secure Search)
    S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [263960 2014-10-29] (AVG Technologies CZ, s.r.o.)
    R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [243480 2014-08-28] (AVG Technologies CZ, s.r.o.)
    R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [313624 2014-07-18] (AVG Technologies CZ, s.r.o.)
    R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [124184 2014-10-05] (AVG Technologies CZ, s.r.o.)
    R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-18] (AVG Technologies CZ, s.r.o.)
    R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [274200 2014-10-10] (AVG Technologies CZ, s.r.o.)
    R1 avgtp; C:\windows\system32\drivers\avgtpx64.sys [50976 2014-08-11] (AVG Technologies)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14920 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12360 2010-02-17] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 WINFLASH64; C:\Program Files (x86)\UEFI WinFlash\WinFlash64.sys [19000 2009-11-23] ()

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-17 17:55 - 2014-12-17 17:56 - 00021705 _____ () C:\Users\Hiddendemon666\Downloads\FRST.txt
    2014-12-17 17:54 - 2014-12-17 17:54 - 02121216 _____ (Farbar) C:\Users\Hiddendemon666\Downloads\FRST64(1).exe
    2014-12-17 17:54 - 2014-12-17 17:54 - 01113600 _____ (Farbar) C:\Users\Hiddendemon666\Downloads\FRST.exe
    2014-12-17 17:41 - 2014-05-14 08:23 - 02477536 _____ (Microsoft Corporation) C:\windows\system32\wuaueng.dll
    2014-12-17 17:41 - 2014-05-14 08:23 - 00058336 _____ (Microsoft Corporation) C:\windows\system32\wuauclt.exe
    2014-12-17 17:41 - 2014-05-14 08:23 - 00044512 _____ (Microsoft Corporation) C:\windows\system32\wups2.dll
    2014-12-17 17:41 - 2014-05-14 08:21 - 02620928 _____ (Microsoft Corporation) C:\windows\system32\wucltux.dll
    2014-12-17 17:39 - 2014-05-14 09:23 - 00198600 _____ (Microsoft Corporation) C:\windows\system32\wuwebv.dll
    2014-12-17 17:39 - 2014-05-14 09:23 - 00179656 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuwebv.dll
    2014-12-17 17:39 - 2014-05-14 09:20 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\wuapp.exe
    2014-12-17 17:39 - 2014-05-14 09:17 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapp.exe
    2014-12-17 07:03 - 2014-12-17 07:03 - 00000000 ____D () C:\windows\system32\SPReview
    2014-12-17 07:00 - 2014-12-17 07:00 - 00000000 ____D () C:\windows\system32\EventProviders
    2014-12-16 17:58 - 2010-11-04 17:57 - 01942856 _____ (Microsoft Corporation) C:\windows\system32\dfshim.dll
    2014-12-16 17:58 - 2010-11-04 17:57 - 00048976 _____ (Microsoft Corporation) C:\windows\system32\netfxperf.dll
    2014-12-16 17:57 - 2010-11-20 05:39 - 05066752 _____ (Microsoft Corporation) C:\windows\system32\AuthFWSnapin.dll
    2014-12-16 17:57 - 2010-11-20 05:34 - 00215936 _____ (Microsoft Corporation) C:\windows\system32\Drivers\vhdmp.sys
    2014-12-16 17:57 - 2010-11-20 05:33 - 00982912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgkrnl.sys
    2014-12-16 17:57 - 2010-11-20 05:33 - 00951680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndis.sys
    2014-12-16 17:57 - 2010-11-20 05:33 - 00299392 _____ (Microsoft Corporation) C:\windows\system32\mcupdate_GenuineIntel.dll
    2014-12-16 17:57 - 2010-11-20 05:33 - 00273792 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msiscsi.sys
    2014-12-16 17:57 - 2010-11-20 05:27 - 14633472 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 03860992 _____ (Microsoft Corporation) C:\windows\system32\UIRibbon.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 03650560 _____ (Microsoft Corporation) C:\windows\system32\MSVidCtl.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 03027968 _____ (Microsoft Corporation) C:\windows\system32\WMVCORE.DLL
    2014-12-16 17:57 - 2010-11-20 05:27 - 03008000 _____ (Microsoft Corporation) C:\windows\system32\xpsservices.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02652160 _____ (Microsoft Corporation) C:\windows\system32\netshell.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02543616 _____ (Microsoft Corporation) C:\windows\system32\wpdshext.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02086912 _____ (Microsoft Corporation) C:\windows\system32\ole32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02055680 _____ (Microsoft Corporation) C:\windows\system32\Query.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 02018304 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01900544 _____ (Microsoft Corporation) C:\windows\system32\setupapi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01888256 _____ (Microsoft Corporation) C:\windows\system32\WMVDECOD.DLL
    2014-12-16 17:57 - 2010-11-20 05:27 - 01808384 _____ (Microsoft Corporation) C:\windows\system32\pnidui.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01753088 _____ (Microsoft Corporation) C:\windows\system32\vssapi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01743360 _____ (Microsoft Corporation) C:\windows\system32\sysmain.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01646080 _____ (Microsoft Corporation) C:\windows\system32\wevtsvc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01556992 _____ (Microsoft Corporation) C:\windows\system32\RacEngn.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01509888 _____ (Microsoft Corporation) C:\windows\system32\msdtctm.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01326080 _____ (Microsoft Corporation) C:\windows\system32\NaturalLanguage6.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01281024 _____ (Microsoft Corporation) C:\windows\system32\werconcpl.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01219584 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01212416 _____ (Microsoft Corporation) C:\windows\system32\propsys.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01197056 _____ (Microsoft Corporation) C:\windows\system32\taskschd.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01190400 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01158656 _____ (Microsoft Corporation) C:\windows\system32\webservices.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01110016 _____ (Microsoft Corporation) C:\windows\system32\schedsvc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01098240 _____ (Microsoft Corporation) C:\windows\system32\Vault.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 01008128 _____ (Microsoft Corporation) C:\windows\system32\user32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00867840 _____ (Microsoft Corporation) C:\windows\system32\SearchFolder.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00849920 _____ (Microsoft Corporation) C:\windows\system32\qmgr.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00758784 _____ (Microsoft Corporation) C:\windows\system32\samsrv.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00758272 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceApi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00750080 _____ (Microsoft Corporation) C:\windows\system32\TSWorkspace.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00720896 _____ (Microsoft Corporation) C:\windows\system32\odbc32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00695808 _____ (Microsoft Corporation) C:\windows\system32\netlogon.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00582656 _____ (Microsoft Corporation) C:\windows\system32\sxs.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00577536 _____ (Microsoft Corporation) C:\windows\system32\WSDApi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00519680 _____ (Microsoft Corporation) C:\windows\system32\netcfgx.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00512000 _____ (Microsoft Corporation) C:\windows\system32\rpcss.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00488448 _____ (Microsoft Corporation) C:\windows\system32\secproc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00485888 _____ (Microsoft Corporation) C:\windows\system32\secproc_isv.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00481280 _____ (Microsoft Corporation) C:\windows\system32\wmpps.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00476160 _____ (Microsoft Corporation) C:\windows\system32\QAGENTRT.DLL
    2014-12-16 17:57 - 2010-11-20 05:27 - 00473600 _____ (Microsoft Corporation) C:\windows\system32\taskcomp.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\msdrm.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00448512 _____ (Microsoft Corporation) C:\windows\system32\shlwapi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00444416 _____ (Microsoft Corporation) C:\windows\system32\winhttp.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00326144 _____ (Microsoft Corporation) C:\windows\system32\mswsock.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00312832 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00312320 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\nlasvc.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00299520 _____ (Microsoft Corporation) C:\windows\system32\tsmf.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00297984 _____ (Microsoft Corporation) C:\windows\system32\ws2_32.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00266240 _____ (Microsoft Corporation) C:\windows\system32\QAGENT.DLL
    2014-12-16 17:57 - 2010-11-20 05:27 - 00263168 _____ (Microsoft Corporation) C:\windows\system32\spwizui.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00258560 _____ (Microsoft Corporation) C:\windows\system32\WebClnt.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\ncsi.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\scavengeui.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\SessEnv.dll
    2014-12-16 17:57 - 2010-11-20 05:27 - 00012288 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyExtension.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 04120064 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 03391488 _____ (Microsoft Corporation) C:\windows\system32\dbgeng.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 03205120 _____ (Microsoft Corporation) C:\windows\system32\mmcndmgr.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 02067456 _____ (Microsoft Corporation) C:\windows\system32\d3d9.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01866240 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01838080 _____ (Microsoft Corporation) C:\windows\system32\d3d10warp.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01632256 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01340416 _____ (Microsoft Corporation) C:\windows\system32\diagperf.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01244160 _____ (Microsoft Corporation) C:\windows\system32\imapi2fs.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 01137664 _____ (Microsoft Corporation) C:\windows\system32\FntCache.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00853504 _____ (Microsoft Corporation) C:\windows\system32\IKEEXT.DLL
    2014-12-16 17:57 - 2010-11-20 05:26 - 00828416 _____ (Microsoft Corporation) C:\windows\system32\MPSSVC.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00787968 _____ (Microsoft Corporation) C:\windows\system32\d3d11.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00777728 _____ (Microsoft Corporation) C:\windows\system32\gpsvc.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00658944 _____ (Microsoft Corporation) C:\windows\system32\dxgi.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\ipsmsnap.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00381440 _____ (Microsoft Corporation) C:\windows\system32\mfds.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00317952 _____ (Microsoft Corporation) C:\windows\system32\dhcpcore.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00295936 _____ (Microsoft Corporation) C:\windows\system32\framedynos.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00281600 _____ (Microsoft) C:\windows\system32\DShowRdpFilter.dll
    2014-12-16 17:57 - 2010-11-20 05:26 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\hgprint.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 03957760 _____ (Microsoft Corporation) C:\windows\system32\WinSAT.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 01975296 _____ (Microsoft Corporation) C:\windows\system32\CertEnroll.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 01927680 _____ (Microsoft Corporation) C:\windows\system32\authui.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 01796096 _____ (Microsoft Corporation) C:\windows\system32\certmgr.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 01600512 _____ (Microsoft Corporation) C:\windows\system32\VSSVC.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 01504256 _____ (Microsoft Corporation) C:\windows\system32\wbengine.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 01116672 _____ (Microsoft Corporation) C:\windows\system32\mstsc.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00958464 _____ (Microsoft Corporation) C:\windows\system32\actxprxy.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00902144 _____ (Microsoft Corporation) C:\windows\system32\d2d1.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00897536 _____ (Microsoft Corporation) C:\windows\system32\azroles.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00705024 _____ (Microsoft Corporation) C:\windows\system32\BFE.DLL
    2014-12-16 17:57 - 2010-11-20 05:25 - 00679424 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00598016 _____ (Microsoft Corporation) C:\windows\system32\spinstall.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00594432 _____ (Microsoft Corporation) C:\windows\system32\comdlg32.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00464384 _____ (Microsoft Corporation) C:\windows\system32\taskeng.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00390656 _____ (Microsoft Corporation) C:\windows\system32\winlogon.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00362496 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_isv.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00359424 _____ (Microsoft Corporation) C:\windows\system32\RMActivate.exe
    2014-12-16 17:57 - 2010-11-20 05:25 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\apphelp.dll
    2014-12-16 17:57 - 2010-11-20 05:25 - 00301568 _____ (Microsoft Corporation) C:\windows\system32\spreview.exe
    2014-12-16 17:57 - 2010-11-20 05:24 - 00653312 _____ (Microsoft Corporation) C:\windows\system32\lpksetup.exe
    2014-12-16 17:57 - 2010-11-20 05:24 - 00345088 _____ (Microsoft Corporation) C:\windows\system32\cmd.exe
    2014-12-16 17:57 - 2010-11-20 05:24 - 00343040 _____ (Microsoft Corporation) C:\windows\system32\lsm.exe
    2014-12-16 17:57 - 2010-11-20 05:24 - 00272896 _____ (Microsoft Corporation) C:\windows\system32\mcbuilder.exe
    2014-12-16 17:57 - 2010-11-20 04:32 - 05066752 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuthFWSnapin.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 11410432 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01667584 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupapi.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01619456 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVDECOD.DLL
    2014-12-16 17:57 - 2010-11-20 04:21 - 01363456 _____ (Microsoft Corporation) C:\windows\SysWOW64\Query.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01175040 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01128448 _____ (Microsoft Corporation) C:\windows\SysWOW64\vssapi.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01115136 _____ (Microsoft Corporation) C:\windows\SysWOW64\RacEngn.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 01010688 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00646144 _____ (Microsoft Corporation) C:\windows\SysWOW64\SearchFolder.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00597504 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSWorkspace.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00505856 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskschd.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00423936 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_isv.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00381440 _____ (Microsoft Corporation) C:\windows\SysWOW64\wer.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00351232 _____ (Microsoft Corporation) C:\windows\SysWOW64\winhttp.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00270848 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsmf.dll
    2014-12-16 17:57 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\upnp.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 01414144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ole32.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 00573440 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbc32.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 00563712 _____ (Microsoft Corporation) C:\windows\SysWOW64\netlogon.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc.dll
    2014-12-16 17:57 - 2010-11-20 04:20 - 00406528 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcfgx.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 03207680 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 02291712 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSVidCtl.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 02151936 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmcndmgr.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 01493504 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 00954752 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc40.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 00954288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc40u.dll
    2014-12-16 17:57 - 2010-11-20 04:19 - 00257024 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 02522624 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbgeng.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 01828352 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d9.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 01371136 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 01334272 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertEnroll.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 01171456 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d10warp.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00739840 _____ (Microsoft Corporation) C:\windows\SysWOW64\d2d1.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00640512 _____ (Microsoft Corporation) C:\windows\SysWOW64\advapi32.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00522752 _____ (Microsoft Corporation) C:\windows\SysWOW64\d3d11.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00342016 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00295936 _____ (Microsoft Corporation) C:\windows\SysWOW64\apphelp.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00252928 _____ (Microsoft) C:\windows\SysWOW64\DShowRdpFilter.dll
    2014-12-16 17:57 - 2010-11-20 04:18 - 00091136 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3api.dll
    2014-12-16 17:57 - 2010-11-20 04:17 - 01049600 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstsc.exe
    2014-12-16 17:57 - 2010-11-20 04:17 - 00327168 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_isv.exe
    2014-12-16 17:57 - 2010-11-20 04:17 - 00322048 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate.exe
    2014-12-16 17:57 - 2010-11-20 03:07 - 00059392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\TsUsbFlt.sys
    2014-12-16 17:57 - 2010-11-20 03:05 - 00274944 _____ (Microsoft Corporation) C:\windows\system32\rdpdd.dll
    2014-12-16 17:57 - 2010-11-20 01:25 - 00753664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\http.sys
    2014-12-16 17:57 - 2010-11-20 01:23 - 00261632 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netbt.sys
    2014-12-16 17:57 - 2010-11-20 01:21 - 00119296 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdx.sys
    2014-12-16 17:57 - 2010-11-04 18:20 - 00347904 _____ () C:\windows\system32\systemsf.ebd
    2014-12-16 17:57 - 2010-11-04 17:58 - 01130824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfshim.dll
    2014-12-16 17:57 - 2010-11-04 17:58 - 00297808 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscoree.dll
    2014-12-16 17:57 - 2010-11-04 17:58 - 00049488 _____ (Microsoft Corporation) C:\windows\SysWOW64\netfxperf.dll
    2014-12-16 17:57 - 2010-11-04 17:57 - 00444752 _____ (Microsoft Corporation) C:\windows\system32\mscoree.dll
    2014-12-16 17:57 - 2010-11-04 17:53 - 00320352 _____ (Microsoft Corporation) C:\windows\system32\PresentationHost.exe
    2014-12-16 17:57 - 2010-11-04 17:53 - 00295264 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationHost.exe
    2014-12-16 17:57 - 2010-11-04 17:53 - 00109928 _____ (Microsoft Corporation) C:\windows\system32\PresentationHostProxy.dll
    2014-12-16 17:57 - 2010-11-04 17:53 - 00099176 _____ (Microsoft Corporation) C:\windows\SysWOW64\PresentationHostProxy.dll
    2014-12-16 17:57 - 2009-07-13 17:16 - 00061440 _____ (Microsoft Corporation) C:\windows\SysWOW64\tcpmonui.dll
    2014-12-16 17:56 - 2010-11-20 05:44 - 01077248 _____ (Microsoft Corporation) C:\windows\system32\Narrator.exe
    2014-12-16 17:56 - 2010-11-20 05:44 - 00133632 _____ (Microsoft Corporation) C:\windows\system32\NAPHLPR.DLL
    2014-12-16 17:56 - 2010-11-20 05:34 - 00363392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgrx.sys
    2014-12-16 17:56 - 2010-11-20 05:34 - 00295808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volsnap.sys
    2014-12-16 17:56 - 2010-11-20 05:34 - 00071552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\volmgr.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00366976 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msrpc.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00289664 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fltMgr.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00263040 _____ (Microsoft Corporation) C:\windows\system32\hal.dll
    2014-12-16 17:56 - 2010-11-20 05:33 - 00213888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdyboost.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00184704 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pci.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00171392 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scsiport.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00155008 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpio.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00140672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msdsm.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00103808 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sbp2port.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00094592 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00078720 _____ (Hewlett-Packard Company) C:\windows\system32\Drivers\HpSAMD.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00063360 _____ (Microsoft Corporation) C:\windows\system32\Drivers\termdd.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00031104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\msahci.sys
    2014-12-16 17:56 - 2010-11-20 05:33 - 00014720 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hwpolicy.sys
    2014-12-16 17:56 - 2010-11-20 05:32 - 02217856 _____ (Microsoft Corporation) C:\windows\system32\bootres.dll
    2014-12-16 17:56 - 2010-11-20 05:32 - 00334208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpi.sys
    2014-12-16 17:56 - 2010-11-20 05:32 - 00179072 _____ (Microsoft Corporation) C:\windows\system32\Drivers\Classpnp.sys
    2014-12-16 17:56 - 2010-11-20 05:32 - 00155520 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ataport.sys
    2014-12-16 17:56 - 2010-11-20 05:32 - 00112000 _____ (Microsoft Corporation) C:\windows\system32\consent.exe
    2014-12-16 17:56 - 2010-11-20 05:29 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\fveapi.dll
    2014-12-16 17:56 - 2010-11-20 05:28 - 00780008 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
    2014-12-16 17:56 - 2010-11-20 05:28 - 00298104 _____ (Microsoft Corporation) C:\windows\system32\bcryptprimitives.dll
    2014-12-16 17:56 - 2010-11-20 05:28 - 00166784 _____ (Microsoft Corporation) C:\windows\system32\basecsp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02851840 _____ (Microsoft Corporation) C:\windows\system32\themeui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02262528 _____ (Microsoft Corporation) C:\windows\system32\SyncCenter.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02250752 _____ (Microsoft Corporation) C:\windows\system32\SensorsCpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02193920 _____ (Microsoft Corporation) C:\windows\system32\themecpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02146816 _____ (Microsoft Corporation) C:\windows\system32\networkmap.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 02072576 _____ (Microsoft Corporation) C:\windows\system32\WMPEncEn.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01689600 _____ (Microsoft Corporation) C:\windows\system32\netcenter.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01672704 _____ (Microsoft Corporation) C:\windows\system32\networkexplorer.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01441280 _____ (Microsoft Corporation) C:\windows\system32\wlanpref.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01389056 _____ (Microsoft Corporation) C:\windows\system32\pla.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01363968 _____ (Microsoft Corporation) C:\windows\system32\wdc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01243136 _____ (Microsoft Corporation) C:\windows\system32\WMNetMgr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01160192 _____ (Microsoft Corporation) C:\windows\system32\MSMPEG2ENC.DLL
    2014-12-16 17:56 - 2010-11-20 05:27 - 01120768 _____ (Microsoft Corporation) C:\windows\system32\sdengin2.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01082880 _____ (Microsoft Corporation) C:\windows\system32\sppobjs.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01050624 _____ (Microsoft Corporation) C:\windows\system32\printui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 01024512 _____ (Microsoft Corporation) C:\windows\system32\wmpmde.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00933888 _____ (Microsoft Corporation) C:\windows\system32\sqlsrv32.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00898560 _____ (Microsoft Corporation) C:\windows\system32\OobeFldr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00812032 _____ (Microsoft Corporation) C:\windows\system32\wpccpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00799744 _____ (Microsoft Corporation) C:\windows\system32\msftedit.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00781312 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00769536 _____ (Microsoft Corporation) C:\windows\system32\sud.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00762368 _____ (Microsoft Corporation) C:\windows\system32\sdcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00691200 _____ (Microsoft Corporation) C:\windows\system32\VAN.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00658432 _____ (Microsoft Corporation) C:\windows\system32\PerfCenterCPL.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00633344 _____ (Microsoft Corporation) C:\windows\system32\riched20.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\usercpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00625664 _____ (Microsoft Corporation) C:\windows\system32\mscms.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00624128 _____ (Microsoft Corporation) C:\windows\system32\qedit.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00611840 _____ (Microsoft Corporation) C:\windows\system32\wpd_ci.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00605696 _____ (Microsoft Corporation) C:\windows\system32\wmpeffects.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\wiaservc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00571904 _____ (Microsoft Corporation) C:\windows\system32\mspbda.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00552960 _____ (Microsoft Corporation) C:\windows\system32\msdri.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\WinSATAPI.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00486400 _____ (Microsoft Corporation) C:\windows\system32\powercpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00483840 _____ (Microsoft Corporation) C:\windows\system32\StructuredQuery.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00475136 _____ (Microsoft Corporation) C:\windows\system32\wlangpui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00462336 _____ (Microsoft Corporation) C:\windows\system32\wiadefui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00455168 _____ (Microsoft Corporation) C:\windows\system32\nshipsec.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00451072 _____ (Microsoft Corporation) C:\windows\system32\shwebsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00446976 _____ (Microsoft Corporation) C:\windows\system32\sqlcese30.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00445952 _____ (Microsoft Corporation) C:\windows\system32\spwizeng.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00429568 _____ (Microsoft Corporation) C:\windows\system32\puiobj.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\rastls.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00421888 _____ (Microsoft Corporation) C:\windows\system32\termmgr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00419840 _____ (Microsoft Corporation) C:\windows\system32\systemcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00418816 _____ (Microsoft Corporation) C:\windows\system32\sppwinob.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00416256 _____ (Microsoft Corporation) C:\windows\system32\prnfldr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00414720 _____ (Microsoft Corporation) C:\windows\system32\wlanmsm.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00414208 _____ (Microsoft Corporation) C:\windows\system32\wlanui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00409600 _____ (Microsoft Corporation) C:\windows\system32\photowiz.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00406016 _____ (Microsoft Corporation) C:\windows\system32\scesrv.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\untfs.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00372736 _____ (Microsoft Corporation) C:\windows\system32\mtxclu.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00370688 _____ (Microsoft Corporation) C:\windows\system32\shsvcs.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00367104 _____ (Microsoft Corporation) C:\windows\system32\wcncsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00366080 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00357888 _____ (Microsoft Corporation) C:\windows\system32\sharemediacpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00344576 _____ (Microsoft Corporation) C:\windows\system32\ntprint.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00344064 _____ (Microsoft Corporation) C:\windows\system32\rasmans.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00340992 _____ (Microsoft Corporation) C:\windows\system32\srchadmin.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00335360 _____ (Microsoft Corporation) C:\windows\system32\msieftp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00324096 _____ (Microsoft Corporation) C:\windows\system32\netdiagfx.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\tapisrv.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00313856 _____ (Microsoft Corporation) C:\windows\system32\ReAgent.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\scansetting.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00300032 _____ (Microsoft Corporation) C:\windows\system32\pdh.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00270848 _____ (Microsoft Corporation) C:\windows\system32\srrstr.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00268288 _____ (Microsoft Corporation) C:\windows\system32\MSAC3ENC.DLL
    2014-12-16 17:56 - 2010-11-20 05:27 - 00264192 _____ (Microsoft Corporation) C:\windows\system32\upnp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00263168 _____ (Microsoft Corporation) C:\windows\system32\vpnike.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\stobject.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00255488 _____ (Microsoft Corporation) C:\windows\system32\wavemsp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00253440 _____ (Microsoft Corporation) C:\windows\system32\tcpipcfg.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00244224 _____ (Microsoft Corporation) C:\windows\system32\spp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\taskbarcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00236032 _____ (Microsoft Corporation) C:\windows\system32\srvsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00235520 _____ (Microsoft Corporation) C:\windows\system32\onex.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00235008 _____ (Microsoft Corporation) C:\windows\system32\winsta.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00232960 _____ (Microsoft Corporation) C:\windows\system32\scecli.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\sppcomapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\XpsRasterService.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\SndVolSSO.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\wmpsrcwp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00223232 _____ (Microsoft Corporation) C:\windows\system32\QSHVHOST.DLL
    2014-12-16 17:56 - 2010-11-20 05:27 - 00222720 _____ (Microsoft Corporation) C:\windows\system32\wwanconn.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00221696 _____ (Microsoft Corporation) C:\windows\system32\OnLineIDCpl.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00217600 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\netiohlp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\rasppp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00207360 _____ (Microsoft Corporation) C:\windows\system32\sysclass.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00200192 _____ (Microsoft Corporation) C:\windows\system32\syncui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00196608 _____ (Microsoft Corporation) C:\windows\system32\shdocvw.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00193024 _____ (Microsoft Corporation) C:\windows\system32\netplwiz.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00189952 _____ (Microsoft Corporation) C:\windows\system32\SmartcardCredentialProvider.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00188928 _____ (Microsoft Corporation) C:\windows\system32\netjoin.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\rpchttp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\provsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00185856 _____ (Microsoft Corporation) C:\windows\system32\vdsutil.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00183808 _____ (Microsoft Corporation) C:\windows\system32\prncache.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\twext.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00170496 _____ (Microsoft Corporation) C:\windows\system32\sdrsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00165376 _____ (Microsoft Corporation) C:\windows\system32\netid.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00161792 _____ (Microsoft Corporation) C:\windows\system32\ocsetapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00156160 _____ (Microsoft Corporation) C:\windows\system32\prntvpt.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00154624 _____ (Microsoft Corporation) C:\windows\system32\uxlib.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00153088 _____ (Microsoft Corporation) C:\windows\system32\remotepg.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00148992 _____ (Microsoft Corporation) C:\windows\system32\t2embed.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\recovery.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\shsetup.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\ntlanman.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\srvcli.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00118784 _____ (Microsoft Corporation) C:\windows\system32\wkssvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00117248 _____ (Microsoft Corporation) C:\windows\system32\wpdbusenum.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00115200 _____ (Microsoft Corporation) C:\windows\system32\WPDShServiceObj.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\thumbcache.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\userenv.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00107520 _____ (Microsoft Corporation) C:\windows\system32\QUTIL.DLL
    2014-12-16 17:56 - 2010-11-20 05:27 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\sppnp.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\regapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00092672 _____ (Microsoft Corporation) C:\windows\system32\TabSvc.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00090112 _____ (Microsoft Corporation) C:\windows\system32\nci.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00086016 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00084480 _____ (Microsoft Corporation) C:\windows\system32\UserAccountControlSettings.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\wkscli.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\nlaapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\rdpd3d.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00067584 _____ (Microsoft Corporation) C:\windows\system32\samcli.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\ncryptui.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\RpcRtRemote.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\wscapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00052224 _____ (Microsoft Corporation) C:\windows\system32\rtutils.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\wwanprotdim.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00046592 _____ (Microsoft Corporation) C:\windows\system32\msasn1.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00040960 _____ (Microsoft Corporation) C:\windows\system32\TsUsbGDCoInstaller.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\vpnikeapi.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\msvidc32.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\sisbkup.dll
    2014-12-16 17:56 - 2010-11-20 05:27 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\slwga.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 01457664 _____ (Microsoft Corporation) C:\windows\system32\DxpTaskSync.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\DiagCpl.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 01066496 _____ (Microsoft Corporation) C:\windows\system32\Display.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 01009152 _____ (Microsoft Corporation) C:\windows\system32\mcmde.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00934912 _____ (Microsoft Corporation) C:\windows\system32\FirewallControlPanel.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00861184 _____ (Microsoft Corporation) C:\windows\system32\fontext.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00701440 _____ (Microsoft Corporation) C:\windows\system32\dsuiext.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00675328 _____ (Microsoft Corporation) C:\windows\system32\DXPTaskRingtone.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00630272 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00569344 _____ (Microsoft Corporation) C:\windows\system32\iphlpsvc.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00551936 _____ (Microsoft Corporation) C:\windows\system32\localsec.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00508928 _____ (Microsoft Corporation) C:\windows\system32\DeviceCenter.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00503296 _____ (Microsoft Corporation) C:\windows\system32\imapi2.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00501248 _____ (Microsoft Corporation) C:\windows\system32\IPSECSVC.DLL
