Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Infected with FBI Ransomware


  • This topic is locked This topic is locked
20 replies to this topic

#1 ATL_heel

ATL_heel

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 18 March 2014 - 03:29 PM

Hello experts,

 

I've managed to infect my desktop with a version of the FBI malware and hoping to receive your help in removing it.  So far, it appears to only be affecting Chrome and I've been able to work around it by exiting through task manager.

 

Unfortunately, I'm running Windows 8.1 and it appears DDS isn't compatible, so no logs are attached as of yet.  Please let me know how I can help provide this info and I'll post it right away.

 

I've previously attempted resolving the problem with HitmanPro, but was unable to get the program to scan (Windows kept attempting an automatic repair).  I quickly realized this was a larger issue and needed to post here.

 

Please help!  Thanks in advance -

 

AH

 

 



BC AdBot (Login to Remove)

 


#2 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:32 AM

Posted 18 March 2014 - 03:38 PM

Hi there,
my name is Marius and I will assist you with your malware related problems.

Before we move on, please read the following points carefully.

  • First, read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while following my instructions, Stop there and tell me the exact nature of your problem.
  • Do not run any other scans without instruction or add/remove software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 3 days from this initial or any subsequent post, then this thread will be closed.
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.
  • My first language is not english. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.

 

 

 

Scan with FRST (Recovery Environment)


To run FRST on Vista and Windows7:



Plug the flashdrive into the infected PC.

Enter System Recovery Options.


To enter System Recovery Options from the Advanced Boot Options:

  • Restart the computer.
  • As soon as the BIOS is loaded begin tapping the F8 key until Advanced Boot Options appears.
  • Use the arrow keys to select the Repair your computer menu item.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account an click Next.



To enter System Recovery Options by using Windows installation disc:
  • Insert the installation disc.
  • Restart your computer.
  • If prompted, press any key to start Windows from the installation disc. If your computer is not configured to start from a CD or DVD, check your BIOS settings.
  • Click Repair your computer.
  • Choose your language settings, and then click Next.
  • Select the operating system you want to repair, and then click Next.
  • Select your user account and click Next.


On the System Recovery Options menu you will get the following options:

  • Startup Repair
  • System Restore
  • Windows Complete PC Restore
  • Windows Memory Diagnostic Tool
  • Command Prompt
  • Select Command Prompt


  • In the command window:
  • type in notepad and press Enter.
  • The notepad opens. Under File menu select Open.
  • Select "Computer" and find your flash drive letter and close the notepad.
  • In the command window type e:\frst.exe (for x64 bit version type e:\frst64) and press Enter
  • Note: Replace letter e with the drive letter of your flash drive.
  • The tool will start to run.
  • When the tool opens click Yes to disclaimer.
  • Press Scan button.

It will make a log (FRST.txt) on the flash drive. Please copy and paste it to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#3 ATL_heel

ATL_heel
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 18 March 2014 - 04:03 PM

Hi Marius!  Thanks for your quick reply, here is the requested log:

 

------------------------------

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by SYSTEM on MININT-PE9H0IT on 18-03-2014 16:55:41
Running from L:\
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Recovery
 
The current controlset is ControlSet001
ATTENTION!:=====> If the system is bootable FRST could be run from normal or Safe mode to create a complete log.
 
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\Gil\...\Run: [Spotify Web Helper] - C:\Users\Gil\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-03-06] (Spotify Ltd)
Startup: C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
 
==================== Services (Whitelisted) =================
 
S2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
S1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-14] (Symantec Corporation)
S1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-06] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-06] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140317.001\IDSvia64.sys [524504 2014-03-04] (Symantec Corporation)
S0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
S3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140318.001\ENG64.SYS [126040 2014-03-06] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140318.001\EX64.SYS [2099288 2014-03-06] (Symantec Corporation)
S3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
S3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
S0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
S0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-06] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
S1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-18 16:55 - 2014-03-18 16:55 - 00000000 ____D () C:\FRST
2014-03-18 10:14 - 2014-03-18 10:14 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-03-18 08:40 - 2014-03-18 08:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 08:40 - 2014-03-18 08:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-18 08:36 - 2014-02-22 04:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2014-03-18 08:36 - 2014-02-22 03:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-18 08:17 - 2014-03-18 08:55 - 00000000 ____D () C:\Users\norton\AppData\Local\NPE
2014-03-18 08:16 - 2014-03-18 08:16 - 03053496 ____N (Symantec Corporation) C:\Users\norton\Downloads\NPE.exe
2014-03-18 08:15 - 2014-03-18 08:15 - 00002275 _____ () C:\Users\norton\Desktop\Google Chrome.lnk
2014-03-18 08:15 - 2014-03-18 08:15 - 00000000 ____D () C:\Users\norton\AppData\Local\Google
2014-03-18 08:14 - 2014-03-18 08:14 - 00000020 ___SH () C:\Users\norton\ntuser.ini
2014-03-18 08:14 - 2014-03-18 08:14 - 00000000 ____D () C:\Users\norton\AppData\Local\Packages
2014-03-18 08:14 - 2014-03-18 08:14 - 00000000 ____D () C:\users\norton
2014-03-18 08:14 - 2014-03-07 10:12 - 00000000 ____D () C:\Users\norton\AppData\Local\Microsoft Help
2014-03-17 16:17 - 2013-12-27 00:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
2014-03-17 16:17 - 2013-12-26 23:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-03-17 16:17 - 2013-12-26 22:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-03-17 16:16 - 2014-01-07 17:46 - 00325464 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBXHCI.SYS
2014-03-17 16:16 - 2014-01-07 17:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgkrnl.sys
2014-03-17 16:16 - 2014-01-07 17:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dxgmms1.sys
2014-03-17 16:16 - 2014-01-04 07:54 - 00138240 _____ () C:\Windows\System32\OEMLicense.dll
2014-03-17 16:16 - 2014-01-04 07:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-03-17 16:16 - 2014-01-04 06:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\System32\WSClient.dll
2014-03-17 16:16 - 2014-01-04 05:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-03-17 16:16 - 2014-01-02 15:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\System32\XpsGdiConverter.dll
2014-03-17 16:16 - 2014-01-02 15:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-17 16:16 - 2013-12-31 17:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\System32\ntdll.dll
2014-03-17 16:16 - 2013-12-31 17:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\System32\mfsvr.dll
2014-03-17 16:16 - 2013-12-31 16:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-17 16:16 - 2013-12-31 16:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-03-17 16:16 - 2013-12-31 15:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-03-17 16:16 - 2013-12-31 15:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\System32\schedsvc.dll
2014-03-17 16:16 - 2013-12-31 15:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\System32\MFMediaEngine.dll
2014-03-17 16:16 - 2013-12-30 15:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2014-03-17 16:16 - 2013-12-30 15:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-03-17 16:16 - 2013-12-30 15:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\System32\sti.dll
2014-03-17 16:16 - 2013-12-30 15:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\System32\reseteng.dll
2014-03-17 16:16 - 2013-12-30 15:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\System32\ReAgent.dll
2014-03-17 16:16 - 2013-12-27 07:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\System32\hal.dll
2014-03-17 16:16 - 2013-12-27 00:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\System32\MsSpellCheckingFacility.dll
2014-03-17 16:16 - 2013-12-27 00:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\System32\SettingSyncCore.dll
2014-03-17 16:16 - 2013-12-26 23:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-03-17 16:16 - 2013-12-20 23:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\System32\pnrpsvc.dll
2014-03-17 16:16 - 2013-12-16 23:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdbss.sys
2014-03-17 16:16 - 2013-12-13 22:31 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-03-17 16:16 - 2013-12-13 22:19 - 18576384 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Xaml.dll
2014-03-17 16:16 - 2013-12-13 02:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\System32\easinvoker.exe
2014-03-17 16:16 - 2013-12-12 22:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\System32\easwrt.dll
2014-03-17 16:16 - 2013-12-12 21:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-03-17 16:16 - 2013-12-09 00:05 - 21199256 _____ (Microsoft Corporation) C:\Windows\System32\shell32.dll
2014-03-17 16:16 - 2013-12-08 20:51 - 18643560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-12 17:00 - 2014-02-28 22:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-03-12 17:00 - 2014-02-28 20:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-03-12 17:00 - 2014-02-28 20:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 17:00 - 2014-02-28 20:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-03-12 17:00 - 2014-02-28 19:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-03-12 17:00 - 2014-02-28 19:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 17:00 - 2014-02-28 19:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-03-12 17:00 - 2014-02-28 19:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-03-12 17:00 - 2014-02-28 19:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 17:00 - 2014-02-28 19:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-03-12 17:00 - 2014-02-28 19:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 17:00 - 2014-02-28 18:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 17:00 - 2014-02-28 18:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-03-12 17:00 - 2014-02-28 18:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 17:00 - 2014-02-28 18:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 17:00 - 2014-02-28 18:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-03-12 17:00 - 2014-02-28 18:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 17:00 - 2014-02-10 19:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\System32\win32k.sys
2014-03-12 17:00 - 2014-02-10 18:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 17:00 - 2014-02-10 18:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\System32\qedit.dll
2014-03-12 17:00 - 2014-01-31 08:15 - 00311640 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\volsnap.sys
2014-03-12 17:00 - 2014-01-31 08:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\System32\mfps.dll
2014-03-12 17:00 - 2014-01-31 08:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\System32\mfcore.dll
2014-03-12 17:00 - 2014-01-31 05:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-03-12 17:00 - 2014-01-31 01:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\System32\swprv.dll
2014-03-12 17:00 - 2014-01-29 01:55 - 01287064 _____ (Microsoft Corporation) C:\Windows\System32\kernel32.dll
2014-03-12 17:00 - 2014-01-29 00:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\System32\WerFault.exe
2014-03-12 17:00 - 2014-01-29 00:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\System32\Faultrep.dll
2014-03-12 17:00 - 2014-01-29 00:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\System32\combase.dll
2014-03-12 17:00 - 2014-01-29 00:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\tcpip.sys
2014-03-12 17:00 - 2014-01-28 23:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-03-12 17:00 - 2014-01-28 23:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-03-12 17:00 - 2014-01-28 23:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-03-12 17:00 - 2014-01-28 22:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-12 17:00 - 2014-01-28 16:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\rdpencom.dll
2014-03-12 17:00 - 2014-01-27 11:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\System32\dbgeng.dll
2014-03-12 17:00 - 2014-01-27 11:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\System32\tsgqec.dll
2014-03-12 17:00 - 2014-01-27 11:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\System32\DWWIN.EXE
2014-03-12 17:00 - 2014-01-27 10:52 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-12 17:00 - 2014-01-27 10:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-03-12 17:00 - 2014-01-27 10:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-12 17:00 - 2014-01-27 10:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-03-12 17:00 - 2014-01-27 10:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\System32\rdvidcrl.dll
2014-03-12 17:00 - 2014-01-27 09:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-12 17:00 - 2014-01-27 09:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\System32\dbghelp.dll
2014-03-12 17:00 - 2014-01-27 09:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-03-12 17:00 - 2014-01-27 07:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-12 17:00 - 2014-01-27 07:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\System32\mstscax.dll
2014-03-12 17:00 - 2014-01-27 03:45 - 00386722 _____ () C:\Windows\System32\ApnDatabase.xml
2014-03-12 17:00 - 2014-01-17 15:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\System32\mfmpeg2srcsnk.dll
2014-03-12 17:00 - 2014-01-17 13:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 17:00 - 2013-12-21 06:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\System32\sppsvc.exe
2014-03-12 17:00 - 2013-12-21 00:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\System32\sppcomapi.dll
2014-03-12 17:00 - 2013-12-20 02:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\System32\winload.efi
2014-03-12 17:00 - 2013-12-20 02:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\System32\winload.exe
2014-03-12 17:00 - 2013-10-30 16:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdFilter.sys
2014-03-12 17:00 - 2013-10-30 16:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdNisDrv.sys
2014-03-12 17:00 - 2013-10-30 16:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\WdBoot.sys
2014-03-12 11:24 - 2014-03-12 11:24 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-12 10:40 - 2014-03-12 10:40 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-03-12 10:40 - 2014-03-12 10:40 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-03-12 10:40 - 2014-03-12 10:40 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-03-12 10:39 - 2014-03-12 10:39 - 49662160 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\MouseKeyboardCenter_64bit_ENG_2.2.173.exe
2014-03-12 10:37 - 2014-03-12 10:37 - 00003040 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
2014-03-12 10:33 - 2014-03-12 10:33 - 22413696 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\IPx64_1033_8.20.468.0.exe
2014-03-12 10:33 - 2014-03-12 10:33 - 22413696 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\IPx64_1033_8.20.468.0 (1).exe
2014-03-10 17:39 - 2014-03-15 07:42 - 00000000 ____D () C:\Users\Gil\Desktop\Workbench and Garage Ideas
2014-03-10 14:54 - 2014-03-10 14:54 - 00001031 _____ () C:\Users\Public\Desktop\Cyberduck.lnk
2014-03-10 14:54 - 2014-01-19 08:18 - 15193920 _____ () C:\Users\Gil\Downloads\Cyberduck-Installer-4.4.3.exe
2014-03-10 14:54 - 2014-01-18 15:46 - 00495616 _____ (Simon Tatham) C:\Users\Gil\Downloads\putty.exe
2014-03-10 14:54 - 2014-01-17 13:10 - 23636086 _____ () C:\Users\Gil\Downloads\Seas0nPass-win.zip
2014-03-10 14:53 - 2014-03-10 14:54 - 00000000 ____D () C:\Program Files (x86)\Cyberduck
2014-03-10 14:45 - 2014-03-10 14:45 - 00002068 _____ () C:\Users\Public\Desktop\MP Navigator 2.2.lnk
2014-03-10 14:45 - 2014-03-10 14:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-03-10 14:44 - 2014-03-10 14:44 - 09785424 _____ () C:\Users\Gil\Downloads\mpnmp530win222ea13.exe
2014-03-10 14:44 - 2014-03-10 14:44 - 00000000 ___HD () C:\Windows\System32\CanonIJ Uninstaller Information
2014-03-10 14:44 - 2014-03-10 14:44 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-10 14:44 - 2014-03-10 14:44 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-03-10 14:44 - 2006-09-29 13:29 - 00188928 _____ (Canon Inc.) C:\Windows\System32\CNCF2La.DLL
2014-03-10 14:44 - 2006-09-29 13:29 - 00093696 _____ (Canon Inc.) C:\Windows\System32\CNCFMSa.EXE
2014-03-10 14:44 - 2006-09-29 13:28 - 00003072 _____ (Canon Inc.) C:\Windows\System32\CNCFLaUS.DLL
2014-03-10 14:44 - 2006-09-29 13:28 - 00002560 _____ (Canon Inc.) C:\Windows\System32\CNCFLaJP.DLL
2014-03-10 14:44 - 2006-09-13 04:00 - 00234496 _____ (CANON INC.) C:\Windows\System32\CNMLM7R.DLL
2014-03-10 14:43 - 2014-03-10 14:43 - 10851656 _____ () C:\Users\Gil\Downloads\mp530win64111ej.exe
2014-03-10 14:11 - 2014-03-10 14:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-10 14:09 - 2014-03-10 14:09 - 41945432 _____ (Apple Inc.) C:\Users\Gil\Downloads\QuickTimeInstaller.exe
2014-03-10 11:22 - 2014-03-10 11:22 - 04011640 _____ () C:\Users\Gil\Downloads\ljP1000_P1500-HB-pnp-win64-en.exe
2014-03-10 11:22 - 2014-03-10 11:22 - 00019341 _____ () C:\HPLJP1000_P1500_Series.log
2014-03-10 11:22 - 2014-03-10 11:22 - 00000000 ____D () C:\Program Files\HP
2014-03-10 11:22 - 2013-05-13 17:37 - 00251392 _____ () C:\Windows\System32\HP1006SMs.DLL
2014-03-10 11:22 - 2013-05-13 17:37 - 00249615 _____ () C:\Windows\System32\P1505.IMG
2014-03-10 11:22 - 2013-05-13 17:37 - 00223487 _____ () C:\Windows\System32\P1006.IMG
2014-03-10 11:22 - 2013-05-13 17:37 - 00223359 _____ () C:\Windows\System32\P1005.IMG
2014-03-10 11:22 - 2013-04-15 10:50 - 00654336 _____ () C:\Windows\System32\HP1006SM.EXE
2014-03-10 11:22 - 2013-04-15 10:50 - 00198144 _____ () C:\Windows\System32\HP1006LM.DLL
2014-03-09 17:42 - 2014-03-10 14:55 - 00000000 ____D () C:\Users\Gil\AppData\Local\CrashDumps
2014-03-08 13:17 - 2014-03-08 13:17 - 00000000 ____D () C:\ProgramData\Logitech
2014-03-08 13:09 - 2014-03-08 13:09 - 00018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2014-03-08 13:09 - 2014-03-08 13:09 - 00006548 _____ () C:\Windows\LDPINST.LOG
2014-03-08 13:09 - 2014-03-08 13:09 - 00000758 _____ () C:\Windows\LkmdfCoInst.log
2014-03-08 13:09 - 2014-03-08 13:09 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-08 13:09 - 2014-03-08 13:09 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Leadertech
2014-03-08 13:09 - 2014-03-08 13:09 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-08 13:09 - 2014-03-08 13:09 - 00000000 ____D () C:\Program Files\Logitech
2014-03-08 13:07 - 2014-03-08 13:09 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Logitech
2014-03-08 13:07 - 2014-03-08 13:09 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-03-08 13:07 - 2014-03-08 13:07 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Logishrd
2014-03-07 10:12 - 2014-03-07 10:12 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-07 10:12 - 2014-03-07 10:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-07 10:10 - 2014-03-17 23:52 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-07 10:10 - 2014-03-17 23:51 - 90015360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-03-07 06:13 - 2013-10-23 03:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\System32\wldp.dll
2014-03-07 06:13 - 2013-10-23 03:21 - 00155480 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\usbccgp.sys
2014-03-07 06:13 - 2013-10-23 03:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\System32\kd_02_8086.dll
2014-03-07 06:13 - 2013-10-21 23:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-03-07 06:13 - 2013-10-21 22:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-03-07 06:13 - 2013-10-21 21:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\System32\apphelp.dll
2014-03-07 06:13 - 2013-10-21 20:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-03-07 06:13 - 2013-10-21 19:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersShell.dll
2014-03-07 06:13 - 2013-10-21 19:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\System32\WorkfoldersControl.dll
2014-03-07 06:13 - 2013-10-21 18:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-03-07 06:13 - 2013-10-21 18:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\System32\WUSettingsProvider.dll
2014-03-07 06:13 - 2013-10-21 18:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\System32\wucltux.dll
2014-03-07 06:13 - 2013-10-21 17:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\System32\workfolderssvc.dll
2014-03-07 06:13 - 2013-10-18 20:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\System32\comdlg32.dll
2014-03-07 06:13 - 2013-10-18 20:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-03-07 06:13 - 2013-10-18 19:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.dll
2014-03-07 06:13 - 2013-10-18 19:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-03-07 06:13 - 2013-10-16 01:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-03-07 06:13 - 2013-10-16 01:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\System32\WWAHost.exe
2014-03-07 06:13 - 2013-10-12 19:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\rdyboost.sys
2014-03-07 06:13 - 2013-10-12 18:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\System32\iuilp.dll
2014-03-07 06:13 - 2013-10-10 08:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\System32\wintrust.dll
2014-03-07 06:13 - 2013-10-10 08:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\System32\ncryptsslp.dll
2014-03-07 06:13 - 2013-10-10 06:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-07 06:13 - 2013-10-10 06:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-03-07 06:13 - 2013-10-10 03:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\System32\AppxAllUserStore.dll
2014-03-07 06:13 - 2013-10-10 03:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\System32\profsvc.dll
2014-03-07 06:13 - 2013-10-10 03:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-03-07 06:13 - 2013-10-08 02:28 - 00523096 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\acpi.sys
2014-03-07 06:13 - 2013-10-07 22:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\System32\shsetup.dll
2014-03-07 06:13 - 2013-10-07 21:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-03-07 06:13 - 2013-10-07 21:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\System32\dnsapi.dll
2014-03-07 06:13 - 2013-10-07 21:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\System32\dnsrslvr.dll
2014-03-07 06:13 - 2013-10-07 21:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-03-07 06:13 - 2013-10-07 21:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Web.Http.dll
2014-03-07 06:13 - 2013-10-07 20:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\System32\iphlpsvc.dll
2014-03-07 06:13 - 2013-10-07 20:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2014-03-07 06:13 - 2013-10-06 23:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\System32\wuauclt.exe
2014-03-07 06:13 - 2013-10-06 18:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\System32\wuaueng.dll
2014-03-07 06:13 - 2013-10-05 07:25 - 00057176 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\stornvme.sys
2014-03-07 06:13 - 2013-10-05 06:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\System32\d3d10level9.dll
2014-03-07 06:13 - 2013-10-05 04:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-07 06:13 - 2013-10-05 03:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv.sys
2014-03-07 06:13 - 2013-10-05 01:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\System32\TSWbPrxy.exe
2014-03-07 06:13 - 2013-10-05 01:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\System32\TSWorkspace.dll
2014-03-07 06:13 - 2013-10-05 01:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\System32\samsrv.dll
2014-03-07 06:13 - 2013-10-05 00:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\System32\UIAutomationCore.dll
2014-03-07 06:13 - 2013-10-05 00:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\System32\miutils.dll
2014-03-07 06:13 - 2013-10-05 00:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-07 06:13 - 2013-10-05 00:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2014-03-07 06:13 - 2013-10-05 00:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-03-07 06:13 - 2013-10-05 00:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\System32\pcsvDevice.dll
2014-03-07 06:13 - 2013-10-04 23:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.dll
2014-03-07 06:13 - 2013-10-04 23:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-03-07 06:13 - 2013-10-04 00:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\System32\AppReadiness.dll
2014-03-07 06:13 - 2013-09-18 23:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersRes.dll
2014-03-07 06:13 - 2013-09-18 22:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\WorkFolders.exe
2014-03-07 06:13 - 2013-09-18 22:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll
2014-03-07 06:13 - 2013-09-17 01:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\System32\mfasfsrcsnk.dll
2014-03-07 06:13 - 2013-09-17 01:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\System32\AudioSes.dll
2014-03-07 06:13 - 2013-09-16 22:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-03-07 06:13 - 2013-09-16 22:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-03-07 06:13 - 2013-09-16 20:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\System32\dafBth.dll
2014-03-07 06:13 - 2013-09-14 06:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\System32\d3d9.dll
2014-03-07 06:13 - 2013-09-14 06:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\System32\tsmf.dll
2014-03-07 06:13 - 2013-09-14 04:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-03-07 06:13 - 2013-09-14 04:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-03-07 06:13 - 2013-09-14 02:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\System32\rdpclip.exe
2014-03-07 06:13 - 2013-09-14 01:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\System32\ipnathlp.dll
2014-03-07 06:13 - 2013-09-13 00:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\System32\ftp.exe
2014-03-07 06:13 - 2013-09-12 23:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-03-07 06:13 - 2013-09-12 00:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\System32\eappgnui.dll
2014-03-07 06:13 - 2013-09-12 00:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\System32\eapp3hst.dll
2014-03-07 06:13 - 2013-09-12 00:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\System32\WiFiDisplay.dll
2014-03-07 06:13 - 2013-09-12 00:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-03-07 06:13 - 2013-09-11 23:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\System32\eapphost.dll
2014-03-07 06:13 - 2013-09-11 23:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-03-07 06:13 - 2013-09-11 23:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\System32\dafWfdProvider.dll
2014-03-07 06:13 - 2013-09-11 23:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-03-07 06:13 - 2013-09-11 23:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\System32\eappcfg.dll
2014-03-07 06:13 - 2013-09-11 23:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2014-03-07 06:13 - 2013-09-09 20:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\System32\msched.dll
2014-03-07 06:11 - 2013-12-08 16:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\System32\mispace.dll
2014-03-07 06:11 - 2013-12-08 16:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-03-07 06:11 - 2013-11-27 07:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\System32\msmpeg2vdec.dll
2014-03-07 06:11 - 2013-11-27 07:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\System32\mfmp4srcsnk.dll
2014-03-07 06:11 - 2013-11-27 06:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-03-07 06:11 - 2013-11-27 05:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-07 06:11 - 2013-11-27 04:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ipnat.sys
2014-03-07 06:11 - 2013-11-27 02:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\System32\msieftp.dll
2014-03-07 06:11 - 2013-11-27 01:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-07 06:11 - 2013-11-27 01:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\System32\psmsrv.dll
2014-03-07 06:11 - 2013-11-27 01:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\System32\bisrv.dll
2014-03-07 06:11 - 2013-11-27 01:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Graphics.dll
2014-03-07 06:11 - 2013-11-27 00:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\System32\wlansvc.dll
2014-03-07 06:11 - 2013-11-27 00:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-03-07 06:11 - 2013-11-26 05:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\System32\winmde.dll
2014-03-07 06:11 - 2013-11-26 05:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\System32\wmpmde.dll
2014-03-07 06:11 - 2013-11-26 03:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-03-07 06:11 - 2013-11-24 17:45 - 00142680 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBSTOR.SYS
2014-03-07 06:11 - 2013-11-24 17:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ndis.sys
2014-03-07 06:11 - 2013-11-24 15:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-03-07 06:11 - 2013-11-24 15:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\System32\rastls.dll
2014-03-07 06:11 - 2013-11-23 04:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\System32\ploptin.dll
2014-03-07 06:11 - 2013-11-22 23:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\System32\bi.dll
2014-03-07 06:11 - 2013-11-22 23:13 - 00019456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\BtaMPM.sys
2014-03-07 06:11 - 2013-11-22 23:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb.sys
2014-03-07 06:11 - 2013-11-22 20:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\System32\SystemEventsBrokerServer.dll
2014-03-07 06:11 - 2013-11-22 19:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\System32\authui.dll
2014-03-07 06:11 - 2013-11-22 19:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-07 06:11 - 2013-11-20 22:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\System32\deviceregistration.dll
2014-03-07 06:11 - 2013-11-20 22:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\System32\lsasrv.dll
2014-03-07 06:11 - 2013-11-15 06:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\System32\mfds.dll
2014-03-07 06:11 - 2013-11-15 06:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-03-07 06:11 - 2013-11-15 06:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\System32\ubpm.dll
2014-03-07 06:11 - 2013-11-15 05:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\System32\audiosrv.dll
2014-03-07 06:11 - 2013-10-30 16:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\System32\oleaut32.dll
2014-03-07 06:11 - 2013-10-30 15:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-07 06:11 - 2013-09-21 02:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\System32\WinTypes.dll
2014-03-07 06:11 - 2013-09-20 23:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\System32\BulkOperationHost.exe
2014-03-07 06:11 - 2013-09-20 21:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\System32\wlanmsm.dll
2014-03-07 06:11 - 2013-09-20 21:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-03-07 06:09 - 2013-10-10 02:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\System32\twinui.appcore.dll
2014-03-07 06:09 - 2013-10-10 02:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-03-07 06:08 - 2013-11-10 18:48 - 00039768 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\intelpep.sys
2014-03-07 06:08 - 2013-11-08 22:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\System32\WMPDMC.exe
2014-03-07 06:08 - 2013-11-08 21:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-03-07 06:08 - 2013-11-08 02:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\System32\dcomp.dll
2014-03-07 06:08 - 2013-11-07 20:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentClient.dll
2014-03-07 06:08 - 2013-11-07 20:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-03-07 06:08 - 2013-11-07 20:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-03-07 06:08 - 2013-11-07 19:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentServer.dll
2014-03-07 06:08 - 2013-11-07 19:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\System32\AppXDeploymentExtensions.dll
2014-03-07 06:08 - 2013-11-05 06:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\System32\wpncore.dll
2014-03-07 06:08 - 2013-11-04 05:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\System32\Display.dll
2014-03-07 06:08 - 2013-11-04 03:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\System32\dwmcore.dll
2014-03-07 06:08 - 2013-11-04 02:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\System32\SettingsHandlers.dll
2014-03-07 06:08 - 2013-11-03 18:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-03-07 06:08 - 2013-11-03 17:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-03-07 06:08 - 2013-11-01 03:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\pdc.sys
2014-03-07 06:08 - 2013-10-31 22:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\System32\wlidcli.dll
2014-03-07 06:08 - 2013-10-31 21:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-03-07 06:08 - 2013-10-30 16:58 - 00372568 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\spaceport.sys
2014-03-07 06:08 - 2013-10-30 16:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\System32\ntoskrnl.exe
2014-03-07 06:08 - 2013-10-30 16:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\System32\winresume.efi
2014-03-07 06:08 - 2013-10-30 16:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\System32\winresume.exe
2014-03-07 06:08 - 2013-10-25 17:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\SerCx2.sys
2014-03-07 06:08 - 2013-10-24 01:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\System32\CredentialMigrationHandler.dll
2014-03-07 06:08 - 2013-10-24 01:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-03-07 06:08 - 2013-10-17 03:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\System32\msftedit.dll
2014-03-07 06:08 - 2013-10-17 02:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-03-07 06:08 - 2013-10-05 06:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\System32\d3d11.dll
2014-03-07 06:08 - 2013-10-05 06:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\System32\dxgi.dll
2014-03-07 06:08 - 2013-10-05 04:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-07 06:08 - 2013-10-05 04:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-07 06:07 - 2013-09-25 22:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\System32\MrmIndexer.dll
2014-03-07 06:07 - 2013-09-25 22:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-03-07 06:06 - 2013-09-25 02:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\System32\mfnetcore.dll
2014-03-07 06:06 - 2013-09-25 00:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-03-07 06:06 - 2013-09-23 21:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\System32\SRH.dll
2014-03-07 06:06 - 2013-09-23 21:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\System32\sysmain.dll
2014-03-07 06:06 - 2013-09-23 19:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2014-03-07 06:06 - 2013-09-21 03:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\System32\wer.dll
2014-03-07 06:06 - 2013-09-21 02:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\System32\ole32.dll
2014-03-07 06:06 - 2013-09-21 02:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\System32\mfsrcsnk.dll
2014-03-07 06:06 - 2013-09-21 01:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-03-07 06:06 - 2013-09-21 01:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2014-03-07 06:06 - 2013-09-20 22:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\System32\glcndFilter.dll
2014-03-07 06:06 - 2013-09-20 21:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\System32\kerberos.dll
2014-03-07 06:06 - 2013-09-20 21:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-03-07 06:06 - 2013-09-20 21:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\System32\wlidsvc.dll
2014-03-07 06:06 - 2013-09-20 21:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-03-07 06:06 - 2013-09-20 21:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\System32\vpnike.dll
2014-03-07 06:06 - 2013-09-20 21:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Data.Pdf.dll
2014-03-07 06:06 - 2013-09-20 21:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-03-07 06:06 - 2013-09-20 20:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Immersive.dll
2014-03-07 06:06 - 2013-09-20 20:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-03-07 06:06 - 2013-09-18 21:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Globalization.dll
2014-03-07 06:06 - 2013-09-18 21:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\System32\wlidprov.dll
2014-03-07 06:06 - 2013-09-18 20:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-03-07 06:06 - 2013-09-18 20:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\System32\dui70.dll
2014-03-07 06:06 - 2013-09-18 20:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Security.Authentication.OnlineId.dll
2014-03-07 06:06 - 2013-09-18 20:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-03-07 06:05 - 2013-09-26 01:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\System32\recimg.exe
2014-03-07 06:05 - 2013-09-25 23:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\System32\wimgapi.dll
2014-03-07 06:05 - 2013-09-25 23:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-03-07 06:05 - 2013-09-24 23:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\System32\BthRadioMedia.dll
2014-03-07 06:05 - 2013-09-24 21:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\System32\windows.immersiveshell.serviceprovider.dll
2014-03-07 06:05 - 2013-09-23 22:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\System32\mcbuilder.exe
2014-03-07 06:05 - 2013-09-23 21:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2014-03-07 06:05 - 2013-09-23 21:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-03-07 06:05 - 2013-09-21 04:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\fvevol.sys
2014-03-07 06:05 - 2013-09-21 04:10 - 00236376 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\sdbus.sys
2014-03-07 06:05 - 2013-09-21 04:10 - 00151384 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\dumpsd.sys
2014-03-07 06:05 - 2013-09-21 03:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\System32\ci.dll
2014-03-07 06:05 - 2013-09-21 03:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\System32\dwmapi.dll
2014-03-07 06:05 - 2013-09-21 02:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ksecdd.sys
2014-03-07 06:05 - 2013-09-21 02:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\System32\msvproc.dll
2014-03-07 06:05 - 2013-09-21 02:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\System32\sspicli.dll
2014-03-07 06:05 - 2013-09-21 01:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-07 06:05 - 2013-09-21 01:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-03-07 06:05 - 2013-09-21 01:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-03-07 06:05 - 2013-09-20 23:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srv2.sys
2014-03-07 06:05 - 2013-09-20 23:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\mrxsmb20.sys
2014-03-07 06:05 - 2013-09-20 23:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\agilevpn.sys
2014-03-07 06:05 - 2013-09-20 23:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\System32\WinSCard.dll
2014-03-07 06:05 - 2013-09-20 22:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-03-07 06:05 - 2013-09-20 22:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\System32\ReInfo.dll
2014-03-07 06:05 - 2013-09-20 21:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\System32\livessp.dll
2014-03-07 06:05 - 2013-09-20 21:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\System32\dpapisrv.dll
2014-03-07 06:05 - 2013-09-20 21:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\System32\wcmsvc.dll
2014-03-07 06:05 - 2013-09-20 21:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-07 06:05 - 2013-09-20 21:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\System32\thumbcache.dll
2014-03-07 06:05 - 2013-09-20 20:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-03-07 06:05 - 2013-09-20 20:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-03-07 06:05 - 2013-09-20 20:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2014-03-07 06:05 - 2013-09-20 20:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\System32\efswrt.dll
2014-03-07 06:05 - 2013-09-20 20:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\System32\printui.dll
2014-03-07 06:05 - 2013-09-18 22:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\System32\pcaui.dll
2014-03-07 06:05 - 2013-09-18 22:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\System32\sysmon.ocx
2014-03-07 06:05 - 2013-09-18 21:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2014-03-07 06:05 - 2013-09-18 21:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-03-07 06:05 - 2013-09-18 20:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-03-07 06:05 - 2013-09-18 20:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\System32\pcasvc.dll
2014-03-07 06:05 - 2013-09-18 20:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-03-07 06:05 - 2013-09-18 19:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\System32\twinapi.dll
2014-03-07 06:05 - 2013-09-18 19:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-03-07 06:05 - 2013-09-18 19:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-03-07 06:05 - 2013-09-18 19:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\System32\SettingSync.dll
2014-03-07 06:05 - 2013-09-17 01:18 - 00467800 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\USBHUB3.SYS
2014-03-07 06:05 - 2013-09-16 22:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\System32\fontsub.dll
2014-03-07 06:05 - 2013-09-16 21:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-07 06:05 - 2013-09-16 21:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\System32\usercpl.dll
2014-03-07 06:05 - 2013-09-16 21:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\System32\wbiosrvc.dll
2014-03-07 06:05 - 2013-09-16 20:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-03-07 06:05 - 2013-09-16 20:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\System32\msctfuimanager.dll
2014-03-07 06:05 - 2013-09-16 19:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-03-07 06:05 - 2013-09-14 06:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\VerifierExt.sys
2014-03-07 06:05 - 2013-09-14 06:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\System32\PSHED.DLL
2014-03-07 06:05 - 2013-09-14 03:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\appid.sys
2014-03-07 06:05 - 2013-09-13 01:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\System32\SensorsClassExtension.dll
2014-03-07 06:05 - 2013-09-13 00:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Usb.dll
2014-03-07 06:05 - 2013-09-13 00:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2014-03-07 06:05 - 2013-09-12 23:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.HumanInterfaceDevice.dll
2014-03-07 06:05 - 2013-09-12 23:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-03-07 06:05 - 2013-09-11 23:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\System32\wcncsvc.dll
2014-03-07 06:05 - 2013-09-11 01:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\nwifi.sys
2014-03-07 06:05 - 2013-09-11 01:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\srvnet.sys
2014-03-07 06:05 - 2013-09-10 23:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\System32\dhcpcore.dll
2014-03-07 06:05 - 2013-09-10 23:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-03-07 06:05 - 2013-09-07 04:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\System32\fdprint.dll
2014-03-07 06:05 - 2013-09-07 04:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\System32\DeviceCenter.dll
2014-03-07 06:05 - 2013-09-07 04:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll
2014-03-07 06:05 - 2013-09-07 03:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2014-03-07 06:05 - 2013-09-07 03:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\System32\CryptoWinRT.dll
2014-03-07 06:05 - 2013-09-07 03:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Networking.Vpn.dll
2014-03-07 06:05 - 2013-09-07 03:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2014-03-07 06:05 - 2013-09-07 03:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\System32\rascustom.dll
2014-03-07 06:05 - 2013-09-07 03:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\System32\TetheringMgr.dll
2014-03-07 06:05 - 2013-09-04 23:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\ks.sys
2014-03-07 06:05 - 2013-09-04 22:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\System32\Utilman.exe
2014-03-07 06:05 - 2013-09-04 21:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2014-03-07 06:05 - 2013-09-03 23:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\System32\WorkFoldersGPExt.dll
2014-03-07 06:05 - 2013-09-03 22:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\System32\vmrdvcore.dll
2014-03-07 06:05 - 2013-09-03 21:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\System32\tpmvsc.dll
2014-03-07 06:05 - 2013-09-03 21:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\System32\DscCoreConfProv.dll
2014-03-07 06:05 - 2013-09-03 20:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\System32\DscCore.dll
2014-03-07 06:05 - 2013-09-03 20:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\System32\SessEnv.dll
2014-03-07 06:05 - 2013-09-03 20:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-03-07 06:05 - 2013-08-31 06:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\System32\mftranscode.dll
2014-03-07 06:05 - 2013-08-31 04:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-03-07 06:05 - 2013-08-31 04:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\System32\riched20.dll
2014-03-07 06:05 - 2013-08-31 02:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2014-03-07 06:05 - 2013-08-31 02:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\System32\GeofenceMonitorService.dll
2014-03-07 06:05 - 2013-08-31 01:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-03-07 06:05 - 2013-08-29 23:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\System32\AxInstSv.dll
2014-03-07 06:05 - 2013-08-27 23:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\System32\MDEServer.exe
2014-03-07 06:05 - 2013-08-27 23:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\System32\msra.exe
2014-03-07 06:05 - 2013-08-27 23:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\System32\rdsdwmdr.dll
2014-03-07 06:05 - 2013-08-26 22:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\System32\WebcamUi.dll
2014-03-07 06:05 - 2013-08-26 21:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2014-03-07 05:58 - 2013-10-03 01:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Devices.Sensors.dll
2014-03-07 05:58 - 2013-10-03 01:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-03-07 05:58 - 2013-10-02 03:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\System32\msctf.dll
2014-03-07 05:58 - 2013-10-02 01:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-03-07 05:58 - 2013-09-30 19:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\System32\Windows.Media.Streaming.dll
2014-03-07 05:58 - 2013-09-30 19:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-03-07 05:57 - 2014-01-06 23:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\System32\pcaui.exe
2014-03-07 05:57 - 2014-01-06 21:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2014-03-07 05:57 - 2014-01-06 21:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\System32\d3d10warp.dll
2014-03-07 05:57 - 2014-01-06 20:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-07 05:57 - 2013-12-08 18:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\System32\vbscript.dll
2014-03-07 05:57 - 2013-12-08 17:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-07 05:57 - 2013-12-08 16:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\System32\msxml3.dll
2014-03-07 05:57 - 2013-12-08 16:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\System32\msdrm.dll
2014-03-07 05:57 - 2013-12-08 15:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-07 05:57 - 2013-12-08 15:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-07 05:57 - 2013-11-27 07:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\System32\WSService.dll
2014-03-07 05:57 - 2013-11-27 03:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\System32\WSCollect.exe
2014-03-07 05:57 - 2013-11-27 00:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\System32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-07 05:57 - 2013-11-27 00:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-07 05:57 - 2013-11-27 00:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-03-07 05:57 - 2013-11-27 00:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\System32\WSShared.dll
2014-03-07 05:57 - 2013-11-22 20:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\System32\WMPhoto.dll
2014-03-07 05:57 - 2013-11-22 20:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-07 05:57 - 2013-11-20 22:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\System32\d2d1.dll
2014-03-07 05:57 - 2013-11-20 21:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-07 05:57 - 2013-10-23 03:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\System32\mfplat.dll
2014-03-07 05:57 - 2013-10-19 00:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\System32\imagehlp.dll
2014-03-07 05:57 - 2013-10-18 23:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-07 05:57 - 2013-10-12 18:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\System32\Drivers\wfplwfs.sys
2014-03-07 05:57 - 2013-10-12 13:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\System32\BFE.DLL
2014-03-07 05:57 - 2013-10-12 13:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\System32\IKEEXT.DLL
2014-03-07 05:56 - 2014-02-06 03:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.tlb
2014-03-07 05:56 - 2014-02-06 03:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollectorres.dll
2014-03-07 05:56 - 2014-02-06 03:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\System32\iesetup.dll
2014-03-07 05:56 - 2014-02-06 03:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\System32\ieetwproxystub.dll
2014-03-07 05:56 - 2014-02-06 02:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\System32\jsproxy.dll
2014-03-07 05:56 - 2014-02-06 02:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\System32\iernonce.dll
2014-03-07 05:56 - 2014-02-06 02:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\System32\ieUnatt.exe
2014-03-07 05:56 - 2014-02-06 02:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\System32\jscript9diag.dll
2014-03-07 05:56 - 2014-02-06 02:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\System32\ieetwcollector.exe
2014-03-07 05:56 - 2014-02-06 02:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-07 05:56 - 2014-02-06 02:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\System32\msrating.dll
2014-03-07 05:56 - 2014-02-06 02:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-07 05:56 - 2014-02-06 02:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-07 05:56 - 2014-02-06 01:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-07 05:56 - 2014-02-06 01:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-07 05:56 - 2014-02-06 01:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\System32\inetcpl.cpl
2014-03-07 05:56 - 2014-02-06 01:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-07 05:56 - 2014-02-06 01:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-07 05:56 - 2014-02-06 01:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-07 05:56 - 2014-02-06 01:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-07 05:56 - 2014-01-09 00:25 - 02804224 _____ (Microsoft Corporation) C:\Windows\System32\actxprxy.dll
2014-03-07 05:56 - 2014-01-08 23:59 - 01020928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-03-07 05:56 - 2014-01-08 23:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\System32\winbici.dll
2014-03-07 05:56 - 2014-01-08 23:49 - 00919040 _____ (Microsoft Corporation) C:\Windows\System32\MrmCoreR.dll
2014-03-07 05:56 - 2014-01-08 23:44 - 00720384 _____ (Microsoft Corporation) C:\Windows\System32\SkyDriveTelemetry.dll
2014-03-07 05:56 - 2014-01-08 23:43 - 00121344 _____ (Microsoft Corporation) C:\Windows\System32\SkyDriveShell.dll
2014-03-07 05:56 - 2014-01-08 23:29 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-03-07 05:56 - 2014-01-08 23:28 - 04217344 _____ (Microsoft Corporation) C:\Windows\System32\SyncEngine.dll
2014-03-07 05:56 - 2014-01-08 23:28 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-03-07 05:56 - 2014-01-08 23:18 - 00870912 _____ (Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
2014-03-07 05:56 - 2014-01-04 12:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\System32\propsys.dll
2014-03-07 05:56 - 2014-01-04 11:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-03-07 05:56 - 2014-01-04 06:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\System32\twinui.dll
2014-03-07 05:56 - 2014-01-04 06:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-03-07 05:56 - 2014-01-04 05:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\System32\SearchFolder.dll
2014-03-07 05:56 - 2014-01-04 05:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\System32\Windows.UI.Search.dll
2014-03-07 05:56 - 2014-01-04 05:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-03-07 05:56 - 2014-01-04 05:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-03-07 05:56 - 2013-12-20 18:10 - 00009701 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-07 05:56 - 2013-12-20 18:10 - 00009701 _____ () C:\Windows\System32\connectedsearch-results.searchconnector-ms
2014-03-07 05:56 - 2013-12-20 02:10 - 01113040 _____ (Microsoft Corporation) C:\Windows\System32\KernelBase.dll
2014-03-07 05:56 - 2013-12-19 22:13 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-07 05:56 - 2013-12-08 16:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\System32\uDWM.dll
2014-03-07 05:56 - 2013-11-08 22:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\System32\MDMAgent.exe
2014-03-07 05:56 - 2013-11-08 22:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\System32\mdmregistration.dll
2014-03-07 05:56 - 2013-11-08 21:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-03-07 05:56 - 2013-10-23 00:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-03-07 05:56 - 2013-10-16 07:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\System32\crypt32.dll
2014-03-07 05:56 - 2013-10-16 05:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-07 05:56 - 2013-10-15 00:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\System32\scrrun.dll
2014-03-07 05:56 - 2013-10-15 00:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-07 05:56 - 2013-10-05 06:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\System32\gdi32.dll
2014-03-07 05:56 - 2013-10-05 00:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-06 13:35 - 2014-03-17 11:03 - 00000000 ____D () C:\Users\Gil\AppData\Local\Spotify
2014-03-06 13:34 - 2014-03-18 07:52 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Spotify
2014-03-06 13:31 - 2014-03-18 12:50 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-06 13:31 - 2014-03-18 09:36 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 13:31 - 2014-03-06 13:32 - 00000000 ____D () C:\Users\Gil\AppData\Local\Google
2014-03-06 13:31 - 2014-03-06 13:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-06 13:31 - 2014-03-06 13:31 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-06 13:31 - 2014-03-06 13:31 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-06 13:28 - 2014-03-12 11:24 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Apple Computer
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Users\Gil\AppData\Local\Apple Computer
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Users\Gil\AppData\Local\Apple
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files\iTunes
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files\iPod
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-06 13:28 - 2012-08-21 13:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\System32\Drivers\GEARAspiWDM.sys
2014-03-06 12:22 - 2014-03-06 13:28 - 00000000 ____D () C:\ProgramData\Apple
2014-03-06 12:22 - 2014-03-06 12:22 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-06 12:22 - 2014-03-06 12:22 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-06 12:15 - 2014-03-06 12:15 - 00000000 ____D () C:\Users\Gil\AppData\Local\Evernote
2014-03-06 12:15 - 2014-03-06 12:15 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-03-06 12:03 - 2014-03-06 12:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-03-06 12:01 - 2014-03-06 12:01 - 00177752 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2014-03-06 12:01 - 2014-03-06 12:01 - 00008222 _____ () C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2014-03-06 12:01 - 2014-03-06 12:01 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-06 12:01 - 2014-03-06 12:01 - 00000000 ____D () C:\Windows\System32\Drivers\N360x64
2014-03-06 12:01 - 2014-03-06 12:01 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-06 12:01 - 2014-03-06 12:01 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2014-03-06 12:00 - 2014-03-06 12:00 - 00000000 ____D () C:\Users\Gil\Documents\Symantec
2014-03-06 11:58 - 2014-03-06 12:02 - 00000000 ____D () C:\ProgramData\Norton
2014-03-06 11:58 - 2014-03-06 11:58 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-03-06 11:48 - 2014-03-06 11:49 - 148885840 _____ (Apple Inc.) C:\Users\Gil\Downloads\iTunes64Setup.exe
2014-03-06 11:32 - 2014-03-06 11:32 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-03-06 11:15 - 2014-03-06 11:15 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-06 11:04 - 2014-03-06 11:06 - 386308920 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\MicrosoftInstaller.exe
2014-03-06 10:55 - 2014-03-07 10:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-06 10:55 - 2014-03-06 10:55 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-06 10:54 - 2014-03-13 09:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-06 10:54 - 2014-03-06 11:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-06 10:54 - 2014-03-06 11:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-06 10:54 - 2014-03-06 10:54 - 00000000 __RHD () C:\MSOCache
2014-03-06 10:54 - 2014-03-06 10:54 - 00000000 ____D () C:\Users\Gil\AppData\Local\Microsoft Help
2014-03-05 21:11 - 2014-03-12 07:16 - 00075776 ___SH () C:\Users\Gil\Desktop\Thumbs.db
2014-03-05 20:27 - 2014-03-05 20:27 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-05 20:25 - 2014-03-18 10:12 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-145297890-2094086102-1777008539-1001
2014-03-05 20:25 - 2014-03-05 20:25 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Macromedia
2014-03-05 20:24 - 2014-03-18 12:50 - 00000000 __RDO () C:\Users\Gil\SkyDrive
2014-03-05 20:23 - 2014-03-05 20:23 - 00000000 _____ () C:\Windows\System32\atiicdxx.dat
2014-03-05 20:23 - 2014-03-05 20:23 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-05 20:20 - 2014-03-17 13:23 - 00000000 ____D () C:\Users\Gil\AppData\Local\PackageStaging
2014-03-05 20:19 - 2014-03-17 13:23 - 00000000 ____D () C:\Users\Gil\AppData\Local\Packages
2014-03-05 20:19 - 2014-03-05 20:19 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Adobe
2014-03-05 20:19 - 2014-03-05 20:19 - 00000000 ____D () C:\Users\Gil\AppData\Local\VirtualStore
2014-03-05 20:16 - 2014-03-18 09:05 - 00818732 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-05 20:16 - 2014-03-05 20:24 - 00000000 ____D () C:\users\Gil
2014-03-05 20:16 - 2014-03-05 20:16 - 00000020 ___SH () C:\Users\Gil\ntuser.ini
2014-03-05 20:13 - 2014-03-18 10:02 - 02036697 _____ () C:\Windows\WindowsUpdate.log
2014-03-05 20:13 - 2013-08-21 21:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2014-03-05 19:19 - 2014-03-18 08:08 - 00055734 _____ () C:\Windows\PFRO.log
2014-03-05 19:19 - 2014-03-05 20:19 - 00000000 ____D () C:\Windows\Panther
 
