Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Help with colormedia.dll removal


  • This topic is locked This topic is locked
23 replies to this topic

#1 AustinPh

AustinPh

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 06 August 2015 - 12:28 AM

I have Norton antivirus software but every time it detects the file as a Trojan and quarantines i am no longer able to browser the internet. I than do a system restore to before it was quarantined and run in safe mode so Norton doesn't quarantine it again. So if someone could help me either with a complete manual removal of the Malware or at least help me be able to browse after it is quarantined i would appreciate it.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by AustinPH (administrator) on AUSTINPH-PC (05-08-2015 22:21:39)
Running from C:\Users\AustinPH\Downloads
Loaded Profiles: AustinPH (Available Profiles: AustinPH)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(CartCrunch Israel Ltd.) C:\ProgramData\PicColor Utility\ColorMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Zune Launcher] => C:\Program Files (x86)\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [14725120 2015-07-11] ()
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [HitsBlender] => "C:\Program Files (x86)\HitsBlender\hitsblender.exe" -s
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [Google Update] => C:\Users\AustinPH\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-04-24] (Google Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\S-1-5-21-2542147359-456179191-873943161-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 16 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B06EFC34-8BDF-492E-B699-12264EAD17CF}: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=3 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=9 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AustinPH\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2015-08-01]
 
Chrome: 
=======
CHR Profile: C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-05]
CHR Extension: (YouTube) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-05]
CHR Extension: (Google Search) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-05]
CHR Extension: (Google Play Music) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-11-18]
CHR Extension: (Google Sheets) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (AdBlock) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [File not signed]
R2 ColorMedia; C:\ProgramData\PicColor Utility\ColorMedia.exe [1406144 2015-01-04] (CartCrunch Israel Ltd.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [282016 2015-07-16] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [87040 2006-05-11] (Hewlett-Packard) [File not signed]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WMZuneComm; C:\Program Files (x86)\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S3 ZuneNetworkSvc; C:\Program Files (x86)\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; C:\Program Files (x86)\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 cmwf; C:\Windows\system32\Drivers\cmwf.sys [33952 2015-01-04] () [File not signed] <==== ATTENTION
R1 cmwr; C:\Windows\system32\Drivers\cmwr.sys [45216 2015-01-04] () [File not signed] <==== ATTENTION
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-24] (Disc Soft Ltd)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150731.001\IDSvia64.sys [692984 2015-07-10] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 22:21 - 2015-08-05 22:22 - 00017077 _____ C:\Users\AustinPH\Downloads\FRST.txt
2015-08-05 22:21 - 2015-08-05 22:21 - 02169856 _____ (Farbar) C:\Users\AustinPH\Downloads\FRST64.exe
2015-08-05 22:21 - 2015-08-05 22:21 - 00000000 ____D C:\FRST
2015-08-05 22:03 - 2015-08-05 22:03 - 00000136 _____ C:\Users\AustinPH\Downloads\winsockfix.bat
2015-08-05 21:37 - 2015-08-05 21:37 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup (1).exe
2015-08-05 21:36 - 2015-08-05 21:36 - 00002161 _____ C:\Users\AustinPH\Desktop\JRT.txt
2015-08-05 21:34 - 2015-08-05 21:34 - 01797896 _____ (Malwarebytes Corporation) C:\Users\AustinPH\Downloads\JRT.exe
2015-08-05 21:32 - 2015-08-05 21:32 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup.exe
2015-08-05 21:31 - 2015-08-05 21:31 - 00931408 _____ (Google Inc.) C:\Users\AustinPH\Downloads\ChromeSetup.exe
2015-08-05 20:26 - 2015-08-05 21:24 - 00000000 ____D C:\Program Files\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:28 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:26 - 00000000 ____D C:\Users\AustinPH\AppData\Local\FreeFixer
2015-08-05 20:22 - 2015-08-05 22:21 - 00000000 ____D C:\Users\AustinPH\Desktop\New folder
2015-08-01 17:28 - 2015-08-01 17:29 - 11972384 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.2_setup.exe
2015-07-29 18:33 - 2015-07-29 18:33 - 00001196 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-return-of-the-king_english-117957.zip
2015-07-28 18:16 - 2015-07-28 18:16 - 00003692 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-two-towers_english-117945.zip
2015-07-28 17:23 - 2015-07-25 11:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 17:23 - 2015-07-25 11:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 17:23 - 2015-07-25 11:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 17:23 - 2015-07-25 10:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-24 21:34 - 2015-07-24 21:34 - 00000000 ____D C:\ProgramData\ATI
2015-07-24 21:33 - 2015-07-24 21:33 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201507242133588080.log
2015-07-24 21:33 - 2015-07-24 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-23 18:32 - 2015-07-23 18:32 - 00262144 ____N C:\Windows\Minidump\072315-32994-01.dmp
2015-07-23 17:53 - 2015-07-23 17:53 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2015-07-23 17:15 - 2015-07-23 17:15 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security
2015-07-20 19:34 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 19:34 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:34 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 17:38 - 2015-08-05 21:17 - 00000000 ____D C:\Users\AustinPH\AppData\Local\NPE
2015-07-14 20:35 - 2015-07-14 20:35 - 00012263 _____ C:\Users\AustinPH\Downloads\AI Setting.aip
2015-07-14 20:18 - 2015-07-14 20:18 - 00008118 _____ C:\Users\AustinPH\Downloads\Prime Schedule 2015-06-01 (1).aip
2015-07-14 18:58 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 18:58 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 18:58 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 18:58 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 18:58 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 18:58 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 18:58 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 18:58 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 18:54 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 18:54 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 18:54 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 18:54 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 18:54 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 18:54 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 18:54 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 18:54 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 18:54 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 18:54 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 18:54 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 18:54 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 18:54 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 18:54 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 18:54 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 18:54 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 18:54 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 18:54 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 18:54 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 18:54 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 18:54 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 18:54 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 18:54 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 18:54 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 18:54 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 18:54 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 18:50 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 18:50 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 18:50 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 18:50 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 18:50 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 18:50 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 18:50 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 18:50 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 18:50 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 18:44 - 2015-07-09 10:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 18:44 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 18:44 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 18:44 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 18:44 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 18:44 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 18:44 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 18:44 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 18:34 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 18:34 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-14 18:34 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-11 14:42 - 2015-08-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-07-11 14:38 - 2015-07-11 14:39 - 11854318 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.1_setup.exe
2015-07-10 19:21 - 2015-07-23 17:10 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-10 19:21 - 2015-07-22 18:08 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-10 19:21 - 2015-07-22 18:08 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-10 19:21 - 2015-07-10 19:21 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
2015-07-10 19:17 - 2015-07-10 19:17 - 00000000 ____D C:\Program Files (x86)\Norton Security
2015-07-10 19:12 - 2015-07-10 19:12 - 01110744 _____ (Symantec Corporation) C:\Users\AustinPH\Downloads\NSDownloader.exe
2015-07-10 06:39 - 2015-07-29 18:17 - 00000000 ___HD C:\$Windows.~BT
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 21:27 - 2014-01-24 19:05 - 00000000 ____D C:\Users\AustinPH
2015-08-05 21:25 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-05 21:25 - 2014-05-07 22:54 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-05 21:25 - 2014-01-28 19:21 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-05 21:24 - 2015-02-02 18:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-05 21:24 - 2015-01-06 19:47 - 00000000 ____D C:\ProgramData\PicColor Utility
2015-08-05 21:24 - 2014-11-17 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-05 21:24 - 2014-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2015-08-05 21:24 - 2014-09-14 22:22 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Unity
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\qBittorrent
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2015-08-05 21:24 - 2014-04-06 11:12 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Raptr
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banished
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Games
2015-08-05 21:24 - 2014-02-18 00:00 - 00000000 ____D C:\Program Files\UltraDefrag
2015-08-05 21:24 - 2014-02-03 19:15 - 00000000 ____D C:\Program Files\WinRAR
2015-08-05 21:24 - 2014-02-02 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-05 21:24 - 2014-01-24 19:58 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\vlc
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2015-08-05 21:23 - 2014-01-28 21:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-05 21:23 - 2014-01-24 19:46 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Google
2015-08-05 21:23 - 2014-01-24 19:20 - 00000000 ____D C:\ProgramData\Norton
2015-08-05 21:22 - 2014-01-24 19:46 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-05 17:46 - 2010-11-21 00:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieUserList
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieSiteList
2015-08-01 17:39 - 2014-01-24 18:47 - 01276945 _____ C:\Windows\WindowsUpdate.log
2015-08-01 17:25 - 2014-02-02 18:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-01 17:24 - 2014-02-18 18:39 - 00054809 _____ C:\Windows\setupact.log
2015-08-01 17:24 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 22:21 - 2014-02-02 18:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-31 21:46 - 2015-04-24 21:21 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA.job
2015-07-30 17:46 - 2015-04-24 21:21 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core.job
2015-07-29 18:22 - 2014-01-24 18:43 - 00000000 ____D C:\Windows\Panther
2015-07-28 19:17 - 2014-02-08 19:11 - 00000000 ____D C:\Users\AustinPH\Documents\My stuff
2015-07-27 18:52 - 2014-04-06 11:01 - 01491022 _____ C:\Windows\PFRO.log
2015-07-24 21:34 - 2014-11-23 12:48 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-24 21:34 - 2014-02-02 13:06 - 00000000 ____D C:\Program Files\AMD
2015-07-24 21:32 - 2014-04-06 11:10 - 00000000 ____D C:\ProgramData\AMD
2015-07-24 21:26 - 2014-01-28 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 21:24 - 2014-04-06 11:02 - 00000000 ____D C:\AMD
2015-07-23 18:32 - 2014-01-28 23:39 - 00000000 ____D C:\Windows\Minidump
2015-07-21 17:10 - 2009-07-13 21:45 - 00298944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 15:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 17:39 - 2014-02-12 21:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 17:36 - 2015-06-26 17:50 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:34 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 18:16 - 2014-02-02 18:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 18:16 - 2014-02-02 18:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 17:41 - 2015-04-24 21:21 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA
2015-07-15 17:41 - 2015-04-24 21:21 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core
2015-07-15 17:31 - 2014-12-10 19:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 17:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 22:36 - 2014-01-24 23:18 - 00000000 ____D C:\Windows\system32\MRT
2015-07-10 19:41 - 2014-01-24 19:20 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-10 19:12 - 2014-01-24 19:20 - 00000000 ____D C:\Users\Public\Downloads\Norton
 
==================== Files in the root of some directories =======
 
2011-06-06 13:50 - 2011-06-06 13:50 - 0000054 _____ () C:\Program Files (x86)\Arrow.gif
2011-06-06 13:50 - 2011-06-06 13:50 - 0000631 _____ () C:\Program Files (x86)\Background.jpg
2011-08-05 12:31 - 2011-08-05 12:31 - 0182784 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Program Files (x86)\l3codecp.acm
2011-06-21 23:45 - 2011-06-21 23:45 - 9532452 _____ () C:\Program Files (x86)\Meiryoz.ttc
2011-06-06 13:48 - 2011-06-06 13:48 - 0001859 _____ () C:\Program Files (x86)\Microsoft.VC90.CRT.manifest
2007-10-02 14:12 - 2007-10-02 14:12 - 1642568 _____ (Microsoft Corporation) C:\Program Files (x86)\msidcrl40.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0245760 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcm90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0856576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0626688 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr90.dll
2011-06-06 13:50 - 2011-06-06 13:50 - 0122458 _____ () C:\Program Files (x86)\quickplaymap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121358 _____ () C:\Program Files (x86)\quickplaymap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121162 _____ () C:\Program Files (x86)\quickplaymap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122068 _____ () C:\Program Files (x86)\quickplaymap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121489 _____ () C:\Program Files (x86)\quickplaymap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121837 _____ () C:\Program Files (x86)\quickplaymap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122620 _____ () C:\Program Files (x86)\quickplaymap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121952 _____ () C:\Program Files (x86)\quickplaymap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121257 _____ () C:\Program Files (x86)\quickplaymap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121403 _____ () C:\Program Files (x86)\quickplaymap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121834 _____ () C:\Program Files (x86)\quickplaymap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122210 _____ () C:\Program Files (x86)\quickplaymap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121621 _____ () C:\Program Files (x86)\quickplaymap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122060 _____ () C:\Program Files (x86)\quickplaymap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0120995 _____ () C:\Program Files (x86)\quickplaymap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122484 _____ () C:\Program Files (x86)\quickplaymap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122053 _____ () C:\Program Files (x86)\quickplaymap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121155 _____ () C:\Program Files (x86)\quickplaymap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122414 _____ () C:\Program Files (x86)\quickplaymap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122134 _____ () C:\Program Files (x86)\quickplaymap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121635 _____ () C:\Program Files (x86)\quickplaymap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122790 _____ () C:\Program Files (x86)\quickplaymap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121558 _____ () C:\Program Files (x86)\quickplaymap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0251333 _____ () C:\Program Files (x86)\softwaremap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0095912 _____ () C:\Program Files (x86)\softwaremap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096751 _____ () C:\Program Files (x86)\softwaremap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097298 _____ () C:\Program Files (x86)\softwaremap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096323 _____ () C:\Program Files (x86)\softwaremap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097580 _____ () C:\Program Files (x86)\softwaremap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0100499 _____ () C:\Program Files (x86)\softwaremap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097782 _____ () C:\Program Files (x86)\softwaremap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096441 _____ () C:\Program Files (x86)\softwaremap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097435 _____ () C:\Program Files (x86)\softwaremap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096737 _____ () C:\Program Files (x86)\softwaremap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0092713 _____ () C:\Program Files (x86)\softwaremap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098431 _____ () C:\Program Files (x86)\softwaremap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096603 _____ () C:\Program Files (x86)\softwaremap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0093267 _____ () C:\Program Files (x86)\softwaremap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0093248 _____ () C:\Program Files (x86)\softwaremap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096513 _____ () C:\Program Files (x86)\softwaremap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094750 _____ () C:\Program Files (x86)\softwaremap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098663 _____ () C:\Program Files (x86)\softwaremap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098102 _____ () C:\Program Files (x86)\softwaremap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097716 _____ () C:\Program Files (x86)\softwaremap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0099979 _____ () C:\Program Files (x86)\softwaremap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094597 _____ () C:\Program Files (x86)\softwaremap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0001922 _____ () C:\Program Files (x86)\TopBar.gif
2011-08-05 12:56 - 2011-08-05 12:56 - 1530592 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 0645856 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.renderapi.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1288928 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXcontrols.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1752288 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXrender.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0035552 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXsup.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0306400 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneComm.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0018656 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneCommProxyStub.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0021216 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneDTPTDNS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0027872 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneTCP2UDP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0223968 _____ (Microsoft Corporation) C:\Program Files (x86)\Zune.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000659 _____ () C:\Program Files (x86)\Zune.exe.config
2011-08-05 12:53 - 2011-08-05 12:53 - 0121056 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneAACDec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0061664 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCfg.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0056544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneConfig.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 1481440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCore.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0212192 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDB.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1175264 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDBApi.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0072928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDXVA2.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0129248 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEffects.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0038624 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEnc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 2110176 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEncEng.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0376544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEvr.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1184480 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneH264Dec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0218848 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneHost.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0163552 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneLauncher.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000988 _____ () C:\Program Files (x86)\ZuneLogo.gif
2011-08-05 12:53 - 2011-08-05 12:53 - 1096928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMarketplaceResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0879328 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMBR.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1161440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMde.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0707808 _____ (Microsoft Corporation) C:\Program Files (x86)\ZUNEMP4SDECD.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 10061536 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNativeLib.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 8277728 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNss.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0347872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNssci.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0131296 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePresenter.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0020704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0916704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneQP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 3889376 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0155872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSA.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0514272 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSE.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1257184 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneService.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 4020448 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSetup.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0683744 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSH.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0017632 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShare.exe
2011-08-05 12:56 - 2011-08-05 12:56 - 1272544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShell.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0074464 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellExt.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 16921312 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0507104 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0366816 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSrcWrp.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0100064 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneTaskbar.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0467680 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWlanCfgSvc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0863968 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmdu.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0009440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmduResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0152288 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Classic.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157920 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Library.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0196832 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Mobile.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157408 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.ZuneHD.dll
2014-08-28 20:45 - 2014-08-28 20:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-06-20 13:41 - 2014-06-20 13:41 - 0000040 _____ () C:\ProgramData\ra3.ini
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-02 15:19
 
==================== End of log ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by AustinPH (administrator) on AUSTINPH-PC (05-08-2015 22:21:39)
Running from C:\Users\AustinPH\Downloads
Loaded Profiles: AustinPH (Available Profiles: AustinPH)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(CartCrunch Israel Ltd.) C:\ProgramData\PicColor Utility\ColorMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Zune Launcher] => C:\Program Files (x86)\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [14725120 2015-07-11] ()
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [HitsBlender] => "C:\Program Files (x86)\HitsBlender\hitsblender.exe" -s
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [Google Update] => C:\Users\AustinPH\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-04-24] (Google Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\S-1-5-21-2542147359-456179191-873943161-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 16 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B06EFC34-8BDF-492E-B699-12264EAD17CF}: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=3 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=9 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AustinPH\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2015-08-01]
 
Chrome: 
=======
CHR Profile: C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-05]
CHR Extension: (YouTube) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-05]
CHR Extension: (Google Search) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-05]
CHR Extension: (Google Play Music) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-11-18]
CHR Extension: (Google Sheets) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (AdBlock) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [File not signed]
R2 ColorMedia; C:\ProgramData\PicColor Utility\ColorMedia.exe [1406144 2015-01-04] (CartCrunch Israel Ltd.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [282016 2015-07-16] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [87040 2006-05-11] (Hewlett-Packard) [File not signed]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WMZuneComm; C:\Program Files (x86)\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S3 ZuneNetworkSvc; C:\Program Files (x86)\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; C:\Program Files (x86)\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 cmwf; C:\Windows\system32\Drivers\cmwf.sys [33952 2015-01-04] () [File not signed] <==== ATTENTION
R1 cmwr; C:\Windows\system32\Drivers\cmwr.sys [45216 2015-01-04] () [File not signed] <==== ATTENTION
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-24] (Disc Soft Ltd)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150731.001\IDSvia64.sys [692984 2015-07-10] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 22:21 - 2015-08-05 22:22 - 00017077 _____ C:\Users\AustinPH\Downloads\FRST.txt
2015-08-05 22:21 - 2015-08-05 22:21 - 02169856 _____ (Farbar) C:\Users\AustinPH\Downloads\FRST64.exe
2015-08-05 22:21 - 2015-08-05 22:21 - 00000000 ____D C:\FRST
2015-08-05 22:03 - 2015-08-05 22:03 - 00000136 _____ C:\Users\AustinPH\Downloads\winsockfix.bat
2015-08-05 21:37 - 2015-08-05 21:37 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup (1).exe
2015-08-05 21:36 - 2015-08-05 21:36 - 00002161 _____ C:\Users\AustinPH\Desktop\JRT.txt
2015-08-05 21:34 - 2015-08-05 21:34 - 01797896 _____ (Malwarebytes Corporation) C:\Users\AustinPH\Downloads\JRT.exe
2015-08-05 21:32 - 2015-08-05 21:32 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup.exe
2015-08-05 21:31 - 2015-08-05 21:31 - 00931408 _____ (Google Inc.) C:\Users\AustinPH\Downloads\ChromeSetup.exe
2015-08-05 20:26 - 2015-08-05 21:24 - 00000000 ____D C:\Program Files\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:28 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:26 - 00000000 ____D C:\Users\AustinPH\AppData\Local\FreeFixer
2015-08-05 20:22 - 2015-08-05 22:21 - 00000000 ____D C:\Users\AustinPH\Desktop\New folder
2015-08-01 17:28 - 2015-08-01 17:29 - 11972384 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.2_setup.exe
2015-07-29 18:33 - 2015-07-29 18:33 - 00001196 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-return-of-the-king_english-117957.zip
2015-07-28 18:16 - 2015-07-28 18:16 - 00003692 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-two-towers_english-117945.zip
2015-07-28 17:23 - 2015-07-25 11:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 17:23 - 2015-07-25 11:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 17:23 - 2015-07-25 11:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 17:23 - 2015-07-25 10:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-24 21:34 - 2015-07-24 21:34 - 00000000 ____D C:\ProgramData\ATI
2015-07-24 21:33 - 2015-07-24 21:33 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201507242133588080.log
2015-07-24 21:33 - 2015-07-24 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-23 18:32 - 2015-07-23 18:32 - 00262144 ____N C:\Windows\Minidump\072315-32994-01.dmp
2015-07-23 17:53 - 2015-07-23 17:53 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2015-07-23 17:15 - 2015-07-23 17:15 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security
2015-07-20 19:34 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 19:34 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:34 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 17:38 - 2015-08-05 21:17 - 00000000 ____D C:\Users\AustinPH\AppData\Local\NPE
2015-07-14 20:35 - 2015-07-14 20:35 - 00012263 _____ C:\Users\AustinPH\Downloads\AI Setting.aip
2015-07-14 20:18 - 2015-07-14 20:18 - 00008118 _____ C:\Users\AustinPH\Downloads\Prime Schedule 2015-06-01 (1).aip
2015-07-14 18:58 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 18:58 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 18:58 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 18:58 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 18:58 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 18:58 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 18:58 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 18:58 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 18:54 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 18:54 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 18:54 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 18:54 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 18:54 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 18:54 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 18:54 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 18:54 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 18:54 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 18:54 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 18:54 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 18:54 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 18:54 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 18:54 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 18:54 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 18:54 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 18:54 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 18:54 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 18:54 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 18:54 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 18:54 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 18:54 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 18:54 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 18:54 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 18:54 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 18:54 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 18:50 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 18:50 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 18:50 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 18:50 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 18:50 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 18:50 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 18:50 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 18:50 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 18:50 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 18:44 - 2015-07-09 10:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 18:44 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 18:44 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 18:44 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 18:44 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 18:44 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 18:44 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 18:44 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 18:34 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 18:34 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-14 18:34 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-11 14:42 - 2015-08-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-07-11 14:38 - 2015-07-11 14:39 - 11854318 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.1_setup.exe
2015-07-10 19:21 - 2015-07-23 17:10 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-10 19:21 - 2015-07-22 18:08 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-10 19:21 - 2015-07-22 18:08 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-10 19:21 - 2015-07-10 19:21 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
2015-07-10 19:17 - 2015-07-10 19:17 - 00000000 ____D C:\Program Files (x86)\Norton Security
2015-07-10 19:12 - 2015-07-10 19:12 - 01110744 _____ (Symantec Corporation) C:\Users\AustinPH\Downloads\NSDownloader.exe
2015-07-10 06:39 - 2015-07-29 18:17 - 00000000 ___HD C:\$Windows.~BT
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 21:27 - 2014-01-24 19:05 - 00000000 ____D C:\Users\AustinPH
2015-08-05 21:25 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-05 21:25 - 2014-05-07 22:54 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-05 21:25 - 2014-01-28 19:21 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-05 21:24 - 2015-02-02 18:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-05 21:24 - 2015-01-06 19:47 - 00000000 ____D C:\ProgramData\PicColor Utility
2015-08-05 21:24 - 2014-11-17 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-05 21:24 - 2014-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2015-08-05 21:24 - 2014-09-14 22:22 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Unity
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\qBittorrent
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2015-08-05 21:24 - 2014-04-06 11:12 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Raptr
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banished
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Games
2015-08-05 21:24 - 2014-02-18 00:00 - 00000000 ____D C:\Program Files\UltraDefrag
2015-08-05 21:24 - 2014-02-03 19:15 - 00000000 ____D C:\Program Files\WinRAR
2015-08-05 21:24 - 2014-02-02 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-05 21:24 - 2014-01-24 19:58 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\vlc
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2015-08-05 21:23 - 2014-01-28 21:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-05 21:23 - 2014-01-24 19:46 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Google
2015-08-05 21:23 - 2014-01-24 19:20 - 00000000 ____D C:\ProgramData\Norton
2015-08-05 21:22 - 2014-01-24 19:46 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-05 17:46 - 2010-11-21 00:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieUserList
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieSiteList
2015-08-01 17:39 - 2014-01-24 18:47 - 01276945 _____ C:\Windows\WindowsUpdate.log
2015-08-01 17:25 - 2014-02-02 18:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-01 17:24 - 2014-02-18 18:39 - 00054809 _____ C:\Windows\setupact.log
2015-08-01 17:24 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 22:21 - 2014-02-02 18:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-31 21:46 - 2015-04-24 21:21 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA.job
2015-07-30 17:46 - 2015-04-24 21:21 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core.job
2015-07-29 18:22 - 2014-01-24 18:43 - 00000000 ____D C:\Windows\Panther
2015-07-28 19:17 - 2014-02-08 19:11 - 00000000 ____D C:\Users\AustinPH\Documents\My stuff
2015-07-27 18:52 - 2014-04-06 11:01 - 01491022 _____ C:\Windows\PFRO.log
2015-07-24 21:34 - 2014-11-23 12:48 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-24 21:34 - 2014-02-02 13:06 - 00000000 ____D C:\Program Files\AMD
2015-07-24 21:32 - 2014-04-06 11:10 - 00000000 ____D C:\ProgramData\AMD
2015-07-24 21:26 - 2014-01-28 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 21:24 - 2014-04-06 11:02 - 00000000 ____D C:\AMD
2015-07-23 18:32 - 2014-01-28 23:39 - 00000000 ____D C:\Windows\Minidump
2015-07-21 17:10 - 2009-07-13 21:45 - 00298944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 15:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 17:39 - 2014-02-12 21:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 17:36 - 2015-06-26 17:50 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:34 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 18:16 - 2014-02-02 18:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 18:16 - 2014-02-02 18:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 17:41 - 2015-04-24 21:21 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA
2015-07-15 17:41 - 2015-04-24 21:21 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core
2015-07-15 17:31 - 2014-12-10 19:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 17:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 22:36 - 2014-01-24 23:18 - 00000000 ____D C:\Windows\system32\MRT
2015-07-10 19:41 - 2014-01-24 19:20 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-10 19:12 - 2014-01-24 19:20 - 00000000 ____D C:\Users\Public\Downloads\Norton
 
==================== Files in the root of some directories =======
 
2011-06-06 13:50 - 2011-06-06 13:50 - 0000054 _____ () C:\Program Files (x86)\Arrow.gif
2011-06-06 13:50 - 2011-06-06 13:50 - 0000631 _____ () C:\Program Files (x86)\Background.jpg
2011-08-05 12:31 - 2011-08-05 12:31 - 0182784 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Program Files (x86)\l3codecp.acm
2011-06-21 23:45 - 2011-06-21 23:45 - 9532452 _____ () C:\Program Files (x86)\Meiryoz.ttc
2011-06-06 13:48 - 2011-06-06 13:48 - 0001859 _____ () C:\Program Files (x86)\Microsoft.VC90.CRT.manifest
2007-10-02 14:12 - 2007-10-02 14:12 - 1642568 _____ (Microsoft Corporation) C:\Program Files (x86)\msidcrl40.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0245760 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcm90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0856576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0626688 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr90.dll
2011-06-06 13:50 - 2011-06-06 13:50 - 0122458 _____ () C:\Program Files (x86)\quickplaymap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121358 _____ () C:\Program Files (x86)\quickplaymap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121162 _____ () C:\Program Files (x86)\quickplaymap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122068 _____ () C:\Program Files (x86)\quickplaymap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121489 _____ () C:\Program Files (x86)\quickplaymap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121837 _____ () C:\Program Files (x86)\quickplaymap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122620 _____ () C:\Program Files (x86)\quickplaymap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121952 _____ () C:\Program Files (x86)\quickplaymap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121257 _____ () C:\Program Files (x86)\quickplaymap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121403 _____ () C:\Program Files (x86)\quickplaymap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121834 _____ () C:\Program Files (x86)\quickplaymap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122210 _____ () C:\Program Files (x86)\quickplaymap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121621 _____ () C:\Program Files (x86)\quickplaymap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122060 _____ () C:\Program Files (x86)\quickplaymap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0120995 _____ () C:\Program Files (x86)\quickplaymap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122484 _____ () C:\Program Files (x86)\quickplaymap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122053 _____ () C:\Program Files (x86)\quickplaymap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121155 _____ () C:\Program Files (x86)\quickplaymap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122414 _____ () C:\Program Files (x86)\quickplaymap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122134 _____ () C:\Program Files (x86)\quickplaymap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121635 _____ () C:\Program Files (x86)\quickplaymap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122790 _____ () C:\Program Files (x86)\quickplaymap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121558 _____ () C:\Program Files (x86)\quickplaymap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0251333 _____ () C:\Program Files (x86)\softwaremap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0095912 _____ () C:\Program Files (x86)\softwaremap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096751 _____ () C:\Program Files (x86)\softwaremap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097298 _____ () C:\Program Files (x86)\softwaremap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096323 _____ () C:\Program Files (x86)\softwaremap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097580 _____ () C:\Program Files (x86)\softwaremap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0100499 _____ () C:\Program Files (x86)\softwaremap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097782 _____ () C:\Program Files (x86)\softwaremap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096441 _____ () C:\Program Files (x86)\softwaremap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097435 _____ () C:\Program Files (x86)\softwaremap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096737 _____ () C:\Program Files (x86)\softwaremap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0092713 _____ () C:\Program Files (x86)\softwaremap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098431 _____ () C:\Program Files (x86)\softwaremap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096603 _____ () C:\Program Files (x86)\softwaremap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0093267 _____ () C:\Program Files (x86)\softwaremap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0093248 _____ () C:\Program Files (x86)\softwaremap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096513 _____ () C:\Program Files (x86)\softwaremap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094750 _____ () C:\Program Files (x86)\softwaremap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098663 _____ () C:\Program Files (x86)\softwaremap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098102 _____ () C:\Program Files (x86)\softwaremap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097716 _____ () C:\Program Files (x86)\softwaremap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0099979 _____ () C:\Program Files (x86)\softwaremap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094597 _____ () C:\Program Files (x86)\softwaremap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0001922 _____ () C:\Program Files (x86)\TopBar.gif
2011-08-05 12:56 - 2011-08-05 12:56 - 1530592 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 0645856 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.renderapi.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1288928 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXcontrols.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1752288 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXrender.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0035552 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXsup.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0306400 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneComm.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0018656 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneCommProxyStub.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0021216 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneDTPTDNS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0027872 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneTCP2UDP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0223968 _____ (Microsoft Corporation) C:\Program Files (x86)\Zune.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000659 _____ () C:\Program Files (x86)\Zune.exe.config
2011-08-05 12:53 - 2011-08-05 12:53 - 0121056 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneAACDec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0061664 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCfg.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0056544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneConfig.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 1481440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCore.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0212192 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDB.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1175264 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDBApi.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0072928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDXVA2.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0129248 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEffects.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0038624 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEnc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 2110176 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEncEng.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0376544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEvr.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1184480 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneH264Dec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0218848 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneHost.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0163552 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneLauncher.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000988 _____ () C:\Program Files (x86)\ZuneLogo.gif
2011-08-05 12:53 - 2011-08-05 12:53 - 1096928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMarketplaceResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0879328 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMBR.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1161440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMde.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0707808 _____ (Microsoft Corporation) C:\Program Files (x86)\ZUNEMP4SDECD.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 10061536 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNativeLib.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 8277728 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNss.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0347872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNssci.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0131296 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePresenter.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0020704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0916704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneQP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 3889376 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0155872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSA.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0514272 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSE.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1257184 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneService.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 4020448 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSetup.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0683744 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSH.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0017632 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShare.exe
2011-08-05 12:56 - 2011-08-05 12:56 - 1272544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShell.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0074464 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellExt.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 16921312 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0507104 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0366816 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSrcWrp.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0100064 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneTaskbar.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0467680 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWlanCfgSvc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0863968 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmdu.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0009440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmduResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0152288 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Classic.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157920 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Library.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0196832 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Mobile.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157408 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.ZuneHD.dll
2014-08-28 20:45 - 2014-08-28 20:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-06-20 13:41 - 2014-06-20 13:41 - 0000040 _____ () C:\ProgramData\ra3.ini
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-02 15:19
 
==================== End of log ============================


BC AdBot (Login to Remove)

 


#2 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 06 August 2015 - 12:31 AM

I have Norton antivirus software but every time it detects the file as a Trojan and quarantines i am no longer able to browser the internet. I than do a system restore to before it was quarantined and run in safe mode so Norton doesn't quarantine it again. So if someone could help me either with a complete manual removal of the Malware or at least help me be able to browse after it is quarantined i would appreciate it.