    2014-12-16 17:56 - 2010-11-20 05:26 - 00495104 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00459776 _____ (Microsoft Corporation) C:\windows\system32\DXP.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00403968 _____ (Microsoft Corporation) C:\windows\system32\gdi32.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00355328 _____ (Microsoft Corporation) C:\windows\system32\Faultrep.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00348160 _____ (Microsoft Corporation) C:\windows\system32\eapp3hst.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00345600 _____ (Microsoft Corporation) C:\windows\system32\MediaMetadataHandler.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00332288 _____ (Microsoft Corporation) C:\windows\system32\hgcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00304128 _____ (Microsoft Corporation) C:\windows\system32\efscore.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00303616 _____ (Microsoft Corporation) C:\windows\system32\eapphost.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00282624 _____ (Microsoft Corporation) C:\windows\system32\iTVData.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00281088 _____ (Microsoft Corporation) C:\windows\system32\iprtrmgr.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00279552 _____ (Microsoft Corporation) C:\windows\system32\dxdiagn.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\framedyn.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\mfreadwrite.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00252416 _____ (Microsoft Corporation) C:\windows\system32\dot3svc.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00240640 _____ (Microsoft Corporation) C:\windows\system32\MFPlay.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00239616 _____ (Microsoft Corporation) C:\windows\system32\dskquoui.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00233984 _____ (Microsoft Corporation) C:\windows\system32\defaultlocationcpl.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\ListSvc.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00225280 _____ (Microsoft Corporation) C:\windows\system32\DevicePairingFolder.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00221184 _____ (Microsoft Corporation) C:\windows\system32\mprapi.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\iasrad.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00211456 _____ (Microsoft Corporation) C:\windows\system32\mprddm.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00186880 _____ (Microsoft Corporation) C:\windows\system32\logoncli.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00171520 _____ (Microsoft Corporation) C:\windows\system32\fde.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00166912 _____ (Microsoft Corporation) C:\windows\system32\inetpp.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00162816 _____ (Microsoft Corporation) C:\windows\system32\dps.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00145920 _____ (Microsoft Corporation) C:\windows\system32\IPHLPAPI.DLL
    2014-12-16 17:56 - 2010-11-20 05:26 - 00128512 _____ (Microsoft Corporation) C:\windows\system32\dwmredir.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00118272 _____ (Microsoft Corporation) C:\windows\system32\dnscmmc.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00116224 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\system32\fms.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\iasacct.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\davclnt.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\dot3api.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\hbaapi.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\fdeploy.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\dot3cfg.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00054272 _____ (Microsoft Corporation) C:\windows\system32\iyuv_32.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\lsmproxy.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\httpapi.dll
    2014-12-16 17:56 - 2010-11-20 05:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\mimefilt.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 03745792 _____ (Microsoft Corporation) C:\windows\system32\accessibilitycpl.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 03524608 _____ (Microsoft Corporation) C:\windows\system32\sppsvc.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 01264640 _____ (Microsoft Corporation) C:\windows\system32\sdclt.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 01065984 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00780800 _____ (Microsoft Corporation) C:\windows\system32\ActionCenter.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00749568 _____ (Microsoft Corporation) C:\windows\system32\batmeter.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\AuxiliaryDisplayCpl.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\comctl32.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00549888 _____ (Microsoft Corporation) C:\windows\system32\ActionCenterCPL.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00533504 _____ (Microsoft Corporation) C:\windows\system32\vds.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00504320 _____ (Microsoft Corporation) C:\windows\system32\biocpl.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00472064 _____ (Microsoft Corporation) C:\windows\system32\azroleui.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00460800 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00412160 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00405504 _____ (Microsoft Corporation) C:\windows\system32\wisptis.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00349696 _____ (Microsoft Corporation) C:\windows\system32\slui.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00314368 _____ (Microsoft Corporation) C:\windows\system32\clusapi.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00307200 _____ (Microsoft Corporation) C:\windows\system32\wusa.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00285696 _____ (Microsoft Corporation) C:\windows\system32\schtasks.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00279040 _____ (Microsoft Corporation) C:\windows\system32\sethc.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00273920 _____ (Microsoft Corporation) C:\windows\system32\SndVol.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00257024 _____ (Microsoft Corporation) C:\windows\system32\taskmgr.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00238080 _____ (Microsoft Corporation) C:\windows\system32\recdisc.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00197120 _____ (Microsoft Corporation) C:\windows\system32\credui.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00186368 _____ (Microsoft Corporation) C:\windows\system32\ocsetup.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00168448 _____ (Microsoft Corporation) C:\windows\system32\bcdsrv.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00155136 _____ (Microsoft Corporation) C:\windows\system32\autoplay.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00139264 _____ (Microsoft Corporation) C:\windows\system32\cabview.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00135680 _____ (Microsoft Corporation) C:\windows\system32\AuxiliaryDisplayServices.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00128000 _____ (Microsoft) C:\windows\system32\Robocopy.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\AxInstSv.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00109568 _____ (Microsoft Corporation) C:\windows\system32\nslookup.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00095232 _____ (Microsoft Corporation) C:\windows\system32\cca.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00094720 _____ (Microsoft Corporation) C:\windows\system32\cabinet.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\setupcl.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\asycfilt.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00080384 _____ (Microsoft Corporation) C:\windows\system32\certprop.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00070656 _____ (Microsoft Corporation) C:\windows\system32\appinfo.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\taskhost.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00058368 _____ (Microsoft Corporation) C:\windows\system32\tzutil.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\acppage.dll
    2014-12-16 17:56 - 2010-11-20 05:25 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\proquota.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\userinit.exe
    2014-12-16 17:56 - 2010-11-20 05:25 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2014-12-16 17:56 - 2010-11-20 05:24 - 00957440 _____ (Microsoft Corporation) C:\windows\system32\mblctr.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00850944 _____ (Microsoft Corporation) C:\windows\system32\mmsys.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00793088 _____ (Microsoft Corporation) C:\windows\system32\autoconv.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00777728 _____ (Microsoft Corporation) C:\windows\system32\autochk.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00763904 _____ (Microsoft Corporation) C:\windows\system32\autofmt.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00726528 _____ (Microsoft Corporation) C:\windows\system32\appwiz.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00721408 _____ (Microsoft Corporation) C:\windows\system32\bthprops.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00689152 _____ (Microsoft Corporation) C:\windows\system32\FXSSVC.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00684032 _____ (Microsoft Corporation) C:\windows\system32\TabletPC.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00606208 _____ (Microsoft Corporation) C:\windows\system32\dfrgui.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00477696 _____ (Microsoft Corporation) C:\windows\system32\PhotoScreensaver.scr
    2014-12-16 17:56 - 2010-11-20 05:24 - 00474112 _____ (Microsoft Corporation) C:\windows\system32\sysmon.ocx
    2014-12-16 17:56 - 2010-11-20 05:24 - 00442368 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
    2014-12-16 17:56 - 2010-11-20 05:24 - 00378880 _____ (Microsoft Corporation) C:\windows\system32\msinfo32.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00373248 _____ (Microsoft Corporation) C:\windows\system32\intl.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00359936 _____ (Microsoft Corporation) C:\windows\system32\eudcedit.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00352768 _____ (Microsoft Corporation) C:\windows\system32\sysdm.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00346112 _____ (Microsoft Corporation) C:\windows\system32\bcdedit.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00333824 _____ (Microsoft Corporation) C:\windows\system32\ssText3d.scr
    2014-12-16 17:56 - 2010-11-20 05:24 - 00321536 _____ (Microsoft Corporation) C:\windows\system32\unimdm.tsp
    2014-12-16 17:56 - 2010-11-20 05:24 - 00300032 _____ (Microsoft Corporation) C:\windows\system32\msconfig.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\ksproxy.ax
    2014-12-16 17:56 - 2010-11-20 05:24 - 00217088 _____ (Microsoft Corporation) C:\windows\system32\wdmaud.drv
    2014-12-16 17:56 - 2010-11-20 05:24 - 00196096 _____ (Microsoft Corporation) C:\windows\system32\VBICodec.ax
    2014-12-16 17:56 - 2010-11-20 05:24 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\bcdboot.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00173568 _____ (Microsoft Corporation) C:\windows\system32\powercfg.cpl
    2014-12-16 17:56 - 2010-11-20 05:24 - 00128000 _____ (Microsoft Corporation) C:\windows\system32\msiexec.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00122880 _____ (Microsoft Corporation) C:\windows\system32\aitagent.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00102912 _____ (Microsoft Corporation) C:\windows\system32\kstvtune.ax
    2014-12-16 17:56 - 2010-11-20 05:24 - 00098304 _____ (Microsoft Corporation) C:\windows\system32\WSTPager.ax
    2014-12-16 17:56 - 2010-11-20 05:24 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\isoburn.exe
    2014-12-16 17:56 - 2010-11-20 05:24 - 00066048 _____ (Microsoft Corporation) C:\windows\system32\ksxbar.ax
    2014-12-16 17:56 - 2010-11-20 04:55 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\cdd.dll
    2014-12-16 17:56 - 2010-11-20 04:51 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2014-12-16 17:56 - 2010-11-20 04:36 - 00107008 _____ (Microsoft Corporation) C:\windows\SysWOW64\NAPHLPR.DLL
    2014-12-16 17:56 - 2010-11-20 04:23 - 00144768 _____ (Microsoft Corporation) C:\windows\SysWOW64\basecsp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02983424 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbon.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02755072 _____ (Microsoft Corporation) C:\windows\SysWOW64\themeui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02311168 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdshext.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02202624 _____ (Microsoft Corporation) C:\windows\SysWOW64\SensorsCpl.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02157568 _____ (Microsoft Corporation) C:\windows\SysWOW64\themecpl.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 02146304 _____ (Microsoft Corporation) C:\windows\SysWOW64\SyncCenter.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01712640 _____ (Microsoft Corporation) C:\windows\SysWOW64\xpsservices.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01624064 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPEncEn.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01326592 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanpref.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01227776 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdc.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 01003008 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMNetMgr.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00933376 _____ (Microsoft Corporation) C:\windows\SysWOW64\Vault.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00782336 _____ (Microsoft Corporation) C:\windows\SysWOW64\webservices.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00778240 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqlsrv32.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00755200 _____ (Microsoft Corporation) C:\windows\SysWOW64\sud.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00738816 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpmde.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00638976 _____ (Microsoft Corporation) C:\windows\SysWOW64\VAN.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00600064 _____ (Microsoft Corporation) C:\windows\SysWOW64\usercpl.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00560128 _____ (Microsoft Corporation) C:\windows\SysWOW64\wuapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00473600 _____ (Microsoft Corporation) C:\windows\SysWOW64\riched20.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00458752 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSDApi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00428544 _____ (Microsoft Corporation) C:\windows\SysWOW64\shwebsvc.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00416768 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiadefui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00411648 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlangpui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00410624 _____ (Microsoft Corporation) C:\windows\SysWOW64\systemcpl.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00410112 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00380416 _____ (Microsoft Corporation) C:\windows\SysWOW64\sxs.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00372224 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastls.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00363520 _____ (Microsoft Corporation) C:\windows\SysWOW64\StructuredQuery.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\termmgr.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00352768 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwizeng.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00352256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpeffects.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00350208 _____ (Microsoft Corporation) C:\windows\SysWOW64\shlwapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00346624 _____ (Microsoft Corporation) C:\windows\SysWOW64\untfs.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00335872 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSATAPI.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00328192 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsvcs.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00307712 _____ (Microsoft Corporation) C:\windows\SysWOW64\scesrv.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00305152 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskcomp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\srchadmin.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00276992 _____ (Microsoft Corporation) C:\windows\SysWOW64\wcncsvc.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00269824 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00247808 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgent.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00246272 _____ (Microsoft Corporation) C:\windows\SysWOW64\scansetting.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00242176 _____ (Microsoft Corporation) C:\windows\SysWOW64\tapisrv.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00228352 _____ (Microsoft Corporation) C:\windows\SysWOW64\stobject.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00222208 _____ (Microsoft Corporation) C:\windows\SysWOW64\wavemsp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00220160 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVolSSO.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\ws2_32.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00204800 _____ (Microsoft Corporation) C:\windows\SysWOW64\WebClnt.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00194048 _____ (Microsoft Corporation) C:\windows\SysWOW64\winmm.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppcomapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00182272 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpsrcwp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00181760 _____ (Microsoft Corporation) C:\windows\SysWOW64\tcpipcfg.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00176640 _____ (Microsoft Corporation) C:\windows\SysWOW64\rasppp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\scecli.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00172544 _____ (Microsoft Corporation) C:\windows\SysWOW64\spp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00159232 _____ (Microsoft Corporation) C:\windows\SysWOW64\syncui.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00156672 _____ (Microsoft Corporation) C:\windows\SysWOW64\winsta.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\SmartcardCredentialProvider.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00139264 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpchttp.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00135168 _____ (Microsoft Corporation) C:\windows\SysWOW64\XpsRasterService.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00134656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00113664 _____ (Microsoft Corporation) C:\windows\SysWOW64\SessEnv.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00111104 _____ (Microsoft Corporation) C:\windows\SysWOW64\shsetup.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\t2embed.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\thumbcache.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00081920 _____ (Microsoft Corporation) C:\windows\SysWOW64\userenv.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00072192 _____ (Microsoft Corporation) C:\windows\SysWOW64\regapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wscapi.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\samcli.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\RpcRtRemote.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00037376 _____ (Microsoft Corporation) C:\windows\SysWOW64\rtutils.dll
    2014-12-16 17:56 - 2010-11-20 04:21 - 00019456 _____ (Microsoft Corporation) C:\windows\SysWOW64\sisbkup.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 02504192 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVCORE.DLL
    2014-12-16 17:56 - 2010-11-20 04:20 - 02494464 _____ (Microsoft Corporation) C:\windows\SysWOW64\netshell.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 02130944 _____ (Microsoft Corporation) C:\windows\SysWOW64\networkmap.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 01750528 _____ (Microsoft Corporation) C:\windows\SysWOW64\pnidui.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 01644032 _____ (Microsoft Corporation) C:\windows\SysWOW64\netcenter.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 01508864 _____ (Microsoft Corporation) C:\windows\SysWOW64\pla.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\propsys.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00932352 _____ (Microsoft Corporation) C:\windows\SysWOW64\printui.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00859648 _____ (Microsoft Corporation) C:\windows\SysWOW64\OobeFldr.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00801280 _____ (Microsoft Corporation) C:\windows\SysWOW64\NaturalLanguage6.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00656384 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshwfp.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00600576 _____ (Microsoft Corporation) C:\windows\SysWOW64\PerfCenterCPL.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00547840 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceApi.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00509440 _____ (Microsoft Corporation) C:\windows\SysWOW64\qedit.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00441856 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercpl.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00395264 _____ (Microsoft Corporation) C:\windows\SysWOW64\prnfldr.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00346112 _____ (Microsoft Corporation) C:\windows\SysWOW64\nshipsec.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00324608 _____ (Microsoft Corporation) C:\windows\SysWOW64\puiobj.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00297472 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntprint.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00295424 _____ (Microsoft Corporation) C:\windows\SysWOW64\photowiz.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00225792 _____ (Microsoft Corporation) C:\windows\SysWOW64\netdiagfx.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00218112 _____ (Microsoft Corporation) C:\windows\SysWOW64\OnLineIDCpl.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00199168 _____ (Microsoft Corporation) C:\windows\SysWOW64\onex.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00175616 _____ (Microsoft Corporation) C:\windows\SysWOW64\netplwiz.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\QAGENT.DLL
    2014-12-16 17:56 - 2010-11-20 04:20 - 00167936 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSHVHOST.DLL
    2014-12-16 17:56 - 2010-11-20 04:20 - 00166400 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiohlp.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00161792 _____ (Microsoft Corporation) C:\windows\SysWOW64\netjoin.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00152064 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncsi.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00120320 _____ (Microsoft Corporation) C:\windows\SysWOW64\prntvpt.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00117248 _____ (Microsoft Corporation) C:\windows\SysWOW64\netid.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00116736 _____ (Microsoft Corporation) C:\windows\SysWOW64\prncache.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\nci.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntlanman.dll
    2014-12-16 17:56 - 2010-11-20 04:20 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlaapi.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00856576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FirewallControlPanel.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00830464 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSMPEG2ENC.DLL
    2014-12-16 17:56 - 2010-11-20 04:19 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontext.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00732160 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2fs.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00592384 _____ (Microsoft Corporation) C:\windows\SysWOW64\msftedit.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00488448 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00481792 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscms.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00429056 _____ (Microsoft Corporation) C:\windows\SysWOW64\localsec.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00400896 _____ (Microsoft Corporation) C:\windows\SysWOW64\ipsmsnap.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00392192 _____ (Microsoft Corporation) C:\windows\SysWOW64\imapi2.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00341504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdrm.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00337408 _____ (Microsoft Corporation) C:\windows\SysWOW64\msihnd.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\windows\SysWOW64\mtxclu.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00320512 _____ (Microsoft Corporation) C:\windows\SysWOW64\Faultrep.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00312832 _____ (Microsoft Corporation) C:\windows\SysWOW64\hgcpl.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00301568 _____ (Microsoft Corporation) C:\windows\SysWOW64\msieftp.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00296448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfds.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00271360 _____ (Microsoft Corporation) C:\windows\SysWOW64\iprtrmgr.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00268800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprddm.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00266752 _____ (Microsoft Corporation) C:\windows\SysWOW64\MediaMetadataHandler.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00232448 _____ (Microsoft Corporation) C:\windows\SysWOW64\mswsock.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00226304 _____ (Microsoft Corporation) C:\windows\SysWOW64\MSAC3ENC.DLL
    2014-12-16 17:56 - 2010-11-20 04:19 - 00216576 _____ (Microsoft Corporation) C:\windows\SysWOW64\FWPUCLNT.DLL
    2014-12-16 17:56 - 2010-11-20 04:19 - 00213504 _____ (Microsoft Corporation) C:\windows\SysWOW64\MMDevAPI.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00206336 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedynos.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\framedyn.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00196608 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfreadwrite.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasrad.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00167936 _____ (Microsoft Corporation) C:\windows\SysWOW64\msutb.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00148992 _____ (Microsoft Corporation) C:\windows\SysWOW64\ifsutil.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00127488 _____ (Microsoft Corporation) C:\windows\SysWOW64\logoncli.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00124416 _____ (Microsoft Corporation) C:\windows\SysWOW64\fde.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\IPHLPAPI.DLL
    2014-12-16 17:56 - 2010-11-20 04:19 - 00101888 _____ (Microsoft Corporation) C:\windows\SysWOW64\migisol.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00093696 _____ (Windows (R) Codename Longhorn DDK provider) C:\windows\SysWOW64\fms.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasacct.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\hbaapi.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00059904 _____ (Microsoft Corporation) C:\windows\SysWOW64\fdeploy.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00042496 _____ (Microsoft Corporation) C:\windows\SysWOW64\mimefilt.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\httpapi.dll
    2014-12-16 17:56 - 2010-11-20 04:19 - 00034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\msasn1.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 03727872 _____ (Microsoft Corporation) C:\windows\SysWOW64\accessibilitycpl.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01792000 _____ (Microsoft Corporation) C:\windows\SysWOW64\authui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01555456 _____ (Microsoft Corporation) C:\windows\SysWOW64\certmgr.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01400320 _____ (Microsoft Corporation) C:\windows\SysWOW64\DxpTaskSync.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01040384 _____ (Microsoft Corporation) C:\windows\SysWOW64\Display.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 01003520 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00854016 _____ (Microsoft Corporation) C:\windows\SysWOW64\dbghelp.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00762880 _____ (Microsoft Corporation) C:\windows\SysWOW64\azroles.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00744448 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenter.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00743424 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00740864 _____ (Microsoft Corporation) C:\windows\SysWOW64\batmeter.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00665600 _____ (Microsoft Corporation) C:\windows\SysWOW64\AuxiliaryDisplayCpl.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00630784 _____ (Microsoft Corporation) C:\windows\SysWOW64\DXPTaskRingtone.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00537600 _____ (Microsoft Corporation) C:\windows\SysWOW64\ActionCenterCPL.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00530432 _____ (Microsoft Corporation) C:\windows\SysWOW64\comctl32.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00508416 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxgi.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00485888 _____ (Microsoft Corporation) C:\windows\SysWOW64\comdlg32.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00484864 _____ (Microsoft Corporation) C:\windows\SysWOW64\DeviceCenter.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\azroleui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\actxprxy.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00254464 _____ (Microsoft Corporation) C:\windows\SysWOW64\dhcpcore.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00222208 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapphost.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\defaultlocationcpl.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00205312 _____ (Microsoft Corporation) C:\windows\SysWOW64\efscore.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00202752 _____ (Microsoft Corporation) C:\windows\SysWOW64\activeds.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00196608 _____ (Microsoft Corporation) C:\windows\SysWOW64\dskquoui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\adsldp.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\credui.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoplay.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00132608 _____ (Microsoft Corporation) C:\windows\SysWOW64\cabview.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00109056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnscmmc.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00082432 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3cfg.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00080384 _____ (Microsoft Corporation) C:\windows\SysWOW64\davclnt.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\asycfilt.dll
    2014-12-16 17:56 - 2010-11-20 04:18 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2014-12-16 17:56 - 2010-11-20 04:17 - 00314880 _____ (Microsoft Corporation) C:\windows\SysWOW64\wusa.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00314368 _____ (Microsoft Corporation) C:\windows\SysWOW64\SndVol.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00303104 _____ (Microsoft Corporation) C:\windows\SysWOW64\msinfo32.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00302592 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmd.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00288256 _____ (Microsoft Corporation) C:\windows\SysWOW64\eudcedit.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00270336 _____ (Microsoft Corporation) C:\windows\SysWOW64\sethc.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00227328 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskmgr.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\mcbuilder.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00192000 _____ (Microsoft Corporation) C:\windows\SysWOW64\taskeng.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\schtasks.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\net1.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00098816 _____ (Microsoft) C:\windows\SysWOW64\Robocopy.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00086528 _____ (Microsoft Corporation) C:\windows\SysWOW64\isoburn.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00066048 _____ (Microsoft Corporation) C:\windows\SysWOW64\w32tm.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00042496 _____ (Microsoft Corporation) C:\windows\SysWOW64\ftp.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\proquota.exe
    2014-12-16 17:56 - 2010-11-20 04:17 - 00026624 _____ (Microsoft Corporation) C:\windows\SysWOW64\userinit.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00905216 _____ (Microsoft Corporation) C:\windows\SysWOW64\mmsys.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00776192 _____ (Microsoft Corporation) C:\windows\SysWOW64\calc.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00692736 _____ (Microsoft Corporation) C:\windows\SysWOW64\bthprops.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00679424 _____ (Microsoft Corporation) C:\windows\SysWOW64\autoconv.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00668160 _____ (Microsoft Corporation) C:\windows\SysWOW64\autochk.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00658944 _____ (Microsoft Corporation) C:\windows\SysWOW64\autofmt.exe
    2014-12-16 17:56 - 2010-11-20 04:16 - 00649216 _____ (Microsoft Corporation) C:\windows\SysWOW64\appwiz.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00516096 _____ (Microsoft Corporation) C:\windows\SysWOW64\main.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00413696 _____ (Microsoft Corporation) C:\windows\SysWOW64\PhotoScreensaver.scr
    2014-12-16 17:56 - 2010-11-20 04:16 - 00389632 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysmon.ocx
    2014-12-16 17:56 - 2010-11-20 04:16 - 00345088 _____ (Microsoft Corporation) C:\windows\SysWOW64\intl.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00326656 _____ (Microsoft Corporation) C:\windows\SysWOW64\sysdm.cpl
    2014-12-16 17:56 - 2010-11-20 04:16 - 00320000 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
    2014-12-16 17:56 - 2010-11-20 04:16 - 00193536 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksproxy.ax
    2014-12-16 17:56 - 2010-11-20 04:16 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdmaud.drv
    2014-12-16 17:56 - 2010-11-20 04:16 - 00068608 _____ (Microsoft Corporation) C:\windows\SysWOW64\WSTPager.ax
    2014-12-16 17:56 - 2010-11-20 04:08 - 00833024 _____ (Microsoft Corporation) C:\windows\SysWOW64\user32.dll
    2014-12-16 17:56 - 2010-11-20 04:08 - 00311296 _____ (Microsoft Corporation) C:\windows\SysWOW64\gdi32.dll
    2014-12-16 17:56 - 2010-11-20 03:04 - 00248832 _____ (Microsoft Corporation) C:\windows\system32\wksprt.exe
    2014-12-16 17:56 - 2010-11-20 03:04 - 00039424 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tssecsrv.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00164352 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndiswan.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00129536 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rasl2tp.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00111104 _____ (Microsoft Corporation) C:\windows\system32\Drivers\raspptp.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00088576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\wanarp.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00082944 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ipfltdrv.sys
    2014-12-16 17:56 - 2010-11-20 02:52 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndproxy.sys
    2014-12-16 17:56 - 2010-11-20 02:44 - 00229888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\1394ohci.sys
    2014-12-16 17:56 - 2010-11-20 02:44 - 00184960 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbvideo.sys
    2014-12-16 17:56 - 2010-11-20 02:43 - 00076800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidclass.sys
    2014-12-16 17:56 - 2010-11-20 02:43 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\Drivers\winusb.sys
    2014-12-16 17:56 - 2010-11-20 02:33 - 00243712 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ks.sys
    2014-12-16 17:56 - 2010-11-20 01:37 - 00109056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sdbus.sys
    2014-12-16 17:56 - 2010-11-20 01:27 - 00309248 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rdbss.sys
    2014-12-16 17:56 - 2010-11-20 01:26 - 00328192 _____ (Microsoft Corporation) C:\windows\system32\Drivers\udfs.sys
    2014-12-16 17:56 - 2010-11-20 01:26 - 00140800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mrxdav.sys
    2014-12-16 17:56 - 2010-11-04 18:11 - 00433512 _____ (Microsoft Corporation) C:\windows\system32\MCEWMDRMNDBootstrap.dll
    2014-12-16 17:56 - 2010-11-04 18:11 - 00312168 _____ (Microsoft Corporation) C:\windows\SysWOW64\MCEWMDRMNDBootstrap.dll
    2014-12-16 17:56 - 2010-11-04 17:58 - 00155472 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscorier.dll
    2014-12-16 17:56 - 2010-11-04 17:58 - 00080720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mscories.dll
    2014-12-16 17:56 - 2010-11-04 17:57 - 00154960 _____ (Microsoft Corporation) C:\windows\system32\mscorier.dll
    2014-12-16 17:55 - 2010-11-20 05:44 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\NAPCRYPT.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 01911808 _____ (Microsoft Corporation) C:\windows\system32\OpcServices.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 01232896 _____ (Microsoft Corporation) C:\windows\system32\WMADMOD.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 01080320 _____ (Microsoft Corporation) C:\windows\system32\onexui.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00978944 _____ (Microsoft Corporation) C:\windows\system32\WMSPDMOD.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 00666112 _____ (Microsoft Corporation) C:\windows\system32\WMVSDECD.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 00636416 _____ (Microsoft Corporation) C:\windows\system32\wmdrmdev.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00594432 _____ (Microsoft Corporation) C:\windows\system32\wvc.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00527872 _____ (Microsoft Corporation) C:\windows\system32\wmdrmnet.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00435712 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceStatus.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00431104 _____ (Microsoft Corporation) C:\windows\system32\WPDSp.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00392192 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00358400 _____ (Microsoft Corporation) C:\windows\system32\wmpdxm.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00337920 _____ (Microsoft Corporation) C:\windows\system32\raschap.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00254464 _____ (Microsoft Corporation) C:\windows\system32\qasf.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00250880 _____ (Microsoft Corporation) C:\windows\system32\qdv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00238080 _____ (Microsoft Corporation) C:\windows\system32\mstask.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00224256 _____ (Microsoft Corporation) C:\windows\system32\PortableDeviceSyncProvider.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00222208 _____ (Microsoft Corporation) C:\windows\system32\rdpencom.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00215040 _____ (Microsoft Corporation) C:\windows\system32\wpdwcn.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00190976 _____ (Microsoft Corporation) C:\windows\system32\vdsbas.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00181248 _____ (Microsoft Corporation) C:\windows\system32\qcap.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00145920 _____ (Microsoft Corporation) C:\windows\system32\sppc.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00143360 _____ (Microsoft Corporation) C:\windows\system32\mydocs.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00135168 _____ (Microsoft Corporation) C:\windows\system32\shacct.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00132608 _____ (Microsoft Corporation) C:\windows\system32\wmpshell.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00124928 _____ (Microsoft Corporation) C:\windows\system32\wiavideo.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00124416 _____ (Microsoft Corporation) C:\windows\system32\QSVRMGMT.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp_isv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00121856 _____ (Microsoft Corporation) C:\windows\system32\secproc_ssp.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\QCLIPROV.DLL