==================== One Month Modified Files and Folders =======
 
2014-03-18 16:55 - 2014-03-18 16:55 - 00000000 ____D () C:\FRST
2014-03-18 12:51 - 2013-08-22 05:25 - 00524288 ___SH () C:\Windows\System32\config\BBI
2014-03-18 12:50 - 2014-03-06 13:31 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 12:50 - 2014-03-05 20:24 - 00000000 __RDO () C:\Users\Gil\SkyDrive
2014-03-18 12:50 - 2013-08-22 06:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 10:14 - 2014-03-18 10:14 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-03-18 10:14 - 2013-08-22 06:46 - 00010364 _____ () C:\Windows\setupact.log
2014-03-18 10:12 - 2014-03-05 20:25 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-145297890-2094086102-1777008539-1001
2014-03-18 10:02 - 2014-03-05 20:13 - 02036697 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 10:00 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\System32\sru
2014-03-18 09:36 - 2014-03-06 13:31 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 09:05 - 2014-03-05 20:16 - 00818732 _____ () C:\Windows\System32\PerfStringBackup.INI
2014-03-18 08:55 - 2014-03-18 08:17 - 00000000 ____D () C:\Users\norton\AppData\Local\NPE
2014-03-18 08:40 - 2014-03-18 08:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 08:40 - 2014-03-18 08:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-18 08:16 - 2014-03-18 08:16 - 03053496 ____N (Symantec Corporation) C:\Users\norton\Downloads\NPE.exe
2014-03-18 08:15 - 2014-03-18 08:15 - 00002275 _____ () C:\Users\norton\Desktop\Google Chrome.lnk
2014-03-18 08:15 - 2014-03-18 08:15 - 00000000 ____D () C:\Users\norton\AppData\Local\Google
2014-03-18 08:14 - 2014-03-18 08:14 - 00000020 ___SH () C:\Users\norton\ntuser.ini
2014-03-18 08:14 - 2014-03-18 08:14 - 00000000 ____D () C:\Users\norton\AppData\Local\Packages
2014-03-18 08:14 - 2014-03-18 08:14 - 00000000 ____D () C:\users\norton
2014-03-18 08:08 - 2014-03-05 19:19 - 00055734 _____ () C:\Windows\PFRO.log
2014-03-18 08:03 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ToastData
2014-03-18 07:52 - 2014-03-06 13:34 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Spotify
2014-03-17 23:52 - 2014-03-07 10:10 - 00000000 ____D () C:\Windows\System32\MRT
2014-03-17 23:51 - 2014-03-07 10:10 - 90015360 _____ (Microsoft Corporation) C:\Windows\System32\MRT.exe
2014-03-17 23:51 - 2013-08-22 05:25 - 00262144 ___SH () C:\Windows\System32\config\ELAM
2014-03-17 13:28 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-03-17 13:23 - 2014-03-05 20:20 - 00000000 ____D () C:\Users\Gil\AppData\Local\PackageStaging
2014-03-17 13:23 - 2014-03-05 20:19 - 00000000 ____D () C:\Users\Gil\AppData\Local\Packages
2014-03-17 11:03 - 2014-03-06 13:35 - 00000000 ____D () C:\Users\Gil\AppData\Local\Spotify
2014-03-17 01:44 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\rescache
2014-03-15 13:58 - 2013-08-22 06:44 - 00375296 _____ () C:\Windows\System32\FNTCACHE.DAT
2014-03-15 13:57 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 13:57 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-15 07:42 - 2014-03-10 17:39 - 00000000 ____D () C:\Users\Gil\Desktop\Workbench and Garage Ideas
2014-03-13 11:54 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\System32\NDF
2014-03-13 09:49 - 2014-03-06 10:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 11:24 - 2014-03-12 11:24 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-12 11:24 - 2014-03-06 13:28 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Apple Computer
2014-03-12 10:40 - 2014-03-12 10:40 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-03-12 10:40 - 2014-03-12 10:40 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-03-12 10:40 - 2014-03-12 10:40 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-03-12 10:39 - 2014-03-12 10:39 - 49662160 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\MouseKeyboardCenter_64bit_ENG_2.2.173.exe
2014-03-12 10:37 - 2014-03-12 10:37 - 00003040 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
2014-03-12 10:37 - 2013-08-22 07:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-12 10:33 - 2014-03-12 10:33 - 22413696 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\IPx64_1033_8.20.468.0.exe
2014-03-12 10:33 - 2014-03-12 10:33 - 22413696 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\IPx64_1033_8.20.468.0 (1).exe
2014-03-12 07:16 - 2014-03-05 21:11 - 00075776 ___SH () C:\Users\Gil\Desktop\Thumbs.db
2014-03-10 14:55 - 2014-03-09 17:42 - 00000000 ____D () C:\Users\Gil\AppData\Local\CrashDumps
2014-03-10 14:54 - 2014-03-10 14:54 - 00001031 _____ () C:\Users\Public\Desktop\Cyberduck.lnk
2014-03-10 14:54 - 2014-03-10 14:53 - 00000000 ____D () C:\Program Files (x86)\Cyberduck
2014-03-10 14:45 - 2014-03-10 14:45 - 00002068 _____ () C:\Users\Public\Desktop\MP Navigator 2.2.lnk
2014-03-10 14:45 - 2014-03-10 14:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-03-10 14:44 - 2014-03-10 14:44 - 09785424 _____ () C:\Users\Gil\Downloads\mpnmp530win222ea13.exe
2014-03-10 14:44 - 2014-03-10 14:44 - 00000000 ___HD () C:\Windows\System32\CanonIJ Uninstaller Information
2014-03-10 14:44 - 2014-03-10 14:44 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-10 14:44 - 2014-03-10 14:44 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-03-10 14:43 - 2014-03-10 14:43 - 10851656 _____ () C:\Users\Gil\Downloads\mp530win64111ej.exe
2014-03-10 14:11 - 2014-03-10 14:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-10 14:09 - 2014-03-10 14:09 - 41945432 _____ (Apple Inc.) C:\Users\Gil\Downloads\QuickTimeInstaller.exe
2014-03-10 11:22 - 2014-03-10 11:22 - 04011640 _____ () C:\Users\Gil\Downloads\ljP1000_P1500-HB-pnp-win64-en.exe
2014-03-10 11:22 - 2014-03-10 11:22 - 00019341 _____ () C:\HPLJP1000_P1500_Series.log
2014-03-10 11:22 - 2014-03-10 11:22 - 00000000 ____D () C:\Program Files\HP
2014-03-08 13:44 - 2013-08-22 05:25 - 00000167 _____ () C:\Windows\win.ini
2014-03-08 13:17 - 2014-03-08 13:17 - 00000000 ____D () C:\ProgramData\Logitech
2014-03-08 13:13 - 2013-08-22 07:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-03-08 13:13 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\WinStore
2014-03-08 13:13 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\System32\migwiz
2014-03-08 13:13 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-08 13:13 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-03-08 13:13 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\FileManager
2014-03-08 13:13 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\Camera
2014-03-08 13:13 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-03-08 13:13 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\System32\oobe
2014-03-08 13:13 - 2013-08-22 05:36 - 00000000 ____D () C:\Windows\System32\Dism
2014-03-08 13:09 - 2014-03-08 13:09 - 00018960 _____ (Logitech, Inc.) C:\Windows\System32\Drivers\LNonPnP.sys
2014-03-08 13:09 - 2014-03-08 13:09 - 00006548 _____ () C:\Windows\LDPINST.LOG
2014-03-08 13:09 - 2014-03-08 13:09 - 00000758 _____ () C:\Windows\LkmdfCoInst.log
2014-03-08 13:09 - 2014-03-08 13:09 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-08 13:09 - 2014-03-08 13:09 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Leadertech
2014-03-08 13:09 - 2014-03-08 13:09 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-08 13:09 - 2014-03-08 13:09 - 00000000 ____D () C:\Program Files\Logitech
2014-03-08 13:09 - 2014-03-08 13:07 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Logitech
2014-03-08 13:09 - 2014-03-08 13:07 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-03-08 13:07 - 2014-03-08 13:07 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Logishrd
2014-03-07 10:12 - 2014-03-18 08:14 - 00000000 ____D () C:\Users\norton\AppData\Local\Microsoft Help
2014-03-07 10:12 - 2014-03-07 10:12 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-07 10:12 - 2014-03-07 10:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-07 10:12 - 2014-03-06 10:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-06 13:32 - 2014-03-06 13:31 - 00000000 ____D () C:\Users\Gil\AppData\Local\Google
2014-03-06 13:32 - 2014-03-06 13:31 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-06 13:31 - 2014-03-06 13:31 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-06 13:31 - 2014-03-06 13:31 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Users\Gil\AppData\Local\Apple Computer
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Users\Gil\AppData\Local\Apple
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files\iTunes
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files\iPod
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-06 13:28 - 2014-03-06 13:28 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-06 13:28 - 2014-03-06 12:22 - 00000000 ____D () C:\ProgramData\Apple
2014-03-06 12:22 - 2014-03-06 12:22 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-06 12:22 - 2014-03-06 12:22 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-06 12:15 - 2014-03-06 12:15 - 00000000 ____D () C:\Users\Gil\AppData\Local\Evernote
2014-03-06 12:15 - 2014-03-06 12:15 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-03-06 12:03 - 2014-03-06 12:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-03-06 12:02 - 2014-03-06 11:58 - 00000000 ____D () C:\ProgramData\Norton
2014-03-06 12:01 - 2014-03-06 12:01 - 00177752 _____ (Symantec Corporation) C:\Windows\System32\Drivers\SYMEVENT64x86.SYS
2014-03-06 12:01 - 2014-03-06 12:01 - 00008222 _____ () C:\Windows\System32\Drivers\SYMEVENT64x86.CAT
2014-03-06 12:01 - 2014-03-06 12:01 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-06 12:01 - 2014-03-06 12:01 - 00000000 ____D () C:\Windows\System32\Drivers\N360x64
2014-03-06 12:01 - 2014-03-06 12:01 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-06 12:01 - 2014-03-06 12:01 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2014-03-06 12:01 - 2013-08-22 07:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-03-06 12:00 - 2014-03-06 12:00 - 00000000 ____D () C:\Users\Gil\Documents\Symantec
2014-03-06 11:58 - 2014-03-06 11:58 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-03-06 11:49 - 2014-03-06 11:48 - 148885840 _____ (Apple Inc.) C:\Users\Gil\Downloads\iTunes64Setup.exe
2014-03-06 11:32 - 2014-03-06 11:32 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-03-06 11:15 - 2014-03-06 11:15 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-06 11:15 - 2014-03-06 10:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-06 11:14 - 2014-03-06 10:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-06 11:06 - 2014-03-06 11:04 - 386308920 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\MicrosoftInstaller.exe
2014-03-06 10:55 - 2014-03-06 10:55 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-06 10:54 - 2014-03-06 10:54 - 00000000 __RHD () C:\MSOCache
2014-03-06 10:54 - 2014-03-06 10:54 - 00000000 ____D () C:\Users\Gil\AppData\Local\Microsoft Help
2014-03-06 10:54 - 2013-08-22 11:11 - 00000000 ____D () C:\Windows\ShellNew
2014-03-05 20:27 - 2014-03-05 20:27 - 00000000 ____H () C:\Windows\System32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-05 20:25 - 2014-03-05 20:25 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Macromedia
2014-03-05 20:24 - 2014-03-05 20:16 - 00000000 ____D () C:\users\Gil
2014-03-05 20:23 - 2014-03-05 20:23 - 00000000 _____ () C:\Windows\System32\atiicdxx.dat
2014-03-05 20:23 - 2014-03-05 20:23 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-05 20:19 - 2014-03-05 20:19 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Adobe
2014-03-05 20:19 - 2014-03-05 20:19 - 00000000 ____D () C:\Users\Gil\AppData\Local\VirtualStore
2014-03-05 20:19 - 2014-03-05 19:19 - 00000000 ____D () C:\Windows\Panther
2014-03-05 20:16 - 2014-03-05 20:16 - 00000020 ___SH () C:\Users\Gil\ntuser.ini
2014-03-05 19:20 - 2013-08-22 07:37 - 00001720 _____ () C:\Windows\DtcInstall.log
2014-03-05 19:20 - 2013-08-22 07:36 - 00000000 ____D () C:\Windows\System32\Recovery
2014-03-05 19:18 - 2013-08-22 07:36 - 00262144 _____ () C:\Windows\System32\config\BCD-Template
2014-03-04 14:53 - 2013-08-22 07:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 14:53 - 2013-08-22 07:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-02-28 22:05 - 2014-03-12 17:00 - 23133696 _____ (Microsoft Corporation) C:\Windows\System32\mshtml.dll
2014-02-28 20:58 - 2014-03-12 17:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\System32\iertutil.dll
2014-02-28 20:30 - 2014-03-12 17:00 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-02-28 20:17 - 2014-03-12 17:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\System32\ie4uinit.exe
2014-02-28 19:54 - 2014-03-12 17:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\System32\jscript9.dll
2014-02-28 19:47 - 2014-03-12 17:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 19:42 - 2014-03-12 17:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\System32\msfeeds.dll
2014-02-28 19:18 - 2014-03-12 17:00 - 13051904 _____ (Microsoft Corporation) C:\Windows\System32\ieframe.dll
2014-02-28 19:14 - 2014-03-12 17:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 19:10 - 2014-03-12 17:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\System32\wininet.dll
2014-02-28 19:03 - 2014-03-12 17:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 18:57 - 2014-03-12 17:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 18:38 - 2014-03-12 17:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\System32\urlmon.dll
2014-02-28 18:32 - 2014-03-12 17:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 18:27 - 2014-03-12 17:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 18:25 - 2014-03-12 17:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\System32\ieapfltr.dll
2014-02-28 18:25 - 2014-03-12 17:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-22 04:16 - 2014-03-18 08:36 - 00139776 _____ (Microsoft Corporation) C:\Windows\System32\poqexec.exe
2014-02-22 03:24 - 2014-03-18 08:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
 
Some content of TEMP:
====================
C:\Users\Gil\AppData\Local\Temp\ose00001.exe
 
 
==================== Known DLLs (Whitelisted) ================
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 17:00] - [2014-01-31 08:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
 
 
TDL4: custom:26000022 <===== ATTENTION!
 
==================== EXE ASSOCIATION =====================
 
HKLM\...\.exe: exefile => OK
HKLM\...\exefile\DefaultIcon: %1 => OK
HKLM\...\exefile\open\command: "%1" %* => OK
 
==================== Restore Points  =========================
 
 
==================== Memory info =========================== 
 
Percentage of memory in use: 13%
Total physical RAM: 6134.98 MB
Available physical RAM: 5316.66 MB
Total Pagefile: 6134.98 MB
Available Pagefile: 5352 MB
Total Virtual: 131072 MB
Available Virtual: 131071.86 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.45 GB) (Free:72.78 GB) NTFS
Drive d: (System Reserved) (Fixed) (Total:0.34 GB) (Free:0.09 GB) NTFS ==>[System with boot components (obtained from reading drive)]
ATTENTION: Malware custom entry on BCD on drive d: detected.
Drive e: (RECOVERY) (Fixed) (Total:15 GB) (Free:6.53 GB) NTFS
Drive k: (OFFICE14) (CDROM) (Total:0.58 GB) (Free:0 GB) UDF
Drive l: (HITMANPRO) (Removable) (Total:1.9 GB) (Free:1.9 GB) FAT32
Drive x: (Boot) (Fixed) (Total:0.5 GB) (Free:0.49 GB) NTFS
Drive y: (Media/Win 7) (Fixed) (Total:916.44 GB) (Free:352.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C0000000)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: BFF39675)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 6 (Size: 2 GB) (Disk ID: 8646DF11)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)
 
 
LastRegBack: 2014-03-15 01:01
 
==================== End Of Log ============================


#4 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:32 AM

Posted 18 March 2014 - 04:22 PM

Fix with FRST (Recovery Environment)


  • Open notepad (Start =>All Programs => Accessories => Notepad).
  • Please copy the entire contents of the code box below.
    (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste). Save it on the flashdrive as fixlist.txt

    TDL4: custom:26000022 <===== ATTENTION!

    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system

    Now please enter System Recovery Options again.

  • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
  • The tool will make a log on the flashdrive (Fixlog.txt) please post it to your reply.

 

 

Boot into windows now!

 

 

Scan with TDSS-Killer

Please read and follow these instructions carefully. We do not want it to fix anything yet (if found), we need to see a report first.

Download TDSSKiller.zip and extract to your desktop

  • Execute TDSSKiller.exe by doubleclicking on it.
  • Press Start Scan
  • If Malicious objects are found, do NOT select Copy to quarantine. Change the action to Skip, and save the log.
  • Once complete, a log will be produced at the root drive which is typically C:\ ,for example, C:\TDSSKiller.<version_date_time>log.txt


Please post the contents of that log in your next reply.

 

 

 

Scan with FRST in normal mode

Please download Farbar's Recovery Scan Tool to your desktop: FRST 32bit or FRST 64bit (If not sure: Start --> Computer (right click) --> properties)

  • Run FRST.
  • Don´t change one of the checkboxes and hit Scan.
  • Logfiles are created on your desktop.
  • Poste the FRST.txt and (after the first scan only!) the Addition.txt.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#5 ATL_heel

ATL_heel
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 18 March 2014 - 04:50 PM

Here is the fixlog.txt:

 

-------------------------------

 

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 13-03-2014
Ran by Gil at 2014-03-18 17:35:24 Run:1
Running from K:\
Boot Mode: Safe Mode (minimal)
==============================================
 
Content of fixlist:
*****************
TDL4: custom:26000022 <===== ATTENTION!
*****************
 
 
The operation completed successfully.
The operation completed successfully.
 
==== End of Fixlog ====
 
 
And here is the TDSSKiller log:
 