 

 

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by AustinPH (administrator) on AUSTINPH-PC (05-08-2015 22:21:39)
Running from C:\Users\AustinPH\Downloads
Loaded Profiles: AustinPH (Available Profiles: AustinPH)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(CartCrunch Israel Ltd.) C:\ProgramData\PicColor Utility\ColorMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Zune Launcher] => C:\Program Files (x86)\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [14725120 2015-07-11] ()
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [HitsBlender] => "C:\Program Files (x86)\HitsBlender\hitsblender.exe" -s
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [Google Update] => C:\Users\AustinPH\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-04-24] (Google Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\S-1-5-21-2542147359-456179191-873943161-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 16 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B06EFC34-8BDF-492E-B699-12264EAD17CF}: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=3 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=9 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AustinPH\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2015-08-01]
 
Chrome: 
=======
CHR Profile: C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-05]
CHR Extension: (YouTube) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-05]
CHR Extension: (Google Search) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-05]
CHR Extension: (Google Play Music) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-11-18]
CHR Extension: (Google Sheets) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (AdBlock) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [File not signed]
R2 ColorMedia; C:\ProgramData\PicColor Utility\ColorMedia.exe [1406144 2015-01-04] (CartCrunch Israel Ltd.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [282016 2015-07-16] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [87040 2006-05-11] (Hewlett-Packard) [File not signed]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WMZuneComm; C:\Program Files (x86)\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S3 ZuneNetworkSvc; C:\Program Files (x86)\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; C:\Program Files (x86)\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 cmwf; C:\Windows\system32\Drivers\cmwf.sys [33952 2015-01-04] () [File not signed] <==== ATTENTION
R1 cmwr; C:\Windows\system32\Drivers\cmwr.sys [45216 2015-01-04] () [File not signed] <==== ATTENTION
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-24] (Disc Soft Ltd)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150731.001\IDSvia64.sys [692984 2015-07-10] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 22:21 - 2015-08-05 22:22 - 00017077 _____ C:\Users\AustinPH\Downloads\FRST.txt
2015-08-05 22:21 - 2015-08-05 22:21 - 02169856 _____ (Farbar) C:\Users\AustinPH\Downloads\FRST64.exe
2015-08-05 22:21 - 2015-08-05 22:21 - 00000000 ____D C:\FRST
2015-08-05 22:03 - 2015-08-05 22:03 - 00000136 _____ C:\Users\AustinPH\Downloads\winsockfix.bat
2015-08-05 21:37 - 2015-08-05 21:37 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup (1).exe
2015-08-05 21:36 - 2015-08-05 21:36 - 00002161 _____ C:\Users\AustinPH\Desktop\JRT.txt
2015-08-05 21:34 - 2015-08-05 21:34 - 01797896 _____ (Malwarebytes Corporation) C:\Users\AustinPH\Downloads\JRT.exe
2015-08-05 21:32 - 2015-08-05 21:32 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup.exe
2015-08-05 21:31 - 2015-08-05 21:31 - 00931408 _____ (Google Inc.) C:\Users\AustinPH\Downloads\ChromeSetup.exe
2015-08-05 20:26 - 2015-08-05 21:24 - 00000000 ____D C:\Program Files\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:28 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:26 - 00000000 ____D C:\Users\AustinPH\AppData\Local\FreeFixer
2015-08-05 20:22 - 2015-08-05 22:21 - 00000000 ____D C:\Users\AustinPH\Desktop\New folder
2015-08-01 17:28 - 2015-08-01 17:29 - 11972384 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.2_setup.exe
2015-07-29 18:33 - 2015-07-29 18:33 - 00001196 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-return-of-the-king_english-117957.zip
2015-07-28 18:16 - 2015-07-28 18:16 - 00003692 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-two-towers_english-117945.zip
2015-07-28 17:23 - 2015-07-25 11:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 17:23 - 2015-07-25 11:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 17:23 - 2015-07-25 11:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 17:23 - 2015-07-25 10:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-24 21:34 - 2015-07-24 21:34 - 00000000 ____D C:\ProgramData\ATI
2015-07-24 21:33 - 2015-07-24 21:33 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201507242133588080.log
2015-07-24 21:33 - 2015-07-24 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-23 18:32 - 2015-07-23 18:32 - 00262144 ____N C:\Windows\Minidump\072315-32994-01.dmp
2015-07-23 17:53 - 2015-07-23 17:53 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2015-07-23 17:15 - 2015-07-23 17:15 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security
2015-07-20 19:34 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 19:34 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:34 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 17:38 - 2015-08-05 21:17 - 00000000 ____D C:\Users\AustinPH\AppData\Local\NPE
2015-07-14 20:35 - 2015-07-14 20:35 - 00012263 _____ C:\Users\AustinPH\Downloads\AI Setting.aip
2015-07-14 20:18 - 2015-07-14 20:18 - 00008118 _____ C:\Users\AustinPH\Downloads\Prime Schedule 2015-06-01 (1).aip
2015-07-14 18:58 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 18:58 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 18:58 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 18:58 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 18:58 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 18:58 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 18:58 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 18:58 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 18:54 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 18:54 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 18:54 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 18:54 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 18:54 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 18:54 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 18:54 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 18:54 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 18:54 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 18:54 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 18:54 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 18:54 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 18:54 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 18:54 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 18:54 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 18:54 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 18:54 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 18:54 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 18:54 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 18:54 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 18:54 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 18:54 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 18:54 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 18:54 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 18:54 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 18:54 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 18:50 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 18:50 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 18:50 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 18:50 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 18:50 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 18:50 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 18:50 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 18:50 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 18:50 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 18:44 - 2015-07-09 10:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 18:44 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 18:44 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 18:44 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 18:44 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 18:44 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 18:44 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 18:44 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 18:34 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 18:34 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-14 18:34 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-11 14:42 - 2015-08-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-07-11 14:38 - 2015-07-11 14:39 - 11854318 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.1_setup.exe
2015-07-10 19:21 - 2015-07-23 17:10 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-10 19:21 - 2015-07-22 18:08 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-10 19:21 - 2015-07-22 18:08 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-10 19:21 - 2015-07-10 19:21 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
2015-07-10 19:17 - 2015-07-10 19:17 - 00000000 ____D C:\Program Files (x86)\Norton Security
2015-07-10 19:12 - 2015-07-10 19:12 - 01110744 _____ (Symantec Corporation) C:\Users\AustinPH\Downloads\NSDownloader.exe
2015-07-10 06:39 - 2015-07-29 18:17 - 00000000 ___HD C:\$Windows.~BT
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 21:27 - 2014-01-24 19:05 - 00000000 ____D C:\Users\AustinPH
2015-08-05 21:25 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-05 21:25 - 2014-05-07 22:54 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-05 21:25 - 2014-01-28 19:21 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-05 21:24 - 2015-02-02 18:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-05 21:24 - 2015-01-06 19:47 - 00000000 ____D C:\ProgramData\PicColor Utility
2015-08-05 21:24 - 2014-11-17 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-05 21:24 - 2014-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2015-08-05 21:24 - 2014-09-14 22:22 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Unity
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\qBittorrent
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2015-08-05 21:24 - 2014-04-06 11:12 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Raptr
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banished
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Games
2015-08-05 21:24 - 2014-02-18 00:00 - 00000000 ____D C:\Program Files\UltraDefrag
2015-08-05 21:24 - 2014-02-03 19:15 - 00000000 ____D C:\Program Files\WinRAR
2015-08-05 21:24 - 2014-02-02 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-05 21:24 - 2014-01-24 19:58 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\vlc
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2015-08-05 21:23 - 2014-01-28 21:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-05 21:23 - 2014-01-24 19:46 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Google
2015-08-05 21:23 - 2014-01-24 19:20 - 00000000 ____D C:\ProgramData\Norton
2015-08-05 21:22 - 2014-01-24 19:46 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-05 17:46 - 2010-11-21 00:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieUserList
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieSiteList
2015-08-01 17:39 - 2014-01-24 18:47 - 01276945 _____ C:\Windows\WindowsUpdate.log
2015-08-01 17:25 - 2014-02-02 18:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-01 17:24 - 2014-02-18 18:39 - 00054809 _____ C:\Windows\setupact.log
2015-08-01 17:24 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 22:21 - 2014-02-02 18:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-31 21:46 - 2015-04-24 21:21 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA.job
2015-07-30 17:46 - 2015-04-24 21:21 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core.job
2015-07-29 18:22 - 2014-01-24 18:43 - 00000000 ____D C:\Windows\Panther
2015-07-28 19:17 - 2014-02-08 19:11 - 00000000 ____D C:\Users\AustinPH\Documents\My stuff
2015-07-27 18:52 - 2014-04-06 11:01 - 01491022 _____ C:\Windows\PFRO.log
2015-07-24 21:34 - 2014-11-23 12:48 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-24 21:34 - 2014-02-02 13:06 - 00000000 ____D C:\Program Files\AMD
2015-07-24 21:32 - 2014-04-06 11:10 - 00000000 ____D C:\ProgramData\AMD
2015-07-24 21:26 - 2014-01-28 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 21:24 - 2014-04-06 11:02 - 00000000 ____D C:\AMD
2015-07-23 18:32 - 2014-01-28 23:39 - 00000000 ____D C:\Windows\Minidump
2015-07-21 17:10 - 2009-07-13 21:45 - 00298944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 15:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 17:39 - 2014-02-12 21:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 17:36 - 2015-06-26 17:50 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:34 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 18:16 - 2014-02-02 18:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 18:16 - 2014-02-02 18:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 17:41 - 2015-04-24 21:21 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA
2015-07-15 17:41 - 2015-04-24 21:21 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core
2015-07-15 17:31 - 2014-12-10 19:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 17:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 22:36 - 2014-01-24 23:18 - 00000000 ____D C:\Windows\system32\MRT
2015-07-10 19:41 - 2014-01-24 19:20 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-10 19:12 - 2014-01-24 19:20 - 00000000 ____D C:\Users\Public\Downloads\Norton
 
==================== Files in the root of some directories =======
 
2011-06-06 13:50 - 2011-06-06 13:50 - 0000054 _____ () C:\Program Files (x86)\Arrow.gif
2011-06-06 13:50 - 2011-06-06 13:50 - 0000631 _____ () C:\Program Files (x86)\Background.jpg
2011-08-05 12:31 - 2011-08-05 12:31 - 0182784 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Program Files (x86)\l3codecp.acm
2011-06-21 23:45 - 2011-06-21 23:45 - 9532452 _____ () C:\Program Files (x86)\Meiryoz.ttc
2011-06-06 13:48 - 2011-06-06 13:48 - 0001859 _____ () C:\Program Files (x86)\Microsoft.VC90.CRT.manifest
2007-10-02 14:12 - 2007-10-02 14:12 - 1642568 _____ (Microsoft Corporation) C:\Program Files (x86)\msidcrl40.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0245760 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcm90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0856576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0626688 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr90.dll
2011-06-06 13:50 - 2011-06-06 13:50 - 0122458 _____ () C:\Program Files (x86)\quickplaymap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121358 _____ () C:\Program Files (x86)\quickplaymap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121162 _____ () C:\Program Files (x86)\quickplaymap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122068 _____ () C:\Program Files (x86)\quickplaymap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121489 _____ () C:\Program Files (x86)\quickplaymap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121837 _____ () C:\Program Files (x86)\quickplaymap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122620 _____ () C:\Program Files (x86)\quickplaymap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121952 _____ () C:\Program Files (x86)\quickplaymap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121257 _____ () C:\Program Files (x86)\quickplaymap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121403 _____ () C:\Program Files (x86)\quickplaymap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121834 _____ () C:\Program Files (x86)\quickplaymap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122210 _____ () C:\Program Files (x86)\quickplaymap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121621 _____ () C:\Program Files (x86)\quickplaymap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122060 _____ () C:\Program Files (x86)\quickplaymap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0120995 _____ () C:\Program Files (x86)\quickplaymap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122484 _____ () C:\Program Files (x86)\quickplaymap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122053 _____ () C:\Program Files (x86)\quickplaymap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121155 _____ () C:\Program Files (x86)\quickplaymap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122414 _____ () C:\Program Files (x86)\quickplaymap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122134 _____ () C:\Program Files (x86)\quickplaymap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121635 _____ () C:\Program Files (x86)\quickplaymap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122790 _____ () C:\Program Files (x86)\quickplaymap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121558 _____ () C:\Program Files (x86)\quickplaymap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0251333 _____ () C:\Program Files (x86)\softwaremap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0095912 _____ () C:\Program Files (x86)\softwaremap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096751 _____ () C:\Program Files (x86)\softwaremap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097298 _____ () C:\Program Files (x86)\softwaremap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096323 _____ () C:\Program Files (x86)\softwaremap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097580 _____ () C:\Program Files (x86)\softwaremap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0100499 _____ () C:\Program Files (x86)\softwaremap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097782 _____ () C:\Program Files (x86)\softwaremap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096441 _____ () C:\Program Files (x86)\softwaremap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097435 _____ () C:\Program Files (x86)\softwaremap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096737 _____ () C:\Program Files (x86)\softwaremap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0092713 _____ () C:\Program Files (x86)\softwaremap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098431 _____ () C:\Program Files (x86)\softwaremap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096603 _____ () C:\Program Files (x86)\softwaremap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0093267 _____ () C:\Program Files (x86)\softwaremap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0093248 _____ () C:\Program Files (x86)\softwaremap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096513 _____ () C:\Program Files (x86)\softwaremap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094750 _____ () C:\Program Files (x86)\softwaremap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098663 _____ () C:\Program Files (x86)\softwaremap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098102 _____ () C:\Program Files (x86)\softwaremap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097716 _____ () C:\Program Files (x86)\softwaremap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0099979 _____ () C:\Program Files (x86)\softwaremap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094597 _____ () C:\Program Files (x86)\softwaremap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0001922 _____ () C:\Program Files (x86)\TopBar.gif
2011-08-05 12:56 - 2011-08-05 12:56 - 1530592 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 0645856 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.renderapi.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1288928 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXcontrols.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1752288 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXrender.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0035552 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXsup.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0306400 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneComm.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0018656 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneCommProxyStub.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0021216 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneDTPTDNS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0027872 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneTCP2UDP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0223968 _____ (Microsoft Corporation) C:\Program Files (x86)\Zune.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000659 _____ () C:\Program Files (x86)\Zune.exe.config
2011-08-05 12:53 - 2011-08-05 12:53 - 0121056 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneAACDec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0061664 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCfg.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0056544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneConfig.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 1481440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCore.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0212192 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDB.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1175264 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDBApi.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0072928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDXVA2.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0129248 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEffects.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0038624 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEnc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 2110176 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEncEng.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0376544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEvr.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1184480 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneH264Dec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0218848 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneHost.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0163552 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneLauncher.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000988 _____ () C:\Program Files (x86)\ZuneLogo.gif
2011-08-05 12:53 - 2011-08-05 12:53 - 1096928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMarketplaceResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0879328 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMBR.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1161440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMde.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0707808 _____ (Microsoft Corporation) C:\Program Files (x86)\ZUNEMP4SDECD.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 10061536 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNativeLib.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 8277728 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNss.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0347872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNssci.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0131296 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePresenter.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0020704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0916704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneQP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 3889376 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0155872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSA.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0514272 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSE.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1257184 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneService.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 4020448 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSetup.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0683744 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSH.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0017632 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShare.exe
2011-08-05 12:56 - 2011-08-05 12:56 - 1272544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShell.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0074464 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellExt.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 16921312 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0507104 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0366816 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSrcWrp.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0100064 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneTaskbar.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0467680 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWlanCfgSvc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0863968 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmdu.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0009440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmduResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0152288 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Classic.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157920 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Library.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0196832 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Mobile.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157408 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.ZuneHD.dll
2014-08-28 20:45 - 2014-08-28 20:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-06-20 13:41 - 2014-06-20 13:41 - 0000040 _____ () C:\ProgramData\ra3.ini
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-02 15:19
 
==================== End of log ============================Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by AustinPH (administrator) on AUSTINPH-PC (05-08-2015 22:21:39)
Running from C:\Users\AustinPH\Downloads
Loaded Profiles: AustinPH (Available Profiles: AustinPH)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(CartCrunch Israel Ltd.) C:\ProgramData\PicColor Utility\ColorMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Zune Launcher] => C:\Program Files (x86)\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [14725120 2015-07-11] ()
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3696912 2014-03-04] (Disc Soft Ltd)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [HitsBlender] => "C:\Program Files (x86)\HitsBlender\hitsblender.exe" -s
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [Google Update] => C:\Users\AustinPH\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-04-24] (Google Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\S-1-5-21-2542147359-456179191-873943161-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 16 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B06EFC34-8BDF-492E-B699-12264EAD17CF}: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=3 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=9 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AustinPH\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2015-08-01]
 
Chrome: 
=======
CHR Profile: C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-05]
CHR Extension: (YouTube) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-05]
CHR Extension: (Google Search) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-05]
CHR Extension: (Google Play Music) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-11-18]
CHR Extension: (Google Sheets) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (AdBlock) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [File not signed]
R2 ColorMedia; C:\ProgramData\PicColor Utility\ColorMedia.exe [1406144 2015-01-04] (CartCrunch Israel Ltd.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [282016 2015-07-16] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [87040 2006-05-11] (Hewlett-Packard) [File not signed]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WMZuneComm; C:\Program Files (x86)\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S3 ZuneNetworkSvc; C:\Program Files (x86)\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; C:\Program Files (x86)\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
R1 cmwf; C:\Windows\system32\Drivers\cmwf.sys [33952 2015-01-04] () [File not signed] <==== ATTENTION
R1 cmwr; C:\Windows\system32\Drivers\cmwr.sys [45216 2015-01-04] () [File not signed] <==== ATTENTION
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-07-24] (Disc Soft Ltd)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150731.001\IDSvia64.sys [692984 2015-07-10] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 22:21 - 2015-08-05 22:22 - 00017077 _____ C:\Users\AustinPH\Downloads\FRST.txt
2015-08-05 22:21 - 2015-08-05 22:21 - 02169856 _____ (Farbar) C:\Users\AustinPH\Downloads\FRST64.exe
2015-08-05 22:21 - 2015-08-05 22:21 - 00000000 ____D C:\FRST
2015-08-05 22:03 - 2015-08-05 22:03 - 00000136 _____ C:\Users\AustinPH\Downloads\winsockfix.bat
2015-08-05 21:37 - 2015-08-05 21:37 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup (1).exe
2015-08-05 21:36 - 2015-08-05 21:36 - 00002161 _____ C:\Users\AustinPH\Desktop\JRT.txt
2015-08-05 21:34 - 2015-08-05 21:34 - 01797896 _____ (Malwarebytes Corporation) C:\Users\AustinPH\Downloads\JRT.exe
2015-08-05 21:32 - 2015-08-05 21:32 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup.exe
2015-08-05 21:31 - 2015-08-05 21:31 - 00931408 _____ (Google Inc.) C:\Users\AustinPH\Downloads\ChromeSetup.exe
2015-08-05 20:26 - 2015-08-05 21:24 - 00000000 ____D C:\Program Files\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:28 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:26 - 00000000 ____D C:\Users\AustinPH\AppData\Local\FreeFixer
2015-08-05 20:22 - 2015-08-05 22:21 - 00000000 ____D C:\Users\AustinPH\Desktop\New folder
2015-08-01 17:28 - 2015-08-01 17:29 - 11972384 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.2_setup.exe
2015-07-29 18:33 - 2015-07-29 18:33 - 00001196 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-return-of-the-king_english-117957.zip
2015-07-28 18:16 - 2015-07-28 18:16 - 00003692 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-two-towers_english-117945.zip
2015-07-28 17:23 - 2015-07-25 11:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 17:23 - 2015-07-25 11:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 17:23 - 2015-07-25 11:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 17:23 - 2015-07-25 10:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-24 21:34 - 2015-07-24 21:34 - 00000000 ____D C:\ProgramData\ATI
2015-07-24 21:33 - 2015-07-24 21:33 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201507242133588080.log
2015-07-24 21:33 - 2015-07-24 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-23 18:32 - 2015-07-23 18:32 - 00262144 ____N C:\Windows\Minidump\072315-32994-01.dmp
2015-07-23 17:53 - 2015-07-23 17:53 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2015-07-23 17:15 - 2015-07-23 17:15 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security
2015-07-20 19:34 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 19:34 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:34 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 17:38 - 2015-08-05 21:17 - 00000000 ____D C:\Users\AustinPH\AppData\Local\NPE
2015-07-14 20:35 - 2015-07-14 20:35 - 00012263 _____ C:\Users\AustinPH\Downloads\AI Setting.aip
2015-07-14 20:18 - 2015-07-14 20:18 - 00008118 _____ C:\Users\AustinPH\Downloads\Prime Schedule 2015-06-01 (1).aip
2015-07-14 18:58 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 18:58 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 18:58 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 18:58 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 18:58 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 18:58 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 18:58 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 18:58 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 18:54 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 18:54 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 18:54 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 18:54 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 18:54 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 18:54 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 18:54 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 18:54 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 18:54 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 18:54 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 18:54 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 18:54 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 18:54 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 18:54 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 18:54 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 18:54 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 18:54 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 18:54 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 18:54 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 18:54 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 18:54 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 18:54 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 18:54 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 18:54 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 18:54 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 18:54 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 18:50 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 18:50 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 18:50 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 18:50 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 18:50 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 18:50 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 18:50 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 18:50 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 18:50 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 18:44 - 2015-07-09 10:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 18:44 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 18:44 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 18:44 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 18:44 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 18:44 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 18:44 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 18:44 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 18:34 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 18:34 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-14 18:34 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-11 14:42 - 2015-08-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-07-11 14:38 - 2015-07-11 14:39 - 11854318 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.1_setup.exe
2015-07-10 19:21 - 2015-07-23 17:10 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-10 19:21 - 2015-07-22 18:08 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-10 19:21 - 2015-07-22 18:08 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-10 19:21 - 2015-07-10 19:21 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
2015-07-10 19:17 - 2015-07-10 19:17 - 00000000 ____D C:\Program Files (x86)\Norton Security
2015-07-10 19:12 - 2015-07-10 19:12 - 01110744 _____ (Symantec Corporation) C:\Users\AustinPH\Downloads\NSDownloader.exe
2015-07-10 06:39 - 2015-07-29 18:17 - 00000000 ___HD C:\$Windows.~BT
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-05 21:27 - 2014-01-24 19:05 - 00000000 ____D C:\Users\AustinPH
2015-08-05 21:25 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-05 21:25 - 2014-05-07 22:54 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-05 21:25 - 2014-01-28 19:21 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-05 21:24 - 2015-02-02 18:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-05 21:24 - 2015-01-06 19:47 - 00000000 ____D C:\ProgramData\PicColor Utility
2015-08-05 21:24 - 2014-11-17 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-05 21:24 - 2014-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2015-08-05 21:24 - 2014-09-14 22:22 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Unity
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\qBittorrent
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2015-08-05 21:24 - 2014-04-06 11:12 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Raptr
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banished
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Games
2015-08-05 21:24 - 2014-02-18 00:00 - 00000000 ____D C:\Program Files\UltraDefrag
2015-08-05 21:24 - 2014-02-03 19:15 - 00000000 ____D C:\Program Files\WinRAR
2015-08-05 21:24 - 2014-02-02 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-05 21:24 - 2014-01-24 19:58 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\vlc
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2015-08-05 21:23 - 2014-01-28 21:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-05 21:23 - 2014-01-24 19:46 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Google
2015-08-05 21:23 - 2014-01-24 19:20 - 00000000 ____D C:\ProgramData\Norton
2015-08-05 21:22 - 2014-01-24 19:46 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-05 17:46 - 2010-11-21 00:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieUserList
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieSiteList
2015-08-01 17:39 - 2014-01-24 18:47 - 01276945 _____ C:\Windows\WindowsUpdate.log
2015-08-01 17:25 - 2014-02-02 18:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-01 17:24 - 2014-02-18 18:39 - 00054809 _____ C:\Windows\setupact.log
2015-08-01 17:24 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 22:21 - 2014-02-02 18:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-31 21:46 - 2015-04-24 21:21 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA.job
2015-07-30 17:46 - 2015-04-24 21:21 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core.job
2015-07-29 18:22 - 2014-01-24 18:43 - 00000000 ____D C:\Windows\Panther
2015-07-28 19:17 - 2014-02-08 19:11 - 00000000 ____D C:\Users\AustinPH\Documents\My stuff
2015-07-27 18:52 - 2014-04-06 11:01 - 01491022 _____ C:\Windows\PFRO.log
2015-07-24 21:34 - 2014-11-23 12:48 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-24 21:34 - 2014-02-02 13:06 - 00000000 ____D C:\Program Files\AMD
2015-07-24 21:32 - 2014-04-06 11:10 - 00000000 ____D C:\ProgramData\AMD
2015-07-24 21:26 - 2014-01-28 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 21:24 - 2014-04-06 11:02 - 00000000 ____D C:\AMD
2015-07-23 18:32 - 2014-01-28 23:39 - 00000000 ____D C:\Windows\Minidump
2015-07-21 17:10 - 2009-07-13 21:45 - 00298944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 15:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 17:39 - 2014-02-12 21:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 17:36 - 2015-06-26 17:50 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:34 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 18:16 - 2014-02-02 18:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 18:16 - 2014-02-02 18:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 17:41 - 2015-04-24 21:21 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA
2015-07-15 17:41 - 2015-04-24 21:21 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core
2015-07-15 17:31 - 2014-12-10 19:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 17:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 22:36 - 2014-01-24 23:18 - 00000000 ____D C:\Windows\system32\MRT
2015-07-10 19:41 - 2014-01-24 19:20 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-10 19:12 - 2014-01-24 19:20 - 00000000 ____D C:\Users\Public\Downloads\Norton
 
==================== Files in the root of some directories =======
 
2011-06-06 13:50 - 2011-06-06 13:50 - 0000054 _____ () C:\Program Files (x86)\Arrow.gif
2011-06-06 13:50 - 2011-06-06 13:50 - 0000631 _____ () C:\Program Files (x86)\Background.jpg
2011-08-05 12:31 - 2011-08-05 12:31 - 0182784 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Program Files (x86)\l3codecp.acm
2011-06-21 23:45 - 2011-06-21 23:45 - 9532452 _____ () C:\Program Files (x86)\Meiryoz.ttc
2011-06-06 13:48 - 2011-06-06 13:48 - 0001859 _____ () C:\Program Files (x86)\Microsoft.VC90.CRT.manifest
2007-10-02 14:12 - 2007-10-02 14:12 - 1642568 _____ (Microsoft Corporation) C:\Program Files (x86)\msidcrl40.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0245760 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcm90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0856576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0626688 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr90.dll
2011-06-06 13:50 - 2011-06-06 13:50 - 0122458 _____ () C:\Program Files (x86)\quickplaymap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121358 _____ () C:\Program Files (x86)\quickplaymap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121162 _____ () C:\Program Files (x86)\quickplaymap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122068 _____ () C:\Program Files (x86)\quickplaymap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121489 _____ () C:\Program Files (x86)\quickplaymap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121837 _____ () C:\Program Files (x86)\quickplaymap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122620 _____ () C:\Program Files (x86)\quickplaymap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121952 _____ () C:\Program Files (x86)\quickplaymap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121257 _____ () C:\Program Files (x86)\quickplaymap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121403 _____ () C:\Program Files (x86)\quickplaymap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121834 _____ () C:\Program Files (x86)\quickplaymap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122210 _____ () C:\Program Files (x86)\quickplaymap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121621 _____ () C:\Program Files (x86)\quickplaymap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122060 _____ () C:\Program Files (x86)\quickplaymap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0120995 _____ () C:\Program Files (x86)\quickplaymap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122484 _____ () C:\Program Files (x86)\quickplaymap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122053 _____ () C:\Program Files (x86)\quickplaymap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121155 _____ () C:\Program Files (x86)\quickplaymap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122414 _____ () C:\Program Files (x86)\quickplaymap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122134 _____ () C:\Program Files (x86)\quickplaymap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121635 _____ () C:\Program Files (x86)\quickplaymap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122790 _____ () C:\Program Files (x86)\quickplaymap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121558 _____ () C:\Program Files (x86)\quickplaymap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0251333 _____ () C:\Program Files (x86)\softwaremap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0095912 _____ () C:\Program Files (x86)\softwaremap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096751 _____ () C:\Program Files (x86)\softwaremap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097298 _____ () C:\Program Files (x86)\softwaremap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096323 _____ () C:\Program Files (x86)\softwaremap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097580 _____ () C:\Program Files (x86)\softwaremap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0100499 _____ () C:\Program Files (x86)\softwaremap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097782 _____ () C:\Program Files (x86)\softwaremap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096441 _____ () C:\Program Files (x86)\softwaremap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097435 _____ () C:\Program Files (x86)\softwaremap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096737 _____ () C:\Program Files (x86)\softwaremap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0092713 _____ () C:\Program Files (x86)\softwaremap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098431 _____ () C:\Program Files (x86)\softwaremap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096603 _____ () C:\Program Files (x86)\softwaremap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0093267 _____ () C:\Program Files (x86)\softwaremap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0093248 _____ () C:\Program Files (x86)\softwaremap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096513 _____ () C:\Program Files (x86)\softwaremap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094750 _____ () C:\Program Files (x86)\softwaremap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098663 _____ () C:\Program Files (x86)\softwaremap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098102 _____ () C:\Program Files (x86)\softwaremap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097716 _____ () C:\Program Files (x86)\softwaremap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0099979 _____ () C:\Program Files (x86)\softwaremap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094597 _____ () C:\Program Files (x86)\softwaremap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0001922 _____ () C:\Program Files (x86)\TopBar.gif
2011-08-05 12:56 - 2011-08-05 12:56 - 1530592 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 0645856 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.renderapi.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1288928 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXcontrols.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1752288 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXrender.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0035552 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXsup.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0306400 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneComm.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0018656 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneCommProxyStub.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0021216 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneDTPTDNS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0027872 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneTCP2UDP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0223968 _____ (Microsoft Corporation) C:\Program Files (x86)\Zune.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000659 _____ () C:\Program Files (x86)\Zune.exe.config
2011-08-05 12:53 - 2011-08-05 12:53 - 0121056 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneAACDec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0061664 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCfg.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0056544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneConfig.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 1481440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCore.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0212192 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDB.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1175264 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDBApi.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0072928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDXVA2.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0129248 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEffects.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0038624 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEnc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 2110176 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEncEng.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0376544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEvr.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1184480 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneH264Dec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0218848 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneHost.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0163552 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneLauncher.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000988 _____ () C:\Program Files (x86)\ZuneLogo.gif
2011-08-05 12:53 - 2011-08-05 12:53 - 1096928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMarketplaceResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0879328 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMBR.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1161440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMde.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0707808 _____ (Microsoft Corporation) C:\Program Files (x86)\ZUNEMP4SDECD.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 10061536 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNativeLib.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 8277728 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNss.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0347872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNssci.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0131296 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePresenter.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0020704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0916704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneQP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 3889376 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0155872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSA.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0514272 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSE.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1257184 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneService.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 4020448 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSetup.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0683744 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSH.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0017632 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShare.exe
2011-08-05 12:56 - 2011-08-05 12:56 - 1272544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShell.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0074464 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellExt.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 16921312 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0507104 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0366816 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSrcWrp.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0100064 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneTaskbar.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0467680 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWlanCfgSvc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0863968 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmdu.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0009440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmduResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0152288 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Classic.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157920 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Library.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0196832 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Mobile.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157408 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.ZuneHD.dll
2014-08-28 20:45 - 2014-08-28 20:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-06-20 13:41 - 2014-06-20 13:41 - 0000040 _____ () C:\ProgramData\ra3.ini
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-02 15:19
 
==================== End of log ============================

Attached Files



#3 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 06 August 2015 - 12:34 AM

Admin please delete, I originally got an error message so i re-posted it.



#4 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:27 AM

Posted 06 August 2015 - 02:01 AM

Hi & :welcome: to Bleeping Computer Forums!
My name is Jürgen and I will be assisting you with your Malware related problems. :warrior:

Before we move on, please read the following points carefully: :exclame:

  • My native language isn't English. So please do not use slang or idioms. It could be hard for me to read. Thanks for your understanding.
  • Please read my instructions completely. If there is anything that you do not understand kindly ask before proceeding.
  • Perform everything in the correct order. Sometimes one step requires the previous one.
  • If you have any problems while you are follow my instructions, Stop there and tell me the exact nature of your problem.
  • If you have illegal/cracked software, cracks, keygens, etc. on the system, please remove or uninstall them now!
  • Do not run any other scans without instruction or Add/ Remove Software unless I tell you to do so. This would change the output of our tools and could be confusing for me.
  • Post all Logfiles as a reply rather than as an attachment unless I specifically ask you. If you can not post all logfiles in one reply, feel free to use more posts.
  • If I don't hear from you within 5 days from this initial or any subsequent post, then this thread will be closed.
  • If I don't reply within 24 hours please PM me!
  • Stay with me. I will give you some advice about prevention after the cleanup process. Absence of symptoms does not always mean the computer is clean.

Step 1


Please download TDSStdsskiller.pngiller and save it to your Desktop.

  • Start tdsskiller.exe with administrator privileges.
  • Accept the EULA and the KSN Statement.
  • Click on Change parameters.
  • Make sure that all available options (except "Use KSN to scan objects" and "Loaded modules") are checked and click OK.
  • Click on Start scan.
  • If any threats are found don't delete them but choose the Skip option for all of them.
  • Click on Report to open the log file. (It is also saved at C:\TDSSKiller.<version_date_time>_log.txt).
    Copy and paste its contents in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#5 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 06 August 2015 - 12:31 PM

I am not at my computer currently, ....