    2014-12-16 17:55 - 2010-11-20 05:27 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\spbcd.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00073728 _____ (Microsoft Corporation) C:\windows\system32\tlscsp.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00073216 _____ (Microsoft Corporation) C:\windows\system32\unimdmat.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00072192 _____ (Microsoft Corporation) C:\windows\system32\napdsnap.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00068096 _____ (Microsoft Corporation) C:\windows\system32\vfwwdm32.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00067072 _____ (Microsoft Corporation) C:\windows\system32\wsnmp32.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\WavDest.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00061952 _____ (Microsoft Corporation) C:\windows\system32\vss_ps.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00059904 _____ (Microsoft Corporation) C:\windows\system32\umb.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00053248 _____ (Microsoft Corporation) C:\windows\system32\odbcconf.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\PrintIsolationProxy.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00047104 _____ (Microsoft Corporation) C:\windows\system32\wshbth.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\shimgvw.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00036352 _____ (Microsoft Corporation) C:\windows\system32\wdiasqmmodule.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00035840 _____ (Microsoft Corporation) C:\windows\system32\msdmo.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00030720 _____ (Microsoft Corporation) C:\windows\system32\seclogon.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\netutils.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\shgina.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\wsdchngr.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\msyuv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00024064 _____ (Microsoft Corporation) C:\windows\system32\schedcli.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00023040 _____ (Microsoft Corporation) C:\windows\system32\rdprefdrvapi.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00021504 _____ (Microsoft Corporation) C:\windows\system32\TRAPI.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00018944 _____ (Microsoft Corporation) C:\windows\system32\spopk.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00017408 _____ (Microsoft Corporation) C:\windows\system32\syssetup.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00016896 _____ (Microsoft Corporation) C:\windows\system32\muifontsetup.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00016384 _____ (Microsoft Corporation) C:\windows\system32\msrle32.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00015360 _____ (Microsoft Corporation) C:\windows\system32\nrpsrv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\tsbyuv.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00013824 _____ (Microsoft Corporation) C:\windows\system32\wshirda.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\sscore.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\shunimpl.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00010752 _____ (Microsoft Corporation) C:\windows\system32\riched32.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00010240 _____ (Microsoft Corporation) C:\windows\system32\rdpcfgex.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
    2014-12-16 17:55 - 2010-11-20 05:27 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
    2014-12-16 17:55 - 2010-11-20 05:27 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 01087488 _____ (Microsoft Corporation) C:\windows\system32\dbghelp.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00623104 _____ (Microsoft Corporation) C:\windows\system32\FXSAPI.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00434688 _____ (Microsoft Corporation) C:\windows\system32\FXSTIFF.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00313344 _____ (Microsoft Corporation) C:\windows\system32\dot3ui.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00198656 _____ (Microsoft Corporation) C:\windows\system32\iasrecst.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00194048 _____ (Microsoft Corporation) C:\windows\system32\itircl.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00180736 _____ (Microsoft Corporation) C:\windows\system32\ifsutil.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00144896 _____ (Microsoft Corporation) C:\windows\system32\EhStorAPI.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00121344 _____ (Microsoft Corporation) C:\windows\system32\fphc.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\eappgnui.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00103936 _____ (Microsoft Corporation) C:\windows\system32\dot3msm.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapistub.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00091648 _____ (Microsoft Corporation) C:\windows\system32\mapi32.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00090624 _____ (Microsoft Corporation) C:\windows\system32\KMSVC.DLL
    2014-12-16 17:55 - 2010-11-20 05:26 - 00084992 _____ (Microsoft Corporation) C:\windows\system32\Mcx2Svc.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00074240 _____ (Microsoft Corporation) C:\windows\system32\fdProxy.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00065536 _____ (Microsoft Corporation) C:\windows\system32\inetmib1.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\luainstall.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\FXSMON.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00041472 _____ (Microsoft Corporation) C:\windows\system32\mciqtz32.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\iscsium.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\dsauth.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00027136 _____ (Microsoft Corporation) C:\windows\system32\HotStartUserAgent.dll
    2014-12-16 17:55 - 2010-11-20 05:26 - 00025600 _____ (Microsoft Corporation) C:\windows\system32\elsTrans.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00840192 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00395776 _____ (Microsoft Corporation) C:\windows\system32\nltest.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00306688 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00305152 _____ (Microsoft Corporation) C:\windows\system32\RMActivate_ssp_isv.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00294912 _____ (Microsoft Corporation) C:\windows\system32\WindowsAnytimeUpgradeResults.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00293888 _____ (Microsoft Corporation) C:\windows\system32\wsqmcons.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00213504 _____ (Microsoft Corporation) C:\windows\system32\ActionQueue.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00172544 _____ (Microsoft Corporation) C:\windows\system32\perfmon.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\net1.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00089088 _____ (Microsoft Corporation) C:\windows\system32\amstream.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\tabcal.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00071680 _____ (Microsoft Corporation) C:\windows\system32\CertPolEng.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\takeown.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00062976 _____ (Microsoft Corporation) C:\windows\system32\PnPUnattend.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\runonce.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\repair-bde.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00051712 _____ (Microsoft Corporation) C:\windows\system32\MultiDigiMon.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00046080 _____ (Microsoft Corporation) C:\windows\system32\cscapi.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00043008 _____ (Microsoft Corporation) C:\windows\system32\relog.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\AzSqlExt.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\cscdll.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00026112 _____ (Microsoft Corporation) C:\windows\system32\WerFaultSecure.exe
    2014-12-16 17:55 - 2010-11-20 05:25 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\bitsperf.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00014848 _____ (Microsoft Corporation) C:\windows\system32\BWUnpairElevated.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\browseui.dll
    2014-12-16 17:55 - 2010-11-20 05:25 - 00013312 _____ (Microsoft Corporation) C:\windows\system32\C_ISCII.DLL
    2014-12-16 17:55 - 2010-11-20 05:25 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\TsUsbRedirectionGroupPolicyControl.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00899584 _____ (Microsoft Corporation) C:\windows\system32\Bubbles.scr
    2014-12-16 17:55 - 2010-11-20 05:24 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\main.cpl
    2014-12-16 17:55 - 2010-11-20 05:24 - 00363520 _____ (Microsoft Corporation) C:\windows\system32\diskraid.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00242688 _____ (Microsoft Corporation) C:\windows\system32\Mystify.scr
    2014-12-16 17:55 - 2010-11-20 05:24 - 00241664 _____ (Microsoft Corporation) C:\windows\system32\Ribbons.scr
    2014-12-16 17:55 - 2010-11-20 05:24 - 00232448 _____ (Microsoft Corporation) C:\windows\system32\bitsadmin.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00166400 _____ (Microsoft Corporation) C:\windows\system32\diskpart.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00152064 _____ (Microsoft Corporation) C:\windows\system32\iscsicli.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\MdSched.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00133120 _____ (Microsoft Corporation) C:\windows\system32\Kswdmcap.ax
    2014-12-16 17:55 - 2010-11-20 05:24 - 00130048 _____ (Microsoft Corporation) C:\windows\system32\desk.cpl
    2014-12-16 17:55 - 2010-11-20 05:24 - 00104448 _____ (Microsoft Corporation) C:\windows\system32\logman.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\mobsync.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\cmstp.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00079872 _____ (Microsoft Corporation) C:\windows\system32\manage-bde.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00071168 _____ (Microsoft Corporation) C:\windows\system32\findstr.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00071168 _____ (Microsoft Corporation) C:\windows\bfsvc.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\djoin.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00057856 _____ (Microsoft Corporation) C:\windows\system32\g711codc.ax
    2014-12-16 17:55 - 2010-11-20 05:24 - 00048128 _____ (Microsoft Corporation) C:\windows\system32\ftp.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\vbisurf.ax
    2014-12-16 17:55 - 2010-11-20 05:24 - 00036864 _____ (Microsoft Corporation) C:\windows\system32\choice.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00027648 _____ (Microsoft Corporation) C:\windows\system32\LogonUI.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00018432 _____ (Microsoft Corporation) C:\windows\system32\FXSUNATD.exe
    2014-12-16 17:55 - 2010-11-20 05:24 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\fixmapi.exe
    2014-12-16 17:55 - 2010-11-20 05:16 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
    2014-12-16 17:55 - 2010-11-20 05:15 - 01164800 _____ (Microsoft Corporation) C:\windows\system32\UIRibbonRes.dll
    2014-12-16 17:55 - 2010-11-20 05:14 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\spwizres.dll
    2014-12-16 17:55 - 2010-11-20 05:13 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\RDPENCDD.dll
    2014-12-16 17:55 - 2010-11-20 05:13 - 00069120 _____ (Microsoft Corporation) C:\windows\system32\nlsbres.dll
    2014-12-16 17:55 - 2010-11-20 05:12 - 00035328 _____ (Microsoft Corporation) C:\windows\system32\pifmgr.dll
    2014-12-16 17:55 - 2010-11-20 05:02 - 01148416 _____ (Microsoft Corporation) C:\windows\system32\IMJP10.IME
    2014-12-16 17:55 - 2010-11-20 05:02 - 00457216 _____ (Microsoft Corporation) C:\windows\system32\imkr80.ime
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUQ.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDTUF.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDSG.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\kbdlk41a.dll
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDGKL.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00008192 _____ (Microsoft Corporation) C:\windows\system32\KBDCZ1.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDSF.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDPO.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDNEPR.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDINTAM.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDINBEN.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007680 _____ (Microsoft Corporation) C:\windows\system32\KBDGR1.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDUS.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDUGHR1.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTURME.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDTAJIK.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDMON.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDMAORI.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDLT1.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINTEL.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINORI.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINMAR.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINKAN.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDINHIN.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBULG.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBLR.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00007168 _____ (Microsoft Corporation) C:\windows\system32\KBDBASH.DLL
    2014-12-16 17:55 - 2010-11-20 05:02 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\KBDGEO.DLL
    2014-12-16 17:55 - 2010-11-20 04:54 - 00052736 _____ (Microsoft Corporation) C:\windows\system32\BlbEvents.dll
    2014-12-16 17:55 - 2010-11-20 04:51 - 00003072 ____H (Microsoft Corporation) C:\windows\system32\api-ms-win-core-ums-l1-1-0.dll
    2014-12-16 17:55 - 2010-11-20 04:36 - 00046080 _____ (Microsoft Corporation) C:\windows\SysWOW64\NAPCRYPT.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00902656 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMADMOD.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00739328 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMSPDMOD.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00616960 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00541184 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMVSDECD.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00507392 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmdev.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00444928 _____ (Microsoft Corporation) C:\windows\SysWOW64\wvc.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00436736 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmnet.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00428032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wlanmsm.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00406528 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00350720 _____ (Microsoft Corporation) C:\windows\SysWOW64\WPDSp.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00318976 _____ (Microsoft Corporation) C:\windows\SysWOW64\raschap.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00318464 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00309760 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqlcese30.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00299520 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpdxm.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00198144 _____ (Microsoft Corporation) C:\windows\SysWOW64\wpdwcn.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdscore.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00189952 _____ (Microsoft Corporation) C:\windows\SysWOW64\sqmapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00186368 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpencom.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00179712 _____ (Microsoft Corporation) C:\windows\SysWOW64\shdocvw.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00160256 _____ (Microsoft Corporation) C:\windows\SysWOW64\vdsbas.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00146944 _____ (Microsoft Corporation) C:\windows\SysWOW64\remotepg.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\twext.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00144384 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpps.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00118784 _____ (Microsoft Corporation) C:\windows\SysWOW64\uxlib.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupcln.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00109568 _____ (Microsoft Corporation) C:\windows\SysWOW64\wiavideo.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00108032 _____ (Microsoft Corporation) C:\windows\SysWOW64\shacct.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00105984 _____ (Microsoft Corporation) C:\windows\SysWOW64\WPDShServiceObj.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00105472 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmpshell.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00100864 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppinst.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\srvcli.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00087552 _____ (Microsoft Corporation) C:\windows\SysWOW64\wudriver.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp_isv.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00085504 _____ (Microsoft Corporation) C:\windows\SysWOW64\secproc_ssp.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00080896 _____ (Microsoft Corporation) C:\windows\SysWOW64\QUTIL.DLL
    2014-12-16 17:55 - 2010-11-20 04:21 - 00078848 _____ (Microsoft Corporation) C:\windows\SysWOW64\UserAccountControlSettings.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00071168 _____ (Microsoft Corporation) C:\windows\SysWOW64\resutils.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\tlscsp.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00069632 _____ (Microsoft Corporation) C:\windows\SysWOW64\rastapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00065024 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00061952 _____ (Microsoft Corporation) C:\windows\SysWOW64\spbcd.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00059392 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdmat.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00056832 _____ (Microsoft Corporation) C:\windows\SysWOW64\vfwwdm32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00052224 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdpd3d.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00051712 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsnmp32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00051200 _____ (Twain Working Group) C:\windows\twain_32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\wkscli.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00040448 _____ (Microsoft Corporation) C:\windows\SysWOW64\wtsapi32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshbth.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00035840 _____ (Microsoft Corporation) C:\windows\SysWOW64\shimgvw.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\utildll.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00027648 _____ (Microsoft Corporation) C:\windows\SysWOW64\wups.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\vpnikeapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\wsdchngr.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\TRAPI.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\rdprefdrvapi.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00020992 _____ (Microsoft Corporation) C:\windows\SysWOW64\shgina.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00019968 _____ (Microsoft Corporation) C:\windows\SysWOW64\spopk.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\schedcli.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00014848 _____ (Microsoft Corporation) C:\windows\SysWOW64\syssetup.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00014336 _____ (Microsoft Corporation) C:\windows\SysWOW64\slwga.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00012288 _____ (Microsoft Corporation) C:\windows\SysWOW64\tsbyuv.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshirda.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\shunimpl.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00009728 _____ (Microsoft Corporation) C:\windows\SysWOW64\sscore.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00008704 _____ (Microsoft Corporation) C:\windows\SysWOW64\riched32.dll
    2014-12-16 17:55 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
    2014-12-16 17:55 - 2010-11-20 04:21 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 01661440 _____ (Microsoft Corporation) C:\windows\SysWOW64\networkexplorer.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 01160192 _____ (Microsoft Corporation) C:\windows\SysWOW64\OpcServices.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 01111552 _____ (Microsoft Corporation) C:\windows\SysWOW64\onexui.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00427520 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceStatus.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00283136 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdv.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00236544 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdh.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00206848 _____ (Microsoft Corporation) C:\windows\SysWOW64\qasf.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00190976 _____ (Microsoft Corporation) C:\windows\SysWOW64\qcap.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00183296 _____ (Microsoft Corporation) C:\windows\SysWOW64\PortableDeviceSyncProvider.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00174592 _____ (Microsoft Corporation) C:\windows\SysWOW64\ocsetapi.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00165376 _____ (Microsoft Corporation) C:\windows\SysWOW64\provsvc.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00136192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mydocs.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00121344 _____ (Microsoft Corporation) C:\windows\SysWOW64\sppc.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00099328 _____ (Microsoft Corporation) C:\windows\SysWOW64\QSVRMGMT.DLL
    2014-12-16 17:55 - 2010-11-20 04:20 - 00090112 _____ (Microsoft Corporation) C:\windows\SysWOW64\olepro32.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00077824 _____ (Microsoft Corporation) C:\windows\SysWOW64\olethk32.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00071680 _____ (Microsoft Corporation) C:\windows\SysWOW64\QCLIPROV.DLL
    2014-12-16 17:55 - 2010-11-20 04:20 - 00068096 _____ (Microsoft Corporation) C:\windows\SysWOW64\napdsnap.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00060928 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncryptui.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00046592 _____ (Microsoft Corporation) C:\windows\SysWOW64\pdhui.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00040960 _____ (Microsoft Corporation) C:\windows\SysWOW64\odbcconf.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\netutils.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfts.dll
    2014-12-16 17:55 - 2010-11-20 04:20 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00219648 _____ (Microsoft Corporation) C:\windows\SysWOW64\iTVData.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00209920 _____ (Microsoft Corporation) C:\windows\SysWOW64\mstask.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00202240 _____ (Microsoft Corporation) C:\windows\SysWOW64\input.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\msorcl32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00176128 _____ (Microsoft Corporation) C:\windows\SysWOW64\MFPlay.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\mprapi.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00158720 _____ (Microsoft Corporation) C:\windows\SysWOW64\itircl.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00122880 _____ (Microsoft Corporation) C:\windows\SysWOW64\iasrecst.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00120320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvfw32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00098304 _____ (Microsoft Corporation) C:\windows\SysWOW64\fphc.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciavi32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00082944 _____ (Radius Inc.) C:\windows\SysWOW64\iccvid.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapistub.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00076800 _____ (Microsoft Corporation) C:\windows\SysWOW64\mapi32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00052736 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetmib1.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\iyuv_32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00041984 _____ (Microsoft Corporation) C:\windows\SysWOW64\luainstall.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00036352 _____ (Microsoft Corporation) C:\windows\SysWOW64\mciqtz32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00031744 _____ (Microsoft Corporation) C:\windows\SysWOW64\msvidc32.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdmo.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsium.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\msyuv.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00021504 _____ (Microsoft Corporation) C:\windows\SysWOW64\lsmproxy.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\muifontsetup.dll
    2014-12-16 17:55 - 2010-11-20 04:19 - 00013312 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrle32.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00685056 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsuiext.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00402944 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00333824 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3ui.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00243712 _____ (Microsoft Corporation) C:\windows\SysWOW64\audiodev.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00242176 _____ (Microsoft Corporation) C:\windows\SysWOW64\eapp3hst.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00230912 _____ (Microsoft Corporation) C:\windows\SysWOW64\clusapi.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00211456 _____ (Microsoft Corporation) C:\windows\SysWOW64\DevicePairingFolder.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00210432 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxdiagn.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00128512 _____ (Microsoft Corporation) C:\windows\SysWOW64\EhStorAPI.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00115200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dot3msm.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00094208 _____ (Microsoft Corporation) C:\windows\SysWOW64\eappgnui.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00091648 _____ (Microsoft Corporation) C:\windows\SysWOW64\avifil32.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\cabinet.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\amstream.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00066560 _____ (Microsoft Corporation) C:\windows\SysWOW64\cca.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00065024 _____ (Microsoft Corporation) C:\windows\SysWOW64\CertPolEng.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\acppage.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00034816 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscapi.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00030208 _____ (Microsoft Corporation) C:\windows\SysWOW64\dsauth.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00028160 _____ (Microsoft Corporation) C:\windows\SysWOW64\AzSqlExt.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\cscdll.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00022528 _____ (Microsoft Corporation) C:\windows\SysWOW64\elsTrans.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00019456 _____ (Microsoft Corporation) C:\windows\SysWOW64\bitsperf.dll
    2014-12-16 17:55 - 2010-11-20 04:18 - 00011264 _____ (Microsoft Corporation) C:\windows\SysWOW64\C_ISCII.DLL
    2014-12-16 17:55 - 2010-11-20 04:18 - 00010752 _____ (Microsoft Corporation) C:\windows\SysWOW64\browseui.dll
    2014-12-16 17:55 - 2010-11-20 04:17 - 00586752 _____ (Microsoft Corporation) C:\windows\SysWOW64\dfrgui.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00327680 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimserv.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00280064 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00278016 _____ (Microsoft Corporation) C:\windows\SysWOW64\RMActivate_ssp_isv.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00276480 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskraid.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00209920 _____ (Microsoft Corporation) C:\windows\SysWOW64\PkgMgr.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00197632 _____ (Microsoft Corporation) C:\windows\SysWOW64\ocsetup.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00157184 _____ (Microsoft Corporation) C:\windows\SysWOW64\perfmon.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00144896 _____ (Microsoft Corporation) C:\windows\SysWOW64\iscsicli.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00133632 _____ (Microsoft Corporation) C:\windows\SysWOW64\diskpart.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00113152 _____ (Microsoft Corporation) C:\windows\SysWOW64\setupugc.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00101376 _____ (Microsoft Corporation) C:\windows\SysWOW64\mobsync.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00098304 _____ (Microsoft Corporation) C:\windows\SysWOW64\nslookup.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00095232 _____ (Microsoft Corporation) C:\windows\SysWOW64\logagent.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00084992 _____ (Microsoft Corporation) C:\windows\SysWOW64\cmstp.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00082944 _____ (Microsoft Corporation) C:\windows\SysWOW64\logman.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msiexec.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\MuiUnattend.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00062976 _____ (Microsoft Corporation) C:\windows\SysWOW64\findstr.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00051200 _____ (Microsoft Corporation) C:\windows\SysWOW64\takeown.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\runonce.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\tzutil.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00037888 _____ (Microsoft Corporation) C:\windows\SysWOW64\relog.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00034304 _____ (Microsoft Corporation) C:\windows\SysWOW64\unlodctr.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00028672 _____ (Microsoft Corporation) C:\windows\SysWOW64\WerFaultSecure.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\netiougc.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00024064 _____ (Microsoft Corporation) C:\windows\SysWOW64\netbtugc.exe
    2014-12-16 17:55 - 2010-11-20 04:17 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\ReAgentc.exe
    2014-12-16 17:55 - 2010-11-20 04:16 - 00878592 _____ (Microsoft Corporation) C:\windows\SysWOW64\Bubbles.scr
    2014-12-16 17:55 - 2010-11-20 04:16 - 00293888 _____ (Microsoft Corporation) C:\windows\SysWOW64\ssText3d.scr
    2014-12-16 17:55 - 2010-11-20 04:16 - 00281088 _____ (Microsoft Corporation) C:\windows\SysWOW64\unimdm.tsp
    2014-12-16 17:55 - 2010-11-20 04:16 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\Mystify.scr
    2014-12-16 17:55 - 2010-11-20 04:16 - 00220672 _____ (Microsoft Corporation) C:\windows\SysWOW64\Ribbons.scr
    2014-12-16 17:55 - 2010-11-20 04:16 - 00186368 _____ (Microsoft Corporation) C:\windows\SysWOW64\bitsadmin.exe
    2014-12-16 17:55 - 2010-11-20 04:16 - 00153600 _____ (Microsoft Corporation) C:\windows\SysWOW64\VBICodec.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00142336 _____ (Microsoft Corporation) C:\windows\SysWOW64\powercfg.cpl
    2014-12-16 17:55 - 2010-11-20 04:16 - 00128000 _____ (Microsoft Corporation) C:\windows\SysWOW64\desk.cpl
    2014-12-16 17:55 - 2010-11-20 04:16 - 00107008 _____ (Microsoft Corporation) C:\windows\SysWOW64\Kswdmcap.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00084480 _____ (Microsoft Corporation) C:\windows\SysWOW64\kstvtune.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00048640 _____ (Microsoft Corporation) C:\windows\SysWOW64\ksxbar.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00045568 _____ (Microsoft Corporation) C:\windows\SysWOW64\g711codc.ax
    2014-12-16 17:55 - 2010-11-20 04:16 - 00033792 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbisurf.ax
    2014-12-16 17:55 - 2010-11-20 04:08 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00663040 _____ (Microsoft Corporation) C:\windows\SysWOW64\rpcrt4.dll
    2014-12-16 17:55 - 2010-11-20 04:08 - 00119808 _____ (Microsoft Corporation) C:\windows\SysWOW64\imm32.dll
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUQ.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTUF.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDSG.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\kbdlk41a.dll
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGR1.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGKL.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDCZ1.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDSF.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDPO.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDNEPR.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINTAM.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINORI.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINMAR.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINKAN.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINHIN.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00007168 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINBEN.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDUS.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDUGHR1.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTURME.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDTAJIK.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDMON.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDMAORI.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDLT1.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDINTEL.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDGEO.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBULG.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBLR.DLL
    2014-12-16 17:55 - 2010-11-20 04:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\KBDBASH.DLL
    2014-12-16 17:55 - 2010-11-20 04:07 - 01164800 _____ (Microsoft Corporation) C:\windows\SysWOW64\UIRibbonRes.dll
    2014-12-16 17:55 - 2010-11-20 04:07 - 00007680 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwizres.dll
    2014-12-16 17:55 - 2010-11-20 04:06 - 00069120 _____ (Microsoft Corporation) C:\windows\SysWOW64\nlsbres.dll
    2014-12-16 17:55 - 2010-11-20 04:05 - 00035328 _____ (Microsoft Corporation) C:\windows\SysWOW64\pifmgr.dll
    2014-12-16 17:55 - 2010-11-20 04:00 - 01027584 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10.IME
    2014-12-16 17:55 - 2010-11-20 04:00 - 00430080 _____ (Microsoft Corporation) C:\windows\SysWOW64\imkr80.ime
    2014-12-16 17:55 - 2010-11-20 03:37 - 00031744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbrpm.sys
    2014-12-16 17:55 - 2010-11-20 02:52 - 00131584 _____ (Microsoft Corporation) C:\windows\system32\Drivers\pacer.sys
    2014-12-16 17:55 - 2010-11-20 02:51 - 00125440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tunnel.sys
    2014-12-16 17:55 - 2010-11-20 02:51 - 00045056 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpipreg.sys
    2014-12-16 17:55 - 2010-11-20 02:50 - 00056832 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ndisuio.sys
    2014-12-16 17:55 - 2010-11-20 02:49 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\Drivers\rmcast.sys
    2014-12-16 17:55 - 2010-11-20 02:44 - 00350208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\HdAudio.sys
    2014-12-16 17:55 - 2010-11-20 02:44 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\umbus.sys
    2014-12-16 17:55 - 2010-11-20 02:44 - 00032896 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBCAMD2.sys
    2014-12-16 17:55 - 2010-11-20 02:43 - 00122368 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hdaudbus.sys
    2014-12-16 17:55 - 2010-11-20 02:43 - 00030208 _____ (Microsoft Corporation) C:\windows\system32\Drivers\hidusb.sys
    2014-12-16 17:55 - 2010-11-20 02:34 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\sffp_sd.sys
    2014-12-16 17:55 - 2010-11-20 02:33 - 00038912 _____ (Microsoft Corporation) C:\windows\system32\Drivers\CompositeBus.sys
    2014-12-16 17:55 - 2010-11-20 02:33 - 00033280 _____ (Microsoft Corporation) C:\windows\system32\Drivers\kbdhid.sys
    2014-12-16 17:55 - 2010-11-20 02:14 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
    2014-12-16 17:55 - 2010-11-20 02:09 - 00029696 _____ (Microsoft Corporation) C:\windows\system32\Drivers\scfilter.sys
    2014-12-16 17:55 - 2010-11-20 02:04 - 00078848 _____ (Microsoft Corporation) C:\windows\system32\Drivers\IPMIDrv.sys
    2014-12-16 17:55 - 2010-11-20 01:49 - 00258048 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dxgmms1.sys
    2014-12-16 17:55 - 2010-11-20 01:30 - 00012800 _____ (Microsoft Corporation) C:\windows\system32\Drivers\acpipmi.sys
    2014-12-16 17:55 - 2010-11-20 01:26 - 00102400 _____ (Microsoft Corporation) C:\windows\system32\Drivers\dfsc.sys
    2014-12-16 17:55 - 2010-11-20 01:22 - 00026624 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tdi.sys
    2014-12-16 17:55 - 2010-11-20 01:19 - 00147456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cdrom.sys
    2014-12-16 17:55 - 2010-11-09 17:48 - 00010429 _____ () C:\windows\system32\ScavengeSpace.xml
    2014-12-16 17:55 - 2010-11-04 18:20 - 00105559 _____ () C:\windows\SysWOW64\RacRules.xml
    2014-12-16 17:55 - 2010-11-04 18:20 - 00105559 _____ () C:\windows\system32\RacRules.xml
    2014-12-16 17:55 - 2009-06-10 13:39 - 00001041 _____ () C:\windows\SysWOW64\tcpbidi.xml
    2014-12-16 17:54 - 2010-11-20 04:21 - 00363008 _____ (Microsoft Corporation) C:\windows\SysWOW64\wbemcomn.dll
    2014-12-16 17:54 - 2010-11-20 04:18 - 00323072 _____ (Microsoft Corporation) C:\windows\SysWOW64\drvstore.dll
    2014-12-16 17:54 - 2010-11-20 04:18 - 00257024 _____ (Microsoft Corporation) C:\windows\SysWOW64\dpx.dll
    2014-12-16 17:51 - 2010-11-20 05:27 - 00933376 _____ (Microsoft Corporation) C:\windows\system32\SmiEngine.dll
    2014-12-16 17:51 - 2010-11-20 05:27 - 00529408 _____ (Microsoft Corporation) C:\windows\system32\wbemcomn.dll
    2014-12-16 17:51 - 2010-11-20 05:27 - 00524288 _____ (Microsoft Corporation) C:\windows\system32\wmicmiplugin.dll
    2014-12-16 17:51 - 2010-11-20 05:27 - 00244736 _____ (Microsoft Corporation) C:\windows\system32\sqmapi.dll
    2014-12-16 17:51 - 2010-11-20 05:25 - 00199168 _____ (Microsoft Corporation) C:\windows\system32\PkgMgr.exe
    2014-12-16 17:50 - 2010-11-20 05:26 - 00422912 _____ (Microsoft Corporation) C:\windows\system32\drvstore.dll
    2014-12-16 17:50 - 2010-11-20 05:26 - 00399872 _____ (Microsoft Corporation) C:\windows\system32\dpx.dll
    2014-12-13 21:15 - 2014-12-13 21:15 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-12-12 17:54 - 2014-12-12 17:54 - 00000000 ____D () C:\windows\system32\appraiser
    2014-12-10 07:15 - 2014-12-03 18:32 - 00741376 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
    2014-12-10 07:15 - 2014-12-03 18:32 - 00413184 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2014-12-10 07:15 - 2014-12-03 18:32 - 00396800 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
    2014-12-10 07:15 - 2014-12-03 18:31 - 00830976 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
    2014-12-10 07:15 - 2014-12-01 15:21 - 01232040 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
    2014-12-07 10:20 - 2014-12-14 21:02 - 00000000 ____D () C:\Users\Hiddendemon666\Documents\New folder2
    2014-12-01 16:17 - 2014-12-17 17:43 - 00603298 ____N () C:\windows\WindowsUpdate.log
    2014-11-23 07:25 - 2014-11-23 07:25 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Roaming\AVG2015
    2014-11-23 07:21 - 2014-11-23 07:25 - 00000000 ____D () C:\ProgramData\AVG2015
    2014-11-23 07:18 - 2014-11-25 18:37 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Local\Avg2015
    2014-11-19 04:31 - 2014-11-19 04:31 - 01217192 _____ (Microsoft Corporation) C:\windows\SysWOW64\FM20.DLL

