Jump to content

Build Theme!
  •  
  • Infected?

WE'RE SURE THAT YOU'LL LOVE US!

Hey there! :wub: Looks like you're enjoying the discussion, but you're not signed up for an account. When you create an account, we remember exactly what you've read, so you always come right back where you left off. You also get notifications, here and via email, whenever new posts are made. You can like posts to share the love. :D Join 92789 other members! Anybody can ask, anybody can answer. Consistently helpful members may be invited to become staff. Here's how it works. Virus cleanup? Start here -> Malware Removal Forum.

Try What the Tech -- It's free!


Photo

Win 8 any worm/remote thing eat my laptop [Solved]


  • This topic is locked This topic is locked
33 replies to this topic

#1 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 09 August 2014 - 06:05 PM

I have tried 2 times but only got 1 log not the extra one.

 

 

It has been like this almost a year or so. It have been worse all the time, I have formatted many times and it's little better for a day or so and then it's full fight again- when it started did my laptop run slowly , changes I did on the computer was frequently reset I had win 7 then and I used to check the eventlog to see whats going on, it showed that there was traffic on my pc or ip i dont know but activity it was when the comp was turned OFF? Lots of thing pointed to remote something - I got panic and deactivated everything remote in services. It calm down a little but it came stronger back if I can say so, I have also disabled wifi and bluetooth.

 

 This is what happen most of the time- the flash player stops and hangs almost all the time, or  I get the warning that one script has stopped. programs, some folders can not be opened and I be denied to uninstall various prog. I get a lot of : Acsess denied and you do not have enough rights to open ....and Can not uninstall program that is still running in another process but when I open Task Manager I can not find the process.  settings,  When it comes to global privacy setting (flash) It's hard for me, I can't block that someone can use my microphone and camera, when I click deny the confirmbox show up as usual, but when I klick confirm the box just disappear and I can't block. So when I block in my browser setting it just tell me that the flash player settings does not mach

The pointer does as it wants, goes the opposite way of what I'm doing, open programs and advertisements from the sidebar and more. When I should post on the norton forum (they gave me link to this forum) I could not send I was told to fix where it was highlighted, but there was no highlighted there so I change to html text and deleted all named span then I could post. I'm so tired of this, I thought that I must surely live with it but now that it appears that someone takes over the machine, I know that it will not be possible. One thing I know is that it is not related to money and that someone/something can see everything I write.

Please please help me

 

Regards

 

 

OTL logfile created on: 10.08.2014 00:44:37 - Run 3
OTL by OldTimer - Version 3.2.69.0     Folder = C:\Users\Hespetreet\Desktop
64bit- An unknown product  (Version = 6.2.9200) - Type = NTWorkstation
Internet Explorer (Version = 9.10.9200.17028)
Locale: 00000414 | Country: Norge | Language: NOR | Date Format: dd.MM.yyyy
 
5,44 Gb Total Physical Memory | 3,66 Gb Available Physical Memory | 67,25% Memory free
10,94 Gb Paging File | 9,08 Gb Available in Paging File | 82,95% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 682,53 Gb Total Space | 638,63 Gb Free Space | 93,57% Space Free | Partition Type: NTFS
 
Computer Name: NOKRNOK | User Name: Hespetreet | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days
 
========== Processes (SafeList) ==========
 
PRC - C:\Users\Hespetreet\Desktop\OTL.exe (OldTimer Tools)
PRC - C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)
PRC - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe (Adobe Systems, Inc.)
PRC - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe (Symantec Corporation)
PRC - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe (PC Tools)
PRC - C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe (Symantec Corporation)
 
 
========== Modules (No Company Name) ==========
 
MOD - C:\Program Files (x86)\Mozilla Firefox\mozjs.dll ()
MOD - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
 
 
========== Services (SafeList) ==========
 
SRV:64bit: - (LSM) -- C:\Windows\SysNative\lsm.dll (Microsoft Corporation)
SRV:64bit: - (WinDefend) -- C:\Program Files\Windows Defender\MsMpEng.exe (Microsoft Corporation)
SRV:64bit: - (WSService) -- C:\Windows\SysNative\WSService.dll (Microsoft Corporation)
SRV:64bit: - (Wcmsvc) -- C:\Windows\SysNative\wcmsvc.dll (Microsoft Corporation)
SRV:64bit: - (DsmSvc) -- C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
SRV:64bit: - (netprofm) -- C:\Windows\SysNative\netprofmsvc.dll (Microsoft Corporation)
SRV:64bit: - (BrokerInfrastructure) -- C:\Windows\SysNative\bisrv.dll (Microsoft Corporation)
SRV:64bit: - (AudioEndpointBuilder) -- C:\Windows\SysNative\AudioEndpointBuilder.dll (Microsoft Corporation)
SRV:64bit: - (ePowerSvc) -- C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe (Acer Incorporated)
SRV:64bit: - (LMSvc) -- C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe (Acer Incorporate)
SRV:64bit: - (AMD External Events Utility) -- C:\Windows\SysNative\atiesrxx.exe (AMD)
SRV:64bit: - (TimeBroker) -- C:\Windows\SysNative\TimeBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (SystemEventsBroker) -- C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
SRV:64bit: - (wlidsvc) -- C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceFastLaneService) -- C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe (Acer Incorporated)
SRV:64bit: - (PrintNotify) -- C:\Windows\SysNative\spool\drivers\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV:64bit: - (fhsvc) -- C:\Windows\SysNative\fhsvc.dll (Microsoft Corporation)
SRV:64bit: - (WiaRpc) -- C:\Windows\SysNative\wiarpc.dll (Microsoft Corporation)
SRV:64bit: - (VaultSvc) -- C:\Windows\SysNative\vaultsvc.dll (Microsoft Corporation)
SRV:64bit: - (svsvc) -- C:\Windows\SysNative\svsvc.dll (Microsoft Corporation)
SRV:64bit: - (Netlogon) -- C:\Windows\SysNative\netlogon.dll (Microsoft Corporation)
SRV:64bit: - (NcaSvc) -- C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
SRV:64bit: - (NcdAutoSetup) -- C:\Windows\SysNative\NcdAutoSetup.dll (Microsoft Corporation)
SRV:64bit: - (KeyIso) -- C:\Windows\SysNative\keyiso.dll (Microsoft Corporation)
SRV:64bit: - (EFS) -- C:\Windows\SysNative\efssvc.dll (Microsoft Corporation)
SRV:64bit: - (DeviceAssociationService) -- C:\Windows\SysNative\das.dll (Microsoft Corporation)
SRV:64bit: - (AllUserInstallAgent) -- C:\Windows\SysNative\AUInstallAgent.dll (Microsoft Corporation)
SRV:64bit: - (vmicvss) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmictimesync) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicshutdown) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicrdv) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmickvpexchange) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV:64bit: - (vmicheartbeat) -- C:\Windows\SysNative\icsvc.dll (Microsoft Corporation)
SRV - (AdobeFlashPlayerUpdateSvc) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe Systems Incorporated)
SRV - (N360) -- C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe (Symantec Corporation)
SRV - (SpeedDiskService) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe (Symantec Corporation)
SRV - (DiskDoctorService) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe (Symantec Corporation)
SRV - (NU16StartManagerSvc) -- C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe (PC Tools)
SRV - (AtherosSvc) -- C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe (Qualcomm Atheros Commnucations)
SRV - (PrintNotify) -- C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll (Microsoft Corporation)
SRV - (NOBU) -- C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe (Symantec Corporation)
SRV - (StorSvc) -- C:\Windows\SysWOW64\StorSvc.dll (Microsoft Corporation)
SRV - (NAUpdate) -- c:\Program Files (x86)\Nero\Update\NASvc.exe (Nero AG)
 
 
========== Driver Services (SafeList) ==========
 
DRV:64bit: - (SymEvent) -- C:\Windows\SysNative\Drivers\SYMEVENT64x86.SYS (Symantec Corporation)
DRV:64bit: - (WdBoot) -- C:\Windows\SysNative\Drivers\WdBoot.sys (Microsoft Corporation)
DRV:64bit: - (WdFilter) -- C:\Windows\SysNative\Drivers\WdFilter.sys (Microsoft Corporation)
DRV:64bit: - (SymEFA) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\symefa64.sys (Symantec Corporation)
DRV:64bit: - (SymNetS) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\symnets.sys (Symantec Corporation)
DRV:64bit: - (SRTSP) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\srtsp64.sys (Symantec Corporation)
DRV:64bit: - (amd_xata) -- C:\Windows\SysNative\Drivers\amd_xata.sys (Advanced Micro Devices)
DRV:64bit: - (amd_sata) -- C:\Windows\SysNative\Drivers\amd_sata.sys (Advanced Micro Devices)
DRV:64bit: - (WFPLWFS) -- C:\Windows\SysNative\Drivers\wfplwfs.sys (Microsoft Corporation)
DRV:64bit: - (spaceport) -- C:\Windows\SysNative\Drivers\spaceport.sys (Microsoft Corporation)
DRV:64bit: - (USBHUB3) -- C:\Windows\SysNative\Drivers\USBHUB3.SYS (Microsoft Corporation)
DRV:64bit: - (SymIRON) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\ironx64.sys (Symantec Corporation)
DRV:64bit: - (ccSet_N360) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\ccsetx64.sys (Symantec Corporation)
DRV:64bit: - (SymELAM) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\symelam.sys (Symantec Corporation)
DRV:64bit: - (SymDS) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\symds64.sys (Symantec Corporation)
DRV:64bit: - (SRTSPX) -- C:\Windows\SysNative\Drivers\N360x64\1504000.00D\srtspx64.sys (Symantec Corporation)
DRV:64bit: - (dam) -- C:\Windows\SysNative\Drivers\dam.sys (Microsoft Corporation)
DRV:64bit: - (TPM) -- C:\Windows\SysNative\Drivers\tpm.sys (Microsoft Corporation)
DRV:64bit: - (GPIOClx0101) -- C:\Windows\SysNative\Drivers\msgpioclx.sys (Microsoft Corporation)
DRV:64bit: - (USBXHCI) -- C:\Windows\SysNative\Drivers\USBXHCI.SYS (Microsoft Corporation)
DRV:64bit: - (UCX01000) -- C:\Windows\SysNative\Drivers\UCX01000.SYS (Microsoft Corporation)
DRV:64bit: - (sdbus) -- C:\Windows\SysNative\Drivers\sdbus.sys (Microsoft Corporation)
DRV:64bit: - (BthAvrcpTg) -- C:\Windows\SysNative\Drivers\BthAvrcpTg.sys (Microsoft Corporation)
DRV:64bit: - (BtFilter) -- C:\Windows\SysNative\Drivers\btfilter.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_HCRP) -- C:\Windows\SysNative\Drivers\btath_hcrp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_RCP) -- C:\Windows\SysNative\Drivers\btath_rcp.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_LWFLT) -- C:\Windows\SysNative\Drivers\btath_lwflt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_A2DP) -- C:\Windows\SysNative\Drivers\btath_a2dp.sys (Qualcomm Atheros)
DRV:64bit: - (btath_avdt) -- C:\Windows\SysNative\Drivers\btath_avdt.sys (Qualcomm Atheros)
DRV:64bit: - (AthBTPort) -- C:\Windows\SysNative\Drivers\btath_flt.sys (Qualcomm Atheros)
DRV:64bit: - (BTATH_BUS) -- C:\Windows\SysNative\Drivers\btath_bus.sys (Qualcomm Atheros)
DRV:64bit: - (athr) -- C:\Windows\SysNative\Drivers\athw8x.sys (Qualcomm Atheros Communications, Inc.)
DRV:64bit: - (amdkmdag) -- C:\Windows\SysNative\Drivers\atikmdag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (amdkmdap) -- C:\Windows\SysNative\Drivers\atikmpag.sys (Advanced Micro Devices, Inc.)
DRV:64bit: - (storahci) -- C:\Windows\SysNative\Drivers\storahci.sys (Microsoft Corporation)
DRV:64bit: - (pdc) -- C:\Windows\SysNative\Drivers\pdc.sys (Microsoft Corporation)
DRV:64bit: - (AtiHDAudioService) -- C:\Windows\SysNative\Drivers\AtihdW86.sys (Advanced Micro Devices)
DRV:64bit: - (SynTP) -- C:\Windows\SysNative\Drivers\SynTP.sys (Synaptics Incorporated)
DRV:64bit: - (LMDriver) -- C:\Windows\SysNative\Drivers\LMDriver.sys (Acer Incorporated)
DRV:64bit: - (RadioShim) -- C:\Windows\SysNative\Drivers\RadioShim.sys (Acer Incorporated)
DRV:64bit: - (msgpiowin32) -- C:\Windows\SysNative\Drivers\msgpiowin32.sys (Microsoft Corporation)
DRV:64bit: - (L1C) -- C:\Windows\SysNative\Drivers\L1C63x64.sys (Qualcomm Atheros Co., Ltd.)
DRV:64bit: - (AthrSdSrv) -- C:\Windows\SysNative\Drivers\athrsd.sys (Qualcomm Atheros, Inc.)
DRV:64bit: - (bthhfhid) -- C:\Windows\SysNative\Drivers\BthhfHid.sys (Microsoft Corporation)
DRV:64bit: - (hidi2c) -- C:\Windows\SysNative\Drivers\hidi2c.sys (Microsoft Corporation)
DRV:64bit: - (FxPPM) -- C:\Windows\SysNative\Drivers\fxppm.sys (Microsoft Corporation)
DRV:64bit: - (RdpVideoMiniport) -- C:\Windows\SysNative\Drivers\rdpvideominiport.sys (Microsoft Corporation)
DRV:64bit: - (sdstor) -- C:\Windows\SysNative\Drivers\sdstor.sys (Microsoft Corporation)
DRV:64bit: - (ebdrv) -- C:\Windows\SysNative\Drivers\evbda.sys (Broadcom Corporation)
DRV:64bit: - (b06bdrv) -- C:\Windows\SysNative\Drivers\bxvbda.sys (Broadcom Corporation)
DRV:64bit: - (usbfilter) -- C:\Windows\SysNative\Drivers\usbfilter.sys (Advanced Micro Devices)
DRV:64bit: - (GEARAspiWDM) -- C:\Windows\SysNative\Drivers\GEARAspiWDM.sys (GEAR Software Inc.)
DRV:64bit: - (Fs_Rec) -- C:\WINDOWS\SysNative\drivers\fs_rec.sys (Microsoft Corporation)
DRV:64bit: - (condrv) -- C:\Windows\SysNative\Drivers\condrv.sys (Microsoft Corporation)
DRV:64bit: - (VSTXRAID) -- C:\Windows\SysNative\Drivers\VSTXRAID.SYS (VIA Corporation)
DRV:64bit: - (VerifierExt) -- C:\Windows\SysNative\Drivers\VerifierExt.sys (Microsoft Corporation)
DRV:64bit: - (UASPStor) -- C:\Windows\SysNative\Drivers\uaspstor.sys (Microsoft Corporation)
DRV:64bit: - (acpiex) -- C:\Windows\SysNative\Drivers\acpiex.sys (Microsoft Corporation)
DRV:64bit: - (mvumis) -- C:\Windows\SysNative\Drivers\mvumis.sys (Marvell Semiconductor, Inc.)
DRV:64bit: - (stexstor) -- C:\Windows\SysNative\Drivers\stexstor.sys (Promise Technology, Inc.)
DRV:64bit: - (LSI_SAS2) -- C:\Windows\SysNative\Drivers\lsi_sas2.sys (LSI Corporation)
DRV:64bit: - (LSI_SSS) -- C:\Windows\SysNative\Drivers\lsi_sss.sys (LSI Corporation)
DRV:64bit: - (HpSAMD) -- C:\Windows\SysNative\Drivers\HpSAMD.sys (Hewlett-Packard Company)
DRV:64bit: - (EhStorTcgDrv) -- C:\Windows\SysNative\Drivers\EhStorTcgDrv.sys (Microsoft Corporation)
DRV:64bit: - (EhStorClass) -- C:\Windows\SysNative\Drivers\EhStorClass.sys (Microsoft Corporation)
DRV:64bit: - (amdsbs) -- C:\Windows\SysNative\Drivers\amdsbs.sys (AMD Technologies Inc.)
DRV:64bit: - (3ware) -- C:\Windows\SysNative\Drivers\3ware.sys (LSI)
DRV:64bit: - (amdsata) -- C:\Windows\SysNative\Drivers\amdsata.sys (Advanced Micro Devices)
DRV:64bit: - (amdxata) -- C:\Windows\SysNative\Drivers\amdxata.sys (Advanced Micro Devices)
DRV:64bit: - (CLFS) -- C:\Windows\SysNative\Drivers\clfs.sys (Microsoft Corporation)
DRV:64bit: - (vpci) -- C:\Windows\SysNative\Drivers\vpci.sys (Microsoft Corporation)
DRV:64bit: - (terminpt) -- C:\Windows\SysNative\Drivers\terminpt.sys (Microsoft Corporation)
DRV:64bit: - (mshidumdf) -- C:\Windows\SysNative\Drivers\mshidumdf.sys (Microsoft Corporation)
DRV:64bit: - (BasicDisplay) -- C:\Windows\SysNative\Drivers\BasicDisplay.sys (Microsoft Corporation)
DRV:64bit: - (HyperVideo) -- C:\Windows\SysNative\Drivers\HyperVideo.sys (Microsoft Corporation)
DRV:64bit: - (BasicRender) -- C:\Windows\SysNative\Drivers\BasicRender.sys (Microsoft Corporation)
DRV:64bit: - (gencounter) -- C:\Windows\SysNative\Drivers\vmgencounter.sys (Microsoft Corporation)
DRV:64bit: - (kdnic) -- C:\Windows\SysNative\Drivers\kdnic.sys (Microsoft Corporation)
DRV:64bit: - (acpitime) -- C:\Windows\SysNative\Drivers\acpitime.sys (Microsoft Corporation)
DRV:64bit: - (npsvctrig) -- C:\Windows\SysNative\Drivers\npsvctrig.sys (Microsoft Corporation)
DRV:64bit: - (WpdUpFltr) -- C:\Windows\SysNative\Drivers\WpdUpFltr.sys (Microsoft Corporation)
DRV:64bit: - (acpipagr) -- C:\Windows\SysNative\Drivers\acpipagr.sys (Microsoft Corporation)
DRV:64bit: - (hyperkbd) -- C:\Windows\SysNative\Drivers\hyperkbd.sys (Microsoft Corporation)
DRV:64bit: - (SerCx) -- C:\Windows\SysNative\Drivers\SerCx.sys (Microsoft Corporation)
DRV:64bit: - (SpbCx) -- C:\Windows\SysNative\Drivers\SpbCx.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbGD) -- C:\Windows\SysNative\Drivers\TsUsbGD.sys (Microsoft Corporation)
DRV:64bit: - (BthHFEnum) -- C:\Windows\SysNative\Drivers\bthhfenum.sys (Microsoft Corporation)
DRV:64bit: - (dmvsc) -- C:\Windows\SysNative\Drivers\dmvsc.sys (Microsoft Corporation)
DRV:64bit: - (TsUsbFlt) -- C:\Windows\SysNative\Drivers\TsUsbFlt.sys (Microsoft Corporation)
DRV:64bit: - (wpcfltr) -- C:\Windows\SysNative\Drivers\wpcfltr.sys (Microsoft Corporation)
DRV:64bit: - (BthLEEnum) -- C:\Windows\SysNative\Drivers\BthLEEnum.sys (Microsoft Corporation)
DRV:64bit: - (NdisImPlatform) -- C:\Windows\SysNative\Drivers\NdisImPlatform.sys (Microsoft Corporation)
DRV:64bit: - (MsLldp) -- C:\Windows\SysNative\Drivers\mslldp.sys (Microsoft Corporation)
DRV:64bit: - (Ndu) -- C:\Windows\SysNative\Drivers\Ndu.sys (Microsoft Corporation)
DRV:64bit: - (ccSet_NARA) -- C:\Windows\SysNative\Drivers\NARAx64\0401000.00E\ccSetx64.sys (Symantec Corporation)
DRV - (NAVEX15) -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\ex64.sys (Symantec Corporation)
DRV - (NAVENG) -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\eng64.sys (Symantec Corporation)
DRV - (IDSVia64) -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.002\IDSviA64.sys (Symantec Corporation)
DRV - (BHDrvx64) -- C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001_6ff\BHDrvx64.sys (Symantec Corporation)
DRV - (EraserUtilRebootDrv) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys (Symantec Corporation)
DRV - (eeCtrl) -- C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys (Symantec Corporation)
 
 
========== Standard Registry (SafeList) ==========
 
 
========== Internet Explorer ==========
 
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {C4FE925D-F47F-4F9A-82A7-3213E79CE617}
IE:64bit: - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://no.yhs4.searc...p={searchTerms}
IE:64bit: - HKLM\..\SearchScopes\{C4FE925D-F47F-4F9A-82A7-3213E79CE617}: "URL" = http://www.bing.com/...E10TR&pc=MAPBJS
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {C4FE925D-F47F-4F9A-82A7-3213E79CE617}
IE - HKLM\..\SearchScopes\{AA9A4890-4262-4441-8977-E2FFCBFB706C}: "URL" = http://no.yhs4.searc...p={searchTerms}
IE - HKLM\..\SearchScopes\{C4FE925D-F47F-4F9A-82A7-3213E79CE617}: "URL" = http://www.bing.com/...E10TR&pc=MAPBJS
 
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = https://www.google.no/
IE - HKCU\..\SearchScopes,DefaultScope = {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
========== FireFox ==========
 
FF - prefs.js..browser.startup.homepage: "https://www.google.no"
FF - prefs.js..extensions.enabledAddons: %7Ba0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7%7D:20131118
FF - prefs.js..extensions.enabledAddons: %7BCE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B%7D:4.2
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:31.0
FF - user.js - File not found
 
FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll File not found
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{BBDA0591-3099-440a-AA10-41764D9DB4DB}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014.08.08 23:06:08 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}: C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn\ [2014.08.09 12:20:26 | 000,000,000 | ---D | M]
 
[2014.07.20 18:10:07 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hespetreet\AppData\Roaming\mozilla\Extensions
[2014.07.20 18:23:52 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Hespetreet\AppData\Roaming\mozilla\Firefox\Profiles\79n48bde.default\extensions
[2014.07.20 18:23:52 | 000,000,000 | ---D | M] (WOT) -- C:\Users\Hespetreet\AppData\Roaming\mozilla\Firefox\Profiles\79n48bde.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7}
[2014.07.20 18:23:52 | 000,325,350 | ---- | M] () (No name found) -- C:\Users\Hespetreet\AppData\Roaming\mozilla\firefox\profiles\79n48bde.default\extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi
[2014.07.30 02:35:18 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2014.07.30 02:35:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
 
========== Chrome  ==========
 
CHR - plugin: Widevine Content Decryption Module (Disabled) = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll
CHR - plugin: Chrome Remote Desktop Viewer (Disabled) = internal-remoting-viewer
CHR - plugin: Native Client (Disabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll
CHR - Extension: Google Docs = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.7_0\
CHR - Extension: Google Drive = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\
CHR - Extension: YouTube = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\
CHR - Extension: Google Search = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\
CHR - Extension: Norton Security Toolbar = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.3.13_0\
CHR - Extension: Norton Security Toolbar = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk\2014.7.6.16_0\
CHR - Extension: Google Wallet = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.6.1_0\
CHR - Extension: Gmail = C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2012.07.26 07:26:49 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\Drivers\etc\hosts
O2:64bit: - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll (Symantec Corporation)
O2:64bit: - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O2 - BHO: (Norton Identity Protection) - {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll (Symantec Corporation)
O2 - BHO: (Norton Vulnerability Protection) - {6D53EC84-6AAE-4787-AEEE-F4628F01010C} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\ips\ipsbho.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll (Symantec Corporation)
O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3 - HKLM\..\Toolbar: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll (Symantec Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O3:64bit: - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coieplg.dll (Symantec Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Norton Toolbar) - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coieplg.dll (Symantec Corporation)
O4 - HKLM..\Run: [Norton Online Backup] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe (Symantec Corporation)
O4 - HKLM..\Run: [SSDMonitor] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe (Symantec Corporation)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer\Run: BtvStack = "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe" (Atheros Communications)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableCursorSuppression = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLinkedConnections = 1
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLowDiskSpaceChecks = 0
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0702906F-0F02-4B1B-AA90-2042C1AFF492}: DhcpNameServer = 192.168.1.1
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\WINDOWS\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\WINDOWS\SysWow64\userinit.exe (Microsoft Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O30 - LSA: Security Packages - (livessp) -  File not found
O32 - HKLM CDRom: AutoRun - 1
O33 - MountPoints2\{9e67ff6c-100b-11e4-be74-206a8a970a09}\Shell - "" = AutoRun
O33 - MountPoints2\{9e67ff6c-100b-11e4-be74-206a8a970a09}\Shell\AutoRun\command - "" = "E:\LaunchU3.exe" -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)
 
NetSvcs:64bit: wlidsvc - C:\Windows\SysNative\wlidsvc.dll (Microsoft Corporation)
NetSvcs:64bit: DsmSvc - C:\Windows\SysNative\DeviceSetupManager.dll (Microsoft Corporation)
NetSvcs:64bit: NcaSvc - C:\Windows\SysNative\NcaSvc.dll (Microsoft Corporation)
NetSvcs:64bit: SystemEventsBroker - C:\Windows\SysNative\SystemEventsBrokerServer.dll (Microsoft Corporation)
 
Drivers32:64bit: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: msacm.l3acm - C:\Windows\SysWOW64\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: vidc.cvid - C:\WINDOWS\SysWow64\iccvid.dll (Radius Inc.)
 