Edited by deeprybka, 06 August 2015 - 02:22 PM.
private details has been removed


#6 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:27 AM

Posted 06 August 2015 - 02:22 PM

Please run TDSS-Killer as instructed.


regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#7 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 06 August 2015 - 06:45 PM

16:41:24.0480 0x09dc  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
16:41:29.0024 0x09dc  ============================================================
16:41:29.0024 0x09dc  Current date / time: 2015/08/06 16:41:29.0024
16:41:29.0024 0x09dc  SystemInfo:
16:41:29.0024 0x09dc  
16:41:29.0024 0x09dc  OS Version: 6.1.7601 ServicePack: 1.0
16:41:29.0024 0x09dc  Product type: Workstation
16:41:29.0025 0x09dc  ComputerName: AUSTINPH-PC
16:41:29.0025 0x09dc  UserName: AustinPH
16:41:29.0025 0x09dc  Windows directory: C:\Windows
16:41:29.0025 0x09dc  System windows directory: C:\Windows
16:41:29.0025 0x09dc  Running under WOW64
16:41:29.0025 0x09dc  Processor architecture: Intel x64
16:41:29.0025 0x09dc  Number of processors: 4
16:41:29.0025 0x09dc  Page size: 0x1000
16:41:29.0025 0x09dc  Boot type: Safe boot with network
16:41:29.0025 0x09dc  ============================================================
16:41:31.0530 0x09dc  KLMD registered as C:\Windows\system32\drivers\02801449.sys
16:41:31.0749 0x09dc  System UUID: {2AADA116-F0C3-0EA0-18D4-C15649644A92}
16:41:32.0218 0x09dc  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:32.0218 0x09dc  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:32.0233 0x09dc  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:41:32.0233 0x09dc  ============================================================
16:41:32.0233 0x09dc  \Device\Harddisk0\DR0:
16:41:32.0233 0x09dc  MBR partitions:
16:41:32.0233 0x09dc  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
16:41:32.0233 0x09dc  \Device\Harddisk1\DR1:
16:41:32.0233 0x09dc  GPT partitions:
16:41:32.0233 0x09dc  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {55794DE8-7235-46FC-8E99-E0350947727F}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
16:41:32.0233 0x09dc  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6FAE3ED0-9062-4D52-A257-73A5D9AFB414}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
16:41:32.0233 0x09dc  MBR partitions:
16:41:32.0233 0x09dc  \Device\Harddisk2\DR2:
16:41:32.0233 0x09dc  MBR partitions:
16:41:32.0233 0x09dc  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
16:41:32.0233 0x09dc  ============================================================
16:41:32.0264 0x09dc  C: <-> \Device\Harddisk0\DR0\Partition1
16:41:32.0479 0x09dc  D: <-> \Device\Harddisk1\DR1\Partition2
16:41:32.0479 0x09dc  E: <-> \Device\Harddisk2\DR2\Partition1
16:41:32.0479 0x09dc  ============================================================
16:41:32.0479 0x09dc  Initialize success
16:41:32.0479 0x09dc  ============================================================
16:42:11.0793 0x02c4  ============================================================
16:42:11.0793 0x02c4  Scan started
16:42:11.0793 0x02c4  Mode: Manual; SigCheck; TDLFS; 
16:42:11.0793 0x02c4  ============================================================
16:42:11.0793 0x02c4  KSN ping started
16:42:14.0562 0x02c4  KSN ping finished: true
16:42:15.0590 0x02c4  ================ Scan system memory ========================
16:42:15.0590 0x02c4  System memory - ok
16:42:15.0590 0x02c4  ================ Scan services =============================
16:42:15.0732 0x02c4  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:42:15.0898 0x02c4  1394ohci - ok
16:42:15.0916 0x02c4  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:42:15.0931 0x02c4  ACPI - ok
16:42:15.0963 0x02c4  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:42:16.0063 0x02c4  AcpiPmi - ok
16:42:16.0205 0x02c4  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:42:16.0225 0x02c4  AdobeARMservice - ok
16:42:16.0248 0x02c4  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
16:42:16.0263 0x02c4  adp94xx - ok
16:42:16.0279 0x02c4  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
16:42:16.0310 0x02c4  adpahci - ok
16:42:16.0326 0x02c4  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
16:42:16.0341 0x02c4  adpu320 - ok
16:42:16.0372 0x02c4  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:42:16.0463 0x02c4  AeLookupSvc - ok
16:42:16.0510 0x02c4  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
16:42:16.0615 0x02c4  AFD - ok
16:42:16.0615 0x02c4  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
16:42:16.0631 0x02c4  agp440 - ok
16:42:16.0680 0x02c4  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
16:42:16.0747 0x02c4  ALG - ok
16:42:16.0801 0x02c4  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:42:16.0816 0x02c4  aliide - ok
16:42:16.0847 0x02c4  [ E8E046DB17671161DE74D1BB4E42D4B5, 49E0989DBA83AD0E6343FF85183C272C3DDDFF46A82D4F03C96E1EF84732020B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:42:16.0931 0x02c4  AMD External Events Utility - ok
16:42:17.0031 0x02c4  [ 23B97097BE0DAF1583EFD9B22233CF5A, 629B9377319AEBD4C8AB1E9F186E4BE8C5BFD0E2FF9B6966D6CDED1F80080C4B ] AMD FUEL Service C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
16:42:17.0062 0x02c4  AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
16:42:17.0125 0x02c4  AMD FUEL Service ( UnsignedFile.Multi.Generic ) - warning
16:42:20.0031 0x02c4  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
16:42:20.0047 0x02c4  amdide - ok
16:42:20.0100 0x02c4  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
16:42:20.0147 0x02c4  AmdK8 - ok
16:42:20.0188 0x02c4  amdkmdag - ok
16:42:20.0231 0x02c4  [ D3714915E9DFE9ED65AC8AFA7BC2AC19, 1DCDACE2F6A1237BFA8CEE5ECDE33BD32F8CD94DC8E566174E2A16E092740D37 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:42:20.0312 0x02c4  amdkmdap - ok
16:42:20.0331 0x02c4  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:42:20.0377 0x02c4  AmdPPM - ok
16:42:20.0431 0x02c4  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:42:20.0446 0x02c4  amdsata - ok
16:42:20.0462 0x02c4  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
16:42:20.0486 0x02c4  amdsbs - ok
16:42:20.0531 0x02c4  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:42:20.0547 0x02c4  amdxata - ok
16:42:20.0578 0x02c4  AODDriver4.2.0 - ok
16:42:20.0615 0x02c4  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
16:42:20.0662 0x02c4  AODDriver4.3 - ok
16:42:20.0713 0x02c4  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
16:42:20.0731 0x02c4  AppID - ok
16:42:20.0762 0x02c4  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:42:20.0780 0x02c4  AppIDSvc - ok
16:42:20.0831 0x02c4  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
16:42:20.0915 0x02c4  Appinfo - ok
16:42:20.0930 0x02c4  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
16:42:21.0005 0x02c4  AppMgmt - ok
16:42:21.0015 0x02c4  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
16:42:21.0030 0x02c4  arc - ok
16:42:21.0046 0x02c4  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
16:42:21.0062 0x02c4  arcsas - ok
16:42:21.0162 0x02c4  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
16:42:21.0178 0x02c4  AsIO - ok
16:42:21.0194 0x02c4  [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
16:42:21.0256 0x02c4  asmthub3 - ok
16:42:21.0287 0x02c4  [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
16:42:21.0363 0x02c4  asmtxhci - ok
16:42:21.0462 0x02c4  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
16:42:21.0515 0x02c4  aspnet_state - ok
16:42:21.0547 0x02c4  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:42:21.0662 0x02c4  AsyncMac - ok
16:42:21.0678 0x02c4  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
16:42:21.0697 0x02c4  atapi - ok
16:42:21.0832 0x02c4  [ 4EB5F2611381CB79DDDD627F3F1503CB, 53584998C32B1D2AD6B898CBDBEAC72100B8FAC25B5BCFDA88E0C3588244F335 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:42:21.0863 0x02c4  AtiHDAudioService - ok
16:42:21.0894 0x02c4  [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
16:42:21.0913 0x02c4  AtiPcie - ok
16:42:21.0962 0x02c4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:42:22.0031 0x02c4  AudioEndpointBuilder - ok
16:42:22.0047 0x02c4  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:42:22.0083 0x02c4  AudioSrv - ok
16:42:22.0117 0x02c4  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:42:22.0162 0x02c4  AxInstSV - ok
16:42:22.0246 0x02c4  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
16:42:22.0309 0x02c4  b06bdrv - ok
16:42:22.0324 0x02c4  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:42:22.0371 0x02c4  b57nd60a - ok
16:42:22.0402 0x02c4  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:42:22.0462 0x02c4  BDESVC - ok
16:42:22.0493 0x02c4  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:42:22.0546 0x02c4  Beep - ok
16:42:22.0614 0x02c4  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
16:42:22.0646 0x02c4  BFE - ok
16:42:22.0831 0x02c4  [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64        C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys
16:42:22.0878 0x02c4  BHDrvx64 - ok
16:42:22.0946 0x02c4  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
16:42:23.0194 0x02c4  BITS - ok
16:42:23.0216 0x02c4  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:42:23.0262 0x02c4  blbdrive - ok
16:42:23.0331 0x02c4  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:42:23.0347 0x02c4  Bonjour Service - ok
16:42:23.0378 0x02c4  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:42:23.0446 0x02c4  bowser - ok
16:42:23.0462 0x02c4  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
16:42:23.0514 0x02c4  BrFiltLo - ok
16:42:23.0546 0x02c4  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
16:42:23.0577 0x02c4  BrFiltUp - ok
16:42:23.0616 0x02c4  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
16:42:23.0647 0x02c4  Browser - ok
16:42:23.0694 0x02c4  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:42:23.0715 0x02c4  Brserid - ok
16:42:23.0731 0x02c4  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:42:23.0778 0x02c4  BrSerWdm - ok
16:42:23.0803 0x02c4  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:42:23.0831 0x02c4  BrUsbMdm - ok
16:42:23.0862 0x02c4  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:42:23.0909 0x02c4  BrUsbSer - ok
16:42:23.0947 0x02c4  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
16:42:23.0963 0x02c4  BthEnum - ok
16:42:23.0978 0x02c4  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
16:42:24.0020 0x02c4  BTHMODEM - ok
16:42:24.0051 0x02c4  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:42:24.0107 0x02c4  BthPan - ok
16:42:24.0163 0x02c4  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
16:42:24.0194 0x02c4  BTHPORT - ok
16:42:24.0210 0x02c4  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
16:42:24.0241 0x02c4  bthserv - ok
16:42:24.0256 0x02c4  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
16:42:24.0272 0x02c4  BTHUSB - ok
16:42:24.0378 0x02c4  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NS        C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys
16:42:24.0409 0x02c4  ccSet_NS - ok
16:42:24.0430 0x02c4  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:42:24.0462 0x02c4  cdfs - ok
16:42:24.0501 0x02c4  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
16:42:24.0515 0x02c4  cdrom - ok
16:42:24.0546 0x02c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
16:42:24.0617 0x02c4  CertPropSvc - ok
16:42:24.0647 0x02c4  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
16:42:24.0694 0x02c4  circlass - ok
16:42:24.0731 0x02c4  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
16:42:24.0746 0x02c4  CLFS - ok
16:42:24.0801 0x02c4  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:42:24.0815 0x02c4  clr_optimization_v2.0.50727_32 - ok
16:42:24.0846 0x02c4  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:42:24.0862 0x02c4  clr_optimization_v2.0.50727_64 - ok
16:42:24.0932 0x02c4  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:42:25.0214 0x02c4  clr_optimization_v4.0.30319_32 - ok
16:42:25.0247 0x02c4  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:42:25.0278 0x02c4  clr_optimization_v4.0.30319_64 - ok
16:42:25.0309 0x02c4  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
16:42:25.0325 0x02c4  CmBatt - ok
16:42:25.0340 0x02c4  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:42:25.0356 0x02c4  cmdide - ok
16:42:25.0403 0x02c4  [ 43338F791330F585B4C71FFBCC635FA3, 121247BE70CD9ECBB2841A5FE2143E74C6613E7539A20B4E38758123EEFF93CB ] cmwf            C:\Windows\system32\Drivers\cmwf.sys
16:42:25.0403 0x02c4  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\cmwf.sys. md5: 43338F791330F585B4C71FFBCC635FA3, sha256: 121247BE70CD9ECBB2841A5FE2143E74C6613E7539A20B4E38758123EEFF93CB
16:42:25.0403 0x02c4  cmwf - detected LockedFile.Multi.Generic ( 1 )
16:42:25.0403 0x02c4  cmwf ( LockedFile.Multi.Generic ) - warning
16:42:25.0403 0x02c4  Force sending object to P2P due to detect: cmwf
16:42:28.0514 0x02c4  Object send P2P result: true
16:42:31.0428 0x02c4  [ 66B3F13448EF456B70ED715F454A3037, A28780607053A0F9599A8DA536DD16E984CD238680A97939F1A7882E26472EF5 ] cmwr            C:\Windows\system32\Drivers\cmwr.sys
16:42:31.0429 0x02c4  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\cmwr.sys. md5: 66B3F13448EF456B70ED715F454A3037, sha256: A28780607053A0F9599A8DA536DD16E984CD238680A97939F1A7882E26472EF5
16:42:31.0429 0x02c4  cmwr - detected LockedFile.Multi.Generic ( 1 )
16:42:31.0429 0x02c4  cmwr ( LockedFile.Multi.Generic ) - warning
16:42:31.0429 0x02c4  Force sending object to P2P due to detect: cmwr
16:42:34.0530 0x02c4  Object send P2P result: true
16:42:37.0447 0x02c4  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
16:42:37.0478 0x02c4  CNG - ok
16:42:37.0601 0x02c4  [ B7723EB54E76F3680C5FA7264FE2ECC3, C57B9501FA8FE2E0B000B790DC4C6F24338FF60D04D8A0F7B98D110283EC3340 ] ColorMedia      C:\ProgramData\PicColor Utility\ColorMedia.exe
16:42:37.0630 0x02c4  ColorMedia - ok
16:42:37.0645 0x02c4  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
16:42:37.0661 0x02c4  Compbatt - ok
16:42:37.0701 0x02c4  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
16:42:37.0753 0x02c4  CompositeBus - ok
16:42:37.0768 0x02c4  COMSysApp - ok
16:42:37.0784 0x02c4  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
16:42:37.0799 0x02c4  crcdisk - ok
16:42:37.0847 0x02c4  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:42:37.0912 0x02c4  CryptSvc - ok
16:42:37.0946 0x02c4  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
16:42:37.0978 0x02c4  CSC - ok
16:42:38.0014 0x02c4  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
16:42:38.0061 0x02c4  CscService - ok
16:42:38.0115 0x02c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:42:38.0178 0x02c4  DcomLaunch - ok
16:42:38.0229 0x02c4  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
16:42:38.0262 0x02c4  defragsvc - ok
16:42:38.0278 0x02c4  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:42:38.0311 0x02c4  DfsC - ok
16:42:38.0346 0x02c4  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
16:42:38.0361 0x02c4  dg_ssudbus - ok
16:42:38.0398 0x02c4  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:42:38.0462 0x02c4  Dhcp - ok
16:42:38.0545 0x02c4  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
16:42:38.0630 0x02c4  DiagTrack - ok
16:42:38.0646 0x02c4  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
16:42:38.0716 0x02c4  discache - ok
16:42:38.0747 0x02c4  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
16:42:38.0762 0x02c4  Disk - ok
16:42:38.0806 0x02c4  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
16:42:38.0861 0x02c4  dmvsc - ok
16:42:38.0931 0x02c4  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:42:38.0962 0x02c4  Dnscache - ok
16:42:39.0030 0x02c4  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:42:39.0107 0x02c4  dot3svc - ok
16:42:39.0130 0x02c4  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
16:42:39.0161 0x02c4  DPS - ok
16:42:39.0193 0x02c4  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:42:39.0255 0x02c4  drmkaud - ok
16:42:39.0302 0x02c4  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:42:39.0347 0x02c4  DXGKrnl - ok
16:42:39.0378 0x02c4  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
16:42:39.0446 0x02c4  EapHost - ok
16:42:39.0561 0x02c4  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
16:42:39.0662 0x02c4  ebdrv - ok
16:42:39.0770 0x02c4  [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
16:42:39.0801 0x02c4  eeCtrl - ok
16:42:39.0831 0x02c4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
16:42:39.0891 0x02c4  EFS - ok
16:42:39.0947 0x02c4  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:42:40.0009 0x02c4  ehRecvr - ok
16:42:40.0061 0x02c4  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
16:42:40.0114 0x02c4  ehSched - ok
16:42:40.0161 0x02c4  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
16:42:40.0202 0x02c4  elxstor - ok
16:42:40.0246 0x02c4  [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
16:42:40.0262 0x02c4  EraserUtilRebootDrv - ok
16:42:40.0309 0x02c4  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:42:40.0358 0x02c4  ErrDev - ok
16:42:40.0411 0x02c4  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
16:42:40.0454 0x02c4  EventSystem - ok
16:42:40.0470 0x02c4  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
16:42:40.0508 0x02c4  exfat - ok
16:42:40.0549 0x02c4  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:42:40.0625 0x02c4  fastfat - ok
16:42:40.0685 0x02c4  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
16:42:40.0740 0x02c4  Fax - ok
16:42:40.0755 0x02c4  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
16:42:40.0794 0x02c4  fdc - ok
16:42:40.0817 0x02c4  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
16:42:40.0875 0x02c4  fdPHost - ok
16:42:40.0897 0x02c4  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:42:40.0930 0x02c4  FDResPub - ok
16:42:40.0937 0x02c4  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:42:40.0953 0x02c4  FileInfo - ok
16:42:40.0968 0x02c4  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:42:41.0023 0x02c4  Filetrace - ok
16:42:41.0047 0x02c4  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
16:42:41.0086 0x02c4  flpydisk - ok
16:42:41.0121 0x02c4  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:42:41.0142 0x02c4  FltMgr - ok
16:42:41.0193 0x02c4  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
16:42:41.0289 0x02c4  FontCache - ok
16:42:41.0329 0x02c4  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:42:41.0344 0x02c4  FontCache3.0.0.0 - ok
16:42:41.0355 0x02c4  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:42:41.0371 0x02c4  FsDepends - ok
16:42:41.0395 0x02c4  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:42:41.0410 0x02c4  Fs_Rec - ok
16:42:41.0437 0x02c4  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:42:41.0460 0x02c4  fvevol - ok
16:42:41.0478 0x02c4  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
16:42:41.0494 0x02c4  gagp30kx - ok
16:42:41.0527 0x02c4  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
16:42:41.0578 0x02c4  gpsvc - ok
16:42:41.0643 0x02c4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:41.0659 0x02c4  gupdate - ok
16:42:41.0676 0x02c4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:42:41.0691 0x02c4  gupdatem - ok
16:42:41.0750 0x02c4  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
16:42:41.0768 0x02c4  gusvc - ok
16:42:41.0781 0x02c4  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:42:41.0847 0x02c4  hcw85cir - ok
16:42:41.0887 0x02c4  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:42:41.0930 0x02c4  HdAudAddService - ok
16:42:41.0961 0x02c4  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
16:42:42.0019 0x02c4  HDAudBus - ok
16:42:42.0031 0x02c4  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
16:42:42.0085 0x02c4  HidBatt - ok
16:42:42.0112 0x02c4  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
16:42:42.0132 0x02c4  HidBth - ok
16:42:42.0143 0x02c4  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
16:42:42.0188 0x02c4  HidIr - ok
16:42:42.0210 0x02c4  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
16:42:42.0267 0x02c4  hidserv - ok
16:42:42.0313 0x02c4  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:42:42.0337 0x02c4  HidUsb - ok
16:42:42.0355 0x02c4  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:42:42.0388 0x02c4  hkmsvc - ok
16:42:42.0410 0x02c4  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:42:42.0477 0x02c4  HomeGroupListener - ok
16:42:42.0493 0x02c4  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:42:42.0546 0x02c4  HomeGroupProvider - ok
16:42:42.0577 0x02c4  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:42:42.0593 0x02c4  HpSAMD - ok
16:42:42.0662 0x02c4  [ 595F362A7C2F64304EFC77C72E7B9F84, 9C68F14DDC738212C839038CA0909C8D124ABB93C202EAE124872203BB3AD4BF ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
16:42:42.0678 0x02c4  HPSupportSolutionsFrameworkService - ok
16:42:42.0738 0x02c4  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:42:42.0781 0x02c4  HTTP - ok
16:42:42.0796 0x02c4  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:42:42.0811 0x02c4  hwpolicy - ok
16:42:42.0834 0x02c4  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:42:42.0853 0x02c4  i8042prt - ok
16:42:42.0895 0x02c4  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:42:42.0920 0x02c4  iaStorV - ok
16:42:42.0992 0x02c4  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:42:43.0027 0x02c4  idsvc - ok
16:42:43.0126 0x02c4  [ 19F52CF90BB4D05B5265773CA7011E4C, BA28BAEE9D64859775C6DF56E407104D1463BD1374CF3F6AA414AB85946ED1F5 ] IDSVia64        C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150731.001\IDSvia64.sys
16:42:43.0157 0x02c4  IDSVia64 - ok
16:42:43.0157 0x02c4  IEEtwCollectorService - ok
16:42:43.0173 0x02c4  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
16:42:43.0189 0x02c4  iirsp - ok
16:42:43.0238 0x02c4  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
16:42:43.0294 0x02c4  IKEEXT - ok
16:42:43.0325 0x02c4  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
16:42:43.0340 0x02c4  intelide - ok
16:42:43.0372 0x02c4  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
16:42:43.0422 0x02c4  intelppm - ok
16:42:43.0462 0x02c4  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:42:43.0521 0x02c4  IPBusEnum - ok
16:42:43.0537 0x02c4  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:42:43.0599 0x02c4  IpFilterDriver - ok
16:42:43.0647 0x02c4  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:42:43.0720 0x02c4  iphlpsvc - ok
16:42:43.0733 0x02c4  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:42:43.0780 0x02c4  IPMIDRV - ok
16:42:43.0807 0x02c4  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:42:43.0830 0x02c4  IPNAT - ok
16:42:43.0846 0x02c4  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:42:43.0877 0x02c4  IRENUM - ok
16:42:43.0877 0x02c4  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:42:43.0893 0x02c4  isapnp - ok
16:42:43.0914 0x02c4  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:42:43.0946 0x02c4  iScsiPrt - ok
16:42:43.0977 0x02c4  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
16:42:43.0996 0x02c4  kbdclass - ok
16:42:44.0014 0x02c4  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
16:42:44.0030 0x02c4  kbdhid - ok
16:42:44.0046 0x02c4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
16:42:44.0061 0x02c4  KeyIso - ok
16:42:44.0089 0x02c4  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:42:44.0105 0x02c4  KSecDD - ok
16:42:44.0116 0x02c4  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:42:44.0130 0x02c4  KSecPkg - ok
16:42:44.0145 0x02c4  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:42:44.0209 0x02c4  ksthunk - ok
16:42:44.0245 0x02c4  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:42:44.0314 0x02c4  KtmRm - ok
16:42:44.0361 0x02c4  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:42:44.0422 0x02c4  LanmanServer - ok
16:42:44.0461 0x02c4  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:42:44.0493 0x02c4  LanmanWorkstation - ok
16:42:44.0514 0x02c4  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:42:44.0557 0x02c4  lltdio - ok
16:42:44.0586 0x02c4  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:42:44.0642 0x02c4  lltdsvc - ok
16:42:44.0642 0x02c4  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:42:44.0673 0x02c4  lmhosts - ok
16:42:44.0720 0x02c4  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
16:42:44.0730 0x02c4  LSI_FC - ok
16:42:44.0730 0x02c4  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
16:42:44.0746 0x02c4  LSI_SAS - ok
16:42:44.0761 0x02c4  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
16:42:44.0777 0x02c4  LSI_SAS2 - ok
16:42:44.0810 0x02c4  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
16:42:44.0814 0x02c4  LSI_SCSI - ok
16:42:44.0845 0x02c4  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
16:42:44.0909 0x02c4  luafv - ok
16:42:44.0930 0x02c4  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:42:44.0945 0x02c4  Mcx2Svc - ok
16:42:44.0961 0x02c4  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
16:42:44.0982 0x02c4  megasas - ok
16:42:45.0010 0x02c4  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
16:42:45.0030 0x02c4  MegaSR - ok
16:42:45.0030 0x02c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
16:42:45.0077 0x02c4  MMCSS - ok
16:42:45.0077 0x02c4  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
16:42:45.0130 0x02c4  Modem - ok
16:42:45.0161 0x02c4  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:42:45.0177 0x02c4  monitor - ok
16:42:45.0192 0x02c4  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:42:45.0208 0x02c4  mouclass - ok
16:42:45.0224 0x02c4  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:42:45.0270 0x02c4  mouhid - ok
16:42:45.0325 0x02c4  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:42:45.0330 0x02c4  mountmgr - ok
16:42:45.0346 0x02c4  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:42:45.0377 0x02c4  mpio - ok
16:42:45.0414 0x02c4  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:42:45.0445 0x02c4  mpsdrv - ok
16:42:45.0477 0x02c4  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:42:45.0545 0x02c4  MpsSvc - ok
16:42:45.0591 0x02c4  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:42:45.0621 0x02c4  MRxDAV - ok
16:42:45.0646 0x02c4  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:42:45.0715 0x02c4  mrxsmb - ok
16:42:45.0730 0x02c4  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:42:45.0745 0x02c4  mrxsmb10 - ok
16:42:45.0761 0x02c4  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:42:45.0776 0x02c4  mrxsmb20 - ok
16:42:45.0815 0x02c4  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:42:45.0830 0x02c4  msahci - ok
16:42:45.0846 0x02c4  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:42:45.0877 0x02c4  msdsm - ok
16:42:45.0914 0x02c4  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
16:42:45.0930 0x02c4  MSDTC - ok
16:42:45.0961 0x02c4  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:42:46.0014 0x02c4  Msfs - ok
16:42:46.0030 0x02c4  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:42:46.0095 0x02c4  mshidkmdf - ok
16:42:46.0123 0x02c4  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:42:46.0131 0x02c4  msisadrv - ok
16:42:46.0162 0x02c4  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:42:46.0209 0x02c4  MSiSCSI - ok
16:42:46.0212 0x02c4  msiserver - ok
16:42:46.0230 0x02c4  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:42:46.0274 0x02c4  MSKSSRV - ok
16:42:46.0276 0x02c4  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:42:46.0308 0x02c4  MSPCLOCK - ok
16:42:46.0311 0x02c4  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:42:46.0364 0x02c4  MSPQM - ok
16:42:46.0396 0x02c4  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:42:46.0420 0x02c4  MsRPC - ok
16:42:46.0435 0x02c4  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
16:42:46.0450 0x02c4  mssmbios - ok
16:42:46.0463 0x02c4  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:42:46.0514 0x02c4  MSTEE - ok
16:42:46.0514 0x02c4  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
16:42:46.0530 0x02c4  MTConfig - ok
16:42:46.0580 0x02c4  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
16:42:46.0593 0x02c4  MTsensor - ok
16:42:46.0630 0x02c4  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
16:42:46.0645 0x02c4  Mup - ok
16:42:46.0702 0x02c4  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
16:42:46.0762 0x02c4  napagent - ok
16:42:46.0815 0x02c4  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:42:46.0861 0x02c4  NativeWifiP - ok
16:42:46.0949 0x02c4  [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG          C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\ENG64.SYS
16:42:46.0967 0x02c4  NAVENG - ok
16:42:47.0037 0x02c4  [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15         C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\EX64.SYS
16:42:47.0101 0x02c4  NAVEX15 - ok
16:42:47.0161 0x02c4  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:42:47.0197 0x02c4  NDIS - ok
16:42:47.0238 0x02c4  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:42:47.0295 0x02c4  NdisCap - ok
16:42:47.0315 0x02c4  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:42:47.0346 0x02c4  NdisTapi - ok
16:42:47.0385 0x02c4  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:42:47.0435 0x02c4  Ndisuio - ok
16:42:47.0466 0x02c4  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:42:47.0528 0x02c4  NdisWan - ok
16:42:47.0546 0x02c4  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:42:47.0610 0x02c4  NDProxy - ok
16:42:47.0630 0x02c4  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:42:47.0661 0x02c4  NetBIOS - ok
16:42:47.0677 0x02c4  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:42:47.0746 0x02c4  NetBT - ok
16:42:47.0762 0x02c4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
