Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

adultcameras.info virus removal


  • This topic is locked This topic is locked
35 replies to this topic

#1 knightstalker

knightstalker

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 09 February 2015 - 03:09 PM

hi everyone

so this adultcameras.info has been popping up on my chrome and firefox

i did took some steps to remove it.( removed the related cookie and used adwcleaner. plus cleaning the history(mozilla and internet explorer too) (not completely, to a time before the popup)and resetted chrome settings.and currently i have blocked cookies)

so i wanted to know if my computer is still infected and if my router has been infected. because i have seen the popup on my phone while using chrome. (i havent recently seen it on my phone though)

also from what i saw on the forums, i ran a FRST scan and attached the logs. hope it helps.

thanks in advance

i also attached a  junkware removal tool log. hope that helps too

Attached Files



BC AdBot (Login to Remove)

 


#2 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:49 PM

Posted 14 February 2015 - 03:07 AM

Hello knightstalker, welcome to Bleeping Computer's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that. smile.png
 
======================================================
 
Please read through the points below to ensure this process moves as quickly and efficiently as possible.

  • Ensure you read through my instructions thoroughly, and carry out each step in the order specified.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in providing the best set of instructions for you.
  • Please backup important files before proceeding with my instructions. Malware removal can be unpredictable at times.   
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before proceeding.
  • Topics are locked if no response is made after 4 days. Please inform me if you require additional time to complete my instructions.
  • I will notify you when I believe your computer is free of malware. Please bear in mind, absence of symptoms does not necessarily correlate to absence of malware, so please wait until the "All Clean". 
  • Ensure you are following this topic. Click etYzdbu.png at the top of the page. 

======================================================
 

so i wanted to know if my computer is still infected and if my router has been infected. because i have seen the popup on my phone while using chrome. (i havent recently seen it on my phone though)

Have you linked your Chrome account on your phone? 
 
Please consider the following warning, and proceed with the instructions below.

goGMWSt.gifP2P Warning

------------------------------

I see you have peer-to-peer (P2P) file sharing software installed on your computer (uTorrent). I advise you avoid P2P file sharing programmes; they are a security risk which can make your computer susceptible to malware. File sharing networks are thoroughly infested with malware - wormsbackdoor TrojansIRCBots, and rootkits propagate via P2P file sharing networks, gaming, and underground sites. Users visiting such pages may see innocuous-looking banner ads containing code which can trigger pop-up ads and malicious Flash ads that install malware. The best way to reduce the risk of infection is to avoid these types of web sites and P2P programmes. Please read the following articles for more information.

Your P2P software can be removed by following the instructions below.
  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the aforementioned programme(s), right-click and click Uninstall. Follow the prompts.
If you choose not to, please refrain from using the programme(s) during this process.

STEP 1
xKOtu1Ft.png.pagespeed.ic.ONB4zWgOQ_.jpg Router Power Cycle 

  • Switch your computer off. 
  • Turn your router/modem off. 
  • Unplug your router/modem and all cables from the wall. 
  • Wait 60 seconds. 
  • Plug your router/modem back in and turn on. 
  • Switch your computer on. 
     

STEP 2
b8zkrsY.png Browser Reset
 
Before proceeding, please refer to the following instructions on how you can backup your Favourites/Bookmarks.

Using the relevant instructions below, please reset your installed browsers. 
As Internet Explorer is an integral part of Windows, please ensure you reset this browser.

STEP 3
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    CreateRestorePoint:
    HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\MountPoints2: {1114e53b-0d7a-11e3-ad1f-96a254a85c15} - H:\setup.exe
    HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\MountPoints2: {1771a2f8-09d8-11e3-a229-806e6f6e6963} - F:\AUTORUN.EXE
    HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\MountPoints2: {7e957af0-79d4-11e3-88f2-3085a90aad3b} - G:\Startme.exe
    HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\MountPoints2: {7e957b1b-79d4-11e3-88f2-3085a90aad3b} - G:\Startme.exe
    CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=111252&tt=010712_2&babsrc=HP_ss&mntrId=d848391c000000000000f4ec388c579b"
    C:\Users\kamyab\AppData\Local\Temp\PIPInstaller_PTV_.exe
    C:\Users\kamyab\AppData\Local\Temp\utt56BF.tmp.exe
    CMD: ipconfig /flushdns
    CMD: netsh int ipv4 reset
    CMD: netsh int ipv6 reset
    EmptyTemp:
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 4
EtQetiM.png Uninstall Software

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type appwiz.cpl and click OK.
  • Search for the following programmes, right-click and click Uninstall.
    • Pandora Service
  • Follow the prompts.
  • Note: If you are offered the choice to install additional software, ensure you decline.
  • Reboot if necessary.
     

======================================================
 
STEP 5
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did your browsers reset successfully?
  • Fixlog.txt
  • Did the programme uninstall successfully?

Posted Image

#3 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 14 February 2015 - 06:18 AM

hello adam. you can call me kamyab if you wish.

well i did the things you told me. i deleted utorrent. but when i attempted to uninstall pandora service it said it might have already been removed.

could it be because of adwcleaner? i noticed adwcleaner did remove a registery related to it.

and i did reset all the browsers. but apparently resetting chrome and firefox did not delete the bookmarks.

i manually deleted both chrome and firefox bookmarks and chrome extentions. and did another reset. i also resetted internet explorer

and yes, my phone is indeed connected to the same account i use chrome on my laptop with.( right now my gmail is disconnected from my laptop,but not the phone)

by the way there are two phones, a pc and a laptop and a set top box connected to the  network,should i do anything with them like wiping the phones or something?

here is the fixlog

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 07-02-2015
Ran by kamyab at 2015-02-14 14:24:57 Run:1
Running from C:\Users\kamyab\Desktop
Loaded Profiles: kamyab (Available profiles: kamyab)
Boot Mode: Normal
==============================================
 
Content of fixlist:
*****************
start
CreateRestorePoint:
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\MountPoints2: {1114e53b-0d7a-11e3-ad1f-96a254a85c15} - H:\setup.exe
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\MountPoints2: {1771a2f8-09d8-11e3-a229-806e6f6e6963} - F:\AUTORUN.EXE
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\MountPoints2: {7e957af0-79d4-11e3-88f2-3085a90aad3b} - G:\Startme.exe
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\MountPoints2: {7e957b1b-79d4-11e3-88f2-3085a90aad3b} - G:\Startme.exe
CHR StartupUrls: Default -> "hxxp://www.google.com/", "hxxp://search.babylon.com/?affID=111252&tt=010712_2&babsrc=HP_ss&mntrId=d848391c000000000000f4ec388c579b"
C:\Users\kamyab\AppData\Local\Temp\PIPInstaller_PTV_.exe
C:\Users\kamyab\AppData\Local\Temp\utt56BF.tmp.exe
CMD: ipconfig /flushdns
CMD: netsh int ipv4 reset
CMD: netsh int ipv6 reset
EmptyTemp:
end
*****************
 
Restore point was successfully created.
"HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1114e53b-0d7a-11e3-ad1f-96a254a85c15}" => Key deleted successfully.
HKCR\CLSID\{1114e53b-0d7a-11e3-ad1f-96a254a85c15} => Key not found. 
"HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{1771a2f8-09d8-11e3-a229-806e6f6e6963}" => Key deleted successfully.
HKCR\CLSID\{1771a2f8-09d8-11e3-a229-806e6f6e6963} => Key not found. 
"HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e957af0-79d4-11e3-88f2-3085a90aad3b}" => Key deleted successfully.
HKCR\CLSID\{7e957af0-79d4-11e3-88f2-3085a90aad3b} => Key not found. 
"HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7e957b1b-79d4-11e3-88f2-3085a90aad3b}" => Key deleted successfully.
HKCR\CLSID\{7e957b1b-79d4-11e3-88f2-3085a90aad3b} => Key not found. 
Chrome StartupUrls deleted successfully.
C:\Users\kamyab\AppData\Local\Temp\PIPInstaller_PTV_.exe => Moved successfully.
C:\Users\kamyab\AppData\Local\Temp\utt56BF.tmp.exe => Moved successfully.
 
=========  ipconfig /flushdns =========
 
 
Windows IP Configuration
 
Successfully flushed the DNS Resolver Cache.
 
========= End of CMD: =========
 
 
=========  netsh int ipv4 reset =========
 
Reseting Global, OK!
Reseting Interface, OK!
Restart the computer to complete this action.
 
 
========= End of CMD: =========
 
 
=========  netsh int ipv6 reset =========
 
There's no user specified settings to be reset.
 
 
========= End of CMD: =========
 
EmptyTemp: => Removed 16.3 GB temporary data.
 
 
The system needed a reboot. 
 
==== End of Fixlog 14:28:57 ====
thanks for your assistance!

Edited by knightstalker, 14 February 2015 - 06:21 AM.


#4 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 14 February 2015 - 06:26 AM

ok ok i forgot to tell you something.

before your post i did ran a scan with Malwarebytes Anti-Malware and i showed that my laptop( the same system that had the initial problem) is infected with dns changer and after quarentining, it is still present after i reboot and run another scan

here`s the log, hope it helps.

thanks in advance.

  <?xml version="1.0" encoding="UTF-16" ?>
- <mbam-log>
- <header>
  <date>2015/02/14 14:35:08 +0330</date>
  <logfile>mbam-log-2015-02-14 (14-35-07).xml</logfile>
  <isadmin>yes</isadmin>
  </header>
- <engine>
  <version>2.00.4.1028</version>
  <malware-database>v2015.02.13.04</malware-database>
  <rootkit-database>v2015.02.03.01</rootkit-database>
  <license>free</license>
  <file-protection>disabled</file-protection>
  <web-protection>disabled</web-protection>
  <self-protection>disabled</self-protection>
  </engine>
- <system>
  <osversion>Windows 7</osversion>
  <arch>x64</arch>
  <username>kamyab</username>
  <filesys>NTFS</filesys>
  </system>
- <summary>
  <type>threat</type>
  <result>completed</result>
  <objects>336318</objects>
  <time>702</time>
  <processes>0</processes>
  <modules>0</modules>
  <keys>0</keys>
  <values>0</values>
  <datas>2</datas>
  <folders>0</folders>
  <files>0</files>
  <sectors>0</sectors>
  </summary>
- <options>
  <memory>enabled</memory>
  <startup>enabled</startup>
  <filesystem>enabled</filesystem>
  <archives>enabled</archives>
  <rootkits>enabled</rootkits>
  <deeprootkit>disabled</deeprootkit>
  <heuristics>enabled</heuristics>
  <pup>enabled</pup>
  <pum>enabled</pum>
  </options>
- <items>
- <data>
  <path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS</path>
  <valuename>DhcpNameServer</valuename>
  <vendor>Trojan.DNSChanger</vendor>
  <action>replaced</action>
  <valuedata>91.212.124.159 8.8.8.8</valuedata>
  <baddata>91.212.124.159</baddata>
  <gooddata />
  <hash>35dd9387aedc63d3f4aebe02c342ab55</hash>
  </data>
- <data>
  <path>HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\TCPIP\PARAMETERS\Interfaces\{537B2270-336B-4320-8B6C-04AA70BC0070}</path>
  <valuename>DhcpNameServer</valuename>
  <vendor>Trojan.DNSChanger</vendor>
  <action>replaced</action>
  <valuedata>91.212.124.159 8.8.8.8</valuedata>
  <baddata>91.212.124.159</baddata>
  <gooddata />
  <hash>e42e05150684e6507f23dbe58085aa56</hash>
  </data>
  </items>
  </mbam-log>


#5 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 14 February 2015 - 07:29 AM

one more question, 

i ran the fixlist while disconnected from the infected modem. should i connect and run it again or it doesn`t make a difference?



#6 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:49 PM

Posted 14 February 2015 - 11:34 PM

Hi kamyab,
 

but when i attempted to uninstall pandora service it said it might have already been removed.

That's OK.
 

and i did reset all the browsers. but apparently resetting chrome and firefox did not delete the bookmarks.
i manually deleted both chrome and firefox bookmarks and chrome extentions. and did another reset. i also resetted internet explorer

The bookmark backup was more of a precaution in case something went wrong. Resetting browsers is not supposed to remove bookmarks. 
 

and yes, my phone is indeed connected to the same account i use chrome on my laptop with.( right now my gmail is disconnected from my laptop,but not the phone)
by the way there are two phones, a pc and a laptop and a set top box connected to the  network,should i do anything with them like wiping the phones or something?

Lets hold off dealing with these devices. I'd like to reset your router first, and get a fresh set of logs. 
 

before your post i did ran a scan with Malwarebytes Anti-Malware and i showed that my laptop( the same system that had the initial problem) is infected with dns changer and after quarentining, it is still present after i reboot and run another scan

Thank you. This explains the ads across multiple devices. 
 

i ran the fixlist while disconnected from the infected modem. should i connect and run it again or it doesn`t make a difference?

No need. 
 
Please do the following. 
 
STEP 1
KOtu1Ft.png Router Reset
 
Please read: Malware Silently Alters Wireless Router Settings
Consult Router Passwords to find out what default username and password for your brand of router and make a note of that for future reference. Alternatively, your may find the username/password written on the base of your router. If neither options are applicable, please contact the manufacturer of your router. 

Reset Router to Factory Default Settings:

  • Typically a reset can be done by inserting something tiny like a paper clip end or pencil tip into a small hole labeled "reset" located on the back of the router.
  • Press and hold down the small button inside until the lights on the front of the router blink off and then on again (usually about 30 seconds)
  • In order to get to the router's server, type http:\\192.168.1.1 in the address bar and click Enter. You should see the log in window.
  • Fill in the password you have already found and you will get the configuration page.
  • Configure the router to allow you to connect to your ISP server. In some routers it is done by a setup wizard.
  • If you do not have a setup wizard you have to fill in the log in password your ISP has initially given to you. You can also call your ISP if you don't have your initial password.
  • Don't forget to change the routers default password and set a stronger, more complex password. Note down the password and keep it somewhere for future reference.
     

Please make sure of the following settings on your computer:

  • Click StartControl panel, then double-click Network and Sharing Center.
  • In the left window select Manage Network Connection.
  • In the right window right-click Local Area Connection and select Properties .
  • Internet Protocol Version 6 (IP6v) should be checked. Double-click on it. Make sure of the following settings:
  • The option Obtain an IP address automatically should be checked.
  • The option Obtain DNS server address automatically should be checked.
  • Click OK.
  • Internet Protocol Version 4 (IP4v) should be checked. Double-click on it.
  • The option Obtain an IP address automatically should be checked.
  • The option Obtain DNS server address automatically should be checked.
  • Click OK twice.
  • If you need to change any of these settings you will need to reboot your computer.
     

STEP 2
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 3
mlEX1wH.png RogueKiller

  • Please download RogueKiller (x64) and save the file to your Desktop.
  • Close any running programmes.
  • Right-Click RogueKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Allow the Prescan to complete. Upon completion, a window will open. Click Accept.
  • A browser window may open. Close the browser window.
  • Click jpgUwzp.png. Upon completion, click phPvmc6.png.
  • Close the programme. Do not fix anything!
  • A log (RKreport.txt) will be open. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
xpfNZP4A.png.pagespeed.ic.bp5cRl1pJg.jpg Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Did your router reset successfully?
  • FRST.txt
  • Addition.txt
  • RKreport.txt

Posted Image

#7 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 15 February 2015 - 02:44 AM

hi adam

yes it did reset successfully

here are FRST logs

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 14-02-2015
Ran by kamyab (administrator) on KAMYAB-PC on 15-02-2015 11:06:04
Running from C:\Users\kamyab\Desktop
Loaded Profiles: kamyab (Available profiles: kamyab)
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
(Spotify Ltd) C:\Users\kamyab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [ASUSQuickGesture(x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2014-12-08] (Tonec Inc.)
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Run: [Spotify Web Helper] => C:\Users\kamyab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-04] (Spotify Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-20] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-21-1114291241-2146569727-3459484685-1000 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\kamyab\AppData\Roaming\Mozilla\Firefox\Profiles\ms2xic78.default-1423932503107
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-08-24]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\kamyab\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\kamyab\AppData\Roaming\IDM\idmmzcc5 [2014-12-26]
FF HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\kamyab\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-21]
CHR Extension: (Google Search) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-21]
CHR Extension: (Gmail Offline) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-08-21]
CHR Extension: (Dropbox) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-08-21]
CHR Extension: (Pocket Website) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2013-08-21]
CHR Extension: (Google Wallet) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-21]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-16] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-09-11] (Razer Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-12-02] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-20] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-10-16] (Razer, Inc.)
S3 ASUSProcObsrv; \??\F:\I386\AsPrOb64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-15 10:33 - 2015-02-15 10:33 - 00002468 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-15 (10-26-05).xml
2015-02-15 09:04 - 2015-02-15 09:04 - 00132839 _____ () C:\Users\kamyab\Desktop\2222adultcameras.info virus removal - Virus, Trojan, Spyware, and Malware Removal Logs.html
2015-02-14 20:45 - 2015-02-14 20:45 - 00000038 _____ () C:\Windows\SysWOW64\sysid.dat
2015-02-14 20:41 - 2015-02-14 20:41 - 00003860 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-14 (20-27-47).xml
2015-02-14 20:24 - 2015-02-14 20:24 - 00000000 ____D () C:\Users\kamyab\Desktop\FRST-OlderVersion
2015-02-14 16:04 - 2015-02-14 16:04 - 00002018 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eset License Finder.lnk
2015-02-14 16:04 - 2015-02-14 16:04 - 00000000 ____D () C:\Program Files (x86)\Lord
2015-02-14 16:03 - 2015-02-14 16:03 - 00000000 ____D () C:\Users\kamyab\AppData\Local\Downloaded Installations
2015-02-14 14:47 - 2015-02-14 14:47 - 00003860 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-14 (14-35-07).xml
2015-02-14 14:32 - 2015-02-14 14:33 - 00026803 _____ () C:\Users\kamyab\Desktop\Addition0.txt
2015-02-14 14:31 - 2015-02-15 11:06 - 00018840 _____ () C:\Users\kamyab\Desktop\FRST.txt
2015-02-14 14:31 - 2015-02-14 14:33 - 00027557 _____ () C:\Users\kamyab\Desktop\FRST0.txt
2015-02-14 14:23 - 2015-02-14 20:18 - 00000000 ____D () C:\Users\kamyab\Desktop\Old Firefox Data
2015-02-14 14:12 - 2015-02-14 20:24 - 00000000 ____D () C:\Users\kamyab\Documents\FRST
2015-02-14 14:08 - 2015-02-14 14:08 - 00085498 _____ () C:\Users\kamyab\Desktop\adultcameras.info virus removal - Virus, Trojan, Spyware, and Malware Removal Logs.html
2015-02-14 13:49 - 2015-02-14 13:49 - 00049621 _____ () C:\Users\kamyab\Desktop\bookmarks_2_14_15.html
2015-02-14 13:49 - 2015-02-14 13:49 - 00000000 ____D () C:\Users\kamyab\Desktop\adultcameras.info virus removal - Virus, Trojan, Spyware, and Malware Removal Logs_files
2015-02-13 17:42 - 2015-02-13 17:42 - 00003829 _____ () C:\Users\kamyab\Desktop\AdwCleaner[S4].txt
2015-02-12 19:15 - 2015-02-13 12:43 - 00000088 _____ () C:\Users\kamyab\Desktop\New Text Document.txt
2015-02-11 23:50 - 2015-02-15 10:25 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-11 23:50 - 2015-02-11 23:50 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-11 23:50 - 2015-02-11 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-11 23:50 - 2015-02-11 23:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-11 23:50 - 2015-02-11 23:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-11 23:50 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-11 23:50 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-11 23:50 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-09 23:41 - 2015-02-09 23:41 - 00017134 _____ () C:\Users\kamyab\Downloads\Addition.txt
2015-02-09 23:16 - 2015-02-09 23:16 - 00852594 _____ () C:\Users\kamyab\Desktop\SecurityCheck.exe
2015-02-08 00:04 - 2015-02-13 17:41 - 00000000 ____D () C:\AdwCleaner
2015-02-08 00:02 - 2015-02-08 07:10 - 00024770 _____ () C:\Users\kamyab\Documents\Addition.txt
2015-02-08 00:01 - 2015-02-08 07:10 - 00031356 _____ () C:\Users\kamyab\Documents\FRST.txt
2015-02-07 23:55 - 2015-02-15 11:06 - 00000000 ____D () C:\FRST
2015-02-07 23:53 - 2015-02-14 20:24 - 02134528 _____ (Farbar) C:\Users\kamyab\Desktop\FRST64.exe
2015-02-07 23:53 - 2015-02-07 23:55 - 02112512 _____ () C:\Users\kamyab\Desktop\AdwCleaner.exe
2015-02-07 23:49 - 2015-02-07 23:49 - 00016072 _____ () C:\Users\kamyab\Downloads\download.htm
2015-01-29 15:54 - 2015-01-29 15:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-27 16:09 - 2015-01-27 16:09 - 00000000 ____D () C:\Users\kamyab\Documents\کنکور خارج از کشور 93
2015-01-20 16:26 - 2015-01-20 16:26 - 00000000 ____D () C:\Program Files\Western Digital
2015-01-20 12:34 - 2015-01-20 12:34 - 00000000 ____D () C:\ProgramData\Oracle
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-15 10:29 - 2013-08-21 08:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-15 10:29 - 2009-07-14 08:15 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-15 10:29 - 2009-07-14 08:15 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-15 10:24 - 2014-11-16 16:31 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-02-15 10:24 - 2013-08-21 08:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-15 10:24 - 2013-08-21 08:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-15 10:24 - 2013-08-21 00:06 - 00204301 _____ () C:\Windows\setupact.log
2015-02-15 10:24 - 2009-07-14 08:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-15 09:19 - 2013-08-21 00:08 - 01429469 _____ () C:\Windows\WindowsUpdate.log
2015-02-15 09:18 - 2013-08-21 09:12 - 00000000 ____D () C:\Users\kamyab\AppData\Roaming\DMCache
2015-02-14 21:57 - 2013-08-21 00:05 - 00303762 _____ () C:\Windows\PFRO.log
2015-02-14 16:53 - 2009-07-14 06:50 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-14 16:03 - 2014-03-18 07:32 - 00000000 ____D () C:\Program Files (x86)\Eset License Finder
2015-02-14 14:20 - 2013-08-25 15:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-14 13:57 - 2013-09-20 08:09 - 00000000 ____D () C:\Users\kamyab\AppData\Roaming\uTorrent
2015-02-13 12:52 - 2013-12-15 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kanoon Farhangi Amoozesh (Ghalamchi)
2015-02-13 12:52 - 2013-12-15 19:58 - 00000000 ____D () C:\Kanoon Farhangi Amoozesh (Ghalamchi)
2015-02-13 12:51 - 2013-08-22 18:52 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2015-02-12 12:20 - 2013-08-25 15:43 - 00000000 ____D () C:\Windows 7 Activator
2015-02-12 10:43 - 2013-08-25 15:19 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2015-02-12 00:19 - 2013-08-21 09:11 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-02-11 08:44 - 2014-05-20 19:22 - 00000000 ____D () C:\Users\kamyab\AppData\Roaming\ViberPC
2015-02-11 08:44 - 2014-05-20 19:14 - 00000000 ____D () C:\Users\kamyab\AppData\Local\Viber
2015-02-11 07:35 - 2014-06-15 17:34 - 00007607 _____ () C:\Users\kamyab\AppData\Local\Resmon.ResmonCfg
2015-02-10 12:13 - 2013-08-21 09:12 - 00000000 ____D () C:\Users\kamyab\Downloads\Compressed
2015-02-09 21:05 - 2013-08-21 08:29 - 00000000 ____D () C:\Users\kamyab\Documents\Bluetooth Folder
2015-02-09 20:06 - 2009-07-14 08:43 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-09 17:24 - 2013-09-03 23:06 - 00000000 ____D () C:\Users\kamyab\AppData\Local\CrashDumps
2015-02-07 17:24 - 2013-08-21 08:52 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 17:24 - 2013-08-21 08:52 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-29 18:10 - 2013-08-21 08:37 - 00000000 ____D () C:\ProgramData\Atheros
2015-01-29 18:10 - 2013-08-21 00:15 - 00000000 ____D () C:\Users\kamyab
2015-01-29 18:10 - 2009-07-14 11:15 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-29 18:10 - 2009-07-14 06:50 - 00000000 ____D () C:\Windows\registration
2015-01-29 15:44 - 2013-08-24 12:08 - 00000000 ____D () C:\ProgramData\ESET
2015-01-29 15:17 - 2014-03-28 11:33 - 00000000 ____D () C:\Program Files (x86)\broken age
2015-01-28 20:38 - 2009-07-14 08:38 - 00032592 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-20 16:27 - 2013-08-21 12:39 - 00179852 _____ () C:\Windows\DPINST.LOG
2015-01-20 16:26 - 2014-03-17 20:51 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2015-01-20 16:26 - 2014-03-17 20:50 - 00000000 ____D () C:\ProgramData\Western Digital
2015-01-20 16:26 - 2014-03-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-01-20 16:26 - 2014-03-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2015-01-20 16:24 - 2013-08-24 21:47 - 00000000 ____D () C:\ProgramData\Package Cache
 
==================== Files in the root of some directories =======
 
2015-01-29 18:01 - 2015-01-29 18:03 - 0000115 _____ () C:\Users\kamyab\AppData\Roaming\LogFile.txt
2013-10-11 20:19 - 2014-03-02 18:22 - 0000600 _____ () C:\Users\kamyab\AppData\Local\PUTTY.RND
2014-06-15 17:34 - 2015-02-11 07:35 - 0007607 _____ () C:\Users\kamyab\AppData\Local\Resmon.ResmonCfg
2014-05-14 22:45 - 2014-05-14 22:45 - 0000000 _____ () C:\Users\kamyab\AppData\Local\{999CA927-0DD1-4F51-8306-B800F4B2969C}
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-12 19:33
 
==================== End Of Log ============================
and addition
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-02-2015
Ran by kamyab at 2015-02-15 11:06:32
Running from C:\Users\kamyab\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.5 - Futuremark Corporation)
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.2 - Futuremark Corporation)
Abi Riazi konkour (Tajrobi) (HKLM-x32\...\{6887d81f-73e7-4a74-a86c-1225338e0d0d}) (Version: 1.0.0 - Kanoon Farhangi Amoozesh (Ghalamchi))
Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.120 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
BioShock Infinite Burial at Sea - Episode 1 (HKLM-x32\...\QmlvU2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
Bioshock Infinite Burial at Sea Episode 2 (HKLM-x32\...\Qmlvc2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
CM Installer (HKLM-x32\...\{66824D36-FD84-43C0-B4F8-6D305BA34ABC}) (Version: 1.0.0.0 - Cyanogen Inc.)
Dosallane Fizik 3 Tajrobi (HKLM-x32\...\{7a8fc05e-1677-40ff-9f5a-4ada2aec4868}) (Version: 1.0.0 - Kanoon Farhangi Amoozesh (Ghalamchi))
ESET NOD32 Antivirus (HKLM\...\{5972F3C3-5563-47D2-BEE3-1AFEBDD17DA2}) (Version: 5.2.9.1 - ESET, spol. s r.o.)
ESET Online Scanner v3 (HKLM-x32\...\ESET Online Scanner) (Version:  - )
Fizik 3 Tajrobi (HKLM-x32\...\{162c3a54-d1b1-4f9e-a0a0-a6df060edbfc}) (Version: 1.0.0 - Kanoon Farhangi Amoozesh (Ghalamchi))
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gone Home (HKLM-x32\...\GoneHome) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Illustrated Biology (HKLM-x32\...\{4F16E359-2A15-4071-843C-932F5DD32336}) (Version: 2.0.0 - microcell)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Lord Eset License Finder (HKLM-x32\...\{2C1F093A-B0B5-436B-AF58-0180519B32CE}) (Version: 1.00.0000 - Lord of Software)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Oxford Collocations Dictionary (HKLM-x32\...\NSIS_ocoll2e) (Version:  - )
PardisGame Client (HKLM-x32\...\PardisGame Client0.7.3) (Version: 0.7.3 - Pardis Game)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version:  - IDM)
RAYMAN LEGENDS version 1.0 (HKLM-x32\...\RAYMAN LEGENDS_is1) (Version: 1.0 - SGG)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.1.31.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Sony PC Companion 2.10.181 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.181 - Sony)
Spotify (HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
sXe Injected (HKLM-x32\...\sXe Injected) (Version: 15.0.0.0 - Alejandro Cortés)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version:  - )
The Walking Dead: Season 2 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
The Wolf Among Us (HKLM-x32\...\VGhlV29sZkFtb25nVXM=_is1) (Version: 1 - )
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{D4699FDA-F11E-408B-94A2-13E1FE5B91C0}) (Version: 1.0.0 - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Viber (HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{79966948-BECF-4CB1-A79F-E76C830A17D2}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{7AE43D6C-B3F1-448D-AD84-1CDC7AC6EBC7}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
Windows Driver Package - ASUS (ATP) Mouse  (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
12-12-2014 15:54:12 Removed Azmoon 23 Aban
18-12-2014 13:04:36 Installed Azmoon 21 Azar
16-01-2015 16:29:36 Removed Azmoon 21 Azar
20-01-2015 12:33:35 Installed Java 7 Update 45 (64-bit)
20-01-2015 16:23:54 WD SmartWare Installer
27-01-2015 21:03:22 Installed Azmoon 26 Dey
29-01-2015 18:07:52 Restore Operation
11-02-2015 18:20:39 Removed Java 7 Update 45 (64-bit)
13-02-2015 12:51:28 Removed Azmoon 26 Dey
14-02-2015 14:25:01 Restore Point Created by FRST
14-02-2015 16:03:42 Installed Lord Eset License Finder.
14-02-2015 20:20:28 Restore Point Created by FRST
14-02-2015 20:24:57 Restore Point Created by FRST
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 06:04 - 2009-06-11 00:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1891A92B-C920-4DD1-8B23-77DBA12751D2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {20F86955-48C7-4AC7-B28C-FBE7383E87F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21] (Google Inc.)
Task: {7AF128C8-25C4-4339-81CC-90F0AEFE043D} - System32\Tasks\{9BCDC5BD-3573-4710-8F2E-F50DB9798E7C} => pcalua.exe -a F:\setup.exe -d F:\
Task: {7D328F3F-DBD4-4D04-8661-245CB7E4F113} - System32\Tasks\{B8235FF5-3576-425D-ABFF-FF86C3D48341} => pcalua.exe -a D:\FIFA.14.Demo_MihanDownload.com\FIFA.14.Demo\__Installer\dotnet\dotnet35sp1\redist\dotnetfx35.exe -d D:\FIFA.14.Demo_MihanDownload.com\FIFA.14.Demo\__Installer\dotnet\dotnet35sp1\redist
Task: {82E083EE-5967-4F34-A04D-B7E2D6FB37ED} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {A5681060-06EC-48B3-9848-CE7936579C7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21] (Google Inc.)
Task: {A70C0FAC-D266-4BFC-A7C5-E647B831E86C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B60165C7-AC38-4FDA-B4BD-19B37FDCB059} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D6B4C88D-3085-4DAC-AC60-F840B3F0039F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {DCF5086E-919E-4370-A4DF-10F57BA9D0F9} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {FB5BA142-5A02-42C3-A8DC-F254A9CA0FD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-08-21 08:20 - 2013-12-19 22:23 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-01 19:36 - 2012-10-01 19:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2014-10-16 23:26 - 2014-10-16 23:26 - 00183488 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2013-08-21 08:18 - 2012-02-03 06:00 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-10-01 19:37 - 2012-10-01 19:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2015-02-07 17:30 - 2015-02-04 12:32 - 01117512 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
2015-02-07 17:30 - 2015-02-04 12:32 - 00211272 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
2015-02-07 17:30 - 2015-02-04 12:32 - 09170760 _____ () C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\kamyab\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1114291241-2146569727-3459484685-500 - Administrator - Disabled)
Guest (S-1-5-21-1114291241-2146569727-3459484685-501 - Limited - Disabled)
kamyab (S-1-5-21-1114291241-2146569727-3459484685-1000 - Administrator - Enabled) => C:\Users\kamyab
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth module
Description: Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/15/2015 09:08:35 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (02/15/2015 08:58:39 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (02/15/2015 08:58:39 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (02/15/2015 08:58:39 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (02/14/2015 08:24:55 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {4d564b5a-23f3-4cba-8e47-0fe527ab345f}
 
Error: (02/14/2015 08:20:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {d5019bf5-8d80-4425-b798-690cdfce5f7d}
 
Error: (02/14/2015 05:12:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (02/14/2015 02:25:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface.  hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {dc41db00-45b4-409d-a34a-49ec40076b5f}
 
Error: (02/14/2015 02:04:52 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (02/14/2015 02:04:52 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
 
System errors:
=============
Error: (02/14/2015 05:12:47 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: {995C996E-D918-4A8C-A302-45719A6F4EA7}
 
Error: (02/11/2015 08:41:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Razer Game Scanner service failed to start due to the following error: 
%%1053
 
Error: (02/11/2015 08:41:18 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Razer Game Scanner service to connect.
 
Error: (02/11/2015 08:40:45 PM) (Source: NetBT) (EventID: 4321) (User: )
Description: The name "KAMYAB-PC      :0" could not be registered on the interface with IP address 192.168.1.5.
The computer with the IP address 192.168.1.6 did not allow the name to be claimed by
this computer.
 
Error: (02/11/2015 06:27:42 PM) (Source: Service Control Manager) (EventID: 7032) (User: )
Description: The Service Control Manager tried to take a corrective action (Restart the service) after the unexpected termination of the Windows Font Cache Service service, but this action failed with the following error: 
%%1056
 
Error: (02/11/2015 06:26:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The SSDP Discovery service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 100 milliseconds: Restart the service.
 
Error: (02/11/2015 06:26:42 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: The Windows Font Cache Service service terminated unexpectedly.  It has done this 1 time(s).  The following corrective action will be taken in 60000 milliseconds: Restart the service.
 
Error: (02/11/2015 07:27:25 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Razer Game Scanner service failed to start due to the following error: 
%%1053
 
Error: (02/11/2015 07:27:25 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Razer Game Scanner service to connect.
 
Error: (02/10/2015 00:54:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Razer Game Scanner service failed to start due to the following error: 
%%1053
 
 
Microsoft Office Sessions:
=========================
Error: (02/15/2015 09:08:35 AM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (02/15/2015 08:58:39 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (02/15/2015 08:58:39 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
Error: (02/15/2015 08:58:39 AM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD endpoint registration failed [0]
 
Error: (02/14/2015 08:24:55 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {4d564b5a-23f3-4cba-8e47-0fe527ab345f}
 
Error: (02/14/2015 08:20:25 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {d5019bf5-8d80-4425-b798-690cdfce5f7d}
 
Error: (02/14/2015 05:12:18 PM) (Source: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe) (EventID: 1) (User: )
Description: C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exeCan't get user token [1008]
 
Error: (02/14/2015 02:25:01 PM) (Source: VSS) (EventID: 8194) (User: )
Description: 0x80070005, Access is denied.
 
 
Operation:
   Gathering Writer Data
 
Context:
   Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
   Writer Name: System Writer
   Writer Instance ID: {dc41db00-45b4-409d-a34a-49ec40076b5f}
 
Error: (02/14/2015 02:04:52 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcNvVAD initialization failed [6]
 
Error: (02/14/2015 02:04:52 PM) (Source: NvStreamSvc) (EventID: 1) (User: )
Description: NvStreamSvcFailed to set NvVAD endpoint as default Audio endpoint [0]
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-12 12:17:33.696
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.682
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.670
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.447
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.446
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.444
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:29.440
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:29.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:29.423
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:29.325
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-usercpl-usermgrbroker_31bf3856ad364e35_6.2.9200.16384_none_13571d40a61e6d8c\UserAccountBroker.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 25%
Total physical RAM: 8077.8 MB
Available physical RAM: 6046.96 MB
Total Pagefile: 16153.74 MB
Available Pagefile: 13930.05 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:487.94 GB) (Free:269.28 GB) NTFS
Drive d: () (Fixed) (Total:434.44 GB) (Free:208.81 GB) NTFS
Drive e: () (Fixed) (Total:8.78 GB) (Free:8.77 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=487.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=434.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8.8 GB) - (Type=0C)
 
==================== End Of Log ============================
here`s the roguekiller log
RogueKiller V10.2.0.0 (x64) [Jan 19 2015] by Adlice Software
 
Operating System : Windows 7 (6.1.7600 ) 64 bits version
Started in : Normal mode
User : kamyab [Administrator]
Mode : Scan -- Date : 02/15/2015  11:11:19
 
¤¤¤ Processes : 1 ¤¤¤
[Suspicious.Path] FRST64.exe(4892) -- C:\Users\kamyab\Desktop\FRST64.exe[-] -> Killed [TermThr]
 
¤¤¤ Registry : 10 ¤¤¤
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1114291241-2146569727-3459484685-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1114291241-2146569727-3459484685-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1  -> Found
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1114291241-2146569727-3459484685-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1114291241-2146569727-3459484685-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1  -> Found
 
¤¤¤ Tasks : 2 ¤¤¤
[Suspicious.Path] GoogleUpdateTaskMachineUA.job -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (/ua /installsource scheduler) -> Found
[Suspicious.Path] \\GoogleUpdateTaskMachineUA -- C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (/ua /installsource scheduler) -> Found
 
¤¤¤ Files : 0 ¤¤¤
 
¤¤¤ Hosts File : 0 ¤¤¤
 
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
 
¤¤¤ Web browsers : 0 ¤¤¤
 
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: ST1000LM024 HN-M101MBB ATA Device +++++
--- User ---
[MBR] bd7c82b6d91182ed4a555a83659c07f5
[BSP] 0bbc431cc7d24246d0f0f83332d78ea9 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 350 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 718848 | Size: 499650 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 1024002048 | Size: 444868 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
3 - [XXXXXX] FAT32-LBA (0xc) [VISIBLE] Offset (sectors): 1935093510 | Size: 8998 MB
User = LL1 ... OK
User = LL2 ... OK
 

Edited by knightstalker, 15 February 2015 - 02:45 AM.


#8 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:49 PM

Posted 15 February 2015 - 05:41 AM

Hello kamyab, 
 
Please do the following. 
 
STEP 1
YjhLJro.png DeFogger (Disable)

  • Please download DeFogger and save the file to your Desktop.
  • Right-Click DeFogger.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Disable, followed by Yes.
  • Upon completion, you will see a Finished! message. Click OK to exit the programme. 
  • If CD Emulation programmes are present and have been disabled, DeFogger will now ask you to reboot your machine. Please allow it to do so by clicking OK.
     

STEP 2
YARWD1t.png TDSSKiller Scan

  • Please download TDSSKiller and save the file to your Desktop.
  • Right-Click TDSSKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Change parameters. Place a checkmark next to:
    • Loaded Modules
    • Detect TDLFS file system
    • Verify file digital signatures
  • Note: If you receive the following message: Extended Monitoring Driver is required, click Reboot now, and continue from here following the reboot.
  • ​Click Start Scan. Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Attach the log in your next reply.
     

STEP 3
E3feWj5.png Junkware Removal Tool (JRT)

  • Please download Junkware Removal Tool and save the file to your Desktop.
  • Create a System Restore Point. For instructions, please refer to the following link (W7).
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Right-Click JRT.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts and allow the scan to run uninterrupted. 
  • Upon completion, a log (JRT.txt) will open on your desktop.
  • Re-enable your anti-virus software.
  • Copy the contents of JRT.txt and paste in your next reply.
     

STEP 4
BY4dvz9.png AdwCleaner

  • Please download AdwCleaner and save the file to your Desktop.
  • Right-Click AdwCleaner.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Follow the prompts. 
  • Click Scan
  • Upon completion, click Report. A log (AdwCleaner[R0].txt) will open. Briefly check the log for anything you know to be legitimate. 
  • Ensure anything you know to be legitimate does not have a checkmark, and click Clean
  • Follow the prompts and allow your computer to reboot
  • After rebooting, a log (AdwCleaner[S0].txt) will open. Copy the contents of the log and paste in your next reply.

-- File and folder backups are made for items removed using this tool. Should a legitimate file or folder be removed (otherwise known as a 'false-positive'), simple steps can be taken to restore the item. Please do not overly concern yourself with the contents of AdwCleaner[R0].txt.
 
======================================================

STEP 5
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • TDSSKiller log (attached!)
  • JRT.txt
  • AdwCleaner[S0].txt

Posted Image

#9 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 15 February 2015 - 07:00 AM

hello adam

about adwcleaner i didn`t know if any of the scanned stuff were legitimate so i clean all of them

here are the logs

# AdwCleaner v4.110 - Logfile created 15/02/2015 at 15:24:27
# Updated 05/02/2015 by Xplode
# Database : 2015-02-14.2 [Server]
# Operating system : Windows 7 Ultimate  (x64)
# Username : kamyab - KAMYAB-PC
# Running from : C:\Users\kamyab\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
 
***** [ Files / Folders ] *****
 
 
***** [ Scheduled tasks ] *****
 
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{0055C089-8582-441B-A0BF-17B458C2A3A8}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v8.0.7600.16385
 
 
-\\ Mozilla Firefox v26.0 (en-US)
 
 
-\\ Google Chrome v40.0.2214.111
 
[C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.aol.com/aol/search?q={searchTerms}
[C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=111252&tt=010712_2&babsrc=SP_ss&mntrId=d848391c000000000000f4ec388c579b
[C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.babylon.com/?q={searchTerms}&affID=111252&tt=010712_2&babsrc=SP_ss&mntrId=d848391c000000000000f4ec388c579b
[C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www.ask.com/web?q={searchTerms}
 
*************************
 
AdwCleaner[R0].txt - [1972 bytes] - [08/02/2015 00:04:31]
AdwCleaner[R10].txt - [3041 bytes] - [09/02/2015 23:07:30]
AdwCleaner[R11].txt - [3101 bytes] - [10/02/2015 10:06:02]
AdwCleaner[R12].txt - [2091 bytes] - [10/02/2015 14:44:31]
AdwCleaner[R13].txt - [2151 bytes] - [11/02/2015 07:28:50]
AdwCleaner[R14].txt - [3280 bytes] - [12/02/2015 07:16:43]
AdwCleaner[R15].txt - [2329 bytes] - [12/02/2015 07:19:22]
AdwCleaner[R16].txt - [2610 bytes] - [13/02/2015 17:37:05]
AdwCleaner[R17].txt - [3740 bytes] - [13/02/2015 17:39:39]
AdwCleaner[R18].txt - [3528 bytes] - [15/02/2015 15:19:11]
AdwCleaner[R19].txt - [3588 bytes] - [15/02/2015 15:22:29]
AdwCleaner[R1].txt - [2031 bytes] - [08/02/2015 06:48:41]
AdwCleaner[R2].txt - [2148 bytes] - [08/02/2015 07:00:48]
AdwCleaner[R3].txt - [1718 bytes] - [08/02/2015 08:56:57]
AdwCleaner[R4].txt - [2847 bytes] - [09/02/2015 19:56:05]
AdwCleaner[R5].txt - [1674 bytes] - [09/02/2015 20:05:58]
AdwCleaner[R6].txt - [1733 bytes] - [09/02/2015 21:06:35]
AdwCleaner[R7].txt - [1792 bytes] - [09/02/2015 21:09:38]
AdwCleaner[R8].txt - [1851 bytes] - [09/02/2015 21:14:00]
AdwCleaner[R9].txt - [1910 bytes] - [09/02/2015 22:39:15]
AdwCleaner[S0].txt - [319 bytes] - [08/02/2015 06:50:17]
AdwCleaner[S1].txt - [2221 bytes] - [08/02/2015 07:02:08]
AdwCleaner[S2].txt - [2937 bytes] - [09/02/2015 20:00:02]
AdwCleaner[S3].txt - [3365 bytes] - [12/02/2015 07:17:46]
AdwCleaner[S4].txt - [3829 bytes] - [13/02/2015 17:41:07]
AdwCleaner[S5].txt - [3526 bytes] - [15/02/2015 15:24:27]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S5].txt - [3585  bytes] ##########
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.2 (02.02.2015:1)
OS: Windows 7 Ultimate x64
Ran by kamyab on Sun 02/15/2015 at 15:08:35.95
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 
 
 
 
~~~ Services
 
 
 
~~~ Registry Values
 
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1114291241-2146569727-3459484685-1000\Software\Microsoft\Internet Explorer\Main\\Start Page
 
 
 
~~~ Registry Keys
 
 
 
~~~ Files
 
 
 
~~~ Folders
 
 
 
~~~ Event Viewer Logs were cleared
 
 
 
 
 
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 02/15/2015 at 15:17:34.10
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
 

 

Attached Files



#10 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 15 February 2015 - 07:20 AM

sorry i had to upload the log in 3 parts.it was too big to attach

Edit: i uploaded the complete log to google drive. here`s the link

https://drive.google.com/file/d/0B7KSZlnaoKJdTjNTdHQ4bDFNXzg/view?usp=sharing

Attached Files


Edited by knightstalker, 15 February 2015 - 08:10 AM.


#11 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 15 February 2015 - 07:23 AM

man now i cant upload them, the limit has shrunk. had to paste the here sorry.