CREATERESTOREPOINT
Restore point Set: OTL Restore Point
 
========== Files/Folders - Created Within 30 Days ==========
 
[2014.08.10 00:43:30 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Hespetreet\Desktop\OTL.exe
[2014.08.08 15:18:30 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symnets.sys
[2014.08.08 15:18:30 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symelam.sys
[2014.08.08 15:18:29 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symefa64.sys
[2014.08.08 15:18:29 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symds64.sys
[2014.08.08 15:18:23 | 000,875,736 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtsp64.sys
[2014.08.08 15:18:23 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtspx64.sys
[2014.08.08 15:18:22 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\ironx64.sys
[2014.08.08 15:18:22 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\ccsetx64.sys
[2014.08.08 12:04:58 | 000,000,000 | ---D | C] -- C:\ProgramData\HP
[2014.08.07 23:01:52 | 000,000,000 | ---D | C] -- C:\ProgramData\Emsisoft
[2014.08.07 20:34:45 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\ElevatedDiagnostics
[2014.08.07 20:33:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2014.08.07 10:52:35 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013
[2014.08.05 03:47:51 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Diagnostics
[2014.08.03 12:07:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Malwarebytes
[2014.08.03 12:07:50 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Programs
[2014.08.01 19:58:02 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Documents\Documents
[2014.07.31 12:32:53 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Norton Utilities 16
[2014.07.31 12:23:13 | 001,233,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4.dll
[2014.07.31 12:23:13 | 000,082,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4r.dll
[2014.07.31 12:23:13 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml4a.dll
[2014.07.31 12:23:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 16
[2014.07.31 12:23:11 | 001,101,824 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBox210.ocx
[2014.07.31 12:23:10 | 001,081,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCTL.OCX
[2014.07.31 12:23:10 | 000,880,640 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBox10.ocx
[2014.07.31 12:23:10 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSCOMCT2.OCX
[2014.07.31 12:23:10 | 000,506,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msxml.dll
[2014.07.31 12:23:10 | 000,212,992 | ---- | C] (Woodbury Associates Limited) -- C:\WINDOWS\SysWow64\UniBoxVB12.ocx
[2014.07.31 12:18:05 | 000,000,000 | ---D | C] -- C:\ProgramData\Package Cache
[2014.07.31 12:17:13 | 000,000,000 | ---D | C] -- C:\Program Files\ATI Technologies
[2014.07.31 12:14:47 | 000,000,000 | ---D | C] -- C:\AMD
[2014.07.31 12:09:28 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Product_NU16
[2014.07.31 03:13:15 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\CrashDumps
[2014.07.30 02:35:18 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Mozilla Firefox
[2014.07.29 16:38:17 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\SUPERAntiSpyware.com
[2014.07.29 16:37:32 | 000,000,000 | ---D | C] -- C:\Program Files\SUPERAntiSpyware
[2014.07.28 17:45:33 | 000,000,000 | ---D | C] -- C:\WINDOWS\Minidump
[2014.07.27 06:33:06 | 000,703,968 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerApp.exe
[2014.07.27 06:33:06 | 000,105,440 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\FlashPlayerCPLApp.cpl
[2014.07.27 06:24:53 | 000,000,000 | --SD | C] -- C:\WINDOWS\SysNative\CompatTel
[2014.07.27 06:24:27 | 000,000,000 | R--D | C] -- C:\WINDOWS\BrowserChoice
[2014.07.25 21:27:24 | 001,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wdc.dll
[2014.07.25 21:27:24 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wvc.dll
[2014.07.25 21:27:23 | 001,245,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wdc.dll
[2014.07.25 21:27:23 | 000,462,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sysmon.ocx
[2014.07.25 21:27:23 | 000,437,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wvc.dll
[2014.07.25 21:27:23 | 000,399,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sysmon.ocx
[2014.07.25 21:25:16 | 001,125,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msctf.dll
[2014.07.25 21:25:12 | 000,448,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSync.dll
[2014.07.25 21:25:12 | 000,222,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shdocvw.dll
[2014.07.25 21:25:11 | 000,356,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSync.dll
[2014.07.25 21:25:11 | 000,225,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mbsmsapi.dll
[2014.07.25 21:25:11 | 000,158,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mbsmsapi.dll
[2014.07.25 21:25:09 | 000,128,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncInfo.dll
[2014.07.25 05:07:21 | 005,979,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mstscax.dll
[2014.07.25 05:07:20 | 000,523,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsGdiConverter.dll
[2014.07.25 05:07:19 | 005,092,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mstscax.dll
[2014.07.25 05:07:18 | 000,365,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsGdiConverter.dll
[2014.07.25 05:07:17 | 000,332,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storport.sys
[2014.07.25 01:34:01 | 001,258,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kernel32.dll
[2014.07.25 01:33:58 | 001,120,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gpedit.dll
[2014.07.25 01:33:57 | 001,075,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\gpedit.dll
[2014.07.25 01:33:56 | 000,083,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidclass.sys
[2014.07.24 22:45:07 | 000,328,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\Classpnp.sys
[2014.07.24 22:45:07 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wusa.exe
[2014.07.24 22:45:07 | 000,305,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wusa.exe
[2014.07.24 16:04:54 | 003,265,256 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\evbda.sys
[2014.07.24 16:04:37 | 002,397,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WpcMon.exe
[2014.07.24 16:04:32 | 003,964,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSAT.exe
[2014.07.24 16:04:28 | 000,533,224 | ---- | C] (Broadcom Corporation) -- C:\WINDOWS\SysNative\drivers\bxvbda.sys
[2014.07.24 16:04:26 | 001,513,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vssapi.dll
[2014.07.24 16:04:22 | 001,739,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RacEngn.dll
[2014.07.24 16:04:22 | 001,019,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MsSpellCheckingFacility.dll
[2014.07.24 16:04:20 | 001,304,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Media.Streaming.dll
[2014.07.24 16:04:20 | 000,757,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uDWM.dll
[2014.07.24 16:04:19 | 000,762,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\provcore.dll
[2014.07.24 16:04:19 | 000,389,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MMDevAPI.dll
[2014.07.24 16:04:14 | 000,573,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSATAPI.dll
[2014.07.24 16:04:12 | 000,995,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Media.Streaming.dll
[2014.07.24 16:04:11 | 000,634,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apphelp.dll
[2014.07.24 16:04:10 | 000,709,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MsSpellCheckingFacility.dll
[2014.07.24 16:04:10 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\IPHLPAPI.DLL
[2014.07.24 16:04:09 | 001,743,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\combase.dll
[2014.07.24 16:04:09 | 000,236,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFPlay.dll
[2014.07.24 16:04:08 | 000,420,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWAHost.exe
[2014.07.24 16:04:07 | 000,604,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dnsapi.dll
[2014.07.24 16:04:06 | 000,866,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinTypes.dll
[2014.07.24 16:04:06 | 000,755,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapi.dll
[2014.07.24 16:04:06 | 000,545,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskeng.exe
[2014.07.24 16:04:06 | 000,355,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsvr.dll
[2014.07.24 16:04:06 | 000,344,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlidcredprov.dll
[2014.07.24 16:04:05 | 000,617,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfsrcsnk.dll
[2014.07.24 16:04:05 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bcdsrv.dll
[2014.07.24 16:04:04 | 001,400,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\propsys.dll
[2014.07.24 16:04:04 | 000,249,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpnprv.dll
[2014.07.24 16:04:03 | 000,541,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VAN.dll
[2014.07.24 16:04:03 | 000,303,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinSATAPI.dll
[2014.07.24 16:04:02 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\services.exe
[2014.07.24 16:04:02 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fveapibase.dll
[2014.07.24 16:03:59 | 000,751,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appwiz.cpl
[2014.07.24 16:03:58 | 000,333,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWAHost.exe
[2014.07.24 16:03:58 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PackageStateRoaming.dll
[2014.07.24 16:03:57 | 000,670,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\appwiz.cpl
[2014.07.24 16:03:57 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFPlay.dll
[2014.07.24 16:03:56 | 001,369,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\RacEngn.dll
[2014.07.24 16:03:56 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ProximityService.dll
[2014.07.24 16:03:56 | 000,090,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TpmTasks.dll
[2014.07.24 16:03:55 | 000,533,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\provcore.dll
[2014.07.24 16:03:55 | 000,256,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msvproc.dll
[2014.07.24 16:03:55 | 000,089,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PackageStateRoaming.dll
[2014.07.24 16:03:55 | 000,065,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setbcdlocale.dll
[2014.07.24 16:03:54 | 000,509,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinapi.dll
[2014.07.24 16:03:54 | 000,027,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\avrt.dll
[2014.07.24 16:03:53 | 001,247,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\combase.dll
[2014.07.24 16:03:53 | 000,480,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\VAN.dll
[2014.07.24 16:03:53 | 000,449,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsrcsnk.dll
[2014.07.24 16:03:53 | 000,103,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\microsoft-windows-kernel-power-events.dll
[2014.07.24 16:03:52 | 002,016,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\batmeter.dll
[2014.07.24 16:03:52 | 002,007,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\batmeter.dll
[2014.07.24 16:03:52 | 000,101,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SettingSyncHost.exe
[2014.07.24 16:03:52 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfdisk.dll
[2014.07.24 16:03:51 | 000,465,920 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WinTypes.dll
[2014.07.24 16:03:51 | 000,270,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfsvr.dll
[2014.07.24 16:03:51 | 000,263,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlidcredprov.dll
[2014.07.24 16:03:51 | 000,031,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfdisk.dll
[2014.07.24 16:03:51 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\svchost.exe
[2014.07.24 16:03:49 | 001,342,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\user32.dll
[2014.07.24 16:03:48 | 000,627,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetup.exe
[2014.07.24 16:03:48 | 000,437,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfh264enc.dll
[2014.07.24 16:03:48 | 000,413,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfh264enc.dll
[2014.07.24 16:03:48 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msvproc.dll
[2014.07.24 16:03:48 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winsrv.dll
[2014.07.24 16:03:48 | 000,118,272 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevPropMgr.dll
[2014.07.24 16:03:48 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncHost.exe
[2014.07.24 16:03:48 | 000,023,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfnet.dll
[2014.07.24 16:03:47 | 000,699,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinapi.dll
[2014.07.24 16:03:47 | 000,117,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwm.exe
[2014.07.24 16:03:47 | 000,092,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvinst.exe
[2014.07.24 16:03:47 | 000,080,384 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvinst.exe
[2014.07.24 16:03:46 | 000,459,776 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxgi.dll
[2014.07.24 16:03:46 | 000,156,672 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DAFWSD.dll
[2014.07.24 16:03:46 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfnet.dll
[2014.07.24 16:03:45 | 000,588,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\webio.dll
[2014.07.24 16:03:45 | 000,417,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\webio.dll
[2014.07.24 16:03:45 | 000,189,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfos.dll
[2014.07.24 16:03:43 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpremove.exe
[2014.07.24 16:03:42 | 000,069,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vsstrace.dll
[2014.07.24 16:03:42 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sdbinst.exe
[2014.07.24 16:03:42 | 000,021,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sdbinst.exe
[2014.07.24 16:03:40 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfctrs.dll
[2014.07.24 16:03:40 | 000,039,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfctrs.dll
[2014.07.24 16:03:40 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\perfproc.dll
[2014.07.24 16:03:40 | 000,037,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LangCleanupSysprepAction.dll
[2014.07.24 16:03:40 | 000,034,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfproc.dll
[2014.07.24 16:03:40 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\perfos.dll
[2014.07.24 16:03:40 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\eventcls.dll
[2014.07.24 16:03:40 | 000,015,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\eventcls.dll
[2014.07.24 16:03:40 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MUILanguageCleanup.dll
[2014.07.24 16:03:39 | 000,008,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lpksetupproxyserv.dll
[2014.07.24 16:03:39 | 000,006,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\shimeng.dll
[2014.07.24 14:43:41 | 000,778,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\oleaut32.dll
[2014.07.24 14:43:39 | 000,626,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\resutils.dll
[2014.07.24 14:43:39 | 000,374,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\clusapi.dll
[2014.07.24 14:43:38 | 000,773,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapi.dll
[2014.07.24 14:43:37 | 000,488,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\resutils.dll
[2014.07.24 14:43:36 | 000,447,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBHUB3.SYS
[2014.07.24 14:43:35 | 000,628,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapi.dll
[2014.07.24 14:43:35 | 000,302,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\clusapi.dll
[2014.07.24 14:43:34 | 001,622,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wucltux.dll
[2014.07.24 14:43:32 | 000,285,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\spaceport.sys
[2014.07.24 14:43:32 | 000,252,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WUSettingsProvider.dll
[2014.07.24 14:43:32 | 000,059,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuauclt.exe
[2014.07.24 14:43:31 | 000,175,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\storewuauth.dll
[2014.07.24 14:43:31 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuwebv.dll
[2014.07.24 14:43:31 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuwebv.dll
[2014.07.24 14:43:31 | 000,099,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wudriver.dll
[2014.07.24 14:43:31 | 000,084,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wudriver.dll
[2014.07.24 14:43:31 | 000,040,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wuapp.exe
[2014.07.24 14:43:31 | 000,035,328 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wuapp.exe
[2014.07.24 12:51:54 | 013,661,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.UI.Xaml.dll
[2014.07.24 12:51:52 | 010,799,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.UI.Xaml.dll
[2014.07.24 12:51:47 | 001,173,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UIAutomationCore.dll
[2014.07.24 12:51:46 | 000,914,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UIAutomationCore.dll
[2014.07.24 12:51:41 | 000,328,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ubpm.dll
[2014.07.24 12:51:41 | 000,151,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\tpm.sys
[2014.07.24 12:51:37 | 000,247,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ubpm.dll
[2014.07.24 12:51:37 | 000,061,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\crashdmp.sys
[2014.07.24 12:51:36 | 000,062,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpfve.sys
[2014.07.24 11:43:04 | 002,273,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msftedit.dll
[2014.07.24 11:43:03 | 002,839,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msftedit.dll
[2014.07.24 11:43:00 | 001,025,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\localspl.dll
[2014.07.24 11:42:59 | 000,414,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanconn.dll
[2014.07.24 11:42:58 | 000,439,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WerFault.exe
[2014.07.24 11:42:58 | 000,385,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WerFault.exe
[2014.07.24 11:42:58 | 000,263,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmsvc.dll
[2014.07.24 11:42:58 | 000,230,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSCard.dll
[2014.07.24 11:42:58 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmmbase.dll
[2014.07.24 11:42:58 | 000,160,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmmbase.dll
[2014.07.24 11:42:58 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmm.dll
[2014.07.24 11:42:56 | 000,543,744 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wwanmm.dll
[2014.07.24 11:42:56 | 000,391,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.BackgroundTransfer.dll
[2014.07.24 11:42:56 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Wwanadvui.dll
[2014.07.24 11:42:56 | 000,268,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.BackgroundTransfer.dll
[2014.07.24 11:42:56 | 000,195,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\sdbus.sys
[2014.07.24 11:42:56 | 000,125,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dumpsd.sys
[2014.07.24 11:42:56 | 000,120,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\msgpioclx.sys
[2014.07.24 11:42:56 | 000,077,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\openfiles.exe
[2014.07.24 11:42:56 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wcmcsp.dll
[2014.07.24 11:42:55 | 000,312,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\LocationApi.dll
[2014.07.24 11:42:55 | 000,245,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\LocationApi.dll
[2014.07.24 11:42:55 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\openfiles.exe
[2014.07.24 09:32:45 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FirewallAPI.dll
[2014.07.24 09:32:45 | 000,104,448 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\davclnt.dll
[2014.07.24 08:54:10 | 002,219,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmcore.dll
[2014.07.24 08:54:08 | 002,391,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
[2014.07.24 08:54:08 | 002,106,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\explorer.exe
[2014.07.24 08:54:08 | 001,842,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dwmcore.dll
[2014.07.24 08:54:06 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samsrv.dll
[2014.07.24 08:54:05 | 001,527,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfcore.dll
[2014.07.24 08:54:05 | 001,453,568 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfcore.dll
[2014.07.24 08:54:04 | 001,403,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.efi
[2014.07.24 08:54:04 | 001,271,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winload.exe
[2014.07.24 08:54:03 | 001,217,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.efi
[2014.07.24 08:54:01 | 001,093,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winresume.exe
[2014.07.24 08:54:01 | 000,583,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mscms.dll
[2014.07.24 08:54:00 | 001,048,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfasfsrcsnk.dll
[2014.07.24 08:54:00 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\samlib.dll
[2014.07.24 08:53:59 | 000,850,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfasfsrcsnk.dll
[2014.07.24 08:53:59 | 000,207,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DeviceSetupManager.dll
[2014.07.24 08:53:58 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MbaeParserTask.exe
[2014.07.24 08:53:57 | 000,190,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vdsutil.dll
[2014.07.24 08:53:57 | 000,037,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\BthAvrcpTg.sys
[2014.07.23 11:05:23 | 001,557,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\osk.exe
[2014.07.23 11:05:23 | 001,440,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\osk.exe
[2014.07.23 09:38:04 | 001,255,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\certutil.exe
[2014.07.23 09:38:04 | 001,013,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\certutil.exe
[2014.07.23 09:38:04 | 000,141,312 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptnet.dll
[2014.07.22 08:57:50 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Nero_AG
[2014.07.22 08:56:48 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Nero
[2014.07.22 00:54:52 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\ATI
[2014.07.22 00:54:52 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\ATI
[2014.07.22 00:54:52 | 000,000,000 | ---D | C] -- C:\ProgramData\ATI
[2014.07.21 22:29:37 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysWow64\N360_BACKUP
[2014.07.21 14:13:13 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
[2014.07.21 14:12:22 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Google
[2014.07.21 14:12:22 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google
[2014.07.21 11:54:40 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\MRT
[2014.07.21 09:43:08 | 001,314,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rpcrt4.dll
[2014.07.21 09:43:03 | 003,246,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpcorets.dll
[2014.07.21 09:43:03 | 000,235,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rdpudd.dll
[2014.07.21 09:43:02 | 000,062,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\imagehlp.dll
[2014.07.21 09:42:52 | 001,890,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\crypt32.dll
[2014.07.21 09:42:46 | 001,838,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DWrite.dll
[2014.07.21 09:42:46 | 000,498,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbport.sys
[2014.07.21 09:42:46 | 000,021,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usbd.sys
[2014.07.21 09:42:41 | 000,288,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\portcls.sys
[2014.07.21 09:42:39 | 000,144,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tssdisai.dll
[2014.07.21 09:42:38 | 000,135,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\appserverai.dll
[2014.07.21 09:42:38 | 000,126,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RDWebAI.dll
[2014.07.21 09:42:38 | 000,122,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\VmHostAI.dll
[2014.07.21 09:42:37 | 000,222,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrobj.dll
[2014.07.21 09:42:37 | 000,148,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\poqexec.exe
[2014.07.21 09:42:37 | 000,132,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\poqexec.exe
[2014.07.21 09:42:36 | 002,062,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d11.dll
[2014.07.21 09:42:36 | 001,711,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\d3d11.dll
[2014.07.21 09:42:36 | 000,194,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\scrrun.dll
[2014.07.21 09:42:36 | 000,162,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrobj.dll
[2014.07.21 09:42:36 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\scrrun.dll
[2014.07.21 09:42:36 | 000,146,944 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cscript.exe
[2014.07.21 09:42:36 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wshom.ocx
[2014.07.21 09:42:36 | 000,115,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cscript.exe
[2014.07.21 09:42:33 | 001,628,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WindowsCodecs.dll
[2014.07.21 09:42:33 | 000,026,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ReAgentc.exe
[2014.07.21 09:42:33 | 000,024,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgentc.exe
[2014.07.21 09:42:31 | 002,382,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\esent.dll
[2014.07.21 09:42:30 | 002,851,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\esent.dll
[2014.07.20 21:15:51 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Macromedia
[2014.07.20 18:33:31 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\CrashRpt
[2014.07.20 18:31:39 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Tencent
[2014.07.20 18:31:39 | 000,000,000 | ---D | C] -- C:\ProgramData\Tencent
[2014.07.20 18:27:34 | 001,301,504 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\gdi32.dll
[2014.07.20 18:25:24 | 000,693,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSShared.dll
[2014.07.20 18:25:24 | 000,628,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NotificationUI.exe
[2014.07.20 18:25:23 | 000,566,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSShared.dll
[2014.07.20 18:25:23 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.TestingFramework.dll
[2014.07.20 18:25:23 | 000,143,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.dll
[2014.07.20 18:25:23 | 000,124,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.ApplicationModel.Store.TestingFramework.dll
[2014.07.20 18:24:10 | 000,381,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\FWPUCLNT.DLL
[2014.07.20 18:24:09 | 000,888,832 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\nshwfp.dll
[2014.07.20 18:24:09 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nshwfp.dll
[2014.07.20 18:24:09 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\FWPUCLNT.DLL
[2014.07.20 18:24:09 | 000,096,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\wfplwfs.sys
[2014.07.20 18:23:14 | 002,371,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSService.dll
[2014.07.20 18:23:14 | 001,164,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppobjs.dll
[2014.07.20 18:23:13 | 000,105,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WinSetupUI.dll
[2014.07.20 18:23:12 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppwinob.dll
[2014.07.20 18:23:12 | 000,204,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSClient.dll
[2014.07.20 18:23:12 | 000,198,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.ApplicationModel.Store.dll
[2014.07.20 18:23:12 | 000,183,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSSync.dll
[2014.07.20 18:23:12 | 000,167,424 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSClient.dll
[2014.07.20 18:23:12 | 000,159,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WSSync.dll
[2014.07.20 18:23:12 | 000,120,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sppc.dll
[2014.07.20 18:23:12 | 000,091,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\sppc.dll
[2014.07.20 18:23:12 | 000,049,664 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups.dll
[2014.07.20 18:23:12 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wups2.dll
[2014.07.20 18:23:11 | 000,081,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\setupcln.dll
[2014.07.20 18:23:11 | 000,076,800 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\setupcln.dll
[2014.07.20 18:23:11 | 000,058,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\dam.sys
[2014.07.20 18:23:11 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wups.dll
[2014.07.20 18:22:49 | 000,652,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\comctl32.dll
[2014.07.20 18:20:06 | 001,281,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsasrv.dll
[2014.07.20 18:20:06 | 000,588,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SHCore.dll
[2014.07.20 18:20:05 | 000,452,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SHCore.dll
[2014.07.20 18:20:05 | 000,439,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\lsm.dll
[2014.07.20 18:19:58 | 000,702,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepdu.dll
[2014.07.20 18:19:58 | 000,556,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aeinv.dll
[2014.07.20 18:19:58 | 000,394,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\devinv.dll
[2014.07.20 18:19:58 | 000,087,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\aepic.dll
[2014.07.20 18:17:02 | 000,269,592 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdFilter.sys
[2014.07.20 18:17:01 | 000,035,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdBoot.sys
[2014.07.20 18:16:55 | 000,600,064 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\vbscript.dll
[2014.07.20 18:14:26 | 000,054,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\WdfLdr.sys
[2014.07.20 18:13:58 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\hidparse.sys
[2014.07.20 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Mozilla
[2014.07.20 18:09:59 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Mozilla
[2014.07.20 18:09:47 | 000,000,000 | ---D | C] -- C:\ProgramData\Mozilla
[2014.07.20 18:04:08 | 001,101,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmpmde.dll
[2014.07.20 18:04:07 | 001,149,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winmde.dll
[2014.07.20 18:04:06 | 000,951,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Globalization.dll
[2014.07.20 18:04:05 | 000,645,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Security.Authentication.OnlineId.dll
[2014.07.20 18:04:05 | 000,357,888 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netcfgx.dll
[2014.07.20 18:04:05 | 000,180,224 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SystemEventsBrokerServer.dll
[2014.07.20 18:04:05 | 000,171,008 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\TimeBrokerServer.dll
[2014.07.20 18:04:04 | 000,893,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\winmde.dll
[2014.07.20 18:04:04 | 000,601,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Globalization.dll
[2014.07.20 18:04:03 | 000,550,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\drvstore.dll
[2014.07.20 18:04:03 | 000,504,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Security.Authentication.OnlineId.dll
[2014.07.20 18:04:03 | 000,455,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netcfgx.dll
[2014.07.20 18:04:03 | 000,245,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usbmon.dll
[2014.07.20 18:04:02 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drvstore.dll
[2014.07.20 18:04:02 | 000,150,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\discan.dll
[2014.07.20 18:04:01 | 000,117,248 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\NdisImPlatform.dll
[2014.07.20 18:04:00 | 000,240,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fsquirt.exe
[2014.07.20 18:04:00 | 000,156,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\powercfg.cpl
[2014.07.20 18:04:00 | 000,145,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\powercfg.cpl
[2014.07.20 18:04:00 | 000,100,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\SettingSyncInfo.dll
[2014.07.20 18:04:00 | 000,077,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\storahci.sys
[2014.07.20 18:04:00 | 000,071,168 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WSDPrintProxy.DLL
[2014.07.20 18:04:00 | 000,049,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevDispItemProvider.dll
[2014.07.20 18:03:59 | 000,036,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevDispItemProvider.dll
[2014.07.20 18:00:29 | 000,265,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\InkEd.dll
[2014.07.20 17:43:07 | 001,011,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\reseteng.dll
[2014.07.20 17:43:07 | 000,375,808 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ReAgent.dll
[2014.07.20 17:41:28 | 001,131,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentServer.dll
[2014.07.20 17:41:26 | 000,389,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\BCP47Langs.dll
[2014.07.20 17:41:25 | 000,470,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netprofmsvc.dll
[2014.07.20 17:41:24 | 000,309,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\BCP47Langs.dll
[2014.07.20 17:41:23 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysWow64\rars.rs
[2014.07.20 17:41:23 | 000,014,848 | ---- | C] (Microsoft) -- C:\WINDOWS\SysNative\rars.rs
[2014.07.20 17:41:22 | 000,812,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Magnify.exe
[2014.07.20 17:41:22 | 000,708,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AppXDeploymentExtensions.dll
[2014.07.20 17:41:22 | 000,330,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\stobject.dll
[2014.07.20 17:41:22 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\bisrv.dll
[2014.07.20 17:41:22 | 000,169,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\netplwiz.dll
[2014.07.20 17:41:22 | 000,093,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\psmsrv.dll
[2014.07.20 17:41:21 | 000,560,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfmp4srcsnk.dll
[2014.07.20 17:41:21 | 000,501,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\DevicePairing.dll
[2014.07.20 17:41:21 | 000,151,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\netplwiz.dll
[2014.07.20 17:41:21 | 000,077,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhost.exe
[2014.07.20 17:41:20 | 000,758,784 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Magnify.exe
[2014.07.20 17:41:20 | 000,419,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\intl.cpl
[2014.07.20 17:41:20 | 000,120,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AuthHost.exe
[2014.07.20 17:41:19 | 000,449,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\DevicePairing.dll
[2014.07.20 17:41:19 | 000,389,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\intl.cpl
[2014.07.20 17:41:19 | 000,122,368 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\biwinrt.dll
[2014.07.20 17:41:19 | 000,092,160 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\biwinrt.dll
[2014.07.20 17:41:18 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfmp4srcsnk.dll
[2014.07.20 17:41:18 | 000,072,192 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskhostex.exe
[2014.07.20 17:41:17 | 000,017,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\muifontsetup.dll
[2014.07.20 17:41:17 | 000,015,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmproxy.dll
[2014.07.20 17:41:17 | 000,014,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\muifontsetup.dll
[2014.07.20 17:41:17 | 000,012,288 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\nlmsprep.dll
[2014.07.20 17:41:01 | 000,888,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\autochk.exe
[2014.07.20 17:41:00 | 000,793,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\autochk.exe
[2014.07.20 17:41:00 | 000,542,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\untfs.dll
[2014.07.20 17:41:00 | 000,482,816 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\untfs.dll
[2014.07.20 17:40:43 | 000,729,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\duser.dll
[2014.07.20 17:40:43 | 000,543,232 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wlroamextension.dll
[2014.07.20 17:40:43 | 000,385,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ncsi.dll
[2014.07.20 17:40:42 | 000,475,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WWanAPI.dll
[2014.07.20 17:40:42 | 000,410,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wlroamextension.dll
[2014.07.20 17:40:42 | 000,293,376 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.Connectivity.dll
[2014.07.20 17:40:42 | 000,260,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\hotspotauth.dll
[2014.07.20 17:40:41 | 000,611,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpd_ci.dll
[2014.07.20 17:40:41 | 000,370,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WWanAPI.dll
[2014.07.20 17:40:41 | 000,197,632 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.Connectivity.dll
[2014.07.20 17:40:41 | 000,107,520 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\taskkill.exe
[2014.07.20 17:40:41 | 000,102,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tasklist.exe
[2014.07.20 17:40:41 | 000,079,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\taskkill.exe
[2014.07.20 17:40:40 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tasklist.exe
[2014.07.20 17:40:32 | 002,842,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMVDECOD.DLL
[2014.07.20 17:40:32 | 002,620,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMVDECOD.DLL
[2014.07.20 17:40:07 | 000,124,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\PresentationCFFRasterizerNative_v0300.dll
[2014.07.20 17:40:07 | 000,102,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\PresentationCFFRasterizerNative_v0300.dll
[2014.07.20 17:40:05 | 000,733,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\win32spl.dll
[2014.07.20 17:39:55 | 001,690,624 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GdiPlus.dll
[2014.07.20 17:39:55 | 001,437,184 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\GdiPlus.dll
[2014.07.20 17:39:54 | 000,020,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\usb8023.sys
[2014.07.20 17:39:22 | 000,112,872 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\consent.exe
[2014.07.20 17:39:01 | 006,987,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntoskrnl.exe
[2014.07.20 17:38:57 | 000,982,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\KernelBase.dll
[2014.07.20 17:38:56 | 000,684,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\objsel.dll
[2014.07.20 17:38:56 | 000,578,048 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\winlogon.exe
[2014.07.20 17:38:56 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspicli.dll
[2014.07.20 17:38:55 | 001,043,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\usercpl.dll
[2014.07.20 17:38:55 | 000,961,536 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\usercpl.dll
[2014.07.20 17:38:55 | 000,559,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\objsel.dll
[2014.07.20 17:38:55 | 000,179,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dpapisrv.dll
[2014.07.20 17:38:54 | 000,045,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dimsroam.dll
[2014.07.20 17:38:54 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dimsroam.dll
[2014.07.20 17:38:54 | 000,027,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\sspisrv.dll
[2014.07.20 17:38:53 | 000,014,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\workerdd.dll
[2014.07.20 17:38:45 | 000,583,680 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdrm.dll
[2014.07.20 17:34:27 | 000,163,840 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msrating.dll
[2014.07.20 17:34:27 | 000,109,056 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesysprep.dll
[2014.07.20 17:34:27 | 000,061,440 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iesetup.dll
[2014.07.20 17:34:27 | 000,051,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ie4uinit.exe
[2014.07.20 17:34:27 | 000,044,032 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\UXInit.dll
[2014.07.20 17:34:27 | 000,039,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iernonce.dll
[2014.07.20 17:34:27 | 000,033,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\iernonce.dll
[2014.07.20 17:34:26 | 001,440,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\inetcpl.cpl
[2014.07.20 17:34:26 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msrating.dll
[2014.07.20 17:34:26 | 000,136,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesysprep.dll
[2014.07.20 17:34:26 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\UXInit.dll
[2014.07.20 17:34:25 | 000,915,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\uxtheme.dll
[2014.07.20 17:34:25 | 000,067,072 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iesetup.dll
[2014.07.20 17:34:21 | 001,508,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\inetcpl.cpl
[2014.07.20 17:34:20 | 000,855,552 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript.dll
[2014.07.20 17:34:19 | 000,603,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msfeeds.dll
[2014.07.20 17:34:15 | 000,281,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtrans.dll
[2014.07.20 17:34:10 | 000,097,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mshtmled.dll
[2014.07.20 17:34:08 | 000,452,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxtmsft.dll
[2014.07.20 17:33:43 | 003,959,296 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\jscript9.dll
[2014.07.20 17:33:42 | 000,690,688 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\jscript.dll
[2014.07.20 17:33:41 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mshtmled.dll
[2014.07.20 17:28:23 | 000,337,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wintrust.dll
[2014.07.20 17:28:23 | 000,124,416 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepapi.dll
[2014.07.20 17:28:23 | 000,098,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\apprepsync.dll
[2014.07.20 17:28:23 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepapi.dll
[2014.07.20 17:28:23 | 000,074,240 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\apprepsync.dll
[2014.07.20 17:28:16 | 000,337,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\USBXHCI.SYS
[2014.07.20 17:28:16 | 000,213,336 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\UCX01000.SYS
[2014.07.20 17:27:31 | 003,842,560 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d2d1.dll
[2014.07.20 17:27:31 | 002,238,976 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\d3d10warp.dll
[2014.07.20 17:26:13 | 000,420,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\WMPhoto.dll
[2014.07.20 17:26:13 | 000,368,640 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\WMPhoto.dll
[2014.07.20 17:25:00 | 000,596,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\qedit.dll
[2014.07.20 17:25:00 | 000,497,152 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\qedit.dll
[2014.07.20 17:24:29 | 000,030,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\cryptdlg.dll
[2014.07.20 17:24:29 | 000,025,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\cryptdlg.dll
[2014.07.20 17:24:08 | 000,411,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\FWPKCLNT.SYS
[2014.07.20 17:23:48 | 014,267,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmp.dll
[2014.07.20 17:23:48 | 003,552,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\tquery.dll
[2014.07.20 17:23:44 | 011,878,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmp.dll
[2014.07.20 17:23:43 | 002,107,904 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssrch.dll
[2014.07.20 17:23:40 | 002,767,360 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\tquery.dll
[2014.07.20 17:23:37 | 001,593,344 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssrch.dll
[2014.07.20 17:23:36 | 001,829,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ntdll.dll
[2014.07.20 17:23:33 | 001,444,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MSAudDecMFT.dll
[2014.07.20 17:23:30 | 001,113,600 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MSAudDecMFT.dll
[2014.07.20 17:23:28 | 000,403,968 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssph.dll
[2014.07.20 17:23:28 | 000,306,952 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kd_02_10ec.dll
[2014.07.20 17:23:28 | 000,298,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rsaenh.dll
[2014.07.20 17:23:27 | 000,446,792 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioSes.dll
[2014.07.20 17:23:27 | 000,373,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchProtocolHost.exe
[2014.07.20 17:23:25 | 000,595,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Windows.Networking.dll
[2014.07.20 17:23:25 | 000,489,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEng.dll
[2014.07.20 17:23:25 | 000,435,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssph.dll
[2014.07.20 17:23:25 | 000,367,616 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\conhost.exe
[2014.07.20 17:23:25 | 000,253,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\audiodg.exe
[2014.07.20 17:23:25 | 000,172,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dwmredir.dll
[2014.07.20 17:23:24 | 000,804,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\RecoveryDrive.exe
[2014.07.20 17:23:24 | 000,468,992 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\MFMediaEngine.dll
[2014.07.20 17:23:24 | 000,456,704 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wpncore.dll
[2014.07.20 17:23:22 | 000,659,456 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mssvp.dll
[2014.07.20 17:23:22 | 000,503,080 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ci.dll
[2014.07.20 17:23:22 | 000,411,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Windows.Networking.dll
[2014.07.20 17:23:22 | 000,361,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\MFMediaEngine.dll
[2014.07.20 17:23:22 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhengine.dll
[2014.07.20 17:23:22 | 000,228,352 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\XpsRasterService.dll
[2014.07.20 17:23:22 | 000,196,096 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dmvdsitf.dll
[2014.07.20 17:23:22 | 000,121,856 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rascfg.dll
[2014.07.20 17:23:22 | 000,108,544 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rascfg.dll
[2014.07.20 17:23:21 | 000,281,088 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mfreadwrite.dll
[2014.07.20 17:23:21 | 000,197,120 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\SearchFilterHost.exe
[2014.07.20 17:23:21 | 000,169,472 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\AudioEndpointBuilder.dll
[2014.07.20 17:23:21 | 000,126,464 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\Robocopy.exe
[2014.07.20 17:23:21 | 000,123,880 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wscapi.dll
[2014.07.20 17:23:21 | 000,077,960 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdvm.dll
[2014.07.20 17:23:20 | 000,210,432 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\iuilp.dll
[2014.07.20 17:23:20 | 000,155,648 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dmvdsitf.dll
[2014.07.20 17:23:20 | 000,155,136 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\XpsRasterService.dll
[2014.07.20 17:23:20 | 000,106,496 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\Robocopy.exe
[2014.07.20 17:23:20 | 000,086,280 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kdnet.dll
[2014.07.20 17:23:19 | 000,745,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssvp.dll
[2014.07.20 17:23:19 | 000,414,720 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\GenuineCenter.dll
[2014.07.20 17:23:19 | 000,315,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcfg.dll
[2014.07.20 17:23:19 | 000,214,528 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\mfreadwrite.dll
[2014.07.20 17:23:19 | 000,070,656 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhevents.dll
[2014.07.20 17:23:19 | 000,050,176 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fmifs.dll
[2014.07.20 17:23:18 | 000,280,576 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcat.dll
[2014.07.20 17:23:18 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhmanagew.exe
[2014.07.20 17:23:18 | 000,137,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhshl.dll
[2014.07.20 17:23:18 | 000,116,736 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvc.dll
[2014.07.20 17:23:18 | 000,096,256 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\mssprxy.dll
[2014.07.20 17:23:18 | 000,080,896 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchapi.dll
[2014.07.20 17:23:18 | 000,075,264 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasdiag.dll
[2014.07.20 17:23:18 | 000,067,584 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsrchph.dll
[2014.07.20 17:23:18 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhlisten.dll
[2014.07.20 17:23:18 | 000,059,392 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasdiag.dll
[2014.07.20 17:23:18 | 000,053,760 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhcleanup.dll
[2014.07.20 17:23:18 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\fmifs.dll
[2014.07.20 17:23:18 | 000,013,824 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msshooks.dll
[2014.07.20 17:23:18 | 000,010,752 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msshooks.dll
[2014.07.20 17:23:17 | 000,065,024 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msscntrs.dll
[2014.07.20 17:23:17 | 000,064,000 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhautoplay.dll
[2014.07.20 17:23:17 | 000,060,928 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\ndptsp.tsp
[2014.07.20 17:23:17 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\ndptsp.tsp
[2014.07.20 17:23:17 | 000,041,984 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasmxs.dll
[2014.07.20 17:23:17 | 000,038,400 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhtask.dll
[2014.07.20 17:23:17 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasmxs.dll
[2014.07.20 17:23:17 | 000,029,696 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\rasser.dll
[2014.07.20 17:23:17 | 000,022,016 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\rasser.dll
[2014.07.20 17:23:16 | 000,047,104 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\kmddsp.tsp
[2014.07.20 17:23:16 | 000,038,912 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\kmddsp.tsp
[2014.07.20 17:23:16 | 000,020,480 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\fhsvcctl.dll
[2014.07.20 17:23:16 | 000,009,728 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\spwmp.dll
[2014.07.20 17:23:16 | 000,009,216 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\spwmp.dll
[2014.07.20 17:23:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msdxm.ocx
[2014.07.20 17:23:16 | 000,006,144 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\dxmasf.dll
[2014.07.20 17:23:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msdxm.ocx
[2014.07.20 17:23:16 | 000,004,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\dxmasf.dll
[2014.07.20 17:23:15 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\wmploc.DLL
[2014.07.20 17:23:14 | 009,374,208 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\wmploc.DLL
[2014.07.20 17:19:12 | 010,116,608 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\twinui.dll
[2014.07.20 17:19:11 | 008,858,112 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\twinui.dll
[2014.07.20 17:19:09 | 002,304,512 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\authui.dll
[2014.07.20 17:19:09 | 002,146,304 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\actxprxy.dll
[2014.07.20 17:19:09 | 002,035,712 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\authui.dll
[2014.07.20 17:19:08 | 000,069,864 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\drivers\pdc.sys
[2014.07.20 17:18:37 | 000,312,320 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysNative\msieftp.dll
[2014.07.20 17:18:37 | 000,273,408 | ---- | C] (Microsoft Corporation) -- C:\WINDOWS\SysWow64\msieftp.dll
[2014.07.20 17:10:53 | 000,362,496 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysNative\atmfd.dll
[2014.07.20 17:10:53 | 000,300,032 | ---- | C] (Adobe Systems Incorporated) -- C:\WINDOWS\SysWow64\atmfd.dll
[2014.07.20 17:10:53 | 000,046,080 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysNative\atmlib.dll
[2014.07.20 17:10:53 | 000,035,328 | ---- | C] (Adobe Systems) -- C:\WINDOWS\SysWow64\atmlib.dll
[2014.07.20 16:23:06 | 000,033,240 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\drivers\GEARAspiWDM.sys
[2014.07.20 16:22:58 | 000,125,872 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysNative\GEARAspi64.dll
[2014.07.20 16:22:58 | 000,106,928 | ---- | C] (GEAR Software Inc.) -- C:\WINDOWS\SysWow64\GEARAspi.dll
[2014.07.20 16:22:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64
[2014.07.20 16:22:26 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64\0700000.012
[2014.07.20 16:22:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
[2014.07.20 16:22:25 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
[2014.07.19 13:45:59 | 001,148,120 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symefa64.sys
[2014.07.19 13:45:59 | 000,875,736 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtsp64.sys
[2014.07.19 13:45:59 | 000,593,112 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symnets.sys
[2014.07.19 13:45:59 | 000,493,656 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symds64.sys
[2014.07.19 13:45:59 | 000,264,280 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\ironx64.sys
[2014.07.19 13:45:59 | 000,162,392 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\ccsetx64.sys
[2014.07.19 13:45:59 | 000,036,952 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtspx64.sys
[2014.07.19 13:45:59 | 000,023,568 | R--- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symelam.sys
[2014.07.19 13:45:53 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D
[2014.07.19 13:41:20 | 000,177,752 | ---- | C] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014.07.19 13:41:19 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Symantec Shared
[2014.07.19 13:37:56 | 000,000,000 | ---D | C] -- C:\WINDOWS\SysNative\drivers\N360x64
[2014.07.19 13:37:45 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
[2014.07.19 13:37:45 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Norton 360
[2014.07.19 13:28:49 | 000,000,000 | ---D | C] -- C:\ProgramData\PCSettings
[2014.07.19 13:15:32 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Symantec Shared
[2014.07.19 12:04:12 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\WildTangent
[2014.07.19 11:48:12 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Atheros
[2014.07.19 11:47:41 | 000,000,000 | ---D | C] -- C:\ProgramData\OEM_YAHOO
[2014.07.19 11:47:34 | 000,000,000 | ---D | C] -- C:\Program Files\Preload
[2014.07.19 11:47:24 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2014.07.19 11:47:24 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Searches
[2014.07.19 11:47:24 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Contacts
[2014.07.19 11:47:24 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2014.07.19 11:47:18 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Adobe
[2014.07.19 11:46:26 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Synaptics
[2014.07.19 11:46:07 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\VirtualStore
[2014.07.19 11:45:53 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Packages
[2014.07.19 11:45:43 | 000,000,000 | --SD | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Videos
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Saved Games
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Pictures
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Music
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Links
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Favorites
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Downloads
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Documents
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\Desktop
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2014.07.19 11:45:43 | 000,000,000 | R--D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\AppData\Local\Temporary Internet Files
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Start-meny
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Skrivere
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\SendTo
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Recent
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Programdata
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\AppData\Local\Programdata
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Mine dokumenter
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Documents\Mine bilder
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Documents\Min musikk
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Maler
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Lokale innstillinger
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\AppData\Local\Logg
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Documents\Intern video
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\Cookies
[2014.07.19 11:45:43 | 000,000,000 | -HSD | C] -- C:\Users\Hespetreet\AndrMask
[2014.07.19 11:45:43 | 000,000,000 | -H-D | C] -- C:\Users\Hespetreet\AppData
[2014.07.19 11:45:43 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Temp
[2014.07.19 11:45:43 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Local\Microsoft
[2014.07.19 11:45:43 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2014.07.19 11:44:06 | 000,000,000 | ---D | C] -- C:\WINDOWS\SoftwareDistribution
[2014.07.19 11:16:59 | 000,000,000 | ---D | C] -- C:\ProgramData\Synaptics
[2014.07.19 11:07:47 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2014.07.19 06:28:51 | 000,000,000 | ---D | C] -- C:\ProgramData\Canneverbe Limited
[2014.07.19 06:28:41 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Canneverbe Limited
[2014.07.19 06:28:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CDBurnerXP
[2014.07.19 06:25:39 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Macromedia
[2014.07.19 05:52:00 | 000,000,000 | ---D | C] -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
 