---------------------------------
 
17:41:00.0664 0x1538  TDSS rootkit removing tool 3.0.0.25 Feb 27 2014 15:23:02
17:41:04.0307 0x1538  ============================================================
17:41:04.0307 0x1538  Current date / time: 2014/03/18 17:41:04.0307
17:41:04.0307 0x1538  SystemInfo:
17:41:04.0307 0x1538  
17:41:04.0307 0x1538  OS Version: 6.3.9600 ServicePack: 0.0
17:41:04.0307 0x1538  Product type: Workstation
17:41:04.0307 0x1538  ComputerName: OFFICE-DESKTOP
17:41:04.0307 0x1538  UserName: Gil
17:41:04.0307 0x1538  Windows directory: C:\Windows
17:41:04.0307 0x1538  System windows directory: C:\Windows
17:41:04.0307 0x1538  Running under WOW64
17:41:04.0307 0x1538  Processor architecture: Intel x64
17:41:04.0307 0x1538  Number of processors: 8
17:41:04.0307 0x1538  Page size: 0x1000
17:41:04.0307 0x1538  Boot type: Normal boot
17:41:04.0307 0x1538  ============================================================
17:41:04.0497 0x1538  KLMD registered as C:\Windows\system32\drivers\06141918.sys
17:41:04.0631 0x1538  System UUID: {6B7AB49C-20BD-2429-F7C0-08B399BF0BE2}
17:41:05.0100 0x1538  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:05.0100 0x1538  Drive \Device\Harddisk1\DR1 - Size: 0x1BF2976000 (111.79 Gb), SectorSize: 0x200, Cylinders: 0x3901, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:41:05.0117 0x1538  Drive \Device\Harddisk6\DR6 - Size: 0x7A7D2200 (1.91 Gb), SectorSize: 0x200, Cylinders: 0xF9, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:41:05.0121 0x1538  ============================================================
17:41:05.0121 0x1538  \Device\Harddisk0\DR0:
17:41:05.0121 0x1538  MBR partitions:
17:41:05.0121 0x1538  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x23800, BlocksNum 0x1E00000
17:41:05.0121 0x1538  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1E23800, BlocksNum 0x728E2800
17:41:05.0121 0x1538  \Device\Harddisk1\DR1:
17:41:05.0121 0x1538  MBR partitions:
17:41:05.0121 0x1538  \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0xAF000
17:41:05.0121 0x1538  \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0xAF800, BlocksNum 0xDEE4800
17:41:05.0121 0x1538  \Device\Harddisk6\DR6:
17:41:05.0122 0x1538  MBR partitions:
17:41:05.0122 0x1538  \Device\Harddisk6\DR6\Partition1: MBR, Type 0xB, StartLBA 0x3F, BlocksNum 0x3D09B9
17:41:05.0122 0x1538  ============================================================
17:41:05.0123 0x1538  C: <-> \Device\Harddisk1\DR1\Partition2
17:41:05.0132 0x1538  D: <-> \Device\Harddisk0\DR0\Partition2
17:41:05.0156 0x1538  E: <-> \Device\Harddisk0\DR0\Partition1
17:41:05.0156 0x1538  ============================================================
17:41:05.0156 0x1538  Initialize success
17:41:05.0156 0x1538  ============================================================
17:41:09.0276 0x14bc  ============================================================
17:41:09.0276 0x14bc  Scan started
17:41:09.0276 0x14bc  Mode: Manual; 
17:41:09.0276 0x14bc  ============================================================
17:41:09.0276 0x14bc  KSN ping started
17:41:11.0936 0x14bc  KSN ping finished: true
17:41:12.0236 0x14bc  ================ Scan system memory ========================
17:41:12.0236 0x14bc  System memory - ok
17:41:12.0236 0x14bc  ================ Scan services =============================
17:41:12.0287 0x14bc  [ E1832BD9FD7E0FC2DC9FA5935DE3E8C1, 41FF7418887AFC8B9C96EF21C5950DD342CC9E3C0D87AFD60A05B988C1D6CC23 ] 1394ohci        C:\Windows\System32\drivers\1394ohci.sys
17:41:12.0294 0x14bc  1394ohci - ok
17:41:12.0310 0x14bc  [ AD508A1A46EC21B740AB31C28EFDFDB1, 9B1046CF0B80723149BD359B55CC0B8B3ABBEAA9038469F542A4C345C503FB02 ] 3ware           C:\Windows\system32\drivers\3ware.sys
17:41:12.0314 0x14bc  3ware - ok
17:41:12.0328 0x14bc  [ 3D30878A269D934100FA5F972E53AF39, 3D2D22D1A9D80DB94D6059C789FBD04DC945722B8644DF6DAA73D5713A10EC52 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:41:12.0338 0x14bc  ACPI - ok
17:41:12.0343 0x14bc  [ AC8279D229398BCF05C3154ADCA86813, 083E86CBE53244D24C334DB1511C77025133AE7875191845764B890A8CA5AFA9 ] acpiex          C:\Windows\system32\Drivers\acpiex.sys
17:41:12.0345 0x14bc  acpiex - ok
17:41:12.0349 0x14bc  [ A8970D9BF23CD309E0403978A1B58F3F, 9946C8477104EEC7DB197E2222F9905307F101C398CCED4B5FD0F86A5622C791 ] acpipagr        C:\Windows\System32\drivers\acpipagr.sys
17:41:12.0350 0x14bc  acpipagr - ok
17:41:12.0353 0x14bc  [ 111A89C99C5B4F1A7BCE5F643DD86F65, 41A2E49FF443927D05F7EF638518108227852984E68D4663C8761178C0B84A45 ] AcpiPmi         C:\Windows\System32\drivers\acpipmi.sys
17:41:12.0354 0x14bc  AcpiPmi - ok
17:41:12.0357 0x14bc  [ 5758387D68A20AE7D3245011B07E36E7, 77832E200E8B0D259552F6F60FE454A887E3EBBB9EA2F3590E6645289A04E293 ] acpitime        C:\Windows\System32\drivers\acpitime.sys
17:41:12.0358 0x14bc  acpitime - ok
17:41:12.0377 0x14bc  [ 7C1FDF1B48298CBA7CE4BDD4978951AD, 80F4D536E1231B30E836F72ADC8814AE6AA9FEC573FB5F3F965FAC8ABCCAF0F8 ] ADP80XX         C:\Windows\system32\drivers\ADP80XX.SYS
17:41:12.0394 0x14bc  ADP80XX - ok
17:41:12.0403 0x14bc  [ B19CA8E441D35AA2B1EE51C10B27DA1B, EBEB96EA44E665B2D4FCD1CC58621A20A17F036EA4A695340A2B65F94F69CDDC ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:41:12.0407 0x14bc  AeLookupSvc - ok
17:41:12.0423 0x14bc  [ 239268BAB58EAE9A3FF4E08334C00451, 13F927730DF9BAEDB3A7AB6F7238270A20E4CDEB3D5324A1C471DF2209F3D239 ] AFD             C:\Windows\system32\drivers\afd.sys
17:41:12.0434 0x14bc  AFD - ok
17:41:12.0439 0x14bc  [ 7DFAEBA9AD62D20102B576D5CAC45EC8, 9FA5207335303D1E8E9A3C9E1FB82C09AD21B04382F69D777A67E48EE91D2093 ] agp440          C:\Windows\system32\drivers\agp440.sys
17:41:12.0441 0x14bc  agp440 - ok
17:41:12.0445 0x14bc  [ 8E8E34B7BA059050EED827410D0697A2, 85B6684709F24729A6497563812A90A54068AC2DD9EEA03037CB1EEF5C85AAA9 ] ahcache         C:\Windows\system32\DRIVERS\ahcache.sys
17:41:12.0447 0x14bc  ahcache - ok
17:41:12.0452 0x14bc  [ A91D8E1E433EFB32551BCE69037E1CE7, 41DFDD5B56918D19D09DFB3E4B07460AA85647A8647ABBBB906158D8D6653290 ] ALG             C:\Windows\System32\alg.exe
17:41:12.0455 0x14bc  ALG - ok
17:41:12.0460 0x14bc  [ 7589DE749DB6F71A68489DCE04158729, 5F35EDD50737985595C9D6703237CA2ADE49AA5443331020899698EB5114A0FB ] AmdK8           C:\Windows\System32\drivers\amdk8.sys
17:41:12.0462 0x14bc  AmdK8 - ok
17:41:12.0705 0x14bc  [ A94C4DB415523765B709186F753D30B9, 09A3A32C6D83B8A1DE623E3CFAC0854397B35231ACDA3958B5BAEC50AFC74912 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
17:41:12.0943 0x14bc  amdkmdag - ok
17:41:12.0963 0x14bc  [ AA48FEABA50C2DED9C485DFDBA044E40, AE52933B85494F51E4F1524489BEAC4C16F80D09BC8974D97F792D94EAD2A231 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:41:12.0972 0x14bc  amdkmdap - ok
17:41:12.0978 0x14bc  [ B46D2D89AFF8A9490FA8C98C7A5616E3, BE0765B5423B690E0F097FECD9717FAA95BFDFFDC6CF1B93DE5A19A1B7797879 ] AmdPPM          C:\Windows\System32\drivers\amdppm.sys
17:41:12.0982 0x14bc  AmdPPM - ok
17:41:12.0986 0x14bc  [ D2BF2F94A47D332814910FD47C6BBCD2, FE273D77D119D958676E1197D9EA7B008E3B05C6192B1962A81D4223ED204C35 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:41:12.0989 0x14bc  amdsata - ok
17:41:12.0998 0x14bc  [ A8E04943C7BBA7219AA50400272C3C6E, 794C0BD12DF0392654E9A37AE4A24B5BE2D83F1F24F74DD48A1A0BF3AB8B1FF8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:41:13.0004 0x14bc  amdsbs - ok
17:41:13.0008 0x14bc  [ CEA5F4F27CFC08E3A44D576811B35F50, 89DF64B81BD109BAABAE93A4603C1617241219F38DDAF325EFE6BD35FF6FD717 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:41:13.0009 0x14bc  amdxata - ok
17:41:13.0014 0x14bc  [ 04951A9A937CBE28A2D3FEEA360B6D1F, D8AAF000BE4FE4B203DC2EB2A64F780A542E5238CE3F9952FD03277379B11529 ] AppID           C:\Windows\system32\drivers\appid.sys
17:41:13.0016 0x14bc  AppID - ok
17:41:13.0019 0x14bc  [ C0DC3F58214A227980AEB091CFD2F973, 0C3E8453C9F65ADA3E74C38C0E3AC3E0CBFD807B827097046265B38839E151E3 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:41:13.0020 0x14bc  AppIDSvc - ok
17:41:13.0025 0x14bc  [ 7E790DE2487CEDB349D1750B9E47F090, EDA4A87EA2F89ABD174E9590DD46E70B9E7E4B35BDFC3ED90D79CD594F8CB2CD ] Appinfo         C:\Windows\System32\appinfo.dll
17:41:13.0027 0x14bc  Appinfo - ok
17:41:13.0033 0x14bc  [ 221564CC7BE37611FE15EACF443E1BF6, 381BDF17418C779D72332431BA174C2AD76CD9C7C1711FF5142EA9B05D5555E4 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
17:41:13.0034 0x14bc  Apple Mobile Device - ok
17:41:13.0048 0x14bc  [ 4B964AE0DF433A3BFA7BD24713BC2E9B, DC8933265E67E43CAE96EA64B146CB9067B536A4DA2C90EDCB38302BBFA1CE6B ] AppReadiness    C:\Windows\system32\AppReadiness.dll
17:41:13.0059 0x14bc  AppReadiness - ok
17:41:13.0089 0x14bc  [ 0B726D9ED75C787D6FFAF1E3873BCC70, DC3822B35FB65D53CC5D0E3982C326C5F47F0911BEB1F66DCC84A79C84621E1E ] AppXSvc         C:\Windows\system32\appxdeploymentserver.dll
17:41:13.0113 0x14bc  AppXSvc - ok
17:41:13.0119 0x14bc  [ 65045784366F7EC5FB4E71BCF923187B, 53C215C64FF12E44B097F7CB88E8482438CE0ACBD3C68D8FD38BA0D0D8747FAA ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:41:13.0122 0x14bc  arcsas - ok
17:41:13.0126 0x14bc  [ 74B14192CF79A72F7536B27CB8814FBD, 0CF6BBB63FFE0C12777664D80B2797923844C8392D0FD81D7962EE5EE2C3C3D9 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:41:13.0126 0x14bc  atapi - ok
17:41:13.0134 0x14bc  [ 4903CBC14742B5AB4DCF7A92F7DEC483, B8491FDA1D1E767658ECC5C3C3DDFB3EB12A969F0F6ACF116C18300FF54075D5 ] AudioEndpointBuilder C:\Windows\System32\AudioEndpointBuilder.dll
17:41:13.0138 0x14bc  AudioEndpointBuilder - ok
17:41:13.0158 0x14bc  [ EF276593AD1BDF5A99032F62D6272848, 3961689B34A6BCD891FF48A044ABD184F5D7320AE882DF79E5ADC57B08205BA9 ] Audiosrv        C:\Windows\System32\Audiosrv.dll
17:41:13.0175 0x14bc  Audiosrv - ok
17:41:13.0181 0x14bc  [ 96E8CAF20FC4B6C31CAD7816A801EB78, E4870DB8FFBDCFEE98449338D0BDBF2DD0B5FEC75514E41C11A882BE6EB16833 ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:41:13.0184 0x14bc  AxInstSV - ok
17:41:13.0199 0x14bc  [ A4A73F631FE2AA2826FBE4A399B04DEF, 973AACE8DC8DA669D0DF20F17EFDEEABB90AA046AC980948D16A62D39A606A79 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:41:13.0210 0x14bc  b06bdrv - ok
17:41:13.0214 0x14bc  [ 8CC7F7E4AFCBA605921B137ED7992C68, 71406E6D6E9964740A6D90B05329D5492BB90AF40E0630CF2FBF4BA4BA14F2DD ] BasicDisplay    C:\Windows\System32\drivers\BasicDisplay.sys
17:41:13.0216 0x14bc  BasicDisplay - ok
17:41:13.0220 0x14bc  [ 2748E116F8621A4DB0D39FCDD7318C01, DA2DEB7FE1D887B1EF5E2B5103270B72268D8ABDDA36C396627305C0BA90FC20 ] BasicRender     C:\Windows\System32\drivers\BasicRender.sys
17:41:13.0221 0x14bc  BasicRender - ok
17:41:13.0230 0x14bc  [ AEF20F3D9A87A3F7B7F600605334876F, 3D1EC63ACB774794E7859A80436DFC852B1899152199E49E8F5782E22EDED44F ] BBSvc           C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\BBSvc.exe
17:41:13.0234 0x14bc  BBSvc - ok
17:41:13.0243 0x14bc  [ 2E8B11F82D1B3A3D0ABB8BAE51790115, A32AB5966B49AD29CF2C042575389D736E7C9344EB4509F13E02BAD4D352CA38 ] BBUpdate        C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\SeaPort.exe
17:41:13.0248 0x14bc  BBUpdate - ok
17:41:13.0251 0x14bc  [ C1ABB0F7E3BEA48A0417BDF6FF14AB21, 1CAC63A1A0FB9855A27EE977794576A860F6650C9EF7667FFB27F2A2FF721857 ] bcmfn2          C:\Windows\System32\drivers\bcmfn2.sys
17:41:13.0252 0x14bc  bcmfn2 - ok
17:41:13.0262 0x14bc  [ BBE61A40665B83488901E41082A6097D, ADF750DB32E1295C57C03D587A60194529C8B83F90F433C3458288FB5E8F475B ] BDESVC          C:\Windows\System32\bdesvc.dll
17:41:13.0269 0x14bc  BDESVC - ok
17:41:13.0273 0x14bc  [ EC19013E4CF87609534165DF897274D6, 8ED45537CF2D58D759A587CCBFDADD5580C7447B0C3B172CF19ECC7585E073FC ] Beep            C:\Windows\system32\drivers\Beep.sys
17:41:13.0273 0x14bc  Beep - ok
17:41:13.0293 0x14bc  [ 6468B696C65775D51A06615830E0E79D, CC4081B3A4895192B4796A745F0BCE8C9C3149B854A7B9BEF84668A2E1D074B5 ] BFE             C:\Windows\System32\bfe.dll
17:41:13.0310 0x14bc  BFE - ok
17:41:13.0346 0x14bc  [ F14F048B4D05FBCE536250EA74BF9FDC, 63E25E916209B6AF7AAC98B665E0128842F1EFDDEF95D50095514A9FDDC522A9 ] BHDrvx64        C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys
17:41:13.0377 0x14bc  BHDrvx64 - ok
17:41:13.0402 0x14bc  [ 15225081966C785A9192782401643FD4, E2BA0C8D044556FDD9DD7A25F7F71553DE7A2924E78F9284413C2AC46F0BF4EB ] BITS            C:\Windows\System32\qmgr.dll
17:41:13.0419 0x14bc  BITS - ok
17:41:13.0432 0x14bc  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:41:13.0442 0x14bc  Bonjour Service - ok
17:41:13.0447 0x14bc  [ 6B4FFFDDC618FCF64473CAA86E305697, 29EA66071D5822920F5C50533673ADAB5204F8B25C11027AD27450D881F1142D ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:41:13.0449 0x14bc  bowser - ok
17:41:13.0458 0x14bc  [ A6207A88B596F726DE558425F3B7E592, 126375CC8EA101E0878728323B7EAA69DC8699AC04470FB95D482B1025E0FFB2 ] BrokerInfrastructure C:\Windows\System32\bisrv.dll
17:41:13.0464 0x14bc  BrokerInfrastructure - ok
17:41:13.0469 0x14bc  [ D528D6A92D187777691993DD757AF19A, 2C79978310193431E5FC462368424A172858D5351C92D4815C2A7E35B5DDE50C ] Browser         C:\Windows\System32\browser.dll
17:41:13.0472 0x14bc  Browser - ok
17:41:13.0476 0x14bc  [ A8F23D453A424FF4DE04989C4727ECC7, AE4A9081395C7379F1C947EF8243F7609F90C843E086B8E77E1A2C06E36D4381 ] BthAvrcpTg      C:\Windows\System32\drivers\BthAvrcpTg.sys
17:41:13.0477 0x14bc  BthAvrcpTg - ok
17:41:13.0481 0x14bc  [ 746B9F94214915AECDE4B7FEA5FF9664, EA2877D49DB4B7B9CE61653D63E8776DFF1CBCCAB12C14DB1D20DA44B8F06357 ] BthHFEnum       C:\Windows\System32\drivers\bthhfenum.sys
17:41:13.0483 0x14bc  BthHFEnum - ok
17:41:13.0486 0x14bc  [ 71FE2A48E4C93DDB9798C024880B6C07, 8E93DE29C61A5FA64216231228CB3C4A1A693FE87CAA2C070BCAD7BE2D8ED000 ] bthhfhid        C:\Windows\System32\drivers\BthHFHid.sys
17:41:13.0487 0x14bc  bthhfhid - ok
17:41:13.0491 0x14bc  [ 07E33226AD218A2A162662A05CAFB52F, 0AC3D8B79EDA6DA232FA4E1CAF6592420A9EDE96350D1F0504C2434261684F0B ] BTHMODEM        C:\Windows\System32\drivers\bthmodem.sys
17:41:13.0493 0x14bc  BTHMODEM - ok
17:41:13.0499 0x14bc  [ E5E48FEED73D463175EAB1542495191C, 0A8182F5BA7B694AB1DD3680F1194E4A568FE40DBA4BFDFF2EA09BAD045FFB29 ] bthserv         C:\Windows\system32\bthserv.dll
17:41:13.0501 0x14bc  bthserv - ok
17:41:13.0508 0x14bc  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys
17:41:13.0512 0x14bc  ccSet_N360 - ok
17:41:13.0517 0x14bc  [ 2FA6510E33F7DEFEC03658B74101A9B9, 61C8C8E3F09B427711464C974EE22E1E01C48E10DB54A4EC9901F482FC36C978 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:41:13.0520 0x14bc  cdfs - ok
17:41:13.0526 0x14bc  [ C6796EA22B513E3457514D92DCDB1A3D, 2B893F3950C6B913B934C2089B69F3B0B77F229AE1820907E598455CBB78139C ] cdrom           C:\Windows\System32\drivers\cdrom.sys
17:41:13.0530 0x14bc  cdrom - ok
17:41:13.0536 0x14bc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:41:13.0540 0x14bc  CertPropSvc - ok
17:41:13.0544 0x14bc  [ BE9936EDD3267FAAFF94A7835867F00B, 3CEEF2377D45ED38C7CD3CE4C746EC5EA7277EFEC728A5438F0EF5F62FC7C859 ] circlass        C:\Windows\System32\drivers\circlass.sys
17:41:13.0545 0x14bc  circlass - ok
17:41:13.0557 0x14bc  [ 7F006813C2AFE622C13D7AF94F56CD07, 9F4AEEE19B44F4117BE036F1475CE2E91ED740EB7D8D38364F9724517F777482 ] CLFS            C:\Windows\system32\drivers\CLFS.sys
17:41:13.0564 0x14bc  CLFS - ok
17:41:13.0571 0x14bc  [ EF6EF85DADC3184A10D8F2F7159973CB, 42FCB286CED95A5DEBC5C0C894FCBC4818A2C818BB71087142FB51A08A0BE96B ] CmBatt          C:\Windows\System32\drivers\CmBatt.sys
17:41:13.0572 0x14bc  CmBatt - ok
17:41:13.0586 0x14bc  [ 825BE21E6395E00698D8A23955A87972, 303F10C3BA72ABB3BA27D08968B10E8EB03FFB6951943B0E9DD35CF48BB72578 ] CNG             C:\Windows\system32\Drivers\cng.sys
17:41:13.0598 0x14bc  CNG - ok
17:41:13.0603 0x14bc  [ 03AAED827C36F35D70900558B8274905, 8E44A23C6013FFAE7769F99CAA3B1D6288DE00A38937F9056903AC265B503AFA ] CompositeBus    C:\Windows\System32\drivers\CompositeBus.sys
17:41:13.0605 0x14bc  CompositeBus - ok
17:41:13.0608 0x14bc  COMSysApp - ok
17:41:13.0611 0x14bc  [ A1FF7DFBFBE164CF92603C651D304DD2, 470ACE5A75E64FC62C950037201199857E974803625DC73BEDBCF6FA4DDD496C ] condrv          C:\Windows\system32\drivers\condrv.sys
17:41:13.0613 0x14bc  condrv - ok
17:41:13.0619 0x14bc  [ 0EFE4B5884A8032617826A4D76F80969, 083D296CC623C83D36A97AEE343ADF819B17E490F931DBE4D161BD1E8C289E02 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:41:13.0622 0x14bc  CryptSvc - ok
17:41:13.0626 0x14bc  [ 315BA4BC19316D72B2E037534E048B93, 69613635DB23E6A935673B1025C2010ED3E195473D25368CF74234C4C36910BE ] dam             C:\Windows\system32\drivers\dam.sys
17:41:13.0628 0x14bc  dam - ok
17:41:13.0632 0x14bc  [ C6E1C081C0849E08FECEC18DF73B10C4, B5E552F4744C91836CBAF3F62CB861C1D9422721870D11B5CCE21B45E384985A ] dc3d            C:\Windows\System32\drivers\dc3d.sys
17:41:13.0634 0x14bc  dc3d - ok
17:41:13.0654 0x14bc  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:41:13.0670 0x14bc  DcomLaunch - ok
17:41:13.0684 0x14bc  [ F4CCAADC2C78F57E4F16B24C9201CE22, B76A5C487A814CB986FE8CC398FB7493C9EAB9ACC933A3C35384FA447092EF00 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:41:13.0693 0x14bc  defragsvc - ok
17:41:13.0706 0x14bc  [ 0BC71D4D3B5883903C37BF4E13B0F0C5, C5EC2AD001FB7E72D3D12DBADFE01C308ACCB7426E0B90CCB3ECE2DE49D5E7D4 ] DeviceAssociationService C:\Windows\system32\das.dll
17:41:13.0713 0x14bc  DeviceAssociationService - ok
17:41:13.0719 0x14bc  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] DeviceInstall   C:\Windows\system32\umpnpmgr.dll
17:41:13.0723 0x14bc  DeviceInstall - ok
17:41:13.0729 0x14bc  [ 5DB26D7E0216D0BF364A81D3829AD7B9, FD786D530EA9ADBCB48782FE091E926505A83F2BF3B4181A3D4EDFAA991C4E5E ] Dfsc            C:\Windows\system32\Drivers\dfsc.sys
17:41:13.0732 0x14bc  Dfsc - ok
17:41:13.0742 0x14bc  [ 8B107F55FD61654A6C9F1B819AEC5FC4, 773B1B9D3583F17B7C89BDE1EC4487ABB0AE039DF4583F8746460425443DA291 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:41:13.0750 0x14bc  Dhcp - ok
17:41:13.0755 0x14bc  [ 4D40C9B33F738797CF50E77CB7C53E85, 7BA341342A47DEB15B51971C97A5237ACD8BDAD9033F63DF0000892BE43F8E13 ] disk            C:\Windows\system32\drivers\disk.sys
17:41:13.0757 0x14bc  disk - ok
17:41:13.0760 0x14bc  [ EB70A894708D1BC176AFD690FF06085F, 0DD2A97F5E1B38D1F7C0D44E50F09EA222B18B3B074CC9C8CD25A7526CB1A112 ] dmvsc           C:\Windows\System32\drivers\dmvsc.sys
17:41:13.0761 0x14bc  dmvsc - ok
17:41:13.0769 0x14bc  [ 5BAF7714E68F93515A937A3FA8587EF9, DD9296F75341EF96D514139DD8A8680B332E9B9D476368AB897FDA2D5D674E60 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:41:13.0775 0x14bc  Dnscache - ok
17:41:13.0785 0x14bc  [ 50288EA079BB520C2B8C8A154202D518, 8916A9180CA009D124FFDFB4CCF5FDFEF7FA2FD37CBCD49FAD4C68E051B4734D ] dot3svc         C:\Windows\System32\dot3svc.dll
17:41:13.0791 0x14bc  dot3svc - ok
17:41:13.0798 0x14bc  [ 281BEE07BA97E3E98D12A822D923D0D8, 6EB482B2D4D6048D145C3738B2B6FA27A90B5EA53E9167447820F9981B004E63 ] DPS             C:\Windows\system32\dps.dll
17:41:13.0801 0x14bc  DPS - ok
17:41:13.0804 0x14bc  [ DDC11A202207C0400CBE07315B8FDE5E, 3ED0CA3A714582D92001BA3BFF78BE082F4DC8021298D5A2632F3B2B0A1C09DC ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:41:13.0805 0x14bc  drmkaud - ok
17:41:13.0812 0x14bc  [ 5B074F14F5DD6418F46EE4CA2DEB7EA8, B8223D73C3DE123759101F7D5D45C60BD12B221F09D349575A1044CE3F43CBC5 ] DsmSvc          C:\Windows\System32\DeviceSetupManager.dll
17:41:13.0817 0x14bc  DsmSvc - ok
17:41:13.0851 0x14bc  [ 13B160C1913F012BD1615EB1398D3779, 2B5786AAEC845156D28ABDAA77347844D39F33DF53F2C96ACEF38A668ADFF422 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:41:13.0881 0x14bc  DXGKrnl - ok
17:41:13.0888 0x14bc  [ 6073537F250B45E1CB2A02E97F0FE1B2, 653F3F2F2019168EDF225944A88AFDBF8393B62AA076BD19980691778F3DB67D ] Eaphost         C:\Windows\System32\eapsvc.dll
17:41:13.0891 0x14bc  Eaphost - ok
17:41:13.0964 0x14bc  [ 114BCFDF367FF37C3F1B0A96AF542E4D, D385BC1D91BC1406091C8C3691C07A90BD60EDE05B1384E5AA3506FCB909C857 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:41:14.0030 0x14bc  ebdrv - ok
17:41:14.0046 0x14bc  [ 1B7AA375F711F66D5FF2B855F9EC987F, 151E3897A31F0E828D08EBBB9C10A60047B48534BB38349EF1C8D9245524CA58 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:41:14.0056 0x14bc  eeCtrl - ok
17:41:14.0060 0x14bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] EFS             C:\Windows\System32\lsass.exe
17:41:14.0062 0x14bc  EFS - ok
17:41:14.0067 0x14bc  [ 43531A5993380CC5113242C29D265FD9, EE0076D96F7F3CF29884AC7A67C08A429115A7201354A1FB5DE45FD63ABB4960 ] EhStorClass     C:\Windows\system32\drivers\EhStorClass.sys
17:41:14.0069 0x14bc  EhStorClass - ok
17:41:14.0074 0x14bc  [ 6F8E738A9505A388B1157FDDE7B3101B, 3696CA634102B41EEA11EB9DCA0B24439D8636AED4A7190C138C5E64A2EFB514 ] EhStorTcgDrv    C:\Windows\system32\drivers\EhStorTcgDrv.sys
17:41:14.0077 0x14bc  EhStorTcgDrv - ok
17:41:14.0083 0x14bc  [ 7230C8B80DDE1F0524C353240B78CC0E, 15F73EBFB9152010E7736AFE518A47C209E17DDB347A40C4CDA0D9BBD26D1176 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:41:14.0086 0x14bc  EraserUtilRebootDrv - ok
17:41:14.0089 0x14bc  [ DFFFAE1442BA4076E18EED5E406FA0D3, 329FC6FB8D14BEACDBE2A5D4C496EDEA485E838B1DF27566E278F8F8E0D8E82E ] ErrDev          C:\Windows\System32\drivers\errdev.sys
17:41:14.0089 0x14bc  ErrDev - ok
17:41:14.0105 0x14bc  [ 030CE75B7D8F75FAA7BA1EC6FD0EB5A3, 5264734F0572FAEDCCB008221C9982CCB7922C4FFC358605424EA413CDCDAE99 ] EventSystem     C:\Windows\system32\es.dll
17:41:14.0114 0x14bc  EventSystem - ok
17:41:14.0121 0x14bc  [ 7729D294A555C7AEB281ED8E4D0E01E4, 7269E79D72CCE477AC108294D0DDFB59CF533B03C587599C5AB0507C43A0B6D4 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:41:14.0126 0x14bc  exfat - ok
17:41:14.0133 0x14bc  [ 7C4E0D5900B2A1D11EDD626D6DDB937B, 732F310F8F6016C56F432A81636B13CE0124A802FE8DD91287B618EED22C9A1D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:41:14.0138 0x14bc  fastfat - ok
17:41:14.0154 0x14bc  [ 2BC8532ABF2B3756B78FA1DA54147DDE, DF65EE2AB0255A2CF3221085A6BE7C37E3DB6BFEED3BCADCDD69BB1049F6DCB1 ] Fax             C:\Windows\system32\fxssvc.exe
17:41:14.0168 0x14bc  Fax - ok
17:41:14.0172 0x14bc  [ 5D8402613E778B3BD45E687A8372710B, EE9EA10805168D309A609B9019AEC5961EE46D18207B5E0EA2DE4064A5770AF8 ] fdc             C:\Windows\System32\drivers\fdc.sys
17:41:14.0173 0x14bc  fdc - ok
17:41:14.0176 0x14bc  [ DC1A78BCCCB7EE53D6FD3BD615A8E222, EE16B6853185AAE779D7135035983938009901658F76A8856AAC12EBA15BB34E ] fdPHost         C:\Windows\system32\fdPHost.dll
17:41:14.0177 0x14bc  fdPHost - ok
17:41:14.0181 0x14bc  [ E5AD448F2DC84B1CF387FA7F2A3D1936, BBB29C79A085C503F5EFFB5144596D5DEC48A4EB34A049A4E7B38B27F6D92E0A ] FDResPub        C:\Windows\system32\fdrespub.dll
17:41:14.0182 0x14bc  FDResPub - ok
17:41:14.0187 0x14bc  [ 0046E0BD031213D37123876B0D0FA61C, A4FE17D56F0BAFB70D0D421ED9D1B6E50AF8ADAA4B59328A41AEC5B4C068A3CB ] fhsvc           C:\Windows\system32\fhsvc.dll
17:41:14.0190 0x14bc  fhsvc - ok
17:41:14.0194 0x14bc  [ 957A7A8F5ACCAF23DD9DFF6DAA393CE5, 85D1AC25CF8056FF303930A7E18DE5F7C3AEE429272CB791BD6F81F1DAFB7D8A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:41:14.0196 0x14bc  FileInfo - ok
17:41:14.0199 0x14bc  [ A1A66C4FDAFD6B0289523232AFB7D8AF, 0F5832F626BB62190D5F3A088CE6E048D8A400CCF9EA527F06973CAD96D3A81C ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:41:14.0200 0x14bc  Filetrace - ok
17:41:14.0203 0x14bc  [ BE743083CF7063C486A4398E3AEFE59A, 85796D89943DD6FE3932C1ED6CF01470C1B4DFD243C390B07055FFDA3C231551 ] flpydisk        C:\Windows\System32\drivers\flpydisk.sys
17:41:14.0205 0x14bc  flpydisk - ok
17:41:14.0214 0x14bc  [ 60D5067FCE6D9433D35E04C01D8538B3, 2D97E9E8FF18CF564DE8E70F68B56F0177DC6C0E9EEB7E1C58BBDF42456CB0D8 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:41:14.0221 0x14bc  FltMgr - ok
17:41:14.0252 0x14bc  [ 183CA7699474FDE235853967D1DA4D9B, 8FBD5997F1E39AFFD8C4322520DF4D2227279B5149017D825C188D7411BA99AF ] FontCache       C:\Windows\system32\FntCache.dll
17:41:14.0279 0x14bc  FontCache - ok
17:41:14.0284 0x14bc  [ 35005534E600E993A90B036E4E599F2B, DA56FA3776FBD3D50276CB7410E0CB6F137DD8FCA84C0F3FEF8B1FEA5F6CA592 ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:41:14.0286 0x14bc  FsDepends - ok
17:41:14.0289 0x14bc  [ 09F460AFEDCA03F3BF6E07D1CCC9AC42, B832091BC9B2C2FE38A4BCA132ABB58251E851F21EC6F39636E73777AB9A5791 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:41:14.0290 0x14bc  Fs_Rec - ok
17:41:14.0304 0x14bc  [ 83E1F0983B02A6F8EC764D18E24ECF10, B5CA3FCB442697681C513FB37C6BB74D7A72B67DC65E2FCA93A7F9E81B63EAAC ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:41:14.0316 0x14bc  fvevol - ok
17:41:14.0320 0x14bc  [ 9591D0B9351ED489EAFD9D1CE52A8015, AC64C236C3AE545FCE8ED44A4A87FB86265A453BA60026EC9A4DE2B631E99996 ] FxPPM           C:\Windows\System32\drivers\fxppm.sys
17:41:14.0321 0x14bc  FxPPM - ok
17:41:14.0325 0x14bc  [ FC3EF65EE20D39F8749C2218DBA681CA, 12980F1DE99B25E6920A33556F3ABDA5EC9BFE4757BE602130B5E939D8D25CE3 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:41:14.0327 0x14bc  gagp30kx - ok
17:41:14.0331 0x14bc  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
17:41:14.0332 0x14bc  GEARAspiWDM - ok
17:41:14.0335 0x14bc  [ 0BF5CAD281E25F1418E5B8875DC5ADD1, 0929AD8437DD78234553D8B2CDF0D6838FD54ACDE1918AFEBE48684EB32A07A3 ] gencounter      C:\Windows\System32\drivers\vmgencounter.sys
17:41:14.0336 0x14bc  gencounter - ok
17:41:14.0342 0x14bc  [ FDA72810CA2F8409D9B31E833C448E34, FC24350E875D2AF2A41DB5EF0BFE4F876DADEACCC0B34B9B9C9B2CA185CBAE87 ] GPIOClx0101     C:\Windows\system32\Drivers\msgpioclx.sys
17:41:14.0346 0x14bc  GPIOClx0101 - ok
17:41:14.0376 0x14bc  [ 0BDE0FCF597E9B65600121EF54FF8340, DA5C96E84E05AD09251C82B4BFEDE274342409803730CEBF24EEAD0DCD42DA7E ] gpsvc           C:\Windows\System32\gpsvc.dll
17:41:14.0402 0x14bc  gpsvc - ok
17:41:14.0409 0x14bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:14.0411 0x14bc  gupdate - ok
17:41:14.0416 0x14bc  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:41:14.0418 0x14bc  gupdatem - ok
17:41:14.0430 0x14bc  [ 56F69F7C25FB67C970997D7066DBC593, 83E03A82237DCC5BCB3E722ACECACEF3510CAA619F33E0D7C4D902A482E90418 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:41:14.0438 0x14bc  HdAudAddService - ok
17:41:14.0443 0x14bc  [ 03909BDBFF0DCACCABF2B2D4ADEE44DC, 42E631B23BB004F5C2128BAD334C21AB20FAD08AFED9E8191AE9373531BC73DD ] HDAudBus        C:\Windows\System32\drivers\HDAudBus.sys
17:41:14.0445 0x14bc  HDAudBus - ok
17:41:14.0448 0x14bc  [ 10A70BC1871CD955D85CD88372724906, 2480A74854D0A89FF028EE9BA41224D4B2F9B0863066BFC43097920794FEE08D ] HidBatt         C:\Windows\System32\drivers\HidBatt.sys
17:41:14.0449 0x14bc  HidBatt - ok
17:41:14.0454 0x14bc  [ 1EA1B4FABB8CC348E73CA90DBA22E104, 5C18C6BD499272F216DD4626B5E8D38181AEAC9AD917FBEB614A75B70467B258 ] HidBth          C:\Windows\System32\drivers\hidbth.sys
17:41:14.0456 0x14bc  HidBth - ok
17:41:14.0460 0x14bc  [ C241A8BAFBBFC90176EA0F5240EACC17, 571E20B87818618BE9179986177D55739A240F04D1F740B3C1B7809B9427B767 ] hidi2c          C:\Windows\System32\drivers\hidi2c.sys
17:41:14.0461 0x14bc  hidi2c - ok
17:41:14.0465 0x14bc  [ 9BDDEE26255421017E161CCB9D5EDA95, B766FD5E31708F29384F69418FC33C4BCC6E3064AA553D5B1D30EE0B8B1BFB40 ] HidIr           C:\Windows\System32\drivers\hidir.sys
17:41:14.0466 0x14bc  HidIr - ok
17:41:14.0469 0x14bc  [ 449A20A674AA3FAA7F0DD4E33EE2DC20, 28B9BDA306456E8640C355718DE3477537B0FAF8C37F633C709129AAB64D9873 ] hidserv         C:\Windows\system32\hidserv.dll
17:41:14.0471 0x14bc  hidserv - ok
17:41:14.0474 0x14bc  [ F31397220D9687E11EB448649AA6E038, 671ACEAA8E00E0D4ED7E33D06A4558121DA4F56EB94F1CBC16FEB2EF3852F7A5 ] HidUsb          C:\Windows\System32\drivers\hidusb.sys
17:41:14.0475 0x14bc  HidUsb - ok
17:41:14.0480 0x14bc  [ 7BF3ADCBD021D4F4A84CF40EB49C71B5, 5758A51FD2EBE67E6DBE3A298D714D351910F9E01C428D0C1359457C9242B298 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:41:14.0483 0x14bc  hkmsvc - ok
17:41:14.0491 0x14bc  [ 6CD9C3819BE8C0A3DACC82AE5D3C4F18, 46BF4A968E506DE17CA401401D716B444CDC10A5C60EB081890DD4B886AEDF5F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:41:14.0497 0x14bc  HomeGroupListener - ok
17:41:14.0508 0x14bc  [ BE5F89BAFBD4272D5A0C0A37B97865ED, 2F80CE6D123FEED9FA7B00ACF7547FF77E0E6FDC5243942E83BE308C46D414C6 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:41:14.0516 0x14bc  HomeGroupProvider - ok
17:41:14.0521 0x14bc  [ A6AACEA4C785789BDA5912AD1FEDA80D, D197012A5DA6AB3F76FF298336DF0CF027C07ECC71267BAEF5912DE12893E096 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:41:14.0522 0x14bc  HpSAMD - ok
17:41:14.0545 0x14bc  [ 3502776E366C913D49C0DA928AE3E6CB, 3FB452F640B78AEDFBC09188F25C566949660163732A180331226A93DB08F26C ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:41:14.0565 0x14bc  HTTP - ok
17:41:14.0569 0x14bc  [ 90656C0B3864804B090434EFC582404F, BDB60050B729AACB9E009AC7129BEBD6298BBD8A9DB14B817D02E8E13669BD6E ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:41:14.0570 0x14bc  hwpolicy - ok
17:41:14.0573 0x14bc  [ 6D6F9E3BF0484967E52F7E846BFF1CA1, C982966BDE6A3E6773D9441ADA7A3B08D13511DFC68D04DF303248B942423F38 ] hyperkbd        C:\Windows\System32\drivers\hyperkbd.sys
17:41:14.0574 0x14bc  hyperkbd - ok
17:41:14.0577 0x14bc  [ 907C870F8C31F8DDD6F090857B46AB25, 308664A31717383D06185875E76C6612407A9F04E7DB28404F574A5706C6715D ] HyperVideo      C:\Windows\system32\DRIVERS\HyperVideo.sys
17:41:14.0578 0x14bc  HyperVideo - ok
17:41:14.0583 0x14bc  [ 84CFC5EFA97D0C965EDE1D56F116A541, 0155EA62BF07D99D98D1C9B6559C8E3301B016A20D03DF1EF64B2FAB8C37403B ] i8042prt        C:\Windows\System32\drivers\i8042prt.sys
17:41:14.0585 0x14bc  i8042prt - ok
17:41:14.0589 0x14bc  [ 5D90E32E36CE5D4C535D17CE08AEAF05, 976A463343E8C8308AFBE9E64DF56C430D2241DE002430D00318AB065EB72E4A ] iaLPSSi_GPIO    C:\Windows\System32\drivers\iaLPSSi_GPIO.sys
17:41:14.0590 0x14bc  iaLPSSi_GPIO - ok
17:41:14.0594 0x14bc  [ DD05E7E80F52ADE9AEB292819920F32C, E71AB6A50B0F90C8F94569CE89F66F915A0A4A00D4AC091B2E5E750D88CFC334 ] iaLPSSi_I2C     C:\Windows\System32\drivers\iaLPSSi_I2C.sys
17:41:14.0597 0x14bc  iaLPSSi_I2C - ok
17:41:14.0613 0x14bc  [ 08BFE413B0B4AA8DFA4B5684CE06D3DC, 95DEEBB203E12EE6E191F5247A74C04AEC0E16DE981FADDC4D6C42EE41D8D079 ] iaStorAV        C:\Windows\system32\drivers\iaStorAV.sys
17:41:14.0626 0x14bc  iaStorAV - ok
17:41:14.0638 0x14bc  [ A2200C3033FA4EF249FC096A7A7D02A2, 5819F5C2020DE2EEE339B0C08CD4B1E3490EAFBBEA1277CE649DB5A5150986B0 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:41:14.0647 0x14bc  iaStorV - ok
17:41:14.0661 0x14bc  [ DAAA22256BCA5E6EB74CD379F3092AAA, B2F8990EE059F201A9EA7C05B56A3FA7EE99EA148240F2997DF2B0DFB2FC9071 ] IDSVia64        C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140317.001\IDSvia64.sys
17:41:14.0672 0x14bc  IDSVia64 - ok
17:41:14.0675 0x14bc  IEEtwCollectorService - ok
17:41:14.0700 0x14bc  [ B82255670D270B75D2D2F0F8747D1443, C40E151AC3FBF289456A4AD9E5744B314067ADA03FE729970410931904305F51 ] IKEEXT          C:\Windows\System32\ikeext.dll
17:41:14.0722 0x14bc  IKEEXT - ok
17:41:14.0727 0x14bc  [ 4E448FCFFD00E8D657CD9E48D3E47157, 4A958CF0BF8DAEAE5E008500BA67CE89B21388592811274331EE39CAC1043A00 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:41:14.0728 0x14bc  intelide - ok
17:41:14.0732 0x14bc  [ 139CFCDCD36B1B1782FD8C0014AC9B0E, E0D7E0E9B46A8CECE138D689820023BFA650FB689E4FD62855BED37E04F2D9FF ] intelpep        C:\Windows\system32\drivers\intelpep.sys
17:41:14.0733 0x14bc  intelpep - ok
17:41:14.0737 0x14bc  [ 47E74A8E53C7C24DCE38311E1451C1D9, 79B06E37A552C8A847404D4C572CDB8CF525354D8AE3BEBC06892B7C3B330761 ] intelppm        C:\Windows\System32\drivers\intelppm.sys
17:41:14.0739 0x14bc  intelppm - ok
17:41:14.0744 0x14bc  [ 9DB76D7F9E4E53EFE5DD8C53DE837514, 07BA4EDA9BE9139A689A2C3EFC1D1A4F3D1216625ED145F313398292A2CD5703 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:41:14.0746 0x14bc  IpFilterDriver - ok
17:41:14.0768 0x14bc  [ DFC4050D58565ADBEE793A8D4AEBDAE6, 89B900408F030CD45753A11D6AE6CBAB87E8B0E3F8401402D2D8713C045BF488 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:41:14.0785 0x14bc  iphlpsvc - ok
17:41:14.0790 0x14bc  [ 9949A3C7590B8C536C05312205079A82, 9276A09D5F910AE8358A96505AB3F66C514870944D58B63B71D5E96567D1E6BB ] IPMIDRV         C:\Windows\System32\drivers\IPMIDrv.sys
17:41:14.0793 0x14bc  IPMIDRV - ok
17:41:14.0798 0x14bc  [ B7342B3C58E91107F6E946A93D9D4EFD, D5DA3C02C5C5A343785745EF6983CC9B5FBD3FB8D49FE9B450523E50212D1A32 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:41:14.0802 0x14bc  IPNAT - ok
17:41:14.0818 0x14bc  [ 842D1EDD0F2A6E0E6631BB96BAAA01DE, 9CDD0B99F2C5DAD573A9EA8D5AB2DBFD7A941454CBBA5BFE34E49F2D4EE96A90 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
17:41:14.0830 0x14bc  iPod Service - ok
17:41:14.0834 0x14bc  [ AE44C526AB5F8A487D941CEB57B10C97, A783A2EAF7A6FF450FB3F189A5930036FA60D125C42171AC44B6FE2E3DBD6F7A ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:41:14.0835 0x14bc  IRENUM - ok