 
15:05:06.0204 0x0a14  [ 39570395292A4702FDE94C345DF0C39E, B75C8AE52B1A22E6FEEAE392B77506500AA0DFE86167941AAA1E68F262CE7106 ] C:\Windows\System32\iertutil.dll
15:05:06.0204 0x0a14  C:\Windows\System32\iertutil.dll - ok
15:05:06.0204 0x0a14  [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
15:05:06.0204 0x0a14  C:\Windows\System32\psapi.dll - ok
15:05:06.0220 0x0a14  [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
15:05:06.0220 0x0a14  C:\Windows\System32\sechost.dll - ok
15:05:06.0220 0x0a14  [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
15:05:06.0220 0x0a14  C:\Windows\System32\imm32.dll - ok
15:05:06.0220 0x0a14  [ E4CB805DE60E08B36500FC108E9AE9C3, F694EE8039457DCB227D36451976BDB7C98326C8B25811CACF75ABD8BC3C2A99 ] C:\Windows\System32\urlmon.dll
15:05:06.0220 0x0a14  C:\Windows\System32\urlmon.dll - ok
15:05:06.0220 0x0a14  [ 4B25DDE615AC2CABAB73169CA7DA96E6, 1A6694D99AED32D8F9629294E7DC6885C2B148249E0358AABCFE34590996E0BF ] C:\Windows\System32\ole32.dll
15:05:06.0220 0x0a14  C:\Windows\System32\ole32.dll - ok
15:05:06.0220 0x0a14  [ 4D7D93115F537B2E2814AC8E7F1F06B4, E88D9B56B7D3D7242636AD47A28981D106782C80A8689215375D1A8DA1AC2C8B ] C:\Windows\System32\wintrust.dll
15:05:06.0220 0x0a14  C:\Windows\System32\wintrust.dll - ok
15:05:06.0220 0x0a14  [ D1598B80C58017A7DCABCF7F0787289D, 2B8126DADD7CAAD0CA951700CF1F1E62E5468F4456EB092CBEF5D53F875ED2A6 ] C:\Windows\System32\KernelBase.dll
15:05:06.0220 0x0a14  C:\Windows\System32\KernelBase.dll - ok
15:05:06.0220 0x0a14  [ D05E03C1B2824236531F5E37334B6A8A, 4C79F02AA9F4C36B5A463B71A715523B5D4860B28A40840E54C1C4C5685018C6 ] C:\Windows\System32\cfgmgr32.dll
15:05:06.0220 0x0a14  C:\Windows\System32\cfgmgr32.dll - ok
15:05:06.0220 0x0a14  [ 7E8AB50AB7F2F81F30DCC8A98025B73A, EA684B86B6C268D95FDB775E4E42EA00BB253F75F44477F6D7761EF6DA315AF4 ] C:\Windows\System32\comctl32.dll
15:05:06.0220 0x0a14  C:\Windows\System32\comctl32.dll - ok
15:05:06.0235 0x0a14  [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
15:05:06.0235 0x0a14  C:\Windows\System32\devobj.dll - ok
15:05:06.0235 0x0a14  [ 15B740D94BAD25467A297E75124D7EE2, 7535F154267573CEC7C5ADCF101F2F42F258B202E7D0FE71660E8516478B258B ] C:\Windows\System32\crypt32.dll
15:05:06.0235 0x0a14  C:\Windows\System32\crypt32.dll - ok
15:05:06.0235 0x0a14  [ 98FB7DD3B28A92E3C0E5B4BD9D63EF01, 5567BC80CA43FB755A98D2C380483D0C6F4101BF86BBD1EA14950B5D1A02A970 ] C:\Windows\System32\msasn1.dll
15:05:06.0235 0x0a14  C:\Windows\System32\msasn1.dll - ok
15:05:06.0235 0x0a14  [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
15:05:06.0235 0x0a14  C:\Windows\SysWOW64\normaliz.dll - ok
15:05:06.0235 0x0a14  [ 659B74FB74B86228D6338D643CD3E3CF, 83D741B7A2A204A661A80C226212749F514800060D05E217FA6DC14D62F38F80 ] C:\Windows\System32\drivers\ndproxy.sys
15:05:06.0235 0x0a14  C:\Windows\System32\drivers\ndproxy.sys - ok
15:05:06.0235 0x0a14  [ 023896E23B61543A15A230EED996D911, 2F8D15B67AB2C1E87EA46F2CB9DBA564865D89DEA93A83B44A9B148883B96731 ] C:\Windows\System32\drivers\iusb3hub.sys
15:05:06.0235 0x0a14  C:\Windows\System32\drivers\iusb3hub.sys - ok
15:05:06.0235 0x0a14  [ 112A84BD9A31C59826AC2979D451F0DA, 9E4CE51FEC5099F5771869048AB69AD7827F17EB1DD1311EA4654341BB3482E4 ] C:\Windows\System32\drivers\RTKVHD64.sys
15:05:06.0235 0x0a14  C:\Windows\System32\drivers\RTKVHD64.sys - ok
15:05:06.0235 0x0a14  [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
15:05:06.0235 0x0a14  C:\Windows\System32\drivers\dxapi.sys - ok
15:05:06.0251 0x0a14  [ 6A7A217A6514BE39E78A7BF58C06F712, 423F3CA90CD56099C5E61BC0DC674857477ADBD73DD9757A2D712F1627CD20FC ] C:\Windows\System32\win32k.sys
15:05:06.0251 0x0a14  C:\Windows\System32\win32k.sys - ok
15:05:06.0251 0x0a14  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
15:05:06.0251 0x0a14  C:\Windows\System32\basesrv.dll - ok
15:05:06.0251 0x0a14  [ 0D7598360DF6C8637E6D678C20B5C47C, 0EC86D578C0B1703B89C24AE0FEE2CD91DD869BD4A97949A4B29AE57D490F890 ] C:\Windows\System32\csrsrv.dll
15:05:06.0251 0x0a14  C:\Windows\System32\csrsrv.dll - ok
15:05:06.0251 0x0a14  [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
15:05:06.0251 0x0a14  C:\Windows\System32\csrss.exe - ok
15:05:06.0251 0x0a14  [ 457B44AB6D502E55F64A867D4F35C76C, 95FEC45E28DF394E778DA37719F7D579920531AD568E1C290B7F42CB03BEAA2C ] C:\Windows\System32\winsrv.dll
15:05:06.0251 0x0a14  C:\Windows\System32\winsrv.dll - ok
15:05:06.0251 0x0a14  [ 685FEC2407FC121EB937CB658B3C0F35, 9357476FB5722A15B109FAC45F8110BD17BEBFB941BB2770808882805935B9C1 ] C:\Windows\System32\drivers\hidclass.sys
15:05:06.0251 0x0a14  C:\Windows\System32\drivers\hidclass.sys - ok
15:05:06.0251 0x0a14  [ 49EE2E52E6CD03947DAD72F65367BE06, 933097B903B13767DD49192E7BF8EAABC5BADFDAF8B31B806AA65C533F24B686 ] C:\Windows\System32\drivers\hidparse.sys
15:05:06.0251 0x0a14  C:\Windows\System32\drivers\hidparse.sys - ok
15:05:06.0251 0x0a14  [ B3BF6B5B50006DEF50B66306D99FCF6F, D39A1DEBE7C464922919826D15199ED25E263BF58633593DD412D78F98921417 ] C:\Windows\System32\drivers\hidusb.sys
15:05:06.0251 0x0a14  C:\Windows\System32\drivers\hidusb.sys - ok
15:05:06.0267 0x0a14  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
15:05:06.0267 0x0a14  C:\Windows\System32\drivers\mouhid.sys - ok
15:05:06.0267 0x0a14  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
15:05:06.0267 0x0a14  C:\Windows\System32\drivers\monitor.sys - ok
15:05:06.0267 0x0a14  [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
15:05:06.0267 0x0a14  C:\Windows\System32\tsddd.dll - ok
15:05:06.0267 0x0a14  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
15:05:06.0267 0x0a14  C:\Windows\System32\sxssrv.dll - ok
15:05:06.0267 0x0a14  [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
15:05:06.0267 0x0a14  C:\Windows\System32\wininit.exe - ok
15:05:06.0267 0x0a14  [ FE42965BAE6EC9ECAF0D3DCF80A57B14, 5730F09072D3E26AAAD35DAA43F0C8C488DBA734081585152D315DECF950A964 ] C:\Windows\System32\nvinitx.dll
15:05:06.0267 0x0a14  C:\Windows\System32\nvinitx.dll - ok
15:05:06.0267 0x0a14  [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
15:05:06.0267 0x0a14  C:\Windows\System32\profapi.dll - ok
15:05:06.0267 0x0a14  [ F4389DA7DBDA2E7D292D360CF8E400C7, EBB50703FA573932727FBDCB407D9D5945BDC052CEFADED8237185063DD3A4AE ] C:\Windows\System32\RpcRtRemote.dll
15:05:06.0267 0x0a14  C:\Windows\System32\RpcRtRemote.dll - ok
15:05:06.0282 0x0a14  [ 100BDF2F89D6056CEE900BB6156DA737, 4FDBD1B3F6D2B81137096343BA90DE2EFAE02D963B7376145947106B9AF7DF42 ] C:\Windows\System32\cdd.dll
15:05:06.0282 0x0a14  C:\Windows\System32\cdd.dll - ok
15:05:06.0282 0x0a14  [ B9A047D231D32FDF5AF2F281E4326A9D, 814DC543DBBA137D478C51248A99ACC2485744F7BDC7A382B03B8912C0EB73EE ] C:\Windows\System32\KBDUS.DLL
15:05:06.0282 0x0a14  C:\Windows\System32\KBDUS.DLL - ok
15:05:06.0282 0x0a14  [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
15:05:06.0282 0x0a14  C:\Windows\System32\WlS0WndH.dll - ok
15:05:06.0282 0x0a14  [ 01A465AC251BCCF6037DF2EF28AA4292, 49C0E1B5B0B7FAACF226C8DA15F518BEAE6B868AB079023B9181A5039DD5E456 ] C:\Windows\System32\apphelp.dll
15:05:06.0282 0x0a14  C:\Windows\System32\apphelp.dll - ok
15:05:06.0282 0x0a14  [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
15:05:06.0282 0x0a14  C:\Windows\System32\services.exe - ok
15:05:06.0282 0x0a14  [ 456C92A9D8DB51B9938A6234BBC65FC9, A20EF19E25384B34D3FE997099DD71EA595F3ACDA0F7C56695DC48ADFA54F5B8 ] C:\Windows\System32\sxs.dll
15:05:06.0282 0x0a14  C:\Windows\System32\sxs.dll - ok
15:05:06.0282 0x0a14  [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
15:05:06.0282 0x0a14  C:\Windows\System32\cryptbase.dll - ok
15:05:06.0282 0x0a14  [ 55F45DD65AF0536D23775439FFAF551F, 3F70C872ECFF2C016F69751FBE066DCF1C557851A0CB4D156E6268A50C8FE356 ] C:\Windows\System32\lsasrv.dll
15:05:06.0282 0x0a14  C:\Windows\System32\lsasrv.dll - ok
15:05:06.0282 0x0a14  [ 0793F40B9B8A1BDD266296409DBD91EA, 8A383FC9A66A327905C340D06138980F9E489479535A2C2AAE5E8BB14A74826E ] C:\Windows\System32\lsass.exe
15:05:06.0282 0x0a14  C:\Windows\System32\lsass.exe - ok
15:05:06.0298 0x0a14  [ 04FCA22B77A2E37332CC8226187AF87B, 6B085DB5C2EC21D2ED7BE842E7842FCC3530D1828FBE28C16E61F7E12B27833B ] C:\Windows\System32\lsm.exe
15:05:06.0298 0x0a14  C:\Windows\System32\lsm.exe - ok
15:05:06.0298 0x0a14  [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
15:05:06.0298 0x0a14  C:\Windows\System32\scext.dll - ok
15:05:06.0298 0x0a14  [ 2A0EA951A326C2E78AF86E2F9704327E, 2224C1A97F2FAE0B307DFDAFC5BB2BB051A747939A2EA7AB19820D6537F9555F ] C:\Windows\System32\sspicli.dll
15:05:06.0298 0x0a14  C:\Windows\System32\sspicli.dll - ok
15:05:06.0298 0x0a14  [ 18367866684A72C5188D50AC1174F1B7, C51505160876F1D7D7004CB5CE8FBB74E21E4675933629BD7C2B8D6F361A2D97 ] C:\Windows\System32\sspisrv.dll
15:05:06.0298 0x0a14  C:\Windows\System32\sspisrv.dll - ok
15:05:06.0298 0x0a14  [ B26AFB54A534D634523C4FB66765B026, A219C9AE32D040BEA4DD69C2C826B1C52BACE26BEBFEE799BD56DFD442C5E0D8 ] C:\Windows\System32\drivers\usbccgp.sys
15:05:06.0298 0x0a14  C:\Windows\System32\drivers\usbccgp.sys - ok
15:05:06.0298 0x0a14  [ B160ADAEFC76031D92C4FBAC0918B033, A3A0D5AE3F15D6275005EA104D992A3A84B0AC0CA2E629716065DB715CCA856B ] C:\Windows\System32\samsrv.dll
15:05:06.0298 0x0a14  C:\Windows\System32\samsrv.dll - ok
15:05:06.0298 0x0a14  [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
15:05:06.0298 0x0a14  C:\Windows\System32\cryptdll.dll - ok
15:05:06.0313 0x0a14  [ 941AF3C8B0DE1B359BE22DD3288A8C8E, 8D1081C58097C68939955E3C700B1B9764212A6A70BEEE353985512F39DE2EBF ] C:\Windows\System32\scesrv.dll
15:05:06.0313 0x0a14  C:\Windows\System32\scesrv.dll - ok
15:05:06.0313 0x0a14  [ 9F5225F41D5474A651384C088D9FF502, 75EC20BFB470EA1F1ECC6111E4893C0C34CCA859AEBAC8B3A88F4CEF53E11C99 ] C:\Windows\System32\secur32.dll
15:05:06.0313 0x0a14  C:\Windows\System32\secur32.dll - ok
15:05:06.0313 0x0a14  [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
15:05:06.0313 0x0a14  C:\Windows\System32\wevtapi.dll - ok
15:05:06.0313 0x0a14  [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
15:05:06.0313 0x0a14  C:\Windows\System32\cngaudit.dll - ok
15:05:06.0313 0x0a14  [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
15:05:06.0313 0x0a14  C:\Windows\System32\authz.dll - ok
15:05:06.0313 0x0a14  [ D23371AB9607651937C7641A38CD52BC, 00ED1F9EC0B57A3E970F707C3B91CC68F874C0F0073CEA9FAD09EA2515B751C0 ] C:\Windows\System32\srvcli.dll
15:05:06.0313 0x0a14  C:\Windows\System32\srvcli.dll - ok
15:05:06.0313 0x0a14  [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
15:05:06.0313 0x0a14  C:\Windows\System32\sysntfy.dll - ok
15:05:06.0313 0x0a14  [ 7CB8C573C6E4A2714402CC0A36EAB4FE, FCD65AA3723617F58F77C4DA93CE910C712B8AA9411B5C4A60DC6C684EA53C1B ] C:\Windows\System32\drivers\usbvideo.sys
15:05:06.0313 0x0a14  C:\Windows\System32\drivers\usbvideo.sys - ok
15:05:06.0329 0x0a14  [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
15:05:06.0329 0x0a14  C:\Windows\System32\bcrypt.dll - ok
15:05:06.0329 0x0a14  [ 2E8C52A0EC788D90FA35D9507D828771, DD5AAA10E075F209D9827C7A192AD5645D1156C149DB9B5AC1EF7B5E0B5F11DE ] C:\Windows\System32\ncrypt.dll
15:05:06.0329 0x0a14  C:\Windows\System32\ncrypt.dll - ok
15:05:06.0329 0x0a14  [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
15:05:06.0329 0x0a14  C:\Windows\System32\wmsgapi.dll - ok
15:05:06.0329 0x0a14  [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
15:05:06.0329 0x0a14  C:\Windows\System32\msprivs.dll - ok
15:05:06.0329 0x0a14  [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
15:05:06.0329 0x0a14  C:\Windows\System32\negoexts.dll - ok
15:05:06.0329 0x0a14  [ B561B451320B0B40908A8BFD81705262, D9E6B0C33B03D7648A8229FB5FE06332141F1F8E9F73790D4D7D621DC53EF9D3 ] C:\Windows\System32\netjoin.dll
15:05:06.0329 0x0a14  C:\Windows\System32\netjoin.dll - ok
15:05:06.0329 0x0a14  [ F5D06621DF3311120C778935D3219021, FCB711351F7795A2541C82F20285C1D11A576641EB8C5E31D125C2EB929992D0 ] C:\Windows\System32\kerberos.dll
15:05:06.0329 0x0a14  C:\Windows\System32\kerberos.dll - ok
15:05:06.0329 0x0a14  [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
15:05:06.0329 0x0a14  C:\Windows\System32\cryptsp.dll - ok
15:05:06.0345 0x0a14  [ FC76FE3C1E1FDB761244D4F74EF560FD, 85D7BD8887E53F7E1C37D2EC3964D714C0939ED5D45F95332F425341AA181C19 ] C:\Windows\System32\mswsock.dll
15:05:06.0345 0x0a14  C:\Windows\System32\mswsock.dll - ok
15:05:06.0345 0x0a14  [ FA4DB05923DDDEDE3196ABD09AE0F1E9, 93224D8495DD67A2904DB6FFF3AD27C49E55B6463F7BF96DFE3E5070437456A6 ] C:\Windows\System32\msv1_0.dll
15:05:06.0345 0x0a14  C:\Windows\System32\msv1_0.dll - ok
15:05:06.0345 0x0a14  [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
15:05:06.0345 0x0a14  C:\Windows\System32\wship6.dll - ok
15:05:06.0345 0x0a14  [ 956D030D375F207B22FB111E06EF9C35, D2C6B0C0C9E951F6715252C54A620CF6AF1A3845014035334C92B3DDDEFD52E5 ] C:\Windows\System32\netlogon.dll
15:05:06.0345 0x0a14  C:\Windows\System32\netlogon.dll - ok
15:05:06.0345 0x0a14  [ DA3E2A6FA9660CC75B471530CE88453A, 85E8DC87EBF2C713EE879ED4E60EEC2F9940FC2755FC6BE7E0E96C61894AB558 ] C:\Windows\System32\winlogon.exe
15:05:06.0345 0x0a14  C:\Windows\System32\winlogon.exe - ok
15:05:06.0345 0x0a14  [ 05A2D26ACF0939A4E97160315F1FA12E, 0F387E5719020F7E25EF58E71576397CBF61A3712093AD433E58BBB905577EAD ] C:\Windows\System32\dnsapi.dll
15:05:06.0345 0x0a14  C:\Windows\System32\dnsapi.dll - ok
15:05:06.0345 0x0a14  [ 8CE22E63F08613036DF8C7B00FBDF36B, 442DDE1C1F1073BFB1730D3B258D249DD6FFAED7D2452493C2E1D4CF48F5376C ] C:\Windows\System32\logoncli.dll
15:05:06.0345 0x0a14  C:\Windows\System32\logoncli.dll - ok
15:05:06.0345 0x0a14  [ 5A148B1574BE77742D337EC81C23FC7A, 12FFD0093228C39999A1A360CD2B743660D254AF4423E2884BDEC814EBB7783B ] C:\Windows\System32\schannel.dll
15:05:06.0345 0x0a14  C:\Windows\System32\schannel.dll - ok
15:05:06.0345 0x0a14  [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
15:05:06.0345 0x0a14  C:\Windows\System32\wdigest.dll - ok
15:05:06.0360 0x0a14  [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
15:05:06.0360 0x0a14  C:\Windows\System32\rsaenh.dll - ok
15:05:06.0360 0x0a14  [ 0DEFD5FBF801DD8F83BC0ED09861A8EC, A00E0CCDE4270452139C37E1599F3ED3ACCF02BEE371F5534E17E93DB46ED082 ] C:\Windows\System32\TSpkg.dll
15:05:06.0360 0x0a14  C:\Windows\System32\TSpkg.dll - ok
15:05:06.0360 0x0a14  [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
15:05:06.0360 0x0a14  C:\Windows\System32\pku2u.dll - ok
15:05:06.0360 0x0a14  [ DA090E97E57DCB48888015B5D3C749CD, 9C351013A7791CB0998E3E2519A460CBC6EED5E595EEA7A3394DA74738A7132E ] C:\Windows\System32\bcryptprimitives.dll
15:05:06.0360 0x0a14  C:\Windows\System32\bcryptprimitives.dll - ok
15:05:06.0360 0x0a14  [ 9301B8810B2DA4EB6AD55DB75FC1E339, 765D23BD3D5D8768550D82CFDBD26365E2AE896DE9E5F123CE4045BDF8E838BB ] C:\Windows\System32\credssp.dll
15:05:06.0360 0x0a14  C:\Windows\System32\credssp.dll - ok
15:05:06.0360 0x0a14  [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
15:05:06.0360 0x0a14  C:\Windows\System32\efslsaext.dll - ok
15:05:06.0360 0x0a14  [ D8C88512BA9544AE1CC2034F50ECFA12, 99CFB478DF31214E98CAB81EFF7346500579AE262100BD418F3C9D47437F4413 ] C:\Windows\System32\winsta.dll
15:05:06.0360 0x0a14  C:\Windows\System32\winsta.dll - ok
15:05:06.0360 0x0a14  [ 398712DDDAEFB85EDF61DF6A07B65C79, 08732BF5C5FFAF953FF4065AA5D35CFF797590E1C2CD12E4E923E932B5722A20 ] C:\Windows\System32\scecli.dll
15:05:06.0360 0x0a14  C:\Windows\System32\scecli.dll - ok
15:05:06.0376 0x0a14  [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
15:05:06.0376 0x0a14  C:\Windows\System32\ubpm.dll - ok
15:05:06.0376 0x0a14  [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
15:05:06.0376 0x0a14  C:\Windows\System32\svchost.exe - ok
15:05:06.0376 0x0a14  [ 23157D583244400E1D7FBAEE2E4B31B7, 4E8D93F746C727CE1A89B53FEFFCFB080AC3CC8F3CF2F8613E692E989794C52F ] C:\Windows\System32\umpnpmgr.dll
15:05:06.0376 0x0a14  C:\Windows\System32\umpnpmgr.dll - ok
15:05:06.0376 0x0a14  [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
15:05:06.0376 0x0a14  C:\Windows\System32\SPInf.dll - ok
15:05:06.0376 0x0a14  [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
15:05:06.0376 0x0a14  C:\Windows\System32\devrtl.dll - ok
15:05:06.0376 0x0a14  [ 0776CF79590BDEF0A2728B0B9A813B96, 8205E0F3CC3DD8605769EC4DD85E6ACE89B219F62379C8FD74C62047BD339F22 ] C:\Windows\System32\userenv.dll
15:05:06.0376 0x0a14  C:\Windows\System32\userenv.dll - ok
15:05:06.0376 0x0a14  [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
15:05:06.0376 0x0a14  C:\Windows\System32\gpapi.dll - ok
15:05:06.0376 0x0a14  [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
15:05:06.0376 0x0a14  C:\Windows\System32\pcwum.dll - ok
15:05:06.0391 0x0a14  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
15:05:06.0391 0x0a14  C:\Windows\System32\umpo.dll - ok
15:05:06.0391 0x0a14  [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
15:05:06.0391 0x0a14  C:\Windows\System32\powrprof.dll - ok
15:05:06.0391 0x0a14  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
15:05:06.0391 0x0a14  C:\Windows\System32\drivers\luafv.sys - ok
15:05:06.0391 0x0a14  [ 7CADC74271DD6461C452C271B30BD378, D58C2094C36FC665C03A6A269EED80DC71F330C3DCF40A27A3C8F56AB7A96861 ] C:\Windows\System32\drivers\WUDFPf.sys
15:05:06.0391 0x0a14  C:\Windows\System32\drivers\WUDFPf.sys - ok
15:05:06.0391 0x0a14  [ B7973C405247C5A44BA46B12A4B7AEEA, DF25E4CB7093EFF528C47A51C68CD1B0A93AE273D078804B7E09E74163753AA8 ] C:\Windows\System32\nvvsvc.exe
15:05:06.0391 0x0a14  C:\Windows\System32\nvvsvc.exe - ok
15:05:06.0391 0x0a14  [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
15:05:06.0391 0x0a14  C:\Windows\System32\wtsapi32.dll - ok
15:05:06.0391 0x0a14  [ EACEC497A6496E2A280348AD67ACF280, DAC7141A072FC83274612BC228DA6E014C371707FC76832470604ACDD5BF4BE3 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
15:05:06.0391 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe - ok
15:05:06.0391 0x0a14  [ E4F1F370395B5E8E58191896D64129C4, BBAA75DFD672FDB43E8A52946A261A7938E25929C20F58DDF9A90077A2D87CA7 ] C:\Windows\SysWOW64\ntdll.dll
15:05:06.0391 0x0a14  C:\Windows\SysWOW64\ntdll.dll - ok
15:05:06.0407 0x0a14  [ F99A7E8B9DD9E511769C550E2174E4ED, 207773B827EA8FD675E99414D9975B08E828BC0984F464EB62A3F4FF02D49FFF ] C:\Windows\System32\wow64.dll
15:05:06.0407 0x0a14  C:\Windows\System32\wow64.dll - ok
15:05:06.0407 0x0a14  [ 982A28EE7BADBF30B6BC774035DD318F, F818DC2E6696D6518F4DA1A2AA7A10FFF825733B8C48F72451C9D0411CF6EC5B ] C:\Windows\System32\wow64win.dll
15:05:06.0407 0x0a14  C:\Windows\System32\wow64win.dll - ok
15:05:06.0407 0x0a14  [ 5E39878945C109AC68AC81A96DF4EC77, A27F6F6AA2A463B4DDC33996F1CE9C9E9F7B7DB09247B11CB401EF9E11F62320 ] C:\Windows\System32\wow64cpu.dll
15:05:06.0407 0x0a14  C:\Windows\System32\wow64cpu.dll - ok
15:05:06.0407 0x0a14  [ 606ECB76A424CC535407E7A24E2A34BC, 2F579AF0D0F50235CD95DCF4CFA91426F169A75503B1FD5A81D7E0CFC9AA2277 ] C:\Windows\SysWOW64\kernel32.dll
15:05:06.0407 0x0a14  C:\Windows\SysWOW64\kernel32.dll - ok
15:05:06.0407 0x0a14  [ E553135C97982EDACDECDE48D3E38458, 7F530357C47102EA1E6F33281724C702CB785A72A0F412FFC7238EE9F593E8BB ] C:\Windows\SysWOW64\KernelBase.dll
15:05:06.0407 0x0a14  C:\Windows\SysWOW64\KernelBase.dll - ok
15:05:06.0407 0x0a14  [ E46D48A7FE961401F1CBF85531CDF05D, 24CA38641020FF9E07E16CE3992212E2BFD2759E902D12744D4989ADF11995BF ] C:\Windows\SysWOW64\msvcrt.dll
15:05:06.0407 0x0a14  C:\Windows\SysWOW64\msvcrt.dll - ok
15:05:06.0407 0x0a14  [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
15:05:06.0407 0x0a14  C:\Windows\SysWOW64\version.dll - ok
15:05:06.0407 0x0a14  [ 41323AB614A2B66AD77B1121D24AC895, 3B441E113365F597F5AA18979AFFD5F7F37F75EBFBBA0AE821ACEE550E3EEC05 ] C:\Windows\SysWOW64\setupapi.dll
15:05:06.0407 0x0a14  C:\Windows\SysWOW64\setupapi.dll - ok
15:05:06.0423 0x0a14  [ 15B94E4AC75C9295275BDC9A1D7054C3, 1B478C2A60B3CFC066B7FE9A388BC2E29974B4B8A664AFEFA59FD8F18B39DE36 ] C:\Windows\SysWOW64\cfgmgr32.dll
15:05:06.0423 0x0a14  C:\Windows\SysWOW64\cfgmgr32.dll - ok
15:05:06.0423 0x0a14  [ 90385551B6B3793E949DF310A11D64E7, 11AF8D1723F6C57781B200CD78A93686BF26B645ACEEF336FAC7E7E53C4E0946 ] C:\Windows\SysWOW64\rpcrt4.dll
15:05:06.0423 0x0a14  C:\Windows\SysWOW64\rpcrt4.dll - ok
15:05:06.0423 0x0a14  [ 0C65FA8214D6F8378D1D3BA1CA46AF0A, C8D0226F39A9DE3B871E84BB6B14975CBBE16A34ADAACBC33ACF726EE6E17104 ] C:\Windows\SysWOW64\advapi32.dll
15:05:06.0423 0x0a14  C:\Windows\SysWOW64\advapi32.dll - ok
15:05:06.0423 0x0a14  [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
15:05:06.0423 0x0a14  C:\Windows\SysWOW64\cryptbase.dll - ok
15:05:06.0423 0x0a14  [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
15:05:06.0423 0x0a14  C:\Windows\SysWOW64\sechost.dll - ok
15:05:06.0423 0x0a14  [ BFB4DB4681256116F69209C8D05032E0, 7563562409CA4B805F0FAD267B3533C0A335B0B155C1D57E43864A58255DA45F ] C:\Windows\SysWOW64\sspicli.dll
15:05:06.0423 0x0a14  C:\Windows\SysWOW64\sspicli.dll - ok
15:05:06.0423 0x0a14  [ FBE1E0B9EF53B5BB7C36763AA6A685CF, E999D53365387DCE50BE8A0FBD5E05222636D8CDDB309A529380076BE778729D ] C:\Windows\SysWOW64\gdi32.dll
15:05:06.0423 0x0a14  C:\Windows\SysWOW64\gdi32.dll - ok
15:05:06.0423 0x0a14  [ E8B0FFC209E504CB7E79FC24E6C085F0, 7F756B1DA060D5764C81F8D099E34265186B7E5E6B0FCA08E7FB3989EF4ED0E4 ] C:\Windows\SysWOW64\user32.dll
15:05:06.0423 0x0a14  C:\Windows\SysWOW64\user32.dll - ok
15:05:06.0438 0x0a14  [ 384721EF4024890092625E20CADFAF85, 32FB012437C271CA4408EC60E6858485C2F9489107BBDB7011F728A0D2A26D2C ] C:\Windows\SysWOW64\lpk.dll
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\lpk.dll - ok
15:05:06.0438 0x0a14  [ 0BA19F3198C40AC4E8CC66EE02EDA6C6, 4555FB6ED0F286DF94FEACFEC36BF23E0F586CFA80DEE45C5EA7A0760C967E84 ] C:\Windows\SysWOW64\usp10.dll
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\usp10.dll - ok
15:05:06.0438 0x0a14  [ 4ACB903AD1693858A918907358CBD9E4, F7A5F4F958EB9A79C842A35CB4EE3947CC1F4F2DB4FCB5C90F8C99EF386009D3 ] C:\Windows\SysWOW64\ole32.dll
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\ole32.dll - ok
15:05:06.0438 0x0a14  [ FADBB267FE9846233ED486DE6EEAAEB9, 7F038884CA763BBEB6E2ACADB4B58DBC5EE9D6A4FDC6C59B5AC8556850E1468E ] C:\Windows\SysWOW64\oleaut32.dll
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\oleaut32.dll - ok
15:05:06.0438 0x0a14  [ CC4ED8BEA78B0DCA6F217E014C3291A7, 01104182E4E6FB3CF6397936D30B2CE3486967586D1B94187B59A8232DAE39FF ] C:\Windows\SysWOW64\devobj.dll
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\devobj.dll - ok
15:05:06.0438 0x0a14  [ 0DE3069D6E09BA262856EF31C941BEFE, 5F73305B7910B486882AFA838F1A0F0104B8FB1C2EAC14623D2028D23A704CA7 ] C:\Windows\SysWOW64\imm32.dll
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\imm32.dll - ok
15:05:06.0438 0x0a14  [ 61E02CC3184B63FAFE0B83EAC8B3B8EF, 006E453C901E2D3ED53D359087071145D27AE4CFFEBD5C6EDCFEFB17DFF27F15 ] C:\Windows\SysWOW64\winspool.drv
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\winspool.drv - ok
15:05:06.0438 0x0a14  [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\msctf.dll - ok
15:05:06.0438 0x0a14  [ 31A3C683D1B38F8B139A21E1A690A772, 3C76753AFBE073495E4044C6E3BF5ED0FE65148BB1D213E90B7A4731430BCA05 ] C:\Windows\SysWOW64\nvinit.dll
15:05:06.0438 0x0a14  C:\Windows\SysWOW64\nvinit.dll - ok
15:05:06.0454 0x0a14  [ 55D78AFFED28CBB13F5BD50844449074, 5E3323821DA0661A727D4320D9790DA4D799450370A2C7AF2BB4E6B3CEEEC810 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll
15:05:06.0454 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvstres.dll - ok
15:05:06.0454 0x0a14  [ 189AA4B89F6225ED2CB132463A53FABB, CFC669A66A65DEEAB5986D9A7BB9296D2142304863522F47C0AF0069439DCD08 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll
15:05:06.0454 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvwl.dll - ok
15:05:06.0454 0x0a14  [ 7266972E86890E2B30C0C322E906B027, BFA30E85F5BD3AA933913BD7C6D2B5993DB7AFB0C98349B61A6BEF0BDC8A3680 ] C:\Windows\System32\rpcss.dll
15:05:06.0454 0x0a14  C:\Windows\System32\rpcss.dll - ok
15:05:06.0454 0x0a14  [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
15:05:06.0454 0x0a14  C:\Windows\SysWOW64\ntmarta.dll - ok
15:05:06.0454 0x0a14  [ BFA70A99AD1434263F2DFBBA103BDEF8, 5A0E73D48824C23E2C221EAC369A906FEDECE0E047E8C7E5F012242E74AFAF9E ] C:\Windows\SysWOW64\Wldap32.dll
15:05:06.0454 0x0a14  C:\Windows\SysWOW64\Wldap32.dll - ok
15:05:06.0454 0x0a14  [ 27CBC636ABCE09CDB5227A872BE7A79C, 3CB803AAC96DD766843DD6D0F5A0EF37A1447240A24E754049AA645AACCEC5E4 ] C:\Windows\SysWOW64\wintrust.dll
15:05:06.0454 0x0a14  C:\Windows\SysWOW64\wintrust.dll - ok
15:05:06.0454 0x0a14  [ E6B5DE86ABF68D7D67E451C29287B5C5, AFE45D233FFBC190B3F13D357C973D20122B3C08A06BFF1CE70C0D46E44C5532 ] C:\Windows\SysWOW64\crypt32.dll
15:05:06.0454 0x0a14  C:\Windows\SysWOW64\crypt32.dll - ok
15:05:06.0469 0x0a14  [ 4C04900AA8C323F5D4C316A89E976849, E84FB3D045CF0250C3DE3C39248639D38625FCC31AC16B65BFAC0D3245FF8FEB ] C:\Windows\SysWOW64\msasn1.dll
15:05:06.0469 0x0a14  C:\Windows\SysWOW64\msasn1.dll - ok
15:05:06.0469 0x0a14  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
15:05:06.0469 0x0a14  C:\Windows\System32\RpcEpMap.dll - ok
15:05:06.0469 0x0a14  [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
15:05:06.0469 0x0a14  C:\Windows\System32\wshqos.dll - ok
15:05:06.0469 0x0a14  [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
15:05:06.0469 0x0a14  C:\Windows\System32\WSHTCPIP.DLL - ok
15:05:06.0469 0x0a14  [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
15:05:06.0469 0x0a14  C:\Windows\System32\FirewallAPI.dll - ok
15:05:06.0469 0x0a14  [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
15:05:06.0469 0x0a14  C:\Windows\System32\version.dll - ok
15:05:06.0469 0x0a14  [ 99ABDA9C92EC76CBAF52F00239D909C9, 2959EFBF1C597BABD5D934667255E7B8E098C4C7FEE9DED65C9D04ECA852D7A3 ] C:\Windows\System32\wevtsvc.dll
15:05:06.0469 0x0a14  C:\Windows\System32\wevtsvc.dll - ok
15:05:06.0469 0x0a14  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
15:05:06.0469 0x0a14  C:\Windows\System32\mmcss.dll - ok
15:05:06.0485 0x0a14  [ 93E6A39B1DB898F7C949FA5567E774CF, 914F12718CEF019DE2AB18776DD23C669F218B4FA2292BECFE34A95872040789 ] C:\Windows\System32\LogonUI.exe
15:05:06.0485 0x0a14  C:\Windows\System32\LogonUI.exe - ok
15:05:06.0485 0x0a14  [ FD07F21E0A19C27ED4E1EEC2B07452B3, DF54C00B021AF64BB04EDEBCA6F41CCF48F1959DD53ADE545FAFC565F1243392 ] C:\Windows\SysWOW64\devrtl.dll
15:05:06.0485 0x0a14  C:\Windows\SysWOW64\devrtl.dll - ok
15:05:06.0485 0x0a14  [ 4BDBBE5E4208022DD794F7EEEB0F7366, 4F69BA2EDABFA63A300B9F1880349EFAE185B899DD5C561E7B3BA6AAA4B22D6A ] C:\Windows\SysWOW64\SPInf.dll
15:05:06.0485 0x0a14  C:\Windows\SysWOW64\SPInf.dll - ok
15:05:06.0485 0x0a14  [ BCF0A980D21711E47D0803BDB0E99CAD, CBC125C6F043584416BC20CB1F12B2BFDC6D99DAC942EDDA90754779C947E31A ] C:\Windows\System32\authui.dll
15:05:06.0485 0x0a14  C:\Windows\System32\authui.dll - ok
15:05:06.0485 0x0a14  [ DBA90306A721FB922FDACED9E9728C28, 9D1F36D8A17DABED318B3AC4940FF537FFF9C77F6E8CF0EB799A68F5B7B34EB8 ] C:\Windows\System32\cryptui.dll
15:05:06.0485 0x0a14  C:\Windows\System32\cryptui.dll - ok
15:05:06.0485 0x0a14  [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
15:05:06.0485 0x0a14  C:\Windows\System32\avrt.dll - ok
15:05:06.0485 0x0a14  [ 07721A77180EDD4D39CCB865BF63C7FD, 9E8117E747C86154F98F2686D805A981029CC5D11AFB115A529429C9A4579BE5 ] C:\Windows\System32\audiosrv.dll
15:05:06.0485 0x0a14  C:\Windows\System32\audiosrv.dll - ok
15:05:06.0485 0x0a14  [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
15:05:06.0485 0x0a14  C:\Windows\System32\MMDevAPI.dll - ok
15:05:06.0485 0x0a14  [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
15:05:06.0485 0x0a14  C:\Windows\System32\ntmarta.dll - ok
15:05:06.0501 0x0a14  [ B27EA141A7E748B607600A8551A44D5A, 551636B1E4A4D6CB21E243E2C01DDEA7CF5BACDD290B3A618DDD0055729F0F5E ] C:\Windows\System32\propsys.dll
15:05:06.0501 0x0a14  C:\Windows\System32\propsys.dll - ok
15:05:06.0501 0x0a14  [ D152EBC32A23069F8AA1D1F24B15E3F9, B032CC7CBD715196BEC3B0B7C2DFD1D6169B66CC1770DD4B708951CC87DD871B ] C:\Windows\System32\audiodg.exe
15:05:06.0501 0x0a14  C:\Windows\System32\audiodg.exe - ok
15:05:06.0501 0x0a14  [ C093E7835C1372D6D70A6675EDAA97B5, 644AC8EE600CD6A16BB6EE0C79EE128385E0C55FBD13CA18867D984F91B4ED99 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6\comctl32.dll
15:05:06.0501 0x0a14  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6\comctl32.dll - ok
15:05:06.0501 0x0a14  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
15:05:06.0501 0x0a14  C:\Windows\System32\wlansvc.dll - ok
15:05:06.0501 0x0a14  [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
15:05:06.0501 0x0a14  C:\Windows\System32\adtschema.dll - ok
15:05:06.0501 0x0a14  [ FE05D03B73000CFF476E1D29109F3A84, 7880B025413338A7B114BECB5DC67605FC7A97142C26FD12F765A64A21805842 ] C:\Program Files\Windows Defender\MpEvMsg.dll
15:05:06.0501 0x0a14  C:\Program Files\Windows Defender\MpEvMsg.dll - ok
15:05:06.0501 0x0a14  [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
15:05:06.0501 0x0a14  C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
15:05:06.0501 0x0a14  [ 873FBF927C06E5CEE04DEC617502F8FD, 8B452ED5D003337E66634EEC3D5C9FBA4D05FF5AE776239F3B769FAA505E729C ] C:\Windows\System32\cscsvc.dll
15:05:06.0501 0x0a14  C:\Windows\System32\cscsvc.dll - ok
15:05:06.0516 0x0a14  [ 29910D50542B1AA0F162EF3339C61B6D, 018F0922384A5757390652865BB2DF876E9DA08B0858BC619B41D2CD14533ED4 ] C:\Windows\System32\PeerDist.dll
15:05:06.0516 0x0a14  C:\Windows\System32\PeerDist.dll - ok
15:05:06.0516 0x0a14  [ FE5AB4525BC2EC68B9119A6E5D40128B, 088DE37982CEE78A0C1181389A3BFF1E352DF504074B3E8F3EA244DB271BF216 ] C:\Windows\System32\gpsvc.dll
15:05:06.0516 0x0a14  C:\Windows\System32\gpsvc.dll - ok
15:05:06.0516 0x0a14  [ 86E3822A34D454032D8E88C72AE8CF2D, 3A8DA946AFAC023254E9D260BFB796FF356A3978F28DA1FC6B939B0E234C9A64 ] C:\Windows\System32\nlaapi.dll
15:05:06.0516 0x0a14  C:\Windows\System32\nlaapi.dll - ok
15:05:06.0516 0x0a14  [ F381975E1F4346DE875CB07339CE8D3A, 867BFC2E9A08E026289794019B8DE651A8604D06DD6A9BF166C29AFC24B6D26E ] C:\Windows\System32\profsvc.dll
15:05:06.0516 0x0a14  C:\Windows\System32\profsvc.dll - ok
15:05:06.0516 0x0a14  [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
15:05:06.0516 0x0a14  C:\Windows\System32\atl.dll - ok
15:05:06.0516 0x0a14  [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
15:05:06.0516 0x0a14  C:\Windows\System32\dsrole.dll - ok
15:05:06.0516 0x0a14  [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
15:05:06.0516 0x0a14  C:\Windows\System32\slc.dll - ok
15:05:06.0516 0x0a14  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
15:05:06.0516 0x0a14  C:\Windows\System32\themeservice.dll - ok
15:05:06.0532 0x0a14  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
15:05:06.0532 0x0a14  C:\Windows\System32\es.dll - ok
15:05:06.0532 0x0a14  [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
15:05:06.0532 0x0a14  C:\Windows\System32\comres.dll - ok
15:05:06.0532 0x0a14  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
15:05:06.0532 0x0a14  C:\Windows\System32\Sens.dll - ok
15:05:06.0532 0x0a14  [ F7866AF72ABBAF84B1FA5AA195378C59, 9D522044FE9C18FB3EC327E675737C01F2A8231DDE900421D3A431596946A7F8 ] C:\Windows\System32\drivers\fltMgr.sys
15:05:06.0532 0x0a14  C:\Windows\System32\drivers\fltMgr.sys - ok
15:05:06.0532 0x0a14  [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
15:05:06.0532 0x0a14  C:\Windows\System32\PSHED.DLL - ok
15:05:06.0532 0x0a14  [ 84F8C8B9FB1F12532999D25F5DD7E77C, D3442C2091D35A1483D3C317ED45B77F64BFE882992105DA97A6BF67E265B0D9 ] C:\Windows\System32\shacct.dll
15:05:06.0532 0x0a14  C:\Windows\System32\shacct.dll - ok
15:05:06.0532 0x0a14  [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
15:05:06.0532 0x0a14  C:\Windows\System32\samlib.dll - ok
15:05:06.0547 0x0a14  [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
15:05:06.0547 0x0a14  C:\Windows\System32\uxtheme.dll - ok
15:05:06.0547 0x0a14  [ 01F92AA50D03D67A88579D496311B4B6, 8548A90EE2F755485A39F019641FA837335D536655442FEDAAA99EF0F20553C9 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_2b4f45e87195fcc4\GdiPlus.dll
15:05:06.0547 0x0a14  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_2b4f45e87195fcc4\GdiPlus.dll - ok
15:05:06.0547 0x0a14  [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
15:05:06.0547 0x0a14  C:\Windows\System32\dui70.dll - ok
15:05:06.0547 0x0a14  [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
15:05:06.0547 0x0a14  C:\Windows\System32\duser.dll - ok
15:05:06.0547 0x0a14  [ B2E3D4BB3389817FB5E4CD9378BC8791, 827432B830552DE87D44B0B3D298CC9E17A81C352803D439753135B35F7AAD67 ] C:\Windows\System32\SndVolSSO.dll
15:05:06.0547 0x0a14  C:\Windows\System32\SndVolSSO.dll - ok
15:05:06.0547 0x0a14  [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
15:05:06.0547 0x0a14  C:\Windows\System32\dwmapi.dll - ok
15:05:06.0547 0x0a14  [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
15:05:06.0547 0x0a14  C:\Windows\System32\hid.dll - ok
15:05:06.0547 0x0a14  [ D6F630C1FD7F436316093AE500363B19, 73A94B4938430396EA4240B1A6676B4E6C19CFAF8C52EFB9A69B4B2175A86307 ] C:\Windows\System32\xmllite.dll
15:05:06.0547 0x0a14  C:\Windows\System32\xmllite.dll - ok
15:05:06.0563 0x0a14  [ EA99F234843BBDDA1ABD2767111ADE25, EF578F52BB359DA01465A754EAB6289232F80661774E6C0E1E1469573006CD72 ] C:\Windows\System32\WindowsCodecs.dll
15:05:06.0563 0x0a14  C:\Windows\System32\WindowsCodecs.dll - ok
15:05:06.0563 0x0a14  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
15:05:06.0563 0x0a14  C:\Windows\System32\winbrand.dll - ok
15:05:06.0563 0x0a14  [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
15:05:06.0563 0x0a14  C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
15:05:06.0563 0x0a14  [ 862789547AF9694B48BA0D040BF246BC, 19D12AA135127C56FF431299510AF63E1399A03D2BCC9255AE9F34E60C556F8F ] C:\Windows\System32\taskschd.dll
15:05:06.0563 0x0a14  C:\Windows\System32\taskschd.dll - ok
15:05:06.0563 0x0a14  [ F66A12ACF2B2DB8C73A2C180F562E3EC, C094B24AA3BCDAEA0AAFD898059E268E87EBB6291351150747DF7D5972517F53 ] C:\Windows\System32\mstask.dll
15:05:06.0563 0x0a14  C:\Windows\System32\mstask.dll - ok
15:05:06.0563 0x0a14  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
15:05:06.0563 0x0a14  C:\Windows\System32\uxsms.dll - ok
15:05:06.0563 0x0a14  [ 37B68E458C0BC255DF2FB7454D0798D3, ADA50F59137E650E7A7256E5E1A5B5F52273A44CEDD2F7BB5709F1109AA67930 ] C:\Windows\System32\WUDFPlatform.dll
15:05:06.0563 0x0a14  C:\Windows\System32\WUDFPlatform.dll - ok
15:05:06.0563 0x0a14  [ B551D6637AA0E132C18AC6E504F7B79B, FA6495533A14E01ABB0F6689AB7503B1B439D3ADA7457DFCB7D81714A9817327 ] C:\Windows\System32\WUDFSvc.dll
15:05:06.0563 0x0a14  C:\Windows\System32\WUDFSvc.dll - ok
15:05:06.0563 0x0a14  [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
15:05:06.0563 0x0a14  C:\Windows\System32\VaultCredProvider.dll - ok
15:05:06.0579 0x0a14  [ 2A381A9740165D7A1405148B6DFB3E38, 885241B9ED8A6074D428FDE0B326B2E1A59254CE779B884EE61716F45CDF2712 ] C:\Windows\System32\SmartcardCredentialProvider.dll
15:05:06.0579 0x0a14  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
15:05:06.0579 0x0a14  [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
15:05:06.0579 0x0a14  C:\Windows\System32\BioCredProv.dll - ok
15:05:06.0579 0x0a14  [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
15:05:06.0579 0x0a14  C:\Windows\System32\winbio.dll - ok
15:05:06.0579 0x0a14  [ 97D38371502AA797DB14EB1FA5FCE4CD, 6F71EF6DE07C2A34339726775FF8D8A64254A287B5D1972B55D9874EC9E6912F ] C:\Windows\System32\credui.dll
15:05:06.0579 0x0a14  C:\Windows\System32\credui.dll - ok
15:05:06.0579 0x0a14  [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
15:05:06.0579 0x0a14  C:\Windows\System32\vaultcli.dll - ok
15:05:06.0579 0x0a14  [ 1C10772935D67F74ABDFE542ECE7551D, A42095C09C1827203DD2A271B116010E8DCBFBB8C21779425018AF92DF4F2C93 ] C:\Windows\System32\netapi32.dll
15:05:06.0579 0x0a14  C:\Windows\System32\netapi32.dll - ok
15:05:06.0579 0x0a14  [ 542853C8124312FBF27C1681ED059244, B8AA098434790D46E327B21473D63F9E04D690EC55397D4D30E3F797E2531D61 ] C:\Windows\System32\AthCredentialProvider.dll
15:05:06.0579 0x0a14  C:\Windows\System32\AthCredentialProvider.dll - ok
15:05:06.0579 0x0a14  [ 4C8C2F987FC397DCE98874D6C9C0736A, 005D2CF9311799E8151B7154469D10D9346AFC2E0BF88358E54A091D5D14B970 ] C:\Windows\System32\netutils.dll
15:05:06.0579 0x0a14  C:\Windows\System32\netutils.dll - ok
15:05:06.0594 0x0a14  [ A87205FE194B239D8D96E4972B779CC1, F392004842E291097385A0C1DC9143356CA195B18638E58E552BA20F386489AC ] C:\Windows\System32\samcli.dll
15:05:06.0594 0x0a14  C:\Windows\System32\samcli.dll - ok
15:05:06.0594 0x0a14  [ B33CBD1A8C2A33121321D0FEBD7DD870, 248E01B3E88D0243AF4771A18AFCDE3DB04475EFB7D0E426CA1D00358C84A465 ] C:\Windows\System32\wkscli.dll
15:05:06.0594 0x0a14  C:\Windows\System32\wkscli.dll - ok
15:05:06.0594 0x0a14  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
15:05:06.0594 0x0a14  C:\Windows\System32\drivers\lltdio.sys - ok
15:05:06.0594 0x0a14  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
15:05:06.0594 0x0a14  C:\Windows\System32\drivers\nwifi.sys - ok
15:05:06.0594 0x0a14  [ F105BA1E22BF1F2EE8F005D4305E4BEC, 723DA09E13D0F50634D9F114590B837D16F7B36AA0DA2AB8F8C2D9991624EA8F ] C:\Windows\System32\drivers\ndisuio.sys
15:05:06.0594 0x0a14  C:\Windows\System32\drivers\ndisuio.sys - ok
15:05:06.0594 0x0a14  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
15:05:06.0594 0x0a14  C:\Windows\System32\drivers\rspndr.sys - ok
15:05:06.0594 0x0a14  [ 57FE2CFC2F25C200499D5D934EA24EB5, 4802E9A2AE7849AAF1103113A9DB3647CFD7EA7472E712D3A1E768DA81A24F74 ] C:\Windows\System32\IPHLPAPI.DLL
15:05:06.0594 0x0a14  C:\Windows\System32\IPHLPAPI.DLL - ok
15:05:06.0594 0x0a14  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
15:05:06.0594 0x0a14  C:\Windows\System32\lmhsvc.dll - ok
15:05:06.0610 0x0a14  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
15:05:06.0610 0x0a14  C:\Windows\System32\nsisvc.dll - ok
15:05:06.0610 0x0a14  [ 676108C4E3AA6F6B34633748BD0BEBD9, 953286126E482EF3A9A1833680EFF86D657BD6C5411B9AEC2D7828ADE63D25AD ] C:\Windows\System32\dnsrslvr.dll
15:05:06.0610 0x0a14  C:\Windows\System32\dnsrslvr.dll - ok
15:05:06.0610 0x0a14  [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
15:05:06.0610 0x0a14  C:\Windows\System32\keyiso.dll - ok
15:05:06.0610 0x0a14  [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
15:05:06.0610 0x0a14  C:\Windows\System32\winnsi.dll - ok