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-17 17:55 - 2012-09-23 21:56 - 00000000 ____D () C:\FRST
    2014-12-17 17:50 - 2010-09-10 18:38 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Roaming\Skype
    2014-12-17 17:43 - 2009-07-13 20:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-17 17:43 - 2009-07-13 20:45 - 00016304 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-17 17:36 - 2010-10-14 07:43 - 00000000 ____D () C:\ProgramData\MFAData
    2014-12-17 17:36 - 2009-07-13 21:13 - 00726444 _____ () C:\windows\system32\PerfStringBackup.INI
    2014-12-17 17:32 - 2009-07-13 21:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
    2014-12-17 17:31 - 2012-04-01 16:05 - 00000374 _____ () C:\windows\system32\Drivers\etc\hosts.ics
    2014-12-17 17:30 - 2009-07-13 21:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2014-12-17 17:30 - 2009-07-13 20:45 - 00426160 _____ () C:\windows\system32\FNTCACHE.DAT
    2014-12-17 17:11 - 2009-07-13 23:45 - 00000000 ____D () C:\Program Files\Windows Journal
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Sidebar
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Portable Devices
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\Windows Defender
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files\DVD Maker
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Sidebar
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Portable Devices
    2014-12-17 17:11 - 2009-07-13 21:32 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
    2014-12-17 17:11 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\servicing
    2014-12-17 17:11 - 2009-07-13 19:20 - 00000000 ____D () C:\Program Files\Common Files\System
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\sppui
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\Setup
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\oobe
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\migwiz
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\manifeststore
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\SysWOW64\AdvancedInstallers
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\sppui
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\Setup
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\oobe
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\migwiz
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\manifeststore
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\Dism
    2014-12-17 17:10 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\AdvancedInstallers
    2014-12-17 07:19 - 2009-07-13 18:36 - 00175616 _____ (Microsoft Corporation) C:\windows\system32\msclmd.dll
    2014-12-17 07:19 - 2009-07-13 18:36 - 00152576 _____ (Microsoft Corporation) C:\windows\SysWOW64\msclmd.dll
    2014-12-16 20:18 - 2010-04-08 18:21 - 00000000 ____D () C:\Program Files (x86)\Windows Live
    2014-12-16 19:49 - 2012-11-04 12:45 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
    2014-12-16 19:49 - 2012-09-26 21:24 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-12-12 19:07 - 2012-11-04 12:45 - 00701616 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2014-12-12 19:07 - 2012-11-04 12:45 - 00003770 _____ () C:\windows\System32\Tasks\Adobe Flash Player Updater
    2014-12-12 19:07 - 2011-10-29 10:11 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-12-12 19:07 - 2010-07-23 11:52 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Local\Adobe
    2014-12-12 17:54 - 2014-07-11 06:10 - 00000000 ___SD () C:\windows\system32\CompatTel
    2014-12-12 17:54 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\AppCompat
    2014-12-12 17:53 - 2010-09-10 18:38 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-12-12 17:53 - 2010-09-10 18:38 - 00000000 ____D () C:\ProgramData\Skype
    2014-12-11 07:15 - 2012-01-16 19:12 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-12-11 07:13 - 2013-07-21 10:51 - 00000000 ____D () C:\windows\system32\MRT
    2014-12-11 07:06 - 2010-07-26 20:27 - 112710672 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
    2014-12-09 19:09 - 2010-08-21 08:47 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Local\CrashDumps
    2014-12-07 09:27 - 2012-08-21 22:40 - 00000000 ____D () C:\Users\Hiddendemon666\AppData\Roaming\.minecraft
    2014-12-01 16:14 - 2010-08-02 12:59 - 00000000 ____D () C:\Program Files (x86)\AVG
    2014-12-01 16:12 - 2009-07-13 19:20 - 00000000 ____D () C:\windows\system32\NDF
    2014-11-26 08:58 - 2014-06-25 19:41 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2014-11-23 17:59 - 2010-08-26 16:43 - 00000000 ____D () C:\Users\Hiddendemon666\Desktop\Desktop!
    2014-11-23 07:25 - 2014-03-31 18:14 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
    2014-11-23 07:25 - 2011-04-15 21:05 - 00000000 ___HD () C:\$AVG