17:41:14.0838 0x14bc  [ 8AFEEA3955AA43616A60F133B1D25F21, E99359A4F1D653790133F145CF7C9F97399FD75C5E135AA7E5F989BB660789AF ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:41:14.0839 0x14bc  isapnp - ok
17:41:14.0848 0x14bc  [ 034D4BD9DC67C64F3A4C8A049B5173BF, C68AF5A5AD4092AA1C871BD38473AEF84EC3ECF4D06FBEB5F6C09972EF1B8A81 ] iScsiPrt        C:\Windows\System32\drivers\msiscsi.sys
17:41:14.0853 0x14bc  iScsiPrt - ok
17:41:14.0858 0x14bc  [ 8BE92376799B6B44D543E8D07CDCF885, 425B8BB1BAF62F735B3CB5A002E6055879F02E7207E55942BFD37F1784F5F368 ] kbdclass        C:\Windows\System32\drivers\kbdclass.sys
17:41:14.0859 0x14bc  kbdclass - ok
17:41:14.0863 0x14bc  [ FB6E47E569D4872ABEB506BE03A45FBA, 5C4056CADA8F67587A119D9AE2A0EFAB30387CF6298F4019FF68AC92E2F6F54B ] kbdhid          C:\Windows\System32\drivers\kbdhid.sys
17:41:14.0864 0x14bc  kbdhid - ok
17:41:14.0867 0x14bc  [ 813871C7D402A05F2E3A7075F9584A05, FF0C2F87EB083F8CE74C679D80C845CDFBFBBC70BE818F899F3336BBB54A3FFB ] kdnic           C:\Windows\system32\DRIVERS\kdnic.sys
17:41:14.0868 0x14bc  kdnic - ok
17:41:14.0871 0x14bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] KeyIso          C:\Windows\system32\lsass.exe
17:41:14.0873 0x14bc  KeyIso - ok
17:41:14.0877 0x14bc  [ ADDECBCC777665BD113BED437E602AB0, B6283475A1219CE44E9F683DD3BEB8C42DA0943297E5C4699B22176AD8A6A7ED ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:41:14.0879 0x14bc  KSecDD - ok
17:41:14.0886 0x14bc  [ 7296EA420134EAC390798B3232D066A4, 1F5D51EEFD389706660DFB4DB4BF3EC570BEC7097CEB5CAE70EFFE35C3255346 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:41:14.0890 0x14bc  KSecPkg - ok
17:41:14.0893 0x14bc  [ 11AFB527AA370B1DAFD5C36F35F6D45F, 757AD234284467ADB826F7CA0251F58D48866B91995BC867DEA4BAF676947163 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:41:14.0894 0x14bc  ksthunk - ok
17:41:14.0904 0x14bc  [ 32B1A8351160F307A8C66BCB0F94A9C2, 52F1DEC2BBD4D5DDBB85ED20B99D96BBA7EB83304D76F183A11FDAFDA364E873 ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:41:14.0912 0x14bc  KtmRm - ok
17:41:14.0922 0x14bc  [ 27B58E16CF895AC1F1A97C04814C2239, D4336155331DDBF91952CDC6C446C68FF524F979099BA8D9B3A578758F97B2BE ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:41:14.0929 0x14bc  LanmanServer - ok
17:41:14.0938 0x14bc  [ D0D9C2ECA4D03A8F06DCD91236B90C98, E2D1144DC8040EA5FEB0602A20BA4CB920B4BC86AD5AD05FC0DF7D74DC95DC66 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:41:14.0945 0x14bc  LanmanWorkstation - ok
17:41:14.0955 0x14bc  [ D186AAAE72691136BDE00BBB41F48D12, C64885A726C0642C92BC4993667696DFEC8D284C20872D58E49786EE280A01ED ] LBTServ         C:\Program Files\Common Files\LogiShrd\Bluetooth\lbtserv.exe
17:41:14.0963 0x14bc  LBTServ - ok
17:41:14.0969 0x14bc  [ 015BABFCD2E911C505204257DAB5ADC5, 94239919E967ABA12394D445E2D126447B5B7FB042DB95B1CCB280AF02D93833 ] LEqdUsb         C:\Windows\system32\DRIVERS\LEqdUsb.Sys
17:41:14.0971 0x14bc  LEqdUsb - ok
17:41:14.0983 0x14bc  [ EE289BD147FDFF95EF1B9BD65D3B974A, EFD9D0F6C73E7D2D52DBE2E2A8D3009BFB6AB24776A100CA528A8365002C6105 ] lfsvc           C:\Windows\System32\GeofenceMonitorService.dll
17:41:14.0994 0x14bc  lfsvc - ok
17:41:14.0997 0x14bc  [ 20A23B8863AAA8A23EEB9E2919F529FD, 5DD7C780346DA6A36AB55B38109167B3BE138713C5A7C913BFED2B61F34E8BA1 ] LHidEqd         C:\Windows\system32\DRIVERS\LHidEqd.Sys
17:41:14.0998 0x14bc  LHidEqd - ok
17:41:15.0002 0x14bc  [ 77D5786C6A7765503884E38706C9FD5E, 827DC2069AA0997DB87E118AAAA53575D97A89147C1451464986F8D68A329D41 ] LHidFilt        C:\Windows\system32\DRIVERS\LHidFilt.Sys
17:41:15.0004 0x14bc  LHidFilt - ok
17:41:15.0008 0x14bc  [ C09010B3680860131631F53E8FE7BAD8, 35F2A06D5F29478D22ABDCC20DA893EF9D96504C65594A0CEA674D1C21B04FF8 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:41:15.0010 0x14bc  lltdio - ok
17:41:15.0018 0x14bc  [ 00E070FC0C673311AFD4B068D1242780, 50B0E0E625361145332C849709498FF444E46578DCAD2536E6D0289E0125580F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:41:15.0024 0x14bc  lltdsvc - ok
17:41:15.0027 0x14bc  [ D113FAD71A5E67AA94B32A0F8828D265, 08DDB4BBDB570C59926DBF5E27FCF46DCDF8B8212BB9251E97837E0504516FB3 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:41:15.0029 0x14bc  lmhosts - ok
17:41:15.0033 0x14bc  [ F84023FB2E3DEA06103501974A2EDB44, 38144EB7DE7F0B33F9C3E637715834CD0860CCE11915C77065000949767D98DF ] LMouFilt        C:\Windows\system32\DRIVERS\LMouFilt.Sys
17:41:15.0034 0x14bc  LMouFilt - ok
17:41:15.0040 0x14bc  [ C755AE4635457AA2A11F79C0DF857ABC, E03D1ACAC155287291FE1BD0B653953ADC94279A74D0152088D698FAA796460F ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:41:15.0043 0x14bc  LSI_SAS - ok
17:41:15.0047 0x14bc  [ ADAC09CBE7A2040B7F68B5E5C9A75141, 7865DA7E91404F3642BC444B97F6B7AA42B9523D5EDD7F6365DA236B8EC3410F ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:41:15.0050 0x14bc  LSI_SAS2 - ok
17:41:15.0054 0x14bc  [ 04D1274BB9BBCCF12BD12374002AA191, 4B9618F8D25F2278DE1610A70ACAADB074D171D162C3AF27D464F5DC800A8E60 ] LSI_SAS3        C:\Windows\system32\drivers\lsi_sas3.sys
17:41:15.0057 0x14bc  LSI_SAS3 - ok
17:41:15.0061 0x14bc  [ 327469EEF3833D0C584B7E88A76AEC0C, 3D88B5A2D68F93F01B39C6E3D8D5C7A2A20686EFC756086E66AFFF1BC3019B85 ] LSI_SSS         C:\Windows\system32\drivers\lsi_sss.sys
17:41:15.0063 0x14bc  LSI_SSS - ok
17:41:15.0081 0x14bc  [ B6B69FF200F68888A7FAFDF204D00C91, 4C9BA7B8646C74AE1E49F513EF426930C09969F29F1533D84D020B414BB1609B ] LSM             C:\Windows\System32\lsm.dll
17:41:15.0095 0x14bc  LSM - ok
17:41:15.0101 0x14bc  [ 5EF604B0698F4FA962778285E8C5F1F2, 0465BDAB7EFBE9CC648E7E736B0B8BE152BD2FAB0917F6306675B9039C77F454 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:41:15.0104 0x14bc  luafv - ok
17:41:15.0108 0x14bc  [ EB5C03A070F30D64A6DF80E53B22F53F, 12051B6AEBDEE1E28F24364F25A52BA3A6E282ECF86D6290E34BD38E6D4E066D ] megasas         C:\Windows\system32\drivers\megasas.sys
17:41:15.0109 0x14bc  megasas - ok
17:41:15.0125 0x14bc  [ F6F13533196DE7A582D422B0241E4363, B3CD9B08937AFFF12141B38634AF3A56F5AC5FF3EF03941802B9841DEC559469 ] megasr          C:\Windows\system32\drivers\megasr.sys
17:41:15.0136 0x14bc  megasr - ok
17:41:15.0141 0x14bc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] MMCSS           C:\Windows\system32\mmcss.dll
17:41:15.0143 0x14bc  MMCSS - ok
17:41:15.0147 0x14bc  [ 8B38C44F69259987C95135C9627E2378, E698B82D4EFFF56D66C7FC9866369BA5736FDBDBE2028CC421C51E70DEA74727 ] Modem           C:\Windows\system32\drivers\modem.sys
17:41:15.0148 0x14bc  Modem - ok
17:41:15.0151 0x14bc  [ 601589000CC90F0DF8DA2CC254A3CCC9, D1238A386C41B6C368D9A44B7C112C943995B5403E2A5B4B7346B266DDB0C5A0 ] monitor         C:\Windows\System32\drivers\monitor.sys
17:41:15.0152 0x14bc  monitor - ok
17:41:15.0155 0x14bc  [ CEAC6D40FE887CE8406C2393CF97DE06, 34E76908B802764FF0D7AB3AF89BE77BD35B44787983343FAD89891891C0A045 ] mouclass        C:\Windows\System32\drivers\mouclass.sys
17:41:15.0157 0x14bc  mouclass - ok
17:41:15.0160 0x14bc  [ 02D98BF804084E9A0D69D1C69B02CCA9, EC5BC5D87043DFFD035FD4DD27B3D94E03119063519E4151BCC3522B613E2D7F ] mouhid          C:\Windows\System32\drivers\mouhid.sys
17:41:15.0161 0x14bc  mouhid - ok
17:41:15.0166 0x14bc  [ 515549560D481138E6E21AF7C6998E56, C7E4B38D8CCAF15B9BDA63C8C8209F6193AD220DA02E1264F1B687AACD8F409F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:41:15.0168 0x14bc  mountmgr - ok
17:41:15.0172 0x14bc  [ F170510BE94CF45E3C6274578F6204B2, 344C3DDE1D622607CA2ABECB2C47CB0166D2D258BD94A7960C45A5ADBB640566 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:41:15.0174 0x14bc  mpsdrv - ok
17:41:15.0195 0x14bc  [ D186C5844393252147BE934F3871DB7A, 30160F8268B9F46E82C5CB536867E0CF280DC98074A481595072E3320200E343 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:41:15.0213 0x14bc  MpsSvc - ok
17:41:15.0219 0x14bc  [ 59DCEC7499095DE5AED741358037AE2D, 60C4CEBCAE27C121E9D63BD2BC3E5863A91ABC77616C56C10618273A8F9B6F61 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:41:15.0222 0x14bc  MRxDAV - ok
17:41:15.0233 0x14bc  [ 79B6F3DF7CDFD12159871FF71464F0CE, E01CDD5296237FB60D426784E1142B1AF2CEABDD7CB0B43C4798402C812A94D5 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:41:15.0242 0x14bc  mrxsmb - ok
17:41:15.0250 0x14bc  [ 295771B092D4F7FCF2B62F80CCD14320, 53655B5ABA43A6A9114FE545B88F84E52319B905B8393A51BD97678D3F94A178 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:41:15.0256 0x14bc  mrxsmb10 - ok
17:41:15.0263 0x14bc  [ AAF56E4E84D35411B4E446C445732DFE, 7AC41CAA0842AE4DA4EEF976202C58D7923DAA367F0D7E800D432323D5E7DE1A ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:41:15.0268 0x14bc  mrxsmb20 - ok
17:41:15.0273 0x14bc  [ 4E888019078AC363076A5433E89AA4F8, 3DEBDA290230B3E83F956C902C960E39463B7EFE86439199521356762769FD91 ] MsBridge        C:\Windows\system32\DRIVERS\bridge.sys
17:41:15.0276 0x14bc  MsBridge - ok
17:41:15.0281 0x14bc  [ A082C17D14D0790E27D064EA4B138AE1, 9A565ED885782D9D5135C8399C11C356DBF9EBF3B8EB4B4504BD2604AD0B45E6 ] MSDTC           C:\Windows\System32\msdtc.exe
17:41:15.0285 0x14bc  MSDTC - ok
17:41:15.0290 0x14bc  [ D13329FBF8345B28AB30F44CC247DC08, 9C7EC2D4D65E6510EB5B9E61BB0D14F725D7E8FE98D65161C3971E43EF1AB6EB ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:41:15.0291 0x14bc  Msfs - ok
17:41:15.0294 0x14bc  [ C6B474E46F9E543B875981ED3FFE6ADD, E16687E52FB649C23D92159A1F036CB662202C1E58D961EECDAA528AA4FA669A ] msgpiowin32     C:\Windows\System32\drivers\msgpiowin32.sys
17:41:15.0295 0x14bc  msgpiowin32 - ok
17:41:15.0298 0x14bc  [ 65C92EB9D08DB5C69F28C7FFD4E84E31, D709BA4723225321F665B1157A33A4AE230420752308EF535DA9A41CAC164628 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:41:15.0299 0x14bc  mshidkmdf - ok
17:41:15.0302 0x14bc  [ 52299F086AC2DAFD100DD5DC4A8614BA, B36BE0FC96798E5EB8C193C318970E3906961E3ABC3BFAAD73138C76D9A95B0B ] mshidumdf       C:\Windows\System32\drivers\mshidumdf.sys
17:41:15.0302 0x14bc  mshidumdf - ok
17:41:15.0305 0x14bc  [ 36D92AF3343C3A3E57FEF11C449AEA4C, ECC85AA1E530DF55B4A4545798219F87F0FCA66DDD2E37BCEF0850D3C9129DD2 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:41:15.0306 0x14bc  msisadrv - ok
17:41:15.0311 0x14bc  [ 810F8A0A0680662BB0CE44D0E2CEF90C, 5631B07911B7EF378CB1583A480A3C5715E59A5488B33A528F4D7A2F849B9113 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:41:15.0315 0x14bc  MSiSCSI - ok
17:41:15.0318 0x14bc  msiserver - ok
17:41:15.0321 0x14bc  [ A9BBBD2BAE6142253B9195E949AC2E8D, 599D2952D4E0B0B3E02D91E38A30F4900B1ADA330716B887B156A1CB9A3E6EE9 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:41:15.0322 0x14bc  MSKSSRV - ok
17:41:15.0326 0x14bc  [ 375E44168F2DFB91A68B8A3F619C5A7C, AC243E02E9A39D0B4DE9571F196941700EE6EB5E94F5B0BA8994FB551E73A7A8 ] MsLldp          C:\Windows\system32\DRIVERS\mslldp.sys
17:41:15.0328 0x14bc  MsLldp - ok
17:41:15.0330 0x14bc  [ 7B2128EB875DCBC006E6A913211006D6, 97BBD7FF770741FBFC0F181A609AD0954EA926DA203B742E8F08C89AD8FE476E ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:41:15.0331 0x14bc  MSPCLOCK - ok
17:41:15.0333 0x14bc  [ 1E88171579B218115C7A772F8DE04BD8, B9EAA835D0BF8F9C4DF8403D95EF1400E8AE38F28F9DBA87657DE2129FEF02D2 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:41:15.0334 0x14bc  MSPQM - ok
17:41:15.0344 0x14bc  [ BBE2A455053E63BECBF42C2F9B21FAE0, 7C5DF563499DF59DF9895A1581E47ADF5FD54C94ECEF6C886CDB60E5E95A6DAE ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:41:15.0351 0x14bc  MsRPC - ok
17:41:15.0356 0x14bc  [ 8D6B7D515C5CBCDB75B928A0B73C3C5E, 1EB4DC3DD21D2627C78EC3F9931D9E5D033169087E43B5D7C17BF1FF2A0028CD ] mssmbios        C:\Windows\System32\drivers\mssmbios.sys
17:41:15.0358 0x14bc  mssmbios - ok
17:41:15.0360 0x14bc  [ 115019AE01E0EB9C048530D2928AB4A2, 6E2275E85EACF2D0FC784792E0D72A165589D33CBAB3BCFA8E271CA09566C925 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:41:15.0361 0x14bc  MSTEE - ok
17:41:15.0364 0x14bc  [ 96D604A35070360F0DD4A7A8AF410B5E, F94DD1A3566C7C8D0A76D6E1E2530552A9B7F99C5DA0DE11829325EAB9F8B7ED ] MTConfig        C:\Windows\System32\drivers\MTConfig.sys
17:41:15.0365 0x14bc  MTConfig - ok
17:41:15.0369 0x14bc  [ 619CA29326B82372621DB2C0964D8365, 4091F08E266DB45A6E33A4A8B1CE9FA78BB294B3111526AA9E3868620F30AFDF ] Mup             C:\Windows\system32\Drivers\mup.sys
17:41:15.0371 0x14bc  Mup - ok
17:41:15.0374 0x14bc  [ B8C35C94DCB2DFEAF03BB42131F2F77F, F0FCF367CA8F722D6ABCF7F363CD406D890D71452E91C3FC6677B47AD74D6324 ] mvumis          C:\Windows\system32\drivers\mvumis.sys
17:41:15.0376 0x14bc  mvumis - ok
17:41:15.0387 0x14bc  [ D57EC83468C328E2C3029A0BAA722072, 71714FCCDF625A0959FDB4E70FCCBCF184345537BE9509987F798837B392653E ] N360            C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
17:41:15.0392 0x14bc  N360 - ok
17:41:15.0403 0x14bc  [ 41A45D2A75494EABF2806EA051E00376, EB2497561C8E33A4297C044604C717FF854C7F046882A9E4A400AE7679BF5467 ] napagent        C:\Windows\system32\qagentRT.dll
17:41:15.0413 0x14bc  napagent - ok
17:41:15.0425 0x14bc  [ CF8B989D89D6807B887690F2CF24EFD9, 7A3ED124D8D7736F57CD687111C478A206422D117099B2F752B6D933D009BCAC ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:41:15.0434 0x14bc  NativeWifiP - ok
17:41:15.0440 0x14bc  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140318.001\ENG64.SYS
17:41:15.0444 0x14bc  NAVENG - ok
17:41:15.0488 0x14bc  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140318.001\EX64.SYS
17:41:15.0530 0x14bc  NAVEX15 - ok
17:41:15.0539 0x14bc  [ 71E3C0100AA19D11373CCEB2F51A6008, 58FBF35F5FE19BEABE483C11E9996BE93D76721C8C34465350FA98B465CA3672 ] NcaSvc          C:\Windows\System32\ncasvc.dll
17:41:15.0543 0x14bc  NcaSvc - ok
17:41:15.0549 0x14bc  [ 51DF09CAB2CAC64FEE3E371D9028ED01, 9B81604D0D0359AF8F54FED6DA7116FFD2F40407895028EAD99FF1D7CFDC2D14 ] NcbService      C:\Windows\System32\ncbservice.dll
17:41:15.0552 0x14bc  NcbService - ok
17:41:15.0556 0x14bc  [ 2586C4C167499210DCBF3ECFD8CCE210, D8129FEDE9918BF4FB0057CC58700D4E08457060E810B9CC25CA0F598506ADB8 ] NcdAutoSetup    C:\Windows\System32\NcdAutoSetup.dll
17:41:15.0558 0x14bc  NcdAutoSetup - ok
17:41:15.0583 0x14bc  [ ED39D676080A1AEA755F1DEC1A8DF1A4, E413DA1113A51F3A68957147A50248AA98C0D365103D137D5AE8638C74E802D7 ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:41:15.0605 0x14bc  NDIS - ok
17:41:15.0610 0x14bc  [ C6BB12BC35D1637CA17AE16D3A4725EB, 01C1D9FA738886A195166F88207EEB6715A1DE0608978ED6C5DC738AF5C02513 ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:41:15.0611 0x14bc  NdisCap - ok
17:41:15.0616 0x14bc  [ 9F1DA20E943BE7AA4ED5F3E1EBA78B37, CCD99962917BBE256F64AE14CCC9FD12433C72B5DB98E0E57CA8F212A11B3C8F ] NdisImPlatform  C:\Windows\system32\DRIVERS\NdisImPlatform.sys
17:41:15.0619 0x14bc  NdisImPlatform - ok
17:41:15.0622 0x14bc  [ 9423421E735BD5394351E0C47C76BB92, 763E5D06F896C0EF8AD52515464F28BA85DB7A1560E451857AC9AA68FAFCBC66 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:41:15.0623 0x14bc  NdisTapi - ok
17:41:15.0627 0x14bc  [ B832B35055BA2B7B4181861FF94D8E59, 2E60E5D503E88D27E35ECFEE265D51328E93A9C7B9B931F86D9CBC947636BB00 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:41:15.0628 0x14bc  Ndisuio - ok
17:41:15.0631 0x14bc  [ 1F58E48EF75F34C35D8E93A0DC535CFE, D65619A6C4B1747F8B05DA08A44EF0E46B5CC384880E04E4755A2BA6CDB3C4EA ] NdisVirtualBus  C:\Windows\System32\drivers\NdisVirtualBus.sys
17:41:15.0632 0x14bc  NdisVirtualBus - ok
17:41:15.0639 0x14bc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:41:15.0644 0x14bc  NdisWan - ok
17:41:15.0650 0x14bc  [ DEC29080202D4F9F17F55E18BCFCC41A, F7E543741B1F4F637A99C40543D6AEC6EBF893F74359BBA769D1F882E0AFB571 ] NdisWanLegacy   C:\Windows\system32\DRIVERS\ndiswan.sys
17:41:15.0654 0x14bc  NdisWanLegacy - ok
17:41:15.0658 0x14bc  [ A5BD69A8812FA79D1A487691DD3FB244, 67B5EDE101943E0E8B8041DB2353D20C8B9F2D253E77964761CFE8F136C0BBC7 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:41:15.0660 0x14bc  NDProxy - ok
17:41:15.0665 0x14bc  [ 5A072F0B90C29C5233D78BE33EF5ED78, B32ED76A674B1FC743361FB7BBD4C915A78B14132AB056AADD445D5995AD4F32 ] Ndu             C:\Windows\system32\drivers\Ndu.sys
17:41:15.0667 0x14bc  Ndu - ok
17:41:15.0671 0x14bc  [ A83D67D347A684F10B7D3019C8A6380C, 2B86832967981C8C786BF24C1CF8E13E01745ACE3333CF5C821DD93D623B96E4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:41:15.0672 0x14bc  NetBIOS - ok
17:41:15.0680 0x14bc  [ 0217532E19A748F0E5D569307363D5FD, C40C2E7AFA276057E7327A7BB173122689D6CEC9AE443C3850C3F94AF03DFBF5 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:41:15.0686 0x14bc  NetBT - ok
17:41:15.0690 0x14bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] Netlogon        C:\Windows\system32\lsass.exe
17:41:15.0692 0x14bc  Netlogon - ok
17:41:15.0701 0x14bc  [ B7AD851A21FEBA3BA214972627614207, 29605320CCC3DAAD062CAECF0009DACBC2F6D28ED4E8AF7CE76132129F5572A0 ] Netman          C:\Windows\System32\netman.dll
17:41:15.0708 0x14bc  Netman - ok
17:41:15.0721 0x14bc  [ F0F0A372C2EF6358399C4936F91B6131, CE596C71EB4D1A5E104D3148F2D0D8789882C59FD198DCF33CCAC7A08B50E4EE ] netprofm        C:\Windows\System32\netprofmsvc.dll
17:41:15.0732 0x14bc  netprofm - ok
17:41:15.0789 0x14bc  [ E32D07CDCEB656AD11E15F121393C6CA, 5241FA2552B2CB875AD114E2EAAEA5ADD5C0385688AE42B09A943BEC89F0AC8A ] netr28x         C:\Windows\system32\DRIVERS\netr28x.sys
17:41:15.0840 0x14bc  netr28x - ok
17:41:15.0851 0x14bc  [ 1092B3190E69E0C5ECBCE90F171DE047, C16106EEFC324EE80E5F659CB71A5DD69FA800D36D829F5B0E6AD3393BD1BAF7 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:41:15.0855 0x14bc  NetTcpPortSharing - ok
17:41:15.0860 0x14bc  [ 70414DB660BFBB7BD58FCE8EA4364E1B, 6DFB3897CD55E22BA1EDF0AE672F4D7A6A1F512F8A0A26AF106765E6B1CF65AC ] netvsc          C:\Windows\system32\DRIVERS\netvsc63.sys
17:41:15.0862 0x14bc  netvsc - ok
17:41:15.0873 0x14bc  [ 3A280F3B3C7A46E29C404ACD46ECBF5E, 81C3367A2A212DBCC65B8A0166FD092E3205AB31A146B4B737061335CEC51F9D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:41:15.0881 0x14bc  NlaSvc - ok
17:41:15.0885 0x14bc  [ 8F44A2F57C9F1A19AC9C6288C10FB351, 310274DDBAC0FE4BE54ECD3B90C97D82A0F9F5CFCA7A35711A36164DE4B94074 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:41:15.0887 0x14bc  Npfs - ok
17:41:15.0890 0x14bc  [ CBDB4F0871C88DF930FC0E8588CA67FC, 7E4AA3EA81A9D532F236FD7896744F07ED07CA9B37A9F18A9778BCCCC67490F2 ] npsvctrig       C:\Windows\System32\drivers\npsvctrig.sys
17:41:15.0891 0x14bc  npsvctrig - ok
17:41:15.0895 0x14bc  [ 6E2271ED0C3E95B8E29F3752B91B9E84, 44026AD9757EA82967D7F7578455802FAD7FE0057EAC088E0AE207C15F594B86 ] nsi             C:\Windows\system32\nsisvc.dll
17:41:15.0897 0x14bc  nsi - ok
17:41:15.0900 0x14bc  [ E490B459978CB87779E84C761D22B827, 1E5CA38626E41618E4CA16DD0C70EB2FA86E986F0CF21A749BDE2A17015DEEC6 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:41:15.0902 0x14bc  nsiproxy - ok
17:41:15.0947 0x14bc  [ 4412D565C0278C401575E11072C7DCE3, 82A0E9AA88750900EA0E9983157345456B418745C8BA62FAF339640E759C0418 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:41:15.0986 0x14bc  Ntfs - ok
17:41:15.0991 0x14bc  [ EF1B290FC9F0E47CC0B537292BEE5904, DBC07BBC54EBC2D2E576B23A4CE116B3DA988577AD0D96CB7289A6748A60F9EA ] Null            C:\Windows\system32\drivers\Null.sys
17:41:15.0992 0x14bc  Null - ok
17:41:15.0998 0x14bc  [ BC6B5942AFF25EBAF62DE43C3807EDF8, CB0FA194084B8C309039D571B5760FDA800E9531B8660C499B4F9977BA5C36D5 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:41:16.0001 0x14bc  nvraid - ok
17:41:16.0007 0x14bc  [ 1F43ABFFAC3D6CA356851D517392966E, 6FD7621F67BA94B0E1D8F43BEC2951DBCDEEA1E848BB265AC169E27C01DA68F2 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:41:16.0011 0x14bc  nvstor - ok
17:41:16.0016 0x14bc  [ 6934A936A7369DFE37B7DBA93F5E5E49, 0900FEEB0CE8D09F0FC60630B5B986034A8BCD3882ED66E47170810C32492892 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:41:16.0019 0x14bc  nv_agp - ok
17:41:16.0032 0x14bc  [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv          C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
17:41:16.0041 0x14bc  odserv - ok
17:41:16.0046 0x14bc  [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:41:16.0050 0x14bc  ose - ok
17:41:16.0153 0x14bc  [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:41:16.0248 0x14bc  osppsvc - ok
17:41:16.0264 0x14bc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:41:16.0272 0x14bc  p2pimsvc - ok
17:41:16.0285 0x14bc  [ 2A57A937BC5B1B2D6AFE6A8C5925F50B, 00D84EFED5A7129AAD86945940030474795905C32D65CBD5B1A3EBADCED8F873 ] p2psvc          C:\Windows\system32\p2psvc.dll
17:41:16.0294 0x14bc  p2psvc - ok
17:41:16.0299 0x14bc  [ 764B1121867B2D9B31C491668AC72B2B, 32C04B6FCE1DDD09697B81473A23BDCED8BEEFBCD0D2D58DDC9A11A33C756967 ] Parport         C:\Windows\System32\drivers\parport.sys
17:41:16.0302 0x14bc  Parport - ok
17:41:16.0306 0x14bc  [ EF0C1749C9A8CEE9A457473D433CC00F, A5FDAB5AD47471640D697C6CFBA6C67730878ABBA47D394EAA47C9733EDCE1F3 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:41:16.0308 0x14bc  partmgr - ok
17:41:16.0321 0x14bc  [ 9A5309EF92F39346CFD5A4C2C3D1BFAD, 5908E0C9562F9CB24784491BD9AE7983A33A6BDF81AFA0A08045518A0C9BB2B1 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:41:16.0331 0x14bc  PcaSvc - ok
17:41:16.0340 0x14bc  [ C0D3F3BC1C84B4BA746D9847314C1164, 66FDF288ACAE021C5F63BCCC68D7534B4DB737E252AB16DFF746355D8BE7502D ] pci             C:\Windows\system32\drivers\pci.sys
17:41:16.0346 0x14bc  pci - ok
17:41:16.0349 0x14bc  [ 346E38FCC6859A727DD28AFAD1F0AFF4, FF3DA26F79B3BC3A5B8A8AA0B9139B9EF70297F4EA1203B1E68FB5A212C3AA58 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:41:16.0350 0x14bc  pciide - ok
17:41:16.0355 0x14bc  [ 4D3BDCC1C7B40C9D7B6AD990E6DEC397, 27A7AF2127B699F4579CB77936F38DC102211E26E5E2947DB808756FE06FC98E ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:41:16.0359 0x14bc  pcmcia - ok
17:41:16.0363 0x14bc  [ BF28771D1436C88BE1D297D3098B0F7D, 5F7630916A76A8CF31289E9C577F522B999C74C39E541CD40E62BD53004BEF74 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:41:16.0364 0x14bc  pcw - ok
17:41:16.0368 0x14bc  [ B9D968D8E2B0F9C6301CEB39CFC9B9E4, 83F32831B0727F18B56DC3CAF37E45A3523D2BBCD54D1421F0DE5A0179D8A404 ] pdc             C:\Windows\system32\drivers\pdc.sys
17:41:16.0370 0x14bc  pdc - ok
17:41:16.0388 0x14bc  [ BA50CC0BD19004AAB88BE37338B6FA0D, 34D4720A621CCB4707F2EB929F6F44C317DBC6F055F7F34F3FAC68DFDAA00DEF ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:41:16.0402 0x14bc  PEAUTH - ok
17:41:16.0429 0x14bc  [ 8E3C640FFF5A963F570233AE99C0FFF3, 3DE978B005BF2E88BA858CE37D9E27BD3584642B8412E22C300A1E739743838A ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:41:16.0431 0x14bc  PerfHost - ok
17:41:16.0467 0x14bc  [ 928061178CD9856CA6B67FFFCE6BA766, 71DE3C7CA7F83EAAA550CD8A68FB67DE042B0AE51BFACB1ECB8852D502E11F50 ] pla             C:\Windows\system32\pla.dll
17:41:16.0497 0x14bc  pla - ok
17:41:16.0503 0x14bc  [ 752A457320A946E03C3AA86C3ACD735E, 63946150581532D862F4220606E74FFC479209E1A36CD57AA78AC4AE34A26F49 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:41:16.0507 0x14bc  PlugPlay - ok
17:41:16.0510 0x14bc  [ 045EB4F260606A03BE340D09DEAF3BA4, 6F34B8D414F7F69F4388F2F8A86E0F3AD179E423126990AF3E1EC4DCCB8E7693 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:41:16.0512 0x14bc  PNRPAutoReg - ok
17:41:16.0522 0x14bc  [ E287F157F7A0011D93179C64EF8ADCF2, C16FB92C7B18D634BB1344238D35B3111494C243FBD5853F05376F5051480D83 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:41:16.0529 0x14bc  PNRPsvc - ok
17:41:16.0533 0x14bc  [ 520D48ECB54A33821C95EE496A4235AF, 3C7984E480F134E303E6AD03A3837515F3E03A4727F1AD184BD1D8C71D68FFEF ] Point64         C:\Windows\System32\drivers\point64.sys
17:41:16.0535 0x14bc  Point64 - ok
17:41:16.0545 0x14bc  [ C16097D77A232A288D65F299E2E01105, 5CE4B44B06FD26569C0F92FF1D3991D0128D8444AE7BC9EBEF5A33811D721BE8 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:41:16.0553 0x14bc  PolicyAgent - ok
17:41:16.0559 0x14bc  [ 00E08B30E7F7C13ECE2CDF4F46A77311, 1807C0A64C1794E572C86730816C01DCF4D8F773ADE9CAEA3AC0658F7BD71A4E ] Power           C:\Windows\system32\umpo.dll
17:41:16.0562 0x14bc  Power - ok
17:41:16.0624 0x14bc  [ B7DB57A000D46D4DE75BC0C563E58072, 8183EB09DC4D44DFF027CA0AAA8C09921A14F088C1BC427B6ACA42340AAF69E6 ] PrintNotify     C:\Windows\system32\spool\drivers\x64\3\PrintConfig.dll
17:41:16.0682 0x14bc  PrintNotify - ok
17:41:16.0689 0x14bc  [ ECD373F9571C745894367CC2635EA44F, E08B2A1017DAE1BF10B986DAFAD14BDE20D79703E0EF3A8C700A3753908C1392 ] Processor       C:\Windows\System32\drivers\processr.sys
17:41:16.0692 0x14bc  Processor - ok
17:41:16.0699 0x14bc  [ 8513A1E7AE4B9DC82C4B4F432C648A58, C0C629BF79722A12B35BDA6D5EF6FD2D96E013D80D8F17077E9137ED3988B452 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:41:16.0704 0x14bc  ProfSvc - ok
17:41:16.0710 0x14bc  [ 8528BB05E4D4E25945F78B00B2555FB7, FF8E0D4580F93CD348080967F52FE6C2C68B56DAEACAE2EAEF04E19412A953AE ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:41:16.0713 0x14bc  Psched - ok
17:41:16.0722 0x14bc  [ AF90BB44C99D6820BE52C9BBAA523283, 9772D9CC1666959EC8EE4ED740A5179473CE4F38762109F1123DD68010D20EA1 ] QWAVE           C:\Windows\system32\qwave.dll
17:41:16.0729 0x14bc  QWAVE - ok
17:41:16.0733 0x14bc  [ 3FB466684609A4329858CF2EBD62E0FD, CFC8FBAB1436948F9D34CE6A2D6DE2F86F3E93E50B86851CED979C8CCE609798 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:41:16.0735 0x14bc  QWAVEdrv - ok
17:41:16.0738 0x14bc  [ 2C56F0EE27E4EF70CA4B4983D3638905, AFFDD686886CE982424B644D9168D61C6F86A5244FF97BC644DF75B321E415E5 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:41:16.0738 0x14bc  RasAcd - ok
17:41:16.0743 0x14bc  [ 5F061AC45266841A2860C1858ED863B8, 9E0D52BAC8A50225C32D0397C35350601B996443E2481C808CC59D3B0763FEF0 ] RasAuto         C:\Windows\System32\rasauto.dll
17:41:16.0746 0x14bc  RasAuto - ok
17:41:16.0760 0x14bc  [ BF3B17016764F20F9D28CF1A8DC210C0, F64B410D444D4A3DFEE356EFC5B758781FA2612771EDCF72DB91D3120385D7DB ] RasMan          C:\Windows\System32\rasmans.dll
17:41:16.0772 0x14bc  RasMan - ok
17:41:16.0777 0x14bc  [ 5247F308C4103CDC4FE12AE1D235800A, E567CD33CA1897D53795E071B7AFBAF98B2C8F725F8BED0BA90F5EF611520E48 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:41:16.0779 0x14bc  RasPppoe - ok
17:41:16.0791 0x14bc  [ A1A5E79C0D1352AFDC08328A623DA051, 01546DDE6F1FF159A7EB7F2BF104910445D3D863F1F37DEA695579BA60D84280 ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:41:16.0799 0x14bc  rdbss - ok
17:41:16.0804 0x14bc  [ 6B21EBF892CD8CACB71669B35AB5DE32, 0AD8E14FEF16FB2559F5FC8AFBC9D49E4E24F43CF65F480DBF9FAB593269B419 ] rdpbus          C:\Windows\System32\drivers\rdpbus.sys
17:41:16.0805 0x14bc  rdpbus - ok
17:41:16.0811 0x14bc  [ 680C1DAE268B6FB67FA21B389A8B79EF, 856911F77BDD8830C3D683EBE8AF399FB3A54C7D8D0B34EA37D903377F0A39BD ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:41:16.0816 0x14bc  RDPDR - ok
17:41:16.0822 0x14bc  [ 858776908AF838E3790F3261B799CDA6, 5BE4658540382D1B2F46E503CE175D74E3870FE492B8B8F37C3CFB34FF8E2DA8 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:41:16.0823 0x14bc  RdpVideoMiniport - ok
17:41:16.0831 0x14bc  [ 847C6A08912C3515807049C93E526D65, 74AFC58793B43E73614D2F49B19FB360091E208097696D9DF0B0354761E0B30F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:41:16.0836 0x14bc  rdyboost - ok
17:41:16.0861 0x14bc  [ 036746D54347FD2D0385668E2A4064E4, 7C670176176C86D6C3814367A6282A78F4E950F84DDEDA849829236C891F5BB9 ] ReFS            C:\Windows\system32\drivers\ReFS.sys
17:41:16.0881 0x14bc  ReFS - ok
17:41:16.0889 0x14bc  [ BFFB40FBE6D2C3469F8D06EE5E4934AB, 5B6763F973A740DCD53CEA75156926457BED8B075965033C484877DDA8B97F39 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:41:16.0895 0x14bc  RemoteAccess - ok
17:41:16.0901 0x14bc  [ 4DCCABE03D06955ED61BABBD8EF9F30F, 531CD60315AAF283B73E0F6CF77D4DE093B809E73C44D2AC43B7247500B3485E ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:41:16.0905 0x14bc  RemoteRegistry - ok
17:41:16.0910 0x14bc  [ D894CBD7DA753C881EE8D5E33B583225, DA4472A85F10A3DF8CE969F731E67FE7C75EE6095908AB8AC2C44851DC5A3F8B ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:41:16.0913 0x14bc  RpcEptMapper - ok
17:41:16.0916 0x14bc  [ 5CAE8F47B31D5CFC322B5B898C19E0FE, FDB5F0B6EA36403E031D9147AB0519011FAAD3AC8190DE5B1F17FB5472D79D47 ] RpcLocator      C:\Windows\system32\locator.exe
17:41:16.0917 0x14bc  RpcLocator - ok
17:41:16.0936 0x14bc  [ 3FD5AE42EC87C6F532A931F96BE731DD, 8282823022391ACF65E23F461FCE5CAFFB5ADC077647FEF80B91BC4BC31EDFE2 ] RpcSs           C:\Windows\system32\rpcss.dll
17:41:16.0949 0x14bc  RpcSs - ok
17:41:16.0954 0x14bc  [ 2D05A5508F4685412F2B89E8C2189ABC, 82F12B4E0E73411A121EFD35FBD3B44CBBC0AE96ACFBB45D8C3C3777E2EA320D ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:41:16.0956 0x14bc  rspndr - ok
17:41:16.0972 0x14bc  [ 19764658C1468C2C0CEF133D28414A6B, 87AD4056F6C67052433A366B200B75613148B69B9B9D502AD926A7F7F037B8DE ] RTL8168         C:\Windows\system32\DRIVERS\Rt630x64.sys
17:41:16.0990 0x14bc  RTL8168 - ok
17:41:16.0995 0x14bc  [ 1A063730F221B2746FF00457AE17E4F0, 39A3C258CBFE3BC566C63528C9020A3BC9409736AE5289C08A7BA471D8409263 ] s3cap           C:\Windows\System32\drivers\vms3cap.sys
17:41:16.0997 0x14bc  s3cap - ok
17:41:17.0002 0x14bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] SamSs           C:\Windows\system32\lsass.exe
17:41:17.0005 0x14bc  SamSs - ok
17:41:17.0011 0x14bc  [ C624A1B32211C3166EDB3F4AB02A30B7, 6B2A4607DB52D74242787ED9DF9067058983D310431D8612D2B0236E6201E681 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:41:17.0013 0x14bc  sbp2port - ok
17:41:17.0021 0x14bc  [ 47C497FA4DDEA908633CAA60CEBE6805, 4DF5742D4C99D3F7B6A5671AEDB1E5E47D3399D36B28BA19C105FA604D8D5A1C ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:41:17.0026 0x14bc  SCardSvr - ok
17:41:17.0032 0x14bc  [ E76C4E98302AE39CC6FA5D20FC8B5438, B6B6B59CF427515087689285797F4A5763103440EBE5D87A61FA74F80F895BD0 ] ScDeviceEnum    C:\Windows\System32\ScDeviceEnum.dll
17:41:17.0036 0x14bc  ScDeviceEnum - ok
17:41:17.0040 0x14bc  [ ABD0237B15DBD2B4695F4B7D734A58F7, D6831921F0CD3E03CBF1CA3ED5824EE0C75127842D12D4E897E74EC72B0792EB ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:41:17.0041 0x14bc  scfilter - ok
17:41:17.0069 0x14bc  [ A95838FFFAEAA7500263D491575F7E0C, FEB79ECAE6D9AB0C29D9AFE12F60502A8357B3A382C0FACF4C6DA4852B6ECFA4 ] Schedule        C:\Windows\system32\schedsvc.dll
17:41:17.0094 0x14bc  Schedule - ok
17:41:17.0101 0x14bc  [ AB285CE3431FF3D2ACE669245874C1C7, 6AF4C3E86EFA51F7FB6F8492CB2CCB807C7775EAE0508B87F07134FDAC679BD7 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:41:17.0104 0x14bc  SCPolicySvc - ok
17:41:17.0112 0x14bc  [ 2F9A3380B8C0380E5608E29C7AA66899, 56D1908437DD3791E54866819E39CC89586C5CD804F47B556416FA8642D88CBB ] sdbus           C:\Windows\System32\drivers\sdbus.sys
17:41:17.0117 0x14bc  sdbus - ok
17:41:17.0122 0x14bc  [ 4EAF4DCF9DBD9A56952A58F56D61C005, BCA42FD1553569D3603008CC97D88FD309E87F8A8B1522A4287A0E81CAE6C294 ] sdstor          C:\Windows\System32\drivers\sdstor.sys
17:41:17.0124 0x14bc  sdstor - ok
17:41:17.0127 0x14bc  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:41:17.0128 0x14bc  secdrv - ok
17:41:17.0132 0x14bc  [ C49009F897BA4F2F4F31043663AA1485, 48C8BE1E3A4F150662AD012AF4E0357ABA792AD1147AB90EFF6CB2630E2501B6 ] seclogon        C:\Windows\system32\seclogon.dll
17:41:17.0134 0x14bc  seclogon - ok
17:41:17.0138 0x14bc  [ A88882E64BDC1D8E8D6E727B71CCCC53, 12D2235F54D0CEEED8AA268C17CDE44020269F4FEFC70CE957DBBF99AF7F553D ] SENS            C:\Windows\System32\sens.dll
17:41:17.0141 0x14bc  SENS - ok
17:41:17.0148 0x14bc  [ E66A7C8CE7ED22DED6DF1CA479FB4790, ADEB076F131E7A8C3AD96022B09BB33EB9AB26C9C831503B8C6960AA763B8975 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:41:17.0154 0x14bc  SensrSvc - ok
17:41:17.0158 0x14bc  [ DB2FF24CE0BDD15FE75870AFE312BA89, 7DB0D978C92CD0A0A81F7AB46FE323B4929CEA01585B0F330921E6DFA7DE1B85 ] SerCx           C:\Windows\system32\drivers\SerCx.sys
17:41:17.0160 0x14bc  SerCx - ok
17:41:17.0166 0x14bc  [ 0044B31F93946D5D41982314381FE431, 95B8A94BA9EF770F29ACD5B23D447EC2B6CF1CB3D0030343BA1550AC31F6E2A5 ] SerCx2          C:\Windows\system32\drivers\SerCx2.sys
17:41:17.0170 0x14bc  SerCx2 - ok
17:41:17.0173 0x14bc  [ 3CD600C089C1251BEEB4CD4CD5164F9E, D9F81951B4454B24E821E33ACA53A851A61F3135E8EC6FBE6761A1A3E1CDCBE2 ] Serenum         C:\Windows\System32\drivers\serenum.sys
17:41:17.0174 0x14bc  Serenum - ok
17:41:17.0179 0x14bc  [ D864381BC9C725FAB01D94C060660166, 132FED95222BBE3B0B25B3F1F0EFC5903D04564BD047BA4D2042AD51E3FDA724 ] Serial          C:\Windows\System32\drivers\serial.sys
17:41:17.0182 0x14bc  Serial - ok
17:41:17.0185 0x14bc  [ 0BD2B65DCE756FDE95A2E5CCCBF7705D, F13FAFEC8FCF3E796196562717C433CE359A74A3E5876AB070647C717AF74028 ] sermouse        C:\Windows\System32\drivers\sermouse.sys
17:41:17.0186 0x14bc  sermouse - ok
17:41:17.0196 0x14bc  [ 441E6FF1F34D7A942946DB42A15FB519, A16BA505B74C7A2ADD08BD5B50728C2AD55062E0ABABAD7E3EE0EB97F3725523 ] SessionEnv      C:\Windows\system32\sessenv.dll
17:41:17.0203 0x14bc  SessionEnv - ok