15:05:06.0610 0x0a14  [ 366FD6F3A451351B5DF2D7C4ECF4C73A, AE3CB6C6AFBA9A4AA5C85F66023C35338CA579B30326DD02918F9D55259503D5 ] C:\Windows\System32\msvcr100.dll
15:05:06.0610 0x0a14  C:\Windows\System32\msvcr100.dll - ok
15:05:06.0610 0x0a14  [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
15:05:06.0610 0x0a14  C:\Windows\System32\msimg32.dll - ok
15:05:06.0610 0x0a14  [ FD5BA198F7190DFE9BE1947EB8710396, DF901E8704FE4EFA7E386D0B432BDAF5129C8BBAF635921CEF16A2E016151B80 ] C:\Windows\System32\nrpsrv.dll
15:05:06.0610 0x0a14  C:\Windows\System32\nrpsrv.dll - ok
15:05:06.0610 0x0a14  [ 92AAF75C3EB344A098DC026BC9DDF42A, 1E47DCB47C9543452013E98B457E6A4DA21FF6F38BA551A87D8A42C5645F35CA ] C:\Windows\System32\bthprops.cpl
15:05:06.0610 0x0a14  C:\Windows\System32\bthprops.cpl - ok
15:05:06.0625 0x0a14  [ 2854D6C2A973A8F540B95F97EAD800A3, F21DC83F056B7772FCE928E720F706A80128D223C58418275FD301E824CFCD94 ] C:\Program Files (x86)\Bluetooth Suite\en-US\BtvStack.exe.mui
15:05:06.0625 0x0a14  C:\Program Files (x86)\Bluetooth Suite\en-US\BtvStack.exe.mui - ok
15:05:06.0625 0x0a14  [ CE3B9562D997F69B330D181A8875960F, 6FEE6622859198C5C13545867EF7CFE8EDC991360E976F792313DAA9C82CC5C8 ] C:\Windows\System32\dhcpcore.dll
15:05:06.0625 0x0a14  C:\Windows\System32\dhcpcore.dll - ok
15:05:06.0625 0x0a14  [ 71C7B65B6557B75B99907E76956AE4B8, 38AD0E96D6AD36C0643761D5F5DB7A2802E059008C0984ABF61F4D8703DE4B3B ] C:\Windows\System32\dhcpcore6.dll
15:05:06.0625 0x0a14  C:\Windows\System32\dhcpcore6.dll - ok
15:05:06.0625 0x0a14  [ 982F5395AD181179320083A4FA7E7CA8, A54205CF9D5C0CE01D1BA079508BABF80F5B35D7DADBB1D64699E9E1D7CF37E8 ] C:\Windows\System32\eapphost.dll
15:05:06.0625 0x0a14  C:\Windows\System32\eapphost.dll - ok
15:05:06.0625 0x0a14  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
15:05:06.0625 0x0a14  C:\Windows\System32\eapsvc.dll - ok
15:05:06.0625 0x0a14  [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FDB8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL
15:05:06.0625 0x0a14  C:\Windows\System32\FWPUCLNT.DLL - ok
15:05:06.0625 0x0a14  [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
15:05:06.0625 0x0a14  C:\Windows\System32\dhcpcsvc.dll - ok
15:05:06.0625 0x0a14  [ 4CBCC37856EA2039C27A2FB661DDA0E5, 74CBFAB3092A9564BDDFCB84DB3E3F8BCFD1492938ADF187423D3355D73D21C6 ] C:\Windows\System32\dhcpcsvc6.dll
15:05:06.0625 0x0a14  C:\Windows\System32\dhcpcsvc6.dll - ok
15:05:06.0641 0x0a14  [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
15:05:06.0641 0x0a14  C:\Windows\System32\dnsext.dll - ok
15:05:06.0641 0x0a14  [ 2017BFE87CAB3D7EF632CFD2AA08D3F0, 8A03D1EB5091E1C1DBD909CDC401DA2E876B0EA9893126840B8B87426C211992 ] C:\Windows\System32\umb.dll
15:05:06.0641 0x0a14  C:\Windows\System32\umb.dll - ok
15:05:06.0641 0x0a14  [ 48A31B7CF046702059A86836DC21D786, 6876FA74DEBC66D2FA4FCB3009C29ECCD2107F1E103FCE90BC8C29C7360A9168 ] C:\Windows\System32\wlanmsm.dll
15:05:06.0641 0x0a14  C:\Windows\System32\wlanmsm.dll - ok
15:05:06.0641 0x0a14  [ D2B0D1C2BE5ECA80387F7CB8626DCAFE, 14A269EB190CCF290BECEAC4A7B63B1312ED208F839A6C7B8E4BF74A786CE271 ] C:\Windows\System32\onex.dll
15:05:06.0641 0x0a14  C:\Windows\System32\onex.dll - ok
15:05:06.0641 0x0a14  [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
15:05:06.0641 0x0a14  C:\Windows\System32\wlansec.dll - ok
15:05:06.0641 0x0a14  [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
15:05:06.0641 0x0a14  C:\Windows\System32\eappcfg.dll - ok
15:05:06.0641 0x0a14  [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
15:05:06.0641 0x0a14  C:\Windows\System32\eappprxy.dll - ok
15:05:06.0641 0x0a14  [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
15:05:06.0641 0x0a14  C:\Windows\System32\l2gpstore.dll - ok
15:05:06.0657 0x0a14  [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
15:05:06.0657 0x0a14  C:\Windows\System32\wlgpclnt.dll - ok
15:05:06.0657 0x0a14  [ 22E7431E7DAE8463AF94A79A054276E5, 980EA547B86D3F2DF698FCB6A90200CC993DF4B7EE23BDB749D9179E0DD46944 ] C:\Windows\System32\WinSCard.dll
15:05:06.0657 0x0a14  C:\Windows\System32\WinSCard.dll - ok
15:05:06.0657 0x0a14  [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
15:05:06.0657 0x0a14  C:\Windows\System32\wlanutil.dll - ok
15:05:06.0657 0x0a14  [ C0AE5127F1803CDCDD5AC6CEC593FEC6, 0CF42A1187A959E1E811964F46B9968E9CC34F8A716FAEBDB45A53CC1B736BBB ] C:\Windows\System32\msxml6.dll
15:05:06.0657 0x0a14  C:\Windows\System32\msxml6.dll - ok
15:05:06.0657 0x0a14  [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
15:05:06.0657 0x0a14  C:\Windows\System32\certCredProvider.dll - ok
15:05:06.0657 0x0a14  [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
15:05:06.0657 0x0a14  C:\Windows\System32\rasplap.dll - ok
15:05:06.0657 0x0a14  [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
15:05:06.0657 0x0a14  C:\Windows\System32\rasapi32.dll - ok
15:05:06.0657 0x0a14  [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
15:05:06.0657 0x0a14  C:\Windows\System32\rasman.dll - ok
15:05:06.0672 0x0a14  [ C1F1090BC239590DF6CAE1807A373DAB, B52D14840CB473EBB12031BE36D62841DB67C07558ECFD556631A4CDA7657D5C ] C:\Windows\System32\rtutils.dll
15:05:06.0672 0x0a14  C:\Windows\System32\rtutils.dll - ok
15:05:06.0672 0x0a14  [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
15:05:06.0672 0x0a14  C:\Windows\System32\UXInit.dll - ok
15:05:06.0672 0x0a14  [ 29F50C02D334BE8B0CD5235C03FE9CFD, 72F1478A910B83448AB8742CE2E1986122FCF8AF4E7B367CD9FDF69B746D7F52 ] C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll
15:05:06.0672 0x0a14  C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll - ok
15:05:06.0672 0x0a14  [ 900B47792F30734A2805395EBEBB705E, F5DEDFB94BCD2673399B20871D39377DFB493C9F19BB27CE50779322C8966A08 ] C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
15:05:06.0672 0x0a14  C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe - ok
15:05:06.0672 0x0a14  [ 3F8DC2DF52CBCE3892EFF9CB93C4B760, E2FB32864376553A8DA7606564C1915762608AED7767CE87726FE9DCC9DDF8C5 ] C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll
15:05:06.0672 0x0a14  C:\Program Files\NVIDIA Corporation\coprocmanager\detoured.dll - ok
15:05:06.0672 0x0a14  [ 89D958866DE3C5D729CB9A50C3C8975C, 2ABDFDA5D9452A76B6327E53B08AC59BCE0B082413F443D226BAB62EF981D9CF ] C:\Windows\System32\nvsvc64.dll
15:05:06.0672 0x0a14  C:\Windows\System32\nvsvc64.dll - ok
15:05:06.0672 0x0a14  [ 6DE2D54E4EB099FC778B9D56AD1CA50E, 189B7D63BC7F20F7AE7DC5B7FFF1345D12EAD57ED152C0F863356E365EA16E95 ] C:\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll
15:05:06.0672 0x0a14  C:\Program Files\NVIDIA Corporation\coprocmanager\Nvd3d9wrapx.dll - ok
15:05:06.0688 0x0a14  [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
15:05:06.0688 0x0a14  C:\Windows\System32\imageres.dll - ok
15:05:06.0688 0x0a14  [ 961036B3C6282C646B9ADBC8BB32C983, 47757F19EB8F6E23602A1E2FF34C4BAC2DC1D28B0D63588C5056FE655116F9EB ] C:\Windows\System32\mscms.dll
15:05:06.0688 0x0a14  C:\Windows\System32\mscms.dll - ok
15:05:06.0688 0x0a14  [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
15:05:06.0688 0x0a14  C:\Windows\System32\winmm.dll - ok
15:05:06.0688 0x0a14  [ F64E8258351E501AA065AC499530367C, BE33C8A82E6EC9A65EAFEF72420EEB2C81ED7F2B217B3C6DED5CEA042E832487 ] C:\Windows\System32\conhost.exe
15:05:06.0688 0x0a14  C:\Windows\System32\conhost.exe - ok
15:05:06.0688 0x0a14  [ 43FAB56AE5F639AD59D7209693F4C4C2, C64155944DA774A80D443A0E6DCC40A3405D9C69CA3EBC95CA46BFD65C7A4908 ] C:\Windows\System32\wlanext.exe
15:05:06.0688 0x0a14  C:\Windows\System32\wlanext.exe - ok
15:05:06.0688 0x0a14  [ EC8AD5BC7849DBD43DA45574B78AFE43, 698FD7E79E289675356BFA2965FB2ECF5CE35464CFE2060BE0AFC43806D3A171 ] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll
15:05:06.0688 0x0a14  C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWlanExt.dll - ok
15:05:06.0688 0x0a14  [ 45E475FA46D8F04A682EB5EED5476E08, 3E5AEFA515DD45C78D75735541D5D055479EE56CB8317CFD6D18AD1D1A548B51 ] C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_9aefdaaa829eb818\ATL90.dll
15:05:06.0688 0x0a14  C:\Windows\winsxs\amd64_microsoft.vc90.atl_1fc8b3b9a1e18e3b_9.0.30729.1_none_9aefdaaa829eb818\ATL90.dll - ok
15:05:06.0688 0x0a14  [ 3A387E0E973D45469A08A703407F2E6F, EBFA80B4B1B3916FEDB0D034014E8D03559B7C8F89D72241E31B6C5F9BB95705 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcp90.dll
15:05:06.0688 0x0a14  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcp90.dll - ok
15:05:06.0703 0x0a14  [ 5FF7D057E48DA861BDBB47D314B6DA7D, B4FD5B9F5F241F4EFB1AFB77D3B3744CC1C947521386381DDCB3C91875DA3921 ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcr90.dll
15:05:06.0703 0x0a14  C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_08e1a05ba83fe554\msvcr90.dll - ok
15:05:06.0703 0x0a14  [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
15:05:06.0703 0x0a14  C:\Windows\System32\wlanapi.dll - ok
15:05:06.0703 0x0a14  [ 425BBC54E8724AB771237D08AD62D161, 7908FB69CC0E6BD092291E0155231B880731E9A4A2BBDA2D743331FDEBA0D8DA ] C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWpaP2p.dll
15:05:06.0703 0x0a14  C:\Program Files (x86)\Qualcomm Atheros WiFi Driver Installation\AthIhvWpaP2p.dll - ok
15:05:06.0703 0x0a14  [ A3626C6D3F2DC95497F3F61842D7FD89, BB95BAFD3BE22136595D889DADAD67C68ACE6A6EAB02B026C254D97C9E9F2E62 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
15:05:06.0703 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe - ok
15:05:06.0703 0x0a14  [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
15:05:06.0703 0x0a14  C:\Windows\SysWOW64\profapi.dll - ok
15:05:06.0703 0x0a14  [ 9C0DC1DAAD14D443DD5A0D1EE78D775E, 73BA5BDF50EB78FA8BF479ADE0F1826FBB161CA70AF1405E06B64F4D2254B42C ] C:\Windows\SysWOW64\userenv.dll
15:05:06.0703 0x0a14  C:\Windows\SysWOW64\userenv.dll - ok
15:05:06.0703 0x0a14  [ E30E5BB0DBA49EFE5BBBAFEA440CFBD9, 70D11382A242DB280FC121DBB95D2810E9139DAB6B66BA5FD58F115E3572649B ] C:\Windows\SysWOW64\wtsapi32.dll
15:05:06.0703 0x0a14  C:\Windows\SysWOW64\wtsapi32.dll - ok
15:05:06.0719 0x0a14  [ 4C016FD76ED5C05E84CA8CAB77993961, 025E7BE9FCEFD6A83F4471BBA0C11F1C11BD5047047D26626DA24EE9A419CDC4 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys
15:05:06.0719 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys - ok
15:05:06.0719 0x0a14  [ AE5FF948400A51B040F999BF04290373, 7D1A0C2C1C2E136DC840979CC3287E6D305E511A8E2E04956A4EC9EBA11E15E5 ] C:\Windows\SysWOW64\winsta.dll
15:05:06.0719 0x0a14  C:\Windows\SysWOW64\winsta.dll - ok
15:05:06.0719 0x0a14  [ DBC598E47E7A382E60E2A4745D41FEF9, A810AC197CA456B0285E2CAE6986D38B31F4ADA32BEB47EC7A48A2B2196BA639 ] C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
15:05:06.0719 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe - ok
15:05:06.0719 0x0a14  [ 0298AC45D0EFFFB2DB4BAA7DD186E7BF, 1C1D17301A4D37DBF906955CCABD2A3FDA47AFB24CBA978CF851123762249848 ] C:\Windows\System32\shsvcs.dll
15:05:06.0719 0x0a14  C:\Windows\System32\shsvcs.dll - ok
15:05:06.0719 0x0a14  [ EC56B171F85C7E855E7B0588AC503EEA, EDBC0E52DF00D73356F4B886D6CA2397B571A9D2245FEDC347A6D52A5467EA5D ] C:\Windows\System32\schedsvc.dll
15:05:06.0719 0x0a14  C:\Windows\System32\schedsvc.dll - ok
15:05:06.0719 0x0a14  [ 541F9A3E6B913B2D8BA0D5059A10E7EC, A114FA36BB2266906B6EDE1CA13C4031EA8F9880218404B0F882E143A07838C4 ] C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll
15:05:06.0719 0x0a14  C:\Program Files\NVIDIA Corporation\coprocmanager\nvdxgiwrapx.dll - ok
15:05:06.0719 0x0a14  [ 7FDB1FA3367446BEB9E9FD07701FDE2F, 02E0AAB69EC7B94BBDBBBF3C1851B552A59D282623791BD60E50BF40D99469BA ] C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll
15:05:06.0719 0x0a14  C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll - ok
15:05:06.0719 0x0a14  [ 9B0529D59D12322B9027BB829BEC5DF0, B5ABED3DB0A74CDA725597C7D4EA5E16518C507C94606F5302B732C2D81F2D51 ] C:\Windows\System32\nvapi64.dll
15:05:06.0719 0x0a14  C:\Windows\System32\nvapi64.dll - ok
15:05:06.0735 0x0a14  [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
15:05:06.0735 0x0a14  C:\Windows\System32\ktmw32.dll - ok
15:05:06.0735 0x0a14  [ 1B38A0F123FCF1546FACEAF1EFAFAA00, CC3972B3011078568E548D97202973F374F7BA5BD23B4A52786D23D881281E10 ] C:\Windows\System32\fveapi.dll
15:05:06.0735 0x0a14  C:\Windows\System32\fveapi.dll - ok
15:05:06.0735 0x0a14  [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
15:05:06.0735 0x0a14  C:\Windows\System32\fvecerts.dll - ok
15:05:06.0735 0x0a14  [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
15:05:06.0735 0x0a14  C:\Windows\System32\tbs.dll - ok
15:05:06.0735 0x0a14  [ AEFBD8D2C9CE363F84AE0F89036412A6, 9C6749E8827E74E58BEC64092F8F686B83F768CBAC6171F574D5687BC0857F3C ] C:\Windows\System32\taskcomp.dll
15:05:06.0735 0x0a14  C:\Windows\System32\taskcomp.dll - ok
15:05:06.0735 0x0a14  [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
15:05:06.0735 0x0a14  C:\Windows\System32\wiarpc.dll - ok
15:05:06.0735 0x0a14  [ CEE049CAC4EFA7F4E1E4AD014414A5D4, 433AE2D845850F1D7A48275BBD87B3F0E7DD48F2282C727C4B777ECD92CC331D ] C:\Windows\System32\drivers\http.sys
15:05:06.0735 0x0a14  C:\Windows\System32\drivers\http.sys - ok
15:05:06.0735 0x0a14  [ CF3E4D23064494D94D2D9CD5E6C3D403, 5F2362ACDE396C9AB732893A6A829F9A38103238949E33478FA8E077AD8AD5E1 ] C:\Program Files\NVIDIA Corporation\Display\nvui.dll
15:05:06.0735 0x0a14  C:\Program Files\NVIDIA Corporation\Display\nvui.dll - ok
15:05:06.0750 0x0a14  [ 8F6D9A20F1FB06F0602A7D5A82840DBF, 2BC5D14472205C1593D8153DEC48E42A5B5FD27A710DE091052152E0AE6A850E ] C:\Windows\System32\netcfgx.dll
15:05:06.0750 0x0a14  C:\Windows\System32\netcfgx.dll - ok
15:05:06.0750 0x0a14  [ 1B01C08C5D2F8B500BDDD54E15F8C010, EDE9E42CE7B97AA9332CB201DEBEA1EA9B7D7BD6F024E7D56FA6302494F1B693 ] C:\Windows\System32\nvsvcr.dll
15:05:06.0750 0x0a14  C:\Windows\System32\nvsvcr.dll - ok
15:05:06.0750 0x0a14  [ 89E8550C5862999FCF482EA562B0E98E, 11BC94FD879DCD22E80DB8FA73CEBD0F072917C546AD9C8B92CCFBF4E0B83056 ] C:\Windows\System32\spoolsv.exe
15:05:06.0750 0x0a14  C:\Windows\System32\spoolsv.exe - ok
15:05:06.0750 0x0a14  [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] C:\Windows\System32\drivers\vwifimp.sys
15:05:06.0750 0x0a14  C:\Windows\System32\drivers\vwifimp.sys - ok
15:05:06.0750 0x0a14  [ 4992C609A6315671463E30F6512BC022, 3020034556EAC25CD90F41D3BFFDD0BB2C3D1C5BAC4359F4B71B84A9FC404495 ] C:\Windows\System32\BFE.DLL
15:05:06.0750 0x0a14  C:\Windows\System32\BFE.DLL - ok
15:05:06.0750 0x0a14  [ 91CE0D3DC57DD377E690A2D324022B08, 61874463956C0BCA5139522F34E974E5F638A092E0FD5C59DD30DE61D9AB8B0E ] C:\Windows\System32\drivers\bowser.sys
15:05:06.0750 0x0a14  C:\Windows\System32\drivers\bowser.sys - ok
15:05:06.0750 0x0a14  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
15:05:06.0750 0x0a14  C:\Windows\System32\drivers\mpsdrv.sys - ok
15:05:06.0750 0x0a14  [ CFDCD8CA87C2A657DEBC150AC35B5E08, 8870DCC8CF4E452E25BFE38113ADBDBC4014036B25E567FC262178DAA808049A ] C:\Windows\System32\drivers\mrxsmb.sys
15:05:06.0750 0x0a14  C:\Windows\System32\drivers\mrxsmb.sys - ok
15:05:06.0766 0x0a14  [ 1BEE517B220B7F024F411AEC1571DD5A, 6DC7638D056DFDE36803BCD691BF73A4AAFD59DE63C0ACD7EA860997FFA3C6E7 ] C:\Windows\System32\drivers\mrxsmb10.sys
15:05:06.0766 0x0a14  C:\Windows\System32\drivers\mrxsmb10.sys - ok
15:05:06.0766 0x0a14  [ AECAB449567D1846DAD63ECE49E893E3, 7A67A16A3E04574B7CAD097632ABA9B361BBEFDD6B36B7B8E3A1996EC529C2DC ] C:\Windows\System32\MPSSVC.dll
15:05:06.0766 0x0a14  C:\Windows\System32\MPSSVC.dll - ok
15:05:06.0766 0x0a14  [ 6B2D5FEF385828B6E485C1C90AFB8195, A960CC0351F200FA56FAC0534C0F9D7F79AAC9CF18A4390CDCA7EA4EE22ED6B6 ] C:\Windows\System32\drivers\mrxsmb20.sys
15:05:06.0766 0x0a14  C:\Windows\System32\drivers\mrxsmb20.sys - ok
15:05:06.0766 0x0a14  [ 27026EAC8818E8A6C00A1CAD2F11D29A, A12858CCB3B2419D66C667A46B106DA7A7BA97FFFA9634BFAE95DDF193C430D5 ] C:\Windows\System32\wkssvc.dll
15:05:06.0766 0x0a14  C:\Windows\System32\wkssvc.dll - ok
15:05:06.0766 0x0a14  [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
15:05:06.0766 0x0a14  C:\Windows\System32\wfapigp.dll - ok
15:05:06.0766 0x0a14  [ B1EA9681502EE57F87DB71D726288A5B, D17BD2CFAE72E92C77D183331D5CBA0FEA893BF54875920870E271940F40A8BB ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
15:05:06.0766 0x0a14  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok
15:05:06.0766 0x0a14  [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
15:05:06.0766 0x0a14  C:\Windows\System32\pcasvc.dll - ok
15:05:06.0766 0x0a14  [ AF70C31606F01C918E7198CA64B09C5F, 5CF4D60054DC259A4249FF0657DA67A8871A2D9D17492FAD2367092D46B4E97B ] C:\Windows\SysWOW64\shell32.dll
15:05:06.0766 0x0a14  C:\Windows\SysWOW64\shell32.dll - ok
15:05:06.0781 0x0a14  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
15:05:06.0781 0x0a14  C:\Windows\System32\snmptrap.exe - ok
15:05:06.0781 0x0a14  [ 4004299B7AF4CBFF6540F1798899A11F, 5DD3AE149B7228A769F2FE95355795AC98ACD8CDFB78954A423A357F717203C3 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
15:05:06.0781 0x0a14  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
15:05:06.0781 0x0a14  [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
15:05:06.0781 0x0a14  C:\Windows\System32\dllhost.exe - ok
15:05:06.0781 0x0a14  [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
15:05:06.0781 0x0a14  C:\Windows\System32\IDStore.dll - ok
15:05:06.0781 0x0a14  [ 3EEFB971D61EF9638FD21F14C703CA11, A01BCD7E884E407C82DEB84D5B31F517F32A4FA2CF143372BAC896CC9478BE0E ] C:\Windows\System32\taskhost.exe
15:05:06.0781 0x0a14  C:\Windows\System32\taskhost.exe - ok
15:05:06.0781 0x0a14  [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
15:05:06.0781 0x0a14  C:\Windows\System32\PlaySndSrv.dll - ok
15:05:06.0781 0x0a14  [ 7F37322A489E285CFBCC02F6A53B3F1B, 7A64799611A5A1B251C4136AC486A4D3D9145E3F95D6056ED0FEE24C7E050472 ] C:\Windows\System32\HotStartUserAgent.dll
15:05:06.0781 0x0a14  C:\Windows\System32\HotStartUserAgent.dll - ok
15:05:06.0781 0x0a14  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
15:05:06.0781 0x0a14  C:\Windows\System32\MsCtfMonitor.dll - ok
15:05:06.0797 0x0a14  [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
15:05:06.0797 0x0a14  C:\Windows\System32\msutb.dll - ok
15:05:06.0797 0x0a14  [ 02CDEB5D8B3DD5F6770DEFFBBC0CFAD0, A67878B5CC9109AA8513C0307EEDCB17840288509BF80838E2A753C632B47521 ] C:\Windows\System32\winspool.drv
15:05:06.0797 0x0a14  C:\Windows\System32\winspool.drv - ok
15:05:06.0797 0x0a14  [ 9869A4A10B90546DBD56947839FB4B87, 66C84DCF39D9F6896D55B1623184A028891A0A98ABE6044DE1D4BAD60C3C8D72 ] C:\Windows\System32\oleacc.dll
15:05:06.0797 0x0a14  C:\Windows\System32\oleacc.dll - ok
15:05:06.0797 0x0a14  [ 0D6AF56099020A0A9901F5BA1DE7D0BF, 10CD648F9B879C803236FCF21F0FEA0AD1EEAAD2D1530E63A2FF3F9978E31710 ] C:\Windows\System32\nvumdshimx.dll
15:05:06.0797 0x0a14  C:\Windows\System32\nvumdshimx.dll - ok
15:05:06.0797 0x0a14  [ 5A35F478DDCB7F83D6778A8F12844791, 759081B777AF09F55597F8B10FB6D044EAC3459045F6B519E96669FA4E2E9FE0 ] C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll
15:05:06.0797 0x0a14  C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll - ok
15:05:06.0797 0x0a14  [ 5B9FEF4DB850B199C58E894CB1149678, FAD43F16CCE08B74A4326D830B989D6FEAE0A4B83280C6F30EB45FAC1C0D0EF5 ] C:\Windows\System32\nvcpl.dll
15:05:06.0797 0x0a14  C:\Windows\System32\nvcpl.dll - ok
15:05:06.0797 0x0a14  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\System32\rundll32.exe
15:05:06.0797 0x0a14  C:\Windows\System32\rundll32.exe - ok
15:05:06.0797 0x0a14  [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
15:05:06.0797 0x0a14  C:\Windows\System32\PeerDistSh.dll - ok
15:05:06.0813 0x0a14  [ 06A7422224D9865A5613710A089987DF, EF604B4B6918D3FDC8E90ED9004E6E7340E0F399C214C65CCE3A7C8C576FA1C0 ] C:\Windows\System32\provsvc.dll
15:05:06.0813 0x0a14  C:\Windows\System32\provsvc.dll - ok
15:05:06.0813 0x0a14  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
15:05:06.0813 0x0a14  C:\Windows\System32\sstpsvc.dll - ok
15:05:06.0813 0x0a14  [ F037DB14CF6165C62F4A64D12A25B07C, 26CE06C858F59691F6D6D41E0031D9CD1ACB9AF24569FC3A0E869C08AA5225B5 ] C:\Windows\SysWOW64\shlwapi.dll
15:05:06.0813 0x0a14  C:\Windows\SysWOW64\shlwapi.dll - ok
15:05:06.0813 0x0a14  [ 93F0FFD46BA1EE3AEECD07678DD8E510, BA32850C79C280479B70E5F18104591F3A3BBCE727FFF981EF39B8A60C0C8572 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll
15:05:06.0813 0x0a14  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.4926_none_508ed732bcbc0e5a\msvcr90.dll - ok
15:05:06.0813 0x0a14  [ 86F8A0A8D59D0AE2B1096F3103F0E0AD, CD8372ADDC5F6DDE587339D7F20412FAF74BCC10DCE765DDAE23C45AD242AB73 ] C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
15:05:06.0813 0x0a14  C:\Program Files (x86)\Bluetooth Suite\AdminService.exe - ok
15:05:06.0813 0x0a14  [ D029339C0F59CF662094EDDF8C42B2B5, 934D882EFD3C0F3F1EFBC238EF87708F3879F5BB456D30AF62F3368D58B6AA4C ] C:\Windows\System32\msvcp100.dll
15:05:06.0813 0x0a14  C:\Windows\System32\msvcp100.dll - ok
15:05:06.0813 0x0a14  [ 85ED13922DF97474AF9979CA456C6748, 4C33D4179FFF5D7AA7E046E878CD80C0146B0B134AE0092CE7547607ABC76A49 ] C:\Windows\System32\mfc100u.dll
15:05:06.0813 0x0a14  C:\Windows\System32\mfc100u.dll - ok
15:05:06.0813 0x0a14  [ 5E2F28A979A0CE9B43F1815A593617C5, CE0905A140D0F72775EA5895C01910E4A492F39C2E35EDCE9E9B8886A9821FB1 ] C:\Windows\System32\mfc100enu.dll
15:05:06.0813 0x0a14  C:\Windows\System32\mfc100enu.dll - ok
15:05:06.0828 0x0a14  [ 8C57411B66282C01533CB776F98AD384, 65BCF1B0BA521CBE39E974C7ACAEA9C9E3F89D86754275C6B2616E7691876AEE ] C:\Windows\System32\cryptsvc.dll
15:05:06.0828 0x0a14  C:\Windows\System32\cryptsvc.dll - ok
15:05:06.0828 0x0a14  [ 8C2BA6BEA949EE6E68385F5692BAFB94, 1047F473DCE0FB56BEA5C1B7929752C1FBAB5983C8202ABB4EEA48FCD60A353A ] C:\Windows\System32\dps.dll
15:05:06.0828 0x0a14  C:\Windows\System32\dps.dll - ok
15:05:06.0828 0x0a14  [ A261AD1FDC6D6A658A82B81AF81B215F, 1E967BD93AEC90A68E1B376A6433F0BAF659E7DFEED39EDA34BAF8E4B88FA2D2 ] C:\Windows\System32\vssapi.dll
15:05:06.0828 0x0a14  C:\Windows\System32\vssapi.dll - ok
15:05:06.0828 0x0a14  [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
15:05:06.0828 0x0a14  C:\Windows\System32\vsstrace.dll - ok
15:05:06.0828 0x0a14  [ A5707685A6B417EEF0A7BE1B8B7A1096, F77314E0260E213C7726474E144D4265AE2D9E35F3E3ABDEEC970BFE201C17FC ] C:\Windows\System32\KBDFA.DLL
15:05:06.0828 0x0a14  C:\Windows\System32\KBDFA.DLL - ok
15:05:06.0828 0x0a14  [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
15:05:06.0828 0x0a14  C:\Windows\System32\AtBroker.exe - ok
15:05:06.0828 0x0a14  [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
15:05:06.0828 0x0a14  C:\Windows\System32\mpr.dll - ok
15:05:06.0828 0x0a14  [ AD4FAADE819E0DA9933BEA7C01D2C763, C29A9FEF45AA7B9D80C545715006C0EDA4729D4E50BB400136619459601449EA ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
15:05:06.0828 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe - ok
15:05:06.0844 0x0a14  [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
15:05:06.0844 0x0a14  C:\Windows\System32\dwm.exe - ok
15:05:06.0844 0x0a14  [ 6F8F1376A13114CC10C0E69274F5A4DE, 8EFD33E1C5A40C231BCB8ED73277F645BE87AE03FCDBA8134FAC053E90290A9C ] C:\Windows\System32\userinit.exe
15:05:06.0844 0x0a14  C:\Windows\System32\userinit.exe - ok
15:05:06.0844 0x0a14  [ DAAE8A9B8C0ACC7F858454132553C30D, 668A2FF7C4774A73D19E06D0E32B070C3B58FA66D273E647A01EE502A0CEE026 ] C:\Windows\SysWOW64\ws2_32.dll
15:05:06.0844 0x0a14  C:\Windows\SysWOW64\ws2_32.dll - ok
15:05:06.0844 0x0a14  [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
15:05:06.0844 0x0a14  C:\Windows\SysWOW64\nsi.dll - ok
15:05:06.0844 0x0a14  [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
15:05:06.0844 0x0a14  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
15:05:06.0844 0x0a14  [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
15:05:06.0844 0x0a14  C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
15:05:06.0844 0x0a14  [ BF591B5C2CC38314518467E883AE37C5, AE87A8812B9836440094558D198B15C1EBD333E1F739295BE80F8D7BA23B05DF ] C:\Windows\SysWOW64\credssp.dll
15:05:06.0844 0x0a14  C:\Windows\SysWOW64\credssp.dll - ok
15:05:06.0844 0x0a14  [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
15:05:06.0844 0x0a14  C:\Windows\SysWOW64\cryptsp.dll - ok
15:05:06.0859 0x0a14  [ E73F21A566A81CD30CB63E8F006056BE, 091B1C32A2BA2F75800BB4590C2153C470983E0422FBE85913010149686D8BEF ] C:\Windows\SysWOW64\secur32.dll
15:05:06.0859 0x0a14  C:\Windows\SysWOW64\secur32.dll - ok
15:05:06.0859 0x0a14  [ 0A53FD4EBBD92002CCC362A9B8087885, C6392C7B557C096A9E98D791D85869DE45636DBA99BF6ECFE7A2CE235BA56396 ] C:\Windows\SysWOW64\schannel.dll
15:05:06.0859 0x0a14  C:\Windows\SysWOW64\schannel.dll - ok
15:05:06.0859 0x0a14  [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
15:05:06.0859 0x0a14  C:\Windows\System32\dssenh.dll - ok
15:05:06.0859 0x0a14  [ 3EBB7FD3C605262B942868A1D840F4F1, 80C365C1E04C95E0EF15FC97ADFBF78B055E222172A7FC103774010640F50582 ] C:\Windows\System32\drivers\epfwwfpr.sys
15:05:06.0859 0x0a14  C:\Windows\System32\drivers\epfwwfpr.sys - ok
15:05:06.0859 0x0a14  [ 3F2013A2880FE503B1B3BC8212764923, E81691E55419E8313365E8B617D8B473748031F327FC1EB158BB89DE198CE071 ] C:\Windows\System32\drivers\idmwfp.sys
15:05:06.0859 0x0a14  C:\Windows\System32\drivers\idmwfp.sys - ok
15:05:06.0859 0x0a14  [ 1C0C743DF62E9C08AD87997E01956033, 5E223951F85E17EEB141447E38F62B7AC6B1C7D4DEDA6262342A90489144F7C0 ] C:\Windows\SysWOW64\ieframe.dll
15:05:06.0859 0x0a14  C:\Windows\SysWOW64\ieframe.dll - ok
15:05:06.0859 0x0a14  [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
15:05:06.0859 0x0a14  C:\Windows\SysWOW64\psapi.dll - ok
15:05:06.0859 0x0a14  [ EF184066A851E7838D5BF8C8FAE66CC4, 813247114C5AA374585F669ADA5DFD25615D1B15B14518A195995D5BF7A8FA25 ] C:\Windows\System32\dwmredir.dll
15:05:06.0859 0x0a14  C:\Windows\System32\dwmredir.dll - ok
15:05:06.0875 0x0a14  [ 2504725939338177E1F627DA0EDA2FEF, C2E922579BE564A5F68D5D9DD508FAD1D589622041094F65008043E54CCACCC4 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
15:05:06.0875 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe - ok
15:05:06.0875 0x0a14  [ C02E3CE20E7776C922B5C8938350B5F1, 4BA2250230BC496ACF5709AD54E99BAC858C298BF09DBC574F8CA365A33E5FFC ] C:\Windows\SysWOW64\apphelp.dll
15:05:06.0875 0x0a14  C:\Windows\SysWOW64\apphelp.dll - ok
15:05:06.0875 0x0a14  [ 26A634B2E0FD87F23541AD13A503CA72, B4D6CA0EADA9862493C449A8532C4033F11CE835E048857BF604DB9D893C0943 ] C:\Windows\SysWOW64\winmm.dll
15:05:06.0875 0x0a14  C:\Windows\SysWOW64\winmm.dll - ok
15:05:06.0875 0x0a14  [ 60C3963C26C3789DFAAA4089A1742B79, 30203614392FA531036431A18B6B0EEB892AC2C959E093DB0539903475E7E6F8 ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll
15:05:06.0875 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\detoured.dll - ok
15:05:06.0875 0x0a14  [ AACF6F87BCD30434BDF7CE4246B75FE8, AC42FBCA5DBDA65D4B1BE60A5E8BD2C1E411D966243E1DB0790B510AAA712079 ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll
15:05:06.0875 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\Nvd3d9wrap.dll - ok
15:05:06.0875 0x0a14  [ 1188D444E2132AFBC7EE1D71641EA2A2, 47DB58824679161237DC334B51DD5E2041A3855F1D2AE4980D6130F92707258F ] C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll
15:05:06.0875 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\coprocmanager\nvdxgiwrap.dll - ok
15:05:06.0875 0x0a14  [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
15:05:06.0875 0x0a14  C:\Windows\System32\rasadhlp.dll - ok
15:05:06.0891 0x0a14  [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
15:05:06.0891 0x0a14  C:\Windows\SysWOW64\wlanapi.dll - ok
15:05:06.0891 0x0a14  [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
15:05:06.0891 0x0a14  C:\Windows\SysWOW64\wlanutil.dll - ok
15:05:06.0891 0x0a14  [ 9D8AB964CE511AF81207DF0E1205184C, 35DCB9F5DD59F97337B293EC55C5FADAA41806BA050592790338E34D843DA4B1 ] C:\Windows\System32\dwmcore.dll
15:05:06.0891 0x0a14  C:\Windows\System32\dwmcore.dll - ok
15:05:06.0891 0x0a14  [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
15:05:06.0891 0x0a14  C:\Windows\SysWOW64\clbcatq.dll - ok
15:05:06.0891 0x0a14  [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
15:05:06.0891 0x0a14  C:\Windows\SysWOW64\dwmapi.dll - ok
15:05:06.0891 0x0a14  [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
15:05:06.0891 0x0a14  C:\Windows\SysWOW64\uxtheme.dll - ok
15:05:06.0891 0x0a14  [ 8C680C0E6B3D6711B2B88AC82FE1804E, 1308E99ADBA5DA47689A7B089016BDDA93AC6EADD0698225C07F5C7453582A9F ] C:\Windows\SysWOW64\MMDevAPI.dll
15:05:06.0891 0x0a14  C:\Windows\SysWOW64\MMDevAPI.dll - ok
15:05:06.0891 0x0a14  [ C5148DDA65E361A78F6372CCA637A5EE, 829D88189B61C8D5AC2EEE4DC49D272F3058051B6510CF0ABE0F52D836C4E990 ] C:\Windows\System32\d3d10_1.dll
15:05:06.0891 0x0a14  C:\Windows\System32\d3d10_1.dll - ok
15:05:06.0891 0x0a14  [ 26EAEE08CAF82AA7F03C5020F51DA541, 5541193DD9A16E27339225E6BA4F2664B0B166E9A13D2FFF267F6E15211B5794 ] C:\Windows\SysWOW64\propsys.dll
15:05:06.0891 0x0a14  C:\Windows\SysWOW64\propsys.dll - ok
15:05:06.0906 0x0a14  [ AFBB5060A2DAD431A2EAEB2C86CFFE81, 03BBBC09385CD995D143356D6CAE0B255AB08C47C8E778CD965C87B17DA10956 ] C:\Windows\SysWOW64\AudioSes.dll
15:05:06.0906 0x0a14  C:\Windows\SysWOW64\AudioSes.dll - ok
15:05:06.0906 0x0a14  [ 149126216A694E6BA84E92ECA77AAE3B, AEAD8D801E7A6AB0F2BE90F0642B668747C7FD0C056492B105EF3290D6F40BFA ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
15:05:06.0906 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe - ok
15:05:06.0906 0x0a14  [ 7C0C964394EEEC9720388CD5DA1F5323, C92394B1752DDA4CC34A9B743423E2F061EEF168C3B2B6B9D35465CAFB5D76C8 ] C:\Windows\System32\d3d10_1core.dll
15:05:06.0906 0x0a14  C:\Windows\System32\d3d10_1core.dll - ok
15:05:06.0906 0x0a14  [ D95DB5C915C001F78709C17285109BDC, 2A538725F8E2E0A394CA58CD262C5159BCA59B12C591EC59F2E052FDAA21F99F ] C:\Windows\System32\dxgi.dll
15:05:06.0906 0x0a14  C:\Windows\System32\dxgi.dll - ok
15:05:06.0906 0x0a14  [ 13F03B7C59D28C82F6B689FF90003471, 1C7BDFED01DDE526580E0F97149C4B045C52B52FBD9E6F0682459296B521AE6D ] C:\Windows\System32\localspl.dll
15:05:06.0906 0x0a14  C:\Windows\System32\localspl.dll - ok
15:05:06.0906 0x0a14  [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
15:05:06.0906 0x0a14  C:\Windows\System32\spoolss.dll - ok
15:05:06.0906 0x0a14  [ 20BEB8C403C6E28C9B13644787F5177D, D3E2DAC2A8BEFC10C1F16FD3B297BF5551254D4DB1C791CA795AA083EADA08F9 ] C:\Windows\System32\FXSMON.dll
15:05:06.0906 0x0a14  C:\Windows\System32\FXSMON.dll - ok
15:05:06.0906 0x0a14  [ 33CC7FFA41F6157592E1578BD253F30E, 03D3473A02B8A8D9D8EA74D588552FB7972600902188659832FBD2CF91B594FC ] C:\Windows\System32\PrintIsolationProxy.dll
15:05:06.0906 0x0a14  C:\Windows\System32\PrintIsolationProxy.dll - ok
15:05:06.0922 0x0a14  [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
15:05:06.0922 0x0a14  C:\Windows\System32\tcpmon.dll - ok
15:05:06.0922 0x0a14  [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
15:05:06.0922 0x0a14  C:\Windows\System32\snmpapi.dll - ok
15:05:06.0922 0x0a14  [ AD7C70077D4C81558E909D34EF6B995E, 41F3A6166FFC8BBCC952BB06F9639B6B6B016970971E1E249917B305F6DD45C8 ] C:\Windows\System32\wsnmp32.dll
15:05:06.0922 0x0a14  C:\Windows\System32\wsnmp32.dll - ok
15:05:06.0922 0x0a14  [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
15:05:06.0922 0x0a14  C:\Windows\System32\usbmon.dll - ok
15:05:06.0922 0x0a14  [ D9A0CE66046D6EFA0C61BAA885CBA0A8, 06C3331C7F3EE0E0B95E8302CB80315E965587C4D6231785B8ACF3FAE4731FAF ] C:\Windows\System32\nlasvc.dll
15:05:06.0922 0x0a14  C:\Windows\System32\nlasvc.dll - ok
15:05:06.0922 0x0a14  [ 107F279517E2A04DB4AC1B1FAF1D573B, 487F505E97288ACA23229D1D421FD62E3A8FE59FA3A504F6C125854DF8BEDE5B ] C:\Windows\System32\ncsi.dll
15:05:06.0922 0x0a14  C:\Windows\System32\ncsi.dll - ok
15:05:06.0922 0x0a14  [ 0BF0C2A72F2CB0BA4382C392D3E331AF, 08C959E87614F6D740374A0D2F7AD9FE47EA4AA531E05F5411469370CA34309F ] C:\Windows\System32\winhttp.dll
15:05:06.0922 0x0a14  C:\Windows\System32\winhttp.dll - ok
15:05:06.0922 0x0a14  [ C1BDC97E8C9404245DE87F1EF08D1764, 537043D7EF12C518198B70012A01D323A192F4416C6A37F490123DF0BE4CD18B ] C:\Windows\System32\taskeng.exe
15:05:06.0922 0x0a14  C:\Windows\System32\taskeng.exe - ok
15:05:06.0937 0x0a14  [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
15:05:06.0937 0x0a14  C:\Windows\System32\WSDMon.dll - ok
15:05:06.0937 0x0a14  [ 05FE4A30177E858B51F5E1E970FE9925, 83711861B648EBC744BDC846DBF043C9D6ED8324E5768A40338C6161613C2E70 ] C:\Windows\System32\WSDApi.dll
15:05:06.0937 0x0a14  C:\Windows\System32\WSDApi.dll - ok
15:05:06.0937 0x0a14  [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
15:05:06.0937 0x0a14  C:\Windows\System32\TSChannel.dll - ok
15:05:06.0937 0x0a14  [ FF604B2C8B39E14421C9DF2D1D3887BD, 55F49D32640B3E2363957616422B0818934C01173972ECC57375DD82769C144F ] C:\Windows\System32\webio.dll
15:05:06.0937 0x0a14  C:\Windows\System32\webio.dll - ok
15:05:06.0937 0x0a14  [ A3EA403D2B74C5F71B7E8B3DAE92DE1E, DF91A8D06EA27D4CF7D61A8EF488D4F42DE88629CC2BC9F4A72B66FF2D6CEE4B ] C:\Windows\System32\webservices.dll
15:05:06.0937 0x0a14  C:\Windows\System32\webservices.dll - ok
15:05:06.0937 0x0a14  [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
15:05:06.0937 0x0a14  C:\Windows\System32\fundisc.dll - ok
15:05:06.0937 0x0a14  [ 9AAAEC8DAC27AA17B053E6352AD233AE, 2D5173ACF0BD6AC49670F7C83FD79AF552BA9D989DE8BA557459191C08A8A1AF ] C:\Windows\explorer.exe
15:05:06.0937 0x0a14  C:\Windows\explorer.exe - ok
15:05:06.0937 0x0a14  [ 1C27E145EC99F20BC1B13FD98165A83F, D3BCEC5DBEFAF1BE50EF7C42FE56D2B88AB8395C96887D8180A929E0F31C9983 ] C:\Windows\System32\ExplorerFrame.dll
15:05:06.0937 0x0a14  C:\Windows\System32\ExplorerFrame.dll - ok
15:05:06.0953 0x0a14  [ 9EB9DB528A0546532ACD3D6D65B2648E, 03C50B3E7574431B2CEE5B9865A566DC66D8C06C27F0378CFD4506E80F39A46E ] C:\Windows\System32\igd10umd64.dll
15:05:06.0953 0x0a14  C:\Windows\System32\igd10umd64.dll - ok
15:05:06.0953 0x0a14  [ CBD010BFBED9657C3813400AAD03CF8A, 2DD60A291D8F4A44D7D638C83A46CFA618525A72B9D975FB81F8F403699B9AE6 ] C:\Windows\SysWOW64\oleacc.dll
15:05:06.0953 0x0a14  C:\Windows\SysWOW64\oleacc.dll - ok
15:05:06.0953 0x0a14  [ BA48CCEC781FD10B6C869F7C45CAA23E, DB3493CD84698C76B100815BCD048FEE16017615B42A2A7A02AF4C3856EAF7EB ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
15:05:06.0953 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe - ok
15:05:06.0953 0x0a14  [ 6B3BA5BB455D7A4FD16B697B8F73858F, D7750AF49F867B1CA05D80E4259C6C3CB5CBD2055190992839C01D3FC69E63B5 ] C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
15:05:06.0953 0x0a14  C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe - ok
15:05:06.0953 0x0a14  [ ED759B7FD51466447CC31CBE79B99050, E38F9548839C61B38E4013C633638E0DE29474BFF417705B96D4916554C399DB ] C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
15:05:06.0953 0x0a14  C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe - ok
15:05:06.0953 0x0a14  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
15:05:06.0953 0x0a14  C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
15:05:06.0953 0x0a14  [ 5C2593649CF4FE6B9ED6F9A734DBF344, DBE8A6B2DAC8F166E08534EBE02D23FF7648E836CFCB507A41F51368CBA01BBE ] C:\Program Files (x86)\Google\Update\1.3.26.9\goopdate.dll
15:05:06.0953 0x0a14  C:\Program Files (x86)\Google\Update\1.3.26.9\goopdate.dll - ok
15:05:06.0953 0x0a14  [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
15:05:06.0953 0x0a14  C:\Windows\SysWOW64\msimg32.dll - ok
15:05:06.0969 0x0a14  [ A223CF703E28CBD7E9E7982141FA403C, EF6D32CD7EACE2F67B2819000D1A7D7127DBCE36BAE76541B6B2D7C075502F93 ] C:\Windows\SysWOW64\comdlg32.dll
15:05:06.0969 0x0a14  C:\Windows\SysWOW64\comdlg32.dll - ok
15:05:06.0969 0x0a14  [ F3DE10AABD5C7A1A186C9966F037D0C0, BC50848AEEF466DFF4A3D8C386BF0D0EC35B8E5B438031AE885AA5371F2E1A42 ] C:\Program Files (x86)\ASUS\USBChargerPlus\mfc100u.dll
15:05:06.0969 0x0a14  C:\Program Files (x86)\ASUS\USBChargerPlus\mfc100u.dll - ok
15:05:06.0969 0x0a14  [ 0E37FBFA79D349D672456923EC5FBBE3, 8793353461826FBD48F25EA8B835BE204B758CE7510DB2AF631B28850355BD18 ] C:\Program Files (x86)\ASUS\USBChargerPlus\msvcr100.dll
15:05:06.0969 0x0a14  C:\Program Files (x86)\ASUS\USBChargerPlus\msvcr100.dll - ok
15:05:06.0969 0x0a14  [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
15:05:06.0969 0x0a14  C:\Windows\System32\ssdpapi.dll - ok
15:05:06.0969 0x0a14  [ 903A40C958D471F9D30D29FA6D2800A4, 4641F8E8B20EE9AF8AB61E61AD74D41A4E9F51C906EC5F3BDC484FFAFB540E69 ] C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
15:05:06.0969 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe - ok
15:05:06.0969 0x0a14  [ 862586AD4B1355F7DCDE111EE0AAF350, 48AF3A1834640969660A37899A4CB17677FD499C26185AC940D284A0B4212FB3 ] C:\Windows\System32\d3dx10_40.dll
15:05:06.0969 0x0a14  C:\Windows\System32\d3dx10_40.dll - ok
15:05:06.0969 0x0a14  [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
15:05:06.0969 0x0a14  C:\Windows\System32\uDWM.dll - ok
15:05:06.0984 0x0a14  [ 726798E8D852FC48746850E3B1FB1066, 106E05AC9308D123FC2D598C68EA164C180BB37AA4EBE3C2CDFE4367B7BAA761 ] C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL
15:05:06.0984 0x0a14  C:\PROGRA~1\MICROS~2\Office15\GROOVEEX.DLL - ok
15:05:06.0984 0x0a14  [ 53A3DE22A97A40469FC6AEB54A151A61, ECE86E8A88DE3A06EBDA73D8945DDA04DF9A94A0C8F949C9C3E1C3D2355CA526 ] C:\Windows\System32\atl100.dll
15:05:06.0984 0x0a14  C:\Windows\System32\atl100.dll - ok
15:05:06.0984 0x0a14  [ A38A290E27AFE18D7D5F3CFD33FEF47D, BA2FD04D1E180F268C3D519A6B50D705F96CAA68C04E4F09652D92CE6488AD00 ] C:\Windows\System32\msi.dll
15:05:06.0984 0x0a14  C:\Windows\System32\msi.dll - ok
15:05:06.0984 0x0a14  [ 1821A9197482BDA422DD3FFBFD3AC611, C185E66A623BE51A512DAD4FF83E0432B1C87EBD5910180AC08D8B032F19AD2C ] C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Cultures\OFFICE.ODF
15:05:06.0984 0x0a14  C:\Program Files\Common Files\Microsoft Shared\OFFICE15\Cultures\OFFICE.ODF - ok
15:05:06.0984 0x0a14  [ 7FA6470C89F68656D0D86A59177273CD, 819FD6B15DF5EF1EADCBC7E322381B6733AEF58A416F8F457718AF465533CF4A ] C:\PROGRA~1\MICROS~2\Office15\1033\GrooveIntlResource.dll
15:05:06.0984 0x0a14  C:\PROGRA~1\MICROS~2\Office15\1033\GrooveIntlResource.dll - ok
15:05:06.0984 0x0a14  [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
15:05:06.0984 0x0a14  C:\Windows\System32\EhStorShell.dll - ok
15:05:06.0984 0x0a14  [ 22ECE0BC222B54CA73AE37D7A65EA93F, 6C60C8A634F7CF73129F23CE6A0269DB009D0692BAF71BA611884FB52B467679 ] C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll
15:05:06.0984 0x0a14  C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll - ok
15:05:06.0984 0x0a14  [ 686A76B1445D07CE408B66D2468C02C3, 8284F3527A72658BB9209815DAD211DCA686B13AF413C9BF0183A91B9F11E008 ] C:\Program Files (x86)\Internet Download Manager\IDMNetMon64.dll
15:05:06.0984 0x0a14  C:\Program Files (x86)\Internet Download Manager\IDMNetMon64.dll - ok
15:05:07.0000 0x0a14  [ 13D1F490AF6C7649F51BA29F9CCBB778, 2A389A84E14CE601203CED3283B3345A74B040C670BCDF8C2AE22652E314D17C ] C:\Windows\SysWOW64\iertutil.dll
15:05:07.0000 0x0a14  C:\Windows\SysWOW64\iertutil.dll - ok
15:05:07.0000 0x0a14  [ 6095266CAAF5E75F394CFD4844CC4C25, 99C10DDD9F86D6FC10F5417F7FDE7A48909CDEF53F47D8A2DBFB0B656F89FCA6 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
15:05:07.0000 0x0a14  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
15:05:07.0000 0x0a14  [ C3DBF7DFF5A38136E26BADB7AB4E2972, EA7484034B14F9F1082F8FA802560D61740DD030F008B59CED204ED55B7C437B ] C:\Windows\SysWOW64\netapi32.dll
15:05:07.0000 0x0a14  C:\Windows\SysWOW64\netapi32.dll - ok
15:05:07.0000 0x0a14  [ C6BB27D9A8AC13D4A44486F528B5C884, 9624D886A3EBA94E61F90F62BD9A823B799C3A3B9C0E4C59E49824FEBBB18D77 ] C:\Windows\SysWOW64\netutils.dll
15:05:07.0000 0x0a14  C:\Windows\SysWOW64\netutils.dll - ok
15:05:07.0000 0x0a14  [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
15:05:07.0000 0x0a14  C:\Windows\SysWOW64\winnsi.dll - ok
15:05:07.0000 0x0a14  [ 11A41F17527ED75D6B758FDD7F4FD00D, A646BA0BAA992A7B98C813AD8D834D57F27DB6F7F0F3200F68CB8B99F4C5D731 ] C:\Windows\SysWOW64\mswsock.dll
15:05:07.0000 0x0a14  C:\Windows\SysWOW64\mswsock.dll - ok
15:05:07.0000 0x0a14  [ CC9BBCFC715FBEDF7AE476106FE653E9, 0F8EE6E853756EB302A75C69937DDC3EC05A7D4A075D7314D329E497FD1BBA1C ] C:\Windows\SysWOW64\winhttp.dll
15:05:07.0000 0x0a14  C:\Windows\SysWOW64\winhttp.dll - ok
15:05:07.0000 0x0a14  [ 7F739F89F7F60221740DA9DE1B1DABB6, 7FB3E2DF211826B097FEDB8335DB2CC0206823B440897478C1E77169E4033D66 ] C:\Windows\SysWOW64\webio.dll
15:05:07.0000 0x0a14  C:\Windows\SysWOW64\webio.dll - ok
15:05:07.0015 0x0a14  [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
15:05:07.0015 0x0a14  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
15:05:07.0015 0x0a14  [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
15:05:07.0015 0x0a14  C:\Windows\SysWOW64\powrprof.dll - ok
15:05:07.0015 0x0a14  [ BA4F111761A08E98970FBF8994B5BB33, A411E11B8B58D4B3FB61C3358346A6FC5B806A8654E2EC56473110336161BF39 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsusTPCfg64.exe
15:05:07.0015 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsusTPCfg64.exe - ok
15:05:07.0015 0x0a14  [ 4F870EF9292559AB9DE6F31527A1DCBF, 45C14E74FCCC647688FCDA280B04D884532D1D51AC93FCAA671141776973314C ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
15:05:07.0015 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe - ok
15:05:07.0015 0x0a14  [ 8BC7F8F0B7AE856D910B3FDD895EC50E, CEBE62829BD416D961F9A779A60ED60366095F557DDE5350ADB09C53B3A23A8D ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll
15:05:07.0015 0x0a14  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcr80.dll - ok
15:05:07.0015 0x0a14  [ 4F35AC991C7F09D3FE436C85E502CBA7, 595CFC812F3E8700E6D58E69BEA7F2C3B3DCE6D2D96E99C45E726040B8D3C1B6 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPApi.dll
15:05:07.0015 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPApi.dll - ok
15:05:07.0015 0x0a14  [ 4A7C441D99D86704D194E7678873B95D, 455D9C6B050597BABED1A52947717E031AC9A00094ECF13FE50077BC8BCF3821 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
15:05:07.0015 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe - ok
15:05:07.0031 0x0a14  [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\SysWOW64\hid.dll
15:05:07.0031 0x0a14  C:\Windows\SysWOW64\hid.dll - ok
15:05:07.0031 0x0a14  [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
15:05:07.0031 0x0a14  C:\Windows\SysWOW64\rasapi32.dll - ok
15:05:07.0031 0x0a14  [ 89D840773C9C4358A5031DCC860449EC, F6C241D73E05A95B7C81C12979FF625BFD89C12CDD13193AA137E02A8C0046F2 ] C:\Windows\SysWOW64\srvcli.dll
15:05:07.0031 0x0a14  C:\Windows\SysWOW64\srvcli.dll - ok
15:05:07.0031 0x0a14  [ 7AD12703039056D2A0815F85960E1FA1, 22C9E953D499555F8BD7719786F3450EF5619672F4FF91082758BAB3FD8A288D ] C:\Windows\SysWOW64\wkscli.dll
15:05:07.0031 0x0a14  C:\Windows\SysWOW64\wkscli.dll - ok
15:05:07.0031 0x0a14  [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
15:05:07.0031 0x0a14  C:\Windows\SysWOW64\rasman.dll - ok
15:05:07.0031 0x0a14  [ 68DE8D996D8FF628AB6B3D422035F862, 239CE5BE15F39966AE5243971FE75BDFB35359F92C8294C61155C863F4B3C40E ] C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
15:05:07.0031 0x0a14  C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe - ok
15:05:07.0031 0x0a14  [ 0FA436A553408CBEBA070E3182658DE3, 304DA948021759DB08AB37DB9719CAF1BF671AACA1C6497C7CC784FE4EFF9550 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll
15:05:07.0031 0x0a14  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc\comctl32.dll - ok
15:05:07.0031 0x0a14  [ E8132FB3BAC7C0CDBD581485B8BA947F, 063ABE4F7FE9E81543377AD45F58D9C61B06453025B0CCC3E3388C93FE8DBF57 ] C:\Windows\SysWOW64\cryptui.dll
15:05:07.0031 0x0a14  C:\Windows\SysWOW64\cryptui.dll - ok
15:05:07.0047 0x0a14  [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
15:05:07.0047 0x0a14  C:\Windows\SysWOW64\wsock32.dll - ok
15:05:07.0047 0x0a14  [ EDB57065790B62EF83BE117AD3EDFDE2, D1DCCEF8FA78B7F44966A59C86A0C5C02F810F73CAF10BA549752691F98DB904 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll
15:05:07.0047 0x0a14  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7600.16385_none_72fc7cbf861225ca\GdiPlus.dll - ok
15:05:07.0047 0x0a14  [ 318285F1590C4484E3253BA2B189D2DF, A68ED81FCAA3BEC30CEBE5C5A7F9362422F72233C286246293AB48D132DE3EF4 ] C:\Windows\System32\d3d9.dll
15:05:07.0047 0x0a14  C:\Windows\System32\d3d9.dll - ok
15:05:07.0047 0x0a14  [ 9F758BF982DE530C8C77C9F03334DEEB, 8A49E6716C00BE94C62DB25AAAD3C70BDD49792EB205D94B47AB9B30D6566BB8 ] C:\Windows\SysWOW64\taskschd.dll
15:05:07.0047 0x0a14  C:\Windows\SysWOW64\taskschd.dll - ok
15:05:07.0047 0x0a14  [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
15:05:07.0047 0x0a14  C:\Windows\System32\fdPnp.dll - ok
15:05:07.0047 0x0a14  [ 7BF5EA753D4CC056B9462A02AC51B160, 34AC885FA8C9D982D3A9FC139BEB031320FDD8AFA06FF5DDDDC8BA4CA1F09EEF ] C:\Windows\SysWOW64\xmllite.dll
15:05:07.0047 0x0a14  C:\Windows\SysWOW64\xmllite.dll - ok
15:05:07.0047 0x0a14  [ 8019A904EBB6F8CFBA9E41A76A99604A, E3565098FA6519BCFF7140A1112208BD8F1E298415B2DFA0B938D146098164DF ] C:\Windows\SysWOW64\wer.dll
15:05:07.0047 0x0a14  C:\Windows\SysWOW64\wer.dll - ok
15:05:07.0047 0x0a14  [ 7684ED0FA7AE8A417FEB58CAEAF8FDBF, DA581905993B5A78214A36AE3EDB4B7B6DC411A0AA689F4554429DEB02065033 ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\PureThemeRes.dll
15:05:07.0047 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\PureThemeRes.dll - ok
15:05:07.0062 0x0a14  [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
15:05:07.0062 0x0a14  C:\Windows\SysWOW64\mpr.dll - ok
15:05:07.0062 0x0a14  [ AE6AF014B616F53BA762F0BCFD8F7F21, 95C8E3CA3DBEE48621A6A159BEA04A323339A876C8B64EEBC76CBD5872BC32F2 ] C:\Windows\SysWOW64\msi.dll
15:05:07.0062 0x0a14  C:\Windows\SysWOW64\msi.dll - ok
15:05:07.0062 0x0a14  [ 7B2AF75C0813FEB2888559DAA4215BA3, 05A3A9D8D1526CBE1E7E507574F137439E2CAAF493FADE43034BDE9E29728750 ] C:\Windows\SysWOW64\Faultrep.dll
15:05:07.0062 0x0a14  C:\Windows\SysWOW64\Faultrep.dll - ok
15:05:07.0062 0x0a14  [ 78B9ADA2BC8946AF7B17678E0D07A773, C23E03E8251930AFCD7C049ECD11375E040A414536441AEA602C71AF206C0422 ] C:\Windows\SysWOW64\wininet.dll
15:05:07.0062 0x0a14  C:\Windows\SysWOW64\wininet.dll - ok
15:05:07.0062 0x0a14  [ 7ABCE518D36D6D1749FADB5A3825C976, 1600C2C71CFD6BC3EFB4360C99DD3F2C08898DDF0113AFAD356BFF3914C86BB5 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnHips.dll
15:05:07.0062 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnHips.dll - ok
15:05:07.0062 0x0a14  [ FFDB4D14C94459EA2F8864276942B5A2, CB6C99442DC55DF3F5EC5BB46CB4AC2C236089C0E98433320892E56C79A298AD ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll
15:05:07.0062 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnScan.dll - ok
15:05:07.0062 0x0a14  [ FC299136E8B159F279568FC47C442AA1, 3884CEF06155B86B5F32BA2982938013A2F928CB56EB9BEAC76B1C8A48D20ACC ] C:\Windows\SysWOW64\urlmon.dll
15:05:07.0062 0x0a14  C:\Windows\SysWOW64\urlmon.dll - ok
15:05:07.0062 0x0a14  [ E7E294C689C28FE463AB4F94AADEE3A6, B00B69F474E88C281E0C71CDF92C005280D459CF48500478160D0BE88F87F581 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll
15:05:07.0062 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnAmon.dll - ok
15:05:07.0078 0x0a14  [ 3224B80217D8B32657E10F730687CEBE, CE14DF34DBDD8399B25A0D1D5357F3F21167A009D1DE894E7853180B8367B252 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll
15:05:07.0078 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEmon.dll - ok
15:05:07.0078 0x0a14  [ FD0022023FB4553CB8AACAB928D9CF20, 45CEF43B9FF2EBA9D2384DB37E055935D06970A242C4D41F0A07C76B64312840 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll
15:05:07.0078 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnDmon.dll - ok
15:05:07.0078 0x0a14  [ ADD9D33D685DFADDFAD5AFB42CF31A70, 8E0D2D0CEFC59548BED08D36D55865D8633E1512AE81D93F728F3D9631A3CC6F ] C:\Windows\SysWOW64\cscapi.dll
15:05:07.0078 0x0a14  C:\Windows\SysWOW64\cscapi.dll - ok
15:05:07.0078 0x0a14  [ 79C7CFAEA6879A8C1A1E8B5FFE8983AA, BE7B559C8A33E7F8B19D4E7B70ED2257C49CB1FE7B944F63ADBAE1D31E0A1E93 ] C:\Windows\SysWOW64\dbghelp.dll
15:05:07.0078 0x0a14  C:\Windows\SysWOW64\dbghelp.dll - ok
15:05:07.0078 0x0a14  [ DA6710B568C793AAA50B3DF05A91554A, FBBF0D02A259159F5266749E55F32A9A1E94CE5045CC8F1B18BBF6089D03E92D ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll
15:05:07.0078 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnEpfw.dll - ok
15:05:07.0078 0x0a14  [ 659B7036757FEEBDC4FA2D724B0C858A, 5CFA64D6C0E9FC85CCF628F5AAC75AE3D4494EB2E24886ED27FA831B1858F1A3 ] C:\Windows\System32\cscui.dll
15:05:07.0078 0x0a14  C:\Windows\System32\cscui.dll - ok
15:05:07.0078 0x0a14  [ 95C3026E5FBD9E8700F07EBEDAD9E6BA, 67002D58646F95361B868523DE5344A3346519B661E9E99647F4C6E368B26B96 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll
15:05:07.0078 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnUpdate.dll - ok
15:05:07.0093 0x0a14  [ 83BB030C71C9727DCFB2737005772C4E, 5E1D6120D29B8E263C615142BB3EBA0C67A08C5431F444B993B0CBC6995D8B72 ] C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe
15:05:07.0093 0x0a14  C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler.exe - ok
15:05:07.0093 0x0a14  [ DE0D00C9CB3368C49BBB8B9BCA7B3D34, 85F6F343A299BF2F7924E27EFA1F4DCCE653C5C8C66D389FC71A7DB663DD3CF0 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll
15:05:07.0093 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\updater.dll - ok
15:05:07.0093 0x0a14  [ 323CFFFDAF253AC65CD194A101BE6231, 071F8FC766EB1D5E0AA4FC4DDCD2CA88C2DF0ACA6D8FBEB17C5AE330AC30D0D2 ] C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe
15:05:07.0093 0x0a14  C:\Program Files (x86)\Google\Update\1.3.26.9\GoogleCrashHandler64.exe - ok
15:05:07.0093 0x0a14  [ 0089563F324FA784DA849D6A636141E0, E8B242102082DA4387063EF10167531EA020C6E0657DA71ADC1A0282BD3762AA ] C:\Windows\SysWOW64\mstask.dll
15:05:07.0093 0x0a14  C:\Windows\SysWOW64\mstask.dll - ok
15:05:07.0093 0x0a14  [ 53867EB71ECDDCC5A11844ECAC6E7C7C, 289C1A415FE0B4D15ED99B1038F8CFDC14475B01DF982C76C07CBDB893D635FB ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll
15:05:07.0093 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrnMailPlugins.dll - ok
15:05:07.0093 0x0a14  [ 17743E29177A9E5913E726E06D634C1B, 4F665DA087C73307973BBEA871419B1FABD95499A89D606BB7F97A9626C2D78C ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\rcdio.dll
15:05:07.0093 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\rcdio.dll - ok
15:05:07.0093 0x0a14  [ BFEBE1E4B301F44CEA7C1B4021BD0264, F6984FC40F1731A936A1671A422FF750056418199576EDCD5F9373A23D0D0221 ] C:\Windows\System32\cscapi.dll
15:05:07.0093 0x0a14  C:\Windows\System32\cscapi.dll - ok
15:05:07.0093 0x0a14  [ A74316B5C28D94AF0825267D8715549F, C45D33E809FC97AF7334A481F56E878894A8F9127380261A7A4BA6F22A5D19F1 ] C:\Windows\System32\dbghelp.dll
15:05:07.0093 0x0a14  C:\Windows\System32\dbghelp.dll - ok
15:05:07.0109 0x0a14  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
15:05:07.0109 0x0a14  C:\Windows\SysWOW64\sfc.dll - ok
15:05:07.0109 0x0a14  [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
15:05:07.0109 0x0a14  C:\Windows\SysWOW64\sfc_os.dll - ok
15:05:07.0109 0x0a14  [ 7F87FEBFBCEE844A080A76C83A1B013F, E851CECF86C2032F0CAFFED7AA5C646529524A3FA22CE892987C14900B87F814 ] C:\Windows\SysWOW64\schedcli.dll
15:05:07.0109 0x0a14  C:\Windows\SysWOW64\schedcli.dll - ok
15:05:07.0109 0x0a14  [ 7EDB2BF840ECB14D6E6B11C035708719, 42633433A5BB105A18BF2B10F28C9A801B08E4321757530646FBD96227A3AB94 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
15:05:07.0109 0x0a14  C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
15:05:07.0109 0x0a14  [ 79A37AE3806851CB445C475D527CF685, 9B5E374C8C56C492F98068D3F973DFFA46D203AD6799146817753FE4C6765C0F ] C:\Windows\System32\win32spl.dll
15:05:07.0109 0x0a14  C:\Windows\System32\win32spl.dll - ok
15:05:07.0109 0x0a14  [ 17EAB1AEA937EFFCD107EFBA94FEDB34, 544CE9BFE2291D985FDD3505ADDE42478C8C69D8B116B54F531DD0D2D72D160D ] C:\Windows\System32\inetpp.dll
15:05:07.0109 0x0a14  C:\Windows\System32\inetpp.dll - ok
15:05:07.0109 0x0a14  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
15:05:07.0109 0x0a14  C:\Windows\System32\netprofm.dll - ok
15:05:07.0109 0x0a14  [ 3044D07ABDF4BBEA27E2EE7B1E0C0C65, D99A8C10CC4E5C778D063E56A131DB549F01CA7F9605F6596406606BB12C0269 ] C:\Windows\System32\d3d8thk.dll
15:05:07.0109 0x0a14  C:\Windows\System32\d3d8thk.dll - ok
15:05:07.0125 0x0a14  [ F952F3E89CF6741A5547409B613C8015, 47A6983CE480F38D4D63179E1E4E0BA1226A3E18CEB7BAD24B6A86F2CB1D09C7 ] C:\Windows\System32\nvaudcap64v.dll
15:05:07.0125 0x0a14  C:\Windows\System32\nvaudcap64v.dll - ok
15:05:07.0125 0x0a14  [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
15:05:07.0125 0x0a14  C:\Windows\System32\aepic.dll - ok
15:05:07.0125 0x0a14  [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
15:05:07.0125 0x0a14  C:\Windows\System32\sfc.dll - ok
15:05:07.0125 0x0a14  [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
15:05:07.0125 0x0a14  C:\Windows\System32\sfc_os.dll - ok
15:05:07.0125 0x0a14  [ 5B840D903BA3B8E066B47F1221786FD0, 372D99B2F1E7FB51F108020059CBEBC728A026BA1747B12F63A55EF19F50F877 ] C:\Windows\System32\cscdll.dll
15:05:07.0125 0x0a14  C:\Windows\System32\cscdll.dll - ok
15:05:07.0125 0x0a14  [ 0DFBB6B13ACFBDEE0E7DF0FD145614AC, C731F0179720DADA521C26CAB0F13FE1E7BA5D86BA390D6015A418DD94FBC4B2 ] C:\Windows\System32\ntshrui.dll
15:05:07.0125 0x0a14  C:\Windows\System32\ntshrui.dll - ok
15:05:07.0125 0x0a14  [ 8E792781B9AADEC8934A7E02CDF8CB07, A2A8CDA8428E9A7DBF96CFD41EAF96EE08BCD825F5DC35051BF2BE8ED1F31FAD ] C:\Windows\System32\ieframe.dll
15:05:07.0125 0x0a14  C:\Windows\System32\ieframe.dll - ok
15:05:07.0125 0x0a14  [ FD3F34830C39F4B554106ADA19924F4E, 43FDB43CEF2A3219C06D002B56D042C2D9387488F6662F77C5FC8F3333CCD56E ] C:\Windows\System32\control.exe
15:05:07.0125 0x0a14  C:\Windows\System32\control.exe - ok
15:05:07.0140 0x0a14  [ 17B6E9E520860EF2916FBF5E05EA80EE, 3649FB107F929497126C6133D4E0007ADD5B8B78C82EEABDD4BAEE7505553A05 ] C:\Windows\System32\mmsys.cpl
15:05:07.0140 0x0a14  C:\Windows\System32\mmsys.cpl - ok
15:05:07.0140 0x0a14  [ 81D64E8D70E5FBF9F7ABF2D41154F54D, 878E5A32AF0E7633830FE313CF9319DE3EBE0A9AA78DCDD525C0A3500A698CB6 ] C:\Windows\System32\AudioSes.dll
15:05:07.0140 0x0a14  C:\Windows\System32\AudioSes.dll - ok
15:05:07.0140 0x0a14  [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
15:05:07.0140 0x0a14  C:\Windows\System32\drivers\PEAuth.sys - ok
15:05:07.0140 0x0a14  [ B5019713CEE4CE9E6C0BF0E4142F0A5B, C3A532300622DFDCBDAEE31A9E8CCA063F7B6A6A581E35D2631A2A667848B936 ] C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
15:05:07.0140 0x0a14  C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe - ok
15:05:07.0140 0x0a14  [ F17F84511E7DFDEEAB646F0699A006D7, 5237937841FBD1F99A5D6161DEBA26182DDAF617CA98946EE7DB0AB67FC149EA ] C:\Windows\System32\drivers\rzpmgrk.sys
15:05:07.0140 0x0a14  C:\Windows\System32\drivers\rzpmgrk.sys - ok
15:05:07.0140 0x0a14  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
15:05:07.0140 0x0a14  C:\Windows\System32\drivers\secdrv.sys - ok
15:05:07.0140 0x0a14  [ 913D843498553A1BC8F8DBAD6358E49F, F8B931FDABF669D642CBDCD2FF31E07F8A5E2D5F72E11D4A8FF219CCFB5825E9 ] C:\Windows\System32\sppsvc.exe
15:05:07.0140 0x0a14  C:\Windows\System32\sppsvc.exe - ok
15:05:07.0140 0x0a14  [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
15:05:07.0140 0x0a14  C:\Windows\System32\aeevts.dll - ok
15:05:07.0156 0x0a14  [ 26E84D3649019C3244622E654DFCD75B, 49BD7345AF744298698629E0D7C0C373AB2F75F542281268BCF91A6D2B278AA8 ] C:\Windows\System32\drivers\srvnet.sys
15:05:07.0156 0x0a14  C:\Windows\System32\drivers\srvnet.sys - ok
15:05:07.0156 0x0a14  [ FFF95479C7AB1550F0750A5D01744211, FF67F892AABCE1C2B695FF4C0816339566F5745C1498D48FAC050E5196C1CE09 ] C:\Windows\System32\drivers\spsys.sys
15:05:07.0156 0x0a14  C:\Windows\System32\drivers\spsys.sys - ok
15:05:07.0156 0x0a14  [ 3C1284516A62078FB68F768DE4F1A7BE, 67ECD462335EF88773E4BAEAB230A68EC92A25F8CD8F115873F669205AE6A1A9 ] C:\Windows\System32\sysmain.dll
15:05:07.0156 0x0a14  C:\Windows\System32\sysmain.dll - ok
15:05:07.0156 0x0a14  [ B7BDBEBC74105E68A3093073C30E3498, B5D738E4C83DE4B02EA2045E6B74CB9DBA1D5CE072C235C883E216B51B4E718F ] C:\Windows\System32\sppwinob.dll
15:05:07.0156 0x0a14  C:\Windows\System32\sppwinob.dll - ok
15:05:07.0156 0x0a14  [ 2F530C1448D4984F2A3F995895F2D532, EF624B3D581C2BB830AB4A1275EC0A66CA28EB157E366642B7A604DFE2CDD9BC ] C:\Windows\System32\sppobjs.dll
15:05:07.0156 0x0a14  C:\Windows\System32\sppobjs.dll - ok
15:05:07.0156 0x0a14  [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
15:05:07.0156 0x0a14  C:\Windows\System32\IconCodecService.dll - ok
15:05:07.0156 0x0a14  [ 6AB6D4DF10EC784CF4A66CBFAF417A11, 7DD59A6A686736D4CCA4D486BD2FE0A0743AFBA838DBCBDBFF3078080BFA1CF3 ] C:\Windows\System32\runonce.exe
15:05:07.0156 0x0a14  C:\Windows\System32\runonce.exe - ok
15:05:07.0156 0x0a14  [ 169F916EFEAA44487E65305B7D2D754B, E87069D36E05133A58638A1CBD765AE3122917B3E0AFA06C8644C861B3ED5A16 ] C:\Windows\SysWOW64\runonce.exe
15:05:07.0156 0x0a14  C:\Windows\SysWOW64\runonce.exe - ok
15:05:07.0171 0x0a14  [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
15:05:07.0171 0x0a14  C:\Windows\System32\winrnr.dll - ok
15:05:07.0171 0x0a14  [ 8AE6DD9A6D246004DA047F704F0CC487, 8DEAB32F7297BCBC22CAA7BAEB2DDB6BF36E73D9A7F68B6737C1E4C75E213CB9 ] C:\Windows\SysWOW64\cmd.exe
15:05:07.0171 0x0a14  C:\Windows\SysWOW64\cmd.exe - ok
15:05:07.0171 0x0a14  [ 52D0E33B681BD0F33FDC08812FEE4F7D, BBEBC0773402F6697D2F14F63E5E4FDC2180466E7FDBD306E408535B10160249 ] C:\Windows\System32\wiaservc.dll
15:05:07.0171 0x0a14  C:\Windows\System32\wiaservc.dll - ok
15:05:07.0171 0x0a14  [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
15:05:07.0171 0x0a14  C:\Windows\SysWOW64\winbrand.dll - ok
15:05:07.0171 0x0a14  [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
15:05:07.0171 0x0a14  C:\Windows\System32\wiatrace.dll - ok
15:05:07.0171 0x0a14  [ 691C8DFB208227F0CBB5C0897C742ACE, 3240EAFF8182D1E8C8EA4642D2BF7A6EF19DCA2618E0C20B1FC6E81C277B8649 ] C:\Windows\SysWOW64\WindowsCodecs.dll
15:05:07.0171 0x0a14  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
15:05:07.0171 0x0a14  [ 76D078AF6F587B162D50210F761EB9ED, 3813171036B4036306CADC29F877ADAE44B241DDF65B3699C352B7CDA9EC68C9 ] C:\Windows\System32\drivers\tcpipreg.sys
15:05:07.0171 0x0a14  C:\Windows\System32\drivers\tcpipreg.sys - ok
15:05:07.0171 0x0a14  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
15:05:07.0171 0x0a14  C:\Windows\System32\trkwks.dll - ok
15:05:07.0187 0x0a14  [ 28E0104D77501C8576BC4F32BB73CE9F, 120E0C17443CB687A538D0EA75D5CAC8F8E44A70FADCAF9B2395C061D817B695 ] C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
15:05:07.0187 0x0a14  C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe - ok
15:05:07.0187 0x0a14  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
15:05:07.0187 0x0a14  C:\Windows\System32\wbem\WMIsvc.dll - ok
15:05:07.0187 0x0a14  [ 6C0BD9D59C7E97DEE2FB3407D17BF697, C77DF45B0969DC9D99C1B0F14BECF95403679B912B26B66039A408921613499B ] C:\Windows\SysWOW64\RpcRtRemote.dll
15:05:07.0187 0x0a14  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
15:05:07.0187 0x0a14  [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
15:05:07.0187 0x0a14  C:\Windows\SysWOW64\rsaenh.dll - ok
15:05:07.0187 0x0a14  [ 6814300419C92B2B99CE4AAE4D1BA17A, 69EEE402AC93655067939CAB69E90E3CCD21698CFF20375695194B7B30167D2E ] C:\Windows\SysWOW64\upnp.dll
15:05:07.0187 0x0a14  C:\Windows\SysWOW64\upnp.dll - ok
15:05:07.0187 0x0a14  [ FAF9BA81FB0543CB4B7EFFD24CFA815F, DC876993FDAEE449C228D23942E3CA8C116AEA5F64D55A7C45F5EA0AB61CD62F ] C:\Windows\System32\wbemcomn.dll
15:05:07.0187 0x0a14  C:\Windows\System32\wbemcomn.dll - ok
15:05:07.0187 0x0a14  [ 28E2231BD34A39C854BDF3923AB2FF86, A95179068F7B86E04F976B724F155DA86253B7F4414F43DBD95F2058282B99E4 ] C:\Windows\SysWOW64\ssdpapi.dll
15:05:07.0187 0x0a14  C:\Windows\SysWOW64\ssdpapi.dll - ok
15:05:07.0187 0x0a14  [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
15:05:07.0187 0x0a14  C:\Windows\System32\wbem\WinMgmtR.dll - ok
15:05:07.0203 0x0a14  [ A7582A70802D5B9F28ED3940F6A3E9ED, 18BA69BF8386610F5EDA4430991C22D895477EA8911B855C951F70AE03CEA8AB ] C:\Windows\System32\wbem\WmiDcPrv.dll
15:05:07.0203 0x0a14  C:\Windows\System32\wbem\WmiDcPrv.dll - ok
15:05:07.0203 0x0a14  [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
15:05:07.0203 0x0a14  C:\Windows\System32\wbem\fastprox.dll - ok
15:05:07.0203 0x0a14  [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
15:05:07.0203 0x0a14  C:\Windows\System32\ntdsapi.dll - ok
15:05:07.0203 0x0a14  [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
15:05:07.0203 0x0a14  C:\Windows\System32\wbem\wbemprox.dll - ok
15:05:07.0203 0x0a14  [ 3B9665D4B8C587A6014B9B8DFF5974A0, C616EB39D923954B484CEA863CA840E525366916286962D737D04FCCBD3610B8 ] C:\Windows\System32\wbem\wbemcore.dll
15:05:07.0203 0x0a14  C:\Windows\System32\wbem\wbemcore.dll - ok
15:05:07.0203 0x0a14  [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
15:05:07.0203 0x0a14  C:\Windows\System32\wbem\esscli.dll - ok
15:05:07.0203 0x0a14  [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
15:05:07.0203 0x0a14  C:\Windows\System32\wbem\wbemsvc.dll - ok
15:05:07.0203 0x0a14  [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
15:05:07.0203 0x0a14  C:\Windows\System32\wbem\repdrvfs.dll - ok
15:05:07.0218 0x0a14  [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
15:05:07.0218 0x0a14  C:\Windows\System32\wbem\wmiutils.dll - ok
15:05:07.0218 0x0a14  [ 82BC97E5793DEF69691AAD5AB953A200, E589D638C8FEAA88EA9149E463C675C36FEA4310923C47C095B1EA50B2DC52F6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
15:05:07.0218 0x0a14  C:\Windows\System32\wbem\WmiPrvSD.dll - ok
15:05:07.0218 0x0a14  [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
15:05:07.0218 0x0a14  C:\Windows\System32\ncobjapi.dll - ok
15:05:07.0218 0x0a14  [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
15:05:07.0218 0x0a14  C:\Windows\System32\wbem\wbemess.dll - ok
15:05:07.0218 0x0a14  [ A5B25E310678175F4779499FFF7D0994, 0CD1886016354AE95EB626CDFC276BA049B3106723E0EC64F39BAE1D1B4A1121 ] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
15:05:07.0218 0x0a14  C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe - ok
15:05:07.0218 0x0a14  [ F8E058D17363EC580E4B7232778B6CB5, 02352919F349C57930A0B032FBDC45327FB473D310DE7AC721F4694FDE7D21FB ] C:\Windows\System32\iphlpsvc.dll
15:05:07.0218 0x0a14  C:\Windows\System32\iphlpsvc.dll - ok
15:05:07.0218 0x0a14  [ 2D15C41214F518FC3C72A4C01C30882F, BFA7F16D2883E01394A821A70FD38A3D31F362E45E790C02BE6569ED027894CA ] C:\Windows\SysWOW64\bthprops.cpl
15:05:07.0218 0x0a14  C:\Windows\SysWOW64\bthprops.cpl - ok
15:05:07.0218 0x0a14  [ E95C0270158AA0B63E3D30D20E35CE31, 16C9523808FE36577F52A5831D507F19F6D66EDE8C38A8B77B774CAE7D005FDA ] C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
15:05:07.0218 0x0a14  C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe - ok
15:05:07.0234 0x0a14  [ 128DD9AF8640DBCC711940903C8B554F, 46E9715F3CD09F32FBEAA5379991E9E7DACCBD2407C2D061FDA3A04F05108133 ] C:\Windows\SysWOW64\mscoree.dll
15:05:07.0234 0x0a14  C:\Windows\SysWOW64\mscoree.dll - ok
15:05:07.0234 0x0a14  [ 48A6CA43A5C921C465F70D9B42B3EF1A, A618BCB175D46C0C088CEA98DC4DA8CB255F1D3B0ED72BBCC168AECD07B9F03F ] C:\Windows\System32\sqmapi.dll
15:05:07.0234 0x0a14  C:\Windows\System32\sqmapi.dll - ok
15:05:07.0234 0x0a14  [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
15:05:07.0234 0x0a14  C:\Windows\System32\wdscore.dll - ok
15:05:07.0234 0x0a14  [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
15:05:07.0234 0x0a14  C:\Windows\System32\hnetcfg.dll - ok
15:05:07.0234 0x0a14  [ 6E03C9E362389A768E6C240933352D11, 7A08805635262E0F104DC0E8C3D7CC7E0C941F45EE5C5DC6DD05FC7F2BAD7E91 ] C:\Windows\System32\nci.dll
15:05:07.0234 0x0a14  C:\Windows\System32\nci.dll - ok
15:05:07.0234 0x0a14  [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
15:05:07.0234 0x0a14  C:\Windows\System32\NapiNSP.dll - ok
15:05:07.0234 0x0a14  [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
15:05:07.0234 0x0a14  C:\Windows\System32\pnrpnsp.dll - ok
15:05:07.0249 0x0a14  [ E3E2E9A96E6BA95D0CF0F026C7B18654, 376648E0A2167611849590337098397006F8FB8DDD63F460CA6E4734D321055B ] C:\Windows\System32\wshbth.dll
15:05:07.0249 0x0a14  C:\Windows\System32\wshbth.dll - ok
15:05:07.0249 0x0a14  [ 53658F8E11D9E72F50FD9E1CF34AB0CC, 0D77D8AEFDDDC0628B3B92A56E6216FA99A9C39F45F6DD470F9962D5AC8B4408 ] C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOE.dll
15:05:07.0249 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\x86\eplgOE.dll - ok
15:05:07.0249 0x0a14  [ 9108D80954A9B98143B65A9FF7EA0715, 38AD576117D691F14588E6258410C8E7A0A732DCCFB173DC6EC085F04750D51A ] C:\Program Files\NVIDIA Corporation\Update Core\NvBackendAPI64.dll
15:05:07.0249 0x0a14  C:\Program Files\NVIDIA Corporation\Update Core\NvBackendAPI64.dll - ok
15:05:07.0249 0x0a14  [ 5E3C0E5FFDA48C5DA35BBFB8EFFF8066, E2BBCC111DB1CE6072CB796F21677E4529029CE66DDC471EC793278F81F1FCF6 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
15:05:07.0249 0x0a14  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
15:05:07.0249 0x0a14  [ B62AA1BB1F63839051441D2C6DD7B775, 24151B24FC959830A454B7B59850E3F88AEBB3289AA1113C590FA7662122C8DF ] C:\Windows\SysWOW64\comctl32.dll
15:05:07.0249 0x0a14  C:\Windows\SysWOW64\comctl32.dll - ok
15:05:07.0249 0x0a14  [ A0012C1D9B8648C20C00202418B9D02F, 833AFB6BCABBF9991C811D6D1BF2C7B95A584F46D93C6B3F49CA2A8A6BE5E657 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:05:07.0249 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe - ok
15:05:07.0249 0x0a14  [ 259AF6E8D5E3E28B8299FAA65473FB62, 456BD19ADA5C1BE6E764E91E1A23B063946A1D11BA2FB9E391578C1A047E53D6 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll
15:05:07.0249 0x0a14  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clr.dll - ok
15:05:07.0249 0x0a14  [ 51138BEEA3E2C21EC44D0932C71762A8, 5AD3C37E6F2B9DB3EE8B5AEEDC474645DE90C66E3D95F8620C48102F1EBA4124 ] C:\Windows\SysWOW64\rundll32.exe
15:05:07.0249 0x0a14  C:\Windows\SysWOW64\rundll32.exe - ok
15:05:07.0265 0x0a14  [ 61DA1DD85F7A9A8F8DEA8771931FAAF6, 0712A1EDD6F20FA4C52189A721D4A78B67FA4B7F1BD3AC70C7BA6689CB2D376F ] C:\Windows\SysWOW64\imagehlp.dll
15:05:07.0265 0x0a14  C:\Windows\SysWOW64\imagehlp.dll - ok
15:05:07.0265 0x0a14  [ E07B77C3BDC82A024E294FB67ABFEDA0, B7ADCD536544F4C59748562504824B252B503E0C6DFF8D94512A88EE4A38B0E0 ] C:\Windows\SysWOW64\shdocvw.dll
15:05:07.0265 0x0a14  C:\Windows\SysWOW64\shdocvw.dll - ok
15:05:07.0265 0x0a14  [ 1351931877DE0C46C4D42DAA26F7B5B1, D1B1EBE786EA74433209497D9678AF306EC1C8F4706D9165552D194259A31FF7 ] C:\Windows\AppPatch\AcLayers.dll
15:05:07.0265 0x0a14  C:\Windows\AppPatch\AcLayers.dll - ok
15:05:07.0265 0x0a14  [ 2F54D7E0E007BC483F9566EEFFFC7DAA, DA9C47D9BE28FC139711DAC24D26CE8F2F822F54EFD8F8AD7B34B7E39B42C86B ] C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll
15:05:07.0265 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eplgOE.dll - ok
15:05:07.0265 0x0a14  [ 9B4FBFA2E187ED9C3F7CE2E03A9D5783, 321956C65449E0BDC196C01C35FDD12D24B9D29E380DFFC1F134F9F9598800ED ] C:\Windows\AppPatch\acwow64.dll
15:05:07.0265 0x0a14  C:\Windows\AppPatch\acwow64.dll - ok
15:05:07.0265 0x0a14  [ 9C5DAAED3B3C06DBC95228CC407B8B70, E306E5C4A1C0D4B63840E38098B9FF2F4267FA4F519C7841E5A0C25A8DFF96D8 ] C:\Users\kamyab\AppData\Local\Temp\{FB2F4B4B-E93B-4BB2-92EB-58AF886D5FAE}.exe
15:05:07.0265 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{FB2F4B4B-E93B-4BB2-92EB-58AF886D5FAE}.exe - ok
15:05:07.0265 0x0a14  [ 6D5A49D6479EB753C7879F73A4C35E0F, A6009398E643051A8CC3943EDF9B7974F15867720246EFE52EDB09B5B3A30B83 ] C:\Windows\SysWOW64\dnsapi.dll
15:05:07.0265 0x0a14  C:\Windows\SysWOW64\dnsapi.dll - ok
15:05:07.0265 0x0a14  [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
15:05:07.0265 0x0a14  C:\Windows\SysWOW64\wship6.dll - ok
15:05:07.0281 0x0a14  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
15:05:07.0281 0x0a14  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
15:05:07.0281 0x0a14  [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
15:05:07.0281 0x0a14  C:\Windows\SysWOW64\rasadhlp.dll - ok
15:05:07.0281 0x0a14  [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
15:05:07.0281 0x0a14  C:\Windows\SysWOW64\wscisvif.dll - ok
15:05:07.0281 0x0a14  [ 374B26395852A9092BDE2E4C8D4D0C8D, 7D23D3E3CF25723336220566F8F4E77D24AB5032FF8811B3BF5260DA61B064D6 ] C:\Windows\SysWOW64\wscapi.dll
15:05:07.0281 0x0a14  C:\Windows\SysWOW64\wscapi.dll - ok
15:05:07.0281 0x0a14  [ 29CA5974FAB0E8AE4AA7814FE05CF832, ADE54D406AAB7C364851AAD278A569426C9ADD4F7FB543BB08428CED963BF541 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
15:05:07.0281 0x0a14  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
15:05:07.0281 0x0a14  [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
15:05:07.0281 0x0a14  C:\Windows\SysWOW64\NapiNSP.dll - ok
15:05:07.0281 0x0a14  [ 045DB4EAB4FBD23210E85ECC3F464A2E, 506D7FAABE12470263502F99D86C81E0EE21C8789132FE1B24774ABDB4484468 ] C:\Windows\SysWOW64\nlaapi.dll
15:05:07.0281 0x0a14  C:\Windows\SysWOW64\nlaapi.dll - ok
15:05:07.0281 0x0a14  [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
15:05:07.0281 0x0a14  C:\Windows\SysWOW64\pnrpnsp.dll - ok
15:05:07.0296 0x0a14  [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
15:05:07.0296 0x0a14  C:\Windows\SysWOW64\winrnr.dll - ok
15:05:07.0296 0x0a14  [ 3A2BB97D54A2189C9900A735C0531B59, E1697967B3F5C64B1E445BD3397A20541C475AF9CF5DBCEEAE276C9D8DBBFCC9 ] C:\Windows\SysWOW64\wshbth.dll
15:05:07.0296 0x0a14  C:\Windows\SysWOW64\wshbth.dll - ok
15:05:07.0296 0x0a14  [ 158117F3CF278F01C6F24E89E2141E81, F8178F093F09A6DB981019D2D0D514145B170D1377FE3C2479028D915663E28F ] C:\Windows\SysWOW64\FWPUCLNT.DLL
15:05:07.0296 0x0a14  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
15:05:07.0296 0x0a14  [ 96F3F676B4D0DF4DA9C4081358C4662F, 99EC65A61B88DFEFB2F02C3E3D01638FCBC41773AB40268F9CB2C72FD288CF62 ] C:\Windows\SysWOW64\wbemcomn.dll
15:05:07.0296 0x0a14  C:\Windows\SysWOW64\wbemcomn.dll - ok
15:05:07.0296 0x0a14  [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
15:05:07.0296 0x0a14  C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
15:05:07.0296 0x0a14  [ 1CEDFE91F527858CACA1B08B04666BC0, B29D4545DAEBF28C07DF684C9AF0C5EE8DE5C723E81B8832188FA27106F1FC50 ] C:\Windows\SysWOW64\wbem\fastprox.dll
15:05:07.0296 0x0a14  C:\Windows\SysWOW64\wbem\fastprox.dll - ok
15:05:07.0296 0x0a14  [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
15:05:07.0296 0x0a14  C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
15:05:07.0296 0x0a14  [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
15:05:07.0296 0x0a14  C:\Windows\SysWOW64\ntdsapi.dll - ok
15:05:07.0312 0x0a14  [ 64D757051B5B273E55C93E4503EA4F3E, 64DE8773FEF4B1158AF23C9EDCFF22F89A32BC6E47CB833D1CB5C2C9DBE5DD75 ] C:\Windows\System32\wbem\WmiPrvSE.exe
15:05:07.0312 0x0a14  C:\Windows\System32\wbem\WmiPrvSE.exe - ok
15:05:07.0312 0x0a14  [ 0DCA5F8AF83975061D9D8340DC471B5C, 71C8549419F46ABB4826B1847BF325374FA5C237CE14DB8B1DD8BB6FDABF6138 ] C:\Windows\SysWOW64\msvcr110_clr0400.dll
15:05:07.0312 0x0a14  C:\Windows\SysWOW64\msvcr110_clr0400.dll - ok
15:05:07.0312 0x0a14  [ EE24C42561D40F7AD7C2A7A460287090, 9E6C22B60EA756FE53BC189412C86F64DF4C5B510C1915A3EBC5A537F0C32256 ] C:\Windows\System32\wbem\cimwin32.dll
15:05:07.0312 0x0a14  C:\Windows\System32\wbem\cimwin32.dll - ok
15:05:07.0312 0x0a14  [ F473BF4D049E5BE0DCC8FC76E2426863, F87F6D87210168928E6D21CC93FAF058D8BFF0B5AFB9AEFC5006AB940911CAB3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll
15:05:07.0312 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\045c9588954c3662d542b53f4462268b\mscorlib.ni.dll - ok
15:05:07.0312 0x0a14  [ 5D89D063A4CB036C258685C8E057E768, DBCE703710BDB4C0284F36B16D9E80EC36BBAD83E8854EA3DBA580D411F70470 ] C:\Windows\System32\framedynos.dll
15:05:07.0312 0x0a14  C:\Windows\System32\framedynos.dll - ok
15:05:07.0312 0x0a14  [ E1CF79243D8262F935366ADFA253A0C1, A594504BB1FBB9B286A447F559BC3F5BC2E28D7D407BE619C66653BDCD7AEFA3 ] C:\Windows\System32\wmi.dll
15:05:07.0312 0x0a14  C:\Windows\System32\wmi.dll - ok
15:05:07.0312 0x0a14  [ 03FDE416C235A3FBF32C196ED62FCF8A, 3FA8D9E7868B92EDC60A6384B9A4F4DDA5636F62B5141A5BB5088656B65F67D8 ] C:\Windows\System32\iedkcs32.dll
15:05:07.0312 0x0a14  C:\Windows\System32\iedkcs32.dll - ok
15:05:07.0312 0x0a14  [ EEF4EB5806A9B18F23CF797D9B9ADA8A, 7E0FD00669C6C154422367493CD393310345127BF58AB8D2F614C95D04DF30C2 ] C:\Windows\System32\browcli.dll
15:05:07.0312 0x0a14  C:\Windows\System32\browcli.dll - ok
15:05:07.0327 0x0a14  [ 28142AAF1565736CE0E5D7EFCE3CC0F8, FEF38AA86683B88D9134D9136847781B2B634F233DCFC469B16A49C597AF1C86 ] C:\Windows\System32\schedcli.dll
15:05:07.0327 0x0a14  C:\Windows\System32\schedcli.dll - ok
15:05:07.0327 0x0a14  [ 0D893F8D145D3B125B0226727C243A69, B344A18C5D5324A891B6E2121EC375AFB9E83D4C59D64EDD2E63854ABEC5D734 ] C:\Windows\System32\security.dll
15:05:07.0327 0x0a14  C:\Windows\System32\security.dll - ok
15:05:07.0327 0x0a14  [ ABA754CB11D3C3D7C9C3A75449D2A96D, BF5EACE35EE9BAFB78CF7E648FF4BCA30E7233A5D41824FFCC41A4F360FFB6CA ] C:\Windows\SysWOW64\nvapi.dll
15:05:07.0327 0x0a14  C:\Windows\SysWOW64\nvapi.dll - ok
15:05:07.0327 0x0a14  [ 6D220604AA4240303DD8DEAEAB428377, 0AC013CFA8F8040017969B3110BBD3B9A4827E0DFC4BE65F334F607248DF9550 ] C:\Windows\System32\ie4uinit.exe
15:05:07.0327 0x0a14  C:\Windows\System32\ie4uinit.exe - ok
15:05:07.0327 0x0a14  [ FB4EB9352B7D698E6B3C2AA2ED724DAD, 534AB280ACD29E88FD1BD8838E1231D9364E649C917547A838F51EC8AB941EE2 ] C:\Windows\SysWOW64\authz.dll
15:05:07.0327 0x0a14  C:\Windows\SysWOW64\authz.dll - ok
15:05:07.0327 0x0a14  [ 772F44012DBE49DE894976AE2259A659, 34C7E200D075087A4084EF8947D5FC5A2511CC02A8A34AF8CFEEB5691364E522 ] C:\Windows\SysWOW64\PeerDist.dll
15:05:07.0327 0x0a14  C:\Windows\SysWOW64\PeerDist.dll - ok
15:05:07.0327 0x0a14  [ C3C32FE6F59BF9863C924C7ED7328834, 98717226EE8D26E952C2FA8E9272D80911B60FBA6C9D20932CC99082D8D9D2C5 ] C:\Windows\System32\timedate.cpl
15:05:07.0327 0x0a14  C:\Windows\System32\timedate.cpl - ok
15:05:07.0327 0x0a14  [ 1E4BDDBD5A63059A97063339B4F8986F, 0EFBD43CEB83B4D72EDD7CE58F81504DFFB6C8E78A185DE1437CFC39E7EB90C0 ] C:\Windows\System32\actxprxy.dll
15:05:07.0327 0x0a14  C:\Windows\System32\actxprxy.dll - ok
15:05:07.0343 0x0a14  [ FBE8EBF528DC49B3DEB186CA9545D97E, 9A5BFB1975822B09C453DC62B241A6F4FC1F1F98D67506FB08A136AC4FA904F3 ] C:\Windows\System32\shdocvw.dll
15:05:07.0343 0x0a14  C:\Windows\System32\shdocvw.dll - ok
15:05:07.0343 0x0a14  [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
15:05:07.0343 0x0a14  C:\Windows\System32\linkinfo.dll - ok
15:05:07.0343 0x0a14  [ 46EDD0A6B42BA5D2044FA0909BE4BE95, 0007398C004C9AB40DA086A712AFAF1FB6C8D1D23821628F185ED49B2AD95EF5 ] C:\Windows\System32\msftedit.dll
15:05:07.0343 0x0a14  C:\Windows\System32\msftedit.dll - ok
15:05:07.0343 0x0a14  [ 2DD44566FF92EC81726C5FAFEFA3FE8B, A8F49AF8B443A8FCF10B6A7C2A52154760A2A8370028E89073E740E000B95D1F ] C:\Windows\SysWOW64\rtutils.dll
15:05:07.0343 0x0a14  C:\Windows\SysWOW64\rtutils.dll - ok
15:05:07.0343 0x0a14  [ 14F5C0DB4B2C47874D6C937A5A1B367C, B59C4FB22138F8F0C9B85337D79B8353C9A6722F83CF9DC16F0CDC289379F14A ] C:\Windows\System32\gameux.dll
15:05:07.0343 0x0a14  C:\Windows\System32\gameux.dll - ok
15:05:07.0343 0x0a14  [ 5F0E3FBF97F9AABBC6B7227B77F7E958, 6859E0380EE906FF243350B15C7F3CC469A4E771420F8C04AEDB925D9C8B2EF6 ] C:\Windows\SysWOW64\nvd3dum.dll
15:05:07.0343 0x0a14  C:\Windows\SysWOW64\nvd3dum.dll - ok
15:05:07.0343 0x0a14  [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{453DA640-49E0-44AE-8166-845CCAA77149}.tmp
15:05:07.0343 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{453DA640-49E0-44AE-8166-845CCAA77149}.tmp - ok
15:05:07.0343 0x0a14  [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{6B5F3E7F-504B-4175-AD23-C9C11D1ED497}.tmp
15:05:07.0343 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{6B5F3E7F-504B-4175-AD23-C9C11D1ED497}.tmp - ok
15:05:07.0359 0x0a14  [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{16691631-B49E-49A5-A24B-01D8A0FC8EA7}.tmp
15:05:07.0359 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{16691631-B49E-49A5-A24B-01D8A0FC8EA7}.tmp - ok
15:05:07.0359 0x0a14  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
15:05:07.0359 0x0a14  C:\Windows\System32\wer.dll - ok
15:05:07.0359 0x0a14  [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{60AA5A99-A29A-4BE8-A774-A65B3A87BCE7}.tmp
15:05:07.0359 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{60AA5A99-A29A-4BE8-A774-A65B3A87BCE7}.tmp - ok
15:05:07.0359 0x0a14  [ 7CB3ACB163DE051169095DC6507B8977, 45D4DEB0695440D8B5E959945B3F7A773E02E2AB305E316123A1064FC1905402 ] C:\Windows\System32\msls31.dll
15:05:07.0359 0x0a14  C:\Windows\System32\msls31.dll - ok