========== Files - Modified Within 30 Days ==========
 
[2014.08.10 00:43:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hespetreet\Desktop\OTL.exe
[2014.08.10 00:17:00 | 000,001,016 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.08.10 00:05:00 | 000,000,830 | ---- | M] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.08.09 19:24:31 | 000,007,625 | ---- | M] () -- C:\Users\Hespetreet\AppData\Local\Resmon.ResmonCfg
[2014.08.09 19:04:00 | 000,000,306 | ---- | M] () -- C:\WINDOWS\tasks\NUSchedule.job
[2014.08.09 18:58:55 | 000,067,584 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2014.08.09 17:50:51 | 000,065,536 | ---- | M] () -- C:\WINDOWS\SysNative\spu_storage.bin
[2014.08.09 14:17:00 | 000,001,012 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.08.09 13:00:00 | 000,000,356 | ---- | M] () -- C:\WINDOWS\tasks\SpeedDiskSchedule.job
[2014.08.09 12:20:54 | 000,000,314 | ---- | M] () -- C:\WINDOWS\tasks\NUAutoUpdate.job
[2014.08.09 12:19:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.08.09 12:19:23 | 380,006,399 | -HS- | M] () -- C:\hiberfil.sys
[2014.08.09 12:18:29 | 000,000,577 | ---- | M] () -- C:\Users\Hespetreet\Documents\rød.rtf
[2014.08.07 08:28:36 | 001,534,910 | ---- | M] () -- C:\Users\Hespetreet\Documents\Borte.rtf
[2014.08.07 05:39:18 | 000,007,555 | ---- | M] () -- C:\Users\Hespetreet\Documents\Dokumentccc.rtf
[2014.08.06 12:32:10 | 006,050,006 | ---- | M] () -- C:\Users\Hespetreet\Documents\xtranr 4.rtf
[2014.08.06 01:49:53 | 001,081,344 | ---- | M] () -- C:\Users\Hespetreet\s-1-5-21-3604915464-1756807762-4202892429-1001.rrr
[2014.08.04 15:13:37 | 000,000,236 | ---- | M] () -- C:\Users\Hespetreet\Documents\Dokumenty.rtf
[2014.08.04 14:11:31 | 000,001,359 | ---- | M] () -- C:\Users\Hespetreet\Documents\nort.rtf
[2014.08.04 10:07:03 | 000,178,264 | ---- | M] () -- C:\Users\Hespetreet\Documents\1.jpg
[2014.08.03 19:35:23 | 006,050,001 | ---- | M] () -- C:\Users\Hespetreet\Documents\Dokumentx.rtf
[2014.08.03 19:33:02 | 011,347,276 | ---- | M] () -- C:\Users\Hespetreet\Documents\Dokument.rtf
[2014.08.02 11:48:12 | 000,015,799 | ---- | M] () -- C:\Users\Hespetreet\Documents\artx.odt
[2014.08.01 14:24:02 | 000,014,240 | ---- | M] () -- C:\Users\Hespetreet\Documents\xx.rtf
[2014.07.31 22:49:37 | 000,000,172 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\isolate.ini
[2014.07.31 12:53:15 | 000,042,291 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\VT20140731.006
[2014.07.31 12:27:50 | 000,001,195 | ---- | M] () -- C:\Users\Public\Desktop\Norton Utilities 16.lnk
[2014.07.31 12:23:14 | 000,021,977 | ---- | M] () -- C:\WINDOWS\is-F874M.msg
[2014.07.31 12:23:14 | 000,000,346 | ---- | M] () -- C:\WINDOWS\is-F874M.lst
[2014.07.31 12:23:13 | 001,550,880 | ---- | M] () -- C:\WINDOWS\is-F874M.exe
[2014.07.31 12:19:27 | 004,288,559 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014.07.29 20:26:46 | 000,001,238 | ---- | M] () -- C:\Users\Hespetreet\Desktop\Norton Download Manager.lnk
[2014.07.29 20:07:22 | 001,362,464 | ---- | M] () -- C:\WINDOWS\SysNative\PerfStringBackup.INI
[2014.07.29 20:07:22 | 000,710,244 | ---- | M] () -- C:\WINDOWS\SysNative\perfh009.dat
[2014.07.29 20:07:22 | 000,449,912 | ---- | M] () -- C:\WINDOWS\SysNative\perfh014.dat
[2014.07.29 20:07:22 | 000,132,614 | ---- | M] () -- C:\WINDOWS\SysNative\perfc009.dat
[2014.07.29 20:07:22 | 000,077,052 | ---- | M] () -- C:\WINDOWS\SysNative\perfc014.dat
[2014.07.28 17:45:27 | 000,281,680 | ---- | M] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.07.28 17:45:12 | 670,148,535 | ---- | M] () -- C:\WINDOWS\MEMORY.DMP
[2014.07.27 19:53:29 | 000,002,536 | ---- | M] () -- C:\Users\Hespetreet\Documents\arti.rtf
[2014.07.27 19:48:58 | 000,002,890 | ---- | M] () -- C:\Users\Hespetreet\Documents\art.odt
[2014.07.23 07:13:10 | 000,030,068 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symvtcer.dat
[2014.07.21 14:13:12 | 000,002,225 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.07.20 18:09:51 | 000,001,123 | ---- | M] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.07.20 16:53:32 | 000,000,000 | -H-- | M] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014.07.19 13:49:34 | 000,002,331 | ---- | M] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014.07.19 13:41:19 | 000,177,752 | ---- | M] (Symantec Corporation) -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.SYS
[2014.07.19 13:41:19 | 000,008,222 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014.07.19 13:41:19 | 000,000,854 | ---- | M] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014.07.19 06:40:32 | 1044,938,752 | ---- | M] () -- C:\NBRT.iso
[2014.07.19 06:28:41 | 000,001,945 | ---- | M] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
 
========== Files Created - No Company Name ==========
 
[2014.08.09 12:18:29 | 000,000,577 | ---- | C] () -- C:\Users\Hespetreet\Documents\rød.rtf
[2014.08.08 15:18:30 | 000,009,939 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symelam64.cat
[2014.08.08 15:18:30 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symnet64.cat
[2014.08.08 15:18:30 | 000,001,440 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symnet.inf
[2014.08.08 15:18:29 | 000,008,194 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symefa64.cat
[2014.08.08 15:18:29 | 000,008,188 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symds64.cat
[2014.08.08 15:18:29 | 000,003,433 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symefa.inf
[2014.08.08 15:18:29 | 000,002,852 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symds.inf
[2014.08.08 15:18:29 | 000,001,098 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symelam.inf
[2014.08.08 15:18:23 | 000,008,196 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtspx64.cat
[2014.08.08 15:18:23 | 000,001,437 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtsp64.inf
[2014.08.08 15:18:23 | 000,001,420 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtspx64.inf
[2014.08.08 15:18:22 | 000,008,202 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\ccsetx64.cat
[2014.08.08 15:18:22 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\srtsp64.cat
[2014.08.08 15:18:22 | 000,008,184 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\iron.cat
[2014.08.08 15:18:22 | 000,000,855 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\ccsetx64.inf
[2014.08.08 15:18:22 | 000,000,767 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\iron.inf
[2014.08.08 15:16:55 | 000,030,068 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\symvtcer.dat
[2014.08.08 15:16:53 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1505000.013\isolate.ini
[2014.08.07 07:30:33 | 001,534,910 | ---- | C] () -- C:\Users\Hespetreet\Documents\Borte.rtf
[2014.08.06 12:32:10 | 006,050,006 | ---- | C] () -- C:\Users\Hespetreet\Documents\xtranr 4.rtf
[2014.08.06 12:24:42 | 000,178,264 | ---- | C] () -- C:\Users\Hespetreet\Documents\1.jpg
[2014.08.06 01:49:53 | 001,081,344 | ---- | C] () -- C:\Users\Hespetreet\s-1-5-21-3604915464-1756807762-4202892429-1001.rrr
[2014.08.04 23:54:54 | 000,007,555 | ---- | C] () -- C:\Users\Hespetreet\Documents\Dokumentccc.rtf
[2014.08.04 15:13:37 | 000,000,236 | ---- | C] () -- C:\Users\Hespetreet\Documents\Dokumenty.rtf
[2014.08.04 00:03:11 | 000,001,359 | ---- | C] () -- C:\Users\Hespetreet\Documents\nort.rtf
[2014.08.03 19:35:23 | 006,050,001 | ---- | C] () -- C:\Users\Hespetreet\Documents\Dokumentx.rtf
[2014.08.03 16:28:28 | 011,347,276 | ---- | C] () -- C:\Users\Hespetreet\Documents\Dokument.rtf
[2014.08.03 06:46:18 | 000,007,625 | ---- | C] () -- C:\Users\Hespetreet\AppData\Local\Resmon.ResmonCfg
[2014.08.01 14:38:00 | 000,000,356 | ---- | C] () -- C:\WINDOWS\tasks\SpeedDiskSchedule.job
[2014.08.01 00:55:30 | 000,042,291 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\VT20140731.006
[2014.07.31 19:56:39 | 000,014,240 | ---- | C] () -- C:\Users\Hespetreet\Documents\xx.rtf
[2014.07.31 19:55:23 | 000,015,799 | ---- | C] () -- C:\Users\Hespetreet\Documents\artx.odt
[2014.07.31 19:20:19 | 000,000,306 | ---- | C] () -- C:\WINDOWS\tasks\NUSchedule.job
[2014.07.31 12:28:05 | 000,000,314 | ---- | C] () -- C:\WINDOWS\tasks\NUAutoUpdate.job
[2014.07.31 12:27:50 | 000,001,195 | ---- | C] () -- C:\Users\Public\Desktop\Norton Utilities 16.lnk
[2014.07.31 12:23:14 | 000,000,346 | ---- | C] () -- C:\WINDOWS\is-F874M.lst
[2014.07.31 12:23:13 | 001,550,880 | ---- | C] () -- C:\WINDOWS\is-F874M.exe
[2014.07.31 12:23:13 | 000,021,977 | ---- | C] () -- C:\WINDOWS\is-F874M.msg
[2014.07.31 12:23:11 | 000,042,624 | ---- | C] () -- C:\WINDOWS\SysNative\CleanMFT64.exe
[2014.07.28 17:45:15 | 000,281,680 | ---- | C] () -- C:\WINDOWS\SysNative\FNTCACHE.DAT
[2014.07.28 17:45:12 | 670,148,535 | ---- | C] () -- C:\WINDOWS\MEMORY.DMP
[2014.07.27 19:53:29 | 000,002,536 | ---- | C] () -- C:\Users\Hespetreet\Documents\arti.rtf
[2014.07.27 19:47:13 | 000,002,890 | ---- | C] () -- C:\Users\Hespetreet\Documents\art.odt
[2014.07.24 22:45:07 | 000,387,268 | ---- | C] () -- C:\WINDOWS\SysNative\ApnDatabase.xml
[2014.07.21 14:13:12 | 000,002,225 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk
[2014.07.21 14:12:25 | 000,001,016 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2014.07.21 14:12:24 | 000,001,012 | ---- | C] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2014.07.20 20:38:13 | 000,000,830 | ---- | C] () -- C:\WINDOWS\tasks\Adobe Flash Player Updater.job
[2014.07.20 18:23:11 | 000,110,592 | ---- | C] () -- C:\WINDOWS\SysNative\OEMLicense.dll
[2014.07.20 18:23:11 | 000,083,968 | ---- | C] () -- C:\WINDOWS\SysWow64\OEMLicense.dll
[2014.07.20 18:09:50 | 000,001,123 | ---- | C] () -- C:\Users\Public\Desktop\Mozilla Firefox.lnk
[2014.07.20 18:09:47 | 000,001,135 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
[2014.07.20 16:53:32 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\SysNative\drivers\Msft_User_WpdFs_01_11_00.Wdf
[2014.07.20 16:22:26 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\NBRTWizardx64\0700000.012\isolate.ini
[2014.07.19 13:49:37 | 004,288,559 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\Cat.DB
[2014.07.19 13:45:59 | 000,009,939 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symelam64.cat
[2014.07.19 13:45:59 | 000,008,202 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\ccsetx64.cat
[2014.07.19 13:45:59 | 000,008,196 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtspx64.cat
[2014.07.19 13:45:59 | 000,008,194 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symefa64.cat
[2014.07.19 13:45:59 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symnet64.cat
[2014.07.19 13:45:59 | 000,008,192 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtsp64.cat
[2014.07.19 13:45:59 | 000,008,188 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symds64.cat
[2014.07.19 13:45:59 | 000,008,184 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\iron.cat
[2014.07.19 13:45:59 | 000,003,433 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symefa.inf
[2014.07.19 13:45:59 | 000,002,852 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symds.inf
[2014.07.19 13:45:59 | 000,001,440 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symnet.inf
[2014.07.19 13:45:59 | 000,001,437 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtsp64.inf
[2014.07.19 13:45:59 | 000,001,420 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\srtspx64.inf
[2014.07.19 13:45:59 | 000,001,098 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\symelam.inf
[2014.07.19 13:45:59 | 000,000,855 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\ccsetx64.inf
[2014.07.19 13:45:59 | 000,000,767 | R--- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\iron.inf
[2014.07.19 13:45:53 | 000,000,172 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\N360x64\1504000.00D\isolate.ini
[2014.07.19 13:41:20 | 000,008,222 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.CAT
[2014.07.19 13:41:20 | 000,000,854 | ---- | C] () -- C:\WINDOWS\SysNative\drivers\SYMEVENT64x86.INF
[2014.07.19 13:41:17 | 000,002,331 | ---- | C] () -- C:\Users\Public\Desktop\Norton 360.lnk
[2014.07.19 11:47:18 | 000,001,446 | ---- | C] () -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2014.07.19 11:07:48 | 268,435,456 | -HS- | C] () -- C:\swapfile.sys
[2014.07.19 11:07:45 | 380,006,399 | -HS- | C] () -- C:\hiberfil.sys
[2014.07.19 06:28:41 | 000,001,945 | ---- | C] () -- C:\Users\Public\Desktop\CDBurnerXP.lnk
[2014.07.19 06:28:40 | 000,001,915 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
[2014.07.19 06:04:18 | 1044,938,752 | ---- | C] () -- C:\NBRT.iso
[2014.07.19 05:52:00 | 000,001,238 | ---- | C] () -- C:\Users\Hespetreet\Desktop\Norton Download Manager.lnk
[2013.04.26 20:34:46 | 000,000,000 | ---- | C] () -- C:\WINDOWS\ativpsrm.bin
[2013.04.09 15:17:42 | 000,204,952 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsvl.dat
[2013.04.09 15:17:42 | 000,157,144 | ---- | C] () -- C:\WINDOWS\SysWow64\ativvsva.dat
[2013.04.09 15:17:42 | 000,003,917 | ---- | C] () -- C:\WINDOWS\SysWow64\atipblag.dat
[2013.04.09 15:17:39 | 000,995,342 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_as32.exe
[2013.04.09 15:17:39 | 000,798,734 | ---- | C] () -- C:\WINDOWS\SysWow64\amdocl_ld32.exe
[2012.11.27 10:18:46 | 000,038,912 | ---- | C] () -- C:\WINDOWS\SysWow64\kdbsdk32.dll
 
========== ZeroAccess Check ==========
 
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
 
[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64
 
[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2014.03.28 10:23:06 | 019,759,104 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2014.03.28 08:18:26 | 017,562,112 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012.07.26 05:05:38 | 001,004,544 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012.07.26 05:18:27 | 000,784,896 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free
 
[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012.07.26 05:07:41 | 000,455,680 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both
 
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]
 
========== LOP Check ==========
 
[2014.07.19 06:28:41 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\Canneverbe Limited
[2014.07.31 12:09:28 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\Product_NU16
[2014.07.19 11:46:26 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\Synaptics
[2014.07.20 18:31:42 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\Tencent
[2014.07.20 17:22:54 | 000,000,000 | ---D | M] -- C:\Users\Hespetreet\AppData\Roaming\WildTangent
 
========== Purity Check ==========
 
 
 
========== Custom Scans ==========
 
< %USERPROFILE%\..|smtmp;true;true;true /FP >
 
< %temp%\smtmp\*.* /s > >
 
< MD5 for: EXPLORER.ADML  >
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16384_en-us_7bca26f6f419a854\Explorer.adml
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16433_en-us_7bff382ef3f2006f\Explorer.adml
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16726_en-us_7c0d0eaaf3e727f8\Explorer.adml
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20534_en-us_7c89d5440d0eb990\Explorer.adml
[2012.07.26 09:49:05 | 000,003,671 | ---- | M] () MD5=007B16AEF3E958080573CDB80648167D -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20837_en-us_7c8cdbd40d0bfd0a\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_3696cd177bf59a86\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16433_nb-no_36cbde4f7bcdf2a1\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.16726_nb-no_36d9b4cb7bc31a2a\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20534_nb-no_37567b6494eaabc2\Explorer.adml
[2013.04.26 21:10:51 | 000,003,698 | ---- | M] () MD5=AEBE56A374405EBF51E913604AA09C92 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ouppolicy.resources_31bf3856ad364e35_6.2.9200.20837_nb-no_375981f494e7ef3c\Explorer.adml
 
< MD5 for: EXPLORER.ADMX  >
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16384_none_6e8451187a9a1607\Explorer.admx
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16420_none_6ec1315e7a6d062c\Explorer.admx
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.16433_none_6eb962507a726e22\Explorer.admx
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.20521_none_6f4bce739389bf4d\Explorer.admx
[2012.06.02 16:32:35 | 000,003,836 | ---- | M] () MD5=AD131A834808E6AFF4A3918DE05BFCF6 -- C:\Windows\WinSxS\amd64_microsoft-windows-shell-grouppolicy_31bf3856ad364e35_6.2.9200.20534_none_6f43ff65938f2743\Explorer.admx
 
< MD5 for: EXPLORER.EXE  >
[2014.07.31 01:31:00 | 000,191,929 | ---- | M] () MD5=0DFFA20BC55B04EB41A645B2B3C090AF -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_b592a71650d677ed\explorer.exe
[2013.06.01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\explorer.exe
[2013.06.01 13:34:21 | 002,391,280 | ---- | M] (Microsoft Corporation) MD5=0E8E6463F81C80AFBED533E0F1F8895D -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_aac334d9034c59e1\explorer.exe
[2014.07.31 01:30:51 | 000,191,911 | ---- | M] () MD5=7EE632A61E017550EA93DE43B2F5E11A -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_b5080a0137b9becc\explorer.exe
[2014.07.29 19:49:58 | 000,220,310 | ---- | M] () MD5=8245C120A0228DF5FEDA420EEA92073A -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16433_none_aab35faf0358fcd1\explorer.exe
[2014.07.31 01:31:10 | 000,190,101 | ---- | M] () MD5=88FFBEDEE68E55114100F40018C8502E -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_b591aa9850d758e4\explorer.exe
[2014.07.31 01:30:41 | 000,193,351 | ---- | M] () MD5=D7BB0E752E2500BC35445E8DF43C64E8 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_b4d2f8c937e166b1\explorer.exe
[2014.07.29 19:49:52 | 000,221,955 | ---- | M] () MD5=E6BB49E22BE475CD8D9A8E4F09C94D88 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16384_none_aa7e4e770380a4b6\explorer.exe
[2013.06.01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\SysWOW64\explorer.exe
[2013.06.01 12:24:46 | 002,106,176 | ---- | M] (Microsoft Corporation) MD5=EAFE46B0292D2BD2467835E2ACF717CC -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.16628_none_b517df2b37ad1bdc\explorer.exe
[2014.07.29 19:50:04 | 000,220,321 | ---- | M] () MD5=F684C576CFB3780C22C6F5289540A455 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20534_none_ab3dfcc41c75b5f2\explorer.exe
[2014.07.29 19:50:10 | 000,217,360 | ---- | M] () MD5=FAE1FCD1E42A50D856EB908554431055 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer_31bf3856ad364e35_6.2.9200.20733_none_ab3d00461c7696e9\explorer.exe
 
< MD5 for: EXPLORER.EXE.MUI  >
[2012.07.26 09:48:57 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\en-US\explorer.exe.mui
[2012.07.26 09:48:57 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\SysWOW64\en-US\explorer.exe.mui
[2012.07.26 09:48:57 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_en-us_5ebc2e81fd6600eb\explorer.exe.mui
[2012.07.26 09:48:57 | 000,020,480 | ---- | M] (Microsoft Corporation) MD5=C25D32FEDB5AA6FF87B5A29D56D35FFA -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_en-us_6910d8d431c6c2e6\explorer.exe.mui
[2013.04.26 21:10:34 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\nb-NO\explorer.exe.mui
[2013.04.26 21:10:34 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\SysWOW64\nb-NO\explorer.exe.mui
[2013.04.26 21:10:34 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_1988d4a28541f31d\explorer.exe.mui
[2013.04.26 21:10:34 | 000,021,504 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\wow64_microsoft-windows-explorer.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_23dd7ef4b9a2b518\explorer.exe.mui
 
< MD5 for: EXPLORER.EXE-03C49D11.PF  >
[2014.08.08 15:20:17 | 000,305,452 | ---- | M] () MD5=36360316CDBA6839FEBCE737F49EBEB7 -- C:\Windows\Prefetch\EXPLORER.EXE-03C49D11.pf
 
< MD5 for: IEXPLORE.EXE  >
[2014.07.31 01:32:49 | 000,005,047 | ---- | M] () MD5=1EC7A0840B5D42FDFC091483A869A58F -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.21145_none_2ba102e53a13fa8e\iexplore.exe
[2014.07.30 09:44:14 | 000,006,966 | ---- | M] () MD5=24670320D89511DDA191DDA6151AA248 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_21212dc505d3918f\iexplore.exe
[2014.07.30 09:44:07 | 000,006,981 | ---- | M] () MD5=2BC908FD7537A5636F6B0A936556AC32 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_37f8bacaec24e2f1\iexplore.exe
[2014.07.30 09:44:17 | 000,006,954 | ---- | M] () MD5=2E073528F85BFCBF00428E0A2F22B0E0 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20589_none_2124bd0505d07710\iexplore.exe
[2014.07.31 01:32:44 | 000,006,458 | ---- | M] () MD5=2F71A41DFC21337640B166530CE9186D -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20557_none_2b7694093a33b9c4\iexplore.exe
[2014.07.31 01:32:37 | 000,006,438 | ---- | M] () MD5=33B73A238448C89C169F701F7A0EEA7D -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16484_none_42524fc720813d40\iexplore.exe
[2014.07.31 01:32:34 | 000,006,395 | ---- | M] () MD5=5155938C91796D10D4C98E1B076059A1 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16453_none_424f65b12083d79a\iexplore.exe
[2014.07.31 01:32:29 | 000,006,437 | ---- | M] () MD5=5B3164964927CA11615547C18EACEBF1 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16433_none_424d651d2085a4ec\iexplore.exe
[2014.07.30 09:44:11 | 000,006,971 | ---- | M] () MD5=67602FE7AB7B1A2A3D72DDEE1EB63F39 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16484_none_37fda574ec207b45\iexplore.exe
[2014.07.30 09:44:10 | 000,006,964 | ---- | M] () MD5=693D23212F9A8E20C6E40C868C50DA66 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16453_none_37fabb5eec23159f\iexplore.exe
[2014.07.31 01:32:41 | 000,006,411 | ---- | M] () MD5=89094B3EC5AC021DB4CB945DC44967CA -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20544_none_2b75d8173a34538a\iexplore.exe
[2014.07.30 09:44:13 | 000,006,974 | ---- | M] () MD5=9B84E83112577BB2DB07AA30AFF1A260 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_21202d7b05d47838\iexplore.exe
[2014.07.31 01:32:46 | 000,006,435 | ---- | M] () MD5=A14B020D2A42AE23D3E21E33518D8683 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20589_none_2b7967573a31390b\iexplore.exe
[2014.07.31 01:32:32 | 000,006,445 | ---- | M] () MD5=A8E0F48369B0B18850EFAF31AD731303 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_424e7c2f2084a4a2\iexplore.exe
[2014.06.19 06:18:02 | 000,775,320 | ---- | M] (Microsoft Corporation) MD5=B606732D1F1948DF9CE9E30517E17268 -- C:\Program Files\Internet Explorer\iexplore.exe
[2014.06.19 06:18:02 | 000,775,320 | ---- | M] (Microsoft Corporation) MD5=B606732D1F1948DF9CE9E30517E17268 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.17028_none_38228a2eec05d722\iexplore.exe
[2014.07.30 09:44:09 | 000,006,957 | ---- | M] () MD5=CC87EE8E26F460DCF2F79A673A52C3DE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16442_none_37f9d1dcec23e2a7\iexplore.exe
[2014.07.30 09:44:06 | 000,006,931 | ---- | M] () MD5=E2959839CBCB3881F2F3B216EDB756CE -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_38087560ec185f54\iexplore.exe
[2014.07.31 01:32:39 | 000,006,428 | ---- | M] () MD5=E9AE9BD5A3C867FEF119200131583E18 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20534_none_2b74d7cd3a353a33\iexplore.exe
[2014.07.30 09:44:18 | 000,004,062 | ---- | M] () MD5=EEC65E0DE4E99D7BCDFF16E4048FBB56 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.21145_none_214c589305b33893\iexplore.exe
[2014.07.31 01:32:27 | 000,006,831 | ---- | M] () MD5=F19C332E8E54180D5B5E3765CFCB603F -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.16384_none_425d1fb32079214f\iexplore.exe
[2014.06.19 03:13:09 | 000,770,704 | ---- | M] (Microsoft Corporation) MD5=F37633EA6056B7F7DE685FB7F6DFB1FC -- C:\Program Files (x86)\Internet Explorer\iexplore.exe
[2014.06.19 03:13:09 | 000,770,704 | ---- | M] (Microsoft Corporation) MD5=F37633EA6056B7F7DE685FB7F6DFB1FC -- C:\Windows\WinSxS\wow64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.17028_none_427734812066991d\iexplore.exe
[2014.07.30 09:44:16 | 000,006,954 | ---- | M] () MD5=F5895B4C5FB676EB79A26A886E10ED73 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..etexplorer-optional_31bf3856ad364e35_10.0.9200.20557_none_2121e9b705d2f7c9\iexplore.exe
 
< MD5 for: IEXPLORE.EXE.MUI  >
[2013.04.26 21:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2E6B6B565382197D45E3AA42E268D96D -- C:\Program Files (x86)\Internet Explorer\nb-NO\iexplore.exe.mui
[2013.04.26 21:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2E6B6B565382197D45E3AA42E268D96D -- C:\Program Files\Internet Explorer\nb-NO\iexplore.exe.mui
[2013.04.26 21:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2E6B6B565382197D45E3AA42E268D96D -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_nb-no_ec81b0f8aba1926d\iexplore.exe.mui
[2013.04.26 21:10:53 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=2E6B6B565382197D45E3AA42E268D96D -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_nb-no_f6d65b4ae0025468\iexplore.exe.mui
[2012.07.26 09:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Program Files (x86)\Internet Explorer\en-US\iexplore.exe.mui
[2012.07.26 09:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Program Files\Internet Explorer\en-US\iexplore.exe.mui
[2012.07.26 09:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Windows\WinSxS\amd64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_en-us_31b50ad823c5a03b\iexplore.exe.mui
[2012.07.26 09:49:06 | 000,005,632 | ---- | M] (Microsoft Corporation) MD5=4C724BBF739D40D8AA3023943F3450A7 -- C:\Windows\WinSxS\wow64_microsoft-windows-i..-optional.resources_31bf3856ad364e35_10.0.9200.16384_en-us_3c09b52a58266236\iexplore.exe.mui
 
< MD5 for: IEXPLORE.EXE-7A9337F2.PF  >
[2014.08.08 15:21:17 | 000,129,926 | ---- | M] () MD5=6DDDF7E11A4A9B9FF8086FA19CE9B81D -- C:\Windows\Prefetch\IEXPLORE.EXE-7A9337F2.pf
 
< MD5 for: IEXPLORE.EXE-F4FB5D2F.PF  >
[2014.08.08 15:21:33 | 000,269,264 | ---- | M] () MD5=82C1C03DBC1C3BD4E52DE7D9F3A7EC90 -- C:\Windows\Prefetch\IEXPLORE.EXE-F4FB5D2F.pf
 
< MD5 for: SERVICES  >
[2014.08.09 12:18:02 | 000,093,580 | ---- | M] () MD5=C2CB626533B5A32CA0C43404F4329577 -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\MMC\services
[2012.07.26 07:26:47 | 000,017,463 | ---- | M] () MD5=D9E1A01B480D961B7CF0509D597A92D6 -- C:\Windows\WinSxS\amd64_microsoft-windows-w..ucture-other-minwin_31bf3856ad364e35_6.2.9200.16384_none_8e0944daeed62829\services
 
< MD5 for: SERVICES.EXE  >
[2014.07.30 12:09:33 | 000,001,252 | ---- | M] () MD5=348BBC0997F12A346E802238B7A10743 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.20521_none_98a9ea2e9f571eb2\services.exe
[2012.09.20 08:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\WINDOWS\SysNative\services.exe
[2012.09.20 08:33:46 | 000,410,624 | ---- | M] (Microsoft Corporation) MD5=8F226143046435C75C033B0C52E90FFE -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16420_none_981f4d19863a6591\services.exe
[2014.07.30 12:09:32 | 000,038,189 | ---- | M] () MD5=A06C65A37A48D1CD522F12A0CEBDB101 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cecontroller-minwin_31bf3856ad364e35_6.2.9200.16384_none_97e26cd38667756c\services.exe
 
< MD5 for: SERVICES.EXE.MUI  >
[2012.07.26 09:48:33 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\WINDOWS\SysNative\en-US\services.exe.mui
[2012.07.26 09:48:33 | 000,018,944 | ---- | M] (Microsoft Corporation) MD5=8BCB19134E995FA62587DCE26E13B36C -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.2.9200.16384_en-us_c2c6ee7bafb963b8\services.exe.mui
[2013.04.26 21:10:11 | 000,019,456 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SysNative\nb-NO\services.exe.mui
[2013.04.26 21:10:11 | 000,019,456 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..ontroller.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_7d93949c379555ea\services.exe.mui
 
< MD5 for: SERVICES.JS  >
[2014.07.20 18:37:28 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_2.0.0.308_x64__8wekyb3d8bbwe\common\js\services.js
[2014.07.20 18:37:12 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingNews_2.0.0.308_x64__8wekyb3d8bbwe\common\js\services.js
[2014.07.20 18:37:54 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingSports_2.0.0.310_x64__8wekyb3d8bbwe\common\js\services.js
[2014.07.20 18:34:42 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_2.0.0.319_x64__8wekyb3d8bbwe\common\js\services.js
[2014.07.20 18:38:12 | 000,052,388 | ---- | M] () MD5=170AC4B9F3DC60E0D38D7CC307CEFD12 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_2.0.0.310_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:54:34 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingFinance_1.7.0.26_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:23:54 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingNews_1.7.0.27_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:54:46 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingSports_1.7.0.26_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:23:16 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingTravel_1.7.0.26_x64__8wekyb3d8bbwe\common\js\services.js
[2013.01.02 08:54:24 | 000,069,359 | ---- | M] () MD5=6AA9F10CF05F9848EFAA91062BBEB586 -- C:\Program Files\WindowsApps\Microsoft.BingWeather_1.7.0.26_x64__8wekyb3d8bbwe\common\js\services.js
 
< MD5 for: SERVICES.LNK  >
[2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Users\All Users\Microsoft\Windows\Start Menu\Programs\Administrative Tools\services.lnk
[2012.07.25 22:19:37 | 000,001,158 | ---- | M] () MD5=5C11B0E362D426FD6E99B07705BA4A48 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_282d8a08cf7f1ada\services.lnk
 
< MD5 for: SERVICES.MOF  >
[2012.06.02 16:35:05 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\WINDOWS\SysNative\wbem\services.mof
[2012.06.02 16:35:05 | 000,002,866 | ---- | M] () MD5=26A11C895A7F0B6D32105EBE127D8500 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_282967cc570d3701\services.mof
 
< MD5 for: SERVICES.MSC  >
[2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\en-US\services.msc
[2012.06.02 16:31:20 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\WINDOWS\SysNative\services.msc
[2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\en-US\services.msc
[2012.06.02 16:31:13 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\SysWOW64\services.msc
[2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_fd08be678622fdab\services.msc
[2012.06.02 16:31:20 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\amd64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_282d8a08cf7f1ada\services.msc
[2012.06.02 16:31:13 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\wow64_microsoft-windows-servicessnapin_31bf3856ad364e35_6.2.9200.16384_none_3282345b03dfdcd5\services.msc
[2012.07.26 09:48:57 | 000,092,746 | ---- | M] () MD5=2D8D95469EC26AAA986AAD1CE424E631 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_en-us_a0ea22e3cdc58c75\services.msc
[2013.04.26 21:10:31 | 000,092,747 | ---- | M] () MD5=49804FFC65E0A49858BCE4B05F988CA1 -- C:\WINDOWS\SysNative\nb-NO\services.msc
[2013.04.26 21:10:31 | 000,092,747 | ---- | M] () MD5=49804FFC65E0A49858BCE4B05F988CA1 -- C:\Windows\SysWOW64\nb-NO\services.msc
[2013.04.26 21:10:31 | 000,092,747 | ---- | M] () MD5=49804FFC65E0A49858BCE4B05F988CA1 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_b7d564880dfeefdd\services.msc
[2013.04.26 21:10:31 | 000,092,747 | ---- | M] () MD5=49804FFC65E0A49858BCE4B05F988CA1 -- C:\Windows\WinSxS\x86_microsoft-windows-s..cessnapin.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_5bb6c90455a17ea7\services.msc
 
< MD5 for: SERVICES.PTXML  >
[2012.07.25 22:30:54 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\WINDOWS\SysNative\wdi\perftrack\Services.ptxml
[2012.07.25 22:30:54 | 000,001,061 | ---- | M] () MD5=640D7DD61B1CFA6C96F80F68F78CDFA7 -- C:\Windows\WinSxS\amd64_microsoft-windows-s..s-servicecontroller_31bf3856ad364e35_6.2.9200.16384_none_282967cc570d3701\Services.ptxml
 
< MD5 for: WINLOGON.ADML  >
[2013.04.26 21:10:51 | 000,008,583 | ---- | M] () MD5=787DDCA2128570E80753702FF3C248D4 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_a89a5f0cee8221f2\WinLogon.adml
[2012.07.26 09:49:05 | 000,008,017 | ---- | M] () MD5=C270056255498A723E7331EFF1AA162F -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm.resources_31bf3856ad364e35_6.2.9200.16384_en-us_edcdb8ec66a62fc0\WinLogon.adml
 
< MD5 for: WINLOGON.ADMX  >
[2012.06.02 16:34:22 | 000,005,237 | ---- | M] () MD5=89D8F50E186A16C2CED3CF36DBBC0B2C -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-adm_31bf3856ad364e35_6.2.9200.16384_none_d3d704270306719d\WinLogon.admx
 
< MD5 for: WINLOGON.EXE  >
[2014.07.30 17:47:24 | 000,082,923 | ---- | M] () MD5=074C6F8BE6B1E5FC4631DDDDE36C35AC -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16420_none_c8c988c15e88a211\winlogon.exe
[2014.07.30 17:47:22 | 000,082,933 | ---- | M] () MD5=60A6E655A6CE36A30EB3143780EA975A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16384_none_c88ca87b5eb5b1ec\winlogon.exe
[2014.04.12 11:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\WINDOWS\SysNative\winlogon.exe
[2014.04.12 11:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16891_none_c87ee12f5ec0739b\winlogon.exe
[2014.04.12 11:10:31 | 000,578,048 | ---- | M] (Microsoft Corporation) MD5=75DD70A14145499C9F7D903CF9A8C91B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.17014_none_c8d83b755e7d1081\winlogon.exe
[2014.07.30 17:47:32 | 000,072,808 | ---- | M] () MD5=7A24F7763DEE7CA7ABA008927E3B707A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21133_none_c94b381e77abced6\winlogon.exe
[2014.07.30 17:47:30 | 000,072,808 | ---- | M] () MD5=7C3E1E29E27AFACA4364F62D84624EA4 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.21012_none_c95fd5c6779c8076\winlogon.exe
[2014.07.30 17:47:29 | 000,082,427 | ---- | M] () MD5=B9F8135D86DF7A3E298911409D4BCAE9 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20534_none_c94c56c877aac328\winlogon.exe
[2014.07.30 17:47:27 | 000,082,925 | ---- | M] () MD5=CEBD61BCC3F4C7BA57AF73FD09828E58 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.20521_none_c95425d677a55b32\winlogon.exe
[2014.07.30 17:47:25 | 000,082,423 | ---- | M] () MD5=DFD4A1D1C48DD0B4BA33FF508FB9BCBC -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon_31bf3856ad364e35_6.2.9200.16433_none_c8c1b9b35e8e0a07\winlogon.exe
 