17:41:17.0206 0x14bc  [ 472B7A5AC181C050888DB454663DD764, C950A8615D57BFD455E18880398350642B2E1D6B951EC9754FD8D429F3418835 ] sfloppy         C:\Windows\System32\drivers\sfloppy.sys
17:41:17.0207 0x14bc  sfloppy - ok
17:41:17.0219 0x14bc  [ F4414F57DF2CECB8FC969AA43A6B0D50, AD09A6E1294721507DD6BE82B91F2EEB0FF0151B9BC14A75840CD657DBFDECEC ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:41:17.0228 0x14bc  SharedAccess - ok
17:41:17.0244 0x14bc  [ 0D190D8B4B20446BE6299AC734DFADF1, 6551095971F99820BBFC5FED8FAB9591A3F8ABFA0F027887F3B71B79325FF6D9 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:41:17.0257 0x14bc  ShellHWDetection - ok
17:41:17.0262 0x14bc  [ 2F518D13DD6F3053837FE606F1A2EA1F, 64109296CE95BD233525688A350D575CF97B9464659AA07CF78B307B6ADBC835 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:41:17.0263 0x14bc  SiSRaid2 - ok
17:41:17.0268 0x14bc  [ 1AC9A200A9C49C4508F04AAFFCA34A3F, 972BCB2A39169155F74111FAC74ACCD8F50E34EADCF087833B0980827627BBF4 ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:41:17.0270 0x14bc  SiSRaid4 - ok
17:41:17.0273 0x14bc  [ 587ACA15210D1B01FBF272E07A08F91A, 1F3C13C218C5EA329C6E33E4AE7CFE88DAD59DA40F59FDE09D733AFD2E489000 ] smphost         C:\Windows\System32\smphost.dll
17:41:17.0275 0x14bc  smphost - ok
17:41:17.0279 0x14bc  [ 49EEB92DE930B8566EF615D600781DB4, 0B7C929D24FAFC34F95BB4AA77DCBA29DDD8F1977EB42713B64228677D1FBFD3 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:41:17.0281 0x14bc  SNMPTRAP - ok
17:41:17.0291 0x14bc  [ F6EBE514D13ECE7EDC23440039CDF9AB, B58072BE7E4E52704C7B1D52DD49F469542B4B015C6D560369EEC1B046AFB254 ] spaceport       C:\Windows\system32\drivers\spaceport.sys
17:41:17.0298 0x14bc  spaceport - ok
17:41:17.0303 0x14bc  [ F337BE11071818FC3F5DC2940B6BDE34, D5CFF00E5DF37045F71AEE101AC9B270EBB29F372F404757B58600E9966C7E4D ] SpbCx           C:\Windows\system32\drivers\SpbCx.sys
17:41:17.0307 0x14bc  SpbCx - ok
17:41:17.0327 0x14bc  [ FE0CB40F36D3FCDD3A1B312EF72C38D5, 42EA50869752164764DFE8CE7E1C247BE8342A0C15F39158DC808E8A692C460F ] Spooler         C:\Windows\System32\spoolsv.exe
17:41:17.0344 0x14bc  Spooler - ok
17:41:17.0478 0x14bc  [ C993A0B97BECD3AAF5158E3869878465, 8B86F37DEFCBE55DE507D830EC4980EBB39B3CCA30C2B3E76B588AAB282A50FC ] sppsvc          C:\Windows\system32\sppsvc.exe
17:41:17.0615 0x14bc  sppsvc - ok
17:41:17.0641 0x14bc  [ 8BFD1752AAA15BF47D668E9AC5AF96FB, EEC6CDA06A971D2E2C2634987228E550970C9246659C25DCCF87AC9CD08F55F3 ] SRTSP           C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS
17:41:17.0658 0x14bc  SRTSP - ok
17:41:17.0663 0x14bc  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS
17:41:17.0664 0x14bc  SRTSPX - ok
17:41:17.0677 0x14bc  [ 2B78788A1485F9B99A578A299DF42C02, A87183A9B13585C9E850437A45237105D39D7F3212ADB079D6AB430B67A59643 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:41:17.0686 0x14bc  srv - ok
17:41:17.0703 0x14bc  [ C1AE59C0B0817236EC083A91C396005A, 26F05ECB44C300DA8F333B115727C31C5C8252C83F37F0AE7DFF89B267599CDF ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:41:17.0717 0x14bc  srv2 - ok
17:41:17.0726 0x14bc  [ 77195C32175FC63D6054EBA5A066D727, 22F5D26809BC9288021620040FC7B7BB76708D434C863B3C0C20F73200C1C6A9 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:41:17.0731 0x14bc  srvnet - ok
17:41:17.0739 0x14bc  [ BB9ED3EDD8E85008215A7250D325A72E, D3404E31B7706B25CDEA7CB4260C343B5F090E8CCB9A5FA203B0F94A9112F1B3 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:41:17.0744 0x14bc  SSDPSRV - ok
17:41:17.0750 0x14bc  [ 3911418AFDE10EA6823B7799E4815524, A73517C4C1271E666B2B3A747756070098E923742B41572AA16573170440AA07 ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:41:17.0754 0x14bc  SstpSvc - ok
17:41:17.0758 0x14bc  [ 366DEA74BBA65B362BCCFC6FC2ADFD8B, 4D28122AB9D8DAB724021E6513B4474BD34FCEDF47769B1D27AC7551FCA002F8 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:41:17.0759 0x14bc  stexstor - ok
17:41:17.0774 0x14bc  [ D638904FE86A5FE542A1BA13A9D68E5C, 89A956F932316BC50DD99B54BAF4E2809DCAA084DBB04CB84D11E5470BEAF251 ] stisvc          C:\Windows\System32\wiaservc.dll
17:41:17.0787 0x14bc  stisvc - ok
17:41:17.0793 0x14bc  [ 0ED2E318ABB68C1A35A8B8038BDB4C90, 5C3ABC245F4BCFE64E646D9C0E2F5E211244956C84D03084C71FF6A7E0CDED30 ] storahci        C:\Windows\system32\drivers\storahci.sys
17:41:17.0795 0x14bc  storahci - ok
17:41:17.0799 0x14bc  [ 7A08CEE1535F5A448215634C5EA74E50, 41529CDC08A3956F8FE9D5759B147E2E56E3305149EA415EB200249F7CD32094 ] storflt         C:\Windows\system32\DRIVERS\vmstorfl.sys
17:41:17.0801 0x14bc  storflt - ok
17:41:17.0805 0x14bc  [ 6B06E2D11E604BE2B1A406C4CB3B90DE, 2DDEA1568A85AD64FCE5D10D348304FCD9BE6E96C2313353EF70A2933306D188 ] stornvme        C:\Windows\system32\drivers\stornvme.sys
17:41:17.0806 0x14bc  stornvme - ok
17:41:17.0810 0x14bc  [ 3118058E3D07021A55324A943C6D722B, 0B255DF1977DADD2B9766EEEA814B464F0ABFA34D6439F3C453083850C121F16 ] StorSvc         C:\Windows\system32\storsvc.dll
17:41:17.0811 0x14bc  StorSvc - ok
17:41:17.0815 0x14bc  [ 548759755BC73DAD663250239D7E0B9F, D31A05A8CE800B539420B6E545F1F4BF6E4B02EAF8366DE89CAF13A83C6CA48D ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:41:17.0816 0x14bc  storvsc - ok
17:41:17.0819 0x14bc  [ D8E1AE075AB3E8AD56F69C44AA978596, CAFF5116DE7F0EEFFEBE38724BCEE7D11B44153AD35EE43E314C56D5E210758A ] svsvc           C:\Windows\system32\svsvc.dll
17:41:17.0821 0x14bc  svsvc - ok
17:41:17.0824 0x14bc  [ 84E0F5D41C138C5CC975137A2A98F6D3, 1E36CED05E4F4365C2AB020CAF920E3959995D7F89F3FABD7B2FB05985F85F38 ] swenum          C:\Windows\System32\drivers\swenum.sys
17:41:17.0825 0x14bc  swenum - ok
17:41:17.0842 0x14bc  [ 99453C649DC4B0BE6D062B701CD2917F, 6E136BBF46E2E07635BEDC307A7F2E7C653DB45C055419DAB4878BF657B82058 ] swprv           C:\Windows\System32\swprv.dll
17:41:17.0857 0x14bc  swprv - ok
17:41:17.0870 0x14bc  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\Windows\system32\drivers\N360x64\1501000.012\SYMDS64.SYS
17:41:17.0880 0x14bc  SymDS - ok
17:41:17.0908 0x14bc  [ 08AF51153E441687130B759A8F6892ED, C9DFC0667EF9CE7FACBBB0DE53BD6E0DC9E0ED582CB89FBB2E7FE91CEAC47C5B ] SymEFA          C:\Windows\system32\drivers\N360x64\1501000.012\SYMEFA64.SYS
17:41:17.0930 0x14bc  SymEFA - ok
17:41:17.0935 0x14bc  [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM         C:\Windows\system32\drivers\N360x64\1501000.012\SymELAM.sys
17:41:17.0935 0x14bc  SymELAM - ok
17:41:17.0942 0x14bc  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:41:17.0946 0x14bc  SymEvent - ok
17:41:17.0954 0x14bc  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS
17:41:17.0960 0x14bc  SymIRON - ok
17:41:17.0975 0x14bc  [ 78A2F073AD9EA5EBC04A70931EA36C9A, 011395F07D7879D30E1700F060CA8C02407F8FFC99998B2E7507E7AF22578B68 ] SymNetS         C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS
17:41:17.0987 0x14bc  SymNetS - ok
17:41:18.0016 0x14bc  [ E45DA7CBBA34510C8B9473AD7D4FFD0B, 89C2AED757D86C276D78D29D94DCBF9C1B6A244A2153EC85CCB2E86C5F078387 ] SysMain         C:\Windows\system32\sysmain.dll
17:41:18.0040 0x14bc  SysMain - ok
17:41:18.0050 0x14bc  [ D65B1C952AEB864C2BAC7A770B17ECCE, 3EFAAFFF73390D9CB660E0F42B305512396CF66ED06E4A20ED67E8722FB4355B ] SystemEventsBroker C:\Windows\System32\SystemEventsBrokerServer.dll
17:41:18.0057 0x14bc  SystemEventsBroker - ok
17:41:18.0063 0x14bc  [ BA6DD39266A5E15515C8C14DA2DA3E5C, 5BC917BA4E7281A67CC6CEF2F4D1972DF04DECBEFB6DED0B08FFBD06E15D4B4F ] TabletInputService C:\Windows\System32\TabSvc.dll
17:41:18.0067 0x14bc  TabletInputService - ok
17:41:18.0076 0x14bc  [ B517410F157693043DACA21B19B258A6, 2224EECEB575CEA811036C43BB5B0A408DE5F59BC97235AB948968E4C3E438F2 ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:41:18.0084 0x14bc  TapiSrv - ok
17:41:18.0139 0x14bc  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:41:18.0188 0x14bc  Tcpip - ok
17:41:18.0245 0x14bc  [ ECC68BD5347BDE9631EE68274858A41F, F5274400312C776C13BCBC333AF20C29163FEBC7879E9C6AD45774A0C39F8A52 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:41:18.0286 0x14bc  TCPIP6 - ok
17:41:18.0294 0x14bc  [ 33A7D83EEB15431773A6E186CFAABA21, AC5100A76CA44BFADF4A54FDB09FF5D2FF13B9F8482DC1AE86C8C27005F77B0F ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:41:18.0297 0x14bc  tcpipreg - ok
17:41:18.0304 0x14bc  [ FFF28F9F6823EB1756C60F1649560BBF, 208DFF8BF0329D0D4761C7E31527AEED7FF5F3C36C5005953D01477F35408D5C ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:41:18.0308 0x14bc  tdx - ok
17:41:18.0311 0x14bc  [ 232D185D2337F141311D0CF1983E1431, 02EB56D3F26174AF1741C1A444CE30DE84D5BAF583C1A52C7A953BCC52445547 ] terminpt        C:\Windows\System32\drivers\terminpt.sys
17:41:18.0314 0x14bc  terminpt - ok
17:41:18.0339 0x14bc  [ 2C77831737491F4D684D315B95C62883, 90A2574A281F19646CFCDA5FDF40063220058290D2D5523AD91B7E709EC36D3D ] TermService     C:\Windows\System32\termsrv.dll
17:41:18.0361 0x14bc  TermService - ok
17:41:18.0366 0x14bc  [ 05FBE1F7C13E87AF7A414CDF288B1F62, 24079E1A6B2E33A1A8E76A77F73473B93DD6B379E44C982CE50D6CEED9747838 ] Themes          C:\Windows\system32\themeservice.dll
17:41:18.0369 0x14bc  Themes - ok
17:41:18.0373 0x14bc  [ FD788C2D96EA91469A3C1D13E80D7473, 7B14D4BFDE18CECC19FBFFAA5AFF5FD78BFB7FCDA6613990740A8A7DD9873D26 ] THREADORDER     C:\Windows\system32\mmcss.dll
17:41:18.0375 0x14bc  THREADORDER - ok
17:41:18.0383 0x14bc  [ 347A3E49CE18402305B8119A6EC7CFEB, 6768B20EE577880B0353FE84B980D4A18D323929A63FAE41F7A55123BBFC8DBA ] TimeBroker      C:\Windows\System32\TimeBrokerServer.dll
17:41:18.0389 0x14bc  TimeBroker - ok
17:41:18.0395 0x14bc  [ 82F909359600D3603FE852DB7F135626, 2EB2BB9D81AC9A2E432B2628E296B7B21F1C82EAE8009300EEF1B8596A9F418D ] TPM             C:\Windows\system32\drivers\tpm.sys
17:41:18.0399 0x14bc  TPM - ok
17:41:18.0405 0x14bc  [ C97E14BB6A196B0554D6EB67D8818175, C00588C94988F10507F84584DFA4C0A43B8648AD1AD35E9BAE14CDD21FCF7B90 ] TrkWks          C:\Windows\System32\trkwks.dll
17:41:18.0408 0x14bc  TrkWks - ok
17:41:18.0413 0x14bc  [ DA56FFA46030E6FEB215E3D5DAA65B11, 36B5EED8F9044475000362DBFC8A2A40B889ED46382CCEFB6BA04BE0442F98C2 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:41:18.0416 0x14bc  TrustedInstaller - ok
17:41:18.0421 0x14bc  [ BF8F54CA37E9C9D6582C31C5761F8C93, 337C566792F6FB9B7FD5D1D4384B767CFE4CF5DBB2E4688CCC36CBB018A0DD0F ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:41:18.0423 0x14bc  TsUsbFlt - ok
17:41:18.0426 0x14bc  [ E0088068DCE2EE82897027DDB8E05254, FA9C201D3C885DAD2ABE6A23343EDCC83CFB342EFF9E3005FA50B1D88B21D203 ] TsUsbGD         C:\Windows\System32\drivers\TsUsbGD.sys
17:41:18.0428 0x14bc  TsUsbGD - ok
17:41:18.0434 0x14bc  [ C8E0E78B5D284C2FF59BDFFDAF997242, BA1576C491A1246EF9866762426D110F4570F9DB42A68C174943C7D5020FE3E2 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:41:18.0437 0x14bc  tunnel - ok
17:41:18.0442 0x14bc  [ F6EEAD052943B5A3104C1405BB856C54, FE422813E6C1012E9F392EFF2AE4C6D3A4DBD9CB2BD5E6A5CAB57D4E89A29468 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:41:18.0443 0x14bc  uagp35 - ok
17:41:18.0448 0x14bc  [ FE6067B1FD4E63650C667B33D080565B, 2C330ED00E49BA55E25564230E0DFB8A35F2B5320EB18D4AF7CAACFA9A449044 ] UASPStor        C:\Windows\System32\drivers\uaspstor.sys
17:41:18.0450 0x14bc  UASPStor - ok
17:41:18.0457 0x14bc  [ 5D1B430EA11064C56E7C8F84B90DEB6A, 874D9EE807F16321C4857030F9C18D2B925785FD4BB7ED047AF9535BF3F30D84 ] UCX01000        C:\Windows\System32\drivers\ucx01000.sys
17:41:18.0461 0x14bc  UCX01000 - ok
17:41:18.0470 0x14bc  [ 1EC649F112896FAE33250F0B97AC5D0B, 0C0A1C2C7615DEB298AD3073340FD1BF91FEBE611F133E3B48D994A6EAA8369F ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:41:18.0477 0x14bc  udfs - ok
17:41:18.0480 0x14bc  [ 9578691F297E1B1F519970FE6D47CB21, 080C352AAF22A16A4F3C4AB4DCEA5BFA656457C73F735CEBA30516FDACCF6301 ] UEFI            C:\Windows\System32\drivers\UEFI.sys
17:41:18.0482 0x14bc  UEFI - ok
17:41:18.0488 0x14bc  [ 320878AFECDBBD61BBE98624A6CAAC08, 15C090EA32A24D976B5FCB1373B1281DCC2295C075299C814345D694AEB47CB9 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:41:18.0490 0x14bc  UI0Detect - ok
17:41:18.0494 0x14bc  [ 5EAB5117DDB24FC4D39E6FFFCF1837B9, 2BC709240867F161E94BE6625A04F478EAAA3EEE7BC7C37ED0DFA9EEA5928E98 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:41:18.0496 0x14bc  uliagpkx - ok
17:41:18.0499 0x14bc  [ DA34C39A18E60E7C3FA0630566408034, 2F162504214053894C72760D9933D01DBF3578609FE5E2376C3272818599FE32 ] umbus           C:\Windows\System32\drivers\umbus.sys
17:41:18.0501 0x14bc  umbus - ok
17:41:18.0504 0x14bc  [ AE8294875E5446E359B1E8035D40C05E, AE0357BAB47C07C3576BC76951CD258C009BC5A1B93259D2122A841BD9CDA8FA ] UmPass          C:\Windows\System32\drivers\umpass.sys
17:41:18.0505 0x14bc  UmPass - ok
17:41:18.0513 0x14bc  [ E3DDF7D43E05784FAA5E042605EEE528, 8E20E880FAB09AF4FF5C438BF9EAE9970D46C05167870110869B744E498FD761 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:41:18.0520 0x14bc  UmRdpService - ok
17:41:18.0532 0x14bc  [ 4A2FFDAC45F317E17DF642C7160EB633, F1AB762912FAA5F469F322407DA37C91556086C42D1643AD27516C12A84F74D0 ] upnphost        C:\Windows\System32\upnphost.dll
17:41:18.0542 0x14bc  upnphost - ok
17:41:18.0545 0x14bc  [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64       C:\Windows\System32\Drivers\usbaapl64.sys
17:41:18.0547 0x14bc  USBAAPL64 - ok
17:41:18.0553 0x14bc  [ 433ECDE01A52691FA7ACA51C10C09B70, B896296A3F8EF2AF3AC5F0091B9848156608586F1E10A95D70700BAB51E8062A ] usbccgp         C:\Windows\System32\drivers\usbccgp.sys
17:41:18.0556 0x14bc  usbccgp - ok
17:41:18.0562 0x14bc  [ B3D6457D841A0CAEF4C52D88621715F2, CBDD76A8A28379B107B1FB530757B477B8AB74CD01F9F3CEDC7B1BA0C6E5A990 ] usbcir          C:\Windows\System32\drivers\usbcir.sys
17:41:18.0563 0x14bc  usbcir - ok
17:41:18.0568 0x14bc  [ 5477D6E27C7D266EF8C152B9A25ADE5E, FEE81677D284A78A0C0FB60F887A952CFC759AE78B01206D73F59FE33612C519 ] usbehci         C:\Windows\System32\drivers\usbehci.sys
17:41:18.0570 0x14bc  usbehci - ok
17:41:18.0582 0x14bc  [ DF56C2C04EFA328D7A66B69007130266, 719316EB25A8C7B82C7941D1C5B964CC4EDA4A997732F481526DE7356F6FC0D8 ] usbhub          C:\Windows\System32\drivers\usbhub.sys
17:41:18.0591 0x14bc  usbhub - ok
17:41:18.0603 0x14bc  [ C0E33820326199CE3CFD3B9F27F81D99, C67F55E7DD6F7FC4A96256A14A805D39C5CE8725FD86675C6C860B3DE8E4DBC3 ] USBHUB3         C:\Windows\System32\drivers\UsbHub3.sys
17:41:18.0613 0x14bc  USBHUB3 - ok
17:41:18.0617 0x14bc  [ 3019097FB6C985EF24C058090FF3BDBD, 24AC518D34E338D94BF3D5B3F72E53F8A1369BAA7F32FEA3EDBCF928C4FF1D17 ] usbohci         C:\Windows\System32\drivers\usbohci.sys
17:41:18.0618 0x14bc  usbohci - ok
17:41:18.0621 0x14bc  [ 4D655E3B684BE9B0F7FFD8A2935C348C, 3A7FC1748C5AEA8CFE0E7C22ADC77E3DCA475455FC16D9C6A5C16EB5E949A516 ] usbprint        C:\Windows\System32\drivers\usbprint.sys
17:41:18.0622 0x14bc  usbprint - ok
17:41:18.0628 0x14bc  [ 4628B415A84EA9D4D396A56F1D0CB6C6, 430F4C819BF958430FD0DEEFD5BA07F210E0541634811993090C039CB602622F ] USBSTOR         C:\Windows\System32\drivers\USBSTOR.SYS
17:41:18.0631 0x14bc  USBSTOR - ok
17:41:18.0635 0x14bc  [ BA4FA655E0FC577DB7436FC963932CE4, 3336FDECD4AEC6B316D4C0803E22A12719EBEDD1A9427C0DF5D3B263BE600EE6 ] usbuhci         C:\Windows\System32\drivers\usbuhci.sys
17:41:18.0636 0x14bc  usbuhci - ok
17:41:18.0645 0x14bc  [ D22EB844EB57D016CC34178AC86456DF, C83440A44EA9CC3D1041AB966FFC423DD17FB25B42BA41BB36C109D16723BD5E ] USBXHCI         C:\Windows\System32\drivers\USBXHCI.SYS
17:41:18.0652 0x14bc  USBXHCI - ok
17:41:18.0656 0x14bc  [ F6F209DDB94959BA104FC8FC87C53759, 8E862D41F4332EABF64BD034E2C0E3CC8109C7990CB4112C2B2880E8E6EDF2D3 ] VaultSvc        C:\Windows\system32\lsass.exe
17:41:18.0657 0x14bc  VaultSvc - ok
17:41:18.0660 0x14bc  [ FEB26E3B8345A7E8D62F945C4AE86562, 3AAFE87C402FC8E92542DFE60EC9540559863065F88D429A16D7B1BF829223FF ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:41:18.0661 0x14bc  vdrvroot - ok
17:41:18.0691 0x14bc  [ CFBAD6B48EDFAA0828A52646B7C4C08D, DDC7D607E784CE6FB5BC62E53E6309EB583D74425E6D3FC8F3D3EC705D69C075 ] vds             C:\Windows\System32\vds.exe
17:41:18.0717 0x14bc  vds - ok
17:41:18.0724 0x14bc  [ A026EDEAA5EECAE0B08E2748B616D4BD, 2525A54DC7F49DDFBB999C22BF3FAB6D9E9F70C0806E58D81E90AC59F9F46089 ] VerifierExt     C:\Windows\system32\drivers\VerifierExt.sys
17:41:18.0728 0x14bc  VerifierExt - ok
17:41:18.0742 0x14bc  [ 041D3EF364E624DBB2703A64A5AADF89, 94A52A35AFDD09EBCC4266BD6D44014AAB4BBDFD3F6E8C997A1CA49DFB48F60D ] vhdmp           C:\Windows\System32\drivers\vhdmp.sys
17:41:18.0754 0x14bc  vhdmp - ok
17:41:18.0758 0x14bc  [ 06D38968028E9AB19DE9B618C7B6D199, 62022297A47F440D1C82CA0B0E57C0C8E9D5033D83DD3B40492B218DF65EBF68 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:41:18.0760 0x14bc  viaide - ok
17:41:18.0763 0x14bc  [ C6305BDFC4F7CE51F72BB072C03D4ACE, 73E62869CA3104F48CC3B0C45E69CE9BF4F8D7D06E29C2F049B9347ABB50554D ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:41:18.0766 0x14bc  vmbus - ok
17:41:18.0769 0x14bc  [ DA40BEA0A863CE768C940CA9723BF81F, 567C0C3F422325635808B0CF76E05D3B6187F96845C33F85F92F98C9FE53A5B8 ] VMBusHID        C:\Windows\System32\drivers\VMBusHID.sys
17:41:18.0771 0x14bc  VMBusHID - ok
17:41:18.0785 0x14bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicguestinterface C:\Windows\System32\ICSvc.dll
17:41:18.0796 0x14bc  vmicguestinterface - ok
17:41:18.0811 0x14bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicheartbeat   C:\Windows\System32\ICSvc.dll
17:41:18.0819 0x14bc  vmicheartbeat - ok
17:41:18.0833 0x14bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmickvpexchange C:\Windows\System32\ICSvc.dll
17:41:18.0841 0x14bc  vmickvpexchange - ok
17:41:18.0855 0x14bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicrdv         C:\Windows\System32\ICSvc.dll
17:41:18.0864 0x14bc  vmicrdv - ok
17:41:18.0876 0x14bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicshutdown    C:\Windows\System32\ICSvc.dll
17:41:18.0885 0x14bc  vmicshutdown - ok
17:41:18.0897 0x14bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmictimesync    C:\Windows\System32\ICSvc.dll
17:41:18.0906 0x14bc  vmictimesync - ok
17:41:18.0919 0x14bc  [ 9067880BBB1C18703DBFF27D731D7ECA, 0044246249F4B945D72BBC0FEF9BF3C31E62F57CBF77615A95213B36A29F0C71 ] vmicvss         C:\Windows\System32\ICSvc.dll
17:41:18.0928 0x14bc  vmicvss - ok
17:41:18.0932 0x14bc  [ 55D7D963DE85162F1C49721E502F9744, 5AD34D6DB707EF3E5242BD8CA67B21D6258EE7E7FC477D5227BD15500AE7F45F ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:41:18.0935 0x14bc  volmgr - ok
17:41:18.0944 0x14bc  [ CCB9E901F7254BF96D28EB1B0E5329B7, F0E3CA4EFA544CDAEF4092284CF3EC7DF07F806A770285E281816457AD8813F5 ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:41:18.0952 0x14bc  volmgrx - ok
17:41:18.0961 0x14bc  [ C85C075DE5B6D0FE116043054DE8EE02, 8BB01DA3D63562F51BCCB5CC996F99A5CB0A8F89900045BBCF4115FD521A9706 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:41:18.0968 0x14bc  volsnap - ok
17:41:18.0973 0x14bc  [ 01355C98B5C3ED1EC446743CDA848FCE, B9FCF558C20E05DD0F53FFB70BBEF873EA57801E13A16701E636128D625C4B67 ] vpci            C:\Windows\System32\drivers\vpci.sys
17:41:18.0975 0x14bc  vpci - ok
17:41:18.0981 0x14bc  [ 4539F45F9F4C9757A86A56C949421E07, DEC362314B2C66414F39354AFE79C02B18BF4EEF90787FB58307F6EB62237E2C ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:41:18.0985 0x14bc  vsmraid - ok
17:41:19.0017 0x14bc  [ D51D7EF1EA5ED2BB01E9D07E6E0533BC, E31118F42B316C9B6C9072D9628AA2801FC2519F1A46C9ED167843CD67183C19 ] VSS             C:\Windows\system32\vssvc.exe
17:41:19.0047 0x14bc  VSS - ok
17:41:19.0057 0x14bc  [ 0849B7260F26FE05EA56DED0672E2F4B, 7EAC0E7988F45CB4133A15932955B7B03CE715C967A3BAC9999D81543EBCAEC5 ] VSTXRAID        C:\Windows\system32\drivers\vstxraid.sys
17:41:19.0064 0x14bc  VSTXRAID - ok
17:41:19.0067 0x14bc  [ BE970C369E43B509C1EDA2B8FA7CECB0, 18951F2AA842A0795AA79A4E164EE925A35E6270EBE4C4CDB19D0A891830E383 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:41:19.0067 0x14bc  vwifibus - ok
17:41:19.0072 0x14bc  [ 6B26AD573CCDD5209DF4397438B76354, 2C8AC314EC471F6D8B0B12D49D621360A10DCADA7C52E73596730C954FF89FCF ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
17:41:19.0074 0x14bc  vwififlt - ok
17:41:19.0076 0x14bc  [ 0B48E0DFB44EE475F4FD8A8EE599AF30, 28271D4CA0C642304CD8826A3D514F44E3391F9D6D07A1595BB30CE65E7E3494 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
17:41:19.0078 0x14bc  vwifimp - ok
17:41:19.0089 0x14bc  [ 7599E582CA3A6AAA95A18FFE1172D339, A0410778FBBC4302EA91CF24B944427410B4706535F1192504D4F34C3ED4503E ] W32Time         C:\Windows\system32\w32time.dll
17:41:19.0099 0x14bc  W32Time - ok
17:41:19.0102 0x14bc  [ 0910AB9ED404C1434E2D0376C2AD5D8B, 62585CA5F1375BDA440D28D5DF1ADDC9DE3DDFA196D49BBFF3456A5A09EE1C6B ] WacomPen        C:\Windows\System32\drivers\wacompen.sys
17:41:19.0102 0x14bc  WacomPen - ok
17:41:19.0138 0x14bc  [ 92BF4B3EBD6F163B94B7A20C65E7B698, 293E6FEFA862690A7B75443D6495144313D759971B98B495A99AAB0D2CF1F350 ] wbengine        C:\Windows\system32\wbengine.exe
17:41:19.0167 0x14bc  wbengine - ok
17:41:19.0182 0x14bc  [ 58F28103889817C93E5B5AFABC87E709, 547381B10DAC8A3CC16FB5DE6DF2FDA3CCD8F45DF581959FFF6E30875419B011 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:41:19.0192 0x14bc  WbioSrvc - ok
17:41:19.0202 0x14bc  [ 772365894F14652D376B2E5030179DC9, 3D917CED040456EB269BE2B82315CEAE3589FEC016DAE37FC5BC1C3D66DE3140 ] Wcmsvc          C:\Windows\System32\wcmsvc.dll
17:41:19.0211 0x14bc  Wcmsvc - ok
17:41:19.0222 0x14bc  [ D2726823DF7E19F213F4805A9D6D145F, A7F582C99918D204264D3B374F70D75984BDA5805203041E3DECB8153D16E102 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:41:19.0231 0x14bc  wcncsvc - ok
17:41:19.0236 0x14bc  [ 846C02A8B48CBD921A3D6AB521AA0DC4, B07573A774A6C65D24E5718DC25DF378270EB5B40221CA5A53B21D47838381D3 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:41:19.0239 0x14bc  WcsPlugInService - ok
17:41:19.0241 0x14bc  [ 241895E8A9C158DF86E12FDD21033A32, 46D4BF6319271AC33EC1C7283053B91D38A3D5443F3F749E640253FDC2819679 ] WdBoot          C:\Windows\system32\drivers\WdBoot.sys
17:41:19.0242 0x14bc  WdBoot - ok
17:41:19.0263 0x14bc  [ CB6C63FF8342B467E2EF76E98D5B934D, BE017CE91E3BAB293DE6ECF143797CCE3F33CC63024437472B4E38C6961AD884 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:41:19.0280 0x14bc  Wdf01000 - ok
17:41:19.0288 0x14bc  [ C52148456E0F6EAD9E903020A79207FC, 7DEB2D7D09FB005A79E88FA8766B7EBE0396F0CA084D72269156874C727FBFF4 ] WdFilter        C:\Windows\system32\drivers\WdFilter.sys
17:41:19.0293 0x14bc  WdFilter - ok
17:41:19.0298 0x14bc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:41:19.0300 0x14bc  WdiServiceHost - ok
17:41:19.0304 0x14bc  [ 40C67D1A4891120874767F6E6604D6C5, 4D9DD658566DE711ADF4D6C33FCB31DA351EE050E3ED188664D04526CCAAEEF5 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:41:19.0307 0x14bc  WdiSystemHost - ok
17:41:19.0312 0x14bc  [ 57F22324FAAF92ADF957B281E88F1743, 46CFBA6529E28756D73A00A211C3D72E9854E035EE6F2520066E074697A9745E ] WdNisDrv        C:\Windows\system32\Drivers\WdNisDrv.sys
17:41:19.0315 0x14bc  WdNisDrv - ok
17:41:19.0318 0x14bc  WdNisSvc - ok
17:41:19.0325 0x14bc  [ 6588A957873326361AB1CAC4E76F8394, BE17880CEDCAE5ED3B983443E3777842646A3E48B661422A717656E11F6DBA94 ] WebClient       C:\Windows\System32\webclnt.dll
17:41:19.0331 0x14bc  WebClient - ok
17:41:19.0338 0x14bc  [ 3274312F263882B51B964329FAF49734, 99A020377ACF0762BE5ECD2D68EB5E1497B9D59963247E725F7F96FB5DF41FAD ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:41:19.0344 0x14bc  Wecsvc - ok
17:41:19.0347 0x14bc  [ 7CDD84E0023A0C5C230B06A7965EC65E, 6EC7DC18C76D66CF9A893C3DD20F9BE3ADD76546F9A9BA42CE4F24854709F9D9 ] WEPHOSTSVC      C:\Windows\system32\wephostsvc.dll
17:41:19.0349 0x14bc  WEPHOSTSVC - ok
17:41:19.0353 0x14bc  [ AA1315B87D9B2E39584165318A59F15D, CD19608BE1F6B7AECF802F8D2DD4FCBDAA29450ED37F7D040DC6453924C7B0FE ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:41:19.0355 0x14bc  wercplsupport - ok
17:41:19.0360 0x14bc  [ 22B4C24AB921BFF7827FFBCA1F4E1BB3, B634F7018097A8E4EECDD9F032DF6A0FB6817FC3DEB92BCE6A0965B5D71D8DFA ] WerSvc          C:\Windows\System32\WerSvc.dll
17:41:19.0364 0x14bc  WerSvc - ok
17:41:19.0369 0x14bc  [ 2E3E82D7B1076B90F4E228A8EF17B261, 0492F8E0BE09DAD9922E85CCA7BCB1548CB9DC5841F46174A0657FDC59AAC3CE ] WFPLWFS         C:\Windows\system32\DRIVERS\wfplwfs.sys
17:41:19.0372 0x14bc  WFPLWFS - ok
17:41:19.0376 0x14bc  [ E06AFE2F94BA7CFA2FE4FD2A449E60E2, 99A81E16366E9E77905D873B0246E4C11B383FE1E99E0E1D9A07FAD4E52EA9E4 ] WiaRpc          C:\Windows\System32\wiarpc.dll
17:41:19.0379 0x14bc  WiaRpc - ok
17:41:19.0381 0x14bc  [ 867BCC69ED9C31C501465EB0E8BA9DFA, 678B7FF4D4E8624514301956CDA7FB451159BBFC83FF2E4E5E7DADAE3C7AB2EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:41:19.0384 0x14bc  WIMMount - ok
17:41:19.0385 0x14bc  WinDefend - ok
17:41:19.0405 0x14bc  [ DD079EC8F44DCA3A176B345C6ADEFB66, 6CD9371B83EA23D2181891FAE1DB285BC111A78C35F374E57666ED09860C91A9 ] WinHttpAutoProxySvc C:\Windows\system32\winhttp.dll
17:41:19.0421 0x14bc  WinHttpAutoProxySvc - ok
17:41:19.0434 0x14bc  [ 9DB490F3E823C5C3C070644B96CB9D59, 81937D0B331E43C7C61514E60B3AD51370C5201F7B4D12F8534840D91EDC32DD ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:41:19.0438 0x14bc  Winmgmt - ok
17:41:19.0492 0x14bc  [ 690C3FC5C9DBD6B9AEDF8341EC720E41, 0E4412BB6DEB5761F7A889FD90821FAFD7C6E173F449EAB3A0446BA653D6AD0C ] WinRM           C:\Windows\system32\WsmSvc.dll
17:41:19.0542 0x14bc  WinRM - ok
17:41:19.0551 0x14bc  [ AC263C2F66405589528995AA41040599, 81B46E551D6130A2C3D113EC3B563CEDB5A06BB340986C0E03136CE5BE729481 ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
17:41:19.0553 0x14bc  WinUsb - ok
17:41:19.0585 0x14bc  [ 728D3349FAB251B0265EFA55C67DCA2D, 676D2C9CF16DD333BF99FD5EC31B8F53E5295553E19BED5CF94620EE59345777 ] WlanSvc         C:\Windows\System32\wlansvc.dll
17:41:19.0615 0x14bc  WlanSvc - ok
17:41:19.0651 0x14bc  [ C2838466CCC44FAEF2C3D4C1E5971ECB, 4CA5B1632302E59E754CEA5B3CA3977D8CE9DC7B2E8673B450BBF0D646AD7AD8 ] wlidsvc         C:\Windows\system32\wlidsvc.dll
17:41:19.0681 0x14bc  wlidsvc - ok
17:41:19.0686 0x14bc  [ 2834D9D3B4F554A39C72F00EA3F0E128, D10124343C67FE9A0B711AD569BB8080495FCEA0ECEF9AC3F3FBD6865F436A44 ] WmiAcpi         C:\Windows\System32\drivers\wmiacpi.sys
17:41:19.0686 0x14bc  WmiAcpi - ok
17:41:19.0694 0x14bc  [ 7AFAC828F52D62F304A911EC32F42EEE, 4EDCF4149069413A166169F2E23F7505F47B39B7EC319E1EF6D2C46CD140AA24 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:41:19.0699 0x14bc  wmiApSrv - ok
17:41:19.0700 0x14bc  WMPNetworkSvc - ok
17:41:19.0737 0x14bc  [ E178371E493BF17EB90FE71ABA8BE643, E6F96C62D6AD1FE65D54F6799ABC32D34DE8C6EBFF8A297CA3142EF096112FCE ] workfolderssvc  C:\Windows\system32\workfolderssvc.dll
17:41:19.0769 0x14bc  workfolderssvc - ok
17:41:19.0774 0x14bc  [ E746BCDBA2E02CF6B8D6B26FB167FBE0, 8875BBE444A33E0C477EF1A3899955501B7E0A9479CA8AA20DD8E6AA0D9A71E6 ] wpcfltr         C:\Windows\system32\DRIVERS\wpcfltr.sys
17:41:19.0776 0x14bc  wpcfltr - ok
17:41:19.0780 0x14bc  [ 4E6A0F60DA7EF050D3D26417CD4D24E9, E6B3BFB007B641D41F8532ED086F92CB3D86E210023DBFAA9AD8152A9FD33CCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:41:19.0782 0x14bc  WPCSvc - ok
17:41:19.0787 0x14bc  [ D27491CFCE452C154CECFA155AD0EBC8, 1F3F74C253E3B07DE7EFE27C34DD9AF08617C7B03BB44C2902F69BA9DA3F21F2 ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:41:19.0789 0x14bc  WPDBusEnum - ok
17:41:19.0793 0x14bc  [ 9F2904B55F6CECCD1A8D986B5CE2609A, E19ED4DD3CEF3A22C058FC324824604FB3FC98A029C94E6C2A3389F938D680B6 ] WpdUpFltr       C:\Windows\system32\drivers\WpdUpFltr.sys
17:41:19.0794 0x14bc  WpdUpFltr - ok
17:41:19.0797 0x14bc  [ AE072B0339D0A18E455DC21666CAD572, AB1DAEA25E2C7AD610818D4B4783F6D4190D85EBB3963BBAD410E8CEA7899EDB ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:41:19.0798 0x14bc  ws2ifsl - ok
17:41:19.0803 0x14bc  [ 5CFA46C4ACB2FD70572017052378DAE5, F09134C4433A9E174889A16F29EA6628045B21BE4FA85275ACFD24D5DFB0D937 ] wscsvc          C:\Windows\System32\wscsvc.dll
17:41:19.0807 0x14bc  wscsvc - ok
17:41:19.0810 0x14bc  WSearch - ok
17:41:19.0883 0x14bc  [ D8E3A4701376CCFD0BE542D745FA4809, CF267B5507BD02EEB6BF051534E900D592682D11159A6A13C38AE70B3CCC081F ] WSService       C:\Windows\System32\WSService.dll
17:41:19.0948 0x14bc  WSService - ok
17:41:20.0025 0x14bc  [ 86D0BF4F792053A50D6EE43DFA5837A5, 5705DAB9C5896F10757630439AC8FEAB5754251C6C90E9E8449220A65D1E95D5 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:41:20.0093 0x14bc  wuauserv - ok
17:41:20.0102 0x14bc  [ 2FEAE33E9B2B56104596E1BA444405A9, 0A142F50E06F6224B9CB36B3CE62BE0B36DE8B8DB9F9E05D287DFB884CC7826E ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:41:20.0105 0x14bc  WudfPf - ok
17:41:20.0112 0x14bc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFRd          C:\Windows\System32\drivers\WUDFRd.sys
17:41:20.0117 0x14bc  WUDFRd - ok
17:41:20.0124 0x14bc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFSensorLP    C:\Windows\System32\drivers\WUDFRd.sys
17:41:20.0127 0x14bc  WUDFSensorLP - ok
17:41:20.0132 0x14bc  [ BB73CBC65AABC4EA0A5C6A1474A0A743, D644B3C6A7202CADDADB3B68FE1B2A7C76B023FE58F667EED4D538C1F4A65D64 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:41:20.0135 0x14bc  wudfsvc - ok
17:41:20.0143 0x14bc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdFs       C:\Windows\system32\DRIVERS\WUDFRd.sys
17:41:20.0146 0x14bc  WUDFWpdFs - ok
17:41:20.0153 0x14bc  [ 19240C13F526125554B5370566F21A0A, 1DD88B092451CEC309A390319342BB4D36CE938BBE6D09127BBAA53960DD8E94 ] WUDFWpdMtp      C:\Windows\system32\DRIVERS\WUDFRd.sys
17:41:20.0157 0x14bc  WUDFWpdMtp - ok
17:41:20.0171 0x14bc  [ 2FA9794CA36147756F3FDFD6CA29B46F, 4B86DC38C2411C281686E9A4E64DA6FB2992E39391371F78E012D6D8BB85123F ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:41:20.0183 0x14bc  WwanSvc - ok
17:41:20.0191 0x14bc  ================ Scan global ===============================
17:41:20.0195 0x14bc  [ C89780A6F58D113C28A96D85D1261DC5, 185114F33A60916C7904E4A0F278CA43258454343E614F01F0DAFA98BAC981B1 ] C:\Windows\system32\basesrv.dll
17:41:20.0202 0x14bc  [ 599F1244C60E3D6C28A8DA7FBA7A2C13, 992E5EB5E3ED6172DC986085532224A148A09A4E9A4DED9556F34533EE98E4D0 ] C:\Windows\system32\winsrv.dll
17:41:20.0210 0x14bc  [ 9C1833ABD62876856836C5AE55C7CE86, 0A21E2C8B2FF3B0438C86DA7151A548F9C6F5C62CD402CBBEDB435994C8508F1 ] C:\Windows\system32\sxssrv.dll
17:41:20.0221 0x14bc  [ B4B610BBCB002EC478C6FD80CF915697, CE22B87A7C7C0D325CE66FB97E7318B4A41EE0BD14D902A410126A1EBBEAA6FB ] C:\Windows\system32\services.exe
17:41:20.0230 0x14bc  [ Global ] - ok
17:41:20.0231 0x14bc  ================ Scan MBR ==================================
17:41:20.0233 0x14bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:41:20.0474 0x14bc  \Device\Harddisk0\DR0 - ok
17:41:20.0476 0x14bc  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
17:41:20.0573 0x14bc  \Device\Harddisk1\DR1 - ok
17:41:20.0578 0x14bc  [ 5CDC9AA413B3DC8FC3E6275F6A380A93 ] \Device\Harddisk6\DR6
17:41:20.0586 0x14bc  \Device\Harddisk6\DR6 - ok
17:41:20.0586 0x14bc  ================ Scan VBR ==================================
17:41:20.0588 0x14bc  [ 1FF553271E619C5D38430C44E063643B ] \Device\Harddisk0\DR0\Partition1
17:41:20.0650 0x14bc  \Device\Harddisk0\DR0\Partition1 - ok
17:41:20.0652 0x14bc  [ F222290DF957458184060CEF929607FD ] \Device\Harddisk0\DR0\Partition2
17:41:20.0691 0x14bc  \Device\Harddisk0\DR0\Partition2 - ok
17:41:20.0693 0x14bc  [ 3F4314ABB1E47BB553436FF63D62140D ] \Device\Harddisk1\DR1\Partition1
17:41:20.0695 0x14bc  \Device\Harddisk1\DR1\Partition1 - ok
17:41:20.0697 0x14bc  [ 519F35FE51FE8C49F931123225BECC8A ] \Device\Harddisk1\DR1\Partition2
17:41:20.0699 0x14bc  \Device\Harddisk1\DR1\Partition2 - ok
17:41:20.0703 0x14bc  [ D6CD89E5BA65A3700E6B119C7AC8A660 ] \Device\Harddisk6\DR6\Partition1
17:41:20.0705 0x14bc  \Device\Harddisk6\DR6\Partition1 - ok
17:41:20.0706 0x14bc  Waiting for KSN requests completion. In queue: 221
17:41:21.0707 0x14bc  Waiting for KSN requests completion. In queue: 221
17:41:22.0708 0x14bc  Waiting for KSN requests completion. In queue: 221
17:41:23.0709 0x14bc  Waiting for KSN requests completion. In queue: 221
17:41:24.0710 0x14bc  Waiting for KSN requests completion. In queue: 221
17:41:25.0711 0x14bc  Waiting for KSN requests completion. In queue: 221
17:41:26.0726 0x14bc  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.4.304.0 ), 0x60100 ( disabled : updated )
17:41:26.0726 0x14bc  AV detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51000 ( enabled : updated )
17:41:26.0727 0x14bc  FW detected via SS2: Norton Security Suite, C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe ( 21.1.0.0 ), 0x51010 ( enabled )
17:41:29.0203 0x14bc  ============================================================
17:41:29.0203 0x14bc  Scan finished
17:41:29.0203 0x14bc  ============================================================
17:41:29.0213 0x1500  Detected object count: 0
17:41:29.0213 0x1500  Actual detected object count: 0
 