#12 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 15 February 2015 - 07:27 AM

and here is the final part. i am really sorry for this

 
15:05:07.0359 0x0a14  [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{2AF61B41-100E-4AA9-9801-EFEE6FB03526}.tmp
15:05:07.0359 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{2AF61B41-100E-4AA9-9801-EFEE6FB03526}.tmp - ok
15:05:07.0359 0x0a14  [ 17A7998CB5DA92020A291B85FF7B3681, 239E770C5433E25145DE036BBB23668435E4D1CC49597DB7595141A943EE0499 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
15:05:07.0359 0x0a14  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
15:05:07.0359 0x0a14  [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{ECB406ED-4CC3-40CA-ACEC-86920772B42A}.tmp
15:05:07.0359 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{ECB406ED-4CC3-40CA-ACEC-86920772B42A}.tmp - ok
15:05:07.0374 0x0a14  [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{11233337-062C-4C60-B4DF-2D2475258168}.tmp
15:05:07.0374 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{11233337-062C-4C60-B4DF-2D2475258168}.tmp - ok
15:05:07.0374 0x0a14  [ 7446797BEB4ED4B4326A8684095004E5, 037AB4FBD784F2D0042A1945CDB23BE6B59C794514F80401100132CDB7C585C7 ] C:\Windows\System32\igfxtray.exe
15:05:07.0374 0x0a14  C:\Windows\System32\igfxtray.exe - ok
15:05:07.0374 0x0a14  [ 0F6E4A9E95A57D2F4D6F9F10A9D3AE66, 216A379A8B40F8B4A84955F6788985A35D07FA616C61981C5B606EE85B19258B ] C:\Windows\System32\hccutils.dll
15:05:07.0374 0x0a14  C:\Windows\System32\hccutils.dll - ok
15:05:07.0374 0x0a14  [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{E93CAD9C-5722-4EF8-A913-8A50DB5E44A3}.tmp
15:05:07.0374 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{E93CAD9C-5722-4EF8-A913-8A50DB5E44A3}.tmp - ok
15:05:07.0374 0x0a14  [ DD76912E8D165C68659D9875256710A3, 0DDD342EBCC2EE2D023FF6E94A2DB2822A5CC38C747A9226B253BF99F8BCF639 ] C:\Windows\System32\DeviceCenter.dll
15:05:07.0374 0x0a14  C:\Windows\System32\DeviceCenter.dll - ok
15:05:07.0374 0x0a14  [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
15:05:07.0374 0x0a14  C:\Windows\System32\msiltcfg.dll - ok
15:05:07.0374 0x0a14  [ 436F233F692573830B7856BDEADBEFE7, 954008E0FF53AC20A878B64EAE093BE15E0A8C37D2736FE387180361EB331204 ] C:\Windows\System32\igfxsrvc.exe
15:05:07.0374 0x0a14  C:\Windows\System32\igfxsrvc.exe - ok
15:05:07.0374 0x0a14  [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{2A57BEED-C1A1-4380-A990-3AC8EADDC1F1}.tmp
15:05:07.0374 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{2A57BEED-C1A1-4380-A990-3AC8EADDC1F1}.tmp - ok
15:05:07.0390 0x0a14  [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{F0DD78B2-F9F1-431D-A16B-275DBA76A3E4}.tmp
15:05:07.0390 0x0a14  C:\Users\kamyab\AppData\Local\Temp\{4A4CF609-D3F4-4CD7-8699-72FFC6B1E696}\{F0DD78B2-F9F1-431D-A16B-275DBA76A3E4}.tmp - ok
15:05:07.0390 0x0a14  [ 0591EF4ED8785C8D271856B9350DAF24, E02295DFEBED9B4454DFAC8B066594418FC5C168BF3DEA94F9218CBBA9A5276C ] C:\Windows\System32\hkcmd.exe
15:05:07.0390 0x0a14  C:\Windows\System32\hkcmd.exe - ok
15:05:07.0390 0x0a14  [ F468C806267D46B68DB7EB32FBF0A103, 6454E84A39E4B6E11BEC99357ADBD1CA039F7BBDDF9036ACD8F3B0AB6608A60B ] C:\Windows\System32\thumbcache.dll
15:05:07.0390 0x0a14  C:\Windows\System32\thumbcache.dll - ok
15:05:07.0390 0x0a14  [ 1B5783B12FCB0CC6BF92D092247DE0E2, 1491A6A39B7B750A41C40DF470E5F7A98FE616809F9E815AFC06237A9D34C0C8 ] C:\Windows\System32\igfxpers.exe
15:05:07.0390 0x0a14  C:\Windows\System32\igfxpers.exe - ok
15:05:07.0390 0x0a14  [ 8ABA3F7183EF6441F2A04E8057258215, 36F91B153BBB69C67F12D6E59A21A0B38AA1343D2BE69D872C39D7AC65BB22C7 ] C:\Windows\System32\igfxsrvc.dll
15:05:07.0390 0x0a14  C:\Windows\System32\igfxsrvc.dll - ok
15:05:07.0390 0x0a14  [ 8BC7AE7E16458355508ECF5EC3A04E72, 39FE3D8E0D42D51809E33160DEA291E732615DB1C6EA24558B3731349F6F9A2E ] C:\Windows\System32\networkexplorer.dll
15:05:07.0390 0x0a14  C:\Windows\System32\networkexplorer.dll - ok
15:05:07.0390 0x0a14  [ E1B31A60ABFA6ADA34C6268017FE5F39, FE394D85DD8677EACA7969392109C9C604A3BB5202C41EF7AB5998FCCA6168D3 ] C:\Windows\System32\igfxdev.dll
15:05:07.0390 0x0a14  C:\Windows\System32\igfxdev.dll - ok
15:05:07.0390 0x0a14  [ 105CFE016CCB20175BEACEC146F175AB, BA21F40CDBF159EE4EACCBFB2A7D20EB9E1C2758883AF089A8E53EE478002E83 ] C:\Windows\System32\IccLibDll_x64.dll
15:05:07.0390 0x0a14  C:\Windows\System32\IccLibDll_x64.dll - ok
15:05:07.0405 0x0a14  [ 0EF2A6818FAE466418BF96A67B49FA13, 61753D230C3E17F741BA4EF0CD9E69D9AF6DA1279852AF7F8AC854F31A254881 ] C:\Windows\System32\igfxrenu.lrc
15:05:07.0405 0x0a14  C:\Windows\System32\igfxrenu.lrc - ok
15:05:07.0405 0x0a14  [ 562FB384A58BE53D4A5F5DF9B9592030, 738202E5995516AE8AC5B3C784F52B0428B00BB2F1F4D2633AC717540791579B ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll
15:05:07.0405 0x0a14  C:\Windows\Microsoft.NET\Framework\v4.0.30319\clrjit.dll - ok
15:05:07.0405 0x0a14  [ 3F0F15C238F458ED549F283F570A979E, 195BE079DF64B8DCBF3E6E3ACE2F805EED37E66289842F42E8C9728BAC074E5B ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System\79f6324a598a7c4446a4a1168be7c4b1\System.ni.dll
15:05:07.0405 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System\79f6324a598a7c4446a4a1168be7c4b1\System.ni.dll - ok
15:05:07.0405 0x0a14  [ F9F9EC5D096E82D51DA46AC7E6F43A62, 74C24869C74602ABB470B0A0974F515C019CA3C660F9687066310A4635B1F9DC ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
15:05:07.0405 0x0a14  C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe - ok
15:05:07.0405 0x0a14  [ 86037BF9D71D3DA147AFEA3EA7EB93DD, 5A410F7DCBC640CBAA9AEA1F29D68450FB2FF781EE8C259D3D1305C7297E0CC3 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
15:05:07.0405 0x0a14  C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe - ok
15:05:07.0405 0x0a14  [ 47D5A30FCDD9FF1594B9A1B4F8774BDB, 4A0C870E5566B1ACD499D012185A9F836D3AA1A3DD9BADBCCED72162792B540A ] C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll
15:05:07.0405 0x0a14  C:\Program Files (x86)\Bluetooth Suite\athr_debug.dll - ok
15:05:07.0405 0x0a14  [ B9C7FA39C3A177617F92A0571919E1FF, DAB822CB7171C538BC12B402A6C8809A78BA0BB7DD4FA64018726A81EB66A0F9 ] C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll
15:05:07.0405 0x0a14  C:\Program Files (x86)\Bluetooth Suite\Handsfree.dll - ok
15:05:07.0421 0x0a14  [ BCE6216F8DDDDB78B9200BA446DDFB33, 53A0C99B45F5B2CCBC72FDA03BCD22A87ADB595A6208EF58AECDF7B6AE3FE20F ] C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll
15:05:07.0421 0x0a14  C:\Program Files (x86)\Bluetooth Suite\RfcommLib.dll - ok
15:05:07.0421 0x0a14  [ B6AF89347F09756D74B38C50F6CB683A, 3FF7880B5EB6D77BA9FDC9C0CEDA2A336DE7849BD5230A659A425A7FA48EB8ED ] C:\Program Files (x86)\Bluetooth Suite\BTBIP.dll
15:05:07.0421 0x0a14  C:\Program Files (x86)\Bluetooth Suite\BTBIP.dll - ok
15:05:07.0421 0x0a14  [ 68881C6E8827C1704EB57A1C272AD578, E760DCCBAF19B7893EE706E5DE8A91C21172B2C2A86A2E2D027563A0E3E7986A ] C:\Program Files (x86)\Bluetooth Suite\SesMgr.dll
15:05:07.0421 0x0a14  C:\Program Files (x86)\Bluetooth Suite\SesMgr.dll - ok
15:05:07.0421 0x0a14  [ C249DAB310A9CAEC3F6E63B9B1BE51DF, 277AB904F3DA173646487DC9165451A0A4502725748CF7F52714A037F75C837C ] C:\Program Files (x86)\Bluetooth Suite\Sync.dll
15:05:07.0421 0x0a14  C:\Program Files (x86)\Bluetooth Suite\Sync.dll - ok
15:05:07.0421 0x0a14  [ 30F9BACA07F8251D7DD1805A9E919CE0, 7B6569B744EA9700957510CDDC8F02E7F47B99564B03E4784AA44EA89B750288 ] C:\Windows\System32\wdmaud.drv
15:05:07.0421 0x0a14  C:\Windows\System32\wdmaud.drv - ok
15:05:07.0421 0x0a14  [ 202D9D32F8384091DC88D3BFBCBEAEA4, C2BD3CC17703EF73390ABDAAAF38636E76D64B1E473FD71DE567D01FEBF09ACA ] C:\Program Files (x86)\Bluetooth Suite\utils.dll
15:05:07.0421 0x0a14  C:\Program Files (x86)\Bluetooth Suite\utils.dll - ok
15:05:07.0421 0x0a14  [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
15:05:07.0421 0x0a14  C:\Windows\System32\drprov.dll - ok
15:05:07.0421 0x0a14  [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
15:05:07.0421 0x0a14  C:\Windows\System32\ksuser.dll - ok
15:05:07.0437 0x0a14  [ 7273921B6DDFEFF3A8567B9800C5673A, DBDC60F5BDBB8428537452893A0ED76695D18F98218911B84A37ABE133BBECA2 ] C:\Windows\System32\ntlanman.dll
15:05:07.0437 0x0a14  C:\Windows\System32\ntlanman.dll - ok
15:05:07.0437 0x0a14  [ 91FBF3F31656B3C609D1BF8C0F1D3E9E, 63C4736C55A51D13740635B5FDFB2EB4C1C10BAB8904CA0C9C74E2B39AADF71A ] C:\Program Files (x86)\Bluetooth Suite\phonebook.dll
15:05:07.0437 0x0a14  C:\Program Files (x86)\Bluetooth Suite\phonebook.dll - ok
15:05:07.0437 0x0a14  [ 73A1430ABA9119A2C25892EF9C3CB7A1, 275E19C5398BB327C28993229E4569D7AAF453DF2E70DE66E95B928680F0EC8A ] C:\Windows\System32\davclnt.dll
15:05:07.0437 0x0a14  C:\Windows\System32\davclnt.dll - ok
15:05:07.0437 0x0a14  [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
15:05:07.0437 0x0a14  C:\Windows\System32\davhlpr.dll - ok
15:05:07.0437 0x0a14  [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
15:05:07.0437 0x0a14  C:\Windows\System32\msacm32.dll - ok
15:05:07.0437 0x0a14  [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
15:05:07.0437 0x0a14  C:\Windows\System32\msacm32.drv - ok
15:05:07.0437 0x0a14  [ F4F531DF7DD41D3A04B633F2C73C1E47, 05F55A6BA5581E5D43B1BA4C181A407B7EDB5A1DCC9C96ED5B8ED7AC6467AA85 ] C:\Program Files (x86)\Bluetooth Suite\goep.dll
15:05:07.0437 0x0a14  C:\Program Files (x86)\Bluetooth Suite\goep.dll - ok
15:05:07.0437 0x0a14  [ 77B61BA0EB74B23E21D24BC8F226439F, AA3238938D4363CD045F217AAA7A623FDF47964D06CD9429665C86492B58B1D0 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
15:05:07.0437 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe - ok
15:05:07.0452 0x0a14  [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
15:05:07.0452 0x0a14  C:\Windows\System32\midimap.dll - ok
15:05:07.0452 0x0a14  [ 8FCCEE7F903AEF78ABB1EB9FFEA62067, 100206CC2EC8D8CFB1480393E3285ADC9E7110A45FEBEDD1061FC4210D467D00 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
15:05:07.0452 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe - ok
15:05:07.0452 0x0a14  [ E2ACCEC6C995A7D45207548CCA737BDB, DA99898862F931B4872C772CE3A8805B926E4B701AF1E9FC83D333DA1A0CFD48 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.dll
15:05:07.0452 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.dll - ok
15:05:07.0452 0x0a14  [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
15:05:07.0452 0x0a14  C:\Windows\System32\AudioEng.dll - ok
15:05:07.0452 0x0a14  [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\msvcr100.dll
15:05:07.0452 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\msvcr100.dll - ok
15:05:07.0452 0x0a14  [ C3F1177702EBF1E5489DE0FD71A52E0C, 566FA42B076563E779EBEB1BD873AEF422D51B82EF1FE6CEBF8F5FD04C3A3C84 ] C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll
15:05:07.0452 0x0a14  C:\Program Files (x86)\Bluetooth Suite\OutLookLib.dll - ok
15:05:07.0452 0x0a14  [ AED6D63CFA5A3EF7021AF9C457FEE994, B4BFA27F677295B00A1DF9A7E14DB4B75CAC2DD41B898D4E9A378ECCCE3699F0 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\msvcr100.dll
15:05:07.0452 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\msvcr100.dll - ok
15:05:07.0468 0x0a14  [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
15:05:07.0468 0x0a14  C:\Windows\System32\AUDIOKSE.dll - ok
15:05:07.0468 0x0a14  [ 60CC15392FF14DCB9C29C69B3233741B, 458FB3DCDC4828D5C5625517D074795A706A545FB8D0FF46C5981A118D846A66 ] C:\Windows\System32\stobject.dll
15:05:07.0468 0x0a14  C:\Windows\System32\stobject.dll - ok
15:05:07.0468 0x0a14  [ 86B6AC0FD2881B3D20B80F51C7152AE0, BF1A04E0B00159925E716CD3A72CD40FD4BDD7D05684932A91629373CE524186 ] C:\Windows\System32\batmeter.dll
15:05:07.0468 0x0a14  C:\Windows\System32\batmeter.dll - ok
15:05:07.0468 0x0a14  [ 90618E03CEE5E264E08D816FE63E3DE0, 25BE81455616E6B27282A9D8BD7F909062917C9C0E6A9D176D4EAAE0094CD828 ] C:\Windows\System32\RtkAPO64.dll
15:05:07.0468 0x0a14  C:\Windows\System32\RtkAPO64.dll - ok
15:05:07.0468 0x0a14  [ FD049C25A168D3DE310D9207B7B6367B, 48966605E7CF87996068AC1A2E563F90F6F152E710323792C633E10BCBA480E4 ] C:\Windows\SysWOW64\UIAutomationCore.dll
15:05:07.0468 0x0a14  C:\Windows\SysWOW64\UIAutomationCore.dll - ok
15:05:07.0468 0x0a14  [ 860D490CAAA940DFB0C93F4A199E59FE, 29B37D2BDDD0A999930C76F19FB2CAE32893B70F49C17AE25014A51C11820594 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
15:05:07.0468 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe - ok
15:05:07.0468 0x0a14  [ 6EC594AB7EFA45EACDE65FD4040F53D9, A2119AFC55B1231A838C9FD98F50DA9AA85E26EAF1991E8EFF27ADB7C7C3D250 ] C:\Windows\SysWOW64\riched20.dll
15:05:07.0468 0x0a14  C:\Windows\SysWOW64\riched20.dll - ok
15:05:07.0483 0x0a14  [ 73E53A550E43935CC139E95C4893A9BB, E24BBCBEDDB6A8E7AC1E7701B65C92456F47CFE3BF22B6ACBBE393BBDDAD3736 ] C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll
15:05:07.0483 0x0a14  C:\Program Files\NVIDIA Corporation\Display\nvsmartmax64.dll - ok
15:05:07.0483 0x0a14  [ 1D3B239AA7111C11AB81E286772E8CC1, 24AA80FA019F17A975A70EB4B4A2FA37526EED680A06F39BF714310A4EA000F3 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c4477b3ce64d0d612d1ab0dba425b77f\System.Drawing.ni.dll
15:05:07.0483 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Drawing\c4477b3ce64d0d612d1ab0dba425b77f\System.Drawing.ni.dll - ok
15:05:07.0483 0x0a14  [ 950CDF8CF48AE41B28CF326F2895DFE2, C76D40E02E05B8D6451A1ACF03F7E00BB80ED608F2018292048BCF130E22A36D ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
15:05:07.0483 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe - ok
15:05:07.0483 0x0a14  [ E679EECE10D490CC3E7F430812098266, 518DF4A0C1827750967BF868A886914191B2E19798FC1D15295EA380A2C41BA8 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPStrike.dll
15:05:07.0483 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPStrike.dll - ok
15:05:07.0483 0x0a14  [ 556A74975E52F0853FCE02C05F83F9FF, 83D195C3AB47327B8B89BAAA75FCC1863413FB029AF3532DE8FCC736448B1D5A ] C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
15:05:07.0483 0x0a14  C:\Program Files\NVIDIA Corporation\Display\nvtray.exe - ok
15:05:07.0483 0x0a14  [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
15:05:07.0483 0x0a14  C:\Windows\System32\oledlg.dll - ok
15:05:07.0483 0x0a14  [ 448617EC159B2C9B2772BA810A8F5877, D45F42ACB9BB0B268CC201AE7F60D2EB51BAE3DDB0A60B538AB5D2FF57B66E09 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.dll
15:05:07.0483 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.dll - ok
15:05:07.0499 0x0a14  [ AED6D63CFA5A3EF7021AF9C457FEE994, B4BFA27F677295B00A1DF9A7E14DB4B75CAC2DD41B898D4E9A378ECCCE3699F0 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\msvcr100.dll
15:05:07.0499 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\msvcr100.dll - ok
15:05:07.0499 0x0a14  [ 24FB3B7972D3ECB036AE75DE375C6405, A9456D3619864FC1F58CB344C934922E491D2A8516CE1DF71F40D238F824984C ] C:\Program Files (x86)\Bluetooth Suite\BPP.dll
15:05:07.0499 0x0a14  C:\Program Files (x86)\Bluetooth Suite\BPP.dll - ok
15:05:07.0499 0x0a14  [ E023A3112FDDBADB8FAEDFA73CEEE388, 909DEDD2BBF6368A55675F0B159BA100D5572DE938785310E271B8DFFF9D4561 ] C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll
15:05:07.0499 0x0a14  C:\Program Files (x86)\Bluetooth Suite\L2capLib.dll - ok
15:05:07.0499 0x0a14  [ 9110FFAD124283F37D38771BB60556AF, BB495FDF86B7C3DD7878C496090A624CE8FE68F61166C91A4C99EF1140F0AD23 ] C:\Windows\System32\dsound.dll
15:05:07.0499 0x0a14  C:\Windows\System32\dsound.dll - ok
15:05:07.0499 0x0a14  [ 99829F5F2B0742CEEE5DD82FBE2E6FAF, 87FB03D85B85D08927EA5BEC1D18587D1769D0DA4D61BEB5957820A22294DFD1 ] C:\Windows\System32\msxml3.dll
15:05:07.0499 0x0a14  C:\Windows\System32\msxml3.dll - ok
15:05:07.0499 0x0a14  [ 8E37B56FF9C8962FAF941B3C6709D045, 0D716D8169A78953F064773B1F896F42373CE28942101A84337925C80E0C4971 ] C:\Program Files (x86)\Bluetooth Suite\sim.dll
15:05:07.0499 0x0a14  C:\Program Files (x86)\Bluetooth Suite\sim.dll - ok
15:05:07.0499 0x0a14  [ F1A80B20EC4938F606AE3DDC2D6B2145, AF785BEB46C2A5D53332A9EC06832164515955A96002CC0094989C09965E43A3 ] C:\Program Files (x86)\Bluetooth Suite\gatts.dll
15:05:07.0499 0x0a14  C:\Program Files (x86)\Bluetooth Suite\gatts.dll - ok
15:05:07.0499 0x0a14  [ 8898C95862D03D16B2A06DB4DB6BB6B2, DFD06AA65AC6A8BBF24FFDF8355098C3BB0A54400A77EBFDB845B6A47733D8B2 ] C:\Windows\SysWOW64\ExplorerFrame.dll
15:05:07.0499 0x0a14  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
15:05:07.0515 0x0a14  [ E36112A8A6C7F840169A7E92C12F4203, 52795B2E6ECCE751EEF5074AF52FDE376A382D0A1C43B90DD4F77A397C00FBC5 ] C:\Windows\System32\wsock32.dll
15:05:07.0515 0x0a14  C:\Windows\System32\wsock32.dll - ok
15:05:07.0515 0x0a14  [ 03E0955A7D8E5E74E7F6986A56A66196, 53471761EC1F22F3FC6E60770A60338F538DFD2CC74B081AD378F43B62BD80A5 ] C:\Windows\System32\MaxxAudioAPO30.dll
15:05:07.0515 0x0a14  C:\Windows\System32\MaxxAudioAPO30.dll - ok
15:05:07.0515 0x0a14  [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
15:05:07.0515 0x0a14  C:\Windows\System32\WMALFXGFXDSP.dll - ok
15:05:07.0515 0x0a14  [ 36FB66B25DF15149D5010DA67EFB6AB1, 8468AA1BA8EED51E10282F23659CF4B630AD2CBE9BE7178C9B602153820504DA ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\05ca0ca95b6fcc0d710b63b6200cc178\System.Windows.Forms.ni.dll
15:05:07.0515 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\05ca0ca95b6fcc0d710b63b6200cc178\System.Windows.Forms.ni.dll - ok
15:05:07.0515 0x0a14  [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
15:05:07.0515 0x0a14  C:\Windows\System32\mfplat.dll - ok
15:05:07.0515 0x0a14  [ CCC2990D218899C9D4EA36CD520DD29A, C78FD6490778DBFA174DDAEEB60E1C610F4E8AA24C35752E9CAE331BD27B7058 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:05:07.0515 0x0a14  C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe - ok
15:05:07.0515 0x0a14  [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:05:07.0515 0x0a14  C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe - ok
15:05:07.0530 0x0a14  [ 4FB1F2F9B02FA1138CACD2DEA3F5AEC8, 99582C21200B511C08CB2559028F25186660C362C75CD74DB99FDF8C2EC1450A ] C:\Windows\System32\riched20.dll
15:05:07.0530 0x0a14  C:\Windows\System32\riched20.dll - ok
15:05:07.0530 0x0a14  [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll
15:05:07.0530 0x0a14  C:\Windows\System32\UIAutomationCore.dll - ok
15:05:07.0530 0x0a14  [ 5A662F668767C6A3228391859113F6AD, 56B7D7C23F4E2232B067B65D5B5EB43DCFD60A1B89855DC9A14A58A91311C176 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL
15:05:07.0530 0x0a14  C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXMLMF.DLL - ok
15:05:07.0530 0x0a14  [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
15:05:07.0530 0x0a14  C:\Windows\SysWOW64\duser.dll - ok
15:05:07.0530 0x0a14  [ EFD63099ED552D8B2410D78ECA4AA040, 3EAF3EE7D3E86039D9ED82372320547B614E9C79D21E98F2D153BEF38CBCA589 ] C:\Windows\System32\wpdshext.dll
15:05:07.0530 0x0a14  C:\Windows\System32\wpdshext.dll - ok
15:05:07.0530 0x0a14  [ 19E824ABC785E21174A5DB50AA8090C5, 49EBF37DC6B96155BAFC8B744DBC2E09D15143AFD9BE1504319F2D4BC52B118E ] C:\Program Files (x86)\Bluetooth Suite\BtCommonRes.dll
15:05:07.0530 0x0a14  C:\Program Files (x86)\Bluetooth Suite\BtCommonRes.dll - ok
15:05:07.0530 0x0a14  [ 651F169718CC46C8A9264880C538D5FF, D93EB53F909EA1120D647BA672481E0150CD3EC3C86D4B80BDC0E4670D34D2D9 ] C:\Windows\System32\prnfldr.dll
15:05:07.0530 0x0a14  C:\Windows\System32\prnfldr.dll - ok
15:05:07.0530 0x0a14  [ 0805289E121F3E3C458C970B08314EB2, D9B448A04C09F525F599D0369CF9A197F471AABDA0A97201760C46D2EB8F3CDE ] C:\Windows\System32\RtkCfg64.dll
15:05:07.0530 0x0a14  C:\Windows\System32\RtkCfg64.dll - ok
15:05:07.0546 0x0a14  [ 58B71D22FADC52F701D75A5771BBEEF2, 7A21D31BFF881E4FD16B5F364F37442099AD32DDA8BE28FF37C083688B46FEB5 ] C:\Windows\System32\MaxxAudioAPOShell64.dll
15:05:07.0546 0x0a14  C:\Windows\System32\MaxxAudioAPOShell64.dll - ok
15:05:07.0546 0x0a14  [ A658CDE3B23B01BE98347504566F2A46, E8E7D0E1F49D672947B735A6735CFA1E2BC5539095F0667E3AF4F42E636BAA20 ] C:\Windows\System32\dxtrans.dll
15:05:07.0546 0x0a14  C:\Windows\System32\dxtrans.dll - ok
15:05:07.0546 0x0a14  [ 93FD4CF3A08F7C4EACB4E11C8AB617BD, 91B9E09CC64C2E7C8C8319C4914ED5BFBAF13A106B7474BF9C336910E65A94BD ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
15:05:07.0546 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe - ok
15:05:07.0546 0x0a14  [ 594F39871E3186EB8E0135C7E2CC5258, 752C2EA011F6F819D40CB5C9A94380421EB3BD0774081F01C007DF8490911A92 ] C:\Windows\SysWOW64\nvwgf2um.dll
15:05:07.0546 0x0a14  C:\Windows\SysWOW64\nvwgf2um.dll - ok
15:05:07.0546 0x0a14  [ EECC2720D19D5662EC78FEB7C78E0B7A, A0D4BED9BB97E0976325CAA0DB67AE1A5C632C4DBEADC678979A1D75AAF83CB8 ] C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll
15:05:07.0546 0x0a14  C:\Program Files (x86)\Bluetooth Suite\ShellContextExt.dll - ok
15:05:07.0546 0x0a14  [ B10378B42F3BED7868D88C09F051718B, 697A1A8152BBFD25CB71BCF12E9B8D22E71DCD26F04E6AE40CD6BB0B0590F65D ] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
15:05:07.0546 0x0a14  C:\Program Files (x86)\Internet Download Manager\IDMan.exe - ok
15:05:07.0546 0x0a14  [ 913C2E4A03201644FC986EDEB5F8A390, C635EE4A2A309EB8C550F6F0B1A0723AA7317C9B3396641D9EA9231255944C6F ] C:\Windows\System32\DXP.dll
15:05:07.0546 0x0a14  C:\Windows\System32\DXP.dll - ok
15:05:07.0546 0x0a14  [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
15:05:07.0546 0x0a14  C:\Windows\SysWOW64\dui70.dll - ok
15:05:07.0561 0x0a14  [ 8518BFA5ABE71B43A12382D927E873CA, 1C4A1CD2F7C4291133665E44F5D8085825AF0C24B3982010977FBCF839EAE37B ] C:\Program Files\NVIDIA Corporation\Display\nvuir.dll
15:05:07.0561 0x0a14  C:\Program Files\NVIDIA Corporation\Display\nvuir.dll - ok
15:05:07.0561 0x0a14  [ A6C09924C6730DE8DEED9890A12AA691, 46EACBC27D15FD43431812D6CA770982178C07246AF3A1C2E0D40D745A1D5758 ] C:\Windows\System32\ddraw.dll
15:05:07.0561 0x0a14  C:\Windows\System32\ddraw.dll - ok
15:05:07.0561 0x0a14  [ 4938A4350327E1A5DEB0CD134AC1AAA3, 2F248CD60508EF43040F952CB1FF5AAB91AE3235760997379B71ACC28E8B698E ] C:\Windows\System32\ddrawex.dll
15:05:07.0561 0x0a14  C:\Windows\System32\ddrawex.dll - ok
15:05:07.0561 0x0a14  [ F60B6FA0D353DD31A59E86D3D3FD8066, 3F05831A227DF1181AADDA434A1F625E05096E466C283BD794F412579D9D3D3F ] C:\Windows\System32\imgutil.dll
15:05:07.0561 0x0a14  C:\Windows\System32\imgutil.dll - ok
15:05:07.0561 0x0a14  [ 585FED4CDB8034B8B58AEB8008255817, 13D1055929D79598C04A4AB66EF3DBAADD265F9D1C3F43E84531238D2526A1AE ] C:\Windows\System32\opengl32.dll
15:05:07.0561 0x0a14  C:\Windows\System32\opengl32.dll - ok
15:05:07.0561 0x0a14  [ B89CB7F3F1A1E2807E708F5435DEB13D, 27D26AAB42F7CAB35BF51D0536C67ED553FC97B670226B868805E7C6927E5C87 ] C:\Program Files (x86)\Razer\Razer Services\GSS\log4net.dll
15:05:07.0561 0x0a14  C:\Program Files (x86)\Razer\Razer Services\GSS\log4net.dll - ok
15:05:07.0561 0x0a14  [ 2DB814F0FB80448D73F35F854B5DA507, BCB781EEFE5033E49E5CFFC82A27FB548D2E374D90CBF193DD3053958E032203 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1f56d5786274992934de0c900431c447\System.Configuration.ni.dll
15:05:07.0561 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Configuration\1f56d5786274992934de0c900431c447\System.Configuration.ni.dll - ok
15:05:07.0561 0x0a14  [ 8BC00C736E67A75D936E5B440917359B, 66809F59D064113763DA75F68F5BD0874CB3A954BD4FF6E28BBF0BF311984E89 ] C:\Windows\System32\ActionCenter.dll
15:05:07.0561 0x0a14  C:\Windows\System32\ActionCenter.dll - ok
15:05:07.0577 0x0a14  [ 29C22748937F45C26590909E9F8E7137, A5BDF782D610BE023D52B7D8CC5EBD0C41A2B118515899D820DA3BA3220AED70 ] C:\Windows\System32\dciman32.dll
15:05:07.0577 0x0a14  C:\Windows\System32\dciman32.dll - ok
15:05:07.0577 0x0a14  [ F773D2ED090B7BAA1C1A034F3CA476C8, C8DD8BE37CFEA0DB1B7FC94946381B60553848002E6170E0BEC3FEE40295DF1F ] C:\Windows\System32\drivers\srv2.sys
15:05:07.0577 0x0a14  C:\Windows\System32\drivers\srv2.sys - ok
15:05:07.0577 0x0a14  [ 502FA6BD01D9141D34C2FCA8F8726E3F, 078D88854404F989445725B3693F1B22B8C25F5DCCD9AD5B15AE0E6521FB04D7 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
15:05:07.0577 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe - ok
15:05:07.0577 0x0a14  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
15:05:07.0577 0x0a14  C:\Windows\System32\Syncreg.dll - ok
15:05:07.0577 0x0a14  [ B1FDCFFF7609E121C10751A669AB1611, 1181542D9CFD63FB00C76242567446513E6773EA37DB6211545629BA2ECF26A1 ] C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll
15:05:07.0577 0x0a14  C:\Windows\winsxs\amd64_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_8448b2bd328df189\mfc80u.dll - ok
15:05:07.0577 0x0a14  [ 6125E0AAF2814B0513C3FE80B1ECE4FA, AFA828D1D0FB4DC9099C32DE41C2BA413E45061C5D6DF67977E0E6EA7931B2DD ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
15:05:07.0577 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe - ok
15:05:07.0577 0x0a14  [ 351FABD5E4577EF2BCF5407D07725798, B6CC42BACB5BBC3F52EB91B383C8243D69D2B4CCE3F7A9DAC0E2B668D134472E ] C:\Program Files\NVIDIA Corporation\Update Core\NvGFTrayPlugin.dll
15:05:07.0577 0x0a14  C:\Program Files\NVIDIA Corporation\Update Core\NvGFTrayPlugin.dll - ok
15:05:07.0593 0x0a14  [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\kamyab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
15:05:07.0593 0x0a14  C:\Users\kamyab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe - ok
15:05:07.0593 0x0a14  [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
15:05:07.0593 0x0a14  C:\Windows\ehome\ehSSO.dll - ok
15:05:07.0593 0x0a14  [ 66920354B984D4A3848A84B4E66745EA, 3F98352A38512C81FAF2C3FE6F00D766B33111A0EA5F7B43B0DBF5A2952B5F79 ] C:\Windows\System32\netshell.dll
15:05:07.0593 0x0a14  C:\Windows\System32\netshell.dll - ok
15:05:07.0593 0x0a14  [ E2A16B931CD79259D568842FD1A8952E, 8F72A4029C58E301E9EAE5321E4D9D090ABFCC627D6E20E8096E7DB754A1D3A8 ] C:\Windows\System32\nvspcap64.dll
15:05:07.0593 0x0a14  C:\Windows\System32\nvspcap64.dll - ok
15:05:07.0593 0x0a14  [ 0728937194E98613051F4A72C7F1D4BF, 29092E49A4EF0F5C5C2C9637242A03749AA851E567DB0192B3936C4FA8A72496 ] C:\Windows\System32\pngfilt.dll
15:05:07.0593 0x0a14  C:\Windows\System32\pngfilt.dll - ok
15:05:07.0593 0x0a14  [ F2967C0A97C0EA67D79D7F557213950D, 65516C83DCB3F952CD4454636B61CC2F153AF6BEEBC352463791D92F7F500F52 ] C:\Windows\System32\glu32.dll
15:05:07.0593 0x0a14  C:\Windows\System32\glu32.dll - ok
15:05:07.0593 0x0a14  [ A403088619D575D43AA0C46AD56BB203, CAD0AD467EBF5018B7EB874CD4B6C12D855C8ECDCBDB6DDE3E7C0F2B3CD854D3 ] C:\Windows\SysWOW64\nvoglv32.dll
15:05:07.0593 0x0a14  C:\Windows\SysWOW64\nvoglv32.dll - ok
15:05:07.0593 0x0a14  [ F59E095B0BEF0CEED72DB039DAC3CD68, AEB52F99D488C723BC254C2C4828636D901B4138F7E9B9E09285A65A51F8E920 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll
15:05:07.0593 0x0a14  C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_88e41e092fab0294\msvcp80.dll - ok
15:05:07.0608 0x0a14  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
15:05:07.0608 0x0a14  C:\Windows\System32\AltTab.dll - ok
15:05:07.0608 0x0a14  [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
15:05:07.0608 0x0a14  C:\Windows\System32\FXSST.dll - ok
15:05:07.0608 0x0a14  [ 74BAB98D3D40DF4287B63790E8EFFBF6, BA858910F80A875C07E240D2FE48F5A7658F4499BEDE500DC8D059E4E0C56B41 ] C:\Program Files\NVIDIA Corporation\Update Core\NvGFTrayPluginr.dll
15:05:07.0608 0x0a14  C:\Program Files\NVIDIA Corporation\Update Core\NvGFTrayPluginr.dll - ok
15:05:07.0608 0x0a14  [ 442235AC4F20B195F932990CAE47408E, 811A03A5D7C03802676D2613D741BE690B3461022EA925EB6B2651A5BE740A4C ] C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll
15:05:07.0608 0x0a14  C:\Windows\winsxs\amd64_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_bc20f59b0bdd1acd\mfc80ENU.dll - ok
15:05:07.0608 0x0a14  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:05:07.0608 0x0a14  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe - ok
15:05:07.0608 0x0a14  [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:05:07.0608 0x0a14  C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe - ok
15:05:07.0608 0x0a14  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
15:05:07.0608 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe - ok
15:05:07.0624 0x0a14  [ 5041D28614C0278A089BEF977C501439, 50ACA3732812039E1B43C22B917EA57A68822EDD658494854662204C7EE1AC9C ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
15:05:07.0624 0x0a14  C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe - ok
15:05:07.0624 0x0a14  [ 0610E1989914B6DA54165A4F2C766721, CFFDCA465C9A6988A747C08346B9A122A4DB08AACE42B8AEB4AE410981044892 ] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
15:05:07.0624 0x0a14  C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe - ok
15:05:07.0624 0x0a14  [ 36CD605A0DDAFCBC3882B3B3152D5564, 0CD799F2E534D63B6D93D2A7534AD078FE14714F923D158DFEF74C4DD0E5021E ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
15:05:07.0624 0x0a14  C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe - ok
15:05:07.0624 0x0a14  [ B239253EF9A917EEDB5CD567079F0CDB, 1E54D3412990A8F8A1FDC31B2FED4D413E3D549E65CB8098AFD971FABD5DC3B2 ] C:\Windows\System32\igdumd64.dll
15:05:07.0624 0x0a14  C:\Windows\System32\igdumd64.dll - ok
15:05:07.0624 0x0a14  [ 34E6D8C67E7FD7C917BECFECA326B168, 23A0BD68C969E795DA55041982672550DC1557BC64D3C42D76AFD6A3F83AD33F ] C:\Windows\System32\FXSAPI.dll
15:05:07.0624 0x0a14  C:\Windows\System32\FXSAPI.dll - ok
15:05:07.0624 0x0a14  [ 0E245A12C90A46C6CFD2FC1291F6E0AF, F548F9FCB0DAD3F045CDA8DCCF1AA51E5B121BF43A20F3629351ADED03E0B4B1 ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll
15:05:07.0624 0x0a14  C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.dll - ok
15:05:07.0624 0x0a14  [ 18CFCEF4FED80273563715BB6CF4C474, 1C8DE2DBDB6F18083C0ECDBB3F39EFBC11876E8946F4C48D75FB8E3A3B9E30A1 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll
15:05:07.0624 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiHips.dll - ok
15:05:07.0639 0x0a14  [ 8CC49A86913E96A1F208E7BC4F4AD409, 3C98F139546D67ABBC48C9F30085EB087D9E6A53C18C92A9A09CD701600DF1F5 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll
15:05:07.0639 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiScan.dll - ok
15:05:07.0639 0x0a14  [ 0E008BF5B54126FEDCE904AAA460A00C, 7D29811D7A5C857DD3A76F2D545E97C3C9FA330D425FA94C3C61EB0091134F2C ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll
15:05:07.0639 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiAmon.dll - ok
15:05:07.0639 0x0a14  [ 9993AA0AC4548253ACA114AC495B971B, 620D29C1ACBC4E74827771E8643CC8568643C2859E0A86C974EEC0D1E1DD8FE0 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll
15:05:07.0639 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEmon.dll - ok
15:05:07.0639 0x0a14  [ D7D32CB045ADAC24500DF058BD9CC2D9, C8113B1EC22DDB4BA04EDF42CA458E5B789859F0B7E0A58F3C3FCFE5518D57CE ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll
15:05:07.0639 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiDmon.dll - ok
15:05:07.0639 0x0a14  [ 09EDFCBED80D1608954B8833CC4B89A9, 5E38B12216598F7CF56A2E602E08BA691FA465728E7648C148E446659B83CB8A ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll
15:05:07.0639 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiEpfw.dll - ok
15:05:07.0639 0x0a14  [ 653F176AE75AC4722CDD264D31D27F1A, E497573173F85BE72615D0A824319981920A8CE423D00B1B435B9C8CFF31C2F3 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll
15:05:07.0639 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiUpdate.dll - ok
15:05:07.0639 0x0a14  [ C20A1C67340ACC6FE1ED82448F22D0B2, 4FED202508163C3988E371204A5B37C70CB04B87A569AE0932E026D55D605665 ] C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll
15:05:07.0639 0x0a14  C:\Program Files\ESET\ESET NOD32 Antivirus\eguiMailPlugins.dll - ok
15:05:07.0639 0x0a14  [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
15:05:07.0639 0x0a14  C:\Windows\SysWOW64\SensApi.dll - ok
15:05:07.0655 0x0a14  [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
15:05:07.0655 0x0a14  C:\Windows\System32\FXSRESM.dll - ok
15:05:07.0655 0x0a14  [ CA0C67BA7AEBA6AED5DDB852E6EEA811, 1C52B50019786CE77C3338F470A9193F90F71080196198357744CB065B7C6851 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
15:05:07.0655 0x0a14  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
15:05:07.0655 0x0a14  [ 58B8702C20DE211D1FCB248D2FDD71D1, B2F6E3BA6FB5250F0E70555B39D34F19ADA760BDDA7E1A44113B97C3A1FD3F8B ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe
15:05:07.0655 0x0a14  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\reader_sl.exe - ok
15:05:07.0655 0x0a14  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Program Files (x86)\Western Digital\WD SmartWare\msvcr100.dll
15:05:07.0655 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\msvcr100.dll - ok
15:05:07.0655 0x0a14  [ FD4F95ABDE5603478C929B6CB0BDCFFF, 9CDF8BD864CB5714CC2CF7F7A5612FEEDDAE6B92DD14F794946E565F235AA59F ] C:\Windows\System32\pnidui.dll
15:05:07.0655 0x0a14  C:\Windows\System32\pnidui.dll - ok
15:05:07.0655 0x0a14  [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\SysWOW64\oledlg.dll
15:05:07.0655 0x0a14  C:\Windows\SysWOW64\oledlg.dll - ok
15:05:07.0655 0x0a14  [ C10459DBDC2099C5A8428CB7D87DB85F, 8423A61CC42A1E8BF1B093D172C629D2F5915873BAD3DDA2A28C9D6006930E46 ] C:\Windows\SysWOW64\olepro32.dll
15:05:07.0655 0x0a14  C:\Windows\SysWOW64\olepro32.dll - ok
15:05:07.0671 0x0a14  [ B4EFEEFBAC0F0C633146534FEF393DDF, 07CDDB2F78C15A78DEF790528D0D7C3A2EF567B9D66AA56AD6C77D21DF495724 ] C:\Program Files (x86)\Internet Download Manager\idmvs.dll
15:05:07.0671 0x0a14  C:\Program Files (x86)\Internet Download Manager\idmvs.dll - ok
15:05:07.0671 0x0a14  [ 5FC2D30C05487B480C2A154D5D281BA0, 51D856E6E6C4BC75E96BFE6F1CBD1E49A7D6E9C7C673963DDB03FF5504E5947F ] C:\Windows\SysWOW64\connect.dll
15:05:07.0671 0x0a14  C:\Windows\SysWOW64\connect.dll - ok
15:05:07.0671 0x0a14  [ D2DB8C497FE7F5F7CCD00E57E313A34E, DA722C4D40F1306479AEE198C9D280BACFB4A515F3B8E0132A2FEC9DD8970726 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDIO.dll
15:05:07.0671 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDIO.dll - ok
15:05:07.0671 0x0a14  [ EC8F67289105BF270498095F14963464, 454031C8AE06511DD13DBAA613B983516AF937590FB2B8C6ADC273D018D30858 ] C:\Windows\System32\drivers\srv.sys
15:05:07.0671 0x0a14  C:\Windows\System32\drivers\srv.sys - ok
15:05:07.0671 0x0a14  [ B5FB98ED9DF200630436345463C7E6BB, 110B2E217C995BB43A18CA2606A1D5FDF88638356931AD81BF266D144C466ABD ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackup.dll
15:05:07.0671 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackup.dll - ok
15:05:07.0671 0x0a14  [ ACCBA604D34842844133A731F8045B32, F4F7987A7A06823B8D34BD1D54390F33A4523C934F289ED2A5EBB457B16329F2 ] C:\Windows\SysWOW64\sxs.dll
15:05:07.0671 0x0a14  C:\Windows\SysWOW64\sxs.dll - ok
15:05:07.0671 0x0a14  [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
15:05:07.0671 0x0a14  C:\Windows\SysWOW64\atl.dll - ok
15:05:07.0671 0x0a14  [ F7611E0F05B4EB272102CA9883CA98A7, 360657BFB2FAE5065967CB2685C12B7CDADE79DD568BB9F55A2B2D775E07E889 ] C:\Windows\SysWOW64\netshell.dll
15:05:07.0671 0x0a14  C:\Windows\SysWOW64\netshell.dll - ok
15:05:07.0686 0x0a14  [ E3C817F7FE44CC870ECDBCBC3EA36132, D769FAFA2B3232DE9FA7153212BA287F68E745257F1C00FAFB511E7A02DE7ADF ] C:\Windows\SysWOW64\msvcp100.dll
15:05:07.0686 0x0a14  C:\Windows\SysWOW64\msvcp100.dll - ok
15:05:07.0686 0x0a14  [ 71ECC01F9928873A5DEB5B475C0F2429, 608B7D5EFB980CBCC519A039C85EF86E4DD12CCFCA6884675615BBE6DAAF6582 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll
15:05:07.0686 0x0a14  C:\Windows\Microsoft.NET\Framework\v4.0.30319\nlssorting.dll - ok
15:05:07.0686 0x0a14  [ BF38660A9125935658CFA3E53FDC7D65, 60C06E0FA4449314DA3A0A87C1A9D9577DF99226F943637E06F61188E5862EFA ] C:\Windows\SysWOW64\msvcr100.dll
15:05:07.0686 0x0a14  C:\Windows\SysWOW64\msvcr100.dll - ok
15:05:07.0686 0x0a14  [ BD03C64C4B1F34D1F330BF6C4AC8113D, CA229A40A8073BFB067F8110E4FF9ECF398131FB5AE225F9477E79049817B3DD ] C:\Windows\System32\QUTIL.DLL
15:05:07.0686 0x0a14  C:\Windows\System32\QUTIL.DLL - ok
15:05:07.0686 0x0a14  [ 62FEAA78427447229FCD5381E310E7BD, E0435DDB34FBDAA2DB72DF4A17C44C3F60B1BF95C7CE2CBDF67B606CB18956EC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d91f3556f8011a5d48e1448e3fa8df9e\System.Xml.ni.dll
15:05:07.0686 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xml\d91f3556f8011a5d48e1448e3fa8df9e\System.Xml.ni.dll - ok
15:05:07.0686 0x0a14  [ AB01C36BCC34CCFE5B0BB5FFB2605135, 214D133CE85504AF924D1CE00FC10DD80E8397C6E1994841EAE78008FAAAE661 ] C:\Windows\System32\WPDShServiceObj.dll
15:05:07.0686 0x0a14  C:\Windows\System32\WPDShServiceObj.dll - ok
15:05:07.0686 0x0a14  [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
15:05:07.0686 0x0a14  C:\Windows\System32\PortableDeviceTypes.dll - ok
15:05:07.0702 0x0a14  [ 5DA7D8934F7AB0884A6A8FC02E8B2AA7, A0B8795965A10B045A6316FCEB48DF389E35E8739EEE4358789A18A7B8140E7A ] C:\Windows\System32\PortableDeviceApi.dll
15:05:07.0702 0x0a14  C:\Windows\System32\PortableDeviceApi.dll - ok
15:05:07.0702 0x0a14  [ D607B2F1BEE3992AA6C2C92C0A2F0855, E22301C8F01DBF0A38A85165959BB070647C996CB1BCD50FDFE3DDDCA427DF2A ] C:\Windows\System32\FXSSVC.exe
15:05:07.0702 0x0a14  C:\Windows\System32\FXSSVC.exe - ok
15:05:07.0702 0x0a14  [ BD669749EAEFF96773B5F8D0A43E0068, 25BA4FE82E2E0A0F9F0DB476F64BF2EE9E5C422032CE31A7264D6144E20D2A16 ] C:\Windows\SysWOW64\msxml3.dll
15:05:07.0702 0x0a14  C:\Windows\SysWOW64\msxml3.dll - ok
15:05:07.0702 0x0a14  [ 7ABC4C7D89E4AD658504D15578773780, 5A9E856BF1E836A003981306D2D8867B1B3F9125E1EFF2F1C9B8BF3D60951DD7 ] C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll
15:05:07.0702 0x0a14  C:\Program Files (x86)\Bluetooth Suite\AthCopyHook.dll - ok
15:05:07.0702 0x0a14  [ C3C5B67FF98E1B175A744641E5F77CF9, ED509617ADC7AB813EFE3B7252AA5BF1CDE89CDA744EE587C37F7A1D37453304 ] C:\Windows\System32\cscobj.dll
15:05:07.0702 0x0a14  C:\Windows\System32\cscobj.dll - ok
15:05:07.0702 0x0a14  [ 395B08A4F4FE4BC39ECA0801C0D5E0D0, F1E1455A4C72FCA9B93D6DDC75114165DFDCCFF30FBF5B94FDDEE071C5B29A59 ] C:\Windows\SysWOW64\riched32.dll
15:05:07.0702 0x0a14  C:\Windows\SysWOW64\riched32.dll - ok
15:05:07.0702 0x0a14  [ 70C841E62B372CE35C01E4C35326A5C7, D82B34DDA19F8F40894C05C89CFF03A781A04364C872A6690DB49042C8D66A70 ] C:\Windows\SysWOW64\asycfilt.dll
15:05:07.0702 0x0a14  C:\Windows\SysWOW64\asycfilt.dll - ok
15:05:07.0702 0x0a14  [ 8C6AF35602856595601F3CFFC70317D8, 5521835BE4383D57445C0B273057FA7747F3DF26D0C880E00108C32CF5B3CCCC ] C:\Program Files (x86)\Internet Download Manager\IDMGetAll.dll
15:05:07.0702 0x0a14  C:\Program Files (x86)\Internet Download Manager\IDMGetAll.dll - ok
15:05:07.0717 0x0a14  [ 8E8E7F67729B250E242BD217E0541F5C, 3E5670CBAA2981860FDBE61293DC6C4D490C11EB550653EA6E95E37310B788CE ] C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll
15:05:07.0717 0x0a14  C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll - ok
15:05:07.0717 0x0a14  [ 2C5B8A680A90E96B1EC0D6DA0505E685, 7E81B078A0BB75B1345FF6164D1EA6F6F6784435B92124C99318D6BAB29B3F8B ] C:\Windows\System32\srchadmin.dll
15:05:07.0717 0x0a14  C:\Windows\System32\srchadmin.dll - ok
15:05:07.0717 0x0a14  [ 50C2E62660C7C1D26C60D320CC61F8A6, 1C41043F1900045885AD33710848E2BFF686AEA7452A55FB8AB344CF7F8B9005 ] C:\Program Files (x86)\Internet Download Manager\downlWithIDM.dll
15:05:07.0717 0x0a14  C:\Program Files (x86)\Internet Download Manager\downlWithIDM.dll - ok
15:05:07.0717 0x0a14  [ 8733245B8D7A0038F46F65F945584E6F, 9D0BC98C0513272A6915CFFD5B1288A7568ABA4F198ADC6CD992BB7BE3D943F5 ] C:\Program Files (x86)\Internet Download Manager\idmfsa.dll
15:05:07.0717 0x0a14  C:\Program Files (x86)\Internet Download Manager\idmfsa.dll - ok
15:05:07.0717 0x0a14  [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
15:05:07.0717 0x0a14  C:\Windows\SysWOW64\wshqos.dll - ok
15:05:07.0717 0x0a14  [ 3819AD4329303EAC88480CA16A650735, FBE665BEE15A334851AF4BF9969C8BC21B3F0254CAA5E21E67D7843D4171E675 ] C:\Windows\System32\UIAnimation.dll
15:05:07.0717 0x0a14  C:\Windows\System32\UIAnimation.dll - ok
15:05:07.0717 0x0a14  [ C926920B8978DE6ACFE9E15C709E9B57, 33B8002ABC30372B1CA8B6EC046757794CD7C9DA3CA4715B515B6894DC7E45CA ] C:\Windows\System32\srvsvc.dll
15:05:07.0717 0x0a14  C:\Windows\System32\srvsvc.dll - ok
15:05:07.0717 0x0a14  [ 94FBC06F294D58D02361918418F996E3, 62C7CC2AF8F5A0BB0C262DACDE3F72C6AC318C3840CE60E46EE2064B32BDA5EF ] C:\Windows\System32\browser.dll
15:05:07.0717 0x0a14  C:\Windows\System32\browser.dll - ok
15:05:07.0733 0x0a14  [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
15:05:07.0733 0x0a14  C:\Windows\System32\netmsg.dll - ok
15:05:07.0733 0x0a14  [ 836892094209E5D9CF403B4CF2829B5C, C8CB0FCCBF4C7E5E64E1B4225B559E049A25792F99A880DEEC5C66243B6EC2CA ] C:\Windows\System32\sscore.dll
15:05:07.0733 0x0a14  C:\Windows\System32\sscore.dll - ok
15:05:07.0733 0x0a14  [ 34ACE6E837F846CF72AA2D445C0C6E2D, 1E231456D5993D3297B3DCEE61FA418E046EBDF2BAEBA06B5CBCBC5E9783F0D2 ] C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL
15:05:07.0733 0x0a14  C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL - ok
15:05:07.0733 0x0a14  [ 264F5078B3123CB82DACEC3326DADBF6, 615DB53FE739E846E914F99219584B9776290C611BC37A29E30D3C4438F6AB15 ] C:\Program Files (x86)\Common Files\Western Digital\WD Update\WDUpdate.dll
15:05:07.0733 0x0a14  C:\Program Files (x86)\Common Files\Western Digital\WD Update\WDUpdate.dll - ok
15:05:07.0733 0x0a14  [ 5EA127067CC720FDC46CE1C0A730F6C4, 8B26ECB90DA8CBE903E2D903E4DCF3EB6BAFBC6C3CD10882B52E146A660B8E9A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll
15:05:07.0733 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\66ce786a0b16af8c3f5c480cd6e84376\System.Runtime.Serialization.ni.dll - ok
15:05:07.0733 0x0a14  [ 00D2C06A552F782C1F16ACF77DB765A5, F54FE6535538174C139B1B0CB2AC0753B2E34412153A443482CCAE53FFBC4DC6 ] C:\Windows\SysWOW64\atl100.dll
15:05:07.0733 0x0a14  C:\Windows\SysWOW64\atl100.dll - ok
15:05:07.0733 0x0a14  [ A15C09D748C7A9710D88BDD0D7740896, D525582A8F70EAF18595DD5DC90C8E43447500BFA0CE1128DB903564C1801A14 ] C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\Cultures\OFFICE.ODF
15:05:07.0733 0x0a14  C:\Program Files (x86)\Common Files\microsoft shared\OFFICE15\Cultures\OFFICE.ODF - ok
15:05:07.0749 0x0a14  [ 4EAE37133B78A26A84EA1649D9B21A1E, 832FE4BCF5E3721267E5E30392C29FC96976F2ABFF5B0BED768F8D97606D8D98 ] C:\Windows\System32\clusapi.dll
15:05:07.0749 0x0a14  C:\Windows\System32\clusapi.dll - ok
15:05:07.0749 0x0a14  [ D87364F5108E763818904A469CD7CDED, 6D32E53999E96A14E5ED2F4FFC0F4400D780803220FEAF375F49B95598D69485 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDActivation.dll
15:05:07.0749 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDActivation.dll - ok
15:05:07.0749 0x0a14  [ FF1AC73491E703FB01E2952455F20AAB, C6DFA9D4354E19F0D7A1CF270AD097A0CF0A5B5C8E26D4E2E9E5173ECEDD59F5 ] C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
15:05:07.0749 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\chrome.exe - ok
15:05:07.0749 0x0a14  [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
15:05:07.0749 0x0a14  C:\Windows\System32\resutils.dll - ok
15:05:07.0749 0x0a14  [ BBCBD3CA38A8B2326B8E5A1266ACFA56, 99F84F3850E6D95317C80DECD9A17479DFB0EF064B481B3C30E059E89F757F8A ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDTransport.dll
15:05:07.0749 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDTransport.dll - ok
15:05:07.0749 0x0a14  [ 00E452CE3EE54D69FEBAAA6297468021, A579A09A560DCC94E1452FAA19C692A360CD4B5896574BC3CC03B79C8709D1D0 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4e69f1e7d86d79012db2d7e0dadc8880\System.Core.ni.dll
15:05:07.0749 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\4e69f1e7d86d79012db2d7e0dadc8880\System.Core.ni.dll - ok
15:05:07.0749 0x0a14  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
15:05:07.0749 0x0a14  C:\Windows\System32\netman.dll - ok
15:05:07.0749 0x0a14  [ AD31942BDF3D594C404874613BC2FE4D, 704F4A48FA91B8A22604FF740B506C3B28766F8DFADB9D11814602FAA00EDFAB ] C:\Windows\System32\SearchIndexer.exe
15:05:07.0749 0x0a14  C:\Windows\System32\SearchIndexer.exe - ok
15:05:07.0764 0x0a14  [ E6F66F31422C44EDC00D9C9329E7DF60, 81DB3B830F100ACEC5538840D73713FD3C530227886B6CEF250A48A3697729FE ] C:\Windows\System32\SyncCenter.dll
15:05:07.0764 0x0a14  C:\Windows\System32\SyncCenter.dll - ok
15:05:07.0764 0x0a14  [ 90EA3C8FDCC3B8974E13E9C166AD268E, 95F5BE7BDB34206475CD2CF791593605667753C8EA77D415385C586B2101F10C ] C:\PROGRA~2\MICROS~1\Office15\1033\GrooveIntlResource.dll
15:05:07.0764 0x0a14  C:\PROGRA~2\MICROS~1\Office15\1033\GrooveIntlResource.dll - ok
15:05:07.0764 0x0a14  [ B29539A462FFAE5BAB5670F5CAAA000E, 91DB53EC8A852A3277AF130D77EF00D6966D3328D12237F0858E6BF095F2289E ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDNet.dll
15:05:07.0764 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDNet.dll - ok
15:05:07.0764 0x0a14  [ 888730D40CD7E0F531F36276AD87E39C, 17F725C3782A342DEF4283363567280367CB7AF633E3529DD4C5FE85FFAF0F09 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDRegistry.dll
15:05:07.0764 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDRegistry.dll - ok
15:05:07.0764 0x0a14  [ 28DD0F66D5CEAAF240443AB6A1552BE9, 541013D1FFEF3AA13D54CD71A1C3C23A5991D99922F8357DB456D123A236EBEA ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDEncrypt.dll
15:05:07.0764 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDEncrypt.dll - ok
15:05:07.0764 0x0a14  [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
15:05:07.0764 0x0a14  C:\Windows\System32\ndiscapCfg.dll - ok
15:05:07.0764 0x0a14  [ 081A488B2A8F225449FD5D0C0CA33AF1, 493A0DBB7938AB02899AEB0919DDE5AE1C5BB9CE5C0255E33B99D70D9417A2E3 ] C:\Program Files\Microsoft Office\Office15\MSOHEVI.DLL
15:05:07.0764 0x0a14  C:\Program Files\Microsoft Office\Office15\MSOHEVI.DLL - ok
15:05:07.0780 0x0a14  [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
15:05:07.0780 0x0a14  C:\Windows\System32\rascfg.dll - ok
15:05:07.0780 0x0a14  [ 21894CB605E416D26892DC445507408E, 0C7BE9481556D8DC7F99AE76E45F04E89272D03EA8FB90779CE706E56F0C53CE ] C:\Windows\SysWOW64\pdh.dll
15:05:07.0780 0x0a14  C:\Windows\SysWOW64\pdh.dll - ok
15:05:07.0780 0x0a14  [ 114429A77D935053E13A9BF98A8B8CA1, 6120CF8EC6D2F262A3FCB0C0BB185DA8BE5F4D5FF6A114D8F54CC13535C31EE5 ] C:\Windows\System32\mprapi.dll
15:05:07.0780 0x0a14  C:\Windows\System32\mprapi.dll - ok
15:05:07.0780 0x0a14  [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
15:05:07.0780 0x0a14  C:\Windows\System32\mprmsg.dll - ok
15:05:07.0780 0x0a14  [ 1FCD619D8542A248D4E1FF72FFB0E56B, FFF35156138B5178F094AE5735EEBFF2AB3E0F71B23FEE24EEEC980C2B2EBF35 ] C:\Windows\System32\tcpipcfg.dll
15:05:07.0780 0x0a14  C:\Windows\System32\tcpipcfg.dll - ok
15:05:07.0780 0x0a14  [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
15:05:07.0780 0x0a14  C:\Windows\SysWOW64\EhStorShell.dll - ok
15:05:07.0780 0x0a14  [ 0002920FE96698271362358ADDCA123C, E32B250F7BAD900691A548C235EB306013786A5DC5B762D6E4BE49AB1F2B8BBF ] C:\Users\kamyab\Desktop\FRST64.exe
15:05:07.0780 0x0a14  C:\Users\kamyab\Desktop\FRST64.exe - ok
15:05:07.0780 0x0a14  [ 36333D345062E42E849C0AF00CBEFC97, 3E375720C5A3E116CC22416BAFD61F06BD508ED0A628DD393FB8F065F0F1EAA5 ] C:\Windows\SysWOW64\ntshrui.dll
15:05:07.0780 0x0a14  C:\Windows\SysWOW64\ntshrui.dll - ok
15:05:07.0795 0x0a14  [ 5893EBDCE371174AC89ECD7731DD6D77, 31CC55F4724CFD95E48954B38C0A04D674399FD243083A816893ED5E5A770086 ] C:\Windows\SysWOW64\pcwum.dll
15:05:07.0795 0x0a14  C:\Windows\SysWOW64\pcwum.dll - ok
15:05:07.0795 0x0a14  [ 91262F88C4EA3B82B761EA6211CFC84C, 119BDFD21A8D12A6437BDF9BCE6A7B4601B77EB244A5760CB5A0BC52316B47AB ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\chrome_elf.dll
15:05:07.0795 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\chrome_elf.dll - ok
15:05:07.0795 0x0a14  [ 15515AE1540B4EE2B75DF63FC15129DF, CFDDAC99F0661F04E2713B8B19564D0BB22BA213DCB4BD4C9FD4A4B3A84C7FB5 ] C:\Windows\SysWOW64\netfxperf.dll
15:05:07.0795 0x0a14  C:\Windows\SysWOW64\netfxperf.dll - ok
15:05:07.0795 0x0a14  [ 315E419ABD7CFB244D1872B44A0C358D, DC5FE0BA41815CBCCE72AC16376E008CF3A6EBC1B44B63380DB687003CBF8C88 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll
15:05:07.0795 0x0a14  C:\Windows\Microsoft.NET\Framework\v4.0.30319\PerfCounter.dll - ok
15:05:07.0795 0x0a14  [ 2CF3945575CF01CD7A0622FAB8C7583E, 9F37DC4E6DC5FF1EA9FA5841984635CEA55A7D46407B0866668BB8BF9758EC55 ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\chrome.dll
15:05:07.0795 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\chrome.dll - ok
15:05:07.0795 0x0a14  [ 395AA43545B73C39A9BC4BD7502A6146, 3C9EDB65193840C3F7D8555D84F882115DA97F2A20E30D2E1FF33A2D496BD4E5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll
15:05:07.0795 0x0a14  C:\Windows\Microsoft.NET\Framework\v4.0.30319\CORPerfMonExt.dll - ok
15:05:07.0795 0x0a14  [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
15:05:07.0795 0x0a14  C:\Windows\SysWOW64\slc.dll - ok
15:05:07.0795 0x0a14  [ CC9B428BED0D6A451F5A30FEE5B4D18B, 3EB7FF88718C621DF9A61783DB5F53F0816F062FD0E4275A7E8F018077D7F004 ] C:\Windows\SysWOW64\aspnet_counters.dll
15:05:07.0795 0x0a14  C:\Windows\SysWOW64\aspnet_counters.dll - ok
15:05:07.0811 0x0a14  [ 9FAFAC610BBA9C1A666F08388229BD46, E16307F68E650B2800065E711383A5336514FF71256704A6425EE26F5AF3800A ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll
15:05:07.0811 0x0a14  C:\Windows\Microsoft.NET\Framework\v4.0.30319\Aspnet_perf.dll - ok
15:05:07.0811 0x0a14  [ 704A8B68374E6309B8D67F997FD3034B, DC746FF16AEFAFA82BD6CD232751293E420C14B44730D4E2C33C47F09FB2828F ] C:\Windows\SysWOW64\bitsperf.dll
15:05:07.0811 0x0a14  C:\Windows\SysWOW64\bitsperf.dll - ok
15:05:07.0811 0x0a14  [ 742AA02BD9FA3492C9E525BBD427D87D, 21BB644D6591F10AC8F0A74950D89F4341781C65B79D28BEF6A67823CB933695 ] C:\Windows\SysWOW64\samcli.dll
15:05:07.0811 0x0a14  C:\Windows\SysWOW64\samcli.dll - ok
15:05:07.0811 0x0a14  [ 8C9179609935F84202028849112D355A, FBDD3BB4BF8F6854AA4E7E6AD4F86EA3E62363C86D87D2DE884DC343A58C7D07 ] C:\Windows\SysWOW64\esentprf.dll
15:05:07.0811 0x0a14  C:\Windows\SysWOW64\esentprf.dll - ok
15:05:07.0811 0x0a14  [ 702A13ED6F2B4740FA77A7A19B382348, 3C546D9A4E382C0A797DC4293BCFFB653110D5D11E2266368430B8AC213A3112 ] C:\Windows\SysWOW64\credui.dll
15:05:07.0811 0x0a14  C:\Windows\SysWOW64\credui.dll - ok
15:05:07.0811 0x0a14  [ E991956ACE9E57BFB9F8BB077D11B34E, FF7D5652E9A20D5B757B2DE83B1B4E9439D40B12B2456FDB786C3C040A765847 ] C:\Windows\SysWOW64\msdtcuiu.dll
15:05:07.0811 0x0a14  C:\Windows\SysWOW64\msdtcuiu.dll - ok
15:05:07.0811 0x0a14  [ 36424578D422B2B63CF74CE1F84264A0, 7D4902B407BF21B319A4257B4902A8283AFD6B6532F05A89BAC22F1D3EC0F14E ] C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXEV.DLL
15:05:07.0811 0x0a14  C:\Program Files\Common Files\Microsoft Shared\OFFICE15\MSOXEV.DLL - ok
15:05:07.0811 0x0a14  [ 19B8C44BC54C7859E57E0EC1312D5B92, F1117313A292B3D05712585328D007156474BE491E19A7215A7E85645885AF96 ] C:\Windows\SysWOW64\msdtcprx.dll
15:05:07.0811 0x0a14  C:\Windows\SysWOW64\msdtcprx.dll - ok
15:05:07.0827 0x0a14  [ 4F2595A7F283A8DCC86007FB24B77AB9, E37512B6E9133A49E47D834194F9989EFDE15163245F54E3C3A624A68779D91B ] C:\Windows\SysWOW64\KBDUS.DLL
15:05:07.0827 0x0a14  C:\Windows\SysWOW64\KBDUS.DLL - ok
15:05:07.0827 0x0a14  [ FE130D15D71AC16EFFDF1397F2AF1653, 36E051C55BF2DDD18E04F75B06A24A68F36C3C24F7DF551A654ABC55595781E4 ] C:\Windows\System32\esent.dll
15:05:07.0827 0x0a14  C:\Windows\System32\esent.dll - ok
15:05:07.0827 0x0a14  [ 236360CE5E4C3F063AC110533747C0A8, 405A17410BBB46034EC1DE4B149186A12A0C80AFDADD34C4D7D17B7A24FDF1DC ] C:\Windows\SysWOW64\Wpc.dll
15:05:07.0827 0x0a14  C:\Windows\SysWOW64\Wpc.dll - ok
15:05:07.0827 0x0a14  [ 6EB1BB4A5209A94D52559449B49EA5EB, 1DA10A17B44CE7F9E9D904BC47C41531592D8F15AC94617CFFACC92DF79F9FAB ] C:\Windows\SysWOW64\mtxclu.dll
15:05:07.0827 0x0a14  C:\Windows\SysWOW64\mtxclu.dll - ok
15:05:07.0827 0x0a14  [ F87A7BB428E4AC68D348DF600F1EA1A2, 83A4A7871F9D314348CFFA0DF73ADCD77C2CA8F8D227D75604AC23AD339B5A34 ] C:\Windows\System32\tquery.dll
15:05:07.0827 0x0a14  C:\Windows\System32\tquery.dll - ok
15:05:07.0827 0x0a14  [ AC0C9CEA1218DAB1994AF8B28E680BD9, 7C79144AD91C5B578B48DD6412884A58F4E6C23732612655A73486FC7BCE68A0 ] C:\Windows\System32\wlaninst.dll
15:05:07.0827 0x0a14  C:\Windows\System32\wlaninst.dll - ok
15:05:07.0827 0x0a14  [ 5A406C9C8E0880D3EABADC5DFD1ACDAE, D3228D81B30A37DDDBF2E9FECC8885404FB95DBD11C5F55A425B27BD361BC2C1 ] C:\Windows\System32\wwaninst.dll
15:05:07.0827 0x0a14  C:\Windows\System32\wwaninst.dll - ok
15:05:07.0827 0x0a14  [ 9092668DAF4061898FD3F2C19D8C7F85, 614C9042687554ECACE6B6BB32AC8F53E7B70A07ADF0A585931BC5F3CD11A2AC ] C:\Windows\SysWOW64\clusapi.dll
15:05:07.0827 0x0a14  C:\Windows\SysWOW64\clusapi.dll - ok
15:05:07.0842 0x0a14  [ 78A6501E4E37118C568A606623A275BB, 4A3E9FB21F848FF9B679973499A9B2080FBBF1E551A8FD56FC3B777FDD46B999 ] C:\Windows\System32\mssrch.dll
15:05:07.0842 0x0a14  C:\Windows\System32\mssrch.dll - ok
15:05:07.0842 0x0a14  [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\SysWOW64\wevtapi.dll
15:05:07.0842 0x0a14  C:\Windows\SysWOW64\wevtapi.dll - ok
15:05:07.0842 0x0a14  [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
15:05:07.0842 0x0a14  C:\Windows\SysWOW64\cryptdll.dll - ok
15:05:07.0842 0x0a14  [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\SysWOW64\samlib.dll
15:05:07.0842 0x0a14  C:\Windows\SysWOW64\samlib.dll - ok
15:05:07.0842 0x0a14  [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
15:05:07.0842 0x0a14  C:\Windows\SysWOW64\bcrypt.dll - ok
15:05:07.0842 0x0a14  [ 9015EE5171BCB15653DA27024BD27128, 575D84232C19D9A7165E96E64F313011A79763B815C809345739454C30E3CFEE ] C:\Windows\SysWOW64\resutils.dll
15:05:07.0842 0x0a14  C:\Windows\SysWOW64\resutils.dll - ok
15:05:07.0842 0x0a14  [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
15:05:07.0842 0x0a14  C:\Windows\System32\msidle.dll - ok
15:05:07.0842 0x0a14  [ 38B13C0DF479DBA23ECFA815159BA86E, C289C65AF3FB689AD6B770AB0E815860D9EA36FB2A8DE9F1818C63AD0FE47CBD ] C:\Windows\SysWOW64\ktmw32.dll
15:05:07.0842 0x0a14  C:\Windows\SysWOW64\ktmw32.dll - ok
15:05:07.0842 0x0a14  [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
15:05:07.0842 0x0a14  C:\Windows\System32\mssprxy.dll - ok
15:05:07.0858 0x0a14  [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
15:05:07.0858 0x0a14  C:\Windows\System32\wdi.dll - ok
15:05:07.0858 0x0a14  [ 3FED26156D80F80D24EBC22B828E8FEC, 04E66F8B1FC2A4667336D6739EA3B73D8607D385A91EFBB403F063B40200200B ] C:\Windows\SysWOW64\msscntrs.dll
15:05:07.0858 0x0a14  C:\Windows\SysWOW64\msscntrs.dll - ok
15:05:07.0858 0x0a14  [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
15:05:07.0858 0x0a14  C:\Windows\System32\npmproxy.dll - ok
15:05:07.0858 0x0a14  [ B92E9318F7E4AEF633B8EC3A873565AF, DA378AE1283B941B4251B7DD37FB21F37F7282750D94900D96EE413ADD316883 ] C:\Windows\SysWOW64\perfdisk.dll
15:05:07.0858 0x0a14  C:\Windows\SysWOW64\perfdisk.dll - ok
15:05:07.0858 0x0a14  [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
15:05:07.0858 0x0a14  C:\Windows\System32\rasdlg.dll - ok
15:05:07.0858 0x0a14  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
15:05:07.0858 0x0a14  C:\Windows\System32\ssdpsrv.dll - ok
15:05:07.0858 0x0a14  [ F2C7BB8ACC97F92E987A2D4087D021B1, 142E1D688EF0568370C37187FD9F2351D7DDEDA574F8BFA9B0FA4EF42DB85AA2 ] C:\Windows\System32\notepad.exe
15:05:07.0858 0x0a14  C:\Windows\System32\notepad.exe - ok
15:05:07.0873 0x0a14  [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
15:05:07.0873 0x0a14  C:\Windows\SysWOW64\gpapi.dll - ok
15:05:07.0873 0x0a14  [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
15:05:07.0873 0x0a14  C:\Windows\System32\en-US\tquery.dll.mui - ok
15:05:07.0873 0x0a14  [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
15:05:07.0873 0x0a14  C:\Windows\System32\aelupsvc.dll - ok
15:05:07.0873 0x0a14  [ 1ACC2484F3F111D577ABE4FFB1CAF2A5, 7B93481DD6BE2021C7C7B939FB90C430CB70E1BE4A14E24A8D4D34EEA5AE5F15 ] C:\Windows\SysWOW64\perfnet.dll
15:05:07.0873 0x0a14  C:\Windows\SysWOW64\perfnet.dll - ok
15:05:07.0873 0x0a14  [ 2D1830A62EE573E1BFFCBCBEFDE921AF, 469F9CEBE7400F09DC091ED3DC4D78C14B41E412398CC3C6CBF7008E74BE94CB ] C:\Windows\SysWOW64\browcli.dll
15:05:07.0873 0x0a14  C:\Windows\SysWOW64\browcli.dll - ok
15:05:07.0873 0x0a14  [ 166EB40D1F5B47E615DE3D0FFFE5F243, E32BCCA0D25CD631C221986EBE9F6C54BF2F12DE1672D69CCC4E22AD07D0525A ] C:\Windows\System32\IPSECSVC.DLL
15:05:07.0873 0x0a14  C:\Windows\System32\IPSECSVC.DLL - ok
15:05:07.0873 0x0a14  [ FE1897800D8FCA8579CCABC83A0CA181, 4EBA4D465F8F5DF529F986F89C80B3AB93F6AB86A6DA236D7B129FC0228AF29A ] C:\Program Files\WinRAR\WinRAR.exe
15:05:07.0873 0x0a14  C:\Program Files\WinRAR\WinRAR.exe - ok
15:05:07.0873 0x0a14  [ 6FA41E0C86EF049A12C05CA4BBA8F9AF, D18758C5A33B4C596EA6E87A16B53D7CF68EA9586C7F11C9518577BC8D7CBC9B ] C:\Windows\SysWOW64\perfos.dll
15:05:07.0873 0x0a14  C:\Windows\SysWOW64\perfos.dll - ok
15:05:07.0873 0x0a14  [ D891293880F2F00AB7BA959910300EF7, 2C974D3BE5E762694B5270330211D761C35C25C495EA173FC22DCD8820FDAF0A ] C:\Windows\System32\diagperf.dll
15:05:07.0873 0x0a14  C:\Windows\System32\diagperf.dll - ok
15:05:07.0889 0x0a14  [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
15:05:07.0889 0x0a14  C:\Windows\System32\perftrack.dll - ok
15:05:07.0889 0x0a14  [ 2E57DDF2880A7E52E76F41C7E96D327B, D24E19B6091C197D77D71BC044CE2E5A57BE0A2F00D1BB0732E380A398230E63 ] C:\Windows\System32\wpdbusenum.dll
15:05:07.0889 0x0a14  C:\Windows\System32\wpdbusenum.dll - ok
15:05:07.0889 0x0a14  [ 752F8E96BAB993517838315508FB82CB, E2D40BC51CAA147EBCEB9898D3D75540CEF83376E088942D289CD58FFAE654DE ] C:\Windows\SysWOW64\perfproc.dll
15:05:07.0889 0x0a14  C:\Windows\SysWOW64\perfproc.dll - ok
15:05:07.0889 0x0a14  [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
15:05:07.0889 0x0a14  C:\Windows\System32\PortableDeviceConnectApi.dll - ok
15:05:07.0889 0x0a14  [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
15:05:07.0889 0x0a14  C:\Windows\System32\FwRemoteSvr.dll - ok
15:05:07.0889 0x0a14  [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
15:05:07.0889 0x0a14  C:\Windows\SysWOW64\mssprxy.dll - ok
15:05:07.0889 0x0a14  [ BB68579E181956E37EB11F9083C01CF3, 969920A2137BAC81810A7F635A0C486892D66E95C49E7EC54ABB93FC52071788 ] C:\Windows\System32\dot3api.dll
15:05:07.0889 0x0a14  C:\Windows\System32\dot3api.dll - ok
15:05:07.0889 0x0a14  [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
15:05:07.0889 0x0a14  C:\Windows\System32\pnpts.dll - ok
15:05:07.0905 0x0a14  [ 6E608664EBEEAB5A03BA32324016695B, 1137E97697E85D866622AA1F6AA2F08F9DFECABED9652A997F44E65B2F5D72EF ] C:\Windows\SysWOW64\rasctrs.dll
15:05:07.0905 0x0a14  C:\Windows\SysWOW64\rasctrs.dll - ok
15:05:07.0905 0x0a14  [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
15:05:07.0905 0x0a14  C:\Windows\System32\radardt.dll - ok
15:05:07.0905 0x0a14  [ FBA5797DB557D32FB4C1C39643B39839, C2FF9C6FFA4881A5458A390EF06D00BEFFAD86E73A8AD7F57B8442D4D81B75FC ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\chrome_child.dll
15:05:07.0905 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\chrome_child.dll - ok
15:05:07.0905 0x0a14  [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
15:05:07.0905 0x0a14  C:\Windows\System32\wlanhlp.dll - ok
15:05:07.0905 0x0a14  [ 5BBD1F824741AA1FDA9A9DFD3A9D5416, C9F3EAA48AF158A3377ADD36EA8C0C115A562BCF323D3D4AF41BD7C62285B39B ] C:\Windows\SysWOW64\tapiperf.dll
15:05:07.0905 0x0a14  C:\Windows\SysWOW64\tapiperf.dll - ok
15:05:07.0905 0x0a14  [ 65AF044B5570D355124DCD1E099AA98F, 84165B4C2F7EA6DCC52442C50610F363D319B7768A62A7E8B4920D459A3024CD ] C:\Windows\System32\wdiasqmmodule.dll
15:05:07.0905 0x0a14  C:\Windows\System32\wdiasqmmodule.dll - ok
15:05:07.0905 0x0a14  [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
15:05:07.0905 0x0a14  C:\Windows\System32\Apphlpdm.dll - ok
15:05:07.0905 0x0a14  [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
15:05:07.0905 0x0a14  C:\Windows\SysWOW64\imageres.dll - ok
15:05:07.0920 0x0a14  [ EDD2AD141DEBD425D74A52A4D7BE6AC4, DB32FA1033D9F1231E8A51CA345AD9EB47D08626127EBBEDCEF13D40DAA64FFD ] C:\Windows\SysWOW64\perfctrs.dll
15:05:07.0920 0x0a14  C:\Windows\SysWOW64\perfctrs.dll - ok
15:05:07.0920 0x0a14  [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
15:05:07.0920 0x0a14  C:\Windows\System32\wbem\NCProv.dll - ok
15:05:07.0920 0x0a14  [ 0A7B1D09AC03910BB70996A2856048A0, 395C1C4C9E2D83F375C251FA8D4E9866655FBA77B597579495EA9216D9F1DBAD ] C:\Windows\SysWOW64\perfts.dll
15:05:07.0920 0x0a14  C:\Windows\SysWOW64\perfts.dll - ok
15:05:07.0920 0x0a14  [ C81E0C917D5DB4FECD2EC3C7E2712BBF, 60F76EC7169397C425023D5927A3C3C34599FA329814053CACE6171E20ADB353 ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\d3dcompiler_46.dll
15:05:07.0920 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\d3dcompiler_46.dll - ok
15:05:07.0920 0x0a14  [ 4757E9742C8EFA0EA4146882864D751D, 42033F6350309A0686B0C4D8BFC268C2F65DA55D6AB1E21B96F9EF36B010A14D ] C:\Windows\SysWOW64\utildll.dll
15:05:07.0920 0x0a14  C:\Windows\SysWOW64\utildll.dll - ok
15:05:07.0920 0x0a14  [ D8ECA7A87AAA3AE308B5277411666622, 2F67D5567DC1174B36E67C1009B827E3C48F05551D4B4A39D7B02B8D12041406 ] C:\Windows\SysWOW64\logoncli.dll
15:05:07.0920 0x0a14  C:\Windows\SysWOW64\logoncli.dll - ok
15:05:07.0920 0x0a14  [ 109007869CB95CBD9B92FDF35B96D7B5, 397228F01E7808C3883248D89D9A6E462857971F2FF2A456143EB30001F6BCE3 ] C:\Windows\SysWOW64\usbperf.dll
15:05:07.0920 0x0a14  C:\Windows\SysWOW64\usbperf.dll - ok
15:05:07.0936 0x0a14  [ 5EC04FA9404A0149C4ED1FF45941E64B, 1C830A693BC043267DC9C116ABE0143D9A203C98D9870233F6CF4A23B32FFE4D ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll
15:05:07.0936 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libglesv2.dll - ok
15:05:07.0936 0x0a14  [ B01724EFF26CE7C5AB3D17AE67F4F1B5, F82AB609F96676491E3F41B6C38D0334F2D5E5293E8141F55AB4D10E4FC10DA6 ] C:\Windows\SysWOW64\wbem\WmiApRpl.dll
15:05:07.0936 0x0a14  C:\Windows\SysWOW64\wbem\WmiApRpl.dll - ok
15:05:07.0936 0x0a14  [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
15:05:07.0936 0x0a14  C:\Windows\System32\WWanAPI.dll - ok
15:05:07.0936 0x0a14  [ 529879612A7FAE235914E3AA6A9A669C, 715843BDDCB7BFB9C6A968F6DC7BBDE0844883FD57CB72608E2D7352F385C7A8 ] C:\Windows\SysWOW64\loadperf.dll
15:05:07.0936 0x0a14  C:\Windows\SysWOW64\loadperf.dll - ok
15:05:07.0936 0x0a14  [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
15:05:07.0936 0x0a14  C:\Windows\System32\wwapi.dll - ok
15:05:07.0936 0x0a14  [ 0B9F7D42D745038437FAE70D97F9AD5A, D690FC5DC287D29A2FA4C2AA820E09D57B5B513C2B1FB07BFBC7E59577887DB0 ] C:\Windows\System32\QAGENT.DLL
15:05:07.0936 0x0a14  C:\Windows\System32\QAGENT.DLL - ok
15:05:07.0936 0x0a14  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] C:\Windows\System32\wbem\WmiApSrv.exe
15:05:07.0936 0x0a14  C:\Windows\System32\wbem\WmiApSrv.exe - ok
15:05:07.0936 0x0a14  [ 4C7FBAD5BBEBC0D3807129092A1DE4B9, 0E72ED6D89D9B89690FDE8122F46FA851740EF18E850D98D45E56F85A6682994 ] C:\Users\kamyab\Downloads\Programs\Xbox360_64Eng.exe
15:05:07.0936 0x0a14  C:\Users\kamyab\Downloads\Programs\Xbox360_64Eng.exe - ok
15:05:07.0951 0x0a14  [ 7459301D21C2E21468823F73042D9F87, 74CF393FDA910EBF50F5EE74DF001F29467FE83F0457895FB267518A8504800B ] C:\Windows\SysWOW64\d3d9.dll
15:05:07.0951 0x0a14  C:\Windows\SysWOW64\d3d9.dll - ok
15:05:07.0951 0x0a14  [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
15:05:07.0951 0x0a14  C:\Windows\SysWOW64\d3d8thk.dll - ok
15:05:07.0951 0x0a14  [ 58E387B09169DFB2A5A0D06D0B8A9257, 7BCF999E69F48C8E4E690AF1AB192A0893D062AB93CDBB81A102F50FC93C0DDE ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll
15:05:07.0951 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libegl.dll - ok
15:05:07.0951 0x0a14  [ 9FE3ED67345F0FF829A4A53B90E09672, F70CD131DCF101B26CD55A57876DB3765B3E15C9D3A8B508FF041C91226EC504 ] C:\Windows\System32\loadperf.dll
15:05:07.0951 0x0a14  C:\Windows\System32\loadperf.dll - ok
15:05:07.0951 0x0a14  [ C0523FE101A30E3821604FE1CA1740D7, B5C8D4AF44EDE14A67A344BECB6291019C05E07B5F1CB69E63E058D052452340 ] C:\Windows\SysWOW64\DWrite.dll
15:05:07.0951 0x0a14  C:\Windows\SysWOW64\DWrite.dll - ok
15:05:07.0951 0x0a14  [ 7C6A2CCF98024A5EF8740162701CE3E7, 70E8A0689B3340A3F388758E32FB930A2C018D5F55B252024B52A15B9574BD05 ] C:\Windows\SysWOW64\tquery.dll
15:05:07.0951 0x0a14  C:\Windows\SysWOW64\tquery.dll - ok
15:05:07.0951 0x0a14  [ 44C9CDBE76C836F3B3A378E74C5BD46C, 0D38E63B5C87D24F91772C1CD8108C591675EAF7D1FC93744D5A675AD22411CC ] C:\Windows\SysWOW64\nvumdshim.dll
15:05:07.0951 0x0a14  C:\Windows\SysWOW64\nvumdshim.dll - ok
15:05:07.0951 0x0a14  [ D7C4D72F6BD5D6692A0C520730F8EE59, 9F86122763C8F5ECA47785201128121D82A9290ABD192DA4C5DD13385761636A ] C:\Windows\SysWOW64\igdumd32.dll
15:05:07.0951 0x0a14  C:\Windows\SysWOW64\igdumd32.dll - ok
15:05:07.0967 0x0a14  [ 57847BF7827430C2998CEC83FA3C8EC8, 1EB52A2C85114FEEE929B815514A0E0A88837AB75F22AFB7E552AB86A3333D8D ] C:\Users\kamyab\Downloads\Programs\LicenseFinder.exe
15:05:07.0967 0x0a14  C:\Users\kamyab\Downloads\Programs\LicenseFinder.exe - ok
15:05:07.0967 0x0a14  [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\Users\kamyab\Downloads\Programs\332.21-notebook-win8-win7-64bit-international-whql.exe
15:05:07.0967 0x0a14  C:\Users\kamyab\Downloads\Programs\332.21-notebook-win8-win7-64bit-international-whql.exe - ok
15:05:07.0967 0x0a14  [ F4C4A9386E8947DEC449737680FF963C, 335CDEB9225E4D8472CE936203E44C5333ECB7B0B93BFA4B4B2E389C85FB2937 ] C:\Users\kamyab\Downloads\Programs\pardisgame_cs_client_0-7-3-2beta.exe
15:05:07.0967 0x0a14  C:\Users\kamyab\Downloads\Programs\pardisgame_cs_client_0-7-3-2beta.exe - ok
15:05:07.0967 0x0a14  [ 205B7034B64DE5A68DEB96B47B7E889B, 7D1330631B6802F4DB7E60324C18015C4E414DC73EC6AFC7EC576B30E3902AE7 ] C:\Windows\SysWOW64\mscms.dll
15:05:07.0967 0x0a14  C:\Windows\SysWOW64\mscms.dll - ok
15:05:07.0967 0x0a14  [ 031C6782F2D50336FC2C72F8D14A4C13, A548A1360D5F30771DB5E3E9391965B3FF2E89B146B1595583009852A6FA73E0 ] C:\Windows\System32\wbem\wmiprov.dll
15:05:07.0967 0x0a14  C:\Windows\System32\wbem\wmiprov.dll - ok
15:05:07.0967 0x0a14  [ F88FF5197CA9AF4247C156E01CD32714, A2769EDB3BD3BF47D05135546EC6E2E1611D909A8B0072CD0A5C53A83239FD7A ] C:\Users\kamyab\Downloads\Programs\WebSetup.exe
15:05:07.0967 0x0a14  C:\Users\kamyab\Downloads\Programs\WebSetup.exe - ok
15:05:07.0967 0x0a14  [ 6B0E02F6A418A3D4AB598175B5B11FF9, CF88506D6204774556369E11DCA81CCAEC642F9F143301FA05FD4EF2D0459AC5 ] C:\Users\kamyab\Downloads\Programs\D13930725G03S3.exe
15:05:07.0967 0x0a14  C:\Users\kamyab\Downloads\Programs\D13930725G03S3.exe - ok
15:05:07.0967 0x0a14  [ D7D7EB64B7DE14A783329805E5AC0031, 37B69D3EBB7A26B67261AF6ABDB74329A38F2012CCDF44F75901B8E1D3BC323E ] C:\Windows\System32\webcheck.dll
15:05:07.0967 0x0a14  C:\Windows\System32\webcheck.dll - ok
15:05:07.0983 0x0a14  [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\SysWOW64\linkinfo.dll
15:05:07.0983 0x0a14  C:\Windows\SysWOW64\linkinfo.dll - ok
15:05:07.0983 0x0a14  [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
15:05:07.0983 0x0a14  C:\Windows\System32\mlang.dll - ok
15:05:07.0983 0x0a14  [ 8B886A0AC14EAA8599142887991A5A2E, 5CD23A0F7DC53B1F4E8D33E2FD5C3C6E375EE5F542EBCEE2989400F352815462 ] C:\Windows\System32\imapi2.dll
15:05:07.0983 0x0a14  C:\Windows\System32\imapi2.dll - ok
15:05:07.0983 0x0a14  [ 42EC9065D9BF266ADE924B066C783A56, 4AC002E90A52CB0998DA78F2995294EE77B89FB2BE709B0E3C8E1627212BCCDC ] C:\Windows\System32\SearchProtocolHost.exe
15:05:07.0983 0x0a14  C:\Windows\System32\SearchProtocolHost.exe - ok
15:05:07.0983 0x0a14  [ F0AAB2A76A7AF04C70A818E96BAF3E64, 44E7D7A0D1F35D02D627D449EE773177AEE026B6D6C787B1463362E73670CB77 ] C:\Windows\System32\hgcpl.dll
15:05:07.0983 0x0a14  C:\Windows\System32\hgcpl.dll - ok
15:05:07.0983 0x0a14  [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
15:05:07.0983 0x0a14  C:\Windows\System32\msshooks.dll - ok
15:05:07.0983 0x0a14  [ 52D56D1013D4F1B99102679314CC5325, F8F6C41FEC774C71A85C91DFEB057076D018E5A64CE1D7B7D9D202CA65B34758 ] C:\Windows\System32\SearchFilterHost.exe
15:05:07.0983 0x0a14  C:\Windows\System32\SearchFilterHost.exe - ok
15:05:07.0983 0x0a14  [ 198803E5E93E29967DFB0BCFD0186151, 72C3B0FA35578A71E9988FA31A7AD91A9CF31A6BA6EC00EA1F153E99277807BF ] C:\Windows\System32\spfileq.dll
15:05:07.0983 0x0a14  C:\Windows\System32\spfileq.dll - ok
15:05:07.0998 0x0a14  [ 72AB6633E9B39EC7FEBEDF083A9061E5, 758E5BA89665C574456A2A826EF5A7DC2487C8379893010EB57BC40127AC918F ] C:\Windows\System32\mscoree.dll
15:05:07.0998 0x0a14  C:\Windows\System32\mscoree.dll - ok
15:05:07.0998 0x0a14  [ D44067027714CC58B8AB0AC38FDA1A0B, 56E96A58B5A53A68485F8D2F7BA286F2B174AB910BD45145258D48251F489F02 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
15:05:07.0998 0x0a14  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
15:05:07.0998 0x0a14  [ ABDBABE3A7D2222B3A0DB1B8B9CAD16E, C1852121F9ADB5D2B46C73334C6E8B3CF6B7BB431520C6937F1CAFAD19AA194E ] C:\Windows\System32\mssph.dll
15:05:07.0998 0x0a14  C:\Windows\System32\mssph.dll - ok
15:05:07.0998 0x0a14  [ 2A556E2D703DED03186C596B90AC6869, 566DF5F4754D3510D277B30A773E5A21B1D30EADBA0B585A18A68AC9BC72A7EC ] C:\Windows\System32\mapi32.dll
15:05:07.0998 0x0a14  C:\Windows\System32\mapi32.dll - ok
15:05:07.0998 0x0a14  [ 5F9353832B090D900D39EDE814C940E6, D9BA58786140DF7A7045AE25DC171357F16FF0757364552F4630C993CC6D24F6 ] C:\Users\kamyab\Downloads\Programs\ERARemover_x64.exe
15:05:07.0998 0x0a14  C:\Users\kamyab\Downloads\Programs\ERARemover_x64.exe - ok
15:05:07.0998 0x0a14  [ E8D3E34FFDAF21DF7C09CBBBA5763237, 4DA59287AFD5EA67E4E130C8827885DFC499380E3879165E5CDE892FB00EE7D4 ] C:\Users\kamyab\Downloads\Programs\esetsmartinstaller_enu.exe
15:05:07.0998 0x0a14  C:\Users\kamyab\Downloads\Programs\esetsmartinstaller_enu.exe - ok
15:05:07.0998 0x0a14  [ AF6E966D1F38287EF4D33B246CCC3A33, 56E4E2852E86EF53CA8A5F7E6EEFB2C71E673BC9D9FBA50A4D326578C6CBD0C5 ] C:\Users\kamyab\Downloads\Programs\JRT.exe
15:05:07.0998 0x0a14  C:\Users\kamyab\Downloads\Programs\JRT.exe - ok
15:05:07.0998 0x0a14  [ 788FCDDD88240A85039F7F561093B118, C6592C2061C39EA8ED94D1F6854E16A722DC461F4D5B907B0230452D07D4CCE3 ] C:\Users\kamyab\Downloads\Programs\TFC.exe
15:05:07.0998 0x0a14  C:\Users\kamyab\Downloads\Programs\TFC.exe - ok
15:05:08.0014 0x0a14  [ A8AD8312D40FE971EA80145819E2D396, 30BC32E9DADD052AE451F43B038AB57EE5B0C2973B44B6452A916737549E4BBF ] C:\Users\kamyab\Desktop\SecurityCheck.exe
15:05:08.0014 0x0a14  C:\Users\kamyab\Desktop\SecurityCheck.exe - ok
15:05:08.0014 0x0a14  [ 3BD59D6C407AB1F6DDD7C5D9BD727469, 3BDBCF37AD6277F09D2AC9722BBAE90E16CE83AC4C5C3CB7922C0FC4AE7B3662 ] C:\Users\kamyab\Downloads\Programs\mbam-setup-2.0.4.1028.exe
15:05:08.0014 0x0a14  C:\Users\kamyab\Downloads\Programs\mbam-setup-2.0.4.1028.exe - ok