    Some content of TEMP:
    ====================
    C:\Users\Hiddendemon666\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Hiddendemon666\AppData\Local\Temp\SSUPDATE64.EXE


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-01-15 21:31

    ==================== End Of Log ============================


    Add

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 17-12-2014
    Ran by Hiddendemon666 at 2014-12-17 17:59:43
    Running from C:\Users\Hiddendemon666\Downloads
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {0E9420C4-06B3-7FA0-3AB1-6E49CB52ECD9}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: AVG AntiVirus Free Edition 2015 (Enabled - Up to date) {B5F5C120-2089-702E-0001-553BB0D5A664}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 4.0.0.1390 - Adobe Systems Incorporated)
    Adobe Flash Player 10 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 10.0.42.34 - Adobe Systems Incorporated)
    Adobe Flash Player 16 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 16.0.0.235 - Adobe Systems Incorporated)
    Adobe Reader X (10.1.6) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AA1000000001}) (Version: 10.1.6 - Adobe Systems Incorporated)
    Apple Application Support (HKLM-x32\...\{B3575D00-27EF-49C2-B9E0-14B3D954E992}) (Version: 1.5.2 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{439760BC-7737-4386-9B1D-A90A3E8A22EA}) (Version: 3.4.1.2 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    ArcSoft Panorama Maker 4 (HKLM-x32\...\{D45E8C45-B601-4A80-AFD8-E16338744DE1}) (Version: - ArcSoft)
    AVG 2015 (HKLM\...\AVG) (Version: 2015.0.5577 - AVG Technologies)
    AVG 2015 (Version: 15.0.4253 - AVG Technologies) Hidden
    AVG 2015 (Version: 15.0.5577 - AVG Technologies) Hidden
    AVG Security Toolbar (HKLM-x32\...\AVG Secure Search) (Version: 18.1.9.799 - AVG Technologies)
    CCleaner (HKLM\...\CCleaner) (Version: 3.19 - Piriform)
    D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
    EPSON Easy Photo Print (HKLM-x32\...\{8A8F8391-4C2C-4BE1-A984-CD4A5A546467}) (Version: 1.5.1.0 - SEIKO EPSON CORPORATION)
    EPSON WorkForce 30 Series Printer Uninstall (HKLM\...\EPSON WorkForce 30 Series) (Version: - SEIKO EPSON Corporation)
    HijackThis 2.0.2 (HKLM-x32\...\HijackThis) (Version: 2.0.2 - TrendMicro)
    Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2104 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 6.0.0.1179 - Intel Corporation)
    Intel(R) PROSet/Wireless WiFi Software (HKLM\...\{B90E5EBE-DF18-44D5-9D18-689ADEE9DA6C}) (Version: 13.01.1000 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 9.5.7.1002 - Intel Corporation)
    Intel(R) Wireless Display (HKLM\...\{26F41FA3-3170-446B-A3A2-83F5FA26E6CD}) (Version: 1.1.8.0 - Intel Corporation)
    iTunes (HKLM\...\{997C9EC4-B53D-479D-81B7-0AEC8D174BA1}) (Version: 10.4.1.10 - Apple Inc.)
    Java 7 Update 9 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83217009FF}) (Version: 7.0.90 - Oracle)
    JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.44.1 - JMicron Technology Corp.)
    Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
    Malwarebytes Anti-Malware version 2.0.3.1025 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.3.1025 - Malwarebytes Corporation)
    Memeo AutoSync (HKLM-x32\...\{75B7F766-7998-44d8-A202-F1EC76A121BA}) (Version: - Memeo Inc.)
    Memeo Instant Backup (HKLM-x32\...\{8E666407-AC41-46a2-9692-6C7BFCBFDD37}) (Version: 4.60.0.7876 - Memeo Inc.)
    Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
    Microsoft Office Professional 2010 (HKLM-x32\...\Office14.SingleImage) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM-x32\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x64 9.0.30729.5570 (HKLM\...\{8338783A-0968-3B85-AFC7-BAAE0A63DC50}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM-x32\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Works (HKLM-x32\...\{15BC8CD0-A65B-47D0-A2DD-90A824590FA8}) (Version: 9.7.0621 - Microsoft Corporation)
    Mozilla Firefox 35.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 35.0 (x86 en-US)) (Version: 35.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0 - Mozilla)
    MSXML 4.0 SP2 (KB954430) (HKLM-x32\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
    MSXML 4.0 SP2 (KB973688) (HKLM-x32\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
    Nikon Transfer (HKLM-x32\...\{E9757890-7EC5-46C8-99AB-B00F07B6525C}) (Version: 1.0.2 - Nikon)
    PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
    QuickTime (HKLM-x32\...\{C9E14402-3631-4182-B377-6B0DFB1C0339}) (Version: 7.70.80.34 - Apple Inc.)
    Realtek Ethernet Controller Driver For Windows 7 (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.13.112.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6069 - Realtek Semiconductor Corp.)
    runtime64 (Version: 1.0.0 - immunet) Hidden
    Seagate Dashboard (HKLM-x32\...\{C3A11907-930D-41AC-A135-CC3B12F92011}) (Version: 1.1.0.1421 - Memeo Inc.)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version: - Microsoft)
    Skype™ 6.22 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.22.107 - Skype Technologies S.A.)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 4.41.1000 - SUPERAntiSpyware.com)
    Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 15.0.8.1 - Synaptics Incorporated)
    TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
    TOSHIBA Assist (HKLM-x32\...\{1B87C40B-A60B-4EF3-9A68-706CF4B69978}) (Version: 3.00.11 - TOSHIBA CORPORATION)
    TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.07.64 - TOSHIBA Corporation)
    TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.2 for x64 - TOSHIBA Corporation)
    TOSHIBA DVD PLAYER (HKLM-x32\...\{6C5F3BDC-0A1B-4436-A696-5939629D5C31}) (Version: 3.01.2.07-A - TOSHIBA Corporation)
    TOSHIBA eco Utility (HKLM-x32\...\InstallShield_{B3FF1CD9-B2F0-4D71-BB55-5F580401C48E}) (Version: 1.2.11.64 - TOSHIBA Corporation)
    TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
    TOSHIBA Flash Cards Support Utility (HKLM-x32\...\InstallShield_{620BBA5E-F848-4D56-8BDA-584E44584C5E}) (Version: 1.63.0.6C - TOSHIBA CORPORATION)
    TOSHIBA Hardware Setup (HKLM-x32\...\InstallShield_{5279374D-87FE-4879-9385-F17278EBB9D3}) (Version: 1.63.0.22C - TOSHIBA CORPORATION)
    TOSHIBA HDD Protection (HKLM\...\{94A90C69-71C1-470A-88F5-AA47ECC96B40}) (Version: 2.2.0.4 - TOSHIBA Corporation)
    TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
    TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.3.64 - TOSHIBA CORPORATION)
    TOSHIBA Media Controller Plug-in (HKLM-x32\...\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}) (Version: 1.0.8.0 - TOSHIBA CORPORATION)
    TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.6.0.64 - TOSHIBA Corporation)
    TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
    TOSHIBA Recovery Media Creator (HKLM\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
    TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{A0E99122-25C1-4CA4-9063-499A2A814EB6}) (Version: 1.6.06.64 - TOSHIBA Corporation)
    TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.2.9 - TOSHIBA)
    TOSHIBA Sleep Utility (HKLM-x32\...\{654F7484-88C5-46DC-AB32-C66BCB0E2102}) (Version: 1.4.1.1 - TOSHIBA Corporation)
    TOSHIBA Supervisor Password (HKLM-x32\...\InstallShield_{51B4E156-14A5-4904-9AE4-B1AA2A0E46BE}) (Version: 1.63.0.9C - TOSHIBA CORPORATION)
    TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.4.64 - TOSHIBA Corporation)
    TOSHIBA Web Camera Application (HKLM-x32\...\{5E6F6CF3-BACC-4144-868C-E14622C658F3}) (Version: 1.1.1.15 - TOSHIBA Corporation)
    ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
    Utility Common Driver (x32 Version: 1.0.52.1C - TOSHIBA) Hidden
    Visual C++ 8.0 Runtime Setup Package (x64) (HKLM-x32\...\{2FDBBCEA-62DB-45F4-B6E5-0E1FB2A1F29D}) (Version: 9.0.0.623 - AVG Technologies CZ, s.r.o.)
    Visual Studio 2008 x64 Redistributables (HKLM-x32\...\{FCDBEA60-79F0-4FAE-BBA8-55A26C609A49}) (Version: 10.0.0.2 - AVG Technologies)
    Visual Studio 2010 x64 Redistributables (HKLM\...\{21B133D6-5979-47F0-BE1C-F6A6B304693F}) (Version: 13.0.0.1 - AVG Technologies)
    Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
    Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
    VS10Runtime64 (Version: 1.0.0 - immunet) Hidden
    Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3555.0308 - Microsoft Corporation)
    Windows Live Sync (HKLM-x32\...\{84EBDF39-4B33-49D7-A0BD-EB6E2C4E81C1}) (Version: 14.0.8089.726 - Microsoft Corporation)
    WorkForce 30 Series Info Center (HKLM-x32\...\Silent Package Run-Time Sample) (Version: - )