< MD5 for: WINLOGON.EXE.MUI  >
[2012.07.26 09:48:51 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=B9094B7088CD579E5AED57A693F9BFBD -- C:\WINDOWS\SysNative\en-US\winlogon.exe.mui
[2012.07.26 09:48:51 | 000,024,064 | ---- | M] (Microsoft Corporation) MD5=B9094B7088CD579E5AED57A693F9BFBD -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.2.9200.16384_en-us_23c238ef8ddaa831\winlogon.exe.mui
[2013.04.26 21:10:26 | 000,024,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\WINDOWS\SysNative\nb-NO\winlogon.exe.mui
[2013.04.26 21:10:26 | 000,024,064 | ---- | M] (Microsoft Corporation) Unable to obtain MD5 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_de8edf1015b69a63\winlogon.exe.mui
 
< MD5 for: WINLOGON.MFL  >
[2012.07.26 09:48:52 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\WINDOWS\SysNative\wbem\en-US\winlogon.mfl
[2012.07.26 09:48:52 | 000,001,080 | ---- | M] () MD5=2783ED50691284F7EAE6BE9729337E1A -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.2.9200.16384_en-us_81848abaa91301c6\winlogon.mfl
[2013.04.26 21:10:26 | 000,001,080 | ---- | M] () MD5=B77C9DEE4508725B86AC3575C9E10A49 -- C:\WINDOWS\SysNative\wbem\nb-NO\winlogon.mfl
[2013.04.26 21:10:26 | 000,001,080 | ---- | M] () MD5=B77C9DEE4508725B86AC3575C9E10A49 -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof.resources_31bf3856ad364e35_6.2.9200.16384_nb-no_3c5130db30eef3f8\winlogon.mfl
 
< MD5 for: WINLOGON.MOF  >
[2012.07.25 22:30:16 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\WINDOWS\SysNative\wbem\winlogon.mof
[2012.07.25 22:30:16 | 000,003,192 | ---- | M] () MD5=DF722B96F32A61783BC310FACF10240B -- C:\Windows\WinSxS\amd64_microsoft-windows-winlogon-mof_31bf3856ad364e35_6.2.9200.16384_none_d9027134ffac135f\winlogon.mof
 
< %SYSTEMDRIVE%\*.* >
[2012.06.02 16:30:55 | 000,000,001 | -HS- | M] () -- C:\BOOTNXT
[2014.08.09 12:19:23 | 380,006,399 | -HS- | M] () -- C:\hiberfil.sys
[2014.07.19 06:40:32 | 1044,938,752 | ---- | M] () -- C:\NBRT.iso
[2014.08.09 12:19:27 | 1610,612,735 | -HS- | M] () -- C:\pagefile.sys
[2014.07.19 03:07:23 | 000,000,000 | ---- | M] () -- C:\Recovery.txt
[2014.08.09 12:19:27 | 268,435,456 | -HS- | M] () -- C:\swapfile.sys
[2014.08.05 00:03:07 | 000,427,178 | ---- | M] () -- C:\TDSSKiller.3.0.0.40_05.08.2014_00.00.56_log.txt
 
< %systemroot%\Fonts\*.com >
[2013.04.09 14:34:54 | 000,026,040 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalMonospace.CompositeFont
[2013.04.09 14:34:54 | 000,026,489 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSansSerif.CompositeFont
[2013.04.09 14:34:54 | 000,029,779 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalSerif.CompositeFont
[2013.04.09 14:34:54 | 000,043,318 | ---- | M] () -- C:\WINDOWS\Fonts\GlobalUserInterface.CompositeFont
 
< %systemroot%\Fonts\*.dll >
 
< %systemroot%\Fonts\*.ini >
[2012.07.26 10:11:41 | 000,000,065 | ---- | M] () -- C:\WINDOWS\Fonts\desktop.ini
 
< %systemroot%\Fonts\*.ini2 >
 
< %systemroot%\Fonts\*.exe >
 
< %systemroot%\system32\spool\prtprocs\w32x86\*.* >
 
< %systemroot%\REPAIR\*.bak1 >
 
< %systemroot%\REPAIR\*.ini >
 
< %systemroot%\system32\*.jpg >
 
< %systemroot%\*.jpg >
 
< %systemroot%\*.png >
 
< %systemroot%\*.scr >
 
< %systemroot%\*._sy >
 
< %APPDATA%\Adobe\Update\*.* >
 
< %ALLUSERSPROFILE%\Favorites\*.* >
 
< %APPDATA%\Microsoft\*.* >
 
< %PROGRAMFILES%\*.* >
[2012.07.26 10:11:35 | 000,000,174 | -HS- | M] () -- C:\Program Files (x86)\desktop.ini
 
< %APPDATA%\Update\*.* >
 
< %systemroot%\*. /mp /s >
 
< dir "%systemdrive%\*" /S /A:L /C >
 Volume in drive C is Packard Bell
 Volume Serial Number is FCD8-3BFE
 Directory of C:\
26.07.2012  09:22    <JUNCTION>     Documents and Settings [C:\Users]
               0 File(s)              0 bytes
 Directory of C:\ProgramData
26.07.2012  09:22    <JUNCTION>     Application Data [C:\ProgramData]
26.07.2012  09:22    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
26.07.2012  09:22    <JUNCTION>     Documents [C:\Users\Public\Documents]
26.07.2012  09:22    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
26.07.2012  09:22    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users
26.07.2012  09:22    <SYMLINKD>     All Users [C:\ProgramData]
26.07.2012  09:22    <JUNCTION>     Default User [C:\Users\Default]
               0 File(s)              0 bytes
 Directory of C:\Users\All Users
26.07.2012  09:22    <JUNCTION>     Application Data [C:\ProgramData]
26.07.2012  09:22    <JUNCTION>     Desktop [C:\Users\Public\Desktop]
26.07.2012  09:22    <JUNCTION>     Documents [C:\Users\Public\Documents]
26.07.2012  09:22    <JUNCTION>     Start Menu [C:\ProgramData\Microsoft\Windows\Start Menu]
26.07.2012  09:22    <JUNCTION>     Templates [C:\ProgramData\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default
26.07.2012  09:22    <JUNCTION>     Application Data [C:\Users\Default\AppData\Roaming]
26.07.2012  09:22    <JUNCTION>     Cookies [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Cookies]
26.07.2012  09:22    <JUNCTION>     Local Settings [C:\Users\Default\AppData\Local]
26.07.2012  09:22    <JUNCTION>     My Documents [C:\Users\Default\Documents]
26.07.2012  09:22    <JUNCTION>     NetHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
26.07.2012  09:22    <JUNCTION>     PrintHood [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
26.07.2012  09:22    <JUNCTION>     Recent [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Recent]
26.07.2012  09:22    <JUNCTION>     SendTo [C:\Users\Default\AppData\Roaming\Microsoft\Windows\SendTo]
26.07.2012  09:22    <JUNCTION>     Start Menu [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu]
26.07.2012  09:22    <JUNCTION>     Templates [C:\Users\Default\AppData\Roaming\Microsoft\Windows\Templates]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\AppData\Local
26.07.2012  09:22    <JUNCTION>     Application Data [C:\Users\Default\AppData\Local]
26.07.2012  09:22    <JUNCTION>     History [C:\Users\Default\AppData\Local\Microsoft\Windows\History]
26.07.2012  09:22    <JUNCTION>     Temporary Internet Files [C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Default\Documents
26.07.2012  09:22    <JUNCTION>     My Music [C:\Users\Default\Music]
26.07.2012  09:22    <JUNCTION>     My Pictures [C:\Users\Default\Pictures]
26.07.2012  09:22    <JUNCTION>     My Videos [C:\Users\Default\Videos]
               0 File(s)              0 bytes
 Directory of C:\Users\Hespetreet
19.07.2014  11:45    <JUNCTION>     AndrMask [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Network Shortcuts]
19.07.2014  11:45    <JUNCTION>     Cookies [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Cookies]
19.07.2014  11:45    <JUNCTION>     Lokale innstillinger [C:\Users\Hespetreet\AppData\Local]
19.07.2014  11:45    <JUNCTION>     Maler [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Templates]
19.07.2014  11:45    <JUNCTION>     Mine dokumenter [C:\Users\Hespetreet\Documents]
19.07.2014  11:45    <JUNCTION>     Programdata [C:\Users\Hespetreet\AppData\Roaming]
19.07.2014  11:45    <JUNCTION>     Recent [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Recent]
19.07.2014  11:45    <JUNCTION>     SendTo [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\SendTo]
19.07.2014  11:45    <JUNCTION>     Skrivere [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Printer Shortcuts]
19.07.2014  11:45    <JUNCTION>     Start-meny [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu]
               0 File(s)              0 bytes
 Directory of C:\Users\Hespetreet\AppData\Local
19.07.2014  11:45    <JUNCTION>     Logg [C:\Users\Hespetreet\AppData\Local\Microsoft\Windows\History]
19.07.2014  11:45    <JUNCTION>     Programdata [C:\Users\Hespetreet\AppData\Local]
19.07.2014  11:45    <JUNCTION>     Temporary Internet Files [C:\Users\Hespetreet\AppData\Local\Microsoft\Windows\Temporary Internet Files]
               0 File(s)              0 bytes
 Directory of C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu
19.07.2014  11:45    <JUNCTION>     Programmer [C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs]
               0 File(s)              0 bytes
 Directory of C:\Users\Hespetreet\Documents
19.07.2014  11:45    <JUNCTION>     Intern video [C:\Users\Hespetreet\Videos]
19.07.2014  11:45    <JUNCTION>     Min musikk [C:\Users\Hespetreet\Music]
19.07.2014  11:45    <JUNCTION>     Mine bilder [C:\Users\Hespetreet\Pictures]
               0 File(s)              0 bytes
 Directory of C:\Users\Public\Documents
26.07.2012  09:22    <JUNCTION>     My Music [C:\Users\Public\Music]
26.07.2012  09:22    <JUNCTION>     My Pictures [C:\Users\Public\Pictures]
26.07.2012  09:22    <JUNCTION>     My Videos [C:\Users\Public\Videos]
               0 File(s)              0 bytes
     Total Files Listed:
               0 File(s)              0 bytes
              49 Dir(s)  685ÿ589ÿ454ÿ848 bytes free
 
< %systemroot%\System32\config\*.sav >
 
< %PROGRAMFILES%\bak. /s >
 
< %systemroot%\system32\bak. /s >
 
< %ALLUSERSPROFILE%\Start Menu\*.lnk /x >
 
< %systemroot%\system32\config\systemprofile\*.dat /x >
 
< %systemroot%\*.config >
 
< %systemroot%\system32\*.db >
 
< %PROGRAMFILES%\Internet Explorer\*.dat >
 
< %APPDATA%\Microsoft\Internet Explorer\Quick Launch\*.lnk /x >
[2014.07.19 12:09:43 | 000,000,223 | -HS- | M] () -- C:\Users\Hespetreet\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\desktop.ini
 
< %USERPROFILE%\Desktop\*.exe >
[2014.08.10 00:43:40 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Hespetreet\Desktop\OTL.exe
 
< %PROGRAMFILES%\Common Files\*.* >
 
< %systemroot%\*.src >
 
< %systemroot%\install\*.* >
 
< %systemroot%\system32\DLL\*.* >
 
< %systemroot%\system32\HelpFiles\*.* >
 
< %systemroot%\system32\rundll\*.* >
 
< %systemroot%\winn32\*.* >
 
< %systemroot%\Java\*.* >
 
< %systemroot%\system32\test\*.* >
 
< %systemroot%\system32\Rundll32\*.* >
 
< %systemroot%\AppPatch\Custom\*.* >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate\AU >
 
< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
 
========== Alternate Data Streams ==========
 
@Alternate Data Stream - 126 bytes -> C:\ProgramData\Temp:792D4CF1

< End of report >


 
 


    Advertisements

Register to Remove


#2 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 10 August 2014 - 03:03 PM

Hello Hespetreet, welcome to WhatTheTech's Malware Removal forum!
 
My username is LiquidTension, but you can call me Adam. I will be assisting you with your malware-related problems.
If you would allow me to call you by your first name I would prefer that.  :)
 
======================================================
 
Important: I have laid out some "ground rules" I would appreciate you follow. Please read through the points below, to ensure this process moves as quickly and efficiently as possible.

  • Please read through my instructions thoroughly, and ensure you carry out each step in the order specified.
  • Please do not post logs using the CODEQUOTE or ATTACHMENT format. Logs should be posted directly in plain text. If you receive an error whilst posting, please break the log in half and use multiple posts.
  • Please do not run any tools or take any steps other than those I provide for you. Independent efforts may make matters worse, and will affect my ability in ascertaining the current situation & providing the best set of instructions for you.
  • Please backup important documents before proceeding with my instructions.
  • If you come across any issues whilst following my instructions, please stop and inform me of the issue in as much detail as possible. Please do not hesitate to ask before you run anything.
  • Topics are locked if no response is made after 5 days. Please inform me if you will require additional time to complete my instructions.

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#3 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 10 August 2014 - 03:17 PM

Hello Hespetreet, 
 
Thank you for the detailed description. Please run the following programmes so I can ascertain the state of your computer. 
 
STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Scan

  • Please download Farbar Recovery Scan Tool (x64) and save the file to your desktop.
  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Yes to the disclaimer.
  • Ensure the Addition.txt box is checked.
  • Click the Scan button and let the programme run.
  • Upon completion, click OK, then OK on the Addition.txt pop up screen.
  • Two logs (FRST.txt & Addition.txt) will now be open on your desktop. Copy the contents of both logs and paste in your next reply. 
     

STEP 2
aA7bkRO.jpg aswMBR

  • Please download aswMBR and save the file to your desktop
  • Right-Click aswMBR.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • If you are prompted to download the latest anti-virus definitions from avast!, click Yes.
  • If you are prompted to enable the use of "Virtualization Technology", click Yes.
  • Click the AV Scan: drop down box and click C:\.
  • Click Scan
  • Upon completion, you will see Scan finished successfully. Click Save log
  • Copy the contents of the log and paste in your next reply.

Note: Do NOT attempt to click Fix or FixMBR.
Note: A file (MBR.dat) will be created on your desktop. Do NOT click or delete it.
 

======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • FRST.txt
  • Addition.txt
  • aswMBR log

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#4 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 10 August 2014 - 03:29 PM

Hello and thank you Adam,
Cathrine is my first name I'm ready to get started, your rules are read and understood. I will probably ask some because I'm not really good at this. And, I often use google translate for English is not my language - then you know why I sometimes write a little strange. :)
Thanks again



#5 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 10 August 2014 - 03:56 PM

this is hard, first norton stopped the file and now I turned it off and then windows smartscreen stoppet it. where do I stop that one on win 8?



#6 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 10 August 2014 - 04:19 PM

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-08-2014 01
Ran by Hespetreet at 2014-08-11 00:03:47
Running from C:\Users\Hespetreet\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Norton 360 (Enabled - Up to date) {D87FA2C0-F526-77B1-D6EC-0EDF3936CEDB}
AS: Norton 360 (Enabled - Up to date) {631E4324-D31C-783F-EC5C-35AD42B18466}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Norton 360 (Enabled) {E04423E5-BF49-76E9-FDB3-A7EAC7E589A0}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 14 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 14.0.0.145 - Adobe Systems Incorporated)
AMD Accelerated Video Transcoding (Version: 12.10.100.30313 - Advanced Micro Devices, Inc.) Hidden
AMD Catalyst Install Manager (HKLM\...\{6119B3A6-3603-9695-0398-CDF2AF0A13F8}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
AMD VISION Engine Control Center (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center - Branding (x32 Version: 1.00.0000 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Graphics Previews Common (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
Catalyst Control Center Localization All (x32 Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Standard (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Chinese Traditional (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Czech (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Danish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Dutch (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help English (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Finnish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help French (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help German (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Greek (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Hungarian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Italian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Japanese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Korean (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Norwegian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Polish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Portuguese (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Russian (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Spanish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Swedish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Thai (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
CCC Help Turkish (x32 Version: 2013.0313.0012.41666 - Advanced Micro Devices, Inc.) Hidden
ccc-utility64 (Version: 2013.0313.13.41666 - Advanced Micro Devices, Inc.) Hidden
CDBurnerXP (HKLM-x32\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.4.4852 - CDBurnerXP)
CyberLink PowerDVD 12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.2531.57 - CyberLink Corp.)
CyberLink PowerDVD 12 (x32 Version: 12.0.2531.57 - CyberLink Corp.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 36.0.1985.125 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Identity Card (HKLM-x32\...\{3D9CB654-99AD-4301-89C6-0D12A790767C}) (Version: 2.00.3005 - Packard Bell)
Live Updater (HKLM-x32\...\{EE26E302-876A-48D9-9058-3129E5B99999}) (Version: 2.00.3008 - Packard Bell)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.50727 (HKLM-x32\...\{15134cb0-b767-4960-a911-f2d16ae54797}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.50727 (HKLM-x32\...\{22154f09-719a-4619-bb71-5b3356999fbf}) (Version: 11.0.50727.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.50727 (Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Additional Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x86 Minimum Runtime - 11.0.50727 (x32 Version: 11.0.50727 - Microsoft Corporation) Hidden
Mozilla Firefox 31.0 (x86 nb-NO) (HKLM-x32\...\Mozilla Firefox 31.0 (x86 nb-NO)) (Version: 31.0 - Mozilla)
Nero BackItUp (x32 Version: 12.5.5000 - Nero AG) Hidden
Nero BackItUp 12 Essentials OEM.a01 (HKLM-x32\...\{4CA8F973-6377-4ABF-9ED5-CC2323B3C000}) (Version: 12.5.00500 - Nero AG)
Nero BackItUp Help (CHM) (x32 Version: 12.0.10000 - Nero AG) Hidden
Nero ControlCenter (x32 Version: 11.0.15600 - Nero AG) Hidden
Nero ControlCenter Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Core Components (x32 Version: 11.0.20200 - Nero AG) Hidden
Nero Launcher (x32 Version: 12.2.7000 - Nero AG) Hidden
Nero RescueAgent (x32 Version: 12.0.3001 - Nero AG) Hidden
Nero RescueAgent Help (CHM) (x32 Version: 12.0.7000 - Nero AG) Hidden
Nero Update (x32 Version: 11.0.11800.31.0 - Nero AG) Hidden
Norton 360 (HKLM-x32\...\N360) (Version: 21.4.0.13 - Symantec Corporation)
Norton Bootable Recovery Tool Wizard (HKLM-x32\...\NBRTWizard) (Version: 7.0.0.18 - Symantec Corporation)
Norton Online Backup (HKLM-x32\...\{40A66DF6-22D3-44B5-A7D3-83B118A2C0DC}) (Version: 2.2.3.51r2 - Symantec Corporation)
Norton Online Backup ARA (x32 Version: 4.1.0.14 - Symantec Corporation) Hidden
Norton Utilities 16 (HKLM-x32\...\Norton Utilities 16_is1) (Version: 16.0 - Symantec Corporation)
OEM Application Profile (HKLM-x32\...\{C89A97B6-F991-EBB5-77B7-927BCF420EBE}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Packard Bell Device Fast-lane (HKLM\...\{3F62D2FD-13C1-49A2-8B5D-47623D9460D7}) (Version: 1.00.3011 - Packard Bell)
Packard Bell Launch Manager (HKLM\...\{C18D55BD-1EC6-466D-B763-8EEDDDA9100E}) (Version: 8.00.3003 - Packard Bell)
Packard Bell Power Management (HKLM\...\{91F52DE4-B789-42B0-9311-A349F10E5479}) (Version: 7.00.3013 - Packard Bell)
Packard Bell Recovery Management (HKLM\...\{07F2005A-8CAC-4A4B-83A2-DA98A722CA61}) (Version: 6.00.3016 - Packard Bell)
Prerequisite installer (x32 Version: 12.0.0003 - Nero AG) Hidden
QCA CardReader Driver Installer (HKLM-x32\...\{4E0BC999-655B-421D-87F3-640C6F2BFC11}) (Version: 1.0.1.34 - Qualcomm Inc.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.0.224 - Qualcomm Atheros Communications)
Qualcomm Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 2.1.0.13 - Qualcomm Atheros Communications Inc.)
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 11.49 - Qualcomm Atheros)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6865 - Realtek Semiconductor Corp.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 16.3.12.1 - Synaptics Incorporated)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points  =========================

05-08-2014 23:33:38 Opprettet av Norton Utilities                                   
05-08-2014 23:37:05 Opprettet av Norton Utilities                                   
05-08-2014 23:49:27 Opprettet av Norton Utilities                                   
06-08-2014 08:00:56 Opprettet av Norton Utilities                                   
07-08-2014 08:00:56 Opprettet av Norton Utilities                                   
08-08-2014 17:00:56 Opprettet av Norton Utilities                                   
09-08-2014 10:28:18 Registeropprydding med Norton
09-08-2014 17:00:53 Opprettet av Norton Utilities                                   

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2012-07-26 07:26 - 2012-07-26 07:26 - 00000824 ____N C:\WINDOWS\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {04333D8C-1CE3-446F-B5FC-A691E6E413C3} - System32\Tasks\Microsoft\Windows\Setup\Pre-staged GDR Notification => C:\Windows\system32\NotificationUI.exe [2014-04-19] (Microsoft Corporation)
Task: {074302D1-53DD-4080-B0A4-30DD89C4DEEA} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2014-06-26] (Microsoft Corporation)
Task: {0765F3D3-5193-413A-8556-407B9F92D4B1} - System32\Tasks\NUAutoUpdate => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe [2014-01-17] (Symantec)
Task: {09BF981D-1941-4277-961B-854CEA603BA2} - System32\Tasks\ALUAgent => C:\Program Files (x86)\Packard Bell\Live Updater\liveupdater_agent.exe [2013-01-22] ()
Task: {1AAFF332-5C62-4558-9991-DAA649C4C9C5} - System32\Tasks\Microsoft\Windows\Sysmain\WsSwapAssessmentTask => Rundll32.exe sysmain.dll,PfSvWsSwapAssessmentTask
Task: {1D3C24FF-976D-49A7-BFF6-02553E294297} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-07-20] (Adobe Systems Incorporated)
Task: {23A5D8BE-9196-40EB-BD89-794398B2B073} - System32\Tasks\Microsoft\Windows\WS\WSRefreshBannedAppsListTask => Rundll32.exe WSClient.dll,RefreshBannedAppsList
Task: {2F4FF154-E7C6-4ECA-A55C-E136FC942C55} - System32\Tasks\Power Management => C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe [2013-03-16] (Acer Incorporated)
Task: {3E30553E-35D5-42BE-AE0A-7CAC96A3FF2D} - System32\Tasks\Recovery Management\Notification => C:\Program Files\Packard Bell\Packard Bell Recovery Management\Notification\Notification.exe [2013-01-24] (Acer Incorporated)
Task: {57E1E2AD-5B50-479E-AC3A-4FA878165492} - System32\Tasks\Norton WSC Integration => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe [2014-06-27] (Symantec Corporation)
Task: {60AFD539-7D0C-4DC4-998B-F6C7BAC97C82} - System32\Tasks\ALU => C:\Program Files (x86)\Packard Bell\Live Updater\updater.exe [2013-02-22] ()
Task: {72132C54-4221-4373-9758-14249D59672F} - System32\Tasks\NUSchedule => C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe [2014-01-17] (Symantec)
Task: {7A3E7C79-C007-4604-A2C1-CFAB629A698E} - System32\Tasks\Synaptics TouchPad Enhancements => \Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-02-05] (Synaptics Incorporated)
Task: {8BC8AC5D-0616-4F12-868A-CB90F1F7C098} - System32\Tasks\SpeedDiskSchedule => C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\ScheduledDefrag.exe [2014-01-17] ()
Task: {96DA1335-A6E8-4DE8-B447-710C94FA1293} - System32\Tasks\Norton 360\Norton Error Analyzer => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {A72208BF-7A49-4FB8-B684-252375F3443A} - System32\Tasks\Microsoft\Windows\WS\License Validation => Rundll32.exe WSClient.dll,WSpTLR licensing
Task: {C4E85632-EE0A-4FED-B8DE-6DB93535CF1E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21] (Google Inc.)
Task: {C6A88F2D-53D2-4805-9D69-443738A1847C} - System32\Tasks\Microsoft\Windows\ApplicationData\CleanupTemporaryState => Rundll32.exe Windows.Storage.ApplicationData.dll,CleanupTemporaryState
Task: {DB2017D4-38F7-4CDA-9147-5FA8875A1A97} - System32\Tasks\Norton 360\Norton Error Processor => C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\SymErr.exe [2014-01-30] (Symantec Corporation)
Task: {DDC228B1-D1D2-4042-A8A8-D7308F14CE7F} - System32\Tasks\Launch Manager => C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMLauncher.exe [2013-03-15] (Acer Incorporate)
Task: {EBF06DEC-4228-4813-AC0C-62821AE4E330} - System32\Tasks\Microsoft\Windows\Application Experience\StartupAppTask => Rundll32.exe Startupscan.dll,SusRunTask
Task: {F03ED22F-28AD-4CF7-AA2E-CA9FE2B34681} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-07-21] (Google Inc.)
Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\NUAutoUpdate.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\SULauncher.exe
Task: C:\WINDOWS\Tasks\NUSchedule.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\nu.exe
Task: C:\WINDOWS\Tasks\SpeedDiskSchedule.job => C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\ScheduledDefrag.exe

==================== Loaded Modules (whitelisted) =============

2013-04-09 14:46 - 2013-01-02 08:55 - 00175008 _____ () C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\ModernShared\ErrorReporting\ErrorReporting.dll
2013-04-15 20:23 - 2013-04-15 20:23 - 00011264 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\ActivateDesktopDebugger\ActivateDesktopDebugger.dll
2013-04-15 20:20 - 2013-04-15 20:20 - 00086016 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\Modules\Map\MAP.dll
2013-04-15 20:25 - 2013-04-15 20:25 - 00012928 _____ () C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
2014-07-30 02:35 - 2014-07-30 02:35 - 03800688 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\ProgramData\Temp:792D4CF1

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== EXE Association (whitelisted) =============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== MSCONFIG/TASK MANAGER disabled items =========

(Currently there is no automatic fix for this section.)


==================== Faulty Device Manager Devices =============

Name: Bluetooth USB Adapter
Description: Bluetooth USB Adapter
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Qualcomm Atheros Communications
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (08/10/2014 06:38:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generering av aktiveringskontekst mislyktes for Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Finner ikke den avhengige samlingen Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Bruk sxstrace.exe for detaljert diagnostisering.

Error: (08/10/2014 06:38:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generering av aktiveringskontekst mislyktes for Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Finner ikke den avhengige samlingen Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Bruk sxstrace.exe for detaljert diagnostisering.

Error: (08/10/2014 06:38:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generering av aktiveringskontekst mislyktes for Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Finner ikke den avhengige samlingen Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Bruk sxstrace.exe for detaljert diagnostisering.

Error: (08/10/2014 06:38:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generering av aktiveringskontekst mislyktes for Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"1.
Finner ikke den avhengige samlingen Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762".
Bruk sxstrace.exe for detaljert diagnostisering.

Error: (08/10/2014 06:38:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Generering av aktiveringskontekst mislyktes for Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"1.
Finner ikke den avhengige samlingen Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0".
Bruk sxstrace.exe for detaljert diagnostisering.

Error: (08/09/2014 05:09:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/08/2014 07:01:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Programnavn med feil: plugin-container.exe, versjon: 31.0.0.5310, tidsangivelse: 0x53c75e91
Modulnavn med feil: mozalloc.dll, versjon: 31.0.0.5310, tidsangivelse: 0x53c72e91
Unntakskode: 0x80000003
Feilforskyvning: 0x0000141b
Feil prosess-ID: 0xe74
Feil starttid for program: 0xplugin-container.exe0
Feil programbane: plugin-container.exe1
Feil modulbane: plugin-container.exe2
Rapport-ID: plugin-container.exe3
Fullstendig navn på feilpakke: plugin-container.exe4
Relativ program-ID for feilpakke: plugin-container.exe5

Error: (08/08/2014 04:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1440) SRUJet: Error -1811 (0xfffff8ed) occurred while opening logfile C:\WINDOWS\system32\SRU\SRU000A0.log.

Error: (08/08/2014 00:25:12 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description:

Error: (08/08/2014 00:23:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NokRnoK)
Description: Appen winstore_cw5n1h2txyewy!Windows.Store ble ikke startet i det tildelte tidsrommet.


System errors:
=============
Error: (08/09/2014 09:09:29 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Tjenesten Interactive Services Detection terminerte med følgende feil:
%%1

Error: (08/08/2014 00:22:05 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80246007: AD2F1837.HPPrinterControl.

Error: (08/08/2014 00:21:37 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT-MYNDIGHET)
Description: Installasjonen mislyktes: Installasjon av følgende oppdatering mislyktes med feilen 0x80073d0a: AD2F1837.HPPrinterControl.

Error: (08/08/2014 00:03:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten TCP/IP NetBIOS Helper kan ikke starte på grunn av følgende feil:
%%1079

Error: (08/08/2014 10:48:56 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten TCP/IP NetBIOS Helper kan ikke starte på grunn av følgende feil:
%%1079

Error: (08/08/2014 09:47:45 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten TCP/IP NetBIOS Helper kan ikke starte på grunn av følgende feil:
%%1079

Error: (08/08/2014 07:25:15 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten TCP/IP NetBIOS Helper kan ikke starte på grunn av følgende feil:
%%1079

Error: (08/08/2014 06:00:54 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Tjenesten TCP/IP NetBIOS Helper kan ikke starte på grunn av følgende feil:
%%1079

Error: (08/08/2014 00:38:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Tjenesten Computer Browser avhenger av tjenesten Server som ikke kan starte på grunn av følgende feil:
%%1058

Error: (08/08/2014 00:38:14 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Tjenesten Computer Browser avhenger av tjenesten Server som ikke kan starte på grunn av følgende feil:
%%1058


Microsoft Office Sessions:
=========================
Error: (08/10/2014 06:38:27 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\cyberlink\powerdvd12\Movie\powerdvd cox\PowerDVDCox.exe

Error: (08/10/2014 06:38:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\cyberlink\powerdvd12\vthum.exe.Manifest

Error: (08/10/2014 06:38:22 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"c:\program files (x86)\cyberlink\powerdvd12\PowerDVD12ML.exe.Manifest

Error: (08/10/2014 06:38:21 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.ATL,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50727.762"c:\program files (x86)\cyberlink\powerdvd12\Activate.exe

Error: (08/10/2014 06:38:06 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.VC80.MFC,processorArchitecture="x86",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="8.0.50608.0"C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe.Manifest

Error: (08/09/2014 05:09:51 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: BITSC:\Windows\System32\bitsperf.dll8

Error: (08/08/2014 07:01:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: plugin-container.exe31.0.0.531053c75e91mozalloc.dll31.0.0.531053c72e91800000030000141be7401cfb32a5084c213C:\Program Files (x86)\Mozilla Firefox\plugin-container.exeC:\Program Files (x86)\Mozilla Firefox\mozalloc.dllad25ed86-1f1d-11e4-be82-206a8a970a09

Error: (08/08/2014 04:00:00 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost1440SRUJet: C:\WINDOWS\system32\SRU\SRU000A0.log-1811 (0xfffff8ed)

Error: (08/08/2014 00:25:12 PM) (Source: PerfNet) (EventID: 2006) (User: )
Description:

Error: (08/08/2014 00:23:26 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2486) (User: NokRnoK)
Description: winstore_cw5n1h2txyewy!Windows.Store


==================== Memory info ===========================

Percentage of memory in use: 38%
Total physical RAM: 5573 MB
Available physical RAM: 3453.24 MB
Total Pagefile: 11205 MB
Available Pagefile: 8829.77 MB
Total Virtual: 8192 MB
Available Virtual: 8191.78 MB

==================== Drives ================================

Drive c: (Packard Bell) (Fixed) (Total:682.53 GB) (Free:637.68 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 699 GB) (Disk ID: A66FD9DA)

Partition: GPT Partition Type.