-----------------------------
 
(Will post the FRST and Addition logs in the following reply, too long for one post)

 
Here is the FRST.txt log:
 
Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 13-03-2014
Ran by Gil (administrator) on OFFICE-DESKTOP on 18-03-2014 17:45:10
Running from C:\Users\Gil\Downloads
Windows 8.1 (X64) OS Language: English(US)
Internet Explorer Version 11
Boot Mode: Normal
 
The only official download link for FRST:
Download link from any site other than Bleeping Computer is unpermitted or outdated.
 
==================== Processes (Whitelisted) =================
 
(Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
(Microsoft Corporation.) C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\BBSvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Microsoft Corporation) C:\Windows\system32\dashost.exe
(Symantec Corporation) C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe
(Microsoft Corporation) C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe
(Microsoft Corporation) C:\Windows\System32\skydrive.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Logitech, Inc.) C:\Program Files\Logitech\SetPointP\SetPoint.exe
(Logitech, Inc.) C:\Program Files\Common Files\LogiShrd\KHAL3\KHALMNPR.EXE
(Spotify Ltd) C:\Users\Gil\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
(Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.Reader_6.3.9654.17044_x64__8wekyb3d8bbwe\glcnd.exe
(Microsoft Corporation) C:\Windows\System32\WWAHost.exe
 
 
==================== Registry (Whitelisted) ==================
 
HKLM\...\Run: [Logitech Download Assistant] - C:\Windows\System32\LogiLDA.dll [3933496 2012-09-20] (Logitech, Inc.)
HKLM\...\Run: [EvtMgr6] - C:\Program Files\Logitech\SetPointP\SetPoint.exe [3091224 2013-07-31] (Logitech, Inc.)
HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2014-02-21] (Apple Inc.)
HKLM-x32\...\Run: [QuickTime Task] - C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.)
Winlogon\Notify\LBTWlgn: c:\program files\common files\logishrd\bluetooth\LBTWlgn.dll (Logitech, Inc.)
HKU\S-1-5-21-145297890-2094086102-1777008539-1001\...\Run: [Spotify Web Helper] - C:\Users\Gil\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1171968 2014-03-06] (Spotify Ltd)
HKU\S-1-5-21-145297890-2094086102-1777008539-1001\...\MountPoints2: {22d0c907-a4de-11e3-824b-806e6f6e6963} - "J:\SETUP.EXE" 
Startup: C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EvernoteClipper.lnk
ShortcutTarget: EvernoteClipper.lnk -> C:\Program Files (x86)\Evernote\Evernote\EvernoteClipper.exe (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
Startup: C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Logitech . Product Registration.lnk
ShortcutTarget: Logitech . Product Registration.lnk -> C:\Program Files (x86)\Common Files\LogiShrd\eReg\SetPoint\eReg.exe (Leader Technologies/Logitech)
 
==================== Internet (Whitelisted) ====================
 
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://t.msn.com/
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US,en;q=0.5
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0x5FA84C4AFD41CF01
BHO: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\SetPointSmooth.dll (Logitech, Inc.)
BHO: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\amd64\BingExt.dll (Microsoft Corporation.)
BHO-x32: Norton Identity Protection - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\IPS\IPSBHO.DLL (Symantec Corporation)
BHO-x32: Evernote extension - {92EF2EAD-A7CE-4424-B0DB-499CF856608E} - C:\Program Files (x86)\Evernote\Evernote\EvernoteIE.dll (Evernote Corp., 305 Walnut Street, Redwood City, CA 94063)
BHO-x32: Logitech SetPoint - {AF949550-9094-4807-95EC-D1C317803333} - C:\Program Files\Logitech\SetPointP\32-bit\SetPointSmooth.dll (Logitech, Inc.)
BHO-x32: Office Document Cache Handler - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine64\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\amd64\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files (x86)\Microsoft\BingBar\7.3.126.0\BingExt.dll (Microsoft Corporation.)
Tcpip\Parameters: [DhcpNameServer] 75.75.75.75 75.75.76.76 192.168.1.1
 
Chrome: 
=======
CHR HomePage: hxxp://m.www.yahoo.com/
CHR Extension: (Google Docs) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-03-06]
CHR Extension: (Google Drive) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-03-06]
CHR Extension: (YouTube) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-03-06]
CHR Extension: (eBay) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\bnadbgmffcofipfljniafanjcafjlbom [2014-03-06]
CHR Extension: (Spotify - Music for every moment) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\cnkjkdjlofllcpbemipjbcpfnglbgieh [2014-03-06]
CHR Extension: (Google Search) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-03-06]
CHR Extension: (Full Screen Weather) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkkaebihfmbofclegkcfkkemepfehibg [2014-03-06]
CHR Extension: (Keep My Opt-Outs) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\hhnjdplhmcnkiecampfdgfjilccfpfoe [2014-03-06]
CHR Extension: (The Weather Channel for Chrome) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\iflpcokdamgefbghpdipcibmhlkdopop [2014-03-06]
CHR Extension: (Evernote Web) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\lbfehkoinhhcknnbdgnnmjhiladcgbol [2014-03-06]
CHR Extension: (Norton Identity Protection) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-03-06]
CHR Extension: (Google Wallet) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-03-06]
CHR Extension: (Outlook.com) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pfpeapihoiogbcmdmnibeplnikfnhoge [2014-03-06]
CHR Extension: (Evernote Web Clipper) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pioclpoplcdbaefihamjohnefbikjilc [2014-03-06]
CHR Extension: (Gmail) - C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-03-06]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\Exts\Chrome.crx [2014-03-09]
 
==================== Services (Whitelisted) =================
 
R2 N360; C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\N360.exe [264360 2013-10-18] (Symantec Corporation)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [348392 2013-10-30] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2013-10-30] (Microsoft Corporation)
 
==================== Drivers (Whitelisted) ====================
 
S0 ADP80XX; C:\Windows\System32\drivers\ADP80XX.SYS [782176 2013-08-22] (PMC-Sierra)
S3 bcmfn2; C:\Windows\System32\drivers\bcmfn2.sys [17624 2013-08-12] (Windows ® Win 7 DDK provider)
R1 BHDrvx64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\BASHDefs\20140214.001\BHDrvx64.sys [1526488 2014-02-15] (Symantec Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1501000.012\ccSetx64.sys [162392 2013-09-25] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [484952 2014-03-06] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [137648 2014-03-06] (Symantec Corporation)
S3 iaLPSSi_GPIO; C:\Windows\System32\drivers\iaLPSSi_GPIO.sys [24568 2013-07-30] (Intel Corporation)
S3 iaLPSSi_I2C; C:\Windows\System32\drivers\iaLPSSi_I2C.sys [99320 2013-07-25] (Intel Corporation)
S0 iaStorAV; C:\Windows\System32\drivers\iaStorAV.sys [651248 2013-08-09] (Intel Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\IPSDefs\20140317.001\IDSvia64.sys [524504 2014-03-04] (Symantec Corporation)
R0 intelpep; C:\Windows\System32\drivers\intelpep.sys [39768 2013-11-10] (Microsoft Corporation)
S0 LSI_SAS3; C:\Windows\System32\drivers\lsi_sas3.sys [81760 2013-08-22] (LSI Corporation)
R3 NAVENG; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140318.001\ENG64.SYS [126040 2014-03-06] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton Security Suite\NortonData\21.1.0.18\Definitions\VirusDefs\20140318.001\EX64.SYS [2099288 2014-03-06] (Symantec Corporation)
R3 NdisVirtualBus; C:\Windows\System32\drivers\NdisVirtualBus.sys [16384 2013-08-22] (Microsoft Corporation)
S3 netvsc; C:\Windows\system32\DRIVERS\netvsc63.sys [87040 2013-08-22] (Microsoft Corporation)
S3 ReFS; C:\Windows\System32\Drivers\ReFS.sys [924512 2013-08-22] (Microsoft Corporation)
S3 SerCx2; C:\Windows\System32\drivers\SerCx2.sys [146776 2013-10-25] (Microsoft Corporation)
R3 SRTSP; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSP64.SYS [858200 2013-09-26] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1501000.012\SRTSPX64.SYS [36952 2013-09-09] (Symantec Corporation)
S0 stornvme; C:\Windows\System32\drivers\stornvme.sys [57176 2013-10-05] (Microsoft Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1501000.012\SYMDS64.SYS [493656 2013-09-09] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1501000.012\SYMEFA64.SYS [1147480 2013-09-26] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1501000.012\SymELAM.sys [23568 2013-09-09] (Symantec Corporation)
R3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-03-06] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1501000.012\Ironx64.SYS [264280 2013-09-26] (Symantec Corporation)
R1 SymNetS; C:\Windows\system32\drivers\N360x64\1501000.012\SYMNETS.SYS [590936 2013-09-25] (Symantec Corporation)
S3 UEFI; C:\Windows\System32\drivers\UEFI.sys [26976 2013-08-22] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [124760 2013-10-30] (Microsoft Corporation)
 