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-3092100664-2491022899-479283734-1000_Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InprocServer32 -> C:\$Recycle.Bin ()

    ==================== Restore Points =========================

    17-12-2014 07:02:53 Windows 7 Service Pack 1
    17-12-2014 17:38:24 Windows Update

    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 18:34 - 2009-06-10 13:00 - 00000824 ____A C:\windows\system32\Drivers\etc\hosts

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {023D69F8-59EB-4F7F-BC89-9603E0DB4D3C} - System32\Tasks\{7D9B48F3-AF0B-4E23-B302-4ED5CD53E215} => pcalua.exe -a C:\Users\HIDDEN~1\AppData\Local\Temp\InstallFlashPlayer.exe -d "C:\Program Files (x86)\Mozilla Firefox"
    Task: {1C0F9970-DCD7-4AC3-A2E1-86A16FE8D72F} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {1CA5A589-7A39-4093-BAF8-99C5FCA4A24A} - System32\Tasks\{F3529E4D-5128-40D9-BE49-036719A3FA01} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
    Task: {32739329-8CA1-4362-A51C-433E511000C0} - System32\Tasks\{107A5A71-982B-490B-8903-2A593E3DF21C} => Firefox.exe
    Task: {57318A18-A545-4D22-AEB7-8AC75E83F11D} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-12-12] (Adobe Systems Incorporated)
    Task: {5B20E57D-1445-43BC-B2C4-A554E75711C1} - System32\Tasks\{3C19006C-A61D-4B1A-BE70-2FCF94850A4D} => pcalua.exe -a C:\Users\Hiddendemon666\Downloads\OfficeSetup.exe -d C:\Users\Hiddendemon666\Downloads
    Task: {800B389D-3B6C-4E8E-9055-435F52E88C3C} - System32\Tasks\{6EBF066A-7424-4750-B52F-6234671EF89A} => Firefox.exe
    Task: {D45E2DE7-F705-4BAB-AABF-2A55AACF6F12} - System32\Tasks\{DCE4883E-838A-47F7-85F3-0E25ABA67F02} => C:\Program Files (x86)\Skype\Phone\Skype.exe [2014-11-27] (Skype Technologies S.A.)
    Task: {F410E639-2FF5-432F-8E4E-8261555C1F85} - System32\Tasks\RunAsStdUser Task for VeohWebPlayer => C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
    Task: {F6D9B289-2360-48A8-A167-AA338140E0C1} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {FDBBDE54-111B-4D49-96AB-9596ED276F50} - System32\Tasks\Games\UpdateCheck_S-1-5-21-3092100664-2491022899-479283734-1000
    Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

    ==================== Loaded Modules (whitelisted) =============

    2010-01-19 15:27 - 2010-01-19 15:27 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\Libeay32.dll
    2010-04-08 18:20 - 2009-08-13 10:09 - 00297344 _____ () C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe
    2014-08-11 17:54 - 2014-08-11 17:54 - 00159768 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\loggingserver.exe
    2010-03-03 13:15 - 2010-03-03 13:15 - 08762680 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
    2009-11-03 12:26 - 2009-11-03 12:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
    2010-03-03 13:15 - 2010-03-03 13:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
    2010-03-03 13:15 - 2010-03-03 13:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
    2010-04-08 18:16 - 2009-06-22 14:40 - 00022328 _____ () C:\Program Files\TOSHIBA\Toshiba Assist\NotifyX.dll
    2009-03-12 18:08 - 2009-03-12 18:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
    2009-07-25 16:38 - 2009-07-25 16:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
    2010-01-19 15:27 - 2010-01-19 15:27 - 01501696 _____ () C:\Program Files\Common Files\Intel\WirelessCommon\LIBEAY32.dll
    2013-09-20 22:00 - 2014-08-26 06:09 - 02640408 _____ () C:\Program Files (x86)\AVG Secure Search\vprot.exe
    2010-03-12 14:41 - 2010-03-12 14:41 - 00417080 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\TcrdKBB.exe
    2010-02-05 16:44 - 2010-02-05 16:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
    2014-08-11 17:54 - 2014-08-11 17:54 - 00519704 _____ () C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\log4cplusU.dll
    2013-12-09 20:43 - 2014-03-20 16:34 - 01603608 _____ () C:\Program Files (x86)\AVG Secure Search\TBAPI.dll
    2014-12-13 21:15 - 2014-12-13 21:15 - 03924592 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

    AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Nikon Monitor.lnk => C:\windows\pss\Nikon Monitor.lnk.CommonStartup
    MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    MSCONFIG\startupreg: Adobe Reader Speed Launcher => "C:\Program Files (x86)\Adobe\Reader 9.0\Reader\Reader_sl.exe"
    MSCONFIG\startupreg: EPSON WorkForce 30 Series => C:\windows\system32\spool\DRIVERS\x64\3\E_IATIEEA.EXE /FU "C:\windows\TEMP\E_SC222.tmp" /EF "HKCU"
    MSCONFIG\startupreg: HotKeysCmds => C:\windows\system32\hkcmd.exe
    MSCONFIG\startupreg: iTunesHelper => "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    MSCONFIG\startupreg: Memeo AutoSync => C:\Program Files (x86)\Memeo\AutoSync\MemeoLauncher2.exe --silent
    MSCONFIG\startupreg: Memeo Instant Backup => C:\Program Files (x86)\Memeo\AutoBackup\MemeoLauncher2.exe --silent --no_ui
    MSCONFIG\startupreg: msnmsgr => "C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe" /background
    MSCONFIG\startupreg: QuickTime Task => "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    MSCONFIG\startupreg: Seagate Dashboard => C:\Program Files (x86)\Seagate\Seagate Dashboard\MemeoLauncher.exe --silent --no_ui
    MSCONFIG\startupreg: Sidebar => C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    MSCONFIG\startupreg: Skype => "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    MSCONFIG\startupreg: SmartFaceVWatcher => %ProgramFiles%\Toshiba\SmartFaceV\SmartFaceVWatcher.exe
    MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
    MSCONFIG\startupreg: ToshibaServiceStation => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe" /hide:60
    MSCONFIG\startupreg: TWebCamera => "C:\Program Files (x86)\TOSHIBA\TOSHIBA Web Camera Application\TWebCamera.exe" autorun

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-3092100664-2491022899-479283734-500 - Administrator - Disabled)
    Guest (S-1-5-21-3092100664-2491022899-479283734-501 - Limited - Disabled)
    Hiddendemon666 (S-1-5-21-3092100664-2491022899-479283734-1000 - Administrator - Enabled) => C:\Users\Hiddendemon666

    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/17/2014 05:31:31 PM) (Source: ESENT) (EventID: 215) (User: )
    Description: WinMail (4592) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

    Error: (12/17/2014 05:31:24 PM) (Source: ESENT) (EventID: 215) (User: )
    Description: WinMail (4288) WindowsMail0: The backup has been stopped because it was halted by the client or the connection with the client failed.

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description: The index cannot be initialized.


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: The application cannot be initialized.

    Context: Windows Application


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: The gatherer object cannot be initialized.

    Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.TripoliIndexer> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog


    Details:
    Element not found. (HRESULT : 0x80070490) (0x80070490)

    Error: (12/17/2014 05:31:10 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: The plug-in in <Search.JetPropStore> cannot be initialized.

    Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:10 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: The Windows Search Service cannot load the property store information.

    Context: Windows Application, SystemIndex Catalog


    Details:
    The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

    Error: (12/17/2014 05:31:10 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description: The Windows Search Service is being stopped because there is a problem with the indexer: The catalog is corrupt.


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:10 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description: The search service has detected corrupted data files in the index {id=4700}. The service will attempt to automatically correct this problem by rebuilding the index.


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)


    System errors:
    =============
    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.

    Error: (12/17/2014 06:00:35 PM) (Source: Ntfs) (EventID: 55) (User: )
    Description: The file system structure on the disk is corrupt and unusable.
    Please run the chkdsk utility on the volume TI105835W0G.


    Microsoft Office Sessions:
    =========================
    Error: (12/17/2014 05:31:31 PM) (Source: ESENT) (EventID: 215) (User: )
    Description: WinMail4592WindowsMail0:

    Error: (12/17/2014 05:31:24 PM) (Source: ESENT) (EventID: 215) (User: )
    Description: WinMail4288WindowsMail0:

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 7010) (User: )
    Description:
    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3058) (User: )
    Description: Context: Windows Application


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3028) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)

    Error: (12/17/2014 05:31:12 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    Element not found. (HRESULT : 0x80070490) (0x80070490)
    Search.TripoliIndexer

    Error: (12/17/2014 05:31:10 PM) (Source: Windows Search Service) (EventID: 3029) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
    Search.JetPropStore

    Error: (12/17/2014 05:31:10 PM) (Source: Windows Search Service) (EventID: 9002) (User: )
    Description: Context: Windows Application, SystemIndex Catalog


    Details:
    The content index database is corrupt. (HRESULT : 0xc0041800) (0xc0041800)

    Error: (12/17/2014 05:31:10 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
    Description:
    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
    The catalog is corrupt

    Error: (12/17/2014 05:31:10 PM) (Source: Windows Search Service) (EventID: 7040) (User: )
    Description:
    Details:
    The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801)
    4700


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i3 CPU M 350 @ 2.27GHz
    Percentage of memory in use: 63%
    Total physical RAM: 3890.67 MB
    Available physical RAM: 1413.28 MB
    Total Pagefile: 7779.53 MB
    Available Pagefile: 4684.09 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.85 MB

    ==================== Drives ================================

    Drive c: (TI105835W0G) (Fixed) (Total:453.83 GB) (Free:350.13 GB) NTFS ==>[System with boot components (obtained from reading drive)]

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 465.8 GB) (Disk ID: 1786ECE7)
    Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
    Partition 2: (Not Active) - (Size=453.8 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=10.5 GB) - (Type=17)

    ==================== End Of Log ============================

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hello,

    I'm not sure how old this infection is. The infection is called zero access rootkit.

    I would counsel you to disconnect this PC from the Internet immediately. If you do any banking or other financial transactions on the PC or if it should contain any other sensitive information, please get to a known clean computer and change all passwords where applicable, and it would be wise to contact those same financial institutions to apprise them of your situation.

    Although an attempt could be made to clean this machine, it could never be considered to be truly clean, secure, or trustworthy. We could not say definitively that unknown and unseen malware will have been removed, nor will your system be restored to its pre-infection state. We cannot remedy unknown changes the malware may likely have made in order to allow itself access, nor can we repair the damage it may possibly have caused to vital system files. Additionally, it is quite possible that changes made to the system by the malware may impact negatively on your computer during the removal process. In short, your system may never regain its former stability or its full functionality without a reformat. Therefore, your best and safest course of action is a reformat and reinstallation of the Windows operating system, and that is the course we strongly recommend.


    Let me know if you would like an clean the machine if so please follow along:

    I need FRST on the desktop, you have it running from your downloads folder-->Running from C:\Users\Hiddendemon666\Downloads

    To move it:
    Navaigate to your downloads folder, open the downloads folder find FRST, right click on it choose cut
    Now go back to the desktop and on an empty space right click and choose paste
    FRST should now be on the desktop.

    Programs to remove:
    1. Java 7 Update 9
    Note
    Due to multiple security problems with Java we are now recommending that it not be installed unless you absolutely know you need it.

    Next

    A few items to fix

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Open notepad (Start =>All Programs => Accessories => Notepad).
    Copy/Paste the contents of the code box below into Notepad.

    Code:
    start
    CloseProcesses:
    HKLM\...\Run: [] => [X]
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...\MountPoints2: {2f6d1888-95a7-11df-8107-705ab6c622e0} - E:\LaunchU3.exe -a
    \$c236b97c3fcc86bc309d418570865fa5\n. ATTENTION! ====> ZeroAccess?
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
    BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
    BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll No File
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll No File
    Toolbar: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
    S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
    C:\Users\Hiddendemon666\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Hiddendemon666\AppData\Local\Temp\SSUPDATE64.EXE
    Task: {1CA5A589-7A39-4093-BAF8-99C5FCA4A24A} - System32\Tasks\{F3529E4D-5128-40D9-BE49-036719A3FA01} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
    AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
    
    Emptytemp:
    reboot:
    end
    Click Format and ensure Wordwrap is unchecked.
    Save as Fixlist.txt to your Desktop (Must be in this location)
    Run FRST/FRST64 and press the Fix button just once and wait.
    If the tool needed a restart please make sure you let the system to restart normally and let the tool completes its run after restart.
    The tool will make a log on the Desktop (Fixlog.txt). Please post it to your reply.

    Note: If the tool warns you about the version you're using being an outdated version please download and run the updated version.

    Next This is a very long log and may require 2 or 3 replies to get it all in.

    Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
    • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
      Vista/Windows 7 users right-click and select Run As Administrator.[/*]
    • If TDSSKiller does not run, try renaming it.[/*]
    • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.[/*]
    • Click the Start Scan button.[/*]
    • Do not use the computer during the scan[/*]
    • If the scan completes with nothing found, click Close to exit.[/*]
    • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.[/*]
    • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
      Note: If Cure is not an option, Skip instead, do not choose Delete unless instructed.[/*]
    • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C.[/*]
    • Copy and paste the contents of that file in your next reply.[/*]



    In your next reply post:
    • Fixlog.txt
    • TDSSKILLER Log.txt


    Joe
    Last edited by zep516; 12-17-2014 at 09:42 PM.

  5. #5
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    I went out and bought a new laptop. I will be working to clean up my old one, to have as a backup and so I can practice some things. Is it safe for me to move my pictures and other documents to my new laptop, or not? Thanks so much, so far!

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    Hello,

    It's an isolated rootkit / backdoor it's not a file infector like a true virus so yes it should be safe to move those documents. I'd clean it up before moving the files as a precaution though.

    Joe

  7. #7
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    Thanks so much, will keep you updated with progress!

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    You're welcome...

    Joe

  9. #9
    Member
    Join Date
    Mar 2011
    Posts
    113
    Points
    10

    Default

    Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 21-12-2014 01
    Ran by Hiddendemon666 at 2014-12-21 09:20:25 Run:2
    Running from C:\Users\Hiddendemon666\Desktop
    Loaded Profile: Hiddendemon666 (Available profiles: Hiddendemon666)
    Boot Mode: Normal
    ==============================================

    Content of fixlist:
    *****************
    start
    CloseProcesses:
    HKLM\...\Run: [] => [X]
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\...\MountPoints2: {2f6d1888-95a7-11df-8107-705ab6c622e0} - E:\LaunchU3.exe -a
    \$c236b97c3fcc86bc309d418570865fa5\n. ATTENTION! ====> ZeroAccess?
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
    BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssiea.dll No File
    BHO-x32: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files (x86)\AVG\AVG2012\avgssie.dll No File
    BHO-x32: AVG Security Toolbar -> {95B7759C-8C7F-4BF1-B163-73684A933233} -> C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll No File
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKLM-x32 - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Toolbar: HKLM-x32 - AVG Security Toolbar - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG Secure Search\13.2.0.5\AVG Secure Search_toolbar.dll No File
    Toolbar: HKU\S-1-5-21-3092100664-2491022899-479283734-1000 -> No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
    Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files (x86)\AVG\AVG2012\avgpp.dll No File
    FF Plugin-x32: @avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin -> C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\18.1.9\\npsitesafety.dll No File
    S2 McAfee SiteAdvisor Service; c:\PROGRA~2\mcafee\SITEAD~1\mcsacore.exe [X]
    C:\Users\Hiddendemon666\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\Hiddendemon666\AppData\Local\Temp\SSUPDATE64.EXE
    Task: {1CA5A589-7A39-4093-BAF8-99C5FCA4A24A} - System32\Tasks\{F3529E4D-5128-40D9-BE49-036719A3FA01} => pcalua.exe -a "C:\Program Files (x86)\AVG\AVG10\avgmfapx.exe" -c /AppMode=SETUP /Uninstall
    AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4

    Emptytemp:
    reboot:
    end
    *****************

    Processes closed successfully.
    HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value deleted successfully.
    "HKU\S-1-5-21-3092100664-2491022899-479283734-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2f6d1888-95a7-11df-8107-705ab6c622e0}" => Key deleted successfully.
    HKCR\CLSID\{2f6d1888-95a7-11df-8107-705ab6c622e0} => Key not found.
    \$c236b97c3fcc86bc309d418570865fa5\n. ATTENTION! ====> ZeroAccess? => Error: No automatic fix found for this entry.
    "HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
    HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key not found.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => Key deleted successfully.
    HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => Key could not be deleted. Error: -1073741772
    "HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
    "HKCR\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}" => Key deleted successfully.
    "HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
    "HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}" => Key deleted successfully.
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value deleted successfully.
    HKCR\Wow6432Node\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key could not be deleted. Error: -1073741772
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Value not found.
    HKCR\Wow6432Node\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key could not be deleted. Error: -1073741772
    HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar\\{95B7759C-8C7F-4BF1-B163-73684A933233} => value deleted successfully.
    HKCR\Wow6432Node\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233} => Key could not be deleted. Error: -1073741772
    HKU\S-1-5-21-3092100664-2491022899-479283734-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value deleted successfully.
    HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => Key not found.
    "HKCR\PROTOCOLS\Handler\linkscanner" => Key deleted successfully.
    "HKCR\CLSID\{F274614C-63F8-47D5-A4D1-FBDDE494F8D1}" => Key deleted successfully.
    "HKLM\Software\Wow6432Node\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin" => Key deleted successfully.
    McAfee SiteAdvisor Service => Service deleted successfully.
    "C:\Users\Hiddendemon666\AppData\Local\Temp\SkypeSetup.exe" => File/Directory not found.
    "C:\Users\Hiddendemon666\AppData\Local\Temp\SSUPDATE64.EXE" => File/Directory not found.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{1CA5A589-7A39-4093-BAF8-99C5FCA4A24A}" => Key deleted successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1CA5A589-7A39-4093-BAF8-99C5FCA4A24A}" => Key deleted successfully.
    C:\Windows\System32\Tasks\{F3529E4D-5128-40D9-BE49-036719A3FA01} => Moved successfully.
    "HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{F3529E4D-5128-40D9-BE49-036719A3FA01}" => Key deleted successfully.
    C:\ProgramData\TEMP => ":0B4227B4" ADS removed successfully.
    EmptyTemp: => Removed 79 MB temporary data.