==================== End Of Log ============================

 

 

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 10-08-2014 01
Ran by Hespetreet (administrator) on NOKRNOK on 11-08-2014 00:02:13
Running from C:\Users\Hespetreet\Desktop
Platform: Windows 8 (X64) OS Language: Norsk, bokmål (Norge)
Internet Explorer Version 10
Boot Mode: Normal

The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingc...can-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingc...can-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Qualcomm Atheros Commnucations) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\AdminService.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
(PC Tools) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16.4.4406.1205_x64__8wekyb3d8bbwe\LiveComm.exe
(Symantec Corporation) C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\n360.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMEvent.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerTray.exe
(Acer Incorporate) C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMTray.exe
(Atheros Communications) C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe
() C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\ActivateDesktop.exe
(Symantec Corporation) C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
(Acer Incorporated) C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerEvent.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Adobe Systems, Inc.) C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_14_0_0_145.exe
(Microsoft Corporation) C:\Program Files\Windows NT\Accessories\wordpad.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [Norton Online Backup] => C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe [2994880 2012-08-15] (Symantec Corporation)
HKLM-x32\...\Run: [SSDMonitor] => C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe [106112 2014-01-17] (Symantec Corporation)
HKLM\...\Policies\Explorer\Run: [BtvStack] => C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe [132736 2013-04-15] ( (Atheros Communications))
HKU\S-1-5-21-3604915464-1756807762-4202892429-1001\...\MountPoints2: {9e67ff6c-100b-11e4-be74-206a8a970a09} - "E:\LaunchU3.exe" -a
ShellIconOverlayIdentifiers: OverlayExcluded -> {4433A54A-1AC8-432F-90FC-85F045CF383C} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayPending -> {F17C0B1E-EF8E-4AD4-8E1B-7D7E8CB23225} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)
ShellIconOverlayIdentifiers: OverlayProtected -> {476D0EA3-80F9-48B5-B70B-05E677C9C148} => C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\buShell.dll (Symantec Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.google.no/
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer13.msn.com
SearchScopes: HKLM - DefaultScope {C4FE925D-F47F-4F9A-82A7-3213E79CE617} URL = http://www.bing.com/...E10TR&pc=MAPBJS
SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://no.yhs4.searc...p={searchTerms}
SearchScopes: HKLM - {C4FE925D-F47F-4F9A-82A7-3213E79CE617} URL = http://www.bing.com/...E10TR&pc=MAPBJS
SearchScopes: HKLM-x32 - DefaultScope {C4FE925D-F47F-4F9A-82A7-3213E79CE617} URL = http://www.bing.com/...E10TR&pc=MAPBJS
SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://no.yhs4.searc...p={searchTerms}
SearchScopes: HKLM-x32 - {C4FE925D-F47F-4F9A-82A7-3213E79CE617} URL = http://www.bing.com/...E10TR&pc=MAPBJS
SearchScopes: HKCU - DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL =
SearchScopes: HKCU - {C4FE925D-F47F-4F9A-82A7-3213E79CE617} URL =
BHO: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\IEPlugIn.dll (Qualcomm Atheros Commnucations)
BHO-x32: Norton Identity Protection -> {602ADB0E-4AFF-4217-8AA1-95DAC4DFA408} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
BHO-x32: Norton Vulnerability Protection -> {6D53EC84-6AAE-4787-AEEE-F4628F01010C} -> C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\IPS\IPSBHO.DLL (Symantec Corporation)
Toolbar: HKLM - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKLM-x32 - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Toolbar: HKCU - Norton Toolbar - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - C:\Program Files (x86)\Norton 360\Engine64\21.4.0.13\coIEPlg.dll (Symantec Corporation)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1

FireFox:
========
FF ProfilePath: C:\Users\Hespetreet\AppData\Roaming\Mozilla\Firefox\Profiles\79n48bde.default
FF Homepage: https://www.google.no
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_14_0_0_145.dll ()
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\bok-NO.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\gulesider-NO.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\qxl-NO.xml
FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-NO.xml
FF Extension: WOT - C:\Users\Hespetreet\AppData\Roaming\Mozilla\Firefox\Profiles\79n48bde.default\Extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2014-07-20]
FF Extension: CoolPreviews - C:\Users\Hespetreet\AppData\Roaming\Mozilla\Firefox\Profiles\79n48bde.default\Extensions\{CE6E6E3B-84DD-4cac-9F63-8D2AE4F30A4B}.xpi [2014-07-20]
FF HKLM-x32\...\Firefox\Extensions: [{BBDA0591-3099-440a-AA10-41764D9DB4DB}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF
FF Extension: Norton Vulnerability Protection - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\IPSFF [2014-07-19]
FF HKLM-x32\...\Firefox\Extensions: [{2D3F3651-74B9-4795-BDEC-6DA2F431CB62}] - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn
FF Extension: Norton Toolbar - C:\ProgramData\Norton\{0C55C096-0F1D-4F28-AAA2-85EF591126E7}\N360_21.1.0.18\coFFPlgn [2014-08-09]