16:42:47.0777 0x02c4  Netlogon - ok
16:42:47.0830 0x02c4  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
16:42:47.0861 0x02c4  Netman - ok
16:42:47.0893 0x02c4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:47.0945 0x02c4  NetMsmqActivator - ok
16:42:47.0961 0x02c4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:47.0977 0x02c4  NetPipeActivator - ok
16:42:47.0992 0x02c4  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
16:42:48.0045 0x02c4  netprofm - ok
16:42:48.0045 0x02c4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:48.0077 0x02c4  NetTcpActivator - ok
16:42:48.0082 0x02c4  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
16:42:48.0100 0x02c4  NetTcpPortSharing - ok
16:42:48.0130 0x02c4  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
16:42:48.0131 0x02c4  nfrd960 - ok
16:42:48.0177 0x02c4  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:42:48.0210 0x02c4  NlaSvc - ok
16:42:48.0225 0x02c4  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:42:48.0272 0x02c4  Npfs - ok
16:42:48.0446 0x02c4  [ 0A7FFDECBA6CA836A67AC584FA648919, 07DBCFF6CC0E67679E5ABCF41BDD3736131B0C84DAF3A4E628C0ADB083D252C5 ] NS              C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe
16:42:48.0477 0x02c4  NS - ok
16:42:48.0498 0x02c4  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
16:42:48.0546 0x02c4  nsi - ok
16:42:48.0577 0x02c4  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:42:48.0630 0x02c4  nsiproxy - ok
16:42:48.0710 0x02c4  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:42:48.0761 0x02c4  Ntfs - ok
16:42:48.0777 0x02c4  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
16:42:48.0830 0x02c4  Null - ok
16:42:49.0146 0x02c4  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
16:42:49.0430 0x02c4  nvlddmkm - ok
16:42:49.0461 0x02c4  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:42:49.0477 0x02c4  nvraid - ok
16:42:49.0514 0x02c4  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:42:49.0530 0x02c4  nvstor - ok
16:42:49.0545 0x02c4  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:42:49.0561 0x02c4  nv_agp - ok
16:42:49.0577 0x02c4  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:42:49.0595 0x02c4  ohci1394 - ok
16:42:49.0614 0x02c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:42:49.0698 0x02c4  p2pimsvc - ok
16:42:49.0724 0x02c4  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
16:42:49.0752 0x02c4  p2psvc - ok
16:42:49.0790 0x02c4  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:42:49.0809 0x02c4  Parport - ok
16:42:49.0827 0x02c4  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:42:49.0844 0x02c4  partmgr - ok
16:42:49.0872 0x02c4  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:42:49.0945 0x02c4  PcaSvc - ok
16:42:49.0959 0x02c4  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
16:42:49.0977 0x02c4  pci - ok
16:42:50.0000 0x02c4  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
16:42:50.0015 0x02c4  pciide - ok
16:42:50.0032 0x02c4  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
16:42:50.0052 0x02c4  pcmcia - ok
16:42:50.0067 0x02c4  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:42:50.0083 0x02c4  pcw - ok
16:42:50.0127 0x02c4  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:42:50.0159 0x02c4  PEAUTH - ok
16:42:50.0220 0x02c4  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
16:42:50.0269 0x02c4  PeerDistSvc - ok
16:42:50.0325 0x02c4  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:42:50.0495 0x02c4  PerfHost - ok
16:42:50.0572 0x02c4  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
16:42:50.0636 0x02c4  pla - ok
16:42:50.0678 0x02c4  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:42:50.0730 0x02c4  PlugPlay - ok
16:42:50.0777 0x02c4  [ 403F8D707515A6AAE46CCC5DBFE8408C, 82CCE0D2010F0A2B45084C371EE62805C53E93596AA21CE35D7BCBDC9874D265 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
16:42:50.0813 0x02c4  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
16:42:50.0813 0x02c4  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
16:42:50.0813 0x02c4  Force sending object to P2P due to detect: Pml Driver HPZ12
16:42:53.0913 0x02c4  Object send P2P result: true
16:42:56.0813 0x02c4  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:42:56.0828 0x02c4  PNRPAutoReg - ok
16:42:56.0844 0x02c4  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:42:56.0875 0x02c4  PNRPsvc - ok
16:42:56.0913 0x02c4  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:42:56.0960 0x02c4  PolicyAgent - ok
16:42:56.0993 0x02c4  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
16:42:57.0044 0x02c4  Power - ok
16:42:57.0101 0x02c4  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:42:57.0128 0x02c4  PptpMiniport - ok
16:42:57.0144 0x02c4  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
16:42:57.0160 0x02c4  Processor - ok
16:42:57.0208 0x02c4  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:42:57.0271 0x02c4  ProfSvc - ok
16:42:57.0286 0x02c4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
16:42:57.0318 0x02c4  ProtectedStorage - ok
16:42:57.0329 0x02c4  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:42:57.0393 0x02c4  Psched - ok
16:42:57.0460 0x02c4  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
16:42:57.0511 0x02c4  ql2300 - ok
16:42:57.0514 0x02c4  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
16:42:57.0529 0x02c4  ql40xx - ok
16:42:57.0560 0x02c4  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
16:42:57.0576 0x02c4  QWAVE - ok
16:42:57.0601 0x02c4  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:42:57.0614 0x02c4  QWAVEdrv - ok
16:42:57.0629 0x02c4  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:42:57.0695 0x02c4  RasAcd - ok
16:42:57.0714 0x02c4  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:42:57.0773 0x02c4  RasAgileVpn - ok
16:42:57.0803 0x02c4  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
16:42:57.0845 0x02c4  RasAuto - ok
16:42:57.0876 0x02c4  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:42:57.0913 0x02c4  Rasl2tp - ok
16:42:57.0929 0x02c4  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
16:42:57.0975 0x02c4  RasMan - ok
16:42:58.0001 0x02c4  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:42:58.0044 0x02c4  RasPppoe - ok
16:42:58.0075 0x02c4  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:42:58.0113 0x02c4  RasSstp - ok
16:42:58.0129 0x02c4  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:42:58.0160 0x02c4  rdbss - ok
16:42:58.0175 0x02c4  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:42:58.0204 0x02c4  rdpbus - ok
16:42:58.0211 0x02c4  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:42:58.0260 0x02c4  RDPCDD - ok
16:42:58.0292 0x02c4  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
16:42:58.0308 0x02c4  RDPDR - ok
16:42:58.0339 0x02c4  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:42:58.0370 0x02c4  RDPENCDD - ok
16:42:58.0370 0x02c4  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:42:58.0430 0x02c4  RDPREFMP - ok
16:42:58.0492 0x02c4  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
16:42:58.0544 0x02c4  RdpVideoMiniport - ok
16:42:58.0575 0x02c4  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:42:58.0613 0x02c4  RDPWD - ok
16:42:58.0628 0x02c4  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:42:58.0644 0x02c4  rdyboost - ok
16:42:58.0696 0x02c4  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:42:58.0729 0x02c4  RemoteAccess - ok
16:42:58.0744 0x02c4  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:42:58.0781 0x02c4  RemoteRegistry - ok
16:42:58.0814 0x02c4  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:42:58.0845 0x02c4  RFCOMM - ok
16:42:58.0860 0x02c4  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:42:58.0929 0x02c4  RpcEptMapper - ok
16:42:58.0961 0x02c4  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
16:42:58.0977 0x02c4  RpcLocator - ok
16:42:58.0999 0x02c4  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
16:42:59.0029 0x02c4  RpcSs - ok
16:42:59.0045 0x02c4  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:42:59.0108 0x02c4  rspndr - ok
16:42:59.0161 0x02c4  [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
16:42:59.0200 0x02c4  RTL8167 - ok
16:42:59.0213 0x02c4  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
16:42:59.0244 0x02c4  s3cap - ok
16:42:59.0284 0x02c4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
16:42:59.0300 0x02c4  SamSs - ok
16:42:59.0314 0x02c4  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:42:59.0329 0x02c4  sbp2port - ok
16:42:59.0360 0x02c4  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:42:59.0430 0x02c4  SCardSvr - ok
16:42:59.0446 0x02c4  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:42:59.0477 0x02c4  scfilter - ok
16:42:59.0529 0x02c4  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
16:42:59.0616 0x02c4  Schedule - ok
16:42:59.0645 0x02c4  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:42:59.0677 0x02c4  SCPolicySvc - ok
16:42:59.0694 0x02c4  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:42:59.0713 0x02c4  SDRSVC - ok
16:42:59.0729 0x02c4  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:42:59.0760 0x02c4  secdrv - ok
16:42:59.0784 0x02c4  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
16:42:59.0816 0x02c4  seclogon - ok
16:42:59.0831 0x02c4  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
16:42:59.0862 0x02c4  SENS - ok
16:42:59.0878 0x02c4  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:42:59.0904 0x02c4  SensrSvc - ok
16:42:59.0928 0x02c4  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:42:59.0971 0x02c4  Serenum - ok
16:42:59.0997 0x02c4  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:43:00.0036 0x02c4  Serial - ok
16:43:00.0059 0x02c4  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
16:43:00.0076 0x02c4  sermouse - ok
16:43:00.0095 0x02c4  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
16:43:00.0126 0x02c4  SessionEnv - ok
16:43:00.0126 0x02c4  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:43:00.0173 0x02c4  sffdisk - ok
16:43:00.0204 0x02c4  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:43:00.0220 0x02c4  sffp_mmc - ok
16:43:00.0236 0x02c4  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:43:00.0251 0x02c4  sffp_sd - ok
16:43:00.0251 0x02c4  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
16:43:00.0298 0x02c4  sfloppy - ok
16:43:00.0346 0x02c4  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:43:00.0399 0x02c4  SharedAccess - ok
16:43:00.0432 0x02c4  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:43:00.0462 0x02c4  ShellHWDetection - ok
16:43:00.0477 0x02c4  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
16:43:00.0493 0x02c4  SiSRaid2 - ok
16:43:00.0514 0x02c4  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
16:43:00.0530 0x02c4  SiSRaid4 - ok
16:43:00.0530 0x02c4  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:43:00.0561 0x02c4  Smb - ok
16:43:00.0577 0x02c4  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:43:00.0592 0x02c4  SNMPTRAP - ok
16:43:00.0613 0x02c4  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:43:00.0629 0x02c4  spldr - ok
16:43:00.0660 0x02c4  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
16:43:00.0744 0x02c4  Spooler - ok
16:43:00.0845 0x02c4  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
16:43:00.0961 0x02c4  sppsvc - ok
16:43:00.0977 0x02c4  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:43:01.0012 0x02c4  sppuinotify - ok
16:43:01.0114 0x02c4  [ 3361466E3C5353CAB7E978C236FADF3B, DEF6FD4EB35C4CA9E67843A324FF1A8D6A064CBC76FD3392E70BBAF85D9421BA ] SRTSP           C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS
16:43:01.0145 0x02c4  SRTSP - ok
16:43:01.0160 0x02c4  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS
16:43:01.0184 0x02c4  SRTSPX - ok
16:43:01.0214 0x02c4  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:43:01.0277 0x02c4  srv - ok
16:43:01.0309 0x02c4  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:43:01.0356 0x02c4  srv2 - ok
16:43:01.0387 0x02c4  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:43:01.0438 0x02c4  srvnet - ok
16:43:01.0485 0x02c4  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:43:01.0546 0x02c4  SSDPSRV - ok
16:43:01.0562 0x02c4  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:43:01.0611 0x02c4  SstpSvc - ok
16:43:01.0707 0x02c4  [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
16:43:01.0729 0x02c4  Steam Client Service - ok
16:43:01.0760 0x02c4  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
16:43:01.0781 0x02c4  stexstor - ok
16:43:01.0893 0x02c4  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
16:43:01.0913 0x02c4  StillCam - ok
16:43:01.0976 0x02c4  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
16:43:02.0010 0x02c4  stisvc - ok
16:43:02.0029 0x02c4  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
16:43:02.0031 0x02c4  storflt - ok
16:43:02.0062 0x02c4  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
16:43:02.0077 0x02c4  storvsc - ok
16:43:02.0105 0x02c4  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
16:43:02.0113 0x02c4  swenum - ok
16:43:02.0129 0x02c4  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
16:43:02.0175 0x02c4  swprv - ok
16:43:02.0329 0x02c4  [ C9EC22D5B3C6B32A7C8B4A73870A7379, BA530C64FDE63D9A4023BB9E667497D5248B2910BC1A214B592318CC64034735 ] SymEFASI        C:\Windows\system32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS
16:43:02.0385 0x02c4  SymEFASI - ok
16:43:02.0430 0x02c4  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
16:43:02.0445 0x02c4  SymEvent - ok
16:43:02.0512 0x02c4  [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON         C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS
16:43:02.0529 0x02c4  SymIRON - ok
16:43:02.0560 0x02c4  [ 5EA70535B2A6504278E14943867B1B39, 53F191DE2F1F692983BD9068DCF0A851111B7A08FCEDFE871FA0594B0C46FCB7 ] SymNetS         C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS
16:43:02.0595 0x02c4  SymNetS - ok
16:43:02.0607 0x02c4  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
16:43:02.0614 0x02c4  Synth3dVsc - ok
16:43:02.0681 0x02c4  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
16:43:02.0761 0x02c4  SysMain - ok
16:43:02.0806 0x02c4  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:43:02.0828 0x02c4  TabletInputService - ok
16:43:02.0862 0x02c4  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:43:02.0925 0x02c4  TapiSrv - ok
16:43:02.0944 0x02c4  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
16:43:03.0007 0x02c4  TBS - ok
16:43:03.0094 0x02c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:43:03.0144 0x02c4  Tcpip - ok
16:43:03.0206 0x02c4  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:43:03.0253 0x02c4  TCPIP6 - ok
16:43:03.0284 0x02c4  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:43:03.0328 0x02c4  tcpipreg - ok
16:43:03.0362 0x02c4  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:43:03.0377 0x02c4  TDPIPE - ok
16:43:03.0414 0x02c4  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:43:03.0429 0x02c4  TDTCP - ok
16:43:03.0460 0x02c4  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:43:03.0493 0x02c4  tdx - ok
16:43:03.0497 0x02c4  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
16:43:03.0512 0x02c4  TermDD - ok
16:43:03.0532 0x02c4  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
16:43:03.0579 0x02c4  terminpt - ok
16:43:03.0630 0x02c4  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
16:43:03.0709 0x02c4  TermService - ok
16:43:03.0714 0x02c4  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
16:43:03.0730 0x02c4  Themes - ok
16:43:03.0761 0x02c4  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
16:43:03.0799 0x02c4  THREADORDER - ok
16:43:03.0810 0x02c4  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
16:43:03.0860 0x02c4  TrkWks - ok
16:43:03.0929 0x02c4  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:43:03.0989 0x02c4  TrustedInstaller - ok
16:43:04.0022 0x02c4  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:43:04.0039 0x02c4  tssecsrv - ok
16:43:04.0057 0x02c4  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:43:04.0082 0x02c4  TsUsbFlt - ok
16:43:04.0092 0x02c4  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
16:43:04.0110 0x02c4  TsUsbGD - ok
16:43:04.0134 0x02c4  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
16:43:04.0199 0x02c4  tsusbhub - ok
16:43:04.0228 0x02c4  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:43:04.0261 0x02c4  tunnel - ok
16:43:04.0279 0x02c4  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
16:43:04.0294 0x02c4  uagp35 - ok
16:43:04.0341 0x02c4  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:43:04.0372 0x02c4  udfs - ok
16:43:04.0404 0x02c4  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:43:04.0423 0x02c4  UI0Detect - ok
16:43:04.0430 0x02c4  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:43:04.0445 0x02c4  uliagpkx - ok
16:43:04.0477 0x02c4  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
16:43:04.0513 0x02c4  umbus - ok
16:43:04.0544 0x02c4  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
16:43:04.0589 0x02c4  UmPass - ok
16:43:04.0636 0x02c4  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
16:43:04.0658 0x02c4  UmRdpService - ok
16:43:04.0679 0x02c4  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
16:43:04.0719 0x02c4  upnphost - ok
16:43:04.0748 0x02c4  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:43:04.0777 0x02c4  usbccgp - ok
16:43:04.0809 0x02c4  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:43:04.0834 0x02c4  usbcir - ok
16:43:04.0853 0x02c4  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
16:43:04.0870 0x02c4  usbehci - ok
16:43:04.0901 0x02c4  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:43:04.0925 0x02c4  usbhub - ok
16:43:04.0947 0x02c4  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
16:43:04.0964 0x02c4  usbohci - ok
16:43:04.0982 0x02c4  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
16:43:05.0001 0x02c4  usbprint - ok
16:43:05.0014 0x02c4  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:43:05.0045 0x02c4  USBSTOR - ok
16:43:05.0061 0x02c4  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:43:05.0092 0x02c4  usbuhci - ok
16:43:05.0096 0x02c4  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
16:43:05.0146 0x02c4  UxSms - ok
16:43:05.0177 0x02c4  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
16:43:05.0198 0x02c4  VaultSvc - ok
16:43:05.0204 0x02c4  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:43:05.0214 0x02c4  vdrvroot - ok
16:43:05.0245 0x02c4  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
16:43:05.0291 0x02c4  vds - ok
16:43:05.0300 0x02c4  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:43:05.0319 0x02c4  vga - ok
16:43:05.0330 0x02c4  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:43:05.0377 0x02c4  VgaSave - ok
16:43:05.0393 0x02c4  VGPU - ok
16:43:05.0429 0x02c4  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:43:05.0445 0x02c4  vhdmp - ok
16:43:05.0529 0x02c4  [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
16:43:05.0596 0x02c4  VIAHdAudAddService - ok
16:43:05.0625 0x02c4  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:43:05.0630 0x02c4  viaide - ok
16:43:05.0677 0x02c4  [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
16:43:05.0703 0x02c4  VIAKaraokeService - ok
16:43:05.0757 0x02c4  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
16:43:05.0778 0x02c4  vmbus - ok
16:43:05.0797 0x02c4  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
16:43:05.0814 0x02c4  VMBusHID - ok
16:43:05.0829 0x02c4  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:43:05.0845 0x02c4  volmgr - ok
16:43:05.0860 0x02c4  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:43:05.0884 0x02c4  volmgrx - ok
16:43:05.0904 0x02c4  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:43:05.0925 0x02c4  volsnap - ok
16:43:05.0938 0x02c4  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
16:43:05.0947 0x02c4  vsmraid - ok
16:43:05.0993 0x02c4  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
16:43:06.0074 0x02c4  VSS - ok
16:43:06.0091 0x02c4  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
16:43:06.0110 0x02c4  vwifibus - ok
16:43:06.0131 0x02c4  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
16:43:06.0173 0x02c4  W32Time - ok
16:43:06.0185 0x02c4  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
16:43:06.0222 0x02c4  WacomPen - ok
16:43:06.0261 0x02c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:43:06.0313 0x02c4  WANARP - ok
16:43:06.0326 0x02c4  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:43:06.0357 0x02c4  Wanarpv6 - ok
16:43:06.0430 0x02c4  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:43:06.0474 0x02c4  WatAdminSvc - ok
16:43:06.0526 0x02c4  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
16:43:06.0614 0x02c4  wbengine - ok
16:43:06.0646 0x02c4  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:43:06.0671 0x02c4  WbioSrvc - ok
16:43:06.0688 0x02c4  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:43:06.0717 0x02c4  wcncsvc - ok
16:43:06.0727 0x02c4  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:43:06.0746 0x02c4  WcsPlugInService - ok
16:43:06.0761 0x02c4  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
16:43:06.0777 0x02c4  Wd - ok
16:43:06.0813 0x02c4  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:43:06.0845 0x02c4  Wdf01000 - ok
16:43:06.0860 0x02c4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:43:06.0899 0x02c4  WdiServiceHost - ok
16:43:06.0903 0x02c4  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:43:06.0921 0x02c4  WdiSystemHost - ok
16:43:06.0929 0x02c4  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
16:43:06.0960 0x02c4  WebClient - ok
16:43:06.0976 0x02c4  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:43:07.0013 0x02c4  Wecsvc - ok
16:43:07.0044 0x02c4  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:43:07.0104 0x02c4  wercplsupport - ok
16:43:07.0144 0x02c4  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:43:07.0180 0x02c4  WerSvc - ok
16:43:07.0201 0x02c4  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:43:07.0229 0x02c4  WfpLwf - ok
16:43:07.0229 0x02c4  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:43:07.0245 0x02c4  WIMMount - ok
16:43:07.0276 0x02c4  WinDefend - ok
16:43:07.0276 0x02c4  WinHttpAutoProxySvc - ok
16:43:07.0324 0x02c4  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:43:07.0355 0x02c4  Winmgmt - ok
16:43:07.0420 0x02c4  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys
16:43:07.0429 0x02c4  WinRing0_1_2_0 - ok
16:43:07.0512 0x02c4  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
16:43:07.0613 0x02c4  WinRM - ok
16:43:07.0660 0x02c4  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
16:43:07.0681 0x02c4  WinUsb - ok
16:43:07.0722 0x02c4  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:43:07.0776 0x02c4  Wlansvc - ok
16:43:07.0776 0x02c4  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
16:43:07.0813 0x02c4  WmiAcpi - ok
16:43:07.0844 0x02c4  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:43:07.0875 0x02c4  wmiApSrv - ok
16:43:07.0898 0x02c4  WMPNetworkSvc - ok
16:43:07.0944 0x02c4  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files (x86)\WMZuneComm.exe
16:43:07.0987 0x02c4  WMZuneComm - ok
16:43:07.0997 0x02c4  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:43:08.0019 0x02c4  WPCSvc - ok
16:43:08.0029 0x02c4  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:43:08.0060 0x02c4  WPDBusEnum - ok
16:43:08.0076 0x02c4  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:43:08.0113 0x02c4  ws2ifsl - ok
16:43:08.0113 0x02c4  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
16:43:08.0144 0x02c4  wscsvc - ok
16:43:08.0144 0x02c4  WSearch - ok
16:43:08.0229 0x02c4  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:43:08.0322 0x02c4  wuauserv - ok
16:43:08.0330 0x02c4  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:43:08.0392 0x02c4  WudfPf - ok
16:43:08.0429 0x02c4  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
16:43:08.0493 0x02c4  WUDFRd - ok
16:43:08.0529 0x02c4  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:43:08.0545 0x02c4  wudfsvc - ok
16:43:08.0583 0x02c4  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:43:08.0729 0x02c4  WwanSvc - ok
16:43:08.0976 0x02c4  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files (x86)\ZuneNss.exe
16:43:09.0191 0x02c4  ZuneNetworkSvc - ok
16:43:09.0238 0x02c4  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files (x86)\ZuneWlanCfgSvc.exe
16:43:09.0269 0x02c4  ZuneWlanCfgSvc - ok
16:43:09.0285 0x02c4  ================ Scan global ===============================
16:43:09.0320 0x02c4  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
16:43:09.0345 0x02c4  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:43:09.0360 0x02c4  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
16:43:09.0392 0x02c4  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
16:43:09.0429 0x02c4  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
16:43:09.0429 0x02c4  [ Global ] - ok
16:43:09.0429 0x02c4  ================ Scan MBR ==================================
16:43:09.0444 0x02c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
16:43:09.0829 0x02c4  \Device\Harddisk0\DR0 - ok
16:43:09.0829 0x02c4  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
16:43:10.0113 0x02c4  \Device\Harddisk1\DR1 - ok
16:43:10.0113 0x02c4  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
16:43:10.0177 0x02c4  \Device\Harddisk2\DR2 - ok
16:43:10.0178 0x02c4  ================ Scan VBR ==================================
16:43:10.0179 0x02c4  [ 0732CFEEEFEFA5D386F8137383DCC3C7 ] \Device\Harddisk0\DR0\Partition1
16:43:10.0229 0x02c4  \Device\Harddisk0\DR0\Partition1 - ok
16:43:10.0229 0x02c4  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
16:43:10.0229 0x02c4  \Device\Harddisk1\DR1\Partition1 - ok
16:43:10.0245 0x02c4  [ 312E029F78E2E11ED9AE52F11C38B63A ] \Device\Harddisk1\DR1\Partition2
16:43:10.0308 0x02c4  \Device\Harddisk1\DR1\Partition2 - ok
16:43:10.0324 0x02c4  [ 4CA322E0F43A0DA16E9556AA7E0ECB01 ] \Device\Harddisk2\DR2\Partition1
16:43:10.0355 0x02c4  \Device\Harddisk2\DR2\Partition1 - ok
16:43:10.0355 0x02c4  ================ Scan generic autorun ======================
16:43:10.0386 0x02c4  [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C, 6C6B186A2FC1DFD800041B160A7D71F5F1B3C70D62C7696B8DA89148A8D87D47 ] C:\Program Files (x86)\ZuneLauncher.exe
16:43:10.0402 0x02c4  Zune Launcher - ok
16:43:10.0573 0x02c4  [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
16:43:10.0691 0x02c4  HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
16:43:10.0691 0x02c4  HDAudDeck ( UnsignedFile.Multi.Generic ) - warning
16:43:13.0703 0x02c4  [ D9F25B1C673DEEF18A45AD2080DC9A5E, 76C4E520099F0CF3556158B6C154B68E4F954D4CA6A1851FB08979207F482200 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
16:43:13.0736 0x02c4  StartCCC - ok
16:43:13.0840 0x02c4  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
16:43:13.0927 0x02c4  HP Software Update - ok
16:43:13.0989 0x02c4  [ 299EDE8BBC229B7FA0BC0369BAE8CA2E, 788C06C7EDDDC0687A4137BDA00D320146425768960066FCBE0391BE7DBC2280 ] C:\Program Files (x86)\Raptr\raptrstub.exe
16:43:14.0023 0x02c4  Raptr - ok
16:43:14.0076 0x02c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:43:14.0176 0x02c4  Sidebar - ok
16:43:14.0205 0x02c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:43:14.0214 0x02c4  mctadmin - ok
16:43:14.0245 0x02c4  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
16:43:14.0289 0x02c4  Sidebar - ok
16:43:14.0292 0x02c4  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
16:43:14.0314 0x02c4  mctadmin - ok
16:43:14.0729 0x02c4  [ F87B252E8222E63899C8E95839B4AA04, 1B37290A77218E658878071821E7D3EBCA8202A9A5657CDA00AACC91C9E455C2 ] C:\Program Files (x86)\qBittorrent\qbittorrent.exe
16:43:15.0094 0x02c4  qBittorrent - detected UnsignedFile.Multi.Generic ( 1 )
16:43:15.0095 0x02c4  qBittorrent ( UnsignedFile.Multi.Generic ) - warning
16:43:15.0095 0x02c4  Force sending object to P2P due to detect: C:\Program Files (x86)\qBittorrent\qbittorrent.exe
16:43:18.0328 0x02c4  Object send P2P result: true
16:43:21.0206 0x02c4  HitsBlender - ok
16:43:21.0319 0x02c4  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\AustinPH\AppData\Local\Google\Update\GoogleUpdate.exe
16:43:21.0329 0x02c4  Google Update - ok
16:43:21.0543 0x02c4  AV detected via SS2: Norton Security, C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
16:43:21.0559 0x02c4  FW detected via SS2: Norton Security, C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
16:43:24.0443 0x02c4  ============================================================
16:43:24.0443 0x02c4  Scan finished
16:43:24.0443 0x02c4  ============================================================
16:43:24.0443 0x0ad0  Detected object count: 6
16:43:24.0443 0x0ad0  Actual detected object count: 6
16:43:59.0058 0x0ad0  AMD FUEL Service ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:59.0058 0x0ad0  AMD FUEL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:43:59.0058 0x0ad0  cmwf ( LockedFile.Multi.Generic ) - skipped by user
16:43:59.0058 0x0ad0  cmwf ( LockedFile.Multi.Generic ) - User select action: Skip 
16:43:59.0058 0x0ad0  cmwr ( LockedFile.Multi.Generic ) - skipped by user
16:43:59.0058 0x0ad0  cmwr ( LockedFile.Multi.Generic ) - User select action: Skip 
16:43:59.0058 0x0ad0  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:59.0058 0x0ad0  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:43:59.0074 0x0ad0  HDAudDeck ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:59.0074 0x0ad0  HDAudDeck ( UnsignedFile.Multi.Generic ) - User select action: Skip 
16:43:59.0074 0x0ad0  qBittorrent ( UnsignedFile.Multi.Generic ) - skipped by user
16:43:59.0074 0x0ad0  qBittorrent ( UnsignedFile.Multi.Generic ) - User select action: Skip 