    09:22:20.0025 0x19c0 TDSS rootkit removing tool 3.0.0.42 Dec 12 2014 00:35:20
    09:22:25.0501 0x19c0 ============================================================
    09:22:25.0501 0x19c0 Current date / time: 2014/12/21 09:22:25.0501
    09:22:25.0501 0x19c0 SystemInfo:
    09:22:25.0501 0x19c0
    09:22:25.0501 0x19c0 OS Version: 6.1.7601 ServicePack: 1.0
    09:22:25.0501 0x19c0 Product type: Workstation
    09:22:25.0501 0x19c0 ComputerName: GLENN
    09:22:25.0501 0x19c0 UserName: Hiddendemon666
    09:22:25.0502 0x19c0 Windows directory: C:\windows
    09:22:25.0502 0x19c0 System windows directory: C:\windows
    09:22:25.0502 0x19c0 Running under WOW64
    09:22:25.0502 0x19c0 Processor architecture: Intel x64
    09:22:25.0502 0x19c0 Number of processors: 4
    09:22:25.0502 0x19c0 Page size: 0x1000
    09:22:25.0502 0x19c0 Boot type: Normal boot
    09:22:25.0502 0x19c0 ============================================================
    09:22:34.0642 0x19c0 KLMD registered as C:\windows\system32\drivers\15778212.sys
    09:22:35.0733 0x19c0 System UUID: {ADE0E42F-4B75-8155-13EE-6AD4BE0ED48B}
    09:22:36.0656 0x19c0 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
    09:22:36.0674 0x19c0 ============================================================
    09:22:36.0674 0x19c0 \Device\Harddisk0\DR0:
    09:22:36.0675 0x19c0 MBR partitions:
    09:22:36.0675 0x19c0 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x38BAB000
    09:22:36.0675 0x19c0 ============================================================
    09:22:36.0767 0x19c0 C: <-> \Device\Harddisk0\DR0\Partition1
    09:22:36.0850 0x19c0 ============================================================
    09:22:36.0850 0x19c0 Initialize success
    09:22:36.0850 0x19c0 ============================================================
    09:23:57.0178 0x1ac4 ============================================================
    09:23:57.0178 0x1ac4 Scan started
    09:23:57.0178 0x1ac4 Mode: Manual;
    09:23:57.0178 0x1ac4 ============================================================
    09:23:57.0178 0x1ac4 KSN ping started
    09:23:59.0986 0x1ac4 KSN ping finished: true
    09:24:02.0389 0x1ac4 ================ Scan system memory ========================
    09:24:02.0389 0x1ac4 System memory - ok
    09:24:02.0389 0x1ac4 ================ Scan services =============================
    09:24:02.0467 0x1ac4 [ A0709B82FA3B5AFAD1467E565B8B3BA0, 3C20E66B37768169A69514F7F1DD21113483499BF3BD8852B803882E019B60FC ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    09:24:02.0467 0x1ac4 !SASCORE - ok
    09:24:02.0623 0x1ac4 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
    09:24:02.0638 0x1ac4 1394ohci - ok
    09:24:02.0685 0x1ac4 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
    09:24:02.0701 0x1ac4 ACPI - ok
    09:24:02.0763 0x1ac4 [ 12C5274CD87449A2A37A607CDB321922, 50FA524E66A8FA04037DC954D3AB5383C633898F111A3B7488630B649B897370 ] acpials C:\windows\system32\DRIVERS\acpials.sys
    09:24:02.0763 0x1ac4 acpials - ok
    09:24:02.0810 0x1ac4 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
    09:24:02.0810 0x1ac4 AcpiPmi - ok
    09:24:02.0935 0x1ac4 [ 3927397AC60D943DAF8808AFFED582B7, 2688254085C219E8CA9C5494ABDAD8FAE52533CEF7FA3C152715E0B78D591BCF ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    09:24:02.0935 0x1ac4 AdobeARMservice - ok
    09:24:03.0044 0x1ac4 [ 4E48A7DF7ECACB38C686B2BEBAA687A3, D4DEE6BD464855B24A6D40BC6A9279B2041099615C6A319D869DA113AD896EA3 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    09:24:03.0060 0x1ac4 AdobeFlashPlayerUpdateSvc - ok
    09:24:03.0106 0x1ac4 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\DRIVERS\adp94xx.sys
    09:24:03.0138 0x1ac4 adp94xx - ok
    09:24:03.0169 0x1ac4 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\DRIVERS\adpahci.sys
    09:24:03.0184 0x1ac4 adpahci - ok
    09:24:03.0216 0x1ac4 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\DRIVERS\adpu320.sys
    09:24:03.0216 0x1ac4 adpu320 - ok
    09:24:03.0247 0x1ac4 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
    09:24:03.0247 0x1ac4 AeLookupSvc - ok
    09:24:03.0309 0x1ac4 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\windows\system32\drivers\afd.sys
    09:24:03.0325 0x1ac4 AFD - ok
    09:24:03.0372 0x1ac4 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
    09:24:03.0372 0x1ac4 agp440 - ok
    09:24:03.0387 0x1ac4 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
    09:24:03.0387 0x1ac4 ALG - ok
    09:24:03.0418 0x1ac4 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
    09:24:03.0418 0x1ac4 aliide - ok
    09:24:03.0450 0x1ac4 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
    09:24:03.0450 0x1ac4 amdide - ok
    09:24:03.0481 0x1ac4 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\DRIVERS\amdk8.sys
    09:24:03.0481 0x1ac4 AmdK8 - ok
    09:24:03.0496 0x1ac4 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\DRIVERS\amdppm.sys
    09:24:03.0496 0x1ac4 AmdPPM - ok
    09:24:03.0528 0x1ac4 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
    09:24:03.0543 0x1ac4 amdsata - ok
    09:24:03.0590 0x1ac4 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\DRIVERS\amdsbs.sys
    09:24:03.0606 0x1ac4 amdsbs - ok
    09:24:03.0621 0x1ac4 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
    09:24:03.0621 0x1ac4 amdxata - ok
    09:24:03.0668 0x1ac4 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
    09:24:03.0684 0x1ac4 AppID - ok
    09:24:03.0699 0x1ac4 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
    09:24:03.0699 0x1ac4 AppIDSvc - ok
    09:24:03.0746 0x1ac4 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\windows\System32\appinfo.dll
    09:24:03.0746 0x1ac4 Appinfo - ok
    09:24:03.0808 0x1ac4 [ 20F6F19FE9E753F2780DC2FA083AD597, 5106F0F9BA8A7DE49260A9B13BF8EC45ACA6A166FA8B10B4F69C3BB54F6840A1 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    09:24:03.0808 0x1ac4 Apple Mobile Device - ok
    09:24:03.0840 0x1ac4 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\DRIVERS\arc.sys
    09:24:03.0840 0x1ac4 arc - ok
    09:24:03.0871 0x1ac4 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\DRIVERS\arcsas.sys
    09:24:03.0871 0x1ac4 arcsas - ok
    09:24:03.0902 0x1ac4 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
    09:24:03.0902 0x1ac4 AsyncMac - ok
    09:24:03.0918 0x1ac4 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
    09:24:03.0918 0x1ac4 atapi - ok
    09:24:03.0980 0x1ac4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
    09:24:04.0011 0x1ac4 AudioEndpointBuilder - ok
    09:24:04.0058 0x1ac4 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll
    09:24:04.0074 0x1ac4 AudioSrv - ok
    09:24:04.0230 0x1ac4 [ EE651D98B03FE3C075CCC58AB61C9287, 3CD5DBB6864691104B27A65DCC77217C54F4FB408F6FB1CFD2D34582803FB112 ] AVG Security Toolbar Service C:\Program Files (x86)\AVG\AVG10\Toolbar\ToolbarBroker.exe
    09:24:04.0261 0x1ac4 AVG Security Toolbar Service - ok
    09:24:04.0308 0x1ac4 [ 54FE1CAFA3B3029B282E6A05EA672031, E972B8A22322FF06903A1E3AB20585E02A21C3A6EA9A75C172231494A08D14D1 ] Avgdiska C:\windows\system32\DRIVERS\avgdiska.sys
    09:24:04.0323 0x1ac4 Avgdiska - ok
    09:24:04.0573 0x1ac4 [ 11BE8047AF7016C4D814F40CF4E5F1BD, 6E30843985B169D818BE9B0DDFB1841C271E9F58C119A3082286380933943184 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2015\avgidsagent.exe
    09:24:04.0698 0x1ac4 AVGIDSAgent - ok
    09:24:04.0776 0x1ac4 [ 4A989DB4EABAC4297A9DE0D70A9483CB, C739F577988916216A7537D43247FF4FBFEB59531BC02AF92BD7DF5375ED8F6B ] AVGIDSDriver C:\windows\system32\DRIVERS\avgidsdrivera.sys
    09:24:04.0791 0x1ac4 AVGIDSDriver - ok
    09:24:04.0838 0x1ac4 [ 17C34C4B42C8B2EFCF2C065178BF4806, CB28BEE44B7A821EE728EFFD1B1882B57E417292A3A5377F3A98F16B0AF14DC7 ] AVGIDSHA C:\windows\system32\DRIVERS\avgidsha.sys
    09:24:04.0854 0x1ac4 AVGIDSHA - ok
    09:24:04.0885 0x1ac4 [ 7C9E8FD2BFCE60BDF9B5944C0BE47C87, 0F51507BAECDEF7B6F553066621A03832FF070EC6837A8E304AABA1227F779BF ] Avgldx64 C:\windows\system32\DRIVERS\avgldx64.sys
    09:24:04.0916 0x1ac4 Avgldx64 - ok
    09:24:04.0963 0x1ac4 [ 734DCC05A7F327FDCE43A18BA011FD4E, E5245314E60D86911A6A9FC1FE4A0C0D0284D972CE642C28B9B1A43D1553AFA5 ] Avgloga C:\windows\system32\DRIVERS\avgloga.sys
    09:24:04.0978 0x1ac4 Avgloga - ok
    09:24:05.0010 0x1ac4 [ B4D589C734D796B5B76E0A0E5DA50397, CACAB2C0D01583CEB55C62334A4E9BB46A2E399BE9B7EDC988AEC785DF1FCC1C ] Avgmfx64 C:\windows\system32\DRIVERS\avgmfx64.sys
    09:24:05.0025 0x1ac4 Avgmfx64 - ok
    09:24:05.0056 0x1ac4 [ 3CE824D46BA1871713ABF147E6BAD556, B4D8AFC388BE06D6E3C5CDC865F80FF101E731E1D2B221FFC6C1E28487E1B3CD ] Avgrkx64 C:\windows\system32\DRIVERS\avgrkx64.sys
    09:24:05.0072 0x1ac4 Avgrkx64 - ok
    09:24:05.0103 0x1ac4 [ 0BB7ECAC81554D83A66A0B9F961BB9D0, BBCE86FE8980E06F5A92E8636D6D3F2FD7B6EF7DB999BBEB0E68A5FCB220EDC9 ] Avgtdia C:\windows\system32\DRIVERS\avgtdia.sys
    09:24:05.0119 0x1ac4 Avgtdia - ok
    09:24:05.0150 0x1ac4 [ 68430AD3FB0FADBFA5D1677617D1E1F5, CF732DD21B472653AB0A4063455F2E7608F3075C255B9882D18CB52026B6C972 ] avgtp C:\windows\system32\drivers\avgtpx64.sys
    09:24:05.0150 0x1ac4 avgtp - ok
    09:24:05.0181 0x1ac4 [ BA5BEC7FB1EABF3FBD38924AB45C7B3A, DF731DB44CDA24F412E72555A0AEB64E7B182BE22C8283CDEA4397DDBE6AA0EE ] avgwd C:\Program Files (x86)\AVG\AVG2015\avgwdsvc.exe
    09:24:05.0197 0x1ac4 avgwd - ok
    09:24:05.0290 0x1ac4 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
    09:24:05.0290 0x1ac4 AxInstSV - ok
    09:24:05.0353 0x1ac4 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\DRIVERS\bxvbda.sys
    09:24:05.0368 0x1ac4 b06bdrv - ok
    09:24:05.0400 0x1ac4 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
    09:24:05.0431 0x1ac4 b57nd60a - ok
    09:24:05.0462 0x1ac4 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
    09:24:05.0478 0x1ac4 BDESVC - ok
    09:24:05.0493 0x1ac4 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
    09:24:05.0493 0x1ac4 Beep - ok
    09:24:05.0587 0x1ac4 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
    09:24:06.0070 0x1ac4 BFE - ok
    09:24:06.0133 0x1ac4 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
    09:24:06.0195 0x1ac4 BITS - ok
    09:24:06.0242 0x1ac4 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
    09:24:06.0242 0x1ac4 blbdrive - ok
    09:24:06.0273 0x1ac4 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
    09:24:06.0273 0x1ac4 bowser - ok
    09:24:06.0289 0x1ac4 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\DRIVERS\BrFiltLo.sys
    09:24:06.0289 0x1ac4 BrFiltLo - ok
    09:24:06.0304 0x1ac4 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\DRIVERS\BrFiltUp.sys
    09:24:06.0304 0x1ac4 BrFiltUp - ok
    09:24:06.0336 0x1ac4 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\windows\System32\browser.dll
    09:24:06.0336 0x1ac4 Browser - ok
    09:24:06.0367 0x1ac4 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
    09:24:06.0382 0x1ac4 Brserid - ok
    09:24:06.0398 0x1ac4 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
    09:24:06.0398 0x1ac4 BrSerWdm - ok
    09:24:06.0414 0x1ac4 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
    09:24:06.0414 0x1ac4 BrUsbMdm - ok
    09:24:06.0429 0x1ac4 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
    09:24:06.0429 0x1ac4 BrUsbSer - ok
    09:24:06.0460 0x1ac4 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\DRIVERS\bthmodem.sys
    09:24:06.0460 0x1ac4 BTHMODEM - ok
    09:24:06.0492 0x1ac4 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
    09:24:06.0507 0x1ac4 bthserv - ok
    09:24:06.0523 0x1ac4 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
    09:24:06.0523 0x1ac4 cdfs - ok
    09:24:06.0570 0x1ac4 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\drivers\cdrom.sys
    09:24:06.0570 0x1ac4 cdrom - ok
    09:24:06.0632 0x1ac4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
    09:24:06.0632 0x1ac4 CertPropSvc - ok
    09:24:06.0663 0x1ac4 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\DRIVERS\circlass.sys
    09:24:06.0663 0x1ac4 circlass - ok
    09:24:06.0694 0x1ac4 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
    09:24:06.0726 0x1ac4 CLFS - ok
    09:24:06.0772 0x1ac4 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
    09:24:06.0772 0x1ac4 clr_optimization_v2.0.50727_32 - ok
    09:24:06.0835 0x1ac4 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
    09:24:06.0835 0x1ac4 clr_optimization_v2.0.50727_64 - ok
    09:24:06.0913 0x1ac4 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
    09:24:06.0913 0x1ac4 clr_optimization_v4.0.30319_32 - ok
    09:24:06.0960 0x1ac4 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
    09:24:06.0960 0x1ac4 clr_optimization_v4.0.30319_64 - ok
    09:24:06.0991 0x1ac4 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
    09:24:06.0991 0x1ac4 CmBatt - ok
    09:24:07.0022 0x1ac4 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
    09:24:07.0022 0x1ac4 cmdide - ok
    09:24:07.0053 0x1ac4 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\windows\system32\Drivers\cng.sys
    09:24:07.0084 0x1ac4 CNG - ok
    09:24:07.0100 0x1ac4 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\DRIVERS\compbatt.sys
    09:24:07.0100 0x1ac4 Compbatt - ok
    09:24:07.0131 0x1ac4 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\drivers\CompositeBus.sys
    09:24:07.0131 0x1ac4 CompositeBus - ok
    09:24:07.0147 0x1ac4 COMSysApp - ok
    09:24:07.0162 0x1ac4 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\DRIVERS\crcdisk.sys
    09:24:07.0162 0x1ac4 crcdisk - ok
    09:24:07.0225 0x1ac4 [ 9C01375BE382E834CC26D1B7EAF2C4FE, B1D1E36B91A3C3CD09428EE3403896F71390A2798323BB406B484D9DB064A219 ] CryptSvc C:\windows\system32\cryptsvc.dll
    09:24:07.0225 0x1ac4 CryptSvc - ok
    09:24:07.0287 0x1ac4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
    09:24:07.0303 0x1ac4 DcomLaunch - ok
    09:24:07.0350 0x1ac4 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
    09:24:07.0365 0x1ac4 defragsvc - ok
    09:24:07.0412 0x1ac4 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
    09:24:07.0412 0x1ac4 DfsC - ok
    09:24:07.0443 0x1ac4 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
    09:24:07.0911 0x1ac4 Dhcp - ok
    09:24:07.0942 0x1ac4 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
    09:24:07.0958 0x1ac4 discache - ok
    09:24:07.0989 0x1ac4 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\DRIVERS\disk.sys
    09:24:07.0989 0x1ac4 Disk - ok
    09:24:08.0036 0x1ac4 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
    09:24:08.0036 0x1ac4 Dnscache - ok
    09:24:08.0083 0x1ac4 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
    09:24:08.0083 0x1ac4 dot3svc - ok
    09:24:08.0114 0x1ac4 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
    09:24:08.0130 0x1ac4 DPS - ok
    09:24:08.0161 0x1ac4 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
    09:24:08.0161 0x1ac4 drmkaud - ok
    09:24:08.0208 0x1ac4 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
    09:24:08.0254 0x1ac4 DXGKrnl - ok
    09:24:08.0286 0x1ac4 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
    09:24:08.0301 0x1ac4 EapHost - ok
    09:24:08.0426 0x1ac4 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\DRIVERS\evbda.sys
    09:24:08.0535 0x1ac4 ebdrv - ok
    09:24:08.0551 0x1ac4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\windows\System32\lsass.exe
    09:24:08.0566 0x1ac4 EFS - ok
    09:24:08.0629 0x1ac4 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
    09:24:08.0660 0x1ac4 ehRecvr - ok
    09:24:08.0691 0x1ac4 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
    09:24:08.0707 0x1ac4 ehSched - ok
    09:24:08.0754 0x1ac4 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\DRIVERS\elxstor.sys
    09:24:08.0785 0x1ac4 elxstor - ok
    09:24:08.0800 0x1ac4 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
    09:24:08.0800 0x1ac4 ErrDev - ok
    09:24:08.0832 0x1ac4 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
    09:24:08.0847 0x1ac4 EventSystem - ok
    09:24:08.0956 0x1ac4 [ 7C1042CDA4E7151E91F1E66A4D9118B0, 14A30FFE79EADFA6B4DF01558E54FA5C542E823BA3CE82E54446B1F17CE33EA9 ] EvtEng C:\Program Files\Intel\WiFi\bin\EvtEng.exe
    09:24:09.0034 0x1ac4 EvtEng - ok
    09:24:09.0066 0x1ac4 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
    09:24:09.0081 0x1ac4 exfat - ok
    09:24:09.0112 0x1ac4 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
    09:24:09.0128 0x1ac4 fastfat - ok
    09:24:09.0190 0x1ac4 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
    09:24:09.0222 0x1ac4 Fax - ok
    09:24:09.0253 0x1ac4 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\DRIVERS\fdc.sys
    09:24:09.0253 0x1ac4 fdc - ok
    09:24:09.0284 0x1ac4 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
    09:24:09.0284 0x1ac4 fdPHost - ok
    09:24:09.0284 0x1ac4 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
    09:24:09.0300 0x1ac4 FDResPub - ok
    09:24:09.0300 0x1ac4 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
    09:24:09.0300 0x1ac4 FileInfo - ok
    09:24:09.0315 0x1ac4 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
    09:24:09.0315 0x1ac4 Filetrace - ok
    09:24:09.0331 0x1ac4 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\DRIVERS\flpydisk.sys
    09:24:09.0331 0x1ac4 flpydisk - ok
    09:24:09.0378 0x1ac4 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
    09:24:09.0409 0x1ac4 FltMgr - ok
    09:24:09.0456 0x1ac4 [ B4447F606BB19FD8AD0BAFB59B90F5D9, 043E686029DE2710305852E3A416176E400F9FD5FB98E4F2A6F14C060FAABED5 ] FontCache C:\windows\system32\FntCache.dll
    09:24:09.0534 0x1ac4 FontCache - ok
    09:24:09.0596 0x1ac4 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
    09:24:09.0596 0x1ac4 FontCache3.0.0.0 - ok
    09:24:09.0627 0x1ac4 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
    09:24:09.0643 0x1ac4 FsDepends - ok
    09:24:09.0674 0x1ac4 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
    09:24:09.0674 0x1ac4 Fs_Rec - ok
    09:24:09.0705 0x1ac4 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
    09:24:09.0721 0x1ac4 fvevol - ok
    09:24:09.0736 0x1ac4 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\DRIVERS\gagp30kx.sys
    09:24:09.0752 0x1ac4 gagp30kx - ok
    09:24:09.0799 0x1ac4 [ E403AACF8C7BB11375122D2464560311, 0427B8FFD999D256EA1A5135F218692959A7577CB32354D3087CF0FB4F0577DF ] GEARAspiWDM C:\windows\system32\DRIVERS\GEARAspiWDM.sys
    09:24:09.0799 0x1ac4 GEARAspiWDM - ok
    09:24:09.0861 0x1ac4 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
    09:24:09.0877 0x1ac4 gpsvc - ok
    09:24:09.0908 0x1ac4 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
    09:24:09.0908 0x1ac4 hcw85cir - ok
    09:24:09.0955 0x1ac4 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
    09:24:09.0970 0x1ac4 HdAudAddService - ok
    09:24:10.0017 0x1ac4 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\drivers\HDAudBus.sys
    09:24:10.0033 0x1ac4 HDAudBus - ok
    09:24:10.0048 0x1ac4 [ B6AC71AAA2B10848F57FC49D55A651AF, 4FAD833654E86F9FAF972AC8AF87FD4A9A765B26B96F096BBD63506B5D521A91 ] HECIx64 C:\windows\system32\DRIVERS\HECIx64.sys
    09:24:10.0064 0x1ac4 HECIx64 - ok
    09:24:10.0080 0x1ac4 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\DRIVERS\HidBatt.sys
    09:24:10.0080 0x1ac4 HidBatt - ok
    09:24:10.0095 0x1ac4 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\DRIVERS\hidbth.sys
    09:24:10.0095 0x1ac4 HidBth - ok
    09:24:10.0111 0x1ac4 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\DRIVERS\hidir.sys
    09:24:10.0111 0x1ac4 HidIr - ok
    09:24:10.0142 0x1ac4 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
    09:24:10.0142 0x1ac4 hidserv - ok
    09:24:10.0189 0x1ac4 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
    09:24:10.0189 0x1ac4 HidUsb - ok
    09:24:10.0220 0x1ac4 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
    09:24:10.0236 0x1ac4 hkmsvc - ok
    09:24:10.0298 0x1ac4 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
    09:24:10.0314 0x1ac4 HomeGroupListener - ok
    09:24:10.0360 0x1ac4 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
    09:24:10.0360 0x1ac4 HomeGroupProvider - ok
    09:24:10.0407 0x1ac4 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
    09:24:10.0423 0x1ac4 HpSAMD - ok
    09:24:10.0501 0x1ac4 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
    09:24:10.0532 0x1ac4 HTTP - ok
    09:24:10.0579 0x1ac4 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
    09:24:10.0579 0x1ac4 hwpolicy - ok
    09:24:10.0594 0x1ac4 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\drivers\i8042prt.sys
    09:24:10.0610 0x1ac4 i8042prt - ok
    09:24:10.0672 0x1ac4 [ 85977CD13FC16069CE0AF7943A811775, 421AFFF08D14C2F55CFEF05E4A5A8B086F80BE69A927F84052A502EC5B222990 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
    09:24:10.0688 0x1ac4 iaStor - ok
    09:24:10.0735 0x1ac4 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
    09:24:10.0766 0x1ac4 iaStorV - ok
    09:24:10.0828 0x1ac4 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
    09:24:10.0844 0x1ac4 IDriverT - ok
    09:24:10.0922 0x1ac4 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
    09:24:10.0984 0x1ac4 idsvc - ok
    09:24:11.0359 0x1ac4 [ 09CE164AFA8483E41808784D7FCA154E, 43557E44C8339469BD34B54D2080AF041356F0201A7ECA3A6EEEA9C9C7D78F87 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
    09:24:11.0718 0x1ac4 igfx - ok
    09:24:11.0811 0x1ac4 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\DRIVERS\iirsp.sys
    09:24:11.0811 0x1ac4 iirsp - ok
    09:24:11.0874 0x1ac4 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\windows\System32\ikeext.dll
    09:24:11.0936 0x1ac4 IKEEXT - ok
    09:24:11.0983 0x1ac4 [ DD587A55390ED2295BCE6D36AD567DA9, AEB7DCB8EF89BEE8D9649A05FC482B1E4E3F44243D57A2577C862EB69166C48E ] Impcd C:\windows\system32\DRIVERS\Impcd.sys
    09:24:11.0998 0x1ac4 Impcd - ok
    09:24:12.0123 0x1ac4 [ 490947A9AFF7CA31EF2E08F5776105EB, C817D60DBA6B276AD4EF2E0FDF5547F152294AFEF6264C28B8F4DC20B3A85515 ] IntcAzAudAddService C:\windows\system32\drivers\RTKVHD64.sys
    09:24:12.0217 0x1ac4 IntcAzAudAddService - ok
    09:24:12.0248 0x1ac4 [ 58CF58DEE26C909BD6F977B61D246295, 0CE27B81C091961A22B75478449D654F9C1A68E43DF80C699DB8DD3D1B288461 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
    09:24:12.0264 0x1ac4 IntcDAud - ok
    09:24:12.0295 0x1ac4 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
    09:24:12.0295 0x1ac4 intelide - ok
    09:24:12.0326 0x1ac4 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
    09:24:12.0326 0x1ac4 intelppm - ok
    09:24:12.0357 0x1ac4 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
    09:24:12.0357 0x1ac4 IPBusEnum - ok
    09:24:12.0404 0x1ac4 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
    09:24:12.0404 0x1ac4 IpFilterDriver - ok
    09:24:12.0435 0x1ac4 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
    09:24:12.0466 0x1ac4 iphlpsvc - ok
    09:24:12.0513 0x1ac4 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
    09:24:12.0513 0x1ac4 IPMIDRV - ok
    09:24:12.0544 0x1ac4 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
    09:24:12.0544 0x1ac4 IPNAT - ok
    09:24:12.0591 0x1ac4 [ B7CB0B121962CD89F98C0DD89331B0C0, 8FD329E00184F662847990ED095B95F6E404AA894C822DECB874116281351FD5 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
    09:24:12.0638 0x1ac4 iPod Service - ok
    09:24:12.0669 0x1ac4 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
    09:24:12.0669 0x1ac4 IRENUM - ok
    09:24:12.0685 0x1ac4 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
    09:24:12.0685 0x1ac4 isapnp - ok
    09:24:12.0732 0x1ac4 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
    09:24:12.0747 0x1ac4 iScsiPrt - ok
    09:24:12.0810 0x1ac4 [ 19496FE93696C929392F1595ED1F8BB3, 374503566D19D69CAB93BC60F6A9E1D9E177DD98FFEBD450AC1C01F8705818C6 ] JMCR C:\windows\system32\DRIVERS\jmcr.sys
    09:24:12.0810 0x1ac4 JMCR - ok
    09:24:12.0856 0x1ac4 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\drivers\kbdclass.sys
    09:24:12.0856 0x1ac4 kbdclass - ok
    09:24:12.0888 0x1ac4 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
    09:24:12.0888 0x1ac4 kbdhid - ok
    09:24:12.0919 0x1ac4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\windows\system32\lsass.exe
    09:24:12.0919 0x1ac4 KeyIso - ok
    09:24:12.0950 0x1ac4 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
    09:24:12.0966 0x1ac4 KSecDD - ok
    09:24:13.0012 0x1ac4 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
    09:24:13.0028 0x1ac4 KSecPkg - ok
    09:24:13.0044 0x1ac4 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
    09:24:13.0044 0x1ac4 ksthunk - ok
    09:24:13.0090 0x1ac4 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
    09:24:13.0106 0x1ac4 KtmRm - ok
    09:24:13.0168 0x1ac4 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
    09:24:13.0184 0x1ac4 LanmanServer - ok
    09:24:13.0231 0x1ac4 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
    09:24:13.0246 0x1ac4 LanmanWorkstation - ok
    09:24:13.0278 0x1ac4 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
    09:24:13.0278 0x1ac4 lltdio - ok
    09:24:13.0309 0x1ac4 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
    09:24:13.0324 0x1ac4 lltdsvc - ok
    09:24:13.0356 0x1ac4 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
    09:24:13.0356 0x1ac4 lmhosts - ok
    09:24:13.0434 0x1ac4 [ 23DE5B62B0445A6F874BE633C95B483E, 39A8E5BD057F5EE049FA48848C5881DCD2CFB16CD9E2A03CC9DDF35F116FEE0B ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    09:24:13.0449 0x1ac4 LMS - ok
    09:24:13.0480 0x1ac4 [ 41E122F6D1448C94CC05196BC41D6BFB, DC027B897A14359669C6C93CCC7FCEEA2FDCEE281489589DDAEE008FAD0B15E2 ] LPCFilter C:\windows\system32\DRIVERS\LPCFilter.sys
    09:24:13.0480 0x1ac4 LPCFilter - ok
    09:24:13.0527 0x1ac4 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\DRIVERS\lsi_fc.sys
    09:24:13.0527 0x1ac4 LSI_FC - ok
    09:24:13.0543 0x1ac4 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\DRIVERS\lsi_sas.sys
    09:24:13.0558 0x1ac4 LSI_SAS - ok
    09:24:13.0605 0x1ac4 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\DRIVERS\lsi_sas2.sys
    09:24:13.0605 0x1ac4 LSI_SAS2 - ok
    09:24:13.0636 0x1ac4 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\DRIVERS\lsi_scsi.sys
    09:24:13.0652 0x1ac4 LSI_SCSI - ok
    09:24:13.0683 0x1ac4 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
    09:24:13.0699 0x1ac4 luafv - ok
    09:24:13.0746 0x1ac4 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
    09:24:13.0761 0x1ac4 Mcx2Svc - ok
    09:24:13.0777 0x1ac4 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\DRIVERS\megasas.sys
    09:24:13.0792 0x1ac4 megasas - ok
    09:24:13.0824 0x1ac4 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\DRIVERS\MegaSR.sys
    09:24:13.0839 0x1ac4 MegaSR - ok
    09:24:13.0933 0x1ac4 [ B7C1BA9B0256B66411F09D705117AE66, F25A91CBB8852903E7AB90B63FB05650103B72E2222A58FB12EB10B51AE04910 ] MemeoBackgroundService C:\Program Files (x86)\Memeo\AutoBackup\MemeoBackgroundService.exe
    09:24:13.0933 0x1ac4 MemeoBackgroundService - ok
    09:24:13.0964 0x1ac4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
    09:24:13.0964 0x1ac4 MMCSS - ok
    09:24:13.0995 0x1ac4 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
    09:24:13.0995 0x1ac4 Modem - ok
    09:24:14.0026 0x1ac4 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
    09:24:14.0026 0x1ac4 monitor - ok
    09:24:14.0089 0x1ac4 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\drivers\mouclass.sys
    09:24:14.0104 0x1ac4 mouclass - ok
    09:24:14.0136 0x1ac4 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\DRIVERS\mouhid.sys
    09:24:14.0151 0x1ac4 mouhid - ok
    09:24:14.0198 0x1ac4 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
    09:24:14.0214 0x1ac4 mountmgr - ok
    09:24:14.0292 0x1ac4 [ DA03D2EAC041ECB3E0D31BC620F6F27B, C7BDD4B6C45492BCE5A2994057910D2D73901DBFBE7B1D9E9A098CF71F37EC47 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    09:24:14.0697 0x1ac4 MozillaMaintenance - ok
    09:24:14.0760 0x1ac4 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
    09:24:14.0775 0x1ac4 mpio - ok
    09:24:14.0838 0x1ac4 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
    09:24:14.0838 0x1ac4 mpsdrv - ok
    09:24:14.0994 0x1ac4 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
    09:24:15.0072 0x1ac4 MpsSvc - ok
    09:24:15.0134 0x1ac4 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
    09:24:15.0150 0x1ac4 MRxDAV - ok
    09:24:15.0243 0x1ac4 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
    09:24:15.0259 0x1ac4 mrxsmb - ok
    09:24:15.0306 0x1ac4 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
    09:24:15.0321 0x1ac4 mrxsmb10 - ok
    09:24:15.0368 0x1ac4 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
    09:24:15.0384 0x1ac4 mrxsmb20 - ok
    09:24:15.0446 0x1ac4 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\drivers\msahci.sys
    09:24:15.0446 0x1ac4 msahci - ok
    09:24:15.0493 0x1ac4 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
    09:24:15.0508 0x1ac4 msdsm - ok
    09:24:15.0555 0x1ac4 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
    09:24:15.0571 0x1ac4 MSDTC - ok
    09:24:15.0602 0x1ac4 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
    09:24:15.0618 0x1ac4 Msfs - ok
    09:24:15.0649 0x1ac4 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
    09:24:15.0664 0x1ac4 mshidkmdf - ok
    09:24:15.0664 0x1ac4 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
    09:24:15.0696 0x1ac4 msisadrv - ok
    09:24:15.0742 0x1ac4 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
    09:24:15.0774 0x1ac4 MSiSCSI - ok
    09:24:15.0774 0x1ac4 msiserver - ok
    09:24:15.0805 0x1ac4 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
    09:24:15.0820 0x1ac4 MSKSSRV - ok
    09:24:15.0883 0x1ac4 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
    09:24:15.0898 0x1ac4 MSPCLOCK - ok
    09:24:15.0945 0x1ac4 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
    09:24:15.0945 0x1ac4 MSPQM - ok
    09:24:16.0054 0x1ac4 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
    09:24:16.0148 0x1ac4 MsRPC - ok
    09:24:16.0195 0x1ac4 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\drivers\mssmbios.sys
    09:24:16.0210 0x1ac4 mssmbios - ok
    09:24:16.0226 0x1ac4 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
    09:24:16.0226 0x1ac4 MSTEE - ok
    09:24:16.0257 0x1ac4 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\DRIVERS\MTConfig.sys
    09:24:16.0257 0x1ac4 MTConfig - ok
    09:24:16.0320 0x1ac4 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
    09:24:16.0335 0x1ac4 Mup - ok
    09:24:16.0429 0x1ac4 [ A94EEBD860AD00A0BFE91C0FD3F5FEB1, 163D3368C224ED144623EFA28D6117586B9A5ECCB5104AEF0071EE44636DACE4 ] MyWiFiDHCPDNS C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    09:24:16.0460 0x1ac4 MyWiFiDHCPDNS - ok
    09:24:16.0538 0x1ac4 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
    09:24:16.0585 0x1ac4 napagent - ok
    09:24:16.0647 0x1ac4 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
    09:24:16.0678 0x1ac4 NativeWifiP - ok
    09:24:16.0788 0x1ac4 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\windows\system32\drivers\ndis.sys
    09:24:16.0834 0x1ac4 NDIS - ok
    09:24:16.0866 0x1ac4 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
    09:24:16.0866 0x1ac4 NdisCap - ok
    09:24:16.0928 0x1ac4 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
    09:24:16.0944 0x1ac4 NdisTapi - ok
    09:24:17.0022 0x1ac4 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
    09:24:17.0037 0x1ac4 Ndisuio - ok
    09:24:17.0068 0x1ac4 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
    09:24:17.0084 0x1ac4 NdisWan - ok
    09:24:17.0115 0x1ac4 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
    09:24:17.0115 0x1ac4 NDProxy - ok
    09:24:17.0146 0x1ac4 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
    09:24:17.0162 0x1ac4 NetBIOS - ok
    09:24:17.0240 0x1ac4 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
    09:24:17.0271 0x1ac4 NetBT - ok
    09:24:17.0287 0x1ac4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\windows\system32\lsass.exe
    09:24:17.0302 0x1ac4 Netlogon - ok
    09:24:17.0396 0x1ac4 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
    09:24:17.0427 0x1ac4 Netman - ok
    09:24:17.0505 0x1ac4 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
    09:24:17.0536 0x1ac4 netprofm - ok
    09:24:17.0599 0x1ac4 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
    09:24:17.0614 0x1ac4 NetTcpPortSharing - ok
    09:24:18.0332 0x1ac4 [ 39EDE676D17F37AF4573C2B33EC28ACA, 6C897C8B72D7AC1385302E58509688790CC5F428E967485F92C3CD646907EF59 ] NETw5s64 C:\windows\system32\DRIVERS\NETw5s64.sys
    09:24:18.0644 0x1ac4 NETw5s64 - ok
    09:24:18.0738 0x1ac4 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\DRIVERS\nfrd960.sys
    09:24:18.0753 0x1ac4 nfrd960 - ok
    09:24:18.0847 0x1ac4 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\windows\System32\nlasvc.dll
    09:24:18.0878 0x1ac4 NlaSvc - ok
    09:24:18.0894 0x1ac4 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
    09:24:18.0925 0x1ac4 Npfs - ok
    09:24:19.0003 0x1ac4 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
    09:24:19.0003 0x1ac4 nsi - ok
    09:24:19.0018 0x1ac4 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
    09:24:19.0018 0x1ac4 nsiproxy - ok
    09:24:19.0284 0x1ac4 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\windows\system32\drivers\Ntfs.sys
    09:24:19.0393 0x1ac4 Ntfs - ok
    09:24:19.0440 0x1ac4 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
    09:24:19.0471 0x1ac4 Null - ok
    09:24:19.0533 0x1ac4 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
    09:24:19.0549 0x1ac4 nvraid - ok
    09:24:19.0611 0x1ac4 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
    09:24:19.0627 0x1ac4 nvstor - ok
    09:24:19.0674 0x1ac4 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
    09:24:19.0689 0x1ac4 nv_agp - ok
    09:24:19.0705 0x1ac4 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