Chrome:
=======
CHR Plugin: (Widevine Content Decryption Module) - C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\WidevineCDM\1.4.4.600\_platform_specific\win_x86\widevinecdmadapter.dll ()
CHR Plugin: (Shockwave Flash) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\PepperFlash\pepflashplayer.dll ()
CHR Plugin: (Chrome Remote Desktop Viewer) - internal-remoting-viewer
CHR Plugin: (Native Client) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\ppGoogleNaClPluginChrome.dll ()
CHR Plugin: (Chrome PDF Viewer) - C:\Program Files (x86)\Google\Chrome\Application\36.0.1985.125\pdf.dll ()
CHR Plugin: (Google Update) - C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll (Google Inc.)
CHR Plugin: (Shockwave Flash) - C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
CHR Extension: (Google Docs) - C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-07-21]
CHR Extension: (Google Drive) - C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2014-07-21]
CHR Extension: (YouTube) - C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2014-07-21]
CHR Extension: (Google Search) - C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2014-07-21]
CHR Extension: (Norton Security Toolbar) - C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\mkfokfffehpeedafpekjeddnmnjhmcmk [2014-07-21]
CHR Extension: (Google Wallet) - C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2014-07-21]
CHR Extension: (Gmail) - C:\Users\Hespetreet\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2014-07-21]
CHR HKLM-x32\...\Chrome\Extension: [mkfokfffehpeedafpekjeddnmnjhmcmk] - C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\Exts\Chrome.crx [2014-07-19]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 AtherosSvc; C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe [228480 2013-04-15] (Qualcomm Atheros Commnucations)
S3 DeviceFastLaneService; C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe [469648 2012-11-16] (Acer Incorporated)
S3 DiskDoctorService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe [1150592 2014-01-17] (Symantec Corporation)
R3 ePowerSvc; C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe [662088 2013-03-16] (Acer Incorporated)
R2 LMSvc; C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe [431656 2013-03-15] (Acer Incorporate)
R2 N360; C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe [265040 2014-06-27] (Symantec Corporation)
R2 NOBU; C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe [3943104 2012-08-15] (Symantec Corporation)
R2 NU16StartManagerSvc; C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe [795776 2014-01-17] (PC Tools)
S3 SpeedDiskService; C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe [1163904 2014-01-17] (Symantec Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [16056 2014-03-29] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R3 AthrSdSrv; C:\Windows\system32\DRIVERS\athrsd.sys [48760 2012-12-01] (Qualcomm Atheros, Inc.)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [94208 2013-02-14] (Advanced Micro Devices)
R1 BHDrvx64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001_6ff\BHDrvx64.sys [1530160 2014-08-01] (Symantec Corporation)
S3 BTATH_LWFLT; C:\Windows\system32\DRIVERS\btath_lwflt.sys [77464 2013-04-15] (Qualcomm Atheros)
S3 BthLEEnum; C:\Windows\system32\DRIVERS\BthLEEnum.sys [202752 2012-07-26] (Microsoft Corporation)
R1 ccSet_N360; C:\Windows\system32\drivers\N360x64\1504000.00D\ccSetx64.sys [162392 2013-09-26] (Symantec Corporation)
R1 ccSet_NARA; C:\Windows\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys [168608 2012-05-26] (Symantec Corporation)
R1 eeCtrl; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys [486192 2014-07-18] (Symantec Corporation)
R3 EraserUtilRebootDrv; C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys [142128 2014-07-19] (Symantec Corporation)
R1 IDSVia64; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.002\IDSvia64.sys [525016 2014-08-08] (Symantec Corporation)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [21360 2013-01-10] (Acer Incorporated)
R3 NAVENG; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\ENG64.SYS [126040 2014-08-08] (Symantec Corporation)
R3 NAVEX15; C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140809.004\EX64.SYS [2099288 2014-08-08] (Symantec Corporation)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [15704 2013-01-10] (Acer Incorporated)
R3 SRTSP; C:\Windows\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS [875736 2014-02-13] (Symantec Corporation)
R1 SRTSPX; C:\Windows\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS [36952 2013-09-10] (Symantec Corporation)
R0 SymDS; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMDS64.SYS [493656 2013-09-10] (Symantec Corporation)
R0 SymEFA; C:\Windows\System32\drivers\N360x64\1504000.00D\SYMEFA64.SYS [1148120 2014-03-04] (Symantec Corporation)
S0 SymELAM; C:\Windows\System32\drivers\N360x64\1504000.00D\SymELAM.sys [23568 2013-09-10] (Symantec Corporation)
R3 SymEvent; C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS [177752 2014-07-19] (Symantec Corporation)
R1 SymIRON; C:\Windows\system32\drivers\N360x64\1504000.00D\Ironx64.SYS [264280 2013-09-27] (Symantec Corporation)
R1 SymNetS; C:\Windows\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS [593112 2014-02-18] (Symantec Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 00:02 - 2014-08-11 00:02 - 00016004 _____ () C:\Users\Hespetreet\Desktop\FRST.txt
2014-08-11 00:01 - 2014-08-11 00:02 - 00000000 ____D () C:\FRST
2014-08-10 23:53 - 2014-08-10 23:53 - 02099712 _____ (Farbar) C:\Users\Hespetreet\Desktop\FRST64.exe
2014-08-10 01:02 - 2014-08-10 01:06 - 00303440 _____ () C:\Users\Hespetreet\Desktop\OTL.Txt
2014-08-10 00:43 - 2014-08-10 00:43 - 00602112 _____ (OldTimer Tools) C:\Users\Hespetreet\Desktop\OTL.exe
2014-08-09 19:00 - 2014-08-09 19:04 - 00056428 _____ () C:\WINDOWS\SysWOW64\AppLog.log
2014-08-08 12:04 - 2014-08-08 12:04 - 00000000 ____D () C:\ProgramData\HP
2014-08-07 23:01 - 2014-08-07 23:01 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-07 20:33 - 2014-08-08 23:03 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-07 08:39 - 2014-08-07 19:53 - 00002131 _____ () C:\Users\Hespetreet\Documents\Mangler ip.txt
2014-08-06 01:49 - 2014-08-06 01:49 - 64286720 _____ () C:\WINDOWS\system32\config\software.rrr
2014-08-06 01:49 - 2014-08-06 01:49 - 01081344 _____ () C:\Users\Hespetreet\s-1-5-21-3604915464-1756807762-4202892429-1001.rrr
2014-08-06 01:49 - 2014-08-06 01:49 - 00139264 _____ () C:\WINDOWS\system32\config\default.rrr
2014-08-05 19:15 - 2014-08-05 20:24 - 00003622 _____ () C:\WINDOWS\SysWOW64\Engines.log
2014-08-03 12:07 - 2014-08-03 12:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-03 06:46 - 2014-08-09 19:24 - 00007625 _____ () C:\Users\Hespetreet\AppData\Local\Resmon.ResmonCfg
2014-08-01 14:38 - 2014-08-10 13:00 - 00000356 _____ () C:\WINDOWS\Tasks\SpeedDiskSchedule.job
2014-08-01 14:38 - 2014-08-01 14:38 - 00002874 _____ () C:\WINDOWS\System32\Tasks\SpeedDiskSchedule
2014-07-31 20:03 - 2014-07-31 20:03 - 00000118 _____ () C:\Users\Hespetreet\Documents\kanin.txt
2014-07-31 19:55 - 2014-08-02 11:48 - 00015799 _____ () C:\Users\Hespetreet\Documents\artx.odt
2014-07-31 19:51 - 2014-08-01 14:23 - 00002081 _____ () C:\Users\Hespetreet\Documents\art2.txt
2014-07-31 19:20 - 2014-08-09 19:04 - 00000306 _____ () C:\WINDOWS\Tasks\NUSchedule.job
2014-07-31 15:07 - 2014-07-31 15:07 - 00001075 _____ () C:\Users\Hespetreet\Downloads\Bilder - Snarvei.lnk
2014-07-31 12:32 - 2014-07-31 19:01 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Norton Utilities 16
2014-07-31 12:28 - 2014-08-09 12:20 - 00000314 _____ () C:\WINDOWS\Tasks\NUAutoUpdate.job
2014-07-31 12:28 - 2014-07-31 12:28 - 00002872 _____ () C:\WINDOWS\System32\Tasks\NUSchedule
2014-07-31 12:28 - 2014-07-31 12:28 - 00002530 _____ () C:\WINDOWS\System32\Tasks\NUAutoUpdate
2014-07-31 12:27 - 2014-07-31 12:27 - 00001195 _____ () C:\Users\Public\Desktop\Norton Utilities 16.lnk
2014-07-31 12:23 - 2014-08-08 23:06 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 16
2014-07-31 12:23 - 2014-07-31 12:23 - 01550880 _____ () C:\WINDOWS\is-F874M.exe
2014-07-31 12:23 - 2014-07-31 12:23 - 00021977 _____ () C:\WINDOWS\is-F874M.msg
2014-07-31 12:23 - 2014-07-31 12:23 - 00000346 _____ () C:\WINDOWS\is-F874M.lst
2014-07-31 12:23 - 2014-01-17 05:13 - 00042624 _____ () C:\WINDOWS\system32\CleanMFT64.exe
2014-07-31 12:23 - 2014-01-17 04:35 - 01233920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4.dll
2014-07-31 12:23 - 2014-01-17 04:35 - 01101824 _____ (Woodbury Associates Limited) C:\WINDOWS\SysWOW64\UniBox210.ocx
2014-07-31 12:23 - 2014-01-17 04:35 - 01081616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCTL.OCX
2014-07-31 12:23 - 2014-01-17 04:35 - 00880640 _____ (Woodbury Associates Limited) C:\WINDOWS\SysWOW64\UniBox10.ocx
2014-07-31 12:23 - 2014-01-17 04:35 - 00658432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSCOMCT2.OCX
2014-07-31 12:23 - 2014-01-17 04:35 - 00506368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml.dll
2014-07-31 12:23 - 2014-01-17 04:35 - 00212992 _____ (Woodbury Associates Limited) C:\WINDOWS\SysWOW64\UniBoxVB12.ocx
2014-07-31 12:23 - 2014-01-17 04:35 - 00082432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4r.dll
2014-07-31 12:23 - 2014-01-17 04:35 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml4a.dll
2014-07-31 12:18 - 2014-08-08 22:34 - 00000000 ____D () C:\ProgramData\Package Cache
2014-07-31 12:17 - 2014-07-31 12:17 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-31 12:15 - 2014-07-31 12:15 - 00000366 _____ () C:\WINDOWS\SetupCD.txt
2014-07-31 12:14 - 2014-07-31 12:14 - 00000000 ____D () C:\AMD
2014-07-31 12:09 - 2014-07-31 12:09 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Product_NU16
2014-07-31 12:06 - 2014-07-31 12:06 - 20120192 _____ (Symantec) C:\Users\Hespetreet\Downloads\nu16.0.2.14-SMUI.exe
2014-07-31 03:13 - 2014-08-08 19:01 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\CrashDumps
2014-07-30 02:35 - 2014-07-30 02:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 16:38 - 2014-07-29 16:38 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\SUPERAntiSpyware.com
2014-07-29 16:37 - 2014-07-29 20:10 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-28 17:45 - 2014-08-08 22:59 - 00000000 ____D () C:\WINDOWS\Minidump
2014-07-28 17:45 - 2014-07-28 17:45 - 670148535 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-28 17:45 - 2014-07-28 17:45 - 00281680 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-27 19:47 - 2014-07-27 19:48 - 00002890 _____ () C:\Users\Hespetreet\Documents\art.odt
2014-07-27 06:33 - 2014-06-26 22:53 - 00703968 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2014-07-27 06:33 - 2014-06-26 22:53 - 00105440 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2014-07-27 06:24 - 2014-07-27 16:47 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-07-27 06:24 - 2014-07-27 06:24 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-25 21:27 - 2013-08-03 08:40 - 01374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdc.dll
2014-07-25 21:27 - 2013-08-03 08:40 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\system32\wvc.dll
2014-07-25 21:27 - 2013-08-03 08:40 - 00462336 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmon.ocx
2014-07-25 21:27 - 2013-08-03 07:14 - 00399360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sysmon.ocx
2014-07-25 21:27 - 2013-08-03 07:13 - 01245696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdc.dll
2014-07-25 21:27 - 2013-08-03 07:13 - 00437248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wvc.dll
2014-07-25 21:25 - 2013-08-10 07:21 - 00448512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSync.dll
2014-07-25 21:25 - 2013-08-10 07:21 - 00128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncInfo.dll
2014-07-25 21:25 - 2013-08-10 05:58 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSync.dll
2014-07-25 21:25 - 2013-08-02 08:28 - 00222208 _____ (Microsoft Corporation) C:\WINDOWS\system32\shdocvw.dll
2014-07-25 21:25 - 2013-08-02 07:08 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shdocvw.dll
2014-07-25 21:25 - 2013-07-25 01:10 - 00158208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mbsmsapi.dll
2014-07-25 21:25 - 2013-07-25 01:06 - 00225280 _____ (Microsoft Corporation) C:\WINDOWS\system32\mbsmsapi.dll
2014-07-25 21:25 - 2013-04-10 01:17 - 01125888 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2014-07-25 21:25 - 2013-04-10 00:29 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2014-07-25 05:07 - 2014-02-04 01:56 - 00332632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storport.sys
2014-07-25 05:07 - 2014-02-04 01:56 - 00278872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msiscsi.sys
2014-07-25 05:07 - 2014-01-31 02:48 - 00485888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSDApi.dll
2014-07-25 05:07 - 2014-01-31 02:06 - 00599040 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDApi.dll
2014-07-25 05:07 - 2014-01-27 05:39 - 01939288 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ntfs.sys
2014-07-25 05:07 - 2014-01-16 01:42 - 00118784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dfsc.sys
2014-07-25 05:07 - 2014-01-11 08:48 - 05979648 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2014-07-25 05:07 - 2014-01-11 07:06 - 05092352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2014-07-25 05:07 - 2014-01-03 01:35 - 00365568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsGdiConverter.dll
2014-07-25 05:07 - 2014-01-03 01:32 - 00523264 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsGdiConverter.dll
2014-07-25 01:34 - 2014-03-01 11:47 - 01258496 _____ (Microsoft Corporation) C:\WINDOWS\system32\kernel32.dll
2014-07-25 01:33 - 2014-03-01 11:47 - 01120768 _____ (Microsoft Corporation) C:\WINDOWS\system32\gpedit.dll
2014-07-25 01:33 - 2014-03-01 10:07 - 01075200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gpedit.dll
2014-07-25 01:33 - 2014-03-01 08:59 - 00974848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kernel32.dll
2014-07-25 01:33 - 2014-02-27 01:18 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2014-07-25 01:33 - 2014-02-27 01:18 - 00247808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srvnet.sys
2014-07-25 01:33 - 2014-02-27 01:18 - 00215040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2014-07-25 01:33 - 2014-02-15 06:15 - 00078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\IPMIDrv.sys
2014-07-25 01:33 - 2013-11-26 01:17 - 00083968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2014-07-24 22:45 - 2014-04-03 13:19 - 00328024 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Classpnp.sys
2014-07-24 22:45 - 2014-04-03 05:44 - 00619008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\srv2.sys
2014-07-24 22:45 - 2014-04-01 00:08 - 00387268 _____ () C:\WINDOWS\system32\ApnDatabase.xml
2014-07-24 22:45 - 2014-03-25 01:42 - 00305152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wusa.exe
2014-07-24 22:45 - 2014-03-25 00:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\system32\wusa.exe
2014-07-24 16:04 - 2012-09-20 10:40 - 00389360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MMDevAPI.dll
2014-07-24 16:04 - 2012-09-20 10:31 - 00425192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2014-07-24 16:04 - 2012-09-20 09:55 - 03265256 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\evbda.sys
2014-07-24 16:04 - 2012-09-20 09:55 - 00533224 _____ (Broadcom Corporation) C:\WINDOWS\system32\Drivers\bxvbda.sys
2014-07-24 16:04 - 2012-09-20 08:47 - 00307192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MMDevAPI.dll
2014-07-24 16:04 - 2012-09-20 08:33 - 03964416 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSAT.exe
2014-07-24 16:04 - 2012-09-20 08:33 - 02397184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WpcMon.exe
2014-07-24 16:04 - 2012-09-20 08:33 - 01513984 _____ (Microsoft Corporation) C:\WINDOWS\system32\vssapi.dll
2014-07-24 16:04 - 2012-09-20 08:33 - 01304064 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Streaming.dll
2014-07-24 16:04 - 2012-09-20 08:33 - 00866304 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2014-07-24 16:04 - 2012-09-20 08:33 - 00757248 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2014-07-24 16:04 - 2012-09-20 08:33 - 00573440 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSATAPI.dll
2014-07-24 16:04 - 2012-09-20 08:33 - 00545280 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskeng.exe
2014-07-24 16:04 - 2012-09-20 08:33 - 00541184 _____ (Microsoft Corporation) C:\WINDOWS\system32\VAN.dll
2014-07-24 16:04 - 2012-09-20 08:33 - 00420352 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWAHost.exe
2014-07-24 16:04 - 2012-09-20 08:33 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\system32\services.exe
2014-07-24 16:04 - 2012-09-20 08:33 - 00344064 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlidcredprov.dll
2014-07-24 16:04 - 2012-09-20 08:33 - 00249344 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2014-07-24 16:04 - 2012-09-20 08:32 - 01739264 _____ (Microsoft Corporation) C:\WINDOWS\system32\RacEngn.dll
2014-07-24 16:04 - 2012-09-20 08:32 - 01400832 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2014-07-24 16:04 - 2012-09-20 08:32 - 01019392 _____ (Microsoft Corporation) C:\WINDOWS\system32\MsSpellCheckingFacility.dll
2014-07-24 16:04 - 2012-09-20 08:32 - 00762368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provcore.dll
2014-07-24 16:04 - 2012-09-20 08:31 - 00755200 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapi.dll
2014-07-24 16:04 - 2012-09-20 08:31 - 00617984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsrcsnk.dll
2014-07-24 16:04 - 2012-09-20 08:31 - 00604672 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsapi.dll
2014-07-24 16:04 - 2012-09-20 08:31 - 00355328 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2014-07-24 16:04 - 2012-09-20 08:31 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fveapibase.dll
2014-07-24 16:04 - 2012-09-20 08:31 - 00236544 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFPlay.dll
2014-07-24 16:04 - 2012-09-20 08:31 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\system32\IPHLPAPI.DLL
2014-07-24 16:04 - 2012-09-20 08:30 - 01743872 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2014-07-24 16:04 - 2012-09-20 08:30 - 00634880 _____ (Microsoft Corporation) C:\WINDOWS\system32\apphelp.dll
2014-07-24 16:04 - 2012-09-20 08:30 - 00180736 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcdsrv.dll
2014-07-24 16:04 - 2012-09-20 07:55 - 00995328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Streaming.dll
2014-07-24 16:04 - 2012-09-20 07:55 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSATAPI.dll
2014-07-24 16:04 - 2012-09-20 07:54 - 01196032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vssapi.dll
2014-07-24 16:04 - 2012-09-20 07:54 - 00709632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MsSpellCheckingFacility.dll
2014-07-24 16:04 - 2012-09-20 07:53 - 00675840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apphelp.dll
2014-07-24 16:04 - 2012-09-20 07:53 - 00119808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\IPHLPAPI.DLL
2014-07-24 16:03 - 2012-09-20 11:08 - 00027280 _____ (Microsoft Corporation) C:\WINDOWS\system32\avrt.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 01342464 _____ (Microsoft Corporation) C:\WINDOWS\system32\user32.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 00699392 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinapi.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 00627712 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetup.exe
2014-07-24 16:03 - 2012-09-20 08:33 - 00588800 _____ (Microsoft Corporation) C:\WINDOWS\system32\webio.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winsrv.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 00117760 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwm.exe
2014-07-24 16:03 - 2012-09-20 08:33 - 00107008 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpnpmgr.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 00101888 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingSyncHost.exe
2014-07-24 16:03 - 2012-09-20 08:33 - 00092672 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvinst.exe
2014-07-24 16:03 - 2012-09-20 08:33 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpremove.exe
2014-07-24 16:03 - 2012-09-20 08:33 - 00090624 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 00089600 _____ (Microsoft Corporation) C:\WINDOWS\system32\umpo.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 00069632 _____ (Microsoft Corporation) C:\WINDOWS\system32\vsstrace.dll
2014-07-24 16:03 - 2012-09-20 08:33 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\svchost.exe
2014-07-24 16:03 - 2012-09-20 08:33 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\sdbinst.exe
2014-07-24 16:03 - 2012-09-20 08:32 - 00256512 _____ (Microsoft Corporation) C:\WINDOWS\system32\msvproc.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\ProximityService.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00189952 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfos.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00112128 _____ (Microsoft Corporation) C:\WINDOWS\system32\PackageStateRoaming.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00076288 _____ (Microsoft Corporation) C:\WINDOWS\system32\RpcEpMap.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00065536 _____ (Microsoft Corporation) C:\WINDOWS\system32\setbcdlocale.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00044544 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfctrs.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfproc.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfdisk.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00023552 _____ (Microsoft Corporation) C:\WINDOWS\system32\perfnet.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\MUILanguageCleanup.dll
2014-07-24 16:03 - 2012-09-20 08:32 - 00006656 _____ (Microsoft Corporation) C:\WINDOWS\system32\shimeng.dll
2014-07-24 16:03 - 2012-09-20 08:31 - 00459776 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxgi.dll
2014-07-24 16:03 - 2012-09-20 08:31 - 00437760 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfh264enc.dll
2014-07-24 16:03 - 2012-09-20 08:31 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\dnsrslvr.dll
2014-07-24 16:03 - 2012-09-20 08:31 - 00118272 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevPropMgr.dll
2014-07-24 16:03 - 2012-09-20 08:31 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\mmcss.dll
2014-07-24 16:03 - 2012-09-20 08:31 - 00037888 _____ (Microsoft Corporation) C:\WINDOWS\system32\LangCleanupSysprepAction.dll
2014-07-24 16:03 - 2012-09-20 08:31 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\eventcls.dll
2014-07-24 16:03 - 2012-09-20 08:31 - 00008704 _____ (Microsoft Corporation) C:\WINDOWS\system32\lpksetupproxyserv.dll
2014-07-24 16:03 - 2012-09-20 08:30 - 02016256 _____ (Microsoft Corporation) C:\WINDOWS\system32\batmeter.dll
2014-07-24 16:03 - 2012-09-20 08:30 - 00751104 _____ (Microsoft Corporation) C:\WINDOWS\system32\appwiz.cpl
2014-07-24 16:03 - 2012-09-20 08:30 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\aelupsvc.dll
2014-07-24 16:03 - 2012-09-20 08:30 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\DAFWSD.dll
2014-07-24 16:03 - 2012-09-20 08:13 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\microsoft-windows-kernel-power-events.dll
2014-07-24 16:03 - 2012-09-20 08:13 - 00023656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\avrt.dll
2014-07-24 16:03 - 2012-09-20 08:09 - 00022528 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2014-07-24 16:03 - 2012-09-20 08:08 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hdaudbus.sys
2014-07-24 16:03 - 2012-09-20 07:55 - 00465920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinTypes.dll
2014-07-24 16:03 - 2012-09-20 07:55 - 00417280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webio.dll
2014-07-24 16:03 - 2012-09-20 07:55 - 00333824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWAHost.exe
2014-07-24 16:03 - 2012-09-20 07:55 - 00263168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlidcredprov.dll
2014-07-24 16:03 - 2012-09-20 07:55 - 00239616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskeng.exe
2014-07-24 16:03 - 2012-09-20 07:55 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncHost.exe
2014-07-24 16:03 - 2012-09-20 07:55 - 00080384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvinst.exe
2014-07-24 16:03 - 2012-09-20 07:55 - 00023040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\svchost.exe
2014-07-24 16:03 - 2012-09-20 07:55 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sdbinst.exe
2014-07-24 16:03 - 2012-09-20 07:54 - 01369600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RacEngn.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 01137152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00533504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\provcore.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00509952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinapi.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00480768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VAN.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00449024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsrcsnk.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00413184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfh264enc.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00270336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msvproc.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFPlay.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00089088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PackageStateRoaming.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00052224 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vsstrace.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00039424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfctrs.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00034816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfproc.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00033792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfos.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00031232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfdisk.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00021504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\perfnet.dll
2014-07-24 16:03 - 2012-09-20 07:54 - 00005632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shimeng.dll
2014-07-24 16:03 - 2012-09-20 07:53 - 02007040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\batmeter.dll
2014-07-24 16:03 - 2012-09-20 07:53 - 01247232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2014-07-24 16:03 - 2012-09-20 07:53 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\appwiz.cpl
2014-07-24 16:03 - 2012-09-20 07:53 - 00461824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dnsapi.dll
2014-07-24 16:03 - 2012-09-20 07:53 - 00366080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxgi.dll
2014-07-24 16:03 - 2012-09-20 07:53 - 00015360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\eventcls.dll
2014-07-24 16:03 - 2012-09-20 06:10 - 01126912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\user32.dll
2014-07-24 14:43 - 2013-10-09 03:33 - 00059416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuauclt.exe
2014-07-24 14:43 - 2013-10-09 00:30 - 00628736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapi.dll
2014-07-24 14:43 - 2013-10-09 00:30 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuwebv.dll
2014-07-24 14:43 - 2013-10-09 00:30 - 00084992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wudriver.dll
2014-07-24 14:43 - 2013-10-09 00:30 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wuapp.exe
2014-07-24 14:43 - 2013-10-09 00:28 - 00040448 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapp.exe
2014-07-24 14:43 - 2013-10-09 00:27 - 03279872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuaueng.dll
2014-07-24 14:43 - 2013-10-09 00:27 - 01622016 _____ (Microsoft Corporation) C:\WINDOWS\system32\wucltux.dll
2014-07-24 14:43 - 2013-10-09 00:27 - 00773120 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuapi.dll
2014-07-24 14:43 - 2013-10-09 00:27 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\system32\WUSettingsProvider.dll
2014-07-24 14:43 - 2013-10-09 00:27 - 00175104 _____ (Microsoft Corporation) C:\WINDOWS\system32\storewuauth.dll
2014-07-24 14:43 - 2013-10-09 00:27 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\wuwebv.dll
2014-07-24 14:43 - 2013-10-09 00:27 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\wudriver.dll
2014-07-24 14:43 - 2013-10-05 08:10 - 00285016 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2014-07-24 14:43 - 2013-10-02 04:50 - 00447320 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBHUB3.SYS
2014-07-24 14:43 - 2013-09-28 07:48 - 00778752 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2014-07-24 14:43 - 2013-09-28 05:58 - 00551424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2014-07-24 14:43 - 2013-09-19 09:32 - 01455448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dxgkrnl.sys
2014-07-24 14:43 - 2013-08-30 07:19 - 00626688 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2014-07-24 14:43 - 2013-08-30 07:18 - 00374784 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2014-07-24 14:43 - 2013-08-30 01:48 - 00488960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2014-07-24 14:43 - 2013-08-30 01:47 - 00302080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2014-07-24 12:51 - 2013-09-14 00:36 - 00247296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ubpm.dll
2014-07-24 12:51 - 2013-09-14 00:33 - 00328192 _____ (Microsoft Corporation) C:\WINDOWS\system32\ubpm.dll
2014-07-24 12:51 - 2013-08-30 07:43 - 00061784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\crashdmp.sys
2014-07-24 12:51 - 2013-08-30 07:20 - 01173504 _____ (Microsoft Corporation) C:\WINDOWS\system32\UIAutomationCore.dll
2014-07-24 12:51 - 2013-08-30 01:48 - 00914432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UIAutomationCore.dll
2014-07-24 12:51 - 2013-08-21 08:39 - 00465240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2014-07-24 12:51 - 2013-08-10 08:30 - 00151896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tpm.sys
2014-07-24 12:51 - 2013-07-25 01:10 - 10799104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2014-07-24 12:51 - 2013-07-25 01:07 - 13661696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2014-07-24 12:51 - 2012-09-20 08:48 - 00062488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpfve.sys
2014-07-24 11:43 - 2013-07-06 02:16 - 01025024 _____ (Microsoft Corporation) C:\WINDOWS\system32\localspl.dll
2014-07-24 11:43 - 2013-07-03 02:22 - 02839552 _____ (Microsoft Corporation) C:\WINDOWS\system32\msftedit.dll
2014-07-24 11:43 - 2013-07-03 02:10 - 02273792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msftedit.dll
2014-07-24 11:42 - 2013-07-09 10:04 - 00120144 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\msgpioclx.sys
2014-07-24 11:42 - 2013-07-09 08:18 - 00439488 _____ (Microsoft Corporation) C:\WINDOWS\system32\WerFault.exe
2014-07-24 11:42 - 2013-07-09 06:25 - 00385768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WerFault.exe
2014-07-24 11:42 - 2013-07-09 05:57 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LocationApi.dll
2014-07-24 11:42 - 2013-07-09 00:46 - 00543744 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanmm.dll
2014-07-24 11:42 - 2013-07-09 00:46 - 00414208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwanconn.dll
2014-07-24 11:42 - 2013-07-09 00:46 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Wwanadvui.dll
2014-07-24 11:42 - 2013-07-09 00:45 - 00312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\LocationApi.dll
2014-07-24 11:42 - 2013-07-03 02:23 - 00391168 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.BackgroundTransfer.dll
2014-07-24 11:42 - 2013-07-03 02:11 - 00268800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.BackgroundTransfer.dll
2014-07-24 11:42 - 2013-07-01 00:30 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\openfiles.exe
2014-07-24 11:42 - 2013-07-01 00:29 - 00077312 _____ (Microsoft Corporation) C:\WINDOWS\system32\openfiles.exe
2014-07-24 11:42 - 2013-06-29 08:15 - 00195416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\sdbus.sys
2014-07-24 11:42 - 2013-06-29 08:15 - 00125784 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dumpsd.sys
2014-07-24 11:42 - 2013-06-26 05:01 - 00321536 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\udfs.sys
2014-07-24 11:42 - 2013-06-26 04:59 - 00341504 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\HdAudio.sys
2014-07-24 11:42 - 2013-06-25 00:54 - 00447488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wwansvc.dll
2014-07-24 11:42 - 2013-06-25 00:54 - 00263680 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmsvc.dll
2014-07-24 11:42 - 2013-06-25 00:54 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\system32\wcmcsp.dll
2014-07-24 11:42 - 2013-06-19 07:36 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmmbase.dll
2014-07-24 11:42 - 2013-06-19 07:36 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmm.dll
2014-07-24 11:42 - 2013-06-19 00:38 - 00160256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmmbase.dll
2014-07-24 11:42 - 2013-06-19 00:38 - 00125440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmm.dll
2014-07-24 11:42 - 2013-06-12 01:43 - 00154112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WinSCard.dll
2014-07-24 11:42 - 2013-06-12 01:26 - 00230912 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSCard.dll
2014-07-24 11:42 - 2013-06-06 10:03 - 00119040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBSTOR.SYS
2014-07-24 09:32 - 2013-10-31 07:56 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2014-07-24 09:32 - 2013-10-31 07:56 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\system32\FirewallAPI.dll
2014-07-24 09:32 - 2013-10-31 06:01 - 00550400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FirewallAPI.dll
2014-07-24 09:32 - 2013-10-31 05:42 - 00074752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mpsdrv.sys
2014-07-24 09:32 - 2013-10-13 22:49 - 00100696 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\disk.sys
2014-07-24 09:32 - 2013-08-27 07:21 - 00227840 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebClnt.dll
2014-07-24 09:32 - 2013-08-27 07:19 - 00104448 _____ (Microsoft Corporation) C:\WINDOWS\system32\davclnt.dll
2014-07-24 09:32 - 2013-08-27 00:29 - 00199168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WebClnt.dll
2014-07-24 09:32 - 2013-08-27 00:28 - 00086016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\davclnt.dll
2014-07-24 08:54 - 2013-06-17 00:41 - 00997632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndis.sys
2014-07-24 08:54 - 2013-06-01 13:34 - 02391280 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2014-07-24 08:54 - 2013-06-01 13:26 - 00327936 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\volsnap.sys
2014-07-24 08:54 - 2013-06-01 12:24 - 02106176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2014-07-24 08:54 - 2013-06-01 11:24 - 01453568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2014-07-24 08:54 - 2013-06-01 11:24 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mscms.dll
2014-07-24 08:54 - 2013-06-01 11:23 - 01842176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2014-07-24 08:54 - 2013-06-01 11:23 - 00680960 _____ (Microsoft Corporation) C:\WINDOWS\system32\vds.exe
2014-07-24 08:54 - 2013-06-01 11:21 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\samsrv.dll
2014-07-24 08:54 - 2013-06-01 11:21 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\system32\samlib.dll
2014-07-24 08:54 - 2013-06-01 11:20 - 02219520 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2014-07-24 08:54 - 2013-06-01 11:20 - 01527808 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2014-07-24 08:54 - 2013-06-01 11:20 - 01048576 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfasfsrcsnk.dll
2014-07-24 08:54 - 2013-06-01 11:20 - 00583168 _____ (Microsoft Corporation) C:\WINDOWS\system32\mscms.dll
2014-07-24 08:54 - 2013-06-01 11:19 - 00785408 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2014-07-24 08:54 - 2013-05-25 00:09 - 01403296 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2014-07-24 08:54 - 2013-05-25 00:09 - 01271584 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2014-07-24 08:54 - 2013-05-25 00:09 - 01217352 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2014-07-24 08:54 - 2013-05-25 00:09 - 01093904 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2014-07-24 08:53 - 2013-06-01 11:25 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\samlib.dll
2014-07-24 08:53 - 2013-06-01 11:24 - 00850944 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfasfsrcsnk.dll
2014-07-24 08:53 - 2013-06-01 11:22 - 00190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\vdsutil.dll
2014-07-24 08:53 - 2013-06-01 11:22 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\MbaeParserTask.exe
2014-07-24 08:53 - 2013-06-01 11:19 - 00207872 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceSetupManager.dll
2014-07-24 08:53 - 2013-06-01 05:08 - 00037632 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\BthAvrcpTg.sys
2014-07-23 11:05 - 2014-06-18 01:27 - 01440256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\osk.exe
2014-07-23 11:05 - 2014-06-18 01:24 - 01557504 _____ (Microsoft Corporation) C:\WINDOWS\system32\osk.exe
2014-07-23 11:05 - 2014-06-11 06:18 - 04038144 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32k.sys
2014-07-23 10:05 - 2014-03-28 10:23 - 19759104 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2014-07-23 10:05 - 2014-03-28 08:18 - 17562112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2014-07-23 09:38 - 2013-04-24 01:13 - 01013248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certutil.exe
2014-07-23 09:38 - 2013-04-24 01:12 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptnet.dll
2014-07-23 09:38 - 2013-04-24 00:56 - 01255936 _____ (Microsoft Corporation) C:\WINDOWS\system32\certutil.exe
2014-07-23 09:38 - 2013-04-24 00:55 - 00141312 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptnet.dll
2014-07-23 09:11 - 2014-07-23 09:11 - 00000117 _____ () C:\WINDOWS\system32\netcfg-101341463.txt
2014-07-23 08:42 - 2014-07-23 08:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-99622066.txt
2014-07-23 07:01 - 2014-07-23 07:01 - 00000117 _____ () C:\WINDOWS\system32\netcfg-93571224.txt
2014-07-23 06:48 - 2014-07-23 06:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-92757757.txt
2014-07-22 20:39 - 2014-07-22 20:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56217518.txt
2014-07-22 17:36 - 2014-07-22 17:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-45253659.txt
2014-07-22 12:30 - 2014-07-22 12:30 - 00000117 _____ () C:\WINDOWS\system32\netcfg-26927114.txt
2014-07-22 12:30 - 2014-07-22 12:30 - 00000117 _____ () C:\WINDOWS\system32\netcfg-26926802.txt
2014-07-22 08:57 - 2014-07-22 08:57 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Nero_AG
2014-07-22 08:56 - 2014-07-22 08:57 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Nero
2014-07-22 08:55 - 2014-07-22 08:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-13976051.txt
2014-07-22 08:44 - 2014-07-22 08:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-13368770.txt
2014-07-22 08:14 - 2014-07-22 08:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-11512265.txt
2014-07-22 07:47 - 2014-07-22 07:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9913847.txt
2014-07-22 07:07 - 2014-07-22 07:07 - 00000117 _____ () C:\WINDOWS\system32\netcfg-7547016.txt
2014-07-22 06:57 - 2014-07-22 06:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6908878.txt
2014-07-22 05:59 - 2014-07-22 05:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3463034.txt
2014-07-22 05:33 - 2014-07-22 05:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1873494.txt
2014-07-22 04:39 - 2014-07-22 04:39 - 00000128 _____ () C:\WINDOWS\system32\netcfg-100027.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-88795.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000135 _____ () C:\WINDOWS\system32\netcfg-79919.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-88124.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-87344.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000129 _____ () C:\WINDOWS\system32\netcfg-78640.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-80480.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000127 _____ () C:\WINDOWS\system32\netcfg-81682.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000126 _____ () C:\WINDOWS\system32\netcfg-81120.txt
2014-07-22 04:18 - 2014-07-22 04:18 - 00000128 _____ () C:\WINDOWS\system32\netcfg-141960.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000136 _____ () C:\WINDOWS\system32\netcfg-129855.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000135 _____ () C:\WINDOWS\system32\netcfg-119590.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-129137.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-128357.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000129 _____ () C:\WINDOWS\system32\netcfg-118482.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-120151.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000127 _____ () C:\WINDOWS\system32\netcfg-121399.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000126 _____ () C:\WINDOWS\system32\netcfg-120853.txt
2014-07-22 02:03 - 2014-07-22 02:03 - 01372550 _____ () C:\Users\Hespetreet\Downloads\AnHsinPuTzu.themepack
2014-07-22 00:54 - 2014-07-22 00:54 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\ATI
2014-07-22 00:54 - 2014-07-22 00:54 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\ATI
2014-07-22 00:54 - 2014-07-22 00:54 - 00000000 ____D () C:\ProgramData\ATI
2014-07-21 23:39 - 2014-07-21 23:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-118456457.txt
2014-07-21 23:39 - 2014-07-21 23:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-118456254.txt
2014-07-21 22:38 - 2014-07-21 22:38 - 29853816 ____N (Symantec Corporation) C:\Users\Hespetreet\Downloads\NortonIdentitySafe-EN-v1.exe
2014-07-21 22:29 - 2014-07-21 22:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\N360_BACKUP
2014-07-21 22:07 - 2014-07-21 22:07 - 00000117 _____ () C:\WINDOWS\system32\netcfg-112946299.txt
2014-07-21 21:40 - 2014-07-21 21:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-111363341.txt
2014-07-21 14:13 - 2014-07-21 14:13 - 00002225 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-21 14:13 - 2014-07-21 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-21 14:12 - 2014-08-10 23:17 - 00001016 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-07-21 14:12 - 2014-08-10 14:17 - 00001012 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-07-21 14:12 - 2014-07-21 14:13 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Google
2014-07-21 14:12 - 2014-07-21 14:13 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-21 14:12 - 2014-07-21 14:12 - 00003988 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-21 14:12 - 2014-07-21 14:12 - 00003752 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-21 14:11 - 2014-07-21 14:11 - 00895120 _____ (Google Inc.) C:\Users\Hespetreet\Downloads\ChromeSetup.exe
2014-07-21 11:54 - 2014-07-21 11:56 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-21 11:54 - 2014-06-26 17:40 - 96441528 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2014-07-21 09:43 - 2014-05-03 07:47 - 03246592 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpcorets.dll
2014-07-21 09:43 - 2014-05-03 05:34 - 00235520 _____ (Microsoft Corporation) C:\WINDOWS\system32\rdpudd.dll
2014-07-21 09:43 - 2013-10-19 07:45 - 00062976 _____ (Microsoft Corporation) C:\WINDOWS\system32\imagehlp.dll
2014-07-21 09:43 - 2013-10-19 06:04 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imagehlp.dll
2014-07-21 09:43 - 2013-05-24 01:02 - 01314816 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2014-07-21 09:43 - 2013-05-24 00:25 - 00694272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2014-07-21 09:42 - 2014-01-31 02:48 - 01339392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WindowsCodecs.dll
2014-07-21 09:42 - 2014-01-31 02:06 - 01628160 _____ (Microsoft Corporation) C:\WINDOWS\system32\WindowsCodecs.dll
2014-07-21 09:42 - 2013-10-10 11:32 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cscript.exe
2014-07-21 09:42 - 2013-10-10 11:30 - 00162304 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrobj.dll
2014-07-21 09:42 - 2013-10-10 11:30 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\scrrun.dll
2014-07-21 09:42 - 2013-10-10 11:24 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\system32\wshom.ocx
2014-07-21 09:42 - 2013-10-10 11:23 - 00146944 _____ (Microsoft Corporation) C:\WINDOWS\system32\cscript.exe
2014-07-21 09:42 - 2013-10-10 11:22 - 00222720 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrobj.dll
2014-07-21 09:42 - 2013-10-10 11:22 - 00194048 _____ (Microsoft Corporation) C:\WINDOWS\system32\scrrun.dll
2014-07-21 09:42 - 2013-10-02 01:37 - 01569280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\crypt32.dll
2014-07-21 09:42 - 2013-10-02 01:26 - 01890816 _____ (Microsoft Corporation) C:\WINDOWS\system32\crypt32.dll
2014-07-21 09:42 - 2013-09-28 05:35 - 00288768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\portcls.sys
2014-07-21 09:42 - 2013-08-23 09:22 - 02062848 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d11.dll
2014-07-21 09:42 - 2013-08-23 03:44 - 01711616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d11.dll
2014-07-21 09:42 - 2013-08-07 07:15 - 00144896 _____ (Microsoft Corporation) C:\WINDOWS\system32\tssdisai.dll
2014-07-21 09:42 - 2013-07-01 03:42 - 00623448 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbhub.sys
2014-07-21 09:42 - 2013-07-01 03:42 - 00498008 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbport.sys
2014-07-21 09:42 - 2013-07-01 03:42 - 00079192 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbehci.sys
2014-07-21 09:42 - 2013-07-01 03:42 - 00021848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbd.sys
2014-07-21 09:42 - 2013-06-29 05:07 - 00032256 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbuhci.sys
2014-07-21 09:42 - 2013-06-29 05:06 - 00120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbccgp.sys
2014-07-21 09:42 - 2013-04-12 00:30 - 01421312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2014-07-21 09:42 - 2013-04-12 00:22 - 01838080 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2014-07-21 09:42 - 2013-03-22 05:49 - 02382336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\esent.dll
2014-07-21 09:42 - 2013-03-22 00:47 - 02851840 _____ (Microsoft Corporation) C:\WINDOWS\system32\esent.dll
2014-07-21 09:42 - 2012-11-10 06:23 - 00148480 _____ (Microsoft Corporation) C:\WINDOWS\system32\poqexec.exe
2014-07-21 09:42 - 2012-11-10 06:23 - 00132608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\poqexec.exe
2014-07-21 09:42 - 2012-11-10 06:22 - 00126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\RDWebAI.dll
2014-07-21 09:42 - 2012-11-10 06:22 - 00122880 _____ (Microsoft Corporation) C:\WINDOWS\system32\VmHostAI.dll
2014-07-21 09:42 - 2012-11-10 06:20 - 00135680 _____ (Microsoft Corporation) C:\WINDOWS\system32\appserverai.dll
2014-07-21 09:42 - 2012-10-24 05:25 - 00026624 _____ (Microsoft Corporation) C:\WINDOWS\system32\ReAgentc.exe
2014-07-21 09:42 - 2012-10-24 04:48 - 00024064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgentc.exe
2014-07-21 09:08 - 2014-07-21 09:08 - 00000117 _____ () C:\WINDOWS\system32\netcfg-66246729.txt
2014-07-21 07:05 - 2014-07-21 07:05 - 00000117 _____ () C:\WINDOWS\system32\netcfg-58834997.txt
2014-07-21 03:04 - 2014-07-21 03:04 - 00000117 _____ () C:\WINDOWS\system32\netcfg-44405575.txt
2014-07-21 02:06 - 2014-07-21 02:06 - 00000117 _____ () C:\WINDOWS\system32\netcfg-40884757.txt
2014-07-20 23:46 - 2014-07-20 23:46 - 00000117 _____ () C:\WINDOWS\system32\netcfg-32489501.txt
2014-07-20 23:26 - 2014-07-20 23:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-31288636.txt
2014-07-20 21:15 - 2014-07-20 21:15 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Macromedia
2014-07-20 20:38 - 2014-08-10 23:05 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-07-20 20:38 - 2014-07-20 20:38 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-20 20:22 - 2014-07-20 20:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-20255684.txt
2014-07-20 19:16 - 2014-07-20 20:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-16331526.txt
2014-07-20 18:33 - 2014-07-20 18:33 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\CrashRpt
2014-07-20 18:31 - 2014-07-20 18:31 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Tencent
2014-07-20 18:31 - 2014-07-20 18:31 - 00000000 ____D () C:\ProgramData\Tencent
2014-07-20 18:27 - 2014-04-30 00:32 - 01301504 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2014-07-20 18:27 - 2014-04-30 00:22 - 01023488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2014-07-20 18:25 - 2014-04-19 11:39 - 00628024 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationUI.exe
2014-07-20 18:25 - 2014-04-19 10:45 - 00693760 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSShared.dll
2014-07-20 18:25 - 2014-04-19 10:45 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-20 18:25 - 2014-04-19 08:57 - 00566784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSShared.dll
2014-07-20 18:25 - 2014-04-19 08:57 - 00124928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.TestingFramework.dll
2014-07-20 18:25 - 2014-01-31 02:48 - 00143872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2014-07-20 18:24 - 2013-10-10 13:53 - 00096600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wfplwfs.sys
2014-07-20 18:24 - 2013-10-10 11:21 - 01160192 _____ (Microsoft Corporation) C:\WINDOWS\system32\IKEEXT.DLL
2014-07-20 18:24 - 2013-10-10 11:20 - 00723968 _____ (Microsoft Corporation) C:\WINDOWS\system32\BFE.DLL
2014-07-20 18:24 - 2013-06-10 21:16 - 00888832 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2014-07-20 18:24 - 2013-06-10 21:15 - 00381952 _____ (Microsoft Corporation) C:\WINDOWS\system32\FWPUCLNT.DLL
2014-07-20 18:24 - 2013-06-10 21:10 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2014-07-20 18:24 - 2013-06-10 21:10 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\FWPUCLNT.DLL
2014-07-20 18:23 - 2013-08-16 07:41 - 00058200 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\dam.sys
2014-07-20 18:23 - 2013-08-16 07:39 - 02371728 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSService.dll
2014-07-20 18:23 - 2013-08-16 07:22 - 04917760 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2014-07-20 18:23 - 2013-08-16 07:21 - 01164288 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2014-07-20 18:23 - 2013-08-16 07:21 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppwinob.dll
2014-07-20 18:23 - 2013-08-16 07:21 - 00204800 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSClient.dll
2014-07-20 18:23 - 2013-08-16 07:21 - 00198656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2014-07-20 18:23 - 2013-08-16 07:21 - 00183808 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSSync.dll
2014-07-20 18:23 - 2013-08-16 07:21 - 00120320 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppc.dll
2014-07-20 18:23 - 2013-08-16 07:21 - 00081408 _____ (Microsoft Corporation) C:\WINDOWS\system32\setupcln.dll
2014-07-20 18:23 - 2013-08-16 07:21 - 00049664 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups.dll
2014-07-20 18:23 - 2013-08-16 07:21 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\wups2.dll
2014-07-20 18:23 - 2013-08-16 07:20 - 00105984 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinSetupUI.dll
2014-07-20 18:23 - 2013-08-16 00:43 - 00167424 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSClient.dll
2014-07-20 18:23 - 2013-08-16 00:43 - 00159232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WSSync.dll
2014-07-20 18:23 - 2013-08-16 00:43 - 00083968 _____ () C:\WINDOWS\SysWOW64\OEMLicense.dll
2014-07-20 18:23 - 2013-08-16 00:43 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wups.dll
2014-07-20 18:23 - 2013-08-16 00:42 - 00091648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sppc.dll
2014-07-20 18:23 - 2013-08-16 00:42 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\setupcln.dll
2014-07-20 18:23 - 2012-09-20 08:33 - 00110592 _____ () C:\WINDOWS\system32\OEMLicense.dll
2014-07-20 18:22 - 2013-07-06 02:15 - 00652288 _____ (Microsoft Corporation) C:\WINDOWS\system32\comctl32.dll
2014-07-20 18:22 - 2013-07-04 04:13 - 00541696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\comctl32.dll
2014-07-20 18:20 - 2014-05-30 01:31 - 00452608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SHCore.dll
2014-07-20 18:20 - 2014-05-30 01:03 - 00588288 _____ (Microsoft Corporation) C:\WINDOWS\system32\SHCore.dll
2014-07-20 18:20 - 2014-05-30 01:02 - 01281536 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2014-07-20 18:20 - 2014-05-30 01:02 - 00439808 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsm.dll
2014-07-20 18:19 - 2014-07-01 00:42 - 00702464 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepdu.dll
2014-07-20 18:19 - 2014-07-01 00:42 - 00394240 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2014-07-20 18:19 - 2014-07-01 00:42 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2014-07-20 18:19 - 2014-06-28 05:35 - 00556544 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2014-07-20 18:17 - 2014-03-28 21:19 - 00035856 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdBoot.sys
2014-07-20 18:17 - 2014-03-24 00:11 - 00269592 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdFilter.sys
2014-07-20 18:16 - 2013-12-09 02:45 - 00523776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2014-07-20 18:16 - 2013-12-09 01:59 - 00600064 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2014-07-20 18:14 - 2013-07-06 00:02 - 00099328 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbcir.sys
2014-07-20 18:14 - 2013-07-06 00:01 - 00210560 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbvideo.sys
2014-07-20 18:14 - 2013-06-22 07:45 - 00785624 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Wdf01000.sys
2014-07-20 18:14 - 2013-06-22 07:45 - 00054488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\WdfLdr.sys
2014-07-20 18:13 - 2013-07-02 00:14 - 00025600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usbprint.sys
2014-07-20 18:13 - 2013-06-29 05:08 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidparse.sys
2014-07-20 18:09 - 2014-07-20 18:10 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Mozilla
2014-07-20 18:09 - 2014-07-20 18:10 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Mozilla
2014-07-20 18:09 - 2014-07-20 18:09 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-20 18:09 - 2014-07-20 18:09 - 00001123 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-20 18:09 - 2014-07-20 18:09 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-20 18:04 - 2013-03-02 12:57 - 00077544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\storahci.sys
2014-07-20 18:04 - 2013-03-02 12:39 - 00495336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2014-07-20 18:04 - 2013-03-02 10:23 - 00893952 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\winmde.dll
2014-07-20 18:04 - 2013-03-02 10:23 - 00601088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Globalization.dll
2014-07-20 18:04 - 2013-03-02 10:23 - 00504320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Security.Authentication.OnlineId.dll
2014-07-20 18:04 - 2013-03-02 10:23 - 00100864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SettingSyncInfo.dll
2014-07-20 18:04 - 2013-03-02 10:22 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netcfgx.dll
2014-07-20 18:04 - 2013-03-02 10:21 - 00550912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvstore.dll
2014-07-20 18:04 - 2013-03-02 10:21 - 00145408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\powercfg.cpl
2014-07-20 18:04 - 2013-03-02 04:45 - 01149952 _____ (Microsoft Corporation) C:\WINDOWS\system32\winmde.dll
2014-07-20 18:04 - 2013-03-02 04:45 - 01101824 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmpmde.dll
2014-07-20 18:04 - 2013-03-02 04:45 - 00951808 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Globalization.dll
2014-07-20 18:04 - 2013-03-02 04:45 - 00645120 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Security.Authentication.OnlineId.dll
2014-07-20 18:04 - 2013-03-02 04:45 - 00245248 _____ (Microsoft Corporation) C:\WINDOWS\system32\usbmon.dll
2014-07-20 18:04 - 2013-03-02 04:45 - 00240640 _____ (Microsoft Corporation) C:\WINDOWS\system32\fsquirt.exe
2014-07-20 18:04 - 2013-03-02 04:45 - 00180224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2014-07-20 18:04 - 2013-03-02 04:45 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\system32\TimeBrokerServer.dll
2014-07-20 18:04 - 2013-03-02 04:45 - 00103936 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpdbusenum.dll
2014-07-20 18:04 - 2013-03-02 04:45 - 00071168 _____ (Microsoft Corporation) C:\WINDOWS\system32\WSDPrintProxy.DLL
2014-07-20 18:04 - 2013-03-02 04:44 - 00703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvstore.dll
2014-07-20 18:04 - 2013-03-02 04:44 - 00455168 _____ (Microsoft Corporation) C:\WINDOWS\system32\netcfgx.dll
2014-07-20 18:04 - 2013-03-02 04:44 - 00150016 _____ (Microsoft Corporation) C:\WINDOWS\system32\discan.dll
2014-07-20 18:04 - 2013-03-02 04:44 - 00117248 _____ (Microsoft Corporation) C:\WINDOWS\system32\NdisImPlatform.dll
2014-07-20 18:04 - 2013-03-02 04:44 - 00049152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevDispItemProvider.dll
2014-07-20 18:04 - 2013-03-02 04:43 - 00156160 _____ (Microsoft Corporation) C:\WINDOWS\system32\powercfg.cpl
2014-07-20 18:04 - 2013-03-02 04:15 - 00026112 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mouhid.sys
2014-07-20 18:04 - 2013-03-01 06:56 - 00156672 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rfcomm.sys
2014-07-20 18:04 - 2013-03-01 06:55 - 01175040 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\bthport.sys
2014-07-20 18:03 - 2013-03-02 10:21 - 00036352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevDispItemProvider.dll
2014-07-20 18:03 - 2013-03-01 06:56 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\monitor.sys
2014-07-20 18:00 - 2014-06-03 00:33 - 00265216 _____ (Microsoft Corporation) C:\WINDOWS\system32\InkEd.dll
2014-07-20 17:43 - 2013-03-02 10:23 - 00375808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ReAgent.dll
2014-07-20 17:43 - 2013-03-02 04:44 - 01011200 _____ (Microsoft Corporation) C:\WINDOWS\system32\reseteng.dll
2014-07-20 17:41 - 2013-05-15 04:25 - 00888320 _____ (Microsoft Corporation) C:\WINDOWS\system32\autochk.exe
2014-07-20 17:41 - 2013-05-15 04:25 - 00542208 _____ (Microsoft Corporation) C:\WINDOWS\system32\untfs.dll
2014-07-20 17:41 - 2013-05-15 04:24 - 00793088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\autochk.exe
2014-07-20 17:41 - 2013-05-15 04:24 - 00482816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\untfs.dll
2014-07-20 17:41 - 2013-05-04 09:58 - 00120736 _____ (Microsoft Corporation) C:\WINDOWS\system32\AuthHost.exe
2014-07-20 17:41 - 2013-05-04 08:59 - 01483776 _____ (Microsoft Corporation) C:\WINDOWS\system32\VSSVC.exe
2014-07-20 17:41 - 2013-05-04 08:59 - 00812544 _____ (Microsoft Corporation) C:\WINDOWS\system32\Magnify.exe
2014-07-20 17:41 - 2013-05-04 08:58 - 01332736 _____ (Microsoft Corporation) C:\WINDOWS\system32\sysmain.dll
2014-07-20 17:41 - 2013-05-04 08:58 - 00470528 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofmsvc.dll
2014-07-20 17:41 - 2013-05-04 08:58 - 00330240 _____ (Microsoft Corporation) C:\WINDOWS\system32\stobject.dll
2014-07-20 17:41 - 2013-05-04 08:58 - 00169984 _____ (Microsoft Corporation) C:\WINDOWS\system32\netplwiz.dll
2014-07-20 17:41 - 2013-05-04 08:58 - 00151552 _____ (Microsoft Corporation) C:\WINDOWS\system32\netprofm.dll
2014-07-20 17:41 - 2013-05-04 08:58 - 00093696 _____ (Microsoft Corporation) C:\WINDOWS\system32\psmsrv.dll
2014-07-20 17:41 - 2013-05-04 08:57 - 01131520 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2014-07-20 17:41 - 2013-05-04 08:57 - 00708096 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.dll
2014-07-20 17:41 - 2013-05-04 08:57 - 00560640 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfmp4srcsnk.dll
2014-07-20 17:41 - 2013-05-04 08:57 - 00501760 _____ (Microsoft Corporation) C:\WINDOWS\system32\DevicePairing.dll
2014-07-20 17:41 - 2013-05-04 08:57 - 00389120 _____ (Microsoft Corporation) C:\WINDOWS\system32\BCP47Langs.dll
2014-07-20 17:41 - 2013-05-04 08:57 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\bisrv.dll
2014-07-20 17:41 - 2013-05-04 08:57 - 00122368 _____ (Microsoft Corporation) C:\WINDOWS\system32\biwinrt.dll
2014-07-20 17:41 - 2013-05-04 08:57 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\system32\muifontsetup.dll
2014-07-20 17:41 - 2013-05-04 08:56 - 00419840 _____ (Microsoft Corporation) C:\WINDOWS\system32\intl.cpl
2014-07-20 17:41 - 2013-05-04 06:58 - 00758784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Magnify.exe
2014-07-20 17:41 - 2013-05-04 06:57 - 00303616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\stobject.dll
2014-07-20 17:41 - 2013-05-04 06:57 - 00151040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netplwiz.dll
2014-07-20 17:41 - 2013-05-04 06:57 - 00115712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\netprofm.dll
2014-07-20 17:41 - 2013-05-04 06:57 - 00018432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\npmproxy.dll
2014-07-20 17:41 - 2013-05-04 06:57 - 00014336 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\muifontsetup.dll
2014-07-20 17:41 - 2013-05-04 06:56 - 00449536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DevicePairing.dll
2014-07-20 17:41 - 2013-05-04 06:56 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfmp4srcsnk.dll
2014-07-20 17:41 - 2013-05-04 06:56 - 00309760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\BCP47Langs.dll
2014-07-20 17:41 - 2013-05-04 06:56 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\biwinrt.dll
2014-07-20 17:41 - 2013-05-04 06:55 - 00389632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\intl.cpl
2014-07-20 17:41 - 2013-05-04 06:51 - 00014848 _____ (Microsoft) C:\WINDOWS\system32\rars.rs
2014-07-20 17:41 - 2013-05-04 06:48 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidusb.sys
2014-07-20 17:41 - 2013-05-04 06:47 - 00427520 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\rdbss.sys
2014-07-20 17:41 - 2013-05-04 06:10 - 00014848 _____ (Microsoft) C:\WINDOWS\SysWOW64\rars.rs
2014-07-20 17:41 - 2013-03-02 04:45 - 00077824 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhost.exe
2014-07-20 17:41 - 2013-03-02 04:45 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskhostex.exe
2014-07-20 17:41 - 2013-02-02 10:39 - 00015872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmproxy.dll
2014-07-20 17:41 - 2013-02-02 10:39 - 00012288 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlmsprep.dll
2014-07-20 17:40 - 2013-07-20 00:13 - 00124112 _____ (Microsoft Corporation) C:\WINDOWS\system32\PresentationCFFRasterizerNative_v0300.dll
2014-07-20 17:40 - 2013-07-20 00:13 - 00102608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PresentationCFFRasterizerNative_v0300.dll
2014-07-20 17:40 - 2013-05-04 08:59 - 02842112 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2014-07-20 17:40 - 2013-05-04 06:57 - 02620928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2014-07-20 17:40 - 2013-04-27 07:20 - 00733184 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32spl.dll
2014-07-20 17:40 - 2013-02-02 10:40 - 00410624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wlroamextension.dll
2014-07-20 17:40 - 2013-02-02 10:40 - 00370688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WWanAPI.dll
2014-07-20 17:40 - 2013-02-02 10:40 - 00197632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.Connectivity.dll
2014-07-20 17:40 - 2013-02-02 10:40 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tasklist.exe
2014-07-20 17:40 - 2013-02-02 10:40 - 00079360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\taskkill.exe
2014-07-20 17:40 - 2013-02-02 10:39 - 00055296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nlaapi.dll
2014-07-20 17:40 - 2013-02-02 10:38 - 00567808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\duser.dll
2014-07-20 17:40 - 2013-02-02 10:24 - 00107520 _____ (Microsoft Corporation) C:\WINDOWS\system32\taskkill.exe
2014-07-20 17:40 - 2013-02-02 10:24 - 00102400 _____ (Microsoft Corporation) C:\WINDOWS\system32\tasklist.exe
2014-07-20 17:40 - 2013-02-02 10:23 - 00611840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpd_ci.dll
2014-07-20 17:40 - 2013-02-02 10:23 - 00543232 _____ (Microsoft Corporation) C:\WINDOWS\system32\wlroamextension.dll
2014-07-20 17:40 - 2013-02-02 10:23 - 00475136 _____ (Microsoft Corporation) C:\WINDOWS\system32\WWanAPI.dll
2014-07-20 17:40 - 2013-02-02 10:23 - 00293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.Connectivity.dll
2014-07-20 17:40 - 2013-02-02 10:23 - 00087552 _____ (Microsoft Corporation) C:\WINDOWS\system32\wersvc.dll
2014-07-20 17:40 - 2013-02-02 10:21 - 00385024 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncsi.dll
2014-07-20 17:40 - 2013-02-02 10:20 - 00729600 _____ (Microsoft Corporation) C:\WINDOWS\system32\duser.dll
2014-07-20 17:40 - 2013-02-02 10:20 - 00260096 _____ (Microsoft Corporation) C:\WINDOWS\system32\hotspotauth.dll
2014-07-20 17:40 - 2013-02-02 09:25 - 00297984 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ks.sys
2014-07-20 17:40 - 2012-09-20 08:32 - 00356352 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlasvc.dll
2014-07-20 17:40 - 2012-09-20 08:32 - 00072192 _____ (Microsoft Corporation) C:\WINDOWS\system32\nlaapi.dll
2014-07-20 17:39 - 2014-03-11 05:32 - 06987096 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2014-07-20 17:39 - 2013-03-06 09:10 - 00112872 _____ (Microsoft Corporation) C:\WINDOWS\system32\consent.exe
2014-07-20 17:39 - 2013-03-06 08:29 - 00070144 _____ (Microsoft Corporation) C:\WINDOWS\system32\appinfo.dll
2014-07-20 17:39 - 2013-02-12 02:17 - 00020992 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\usb8023.sys
2014-07-20 17:39 - 2013-02-02 07:41 - 01437184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\GdiPlus.dll
2014-07-20 17:39 - 2013-02-02 07:31 - 01690624 _____ (Microsoft Corporation) C:\WINDOWS\system32\GdiPlus.dll
2014-07-20 17:38 - 2014-04-12 11:27 - 00172888 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2014-07-20 17:38 - 2014-04-12 11:10 - 00578048 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2014-07-20 17:38 - 2014-04-12 11:09 - 01043968 _____ (Microsoft Corporation) C:\WINDOWS\system32\usercpl.dll
2014-07-20 17:38 - 2014-04-12 11:09 - 00208896 _____ (Microsoft Corporation) C:\WINDOWS\system32\wdigest.dll
2014-07-20 17:38 - 2014-04-12 11:09 - 00094720 _____ (Microsoft Corporation) C:\WINDOWS\system32\TSpkg.dll
2014-07-20 17:38 - 2014-04-12 11:08 - 00827904 _____ (Microsoft Corporation) C:\WINDOWS\system32\kerberos.dll
2014-07-20 17:38 - 2014-04-12 11:08 - 00318464 _____ (Microsoft Corporation) C:\WINDOWS\system32\msv1_0.dll
2014-07-20 17:38 - 2014-04-12 11:07 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\credssp.dll
2014-07-20 17:38 - 2014-04-12 09:23 - 00961536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\usercpl.dll
2014-07-20 17:38 - 2014-04-12 09:23 - 00273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msv1_0.dll
2014-07-20 17:38 - 2014-04-12 09:23 - 00178688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wdigest.dll
2014-07-20 17:38 - 2014-04-12 09:23 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\TSpkg.dll
2014-07-20 17:38 - 2014-04-12 09:22 - 00666624 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kerberos.dll
2014-07-20 17:38 - 2014-04-12 09:22 - 00017408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\credssp.dll
2014-07-20 17:38 - 2014-04-12 08:58 - 00014848 _____ (Microsoft Corporation) C:\WINDOWS\system32\workerdd.dll
2014-07-20 17:38 - 2014-03-11 05:25 - 00100184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecdd.sys
2014-07-20 17:38 - 2014-03-11 02:41 - 00559104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\objsel.dll
2014-07-20 17:38 - 2014-03-11 02:41 - 00323072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2014-07-20 17:38 - 2014-03-11 02:41 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dimsroam.dll
2014-07-20 17:38 - 2014-03-11 02:39 - 00035840 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsass.exe
2014-07-20 17:38 - 2014-03-11 02:38 - 00982016 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2014-07-20 17:38 - 2014-03-11 02:38 - 00684032 _____ (Microsoft Corporation) C:\WINDOWS\system32\objsel.dll
2014-07-20 17:38 - 2014-03-11 02:38 - 00419328 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2014-07-20 17:38 - 2014-03-11 02:38 - 00179712 _____ (Microsoft Corporation) C:\WINDOWS\system32\dpapisrv.dll
2014-07-20 17:38 - 2014-03-11 02:38 - 00164864 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspicli.dll
2014-07-20 17:38 - 2014-03-11 02:38 - 00045056 _____ (Microsoft Corporation) C:\WINDOWS\system32\dimsroam.dll
2014-07-20 17:38 - 2014-03-11 02:38 - 00027648 _____ (Microsoft Corporation) C:\WINDOWS\system32\sspisrv.dll
2014-07-20 17:38 - 2014-03-10 05:05 - 00668160 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2014-07-20 17:38 - 2014-03-10 03:27 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\sspicli.dll
2014-07-20 17:38 - 2014-03-04 01:07 - 00570216 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2014-07-20 17:38 - 2013-12-05 01:43 - 00583680 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdrm.dll
2014-07-20 17:38 - 2013-12-05 01:37 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdrm.dll
2014-07-20 17:34 - 2014-06-19 04:12 - 02239488 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2014-07-20 17:34 - 2014-06-19 04:12 - 01366528 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2014-07-20 17:34 - 2014-06-19 04:12 - 00915968 _____ (Microsoft Corporation) C:\WINDOWS\system32\uxtheme.dll
2014-07-20 17:34 - 2014-06-19 04:12 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\UXInit.dll
2014-07-20 17:34 - 2014-06-19 04:12 - 00051712 _____ (Microsoft Corporation) C:\WINDOWS\system32\ie4uinit.exe
2014-07-20 17:34 - 2014-06-19 04:11 - 19277312 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2014-07-20 17:34 - 2014-06-19 04:11 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\msrating.dll
2014-07-20 17:34 - 2014-06-19 04:11 - 00097792 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 15369728 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00855552 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00603136 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00452096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtmsft.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00281600 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxtrans.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00255488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iedkcs32.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00136704 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesysprep.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00067072 _____ (Microsoft Corporation) C:\WINDOWS\system32\iesetup.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\jsproxy.dll
2014-07-20 17:34 - 2014-06-19 04:10 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\system32\iernonce.dll
2014-07-20 17:34 - 2014-06-19 04:09 - 01508864 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcpl.cpl
2014-07-20 17:34 - 2014-06-19 02:53 - 01766400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2014-07-20 17:34 - 2014-06-19 02:53 - 01141760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2014-07-20 17:34 - 2014-06-19 02:53 - 00493056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2014-07-20 17:34 - 2014-06-19 02:53 - 00163840 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrating.dll
2014-07-20 17:34 - 2014-06-19 02:53 - 00044032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\UXInit.dll
2014-07-20 17:34 - 2014-06-19 02:52 - 13732352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2014-07-20 17:34 - 2014-06-19 02:52 - 01440768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcpl.cpl
2014-07-20 17:34 - 2014-06-19 02:52 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtmsft.dll
2014-07-20 17:34 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iedkcs32.dll
2014-07-20 17:34 - 2014-06-19 02:52 - 00226816 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxtrans.dll
2014-07-20 17:34 - 2014-06-19 02:52 - 00109056 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesysprep.dll
2014-07-20 17:34 - 2014-06-19 02:52 - 00061440 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iesetup.dll
2014-07-20 17:34 - 2014-06-19 02:52 - 00039936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jsproxy.dll
2014-07-20 17:34 - 2014-06-19 02:52 - 00033280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iernonce.dll
2014-07-20 17:34 - 2014-06-19 02:33 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2014-07-20 17:34 - 2014-06-19 02:30 - 02706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2014-07-20 17:34 - 2014-06-19 00:05 - 00534528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uxtheme.dll
2014-07-20 17:33 - 2014-06-19 04:10 - 03959296 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2014-07-20 17:33 - 2014-06-19 04:10 - 02650624 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2014-07-20 17:33 - 2014-06-19 02:53 - 14368768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2014-07-20 17:33 - 2014-06-19 02:53 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtmled.dll
2014-07-20 17:33 - 2014-06-19 02:52 - 02863616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2014-07-20 17:33 - 2014-06-19 02:52 - 02051072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2014-07-20 17:33 - 2014-06-19 02:52 - 00690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2014-07-20 17:28 - 2013-07-13 08:18 - 00337408 _____ (Microsoft Corporation) C:\WINDOWS\system32\wintrust.dll
2014-07-20 17:28 - 2013-07-13 08:16 - 00068096 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptsvc.dll
2014-07-20 17:28 - 2013-07-13 08:15 - 00124416 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepapi.dll
2014-07-20 17:28 - 2013-07-13 08:15 - 00098304 _____ (Microsoft Corporation) C:\WINDOWS\system32\apprepsync.dll
2014-07-20 17:28 - 2013-07-13 06:24 - 00261120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wintrust.dll
2014-07-20 17:28 - 2013-07-13 06:23 - 00087040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepapi.dll
2014-07-20 17:28 - 2013-07-13 06:23 - 00074240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\apprepsync.dll
2014-07-20 17:28 - 2013-07-02 03:41 - 00337752 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\USBXHCI.SYS
2014-07-20 17:28 - 2013-07-02 03:41 - 00213336 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UCX01000.SYS
2014-07-20 17:27 - 2014-03-28 10:23 - 01287168 _____ (Microsoft Corporation) C:\WINDOWS\system32\schedsvc.dll
2014-07-20 17:27 - 2014-01-13 01:30 - 02238976 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3d10warp.dll
2014-07-20 17:27 - 2014-01-13 01:30 - 02032640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3d10warp.dll
2014-07-20 17:27 - 2013-11-20 02:15 - 03842560 _____ (Microsoft Corporation) C:\WINDOWS\system32\d2d1.dll
2014-07-20 17:27 - 2013-11-20 01:57 - 03288576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d2d1.dll
2014-07-20 17:27 - 2013-03-15 02:17 - 00861184 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\http.sys
2014-07-20 17:26 - 2014-05-30 00:24 - 00576512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\afd.sys
2014-07-20 17:26 - 2013-11-23 08:43 - 00420864 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMPhoto.dll
2014-07-20 17:26 - 2013-11-23 07:05 - 00368640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMPhoto.dll
2014-07-20 17:25 - 2014-06-06 16:06 - 00596480 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2014-07-20 17:25 - 2014-06-06 12:17 - 00497152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2014-07-20 17:24 - 2014-04-03 13:22 - 02233176 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2014-07-20 17:24 - 2013-04-03 01:37 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptdlg.dll
2014-07-20 17:24 - 2013-04-03 01:12 - 00030720 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptdlg.dll
2014-07-20 17:24 - 2013-03-02 11:59 - 00411880 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\FWPKCLNT.SYS
2014-07-20 17:23 - 2013-04-09 07:33 - 00489576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2014-07-20 17:23 - 2013-04-09 07:33 - 00446792 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2014-07-20 17:23 - 2013-04-09 07:33 - 00253544 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2014-07-20 17:23 - 2013-04-09 07:20 - 00306952 _____ (Microsoft Corporation) C:\WINDOWS\system32\kd_02_10ec.dll
2014-07-20 17:23 - 2013-04-09 07:20 - 00086280 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdnet.dll
2014-07-20 17:23 - 2013-04-09 07:18 - 00077960 _____ (Microsoft Corporation) C:\WINDOWS\system32\kdvm.dll
2014-07-20 17:23 - 2013-04-09 07:17 - 01829408 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2014-07-20 17:23 - 2013-04-09 06:52 - 00816128 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchIndexer.exe
2014-07-20 17:23 - 2013-04-09 06:52 - 00804352 _____ (Microsoft Corporation) C:\WINDOWS\system32\RecoveryDrive.exe
2014-07-20 17:23 - 2013-04-09 06:52 - 00373760 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchProtocolHost.exe
2014-07-20 17:23 - 2013-04-09 06:52 - 00197120 _____ (Microsoft Corporation) C:\WINDOWS\system32\SearchFilterHost.exe
2014-07-20 17:23 - 2013-04-09 06:52 - 00126464 _____ (Microsoft Corporation) C:\WINDOWS\system32\Robocopy.exe
2014-07-20 17:23 - 2013-04-09 06:51 - 14267904 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmp.dll
2014-07-20 17:23 - 2013-04-09 06:51 - 03552768 _____ (Microsoft Corporation) C:\WINDOWS\system32\tquery.dll
2014-07-20 17:23 - 2013-04-09 06:51 - 00595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Networking.dll
2014-07-20 17:23 - 2013-04-09 06:51 - 00456704 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpncore.dll
2014-07-20 17:23 - 2013-04-09 06:51 - 00367616 _____ (Microsoft Corporation) C:\WINDOWS\system32\conhost.exe
2014-07-20 17:23 - 2013-04-09 06:51 - 00099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\wscsvc.dll
2014-07-20 17:23 - 2013-04-09 06:50 - 02107904 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssrch.dll
2014-07-20 17:23 - 2013-04-09 06:50 - 00745984 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssvp.dll
2014-07-20 17:23 - 2013-04-09 06:50 - 00435200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssph.dll
2014-07-20 17:23 - 2013-04-09 06:50 - 00414720 _____ (Microsoft Corporation) C:\WINDOWS\system32\GenuineCenter.dll
2014-07-20 17:23 - 2013-04-09 06:50 - 00096256 _____ (Microsoft Corporation) C:\WINDOWS\system32\mssprxy.dll
2014-07-20 17:23 - 2013-04-09 06:50 - 00065024 _____ (Microsoft Corporation) C:\WINDOWS\system32\msscntrs.dll
2014-07-20 17:23 - 2013-04-09 06:50 - 00013824 _____ (Microsoft Corporation) C:\WINDOWS\system32\msshooks.dll
2014-07-20 17:23 - 2013-04-09 06:49 - 01444864 _____ (Microsoft Corporation) C:\WINDOWS\system32\MSAudDecMFT.dll
2014-07-20 17:23 - 2013-04-09 06:49 - 00468992 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFMediaEngine.dll
2014-07-20 17:23 - 2013-04-09 06:49 - 00281088 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfreadwrite.dll
2014-07-20 17:23 - 2013-04-09 06:49 - 00231936 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhengine.dll
2014-07-20 17:23 - 2013-04-09 06:49 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\iuilp.dll
2014-07-20 17:23 - 2013-04-09 06:49 - 00196096 _____ (Microsoft Corporation) C:\WINDOWS\system32\dmvdsitf.dll
2014-07-20 17:23 - 2013-04-09 06:49 - 00172544 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2014-07-20 17:23 - 2013-04-09 06:49 - 00050176 _____ (Microsoft Corporation) C:\WINDOWS\system32\fmifs.dll
2014-07-20 17:23 - 2013-04-09 06:48 - 00169472 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2014-07-20 17:23 - 2013-04-09 04:34 - 00095744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidbth.sys
2014-07-20 17:23 - 2013-04-09 04:33 - 00060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndproxy.sys
2014-07-20 17:23 - 2013-04-09 04:32 - 00805376 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\PEAuth.sys
2014-07-20 17:23 - 2013-04-09 04:31 - 00083456 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\wanarp.sys
2014-07-20 17:23 - 2013-04-09 01:44 - 00123880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wscapi.dll
2014-07-20 17:23 - 2013-04-09 01:39 - 01408896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2014-07-20 17:23 - 2013-04-09 01:37 - 00426024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2014-07-20 17:23 - 2013-04-09 01:37 - 00324368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2014-07-20 17:23 - 2013-04-08 23:52 - 11878912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmp.dll
2014-07-20 17:23 - 2013-04-08 23:52 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchIndexer.exe
2014-07-20 17:23 - 2013-04-08 23:52 - 00302592 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchProtocolHost.exe
2014-07-20 17:23 - 2013-04-08 23:52 - 00171008 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\SearchFilterHost.exe
2014-07-20 17:23 - 2013-04-08 23:52 - 00106496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Robocopy.exe
2014-07-20 17:23 - 2013-04-08 23:51 - 02767360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tquery.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 01593344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssrch.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 01113600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MSAudDecMFT.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00659456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssvp.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00411136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Networking.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00403968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssph.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00361984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFMediaEngine.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00214528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfreadwrite.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00186880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssphtb.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00155648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dmvdsitf.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fmifs.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00035328 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mssprxy.dll
2014-07-20 17:23 - 2013-04-08 23:51 - 00010752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msshooks.dll
2014-07-20 17:23 - 2013-04-05 01:30 - 00503080 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2014-07-20 17:23 - 2013-03-16 00:05 - 00298456 _____ (Microsoft Corporation) C:\WINDOWS\system32\rsaenh.dll
2014-07-20 17:23 - 2013-03-16 00:05 - 00252928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rsaenh.dll
2014-07-20 17:23 - 2013-02-02 10:40 - 00155136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XpsRasterService.dll
2014-07-20 17:23 - 2013-02-02 10:23 - 00228352 _____ (Microsoft Corporation) C:\WINDOWS\system32\XpsRasterService.dll
2014-07-20 17:23 - 2012-09-20 08:33 - 00142848 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhmanagew.exe
2014-07-20 17:23 - 2012-09-20 08:33 - 00060928 _____ (Microsoft Corporation) C:\WINDOWS\system32\ndptsp.tsp
2014-07-20 17:23 - 2012-09-20 08:33 - 00047104 _____ (Microsoft Corporation) C:\WINDOWS\system32\kmddsp.tsp
2014-07-20 17:23 - 2012-09-20 08:32 - 00121856 _____ (Microsoft Corporation) C:\WINDOWS\system32\rascfg.dll
2014-07-20 17:23 - 2012-09-20 08:32 - 00075264 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasdiag.dll
2014-07-20 17:23 - 2012-09-20 08:32 - 00041984 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasmxs.dll
2014-07-20 17:23 - 2012-09-20 08:32 - 00029696 _____ (Microsoft Corporation) C:\WINDOWS\system32\rasser.dll
2014-07-20 17:23 - 2012-09-20 08:32 - 00009728 _____ (Microsoft Corporation) C:\WINDOWS\system32\spwmp.dll
2014-07-20 17:23 - 2012-09-20 08:32 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\msdxm.ocx
2014-07-20 17:23 - 2012-09-20 08:32 - 00006144 _____ (Microsoft Corporation) C:\WINDOWS\system32\dxmasf.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00315392 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcfg.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00280576 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcat.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00137728 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhshl.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00116736 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvc.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00080896 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsrchapi.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00070656 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhevents.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00067584 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsrchph.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhlisten.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00064000 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhautoplay.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00053760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhcleanup.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00038400 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhtask.dll
2014-07-20 17:23 - 2012-09-20 08:31 - 00020480 _____ (Microsoft Corporation) C:\WINDOWS\system32\fhsvcctl.dll
2014-07-20 17:23 - 2012-09-20 08:12 - 09374208 _____ (Microsoft Corporation) C:\WINDOWS\system32\wmploc.DLL
2014-07-20 17:23 - 2012-09-20 08:09 - 00025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ndistapi.sys
2014-07-20 17:23 - 2012-09-20 07:55 - 00051200 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ndptsp.tsp
2014-07-20 17:23 - 2012-09-20 07:55 - 00038912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\kmddsp.tsp
2014-07-20 17:23 - 2012-09-20 07:54 - 00108544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rascfg.dll
2014-07-20 17:23 - 2012-09-20 07:54 - 00059392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasdiag.dll
2014-07-20 17:23 - 2012-09-20 07:54 - 00032768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasmxs.dll
2014-07-20 17:23 - 2012-09-20 07:54 - 00022016 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rasser.dll
2014-07-20 17:23 - 2012-09-20 07:54 - 00009216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\spwmp.dll
2014-07-20 17:23 - 2012-09-20 07:54 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msdxm.ocx
2014-07-20 17:23 - 2012-09-20 07:54 - 00004608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dxmasf.dll
2014-07-20 17:23 - 2012-09-20 07:32 - 09374208 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wmploc.DLL
2014-07-20 17:19 - 2014-03-07 02:47 - 01419264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxml3.dll
2014-07-20 17:19 - 2014-03-07 02:08 - 01845760 _____ (Microsoft Corporation) C:\WINDOWS\system32\msxml3.dll
2014-07-20 17:19 - 2013-10-02 01:37 - 02035712 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\authui.dll
2014-07-20 17:19 - 2013-10-02 01:26 - 02304512 _____ (Microsoft Corporation) C:\WINDOWS\system32\authui.dll
2014-07-20 17:19 - 2013-08-02 08:28 - 10116608 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.dll
2014-07-20 17:19 - 2013-08-02 07:08 - 08858112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\twinui.dll
2014-07-20 17:19 - 2013-03-02 12:39 - 00069864 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\pdc.sys
2014-07-20 17:19 - 2013-03-02 04:43 - 02146304 _____ (Microsoft Corporation) C:\WINDOWS\system32\actxprxy.dll
2014-07-20 17:19 - 2013-02-07 03:33 - 00754176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\actxprxy.dll
2014-07-20 17:18 - 2013-11-01 07:38 - 00312320 _____ (Microsoft Corporation) C:\WINDOWS\system32\msieftp.dll
2014-07-20 17:18 - 2013-11-01 05:49 - 00273408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msieftp.dll
2014-07-20 17:10 - 2013-05-27 01:17 - 00035328 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2014-07-20 17:10 - 2013-05-27 00:59 - 00046080 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2014-07-20 17:10 - 2013-05-25 05:15 - 00362496 _____ (Adobe Systems Incorporated) C:\WINDOWS\system32\atmfd.dll
2014-07-20 17:10 - 2013-05-25 04:32 - 00300032 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\atmfd.dll
2014-07-20 17:05 - 2014-07-20 17:05 - 00000117 _____ () C:\WINDOWS\system32\netcfg-8466252.txt
2014-07-20 16:53 - 2014-07-20 16:53 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-07-20 16:26 - 2014-07-20 16:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6118936.txt
2014-07-20 16:23 - 2012-07-26 07:32 - 00033240 _____ (GEAR Software Inc.) C:\WINDOWS\system32\Drivers\GEARAspiWDM.sys
2014-07-20 16:22 - 2014-07-20 16:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
2014-07-20 16:22 - 2014-07-20 16:22 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NBRTWizardx64
2014-07-20 16:22 - 2014-07-20 16:22 - 00000000 ____D () C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2014-07-20 16:22 - 2012-07-26 07:32 - 00125872 _____ (GEAR Software Inc.) C:\WINDOWS\system32\GEARAspi64.dll
2014-07-20 16:22 - 2012-07-26 07:32 - 00106928 _____ (GEAR Software Inc.) C:\WINDOWS\SysWOW64\GEARAspi.dll
2014-07-20 15:33 - 2014-07-20 15:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2951835.txt
2014-07-20 15:33 - 2014-07-20 15:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2951694.txt
2014-07-20 14:48 - 2014-07-20 14:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-208510.txt
2014-07-20 14:48 - 2014-07-20 14:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-208308.txt
2014-07-20 14:48 - 2014-07-20 14:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-199026.txt
2014-07-20 14:45 - 2014-07-20 14:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-61011.txt
2014-07-19 13:49 - 2014-07-19 13:49 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-07-19 13:41 - 2014-08-09 17:09 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3604915464-1756807762-4202892429-1001
2014-07-19 13:41 - 2014-07-19 13:49 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-07-19 13:41 - 2014-07-19 13:49 - 00002331 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-07-19 13:41 - 2014-07-19 13:41 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-07-19 13:41 - 2014-07-19 13:41 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-07-19 13:41 - 2014-07-19 13:41 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-19 13:37 - 2014-08-08 22:35 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-07-19 13:37 - 2014-07-19 13:49 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-19 13:37 - 2014-07-19 13:37 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-07-19 13:28 - 2014-07-19 13:28 - 00000000 ____D () C:\ProgramData\PCSettings
2014-07-19 13:14 - 2014-07-19 13:15 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5433483.txt
2014-07-19 13:14 - 2014-07-19 13:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5430535.txt
2014-07-19 12:04 - 2014-07-20 17:22 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\WildTangent
2014-07-19 11:48 - 2014-07-19 11:48 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Atheros
2014-07-19 11:47 - 2014-07-19 11:47 - 00001446 _____ () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-19 11:47 - 2014-07-19 11:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-07-19 11:47 - 2014-07-19 11:47 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Adobe
2014-07-19 11:47 - 2014-07-19 11:47 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-07-19 11:47 - 2014-07-19 11:47 - 00000000 ____D () C:\Program Files\Preload
2014-07-19 11:46 - 2014-07-19 11:46 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Synaptics
2014-07-19 11:46 - 2014-07-19 11:46 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\VirtualStore
2014-07-19 11:45 - 2014-08-08 22:34 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Packages
2014-07-19 11:45 - 2014-08-08 22:34 - 00000000 ____D () C:\Users\Hespetreet
2014-07-19 11:45 - 2014-07-19 11:45 - 00000020 ___SH () C:\Users\Hespetreet\ntuser.ini
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Start-meny
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Skrivere
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Mine dokumenter
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Maler
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Lokale innstillinger
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Documents\Mine bilder
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Documents\Min musikk
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Documents\Intern video
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programmer
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\AppData\Local\Logg
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\AndrMask
2014-07-19 11:45 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-19 11:45 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-19 11:45 - 2012-07-26 10:13 - 00000000 ___RD () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-19 11:45 - 2012-07-26 10:13 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2014-07-19 11:44 - 2014-08-11 00:00 - 01147870 _____ () C:\WINDOWS\WindowsUpdate.log
2014-07-19 11:40 - 2014-07-19 11:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1959887.txt
2014-07-19 11:16 - 2014-07-19 11:16 - 00000000 ____D () C:\ProgramData\Synaptics
2014-07-19 11:00 - 2014-07-19 11:00 - 00000117 _____ () C:\WINDOWS\system32\netcfg-23146086.txt
2014-07-19 10:51 - 2014-07-19 10:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-22612017.txt
2014-07-19 10:03 - 2014-07-19 10:03 - 00000117 _____ () C:\WINDOWS\system32\netcfg-19735343.txt
2014-07-19 08:26 - 2014-07-19 08:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-13936364.txt
2014-07-19 07:55 - 2014-07-19 07:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-12081731.txt
2014-07-19 07:55 - 2014-07-19 07:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-12081450.txt
2014-07-19 06:28 - 2014-07-19 06:28 - 00001945 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-07-19 06:28 - 2014-07-19 06:28 - 00001915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-07-19 06:28 - 2014-07-19 06:28 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Canneverbe Limited
2014-07-19 06:28 - 2014-07-19 06:28 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-07-19 06:28 - 2014-07-19 06:28 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-07-19 06:26 - 2014-07-19 06:26 - 05689504 _____ (Canneverbe Limited ) C:\Users\Hespetreet\Downloads\cdbxp_setup_4.5.4.4852.exe
2014-07-19 06:25 - 2014-07-19 06:25 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Macromedia
2014-07-19 06:04 - 2014-07-19 06:40 - 1044938752 _____ () C:\NBRT.iso
2014-07-19 05:54 - 2014-07-19 05:54 - 00272208 _____ (Symantec Corporation) C:\Users\Hespetreet\Downloads\NBRTFSDPlugin.dll
2014-07-19 05:52 - 2014-07-29 20:26 - 00001238 _____ () C:\Users\Hespetreet\Desktop\Norton Download Manager.lnk
2014-07-19 05:52 - 2014-07-20 16:20 - 00001354 _____ () C:\Users\Hespetreet\Downloads\Norton Installation Files.lnk
2014-07-19 05:52 - 2014-07-20 14:23 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-07-19 05:52 - 2014-07-19 05:54 - 198568280 _____ (Symantec Corporation) C:\Users\Hespetreet\Downloads\NBRTWizard.exe
2014-07-19 05:51 - 2014-07-20 14:14 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-07-19 05:50 - 2014-07-19 05:50 - 00912648 _____ (Symantec Corporation) C:\Users\Hespetreet\Downloads\NBRT-Retail-Downloader.exe
2014-07-19 03:07 - 2014-07-19 03:07 - 00000000 _____ () C:\Recovery.txt