15:05:08.0014 0x0a14  [ 175814FFCDAA1F26E7904148B4F186D6, 9830C640BA209CF06D090E84770ACF84460F932522800A9ED31196D1D744EEA8 ] C:\Users\kamyab\Downloads\Programs\RogueKillerX64.exe
15:05:08.0014 0x0a14  C:\Users\kamyab\Downloads\Programs\RogueKillerX64.exe - ok
15:05:08.0014 0x0a14  [ 9146F21288AB749C4C729343F5F285A1, ACD6BB404942E46EC1072107908575C6873DB789893102E34A49E9335B7354A3 ] C:\Users\kamyab\Downloads\Programs\Defogger.exe
15:05:08.0014 0x0a14  C:\Users\kamyab\Downloads\Programs\Defogger.exe - ok
15:05:08.0014 0x0a14  [ 9C5DAAED3B3C06DBC95228CC407B8B70, E306E5C4A1C0D4B63840E38098B9FF2F4267FA4F519C7841E5A0C25A8DFF96D8 ] C:\Users\kamyab\Downloads\Programs\tdsskiller.exe
15:05:08.0014 0x0a14  C:\Users\kamyab\Downloads\Programs\tdsskiller.exe - ok
15:05:08.0014 0x0a14  [ 432BE6CF7311062633459EEF6B242FB5, 890C1734ED1EF6B2422A9B21D6205CF91E014ADD8A7F41AA5A294FCF60631A7B ] C:\Windows\SysWOW64\regsvr32.exe
15:05:08.0014 0x0a14  C:\Windows\SysWOW64\regsvr32.exe - ok
15:05:08.0014 0x0a14  [ CF75C1220BF452356E07A2787C481B97, 8CCF8492434C169E30245D84EF6C69E6C2831BCB3BC9C2DA60A2A08AB6C6FFC6 ] C:\Windows\AppPatch\AcGenral.dll
15:05:08.0014 0x0a14  C:\Windows\AppPatch\AcGenral.dll - ok
15:05:08.0029 0x0a14  [ A3B93CD4992D79BD7C30F8E93A1B303B, DC214EDECB53C458FD495B53370D358A48B54F92D47E1C3E093B0164DB9D006E ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\0ab04fef0fc6f97df51351e743e30e7a\System.Data.ni.dll
15:05:08.0029 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Data\0ab04fef0fc6f97df51351e743e30e7a\System.Data.ni.dll - ok
15:05:08.0029 0x0a14  [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\SysWOW64\msacm32.dll
15:05:08.0029 0x0a14  C:\Windows\SysWOW64\msacm32.dll - ok
15:05:08.0029 0x0a14  [ B06190AF451B2037FF075AEB5D21E26F, 920E4FC543B01851E696A5FCF2045CE804FDDF9FBFD65C4E89C4D6A39845D352 ] C:\Program Files (x86)\Internet Download Manager\downlWithIDM64.dll
15:05:08.0029 0x0a14  C:\Program Files (x86)\Internet Download Manager\downlWithIDM64.dll - ok
15:05:08.0029 0x0a14  [ AC822BE8FFB08E7EA2AD573B9F87EA71, E407368144B4DAFE540CD09DD10500125897E59D8D25B3B1CAEB2B875BDD56A7 ] C:\Program Files (x86)\Internet Download Manager\IDMGetAll64.dll
15:05:08.0029 0x0a14  C:\Program Files (x86)\Internet Download Manager\IDMGetAll64.dll - ok
15:05:08.0029 0x0a14  [ 5DC864C02B410EFF2934230101EE2EC8, D23D83CC90E9257331113741E0524EBB29116276895F777F3FCE866BD7D005AA ] C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll
15:05:08.0029 0x0a14  C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll - ok
15:05:08.0029 0x0a14  [ 59BCE9F07985F8A4204F4D6554CFF708, CA24AEF558647274D019DFB4D7FD1506D84EC278795C30BA53B81BB36130DC57 ] C:\Windows\System32\regsvr32.exe
15:05:08.0029 0x0a14  C:\Windows\System32\regsvr32.exe - ok
15:05:08.0029 0x0a14  [ F60939A03CD16006A0836881C6C9B46D, B4B2813D2415A0DF170B35295947FA395846773D197CC38D21FD0B22819AE673 ] C:\Windows\AppPatch\AppPatch64\AcGenral.dll
15:05:08.0029 0x0a14  C:\Windows\AppPatch\AppPatch64\AcGenral.dll - ok
15:05:08.0045 0x0a14  [ 0D6AF56099020A0A9901F5BA1DE7D0BF, 10CD648F9B879C803236FCF21F0FEA0AD1EEAAD2D1530E63A2FF3F9978E31710 ] C:\Windows\System32\NV\igdumd64.dll
15:05:08.0045 0x0a14  C:\Windows\System32\NV\igdumd64.dll - ok
15:05:08.0045 0x0a14  [ 0D6AF56099020A0A9901F5BA1DE7D0BF, 10CD648F9B879C803236FCF21F0FEA0AD1EEAAD2D1530E63A2FF3F9978E31710 ] C:\Windows\System32\NV\igd10umd64.dll
15:05:08.0045 0x0a14  C:\Windows\System32\NV\igd10umd64.dll - ok
15:05:08.0045 0x0a14  [ 62EB3624CD0767800959F9A07C5C1186, 1105829F936FDAB97447218ABB7225D1CD3D1E721933B0024746F0D259568B2B ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll
15:05:08.0045 0x0a14  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Data\v4.0_4.0.0.0__b77a5c561934e089\System.Data.dll - ok
15:05:08.0045 0x0a14  [ 85454248692CF32F0B524BE00A00A79C, 50DC39A271D89F84804B4793EE9139583C8F270B08FA212156F681293A6C57E7 ] C:\Program Files (x86)\Western Digital\WD SmartWare\WDSQLite.dll
15:05:08.0045 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\WDSQLite.dll - ok
15:05:08.0045 0x0a14  [ 37B0E02DC2E8A67152E01DCEE6247CAB, 02E0686D613C3B8142ABA6E035A520FBD09FC5D3FACF6287479502A11628A05F ] C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll
15:05:08.0045 0x0a14  C:\Program Files (x86)\Western Digital\WD SmartWare\System.Data.SQLite.dll - ok
15:05:08.0045 0x0a14  [ 95A0C8BAC36977CC9DACD9241DCD035A, 01222FE3BE6FDE4B42E779211EA93B18E681E1E7F8570E54251379C120E639D1 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\3aecf754d95a05485edb5766deaa30de\System.Transactions.ni.dll
15:05:08.0045 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Transactions\3aecf754d95a05485edb5766deaa30de\System.Transactions.ni.dll - ok
15:05:08.0045 0x0a14  [ 8AAAD29A15A8219B4FE6367D2FAE1570, A8A51DF56BC817633EF3F2E6C5600517CD75188C7A1CB3F0E9DCB0413672AA05 ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll
15:05:08.0045 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll - ok
15:05:08.0061 0x0a14  [ F8F69B15EA0C42812B7FA6079F8DD9C9, B4DEDE96E9054FD05A8986E9536393330AF1A362E7004E8BE51A370C64D42692 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll
15:05:08.0061 0x0a14  C:\Windows\Microsoft.NET\assembly\GAC_32\System.Transactions\v4.0_4.0.0.0__b77a5c561934e089\System.Transactions.dll - ok
15:05:08.0061 0x0a14  [ EA08C92A54ACDF37043A931591298277, 20C35CE1BE714C80CD4D77B6267070EAAF8CD679262FF9C524C3BF62509984D2 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\4c524dc95595acf990ec7a72121a879b\Microsoft.VisualC.ni.dll
15:05:08.0061 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\Microsoft.VisualC\4c524dc95595acf990ec7a72121a879b\Microsoft.VisualC.ni.dll - ok
15:05:08.0061 0x0a14  [ FC39CDFA91FF9642532F39F6C54D8A62, B24DB908E0C12AEE4571D9D577B8D912F47EEA5E588724767089105D372BD5FC ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\de1cc2e930acba361d7d53c6413248bc\System.EnterpriseServices.ni.dll
15:05:08.0061 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\de1cc2e930acba361d7d53c6413248bc\System.EnterpriseServices.ni.dll - ok
15:05:08.0061 0x0a14  [ 60FEBD0291C5BA7D12AF77F4764F8251, 67CCCA6684FE463129EAE703B20F836B8AE885B97C355C6A7E70F5835B486F96 ] C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll
15:05:08.0061 0x0a14  C:\Windows\Microsoft.NET\assembly\GAC_32\System.EnterpriseServices\v4.0_4.0.0.0__b03f5f7f11d50a3a\System.EnterpriseServices.Wrapper.dll - ok
15:05:08.0061 0x0a14  [ E9A1EC5441DC17F944D30F2D844EF43A, 4884C1502EBEC028387AC936E948242E07EF78E262B8BD28E4A719673BFD68B6 ] C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\de1cc2e930acba361d7d53c6413248bc\System.EnterpriseServices.Wrapper.dll
15:05:08.0061 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Ente96d83b35#\de1cc2e930acba361d7d53c6413248bc\System.EnterpriseServices.Wrapper.dll - ok
15:05:08.0061 0x0a14  [ AC64860F5AFDC5A99A383EEB64C7536E, 1A7AA555B33240F2687719DFC024299A0B1F896C5E1743007ABB8E67CB0F6B4A ] C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\509f36ec564b9ad2bb2ffda3d4a3b5fc\CustomMarshalers.ni.dll
15:05:08.0061 0x0a14  C:\Windows\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\509f36ec564b9ad2bb2ffda3d4a3b5fc\CustomMarshalers.ni.dll - ok
15:05:08.0061 0x0a14  [ FD1DC23AA2201AE3D03CFE6006058448, 1A7C973635D0CEBB13A7EFD25C6E912949E1BCAA1F75A3B60BA6B79345DF38B6 ] C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll
15:05:08.0061 0x0a14  C:\Windows\Microsoft.NET\assembly\GAC_32\CustomMarshalers\v4.0_4.0.0.0__b03f5f7f11d50a3a\CustomMarshalers.dll - ok
15:05:08.0076 0x0a14  [ 62B5C3A96883285FF9C459C46E5A713A, 1B7DF368C0A8ACBD42A0C4CACDB5571E5E8E30AE60DA81C387E51C491C0E4EE8 ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libpeerconnection.dll
15:05:08.0076 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\libpeerconnection.dll - ok
15:05:08.0076 0x0a14  [ 354D2FE14FB8885342BB1A9330C4AA5A, 9974697A9FCDE10FD4ECCFE591F3794AC8B2EE0C562D7F1EB41B6BF5B9A06243 ] C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ffmpegsumo.dll
15:05:08.0076 0x0a14  C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ffmpegsumo.dll - ok
15:05:08.0076 0x0a14  [ 21FF3F07336CE4F8DF6AF1746BC26AAB, 81E4B9E115F637E238781057F0276364877C3A0E8830CB1563B80D686C539540 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll
15:05:08.0076 0x0a14  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\Browser\nppdf32.dll - ok
15:05:08.0076 0x0a14  [ 600B82FB81E6EE36A3D9C33B96B0BB0A, 5A4157E20ABFBC4A813DE96841BE3B81AABB2F19DDD3BA3A9D9F487625C6E635 ] C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll
15:05:08.0076 0x0a14  C:\Program Files (x86)\Mozilla Firefox\plugins\npMeetingJoinPluginOC.dll - ok
15:05:08.0076 0x0a14  [ 0C51E3DD6DFF95DAA7095B8BDEFC85B4, 6044862C1F668607E075E15F6E68877C773016F449EDC86B0C14ADB1E090B7D7 ] C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL
15:05:08.0076 0x0a14  C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL - ok
15:05:08.0076 0x0a14  [ E0BCE90537E4A41AF36D5BDD5963A09D, A1B58D5DAD2501C1BEC15C89A2FD05A5523571CAE405FC4A4DAB56DA66638F37 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
15:05:08.0076 0x0a14  C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll - ok
15:05:08.0076 0x0a14  [ 98137411B9C632095F919E2CE70B288A, D7ED1F2B0AA1B3B1FFA336D39BCB4CB6F9ED1D769D7639BDD132EB41F37C09D3 ] C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll
15:05:08.0076 0x0a14  C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll - ok
15:05:08.0092 0x0a14  [ A30C10E0C3542B7A87FF7D2DFF4C9294, F345931C73868B3142A93CED9F3F3A65EE071807129583C634AC00207DE3018A ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll
15:05:08.0092 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll - ok
15:05:08.0092 0x0a14  [ 3118619EBBA4257109A3FBEE807790F4, C88F5C153D859139E23D29B3145C3B288893622931318EC3B9D0A02ED287273E ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll
15:05:08.0092 0x0a14  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll - ok
15:05:08.0092 0x0a14  [ 9E113C0AD33F92A5741584286F93F84B, 6C9848A1E41EB827331B964A30019FF3EF73E7ED63D3773D75864488C74F5C02 ] C:\Windows\System32\VAN.dll
15:05:08.0092 0x0a14  C:\Windows\System32\VAN.dll - ok
15:05:08.0092 0x0a14  [ 5D68F68E12B8BCD35ADE5A7B4FE5F456, D4514803EDFCF9B83D2F439570C9A0E84A75DF07BF7821FB4E2BB002F8BD5E83 ] C:\Windows\System32\wwanmm.dll
15:05:08.0092 0x0a14  C:\Windows\System32\wwanmm.dll - ok
15:05:08.0092 0x0a14  [ 18C27789FCFDDDB8D45C1EC4BC77CC8C, 588CA4582AAC716E93F7A26E53786FE25B02DFFDF12609D01562439BF54EE3FD ] C:\Windows\System32\RASMM.dll
15:05:08.0092 0x0a14  C:\Windows\System32\RASMM.dll - ok
15:05:08.0092 0x0a14  [ 448DE6CDB7976373B35CA03B6BF9BE48, C88987F084375DDBCF2F209274543157443031B6A6C644EEF96AD7489BA8B804 ] C:\Windows\System32\WlanMM.dll
15:05:08.0092 0x0a14  C:\Windows\System32\WlanMM.dll - ok
15:05:08.0092 0x0a14  [ 694AAC16CEF20A4324947AE1FDDE6F70, 83470BC120D4EA7479F502C03F625181E0FB61A9FF6804074FBE6EDF224AFEF5 ] C:\Windows\System32\xwizards.dll
15:05:08.0092 0x0a14  C:\Windows\System32\xwizards.dll - ok
15:05:08.0092 0x0a14  [ 0D6D30B28530F06B691A9F6D06BE4904, 9A84A6BBB4D645943A85320B8E6CAA0CFB112590BA5E989D06384CCA8B1162E0 ] C:\Windows\System32\xwtpdui.dll
15:05:08.0092 0x0a14  C:\Windows\System32\xwtpdui.dll - ok
15:05:08.0107 0x0a14  [ 8ABAF080B397040501301429A9051D6A, 626974EF561185F4DE076E913895EF3B200C7EF933E329BCC79B189950884652 ] C:\Windows\System32\WLanConn.dll
15:05:08.0107 0x0a14  C:\Windows\System32\WLanConn.dll - ok
15:05:08.0107 0x0a14  [ 2A4554FFB41793CA598458C81F7C3812, 107EFF787506F90B917A5DFACEA3F6913BE6FC1E293E49F1E9E3BEF825BB3763 ] C:\Windows\System32\wlandlg.dll
15:05:08.0107 0x0a14  C:\Windows\System32\wlandlg.dll - ok
15:05:08.0107 0x0a14  [ 89590BBB548661956C031D508CC9F3DE, 7B4D7D24ADBCAF54381869BD7CDF698223E8D7B8E42D6AF4920D5B3E43D0C024 ] C:\Windows\System32\onexui.dll
15:05:08.0107 0x0a14  C:\Windows\System32\onexui.dll - ok
15:05:08.0107 0x0a14  [ 81252AA3B13743020BCF2089A5A0D911, BFFB1A5917EC1EDAF6B58EAFD888575299365D09C734FACF5A7D1843680DDFD8 ] C:\Windows\System32\wscinterop.dll
15:05:08.0107 0x0a14  C:\Windows\System32\wscinterop.dll - ok
15:05:08.0107 0x0a14  [ 85409DCE247D97E4D6958B7C5916BE4A, EDCD209F16C8D3930275E3E33378DA799C49773B1FC6B0F27D3EBE0EE8A9B6E4 ] C:\Windows\System32\wscapi.dll
15:05:08.0107 0x0a14  C:\Windows\System32\wscapi.dll - ok
15:05:08.0107 0x0a14  [ DF50DAE4C547285E4997A0C61063B632, 24F1B66CD2C5188609F936E7F4947E29EB120C59731E7028285CE6791F31B580 ] C:\Windows\System32\wscui.cpl
15:05:08.0107 0x0a14  C:\Windows\System32\wscui.cpl - ok
15:05:08.0107 0x0a14  [ C3626E674990EF003B6C94807E82B501, 2C94CC7BEE7529D6CB3D832FAB5CFC87E72D06800B930A586875A317E2DD11FA ] C:\Windows\System32\werconcpl.dll
15:05:08.0107 0x0a14  C:\Windows\System32\werconcpl.dll - ok
15:05:08.0107 0x0a14  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] C:\Windows\System32\wercplsupport.dll
15:05:08.0107 0x0a14  C:\Windows\System32\wercplsupport.dll - ok
15:05:08.0123 0x0a14  [ 809AE7D4ACE06BBCF621E5C504BF6FC8, 0BAAB89FB57468F27446947D75CBD6DDFC92D9B8F040144A12656803B2F7BF65 ] C:\Windows\System32\hcproviders.dll
15:05:08.0123 0x0a14  C:\Windows\System32\hcproviders.dll - ok
15:05:08.0123 0x0a14  [ 74C560085FD533E9C26729D360E885A3, 2CBA58837E73DEAFA86D69A657D0E705598E43F8F7BE90C3E351C259321778DB ] C:\Program Files\Internet Explorer\ieproxy.dll
15:05:08.0123 0x0a14  C:\Program Files\Internet Explorer\ieproxy.dll - ok
15:05:08.0123 0x0a14  [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
15:05:08.0123 0x0a14  C:\Windows\System32\dimsjob.dll - ok
15:05:08.0123 0x0a14  [ 04D16553664796613FE98D441A0C35D7, EC9D4B3B8F8B0C3EE01D18CDF5BE9EF216AC9BBB1FB64A63D5013BD9AFB2A606 ] C:\Windows\SysWOW64\cryptnet.dll
15:05:08.0123 0x0a14  C:\Windows\SysWOW64\cryptnet.dll - ok
15:05:08.0123 0x0a14  [ B784BC839C9F6C0F0E6F08BE37B82BEC, 6E04080EC4607F4B1BE1BF79B7B905307CAEA494F73EBAB1E937F018DCEAAB06 ] C:\Windows\System32\mobsync.exe
15:05:08.0123 0x0a14  C:\Windows\System32\mobsync.exe - ok
15:05:08.0123 0x0a14  [ 770DCACACBC43878C789A984A638CEC7, 39A4A036DC7842B368A8F3B6268C6F196FF0091CF648BFDE3319619082C07520 ] C:\Windows\System32\SyncInfrastructure.dll
15:05:08.0123 0x0a14  C:\Windows\System32\SyncInfrastructure.dll - ok
15:05:08.0123 0x0a14  [ 4EBBC2B0AD7F9075AE9D6835D2A62B6E, EAAB690EBD8DDF9AE452DE1BC03B73C8154264DBD7A292334733B47A668EBF31 ] C:\Windows\System32\sc.exe
15:05:08.0123 0x0a14  C:\Windows\System32\sc.exe - ok
15:05:08.0123 0x0a14  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] C:\Windows\System32\w32time.dll
15:05:08.0123 0x0a14  C:\Windows\System32\w32time.dll - ok
15:05:08.0123 0x0a14  [ 952E153ACD10E697D554AC02EE629E01, B9C2FFE76D6E63FD49E76B4C5DF29E611A665CC42FA58047FF85BA2B4BAA8337 ] C:\Windows\System32\vmictimeprovider.dll
15:05:08.0123 0x0a14  C:\Windows\System32\vmictimeprovider.dll - ok
15:05:08.0139 0x0a14  [ 7F0C323FE3DA28AA4AA1BDA3F575707F, 7FF09CBC16A9E5F357A76FF79A3F0DD047957D474031F51A6BB4916C7911F005 ] C:\Windows\System32\qmgr.dll
15:05:08.0139 0x0a14  C:\Windows\System32\qmgr.dll - ok
15:05:08.0139 0x0a14  [ 4E75477E8BFA55C6F1F2688FB553F0C5, DE9880626EBC13AB07609567060A11316BA4532FB316BBCC6A6E8086E3843D62 ] C:\Windows\System32\bitsperf.dll
15:05:08.0139 0x0a14  C:\Windows\System32\bitsperf.dll - ok
15:05:08.0139 0x0a14  [ D9431DCF90B0253773F51FDEFE7FD42F, E53C40CC0EC603CF67305F0AA81389124CF6E709A22DABF13563CBAD15897422 ] C:\Windows\System32\bitsigd.dll
15:05:08.0139 0x0a14  C:\Windows\System32\bitsigd.dll - ok
15:05:08.0139 0x0a14  [ 9E29BC11A70165635CC10D42E64CFEE1, D6C00F2462697D7EC5797C0016171B7A0FDE0BA37110EB201D3530A5A943D74D ] C:\Windows\System32\upnp.dll
15:05:08.0139 0x0a14  C:\Windows\System32\upnp.dll - ok
15:05:08.0139 0x0a14  [ AC5DF873913B00E554D8F553459BC431, 86FC6E15BD67AEB714E44C088EDA1C17BAC25A1EC67A518A05878D594F293394 ] C:\Windows\System32\qmgrprxy.dll
15:05:08.0139 0x0a14  C:\Windows\System32\qmgrprxy.dll - ok
15:05:08.0139 0x0a14  [ 85B45B4B285B159ACDB355FC8C1E8925, EBB4A5472306A284D3A845347E2A79B13EFCCBA86705E1D49DE8AC44D8D06112 ] C:\Windows\SysWOW64\qmgrprxy.dll
15:05:08.0139 0x0a14  C:\Windows\SysWOW64\qmgrprxy.dll - ok
15:05:08.0139 0x0a14  [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
15:05:08.0139 0x0a14  C:\Windows\SysWOW64\netprofm.dll - ok
15:05:08.0139 0x0a14  [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
15:05:08.0139 0x0a14  C:\Windows\SysWOW64\npmproxy.dll - ok
15:05:08.0154 0x0a14  [ C20FF1A17726C357461A7AC5B3BFC3AD, 970558642CC14837B77B48257E3171ACC84466888875927314ACD6D79176F967 ] C:\Windows\SysWOW64\ncrypt.dll
15:05:08.0154 0x0a14  C:\Windows\SysWOW64\ncrypt.dll - ok
15:05:08.0154 0x0a14  [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
15:05:08.0154 0x0a14  C:\Windows\SysWOW64\bcryptprimitives.dll - ok
15:05:08.0154 0x0a14  [ DEF30CBEA881149C2AFFDF9A059FB759, F0F4DFBD8B6B80FFE3F019380E44EFD276FBD1A99E6135088E042E78EC2C6515 ] C:\Windows\SysWOW64\cabinet.dll
15:05:08.0154 0x0a14  C:\Windows\SysWOW64\cabinet.dll - ok
15:05:08.0154 0x0a14  [ C5413BC4F10CEB4C3070BBF04D324117, 83908C79D22458BC05FAB5ABF1DDF74177B1E5C612E893C62C19C284D2C86F60 ] C:\Windows\SysWOW64\msisip.dll
15:05:08.0154 0x0a14  C:\Windows\SysWOW64\msisip.dll - ok
15:05:08.0154 0x0a14  [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
15:05:08.0154 0x0a14  C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
15:05:08.0154 0x0a14  [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
15:05:08.0154 0x0a14  C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe - ok
15:05:08.0154 0x0a14  [ 81FB155132AE12BA18119D5B36A85476, B135C87752B20C98CD5D4B9BE47316F785EC41FD5E391D8609F06EDA29B05BBF ] C:\Windows\System32\msvcr110_clr0400.dll
15:05:08.0154 0x0a14  C:\Windows\System32\msvcr110_clr0400.dll - ok
15:05:08.0154 0x0a14  [ BC00505CFDA789ED3BE95D2FF38C4875, 9CB98AFF8A9740CFB53BDFB3DD40A76EB79C160CF2DF03E5EEFF6F2109216FEB ] C:\Windows\System32\FntCache.dll
15:05:08.0154 0x0a14  C:\Windows\System32\FntCache.dll - ok
15:05:08.0170 0x0a14  [ 0E16A89D13777ED360969F8064B83864, 6FB78E2918C458AF9ADA544A9C54AD6CC4070D9A96035D24509B8EF76211869A ] C:\Program Files (x86)\Google\Update\1.3.26.9\goopdateres_en.dll
15:05:08.0170 0x0a14  C:\Program Files (x86)\Google\Update\1.3.26.9\goopdateres_en.dll - ok
15:05:08.0170 0x0a14  [ CF318F60A84F15AF352439465A8D05F4, E713F7FD90EB5D8845F3407E94FFD17D893C59746330960A36645A989D8D45AF ] C:\Program Files\Windows Defender\MpSvc.dll
15:05:08.0170 0x0a14  C:\Program Files\Windows Defender\MpSvc.dll - ok
15:05:08.0170 0x0a14  [ ADF3E771F429940E762AC097F5A54EAF, C6083EFF964E56DAB13C1D9A925052110A57145AEF06D895EAB53FD882463436 ] C:\Program Files\Windows Defender\MpClient.dll
15:05:08.0170 0x0a14  C:\Program Files\Windows Defender\MpClient.dll - ok
15:05:08.0170 0x0a14  [ 9BF014C20F91D97055532F2F5496E7BD, DD3CF54F729504F6A30920CC83CC32EE6165B59668291D772FDA49C37CFF08C1 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
15:05:08.0170 0x0a14  C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
15:05:08.0170 0x0a14  [ 302B93586DFA480545C320EBA5BA6572, 78DF6FBD3B37F753156D0372C514AB20CA5EF2CACE6A32E983FE2E956AF99791 ] C:\Windows\System32\wmdrmdev.dll
15:05:08.0170 0x0a14  C:\Windows\System32\wmdrmdev.dll - ok
15:05:08.0170 0x0a14  [ 2C1055E2C6D42753241FB2A129136994, A8E858B4CB8E1E13C7574330C703E0060AEE8B7B19B682F9AE5B4A02BDC659E2 ] C:\Windows\System32\drmv2clt.dll
15:05:08.0170 0x0a14  C:\Windows\System32\drmv2clt.dll - ok
15:05:08.0170 0x0a14  [ 4F20D081F9C9B91730EE5CB84E9AC8C4, 8A8DE5D3519715ABF13A9F276FD6B3816C0B7DE79B8F0406A601B0CAAF274F7D ] C:\Windows\System32\blackbox.dll
15:05:08.0170 0x0a14  C:\Windows\System32\blackbox.dll - ok
15:05:08.0185 0x0a14  [ 8F9F3969933C02DA96EB0F84576DB43E, C424D7B881A4DCC348433CF02044383013E32DB94CC66D1D20E1866CB3B0F952 ] C:\Windows\System32\wscsvc.dll
15:05:08.0185 0x0a14  C:\Windows\System32\wscsvc.dll - ok
15:05:08.0185 0x0a14  [ AD888613E7BE5CCD7BF25CA8EBDA4E7C, 3B732A5F0E54EF2CFC87F3E373BF1D624D8C6E08B4FA4767767BFABA92FDC7A0 ] C:\Windows\System32\wmp.dll
15:05:08.0185 0x0a14  C:\Windows\System32\wmp.dll - ok
15:05:08.0185 0x0a14  [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
15:05:08.0185 0x0a14  C:\Windows\System32\p2pcollab.dll - ok
15:05:08.0185 0x0a14  [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] C:\Windows\System32\wuaueng.dll
15:05:08.0185 0x0a14  C:\Windows\System32\wuaueng.dll - ok
15:05:08.0185 0x0a14  [ 4987E079A4530FA737A128BE54B63B12, 27E51CC7D4D90DC4397575491DE7EFE15808709F097E2828E46AA73C771A47A4 ] C:\Windows\System32\QAGENTRT.DLL
15:05:08.0185 0x0a14  C:\Windows\System32\QAGENTRT.DLL - ok
15:05:08.0185 0x0a14  [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
15:05:08.0185 0x0a14  C:\Windows\System32\fveui.dll - ok
15:05:08.0185 0x0a14  [ 64E6A44177ACF348D68255A37F4723DA, 5D66D94A347BC43D0D8157CC5A24ABAF2F60B5DBEB2B1527C251452128E00EE2 ] C:\Windows\System32\cabinet.dll
15:05:08.0185 0x0a14  C:\Windows\System32\cabinet.dll - ok
15:05:08.0185 0x0a14  [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
15:05:08.0185 0x0a14  C:\Windows\System32\wuapi.dll - ok
15:05:08.0185 0x0a14  [ 617F6EC0AC677C685479C1D0D1E76C6F, 77B22C0817558CE70EF7D3BBE04A275FFA35ED2E4AFB17DBDF353DF9932DC693 ] C:\Windows\System32\mspatcha.dll
15:05:08.0185 0x0a14  C:\Windows\System32\mspatcha.dll - ok
15:05:08.0201 0x0a14  [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C62A634B8CAEF5F ] C:\Windows\System32\wups.dll
15:05:08.0201 0x0a14  C:\Windows\System32\wups.dll - ok
15:05:08.0201 0x0a14  [ 7FE0D0C8F53735EA17C9AE93EFE7AD5A, 7F67FE1E0453CCCFA5097BFC9087BA5F4B213CCA8AC17FC05D7ED02A52112E05 ] C:\Windows\System32\wups2.dll
15:05:08.0201 0x0a14  C:\Windows\System32\wups2.dll - ok
15:05:08.0201 0x0a14  [ D62840B33B87BC2ED8D7060D7C66096C, 0F2794C07DD02DB2F8DA2BC2A0F84CF0AB97A060E487ECD6EA6F9D5850468B24 ] C:\Windows\System32\wmploc.DLL
15:05:08.0201 0x0a14  C:\Windows\System32\wmploc.DLL - ok
15:05:08.0201 0x0a14  [ 4FDFA3F219692D17011BF1B428857C1E, 0422101F9D47633DFF47DF022031C4221B9D395F3E23C0C6E0A54CE55D76565D ] C:\Program Files\Windows Defender\MpRTP.dll
15:05:08.0201 0x0a14  C:\Program Files\Windows Defender\MpRTP.dll - ok
15:05:08.0201 0x0a14  [ FBD879D17B26D49DD7A48FF58062FAE6, 531363F29AB4C479C7757D5FE45D7CE2609FA112E644AB98F8269E03454DC387 ] C:\Windows\System32\tdh.dll
15:05:08.0201 0x0a14  C:\Windows\System32\tdh.dll - ok
15:05:08.0201 0x0a14  [ 2D444C361F758D6CC4B2F51655ECF528, DC54D594B9D5FC27C29C5B843D03E618086E5E070E03ED911C6A8E506C6F2020 ] C:\Windows\System32\wmpps.dll
15:05:08.0201 0x0a14  C:\Windows\System32\wmpps.dll - ok
15:05:08.0201 0x0a14  [ 934CFB51F412768B04440A3AF9A043F9, 7FBC94D796B9D574D6D3E24C76556F03EA422B14060332266E9A48E90F8CAE92 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9355F76-32EE-4577-A772-A8502E4A9770}\mpengine.dll
15:05:08.0201 0x0a14  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9355F76-32EE-4577-A772-A8502E4A9770}\mpengine.dll - ok
15:05:08.0201 0x0a14  [ FEE3F5EC45435907C0C37DD5A94A8EF5, C71555679611733A1D20BE42543E9AD8764824E0F00F02476E5C7D208DC78434 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9355F76-32EE-4577-A772-A8502E4A9770}\mpasbase.vdm
15:05:08.0201 0x0a14  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9355F76-32EE-4577-A772-A8502E4A9770}\mpasbase.vdm - ok
15:05:08.0217 0x0a14  [ 0532D02F118D0AEBDBCC03E851487C98, B47D9E7D9AD5ED0F2FF9C0C3EA396019D3C216B1FC0801BDB9509AC7D6E93845 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9355F76-32EE-4577-A772-A8502E4A9770}\mpasdlta.vdm
15:05:08.0217 0x0a14  C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E9355F76-32EE-4577-A772-A8502E4A9770}\mpasdlta.vdm - ok
15:05:08.0217 0x0a14  [ 93BB66044FA76734E882C6F3E8EE1900, E00FE1028C999FFED3F8335F9D760929CB3A11B6EEF8D8D2F2CA4A32DEC56B26 ] C:\Program Files\Windows Defender\MsMpLics.dll
15:05:08.0217 0x0a14  C:\Program Files\Windows Defender\MsMpLics.dll - ok
15:05:08.0217 0x0a14  [ B84E2D174DC84916A536572BB8F691A8, 94E3D68F102439D3A585D2D796F3F3FC27CB41C640058DDC14AF99A723B2CD99 ] C:\Windows\System32\wscisvif.dll
15:05:08.0217 0x0a14  C:\Windows\System32\wscisvif.dll - ok
15:05:08.0217 0x0a14  [ 6C1E3C43B35268C17833244C8ED96430, 9C571AA762E71177B6FF486D1DB500E3530E13CAFD87316AD2C64F5A55EB4A93 ] C:\Windows\System32\wscproxystub.dll
15:05:08.0217 0x0a14  C:\Windows\System32\wscproxystub.dll - ok
15:05:08.0217 0x0a14  [ CE284454C16CD202961BD4A7F1FF105D, 0D6B77324AC7CF23DF8BC06EDA998A7E8F4CDE729D1FC0412B555ED0348DCBE2 ] C:\Program Files (x86)\Internet Download Manager\idmindex.dll
15:05:08.0217 0x0a14  C:\Program Files (x86)\Internet Download Manager\idmindex.dll - ok
15:05:08.0217 0x0a14  [ 48DB4BFCE6F3476DFA6602546F5FB5D4, 3A47DBB1F86F2C51F3F8FB9C3A8B1309F5E182AB9AF55179959104D262CE985D ] C:\Program Files (x86)\Internet Download Manager\idmftype.dll
15:05:08.0217 0x0a14  C:\Program Files (x86)\Internet Download Manager\idmftype.dll - ok
15:05:08.0217 0x0a14  [ 2626FC9755BE22F805D3CFA0CE3EE727, C82149BACA8D91B3FF1A189CA5DC814701E79BBB14798CD5766593B1206A1BAA ] C:\Windows\SysWOW64\explorer.exe
15:05:08.0217 0x0a14  C:\Windows\SysWOW64\explorer.exe - ok
15:05:08.0232 0x0a14  [ B6C4063297C7D07CD0532BDC3350436C, 53BFA368D973ABDFAEE71FE73189591A9A06A387F65725EE2042314D50F3B938 ] C:\Windows\SysWOW64\actxprxy.dll
15:05:08.0232 0x0a14  C:\Windows\SysWOW64\actxprxy.dll - ok
15:05:08.0232 0x0a14  [ 999C154624F9031DA6E50F21AF42AB26, C29EB8CD24898AD8AF02004DAA4929C427EF7BEA0BC769A6ED6A81EB97ABFDA6 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll
15:05:08.0232 0x0a14  C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll - ok
15:05:08.0232 0x0a14  [ CFF03DCC74E5C80686FA8AA972CA4770, 72662117432D9071A8CF143ED77FC80004241EFDE3C3B5C7888BAF016E5478E7 ] C:\Windows\System32\EhStorAPI.dll
15:05:08.0232 0x0a14  C:\Windows\System32\EhStorAPI.dll - ok
15:05:08.0232 0x0a14  [ 2CEEA1DFC2786D39297939DF298CED29, EE7D317AF36AD8B53ECE491FA0C526C612E7D4D5A370B749BDCE8EC08FD941C3 ] C:\Windows\System32\StructuredQuery.dll
15:05:08.0232 0x0a14  C:\Windows\System32\StructuredQuery.dll - ok
15:05:08.0232 0x0a14  [ EF33F6DD121B7F546F36112B8B73C609, 5E633223430C323FF8A054E9DC2C03E181F66FEAA7D9D8A0CFE66AC3A593C4C7 ] C:\Windows\System32\zipfldr.dll
15:05:08.0232 0x0a14  C:\Windows\System32\zipfldr.dll - ok
15:05:08.0232 0x0a14  [ 1850DAAA7E7A2E543C4A299B58AC9162, 457B9B12AE5D7251FCE6F67ADF4E0E4B312313405A0189CFA90112B91D1BF48B ] C:\Program Files\WinRAR\RarExt.dll
15:05:08.0232 0x0a14  C:\Program Files\WinRAR\RarExt.dll - ok
15:05:08.0232 0x0a14  [ 5C648ECB4D8315D418852F3C9E2D0B62, F569BBAB82F9FAA3013BA6FB9133159ECA3BDB97E40AC44004E505D337743045 ] C:\Program Files\WinRAR\Formats\tar.fmt
15:05:08.0232 0x0a14  C:\Program Files\WinRAR\Formats\tar.fmt - ok
15:05:08.0232 0x0a14  [ 990908C3F2E4659AD76B58AF089F2983, 82DB00AA1DA04EE21E74FCC47071FF839E662D8208339D939089F9E83159056E ] C:\Program Files\WinRAR\Formats\z.fmt
15:05:08.0232 0x0a14  C:\Program Files\WinRAR\Formats\z.fmt - ok
15:05:08.0248 0x0a14  [ 2B437F3689E7F27332BAA2B4C0F16768, 623F924051C757F0E76898FF7747B7C66DD35ED206354F4C9ED91EA84023DE4C ] C:\Program Files\WinRAR\Formats\gz.fmt
15:05:08.0248 0x0a14  C:\Program Files\WinRAR\Formats\gz.fmt - ok
15:05:08.0248 0x0a14  [ 2D476232DA2189192349FC7B0A260039, BFC0A3C0B05E0C9E3DA7C5311EC98595D745AF4C9CA096DB37D37D0D67CEC015 ] C:\Program Files\WinRAR\Formats\arj.fmt
15:05:08.0248 0x0a14  C:\Program Files\WinRAR\Formats\arj.fmt - ok
15:05:08.0248 0x0a14  [ 2D862359BB7C32B98E854654310CF969, 0BF7B7DC8679F8C07861BCE3FD9E09603104C71BB6249815AE9569C74F2D8261 ] C:\Program Files\WinRAR\Formats\uue.fmt
15:05:08.0248 0x0a14  C:\Program Files\WinRAR\Formats\uue.fmt - ok
15:05:08.0248 0x0a14  [ 32643934772AC3389F24CFA34744E35A, 8A13D4C32B55DE92436FEE707BCFDDCEF0DB2B16BB452034FB826C6A05FD8F14 ] C:\Program Files\WinRAR\Formats\7z.fmt
15:05:08.0248 0x0a14  C:\Program Files\WinRAR\Formats\7z.fmt - ok
15:05:08.0248 0x0a14  [ 5EA9A0950F322BFA382AF277801C0307, A2C00A3E22A484A00620FF801E0B6EB475C9593C80AF321564E5A0DD2B1C38B7 ] C:\Windows\System32\wbem\wmipcima.dll
15:05:08.0248 0x0a14  C:\Windows\System32\wbem\wmipcima.dll - ok
15:05:08.0248 0x0a14  [ 005247E3057BC5D5C3F8C6F886FFC10C, FCB27F89EC36856A4A225744CE5EE3A30CBC8A447868B165D95E8AB2C17F5671 ] C:\Windows\System32\wbem\WMIADAP.exe
15:05:08.0248 0x0a14  C:\Windows\System32\wbem\WMIADAP.exe - ok
15:05:08.0248 0x0a14  [ C1C03EA437EDDA8A7D4D8786E5AE6751, 6526170B7573B4E673D3FCF65E903ABBCDEA5F42BA9EC5BB84E421D6133346BB ] C:\Windows\System32\wuauclt.exe
15:05:08.0248 0x0a14  C:\Windows\System32\wuauclt.exe - ok
15:05:08.0248 0x0a14  ================ Scan generic autorun ======================
15:05:08.0341 0x0a14  [ 7446797BEB4ED4B4326A8684095004E5, 037AB4FBD784F2D0042A1945CDB23BE6B59C794514F80401100132CDB7C585C7 ] C:\Windows\system32\igfxtray.exe
15:05:08.0341 0x0a14  IgfxTray - ok
15:05:08.0357 0x0a14  [ 0591EF4ED8785C8D271856B9350DAF24, E02295DFEBED9B4454DFAC8B066594418FC5C168BF3DEA94F9218CBBA9A5276C ] C:\Windows\system32\hkcmd.exe
15:05:08.0373 0x0a14  HotKeysCmds - ok
15:05:08.0388 0x0a14  [ 1B5783B12FCB0CC6BF92D092247DE0E2, 1491A6A39B7B750A41C40DF470E5F7A98FE616809F9E815AFC06237A9D34C0C8 ] C:\Windows\system32\igfxpers.exe
15:05:08.0404 0x0a14  Persistence - ok
15:05:08.0451 0x0a14  [ F9F9EC5D096E82D51DA46AC7E6F43A62, 74C24869C74602ABB470B0A0974F515C019CA3C660F9687066310A4635B1F9DC ] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
15:05:08.0466 0x0a14  AtherosBtStack - detected UnsignedFile.Multi.Generic ( 1 )
15:05:11.0586 0x0a14  Detect skipped due to KSN trusted
15:05:11.0586 0x0a14  AtherosBtStack - ok
15:05:11.0633 0x0a14  [ 86037BF9D71D3DA147AFEA3EA7EB93DD, 5A410F7DCBC640CBAA9AEA1F29D68450FB2FF781EE8C259D3D1305C7297E0CC3 ] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
15:05:11.0664 0x0a14  AthBtTray - detected UnsignedFile.Multi.Generic ( 1 )
15:05:14.0987 0x0a14  Detect skipped due to KSN trusted
15:05:14.0987 0x0a14  AthBtTray - ok
15:05:15.0081 0x0a14  [ 77B61BA0EB74B23E21D24BC8F226439F, AA3238938D4363CD045F217AAA7A623FDF47964D06CD9429665C86492B58B1D0 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
15:05:15.0081 0x0a14  ASUSQuickGesture(x86) - ok
15:05:15.0159 0x0a14  [ 8FCCEE7F903AEF78ABB1EB9FFEA62067, 100206CC2EC8D8CFB1480393E3285ADC9E7110A45FEBEDD1061FC4210D467D00 ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
15:05:15.0159 0x0a14  ASUSTPLoader(x64) - ok
15:05:15.0190 0x0a14  [ 950CDF8CF48AE41B28CF326F2895DFE2, C76D40E02E05B8D6451A1ACF03F7E00BB80ED608F2018292048BCF130E22A36D ] C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
15:05:15.0190 0x0a14  ASUSQuickGesture(x64) - ok
15:05:15.0502 0x0a14  [ CCC2990D218899C9D4EA36CD520DD29A, C78FD6490778DBFA174DDAEEB60E1C610F4E8AA24C35752E9CAE331BD27B7058 ] C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
15:05:15.0689 0x0a14  RTHDVCPL - ok
15:05:15.0751 0x0a14  [ B1DDCBE7D17DE94045FE9E40EB3D0170, 76EAF208139160C10937FEB4CB47A9890BF66414A3958289DDDCE62EA6E701FC ] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
15:05:15.0783 0x0a14  RtHDVBg - ok
15:05:15.0907 0x0a14  [ 93FD4CF3A08F7C4EACB4E11C8AB617BD, 91B9E09CC64C2E7C8C8319C4914ED5BFBAF13A106B7474BF9C336910E65A94BD ] C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
15:05:15.0970 0x0a14  egui - ok
15:05:16.0048 0x0a14  [ A0012C1D9B8648C20C00202418B9D02F, 833AFB6BCABBF9991C811D6D1BF2C7B95A584F46D93C6B3F49CA2A8A6BE5E657 ] C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
15:05:16.0095 0x0a14  NvBackend - ok
15:05:16.0126 0x0a14  [ DD81D91FF3B0763C392422865C9AC12E, F5691B8F200E3196E6808E932630E862F8F26F31CD949981373F23C9D87DB8B9 ] C:\Windows\system32\rundll32.exe
15:05:16.0126 0x0a14  ShadowPlay - ok
15:05:16.0251 0x0a14  [ A005676B30AEB3C7703C317D992B193A, 446155F3AB94BF33DB91E7C2C1EED57ED449D82710BFC96DFA07DBA1D346399E ] C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
15:05:16.0251 0x0a14  USB3MON - ok
15:05:16.0313 0x0a14  [ FE821F6FA60E9DF9FDEE69A23488BBAB, 98D9926152FDA45705F5E208D7236E467CAEEF83D756A14B4104EBF804644B29 ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
15:05:16.0344 0x0a14  Adobe ARM - ok
15:05:16.0375 0x0a14  [ BA48CCEC781FD10B6C869F7C45CAA23E, DB3493CD84698C76B100815BCD048FEE16017615B42A2A7A02AF4C3856EAF7EB ] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
15:05:16.0391 0x0a14  ATKOSD2 - ok
15:05:16.0407 0x0a14  [ 5041D28614C0278A089BEF977C501439, 50ACA3732812039E1B43C22B917EA57A68822EDD658494854662204C7EE1AC9C ] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
15:05:16.0422 0x0a14  ATKMEDIA - ok
15:05:16.0438 0x0a14  [ 5AEBF6FA9805C9101220AA4FB4FA17E7, A9B2FC41380211A6C44E839A95676A5BA868CEEBB56D83A780230434C2A20836 ] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
15:05:16.0438 0x0a14  HControlUser - ok
15:05:16.0516 0x0a14  [ 0610E1989914B6DA54165A4F2C766721, CFFDCA465C9A6988A747C08346B9A122A4DB08AACE42B8AEB4AE410981044892 ] C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
15:05:16.0547 0x0a14  WD Drive Unlocker - ok
15:05:16.0703 0x0a14  [ 36CD605A0DDAFCBC3882B3B3152D5564, 0CD799F2E534D63B6D93D2A7534AD078FE14714F923D158DFEF74C4DD0E5021E ] C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
15:05:16.0781 0x0a14  WD Quick View - ok
15:05:16.0859 0x0a14  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:05:16.0906 0x0a14  Sidebar - ok
15:05:16.0937 0x0a14  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:05:16.0968 0x0a14  mctadmin - ok
15:05:16.0984 0x0a14  [ EA6EADF6314E43783BA8EEE79F93F73C, 1A4BC2D8DFBDC37AF85C73DEE76A6EE901EBA188D43856BD2FFA96B79A126F73 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
15:05:17.0015 0x0a14  Sidebar - ok
15:05:17.0015 0x0a14  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
15:05:17.0031 0x0a14  mctadmin - ok
15:05:17.0171 0x0a14  [ B10378B42F3BED7868D88C09F051718B, 697A1A8152BBFD25CB71BCF12E9B8D22E71DCD26F04E6AE40CD6BB0B0590F65D ] C:\Program Files (x86)\Internet Download Manager\IDMan.exe
15:05:17.0265 0x0a14  IDMan - detected UnsignedFile.Multi.Generic ( 1 )
15:05:20.0431 0x0a14  IDMan ( UnsignedFile.Multi.Generic ) - warning
15:05:20.0431 0x0a14  Force sending object to P2P due to detect: C:\Program Files (x86)\Internet Download Manager\IDMan.exe
15:05:20.0962 0x04a4  Object send P2P result: false
15:05:40.0446 0x0a14  Object send P2P result: false
15:05:43.0816 0x0a14  [ 7A6A4EDC0CEF9DE9CAFFDFE36D991FD4, 29078B41C8E977E06D925936325B1BE41F478CE53B1F5D2408A7C414240DC0B2 ] C:\Users\kamyab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
15:05:43.0831 0x0a14  Spotify Web Helper - ok
15:05:43.0831 0x0a14  Waiting for KSN requests completion. In queue: 1
15:05:44.0845 0x0a14  Waiting for KSN requests completion. In queue: 1
15:05:45.0859 0x0a14  Waiting for KSN requests completion. In queue: 1
15:05:46.0873 0x0a14  Waiting for KSN requests completion. In queue: 1
15:05:47.0919 0x0a14  AV detected via SS2: ESET NOD32 Antivirus 5.2, C:\Program Files\ESET\ESET NOD32 Antivirus\ecmd.exe ( 5.2.7.0 ), 0x41000 ( enabled : updated )
15:05:47.0965 0x0a14  Win FW state via NFP2: enabled
15:05:50.0805 0x0a14  ============================================================
15:05:50.0805 0x0a14  Scan finished
15:05:50.0805 0x0a14  ============================================================
15:05:50.0805 0x0660  Detected object count: 1
15:05:50.0805 0x0660  Actual detected object count: 1
15:06:06.0373 0x0660  IDMan ( UnsignedFile.Multi.Generic ) - skipped by user
15:06:06.0373 0x0660  IDMan ( UnsignedFile.Multi.Generic ) - User select action: Skip 
15:07:42.0402 0x08a4  Deinitialize success