#8 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:27 AM

Posted 07 August 2015 - 02:51 AM

Hi there,
 
Step 1

Start TDSStdsskiller.pngiller.exe again with administrator privileges.

  • Set the parameters like in the first scan and click on Start scan.
  • This time select for the "threats": 
    cmwf ( LockedFile.Multi.Generic )
    cmwr ( LockedFile.Multi.Generic )
    (and only for that!) the option Cure (or Delete).
  • Click on Continue and allow the reboot.
  • Copy and paste the log file (C:\TDSSKiller.<version_date_time>_log.txt) of this run in your next reply.

After Reboot:

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.

  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#9 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 07 August 2015 - 07:04 PM

17:01:01.0170 0x0a18  TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
17:01:04.0728 0x0a18  ============================================================
17:01:04.0728 0x0a18  Current date / time: 2015/08/07 17:01:04.0728
17:01:04.0728 0x0a18  SystemInfo:
17:01:04.0728 0x0a18  
17:01:04.0728 0x0a18  OS Version: 6.1.7601 ServicePack: 1.0
17:01:04.0728 0x0a18  Product type: Workstation
17:01:04.0728 0x0a18  ComputerName: AUSTINPH-PC
17:01:04.0728 0x0a18  UserName: AustinPH
17:01:04.0728 0x0a18  Windows directory: C:\Windows
17:01:04.0728 0x0a18  System windows directory: C:\Windows
17:01:04.0728 0x0a18  Running under WOW64
17:01:04.0728 0x0a18  Processor architecture: Intel x64
17:01:04.0728 0x0a18  Number of processors: 4
17:01:04.0728 0x0a18  Page size: 0x1000
17:01:04.0728 0x0a18  Boot type: Safe boot with network
17:01:04.0728 0x0a18  ============================================================
17:01:07.0372 0x0a18  KLMD registered as C:\Windows\system32\drivers\53625674.sys
17:01:07.0595 0x0a18  System UUID: {2AADA116-F0C3-0EA0-18D4-C15649644A92}
17:01:08.0013 0x0a18  Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:01:08.0013 0x0a18  Drive \Device\Harddisk1\DR1 - Size: 0x2BAA1476000 ( 2794.52 Gb ), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:01:08.0013 0x0a18  Drive \Device\Harddisk2\DR2 - Size: 0xE8E0CADE00 ( 931.51 Gb ), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:01:08.0029 0x0a18  ============================================================
17:01:08.0029 0x0a18  \Device\Harddisk0\DR0:
17:01:08.0029 0x0a18  MBR partitions:
17:01:08.0029 0x0a18  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705800
17:01:08.0029 0x0a18  \Device\Harddisk1\DR1:
17:01:08.0029 0x0a18  GPT partitions:
17:01:08.0029 0x0a18  \Device\Harddisk1\DR1\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {55794DE8-7235-46FC-8E99-E0350947727F}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
17:01:08.0029 0x0a18  \Device\Harddisk1\DR1\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6FAE3ED0-9062-4D52-A257-73A5D9AFB414}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C9800
17:01:08.0029 0x0a18  MBR partitions:
17:01:08.0029 0x0a18  \Device\Harddisk2\DR2:
17:01:08.0029 0x0a18  MBR partitions:
17:01:08.0029 0x0a18  \Device\Harddisk2\DR2\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x74705000
17:01:08.0029 0x0a18  ============================================================
17:01:08.0045 0x0a18  C: <-> \Device\Harddisk0\DR0\Partition1
17:01:08.0263 0x0a18  D: <-> \Device\Harddisk1\DR1\Partition2
17:01:08.0279 0x0a18  E: <-> \Device\Harddisk2\DR2\Partition1
17:01:08.0279 0x0a18  ============================================================
17:01:08.0279 0x0a18  Initialize success
17:01:08.0279 0x0a18  ============================================================
17:01:48.0098 0x0a04  ============================================================
17:01:48.0098 0x0a04  Scan started
17:01:48.0098 0x0a04  Mode: Manual; SigCheck; TDLFS; 
17:01:48.0098 0x0a04  ============================================================
17:01:48.0098 0x0a04  KSN ping started
17:01:50.0984 0x0a04  KSN ping finished: true
17:01:52.0069 0x0a04  ================ Scan system memory ========================
17:01:52.0069 0x0a04  System memory - ok
17:01:52.0069 0x0a04  ================ Scan services =============================
17:01:52.0211 0x0a04  [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
17:01:52.0423 0x0a04  1394ohci - ok
17:01:52.0459 0x0a04  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
17:01:52.0483 0x0a04  ACPI - ok
17:01:52.0512 0x0a04  [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
17:01:52.0611 0x0a04  AcpiPmi - ok
17:01:52.0734 0x0a04  [ 013697369EAFFA675D0671607F036020, 65611C775AC4681E46A6565E5A7A4FF3363C66EBDC98C4C58AFB365D40BE23B6 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
17:01:52.0750 0x0a04  AdobeARMservice - ok
17:01:52.0765 0x0a04  [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\Windows\system32\drivers\adp94xx.sys
17:01:52.0805 0x0a04  adp94xx - ok
17:01:52.0819 0x0a04  [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\Windows\system32\drivers\adpahci.sys
17:01:52.0834 0x0a04  adpahci - ok
17:01:52.0850 0x0a04  [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\Windows\system32\drivers\adpu320.sys
17:01:52.0865 0x0a04  adpu320 - ok
17:01:52.0909 0x0a04  [ 83BFCCAC53795E8A5055A93672D0C46C, B2B03473D950A5BA9DE59D81E7B14C1FAFF17B2A4D8A5808588F5CC21D63B291 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
17:01:52.0992 0x0a04  AeLookupSvc - ok
17:01:53.0039 0x0a04  [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\Windows\system32\drivers\afd.sys
17:01:53.0144 0x0a04  AFD - ok
17:01:53.0154 0x0a04  [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\Windows\system32\drivers\agp440.sys
17:01:53.0170 0x0a04  agp440 - ok
17:01:53.0208 0x0a04  [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\Windows\System32\alg.exe
17:01:53.0280 0x0a04  ALG - ok
17:01:53.0305 0x0a04  [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\Windows\system32\drivers\aliide.sys
17:01:53.0320 0x0a04  aliide - ok
17:01:53.0351 0x0a04  [ E8E046DB17671161DE74D1BB4E42D4B5, 49E0989DBA83AD0E6343FF85183C272C3DDDFF46A82D4F03C96E1EF84732020B ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
17:01:53.0434 0x0a04  AMD External Events Utility - ok
17:01:53.0534 0x0a04  [ 23B97097BE0DAF1583EFD9B22233CF5A, 629B9377319AEBD4C8AB1E9F186E4BE8C5BFD0E2FF9B6966D6CDED1F80080C4B ] AMD FUEL Service C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe
17:01:53.0566 0x0a04  AMD FUEL Service - detected UnsignedFile.Multi.Generic ( 1 )
17:01:53.0634 0x0a04  AMD FUEL Service ( UnsignedFile.Multi.Generic ) - warning
17:01:53.0634 0x0a04  Force sending object to P2P due to detect: AMD FUEL Service
17:01:56.0741 0x0a04  Object send P2P result: true
17:01:59.0702 0x0a04  [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\Windows\system32\drivers\amdide.sys
17:01:59.0717 0x0a04  amdide - ok
17:01:59.0739 0x0a04  [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\Windows\system32\drivers\amdk8.sys
17:01:59.0781 0x0a04  AmdK8 - ok
17:01:59.0819 0x0a04  amdkmdag - ok
17:01:59.0873 0x0a04  [ D3714915E9DFE9ED65AC8AFA7BC2AC19, 1DCDACE2F6A1237BFA8CEE5ECDE33BD32F8CD94DC8E566174E2A16E092740D37 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
17:01:59.0945 0x0a04  amdkmdap - ok
17:01:59.0974 0x0a04  [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
17:02:00.0018 0x0a04  AmdPPM - ok
17:02:00.0055 0x0a04  [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
17:02:00.0072 0x0a04  amdsata - ok
17:02:00.0082 0x0a04  [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\Windows\system32\drivers\amdsbs.sys
17:02:00.0101 0x0a04  amdsbs - ok
17:02:00.0127 0x0a04  [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\Windows\system32\drivers\amdxata.sys
17:02:00.0142 0x0a04  amdxata - ok
17:02:00.0178 0x0a04  AODDriver4.2.0 - ok
17:02:00.0218 0x0a04  [ C3D487827E48CC5EC17994FEC5BDFF87, 5FCEA3EEA583755D0C9F6005ED3032E9DFECB57F504DC67701AE7D2D2631C30E ] AODDriver4.3    C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys
17:02:00.0249 0x0a04  AODDriver4.3 - ok
17:02:00.0296 0x0a04  [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\Windows\system32\drivers\appid.sys
17:02:00.0327 0x0a04  AppID - ok
17:02:00.0358 0x0a04  [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
17:02:00.0374 0x0a04  AppIDSvc - ok
17:02:00.0389 0x0a04  [ 978DC0A1FBE9CC91B21B40AF66CB396A, 90BAFF81D98F5AFD743D8BD65F716666A7A7BD2DA612492E03C79B29E9A0F8C2 ] Appinfo         C:\Windows\System32\appinfo.dll
17:02:00.0420 0x0a04  Appinfo - ok
17:02:00.0452 0x0a04  [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt         C:\Windows\System32\appmgmts.dll
17:02:00.0518 0x0a04  AppMgmt - ok
17:02:00.0533 0x0a04  [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\Windows\system32\drivers\arc.sys
17:02:00.0549 0x0a04  arc - ok
17:02:00.0549 0x0a04  [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\Windows\system32\drivers\arcsas.sys
17:02:00.0580 0x0a04  arcsas - ok
17:02:00.0674 0x0a04  [ FEF9DD9EA587F8886ADE43C1BEFBDAFE, DDE6F28B3F7F2ABBEE59D4864435108791631E9CB4CDFB1F178E5AA9859956D8 ] AsIO            C:\Windows\syswow64\drivers\AsIO.sys
17:02:00.0689 0x0a04  AsIO - ok
17:02:00.0705 0x0a04  [ 22842362DF890F5492F85AA60916A697, EC01380B1C9BF4CFBA018FC314563F0785280172A2A9B51D50F088E7101951EF ] asmthub3        C:\Windows\system32\DRIVERS\asmthub3.sys
17:02:00.0767 0x0a04  asmthub3 - ok
17:02:00.0799 0x0a04  [ 08E2D77766CC05E75A0707207D9FC684, 6CF3B12B2B3375B715A3EBC66EF148CEA2248D448A3A37875B7B1BC7CDA40FDD ] asmtxhci        C:\Windows\system32\DRIVERS\asmtxhci.sys
17:02:00.0877 0x0a04  asmtxhci - ok
17:02:00.0989 0x0a04  [ F15AB80B867D3332D5DDFB0A05B9CE04, 5A16577106246AB5DCC04FE0A0B00B7C5702557B75F958721E4C00383AB99809 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
17:02:01.0042 0x0a04  aspnet_state - ok
17:02:01.0067 0x0a04  [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
17:02:01.0200 0x0a04  AsyncMac - ok
17:02:01.0215 0x0a04  [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\Windows\system32\drivers\atapi.sys
17:02:01.0230 0x0a04  atapi - ok
17:02:01.0275 0x0a04  [ 4EB5F2611381CB79DDDD627F3F1503CB, 53584998C32B1D2AD6B898CBDBEAC72100B8FAC25B5BCFDA88E0C3588244F335 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
17:02:01.0329 0x0a04  AtiHDAudioService - ok
17:02:01.0364 0x0a04  [ C07A040D6B5A42DD41EE386CF90974C8, 8D47815F99C79B795504C3172B5FBBDBA6AFACC004B17AA3954A06BE713FACAE ] AtiPcie         C:\Windows\system32\DRIVERS\AtiPcie.sys
17:02:01.0379 0x0a04  AtiPcie - ok
17:02:01.0434 0x0a04  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:02:01.0501 0x0a04  AudioEndpointBuilder - ok
17:02:01.0533 0x0a04  [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\Windows\System32\Audiosrv.dll
17:02:01.0564 0x0a04  AudioSrv - ok
17:02:01.0595 0x0a04  [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\Windows\System32\AxInstSV.dll
17:02:01.0673 0x0a04  AxInstSV - ok
17:02:01.0735 0x0a04  [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\Windows\system32\drivers\bxvbda.sys
17:02:01.0782 0x0a04  b06bdrv - ok
17:02:01.0798 0x0a04  [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
17:02:01.0845 0x0a04  b57nd60a - ok
17:02:01.0876 0x0a04  [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\Windows\System32\bdesvc.dll
17:02:01.0938 0x0a04  BDESVC - ok
17:02:01.0954 0x0a04  [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\Windows\system32\drivers\Beep.sys
17:02:02.0016 0x0a04  Beep - ok
17:02:02.0079 0x0a04  [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\Windows\System32\bfe.dll
17:02:02.0110 0x0a04  BFE - ok
17:02:02.0301 0x0a04  [ 3E2882C7D02E34D5528BDDECD8CEF930, 39AEB34BD5BFD0BE6C8D0E37D5D5912B76B87A442C2AD91AC3E5F709D73C809C ] BHDrvx64        C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys
17:02:02.0348 0x0a04  BHDrvx64 - ok
17:02:02.0395 0x0a04  [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\Windows\System32\qmgr.dll
17:02:02.0644 0x0a04  BITS - ok
17:02:02.0676 0x0a04  [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
17:02:02.0722 0x0a04  blbdrive - ok
17:02:02.0785 0x0a04  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:02:02.0800 0x0a04  Bonjour Service - ok
17:02:02.0847 0x0a04  [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
17:02:02.0910 0x0a04  bowser - ok
17:02:02.0910 0x0a04  [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\Windows\system32\drivers\BrFiltLo.sys
17:02:02.0956 0x0a04  BrFiltLo - ok
17:02:02.0992 0x0a04  [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\Windows\system32\drivers\BrFiltUp.sys
17:02:03.0023 0x0a04  BrFiltUp - ok
17:02:03.0054 0x0a04  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\Windows\System32\browser.dll
17:02:03.0085 0x0a04  Browser - ok
17:02:03.0101 0x0a04  [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
17:02:03.0132 0x0a04  Brserid - ok
17:02:03.0148 0x0a04  [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
17:02:03.0179 0x0a04  BrSerWdm - ok
17:02:03.0226 0x0a04  [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
17:02:03.0257 0x0a04  BrUsbMdm - ok
17:02:03.0288 0x0a04  [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
17:02:03.0319 0x0a04  BrUsbSer - ok
17:02:03.0366 0x0a04  [ CF98190A94F62E405C8CB255018B2315, E1B2540023C4FE9FD588E4B6AE6347DFA565EB3898F21E5360882BF3E8B5E781 ] BthEnum         C:\Windows\system32\DRIVERS\BthEnum.sys
17:02:03.0382 0x0a04  BthEnum - ok
17:02:03.0397 0x0a04  [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\Windows\system32\drivers\bthmodem.sys
17:02:03.0444 0x0a04  BTHMODEM - ok
17:02:03.0475 0x0a04  [ 02DD601B708DD0667E1331FA8518E9FF, 7DE6CC4DBB621CD03B01D9CE6CF66EAFE31D39030A391562CD0E278E1D70ADE1 ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
17:02:03.0522 0x0a04  BthPan - ok
17:02:03.0584 0x0a04  [ 738D0E9272F59EB7A1449C3EC118E6C4, FE3D32C2A5E4DC21376A0F89C0B2EE024ECF1A3FB99213CC9BBC986ADF7AF080 ] BTHPORT         C:\Windows\system32\Drivers\BTHport.sys
17:02:03.0616 0x0a04  BTHPORT - ok
17:02:03.0647 0x0a04  [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\Windows\system32\bthserv.dll
17:02:03.0678 0x0a04  bthserv - ok
17:02:03.0694 0x0a04  [ F188B7394D81010767B6DF3178519A37, 576304E92FD94908F093A6AB5F4D328F25829BE32EC3CA0D29EBFDF5DE83539B ] BTHUSB          C:\Windows\system32\Drivers\BTHUSB.sys
17:02:03.0709 0x0a04  BTHUSB - ok
17:02:03.0821 0x0a04  [ 5A1C7DBDDB001BC6F1D1720E655445E2, 07A766C804D0709936FF18A2F67C49D6499BEF9CEEB1EF69F654A35268A11027 ] ccSet_NS        C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys
17:02:03.0841 0x0a04  ccSet_NS - ok
17:02:03.0852 0x0a04  [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
17:02:03.0883 0x0a04  cdfs - ok
17:02:03.0930 0x0a04  [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
17:02:03.0945 0x0a04  cdrom - ok
17:02:03.0977 0x0a04  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\Windows\System32\certprop.dll
17:02:04.0039 0x0a04  CertPropSvc - ok
17:02:04.0101 0x0a04  [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\Windows\system32\drivers\circlass.sys
17:02:04.0133 0x0a04  circlass - ok
17:02:04.0179 0x0a04  [ 404B7DF9CA4D1CB675045AF220FF3285, 91FFADE2ABE5C48849E63134D5FFD20671FE0D1720F7D486F904391B3D142C96 ] CLFS            C:\Windows\system32\CLFS.sys
17:02:04.0195 0x0a04  CLFS - ok
17:02:04.0242 0x0a04  [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:02:04.0257 0x0a04  clr_optimization_v2.0.50727_32 - ok
17:02:04.0290 0x0a04  [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:02:04.0305 0x0a04  clr_optimization_v2.0.50727_64 - ok
17:02:04.0383 0x0a04  [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:02:04.0648 0x0a04  clr_optimization_v4.0.30319_32 - ok
17:02:04.0695 0x0a04  [ 9ACBE5EC13C2CC95833BFB7636CA8B1A, 6224DA9FB335D2A8374C60B8DEA539DD3A0E43230DB888B137B71A56EC57D6AF ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:02:04.0726 0x0a04  clr_optimization_v4.0.30319_64 - ok
17:02:04.0758 0x0a04  [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\Windows\system32\drivers\CmBatt.sys
17:02:04.0773 0x0a04  CmBatt - ok
17:02:04.0789 0x0a04  [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\Windows\system32\drivers\cmdide.sys
17:02:04.0804 0x0a04  cmdide - ok
17:02:04.0851 0x0a04  [ 43338F791330F585B4C71FFBCC635FA3, 121247BE70CD9ECBB2841A5FE2143E74C6613E7539A20B4E38758123EEFF93CB ] cmwf            C:\Windows\system32\Drivers\cmwf.sys
17:02:04.0851 0x0a04  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\cmwf.sys. md5: 43338F791330F585B4C71FFBCC635FA3, sha256: 121247BE70CD9ECBB2841A5FE2143E74C6613E7539A20B4E38758123EEFF93CB
17:02:04.0851 0x0a04  cmwf - detected LockedFile.Multi.Generic ( 1 )
17:02:04.0851 0x0a04  cmwf ( LockedFile.Multi.Generic ) - warning
17:02:04.0851 0x0a04  Force sending object to P2P due to detect: cmwf
17:02:07.0967 0x0a04  Object send P2P result: true
17:02:10.0877 0x0a04  [ 66B3F13448EF456B70ED715F454A3037, A28780607053A0F9599A8DA536DD16E984CD238680A97939F1A7882E26472EF5 ] cmwr            C:\Windows\system32\Drivers\cmwr.sys
17:02:10.0877 0x0a04  Suspicious file ( NoAccess ): C:\Windows\system32\Drivers\cmwr.sys. md5: 66B3F13448EF456B70ED715F454A3037, sha256: A28780607053A0F9599A8DA536DD16E984CD238680A97939F1A7882E26472EF5
17:02:10.0878 0x0a04  cmwr - detected LockedFile.Multi.Generic ( 1 )
17:02:10.0878 0x0a04  cmwr ( LockedFile.Multi.Generic ) - warning
17:02:10.0878 0x0a04  Force sending object to P2P due to detect: cmwr
17:02:15.0727 0x0a04  Object send P2P result: true
17:02:18.0665 0x0a04  [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\Windows\system32\Drivers\cng.sys
17:02:18.0696 0x0a04  CNG - ok
17:02:18.0806 0x0a04  [ B7723EB54E76F3680C5FA7264FE2ECC3, C57B9501FA8FE2E0B000B790DC4C6F24338FF60D04D8A0F7B98D110283EC3340 ] ColorMedia      C:\ProgramData\PicColor Utility\ColorMedia.exe
17:02:18.0852 0x0a04  ColorMedia - ok
17:02:18.0962 0x0a04  [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\Windows\system32\drivers\compbatt.sys
17:02:18.0977 0x0a04  Compbatt - ok
17:02:19.0011 0x0a04  [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\Windows\system32\DRIVERS\CompositeBus.sys
17:02:19.0058 0x0a04  CompositeBus - ok
17:02:19.0074 0x0a04  COMSysApp - ok
17:02:19.0089 0x0a04  [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\Windows\system32\drivers\crcdisk.sys
17:02:19.0105 0x0a04  crcdisk - ok
17:02:19.0136 0x0a04  [ 7BC3E861F7E8EB543A630090FAE779E0, 52A538F25C853AAC9706CD0D4EBF80B1963391AA175895CFD9D44C8ABBFCFB74 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
17:02:19.0199 0x0a04  CryptSvc - ok
17:02:19.0245 0x0a04  [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC             C:\Windows\system32\drivers\csc.sys
17:02:19.0277 0x0a04  CSC - ok
17:02:19.0308 0x0a04  [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService      C:\Windows\System32\cscsvc.dll
17:02:19.0370 0x0a04  CscService - ok
17:02:19.0415 0x0a04  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\Windows\system32\rpcss.dll
17:02:19.0486 0x0a04  DcomLaunch - ok
17:02:19.0536 0x0a04  [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\Windows\System32\defragsvc.dll
17:02:19.0575 0x0a04  defragsvc - ok
17:02:19.0594 0x0a04  [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
17:02:19.0628 0x0a04  DfsC - ok
17:02:19.0665 0x0a04  [ 73BDD44A6088916964945886F9025409, 8E2ECC9AAEF3C6EBA2E61D25F657FDFCC72AB517CC4FD5FFF992E1F9EB942662 ] dg_ssudbus      C:\Windows\system32\DRIVERS\ssudbus.sys
17:02:19.0683 0x0a04  dg_ssudbus - ok
17:02:19.0722 0x0a04  [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\Windows\system32\dhcpcore.dll
17:02:19.0790 0x0a04  Dhcp - ok
17:02:19.0869 0x0a04  [ AA5319FA8602676B5D3A2B4A1355896D, 57532E16FF0DDE3D62B6B6DC35E2598DD453140E9277247965A1E835645E588A ] DiagTrack       C:\Windows\system32\diagtrack.dll
17:02:19.0948 0x0a04  DiagTrack - ok
17:02:19.0980 0x0a04  [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\Windows\system32\drivers\discache.sys
17:02:20.0040 0x0a04  discache - ok
17:02:20.0079 0x0a04  [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\Windows\system32\drivers\disk.sys
17:02:20.0095 0x0a04  Disk - ok
17:02:20.0113 0x0a04  [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc           C:\Windows\system32\drivers\dmvsc.sys
17:02:20.0183 0x0a04  dmvsc - ok
17:02:20.0213 0x0a04  [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
17:02:20.0265 0x0a04  Dnscache - ok
17:02:20.0300 0x0a04  [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\Windows\System32\dot3svc.dll
17:02:20.0364 0x0a04  dot3svc - ok
17:02:20.0393 0x0a04  [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\Windows\system32\dps.dll
17:02:20.0418 0x0a04  DPS - ok
17:02:20.0465 0x0a04  [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
17:02:20.0527 0x0a04  drmkaud - ok
17:02:20.0574 0x0a04  [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
17:02:20.0605 0x0a04  DXGKrnl - ok
17:02:20.0636 0x0a04  [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\Windows\System32\eapsvc.dll
17:02:20.0683 0x0a04  EapHost - ok
17:02:20.0808 0x0a04  [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\Windows\system32\drivers\evbda.sys
17:02:20.0925 0x0a04  ebdrv - ok
17:02:21.0030 0x0a04  [ 93EA893A8C2C561648A559E48C723412, 14F9AD8BCF423BC40F7B3D2D7BC0F795CD3C54800C854873BD170ADF2A735B64 ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
17:02:21.0051 0x0a04  eeCtrl - ok
17:02:21.0083 0x0a04  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] EFS             C:\Windows\System32\lsass.exe
17:02:21.0129 0x0a04  EFS - ok
17:02:21.0192 0x0a04  [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
17:02:21.0239 0x0a04  ehRecvr - ok
17:02:21.0239 0x0a04  [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\Windows\ehome\ehsched.exe
17:02:21.0285 0x0a04  ehSched - ok
17:02:21.0332 0x0a04  [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\Windows\system32\drivers\elxstor.sys
17:02:21.0348 0x0a04  elxstor - ok
17:02:21.0410 0x0a04  [ 8400C9E33B68C556BF63AEF490EB145C, A840DF1A27C935DD427E53C5D2FFFE79E612D0B4074CE26AA992DA62D4925806 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
17:02:21.0426 0x0a04  EraserUtilRebootDrv - ok
17:02:21.0426 0x0a04  [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\Windows\system32\drivers\errdev.sys
17:02:21.0473 0x0a04  ErrDev - ok
17:02:21.0519 0x0a04  [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\Windows\system32\es.dll
17:02:21.0566 0x0a04  EventSystem - ok
17:02:21.0582 0x0a04  [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\Windows\system32\drivers\exfat.sys
17:02:21.0613 0x0a04  exfat - ok
17:02:21.0629 0x0a04  [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\Windows\system32\drivers\fastfat.sys
17:02:21.0707 0x0a04  fastfat - ok
17:02:21.0738 0x0a04  [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\Windows\system32\fxssvc.exe
17:02:21.0785 0x0a04  Fax - ok
17:02:21.0816 0x0a04  [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\Windows\system32\drivers\fdc.sys
17:02:21.0863 0x0a04  fdc - ok
17:02:21.0878 0x0a04  [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\Windows\system32\fdPHost.dll
17:02:21.0948 0x0a04  fdPHost - ok
17:02:21.0951 0x0a04  [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\Windows\system32\fdrespub.dll
17:02:21.0984 0x0a04  FDResPub - ok
17:02:22.0011 0x0a04  [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
17:02:22.0027 0x0a04  FileInfo - ok
17:02:22.0042 0x0a04  [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
17:02:22.0097 0x0a04  Filetrace - ok
17:02:22.0121 0x0a04  [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\Windows\system32\drivers\flpydisk.sys
17:02:22.0161 0x0a04  flpydisk - ok
17:02:22.0183 0x0a04  [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
17:02:22.0214 0x0a04  FltMgr - ok
17:02:22.0261 0x0a04  [ E612E86FA15EA1EF9A52433A2743C447, 8A66164541D2EE2334B6DE3995C31138EA85E3A06BC7FD901E60D345E4E1E8A8 ] FontCache       C:\Windows\system32\FntCache.dll
17:02:22.0339 0x0a04  FontCache - ok
17:02:22.0386 0x0a04  [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:02:22.0402 0x0a04  FontCache3.0.0.0 - ok
17:02:22.0417 0x0a04  [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
17:02:22.0433 0x0a04  FsDepends - ok
17:02:22.0448 0x0a04  [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
17:02:22.0464 0x0a04  Fs_Rec - ok
17:02:22.0495 0x0a04  [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
17:02:22.0511 0x0a04  fvevol - ok
17:02:22.0542 0x0a04  [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\Windows\system32\drivers\gagp30kx.sys
17:02:22.0558 0x0a04  gagp30kx - ok
17:02:22.0589 0x0a04  [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\Windows\System32\gpsvc.dll
17:02:22.0636 0x0a04  gpsvc - ok
17:02:22.0698 0x0a04  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:02:22.0714 0x0a04  gupdate - ok
17:02:22.0729 0x0a04  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:02:22.0745 0x0a04  gupdatem - ok
17:02:22.0807 0x0a04  [ C1B577B2169900F4CF7190C39F085794, 73E104B96A48F4C80D8C37254ECB0891D15C0D2F0C251B57C168F90D60316447 ] gusvc           C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:02:22.0823 0x0a04  gusvc - ok
17:02:22.0838 0x0a04  [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
17:02:22.0901 0x0a04  hcw85cir - ok
17:02:22.0948 0x0a04  [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
17:02:22.0994 0x0a04  HdAudAddService - ok
17:02:23.0029 0x0a04  [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\Windows\system32\DRIVERS\HDAudBus.sys
17:02:23.0075 0x0a04  HDAudBus - ok
17:02:23.0107 0x0a04  [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\Windows\system32\drivers\HidBatt.sys
17:02:23.0138 0x0a04  HidBatt - ok
17:02:23.0169 0x0a04  [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\Windows\system32\drivers\hidbth.sys
17:02:23.0185 0x0a04  HidBth - ok
17:02:23.0200 0x0a04  [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\Windows\system32\drivers\hidir.sys
17:02:23.0247 0x0a04  HidIr - ok
17:02:23.0294 0x0a04  [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\Windows\system32\hidserv.dll
17:02:23.0341 0x0a04  hidserv - ok
17:02:23.0387 0x0a04  [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
17:02:23.0419 0x0a04  HidUsb - ok
17:02:23.0434 0x0a04  [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\Windows\system32\kmsvc.dll
17:02:23.0465 0x0a04  hkmsvc - ok
17:02:23.0481 0x0a04  [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
17:02:23.0559 0x0a04  HomeGroupListener - ok
17:02:23.0590 0x0a04  [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
17:02:23.0637 0x0a04  HomeGroupProvider - ok
17:02:23.0668 0x0a04  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
17:02:23.0684 0x0a04  HpSAMD - ok
17:02:23.0777 0x0a04  [ 595F362A7C2F64304EFC77C72E7B9F84, 9C68F14DDC738212C839038CA0909C8D124ABB93C202EAE124872203BB3AD4BF ] HPSupportSolutionsFrameworkService C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe
17:02:23.0793 0x0a04  HPSupportSolutionsFrameworkService - ok
17:02:23.0840 0x0a04  [ F61634BEC53F73702A10DE69F6DCAF57, BBA7344CF3AB96A46D1A6F1D50F2758EA8D097FE558C38B4EF45C8C334AF96E1 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
17:02:23.0887 0x0a04  HTTP - ok
17:02:23.0902 0x0a04  [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
17:02:23.0918 0x0a04  hwpolicy - ok
17:02:23.0949 0x0a04  [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
17:02:23.0965 0x0a04  i8042prt - ok
17:02:24.0011 0x0a04  [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
17:02:24.0027 0x0a04  iaStorV - ok
17:02:24.0105 0x0a04  [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:02:24.0136 0x0a04  idsvc - ok
17:02:24.0245 0x0a04  [ 19F52CF90BB4D05B5265773CA7011E4C, BA28BAEE9D64859775C6DF56E407104D1463BD1374CF3F6AA414AB85946ED1F5 ] IDSVia64        C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150731.001\IDSvia64.sys
17:02:24.0277 0x0a04  IDSVia64 - ok
17:02:24.0277 0x0a04  IEEtwCollectorService - ok
17:02:24.0292 0x0a04  [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\Windows\system32\drivers\iirsp.sys
17:02:24.0308 0x0a04  iirsp - ok
17:02:24.0339 0x0a04  [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\Windows\System32\ikeext.dll
17:02:24.0401 0x0a04  IKEEXT - ok
17:02:24.0448 0x0a04  [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\Windows\system32\drivers\intelide.sys
17:02:24.0464 0x0a04  intelide - ok
17:02:24.0479 0x0a04  [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\Windows\system32\drivers\intelppm.sys
17:02:24.0526 0x0a04  intelppm - ok
17:02:24.0557 0x0a04  [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
17:02:24.0620 0x0a04  IPBusEnum - ok
17:02:24.0651 0x0a04  [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:02:24.0698 0x0a04  IpFilterDriver - ok
17:02:24.0745 0x0a04  [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
17:02:24.0823 0x0a04  iphlpsvc - ok
17:02:24.0838 0x0a04  [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
17:02:24.0869 0x0a04  IPMIDRV - ok
17:02:24.0901 0x0a04  [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
17:02:24.0947 0x0a04  IPNAT - ok
17:02:24.0963 0x0a04  [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\Windows\system32\drivers\irenum.sys
17:02:24.0979 0x0a04  IRENUM - ok
17:02:24.0994 0x0a04  [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
17:02:25.0011 0x0a04  isapnp - ok
17:02:25.0028 0x0a04  [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
17:02:25.0044 0x0a04  iScsiPrt - ok
17:02:25.0075 0x0a04  [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
17:02:25.0091 0x0a04  kbdclass - ok
17:02:25.0122 0x0a04  [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
17:02:25.0138 0x0a04  kbdhid - ok
17:02:25.0153 0x0a04  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] KeyIso          C:\Windows\system32\lsass.exe
17:02:25.0169 0x0a04  KeyIso - ok
17:02:25.0200 0x0a04  [ C0A6C3D6E02B61B5D100FE17306C276F, F57C7BCC39B30F1DF739D07B76BA18EB68D12D8D1BD13B6AC8DC712C29119495 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
17:02:25.0216 0x0a04  KSecDD - ok
17:02:25.0231 0x0a04  [ 7A7328E427694CC7244235C3BC299F80, 7FC2E1F3F93B3334C3A8961CA58B4F38524650F6D8DA9FFA1FB43E1A2B86B710 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
17:02:25.0247 0x0a04  KSecPkg - ok
17:02:25.0262 0x0a04  [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
17:02:25.0309 0x0a04  ksthunk - ok
17:02:25.0356 0x0a04  [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\Windows\system32\msdtckrm.dll
17:02:25.0418 0x0a04  KtmRm - ok
17:02:25.0465 0x0a04  [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\Windows\system32\srvsvc.dll
17:02:25.0528 0x0a04  LanmanServer - ok
17:02:25.0574 0x0a04  [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:02:25.0606 0x0a04  LanmanWorkstation - ok
17:02:25.0652 0x0a04  [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
17:02:25.0684 0x0a04  lltdio - ok
17:02:25.0715 0x0a04  [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\Windows\System32\lltdsvc.dll
17:02:25.0777 0x0a04  lltdsvc - ok
17:02:25.0777 0x0a04  [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\Windows\System32\lmhsvc.dll
17:02:25.0808 0x0a04  lmhosts - ok
17:02:25.0840 0x0a04  [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\Windows\system32\drivers\lsi_fc.sys
17:02:25.0855 0x0a04  LSI_FC - ok
17:02:25.0871 0x0a04  [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\Windows\system32\drivers\lsi_sas.sys
17:02:25.0886 0x0a04  LSI_SAS - ok
17:02:25.0902 0x0a04  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\Windows\system32\drivers\lsi_sas2.sys
17:02:25.0918 0x0a04  LSI_SAS2 - ok
17:02:25.0949 0x0a04  [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\Windows\system32\drivers\lsi_scsi.sys
17:02:25.0964 0x0a04  LSI_SCSI - ok
17:02:25.0980 0x0a04  [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\Windows\system32\drivers\luafv.sys
17:02:26.0042 0x0a04  luafv - ok
17:02:26.0074 0x0a04  [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
17:02:26.0089 0x0a04  Mcx2Svc - ok
17:02:26.0105 0x0a04  [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\Windows\system32\drivers\megasas.sys
17:02:26.0120 0x0a04  megasas - ok
17:02:26.0136 0x0a04  [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\Windows\system32\drivers\MegaSR.sys
17:02:26.0152 0x0a04  MegaSR - ok
17:02:26.0167 0x0a04  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\Windows\system32\mmcss.dll
17:02:26.0198 0x0a04  MMCSS - ok
17:02:26.0214 0x0a04  [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\Windows\system32\drivers\modem.sys
17:02:26.0261 0x0a04  Modem - ok
17:02:26.0276 0x0a04  [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
17:02:26.0308 0x0a04  monitor - ok
17:02:26.0308 0x0a04  [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
17:02:26.0323 0x0a04  mouclass - ok
17:02:26.0339 0x0a04  [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
17:02:26.0386 0x0a04  mouhid - ok
17:02:26.0417 0x0a04  [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
17:02:26.0432 0x0a04  mountmgr - ok
17:02:26.0448 0x0a04  [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\Windows\system32\drivers\mpio.sys
17:02:26.0464 0x0a04  mpio - ok
17:02:26.0495 0x0a04  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
17:02:26.0526 0x0a04  mpsdrv - ok
17:02:26.0557 0x0a04  [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\Windows\system32\mpssvc.dll
17:02:26.0635 0x0a04  MpsSvc - ok
17:02:26.0666 0x0a04  [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
17:02:26.0698 0x0a04  MRxDAV - ok
17:02:26.0729 0x0a04  [ 1877EB1495CFBDAB27D6A32F6DDF3818, 3818055C66AB12A335A905CFFE5D05347F15AE488861C5C183E62E8E0881DA86 ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
17:02:26.0791 0x0a04  mrxsmb - ok
17:02:26.0807 0x0a04  [ 21AF322605D8C7F2A627C22634D1C9C9, 6B783F95D093FEFB260EA9568926BBB3CB8ED0783184DB3A18733E211933BADD ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:02:26.0822 0x0a04  mrxsmb10 - ok
17:02:26.0838 0x0a04  [ 45A03A0B6461EFBEE77E0A6AC2816EDA, CFB0C11387F2EC49FD6B69EF747962114EBA6F8B4B4DEC3627E9E969775C4D7E ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:02:26.0869 0x0a04  mrxsmb20 - ok
17:02:26.0885 0x0a04  [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\Windows\system32\drivers\msahci.sys
17:02:26.0900 0x0a04  msahci - ok
17:02:26.0916 0x0a04  [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
17:02:26.0932 0x0a04  msdsm - ok
17:02:26.0947 0x0a04  [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\Windows\System32\msdtc.exe
17:02:26.0963 0x0a04  MSDTC - ok
17:02:26.0994 0x0a04  [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
17:02:27.0045 0x0a04  Msfs - ok
17:02:27.0060 0x0a04  [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
17:02:27.0123 0x0a04  mshidkmdf - ok
17:02:27.0138 0x0a04  [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
17:02:27.0154 0x0a04  msisadrv - ok
17:02:27.0170 0x0a04  [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
17:02:27.0201 0x0a04  MSiSCSI - ok
17:02:27.0216 0x0a04  msiserver - ok
17:02:27.0232 0x0a04  [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
17:02:27.0263 0x0a04  MSKSSRV - ok
17:02:27.0263 0x0a04  [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
17:02:27.0294 0x0a04  MSPCLOCK - ok
17:02:27.0294 0x0a04  [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
17:02:27.0341 0x0a04  MSPQM - ok
17:02:27.0388 0x0a04  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
17:02:27.0404 0x0a04  MsRPC - ok
17:02:27.0404 0x0a04  [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\Windows\system32\DRIVERS\mssmbios.sys
17:02:27.0419 0x0a04  mssmbios - ok
17:02:27.0435 0x0a04  [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
17:02:27.0497 0x0a04  MSTEE - ok
17:02:27.0513 0x0a04  [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\Windows\system32\drivers\MTConfig.sys
17:02:27.0528 0x0a04  MTConfig - ok
17:02:27.0575 0x0a04  [ 19B006B181E3875FD254F7B67ACF1E7C, 1D68D19522E71F16B8B50F8CCFBC9D884CF2DAC40CC409BD5A40A4D4223ABC61 ] MTsensor        C:\Windows\system32\DRIVERS\ASACPI.sys
17:02:27.0591 0x0a04  MTsensor - ok
17:02:27.0606 0x0a04  [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\Windows\system32\Drivers\mup.sys
17:02:27.0622 0x0a04  Mup - ok
17:02:27.0638 0x0a04  [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\Windows\system32\qagentRT.dll
17:02:27.0684 0x0a04  napagent - ok
17:02:27.0716 0x0a04  [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
17:02:27.0778 0x0a04  NativeWifiP - ok
17:02:27.0872 0x0a04  [ 5A4EC58A5F2E63DB2092B343CF1B2834, 33F957565E38A3A2842DDB16D7C969F93A4FB888DB5AFBBF5431A712FADE4E13 ] NAVENG          C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\ENG64.SYS
17:02:27.0887 0x0a04  NAVENG - ok
17:02:27.0950 0x0a04  [ 526EA496D7F06B3746775046B33027C1, FEC0B860F49C28ED6ED721A09D19239BB1E20CE3A29697B24B2FE604AE0EB808 ] NAVEX15         C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\EX64.SYS
17:02:28.0012 0x0a04  NAVEX15 - ok
17:02:28.0074 0x0a04  [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\Windows\system32\drivers\ndis.sys
17:02:28.0121 0x0a04  NDIS - ok
17:02:28.0137 0x0a04  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
17:02:28.0184 0x0a04  NdisCap - ok
17:02:28.0215 0x0a04  [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
17:02:28.0246 0x0a04  NdisTapi - ok
17:02:28.0277 0x0a04  [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
17:02:28.0324 0x0a04  Ndisuio - ok
17:02:28.0355 0x0a04  [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
17:02:28.0418 0x0a04  NdisWan - ok