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2014-08-11 00:02 - 2014-08-11 00:02 - 00016004 _____ () C:\Users\Hespetreet\Desktop\FRST.txt
2014-08-11 00:02 - 2014-08-11 00:01 - 00000000 ____D () C:\FRST
2014-08-11 00:00 - 2014-07-19 11:44 - 01147870 _____ () C:\WINDOWS\WindowsUpdate.log
2014-08-11 00:00 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\sru
2014-08-10 23:53 - 2014-08-10 23:53 - 02099712 _____ (Farbar) C:\Users\Hespetreet\Desktop\FRST64.exe
2014-08-10 23:17 - 2014-07-21 14:12 - 00001016 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2014-08-10 23:05 - 2014-07-20 20:38 - 00000830 _____ () C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2014-08-10 20:54 - 2013-04-26 20:34 - 00065536 _____ () C:\WINDOWS\system32\spu_storage.bin
2014-08-10 14:17 - 2014-07-21 14:12 - 00001012 _____ () C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2014-08-10 13:00 - 2014-08-01 14:38 - 00000356 _____ () C:\WINDOWS\Tasks\SpeedDiskSchedule.job
2014-08-10 11:46 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\AUInstallAgent
2014-08-10 01:06 - 2014-08-10 01:02 - 00303440 _____ () C:\Users\Hespetreet\Desktop\OTL.Txt
2014-08-10 00:43 - 2014-08-10 00:43 - 00602112 _____ (OldTimer Tools) C:\Users\Hespetreet\Desktop\OTL.exe
2014-08-09 19:24 - 2014-08-03 06:46 - 00007625 _____ () C:\Users\Hespetreet\AppData\Local\Resmon.ResmonCfg
2014-08-09 19:24 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\registration
2014-08-09 19:04 - 2014-08-09 19:00 - 00056428 _____ () C:\WINDOWS\SysWOW64\AppLog.log
2014-08-09 19:04 - 2014-07-31 19:20 - 00000306 _____ () C:\WINDOWS\Tasks\NUSchedule.job
2014-08-09 19:04 - 2013-04-26 21:02 - 00000000 ____D () C:\ProgramData\Temp
2014-08-09 17:09 - 2014-07-19 13:41 - 00003600 _____ () C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3604915464-1756807762-4202892429-1001
2014-08-09 12:20 - 2014-07-31 12:28 - 00000314 _____ () C:\WINDOWS\Tasks\NUAutoUpdate.job
2014-08-09 12:20 - 2012-07-26 09:22 - 00000006 ____H () C:\WINDOWS\Tasks\SA.DAT
2014-08-09 12:19 - 2012-07-26 10:12 - 00000000 ___HD () C:\WINDOWS\ELAMBKUP
2014-08-09 12:18 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\BBI
2014-08-08 23:19 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\WinStore
2014-08-08 23:19 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Recovery
2014-08-08 23:19 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\ras
2014-08-08 23:19 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MSDRM
2014-08-08 23:19 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\Dism
2014-08-08 23:06 - 2014-07-31 12:23 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Utilities 16
2014-08-08 23:06 - 2013-04-26 20:50 - 00000000 ____D () C:\WINDOWS\SysWOW64\QCA_CR
2014-08-08 23:03 - 2014-08-07 20:33 - 00000000 ____D () C:\Program Files (x86)\Emsisoft Anti-Malware
2014-08-08 22:59 - 2014-07-28 17:45 - 00000000 ____D () C:\WINDOWS\Minidump
2014-08-08 22:36 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Sysprep
2014-08-08 22:35 - 2014-07-19 13:37 - 00000000 ____D () C:\WINDOWS\system32\Drivers\N360x64
2014-08-08 22:34 - 2014-07-31 12:18 - 00000000 ____D () C:\ProgramData\Package Cache
2014-08-08 22:34 - 2014-07-19 11:45 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Packages
2014-08-08 22:34 - 2014-07-19 11:45 - 00000000 ____D () C:\Users\Hespetreet
2014-08-08 19:01 - 2014-07-31 03:13 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\CrashDumps
2014-08-08 12:25 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\NDF
2014-08-08 12:04 - 2014-08-08 12:04 - 00000000 ____D () C:\ProgramData\HP
2014-08-07 23:01 - 2014-08-07 23:01 - 00000000 ____D () C:\ProgramData\Emsisoft
2014-08-07 19:55 - 2013-04-09 14:23 - 01097796 _____ () C:\WINDOWS\PFRO.log
2014-08-07 19:53 - 2014-08-07 08:39 - 00002131 _____ () C:\Users\Hespetreet\Documents\Mangler ip.txt
2014-08-07 17:40 - 2012-07-26 09:59 - 00000000 ____D () C:\WINDOWS\CbsTemp
2014-08-06 01:49 - 2014-08-06 01:49 - 64286720 _____ () C:\WINDOWS\system32\config\software.rrr
2014-08-06 01:49 - 2014-08-06 01:49 - 01081344 _____ () C:\Users\Hespetreet\s-1-5-21-3604915464-1756807762-4202892429-1001.rrr
2014-08-06 01:49 - 2014-08-06 01:49 - 00139264 _____ () C:\WINDOWS\system32\config\default.rrr
2014-08-06 00:45 - 2013-04-09 15:23 - 00000000 ____D () C:\WINDOWS\Panther
2014-08-05 20:24 - 2014-08-05 19:15 - 00003622 _____ () C:\WINDOWS\SysWOW64\Engines.log
2014-08-03 12:07 - 2014-08-03 12:07 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-08-03 10:48 - 2012-07-26 07:26 - 00262144 ___SH () C:\WINDOWS\system32\config\ELAM
2014-08-02 11:48 - 2014-07-31 19:55 - 00015799 _____ () C:\Users\Hespetreet\Documents\artx.odt
2014-08-01 14:38 - 2014-08-01 14:38 - 00002874 _____ () C:\WINDOWS\System32\Tasks\SpeedDiskSchedule
2014-08-01 14:23 - 2014-07-31 19:51 - 00002081 _____ () C:\Users\Hespetreet\Documents\art2.txt
2014-07-31 20:03 - 2014-07-31 20:03 - 00000118 _____ () C:\Users\Hespetreet\Documents\kanin.txt
2014-07-31 19:01 - 2014-07-31 12:32 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Norton Utilities 16
2014-07-31 15:07 - 2014-07-31 15:07 - 00001075 _____ () C:\Users\Hespetreet\Downloads\Bilder - Snarvei.lnk
2014-07-31 12:28 - 2014-07-31 12:28 - 00002872 _____ () C:\WINDOWS\System32\Tasks\NUSchedule
2014-07-31 12:28 - 2014-07-31 12:28 - 00002530 _____ () C:\WINDOWS\System32\Tasks\NUAutoUpdate
2014-07-31 12:27 - 2014-07-31 12:27 - 00001195 _____ () C:\Users\Public\Desktop\Norton Utilities 16.lnk
2014-07-31 12:23 - 2014-07-31 12:23 - 01550880 _____ () C:\WINDOWS\is-F874M.exe
2014-07-31 12:23 - 2014-07-31 12:23 - 00021977 _____ () C:\WINDOWS\is-F874M.msg
2014-07-31 12:23 - 2014-07-31 12:23 - 00000346 _____ () C:\WINDOWS\is-F874M.lst
2014-07-31 12:23 - 2013-04-26 21:10 - 00000000 ____D () C:\ProgramData\Symantec
2014-07-31 12:23 - 2013-04-26 21:10 - 00000000 ____D () C:\Program Files (x86)\Symantec
2014-07-31 12:19 - 2013-04-26 20:33 - 02875704 _____ () C:\WINDOWS\ATIVGA.LOG
2014-07-31 12:17 - 2014-07-31 12:17 - 00000000 ____D () C:\Program Files\ATI Technologies
2014-07-31 12:15 - 2014-07-31 12:15 - 00000366 _____ () C:\WINDOWS\SetupCD.txt
2014-07-31 12:14 - 2014-07-31 12:14 - 00000000 ____D () C:\AMD
2014-07-31 12:09 - 2014-07-31 12:09 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Product_NU16
2014-07-31 12:06 - 2014-07-31 12:06 - 20120192 _____ (Symantec) C:\Users\Hespetreet\Downloads\nu16.0.2.14-SMUI.exe
2014-07-30 02:35 - 2014-07-30 02:35 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2014-07-29 20:28 - 2013-04-09 16:46 - 00000000 ____D () C:\Users\Hespetreet\SymSilent
2014-07-29 20:26 - 2014-07-19 05:52 - 00001238 _____ () C:\Users\Hespetreet\Desktop\Norton Download Manager.lnk
2014-07-29 20:26 - 2013-04-09 16:45 - 00000000 ____D () C:\ProgramData\Norton
2014-07-29 20:10 - 2014-07-29 16:37 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
2014-07-29 20:07 - 2013-04-26 21:12 - 00449912 _____ () C:\WINDOWS\system32\perfh014.dat
2014-07-29 20:07 - 2013-04-26 21:12 - 00077052 _____ () C:\WINDOWS\system32\perfc014.dat
2014-07-29 20:07 - 2012-07-26 09:28 - 01362464 _____ () C:\WINDOWS\system32\PerfStringBackup.INI
2014-07-29 16:38 - 2014-07-29 16:38 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\SUPERAntiSpyware.com
2014-07-28 17:45 - 2014-07-28 17:45 - 670148535 _____ () C:\WINDOWS\MEMORY.DMP
2014-07-28 17:45 - 2014-07-28 17:45 - 00281680 _____ () C:\WINDOWS\system32\FNTCACHE.DAT
2014-07-27 19:48 - 2014-07-27 19:47 - 00002890 _____ () C:\Users\Hespetreet\Documents\art.odt
2014-07-27 16:47 - 2014-07-27 06:24 - 00000000 ___RD () C:\WINDOWS\BrowserChoice
2014-07-27 16:47 - 2013-04-09 14:38 - 00000000 ____D () C:\ProgramData\PRICache
2014-07-27 06:57 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\rescache
2014-07-27 06:26 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ToastData
2014-07-27 06:26 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\PolicyDefinitions
2014-07-27 06:26 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\microsoft shared
2014-07-27 06:25 - 2012-07-26 10:12 - 00000000 ___RD () C:\WINDOWS\ImmersiveControlPanel
2014-07-27 06:25 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\oobe
2014-07-27 06:24 - 2014-07-27 06:24 - 00000000 ___SD () C:\WINDOWS\system32\CompatTel
2014-07-27 06:24 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-27 06:24 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2014-07-27 06:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Defender
2014-07-27 06:24 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Defender
2014-07-27 06:23 - 2012-07-26 10:12 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2014-07-27 06:23 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SecureBootUpdates
2014-07-27 06:23 - 2012-07-26 09:52 - 00000000 ____D () C:\Program Files\Windows Journal
2014-07-27 06:22 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-27 06:22 - 2012-07-26 10:12 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2014-07-27 06:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Windows Photo Viewer
2014-07-27 06:22 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files (x86)\Windows Photo Viewer
2014-07-27 06:22 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\system32\Dism
2014-07-23 09:11 - 2014-07-23 09:11 - 00000117 _____ () C:\WINDOWS\system32\netcfg-101341463.txt
2014-07-23 08:42 - 2014-07-23 08:42 - 00000117 _____ () C:\WINDOWS\system32\netcfg-99622066.txt
2014-07-23 07:01 - 2014-07-23 07:01 - 00000117 _____ () C:\WINDOWS\system32\netcfg-93571224.txt
2014-07-23 06:48 - 2014-07-23 06:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-92757757.txt
2014-07-22 20:39 - 2014-07-22 20:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-56217518.txt
2014-07-22 17:36 - 2014-07-22 17:36 - 00000117 _____ () C:\WINDOWS\system32\netcfg-45253659.txt
2014-07-22 12:30 - 2014-07-22 12:30 - 00000117 _____ () C:\WINDOWS\system32\netcfg-26927114.txt
2014-07-22 12:30 - 2014-07-22 12:30 - 00000117 _____ () C:\WINDOWS\system32\netcfg-26926802.txt
2014-07-22 08:57 - 2014-07-22 08:57 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Nero_AG
2014-07-22 08:57 - 2014-07-22 08:56 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Nero
2014-07-22 08:55 - 2014-07-22 08:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-13976051.txt
2014-07-22 08:44 - 2014-07-22 08:44 - 00000117 _____ () C:\WINDOWS\system32\netcfg-13368770.txt
2014-07-22 08:14 - 2014-07-22 08:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-11512265.txt
2014-07-22 07:47 - 2014-07-22 07:47 - 00000117 _____ () C:\WINDOWS\system32\netcfg-9913847.txt
2014-07-22 07:07 - 2014-07-22 07:07 - 00000117 _____ () C:\WINDOWS\system32\netcfg-7547016.txt
2014-07-22 06:57 - 2014-07-22 06:57 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6908878.txt
2014-07-22 05:59 - 2014-07-22 05:59 - 00000117 _____ () C:\WINDOWS\system32\netcfg-3463034.txt
2014-07-22 05:33 - 2014-07-22 05:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1873494.txt
2014-07-22 05:01 - 2012-07-26 07:37 - 00000000 ____D () C:\WINDOWS\servicing
2014-07-22 04:39 - 2014-07-22 04:39 - 00000128 _____ () C:\WINDOWS\system32\netcfg-100027.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000136 _____ () C:\WINDOWS\system32\netcfg-88795.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000135 _____ () C:\WINDOWS\system32\netcfg-79919.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-88124.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000134 _____ () C:\WINDOWS\system32\netcfg-87344.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000129 _____ () C:\WINDOWS\system32\netcfg-78640.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000128 _____ () C:\WINDOWS\system32\netcfg-80480.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000127 _____ () C:\WINDOWS\system32\netcfg-81682.txt
2014-07-22 04:38 - 2014-07-22 04:38 - 00000126 _____ () C:\WINDOWS\system32\netcfg-81120.txt
2014-07-22 04:18 - 2014-07-22 04:18 - 00000128 _____ () C:\WINDOWS\system32\netcfg-141960.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000136 _____ () C:\WINDOWS\system32\netcfg-129855.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000135 _____ () C:\WINDOWS\system32\netcfg-119590.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-129137.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000134 _____ () C:\WINDOWS\system32\netcfg-128357.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000129 _____ () C:\WINDOWS\system32\netcfg-118482.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000128 _____ () C:\WINDOWS\system32\netcfg-120151.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000127 _____ () C:\WINDOWS\system32\netcfg-121399.txt
2014-07-22 04:17 - 2014-07-22 04:17 - 00000126 _____ () C:\WINDOWS\system32\netcfg-120853.txt
2014-07-22 02:03 - 2014-07-22 02:03 - 01372550 _____ () C:\Users\Hespetreet\Downloads\AnHsinPuTzu.themepack
2014-07-22 00:54 - 2014-07-22 00:54 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\ATI
2014-07-22 00:54 - 2014-07-22 00:54 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\ATI
2014-07-22 00:54 - 2014-07-22 00:54 - 00000000 ____D () C:\ProgramData\ATI
2014-07-21 23:39 - 2014-07-21 23:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-118456457.txt
2014-07-21 23:39 - 2014-07-21 23:39 - 00000117 _____ () C:\WINDOWS\system32\netcfg-118456254.txt
2014-07-21 22:38 - 2014-07-21 22:38 - 29853816 ____N (Symantec Corporation) C:\Users\Hespetreet\Downloads\NortonIdentitySafe-EN-v1.exe
2014-07-21 22:29 - 2014-07-21 22:29 - 00000000 ____D () C:\WINDOWS\SysWOW64\N360_BACKUP
2014-07-21 22:07 - 2014-07-21 22:07 - 00000117 _____ () C:\WINDOWS\system32\netcfg-112946299.txt
2014-07-21 21:40 - 2014-07-21 21:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-111363341.txt
2014-07-21 14:13 - 2014-07-21 14:13 - 00002225 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2014-07-21 14:13 - 2014-07-21 14:13 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome
2014-07-21 14:13 - 2014-07-21 14:12 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Google
2014-07-21 14:13 - 2014-07-21 14:12 - 00000000 ____D () C:\Program Files (x86)\Google
2014-07-21 14:12 - 2014-07-21 14:12 - 00003988 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA
2014-07-21 14:12 - 2014-07-21 14:12 - 00003752 _____ () C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore
2014-07-21 14:11 - 2014-07-21 14:11 - 00895120 _____ (Google Inc.) C:\Users\Hespetreet\Downloads\ChromeSetup.exe
2014-07-21 11:56 - 2014-07-21 11:54 - 00000000 ____D () C:\WINDOWS\system32\MRT
2014-07-21 09:08 - 2014-07-21 09:08 - 00000117 _____ () C:\WINDOWS\system32\netcfg-66246729.txt
2014-07-21 07:05 - 2014-07-21 07:05 - 00000117 _____ () C:\WINDOWS\system32\netcfg-58834997.txt
2014-07-21 03:04 - 2014-07-21 03:04 - 00000117 _____ () C:\WINDOWS\system32\netcfg-44405575.txt
2014-07-21 02:06 - 2014-07-21 02:06 - 00000117 _____ () C:\WINDOWS\system32\netcfg-40884757.txt
2014-07-20 23:46 - 2014-07-20 23:46 - 00000117 _____ () C:\WINDOWS\system32\netcfg-32489501.txt
2014-07-20 23:26 - 2014-07-20 23:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-31288636.txt
2014-07-20 21:15 - 2014-07-20 21:15 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Macromedia
2014-07-20 20:38 - 2014-07-20 20:38 - 00003718 _____ () C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2014-07-20 20:22 - 2014-07-20 20:22 - 00000117 _____ () C:\WINDOWS\system32\netcfg-20255684.txt
2014-07-20 20:22 - 2014-07-20 19:16 - 00000117 _____ () C:\WINDOWS\system32\netcfg-16331526.txt
2014-07-20 18:40 - 2013-04-09 16:38 - 00000000 ____D () C:\Program Files (x86)\WildTangent Games
2014-07-20 18:33 - 2014-07-20 18:33 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\CrashRpt
2014-07-20 18:31 - 2014-07-20 18:31 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Tencent
2014-07-20 18:31 - 2014-07-20 18:31 - 00000000 ____D () C:\ProgramData\Tencent
2014-07-20 18:10 - 2014-07-20 18:09 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Mozilla
2014-07-20 18:10 - 2014-07-20 18:09 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\Mozilla
2014-07-20 18:09 - 2014-07-20 18:09 - 00001135 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
2014-07-20 18:09 - 2014-07-20 18:09 - 00001123 _____ () C:\Users\Public\Desktop\Mozilla Firefox.lnk
2014-07-20 18:09 - 2014-07-20 18:09 - 00000000 ____D () C:\ProgramData\Mozilla
2014-07-20 17:22 - 2014-07-19 12:04 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\WildTangent
2014-07-20 17:22 - 2013-04-09 16:38 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
2014-07-20 17:22 - 2013-04-09 16:38 - 00000000 ____D () C:\ProgramData\WildTangent
2014-07-20 17:05 - 2014-07-20 17:05 - 00000117 _____ () C:\WINDOWS\system32\netcfg-8466252.txt
2014-07-20 16:53 - 2014-07-20 16:53 - 00000000 ____H () C:\WINDOWS\system32\Drivers\Msft_User_WpdFs_01_11_00.Wdf
2014-07-20 16:53 - 2012-07-26 09:21 - 00020621 _____ () C:\WINDOWS\setupact.log
2014-07-20 16:26 - 2014-07-20 16:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-6118936.txt
2014-07-20 16:23 - 2014-07-20 16:22 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton Bootable Recovery Tool Wizard
2014-07-20 16:22 - 2014-07-20 16:22 - 00000000 ____D () C:\WINDOWS\system32\Drivers\NBRTWizardx64
2014-07-20 16:22 - 2014-07-20 16:22 - 00000000 ____D () C:\Program Files (x86)\Norton Bootable Recovery Tool Wizard
2014-07-20 16:20 - 2014-07-19 05:52 - 00001354 _____ () C:\Users\Hespetreet\Downloads\Norton Installation Files.lnk
2014-07-20 16:05 - 2013-04-26 20:53 - 00000000 ____D () C:\WINDOWS\SysWOW64\XPSViewer
2014-07-20 16:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\MUI
2014-07-20 16:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\migwiz
2014-07-20 16:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\SysWOW64\Com
2014-07-20 16:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\SystemResetPlatform
2014-07-20 16:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\MUI
2014-07-20 16:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\migwiz
2014-07-20 16:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\Com
2014-07-20 16:05 - 2012-07-26 10:12 - 00000000 ____D () C:\Program Files\Common Files\System
2014-07-20 16:05 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\winrm
2014-07-20 16:05 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\slmgr
2014-07-20 16:05 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\Printing_Admin_Scripts
2014-07-20 16:05 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\system32\winrm
2014-07-20 16:05 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\system32\slmgr
2014-07-20 16:05 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\system32\Printing_Admin_Scripts
2014-07-20 16:05 - 2012-07-26 07:38 - 00000000 ____D () C:\WINDOWS\SysWOW64\oobe
2014-07-20 15:33 - 2014-07-20 15:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2951835.txt
2014-07-20 15:33 - 2014-07-20 15:33 - 00000117 _____ () C:\WINDOWS\system32\netcfg-2951694.txt
2014-07-20 14:48 - 2014-07-20 14:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-208510.txt
2014-07-20 14:48 - 2014-07-20 14:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-208308.txt
2014-07-20 14:48 - 2014-07-20 14:48 - 00000117 _____ () C:\WINDOWS\system32\netcfg-199026.txt
2014-07-20 14:45 - 2014-07-20 14:45 - 00000117 _____ () C:\WINDOWS\system32\netcfg-61011.txt
2014-07-20 14:23 - 2014-07-19 05:52 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Norton
2014-07-20 14:14 - 2014-07-19 05:51 - 00000000 ____D () C:\Users\Public\Downloads\Norton
2014-07-19 16:00 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\SysWOW64\WCN
2014-07-19 15:58 - 2012-07-26 09:49 - 00000000 ____D () C:\WINDOWS\system32\WCN
2014-07-19 13:49 - 2014-07-19 13:49 - 00000000 ____D () C:\WINDOWS\System32\Tasks\Norton 360
2014-07-19 13:49 - 2014-07-19 13:41 - 00003206 _____ () C:\WINDOWS\System32\Tasks\Norton WSC Integration
2014-07-19 13:49 - 2014-07-19 13:41 - 00002331 _____ () C:\Users\Public\Desktop\Norton 360.lnk
2014-07-19 13:49 - 2014-07-19 13:37 - 00000000 ___RD () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Norton 360
2014-07-19 13:41 - 2014-07-19 13:41 - 00177752 _____ (Symantec Corporation) C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
2014-07-19 13:41 - 2014-07-19 13:41 - 00008222 _____ () C:\WINDOWS\system32\Drivers\SYMEVENT64x86.CAT
2014-07-19 13:41 - 2014-07-19 13:41 - 00000000 ____D () C:\Program Files\Common Files\Symantec Shared
2014-07-19 13:37 - 2014-07-19 13:37 - 00000000 ____D () C:\Program Files (x86)\Norton 360
2014-07-19 13:36 - 2013-04-09 16:46 - 00000000 ____D () C:\Users\Hespetreet\Symantec
2014-07-19 13:28 - 2014-07-19 13:28 - 00000000 ____D () C:\ProgramData\PCSettings
2014-07-19 13:15 - 2014-07-19 13:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5433483.txt
2014-07-19 13:14 - 2014-07-19 13:14 - 00000117 _____ () C:\WINDOWS\system32\netcfg-5430535.txt
2014-07-19 11:48 - 2014-07-19 11:48 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Atheros
2014-07-19 11:48 - 2013-04-09 15:11 - 00000000 ___HD () C:\OEM
2014-07-19 11:47 - 2014-07-19 11:47 - 00001446 _____ () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2014-07-19 11:47 - 2014-07-19 11:47 - 00000000 ____D () C:\WINDOWS\System32\Tasks\WPD
2014-07-19 11:47 - 2014-07-19 11:47 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Adobe
2014-07-19 11:47 - 2014-07-19 11:47 - 00000000 ____D () C:\ProgramData\OEM_YAHOO
2014-07-19 11:47 - 2014-07-19 11:47 - 00000000 ____D () C:\Program Files\Preload
2014-07-19 11:46 - 2014-07-19 11:46 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Synaptics
2014-07-19 11:46 - 2014-07-19 11:46 - 00000000 ____D () C:\Users\Hespetreet\AppData\Local\VirtualStore
2014-07-19 11:45 - 2014-07-19 11:45 - 00000020 ___SH () C:\Users\Hespetreet\ntuser.ini
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Start-meny
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Skrivere
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Mine dokumenter
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Maler
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Lokale innstillinger
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Documents\Mine bilder
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Documents\Min musikk
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\Documents\Intern video
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\AppData\Roaming\Microsoft\Windows\Start Menu\Programmer
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\AppData\Local\Logg
2014-07-19 11:45 - 2014-07-19 11:45 - 00000000 _SHDL () C:\Users\Hespetreet\AndrMask
2014-07-19 11:40 - 2014-07-19 11:40 - 00000117 _____ () C:\WINDOWS\system32\netcfg-1959887.txt
2014-07-19 11:16 - 2014-07-19 11:16 - 00000000 ____D () C:\ProgramData\Synaptics
2014-07-19 11:05 - 2012-07-26 10:12 - 00000000 ____D () C:\WINDOWS\system32\restore
2014-07-19 11:00 - 2014-07-19 11:00 - 00000117 _____ () C:\WINDOWS\system32\netcfg-23146086.txt
2014-07-19 10:51 - 2014-07-19 10:51 - 00000117 _____ () C:\WINDOWS\system32\netcfg-22612017.txt
2014-07-19 10:03 - 2014-07-19 10:03 - 00000117 _____ () C:\WINDOWS\system32\netcfg-19735343.txt
2014-07-19 08:26 - 2014-07-19 08:26 - 00000117 _____ () C:\WINDOWS\system32\netcfg-13936364.txt
2014-07-19 07:55 - 2014-07-19 07:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-12081731.txt
2014-07-19 07:55 - 2014-07-19 07:55 - 00000117 _____ () C:\WINDOWS\system32\netcfg-12081450.txt
2014-07-19 06:40 - 2014-07-19 06:04 - 1044938752 _____ () C:\NBRT.iso
2014-07-19 06:28 - 2014-07-19 06:28 - 00001945 _____ () C:\Users\Public\Desktop\CDBurnerXP.lnk
2014-07-19 06:28 - 2014-07-19 06:28 - 00001915 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk
2014-07-19 06:28 - 2014-07-19 06:28 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Canneverbe Limited
2014-07-19 06:28 - 2014-07-19 06:28 - 00000000 ____D () C:\ProgramData\Canneverbe Limited
2014-07-19 06:28 - 2014-07-19 06:28 - 00000000 ____D () C:\Program Files (x86)\CDBurnerXP
2014-07-19 06:26 - 2014-07-19 06:26 - 05689504 _____ (Canneverbe Limited ) C:\Users\Hespetreet\Downloads\cdbxp_setup_4.5.4.4852.exe
2014-07-19 06:25 - 2014-07-19 06:25 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Macromedia
2014-07-19 05:54 - 2014-07-19 05:54 - 00272208 _____ (Symantec Corporation) C:\Users\Hespetreet\Downloads\NBRTFSDPlugin.dll
2014-07-19 05:54 - 2014-07-19 05:52 - 198568280 _____ (Symantec Corporation) C:\Users\Hespetreet\Downloads\NBRTWizard.exe
2014-07-19 05:50 - 2014-07-19 05:50 - 00912648 _____ (Symantec Corporation) C:\Users\Hespetreet\Downloads\NBRT-Retail-Downloader.exe
2014-07-19 03:07 - 2014-07-19 03:07 - 00000000 _____ () C:\Recovery.txt
2014-07-19 03:06 - 2012-07-26 10:13 - 00262144 _____ () C:\WINDOWS\system32\config\BCD-Template