#13 LiquidTension

LiquidTension

  • Malware Response Team
  • 1,278 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:06:49 PM

Posted 16 February 2015 - 02:48 AM

Hi kamyab, 
 
Thanks for the logs, and no problem about TDSSKiller. :)
 
Please do the following. Let me know if you're still experiencing issues afterwards. 
 
STEP 1
GfiJrQ9.png Malwarebytes Anti-Malware (MBAM)

  • Open Malwarebytes Anti-Malware and click Update Now.
  • Once updated, click the Settings tab, followed by Detection and Protection and tick Scan for rootkits.
  • Click the Scan tab, ensure Threat Scan is checked and click Scan Now.
  • Note: You may see the following message, "Could not load DDA driver". Click Yes, allow your PC to reboot and continue afterwards. 
  • If threats are detected, click the Apply Actions button. You will now be prompted to reboot. Click Yes.
  • Upon completion of the scan (or after the reboot), click the History tab.
  • Click Application Logs and double-click the Scan Log.
  • Click Copy to Clipboard and paste the log in your next reply. 
     

STEP 2
GzlsbnV.png ESET Online Scan
Note: This scan may take a long time to complete. Please do not browse the Internet whilst your Anti-Virus is disabled.

  • Please download ESET Online Scan and save the file to your Desktop.
  • Temporarily disable your anti-virus software. For instructions, please refer to the following link.
  • Double-click esetsmartinstaller_enu.exe to run the programme. 
  • Agree to the EULA by placing a checkmark next to Yes, I accept the Terms of Use. Then click Start.
  • Agree to the Terms of Use once more and click Start. Allow components to download.
  • Place a checkmark next to Enable detection of potentially unwanted applications.
  • Click Advanced settings. Place a checkmark next to:
    • Scan archives
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • Ensure Remove found threats is unchecked.
  • Click Start.
  • Wait for the scan to finish. Please be patient as this can take some time.
  • Upon completion, click esetListThreats.png. If no threats were found, skip the next two bullet points. 
  • Click esetExport.png and save the file to your Desktop, naming it something such as "MyEsetScan".
  • Push the Back button.
  • Place a checkmark next to xKN1w2nv.png.pagespeed.ic.JWqIaEgZi7.png and click SzOC1p0.png.pagespeed.ce.OWDP45O6oG.png.
  • Re-enable your anti-virus software.
  • Copy the contents of the log and paste in your next reply.
     

STEP 3
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your Desktop. Copy the contents of both logs and paste in your next reply. 
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • MBAM Scan log
  • ESET Online Scan log
  • FRST.txt
  • Addition.txt

Posted Image

#14 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 16 February 2015 - 11:57 AM

hi adam

here are the logs

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 15-02-2015
Ran by kamyab (administrator) on KAMYAB-PC on 16-02-2015 19:25:36
Running from C:\Users\kamyab\Desktop
Loaded Profiles: kamyab (Available profiles: kamyab)
Platform: Windows 7 Ultimate (X64) OS Language: English (United States)
Internet Explorer Version 8 (Default browser: Chrome)
Boot Mode: Normal
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AdminService.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe
(Razer Inc.) C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe
(Atheros Commnucations) C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe
(ASUSTeK Computer Inc.) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(ESET) C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPCenter.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe
(Atheros) C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(AsusTek) C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPHelper.exe
(Tonec Inc.) C:\Program Files (x86)\Internet Download Manager\IDMan.exe
() C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
(Spotify Ltd) C:\Users\kamyab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe
(ASUSTek Computer Inc.) C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
(ASUS) C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe
(Western Digital Technologies, Inc.) C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [AtherosBtStack] => C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe [1016992 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [AthBtTray] => C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe [800416 2012-01-19] (Atheros Commnucations)
HKLM\...\Run: [ASUSQuickGesture(x86)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x86\QuickGesture.exe [20352 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [ASUSTPLoader(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\AsTPCenter\x64\AsusTPLoader.exe [169856 2012-09-11] (AsusTek)
HKLM\...\Run: [ASUSQuickGesture(x64)] => C:\Program Files (x86)\ASUS\ASUS Smart Gesture\QuickGesture\x64\QuickGesture64.exe [22400 2012-09-11] (ASUSTeK Computer Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12452456 2012-02-21] (Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1158248 2012-02-08] (Realtek Semiconductor)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET NOD32 Antivirus\egui.exe [4081008 2012-03-07] (ESET)
HKLM\...\Run: [NvBackend] => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe [2279712 2013-12-10] (NVIDIA Corporation)
HKLM\...\Run: [ShadowPlay] => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel® USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [291648 2012-05-20] (Intel Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [926896 2012-09-23] (Adobe Systems Incorporated)
HKLM-x32\...\Run: [ATKOSD2] => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [322208 2012-06-25] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [ATKMEDIA] => C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe [174752 2012-06-19] (ASUSTek Computer Inc.)
HKLM-x32\...\Run: [HControlUser] => C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe [105016 2009-06-19] (ASUS)
HKLM-x32\...\Run: [WD Drive Unlocker] => C:\Program Files (x86)\Western Digital\WD Security\WDDriveAutoUnlock.exe [1694080 2013-07-10] (Western Digital Technologies, Inc.)
HKLM-x32\...\Run: [WD Quick View] => C:\Program Files (x86)\Western Digital\WD Quick View\WDDMStatus.exe [5562736 2014-12-02] (Western Digital Technologies, Inc.)
Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Run: [IDMan] => C:\Program Files (x86)\Internet Download Manager\IDMan.exe [3886672 2014-12-08] (Tonec Inc.)
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Run: [Spotify Web Helper] => C:\Users\kamyab\AppData\Roaming\Spotify\Data\SpotifyWebHelper.exe [1245752 2014-09-04] (Spotify Ltd)
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [168616 2013-12-20] (NVIDIA Corporation)
AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [141336 2013-12-20] (NVIDIA Corporation)
ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll (Tonec Inc.)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Policy restriction <======= ATTENTION
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll (Internet Download Manager, Tonec Inc.)
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO: ASUS Browser Extension x64 -> {78234974-0C4B-4111-BDEB-D9A104418772} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x64\BrowserExtension64.dll (ASUSTeK Computer Inc.)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll (Internet Download Manager, Tonec Inc.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\Office15\OCHelper.dll (Microsoft Corporation)
BHO-x32: ASUS Browser Extension x86 -> {78234974-0C4B-4111-BDEB-D9A104418771} -> C:\Program Files (x86)\ASUS\ASUS Smart Gesture\install\x86\BrowserExtension.dll (ASUSTeK Computer Inc.)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office15\URLREDIR.DLL (Microsoft Corporation)
BHO-x32: QUICKfind BHO Object -> {C08DF07A-3E49-4E25-9AB0-D3882835F153} -> C:\Program Files (x86)\IDM\QUICKfind\PlugIns\IEHelp.dll (IDM)
BHO-x32: Microsoft SkyDrive Pro Browser Helper -> {D0498E0A-45B7-42AE-A9AA-ABA463DBD3BF} -> C:\Program Files (x86)\Microsoft Office\Office15\GROOVEEX.DLL (Microsoft Corporation)
Handler: osf - {D924BDC6-C83A-4BD5-90D0-095128A113D1} - C:\Program Files\Microsoft Office\Office15\MSOSB.DLL (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
 
FireFox:
========
FF ProfilePath: C:\Users\kamyab\AppData\Roaming\Mozilla\Firefox\Profiles\ms2xic78.default-1423932503107
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office15\NPSPWRAP.DLL (Microsoft Corporation)
FF Plugin-x32: @nvidia.com/3DVision -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF Plugin-x32: @nvidia.com/3DVisionStreaming -> C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npMeetingJoinPluginOC.dll (Microsoft Corporation)
FF HKLM\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF Extension: ESET Smart Security Extension - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird [2013-08-24]
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET NOD32 Antivirus\Mozilla Thunderbird
FF HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Firefox\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\kamyab\AppData\Roaming\IDM\idmmzcc5
FF Extension: IDM CC - C:\Users\kamyab\AppData\Roaming\IDM\idmmzcc5 [2014-12-26]
FF HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\kamyab\AppData\Roaming\IDM\idmmzcc5
 
Chrome: 
=======
CHR HomePage: Default -> hxxp://www.google.com/
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\ppGoogleNaClPluginChrome.dll No File
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\40.0.2214.111\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.21.153\npGoogleUpdate3.dll No File
CHR Plugin: (NVIDIA 3D Vision) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
CHR Plugin: (NVIDIA 3D VISION) - C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
CHR Profile: C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Drive) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2013-08-21]
CHR Extension: (Google Voice Search Hotword (Beta)) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\bepbmhgboaologfdajaanbcjmnhjmhfn [2014-05-23]
CHR Extension: (YouTube) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2013-08-21]
CHR Extension: (Google Search) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2013-08-21]
CHR Extension: (Gmail Offline) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejidjjhkpiempkbhmpbfngldlkglhimk [2013-08-21]
CHR Extension: (Dropbox) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioekoebejdcmnlefjiknokhhafglcjdl [2013-08-21]
CHR Extension: (Pocket Website) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\jijgclgmgjipgefcnnnibgllfonlfdap [2013-08-21]
CHR Extension: (Google Wallet) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2013-08-21]
CHR Extension: (Gmail) - C:\Users\kamyab\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2013-08-21]
CHR HKLM\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07]
CHR HKLM-x32\...\Chrome\Extension: [jeaohhlajejodfjadcponpnjgkiikocn] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2014-12-07]
 
==================== Services (Whitelisted) =================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R2 AtherosSvc; C:\Program Files (x86)\Bluetooth Suite\adminservice.exe [106144 2012-01-19] (Atheros Commnucations) [File not signed]
R2 ekrn; C:\Program Files\ESET\ESET NOD32 Antivirus\x86\ekrn.exe [913144 2012-03-07] (ESET)
R2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1494304 2013-12-10] (NVIDIA Corporation)
R2 NvStreamSvc; C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamsvc.exe [15129376 2013-12-10] (NVIDIA Corporation)
R2 Razer Game Scanner Service; C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe [183488 2014-10-16] ()
R2 RzKLService; C:\Program Files (x86)\Razer\Razer Cortex\RzKLService.exe [105448 2014-09-11] (Razer Inc.)
R2 WDBackup; C:\Program Files (x86)\Western Digital\WD SmartWare\WDBackupEngine.exe [1042808 2014-12-02] (Western Digital Technologies, Inc.)
R2 WDDriveService; C:\Program Files (x86)\Western Digital\WD Drive Manager\WDDriveService.exe [296312 2014-12-02] (Western Digital Technologies, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-14] (Microsoft Corporation)
R2 ZAtheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [158880 2012-01-20] (Atheros) [File not signed]
 
==================== Drivers (Whitelisted) ====================
 
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
 
R3 AiCharger; C:\Windows\SysWOW64\DRIVERS\AiCharger.sys [17152 2012-02-29] (ASUSTek Computer Inc.)
R3 ATP; C:\Windows\System32\DRIVERS\AsusTP.sys [56704 2012-09-11] (ASUS Corporation)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [209768 2012-03-14] (ESET)
R1 ehdrv; C:\Windows\System32\DRIVERS\ehdrv.sys [148528 2012-03-14] (ESET)
R2 epfwwfpr; C:\Windows\System32\DRIVERS\epfwwfpr.sys [137144 2012-03-14] (ESET)
R3 kbfiltr; C:\Windows\System32\DRIVERS\kbfiltr.sys [15416 2009-07-20] ( )
R1 nvkflt; C:\Windows\System32\DRIVERS\nvkflt.sys [300320 2013-12-20] (NVIDIA Corporation)
R3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [39200 2013-12-05] (NVIDIA Corporation)
R2 rzpmgrk; C:\Windows\system32\drivers\rzpmgrk.sys [37184 2014-10-16] (Razer, Inc.)
S3 ASUSProcObsrv; \??\F:\I386\AsPrOb64.sys [X]
S3 cpuz136; \??\C:\Windows\TEMP\cpuz136\cpuz136_x64.sys [X]
S3 efavdrv; \??\C:\Windows\system32\drivers\efavdrv.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
 
 
==================== One Month Created Files and Folders ========
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-16 19:24 - 2015-02-16 19:24 - 00004143 _____ () C:\Users\kamyab\Desktop\copy to clipboard.txt
2015-02-16 19:23 - 2015-02-16 19:23 - 00004143 _____ () C:\Users\kamyab\Desktop\myesetscan.txt
2015-02-16 15:27 - 2015-02-16 15:27 - 00820667 _____ () C:\Users\kamyab\Desktop\3333adultcameras.info virus removal - Virus, Trojan, Spyware, and Malware Removal Logs.html
2015-02-16 15:23 - 2015-02-16 15:25 - 00001358 _____ () C:\Users\kamyab\Desktop\uploadTHIS.txt
2015-02-16 15:20 - 2015-02-16 15:20 - 00002468 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-16 (15-10-27).xml
2015-02-16 15:09 - 2015-02-16 15:09 - 00002456 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-16 (15-09-12).xml
2015-02-16 15:00 - 2015-02-16 15:00 - 02347384 _____ (ESET) C:\Users\kamyab\Desktop\esetsmartinstaller_enu_2.exe
2015-02-15 20:16 - 2015-02-15 20:16 - 00002468 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-15 (20-07-11).xml
2015-02-15 16:41 - 2015-02-15 16:41 - 00002468 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-15 (16-31-29).xml
2015-02-15 15:17 - 2015-02-15 15:18 - 00001358 _____ () C:\Users\kamyab\Desktop\JRT.txt
2015-02-15 15:03 - 2015-02-15 15:03 - 02112512 _____ () C:\Users\kamyab\Desktop\AdwCleaner.exe
2015-02-15 15:03 - 2015-02-15 15:03 - 01388274 _____ (Thisisu) C:\Users\kamyab\Desktop\JRT_2.exe
2015-02-15 14:57 - 2015-02-15 14:57 - 00000000 _____ () C:\Users\kamyab\defogger_reenable
2015-02-15 11:45 - 2015-02-15 11:45 - 00002468 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-15 (11-37-44).xml
2015-02-15 11:07 - 2015-02-15 11:07 - 00037624 _____ () C:\Windows\system32\Drivers\TrueSight.sys
2015-02-15 11:07 - 2015-02-15 11:07 - 00000000 ____D () C:\ProgramData\RogueKiller
2015-02-15 11:06 - 2015-02-15 11:07 - 00027833 _____ () C:\Users\kamyab\Desktop\Addition.txt
2015-02-15 10:33 - 2015-02-15 10:33 - 00002468 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-15 (10-26-05).xml
2015-02-15 09:04 - 2015-02-15 09:04 - 00132839 _____ () C:\Users\kamyab\Desktop\2222adultcameras.info virus removal - Virus, Trojan, Spyware, and Malware Removal Logs.html
2015-02-14 20:45 - 2015-02-14 20:45 - 00000038 _____ () C:\Windows\SysWOW64\sysid.dat
2015-02-14 20:41 - 2015-02-14 20:41 - 00003860 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-14 (20-27-47).xml
2015-02-14 20:24 - 2015-02-16 19:25 - 00000000 ____D () C:\Users\kamyab\Desktop\FRST-OlderVersion
2015-02-14 16:04 - 2015-02-14 16:04 - 00002018 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Eset License Finder.lnk
2015-02-14 16:04 - 2015-02-14 16:04 - 00000000 ____D () C:\Program Files (x86)\Lord
2015-02-14 16:03 - 2015-02-14 16:03 - 00000000 ____D () C:\Users\kamyab\AppData\Local\Downloaded Installations
2015-02-14 14:47 - 2015-02-14 14:47 - 00003860 _____ () C:\Users\kamyab\Desktop\mbam-log-2015-02-14 (14-35-07).xml
2015-02-14 14:32 - 2015-02-14 14:33 - 00026803 _____ () C:\Users\kamyab\Desktop\Addition0.txt
2015-02-14 14:31 - 2015-02-16 19:25 - 00018487 _____ () C:\Users\kamyab\Desktop\FRST.txt
2015-02-14 14:31 - 2015-02-14 14:33 - 00027557 _____ () C:\Users\kamyab\Desktop\FRST0.txt
2015-02-14 14:12 - 2015-02-14 20:24 - 00000000 ____D () C:\Users\kamyab\Documents\FRST
2015-02-14 13:49 - 2015-02-14 13:49 - 00049621 _____ () C:\Users\kamyab\Desktop\bookmarks_2_14_15.html
2015-02-13 17:42 - 2015-02-13 17:42 - 00003829 _____ () C:\Users\kamyab\Desktop\AdwCleaner[S4].txt
2015-02-12 19:15 - 2015-02-13 12:43 - 00000088 _____ () C:\Users\kamyab\Desktop\New Text Document.txt
2015-02-11 23:50 - 2015-02-16 15:03 - 00129752 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-02-11 23:50 - 2015-02-11 23:50 - 00001106 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2015-02-11 23:50 - 2015-02-11 23:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
2015-02-11 23:50 - 2015-02-11 23:50 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-02-11 23:50 - 2015-02-11 23:50 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
2015-02-11 23:50 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-02-11 23:50 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mwac.sys
2015-02-11 23:50 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbam.sys
2015-02-09 23:41 - 2015-02-09 23:41 - 00017134 _____ () C:\Users\kamyab\Downloads\Addition.txt
2015-02-09 23:16 - 2015-02-09 23:16 - 00852594 _____ () C:\Users\kamyab\Desktop\SecurityCheck.exe
2015-02-08 00:04 - 2015-02-15 15:24 - 00000000 ____D () C:\AdwCleaner
2015-02-08 00:02 - 2015-02-08 07:10 - 00024770 _____ () C:\Users\kamyab\Documents\Addition.txt
2015-02-08 00:01 - 2015-02-08 07:10 - 00031356 _____ () C:\Users\kamyab\Documents\FRST.txt
2015-02-07 23:55 - 2015-02-16 19:25 - 00000000 ____D () C:\FRST
2015-02-07 23:53 - 2015-02-16 19:25 - 02085888 _____ (Farbar) C:\Users\kamyab\Desktop\FRST64.exe
2015-02-07 23:49 - 2015-02-07 23:49 - 00016072 _____ () C:\Users\kamyab\Downloads\download.htm
2015-01-29 15:54 - 2015-01-29 15:54 - 00000000 ____D () C:\Program Files (x86)\ESET
2015-01-27 16:09 - 2015-01-27 16:09 - 00000000 ____D () C:\Users\kamyab\Documents\کنکور خارج از کشور 93
2015-01-20 16:26 - 2015-01-20 16:26 - 00000000 ____D () C:\Program Files\Western Digital
2015-01-20 12:34 - 2015-01-20 12:34 - 00000000 ____D () C:\ProgramData\Oracle
 
==================== One Month Modified Files and Folders =======
 
(If an entry is included in the fixlist, the file\folder will be moved.)
 
2015-02-16 18:30 - 2013-08-21 08:52 - 00000898 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-02-16 17:29 - 2013-08-21 08:52 - 00000894 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-02-16 15:02 - 2009-07-14 08:15 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-02-16 15:02 - 2009-07-14 08:15 - 00014016 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-02-16 14:59 - 2013-08-21 00:08 - 01608119 _____ () C:\Windows\WindowsUpdate.log
2015-02-16 14:58 - 2014-11-16 16:31 - 00008192 _____ () C:\Windows\SysWOW64\WDPABKP.dat
2015-02-16 14:58 - 2013-08-21 00:06 - 00206037 _____ () C:\Windows\setupact.log
2015-02-16 14:57 - 2013-08-21 08:20 - 00000000 ____D () C:\ProgramData\NVIDIA
2015-02-16 14:57 - 2009-07-14 08:38 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-02-16 06:51 - 2013-08-21 09:12 - 00000000 ____D () C:\Users\kamyab\AppData\Roaming\DMCache
2015-02-15 20:18 - 2013-08-22 18:52 - 00000000 ____D () C:\Program Files (x86)\The KMPlayer
2015-02-15 20:10 - 2014-05-20 19:22 - 00000000 ____D () C:\Users\kamyab\AppData\Roaming\ViberPC
2015-02-15 20:09 - 2014-05-20 19:14 - 00000000 ____D () C:\Users\kamyab\AppData\Local\Viber
2015-02-15 14:57 - 2013-08-21 09:12 - 00000000 ____D () C:\Users\kamyab\AppData\Roaming\IDM
2015-02-15 14:57 - 2013-08-21 00:15 - 00000000 ____D () C:\Users\kamyab
2015-02-14 21:57 - 2013-08-21 00:05 - 00303762 _____ () C:\Windows\PFRO.log
2015-02-14 16:53 - 2009-07-14 06:50 - 00000000 ___HD () C:\Windows\system32\GroupPolicy
2015-02-14 16:03 - 2014-03-18 07:32 - 00000000 ____D () C:\Program Files (x86)\Eset License Finder
2015-02-14 14:20 - 2013-08-25 15:27 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-02-14 13:57 - 2013-09-20 08:09 - 00000000 ____D () C:\Users\kamyab\AppData\Roaming\uTorrent
2015-02-13 12:52 - 2013-12-15 19:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kanoon Farhangi Amoozesh (Ghalamchi)
2015-02-13 12:52 - 2013-12-15 19:58 - 00000000 ____D () C:\Kanoon Farhangi Amoozesh (Ghalamchi)
2015-02-12 12:20 - 2013-08-25 15:43 - 00000000 ____D () C:\Windows 7 Activator
2015-02-12 10:43 - 2013-08-25 15:19 - 00000000 ____D () C:\Program Files (x86)\DAEMON Tools Pro
2015-02-12 00:19 - 2013-08-21 09:11 - 00000000 ____D () C:\Program Files (x86)\Internet Download Manager
2015-02-11 07:35 - 2014-06-15 17:34 - 00007607 _____ () C:\Users\kamyab\AppData\Local\Resmon.ResmonCfg
2015-02-10 12:13 - 2013-08-21 09:12 - 00000000 ____D () C:\Users\kamyab\Downloads\Compressed
2015-02-09 21:05 - 2013-08-21 08:29 - 00000000 ____D () C:\Users\kamyab\Documents\Bluetooth Folder
2015-02-09 20:06 - 2009-07-14 08:43 - 00781298 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-02-09 17:24 - 2013-09-03 23:06 - 00000000 ____D () C:\Users\kamyab\AppData\Local\CrashDumps
2015-02-07 17:24 - 2013-08-21 08:52 - 00003894 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-02-07 17:24 - 2013-08-21 08:52 - 00003642 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-01-29 18:10 - 2013-08-25 15:29 - 00000000 ____D () C:\Windows\System32\Tasks\OfficeSoftwareProtectionPlatform
2015-01-29 18:10 - 2013-08-21 08:37 - 00000000 ____D () C:\ProgramData\Atheros
2015-01-29 18:10 - 2009-07-14 11:15 - 00000000 ___RD () C:\Users\Public\Recorded TV
2015-01-29 18:10 - 2009-07-14 06:50 - 00000000 ____D () C:\Windows\registration
2015-01-29 15:44 - 2013-08-24 12:08 - 00000000 ____D () C:\ProgramData\ESET
2015-01-29 15:17 - 2014-03-28 11:33 - 00000000 ____D () C:\Program Files (x86)\broken age
2015-01-28 20:38 - 2009-07-14 08:38 - 00032592 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-01-20 16:27 - 2013-08-21 12:39 - 00179852 _____ () C:\Windows\DPINST.LOG
2015-01-20 16:26 - 2014-03-17 20:51 - 00000000 ____D () C:\Program Files\Common Files\Western Digital
2015-01-20 16:26 - 2014-03-17 20:50 - 00000000 ____D () C:\ProgramData\Western Digital
2015-01-20 16:26 - 2014-03-17 20:50 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Western Digital
2015-01-20 16:26 - 2014-03-17 20:50 - 00000000 ____D () C:\Program Files (x86)\Western Digital
2015-01-20 16:24 - 2013-08-24 21:47 - 00000000 ____D () C:\ProgramData\Package Cache
 
==================== Files in the root of some directories =======
 
2015-01-29 18:01 - 2015-01-29 18:03 - 0000115 _____ () C:\Users\kamyab\AppData\Roaming\LogFile.txt
2013-10-11 20:19 - 2014-03-02 18:22 - 0000600 _____ () C:\Users\kamyab\AppData\Local\PUTTY.RND
2014-06-15 17:34 - 2015-02-11 07:35 - 0007607 _____ () C:\Users\kamyab\AppData\Local\Resmon.ResmonCfg
2014-05-14 22:45 - 2014-05-14 22:45 - 0000000 _____ () C:\Users\kamyab\AppData\Local\{999CA927-0DD1-4F51-8306-B800F4B2969C}
 
Some content of TEMP:
====================
C:\Users\kamyab\AppData\Local\Temp\dllnt_dump.dll
C:\Users\kamyab\AppData\Local\Temp\Quarantine.exe
C:\Users\kamyab\AppData\Local\Temp\sqlite3.dll
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-02-16 15:53
 
==================== End Of Log ============================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-02-2015
Ran by kamyab at 2015-02-16 19:26:04
Running from C:\Users\kamyab\Desktop
Boot Mode: Normal
==========================================================
 
 
==================== Security Center ========================
 
(If an entry is included in the fixlist, it will be removed.)
 
AV: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {77DEAFED-8149-104B-25A1-21771CA47CD1}
AS: ESET NOD32 Antivirus 5.2 (Enabled - Up to date) {CCBF4E09-A773-1FC5-1F11-1A056723366C}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
 
==================== Installed Programs ======================
 
(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
 
3DMark 11 (HKLM-x32\...\{46EDCFA5-7EDB-46A9-B093-1C6237470CEC}) (Version: 1.0.5 - Futuremark Corporation)
3DMark Vantage (HKLM-x32\...\{C40C3C3D-97CF-44B5-836C-766E374464B3}) (Version: 1.1.2 - Futuremark Corporation)
Abi Riazi konkour (Tajrobi) (HKLM-x32\...\{6887d81f-73e7-4a74-a86c-1225338e0d0d}) (Version: 1.0.0 - Kanoon Farhangi Amoozesh (Ghalamchi))
Adobe Reader XI (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.00 - Adobe Systems Incorporated)
ASUS FaceLogon (HKLM-x32\...\{64452561-169F-4A36-A2FF-B5E118EC65F5}) (Version: 1.0.0014 - ASUS)
ASUS Smart Gesture (HKLM-x32\...\{4D3286A6-F6AB-498A-82A4-E4F040529F3D}) (Version: 1.0.32 - ASUS)
ASUS USB Charger Plus (HKLM-x32\...\{A859E3E5-C62F-4BFA-AF1D-2B95E03166AF}) (Version: 2.0.9 - ASUS)
ASUS Virtual Camera (HKLM-x32\...\{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}) (Version: 1.0.25 - ASUS)
Atheros Bluetooth Suite (64) (HKLM\...\{230D1595-57DA-4933-8C4E-375797EBB7E1}) (Version: 7.4.0.120 - Atheros)
ATK Package (HKLM-x32\...\{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}) (Version: 1.0.0020 - ASUS)
BioShock Infinite (HKLM-x32\...\BioShock Infinite_is1) (Version:  - )
BioShock Infinite Burial at Sea - Episode 1 (HKLM-x32\...\QmlvU2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
Bioshock Infinite Burial at Sea Episode 2 (HKLM-x32\...\Qmlvc2hvY2tJbmZpbml0ZQ==_is1) (Version: 1 - )
CM Installer (HKLM-x32\...\{66824D36-FD84-43C0-B4F8-6D305BA34ABC}) (Version: 1.0.0.0 - Cyanogen Inc.)
Dosallane Fizik 3 Tajrobi (HKLM-x32\...\{7a8fc05e-1677-40ff-9f5a-4ada2aec4868}) (Version: 1.0.0 - Kanoon Farhangi Amoozesh (Ghalamchi))
ESET NOD32 Antivirus (HKLM\...\{5972F3C3-5563-47D2-BEE3-1AFEBDD17DA2}) (Version: 5.2.9.1 - ESET, spol. s r.o.)
Fizik 3 Tajrobi (HKLM-x32\...\{162c3a54-d1b1-4f9e-a0a0-a6df060edbfc}) (Version: 1.0.0 - Kanoon Farhangi Amoozesh (Ghalamchi))
Futuremark SystemInfo (HKLM-x32\...\{BEE64C14-BEF1-4610-8A68-A16EAA47B882}) (Version: 4.17.0 - Futuremark Corporation)
GeForce Experience NvStream Client Components (Version: 1.6.28 - NVIDIA Corporation) Hidden
Gone Home (HKLM-x32\...\GoneHome) (Version:  - )
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 40.0.2214.111 - Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
Illustrated Biology (HKLM-x32\...\{4F16E359-2A15-4071-843C-932F5DD32336}) (Version: 2.0.0 - microcell)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel® OpenCL CPU Runtime (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version:  - Intel Corporation)
Intel® Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2618 - Intel Corporation)
Intel® USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 1.0.5.235 - Intel Corporation)
Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
Lord Eset License Finder (HKLM-x32\...\{2C1F093A-B0B5-436B-AF58-0180519B32CE}) (Version: 1.00.0000 - Lord of Software)
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office Professional Plus 2013 (HKLM\...\Office15.PROPLUS) (Version: 15.0.4420.1017 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.60610 (HKLM-x32\...\{a1909659-0a08-4554-8af1-2175904903a1}) (Version: 11.0.60610.1 - Microsoft Corporation)
Mozilla Firefox 26.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 26.0 (x86 en-US)) (Version: 26.0 - Mozilla)
NVIDIA 3D Vision Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 332.21 - NVIDIA Corporation)
NVIDIA GeForce Experience 1.8.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 1.8.1 - NVIDIA Corporation)
NVIDIA Graphics Driver 332.21 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 332.21 - NVIDIA Corporation)
NVIDIA HD Audio Driver 1.3.30.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.30.1 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.13.0725 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.13.0725 - NVIDIA Corporation)
NVIDIA Virtual Audio 1.2.19 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_VirtualAudio.Driver) (Version: 1.2.19 - NVIDIA Corporation)
Outils de vérification linguistique 2013 de Microsoft Office - Français (Version: 15.0.4420.1017 - Microsoft Corporation) Hidden
Oxford Collocations Dictionary (HKLM-x32\...\NSIS_ocoll2e) (Version:  - )
PardisGame Client (HKLM-x32\...\PardisGame Client0.7.3) (Version: 0.7.3 - Pardis Game)
Qualcomm Atheros WiFi Driver Installation (HKLM-x32\...\{7D916FA5-DAE9-4A25-B089-655C70EAF607}) (Version: 3.0 - Qualcomm Atheros)
QUICKfind server v1.1 (HKLM-x32\...\QUICKfind) (Version:  - IDM)
RAYMAN LEGENDS version 1.0 (HKLM-x32\...\RAYMAN LEGENDS_is1) (Version: 1.0 - SGG)
Razer Cortex (HKLM-x32\...\Razer Cortex_is1) (Version: 5.1.31.0 - Razer Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.48.823.2011 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6577 - Realtek Semiconductor Corp.)
Realtek PCIE Card Reader (HKLM-x32\...\{C1594429-8296-4652-BF54-9DBE4932A44C}) (Version: 6.1.7601.27015 - Realtek Semiconductor Corp.)
SHIELD Streaming (Version: 1.6.85 - NVIDIA Corporation) Hidden
Sony PC Companion 2.10.181 (HKLM-x32\...\{F09EF8F2-0976-42C1-8D9D-8DF78337C6E3}) (Version: 2.10.181 - Sony)
Spotify (HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Spotify) (Version: 0.9.12.10.g89b2a4fc - Spotify AB)
sXe Injected (HKLM-x32\...\sXe Injected) (Version: 15.0.0.0 - Alejandro Cortés)
The KMPlayer (remove only) (HKLM-x32\...\The KMPlayer) (Version: 3.6.0.87 - KMP Media co., Ltd)
The Stanley Parable (HKLM-x32\...\The Stanley Parable_is1) (Version:  - )
The Walking Dead: Season 2 (HKLM-x32\...\VGhlV2Fsa2luZ0RlYWRTZWFzb24y_is1) (Version: 1 - )
The Wolf Among Us (HKLM-x32\...\VGhlV29sZkFtb25nVXM=_is1) (Version: 1 - )
Tom Clancy's Splinter Cell® Blacklist™ (HKLM-x32\...\{D4699FDA-F11E-408B-94A2-13E1FE5B91C0}) (Version: 1.0.0 - Ubisoft)
Uplay (HKLM-x32\...\Uplay) (Version: 3.0 - Ubisoft)
Viber (HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\...\Viber) (Version: 3.0.0.134193 - Viber Media Inc)
WD Drive Utilities (HKLM-x32\...\{7431ED5D-9247-4F17-91C9-702D9B36FAC4}) (Version: 1.0.7.3 - Western Digital Technologies, Inc.)
WD Quick View (HKLM-x32\...\{79966948-BECF-4CB1-A79F-E76C830A17D2}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD Security (HKLM-x32\...\{2B58AB2C-D980-47FD-8633-E360314BA662}) (Version: 1.0.6.3 - Western Digital Technologies, Inc.)
WD SmartWare (HKLM\...\{7AE43D6C-B3F1-448D-AD84-1CDC7AC6EBC7}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
WD SmartWare Installer (HKLM-x32\...\{1891b882-48f7-442d-98d0-c1ce533f25bd}) (Version: 2.4.6.3 - Western Digital Technologies, Inc.)
Windows Driver Package - ASUS (ATP) Mouse  (08/27/2012 1.0.0.125) (HKLM\...\2BD897DEE9289F769D9176245811D5330A360B0B) (Version: 08/27/2012 1.0.0.125 - ASUS)
WinRAR 4.20 (64-bit) (HKLM\...\WinRAR archiver) (Version: 4.20.0 - win.rar GmbH)
 
==================== Custom CLSID (selected items): ==========================
 
(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)
 
 
==================== Restore Points  =========================
 
12-12-2014 15:54:12 Removed Azmoon 23 Aban
18-12-2014 13:04:36 Installed Azmoon 21 Azar
16-01-2015 16:29:36 Removed Azmoon 21 Azar
20-01-2015 12:33:35 Installed Java 7 Update 45 (64-bit)
20-01-2015 16:23:54 WD SmartWare Installer
27-01-2015 21:03:22 Installed Azmoon 26 Dey
29-01-2015 18:07:52 Restore Operation
11-02-2015 18:20:39 Removed Java 7 Update 45 (64-bit)
13-02-2015 12:51:28 Removed Azmoon 26 Dey
14-02-2015 14:25:01 Restore Point Created by FRST
14-02-2015 16:03:42 Installed Lord Eset License Finder.
14-02-2015 20:20:28 Restore Point Created by FRST
14-02-2015 20:24:57 Restore Point Created by FRST
15-02-2015 12:29:31 Windows Update
 
==================== Hosts content: ==========================
 
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
 
2009-07-14 06:04 - 2009-06-11 00:30 - 00000824 ____A C:\Windows\system32\Drivers\etc\hosts
 
==================== Scheduled Tasks (whitelisted) =============
 
(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)
 
Task: {1891A92B-C920-4DD1-8B23-77DBA12751D2} - System32\Tasks\Microsoft\Office\Office 15 Subscription Heartbeat => C:\Program Files\Common Files\Microsoft Shared\Office15\OLicenseHeartbeat.exe [2012-10-01] (Microsoft Corporation)
Task: {20F86955-48C7-4AC7-B28C-FBE7383E87F5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21] (Google Inc.)
Task: {7AF128C8-25C4-4339-81CC-90F0AEFE043D} - System32\Tasks\{9BCDC5BD-3573-4710-8F2E-F50DB9798E7C} => pcalua.exe -a F:\setup.exe -d F:\
Task: {7D328F3F-DBD4-4D04-8661-245CB7E4F113} - System32\Tasks\{B8235FF5-3576-425D-ABFF-FF86C3D48341} => pcalua.exe -a D:\FIFA.14.Demo_MihanDownload.com\FIFA.14.Demo\__Installer\dotnet\dotnet35sp1\redist\dotnetfx35.exe -d D:\FIFA.14.Demo_MihanDownload.com\FIFA.14.Demo\__Installer\dotnet\dotnet35sp1\redist
Task: {82E083EE-5967-4F34-A04D-B7E2D6FB37ED} - System32\Tasks\ASUS USB Charger Plus => C:\Program Files (x86)\ASUS\USBChargerPlus\USBChargerPlus.exe [2012-02-29] (ASUSTek Computer Inc.)
Task: {A5681060-06EC-48B3-9848-CE7936579C7A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-08-21] (Google Inc.)
Task: {A70C0FAC-D266-4BFC-A7C5-E647B831E86C} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: {B60165C7-AC38-4FDA-B4BD-19B37FDCB059} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D6B4C88D-3085-4DAC-AC60-F840B3F0039F} - System32\Tasks\ATKOSD2 => C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe [2012-06-25] (ASUSTek Computer Inc.)
Task: {DCF5086E-919E-4370-A4DF-10F57BA9D0F9} - System32\Tasks\ASUS SmartLogon Console Sensor => C:\Program Files (x86)\ASUS\FaceLogon\sensorsrv.exe [2012-02-16] (ASUSTek Computer Inc.)
Task: {FB5BA142-5A02-42C3-A8DC-F254A9CA0FD9} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack => C:\Program Files\Microsoft Office\Office15\msoia.exe [2012-10-01] (Microsoft Corporation)
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
 
==================== Loaded Modules (whitelisted) ==============
 
2013-08-21 08:20 - 2013-12-19 22:23 - 00117536 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2012-10-01 19:36 - 2012-10-01 19:36 - 06522480 _____ () C:\Program Files\Microsoft Office\Office15\1033\GrooveIntlResource.dll
2013-08-21 08:18 - 2012-02-03 06:00 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
2014-10-16 23:26 - 2014-10-16 23:26 - 00183488 _____ () C:\Program Files (x86)\Razer\Razer Services\GSS\GameScannerService.exe
2012-10-01 19:37 - 2012-10-01 19:37 - 06522480 _____ () C:\Program Files (x86)\Microsoft Office\Office15\1033\GrooveIntlResource.dll
 
==================== Alternate Data Streams (whitelisted) =========
 
(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)
 
 
==================== Safe Mode (whitelisted) ===================
 
(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
 
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\84342299.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\84342299.sys => ""="Driver"
 
==================== EXE Association (whitelisted) ===============
 
(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)
 
 
==================== Other Areas ============================
 
(Currently there is no automatic fix for this section.)
 
HKU\S-1-5-21-1114291241-2146569727-3459484685-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\kamyab\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.1.1
 
==================== MSCONFIG/TASK MANAGER disabled items ==
 
(Currently there is no automatic fix for this section.)
 
 
==================== Accounts: =============================
 
Administrator (S-1-5-21-1114291241-2146569727-3459484685-500 - Administrator - Disabled)
Guest (S-1-5-21-1114291241-2146569727-3459484685-501 - Limited - Disabled)
kamyab (S-1-5-21-1114291241-2146569727-3459484685-1000 - Administrator - Enabled) => C:\Users\kamyab
 
==================== Faulty Device Manager Devices =============
 
Name: Bluetooth module
Description: Bluetooth module
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
 
Name: SM Bus Controller
Description: SM Bus Controller
Class Guid: 
Manufacturer: 
Service: 
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
 
 
==================== Event log errors: =========================
 
Application errors:
==================
Error: (02/16/2015 04:16:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (02/16/2015 03:31:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (02/16/2015 03:26:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (02/16/2015 03:07:58 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (02/16/2015 03:01:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (02/16/2015 03:01:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (02/16/2015 03:01:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
Error: (02/15/2015 03:18:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: Activation context generation failed for "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest1".Error in manifest or policy file "C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest2" on line C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest3.
A component version required by the application conflicts with another component version already active.
Conflicting components are:.
Component 1: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifest.
Component 2: C:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifest.
 
 
System errors:
=============
 
Microsoft Office Sessions:
=========================
Error: (02/16/2015 04:16:28 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\kamyab\Desktop\esetsmartinstaller_enu_2.exe
 
Error: (02/16/2015 03:31:51 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\kamyab\Desktop\esetsmartinstaller_enu_2.exe
 
Error: (02/16/2015 03:26:48 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\kamyab\Desktop\esetsmartinstaller_enu_2.exe
 
Error: (02/16/2015 03:07:58 PM) (Source: Office 2013 Licensing Service) (EventID: 0) (User: )
Description: Subscription licensing service failed: -1073418225
 
Error: (02/16/2015 03:01:13 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\kamyab\Desktop\esetsmartinstaller_enu_2.exe
 
Error: (02/16/2015 03:01:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\kamyab\Downloads\Programs\esetsmartinstaller_enu.exe
 
Error: (02/16/2015 03:01:03 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\kamyab\Downloads\Programs\esetsmartinstaller_enu_2.exe
 
Error: (02/15/2015 03:18:53 PM) (Source: SideBySide) (EventID: 80) (User: )
Description: C:\Windows\WinSxS\manifests\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_fa645303170382f6.manifestC:\Windows\WinSxS\manifests\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7600.16385_none_421189da2b7fabfc.manifestC:\Users\kamyab\Downloads\Programs\esetsmartinstaller_enu.exe
 
 
CodeIntegrity Errors:
===================================
  Date: 2015-02-12 12:17:33.696
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.682
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.670
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webservices_31bf3856ad364e35_6.2.9200.16384_none_0b27641a00190493\webservices.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.447
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.446
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:33.444
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-webcamexperience_31bf3856ad364e35_6.2.9200.16384_none_6993dc2a7d34dbae\CameraSettingsUIHost.exe because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:29.440
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:29.432
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:29.423
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-userenv_31bf3856ad364e35_6.2.9200.16384_none_8ceb76541ca99e63\userenv.dll because the set of per-page image hashes could not be found on the system.
 
  Date: 2015-02-12 12:17:29.325
  Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume2\Windows.old\Windows\WinSxS\x86_microsoft-windows-usercpl-usermgrbroker_31bf3856ad364e35_6.2.9200.16384_none_13571d40a61e6d8c\UserAccountBroker.exe because the set of per-page image hashes could not be found on the system.
 
 
==================== Memory info =========================== 
 
Processor: Intel® Core™ i7-3610QM CPU @ 2.30GHz
Percentage of memory in use: 25%
Total physical RAM: 8077.8 MB
Available physical RAM: 6053.8 MB
Total Pagefile: 16153.74 MB
Available Pagefile: 14170.59 MB
Total Virtual: 8192 MB
Available Virtual: 8191.84 MB
 
==================== Drives ================================
 
Drive c: () (Fixed) (Total:487.94 GB) (Free:267.15 GB) NTFS
Drive d: () (Fixed) (Total:434.44 GB) (Free:208.81 GB) NTFS
Drive e: () (Fixed) (Total:8.78 GB) (Free:8.77 GB) FAT32
 
==================== MBR & Partition Table ==================
 
========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 7C12E647)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=487.9 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=434.4 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=8.8 GB) - (Type=0C)
 
==================== End Of Log ============================
 


#15 knightstalker

knightstalker
  • Topic Starter

  • Members
  • 24 posts
  • OFFLINE
  •  
  • Gender:Male
  • Local time:10:19 PM

Posted 16 February 2015 - 11:58 AM

and the rest of them

by the way the symptoms are gone so i`m just waiting for your all clear signal   :)

  <?xml version="1.0" encoding="UTF-16" ?> 
- <mbam-log>
- <header>
  <date>2015/02/16 15:10:32 +0330</date> 
  <logfile>mbam-log-2015-02-16 (15-10-27).xml</logfile> 
  <isadmin>yes</isadmin> 
  </header>
- <engine>
  <version>2.00.4.1028</version> 
  <malware-database>v2015.02.16.04</malware-database> 
  <rootkit-database>v2015.02.03.01</rootkit-database> 
  <license>free</license> 
  <file-protection>disabled</file-protection> 
  <web-protection>disabled</web-protection> 
  <self-protection>disabled</self-protection> 
  </engine>
- <system>
  <osversion>Windows 7</osversion> 
  <arch>x64</arch> 
  <username>kamyab</username> 
  <filesys>NTFS</filesys> 
  </system>
- <summary>
  <type>threat</type> 
  <result>completed</result> 
  <objects>336574</objects> 
  <time>602</time> 
  <processes>0</processes> 
  <modules>0</modules> 
  <keys>0</keys> 
  <values>0</values> 
  <datas>0</datas> 
  <folders>0</folders> 
  <files>0</files> 
  <sectors>0</sectors> 
  </summary>
- <options>
  <memory>enabled</memory> 
  <startup>enabled</startup> 
  <filesystem>enabled</filesystem> 
  <archives>enabled</archives> 
  <rootkits>enabled</rootkits> 
  <deeprootkit>disabled</deeprootkit> 
  <heuristics>enabled</heuristics> 
  <pup>enabled</pup> 
  <pum>enabled</pum> 
  </options>
  <items /> 
  </mbam-log>
and the eset scan
C:\Program Files (x86)\BioShock Infinite\Binaries\Win32\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application
C:\Program Files (x86)\Bioshock Infinite1\Binaries\Win32\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application
C:\Program Files (x86)\The Walking Dead Season 2\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application
C:\Program Files (x86)\The Wolf Among Us\steam_api.dll a variant of Win32/HackTool.Crack.CS potentially unsafe application
C:\Users\kamyab\AppData\Roaming\IDM\DwnlData\kamyab\KMPlayer_3.6.0.87_h_8\KMPlayer_3.6.0.87_h.exe a variant of Win32/Bundled.Toolbar.Ask.D potentially unsafe application
D:\BURY\BioSIBase2-RLD (www.Downloadha.com)\BioSIBase2-RLD\rld-bsifbase2.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application
D:\EXE\rld-thwoamus.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application
D:\EXE\The.Wolf.RELOADED-[MD].rar a variant of Win32/HackTool.Crack.CS potentially unsafe application
D:\EXE\burial at sea\Burial at Sea 01 (www.Downloadha.com)\Burial at Sea 01\rld-bsifbase1.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application
D:\EXE\TWDS02E01 (www.Downloadha.com)\TWDS02E01\rld-twd2e1.iso a variant of Win32/HackTool.Crack.CS potentially unsafe application
D:\mom phone stuff\New folder\download\50n4C4n3.apk.part a variant of Android/SMSreg.HP potentially unsafe application
D:\mom phone stuff\New folder\download\com.wakti.store_v2.2.2_ym_201409111030.apk a variant of Android/AdDisplay.Commplat.B potentially unwanted application
D:\mom phone stuff\New folder\download\kFepgDc5.apk.part a variant of Android/SMSreg.HP potentially unsafe application
D:\Phone stuff\Prince_of_Persia_Shadow&Flame_www.androidkade.com.apk a variant of Android/SMSreg.AV potentially unsafe application
D:\Phone stuff\new vershion 2\Angry birds space.apk a variant of Android/Inmobi.A potentially unsafe application
D:\Phone stuff\new vershion 2\Cute The Rope.apk a variant of Android/AdDisplay.Wiyun.E potentially unwanted application
D:\Phone stuff\new vershion 2\Dawn &dusk lite.apk Android/Plankton.H trojan
D:\Phone stuff\new vershion 2\Elite force.apk a variant of Android/AdDisplay.AirPush.G potentially unwanted application
D:\Phone stuff\new vershion 2\Night sea lite.apk a variant of Android/Plankton.I trojan
D:\Phone stuff\new vershion 2\NinJump.apk a variant of Android/SMSreg.EI potentially unsafe application
D:\Phone stuff\new vershion 2\Dictionary\BlueDict 5.0\BlueDict 5.0.apk a variant of Android/AdMogo.C potentially unwanted application
D:\Phone stuff\new vershion 2\Internet\Navad (90)\Navad (90).apk a variant of Android/Inmobi.A potentially unsafe application
D:\Phone stuff\TitaniumBackup\com.eamobile.nbajam_sxperia_wf-0e7c322d26f979b4a97bf91af0c62fb6.apk.gz a variant of Android/Flexion.A potentially unsafe application
D:\Phone stuff\TitaniumBackup\com.forshared.music-48ec2e6be76c3fef80e8b22871101b76.apk.gz a variant of Android/Inmobi.A potentially unsafe application
D:\Phone stuff\TitaniumBackup\com.gameloft.android.GAND.GloftM3HP-380eb02547ea0762ddf75a0f205fa9d2.apk.gz a variant of Android/SMSreg.PI potentially unsafe application
D:\Phone stuff\TitaniumBackup\com.rovio.angrybirdsseasons-9cd100c56a810ec3efc47b5f5134f83b.apk.gz a variant of Android/Inmobi.A potentially unsafe application
D:\Phone stuff\TitaniumBackup\com.rovio.angrybirdsspace.ads-0251d6df821a75cfa02a1584cb9f3498.apk.gz a variant of Android/Inmobi.A potentially unsafe application
D:\Phone stuff\TitaniumBackup\com.rovio.BadPiggiesHD-7044fb48285670d007bf49b5749e97e6.apk.gz a variant of Android/Inmobi.A potentially unsafe application
D:\Phone stuff\TitaniumBackup\com.zeptolab.ctr.paid-ef60db20a05f7a5f01a99a0b0140d4fe.apk.gz a variant of Android/Inmobi.A potentially unsafe application
D:\Phone stuff\TitaniumBackup\net.ponury.wifikill-20130615-163030.tar.gz Android/WifiKill.A potentially unsafe application
D:\Phone stuff\TitaniumBackup\net.ponury.wifikill-9456cadbe31b8d33ab3e024ae7f86318.apk.gz Android/WifiKill.A potentially unsafe application
 

Edited by knightstalker, 17 February 2015 - 04:03 AM.





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users