17:02:28.0433 0x0a04  [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
17:02:28.0464 0x0a04  NDProxy - ok
17:02:28.0480 0x0a04  [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
17:02:28.0511 0x0a04  NetBIOS - ok
17:02:28.0527 0x0a04  [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
17:02:28.0589 0x0a04  NetBT - ok
17:02:28.0620 0x0a04  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] Netlogon        C:\Windows\system32\lsass.exe
17:02:28.0636 0x0a04  Netlogon - ok
17:02:28.0683 0x0a04  [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\Windows\System32\netman.dll
17:02:28.0714 0x0a04  Netman - ok
17:02:28.0745 0x0a04  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:28.0808 0x0a04  NetMsmqActivator - ok
17:02:28.0808 0x0a04  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:28.0823 0x0a04  NetPipeActivator - ok
17:02:28.0839 0x0a04  [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\Windows\System32\netprofm.dll
17:02:28.0901 0x0a04  netprofm - ok
17:02:28.0901 0x0a04  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:28.0917 0x0a04  NetTcpActivator - ok
17:02:28.0932 0x0a04  [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
17:02:28.0948 0x0a04  NetTcpPortSharing - ok
17:02:28.0964 0x0a04  [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\Windows\system32\drivers\nfrd960.sys
17:02:28.0979 0x0a04  nfrd960 - ok
17:02:29.0010 0x0a04  [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\Windows\System32\nlasvc.dll
17:02:29.0045 0x0a04  NlaSvc - ok
17:02:29.0060 0x0a04  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\Windows\system32\drivers\Npfs.sys
17:02:29.0107 0x0a04  Npfs - ok
17:02:29.0294 0x0a04  [ 0A7FFDECBA6CA836A67AC584FA648919, 07DBCFF6CC0E67679E5ABCF41BDD3736131B0C84DAF3A4E628C0ADB083D252C5 ] NS              C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe
17:02:29.0310 0x0a04  NS - ok
17:02:29.0325 0x0a04  [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\Windows\system32\nsisvc.dll
17:02:29.0372 0x0a04  nsi - ok
17:02:29.0403 0x0a04  [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
17:02:29.0466 0x0a04  nsiproxy - ok
17:02:29.0544 0x0a04  [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
17:02:29.0591 0x0a04  Ntfs - ok
17:02:29.0606 0x0a04  [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\Windows\system32\drivers\Null.sys
17:02:29.0653 0x0a04  Null - ok
17:02:30.0012 0x0a04  [ DD81FBC57AB9134CDDC5CE90880BFD80, 16DF4D9645238D1014FA9189FF171DCF7B7C7573F759B5AC73025518139D86B1 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
17:02:30.0293 0x0a04  nvlddmkm - ok
17:02:30.0324 0x0a04  [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\Windows\system32\drivers\nvraid.sys
17:02:30.0339 0x0a04  nvraid - ok
17:02:30.0371 0x0a04  [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\Windows\system32\drivers\nvstor.sys
17:02:30.0386 0x0a04  nvstor - ok
17:02:30.0402 0x0a04  [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
17:02:30.0417 0x0a04  nv_agp - ok
17:02:30.0433 0x0a04  [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
17:02:30.0449 0x0a04  ohci1394 - ok
17:02:30.0480 0x0a04  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
17:02:30.0542 0x0a04  p2pimsvc - ok
17:02:30.0573 0x0a04  [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\Windows\system32\p2psvc.dll
17:02:30.0605 0x0a04  p2psvc - ok
17:02:30.0636 0x0a04  [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
17:02:30.0651 0x0a04  Parport - ok
17:02:30.0667 0x0a04  [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\Windows\system32\drivers\partmgr.sys
17:02:30.0683 0x0a04  partmgr - ok
17:02:30.0714 0x0a04  [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\Windows\System32\pcasvc.dll
17:02:30.0792 0x0a04  PcaSvc - ok
17:02:30.0807 0x0a04  [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\Windows\system32\drivers\pci.sys
17:02:30.0823 0x0a04  pci - ok
17:02:30.0839 0x0a04  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\Windows\system32\drivers\pciide.sys
17:02:30.0854 0x0a04  pciide - ok
17:02:30.0870 0x0a04  [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\Windows\system32\drivers\pcmcia.sys
17:02:30.0901 0x0a04  pcmcia - ok
17:02:30.0917 0x0a04  [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\Windows\system32\drivers\pcw.sys
17:02:30.0932 0x0a04  pcw - ok
17:02:30.0963 0x0a04  [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
17:02:30.0995 0x0a04  PEAUTH - ok
17:02:31.0060 0x0a04  [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc     C:\Windows\system32\peerdistsvc.dll
17:02:31.0107 0x0a04  PeerDistSvc - ok
17:02:31.0154 0x0a04  [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\Windows\SysWow64\perfhost.exe
17:02:31.0325 0x0a04  PerfHost - ok
17:02:31.0388 0x0a04  [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\Windows\system32\pla.dll
17:02:31.0450 0x0a04  pla - ok
17:02:31.0497 0x0a04  [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
17:02:31.0575 0x0a04  PlugPlay - ok
17:02:31.0622 0x0a04  [ 403F8D707515A6AAE46CCC5DBFE8408C, 82CCE0D2010F0A2B45084C371EE62805C53E93596AA21CE35D7BCBDC9874D265 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
17:02:31.0637 0x0a04  Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
17:02:31.0637 0x0a04  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - warning
17:02:31.0637 0x0a04  Force sending object to P2P due to detect: Pml Driver HPZ12
17:02:34.0760 0x0a04  Object send P2P result: true
17:02:37.0653 0x0a04  [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
17:02:37.0684 0x0a04  PNRPAutoReg - ok
17:02:37.0716 0x0a04  [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
17:02:37.0731 0x0a04  PNRPsvc - ok
17:02:37.0778 0x0a04  [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
17:02:37.0825 0x0a04  PolicyAgent - ok
17:02:37.0856 0x0a04  [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\Windows\system32\umpo.dll
17:02:37.0918 0x0a04  Power - ok
17:02:37.0965 0x0a04  [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
17:02:37.0996 0x0a04  PptpMiniport - ok
17:02:38.0012 0x0a04  [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\Windows\system32\drivers\processr.sys
17:02:38.0028 0x0a04  Processor - ok
17:02:38.0059 0x0a04  [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\Windows\system32\profsvc.dll
17:02:38.0121 0x0a04  ProfSvc - ok
17:02:38.0137 0x0a04  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] ProtectedStorage C:\Windows\system32\lsass.exe
17:02:38.0168 0x0a04  ProtectedStorage - ok
17:02:38.0168 0x0a04  [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
17:02:38.0230 0x0a04  Psched - ok
17:02:38.0293 0x0a04  [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\Windows\system32\drivers\ql2300.sys
17:02:38.0340 0x0a04  ql2300 - ok
17:02:38.0355 0x0a04  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\Windows\system32\drivers\ql40xx.sys
17:02:38.0386 0x0a04  ql40xx - ok
17:02:38.0402 0x0a04  [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\Windows\system32\qwave.dll
17:02:38.0433 0x0a04  QWAVE - ok
17:02:38.0449 0x0a04  [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
17:02:38.0464 0x0a04  QWAVEdrv - ok
17:02:38.0480 0x0a04  [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
17:02:38.0542 0x0a04  RasAcd - ok
17:02:38.0558 0x0a04  [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
17:02:38.0620 0x0a04  RasAgileVpn - ok
17:02:38.0652 0x0a04  [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\Windows\System32\rasauto.dll
17:02:38.0698 0x0a04  RasAuto - ok
17:02:38.0730 0x0a04  [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
17:02:38.0761 0x0a04  Rasl2tp - ok
17:02:38.0792 0x0a04  [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\Windows\System32\rasmans.dll
17:02:38.0823 0x0a04  RasMan - ok
17:02:38.0839 0x0a04  [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
17:02:38.0901 0x0a04  RasPppoe - ok
17:02:38.0932 0x0a04  [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
17:02:38.0979 0x0a04  RasSstp - ok
17:02:39.0010 0x0a04  [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
17:02:39.0060 0x0a04  rdbss - ok
17:02:39.0091 0x0a04  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
17:02:39.0107 0x0a04  rdpbus - ok
17:02:39.0107 0x0a04  [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
17:02:39.0171 0x0a04  RDPCDD - ok
17:02:39.0203 0x0a04  [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR           C:\Windows\system32\drivers\rdpdr.sys
17:02:39.0234 0x0a04  RDPDR - ok
17:02:39.0249 0x0a04  [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
17:02:39.0281 0x0a04  RDPENCDD - ok
17:02:39.0281 0x0a04  [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
17:02:39.0327 0x0a04  RDPREFMP - ok
17:02:39.0390 0x0a04  [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
17:02:39.0452 0x0a04  RdpVideoMiniport - ok
17:02:39.0483 0x0a04  [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
17:02:39.0515 0x0a04  RDPWD - ok
17:02:39.0530 0x0a04  [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
17:02:39.0546 0x0a04  rdyboost - ok
17:02:39.0593 0x0a04  [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\Windows\System32\mprdim.dll
17:02:39.0624 0x0a04  RemoteAccess - ok
17:02:39.0639 0x0a04  [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
17:02:39.0686 0x0a04  RemoteRegistry - ok
17:02:39.0733 0x0a04  [ 3DD798846E2C28102B922C56E71B7932, 30B111615D74CB2213997A5C08DD9C8613ADE441D9423CC1C49A753D13CE524D ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
17:02:39.0749 0x0a04  RFCOMM - ok
17:02:39.0764 0x0a04  [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
17:02:39.0827 0x0a04  RpcEptMapper - ok
17:02:39.0858 0x0a04  [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\Windows\system32\locator.exe
17:02:39.0873 0x0a04  RpcLocator - ok
17:02:39.0905 0x0a04  [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\Windows\system32\rpcss.dll
17:02:39.0936 0x0a04  RpcSs - ok
17:02:39.0951 0x0a04  [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
17:02:40.0014 0x0a04  rspndr - ok
17:02:40.0076 0x0a04  [ 8181B5E7BFC040E0B26349C73E719335, EBB244A7E8E2CDC51041B2C2A78DCB77324F9E3746942C84902FCD928ADED897 ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
17:02:40.0107 0x0a04  RTL8167 - ok
17:02:40.0123 0x0a04  [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap           C:\Windows\system32\drivers\vms3cap.sys
17:02:40.0154 0x0a04  s3cap - ok
17:02:40.0185 0x0a04  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] SamSs           C:\Windows\system32\lsass.exe
17:02:40.0201 0x0a04  SamSs - ok
17:02:40.0217 0x0a04  [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
17:02:40.0232 0x0a04  sbp2port - ok
17:02:40.0248 0x0a04  [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\Windows\System32\SCardSvr.dll
17:02:40.0310 0x0a04  SCardSvr - ok
17:02:40.0341 0x0a04  [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
17:02:40.0357 0x0a04  scfilter - ok
17:02:40.0404 0x0a04  [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\Windows\system32\schedsvc.dll
17:02:40.0497 0x0a04  Schedule - ok
17:02:40.0529 0x0a04  [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\Windows\System32\certprop.dll
17:02:40.0560 0x0a04  SCPolicySvc - ok
17:02:40.0575 0x0a04  [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
17:02:40.0591 0x0a04  SDRSVC - ok
17:02:40.0607 0x0a04  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\Windows\system32\drivers\secdrv.sys
17:02:40.0638 0x0a04  secdrv - ok
17:02:40.0653 0x0a04  [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\Windows\system32\seclogon.dll
17:02:40.0685 0x0a04  seclogon - ok
17:02:40.0716 0x0a04  [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\Windows\System32\sens.dll
17:02:40.0747 0x0a04  SENS - ok
17:02:40.0747 0x0a04  [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\Windows\system32\sensrsvc.dll
17:02:40.0778 0x0a04  SensrSvc - ok
17:02:40.0809 0x0a04  [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
17:02:40.0841 0x0a04  Serenum - ok
17:02:40.0872 0x0a04  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\Windows\system32\DRIVERS\serial.sys
17:02:40.0919 0x0a04  Serial - ok
17:02:40.0934 0x0a04  [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\Windows\system32\drivers\sermouse.sys
17:02:40.0950 0x0a04  sermouse - ok
17:02:40.0965 0x0a04  [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\Windows\system32\sessenv.dll
17:02:41.0012 0x0a04  SessionEnv - ok
17:02:41.0012 0x0a04  [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
17:02:41.0062 0x0a04  sffdisk - ok
17:02:41.0093 0x0a04  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
17:02:41.0109 0x0a04  sffp_mmc - ok
17:02:41.0109 0x0a04  [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
17:02:41.0140 0x0a04  sffp_sd - ok
17:02:41.0140 0x0a04  [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\Windows\system32\drivers\sfloppy.sys
17:02:41.0187 0x0a04  sfloppy - ok
17:02:41.0234 0x0a04  [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\Windows\System32\ipnathlp.dll
17:02:41.0280 0x0a04  SharedAccess - ok
17:02:41.0312 0x0a04  [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:02:41.0343 0x0a04  ShellHWDetection - ok
17:02:41.0358 0x0a04  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\Windows\system32\drivers\SiSRaid2.sys
17:02:41.0374 0x0a04  SiSRaid2 - ok
17:02:41.0390 0x0a04  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\Windows\system32\drivers\sisraid4.sys
17:02:41.0405 0x0a04  SiSRaid4 - ok
17:02:41.0421 0x0a04  [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
17:02:41.0452 0x0a04  Smb - ok
17:02:41.0468 0x0a04  [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
17:02:41.0483 0x0a04  SNMPTRAP - ok
17:02:41.0499 0x0a04  [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\Windows\system32\drivers\spldr.sys
17:02:41.0514 0x0a04  spldr - ok
17:02:41.0546 0x0a04  [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\Windows\System32\spoolsv.exe
17:02:41.0624 0x0a04  Spooler - ok
17:02:41.0733 0x0a04  [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\Windows\system32\sppsvc.exe
17:02:41.0858 0x0a04  sppsvc - ok
17:02:41.0858 0x0a04  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
17:02:41.0889 0x0a04  sppuinotify - ok
17:02:41.0998 0x0a04  [ 3361466E3C5353CAB7E978C236FADF3B, DEF6FD4EB35C4CA9E67843A324FF1A8D6A064CBC76FD3392E70BBAF85D9421BA ] SRTSP           C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS
17:02:42.0029 0x0a04  SRTSP - ok
17:02:42.0045 0x0a04  [ BA2ABBEA69BD1866C973DE11CB0CE9F8, 7A04BC2F4DA9A69A996911CC429064D24CF51F4046A2EE688D4326B44C9EDAFB ] SRTSPX          C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS
17:02:42.0076 0x0a04  SRTSPX - ok
17:02:42.0092 0x0a04  [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\Windows\system32\DRIVERS\srv.sys
17:02:42.0170 0x0a04  srv - ok
17:02:42.0201 0x0a04  [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
17:02:42.0248 0x0a04  srv2 - ok
17:02:42.0279 0x0a04  [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
17:02:42.0326 0x0a04  srvnet - ok
17:02:42.0372 0x0a04  [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
17:02:42.0435 0x0a04  SSDPSRV - ok
17:02:42.0466 0x0a04  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\Windows\system32\sstpsvc.dll
17:02:42.0497 0x0a04  SstpSvc - ok
17:02:42.0575 0x0a04  [ 189879824D01F9A0DD1D72259A120F50, D587688E9EF7C43319AB87EEA368C9310F3A8F4A8A6D8A6E427A54126C209DF0 ] Steam Client Service C:\Program Files (x86)\Common Files\Steam\SteamService.exe
17:02:42.0606 0x0a04  Steam Client Service - ok
17:02:42.0622 0x0a04  [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\Windows\system32\drivers\stexstor.sys
17:02:42.0638 0x0a04  stexstor - ok
17:02:42.0669 0x0a04  [ DECACB6921DED1A38642642685D77DAC, 1633711CE973F818EBCCCA28538772431167C33ECDD44D1E846A9436598B52DC ] StillCam        C:\Windows\system32\DRIVERS\serscan.sys
17:02:42.0700 0x0a04  StillCam - ok
17:02:42.0747 0x0a04  [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\Windows\System32\wiaservc.dll
17:02:42.0794 0x0a04  stisvc - ok
17:02:42.0809 0x0a04  [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt         C:\Windows\system32\drivers\vmstorfl.sys
17:02:42.0825 0x0a04  storflt - ok
17:02:42.0856 0x0a04  [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc         C:\Windows\system32\drivers\storvsc.sys
17:02:42.0872 0x0a04  storvsc - ok
17:02:42.0887 0x0a04  [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\Windows\system32\DRIVERS\swenum.sys
17:02:42.0903 0x0a04  swenum - ok
17:02:42.0934 0x0a04  [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\Windows\System32\swprv.dll
17:02:42.0981 0x0a04  swprv - ok
17:02:43.0124 0x0a04  [ C9EC22D5B3C6B32A7C8B4A73870A7379, BA530C64FDE63D9A4023BB9E667497D5248B2910BC1A214B592318CC64034735 ] SymEFASI        C:\Windows\system32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS
17:02:43.0171 0x0a04  SymEFASI - ok
17:02:43.0233 0x0a04  [ 6DF8F618B93C821630C9BAA8DA3FAAAF, 553972D63F3347291EC8370AB910F741EF1DA61BC74FBA4192EF6E1DF567FB99 ] SymEvent        C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
17:02:43.0249 0x0a04  SymEvent - ok
17:02:43.0296 0x0a04  [ 0891E59A27208B9B727BAB863B853E80, 7BBDD53CB7AB003DF803D6D596A2B5216425DCC7FA8D3F311AE5BD4EC19FBB0A ] SymIRON         C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS
17:02:43.0311 0x0a04  SymIRON - ok
17:02:43.0358 0x0a04  [ 5EA70535B2A6504278E14943867B1B39, 53F191DE2F1F692983BD9068DCF0A851111B7A08FCEDFE871FA0594B0C46FCB7 ] SymNetS         C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS
17:02:43.0374 0x0a04  SymNetS - ok
17:02:43.0389 0x0a04  [ C3A39C4079305480972D29C44B868C78, 8F1BB75C743256F905EAEDE744B6082C53774C49126875FB4E4FBA30F5478B17 ] Synth3dVsc      C:\Windows\system32\drivers\synth3dvsc.sys
17:02:43.0405 0x0a04  Synth3dVsc - ok
17:02:43.0467 0x0a04  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\Windows\system32\sysmain.dll
17:02:43.0545 0x0a04  SysMain - ok
17:02:43.0592 0x0a04  [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:02:43.0608 0x0a04  TabletInputService - ok
17:02:43.0639 0x0a04  [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\Windows\System32\tapisrv.dll
17:02:43.0686 0x0a04  TapiSrv - ok
17:02:43.0717 0x0a04  [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\Windows\System32\tbssvc.dll
17:02:43.0779 0x0a04  TBS - ok
17:02:43.0857 0x0a04  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
17:02:43.0920 0x0a04  Tcpip - ok
17:02:43.0982 0x0a04  [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
17:02:44.0029 0x0a04  TCPIP6 - ok
17:02:44.0060 0x0a04  [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
17:02:44.0091 0x0a04  tcpipreg - ok
17:02:44.0138 0x0a04  [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
17:02:44.0154 0x0a04  TDPIPE - ok
17:02:44.0169 0x0a04  [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
17:02:44.0185 0x0a04  TDTCP - ok
17:02:44.0216 0x0a04  [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
17:02:44.0247 0x0a04  tdx - ok
17:02:44.0247 0x0a04  [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\Windows\system32\DRIVERS\termdd.sys
17:02:44.0263 0x0a04  TermDD - ok
17:02:44.0279 0x0a04  [ EF4469AB69EB15E5D3754E6AEAFBCD3D, 3609214C3D5181364B544EBF17E9A109952BE1C4C35BE0A8727BFA8F49ECB130 ] terminpt        C:\Windows\system32\drivers\terminpt.sys
17:02:44.0341 0x0a04  terminpt - ok
17:02:44.0388 0x0a04  [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\Windows\System32\termsrv.dll
17:02:44.0466 0x0a04  TermService - ok
17:02:44.0481 0x0a04  [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\Windows\system32\themeservice.dll
17:02:44.0497 0x0a04  Themes - ok
17:02:44.0513 0x0a04  [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\Windows\system32\mmcss.dll
17:02:44.0544 0x0a04  THREADORDER - ok
17:02:44.0559 0x0a04  [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\Windows\System32\trkwks.dll
17:02:44.0622 0x0a04  TrkWks - ok
17:02:44.0684 0x0a04  [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:02:44.0747 0x0a04  TrustedInstaller - ok
17:02:44.0778 0x0a04  [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
17:02:44.0793 0x0a04  tssecsrv - ok
17:02:44.0825 0x0a04  [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
17:02:44.0856 0x0a04  TsUsbFlt - ok
17:02:44.0903 0x0a04  [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD         C:\Windows\system32\drivers\TsUsbGD.sys
17:02:44.0918 0x0a04  TsUsbGD - ok
17:02:44.0949 0x0a04  [ E1748D04AE40118B62BC18AC86032192, A954B141D1B27272C771D14F3B40C7CC1F572DD72559F2C96182EFBE2B095FDE ] tsusbhub        C:\Windows\system32\drivers\tsusbhub.sys
17:02:45.0012 0x0a04  tsusbhub - ok
17:02:45.0043 0x0a04  [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
17:02:45.0077 0x0a04  tunnel - ok
17:02:45.0093 0x0a04  [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\Windows\system32\drivers\uagp35.sys
17:02:45.0108 0x0a04  uagp35 - ok
17:02:45.0140 0x0a04  [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
17:02:45.0171 0x0a04  udfs - ok
17:02:45.0186 0x0a04  [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\Windows\system32\UI0Detect.exe
17:02:45.0202 0x0a04  UI0Detect - ok
17:02:45.0218 0x0a04  [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
17:02:45.0233 0x0a04  uliagpkx - ok
17:02:45.0264 0x0a04  [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\Windows\system32\DRIVERS\umbus.sys
17:02:45.0311 0x0a04  umbus - ok
17:02:45.0327 0x0a04  [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\Windows\system32\drivers\umpass.sys
17:02:45.0374 0x0a04  UmPass - ok
17:02:45.0405 0x0a04  [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService    C:\Windows\System32\umrdp.dll
17:02:45.0436 0x0a04  UmRdpService - ok
17:02:45.0452 0x0a04  [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\Windows\System32\upnphost.dll
17:02:45.0498 0x0a04  upnphost - ok
17:02:45.0498 0x0a04  [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
17:02:45.0530 0x0a04  usbccgp - ok
17:02:45.0576 0x0a04  [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\Windows\system32\drivers\usbcir.sys
17:02:45.0608 0x0a04  usbcir - ok
17:02:45.0608 0x0a04  [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
17:02:45.0623 0x0a04  usbehci - ok
17:02:45.0654 0x0a04  [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
17:02:45.0670 0x0a04  usbhub - ok
17:02:45.0686 0x0a04  [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\Windows\system32\DRIVERS\usbohci.sys
17:02:45.0701 0x0a04  usbohci - ok
17:02:45.0732 0x0a04  [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\Windows\system32\drivers\usbprint.sys
17:02:45.0748 0x0a04  usbprint - ok
17:02:45.0764 0x0a04  [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:02:45.0795 0x0a04  USBSTOR - ok
17:02:45.0810 0x0a04  [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
17:02:45.0826 0x0a04  usbuhci - ok
17:02:45.0826 0x0a04  [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\Windows\System32\uxsms.dll
17:02:45.0888 0x0a04  UxSms - ok
17:02:45.0920 0x0a04  [ 97D879A884E7CDFED51AD63348A35254, 256566B7039B640FFB72C2ED7F1F42E46FFC820637A8959A64F5F08DB2A06A3F ] VaultSvc        C:\Windows\system32\lsass.exe
17:02:45.0935 0x0a04  VaultSvc - ok
17:02:45.0935 0x0a04  [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
17:02:45.0951 0x0a04  vdrvroot - ok
17:02:45.0982 0x0a04  [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\Windows\System32\vds.exe
17:02:46.0029 0x0a04  vds - ok
17:02:46.0029 0x0a04  [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
17:02:46.0060 0x0a04  vga - ok
17:02:46.0076 0x0a04  [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\Windows\System32\drivers\vga.sys
17:02:46.0122 0x0a04  VgaSave - ok
17:02:46.0122 0x0a04  VGPU - ok
17:02:46.0154 0x0a04  [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
17:02:46.0169 0x0a04  vhdmp - ok
17:02:46.0263 0x0a04  [ EECF5B7210D773F3501CEDA848D53D31, C98034418DA5351A82B3FFAFBD277BAE4AE8AF25DD491BF628CEA0C708A5A9B2 ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
17:02:46.0325 0x0a04  VIAHdAudAddService - ok
17:02:46.0341 0x0a04  [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\Windows\system32\drivers\viaide.sys
17:02:46.0356 0x0a04  viaide - ok
17:02:46.0388 0x0a04  [ 43412F74D9516EF87988F2397A9B8E78, 82253E49D2762D67D202A8D3A215EF5F937ADFCF711AD238B6FDACAE0CC80A49 ] VIAKaraokeService C:\Windows\system32\viakaraokesrv.exe
17:02:46.0403 0x0a04  VIAKaraokeService - ok
17:02:46.0419 0x0a04  [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus           C:\Windows\system32\drivers\vmbus.sys
17:02:46.0434 0x0a04  vmbus - ok
17:02:46.0450 0x0a04  [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID        C:\Windows\system32\drivers\VMBusHID.sys
17:02:46.0466 0x0a04  VMBusHID - ok
17:02:46.0481 0x0a04  [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
17:02:46.0497 0x0a04  volmgr - ok
17:02:46.0512 0x0a04  [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
17:02:46.0528 0x0a04  volmgrx - ok
17:02:46.0559 0x0a04  [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\Windows\system32\drivers\volsnap.sys
17:02:46.0575 0x0a04  volsnap - ok
17:02:46.0590 0x0a04  [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\Windows\system32\drivers\vsmraid.sys
17:02:46.0606 0x0a04  vsmraid - ok
17:02:46.0653 0x0a04  [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\Windows\system32\vssvc.exe
17:02:46.0731 0x0a04  VSS - ok
17:02:46.0731 0x0a04  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
17:02:46.0746 0x0a04  vwifibus - ok
17:02:46.0778 0x0a04  [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\Windows\system32\w32time.dll
17:02:46.0809 0x0a04  W32Time - ok
17:02:46.0824 0x0a04  [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\Windows\system32\drivers\wacompen.sys
17:02:46.0871 0x0a04  WacomPen - ok
17:02:46.0902 0x0a04  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
17:02:46.0949 0x0a04  WANARP - ok
17:02:46.0980 0x0a04  [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
17:02:47.0012 0x0a04  Wanarpv6 - ok
17:02:47.0058 0x0a04  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
17:02:47.0109 0x0a04  WatAdminSvc - ok
17:02:47.0156 0x0a04  [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\Windows\system32\wbengine.exe
17:02:47.0218 0x0a04  wbengine - ok
17:02:47.0234 0x0a04  [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
17:02:47.0265 0x0a04  WbioSrvc - ok
17:02:47.0281 0x0a04  [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\Windows\System32\wcncsvc.dll
17:02:47.0312 0x0a04  wcncsvc - ok
17:02:47.0328 0x0a04  [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:02:47.0343 0x0a04  WcsPlugInService - ok
17:02:47.0359 0x0a04  [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\Windows\system32\drivers\wd.sys
17:02:47.0374 0x0a04  Wd - ok
17:02:47.0406 0x0a04  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
17:02:47.0437 0x0a04  Wdf01000 - ok
17:02:47.0468 0x0a04  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost  C:\Windows\system32\wdi.dll
17:02:47.0499 0x0a04  WdiServiceHost - ok
17:02:47.0499 0x0a04  [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\Windows\system32\wdi.dll
17:02:47.0515 0x0a04  WdiSystemHost - ok
17:02:47.0530 0x0a04  [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\Windows\System32\webclnt.dll
17:02:47.0562 0x0a04  WebClient - ok
17:02:47.0590 0x0a04  [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\Windows\system32\wecsvc.dll
17:02:47.0614 0x0a04  Wecsvc - ok
17:02:47.0645 0x0a04  [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
17:02:47.0692 0x0a04  wercplsupport - ok
17:02:47.0723 0x0a04  [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\Windows\System32\WerSvc.dll
17:02:47.0754 0x0a04  WerSvc - ok
17:02:47.0770 0x0a04  [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
17:02:47.0801 0x0a04  WfpLwf - ok
17:02:47.0817 0x0a04  [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
17:02:47.0832 0x0a04  WIMMount - ok
17:02:47.0848 0x0a04  WinDefend - ok
17:02:47.0848 0x0a04  WinHttpAutoProxySvc - ok
17:02:47.0897 0x0a04  [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
17:02:47.0928 0x0a04  Winmgmt - ok
17:02:47.0990 0x0a04  [ 0C0195C48B6B8582FA6F6373032118DA, 11BD2C9F9E2397C9A16E0990E4ED2CF0679498FE0FD418A3DFDAC60B5C160EE5 ] WinRing0_1_2_0  C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys
17:02:48.0006 0x0a04  WinRing0_1_2_0 - ok
17:02:48.0084 0x0a04  [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\Windows\system32\WsmSvc.dll
17:02:48.0193 0x0a04  WinRM - ok
17:02:48.0224 0x0a04  [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\Windows\system32\drivers\WinUsb.sys
17:02:48.0240 0x0a04  WinUsb - ok
17:02:48.0287 0x0a04  [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\Windows\System32\wlansvc.dll
17:02:48.0365 0x0a04  Wlansvc - ok
17:02:48.0365 0x0a04  [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\Windows\system32\DRIVERS\wmiacpi.sys
17:02:48.0396 0x0a04  WmiAcpi - ok
17:02:48.0427 0x0a04  [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
17:02:48.0443 0x0a04  wmiApSrv - ok
17:02:48.0474 0x0a04  WMPNetworkSvc - ok
17:02:48.0522 0x0a04  [ 83B6CA03C846FCD47F9883D77D1EB27B, 1616DBBC95085B6618B7F884383507E2A54D561A41288E79FA6DC99218C02802 ] WMZuneComm      C:\Program Files (x86)\WMZuneComm.exe
17:02:48.0551 0x0a04  WMZuneComm - ok
17:02:48.0567 0x0a04  [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\Windows\System32\wpcsvc.dll
17:02:48.0582 0x0a04  WPCSvc - ok
17:02:48.0598 0x0a04  [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
17:02:48.0629 0x0a04  WPDBusEnum - ok
17:02:48.0659 0x0a04  [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
17:02:48.0681 0x0a04  ws2ifsl - ok
17:02:48.0697 0x0a04  [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\Windows\System32\wscsvc.dll
17:02:48.0712 0x0a04  wscsvc - ok
17:02:48.0712 0x0a04  WSearch - ok
17:02:48.0806 0x0a04  [ AA3E844A2595B1AA5825C70CA50D963E, F9C7D64D9563CA5167EC9B0D957473B55C02E9456E041AE2CDA6ABFA9641D176 ] wuauserv        C:\Windows\system32\wuaueng.dll
17:02:48.0884 0x0a04  wuauserv - ok
17:02:48.0900 0x0a04  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
17:02:48.0978 0x0a04  WudfPf - ok
17:02:49.0009 0x0a04  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\Windows\system32\drivers\WUDFRd.sys
17:02:49.0056 0x0a04  WUDFRd - ok
17:02:49.0087 0x0a04  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
17:02:49.0121 0x0a04  wudfsvc - ok
17:02:49.0152 0x0a04  [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\Windows\System32\wwansvc.dll
17:02:49.0277 0x0a04  WwanSvc - ok
17:02:49.0542 0x0a04  [ 67B787C34FB2888D01B130AE007042D8, E44878E53F265C89F271B08B81C129105E42D1C78C14467B2D96E28A9A428B1A ] ZuneNetworkSvc  C:\Program Files (x86)\ZuneNss.exe
17:02:49.0761 0x0a04  ZuneNetworkSvc - ok
17:02:49.0792 0x0a04  [ 4D89FC1C20CF655739EFAC5DA81A67BC, 788D0A5B9972ED6D80242C0C5E80AB0FAB44A708B896D5F724AC1559A291C8DD ] ZuneWlanCfgSvc  C:\Program Files (x86)\ZuneWlanCfgSvc.exe
17:02:49.0823 0x0a04  ZuneWlanCfgSvc - ok
17:02:49.0839 0x0a04  ================ Scan global ===============================
17:02:49.0870 0x0a04  [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
17:02:49.0885 0x0a04  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
17:02:49.0901 0x0a04  [ 2313AF8D5A9CEB4A55400A01DD311A95, A5779FE967EA2703E86BEDC32CD736617AF278C72048228F038DFC628E1E0AA2 ] C:\Windows\system32\winsrv.dll
17:02:49.0932 0x0a04  [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
17:02:49.0963 0x0a04  [ 71C85477DF9347FE8E7BC55768473FCA, A86D6A6D1F5A0EFCD649792A06F3AE9B37158D48493D2ECA7F52DCC1CB9B6536 ] C:\Windows\system32\services.exe
17:02:49.0979 0x0a04  [ Global ] - ok
17:02:49.0979 0x0a04  ================ Scan MBR ==================================
17:02:49.0979 0x0a04  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
17:02:50.0385 0x0a04  \Device\Harddisk0\DR0 - ok
17:02:50.0385 0x0a04  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk1\DR1
17:02:50.0681 0x0a04  \Device\Harddisk1\DR1 - ok
17:02:50.0681 0x0a04  [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk2\DR2
17:02:50.0743 0x0a04  \Device\Harddisk2\DR2 - ok
17:02:50.0743 0x0a04  ================ Scan VBR ==================================
17:02:50.0743 0x0a04  [ 0732CFEEEFEFA5D386F8137383DCC3C7 ] \Device\Harddisk0\DR0\Partition1
17:02:50.0806 0x0a04  \Device\Harddisk0\DR0\Partition1 - ok
17:02:50.0806 0x0a04  [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk1\DR1\Partition1
17:02:50.0806 0x0a04  \Device\Harddisk1\DR1\Partition1 - ok
17:02:50.0806 0x0a04  [ 312E029F78E2E11ED9AE52F11C38B63A ] \Device\Harddisk1\DR1\Partition2
17:02:50.0895 0x0a04  \Device\Harddisk1\DR1\Partition2 - ok
17:02:50.0897 0x0a04  [ 4CA322E0F43A0DA16E9556AA7E0ECB01 ] \Device\Harddisk2\DR2\Partition1
17:02:50.0923 0x0a04  \Device\Harddisk2\DR2\Partition1 - ok
17:02:50.0924 0x0a04  ================ Scan generic autorun ======================
17:02:50.0949 0x0a04  [ 0FEBED0093D2FD38DA6C6E5DE1ADA24C, 6C6B186A2FC1DFD800041B160A7D71F5F1B3C70D62C7696B8DA89148A8D87D47 ] C:\Program Files (x86)\ZuneLauncher.exe
17:02:50.0968 0x0a04  Zune Launcher - ok
17:02:51.0120 0x0a04  [ 3D6737ADDB9B1DF81605C442ED6D2D90, 5B8D68945E1A97FD1AF40333448FE335743F48F46A70E303ADF406CC0CC253FB ] C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
17:02:51.0247 0x0a04  HDAudDeck - detected UnsignedFile.Multi.Generic ( 1 )
17:02:51.0247 0x0a04  HDAudDeck ( UnsignedFile.Multi.Generic ) - warning
17:02:51.0247 0x0a04  Force sending object to P2P due to detect: C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe
17:02:54.0409 0x0a04  Object send P2P result: true
17:02:57.0472 0x0a04  [ D9F25B1C673DEEF18A45AD2080DC9A5E, 76C4E520099F0CF3556158B6C154B68E4F954D4CA6A1851FB08979207F482200 ] C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe
17:02:57.0503 0x0a04  StartCCC - ok
17:02:57.0566 0x0a04  [ 34D296AFC913E302953C70463EF09A48, BC413307CBC56C039EE8A05B51A56E14EF59678FBB33815AEB320078056C8CE7 ] C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe
17:02:57.0597 0x0a04  HP Software Update - ok
17:02:57.0675 0x0a04  [ 299EDE8BBC229B7FA0BC0369BAE8CA2E, 788C06C7EDDDC0687A4137BDA00D320146425768960066FCBE0391BE7DBC2280 ] C:\Program Files (x86)\Raptr\raptrstub.exe
17:02:57.0706 0x0a04  Raptr - ok
17:02:57.0769 0x0a04  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:02:57.0847 0x0a04  Sidebar - ok
17:02:57.0862 0x0a04  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:02:57.0893 0x0a04  mctadmin - ok
17:02:57.0909 0x0a04  [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:02:57.0956 0x0a04  Sidebar - ok
17:02:57.0956 0x0a04  [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:02:57.0971 0x0a04  mctadmin - ok
17:02:58.0408 0x0a04  [ F87B252E8222E63899C8E95839B4AA04, 1B37290A77218E658878071821E7D3EBCA8202A9A5657CDA00AACC91C9E455C2 ] C:\Program Files (x86)\qBittorrent\qbittorrent.exe
17:02:58.0751 0x0a04  qBittorrent - detected UnsignedFile.Multi.Generic ( 1 )
17:02:58.0751 0x0a04  qBittorrent ( UnsignedFile.Multi.Generic ) - warning
17:03:01.0643 0x0a04  HitsBlender - ok
17:03:01.0753 0x0a04  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Users\AustinPH\AppData\Local\Google\Update\GoogleUpdate.exe
17:03:01.0768 0x0a04  Google Update - ok
17:03:01.0987 0x0a04  AV detected via SS2: Norton Security, C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51000 ( enabled : updated )
17:03:01.0987 0x0a04  FW detected via SS2: Norton Security, C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\WSCStub.exe ( 22.5.0.0 ), 0x51010 ( enabled )
17:03:04.0891 0x0a04  ============================================================
17:03:04.0891 0x0a04  Scan finished
17:03:04.0891 0x0a04  ============================================================
17:03:04.0891 0x09f8  Detected object count: 6
17:03:04.0891 0x09f8  Actual detected object count: 6
17:03:32.0634 0x09f8  AMD FUEL Service ( UnsignedFile.Multi.Generic ) - skipped by user
17:03:32.0634 0x09f8  AMD FUEL Service ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:03:32.0702 0x09f8  C:\Windows\system32\Drivers\cmwf.sys - copied to quarantine
17:03:32.0702 0x09f8  HKLM\SYSTEM\ControlSet001\services\cmwf - will be deleted on reboot
17:03:32.0730 0x09f8  HKLM\SYSTEM\ControlSet002\services\cmwf - will be deleted on reboot
17:03:32.0842 0x09f8  C:\Windows\system32\Drivers\cmwf.sys - will be deleted on reboot
17:03:32.0842 0x09f8  cmwf ( LockedFile.Multi.Generic ) - User select action: Delete 
17:03:32.0861 0x09f8  C:\Windows\system32\Drivers\cmwr.sys - copied to quarantine
17:03:32.0861 0x09f8  HKLM\SYSTEM\ControlSet001\services\cmwr - will be deleted on reboot
17:03:32.0871 0x09f8  HKLM\SYSTEM\ControlSet002\services\cmwr - will be deleted on reboot
17:03:32.0876 0x09f8  C:\Windows\system32\Drivers\cmwr.sys - will be deleted on reboot
17:03:32.0876 0x09f8  cmwr ( LockedFile.Multi.Generic ) - User select action: Delete 
17:03:32.0877 0x09f8  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - skipped by user
17:03:32.0877 0x09f8  Pml Driver HPZ12 ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:03:32.0878 0x09f8  HDAudDeck ( UnsignedFile.Multi.Generic ) - skipped by user
17:03:32.0878 0x09f8  HDAudDeck ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:03:32.0879 0x09f8  qBittorrent ( UnsignedFile.Multi.Generic ) - skipped by user
17:03:32.0879 0x09f8  qBittorrent ( UnsignedFile.Multi.Generic ) - User select action: Skip 
17:03:33.0443 0x09f8  KLMD registered as C:\Windows\system32\drivers\80735698.sys