==================== NetSvcs (Whitelisted) ===================
 
 
==================== One Month Created Files and Folders ========
 
2014-03-18 20:55 - 2014-03-18 17:45 - 00000000 ____D () C:\FRST
2014-03-18 17:45 - 2014-03-18 17:45 - 00013147 _____ () C:\Users\Gil\Downloads\FRST.txt
2014-03-18 17:44 - 2014-03-18 17:44 - 02157056 _____ (Farbar) C:\Users\Gil\Downloads\FRST64.exe
2014-03-18 17:40 - 2014-03-18 17:40 - 00000000 ____D () C:\Users\Gil\Desktop\tdsskiller
2014-03-18 17:39 - 2014-03-18 17:39 - 04110135 _____ () C:\Users\Gil\Desktop\tdsskiller.zip
2014-03-18 14:14 - 2014-03-18 14:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-03-18 12:40 - 2014-03-18 12:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 12:40 - 2014-03-18 12:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-18 12:36 - 2014-02-22 08:16 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-03-18 12:36 - 2014-02-22 07:24 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
2014-03-18 12:17 - 2014-03-18 12:55 - 00000000 ____D () C:\Users\norton\AppData\Local\NPE
2014-03-18 12:16 - 2014-03-18 12:16 - 03053496 ____N (Symantec Corporation) C:\Users\norton\Downloads\NPE.exe
2014-03-18 12:15 - 2014-03-18 12:15 - 00002275 _____ () C:\Users\norton\Desktop\Google Chrome.lnk
2014-03-18 12:15 - 2014-03-18 12:15 - 00000000 ____D () C:\Users\norton\AppData\Local\Google
2014-03-18 12:14 - 2014-03-18 12:14 - 00000020 ___SH () C:\Users\norton\ntuser.ini
2014-03-18 12:14 - 2014-03-18 12:14 - 00000000 ____D () C:\Users\norton\AppData\Local\Packages
2014-03-18 12:14 - 2014-03-18 12:14 - 00000000 ____D () C:\Users\norton
2014-03-18 12:14 - 2014-03-15 17:57 - 00000000 ___RD () C:\Users\norton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-18 12:14 - 2014-03-07 14:12 - 00000000 ____D () C:\Users\norton\AppData\Local\Microsoft Help
2014-03-18 12:14 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\norton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-18 12:14 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\norton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-18 12:14 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\norton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-17 20:17 - 2013-12-27 04:57 - 00628736 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncHost.exe
2014-03-17 20:17 - 2013-12-27 03:03 - 00478208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncHost.exe
2014-03-17 20:17 - 2013-12-27 02:37 - 00588800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSyncCore.dll
2014-03-17 20:16 - 2014-01-07 21:46 - 00325464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBXHCI.SYS
2014-03-17 20:16 - 2014-01-07 21:41 - 01530712 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgkrnl.sys
2014-03-17 20:16 - 2014-01-07 21:41 - 00382808 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dxgmms1.sys
2014-03-17 20:16 - 2014-01-04 11:54 - 00138240 _____ () C:\Windows\system32\OEMLicense.dll
2014-03-17 20:16 - 2014-01-04 11:08 - 00103936 _____ () C:\Windows\SysWOW64\OEMLicense.dll
2014-03-17 20:16 - 2014-01-04 10:08 - 00206336 _____ (Microsoft Corporation) C:\Windows\system32\WSClient.dll
2014-03-17 20:16 - 2014-01-04 09:53 - 00174592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSClient.dll
2014-03-17 20:16 - 2014-01-02 19:54 - 00461312 _____ (Microsoft Corporation) C:\Windows\system32\XpsGdiConverter.dll
2014-03-17 20:16 - 2014-01-02 19:48 - 00336896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\XpsGdiConverter.dll
2014-03-17 20:16 - 2013-12-31 21:55 - 01720560 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2014-03-17 20:16 - 2013-12-31 21:52 - 00481944 _____ (Microsoft Corporation) C:\Windows\system32\mfsvr.dll
2014-03-17 20:16 - 2013-12-31 20:56 - 01472048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2014-03-17 20:16 - 2013-12-31 20:55 - 00381168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsvr.dll
2014-03-17 20:16 - 2013-12-31 19:59 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MFMediaEngine.dll
2014-03-17 20:16 - 2013-12-31 19:57 - 01214976 _____ (Microsoft Corporation) C:\Windows\system32\schedsvc.dll
2014-03-17 20:16 - 2013-12-31 19:56 - 00960512 _____ (Microsoft Corporation) C:\Windows\system32\MFMediaEngine.dll
2014-03-17 20:16 - 2013-12-30 19:34 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sti.dll
2014-03-17 20:16 - 2013-12-30 19:33 - 00770560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ReAgent.dll
2014-03-17 20:16 - 2013-12-30 19:32 - 00303616 _____ (Microsoft Corporation) C:\Windows\system32\sti.dll
2014-03-17 20:16 - 2013-12-30 19:31 - 00947712 _____ (Microsoft Corporation) C:\Windows\system32\reseteng.dll
2014-03-17 20:16 - 2013-12-30 19:31 - 00914944 _____ (Microsoft Corporation) C:\Windows\system32\ReAgent.dll
2014-03-17 20:16 - 2013-12-27 11:09 - 00419160 _____ (Microsoft Corporation) C:\Windows\system32\hal.dll
2014-03-17 20:16 - 2013-12-27 04:57 - 00842752 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.dll
2014-03-17 20:16 - 2013-12-27 04:23 - 00749056 _____ (Microsoft Corporation) C:\Windows\system32\SettingSyncCore.dll
2014-03-17 20:16 - 2013-12-27 03:03 - 00630272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MsSpellCheckingFacility.dll
2014-03-17 20:16 - 2013-12-21 03:21 - 00376320 _____ (Microsoft Corporation) C:\Windows\system32\pnrpsvc.dll
2014-03-17 20:16 - 2013-12-17 03:21 - 00408576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdbss.sys
2014-03-17 20:16 - 2013-12-14 02:31 - 13949440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Xaml.dll
2014-03-17 20:16 - 2013-12-14 02:19 - 18576384 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Xaml.dll
2014-03-17 20:16 - 2013-12-13 06:54 - 00131160 _____ (Microsoft Corporation) C:\Windows\system32\easinvoker.exe
2014-03-17 20:16 - 2013-12-13 02:36 - 00178176 _____ (Microsoft Corporation) C:\Windows\system32\easwrt.dll
2014-03-17 20:16 - 2013-12-13 01:32 - 00140800 _____ (Microsoft Corporation) C:\Windows\SysWOW64\easwrt.dll
2014-03-17 20:16 - 2013-12-09 04:05 - 21199256 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
2014-03-17 20:16 - 2013-12-09 00:51 - 18643560 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
2014-03-12 21:00 - 2014-03-01 02:05 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-12 21:00 - 2014-03-01 00:58 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-12 21:00 - 2014-03-01 00:30 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-12 21:00 - 2014-03-01 00:17 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-03-12 21:00 - 2014-02-28 23:54 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-03-12 21:00 - 2014-02-28 23:47 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-03-12 21:00 - 2014-02-28 23:42 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-03-12 21:00 - 2014-02-28 23:18 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-03-12 21:00 - 2014-02-28 23:14 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-03-12 21:00 - 2014-02-28 23:10 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-03-12 21:00 - 2014-02-28 23:03 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-03-12 21:00 - 2014-02-28 22:57 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-03-12 21:00 - 2014-02-28 22:38 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-03-12 21:00 - 2014-02-28 22:32 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-03-12 21:00 - 2014-02-28 22:27 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-03-12 21:00 - 2014-02-28 22:25 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-03-12 21:00 - 2014-02-28 22:25 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-03-12 21:00 - 2014-02-10 23:04 - 04189184 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2014-03-12 21:00 - 2014-02-10 22:43 - 00488448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\qedit.dll
2014-03-12 21:00 - 2014-02-10 22:04 - 00586240 _____ (Microsoft Corporation) C:\Windows\system32\qedit.dll
2014-03-12 21:00 - 2014-01-31 12:15 - 00311640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\volsnap.sys
2014-03-12 21:00 - 2014-01-31 12:07 - 00233920 _____ (Microsoft Corporation) C:\Windows\system32\mfps.dll
2014-03-12 21:00 - 2014-01-31 12:06 - 02133208 _____ (Microsoft Corporation) C:\Windows\system32\mfcore.dll
2014-03-12 21:00 - 2014-01-31 09:47 - 02143960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfcore.dll
2014-03-12 21:00 - 2014-01-31 05:06 - 00716288 _____ (Microsoft Corporation) C:\Windows\system32\swprv.dll
2014-03-12 21:00 - 2014-01-29 05:55 - 01287064 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2014-03-12 21:00 - 2014-01-29 04:53 - 00458616 _____ (Microsoft Corporation) C:\Windows\system32\WerFault.exe
2014-03-12 21:00 - 2014-01-29 04:53 - 00407024 _____ (Microsoft Corporation) C:\Windows\system32\Faultrep.dll
2014-03-12 21:00 - 2014-01-29 04:49 - 01928144 _____ (Microsoft Corporation) C:\Windows\system32\combase.dll
2014-03-12 21:00 - 2014-01-29 04:47 - 02543960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tcpip.sys
2014-03-12 21:00 - 2014-01-29 03:44 - 01371824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\combase.dll
2014-03-12 21:00 - 2014-01-29 03:44 - 00408480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WerFault.exe
2014-03-12 21:00 - 2014-01-29 03:44 - 00369280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Faultrep.dll
2014-03-12 21:00 - 2014-01-29 02:41 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdpencom.dll
2014-03-12 21:00 - 2014-01-28 20:36 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\rdpencom.dll
2014-03-12 21:00 - 2014-01-27 15:07 - 04175360 _____ (Microsoft Corporation) C:\Windows\system32\dbgeng.dll
2014-03-12 21:00 - 2014-01-27 15:06 - 00064512 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2014-03-12 21:00 - 2014-01-27 15:04 - 00160256 _____ (Microsoft Corporation) C:\Windows\system32\DWWIN.EXE
2014-03-12 21:00 - 2014-01-27 14:52 - 01036288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
2014-03-12 21:00 - 2014-01-27 14:23 - 02873344 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbgeng.dll
2014-03-12 21:00 - 2014-01-27 14:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsgqec.dll
2014-03-12 21:00 - 2014-01-27 14:20 - 00138752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DWWIN.EXE
2014-03-12 21:00 - 2014-01-27 14:15 - 01057280 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2014-03-12 21:00 - 2014-01-27 13:43 - 00855552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rdvidcrl.dll
2014-03-12 21:00 - 2014-01-27 13:18 - 01486848 _____ (Microsoft Corporation) C:\Windows\system32\dbghelp.dll
2014-03-12 21:00 - 2014-01-27 13:00 - 01238016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dbghelp.dll
2014-03-12 21:00 - 2014-01-27 11:58 - 05770752 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mstscax.dll
2014-03-12 21:00 - 2014-01-27 11:50 - 06640640 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2014-03-12 21:00 - 2014-01-27 07:45 - 00386722 _____ () C:\Windows\system32\ApnDatabase.xml
2014-03-12 21:00 - 2014-01-17 19:04 - 00764864 _____ (Microsoft Corporation) C:\Windows\system32\mfmpeg2srcsnk.dll
2014-03-12 21:00 - 2014-01-17 17:54 - 00669352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmpeg2srcsnk.dll
2014-03-12 21:00 - 2013-12-21 10:51 - 06353960 _____ (Microsoft Corporation) C:\Windows\system32\sppsvc.exe
2014-03-12 21:00 - 2013-12-21 04:54 - 00447488 _____ (Microsoft Corporation) C:\Windows\system32\sppcomapi.dll
2014-03-12 21:00 - 2013-12-20 06:18 - 01643584 _____ (Microsoft Corporation) C:\Windows\system32\winload.efi
2014-03-12 21:00 - 2013-12-20 06:18 - 01507704 _____ (Microsoft Corporation) C:\Windows\system32\winload.exe
2014-03-12 21:00 - 2013-10-30 20:29 - 00236888 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdFilter.sys
2014-03-12 21:00 - 2013-10-30 20:29 - 00124760 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdNisDrv.sys
2014-03-12 21:00 - 2013-10-30 20:28 - 00035856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\WdBoot.sys
2014-03-12 15:24 - 2014-03-12 15:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-12 14:40 - 2014-03-12 14:40 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-03-12 14:40 - 2014-03-12 14:40 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-03-12 14:40 - 2014-03-12 14:40 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-03-12 14:39 - 2014-03-12 14:39 - 49662160 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\MouseKeyboardCenter_64bit_ENG_2.2.173.exe
2014-03-12 14:37 - 2014-03-12 14:37 - 00003040 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
2014-03-12 14:33 - 2014-03-12 14:33 - 22413696 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\IPx64_1033_8.20.468.0.exe
2014-03-12 14:33 - 2014-03-12 14:33 - 22413696 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\IPx64_1033_8.20.468.0 (1).exe
2014-03-10 21:39 - 2014-03-15 11:42 - 00000000 ____D () C:\Users\Gil\Desktop\Workbench and Garage Ideas
2014-03-10 18:54 - 2014-03-10 18:54 - 00001031 _____ () C:\Users\Public\Desktop\Cyberduck.lnk
2014-03-10 18:54 - 2014-01-19 12:18 - 15193920 _____ () C:\Users\Gil\Downloads\Cyberduck-Installer-4.4.3.exe
2014-03-10 18:54 - 2014-01-18 19:46 - 00495616 _____ (Simon Tatham) C:\Users\Gil\Downloads\putty.exe
2014-03-10 18:54 - 2014-01-17 17:10 - 23636086 _____ () C:\Users\Gil\Downloads\Seas0nPass-win.zip
2014-03-10 18:53 - 2014-03-10 18:54 - 00000000 ____D () C:\Program Files (x86)\Cyberduck
2014-03-10 18:45 - 2014-03-10 18:45 - 00002068 _____ () C:\Users\Public\Desktop\MP Navigator 2.2.lnk
2014-03-10 18:45 - 2014-03-10 18:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-03-10 18:44 - 2014-03-10 18:44 - 09785424 _____ () C:\Users\Gil\Downloads\mpnmp530win222ea13.exe
2014-03-10 18:44 - 2014-03-10 18:44 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-03-10 18:44 - 2014-03-10 18:44 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-10 18:44 - 2014-03-10 18:44 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-03-10 18:44 - 2006-09-29 17:29 - 00188928 _____ (Canon Inc.) C:\Windows\system32\CNCF2La.DLL
2014-03-10 18:44 - 2006-09-29 17:29 - 00093696 _____ (Canon Inc.) C:\Windows\system32\CNCFMSa.EXE
2014-03-10 18:44 - 2006-09-29 17:28 - 00003072 _____ (Canon Inc.) C:\Windows\system32\CNCFLaUS.DLL
2014-03-10 18:44 - 2006-09-29 17:28 - 00002560 _____ (Canon Inc.) C:\Windows\system32\CNCFLaJP.DLL
2014-03-10 18:44 - 2006-09-13 08:00 - 00234496 _____ (CANON INC.) C:\Windows\system32\CNMLM7R.DLL
2014-03-10 18:43 - 2014-03-10 18:43 - 10851656 _____ () C:\Users\Gil\Downloads\mp530win64111ej.exe
2014-03-10 18:11 - 2014-03-10 18:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-10 18:09 - 2014-03-10 18:09 - 41945432 _____ (Apple Inc.) C:\Users\Gil\Downloads\QuickTimeInstaller.exe
2014-03-10 15:22 - 2014-03-10 15:22 - 04011640 _____ () C:\Users\Gil\Downloads\ljP1000_P1500-HB-pnp-win64-en.exe
2014-03-10 15:22 - 2014-03-10 15:22 - 00019341 _____ () C:\HPLJP1000_P1500_Series.log
2014-03-10 15:22 - 2014-03-10 15:22 - 00000000 ____D () C:\Program Files\HP
2014-03-10 15:22 - 2013-05-13 21:37 - 00251392 _____ () C:\Windows\system32\HP1006SMs.DLL
2014-03-10 15:22 - 2013-05-13 21:37 - 00249615 _____ () C:\Windows\system32\P1505.IMG
2014-03-10 15:22 - 2013-05-13 21:37 - 00223487 _____ () C:\Windows\system32\P1006.IMG
2014-03-10 15:22 - 2013-05-13 21:37 - 00223359 _____ () C:\Windows\system32\P1005.IMG
2014-03-10 15:22 - 2013-04-15 14:50 - 00654336 _____ () C:\Windows\system32\HP1006SM.EXE
2014-03-10 15:22 - 2013-04-15 14:50 - 00198144 _____ () C:\Windows\system32\HP1006LM.DLL
2014-03-09 21:42 - 2014-03-10 18:55 - 00000000 ____D () C:\Users\Gil\AppData\Local\CrashDumps
2014-03-08 17:17 - 2014-03-08 17:17 - 00000000 ____D () C:\ProgramData\Logitech
2014-03-08 17:09 - 2014-03-08 17:09 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-03-08 17:09 - 2014-03-08 17:09 - 00006548 _____ () C:\Windows\LDPINST.LOG
2014-03-08 17:09 - 2014-03-08 17:09 - 00000758 _____ () C:\Windows\LkmdfCoInst.log
2014-03-08 17:09 - 2014-03-08 17:09 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-08 17:09 - 2014-03-08 17:09 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Leadertech
2014-03-08 17:09 - 2014-03-08 17:09 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-08 17:09 - 2014-03-08 17:09 - 00000000 ____D () C:\Program Files\Logitech
2014-03-08 17:07 - 2014-03-08 17:09 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Logitech
2014-03-08 17:07 - 2014-03-08 17:09 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-03-08 17:07 - 2014-03-08 17:07 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Logishrd
2014-03-07 14:12 - 2014-03-07 14:12 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-07 14:12 - 2014-03-07 14:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-07 14:10 - 2014-03-18 03:52 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-07 14:10 - 2014-03-18 03:51 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-07 10:13 - 2013-10-23 07:29 - 00044936 _____ (Microsoft Corporation) C:\Windows\system32\wldp.dll
2014-03-07 10:13 - 2013-10-23 07:21 - 00155480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2014-03-07 10:13 - 2013-10-23 07:13 - 00171864 _____ (Microsoft Corporation) C:\Windows\system32\kd_02_8086.dll
2014-03-07 10:13 - 2013-10-22 03:55 - 02328872 _____ (Microsoft Corporation) C:\Windows\explorer.exe
2014-03-07 10:13 - 2013-10-22 02:03 - 02065448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\explorer.exe
2014-03-07 10:13 - 2013-10-22 01:15 - 00558080 _____ (Microsoft Corporation) C:\Windows\system32\apphelp.dll
2014-03-07 10:13 - 2013-10-22 00:04 - 00618496 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apphelp.dll
2014-03-07 10:13 - 2013-10-21 23:56 - 00186880 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersShell.dll
2014-03-07 10:13 - 2013-10-21 23:44 - 00761856 _____ (Microsoft Corporation) C:\Windows\system32\WorkfoldersControl.dll
2014-03-07 10:13 - 2013-10-21 22:38 - 01362944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user32.dll
2014-03-07 10:13 - 2013-10-21 22:22 - 00381952 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2014-03-07 10:13 - 2013-10-21 22:13 - 01704448 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2014-03-07 10:13 - 2013-10-21 21:53 - 01584128 _____ (Microsoft Corporation) C:\Windows\system32\workfolderssvc.dll
2014-03-07 10:13 - 2013-10-19 00:48 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\comdlg32.dll
2014-03-07 10:13 - 2013-10-19 00:03 - 00531968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\comdlg32.dll
2014-03-07 10:13 - 2013-10-18 23:26 - 01231360 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.dll
2014-03-07 10:13 - 2013-10-18 23:14 - 00888832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.dll
2014-03-07 10:13 - 2013-10-16 05:34 - 00518656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WWAHost.exe
2014-03-07 10:13 - 2013-10-16 05:33 - 00631296 _____ (Microsoft Corporation) C:\Windows\system32\WWAHost.exe
2014-03-07 10:13 - 2013-10-12 23:06 - 00258904 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\rdyboost.sys
2014-03-07 10:13 - 2013-10-12 22:43 - 00708616 _____ (Microsoft Corporation) C:\Windows\system32\iuilp.dll
2014-03-07 10:13 - 2013-10-10 12:26 - 00317616 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2014-03-07 10:13 - 2013-10-10 12:26 - 00104320 _____ (Microsoft Corporation) C:\Windows\system32\ncryptsslp.dll
2014-03-07 10:13 - 2013-10-10 10:53 - 00235960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2014-03-07 10:13 - 2013-10-10 10:53 - 00088272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncryptsslp.dll
2014-03-07 10:13 - 2013-10-10 07:53 - 00160768 _____ (Microsoft Corporation) C:\Windows\system32\AppxAllUserStore.dll
2014-03-07 10:13 - 2013-10-10 07:38 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\profsvc.dll
2014-03-07 10:13 - 2013-10-10 07:21 - 00139776 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppxAllUserStore.dll
2014-03-07 10:13 - 2013-10-08 06:28 - 00523096 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\acpi.sys
2014-03-07 10:13 - 2013-10-08 02:46 - 00113152 _____ (Microsoft Corporation) C:\Windows\system32\shsetup.dll
2014-03-07 10:13 - 2013-10-08 01:58 - 00094208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shsetup.dll
2014-03-07 10:13 - 2013-10-08 01:50 - 00656384 _____ (Microsoft Corporation) C:\Windows\system32\dnsapi.dll
2014-03-07 10:13 - 2013-10-08 01:48 - 00255488 _____ (Microsoft Corporation) C:\Windows\system32\dnsrslvr.dll
2014-03-07 10:13 - 2013-10-08 01:15 - 00492544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dnsapi.dll
2014-03-07 10:13 - 2013-10-08 01:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Web.Http.dll
2014-03-07 10:13 - 2013-10-08 00:50 - 00903168 _____ (Microsoft Corporation) C:\Windows\system32\iphlpsvc.dll
2014-03-07 10:13 - 2013-10-08 00:50 - 00762368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Web.Http.dll
2014-03-07 10:13 - 2013-10-07 03:21 - 00054776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2014-03-07 10:13 - 2013-10-06 22:13 - 03532288 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2014-03-07 10:13 - 2013-10-05 11:25 - 00057176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\stornvme.sys
2014-03-07 10:13 - 2013-10-05 10:21 - 00699840 _____ (Microsoft Corporation) C:\Windows\system32\d3d10level9.dll
2014-03-07 10:13 - 2013-10-05 08:05 - 00578952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10level9.dll
2014-03-07 10:13 - 2013-10-05 07:01 - 00454656 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv.sys
2014-03-07 10:13 - 2013-10-05 05:36 - 00083968 _____ (Microsoft Corporation) C:\Windows\system32\TSWbPrxy.exe
2014-03-07 10:13 - 2013-10-05 05:18 - 01011712 _____ (Microsoft Corporation) C:\Windows\system32\TSWorkspace.dll
2014-03-07 10:13 - 2013-10-05 05:07 - 00830464 _____ (Microsoft Corporation) C:\Windows\system32\samsrv.dll
2014-03-07 10:13 - 2013-10-05 04:56 - 01147904 _____ (Microsoft Corporation) C:\Windows\system32\UIAutomationCore.dll
2014-03-07 10:13 - 2013-10-05 04:55 - 00226304 _____ (Microsoft Corporation) C:\Windows\system32\miutils.dll
2014-03-07 10:13 - 2013-10-05 04:40 - 00795648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSWorkspace.dll
2014-03-07 10:13 - 2013-10-05 04:24 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\miutils.dll
2014-03-07 10:13 - 2013-10-05 04:21 - 00920064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\UIAutomationCore.dll
2014-03-07 10:13 - 2013-10-05 04:15 - 00286208 _____ (Microsoft Corporation) C:\Windows\system32\pcsvDevice.dll
2014-03-07 10:13 - 2013-10-05 03:43 - 00578560 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.dll
2014-03-07 10:13 - 2013-10-05 03:35 - 00411648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-03-07 10:13 - 2013-10-04 04:10 - 00533504 _____ (Microsoft Corporation) C:\Windows\system32\AppReadiness.dll
2014-03-07 10:13 - 2013-09-19 03:19 - 00117760 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersRes.dll
2014-03-07 10:13 - 2013-09-19 02:27 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\WorkFolders.exe
2014-03-07 10:13 - 2013-09-19 02:23 - 00117760 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WorkFoldersRes.dll
2014-03-07 10:13 - 2013-09-17 05:06 - 01067080 _____ (Microsoft Corporation) C:\Windows\system32\mfasfsrcsnk.dll
2014-03-07 10:13 - 2013-09-17 05:06 - 00465960 _____ (Microsoft Corporation) C:\Windows\system32\AudioSes.dll
2014-03-07 10:13 - 2013-09-17 02:31 - 00883184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfasfsrcsnk.dll
2014-03-07 10:13 - 2013-09-17 02:31 - 00326024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AudioSes.dll
2014-03-07 10:13 - 2013-09-17 00:37 - 00092672 _____ (Microsoft Corporation) C:\Windows\system32\dafBth.dll
2014-03-07 10:13 - 2013-09-14 10:07 - 02134120 _____ (Microsoft Corporation) C:\Windows\system32\d3d9.dll
2014-03-07 10:13 - 2013-09-14 10:00 - 00391512 _____ (Microsoft Corporation) C:\Windows\system32\tsmf.dll
2014-03-07 10:13 - 2013-09-14 08:39 - 01799944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d9.dll
2014-03-07 10:13 - 2013-09-14 08:33 - 00345552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tsmf.dll
2014-03-07 10:13 - 2013-09-14 06:05 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\rdpclip.exe
2014-03-07 10:13 - 2013-09-14 05:11 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\ipnathlp.dll
2014-03-07 10:13 - 2013-09-13 04:22 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\ftp.exe
2014-03-07 10:13 - 2013-09-13 03:47 - 00049152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ftp.exe
2014-03-07 10:13 - 2013-09-12 04:45 - 00101888 _____ (Microsoft Corporation) C:\Windows\system32\eappgnui.dll
2014-03-07 10:13 - 2013-09-12 04:08 - 00325120 _____ (Microsoft Corporation) C:\Windows\system32\eapp3hst.dll
2014-03-07 10:13 - 2013-09-12 04:08 - 00103424 _____ (Microsoft Corporation) C:\Windows\system32\WiFiDisplay.dll
2014-03-07 10:13 - 2013-09-12 04:02 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappgnui.dll
2014-03-07 10:13 - 2013-09-12 03:44 - 00331776 _____ (Microsoft Corporation) C:\Windows\system32\eapphost.dll
2014-03-07 10:13 - 2013-09-12 03:37 - 00245248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapp3hst.dll
2014-03-07 10:13 - 2013-09-12 03:37 - 00184832 _____ (Microsoft Corporation) C:\Windows\system32\dafWfdProvider.dll
2014-03-07 10:13 - 2013-09-12 03:21 - 00262144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eapphost.dll
2014-03-07 10:13 - 2013-09-12 03:16 - 00335360 _____ (Microsoft Corporation) C:\Windows\system32\eappcfg.dll
2014-03-07 10:13 - 2013-09-12 03:01 - 00272896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\eappcfg.dll
2014-03-07 10:13 - 2013-09-10 00:52 - 00132608 _____ (Microsoft Corporation) C:\Windows\system32\msched.dll
2014-03-07 10:11 - 2013-12-08 20:34 - 01227264 _____ (Microsoft Corporation) C:\Windows\system32\mispace.dll
2014-03-07 10:11 - 2013-12-08 20:04 - 00980480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mispace.dll
2014-03-07 10:11 - 2013-11-27 11:34 - 03210528 _____ (Microsoft Corporation) C:\Windows\system32\msmpeg2vdec.dll
2014-03-07 10:11 - 2013-11-27 11:27 - 00809872 _____ (Microsoft Corporation) C:\Windows\system32\mfmp4srcsnk.dll
2014-03-07 10:11 - 2013-11-27 10:00 - 00663680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfmp4srcsnk.dll
2014-03-07 10:11 - 2013-11-27 09:47 - 02804528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msmpeg2vdec.dll
2014-03-07 10:11 - 2013-11-27 08:02 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ipnat.sys
2014-03-07 10:11 - 2013-11-27 06:24 - 00306688 _____ (Microsoft Corporation) C:\Windows\system32\msieftp.dll
2014-03-07 10:11 - 2013-11-27 05:46 - 00273920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msieftp.dll
2014-03-07 10:11 - 2013-11-27 05:41 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\psmsrv.dll
2014-03-07 10:11 - 2013-11-27 05:17 - 00263168 _____ (Microsoft Corporation) C:\Windows\system32\bisrv.dll
2014-03-07 10:11 - 2013-11-27 05:10 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Graphics.dll
2014-03-07 10:11 - 2013-11-27 04:58 - 01503232 _____ (Microsoft Corporation) C:\Windows\system32\wlansvc.dll
2014-03-07 10:11 - 2013-11-27 04:56 - 00218112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Graphics.dll
2014-03-07 10:11 - 2013-11-26 09:20 - 01399176 _____ (Microsoft Corporation) C:\Windows\system32\winmde.dll
2014-03-07 10:11 - 2013-11-26 09:20 - 01374384 _____ (Microsoft Corporation) C:\Windows\system32\wmpmde.dll
2014-03-07 10:11 - 2013-11-26 07:44 - 01204968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\winmde.dll
2014-03-07 10:11 - 2013-11-24 21:45 - 00142680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBSTOR.SYS
2014-03-07 10:11 - 2013-11-24 21:32 - 01119064 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys
2014-03-07 10:11 - 2013-11-24 19:30 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rastls.dll
2014-03-07 10:11 - 2013-11-24 19:28 - 00589824 _____ (Microsoft Corporation) C:\Windows\system32\rastls.dll
2014-03-07 10:11 - 2013-11-23 08:47 - 00032088 _____ (Microsoft Corporation) C:\Windows\system32\ploptin.dll
2014-03-07 10:11 - 2013-11-23 03:13 - 00024064 _____ (Microsoft Corporation) C:\Windows\system32\bi.dll
2014-03-07 10:11 - 2013-11-23 03:13 - 00019456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\BtaMPM.sys
2014-03-07 10:11 - 2013-11-23 03:08 - 00403456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2014-03-07 10:11 - 2013-11-23 00:50 - 00282112 _____ (Microsoft Corporation) C:\Windows\system32\SystemEventsBrokerServer.dll
2014-03-07 10:11 - 2013-11-22 23:19 - 02617344 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2014-03-07 10:11 - 2013-11-22 23:15 - 02295808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2014-03-07 10:11 - 2013-11-21 02:58 - 00207872 _____ (Microsoft Corporation) C:\Windows\system32\deviceregistration.dll
2014-03-07 10:11 - 2013-11-21 02:26 - 01415680 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2014-03-07 10:11 - 2013-11-15 10:59 - 00470016 _____ (Microsoft Corporation) C:\Windows\system32\mfds.dll
2014-03-07 10:11 - 2013-11-15 10:25 - 00433664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfds.dll
2014-03-07 10:11 - 2013-11-15 10:08 - 00202240 _____ (Microsoft Corporation) C:\Windows\system32\ubpm.dll
2014-03-07 10:11 - 2013-11-15 09:24 - 00834048 _____ (Microsoft Corporation) C:\Windows\system32\audiosrv.dll
2014-03-07 10:11 - 2013-10-30 20:29 - 00745336 _____ (Microsoft Corporation) C:\Windows\system32\oleaut32.dll
2014-03-07 10:11 - 2013-10-30 19:41 - 00552624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\oleaut32.dll
2014-03-07 10:11 - 2013-09-21 06:53 - 00996320 _____ (Microsoft Corporation) C:\Windows\system32\WinTypes.dll
2014-03-07 10:11 - 2013-09-21 03:17 - 00076800 _____ (Microsoft Corporation) C:\Windows\system32\BulkOperationHost.exe
2014-03-07 10:11 - 2013-09-21 01:20 - 00369664 _____ (Microsoft Corporation) C:\Windows\system32\wlanmsm.dll
2014-03-07 10:11 - 2013-09-21 01:09 - 00300544 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlanmsm.dll
2014-03-07 10:09 - 2013-10-10 06:34 - 01085952 _____ (Microsoft Corporation) C:\Windows\system32\twinui.appcore.dll
2014-03-07 10:09 - 2013-10-10 06:27 - 00869888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.appcore.dll
2014-03-07 10:08 - 2013-11-10 22:48 - 00039768 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\intelpep.sys
2014-03-07 10:08 - 2013-11-09 02:37 - 01756160 _____ (Microsoft Corporation) C:\Windows\system32\WMPDMC.exe
2014-03-07 10:08 - 2013-11-09 01:56 - 01391104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPDMC.exe
2014-03-07 10:08 - 2013-11-08 06:26 - 00358896 _____ (Microsoft Corporation) C:\Windows\system32\dcomp.dll
2014-03-07 10:08 - 2013-11-08 00:43 - 00254464 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentClient.dll
2014-03-07 10:08 - 2013-11-08 00:16 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dcomp.dll
2014-03-07 10:08 - 2013-11-08 00:15 - 00198656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\AppXDeploymentClient.dll
2014-03-07 10:08 - 2013-11-07 23:41 - 01302528 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentServer.dll
2014-03-07 10:08 - 2013-11-07 23:14 - 00922624 _____ (Microsoft Corporation) C:\Windows\system32\AppXDeploymentExtensions.dll
2014-03-07 10:08 - 2013-11-05 10:19 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wpncore.dll
2014-03-07 10:08 - 2013-11-04 09:07 - 01843712 _____ (Microsoft Corporation) C:\Windows\system32\Display.dll
2014-03-07 10:08 - 2013-11-04 07:50 - 02143744 _____ (Microsoft Corporation) C:\Windows\system32\dwmcore.dll
2014-03-07 10:08 - 2013-11-04 06:32 - 02570240 _____ (Microsoft Corporation) C:\Windows\system32\SettingsHandlers.dll
2014-03-07 10:08 - 2013-11-03 22:28 - 01816576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Display.dll
2014-03-07 10:08 - 2013-11-03 21:30 - 01765376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmcore.dll
2014-03-07 10:08 - 2013-11-01 07:39 - 00086872 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\pdc.sys
2014-03-07 10:08 - 2013-11-01 02:08 - 00747008 _____ (Microsoft Corporation) C:\Windows\system32\wlidcli.dll
2014-03-07 10:08 - 2013-11-01 01:57 - 00544768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidcli.dll
2014-03-07 10:08 - 2013-10-30 20:58 - 00372568 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\spaceport.sys
2014-03-07 10:08 - 2013-10-30 20:42 - 07399256 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2014-03-07 10:08 - 2013-10-30 20:33 - 01476184 _____ (Microsoft Corporation) C:\Windows\system32\winresume.efi
2014-03-07 10:08 - 2013-10-30 20:33 - 01345536 _____ (Microsoft Corporation) C:\Windows\system32\winresume.exe
2014-03-07 10:08 - 2013-10-25 21:54 - 00146776 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\SerCx2.sys
2014-03-07 10:08 - 2013-10-24 05:31 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\CredentialMigrationHandler.dll
2014-03-07 10:08 - 2013-10-24 05:12 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CredentialMigrationHandler.dll
2014-03-07 10:08 - 2013-10-17 07:21 - 02896896 _____ (Microsoft Corporation) C:\Windows\system32\msftedit.dll
2014-03-07 10:08 - 2013-10-17 06:36 - 02266624 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msftedit.dll
2014-03-07 10:08 - 2013-10-05 10:21 - 02140888 _____ (Microsoft Corporation) C:\Windows\system32\d3d11.dll
2014-03-07 10:08 - 2013-10-05 10:21 - 00516496 _____ (Microsoft Corporation) C:\Windows\system32\dxgi.dll
2014-03-07 10:08 - 2013-10-05 08:05 - 01765384 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d11.dll
2014-03-07 10:08 - 2013-10-05 08:05 - 00406400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxgi.dll
2014-03-07 10:07 - 2013-09-26 02:34 - 00688640 _____ (Microsoft Corporation) C:\Windows\system32\MrmIndexer.dll
2014-03-07 10:07 - 2013-09-26 02:34 - 00515072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmIndexer.dll
2014-03-07 10:06 - 2013-09-25 06:25 - 00783504 _____ (Microsoft Corporation) C:\Windows\system32\mfnetcore.dll
2014-03-07 10:06 - 2013-09-25 04:58 - 00648648 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfnetcore.dll
2014-03-07 10:06 - 2013-09-24 01:54 - 02050560 _____ (Microsoft Corporation) C:\Windows\system32\SRH.dll
2014-03-07 10:06 - 2013-09-24 01:05 - 01245696 _____ (Microsoft Corporation) C:\Windows\system32\sysmain.dll
2014-03-07 10:06 - 2013-09-23 23:56 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.BackgroundTransfer.ContentPrefetchTask.dll
2014-03-07 10:06 - 2013-09-21 07:48 - 00534048 _____ (Microsoft Corporation) C:\Windows\system32\wer.dll
2014-03-07 10:06 - 2013-09-21 06:53 - 01534504 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2014-03-07 10:06 - 2013-09-21 06:53 - 00934856 _____ (Microsoft Corporation) C:\Windows\system32\mfsrcsnk.dll
2014-03-07 10:06 - 2013-09-21 05:12 - 01092896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2014-03-07 10:06 - 2013-09-21 05:09 - 00796928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfsrcsnk.dll
2014-03-07 10:06 - 2013-09-21 02:33 - 11366912 _____ (Microsoft Corporation) C:\Windows\system32\glcndFilter.dll
2014-03-07 10:06 - 2013-09-21 01:59 - 00940544 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2014-03-07 10:06 - 2013-09-21 01:56 - 08712704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\glcndFilter.dll
2014-03-07 10:06 - 2013-09-21 01:34 - 01555456 _____ (Microsoft Corporation) C:\Windows\system32\wlidsvc.dll
2014-03-07 10:06 - 2013-09-21 01:31 - 00756224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2014-03-07 10:06 - 2013-09-21 01:26 - 00405504 _____ (Microsoft Corporation) C:\Windows\system32\vpnike.dll
2014-03-07 10:06 - 2013-09-21 01:10 - 12028416 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Data.Pdf.dll
2014-03-07 10:06 - 2013-09-21 01:05 - 08875008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Data.Pdf.dll
2014-03-07 10:06 - 2013-09-21 00:44 - 01662464 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Immersive.dll
2014-03-07 10:06 - 2013-09-21 00:39 - 01455616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Immersive.dll
2014-03-07 10:06 - 2013-09-19 01:08 - 01150976 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Globalization.dll
2014-03-07 10:06 - 2013-09-19 01:01 - 00401920 _____ (Microsoft Corporation) C:\Windows\system32\wlidprov.dll
2014-03-07 10:06 - 2013-09-19 00:32 - 00314368 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wlidprov.dll
2014-03-07 10:06 - 2013-09-19 00:27 - 01730560 _____ (Microsoft Corporation) C:\Windows\system32\dui70.dll
2014-03-07 10:06 - 2013-09-19 00:27 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Security.Authentication.OnlineId.dll
2014-03-07 10:06 - 2013-09-19 00:10 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-03-07 10:05 - 2013-09-26 05:20 - 00556032 _____ (Microsoft Corporation) C:\Windows\system32\recimg.exe
2014-03-07 10:05 - 2013-09-26 03:32 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\wimgapi.dll
2014-03-07 10:05 - 2013-09-26 03:14 - 00528896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wimgapi.dll
2014-03-07 10:05 - 2013-09-25 03:32 - 00063488 _____ (Microsoft Corporation) C:\Windows\system32\BthRadioMedia.dll
2014-03-07 10:05 - 2013-09-25 01:40 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\windows.immersiveshell.serviceprovider.dll
2014-03-07 10:05 - 2013-09-24 02:55 - 00284160 _____ (Microsoft Corporation) C:\Windows\system32\mcbuilder.exe
2014-03-07 10:05 - 2013-09-24 01:59 - 00253952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mcbuilder.exe
2014-03-07 10:05 - 2013-09-24 01:10 - 01741824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SRH.dll
2014-03-07 10:05 - 2013-09-21 08:10 - 00579416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\fvevol.sys
2014-03-07 10:05 - 2013-09-21 08:10 - 00236376 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\sdbus.sys
2014-03-07 10:05 - 2013-09-21 08:10 - 00151384 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\dumpsd.sys
2014-03-07 10:05 - 2013-09-21 07:50 - 00528048 _____ (Microsoft Corporation) C:\Windows\system32\ci.dll
2014-03-07 10:05 - 2013-09-21 07:48 - 00123480 _____ (Microsoft Corporation) C:\Windows\system32\dwmapi.dll
2014-03-07 10:05 - 2013-09-21 06:56 - 00101208 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2014-03-07 10:05 - 2013-09-21 06:53 - 00366688 _____ (Microsoft Corporation) C:\Windows\system32\msvproc.dll
2014-03-07 10:05 - 2013-09-21 06:45 - 00171968 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2014-03-07 10:05 - 2013-09-21 05:23 - 00427096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wer.dll
2014-03-07 10:05 - 2013-09-21 05:23 - 00098104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dwmapi.dll
2014-03-07 10:05 - 2013-09-21 05:09 - 00312936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvproc.dll
2014-03-07 10:05 - 2013-09-21 03:58 - 00675328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srv2.sys
2014-03-07 10:05 - 2013-09-21 03:57 - 00207360 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2014-03-07 10:05 - 2013-09-21 03:55 - 00097280 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\agilevpn.sys
2014-03-07 10:05 - 2013-09-21 03:50 - 00240128 _____ (Microsoft Corporation) C:\Windows\system32\WinSCard.dll
2014-03-07 10:05 - 2013-09-21 02:55 - 00168448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WinSCard.dll
2014-03-07 10:05 - 2013-09-21 02:01 - 00200704 _____ (Microsoft Corporation) C:\Windows\system32\ReInfo.dll
2014-03-07 10:05 - 2013-09-21 01:57 - 00363520 _____ (Microsoft Corporation) C:\Windows\system32\livessp.dll
2014-03-07 10:05 - 2013-09-21 01:43 - 00194560 _____ (Microsoft Corporation) C:\Windows\system32\dpapisrv.dll
2014-03-07 10:05 - 2013-09-21 01:38 - 00365568 _____ (Microsoft Corporation) C:\Windows\system32\wcmsvc.dll
2014-03-07 10:05 - 2013-09-21 01:37 - 00101376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2014-03-07 10:05 - 2013-09-21 01:02 - 00158208 _____ (Microsoft Corporation) C:\Windows\system32\thumbcache.dll
2014-03-07 10:05 - 2013-09-21 00:54 - 00116736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\thumbcache.dll
2014-03-07 10:05 - 2013-09-21 00:38 - 01057792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\printui.dll
2014-03-07 10:05 - 2013-09-21 00:38 - 00102400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\efswrt.dll
2014-03-07 10:05 - 2013-09-21 00:37 - 00131584 _____ (Microsoft Corporation) C:\Windows\system32\efswrt.dll
2014-03-07 10:05 - 2013-09-21 00:36 - 01185280 _____ (Microsoft Corporation) C:\Windows\system32\printui.dll
2014-03-07 10:05 - 2013-09-19 02:39 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.dll
2014-03-07 10:05 - 2013-09-19 02:17 - 00456192 _____ (Microsoft Corporation) C:\Windows\system32\sysmon.ocx
2014-03-07 10:05 - 2013-09-19 01:47 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.dll
2014-03-07 10:05 - 2013-09-19 01:29 - 00393728 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sysmon.ocx
2014-03-07 10:05 - 2013-09-19 00:37 - 00802816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Globalization.dll
2014-03-07 10:05 - 2013-09-19 00:25 - 00471552 _____ (Microsoft Corporation) C:\Windows\system32\pcasvc.dll
2014-03-07 10:05 - 2013-09-19 00:11 - 01344000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dui70.dll
2014-03-07 10:05 - 2013-09-18 23:59 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\twinapi.dll
2014-03-07 10:05 - 2013-09-18 23:55 - 00552448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinapi.dll
2014-03-07 10:05 - 2013-09-18 23:34 - 00455168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SettingSync.dll
2014-03-07 10:05 - 2013-09-18 23:32 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\SettingSync.dll
2014-03-07 10:05 - 2013-09-17 05:18 - 00467800 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\USBHUB3.SYS
2014-03-07 10:05 - 2013-09-17 02:58 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2014-03-07 10:05 - 2013-09-17 01:26 - 00079360 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2014-03-07 10:05 - 2013-09-17 01:15 - 01225728 _____ (Microsoft Corporation) C:\Windows\system32\usercpl.dll
2014-03-07 10:05 - 2013-09-17 01:00 - 00453632 _____ (Microsoft Corporation) C:\Windows\system32\wbiosrvc.dll
2014-03-07 10:05 - 2013-09-17 00:09 - 01160704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\usercpl.dll
2014-03-07 10:05 - 2013-09-17 00:08 - 00738304 _____ (Microsoft Corporation) C:\Windows\system32\msctfuimanager.dll
2014-03-07 10:05 - 2013-09-16 23:28 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctfuimanager.dll
2014-03-07 10:05 - 2013-09-14 10:06 - 00175960 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\VerifierExt.sys
2014-03-07 10:05 - 2013-09-14 10:06 - 00066904 _____ (Microsoft Corporation) C:\Windows\system32\PSHED.DLL
2014-03-07 10:05 - 2013-09-14 07:39 - 00083456 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\appid.sys
2014-03-07 10:05 - 2013-09-13 05:52 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\SensorsClassExtension.dll
2014-03-07 10:05 - 2013-09-13 04:54 - 00426496 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Usb.dll
2014-03-07 10:05 - 2013-09-13 04:10 - 00288256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Usb.dll
2014-03-07 10:05 - 2013-09-13 03:55 - 00233984 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.HumanInterfaceDevice.dll
2014-03-07 10:05 - 2013-09-13 03:30 - 00155136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.HumanInterfaceDevice.dll
2014-03-07 10:05 - 2013-09-12 03:37 - 00459776 _____ (Microsoft Corporation) C:\Windows\system32\wcncsvc.dll
2014-03-07 10:05 - 2013-09-11 05:31 - 00442368 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\nwifi.sys
2014-03-07 10:05 - 2013-09-11 05:31 - 00244224 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\srvnet.sys
2014-03-07 10:05 - 2013-09-11 03:41 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dhcpcore.dll
2014-03-07 10:05 - 2013-09-11 03:09 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dhcpcore.dll
2014-03-07 10:05 - 2013-09-07 08:44 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\fdprint.dll
2014-03-07 10:05 - 2013-09-07 08:29 - 00503808 _____ (Microsoft Corporation) C:\Windows\system32\DeviceCenter.dll
2014-03-07 10:05 - 2013-09-07 08:00 - 00256000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fdprint.dll
2014-03-07 10:05 - 2013-09-07 07:50 - 00482816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\DeviceCenter.dll
2014-03-07 10:05 - 2013-09-07 07:45 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\CryptoWinRT.dll
2014-03-07 10:05 - 2013-09-07 07:30 - 00244736 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Networking.Vpn.dll
2014-03-07 10:05 - 2013-09-07 07:22 - 00153600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\CryptoWinRT.dll
2014-03-07 10:05 - 2013-09-07 07:13 - 00248320 _____ (Microsoft Corporation) C:\Windows\system32\rascustom.dll
2014-03-07 10:05 - 2013-09-07 07:07 - 00273408 _____ (Microsoft Corporation) C:\Windows\system32\TetheringMgr.dll
2014-03-07 10:05 - 2013-09-05 03:39 - 00285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ks.sys
2014-03-07 10:05 - 2013-09-05 02:42 - 00081920 _____ (Microsoft Corporation) C:\Windows\system32\Utilman.exe
2014-03-07 10:05 - 2013-09-05 01:40 - 00069632 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Utilman.exe
2014-03-07 10:05 - 2013-09-04 03:01 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\WorkFoldersGPExt.dll
2014-03-07 10:05 - 2013-09-04 02:16 - 00358912 _____ (Microsoft Corporation) C:\Windows\system32\vmrdvcore.dll
2014-03-07 10:05 - 2013-09-04 01:47 - 00492032 _____ (Microsoft Corporation) C:\Windows\system32\tpmvsc.dll
2014-03-07 10:05 - 2013-09-04 01:12 - 00198656 _____ (Microsoft Corporation) C:\Windows\system32\DscCoreConfProv.dll
2014-03-07 10:05 - 2013-09-04 00:57 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\DscCore.dll
2014-03-07 10:05 - 2013-09-04 00:48 - 00326656 _____ (Microsoft Corporation) C:\Windows\system32\SessEnv.dll
2014-03-07 10:05 - 2013-09-04 00:35 - 00280576 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SessEnv.dll
2014-03-07 10:05 - 2013-08-31 10:18 - 00205024 _____ (Microsoft Corporation) C:\Windows\system32\mftranscode.dll
2014-03-07 10:05 - 2013-08-31 08:15 - 00180232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mftranscode.dll
2014-03-07 10:05 - 2013-08-31 08:04 - 00638464 _____ (Microsoft Corporation) C:\Windows\system32\riched20.dll
2014-03-07 10:05 - 2013-08-31 06:46 - 00513536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\riched20.dll
2014-03-07 10:05 - 2013-08-31 06:00 - 00491520 _____ (Microsoft Corporation) C:\Windows\system32\GeofenceMonitorService.dll
2014-03-07 10:05 - 2013-08-31 05:25 - 00357376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\GeofenceMonitorService.dll
2014-03-07 10:05 - 2013-08-30 03:31 - 00109568 _____ (Microsoft Corporation) C:\Windows\system32\AxInstSv.dll
2014-03-07 10:05 - 2013-08-28 03:55 - 00334336 _____ (Microsoft Corporation) C:\Windows\system32\MDEServer.exe
2014-03-07 10:05 - 2013-08-28 03:49 - 00597504 _____ (Microsoft Corporation) C:\Windows\system32\msra.exe
2014-03-07 10:05 - 2013-08-28 03:09 - 00054272 _____ (Microsoft Corporation) C:\Windows\system32\rdsdwmdr.dll
2014-03-07 10:05 - 2013-08-27 02:09 - 00970752 _____ (Microsoft Corporation) C:\Windows\system32\WebcamUi.dll
2014-03-07 10:05 - 2013-08-27 01:24 - 00813568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WebcamUi.dll
2014-03-07 09:58 - 2013-10-03 05:16 - 00294400 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Devices.Sensors.dll
2014-03-07 09:58 - 2013-10-03 05:02 - 00225792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Devices.Sensors.dll
2014-03-07 09:58 - 2013-10-02 07:00 - 01286552 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2014-03-07 09:58 - 2013-10-02 05:47 - 01018960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2014-03-07 09:58 - 2013-09-30 23:42 - 01217024 _____ (Microsoft Corporation) C:\Windows\system32\Windows.Media.Streaming.dll
2014-03-07 09:58 - 2013-09-30 23:36 - 00977408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.Media.Streaming.dll
2014-03-07 09:57 - 2014-01-07 03:03 - 00018944 _____ (Microsoft Corporation) C:\Windows\system32\pcaui.exe
2014-03-07 09:57 - 2014-01-07 01:59 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pcaui.exe
2014-03-07 09:57 - 2014-01-07 01:00 - 02397184 _____ (Microsoft Corporation) C:\Windows\system32\d3d10warp.dll
2014-03-07 09:57 - 2014-01-07 00:30 - 02071552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d3d10warp.dll
2014-03-07 09:57 - 2013-12-08 22:57 - 00548864 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2014-03-07 09:57 - 2013-12-08 21:51 - 00454656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2014-03-07 09:57 - 2013-12-08 20:27 - 02152448 _____ (Microsoft Corporation) C:\Windows\system32\msxml3.dll
2014-03-07 09:57 - 2013-12-08 20:19 - 00570880 _____ (Microsoft Corporation) C:\Windows\system32\msdrm.dll
2014-03-07 09:57 - 2013-12-08 19:55 - 00444928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msdrm.dll
2014-03-07 09:57 - 2013-12-08 19:54 - 01317376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msxml3.dll
2014-03-07 09:57 - 2013-11-27 11:36 - 03395920 _____ (Microsoft Corporation) C:\Windows\system32\WSService.dll
2014-03-07 09:57 - 2013-11-27 07:41 - 00084480 _____ (Microsoft Corporation) C:\Windows\system32\WSCollect.exe
2014-03-07 09:57 - 2013-11-27 04:48 - 00249856 _____ (Microsoft Corporation) C:\Windows\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-07 09:57 - 2013-11-27 04:40 - 00189952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-03-07 09:57 - 2013-11-27 04:17 - 00695808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WSShared.dll
2014-03-07 09:57 - 2013-11-27 04:12 - 00848384 _____ (Microsoft Corporation) C:\Windows\system32\WSShared.dll
2014-03-07 09:57 - 2013-11-23 00:34 - 00393216 _____ (Microsoft Corporation) C:\Windows\system32\WMPhoto.dll
2014-03-07 09:57 - 2013-11-23 00:13 - 00348160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\WMPhoto.dll
2014-03-07 09:57 - 2013-11-21 02:42 - 04604416 _____ (Microsoft Corporation) C:\Windows\system32\d2d1.dll
2014-03-07 09:57 - 2013-11-21 01:44 - 03936256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\d2d1.dll
2014-03-07 09:57 - 2013-10-23 07:01 - 00872840 _____ (Microsoft Corporation) C:\Windows\system32\mfplat.dll
2014-03-07 09:57 - 2013-10-19 04:53 - 00075360 _____ (Microsoft Corporation) C:\Windows\system32\imagehlp.dll
2014-03-07 09:57 - 2013-10-19 03:14 - 00070680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\imagehlp.dll
2014-03-07 09:57 - 2013-10-12 22:48 - 00136536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wfplwfs.sys
2014-03-07 09:57 - 2013-10-12 17:48 - 00828416 _____ (Microsoft Corporation) C:\Windows\system32\BFE.DLL
2014-03-07 09:57 - 2013-10-12 17:34 - 01104384 _____ (Microsoft Corporation) C:\Windows\system32\IKEEXT.DLL
2014-03-07 09:56 - 2014-02-06 07:30 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2014-03-07 09:56 - 2014-02-06 07:30 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2014-03-07 09:56 - 2014-02-06 07:07 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2014-03-07 09:56 - 2014-02-06 07:06 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2014-03-07 09:56 - 2014-02-06 06:57 - 00053760 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2014-03-07 09:56 - 2014-02-06 06:56 - 00033792 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2014-03-07 09:56 - 2014-02-06 06:49 - 00139264 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2014-03-07 09:56 - 2014-02-06 06:48 - 00708608 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2014-03-07 09:56 - 2014-02-06 06:48 - 00111616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2014-03-07 09:56 - 2014-02-06 06:20 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2014-03-07 09:56 - 2014-02-06 06:17 - 00195584 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2014-03-07 09:56 - 2014-02-06 06:01 - 00061952 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2014-03-07 09:56 - 2014-02-06 06:00 - 00051200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2014-03-07 09:56 - 2014-02-06 05:52 - 00043008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2014-03-07 09:56 - 2014-02-06 05:52 - 00032768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2014-03-07 09:56 - 2014-02-06 05:50 - 02041856 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2014-03-07 09:56 - 2014-02-06 05:47 - 00112128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2014-03-07 09:56 - 2014-02-06 05:46 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2014-03-07 09:56 - 2014-02-06 05:25 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2014-03-07 09:56 - 2014-02-06 05:09 - 01964032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2014-03-07 09:56 - 2014-01-09 04:25 - 02804224 _____ (Microsoft Corporation) C:\Windows\system32\actxprxy.dll
2014-03-07 09:56 - 2014-01-09 03:59 - 01020928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\actxprxy.dll
2014-03-07 09:56 - 2014-01-09 03:59 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\winbici.dll
2014-03-07 09:56 - 2014-01-09 03:49 - 00919040 _____ (Microsoft Corporation) C:\Windows\system32\MrmCoreR.dll
2014-03-07 09:56 - 2014-01-09 03:44 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveTelemetry.dll
2014-03-07 09:56 - 2014-01-09 03:43 - 00121344 _____ (Microsoft Corporation) C:\Windows\system32\SkyDriveShell.dll
2014-03-07 09:56 - 2014-01-09 03:29 - 00105984 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SkyDriveShell.dll
2014-03-07 09:56 - 2014-01-09 03:28 - 04217344 _____ (Microsoft Corporation) C:\Windows\system32\SyncEngine.dll
2014-03-07 09:56 - 2014-01-09 03:28 - 00628736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MrmCoreR.dll
2014-03-07 09:56 - 2014-01-09 03:18 - 00870912 _____ (Microsoft Corporation) C:\Windows\system32\SkyDrive.exe
2014-03-07 09:56 - 2014-01-04 16:50 - 01462216 _____ (Microsoft Corporation) C:\Windows\system32\propsys.dll
2014-03-07 09:56 - 2014-01-04 15:22 - 01202888 _____ (Microsoft Corporation) C:\Windows\SysWOW64\propsys.dll
2014-03-07 09:56 - 2014-01-04 10:30 - 13209088 _____ (Microsoft Corporation) C:\Windows\system32\twinui.dll
2014-03-07 09:56 - 2014-01-04 10:23 - 11702272 _____ (Microsoft Corporation) C:\Windows\SysWOW64\twinui.dll
2014-03-07 09:56 - 2014-01-04 09:42 - 01105408 _____ (Microsoft Corporation) C:\Windows\system32\SearchFolder.dll
2014-03-07 09:56 - 2014-01-04 09:40 - 07416832 _____ (Microsoft Corporation) C:\Windows\system32\Windows.UI.Search.dll
2014-03-07 09:56 - 2014-01-04 09:36 - 00830976 _____ (Microsoft Corporation) C:\Windows\SysWOW64\SearchFolder.dll
2014-03-07 09:56 - 2014-01-04 09:28 - 04961792 _____ (Microsoft Corporation) C:\Windows\SysWOW64\Windows.UI.Search.dll
2014-03-07 09:56 - 2013-12-20 22:10 - 00009701 _____ () C:\Windows\SysWOW64\connectedsearch-results.searchconnector-ms
2014-03-07 09:56 - 2013-12-20 22:10 - 00009701 _____ () C:\Windows\system32\connectedsearch-results.searchconnector-ms
2014-03-07 09:56 - 2013-12-20 06:10 - 01113040 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2014-03-07 09:56 - 2013-12-20 02:13 - 00835584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
2014-03-07 09:56 - 2013-12-08 20:15 - 00787968 _____ (Microsoft Corporation) C:\Windows\system32\uDWM.dll
2014-03-07 09:56 - 2013-11-09 02:34 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\MDMAgent.exe
2014-03-07 09:56 - 2013-11-09 02:34 - 00287744 _____ (Microsoft Corporation) C:\Windows\system32\mdmregistration.dll
2014-03-07 09:56 - 2013-11-09 01:52 - 00240128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mdmregistration.dll
2014-03-07 09:56 - 2013-10-23 04:59 - 00698232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mfplat.dll
2014-03-07 09:56 - 2013-10-16 11:58 - 01943536 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2014-03-07 09:56 - 2013-10-16 09:54 - 01581968 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2014-03-07 09:56 - 2013-10-15 04:54 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\scrrun.dll
2014-03-07 09:56 - 2013-10-15 04:03 - 00156672 _____ (Microsoft Corporation) C:\Windows\SysWOW64\scrrun.dll
2014-03-07 09:56 - 2013-10-05 10:21 - 01341288 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2014-03-07 09:56 - 2013-10-05 04:39 - 01067008 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2014-03-06 17:35 - 2014-03-17 15:03 - 00000000 ____D () C:\Users\Gil\AppData\Local\Spotify
2014-03-06 17:35 - 2014-03-06 17:35 - 00001833 _____ () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-03-06 17:34 - 2014-03-18 11:52 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Spotify
2014-03-06 17:31 - 2014-03-18 17:37 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-06 17:31 - 2014-03-18 13:36 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-06 17:31 - 2014-03-06 17:32 - 00000000 ____D () C:\Users\Gil\AppData\Local\Google
2014-03-06 17:31 - 2014-03-06 17:32 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-06 17:31 - 2014-03-06 17:31 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-06 17:31 - 2014-03-06 17:31 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-06 17:28 - 2014-03-12 15:24 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Apple Computer
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Users\Gil\AppData\Local\Apple Computer
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Users\Gil\AppData\Local\Apple
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files\iTunes
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files\iPod
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-06 17:28 - 2012-08-21 17:01 - 00033240 _____ (GEAR Software Inc.) C:\Windows\system32\Drivers\GEARAspiWDM.sys
2014-03-06 16:22 - 2014-03-06 17:28 - 00000000 ____D () C:\ProgramData\Apple
2014-03-06 16:22 - 2014-03-06 16:22 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-06 16:22 - 2014-03-06 16:22 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-06 16:15 - 2014-03-06 16:15 - 00000000 ____D () C:\Users\Gil\AppData\Local\Evernote
2014-03-06 16:15 - 2014-03-06 16:15 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-03-06 16:03 - 2014-03-06 16:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-03-06 16:01 - 2014-03-06 16:01 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-03-06 16:01 - 2014-03-06 16:01 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-03-06 16:01 - 2014-03-06 16:01 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-06 16:01 - 2014-03-06 16:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-03-06 16:01 - 2014-03-06 16:01 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-06 16:01 - 2014-03-06 16:01 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2014-03-06 16:00 - 2014-03-06 16:00 - 00000000 ____D () C:\Users\Gil\Documents\Symantec
2014-03-06 15:58 - 2014-03-06 16:02 - 00000000 ____D () C:\ProgramData\Norton
2014-03-06 15:58 - 2014-03-06 15:58 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-03-06 15:48 - 2014-03-06 15:49 - 148885840 _____ (Apple Inc.) C:\Users\Gil\Downloads\iTunes64Setup.exe
2014-03-06 15:32 - 2014-03-06 15:32 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-03-06 15:15 - 2014-03-06 15:15 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-06 15:04 - 2014-03-06 15:06 - 386308920 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\MicrosoftInstaller.exe
2014-03-06 14:55 - 2014-03-07 14:12 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-06 14:55 - 2014-03-06 14:55 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-06 14:54 - 2014-03-13 13:49 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-06 14:54 - 2014-03-06 15:15 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-06 14:54 - 2014-03-06 15:14 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-06 14:54 - 2014-03-06 14:54 - 00000000 __RHD () C:\MSOCache
2014-03-06 14:54 - 2014-03-06 14:54 - 00000000 ____D () C:\Users\Gil\AppData\Local\Microsoft Help
2014-03-06 01:11 - 2014-03-12 11:16 - 00075776 ___SH () C:\Users\Gil\Desktop\Thumbs.db
2014-03-06 00:27 - 2014-03-06 00:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-06 00:25 - 2014-03-18 17:43 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-145297890-2094086102-1777008539-1001
2014-03-06 00:25 - 2014-03-06 00:25 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Macromedia
2014-03-06 00:24 - 2014-03-18 17:37 - 00000000 __RDO () C:\Users\Gil\SkyDrive
2014-03-06 00:23 - 2014-03-06 00:23 - 00000000 _____ () C:\Windows\system32\atiicdxx.dat
2014-03-06 00:23 - 2014-03-06 00:23 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-06 00:20 - 2014-03-17 17:23 - 00000000 ____D () C:\Users\Gil\AppData\Local\PackageStaging
2014-03-06 00:19 - 2014-03-18 12:26 - 00000000 ___RD () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-06 00:19 - 2014-03-18 12:26 - 00000000 ___RD () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-06 00:19 - 2014-03-17 17:23 - 00000000 ____D () C:\Users\Gil\AppData\Local\Packages
2014-03-06 00:19 - 2014-03-06 00:19 - 00001442 _____ () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-06 00:19 - 2014-03-06 00:19 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Adobe
2014-03-06 00:19 - 2014-03-06 00:19 - 00000000 ____D () C:\Users\Gil\AppData\Local\VirtualStore
2014-03-06 00:16 - 2014-03-18 17:42 - 00818732 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-06 00:16 - 2014-03-06 00:24 - 00000000 ____D () C:\Users\Gil
2014-03-06 00:16 - 2014-03-06 00:16 - 00000020 ___SH () C:\Users\Gil\ntuser.ini
2014-03-06 00:16 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-06 00:16 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-03-06 00:16 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-03-06 00:16 - 2013-08-22 11:36 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-03-06 00:13 - 2014-03-18 14:02 - 02036697 _____ () C:\Windows\WindowsUpdate.log
2014-03-06 00:13 - 2013-08-22 01:17 - 02407936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2014-03-05 23:19 - 2014-03-18 12:08 - 00055734 _____ () C:\Windows\PFRO.log
2014-03-05 23:19 - 2014-03-06 00:19 - 00000000 ____D () C:\Windows\Panther
 