    09:24:19.0720 0x1ac4 ohci1394 - ok
    09:24:19.0798 0x1ac4 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
    09:24:19.0814 0x1ac4 ose - ok
    09:24:20.0266 0x1ac4 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    09:24:20.0469 0x1ac4 osppsvc - ok
    09:24:20.0563 0x1ac4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
    09:24:20.0594 0x1ac4 p2pimsvc - ok
    09:24:20.0672 0x1ac4 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
    09:24:20.0703 0x1ac4 p2psvc - ok
    09:24:20.0734 0x1ac4 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\DRIVERS\parport.sys
    09:24:20.0750 0x1ac4 Parport - ok
    09:24:20.0781 0x1ac4 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
    09:24:20.0797 0x1ac4 partmgr - ok
    09:24:20.0812 0x1ac4 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
    09:24:20.0828 0x1ac4 PcaSvc - ok
    09:24:20.0890 0x1ac4 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
    09:24:20.0984 0x1ac4 pci - ok
    09:24:21.0015 0x1ac4 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\drivers\pciide.sys
    09:24:21.0031 0x1ac4 pciide - ok
    09:24:21.0062 0x1ac4 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\DRIVERS\pcmcia.sys
    09:24:21.0078 0x1ac4 pcmcia - ok
    09:24:21.0078 0x1ac4 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
    09:24:21.0093 0x1ac4 pcw - ok
    09:24:21.0171 0x1ac4 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
    09:24:21.0218 0x1ac4 PEAUTH - ok
    09:24:21.0452 0x1ac4 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
    09:24:21.0468 0x1ac4 PerfHost - ok
    09:24:21.0514 0x1ac4 [ 663962900E7FEA522126BA287715BB4A, 95CE12CA11E705C293BE4E18845581037D819A7EC812349BCAF4EABC8E7087B1 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
    09:24:21.0514 0x1ac4 PGEffect - ok
    09:24:21.0780 0x1ac4 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
    09:24:21.0873 0x1ac4 pla - ok
    09:24:21.0951 0x1ac4 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
    09:24:21.0982 0x1ac4 PlugPlay - ok
    09:24:22.0014 0x1ac4 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
    09:24:22.0014 0x1ac4 PNRPAutoReg - ok
    09:24:22.0060 0x1ac4 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
    09:24:22.0076 0x1ac4 PNRPsvc - ok
    09:24:22.0232 0x1ac4 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
    09:24:22.0279 0x1ac4 PolicyAgent - ok
    09:24:22.0357 0x1ac4 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
    09:24:22.0372 0x1ac4 Power - ok
    09:24:22.0450 0x1ac4 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
    09:24:22.0450 0x1ac4 PptpMiniport - ok
    09:24:22.0497 0x1ac4 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\DRIVERS\processr.sys
    09:24:22.0513 0x1ac4 Processor - ok
    09:24:22.0560 0x1ac4 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
    09:24:22.0575 0x1ac4 ProfSvc - ok
    09:24:22.0638 0x1ac4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\windows\system32\lsass.exe
    09:24:22.0638 0x1ac4 ProtectedStorage - ok
    09:24:22.0684 0x1ac4 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
    09:24:22.0700 0x1ac4 Psched - ok
    09:24:22.0794 0x1ac4 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\DRIVERS\ql2300.sys
    09:24:22.0903 0x1ac4 ql2300 - ok
    09:24:22.0918 0x1ac4 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\DRIVERS\ql40xx.sys
    09:24:22.0950 0x1ac4 ql40xx - ok
    09:24:23.0059 0x1ac4 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
    09:24:23.0090 0x1ac4 QWAVE - ok
    09:24:23.0121 0x1ac4 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
    09:24:23.0121 0x1ac4 QWAVEdrv - ok
    09:24:23.0137 0x1ac4 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
    09:24:23.0137 0x1ac4 RasAcd - ok
    09:24:23.0184 0x1ac4 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
    09:24:23.0184 0x1ac4 RasAgileVpn - ok
    09:24:23.0215 0x1ac4 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
    09:24:23.0246 0x1ac4 RasAuto - ok
    09:24:23.0324 0x1ac4 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
    09:24:23.0340 0x1ac4 Rasl2tp - ok
    09:24:23.0386 0x1ac4 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
    09:24:23.0418 0x1ac4 RasMan - ok
    09:24:23.0449 0x1ac4 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
    09:24:23.0449 0x1ac4 RasPppoe - ok
    09:24:23.0464 0x1ac4 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
    09:24:23.0480 0x1ac4 RasSstp - ok
    09:24:23.0558 0x1ac4 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
    09:24:23.0589 0x1ac4 rdbss - ok
    09:24:23.0620 0x1ac4 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\DRIVERS\rdpbus.sys
    09:24:23.0636 0x1ac4 rdpbus - ok
    09:24:23.0652 0x1ac4 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
    09:24:23.0652 0x1ac4 RDPCDD - ok
    09:24:23.0683 0x1ac4 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
    09:24:23.0683 0x1ac4 RDPENCDD - ok
    09:24:23.0698 0x1ac4 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
    09:24:23.0698 0x1ac4 RDPREFMP - ok
    09:24:23.0730 0x1ac4 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
    09:24:23.0761 0x1ac4 RDPWD - ok
    09:24:23.0886 0x1ac4 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
    09:24:23.0917 0x1ac4 rdyboost - ok
    09:24:24.0057 0x1ac4 [ 6108654C5EBEA28A606D6890B4DE6DE3, BDFF0796BE175E929A178BA3A9160AEF42DF07D34631F162DC1750C8582B5C4A ] RegSrvc C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
    09:24:24.0104 0x1ac4 RegSrvc - ok
    09:24:24.0151 0x1ac4 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
    09:24:24.0166 0x1ac4 RemoteAccess - ok
    09:24:24.0198 0x1ac4 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
    09:24:24.0213 0x1ac4 RemoteRegistry - ok
    09:24:24.0244 0x1ac4 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
    09:24:24.0276 0x1ac4 RpcEptMapper - ok
    09:24:24.0291 0x1ac4 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
    09:24:24.0291 0x1ac4 RpcLocator - ok
    09:24:24.0369 0x1ac4 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
    09:24:24.0385 0x1ac4 RpcSs - ok
    09:24:24.0447 0x1ac4 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
    09:24:24.0463 0x1ac4 rspndr - ok
    09:24:24.0541 0x1ac4 [ FD978B2BF8A9B2390DCBEF435E9C1F9F, 52CFFE354006CCF087D3651D9D2AF201FD8A8FE8FB7D9CAAC8A527E91838ACE6 ] RTL8167 C:\windows\system32\DRIVERS\Rt64win7.sys
    09:24:24.0556 0x1ac4 RTL8167 - ok
    09:24:24.0572 0x1ac4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\windows\system32\lsass.exe
    09:24:24.0572 0x1ac4 SamSs - ok
    09:24:24.0650 0x1ac4 [ 99DF79C258B3342B6C8A5F802998DE56, BA9E343BF84F0C125896A402DDDEBCC52AD3A6E4573253AE1004FF7A9567F62D ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
    09:24:24.0650 0x1ac4 SASDIFSV - ok
    09:24:24.0681 0x1ac4 [ 2859C35C0651E8EB0D86D48E740388F2, 4AD913E558D51CDE4442C7F4BE42697AD91C0F34C92F2EA63B040830F97AAB77 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
    09:24:24.0681 0x1ac4 SASKUTIL - ok
    09:24:24.0712 0x1ac4 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
    09:24:24.0744 0x1ac4 sbp2port - ok
    09:24:24.0790 0x1ac4 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
    09:24:24.0822 0x1ac4 SCardSvr - ok
    09:24:24.0900 0x1ac4 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
    09:24:24.0931 0x1ac4 scfilter - ok
    09:24:25.0165 0x1ac4 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
    09:24:25.0243 0x1ac4 Schedule - ok
    09:24:25.0290 0x1ac4 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
    09:24:25.0290 0x1ac4 SCPolicySvc - ok
    09:24:25.0399 0x1ac4 [ 111E0EBC0AD79CB0FA014B907B231CF0, B7D43D156C2524938503CF8E99C4D1F7A5C55E16C0368F57F4CD23C6D833B38F ] sdbus C:\windows\system32\drivers\sdbus.sys
    09:24:25.0414 0x1ac4 sdbus - ok
    09:24:25.0461 0x1ac4 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
    09:24:25.0492 0x1ac4 SDRSVC - ok
    09:24:25.0586 0x1ac4 [ 16B44D246835EAC156F8DAF0AA4F530C, F882BE1B27C0500AEE34BB9D9B69EBD258A19418475DB5552345DC844CDA1ECB ] SeagateDashboardService C:\Program Files (x86)\Seagate\Seagate Dashboard\SeagateDashboardService.exe
    09:24:25.0602 0x1ac4 SeagateDashboardService - ok
    09:24:25.0633 0x1ac4 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
    09:24:25.0633 0x1ac4 secdrv - ok
    09:24:25.0804 0x1ac4 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
    09:24:25.0804 0x1ac4 seclogon - ok
    09:24:26.0007 0x1ac4 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
    09:24:26.0007 0x1ac4 SENS - ok
    09:24:26.0038 0x1ac4 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
    09:24:26.0054 0x1ac4 SensrSvc - ok
    09:24:26.0132 0x1ac4 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\DRIVERS\serenum.sys
    09:24:26.0132 0x1ac4 Serenum - ok
    09:24:26.0148 0x1ac4 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\DRIVERS\serial.sys
    09:24:26.0148 0x1ac4 Serial - ok
    09:24:26.0179 0x1ac4 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\DRIVERS\sermouse.sys
    09:24:26.0179 0x1ac4 sermouse - ok
    09:24:26.0241 0x1ac4 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
    09:24:26.0257 0x1ac4 SessionEnv - ok
    09:24:26.0288 0x1ac4 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
    09:24:26.0288 0x1ac4 sffdisk - ok
    09:24:26.0319 0x1ac4 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
    09:24:26.0319 0x1ac4 sffp_mmc - ok
    09:24:26.0335 0x1ac4 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
    09:24:26.0350 0x1ac4 sffp_sd - ok
    09:24:26.0366 0x1ac4 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\DRIVERS\sfloppy.sys
    09:24:26.0366 0x1ac4 sfloppy - ok
    09:24:26.0428 0x1ac4 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
    09:24:26.0460 0x1ac4 SharedAccess - ok
    09:24:26.0506 0x1ac4 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
    09:24:26.0522 0x1ac4 ShellHWDetection - ok
    09:24:26.0584 0x1ac4 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\DRIVERS\SiSRaid2.sys
    09:24:26.0616 0x1ac4 SiSRaid2 - ok
    09:24:26.0616 0x1ac4 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\DRIVERS\sisraid4.sys
    09:24:26.0631 0x1ac4 SiSRaid4 - ok
    09:24:26.0818 0x1ac4 [ 050A4112B00BCA2E13314CDE48C1DEEE, 86C679CD494DEEB984372BF954EFBB8982AC7995FBF89FCF83BC228991D1B825 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
    09:24:26.0850 0x1ac4 SkypeUpdate - ok
    09:24:26.0881 0x1ac4 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
    09:24:26.0896 0x1ac4 Smb - ok
    09:24:26.0928 0x1ac4 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
    09:24:26.0959 0x1ac4 SNMPTRAP - ok
    09:24:26.0990 0x1ac4 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
    09:24:26.0990 0x1ac4 spldr - ok
    09:24:27.0037 0x1ac4 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\windows\System32\spoolsv.exe
    09:24:27.0084 0x1ac4 Spooler - ok
    09:24:27.0302 0x1ac4 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
    09:24:27.0474 0x1ac4 sppsvc - ok
    09:24:27.0520 0x1ac4 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
    09:24:27.0536 0x1ac4 sppuinotify - ok
    09:24:27.0614 0x1ac4 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
    09:24:27.0645 0x1ac4 srv - ok
    09:24:27.0723 0x1ac4 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
    09:24:27.0739 0x1ac4 srv2 - ok
    09:24:27.0770 0x1ac4 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
    09:24:27.0786 0x1ac4 srvnet - ok
    09:24:27.0832 0x1ac4 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
    09:24:27.0848 0x1ac4 SSDPSRV - ok
    09:24:27.0879 0x1ac4 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
    09:24:27.0895 0x1ac4 SstpSvc - ok
    09:24:27.0926 0x1ac4 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\DRIVERS\stexstor.sys
    09:24:27.0926 0x1ac4 stexstor - ok
    09:24:28.0098 0x1ac4 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
    09:24:28.0144 0x1ac4 stisvc - ok
    09:24:28.0160 0x1ac4 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\drivers\swenum.sys
    09:24:28.0176 0x1ac4 swenum - ok
    09:24:28.0285 0x1ac4 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
    09:24:28.0332 0x1ac4 swprv - ok
    09:24:28.0425 0x1ac4 [ 470C47DABA9CA3966F0AB3F835D7D135, BF98E48B05F37F8ABE264BF77355391A08955057E24AE456A5637D56BDFD40A5 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
    09:24:28.0456 0x1ac4 SynTP - ok
    09:24:28.0722 0x1ac4 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
    09:24:28.0831 0x1ac4 SysMain - ok
    09:24:28.0924 0x1ac4 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
    09:24:28.0956 0x1ac4 TabletInputService - ok
    09:24:29.0065 0x1ac4 [ EBDA96B7801F93E337F34D1068424790, C1DD57DCF1D3A2AEF82FA40D856E3F413A6451C300507FE948950C634A3C4CF2 ] taisregispinger C:\Program Files (x86)\TOSHIBA\ToshibaRegistration\TaisRegistPinger.exe
    09:24:29.0080 0x1ac4 taisregispinger - ok
    09:24:29.0158 0x1ac4 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
    09:24:29.0190 0x1ac4 TapiSrv - ok
    09:24:29.0252 0x1ac4 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
    09:24:29.0252 0x1ac4 TBS - ok
    09:24:29.0517 0x1ac4 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] Tcpip C:\windows\system32\drivers\tcpip.sys
    09:24:29.0595 0x1ac4 Tcpip - ok
    09:24:29.0845 0x1ac4 [ B62A953F2BF3922C8764A29C34A22899, 4A117FF9D1BD58C6A1787DDA7402BAE30E4BA7A70FE3A144F41DD647AA7A3901 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
    09:24:29.0892 0x1ac4 TCPIP6 - ok
    09:24:29.0938 0x1ac4 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
    09:24:29.0938 0x1ac4 tcpipreg - ok
    09:24:29.0985 0x1ac4 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
    09:24:30.0001 0x1ac4 tdcmdpst - ok
    09:24:30.0016 0x1ac4 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
    09:24:30.0032 0x1ac4 TDPIPE - ok
    09:24:30.0063 0x1ac4 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
    09:24:30.0079 0x1ac4 TDTCP - ok
    09:24:30.0126 0x1ac4 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys
    09:24:30.0141 0x1ac4 tdx - ok
    09:24:30.0157 0x1ac4 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\drivers\termdd.sys
    09:24:30.0172 0x1ac4 TermDD - ok
    09:24:30.0344 0x1ac4 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\windows\System32\termsrv.dll
    09:24:30.0406 0x1ac4 TermService - ok
    09:24:30.0438 0x1ac4 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
    09:24:30.0453 0x1ac4 Themes - ok
    09:24:30.0500 0x1ac4 [ C013F6ACAA9761F571BD28DADA7C157D, E57246132B36FE38D4B177AAE3367D25AF28449201CD4D02CB7957C32AF02AC6 ] Thpdrv C:\windows\system32\DRIVERS\thpdrv.sys
    09:24:30.0531 0x1ac4 Thpdrv - ok
    09:24:30.0562 0x1ac4 [ B4E609047434ED948AF7BDEF2FA66E38, 353B7A120E532E9CDF0DE91EC39DF5B9B92A1A99B537FF4FB0D1EA13DBE30D17 ] Thpevm C:\windows\system32\DRIVERS\Thpevm.SYS
    09:24:30.0578 0x1ac4 Thpevm - ok
    09:24:30.0672 0x1ac4 [ F6927BBA3B09AFF26A53A9191F7378F9, ECB6FD262882E9E2714DC61A634045B4C4906BF159A42ECB5D3166BD42EC65D1 ] Thpsrv C:\windows\system32\ThpSrv.exe
    09:24:30.0718 0x1ac4 Thpsrv - ok
    09:24:30.0750 0x1ac4 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
    09:24:30.0750 0x1ac4 THREADORDER - ok
    09:24:30.0796 0x1ac4 [ F120967184A27E927052E8DDBB727851, B54A1D2B4D52C0DF19AC81617A26CA164C5779C568DB86A6FD97D0A14D5FEEB4 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
    09:24:30.0812 0x1ac4 TMachInfo - ok
    09:24:30.0843 0x1ac4 [ ED32035BDFECED1AD66D459FD9CC1140, B82A15FAB4CBB5A633B9BF722441D5B20D946B63DD10BBE2A89D3A8BA3BE3339 ] TODDSrv C:\Windows\system32\TODDSrv.exe
    09:24:30.0859 0x1ac4 TODDSrv - ok
    09:24:30.0984 0x1ac4 [ 98C864481D62F86EC8AF65BE3419A95B, 61F0C7CBFAB151FBB62081A37C655D4E818A558E140F3F3BA5C26B024AE24EBB ] TosCoSrv C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
    09:24:31.0015 0x1ac4 TosCoSrv - ok
    09:24:31.0108 0x1ac4 [ 2AB7A4697462EDB0C9DFAFC529746BA9, 4EAF4839CA35C8FCE9C086D43E7417E52F0714A2227AE983C0B5C88A66A1B554 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
    09:24:31.0124 0x1ac4 TOSHIBA eco Utility Service - ok
    09:24:31.0202 0x1ac4 [ 74C2FA8C3765EE71A9C22182EC108457, A7073FAB6CE6FB9824544A9CDCCA441D08FD87D68EB564DCB1186FC257776221 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
    09:24:31.0202 0x1ac4 TOSHIBA HDD SSD Alert Service - ok
    09:24:31.0264 0x1ac4 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
    09:24:31.0296 0x1ac4 tos_sps64 - ok
    09:24:31.0358 0x1ac4 [ 97687D094AA597DA366E1194B218CC6C, 8A617E1901235518FDB7504FCDCE641D9F7C5D256A11D5FEFD35E7696972E2B8 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
    09:24:31.0420 0x1ac4 TPCHSrv - ok
    09:24:31.0452 0x1ac4 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
    09:24:31.0452 0x1ac4 TrkWks - ok
    09:24:31.0514 0x1ac4 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
    09:24:31.0530 0x1ac4 TrustedInstaller - ok
    09:24:31.0545 0x1ac4 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
    09:24:31.0576 0x1ac4 tssecsrv - ok
    09:24:31.0686 0x1ac4 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
    09:24:31.0701 0x1ac4 TsUsbFlt - ok
    09:24:31.0810 0x1ac4 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
    09:24:31.0826 0x1ac4 tunnel - ok
    09:24:31.0857 0x1ac4 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
    09:24:31.0873 0x1ac4 TVALZ - ok
    09:24:31.0904 0x1ac4 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
    09:24:31.0920 0x1ac4 TVALZFL - ok
    09:24:31.0951 0x1ac4 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\DRIVERS\uagp35.sys
    09:24:31.0966 0x1ac4 uagp35 - ok
    09:24:32.0091 0x1ac4 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
    09:24:32.0122 0x1ac4 udfs - ok
    09:24:32.0169 0x1ac4 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
    09:24:32.0169 0x1ac4 UI0Detect - ok
    09:24:32.0247 0x1ac4 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
    09:24:32.0263 0x1ac4 uliagpkx - ok
    09:24:32.0356 0x1ac4 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\drivers\umbus.sys
    09:24:32.0356 0x1ac4 umbus - ok
    09:24:32.0388 0x1ac4 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\DRIVERS\umpass.sys
    09:24:32.0403 0x1ac4 UmPass - ok
    09:24:32.0746 0x1ac4 [ CC3775100ABA633984F73DFAE1F55CAE, 845F129289BB73FD78A6C3B497F17BA973FD691BC9242200F81993417C803FE9 ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    09:24:32.0871 0x1ac4 UNS - ok
    09:24:32.0918 0x1ac4 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
    09:24:32.0934 0x1ac4 upnphost - ok
    09:24:33.0027 0x1ac4 [ AA33FC47ED58C34E6E9261E4F850B7EB, C6388127CAA695434ABFB6C59A53C8544E67E414012DE5F21B36D035BB1BACC8 ] USBAAPL64 C:\windows\system32\Drivers\usbaapl64.sys
    09:24:33.0043 0x1ac4 USBAAPL64 - ok
    09:24:33.0090 0x1ac4 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
    09:24:33.0105 0x1ac4 usbccgp - ok
    09:24:33.0136 0x1ac4 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\windows\system32\drivers\usbcir.sys
    09:24:33.0152 0x1ac4 usbcir - ok
    09:24:33.0199 0x1ac4 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\windows\system32\drivers\usbehci.sys
    09:24:33.0214 0x1ac4 usbehci - ok
    09:24:33.0292 0x1ac4 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
    09:24:33.0324 0x1ac4 usbhub - ok
    09:24:33.0339 0x1ac4 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\windows\system32\drivers\usbohci.sys
    09:24:33.0355 0x1ac4 usbohci - ok
    09:24:33.0386 0x1ac4 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\DRIVERS\usbprint.sys
    09:24:33.0402 0x1ac4 usbprint - ok
    09:24:33.0417 0x1ac4 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\drivers\USBSTOR.SYS
    09:24:33.0433 0x1ac4 USBSTOR - ok
    09:24:33.0464 0x1ac4 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
    09:24:33.0526 0x1ac4 usbuhci - ok
    09:24:33.0604 0x1ac4 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\windows\System32\Drivers\usbvideo.sys
    09:24:33.0620 0x1ac4 usbvideo - ok
    09:24:33.0667 0x1ac4 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
    09:24:33.0682 0x1ac4 UxSms - ok
    09:24:33.0698 0x1ac4 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\windows\system32\lsass.exe
    09:24:33.0714 0x1ac4 VaultSvc - ok
    09:24:33.0776 0x1ac4 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
    09:24:33.0776 0x1ac4 vdrvroot - ok
    09:24:33.0901 0x1ac4 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
    09:24:33.0932 0x1ac4 vds - ok
    09:24:33.0963 0x1ac4 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
    09:24:33.0979 0x1ac4 vga - ok
    09:24:33.0994 0x1ac4 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
    09:24:34.0010 0x1ac4 VgaSave - ok
    09:24:34.0104 0x1ac4 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
    09:24:34.0150 0x1ac4 vhdmp - ok
    09:24:34.0197 0x1ac4 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
    09:24:34.0213 0x1ac4 viaide - ok
    09:24:34.0228 0x1ac4 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
    09:24:34.0244 0x1ac4 volmgr - ok
    09:24:34.0369 0x1ac4 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
    09:24:34.0400 0x1ac4 volmgrx - ok
    09:24:34.0431 0x1ac4 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\windows\system32\drivers\volsnap.sys
    09:24:34.0447 0x1ac4 volsnap - ok
    09:24:34.0509 0x1ac4 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\DRIVERS\vsmraid.sys
    09:24:34.0509 0x1ac4 vsmraid - ok
    09:24:34.0696 0x1ac4 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
    09:24:34.0806 0x1ac4 VSS - ok
    09:24:35.0149 0x1ac4 [ 42E5B5428401F7CB56A5D585DCE46982, 1A2A24D32E1B1408071408BA9ADCE9A84A4E92C7B81469FCF9DC65EB8F0AFF89 ] vToolbarUpdater18.1.9 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.9\ToolbarUpdater.exe
    09:24:35.0289 0x1ac4 vToolbarUpdater18.1.9 - ok
    09:24:35.0305 0x1ac4 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
    09:24:35.0305 0x1ac4 vwifibus - ok
    09:24:35.0336 0x1ac4 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
    09:24:35.0336 0x1ac4 vwififlt - ok
    09:24:35.0383 0x1ac4 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp C:\windows\system32\DRIVERS\vwifimp.sys
    09:24:35.0398 0x1ac4 vwifimp - ok
    09:24:35.0476 0x1ac4 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
    09:24:35.0492 0x1ac4 W32Time - ok
    09:24:35.0539 0x1ac4 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\DRIVERS\wacompen.sys
    09:24:35.0554 0x1ac4 WacomPen - ok
    09:24:35.0632 0x1ac4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
    09:24:35.0664 0x1ac4 WANARP - ok
    09:24:35.0695 0x1ac4 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
    09:24:35.0710 0x1ac4 Wanarpv6 - ok
    09:24:35.0960 0x1ac4 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
    09:24:36.0038 0x1ac4 WatAdminSvc - ok
    09:24:36.0334 0x1ac4 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
    09:24:36.0444 0x1ac4 wbengine - ok
    09:24:36.0490 0x1ac4 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
    09:24:36.0553 0x1ac4 WbioSrvc - ok
    09:24:36.0662 0x1ac4 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
    09:24:36.0834 0x1ac4 wcncsvc - ok
    09:24:36.0880 0x1ac4 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
    09:24:36.0896 0x1ac4 WcsPlugInService - ok
    09:24:36.0927 0x1ac4 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\DRIVERS\wd.sys
    09:24:36.0927 0x1ac4 Wd - ok
    09:24:37.0052 0x1ac4 [ 442783E2CB0DA19873B7A63833FF4CB4, 09254970265476214F3187CC22A4F9C7C2769D419600E83FBE302C3A103E527F ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
    09:24:37.0114 0x1ac4 Wdf01000 - ok
    09:24:37.0161 0x1ac4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
    09:24:37.0192 0x1ac4 WdiServiceHost - ok
    09:24:37.0192 0x1ac4 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
    09:24:37.0208 0x1ac4 WdiSystemHost - ok
    09:24:37.0286 0x1ac4 [ 7C2EF67B0A43C4DEB7EF932CEDA337D6, E05FEB482D4DA2D3F80BD251A2F503292B2D984B54ADD72D1472CC60EDF0D4C5 ] wdkmd C:\windows\system32\DRIVERS\WDKMD.sys
    09:24:37.0302 0x1ac4 wdkmd - ok
    09:24:37.0348 0x1ac4 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\windows\System32\webclnt.dll
    09:24:37.0364 0x1ac4 WebClient - ok
    09:24:37.0411 0x1ac4 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
    09:24:37.0426 0x1ac4 Wecsvc - ok
    09:24:37.0458 0x1ac4 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
    09:24:37.0473 0x1ac4 wercplsupport - ok
    09:24:37.0536 0x1ac4 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
    09:24:37.0582 0x1ac4 WerSvc - ok
    09:24:37.0614 0x1ac4 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
    09:24:37.0629 0x1ac4 WfpLwf - ok
    09:24:37.0660 0x1ac4 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
    09:24:37.0692 0x1ac4 WIMMount - ok
    09:24:37.0707 0x1ac4 WinDefend - ok
    09:24:37.0879 0x1ac4 [ BC6FF00FB3A14437C94B37AC9A2101D4, 8BDA0108DE82EBEAE82F43108046C5FEB6F042E312FA0115475A9E32274FAE59 ] WINFLASH64 C:\Program Files (x86)\UEFI WinFlash\WinFlash64.sys
    09:24:37.0894 0x1ac4 WINFLASH64 - ok
    09:24:37.0894 0x1ac4 WinHttpAutoProxySvc - ok
    09:24:37.0957 0x1ac4 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
    09:24:37.0972 0x1ac4 Winmgmt - ok
    09:24:38.0269 0x1ac4 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
    09:24:38.0440 0x1ac4 WinRM - ok
    09:24:38.0503 0x1ac4 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\windows\system32\DRIVERS\WinUsb.sys
    09:24:38.0518 0x1ac4 WinUsb - ok
    09:24:38.0596 0x1ac4 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
    09:24:38.0690 0x1ac4 Wlansvc - ok
    09:24:38.0924 0x1ac4 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    09:24:39.0049 0x1ac4 wlidsvc - ok
    09:24:39.0096 0x1ac4 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\drivers\wmiacpi.sys
    09:24:39.0111 0x1ac4 WmiAcpi - ok
    09:24:39.0158 0x1ac4 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
    09:24:39.0189 0x1ac4 wmiApSrv - ok
    09:24:39.0220 0x1ac4 WMPNetworkSvc - ok
    09:24:39.0283 0x1ac4 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
    09:24:39.0283 0x1ac4 WPCSvc - ok
    09:24:39.0330 0x1ac4 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
    09:24:39.0345 0x1ac4 WPDBusEnum - ok
    09:24:39.0376 0x1ac4 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
    09:24:39.0392 0x1ac4 ws2ifsl - ok
    09:24:39.0408 0x1ac4 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
    09:24:39.0439 0x1ac4 wscsvc - ok
    09:24:39.0439 0x1ac4 WSearch - ok
    09:24:39.0626 0x1ac4 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv C:\windows\system32\wuaueng.dll
    09:24:39.0751 0x1ac4 wuauserv - ok
    09:24:39.0782 0x1ac4 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
    09:24:39.0813 0x1ac4 WudfPf - ok
    09:24:39.0844 0x1ac4 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
    09:24:39.0876 0x1ac4 WUDFRd - ok
    09:24:39.0907 0x1ac4 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\windows\System32\WUDFSvc.dll
    09:24:39.0938 0x1ac4 wudfsvc - ok
    09:24:39.0985 0x1ac4 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\windows\System32\wwansvc.dll
    09:24:40.0000 0x1ac4 WwanSvc - ok
    09:24:40.0063 0x1ac4 ================ Scan global ===============================
    09:24:40.0125 0x1ac4 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
    09:24:40.0203 0x1ac4 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\windows\system32\winsrv.dll
    09:24:40.0234 0x1ac4 [ 0C27239FEA4DB8A2AAC9E502186B7264, 102AA14D7A3CCCE913D9887AF4CCE87EA649A21BEF5196DFFCAD7E8F0B6A7293 ] C:\windows\system32\winsrv.dll
    09:24:40.0281 0x1ac4 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
    09:24:40.0297 0x1ac4 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
    09:24:40.0359 0x1ac4 [ Global ] - ok
    09:24:40.0375 0x1ac4 ================ Scan MBR ==================================
    09:24:40.0390 0x1ac4 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
    09:24:41.0295 0x1ac4 \Device\Harddisk0\DR0 - ok
    09:24:41.0295 0x1ac4 ================ Scan VBR ==================================
    09:24:41.0311 0x1ac4 [ 62AC31F8AF0BE422145EA19809346334 ] \Device\Harddisk0\DR0\Partition1
    09:24:41.0311 0x1ac4 \Device\Harddisk0\DR0\Partition1 - ok
    09:24:41.0311 0x1ac4 ================ Scan generic autorun ======================
    09:24:41.0373 0x1ac4 [ 2009347871FA8C7CAE1F9A3750FE0B31, 0D3298FA2DD068CF99B6B6AEDC78EFB9261E3FA8CDCCE6ADAD64569C410DE1EE ] C:\windows\system32\igfxtray.exe
    09:24:41.0404 0x1ac4 IgfxTray - ok
    09:24:41.0451 0x1ac4 [ 3E1E6DFDD8F43697C46E70E870B0CCBB, 0906E4C28D80947F3FC036FC26547FE5997AA606CA1B72AB707D70C2D8BDC36B ] C:\windows\system32\igfxpers.exe
    09:24:41.0514 0x1ac4 Persistence - ok
    09:24:42.0153 0x1ac4 [ 12A5B2D07E28D9BF17CFE60255AE7448, 15CEBC602FC6241C23162DF9ECC847B056A997CBB5DE2C95A3E448288C60DA48 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    09:24:42.0512 0x1ac4 RtHDVCpl - ok
    09:24:42.0668 0x1ac4 [ B8E26DEBBC8C732E12F6F941C3983277, 4320FFBD8DF3F0A00B6F7DDAB7306921345E7FC8FB0BDBEB466F3AFBA2C44B6D ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
    09:24:42.0715 0x1ac4 RtHDVBg - ok
    09:24:42.0730 0x1ac4 SynTPEnh - ok
    09:24:42.0730 0x1ac4 ThpSrv - ok
    09:24:42.0730 0x1ac4 TPwrMain - ok
    09:24:42.0730 0x1ac4 HSON - ok
    09:24:42.0730 0x1ac4 SmoothView - ok
    09:24:42.0746 0x1ac4 00TCrdMain - ok
    09:24:42.0746 0x1ac4 Teco - ok
    09:24:42.0746 0x1ac4 TosWaitSrv - ok
    09:24:42.0933 0x1ac4 [ 13F7CF5BC56BB7D6D646545F760D75D2, 5D6A44602788C920EFD080F57DF05E50A1D273A57BF1C991EF46FE1E08AA5A8D ] C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe
    09:24:43.0042 0x1ac4 IntelWireless - ok
    09:24:43.0074 0x1ac4 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
    09:24:43.0074 0x1ac4 TosVolRegulator - ok
    09:24:43.0074 0x1ac4 TosNC - ok
    09:24:43.0074 0x1ac4 TosReelTimeMonitor - ok
    09:24:43.0167 0x1ac4 [ F9EF20F6FDA1444C0864BD7AEDC10CAF, E6A18BD7200E7DE7599753DA27469AEC479A315931956D457547F243FCB92C2A ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
    09:24:43.0214 0x1ac4 TosSENotify - ok
    09:24:43.0261 0x1ac4 [ 15E7DB66D11CC100DC96C6EE8D97F520, DB0C03A7F7AE1465C5E780CA6D7BF4ED143842ABCD096A7F61B98E3E99E666F5 ] C:\Program Files (x86)\TOSHIBA\Utilities\KeNotify.exe
    09:24:43.0276 0x1ac4 KeNotify - ok
    09:24:43.0370 0x1ac4 [ 8107E3A186C034DDEB14718D71332714, 641AD52C6F624A59648043D6E044B772B76DA1C82C4B3258A109A2FB67AACFA3 ] C:\Program Files\TOSHIBA\Utilities\HWSetup.exe
    09:24:43.0401 0x1ac4 HWSetup - ok
    09:24:43.0432 0x1ac4 [ DB04E6CBFCB38A8E224239CE2185D9E6, 7DBAF41EB3BE0A21DB9CFB72FA22879238089E32879D2E2D7FC651CC9778C30B ] C:\Program Files (x86)\TOSHIBA\Utilities\SVPWUTIL.exe
    09:24:43.0464 0x1ac4 SVPWUTIL - ok
    09:24:43.0557 0x1ac4 [ CEBD440B6F812A00B2391CCD71E82958, 93A5FDD7B07310DE2F233019DEF34E0F575FA42DD574C6685B991BADF28121D1 ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
    09:24:43.0573 0x1ac4 TSleepSrv - ok
    09:24:43.0838 0x1ac4 [ E0A06707C91A18859AEBDD4FCEA734F7, BB0CF2847C8BCF696830BF5157A4AE7AB9AC4CC0978E64955F674BD10B556879 ] C:\Program Files (x86)\AVG Secure Search\vprot.exe
    09:24:43.0963 0x1ac4 vProt - ok
    09:24:44.0696 0x1ac4 [ 4312B4DD07050FC58146756634058CE8, CD0F85A6C3BAA55F350FAD4523E4F91D94D7B30597BF45E626F608FBF927828D ] C:\Program Files (x86)\AVG\AVG2015\avgui.exe
    09:24:44.0883 0x1ac4 AVG_UI - ok
    09:24:45.0102 0x1ac4 [ 3CB07566302BCEEB898DE270A0BEC175, B234D1044D8702A0929BB48F729EB5078B44AA7CD574B6482633B51289E70200 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    09:24:45.0180 0x1ac4 Adobe ARM - ok
    09:24:45.0476 0x1ac4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    09:24:45.0570 0x1ac4 Sidebar - ok
    09:24:45.0601 0x1ac4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    09:24:45.0632 0x1ac4 mctadmin - ok
    09:24:45.0757 0x1ac4 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
    09:24:45.0788 0x1ac4 Sidebar - ok
    09:24:45.0788 0x1ac4 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
    09:24:45.0788 0x1ac4 mctadmin - ok
    09:24:46.0131 0x1ac4 [ 007F7DA5A40BF5FF6ACBA8599C1E9F9B, D3E04CE0B1183D4BD15A29A4AC8FE578C20DE03EE244AE5B5907DD9666D2BF28 ] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    09:24:46.0272 0x1ac4 SUPERAntiSpyware - ok
    09:24:46.0272 0x1ac4 Waiting for KSN requests completion. In queue: 61
    09:24:47.0286 0x1ac4 Waiting for KSN requests completion. In queue: 61
    09:24:48.0300 0x1ac4 Waiting for KSN requests completion. In queue: 61
    09:24:49.0376 0x1ac4 AV detected via SS2: AVG AntiVirus Free Edition 2015, C:\Program Files (x86)\AVG\AVG2015\avgwsc.exe ( 15.0.0.5577 ), 0x41000 ( enabled : updated )
    09:24:49.0532 0x1ac4 Win FW state via NFP2: enabled
    09:24:52.0449 0x1ac4 ============================================================
    09:24:52.0449 0x1ac4 Scan finished
    09:24:52.0449 0x1ac4 ============================================================
    09:24:52.0465 0x0f70 Detected object count: 0
    09:24:52.0465 0x0f70 Actual detected object count: 0
    09:25:29.0359 0x151c Deinitialize success


    Alright, sat down and did all this this morning finally. Thanks so much for the help so far!

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,175
    Points
    1308

    Default

    You can download Combofix from one of these links. I want you to save it to the desktop and run it from there.

    1. Close any open browsers or any other programs that are open.
    2. Close/disable all anti virus and anti malware programs so they do not interfere with the running of ComboFix.

    Double click on combofix.exe & follow the prompts.
    When finished, it will produce a report for you.

    Note 1: Do not mouseclick combofix's window while it's running. That may cause it to stall

    Note 2: If you receive an error "Illegal operation attempted on a registry key that has been marked for deletion." Please restart the computer

    "information and logs"

    [list]In your next post I need the following
    [*]Log from Combofix

Page 1 of 2 12 LastLast