#10 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 07 August 2015 - 07:09 PM

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:06-08-2015
Ran by AustinPH (administrator) on AUSTINPH-PC (07-08-2015 17:07:25)
Running from C:\Users\AustinPH\Desktop\New folder
Loaded Profiles: AustinPH (Available Profiles: AustinPH)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(CartCrunch Israel Ltd.) C:\ProgramData\PicColor Utility\ColorMedia.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Zune Launcher] => C:\Program Files (x86)\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\RunOnce: [{E0DB5BBE-E6A5-4D36-BFB0-8CB21105A628}] => cmd.exe /C start /D "C:\Users\AustinPH\AppData\Local\Temp" /B {E0DB5BBE-E6A5-4D36-BFB0-8CB21105A628}.exe -accepteula -accepteulaksn -postboot
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [14725120 2015-07-11] ()
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [HitsBlender] => "C:\Program Files (x86)\HitsBlender\hitsblender.exe" -s
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [Google Update] => C:\Users\AustinPH\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-04-24] (Google Inc.)
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\S-1-5-21-2542147359-456179191-873943161-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Winsock: Catalog9 01 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 02 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 03 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 04 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9 16 C:\Windows\SysWOW64\ColorMedia.dll [332608 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 01 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 02 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 03 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 04 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Winsock: Catalog9-x64 16 C:\Windows\system32\ColorMedia64.dll [378544 2015-01-06] (CartCrunch Israel Ltd.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B06EFC34-8BDF-492E-B699-12264EAD17CF}: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [No File]
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=3 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=9 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AustinPH\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2015-08-01]
 
Chrome: 
=======
CHR Profile: C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Google Slides) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-08-05]
CHR Extension: (Google Docs) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-02-03]
CHR Extension: (Google Drive) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-08-05]
CHR Extension: (YouTube) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-08-05]
CHR Extension: (Google Search) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-08-05]
CHR Extension: (Google Play Music) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\fahmaaghhglfmonjliepjlchgpgfmobi [2014-11-18]
CHR Extension: (Google Sheets) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-08-05]
CHR Extension: (AdBlock) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2014-04-27]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR Extension: (Gmail) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-08-05]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM\...\Chrome\Extension: [lfkjojacgdjkninepeghaamnapdjmlfn] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [File not signed]
R2 ColorMedia; C:\ProgramData\PicColor Utility\ColorMedia.exe [1406144 2015-01-04] (CartCrunch Israel Ltd.)
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [282016 2015-07-16] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [87040 2006-05-11] (Hewlett-Packard) [File not signed]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WMZuneComm; C:\Program Files (x86)\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S3 ZuneNetworkSvc; C:\Program Files (x86)\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; C:\Program Files (x86)\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150731.001\IDSvia64.sys [692984 2015-07-10] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-07 17:03 - 2015-08-07 17:03 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-08-06 16:40 - 2015-08-06 16:41 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\AustinPH\Desktop\tdsskiller.exe
2015-08-05 22:22 - 2015-08-05 22:23 - 00037739 _____ C:\Users\AustinPH\Downloads\Addition.txt
2015-08-05 22:21 - 2015-08-07 17:07 - 00000000 ____D C:\FRST
2015-08-05 22:21 - 2015-08-05 22:23 - 00058192 _____ C:\Users\AustinPH\Downloads\FRST.txt
2015-08-05 22:21 - 2015-08-05 22:21 - 02169856 _____ (Farbar) C:\Users\AustinPH\Downloads\FRST64.exe
2015-08-05 22:03 - 2015-08-05 22:03 - 00000136 _____ C:\Users\AustinPH\Downloads\winsockfix.bat
2015-08-05 21:37 - 2015-08-05 21:37 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup (1).exe
2015-08-05 21:36 - 2015-08-05 21:36 - 00002161 _____ C:\Users\AustinPH\Desktop\JRT.txt
2015-08-05 21:34 - 2015-08-05 21:34 - 01797896 _____ (Malwarebytes Corporation) C:\Users\AustinPH\Downloads\JRT.exe
2015-08-05 21:32 - 2015-08-05 21:32 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup.exe
2015-08-05 21:31 - 2015-08-05 21:31 - 00931408 _____ (Google Inc.) C:\Users\AustinPH\Downloads\ChromeSetup.exe
2015-08-05 20:26 - 2015-08-05 21:24 - 00000000 ____D C:\Program Files\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:28 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\FreeFixer
2015-08-05 20:26 - 2015-08-05 20:26 - 00000000 ____D C:\Users\AustinPH\AppData\Local\FreeFixer
2015-08-05 20:22 - 2015-08-07 17:07 - 00000000 ____D C:\Users\AustinPH\Desktop\New folder
2015-08-01 17:28 - 2015-08-01 17:29 - 11972384 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.2_setup.exe
2015-07-29 18:33 - 2015-07-29 18:33 - 00001196 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-return-of-the-king_english-117957.zip
2015-07-28 18:16 - 2015-07-28 18:16 - 00003692 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-two-towers_english-117945.zip
2015-07-28 17:23 - 2015-07-25 11:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 17:23 - 2015-07-25 11:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 17:23 - 2015-07-25 11:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 17:23 - 2015-07-25 10:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-24 21:34 - 2015-07-24 21:34 - 00000000 ____D C:\ProgramData\ATI
2015-07-24 21:33 - 2015-07-24 21:33 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201507242133588080.log
2015-07-24 21:33 - 2015-07-24 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-23 18:32 - 2015-07-23 18:32 - 00262144 ____N C:\Windows\Minidump\072315-32994-01.dmp
2015-07-23 17:53 - 2015-07-23 17:53 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2015-07-23 17:15 - 2015-07-23 17:15 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security
2015-07-20 19:34 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 19:34 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:34 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 17:38 - 2015-08-05 21:17 - 00000000 ____D C:\Users\AustinPH\AppData\Local\NPE
2015-07-14 20:35 - 2015-07-14 20:35 - 00012263 _____ C:\Users\AustinPH\Downloads\AI Setting.aip
2015-07-14 20:18 - 2015-07-14 20:18 - 00008118 _____ C:\Users\AustinPH\Downloads\Prime Schedule 2015-06-01 (1).aip
2015-07-14 18:58 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 18:58 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 18:58 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 18:58 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 18:58 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 18:58 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 18:58 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 18:58 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 18:54 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 18:54 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 18:54 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 18:54 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 18:54 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 18:54 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 18:54 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 18:54 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 18:54 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 18:54 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 18:54 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 18:54 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 18:54 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 18:54 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 18:54 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 18:54 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 18:54 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 18:54 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 18:54 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 18:54 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 18:54 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 18:54 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 18:54 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 18:54 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 18:54 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 18:54 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 18:50 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 18:50 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 18:50 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 18:50 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 18:50 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 18:50 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 18:50 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 18:50 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 18:50 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 18:44 - 2015-07-09 10:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 18:44 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 18:44 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 18:44 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 18:44 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 18:44 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 18:44 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 18:44 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 18:34 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 18:34 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-14 18:34 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-11 14:42 - 2015-08-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-07-11 14:38 - 2015-07-11 14:39 - 11854318 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.1_setup.exe
2015-07-10 19:21 - 2015-07-23 17:10 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-10 19:21 - 2015-07-22 18:08 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-10 19:21 - 2015-07-22 18:08 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-10 19:21 - 2015-07-10 19:21 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
2015-07-10 19:17 - 2015-07-10 19:17 - 00000000 ____D C:\Program Files (x86)\Norton Security
2015-07-10 19:12 - 2015-07-10 19:12 - 01110744 _____ (Symantec Corporation) C:\Users\AustinPH\Downloads\NSDownloader.exe
2015-07-10 06:39 - 2015-07-29 18:17 - 00000000 ___HD C:\$Windows.~BT
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-06 16:36 - 2014-04-06 11:01 - 01491890 _____ C:\Windows\PFRO.log
2015-08-05 21:27 - 2014-01-24 19:05 - 00000000 ____D C:\Users\AustinPH
2015-08-05 21:25 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-05 21:25 - 2014-05-07 22:54 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-05 21:25 - 2014-01-28 19:21 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-05 21:24 - 2015-02-02 18:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-05 21:24 - 2015-01-06 19:47 - 00000000 ____D C:\ProgramData\PicColor Utility
2015-08-05 21:24 - 2014-11-17 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-05 21:24 - 2014-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2015-08-05 21:24 - 2014-09-14 22:22 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Unity
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\qBittorrent
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2015-08-05 21:24 - 2014-04-06 11:12 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Raptr
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banished
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Games
2015-08-05 21:24 - 2014-02-18 00:00 - 00000000 ____D C:\Program Files\UltraDefrag
2015-08-05 21:24 - 2014-02-03 19:15 - 00000000 ____D C:\Program Files\WinRAR
2015-08-05 21:24 - 2014-02-02 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-05 21:24 - 2014-01-24 19:58 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\vlc
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2015-08-05 21:23 - 2014-01-28 21:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-05 21:23 - 2014-01-24 19:46 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Google
2015-08-05 21:23 - 2014-01-24 19:20 - 00000000 ____D C:\ProgramData\Norton
2015-08-05 21:22 - 2014-01-24 19:46 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-05 17:46 - 2010-11-21 00:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieUserList
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieSiteList
2015-08-01 17:39 - 2014-01-24 18:47 - 01276945 _____ C:\Windows\WindowsUpdate.log
2015-08-01 17:25 - 2014-02-02 18:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-01 17:24 - 2014-02-18 18:39 - 00054809 _____ C:\Windows\setupact.log
2015-08-01 17:24 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 22:21 - 2014-02-02 18:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-31 21:46 - 2015-04-24 21:21 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA.job
2015-07-30 17:46 - 2015-04-24 21:21 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core.job
2015-07-29 18:22 - 2014-01-24 18:43 - 00000000 ____D C:\Windows\Panther
2015-07-28 19:17 - 2014-02-08 19:11 - 00000000 ____D C:\Users\AustinPH\Documents\My stuff
2015-07-24 21:34 - 2014-11-23 12:48 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-24 21:34 - 2014-02-02 13:06 - 00000000 ____D C:\Program Files\AMD
2015-07-24 21:32 - 2014-04-06 11:10 - 00000000 ____D C:\ProgramData\AMD
2015-07-24 21:26 - 2014-01-28 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 21:24 - 2014-04-06 11:02 - 00000000 ____D C:\AMD
2015-07-23 18:32 - 2014-01-28 23:39 - 00000000 ____D C:\Windows\Minidump
2015-07-21 17:10 - 2009-07-13 21:45 - 00298944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 15:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 17:39 - 2014-02-12 21:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 17:36 - 2015-06-26 17:50 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:34 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 18:16 - 2014-02-02 18:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 18:16 - 2014-02-02 18:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 17:41 - 2015-04-24 21:21 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA
2015-07-15 17:41 - 2015-04-24 21:21 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core
2015-07-15 17:31 - 2014-12-10 19:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 17:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 22:36 - 2014-01-24 23:18 - 00000000 ____D C:\Windows\system32\MRT
2015-07-10 19:41 - 2014-01-24 19:20 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-10 19:12 - 2014-01-24 19:20 - 00000000 ____D C:\Users\Public\Downloads\Norton
 
==================== Files in the root of some directories =======
 
2011-06-06 13:50 - 2011-06-06 13:50 - 0000054 _____ () C:\Program Files (x86)\Arrow.gif
2011-06-06 13:50 - 2011-06-06 13:50 - 0000631 _____ () C:\Program Files (x86)\Background.jpg
2011-08-05 12:31 - 2011-08-05 12:31 - 0182784 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Program Files (x86)\l3codecp.acm
2011-06-21 23:45 - 2011-06-21 23:45 - 9532452 _____ () C:\Program Files (x86)\Meiryoz.ttc
2011-06-06 13:48 - 2011-06-06 13:48 - 0001859 _____ () C:\Program Files (x86)\Microsoft.VC90.CRT.manifest
2007-10-02 14:12 - 2007-10-02 14:12 - 1642568 _____ (Microsoft Corporation) C:\Program Files (x86)\msidcrl40.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0245760 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcm90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0856576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0626688 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr90.dll
2011-06-06 13:50 - 2011-06-06 13:50 - 0122458 _____ () C:\Program Files (x86)\quickplaymap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121358 _____ () C:\Program Files (x86)\quickplaymap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121162 _____ () C:\Program Files (x86)\quickplaymap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122068 _____ () C:\Program Files (x86)\quickplaymap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121489 _____ () C:\Program Files (x86)\quickplaymap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121837 _____ () C:\Program Files (x86)\quickplaymap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122620 _____ () C:\Program Files (x86)\quickplaymap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121952 _____ () C:\Program Files (x86)\quickplaymap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121257 _____ () C:\Program Files (x86)\quickplaymap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121403 _____ () C:\Program Files (x86)\quickplaymap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121834 _____ () C:\Program Files (x86)\quickplaymap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122210 _____ () C:\Program Files (x86)\quickplaymap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121621 _____ () C:\Program Files (x86)\quickplaymap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122060 _____ () C:\Program Files (x86)\quickplaymap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0120995 _____ () C:\Program Files (x86)\quickplaymap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122484 _____ () C:\Program Files (x86)\quickplaymap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122053 _____ () C:\Program Files (x86)\quickplaymap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121155 _____ () C:\Program Files (x86)\quickplaymap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122414 _____ () C:\Program Files (x86)\quickplaymap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122134 _____ () C:\Program Files (x86)\quickplaymap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121635 _____ () C:\Program Files (x86)\quickplaymap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122790 _____ () C:\Program Files (x86)\quickplaymap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121558 _____ () C:\Program Files (x86)\quickplaymap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0251333 _____ () C:\Program Files (x86)\softwaremap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0095912 _____ () C:\Program Files (x86)\softwaremap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096751 _____ () C:\Program Files (x86)\softwaremap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097298 _____ () C:\Program Files (x86)\softwaremap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096323 _____ () C:\Program Files (x86)\softwaremap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097580 _____ () C:\Program Files (x86)\softwaremap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0100499 _____ () C:\Program Files (x86)\softwaremap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097782 _____ () C:\Program Files (x86)\softwaremap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096441 _____ () C:\Program Files (x86)\softwaremap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097435 _____ () C:\Program Files (x86)\softwaremap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096737 _____ () C:\Program Files (x86)\softwaremap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0092713 _____ () C:\Program Files (x86)\softwaremap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098431 _____ () C:\Program Files (x86)\softwaremap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096603 _____ () C:\Program Files (x86)\softwaremap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0093267 _____ () C:\Program Files (x86)\softwaremap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0093248 _____ () C:\Program Files (x86)\softwaremap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096513 _____ () C:\Program Files (x86)\softwaremap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094750 _____ () C:\Program Files (x86)\softwaremap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098663 _____ () C:\Program Files (x86)\softwaremap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098102 _____ () C:\Program Files (x86)\softwaremap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097716 _____ () C:\Program Files (x86)\softwaremap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0099979 _____ () C:\Program Files (x86)\softwaremap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094597 _____ () C:\Program Files (x86)\softwaremap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0001922 _____ () C:\Program Files (x86)\TopBar.gif
2011-08-05 12:56 - 2011-08-05 12:56 - 1530592 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 0645856 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.renderapi.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1288928 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXcontrols.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1752288 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXrender.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0035552 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXsup.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0306400 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneComm.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0018656 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneCommProxyStub.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0021216 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneDTPTDNS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0027872 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneTCP2UDP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0223968 _____ (Microsoft Corporation) C:\Program Files (x86)\Zune.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000659 _____ () C:\Program Files (x86)\Zune.exe.config
2011-08-05 12:53 - 2011-08-05 12:53 - 0121056 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneAACDec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0061664 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCfg.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0056544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneConfig.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 1481440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCore.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0212192 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDB.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1175264 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDBApi.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0072928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDXVA2.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0129248 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEffects.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0038624 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEnc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 2110176 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEncEng.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0376544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEvr.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1184480 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneH264Dec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0218848 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneHost.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0163552 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneLauncher.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000988 _____ () C:\Program Files (x86)\ZuneLogo.gif
2011-08-05 12:53 - 2011-08-05 12:53 - 1096928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMarketplaceResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0879328 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMBR.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1161440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMde.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0707808 _____ (Microsoft Corporation) C:\Program Files (x86)\ZUNEMP4SDECD.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 10061536 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNativeLib.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 8277728 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNss.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0347872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNssci.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0131296 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePresenter.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0020704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0916704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneQP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 3889376 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0155872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSA.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0514272 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSE.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1257184 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneService.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 4020448 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSetup.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0683744 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSH.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0017632 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShare.exe
2011-08-05 12:56 - 2011-08-05 12:56 - 1272544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShell.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0074464 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellExt.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 16921312 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0507104 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0366816 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSrcWrp.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0100064 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneTaskbar.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0467680 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWlanCfgSvc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0863968 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmdu.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0009440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmduResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0152288 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Classic.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157920 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Library.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0196832 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Mobile.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157408 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.ZuneHD.dll
2014-08-28 20:45 - 2014-08-28 20:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-06-20 13:41 - 2014-06-20 13:41 - 0000040 _____ () C:\ProgramData\ra3.ini
 
Some files in TEMP:
====================
C:\Users\AustinPH\AppData\Local\Temp\{E0DB5BBE-E6A5-4D36-BFB0-8CB21105A628}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-02 15:19
 
==================== End of log ============================


#11 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:27 AM

Posted 08 August 2015 - 06:25 AM

Step 1

Please download adwcleaner.png AdwCleaner (by Xplode) and save it to your Desktop.
  • Double click on AdwCleaner.exe to run the tool.
    Vista/Windows 7/8 users right-click and select "Run As Administrator"
  • Click on the Scan button.
  • After the scan has finished, click on the Clean button.
  • Press OK when asked to close all programs and follow the onscreen prompts.
  • After rebooting, a log file (that is saved in C:\AdwCleaner[S#].txt) will open automatically.
    Copy and paste the contents of that logfile in your next reply.
Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Press the Scan button.
  • When finished, FRST will produce a log (FRST.txt) in the same directory the tool was run from.
    Please copy and paste the log in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#12 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 08 August 2015 - 02:55 PM

# AdwCleaner v4.208 - Logfile created 08/08/2015 at 12:49:40
# Updated 09/07/2015 by Xplode
# Database : 2015-08-01.1 [Server]
# Operating system : Windows 7 Ultimate Service Pack 1 (x64)
# Username : AustinPH - AUSTINPH-PC
# Running from : C:\Users\AustinPH\Desktop\AdwCleaner.exe
# Option : Cleaning
 
***** [ Services ] *****
 
[#] Service Deleted : ColorMedia
 
***** [ Files / Folders ] *****
 
Folder Deleted : C:\ProgramData\PicColor Utility
Folder Deleted : C:\Program Files\FreeFixer
Folder Deleted : C:\Users\AustinPH\AppData\Local\FreeFixer
Folder Deleted : C:\Users\AustinPH\AppData\Roaming\FreeFixer
Folder Deleted : C:\Users\AustinPH\AppData\Roaming\SimpleFiles
Folder Deleted : C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\LuckyTab
File Deleted : C:\Windows\SysWOW64\ColorMedia.dll
File Deleted : C:\Windows\SysWOW64\ColorMediaOff.ini
File Deleted : C:\Windows\System32\ColorMediaOff.ini
File Deleted : C:\Windows\System32\ColorMedia64.dll
 
***** [ Scheduled tasks ] *****
 
Task Deleted : LuckyTab
 
***** [ Shortcuts ] *****
 
 
***** [ Registry ] *****
 
Key Deleted : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\lfkjojacgdjkninepeghaamnapdjmlfn
Key Deleted : HKLM\SOFTWARE\Classes\S
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [HitsBlender]
Key Deleted : HKLM\SOFTWARE\9a649dff-076d-90b1-3d1e-ff0b955b95e0
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{589B893E-773C-4941-88C2-0DCC718E621C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{589B893E-773C-4941-88C2-0DCC718E621C}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}
Key Deleted : HKCU\Software\SimpleFiles
Key Deleted : HKCU\Software\TutoTag
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\SimpleFiles
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\LuckyTab
Key Deleted : HKLM\SOFTWARE\PicColor Utility
Key Deleted : HKLM\SOFTWARE\HitsBlender
Key Deleted : [x64] HKLM\SOFTWARE\PicColor Utility
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.ask.com
 
***** [ Web browsers ] *****
 
-\\ Internet Explorer v11.0.9600.17909
 
 
-\\ Google Chrome v44.0.2403.130
 
[C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Homepage] : 
[C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] - Deleted [Startup_URLs] : FFBAE5FAD4CD6DFB6BFB1D3D57A9C39665253DC417FDA31BC78A79F946B3A7F5"},"software_reporter":{"prompt_reason":"4FA7264D48414B414007A8E65937EE8DBA094BD199ABC3845E384A295BA74880","prompt_seed":"B90B7123FFEA56D661EBCA05575D11800FB2287EB5F6EC91813C23214616D8FB","prompt_version":"5328B56BF41114A7F2A83220E4DDDB670DD6C5C7B20B19097531693DB3DA043F"},"sync":{"remaining_rollback_tries":"646BC2CC633F45DE3B33AF2EE75B6007BBACCEA000B04A37868149B6172E5705"}},"super_mac":"9FAC50E63B27BB7F7D529298A2576EC7C035FA7EE20B3CA72485D77E0FDD5FD3"},"session":{"restore_on_startup":5,"startup_urls":["hxxp://www.google.com/","hxxp://search.conduit.com/?ctid=CT3306061&SearchSource=48&CUI=UN33198347471340131&UM=2
 
*************************
 
AdwCleaner[R0].txt - [10418 bytes] - [08/08/2015 12:48:48]
AdwCleaner[S0].txt - [5148 bytes] - [08/08/2015 12:49:40]
 
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5207  bytes] ##########

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:02-08-2015 01
Ran by AustinPH (administrator) on AUSTINPH-PC (08-08-2015 12:54:02)
Running from C:\Users\AustinPH\Desktop
Loaded Profiles: AustinPH (Available Profiles: AustinPH)
Platform: Windows 7 Ultimate Service Pack 1 (X64) Language: English (United States)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Safe Mode (with Networking)
 
==================== Processes (Whitelisted) =================
 
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
 
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
 
 
==================== Registry (Whitelisted) ==================
 
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
 
HKLM\...\Run: [Zune Launcher] => C:\Program Files (x86)\ZuneLauncher.exe [163552 2011-08-05] (Microsoft Corporation)
HKLM-x32\...\Run: [HDAudDeck] => C:\Program Files (x86)\VIA\VIAudioi\VDeck\VDeck.exe [5015040 2012-02-09] (VIA)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\AMD\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-06-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\Hp\HP Software Update\HPWuSchd2.exe [96056 2013-05-30] (Hewlett-Packard)
HKLM-x32\...\Run: [Raptr] => C:\Program Files (x86)\Raptr\raptrstub.exe [56080 2015-07-27] (Raptr, Inc)
HKLM-x32\...\RunOnce: [{E0DB5BBE-E6A5-4D36-BFB0-8CB21105A628}] => cmd.exe /C start /D "C:\Users\AustinPH\AppData\Local\Temp" /B {E0DB5BBE-E6A5-4D36-BFB0-8CB21105A628}.exe -accepteula -accepteulaksn -postboot
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [qBittorrent] => C:\Program Files (x86)\qBittorrent\qbittorrent.exe [14725120 2015-07-11] ()
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\Run: [Google Update] => C:\Users\AustinPH\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2015-04-24] (Google Inc.)
HKU\S-1-5-21-2542147359-456179191-873943161-1000\...\RunOnce: [Report] => C:\AdwCleaner\AdwCleaner[S0].txt [5339 2015-08-08] ()
ShellIconOverlayIdentifiers: [  OverlayExcluded] -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayPending] -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
ShellIconOverlayIdentifiers: [  OverlayProtected] -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\buShell.dll [2015-07-13] (Symantec Corporation)
 
==================== Internet (Whitelisted) ====================
 
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
 
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files\AMD\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
BHO-x32: SteadyVideoBHO Class -> {6C680BAE-655C-4E3D-8FC4-E6A520C3D928} -> C:\Program Files (x86)\amd\SteadyVideo\SteadyVideo.dll [2012-02-14] (Advanced Micro Devices)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine64\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\coIEPlg.dll [2015-07-09] (Symantec Corporation)
Filter: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/mp4 - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files\AMD\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Filter-x32: video/x-flv - {20C75730-7C25-476B-95DC-C65810F9E489} - C:\Program Files (x86)\amd\SteadyVideo\VideoMIMEFilter.dll [2011-06-08] (Advanced Micro Devices)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{B06EFC34-8BDF-492E-B699-12264EAD17CF}: [DhcpNameServer] 192.168.1.254
StartMenuInternet: IEXPLORE.EXE - iexplore.exe
 
FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll No File
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1207148.dll [2013-12-05] (Adobe Systems, Inc.)
FF Plugin-x32: @google.com/npPicasa3,version=3.0.0 -> C:\Program Files (x86)\Google\Picasa3\npPicasa3.dll [2015-02-13] (Google, Inc.)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-02-21] (RocketLife, LLP)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.2 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.2.1 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2015-04-13] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-06-29] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=3 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @tools.google.com/Google Update;version=9 -> C:\Users\AustinPH\AppData\Local\Google\Update\1.3.28.1\npGoogleUpdate3.dll [2015-07-15] (Google Inc.)
FF Plugin HKU\S-1-5-21-2542147359-456179191-873943161-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\AustinPH\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-09-05] (Unity Technologies ApS)
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\NS_22.5.0.124\coFFPlgn [2015-08-01]
 
Chrome: 
=======
CHR Profile: C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Norton Security Toolbar) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\cjabmdjcfcfdmffimndhafhblfmpjdpe [2015-08-08]
CHR Extension: (Norton Identity Safe) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\iikflkcanblccfahdhdonehdalibjnif [2015-08-08]
CHR Extension: (Chrome Hotword Shared Module) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-03-14]
CHR Extension: (Chrome Web Store Payments) - C:\Users\AustinPH\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-04-27]
CHR HKLM\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [cjabmdjcfcfdmffimndhafhblfmpjdpe] - C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\Exts\Chrome.crx [2015-07-22]
CHR HKLM-x32\...\Chrome\Extension: [iikflkcanblccfahdhdonehdalibjnif] - https://clients2.google.com/service/update2/crx
 
==================== Services (Whitelisted) ========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AMD FUEL Service; C:\Program Files\AMD\ATI.ACE\Fuel\Fuel.Service.exe [344064 2015-06-22] (Advanced Micro Devices, Inc.) [File not signed]
S2 HPSupportSolutionsFrameworkService; C:\Program Files (x86)\Hp\Common\HPSupportSolutionsFrameworkService.exe [78088 2014-08-26] (Hewlett-Packard Company)
S2 NS; C:\Program Files (x86)\Norton Security\Engine\22.5.2.15\NS.exe [282016 2015-07-16] (Symantec Corporation)
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [87040 2006-05-11] (Hewlett-Packard) [File not signed]
S2 VIAKaraokeService; C:\Windows\system32\viakaraokesrv.exe [27760 2011-11-11] (VIA Technologies, Inc.)
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-26] (Microsoft Corporation)
S3 WMZuneComm; C:\Program Files (x86)\WMZuneComm.exe [306400 2011-08-05] (Microsoft Corporation)
S3 ZuneNetworkSvc; C:\Program Files (x86)\ZuneNss.exe [8277728 2011-08-05] (Microsoft Corporation)
S3 ZuneWlanCfgSvc; C:\Program Files (x86)\ZuneWlanCfgSvc.exe [467680 2011-08-05] (Microsoft Corporation)
 