==================== One Month Modified Files and Folders =======
 
2014-03-18 17:45 - 2014-03-18 20:55 - 00000000 ____D () C:\FRST
2014-03-18 17:45 - 2014-03-18 17:45 - 00013147 _____ () C:\Users\Gil\Downloads\FRST.txt
2014-03-18 17:44 - 2014-03-18 17:44 - 02157056 _____ (Farbar) C:\Users\Gil\Downloads\FRST64.exe
2014-03-18 17:43 - 2014-03-06 00:25 - 00003596 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-145297890-2094086102-1777008539-1001
2014-03-18 17:42 - 2014-03-06 00:16 - 00818732 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-03-18 17:40 - 2014-03-18 17:40 - 00000000 ____D () C:\Users\Gil\Desktop\tdsskiller
2014-03-18 17:39 - 2014-03-18 17:39 - 04110135 _____ () C:\Users\Gil\Desktop\tdsskiller.zip
2014-03-18 17:37 - 2014-03-06 17:31 - 00000918 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2014-03-18 17:37 - 2014-03-06 00:24 - 00000000 __RDO () C:\Users\Gil\SkyDrive
2014-03-18 17:37 - 2013-08-22 10:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-03-18 17:37 - 2013-08-22 09:25 - 00524288 ___SH () C:\Windows\system32\config\BBI
2014-03-18 17:00 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\sru
2014-03-18 14:14 - 2014-03-18 14:14 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-03-18 14:14 - 2013-08-22 10:46 - 00010364 _____ () C:\Windows\setupact.log
2014-03-18 14:02 - 2014-03-06 00:13 - 02036697 _____ () C:\Windows\WindowsUpdate.log
2014-03-18 13:36 - 2014-03-06 17:31 - 00000922 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2014-03-18 12:55 - 2014-03-18 12:17 - 00000000 ____D () C:\Users\norton\AppData\Local\NPE
2014-03-18 12:40 - 2014-03-18 12:40 - 00000000 ____D () C:\Program Files\Microsoft Silverlight
2014-03-18 12:40 - 2014-03-18 12:40 - 00000000 ____D () C:\Program Files (x86)\Microsoft Silverlight
2014-03-18 12:26 - 2014-03-06 00:19 - 00000000 ___RD () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
2014-03-18 12:26 - 2014-03-06 00:19 - 00000000 ___RD () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
2014-03-18 12:16 - 2014-03-18 12:16 - 03053496 ____N (Symantec Corporation) C:\Users\norton\Downloads\NPE.exe
2014-03-18 12:15 - 2014-03-18 12:15 - 00002275 _____ () C:\Users\norton\Desktop\Google Chrome.lnk
2014-03-18 12:15 - 2014-03-18 12:15 - 00000000 ____D () C:\Users\norton\AppData\Local\Google
2014-03-18 12:14 - 2014-03-18 12:14 - 00000020 ___SH () C:\Users\norton\ntuser.ini
2014-03-18 12:14 - 2014-03-18 12:14 - 00000000 ____D () C:\Users\norton\AppData\Local\Packages
2014-03-18 12:14 - 2014-03-18 12:14 - 00000000 ____D () C:\Users\norton
2014-03-18 12:08 - 2014-03-05 23:19 - 00055734 _____ () C:\Windows\PFRO.log
2014-03-18 12:03 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ToastData
2014-03-18 11:52 - 2014-03-06 17:34 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Spotify
2014-03-18 03:52 - 2014-03-07 14:10 - 00000000 ____D () C:\Windows\system32\MRT
2014-03-18 03:51 - 2014-03-07 14:10 - 90015360 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2014-03-18 03:51 - 2013-08-22 09:25 - 00262144 ___SH () C:\Windows\system32\config\ELAM
2014-03-17 17:28 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\AppReadiness
2014-03-17 17:23 - 2014-03-06 00:20 - 00000000 ____D () C:\Users\Gil\AppData\Local\PackageStaging
2014-03-17 17:23 - 2014-03-06 00:19 - 00000000 ____D () C:\Users\Gil\AppData\Local\Packages
2014-03-17 15:03 - 2014-03-06 17:35 - 00000000 ____D () C:\Users\Gil\AppData\Local\Spotify
2014-03-17 05:44 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\rescache
2014-03-15 17:58 - 2013-08-22 10:44 - 00375296 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-03-15 17:57 - 2014-03-18 12:14 - 00000000 ___RD () C:\Users\norton\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 17:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 17:57 - 2013-08-22 11:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-03-15 17:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Windows Defender
2014-03-15 17:57 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-03-15 11:42 - 2014-03-10 21:39 - 00000000 ____D () C:\Users\Gil\Desktop\Workbench and Garage Ideas
2014-03-13 15:54 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\NDF
2014-03-13 13:49 - 2014-03-06 14:54 - 00000000 ____D () C:\ProgramData\Microsoft Help
2014-03-12 15:24 - 2014-03-12 15:24 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_WpdMtpDr_01_11_00.Wdf
2014-03-12 15:24 - 2014-03-06 17:28 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Apple Computer
2014-03-12 14:40 - 2014-03-12 14:40 - 00003062 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe
2014-03-12 14:40 - 2014-03-12 14:40 - 00003060 _____ () C:\Windows\System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe
2014-03-12 14:40 - 2014-03-12 14:40 - 00000000 ____D () C:\Program Files\Microsoft Mouse and Keyboard Center
2014-03-12 14:39 - 2014-03-12 14:39 - 49662160 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\MouseKeyboardCenter_64bit_ENG_2.2.173.exe
2014-03-12 14:37 - 2014-03-12 14:37 - 00003040 _____ () C:\Windows\System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe
2014-03-12 14:37 - 2013-08-22 11:36 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-03-12 14:33 - 2014-03-12 14:33 - 22413696 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\IPx64_1033_8.20.468.0.exe
2014-03-12 14:33 - 2014-03-12 14:33 - 22413696 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\IPx64_1033_8.20.468.0 (1).exe
2014-03-12 11:16 - 2014-03-06 01:11 - 00075776 ___SH () C:\Users\Gil\Desktop\Thumbs.db
2014-03-10 18:55 - 2014-03-09 21:42 - 00000000 ____D () C:\Users\Gil\AppData\Local\CrashDumps
2014-03-10 18:54 - 2014-03-10 18:54 - 00001031 _____ () C:\Users\Public\Desktop\Cyberduck.lnk
2014-03-10 18:54 - 2014-03-10 18:53 - 00000000 ____D () C:\Program Files (x86)\Cyberduck
2014-03-10 18:45 - 2014-03-10 18:45 - 00002068 _____ () C:\Users\Public\Desktop\MP Navigator 2.2.lnk
2014-03-10 18:45 - 2014-03-10 18:45 - 00000000 ____D () C:\Program Files (x86)\Canon
2014-03-10 18:44 - 2014-03-10 18:44 - 09785424 _____ () C:\Users\Gil\Downloads\mpnmp530win222ea13.exe
2014-03-10 18:44 - 2014-03-10 18:44 - 00000000 ___HD () C:\Windows\system32\CanonIJ Uninstaller Information
2014-03-10 18:44 - 2014-03-10 18:44 - 00000000 ___HD () C:\ProgramData\CanonBJ
2014-03-10 18:44 - 2014-03-10 18:44 - 00000000 ___HD () C:\Program Files\CanonBJ
2014-03-10 18:43 - 2014-03-10 18:43 - 10851656 _____ () C:\Users\Gil\Downloads\mp530win64111ej.exe
2014-03-10 18:11 - 2014-03-10 18:11 - 00000000 ____D () C:\Program Files (x86)\QuickTime
2014-03-10 18:09 - 2014-03-10 18:09 - 41945432 _____ (Apple Inc.) C:\Users\Gil\Downloads\QuickTimeInstaller.exe
2014-03-10 15:22 - 2014-03-10 15:22 - 04011640 _____ () C:\Users\Gil\Downloads\ljP1000_P1500-HB-pnp-win64-en.exe
2014-03-10 15:22 - 2014-03-10 15:22 - 00019341 _____ () C:\HPLJP1000_P1500_Series.log
2014-03-10 15:22 - 2014-03-10 15:22 - 00000000 ____D () C:\Program Files\HP
2014-03-08 17:44 - 2013-08-22 09:25 - 00000167 _____ () C:\Windows\win.ini
2014-03-08 17:17 - 2014-03-08 17:17 - 00000000 ____D () C:\ProgramData\Logitech
2014-03-08 17:13 - 2013-08-22 11:36 - 00000000 ___RD () C:\Windows\ImmersiveControlPanel
2014-03-08 17:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\WinStore
2014-03-08 17:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\migwiz
2014-03-08 17:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\PolicyDefinitions
2014-03-08 17:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\MediaViewer
2014-03-08 17:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\FileManager
2014-03-08 17:13 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\Camera
2014-03-08 17:13 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\SysWOW64\Dism
2014-03-08 17:13 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\oobe
2014-03-08 17:13 - 2013-08-22 09:36 - 00000000 ____D () C:\Windows\system32\Dism
2014-03-08 17:09 - 2014-03-08 17:09 - 00018960 _____ (Logitech, Inc.) C:\Windows\system32\Drivers\LNonPnP.sys
2014-03-08 17:09 - 2014-03-08 17:09 - 00006548 _____ () C:\Windows\LDPINST.LOG
2014-03-08 17:09 - 2014-03-08 17:09 - 00000758 _____ () C:\Windows\LkmdfCoInst.log
2014-03-08 17:09 - 2014-03-08 17:09 - 00000000 ____D () C:\Users\Public\Documents\Logishrd
2014-03-08 17:09 - 2014-03-08 17:09 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Leadertech
2014-03-08 17:09 - 2014-03-08 17:09 - 00000000 ____D () C:\ProgramData\Logishrd
2014-03-08 17:09 - 2014-03-08 17:09 - 00000000 ____D () C:\Program Files\Logitech
2014-03-08 17:09 - 2014-03-08 17:07 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Logitech
2014-03-08 17:09 - 2014-03-08 17:07 - 00000000 ____D () C:\Program Files\Common Files\LogiShrd
2014-03-08 17:07 - 2014-03-08 17:07 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Logishrd
2014-03-07 14:12 - 2014-03-18 12:14 - 00000000 ____D () C:\Users\norton\AppData\Local\Microsoft Help
2014-03-07 14:12 - 2014-03-07 14:12 - 00000000 ____D () C:\Users\Default\AppData\Local\Microsoft Help
2014-03-07 14:12 - 2014-03-07 14:12 - 00000000 ____D () C:\Users\Default User\AppData\Local\Microsoft Help
2014-03-07 14:12 - 2014-03-06 14:55 - 00000000 ____D () C:\Program Files (x86)\Microsoft Works
2014-03-06 17:35 - 2014-03-06 17:35 - 00001833 _____ () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Spotify.lnk
2014-03-06 17:32 - 2014-03-06 17:31 - 00000000 ____D () C:\Users\Gil\AppData\Local\Google
2014-03-06 17:32 - 2014-03-06 17:31 - 00000000 ____D () C:\Program Files (x86)\Google
2014-03-06 17:31 - 2014-03-06 17:31 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2014-03-06 17:31 - 2014-03-06 17:31 - 00003658 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Users\Gil\AppData\Local\Apple Computer
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Users\Gil\AppData\Local\Apple
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\ProgramData\Apple Computer
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files\iTunes
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files\iPod
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files\Common Files\Apple
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files (x86)\iTunes
2014-03-06 17:28 - 2014-03-06 17:28 - 00000000 ____D () C:\Program Files (x86)\Apple Software Update
2014-03-06 17:28 - 2014-03-06 16:22 - 00000000 ____D () C:\ProgramData\Apple
2014-03-06 16:22 - 2014-03-06 16:22 - 00000000 ____D () C:\Program Files\Bonjour
2014-03-06 16:22 - 2014-03-06 16:22 - 00000000 ____D () C:\Program Files (x86)\Bonjour
2014-03-06 16:15 - 2014-03-06 16:15 - 00000000 ____D () C:\Users\Gil\AppData\Local\Evernote
2014-03-06 16:15 - 2014-03-06 16:15 - 00000000 ____D () C:\Program Files (x86)\Evernote
2014-03-06 16:03 - 2014-03-06 16:03 - 00000000 ____D () C:\Windows\System32\Tasks\Norton Security Suite
2014-03-06 16:02 - 2014-03-06 15:58 - 00000000 ____D () C:\ProgramData\Norton
2014-03-06 16:01 - 2014-03-06 16:01 - 00177752 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2014-03-06 16:01 - 2014-03-06 16:01 - 00008222 _____ () C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2014-03-06 16:01 - 2014-03-06 16:01 - 00003228 _____ () C:\Windows\System32\Tasks\Norton WSC Integration
2014-03-06 16:01 - 2014-03-06 16:01 - 00000000 ____D () C:\Windows\system32\Drivers\N360x64
2014-03-06 16:01 - 2014-03-06 16:01 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-03-06 16:01 - 2014-03-06 16:01 - 00000000 ____D () C:\Program Files (x86)\Norton Security Suite
2014-03-06 16:01 - 2013-08-22 11:36 - 00000000 ___HD () C:\Windows\ELAMBKUP
2014-03-06 16:00 - 2014-03-06 16:00 - 00000000 ____D () C:\Users\Gil\Documents\Symantec
2014-03-06 15:58 - 2014-03-06 15:58 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-03-06 15:49 - 2014-03-06 15:48 - 148885840 _____ (Apple Inc.) C:\Users\Gil\Downloads\iTunes64Setup.exe
2014-03-06 15:32 - 2014-03-06 15:32 - 00000000 ____D () C:\Program Files (x86)\MSECache
2014-03-06 15:15 - 2014-03-06 15:15 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2014-03-06 15:15 - 2014-03-06 14:54 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2014-03-06 15:14 - 2014-03-06 14:54 - 00000000 ____D () C:\Program Files\Microsoft Office
2014-03-06 15:06 - 2014-03-06 15:04 - 386308920 _____ (Microsoft Corporation) C:\Users\Gil\Downloads\MicrosoftInstaller.exe
2014-03-06 14:55 - 2014-03-06 14:55 - 00000000 ____D () C:\Windows\PCHEALTH
2014-03-06 14:54 - 2014-03-06 14:54 - 00000000 __RHD () C:\MSOCache
2014-03-06 14:54 - 2014-03-06 14:54 - 00000000 ____D () C:\Users\Gil\AppData\Local\Microsoft Help
2014-03-06 14:54 - 2013-08-22 15:11 - 00000000 ____D () C:\Windows\ShellNew
2014-03-06 00:27 - 2014-03-06 00:27 - 00000000 ____H () C:\Windows\system32\Drivers\Msft_User_LocationProvider_01_11_00.Wdf
2014-03-06 00:25 - 2014-03-06 00:25 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Macromedia
2014-03-06 00:24 - 2014-03-06 00:16 - 00000000 ____D () C:\Users\Gil
2014-03-06 00:23 - 2014-03-06 00:23 - 00000000 _____ () C:\Windows\system32\atiicdxx.dat
2014-03-06 00:23 - 2014-03-06 00:23 - 00000000 _____ () C:\Windows\ativpsrm.bin
2014-03-06 00:19 - 2014-03-06 00:19 - 00001442 _____ () C:\Users\Gil\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-03-06 00:19 - 2014-03-06 00:19 - 00000000 ____D () C:\Users\Gil\AppData\Roaming\Adobe
2014-03-06 00:19 - 2014-03-06 00:19 - 00000000 ____D () C:\Users\Gil\AppData\Local\VirtualStore
2014-03-06 00:19 - 2014-03-05 23:19 - 00000000 ____D () C:\Windows\Panther
2014-03-06 00:16 - 2014-03-06 00:16 - 00000020 ___SH () C:\Users\Gil\ntuser.ini
2014-03-05 23:20 - 2013-08-22 11:37 - 00001720 _____ () C:\Windows\DtcInstall.log
2014-03-05 23:20 - 2013-08-22 11:36 - 00000000 ____D () C:\Windows\system32\Recovery
2014-03-05 23:18 - 2013-08-22 11:36 - 00262144 _____ () C:\Windows\system32\config\BCD-Template
2014-03-04 18:53 - 2013-08-22 11:38 - 00693240 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2014-03-04 18:53 - 2013-08-22 11:38 - 00105464 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2014-03-01 02:05 - 2014-03-12 21:00 - 23133696 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2014-03-01 00:58 - 2014-03-12 21:00 - 02765824 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2014-03-01 00:30 - 2014-03-12 21:00 - 17074688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2014-03-01 00:17 - 2014-03-12 21:00 - 00218624 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2014-02-28 23:54 - 2014-03-12 21:00 - 05768704 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2014-02-28 23:47 - 2014-03-12 21:00 - 02168320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2014-02-28 23:42 - 2014-03-12 21:00 - 00627200 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2014-02-28 23:18 - 2014-03-12 21:00 - 13051904 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2014-02-28 23:14 - 2014-03-12 21:00 - 04244480 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2014-02-28 23:10 - 2014-03-12 21:00 - 02334208 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2014-02-28 23:03 - 2014-03-12 21:00 - 00524288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2014-02-28 22:57 - 2014-03-12 21:00 - 11266048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2014-02-28 22:38 - 2014-03-12 21:00 - 01393664 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2014-02-28 22:32 - 2014-03-12 21:00 - 01820160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2014-02-28 22:27 - 2014-03-12 21:00 - 01156096 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2014-02-28 22:25 - 2014-03-12 21:00 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2014-02-28 22:25 - 2014-03-12 21:00 - 00703488 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2014-02-22 08:16 - 2014-03-18 12:36 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2014-02-22 07:24 - 2014-03-18 12:36 - 00124416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\poqexec.exe
 
Some content of TEMP:
====================
C:\Users\Gil\AppData\Local\Temp\ose00001.exe
 
 
==================== Bamital & volsnap Check =================
 
C:\Windows\System32\winlogon.exe => MD5 is legit
C:\Windows\System32\wininit.exe => MD5 is legit
C:\Windows\explorer.exe => MD5 is legit
C:\Windows\SysWOW64\explorer.exe => MD5 is legit
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\SysWOW64\svchost.exe => MD5 is legit
C:\Windows\System32\services.exe => MD5 is legit
C:\Windows\System32\User32.dll => MD5 is legit
C:\Windows\SysWOW64\User32.dll => MD5 is legit
C:\Windows\System32\userinit.exe => MD5 is legit
C:\Windows\SysWOW64\userinit.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
C:\Windows\System32\Drivers\volsnap.sys
[2014-03-12 21:00] - [2014-01-31 12:15] - 0311640 ____A (Microsoft Corporation) C85C075DE5B6D0FE116043054DE8EE02
 
 
 
LastRegBack: 2014-03-15 05:01
 
==================== End Of Log ============================
 
 
 
And finally the Addition.txt log:
 
-----------------------

 

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 13-03-2014
Ran by Gil at 2014-03-18 17:45:32
Running from C:\Users\Gil\Downloads
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton Security Suite (Enabled - Up to date) {63DF5164-9100-186D-2187-8DC619EFD8BF}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Norton Security Suite (Enabled - Up to date) {D8BEB080-B73A-17E3-1B37-B6B462689202}
FW: Norton Security Suite (Enabled) {5BE4D041-DB6F-1935-0AD8-24F3E73C9FC4}
 
==================== Installed Programs ======================
 
Apple Application Support (HKLM-x32\...\{AAC5D43E-816D-4C2D-8E51-55FFF35BE301}) (Version: 3.0.1 - Apple Inc.)
Apple Mobile Device Support (HKLM\...\{787136D2-F0F8-4625-AA3F-72D7795AC842}) (Version: 7.1.1.3 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Bing Bar (HKLM-x32\...\{A302C3E1-A26A-4141-BC1E-2C4F90D2153F}) (Version: 7.3.126.0 - Microsoft Corporation)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Canon MP Navigator 2.2 (HKLM-x32\...\MP Navigator 2.2) (Version:  - )
Canon MP530 (HKLM\...\{3215EBED-1D06-42fb-A05C-A752A46FB24C}) (Version:  - )
Cyberduck 4.4.3 (14140) (HKLM-x32\...\Cyberduck) (Version: 4.4.3 (14140) - )
Definition Update for Microsoft Office 2010 (KB982726) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{92C42EDD-6524-4577-B2EB-6C68C63B6D4A}) (Version:  - Microsoft)
eReg (x32 Version: 1.20.138.34 - Logitech, Inc.) Hidden
Evernote v. 5.2 (HKLM-x32\...\{090931D6-A2F4-11E3-AD9C-00163E98E7D0}) (Version: 5.2.0.2946 - Evernote Corp.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 33.0.1750.154 - Google Inc.)
Google Update Helper (x32 Version: 1.3.22.5 - Google Inc.) Hidden
iTunes (HKLM\...\{B8BA155B-1E75-405F-9CB4-8A99615D09DC}) (Version: 11.1.5.5 - Apple Inc.)
Logitech SetPoint 6.61 (HKLM\...\sp6) (Version: 6.61.15 - Logitech)
Microsoft Application Error Reporting (Version: 12.0.6015.5000 - Microsoft Corporation) Hidden
Microsoft Mouse and Keyboard Center (HKLM\...\Microsoft Mouse and Keyboard Center) (Version: 2.2.173.0 - Microsoft Corporation)
Microsoft Mouse and Keyboard Center (Version: 2.2.173.0 - Microsoft Corporation) Hidden
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
Microsoft Office 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (HKLM-x32\...\HOMESTUDENTR) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Home and Student 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Office 64-bit Components 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-0081-0409-0000-0000000FF1CE}) (Version: 14.0.6123.5001 - Microsoft Corporation)
Microsoft Office Outlook MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (French) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Proof (Spanish) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014 - Microsoft Corporation) Hidden
Microsoft Office Proofing (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32 Version:  - Microsoft) Hidden
Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010 (Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Office Shared Setup Metadata MUI (English) 2010 (x32 Version: 14.0.7015.1000 - Microsoft Corporation) Hidden
Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000 - Microsoft Corporation) Hidden
Microsoft Outlook 2010 (HKLM-x32\...\Office14.OUTLOOKR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30214.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Norton Security Suite (HKLM-x32\...\N360) (Version: 21.1.0.18 - Symantec Corporation)
QuickTime 7 (HKLM-x32\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{DE28B448-32E8-4E8F-84F0-A52B21A49B5B}) (Version:  - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 32-Bit Edition (x32 Version:  - Microsoft) Hidden
Spotify (HKCU\...\Spotify) (Version: 0.9.7.16.g4b197456 - Spotify AB)
Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
Update for Microsoft en-us Dictionary (Version: 16.1.817.1 - Microsoft Corporation) Hidden
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.OUTLOOKR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Filter Pack 2.0 (KB2837594) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{D3C85176-ACCC-4AF0-817D-1BC803303B74}) (Version:  - Microsoft)
Update for Microsoft Office 2007 Help for Common Features (KB963673) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{AB365889-0395-4FAD-B702-CA5985D53D42}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{A024FC7B-77DE-45DE-A058-1C049A17BFB3}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{6FAA03BD-2B51-4029-9AD9-64A3B8E3C84C}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{CB68A5B0-3508-4193-AEB9-AF636DAECE0F}) (Version:  - Microsoft)
Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (HKLM-x32\...\{91120000-002F-0000-0000-0000000FF1CE}_HOMESTUDENTR_{E9A82945-BA29-4EE8-8F2A-2F49545E9CF2}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589298) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{DADF7E25-FFA4-4D02-BE84-1DAE62C18516}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.OUTLOOKR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589352) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{F4284D93-7AE8-4309-8CF3-9AD394F35F3A}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2589375) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{287A1E92-9E41-4BC1-8920-B3D0E9220800}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2597087) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{9D69691D-823D-4C3E-9B12-563A3F520366}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.OUTLOOKR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2760598) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{ECFE33A3-B8B7-439A-ADE4-59FBD29EF9B8}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2794737) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{5AA578BB-759C-40FD-9661-A737C0884541}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-040C-0000-0000000FF1CE}_Office14.OUTLOOKR_{82F87E28-B18E-46D6-A399-E2F19CF5949B}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2850079) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.OUTLOOKR_{5E8EB600-8B94-429E-873E-98369C6DC1BC}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2863818) 32-Bit Edition (HKLM-x32\...\{90140000-001F-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{83B1B530-7D9E-4C6A-907F-E979CEE9C295}) (Version:  - Microsoft)
Update for Microsoft Office 2010 (KB2878225) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{EFF5EBA3-40AD-4859-85E7-3C1CF4F297EB}) (Version:  - Microsoft)
Update for Microsoft Office Excel 2007 Help (KB963678) (HKLM-x32\...\{90120000-0016-0409-0000-0000000FF1CE}_HOMESTUDENTR_{199DF7B6-169C-448C-B511-1054101BE9C9}) (Version:  - Microsoft)
Update for Microsoft Office OneNote 2007 Help (KB963670) (HKLM-x32\...\{90120000-00A1-0409-0000-0000000FF1CE}_HOMESTUDENTR_{2744EF05-38E1-4D5D-B333-E021EDAEA245}) (Version:  - Microsoft)
Update for Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM-x32\...\{90120000-0018-0409-0000-0000000FF1CE}_HOMESTUDENTR_{397B1D4F-ED7B-4ACA-A637-43B670843876}) (Version:  - Microsoft)
Update for Microsoft Office Script Editor Help (KB963671) (HKLM-x32\...\{90120000-006E-0409-0000-0000000FF1CE}_HOMESTUDENTR_{CD11C6A2-FFC6-4271-8EAB-79C3582F505C}) (Version:  - Microsoft)
Update for Microsoft Office Word 2007 Help (KB963665) (HKLM-x32\...\{90120000-001B-0409-0000-0000000FF1CE}_HOMESTUDENTR_{80E762AA-C921-4839-9D7D-DB62A72C0726}) (Version:  - Microsoft)
Update for Microsoft OneNote 2010 (KB2837595) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.OUTLOOKR_{51CCA922-A0CC-47C4-8910-6936D97CAC2E}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{90140000-001A-0409-0000-0000000FF1CE}_Office14.OUTLOOKR_{DCE104A1-1875-4469-A83D-A5BFA6C4640F}) (Version:  - Microsoft)
Update for Microsoft Outlook 2010 (KB2687567) 32-Bit Edition (HKLM-x32\...\{91140000-001A-0000-0000-0000000FF1CE}_Office14.OUTLOOKR_{2AB483F1-C86E-427A-83B4-23889B03512D}) (Version:  - Microsoft)
Update for Microsoft SharePoint Workspace 2010 (KB2760601) 32-Bit Edition (HKLM-x32\...\{90140000-002A-0000-1000-0000000FF1CE}_Office14.OUTLOOKR_{F9F5A080-AF38-4966-9A6B-C43DCA465035}) (Version:  - Microsoft)
 
==================== Restore Points  =========================
 
 
==================== Hosts content: ==========================
 
2013-08-22 09:25 - 2013-08-22 09:25 - 00000824 ____N C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
Task: {05293577-D647-4185-B859-C94839A0B2E3} - System32\Tasks\Microsoft\Windows\SettingSync\NetworkStateChangeTask
Task: {0B545118-B563-42FC-8D07-B78F602FCF34} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2085BF56-520D-4951-B7C0-DF34AF90CC6A} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {291ECCED-7348-4F51-99A2-4D856132ACF9} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\WSCStub.exe [2013-10-08] (Symantec Corporation)
Task: {2C9C0C6C-2A74-46F2-858A-4389D253EAD0} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCachePrepopulate
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\Windows\System32\AutoWorkplace.exe [2013-08-22] (Microsoft Corporation)
Task: {3B6D8A73-F20B-4C93-B8FB-56A154F172D2} - System32\Tasks\Microsoft\Windows\Time Zone\SynchronizeTimeZone => C:\Windows\system32\tzsync.exe [2013-08-22] (Microsoft Corporation)
Task: {421D2BD6-9BA8-4EDE-A823-6D1F123FCEF4} - System32\Tasks\Microsoft_Hardware_Launch_IPoint_exe => C:\Program Files\Microsoft IntelliPoint\IPoint.exe
Task: {457B8490-D690-4A39-B3F2-A85575C02A81} - System32\Tasks\Microsoft_MKC_Logon_Task_ipoint.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\ipoint.exe [2013-05-13] (Microsoft Corporation)
Task: {4726CB52-EF40-4836-BDCB-5BFB872AE83F} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2014-03-18] (Microsoft Corporation)
Task: {49754026-21E1-41FC-94FD-727AFE414FE7} - System32\Tasks\Microsoft\Windows\Sysmain\HybridDriveCacheRebalance
Task: {6AA91E8C-DDBD-4979-8464-4062F7681A19} - System32\Tasks\Microsoft\Windows\Plug and Play\Plug and Play Cleanup
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task
Task: {73B1B253-CE67-4501-AE1A-377DD1D68B65} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {77F1D869-6E65-4079-A2A0-E2023408EF97} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task
Task: {8CC813C9-712A-41EF-9512-B233444FC669} - System32\Tasks\Microsoft\Windows\AppxDeploymentClient\Pre-staged app cleanup => Rundll32.exe %windir%\system32\AppxDeploymentClient.dll,AppxPreStageCleanupRunTask
Task: {95EBC1A8-2E31-45E1-9C6A-2F89576F9E3B} - System32\Tasks\Microsoft_MKC_Logon_Task_itype.exe => C:\Program Files\Microsoft Mouse and Keyboard Center\itype.exe [2013-05-13] (Microsoft Corporation)
Task: {96D4C6C2-3C81-4B41-BEA1-94C1E04332AF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {9FF4C139-5234-410C-B7FA-23EE2FD2AB53} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Maintenance Work
Task: {C7FF2829-CEBC-4DAB-9DF8-7C3E91339EA1} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-03-06] (Google Inc.)
Task: {CFD7C21A-808B-487B-A6EC-8A10E44E8360} - System32\Tasks\Microsoft\Windows\SettingSync\BackupTask
Task: {D88FEC9E-A82A-46F9-87E2-B6B97B301C1A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {DA46820F-FF8A-4B5E-A6B2-B12185DCFFFB} - System32\Tasks\Microsoft\Windows\Work Folders\Work Folders Logon Synchronization
Task: {DCEE2E78-B9DA-4576-87FE-D071B265809A} - System32\Tasks\Norton Security Suite\Norton Error Processor => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: {E6D378FA-E068-4BCB-80DE-56D43A249507} - System32\Tasks\Microsoft\Windows\RecoveryEnvironment\VerifyWinRE
Task: {FD9C82EA-554B-43B1-B95F-8BD58F62C5D3} - System32\Tasks\Norton Security Suite\Norton Error Analyzer => C:\Program Files (x86)\Norton Security Suite\Engine\21.1.0.18\SymErr.exe [2013-08-01] (Symantec Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) =============
 
2014-03-10 15:22 - 2013-04-15 14:50 - 00198144 _____ () C:\Windows\System32\HP1006LM.DLL
2014-03-10 15:22 - 2013-04-15 14:50 - 00065024 _____ () C:\Windows\system32\spool\PRTPROCS\x64\HP1006PP.dll
2014-02-13 00:58 - 2014-02-13 00:58 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
2014-02-13 00:58 - 2014-02-13 00:58 - 01044808 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
2014-03-15 14:38 - 2014-03-14 20:50 - 00051016 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\chrome_elf.dll
2014-03-15 14:38 - 2014-03-14 20:50 - 00716616 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libglesv2.dll
2014-03-15 14:38 - 2014-03-14 20:50 - 00100168 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\libegl.dll
2014-03-15 14:38 - 2014-03-14 20:50 - 04061000 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\pdf.dll
2014-03-15 14:38 - 2014-03-14 20:50 - 00394568 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ppGoogleNaClPluginChrome.dll
2014-03-15 14:38 - 2014-03-14 20:50 - 01647432 _____ () C:\Program Files (x86)\Google\Chrome\Application\33.0.1750.154\ffmpegsumo.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
AlternateDataStreams: C:\Users\Gil\SkyDrive:ms-properties
 
==================== Safe Mode (whitelisted) ===================
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMR410 => ""="Service"
 
==================== Disabled items from MSCONFIG ==============
 
 
==================== Faulty Device Manager Devices =============
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (03/18/2014 11:52:17 AM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 33.0.1750.154 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 610
 
Start Time: 01cf42bdcce2a997
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 4777551d-aeb5-11e3-8253-0023aee70398
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (03/18/2014 11:21:51 AM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 33.0.1750.154 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1b7c
 
Start Time: 01cf42bd829581e3
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: 07411dc6-aeb1-11e3-8253-0023aee70398
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (03/18/2014 11:19:20 AM) (Source: Application Hang) (User: )
Description: The program chrome.exe version 33.0.1750.154 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.
 
Process ID: 1b50
 
Start Time: 01cf409dc2999484
 
Termination Time: 4294967295
 
Application Path: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
Report Id: acc32469-aeb0-11e3-8253-0023aee70398
 
Faulting package full name: 
 
Faulting package-relative application ID:
 
Error: (03/17/2014 03:12:15 PM) (Source: Microsoft-Windows-LocationProvider) (User: NT AUTHORITY)
Description: There was an error with the Windows Location Provider database
 
Error: (03/15/2014 09:16:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1562
 
Error: (03/15/2014 09:16:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1562
 
Error: (03/15/2014 09:16:25 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
Error: (03/12/2014 09:31:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 1546
 
Error: (03/12/2014 09:31:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 1546
 
Error: (03/12/2014 09:31:32 PM) (Source: Bonjour Service) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
 
 
System errors:
=============
Error: (03/18/2014 05:37:11 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (03/18/2014 05:37:11 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/18/2014 05:37:04 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (03/18/2014 05:37:04 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084WSearchUnavailable{9E175B68-F52A-11D8-B9A5-505054503030}
 
Error: (03/18/2014 05:37:04 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/18/2014 05:36:58 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084ShellHWDetectionUnavailable{DD522ACC-F821-461A-A407-50B198B896DC}
 
Error: (03/18/2014 05:35:57 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (03/18/2014 05:35:57 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (03/18/2014 05:35:57 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
Error: (03/18/2014 05:35:57 PM) (Source: DCOM) (User: OFFICE-DESKTOP)
Description: 1084WSearchUnavailable{B52D54BB-4818-4EB9-AA80-F9EACD371DF8}
 
 
Microsoft Office Sessions:
=========================
 
==================== Memory info =========================== 
 
Percentage of memory in use: 27%
Total physical RAM: 6134.98 MB
Available physical RAM: 4448.68 MB
Total Pagefile: 7414.98 MB
Available Pagefile: 5540.64 MB
Total Virtual: 131072 MB
Available Virtual: 131071.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:111.45 GB) (Free:72.76 GB) NTFS
Drive d: (Media/Win 7) (Fixed) (Total:916.44 GB) (Free:352.66 GB) NTFS ==>[System with boot components (obtained from reading drive)]
Drive e: (RECOVERY) (Fixed) (Total:15 GB) (Free:6.53 GB) NTFS
Drive j: (OFFICE14) (CDROM) (Total:0.58 GB) (Free:0 GB) UDF
Drive k: (HITMANPRO) (Removable) (Total:1.9 GB) (Free:1.9 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 932 GB) (Disk ID: C0000000)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 112 GB) (Disk ID: BFF39675)
 
Partition: GPT Partition Type.
 
========================================================
Disk: 6 (Size: 2 GB) (Disk ID: 8646DF11)
Partition 1: (Active) - (Size=2 GB) - (Type=0B)
 
==================== End Of Log ============================


#6 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:32 AM

Posted 19 March 2014 - 03:20 AM

Full System Scan with Malwarebytes Antimalware

  • If not existing, please download Malwarebytes' Anti-Malware to your desktop.
  • Double-click mbam-setup.exe and follow the prompts to install the program.
  • At the end, be sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.


If the program is already installed:
  • Run Malwarebytes Antimalware
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select Perform fullscan, place a checkmark on all hard drives, then click Scan.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Be sure that everything is checked, and click Remove Selected.
  • When completed, a log will open in Notepad. Please save it to a convenient location.
  • The log can also be found here:
    C:\Documents and Settings\Username\Application Data\Malwarebytes\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Or at C:\Program Files\Malwarebytes' Anti-Malware\Logs\log-date.txt
  • Post that log back here.

 

 

 

Scan with ESET Online Scan

Please go to here to run the online scannner from ESET.

  • Turn off the real time scanner of any existing antivirus program while performing the online scan
  • Tick the box next to YES, I accept the Terms of Use.
  • Click Start
  • When asked, allow the activex control to install
  • Click Start
  • Make sure that the option Remove found threats is unticked
  • Click on Advanced Settings and ensure these options are ticked:
    • Scan for potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Click Scan
  • Wait for the scan to finish
  • If any threats were found, click the 'List of found threats' , then click Export to text file....
  • Save it to your desktop, then please copy and paste that log as a reply to this topic.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#7 ATL_heel

ATL_heel
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 19 March 2014 - 01:27 PM

Malwarebytes Antimalware log:

 

-------------------------------

 

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org
 
Database version: v2014.03.19.05
 
Windows 8 x64 NTFS
Internet Explorer 11.0.9600.16521
Gil :: OFFICE-DESKTOP [administrator]
 
3/19/2014 8:18:34 AM
mbam-log-2014-03-19 (08-18-34).txt
 
Scan type: Full scan (C:\|D:\|E:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 842837
Time elapsed: 3 hour(s), 30 minute(s), 50 second(s)
 
Memory Processes Detected: 0
(No malicious items detected)
 
Memory Modules Detected: 0
(No malicious items detected)
 
Registry Keys Detected: 0
(No malicious items detected)
 
Registry Values Detected: 0
(No malicious items detected)
 
Registry Data Items Detected: 0
(No malicious items detected)
 
Folders Detected: 0
(No malicious items detected)
 
Files Detected: 0
(No malicious items detected)
 
(end)
 
--------------------------------
 
 
And the ESET log:
 
D:\Users\Gil\Downloads\cbsidlm-tr1_13-WinUtilities_Professional_Edition-ORG-10556842.exe Win32/DownloadAdmin.G potentially unwanted application
D:\Users\Gil\Downloads\cnet_wrar401_exe.exe a variant of Win32/InstallCore.D potentially unwanted application
D:\Users\Gil\Downloads\Initial Setup - Drivers, etc\CuteWriter.exe probably a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application
 


#8 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:32 AM

Posted 19 March 2014 - 03:28 PM

 

D:\Users\Gil\Downloads\cbsidlm-tr1_13-WinUtilities_Professional_Edition-ORG-10556842.exe Win32/DownloadAdmin.G potentially unwanted application
D:\Users\Gil\Downloads\cnet_wrar401_exe.exe a variant of Win32/InstallCore.D potentially unwanted application
D:\Users\Gil\Downloads\Initial Setup - Drivers, etc\CuteWriter.exe probably a variant of Win32/Bundled.Toolbar.Ask potentially unsafe application

These files aren´t malware but contain security risks. I would delete them immediately - your choice.

 

 

 

 

Then we can do the cleanup - if you are facing any issues, report that immediately.

Delete junk with adwCleaner


Please download AdwCleaner to your desktop.


  • Run adwcleaner.exe
  • Hit Scan and wait for the scan to finish.
  • Confirm the message but don´t uncheck anything.
  • Hit Clean
  • When the run is finished, it will open up a text file
  • Please post its contents within your next reply
  • You´ll find the log file at C:\AdwCleaner[S1].txt also




Delete junk with JRT

thisisujrt.gif Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.




SecurityCheck

Reboot your system before starting!

Please download SecurityCheck: LINK1 LINK2

  • Save it to your desktop, start it and follow the instructions in the window.
  • After the scan finished the (checkup.txt) will open. Copy its content to your thread.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#9 ATL_heel

ATL_heel
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 19 March 2014 - 04:19 PM

Deleted the 3 files previously found to be security risks and uninstalled the related applications.
 
Here is the adwCleaner log:
 
-------------------------------
 
# AdwCleaner v3.022 - Report created 19/03/2014 at 16:56:48
# Updated 13/03/2014 by Xplode
# Operating System : Windows 8.1  (64 bits)
# Username : Gil - OFFICE-DESKTOP
# Running from : C:\Users\Gil\Desktop\adwcleaner.exe
# Option : Scan
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
File Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
 
***** [ Browsers ] *****
 
-\\ Internet Explorer v11.0.9600.16518
 
 
-\\ Google Chrome v33.0.1750.154
 
[ File : C:\Users\Gil\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
[ File : C:\Users\norton\AppData\Local\Google\Chrome\User Data\Default\preferences ]
 
 
*************************
 
AdwCleaner[R0].txt - [766 octets] - [19/03/2014 16:56:48]
 
########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [825 octets] ##########
 
 
-------------------------
 
 
Here is the JRT log:
 
-------------------------
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.2 (02.20.2014:1)
OS: Windows 8.1 x64
Ran by Gil on Wed 03/19/2014 at 17:09:43.80
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/19/2014 at 17:13:21.29
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
Was unable to run SecurityCheck, 'unsupported operating system' message returned.


#10 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:32 AM

Posted 20 March 2014 - 03:12 AM

Please reboot and try again to run SecurityCheck.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#11 ATL_heel

ATL_heel
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 20 March 2014 - 06:29 AM

SecurityCheck worked after reboot, log below:
 
--------------------------------
 
 Results of screen317's Security Check version 0.99.80  
   x64 (UAC is enabled)  
 Internet Explorer 11  
``````````````Antivirus/Firewall Check:`````````````` 
 Windows Security Center service is not running! This report may not be accurate! 
 Windows Firewall Enabled!  
Windows Defender        
Norton Security Suite   
 WMI entry may not exist for antivirus; attempting automatic update. 
`````````Anti-malware/Other Utilities Check:````````` 
 Malwarebytes Anti-Malware version 1.75.0.1300  
 Google Chrome 33.0.1750.146  
 Google Chrome 33.0.1750.154  
````````Process Check: objlist.exe by Laurent````````  
 Gil Downloads Malware cleanup programs SecurityCheck.exe 
`````````````````System Health check````````````````` 
 Total Fragmentation on Drive C:  % 
````````````````````End of Log`````````````````````` 


#12 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:32 AM

Posted 20 March 2014 - 08:46 AM

ESET Services Repair

Download ESET services repair from here and save the file to your desktop.

Run it by right click --> "run as administrator".

After the tool is finished, reboot.

 

 

 

Scan with Farbar´s Service Scanner

Please download Farbar Service Scanner and run it on the computer with the issue.

  • Make sure the following options are checked:
    • Internet Services
    • Windows Firewall
    • System Restore
    • Security Center
    • Windows Update
    • Windows Defender

  • Press "Scan".
  • It will create a log (FSS.txt) in the same directory the tool is run.
  • Please copy and paste the log to your reply.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#13 ATL_heel

ATL_heel
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 20 March 2014 - 09:17 AM

ESET and FSS both done, FSS log below:

 

Farbar Service Scanner Version: 25-02-2014
Ran by Gil (administrator) on 20-03-2014 at 10:15:28
Running from "C:\Users\Gil\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
wscsvc Service is not running. Checking service configuration:
The start type of wscsvc service is OK.
The ImagePath of wscsvc service is OK.
The ServiceDll of wscsvc service is OK.
 
 
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is set to Demand. The default start type is Auto.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
 
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-03-12 21:00] - [2014-01-29 04:47] - 2543960 ____A (Microsoft Corporation) ECC68BD5347BDE9631EE68274858A41F
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2014-03-12 21:00] - [2013-10-25 02:48] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799
 
C:\Program Files\Windows Defender\MsMpEng.exe
[2014-03-12 21:00] - [2013-10-30 20:29] - 0023824 ____A (Microsoft Corporation) 7CE5405B192AC912B9405F72386C7D4B
 
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****


#14 TB-Psychotic

TB-Psychotic

  • Malware Response Team
  • 6,349 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:09:32 AM

Posted 20 March 2014 - 09:21 AM

Windows Repair (all-in-one)

Please download Windows Repair (all in one) from here.

Install the program then run it.

Go to step 2 and allow it to run Disk check.

Capture3.gif

Once that is done then go to step 3 and allow it to run SFC by clicking Do it

Capture.gif


On the Start Repairs tab, click Start.
Within the opening window, hit unselect all.
Check only the following:



  • Reset Registry Permissions
  • Reset File Permissions
  • Register System Files
  • Repair Windows Firewall
  • Repair Windows Updates


then click on Start

DON'T use the computer while each scan is in progress.

Restart may be needed to finish the repair procedure.

When finished, rescan with Farbar´s Service Scanner and post the log.


Proud Member of UNITE & TB
 
My help is free, however, if you want to support my fight against malware, click here --> btn_donate_SM.gif <--(no worries, every little bit helps)

#15 ATL_heel

ATL_heel
  • Topic Starter

  • Members
  • 16 posts
  • OFFLINE
  •  
  • Local time:04:32 AM

Posted 20 March 2014 - 10:07 AM

Performed everything requested, new FSS log below:

 

Farbar Service Scanner Version: 25-02-2014
Ran by Gil (administrator) on 20-03-2014 at 11:06:34
Running from "C:\Users\Gil\Desktop"
Microsoft Windows 8.1  (X64)
Boot Mode: Normal
****************************************************************
 
Internet Services:
============
 
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
 
 
Windows Firewall:
=============
 
Firewall Disabled Policy: 
==================
 
 
System Restore:
============
 
System Restore Disabled Policy: 
========================
 
 
Action Center:
============
 
 
Windows Update:
============
 
Windows Autoupdate Disabled Policy: 
============================
 
 
Windows Defender:
==============
WinDefend Service is not running. Checking service configuration:
The start type of WinDefend service is set to Demand. The default start type is Auto.
The ImagePath of WinDefend: ""%ProgramFiles%\Windows Defender\MsMpEng.exe"".
 
 
Windows Defender Disabled Policy: 
==========================
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=DWORD:1
 
 
Other Services:
==============
 
 
File Check:
========
C:\Windows\System32\nsisvc.dll => MD5 is legit
C:\Windows\System32\drivers\nsiproxy.sys => MD5 is legit
C:\Windows\System32\dhcpcore.dll => MD5 is legit
C:\Windows\System32\drivers\afd.sys => MD5 is legit
C:\Windows\System32\drivers\tdx.sys => MD5 is legit
C:\Windows\System32\Drivers\tcpip.sys
[2014-03-12 21:00] - [2014-01-29 04:47] - 2543960 ____A (Microsoft Corporation) ECC68BD5347BDE9631EE68274858A41F
 
C:\Windows\System32\dnsrslvr.dll => MD5 is legit
C:\Windows\System32\mpssvc.dll => MD5 is legit
C:\Windows\System32\bfe.dll => MD5 is legit
C:\Windows\System32\drivers\mpsdrv.sys => MD5 is legit
C:\Windows\System32\wscsvc.dll => MD5 is legit
C:\Windows\System32\wbem\WMIsvc.dll => MD5 is legit
C:\Windows\System32\wuaueng.dll => MD5 is legit
C:\Windows\System32\qmgr.dll => MD5 is legit
C:\Windows\System32\es.dll => MD5 is legit
C:\Windows\System32\cryptsvc.dll => MD5 is legit
C:\Program Files\Windows Defender\MpSvc.dll
[2014-03-12 21:00] - [2013-10-25 02:48] - 1571328 ____A (Microsoft Corporation) 8077537B1600AF493E7EE1A7A5C90799
 
C:\Program Files\Windows Defender\MsMpEng.exe
[2014-03-12 21:00] - [2013-10-30 20:29] - 0023824 ____A (Microsoft Corporation) 7CE5405B192AC912B9405F72386C7D4B
 
C:\Windows\System32\svchost.exe => MD5 is legit
C:\Windows\System32\rpcss.dll => MD5 is legit
 
 
**** End of log ****





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users