===================== Drivers (Whitelisted) ==========================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
S2 AODDriver4.3; C:\Program Files\AMD\ATI.ACE\Fuel\amd64\AODDriver2.sys [59616 2014-02-11] (Advanced Micro Devices)
S1 AsIO; C:\Windows\SysWow64\drivers\AsIO.sys [13440 2010-08-23] ()
S1 BHDrvx64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\BASHDefs\20150728.001\BHDrvx64.sys [1650936 2015-07-23] (Symantec Corporation)
S1 ccSet_NS; C:\Windows\system32\drivers\NSx64\1605020.00F\ccSetx64.sys [173808 2015-07-10] (Symantec Corporation)
S1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [498512 2015-07-27] (Symantec Corporation)
S3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [153936 2015-07-27] (Symantec Corporation)
S1 IDSVia64; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\IPSDefs\20150731.001\IDSvia64.sys [692984 2015-07-10] (Symantec Corporation)
R3 MTsensor; C:\Windows\System32\DRIVERS\ASACPI.sys [15416 2009-07-16] ()
S3 NAVENG; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\ENG64.SYS [138488 2015-05-20] (Symantec Corporation)
S3 NAVEX15; C:\Program Files (x86)\Norton Security\NortonData\22.5.0.124\Definitions\VirusDefs\20150731.002\EX64.SYS [2146040 2015-05-20] (Symantec Corporation)
S1 SRTSP; C:\Windows\System32\Drivers\NSx64\1605020.00F\SRTSP64.SYS [926448 2015-07-10] (Symantec Corporation)
S1 SRTSPX; C:\Windows\system32\drivers\NSx64\1605020.00F\SRTSPX64.SYS [50936 2015-07-10] (Symantec Corporation)
R0 SymEFASI; C:\Windows\System32\drivers\NSx64\1605020.00F\SYMEFASI64.SYS [1620720 2015-07-10] (Symantec Corporation)
S3 SymEvent; C:\Windows\system32\Drivers\SYMEVENT64x86.SYS [111344 2015-07-22] (Symantec Corporation)
S1 SymIRON; C:\Windows\system32\drivers\NSx64\1605020.00F\Ironx64.SYS [297720 2015-07-10] (Symantec Corporation)
S1 SymNetS; C:\Windows\System32\Drivers\NSx64\1605020.00F\SYMNETS.SYS [576248 2015-07-10] (Symantec Corporation)
S3 WinRing0_1_2_0; C:\Program Files (x86)\Moo0\SystemMonitor 1.76\WinRing0x64.sys [14544 2008-07-26] (OpenLibSys.org)
S2 AODDriver4.2.0; \??\C:\Program Files\ATI Technologies\ATI.ACE\Fuel\amd64\AODDriver2.sys [X]
S3 VGPU; System32\drivers\rdvgkmd.sys [X]
 
==================== NetSvcs (Whitelisted) ===================
 
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
 
 
==================== One Month Created files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-08 12:54 - 2015-08-08 12:54 - 00013525 _____ C:\Users\AustinPH\Desktop\FRST.txt
2015-08-08 12:48 - 2015-08-08 12:49 - 00000000 ____D C:\AdwCleaner
2015-08-08 12:47 - 2015-08-08 12:47 - 02248704 _____ C:\Users\AustinPH\Desktop\AdwCleaner.exe
2015-08-07 17:03 - 2015-08-07 17:03 - 00000000 ____D C:\TDSSKiller_Quarantine
2015-08-06 16:40 - 2015-08-06 16:41 - 04404952 _____ (Kaspersky Lab ZAO) C:\Users\AustinPH\Desktop\tdsskiller.exe
2015-08-05 22:22 - 2015-08-05 22:23 - 00037739 _____ C:\Users\AustinPH\Downloads\Addition.txt
2015-08-05 22:21 - 2015-08-08 12:54 - 00000000 ____D C:\FRST
2015-08-05 22:21 - 2015-08-05 22:23 - 00058192 _____ C:\Users\AustinPH\Downloads\FRST.txt
2015-08-05 22:21 - 2015-08-05 22:21 - 02169856 _____ (Farbar) C:\Users\AustinPH\Desktop\FRST64.exe
2015-08-05 22:03 - 2015-08-05 22:03 - 00000136 _____ C:\Users\AustinPH\Downloads\winsockfix.bat
2015-08-05 21:37 - 2015-08-05 21:37 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup (1).exe
2015-08-05 21:36 - 2015-08-05 21:36 - 00002161 _____ C:\Users\AustinPH\Desktop\JRT.txt
2015-08-05 21:34 - 2015-08-05 21:34 - 01797896 _____ (Malwarebytes Corporation) C:\Users\AustinPH\Downloads\JRT.exe
2015-08-05 21:32 - 2015-08-05 21:32 - 02178872 _____ (Reason Software Company Inc.) C:\Users\AustinPH\Downloads\ShouldIRemoveIt_Setup.exe
2015-08-05 21:31 - 2015-08-05 21:31 - 00931408 _____ (Google Inc.) C:\Users\AustinPH\Downloads\ChromeSetup.exe
2015-08-05 20:22 - 2015-08-07 17:08 - 00000000 ____D C:\Users\AustinPH\Desktop\New folder
2015-08-01 17:28 - 2015-08-01 17:29 - 11972384 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.2_setup.exe
2015-07-29 18:33 - 2015-07-29 18:33 - 00001196 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-return-of-the-king_english-117957.zip
2015-07-28 18:16 - 2015-07-28 18:16 - 00003692 _____ C:\Users\AustinPH\Downloads\the-lord-of-the-rings-the-two-towers_english-117945.zip
2015-07-28 17:23 - 2015-07-25 11:07 - 00017856 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2015-07-28 17:23 - 2015-07-25 11:04 - 00765440 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-07-28 17:23 - 2015-07-25 11:04 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 01085440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00433664 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-07-28 17:23 - 2015-07-25 11:03 - 00067584 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-07-28 17:23 - 2015-07-25 10:55 - 01145856 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-07-24 21:34 - 2015-07-24 21:34 - 00000000 ____D C:\ProgramData\ATI
2015-07-24 21:33 - 2015-07-24 21:33 - 00058661 _____ C:\Windows\SysWOW64\CCCInstall_201507242133588080.log
2015-07-24 21:33 - 2015-07-24 21:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Catalyst Control Center
2015-07-23 18:32 - 2015-07-23 18:32 - 00262144 ____N C:\Windows\Minidump\072315-32994-01.dmp
2015-07-23 17:53 - 2015-07-23 17:53 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Google Photos Backup
2015-07-23 17:15 - 2015-07-23 17:15 - 00000000 ____D C:\Windows\System32\Tasks\Norton Security
2015-07-20 19:34 - 2015-07-14 20:19 - 00100864 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00046080 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00041984 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-20 19:34 - 2015-07-14 20:19 - 00014336 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\fontsub.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00034304 _____ (Adobe Systems) C:\Windows\SysWOW64\atmlib.dll
2015-07-20 19:34 - 2015-07-14 19:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dciman32.dll
2015-07-20 19:34 - 2015-07-14 19:54 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\lpk.dll
2015-07-20 19:34 - 2015-07-14 18:59 - 00372224 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 19:34 - 2015-07-14 18:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\atmfd.dll
2015-07-15 17:38 - 2015-08-05 21:17 - 00000000 ____D C:\Users\AustinPH\AppData\Local\NPE
2015-07-14 20:35 - 2015-07-14 20:35 - 00012263 _____ C:\Users\AustinPH\Downloads\AI Setting.aip
2015-07-14 20:18 - 2015-07-14 20:18 - 00008118 _____ C:\Users\AustinPH\Downloads\Prime Schedule 2015-06-01 (1).aip
2015-07-14 18:58 - 2015-07-02 14:21 - 19877376 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-07-14 18:58 - 2015-07-02 14:08 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:50 - 02279424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:49 - 25193984 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-14 18:58 - 2015-07-02 13:46 - 00479232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
2015-07-14 18:58 - 2015-07-02 13:40 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-14 18:58 - 2015-07-02 13:23 - 02885632 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-14 18:58 - 2015-07-02 13:19 - 12855296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-07-14 18:58 - 2015-07-02 13:12 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-14 18:58 - 2015-07-02 12:55 - 01310720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-07-14 18:58 - 2015-07-02 12:20 - 14453248 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-14 18:58 - 2015-07-02 11:59 - 01545728 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-14 18:54 - 2015-06-25 11:09 - 00389832 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2015-07-14 18:54 - 2015-06-25 10:43 - 00342736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
2015-07-14 18:54 - 2015-06-20 13:06 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2015-07-14 18:54 - 2015-06-20 12:50 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-14 18:54 - 2015-06-20 12:49 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-14 18:54 - 2015-06-20 12:49 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-20 12:48 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-20 12:40 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-14 18:54 - 2015-06-20 12:39 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00816640 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-14 18:54 - 2015-06-20 12:34 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-14 18:54 - 2015-06-20 12:34 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2015-07-14 18:54 - 2015-06-20 12:25 - 00968704 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2015-07-14 18:54 - 2015-06-20 12:21 - 00490496 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-14 18:54 - 2015-06-20 12:13 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-20 12:08 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2015-07-14 18:54 - 2015-06-20 12:07 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-14 18:54 - 2015-06-20 12:05 - 00316928 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-14 18:54 - 2015-06-20 11:48 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-07-14 18:54 - 2015-06-20 11:46 - 02125824 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-14 18:54 - 2015-06-20 11:46 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-20 11:26 - 02427392 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-14 18:54 - 2015-06-20 11:02 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00504320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-07-14 18:54 - 2015-06-19 11:25 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
2015-07-14 18:54 - 2015-06-19 11:24 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
2015-07-14 18:54 - 2015-06-19 11:24 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
2015-07-14 18:54 - 2015-06-19 11:23 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
2015-07-14 18:54 - 2015-06-19 11:17 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
2015-07-14 18:54 - 2015-06-19 11:16 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-07-14 18:54 - 2015-06-19 11:13 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
2015-07-14 18:54 - 2015-06-19 11:03 - 00418304 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
2015-07-14 18:54 - 2015-06-19 10:57 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-07-14 18:54 - 2015-06-19 10:53 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
2015-07-14 18:54 - 2015-06-19 10:52 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
2015-07-14 18:54 - 2015-06-19 10:51 - 00285696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
2015-07-14 18:54 - 2015-06-19 10:40 - 02052608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
2015-07-14 18:54 - 2015-06-19 10:40 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-07-14 18:54 - 2015-06-19 10:39 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
2015-07-14 18:54 - 2015-06-19 10:15 - 01951232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-07-14 18:54 - 2015-06-19 10:11 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-07-14 18:50 - 2015-07-01 13:56 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-14 18:50 - 2015-07-01 13:56 - 00095680 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-14 18:50 - 2015-07-01 13:49 - 01461760 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 01216512 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00729088 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00342016 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00309760 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00210944 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00029184 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-14 18:50 - 2015-07-01 13:49 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00044032 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:48 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:47 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:47 - 00031232 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-14 18:50 - 2015-07-01 13:43 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:43 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:39 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
2015-07-14 18:50 - 2015-07-01 13:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00665088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
2015-07-14 18:50 - 2015-07-01 13:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
2015-07-14 18:50 - 2015-07-01 13:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
2015-07-14 18:50 - 2015-07-01 13:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
2015-07-14 18:50 - 2015-07-01 13:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
2015-07-14 18:50 - 2015-07-01 12:27 - 00159232 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00290816 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-14 18:50 - 2015-07-01 12:26 - 00129024 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-14 18:50 - 2015-06-15 14:50 - 00112064 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-14 18:50 - 2015-06-15 14:45 - 03242496 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 01941504 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00504320 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:45 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-14 18:50 - 2015-06-15 14:44 - 00128000 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msi.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\SysWOW64\authui.dll
2015-07-14 18:50 - 2015-06-15 14:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msihnd.dll
2015-07-14 18:50 - 2015-06-15 14:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msiexec.exe
2015-07-14 18:50 - 2015-06-15 14:42 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-14 18:50 - 2015-06-15 14:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msimsg.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 03154944 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 02603008 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00696320 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00192000 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00139776 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00091136 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037888 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00037376 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-07-14 18:44 - 2015-07-09 10:58 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-07-14 18:44 - 2015-07-09 10:58 - 00012288 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00566784 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00173056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00093184 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-07-14 18:44 - 2015-07-09 10:43 - 00030208 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-07-14 18:44 - 2015-07-09 10:42 - 00034816 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-07-14 18:44 - 2015-06-26 19:47 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 19:43 - 05923840 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-14 18:44 - 2015-06-26 18:58 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
2015-07-14 18:44 - 2015-06-26 18:39 - 04520448 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-07-14 18:44 - 2015-06-25 01:57 - 03207168 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-14 18:44 - 2015-06-17 10:47 - 00404992 _____ (Microsoft Corporation) C:\Windows\system32\gdi32.dll
2015-07-14 18:44 - 2015-06-17 10:37 - 00312320 _____ (Microsoft Corporation) C:\Windows\SysWOW64\gdi32.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 03180544 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-14 18:44 - 2015-06-09 11:03 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-14 18:44 - 2015-06-01 17:07 - 00254976 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-14 18:44 - 2015-06-01 16:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cewmdm.dll
2015-07-14 18:34 - 2015-07-04 11:07 - 02087424 _____ (Microsoft Corporation) C:\Windows\system32\ole32.dll
2015-07-14 18:34 - 2015-07-04 10:48 - 01414656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ole32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 01480192 _____ (Microsoft Corporation) C:\Windows\system32\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00229376 _____ (Microsoft Corporation) C:\Windows\system32\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00188416 _____ (Microsoft Corporation) C:\Windows\system32\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:23 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\cryptnet.dll
2015-07-14 18:34 - 2015-04-27 12:05 - 00179200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wintrust.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 01174528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\crypt32.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00143872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptsvc.dll
2015-07-14 18:34 - 2015-04-27 12:04 - 00103936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptnet.dll
2015-07-11 14:42 - 2015-08-05 21:24 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\qBittorrent
2015-07-11 14:38 - 2015-07-11 14:39 - 11854318 _____ (The qBittorrent project) C:\Users\AustinPH\Downloads\qbittorrent_3.2.1_setup.exe
2015-07-10 19:21 - 2015-07-23 17:10 - 00003216 _____ C:\Windows\System32\Tasks\Norton WSC Integration
2015-07-10 19:21 - 2015-07-22 18:08 - 00111344 _____ (Symantec Corporation) C:\Windows\system32\Drivers\SYMEVENT64x86.SYS
2015-07-10 19:21 - 2015-07-22 18:08 - 00008214 _____ C:\Windows\system32\Drivers\SYMEVENT64x86.CAT
2015-07-10 19:21 - 2015-07-10 19:21 - 00000000 ____D C:\Program Files\Common Files\Symantec Shared
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Security
2015-07-10 19:17 - 2015-07-23 17:10 - 00000000 ____D C:\Windows\system32\Drivers\NSx64
2015-07-10 19:17 - 2015-07-10 19:17 - 00000000 ____D C:\Program Files (x86)\Norton Security
2015-07-10 19:12 - 2015-07-10 19:12 - 01110744 _____ (Symantec Corporation) C:\Users\AustinPH\Downloads\NSDownloader.exe
2015-07-10 06:39 - 2015-07-29 18:17 - 00000000 ___HD C:\$Windows.~BT
 
==================== One Month Modified files and folders ========
 
(If an entry is included in the fixlist, the file/folder will be moved.)
 
2015-08-06 16:36 - 2014-04-06 11:01 - 01491890 _____ C:\Windows\PFRO.log
2015-08-05 21:27 - 2014-01-24 19:05 - 00000000 ____D C:\Users\AustinPH
2015-08-05 21:25 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\system32\GWX
2015-08-05 21:25 - 2014-05-07 22:54 - 00000000 ___SD C:\Windows\system32\CompatTel
2015-08-05 21:25 - 2014-01-28 19:21 - 00065536 _____ C:\Windows\system32\spu_storage.bin
2015-08-05 21:24 - 2015-02-02 18:31 - 00000000 ____D C:\Program Files (x86)\Raptr
2015-08-05 21:24 - 2014-11-17 19:33 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AMD Gaming Evolved
2015-08-05 21:24 - 2014-11-01 20:04 - 00000000 ____D C:\Program Files (x86)\Sid Meiers Civilization Beyond Earth
2015-08-05 21:24 - 2014-09-14 22:22 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Unity
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\qBittorrent
2015-08-05 21:24 - 2014-05-02 19:51 - 00000000 ____D C:\Program Files (x86)\qBittorrent
2015-08-05 21:24 - 2014-04-06 11:12 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Raptr
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Banished
2015-08-05 21:24 - 2014-03-03 21:23 - 00000000 ____D C:\Games
2015-08-05 21:24 - 2014-02-18 00:00 - 00000000 ____D C:\Program Files\UltraDefrag
2015-08-05 21:24 - 2014-02-03 19:15 - 00000000 ____D C:\Program Files\WinRAR
2015-08-05 21:24 - 2014-02-02 18:08 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2015-08-05 21:24 - 2014-01-24 19:58 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\vlc
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\system32\NDF
2015-08-05 21:24 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\registration
2015-08-05 21:23 - 2014-01-28 21:53 - 00000000 ____D C:\Program Files (x86)\Steam
2015-08-05 21:23 - 2014-01-24 19:46 - 00000000 ____D C:\Users\AustinPH\AppData\Local\Google
2015-08-05 21:23 - 2014-01-24 19:20 - 00000000 ____D C:\ProgramData\Norton
2015-08-05 21:22 - 2014-01-24 19:46 - 00000000 ____D C:\Program Files (x86)\Google
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-05 21:20 - 2009-07-13 21:45 - 00026576 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-05 17:46 - 2010-11-21 00:16 - 00000000 ___RD C:\Users\Public\Recorded TV
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieUserList
2015-08-05 17:26 - 2014-04-25 11:53 - 00000000 __SHD C:\Users\AustinPH\AppData\Local\EmieSiteList
2015-08-01 17:39 - 2014-01-24 18:47 - 01276945 _____ C:\Windows\WindowsUpdate.log
2015-08-01 17:25 - 2014-02-02 18:07 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-08-01 17:24 - 2014-02-18 18:39 - 00054809 _____ C:\Windows\setupact.log
2015-08-01 17:24 - 2009-07-13 22:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-07-31 22:21 - 2014-02-02 18:07 - 00000898 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-07-31 21:46 - 2015-04-24 21:21 - 00000920 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA.job
2015-07-30 17:46 - 2015-04-24 21:21 - 00000868 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core.job
2015-07-29 18:22 - 2014-01-24 18:43 - 00000000 ____D C:\Windows\Panther
2015-07-28 19:17 - 2014-02-08 19:11 - 00000000 ____D C:\Users\AustinPH\Documents\My stuff
2015-07-24 21:34 - 2014-11-23 12:48 - 00000000 ____D C:\Program Files (x86)\AMD
2015-07-24 21:34 - 2014-02-02 13:06 - 00000000 ____D C:\Program Files\AMD
2015-07-24 21:32 - 2014-04-06 11:10 - 00000000 ____D C:\ProgramData\AMD
2015-07-24 21:26 - 2014-01-28 18:34 - 00000000 ____D C:\ProgramData\Package Cache
2015-07-24 21:24 - 2014-04-06 11:02 - 00000000 ____D C:\AMD
2015-07-23 18:32 - 2014-01-28 23:39 - 00000000 ____D C:\Windows\Minidump
2015-07-21 17:10 - 2009-07-13 21:45 - 00298944 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-19 15:02 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\rescache
2015-07-16 17:39 - 2014-02-12 21:32 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-07-16 17:36 - 2015-06-26 17:50 - 00003886 _____ C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-07-15 22:34 - 2015-04-03 22:38 - 00000000 ___SD C:\Windows\SysWOW64\GWX
2015-07-15 18:16 - 2014-02-02 18:07 - 00003894 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-07-15 18:16 - 2014-02-02 18:07 - 00003642 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-07-15 17:41 - 2015-04-24 21:21 - 00003896 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000UA
2015-07-15 17:41 - 2015-04-24 21:21 - 00003500 _____ C:\Windows\System32\Tasks\GoogleUpdateTaskUserS-1-5-21-2542147359-456179191-873943161-1000Core
2015-07-15 17:31 - 2014-12-10 19:23 - 00000000 ____D C:\Windows\system32\appraiser
2015-07-15 17:31 - 2009-07-13 20:20 - 00000000 ____D C:\Windows\PolicyDefinitions
2015-07-14 22:36 - 2014-01-24 23:18 - 00000000 ____D C:\Windows\system32\MRT
2015-07-10 19:41 - 2014-01-24 19:20 - 00000000 ____D C:\Users\AustinPH\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2015-07-10 19:12 - 2014-01-24 19:20 - 00000000 ____D C:\Users\Public\Downloads\Norton
 
==================== Files in the root of some directories =======
 
2011-06-06 13:50 - 2011-06-06 13:50 - 0000054 _____ () C:\Program Files (x86)\Arrow.gif
2011-06-06 13:50 - 2011-06-06 13:50 - 0000631 _____ () C:\Program Files (x86)\Background.jpg
2011-08-05 12:31 - 2011-08-05 12:31 - 0182784 _____ (Fraunhofer Institut Integrierte Schaltungen IIS) C:\Program Files (x86)\l3codecp.acm
2011-06-21 23:45 - 2011-06-21 23:45 - 9532452 _____ () C:\Program Files (x86)\Meiryoz.ttc
2011-06-06 13:48 - 2011-06-06 13:48 - 0001859 _____ () C:\Program Files (x86)\Microsoft.VC90.CRT.manifest
2007-10-02 14:12 - 2007-10-02 14:12 - 1642568 _____ (Microsoft Corporation) C:\Program Files (x86)\msidcrl40.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0245760 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcm90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0856576 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcp90.dll
2011-06-06 13:48 - 2011-06-06 13:48 - 0626688 _____ (Microsoft Corporation) C:\Program Files (x86)\msvcr90.dll
2011-06-06 13:50 - 2011-06-06 13:50 - 0122458 _____ () C:\Program Files (x86)\quickplaymap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121358 _____ () C:\Program Files (x86)\quickplaymap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121162 _____ () C:\Program Files (x86)\quickplaymap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122068 _____ () C:\Program Files (x86)\quickplaymap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121489 _____ () C:\Program Files (x86)\quickplaymap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121837 _____ () C:\Program Files (x86)\quickplaymap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122620 _____ () C:\Program Files (x86)\quickplaymap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121952 _____ () C:\Program Files (x86)\quickplaymap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121257 _____ () C:\Program Files (x86)\quickplaymap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121403 _____ () C:\Program Files (x86)\quickplaymap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121834 _____ () C:\Program Files (x86)\quickplaymap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122210 _____ () C:\Program Files (x86)\quickplaymap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121621 _____ () C:\Program Files (x86)\quickplaymap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122060 _____ () C:\Program Files (x86)\quickplaymap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0120995 _____ () C:\Program Files (x86)\quickplaymap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0122484 _____ () C:\Program Files (x86)\quickplaymap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122053 _____ () C:\Program Files (x86)\quickplaymap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121155 _____ () C:\Program Files (x86)\quickplaymap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122414 _____ () C:\Program Files (x86)\quickplaymap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122134 _____ () C:\Program Files (x86)\quickplaymap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121635 _____ () C:\Program Files (x86)\quickplaymap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0122790 _____ () C:\Program Files (x86)\quickplaymap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0121558 _____ () C:\Program Files (x86)\quickplaymap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0251333 _____ () C:\Program Files (x86)\softwaremap.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0095912 _____ () C:\Program Files (x86)\softwaremap_chs.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096751 _____ () C:\Program Files (x86)\softwaremap_cht.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097298 _____ () C:\Program Files (x86)\softwaremap_csy.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096323 _____ () C:\Program Files (x86)\softwaremap_dan.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097580 _____ () C:\Program Files (x86)\softwaremap_deu.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0100499 _____ () C:\Program Files (x86)\softwaremap_ell.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097782 _____ () C:\Program Files (x86)\softwaremap_esp.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096441 _____ () C:\Program Files (x86)\softwaremap_fin.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097435 _____ () C:\Program Files (x86)\softwaremap_fra.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096737 _____ () C:\Program Files (x86)\softwaremap_hun.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0092713 _____ () C:\Program Files (x86)\softwaremap_ind.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098431 _____ () C:\Program Files (x86)\softwaremap_ita.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096603 _____ () C:\Program Files (x86)\softwaremap_jpn.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0093267 _____ () C:\Program Files (x86)\softwaremap_kor.png
2011-06-21 23:45 - 2011-06-21 23:45 - 0093248 _____ () C:\Program Files (x86)\softwaremap_msl.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0096513 _____ () C:\Program Files (x86)\softwaremap_nld.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094750 _____ () C:\Program Files (x86)\softwaremap_nor.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098663 _____ () C:\Program Files (x86)\softwaremap_plk.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0098102 _____ () C:\Program Files (x86)\softwaremap_ptb.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0097716 _____ () C:\Program Files (x86)\softwaremap_ptg.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0099979 _____ () C:\Program Files (x86)\softwaremap_rus.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0094597 _____ () C:\Program Files (x86)\softwaremap_sve.png
2011-06-06 13:50 - 2011-06-06 13:50 - 0001922 _____ () C:\Program Files (x86)\TopBar.gif
2011-08-05 12:56 - 2011-08-05 12:56 - 1530592 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 0645856 _____ (Microsoft Corporation) C:\Program Files (x86)\UIX.renderapi.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1288928 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXcontrols.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1752288 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXrender.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0035552 _____ (Microsoft Corporation) C:\Program Files (x86)\UIXsup.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0306400 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneComm.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0018656 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneCommProxyStub.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0021216 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneDTPTDNS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0027872 _____ (Microsoft Corporation) C:\Program Files (x86)\WMZuneTCP2UDP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0223968 _____ (Microsoft Corporation) C:\Program Files (x86)\Zune.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000659 _____ () C:\Program Files (x86)\Zune.exe.config
2011-08-05 12:53 - 2011-08-05 12:53 - 0121056 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneAACDec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0061664 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCfg.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0056544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneConfig.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 1481440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneCore.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0212192 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDB.dll
2011-08-05 12:56 - 2011-08-05 12:56 - 1175264 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDBApi.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0072928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneDXVA2.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0129248 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEffects.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0038624 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEnc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 2110176 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEncEng.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0376544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneEvr.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1184480 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneH264Dec.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0218848 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneHost.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0163552 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneLauncher.exe
2011-06-06 13:50 - 2011-06-06 13:50 - 0000988 _____ () C:\Program Files (x86)\ZuneLogo.gif
2011-08-05 12:53 - 2011-08-05 12:53 - 1096928 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMarketplaceResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0879328 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMBR.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1161440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneMde.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0707808 _____ (Microsoft Corporation) C:\Program Files (x86)\ZUNEMP4SDECD.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 10061536 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNativeLib.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 8277728 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNss.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0347872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneNssci.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0131296 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePresenter.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0020704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZunePS.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0916704 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneQP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 3889376 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0155872 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSA.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0514272 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSE.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 1257184 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneService.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 4020448 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSetup.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0683744 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSH.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0017632 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShare.exe
2011-08-05 12:56 - 2011-08-05 12:56 - 1272544 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShell.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0074464 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellExt.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 16921312 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneShellResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0507104 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSP.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0366816 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneSrcWrp.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0100064 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneTaskbar.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0467680 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWlanCfgSvc.exe
2011-08-05 12:53 - 2011-08-05 12:53 - 0863968 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmdu.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0009440 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneWmduResources.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0152288 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Classic.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157920 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Library.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0196832 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.Mobile.dll
2011-08-05 12:53 - 2011-08-05 12:53 - 0157408 _____ (Microsoft Corporation) C:\Program Files (x86)\ZuneZMDB.ZuneHD.dll
2014-08-28 20:45 - 2014-08-28 20:45 - 0000057 _____ () C:\ProgramData\Ament.ini
2014-06-20 13:41 - 2014-06-20 13:41 - 0000040 _____ () C:\ProgramData\ra3.ini
 
Some files in TEMP:
====================
C:\Users\AustinPH\AppData\Local\Temp\Quarantine.exe
C:\Users\AustinPH\AppData\Local\Temp\sqlite3.dll
C:\Users\AustinPH\AppData\Local\Temp\{E0DB5BBE-E6A5-4D36-BFB0-8CB21105A628}.exe
 
 
==================== Bamital & volsnap Check =================
 
(There is no automatic fix for files that do not pass verification.)
 
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
 
 
LastRegBack: 2015-08-02 15:19
 
==================== End of log ============================


#13 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 08 August 2015 - 03:00 PM

So I am clearly not as good as you at this but reading those logs it looks like it's gone, I don't see it any where.



#14 deeprybka

deeprybka

  • Malware Response Team
  • 5,198 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:Germany
  • Local time:04:27 AM

Posted 08 August 2015 - 03:06 PM

Please boot in normal mode:

Step 1

v21logo.PNG

Please download and install Malwarebytes Anti-Malware.
  • Please open Malwarebytes Anti-Malware and update the database.
  • Click "Settings" [1] and go to "Detection and Protection" [2]
  • Make sure "Scan for Rootkits" is checked.
  • Click on Dashboard [3], then click on Scan Now [4] to start the scan.
    :exclame: If Malware or Potentially Unwanted Programs [PUPs] are found, you will receive a prompt:
    m21p.png
  • Click on "Remove Selected" [5].
  • Then click "Save Results" [6] and select
    m21p4.png
  • Return to our forum. Paste your log into your next reply and then click Finish [7].
mbamv21.gif

Step 2

frst.pngfrstscan.png

Start FRST with administator privileges.
  • Make sure the following option is checked: addition.png
  • Press the Scan button.
  • When finished, FRST will produce two logs (FRST.txt and Addition.txt) in the same directory the tool was run from.
    Please copy and paste these logs in your next reply.

regards,
deeprybka
:busy:
Neminem laede, immo omnes, quantum potes, iuva. Arthur Schopenhauer
 
unite_blue.png
asap.png

#15 AustinPh

AustinPh
  • Topic Starter

  • Members
  • 14 posts
  • OFFLINE
  •  
  • Local time:07:27 PM

Posted 08 August 2015 - 03:33 PM

Malwarebytes Anti-Malware
www.malwarebytes.org
 
Scan Date: 8/8/2015
Scan Time: 1:17 PM
Logfile: 
Administrator: Yes
 
Version: 2.1.8.1057
Malware Database: v2015.08.08.03
Rootkit Database: v2015.08.06.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
 
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: AustinPH
 
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342308
Time Elapsed: 13 min, 48 sec
 
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
 
Processes: 0
(No malicious items detected)
 
Modules: 0
(No malicious items detected)
 
Registry Keys: 5
PUP.Optional.IdleCrawler.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS NT\CURRENTVERSION\SCHEDULE\TASKCACHE\TREE\Runner IC, Delete-on-Reboot, [7ae922e46b202412800175a045be07f9], 
PUP.Optional.GigaClicks.C, HKLM\SOFTWARE\WOW6432NODE\GigaClicks, Quarantined, [bfa4c93d0c7f2214297067b44bb859a7], 
PUP.Optional.OneSoftPerDay.A, HKLM\SOFTWARE\WOW6432NODE\ONESOFTPERDAY, Quarantined, [5013db2b44476accdcba59e0d0337090], 
PUP.Optional.SuperOptimizer.C, HKU\S-1-5-18\SOFTWARE\APPDATALOW\{1146AC44-2F03-4431-B4FD-889BC837521F}, Quarantined, [1f4476904c3f1f1722e16442dd278878], 
PUP.Optional.GigaClicks.C, HKU\S-1-5-21-2542147359-456179191-873943161-1000\SOFTWARE\GigaClicks, Quarantined, [c69d4abcfb90b3837a20100b13f041bf], 
 
Registry Values: 1
PUP.Optional.Taplika.C, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY|AppPath, C:\Program Files (x86)\WSE_Taplika\\, Quarantined, [263de0266f1caf8786797d9cc73c7f81]
 
Registry Data: 0
(No malicious items detected)
 
Folders: 1
Rogue.Multiple, C:\ProgramData\2355320829, Quarantined, [fb6817ef8b0067cfac460dc3768cdc24], 
 
Files: 3
PUP.Optional.IdleCrawler.A, C:\Windows\System32\Tasks\Runner IC, Quarantined, [451e3cca741777bfa87530f990735ea2], 
PUP.Optional.IdleCrawler.A, C:\Windows\System32\Tasks\Microsoft\Windows\Maintenance\Update IC, Quarantined, [c49f25e173181f17a975b57432d18e72], 
PUP.Optional.ColorMedia.A, C:\Windows\SysWOW64\ColorMedia.ini, Quarantined, [6ff4f70faae14beb8563761b1fe55da3], 
 
Physical Sectors: 0
(No malicious items detected)
 
 
(end)





0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users