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2014-08-10 06:38

==================== End Of Log ============================

 

 

aswMBR version 1.0.1.2041 Copyright© 2014 AVAST Software
Run date: 2014-08-11 00:13:31
-----------------------------
00:13:31.644    OS Version: Windows x64 6.2.9200
00:13:31.644    Number of processors: 4 586 0x1
00:13:31.644    ComputerName: NOKRNOK  UserName:
00:13:32.892    Initialize success
00:13:32.908    VM: initialized successfully
00:13:32.908    VM: Amd CPU BiosDisabled
00:13:35.765    VM: supported disk I/O storport.sys
00:15:44.858    The log file has been saved successfully to "C:\Users\Hespetreet\Desktop\aswMBR.txt"
 



#7 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 10 August 2014 - 05:52 PM

Thanks for posting the logs, Catherine. 

 

I need to get some sleep, so shall return with instructions sometime tomorrow. :)


50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#8 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 11 August 2014 - 05:34 AM

Hi Catherine,
 
Please do the following. 
 
STEP 1
The aswMBR log looks incomplete. I would like you to rerun the programme, ensuring you do not click the Save Log button prematurely. 
 
STEP 2
YARWD1t.png TDSSKiller Scan
  • Please download TDSSKiller and save the file to your desktop.
  • Right-Click TDSSKiller.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • ​Click Start Scan.
  • Note: Do not use the computer during the scan.
  • If objects are found, change the action to skip.
  • Click Continue and close the window.
  • A log will be created and saved to the root directory (usually C:\). Copy the contents of the log and paste in your next reply.
     
======================================================
 
STEP 3
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.
  • aswMBR log
  • TDSSKiller log

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#9 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 11 August 2014 - 07:21 AM

Hi

 

There was no box where I could choose c  in aswMBR not scan finished successfully. or Save log the log just saved it slv on the desktop, Maybe I didn't stop norton correct? I try again and we will see :)



#10 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 11 August 2014 - 08:46 AM

Hi avast hang many times so norton start workig again. I turned norton off and then avast was running for a short time before I got a msg that siething was wrong and it was closed. Btw it took forever before I was able to press scan it was grey and the drop down menu showed up a the same time..

What to do now?

 

I go for step nr 2

 

Well my pc want go yo the download page. I take my dog out and is back asap


Edited by Hespetreet, 11 August 2014 - 09:15 AM.

    Advertisements

Register to Remove


#11 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 11 August 2014 - 10:13 AM

Hi Adam I'm back, can I go to bleeping computer and download from there?



#12 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 11 August 2014 - 10:56 AM

18:42:19.0952 0x13d8  TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
18:42:19.0952 0x13d8  UEFI system
18:42:28.0129 0x13d8  ============================================================
18:42:28.0129 0x13d8  Current date / time: 2014/08/11 18:42:28.0129
18:42:28.0129 0x13d8  SystemInfo:
18:42:28.0129 0x13d8  
18:42:28.0129 0x13d8  OS Version: 6.2.9200 ServicePack: 0.0
18:42:28.0129 0x13d8  Product type: Workstation
18:42:28.0129 0x13d8  ComputerName: NOKRNOK
18:42:28.0130 0x13d8  UserName: Hespetreet
18:42:28.0130 0x13d8  Windows directory: C:\WINDOWS
18:42:28.0130 0x13d8  System windows directory: C:\WINDOWS
18:42:28.0130 0x13d8  Running under WOW64
18:42:28.0130 0x13d8  Processor architecture: Intel x64
18:42:28.0130 0x13d8  Number of processors: 4
18:42:28.0130 0x13d8  Page size: 0x1000
18:42:28.0130 0x13d8  Boot type: Normal boot
18:42:28.0130 0x13d8  ============================================================
18:42:29.0557 0x13d8  KLMD registered as C:\WINDOWS\system32\drivers\55841815.sys
18:42:29.0747 0x13d8  System UUID: {0B821ABA-D95C-FB6E-833A-C95D49687498}
18:42:30.0363 0x13d8  Drive \Device\Harddisk0\DR0 - Size: 0xAEA8CDE000 ( 698.64 Gb ), SectorSize: 0x200, Cylinders: 0x16441, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
18:42:30.0371 0x13d8  ============================================================
18:42:30.0371 0x13d8  \Device\Harddisk0\DR0:
18:42:30.0371 0x13d8  GPT partitions:
18:42:30.0372 0x13d8  \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {9C66CF1F-A2A6-491C-9316-2FCA42146D4A}, Name: Basic data partition, StartLBA 0x800, BlocksNum 0xC8000
18:42:30.0372 0x13d8  \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {C12A7328-F81F-11D2-BA4B-00A0C93EC93B}, UniqueGUID: {0A8DF953-5E4C-4CEB-A3CC-FBF5CB436A2B}, Name: EFI system partition, StartLBA 0xC8800, BlocksNum 0x96000
18:42:30.0372 0x13d8  \Device\Harddisk0\DR0\Partition3: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {18D56F1D-CAF8-450D-B8DB-A649B7492775}, Name: Microsoft reserved partition, StartLBA 0x15E800, BlocksNum 0x40000
18:42:30.0372 0x13d8  \Device\Harddisk0\DR0\Partition4: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {DFBC3436-22AA-4448-90B7-2BBC8E1D3A17}, Name: Basic data partition, StartLBA 0x19E800, BlocksNum 0x5550D000
18:42:30.0372 0x13d8  \Device\Harddisk0\DR0\Partition5: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {D5006E71-1C73-4CC3-B743-7235624776C8}, Name: , StartLBA 0x556AB800, BlocksNum 0xE1000
18:42:30.0372 0x13d8  \Device\Harddisk0\DR0\Partition6: GPT, TypeGUID: {DE94BBA4-06D1-4D40-A16A-BFD50179D6AC}, UniqueGUID: {A470FB3E-073E-4179-8235-E568BBD68561}, Name: Basic data partition, StartLBA 0x5578C800, BlocksNum 0x1DB9800
18:42:30.0372 0x13d8  MBR partitions:
18:42:30.0372 0x13d8  ============================================================
18:42:30.0393 0x13d8  C: <-> \Device\Harddisk0\DR0\Partition4
18:42:30.0394 0x13d8  ============================================================
18:42:30.0394 0x13d8  Initialize success
18:42:30.0394 0x13d8  ============================================================
18:42:45.0432 0x0a04  ============================================================
18:42:45.0432 0x0a04  Scan started
18:42:45.0432 0x0a04  Mode: Manual;
18:42:45.0432 0x0a04  ============================================================
18:42:45.0432 0x0a04  KSN ping started
18:43:07.0814 0x0a04  KSN ping finished: true
18:43:09.0663 0x0a04  ================ Scan system memory ========================
18:43:09.0663 0x0a04  System memory - ok
18:43:09.0664 0x0a04  ================ Scan services =============================
18:43:09.0835 0x0a04  [ E890C46E4754F0DF51BAFCC8D2E07498, E620D03030F3B65442E0A5CB8B59016A6E8DB3BCA52741977B8897B34438E902 ] 1394ohci        C:\WINDOWS\System32\drivers\1394ohci.sys
18:43:09.0845 0x0a04  1394ohci - ok
18:43:09.0894 0x0a04  [ 4F18D4C7EA14F11A7211F60D553C03DB, 09AB6D2D8E9B7B6D6A97708551C0E4B34538947A15EA2A69C11764D7BC0BB7F6 ] 3ware           C:\WINDOWS\system32\drivers\3ware.sys
18:43:09.0899 0x0a04  3ware - ok
18:43:09.0945 0x0a04  [ 975AABEB243B800C23626D6B652C5A9C, FB02336F26AF10BA2A0D1B97C33CB1D78BB90CA51EF008A613A0274779798FAD ] ACPI            C:\WINDOWS\system32\drivers\ACPI.sys
18:43:09.0963 0x0a04  ACPI - ok
18:43:09.0988 0x0a04  [ DC968C37822117E576B933F34A2D130C, 4C94E00ADC242296D7CBBFC7346D5F9AE5FE1B0C616ECA3BDE10A7B34FD2040B ] acpiex          C:\WINDOWS\system32\Drivers\acpiex.sys
18:43:09.0993 0x0a04  acpiex - ok
18:43:10.0014 0x0a04  [ 0CA9F7C3A78227C21A0A7854E245CFB2, D54147C9C1EE2F0098B863B0852E027DB89D6FA67F6B7FD54F609D9715A11442 ] acpipagr        C:\WINDOWS\System32\drivers\acpipagr.sys
18:43:10.0016 0x0a04  acpipagr - ok
18:43:10.0026 0x0a04  [ 8EB8DA03B142D3DD1EB9ED8107A76C43, 24B9B24F9A5BDF3AAD13C4EE0638497D9CA4A100096C6EAE403E0215EA89C439 ] AcpiPmi         C:\WINDOWS\System32\drivers\acpipmi.sys
18:43:10.0029 0x0a04  AcpiPmi - ok
18:43:10.0039 0x0a04  [ CBCE725C5D86ABA7D2604E22951AA9B8, DE0440F0E943F057EBCD01DB4B1E12DBC241FBF03C42021306D322AB88FF8F21 ] acpitime        C:\WINDOWS\System32\drivers\acpitime.sys
18:43:10.0041 0x0a04  acpitime - ok
18:43:10.0162 0x0a04  [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
18:43:10.0173 0x0a04  AdobeFlashPlayerUpdateSvc - ok
18:43:10.0219 0x0a04  [ 93C6388592B99925C1D1576E465BC80F, 4C48BE5471DA4788357D71E90DFEA20FE320C7AAE1F4C55AFBE2E46FEA5CF8FB ] adp94xx         C:\WINDOWS\system32\drivers\adp94xx.sys
18:43:10.0241 0x0a04  adp94xx - ok
18:43:10.0296 0x0a04  [ D27763E0247292654E7F7D16444C7C72, 0314C713D31E2B34F215B52F804F014D876E6ED92DC656CC3E27920CCD36CF0E ] adpahci         C:\WINDOWS\system32\drivers\adpahci.sys
18:43:10.0311 0x0a04  adpahci - ok
18:43:10.0329 0x0a04  [ 67B90070FF48F794AF19F9FCF0080D75, 5D0D352606D58D2CA0814F38EF7B1774C030BE44353DF5910CBFAAF4FDE64ED6 ] adpu320         C:\WINDOWS\system32\drivers\adpu320.sys
18:43:10.0338 0x0a04  adpu320 - ok
18:43:10.0379 0x0a04  [ 974AE60BF5B90E31412D93596C968E5B, 092B59C2B67C4618E7B1800615D1DF7199482F60D0D27BD91763F7F8D7FC883F ] AeLookupSvc     C:\WINDOWS\System32\aelupsvc.dll
18:43:10.0387 0x0a04  AeLookupSvc - ok
18:43:10.0438 0x0a04  [ FE7FB9612D354EB41DF4F0FF5D6FB259, 98D5BD9C1300195C49CB0717A831A06D99F7AE631D5EA065E10BFE7C2FA57A18 ] AFD             C:\WINDOWS\system32\drivers\afd.sys
18:43:10.0473 0x0a04  AFD - ok
18:43:10.0513 0x0a04  [ 01590377A5AB19E792528C628A2A68F9, F3A4B6CA4E8D4436E44E36D7F7EEF3DC861D1EE50D41F4273226C4ED95674B84 ] agp440          C:\WINDOWS\system32\drivers\agp440.sys
18:43:10.0517 0x0a04  agp440 - ok
18:43:10.0553 0x0a04  [ D1BE8E6E5B3AF23A4393AF1BF867977A, B3AE97D35A9304198715D76F6C3F0545AA176FDEBA6C2055782558B11DFA14EB ] ALG             C:\WINDOWS\System32\alg.exe
18:43:10.0558 0x0a04  ALG - ok
18:43:10.0593 0x0a04  [ 025E8C755BE293E50854D26D1BBE5133, 4373639689306A3D8FE0F862072711BAD5DBAA45E105CD3129586439A90EE070 ] AllUserInstallAgent C:\WINDOWS\system32\AUInstallAgent.dll
18:43:10.0600 0x0a04  AllUserInstallAgent - ok
18:43:10.0642 0x0a04  [ 33D72262D51147E9C7B48B6B68606B95, F5CC2D62D42A8E05F0E3AB35AA11FB85D626D19862A6D13E25CE142220D5C038 ] AMD External Events Utility C:\WINDOWS\system32\atiesrxx.exe
18:43:10.0653 0x0a04  AMD External Events Utility - ok
18:43:10.0694 0x0a04  [ 5A81054B824004B1ECC04F0034A1CDF9, 73A1986A4B346C425157216EBF16CC90EFFC642EDF6109E6364CF0552E3388FD ] AmdK8           C:\WINDOWS\System32\drivers\amdk8.sys
18:43:10.0699 0x0a04  AmdK8 - ok
18:43:11.0328 0x0a04  [ ABFA41E79C787CEF4985BFAE5FCE3BC3, A9BACDCFB9E4553CBA0FDB02BB6AE5808D874EAFFC35D796F18CB8060103F8D1 ] amdkmdag        C:\WINDOWS\system32\DRIVERS\atikmdag.sys
18:43:11.0906 0x0a04  amdkmdag - ok
18:43:12.0023 0x0a04  [ 613E9491066C299B31E2AE7326527A6E, BE466465CDC0CC2D7FCDC32F9A732F8878DD908FC1019115BA4ED125B4A46A4D ] amdkmdap        C:\WINDOWS\system32\DRIVERS\atikmpag.sys
18:43:12.0058 0x0a04  amdkmdap - ok
18:43:12.0099 0x0a04  [ B849D453E644FAB9BC8EF6DC8CA9C4C6, B803CDA478D3385937C44CBB05A0E65ABACEFEBA682975787C44E2904FB89D2D ] AmdPPM          C:\WINDOWS\System32\drivers\amdppm.sys
18:43:12.0111 0x0a04  AmdPPM - ok
18:43:12.0173 0x0a04  [ 35A0EB5AECB0FA3C41A2FB514A562304, 737783ABF348288471AC7051D4DC6CB336D686C94EC7B8938DCA74AFE9BECB1C ] amdsata         C:\WINDOWS\system32\drivers\amdsata.sys
18:43:12.0215 0x0a04  amdsata - ok
18:43:12.0241 0x0a04  [ 00452671904F5EE94B50BF0219C97164, 99F9B86D3DB3E10B014120A63CD43CBAAB22C8E38851090ABE37D89ABD61F7B6 ] amdsbs          C:\WINDOWS\system32\drivers\amdsbs.sys
18:43:12.0252 0x0a04  amdsbs - ok
18:43:12.0276 0x0a04  [ EA3FFE53E92E59C87E3ECA9BEB20D9B7, DC0B8B798720F5F75F8AFD3383CF69194282AEEE84DCACB97382F4C86E1D3E49 ] amdxata         C:\WINDOWS\system32\drivers\amdxata.sys
18:43:12.0279 0x0a04  amdxata - ok
18:43:12.0306 0x0a04  [ C34265B45F8425D3401DA986CC6A1D2C, 9EB0CAADD5EB0C031B58F836B0FE5DD64B9320DCE462120C83F1A77D6B100E47 ] amd_sata        C:\WINDOWS\system32\drivers\amd_sata.sys
18:43:12.0310 0x0a04  amd_sata - ok
18:43:12.0333 0x0a04  [ DFD313793E08048D5F6CAEB9086A5673, AF919FE15F1FE908689C75ECD8059ADA26431E37ABEE3BCA77F673674B305152 ] amd_xata        C:\WINDOWS\system32\drivers\amd_xata.sys
18:43:12.0335 0x0a04  amd_xata - ok
18:43:12.0350 0x0a04  [ 83B3682CE922FB0F415734B26D9D6233, 9102E8B410BB1AE426770896B6AB584D1F02830337FBB2DEC182F3F19832F35F ] AppID           C:\WINDOWS\system32\drivers\appid.sys
18:43:12.0355 0x0a04  AppID - ok
18:43:12.0387 0x0a04  [ CE2BEAD7F31816FF0AC490D048C969F9, 7D24C5A9E8F7C21CC6D8BF2CA29A8B79DDE7EEDE2F37D36B9071ECE1CF61371F ] AppIDSvc        C:\WINDOWS\System32\appidsvc.dll
18:43:12.0390 0x0a04  AppIDSvc - ok
18:43:12.0428 0x0a04  [ 4F750B7EFCB6520AE01E01D082D7D476, AD2A67D727A1D4DD0BBACC6B4BB432FA9A14D50D8BA292B95A4747CEC9F85728 ] Appinfo         C:\WINDOWS\System32\appinfo.dll
18:43:12.0433 0x0a04  Appinfo - ok
18:43:12.0483 0x0a04  [ E933401B392387F4BE34DE8BAF1722A7, 57CC6DE31E2C82D2B12509F0A5EC9EC70DD2EF6A1F31A66ADF62DC6AE0A67323 ] arc             C:\WINDOWS\system32\drivers\arc.sys
18:43:12.0489 0x0a04  arc - ok
18:43:12.0504 0x0a04  [ 07CA323EF2E8247A568AB0F3662AD644, 1224B41193F0E9B164732BA5BF707A13427C82C1D8C3EDC2AAE5C5C75454B9F6 ] arcsas          C:\WINDOWS\system32\drivers\arcsas.sys
18:43:12.0510 0x0a04  arcsas - ok
18:43:12.0521 0x0a04  [ 74DBAEC35366C4EE7670428808715A6A, 3B3A7A81CD8038C4750560B94A9247C4409410780B312BA71EDF2E393DCA7474 ] AsyncMac        C:\WINDOWS\system32\DRIVERS\asyncmac.sys
18:43:12.0523 0x0a04  AsyncMac - ok
18:43:12.0534 0x0a04  [ A721FF570C2387E383BDDEA9632863C9, 45DD7787F44A2C742560FEB03AB66910C2F0002D95BB02C55EEDE973AA92AD24 ] atapi           C:\WINDOWS\system32\drivers\atapi.sys
18:43:12.0536 0x0a04  atapi - ok
18:43:12.0570 0x0a04  [ 1E71A166547A110CD66EA44326DB4552, F66502ACBB50760EB0A676CB2560A539511935F016CBA2747C554F709D3FA1FE ] AthBTPort       C:\WINDOWS\system32\DRIVERS\btath_flt.sys
18:43:12.0576 0x0a04  AthBTPort - ok
18:43:12.0671 0x0a04  [ C8318A083DE9D8FFCA6E70D3E183490A, 6F8F81F51428B1213C70A3183B436B4DDE2950517B7D22642A7453A1980ACAFB ] AtherosSvc      C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\adminservice.exe
18:43:12.0681 0x0a04  AtherosSvc - ok
18:43:12.0878 0x0a04  [ B21B37989D3B6E8A54A703DFE13A42D6, B199D9812583D79D3043F63B5FFBC3BA51245A6C9FE9C0DF3D094631A89AB76E ] athr            C:\WINDOWS\system32\DRIVERS\athw8x.sys
18:43:13.0062 0x0a04  athr - ok
18:43:13.0127 0x0a04  [ B18397F6E3BAF5D26DDAD3B3CC192018, F9D7AE4CDB7FD0B692F517EFFF1D54D14D7338DE93F0E7888FB2BF3EFB3171DB ] AthrSdSrv       C:\WINDOWS\system32\DRIVERS\athrsd.sys
18:43:13.0130 0x0a04  AthrSdSrv - ok
18:43:13.0160 0x0a04  [ 005D1AA28FFAA7FB327842B3CAFF726E, F61DC6DE76699DFED378ED96F87019F6DFAC1697AA86679556700D43581DDE61 ] AtiHDAudioService C:\WINDOWS\system32\drivers\AtihdW86.sys
18:43:13.0165 0x0a04  AtiHDAudioService - ok
18:43:13.0213 0x0a04  [ BCD7A47EF587DC00DD61D12D9C2D1E44, 95BC9AC8BA8A86DB5C7A6317002BD9872F193B401A0C58DF252DCF3D4A7541E2 ] AudioEndpointBuilder C:\WINDOWS\System32\AudioEndpointBuilder.dll
18:43:13.0222 0x0a04  AudioEndpointBuilder - ok
18:43:13.0290 0x0a04  [ 599B3F685A263A114FFAF3BE29C49C75, 579E9561BA8537888E061E303F3F89E2E6F8B8DED74369C3767DB10B35CD45E8 ] Audiosrv        C:\WINDOWS\System32\Audiosrv.dll
18:43:13.0335 0x0a04  Audiosrv - ok
18:43:13.0378 0x0a04  [ 89491EF71D5EA011127832C588002853, 05620E4235956D8446FB9604F930738C8AA97E3A74C907E37F7CC08B8EDA0461 ] AxInstSV        C:\WINDOWS\System32\AxInstSV.dll
18:43:13.0385 0x0a04  AxInstSV - ok
18:43:13.0444 0x0a04  [ 87AB5BB072A3F128541D5B815F82FFDD, 186AF33D3DE90638C3E165CAC3DA17295E8A80CDB523F9BE4AF7D38CA6954905 ] b06bdrv         C:\WINDOWS\system32\drivers\bxvbda.sys
18:43:13.0478 0x0a04  b06bdrv - ok
18:43:13.0515 0x0a04  [ 81703BC5D68DEDBB086C2368FBE7B334, CFD4A55C8045C482F8D410514F3211AEFA00097AB395F5A04BFE983ED6254F6B ] BasicDisplay    C:\WINDOWS\System32\drivers\BasicDisplay.sys
18:43:13.0518 0x0a04  BasicDisplay - ok
18:43:13.0544 0x0a04  [ 5EC68164E14D25675C98BBB5F09E8606, 1D7EDB21C87039FC5F39F46460AD852BC4EC6B179B1C205D189DD3C397343435 ] BasicRender     C:\WINDOWS\System32\drivers\BasicRender.sys
18:43:13.0556 0x0a04  BasicRender - ok
18:43:13.0605 0x0a04  [ 89143A7BA7850F5C7E61B43BB44B6418, 00BB781DF87D4FF1BAFD318AFE237296B4F5925023BA4486405EC0A384C88D8F ] BDESVC          C:\WINDOWS\System32\bdesvc.dll
18:43:13.0615 0x0a04  BDESVC - ok
18:43:13.0634 0x0a04  [ 9E7AEA59776D904607985AFFE7E5E183, C3DB745A9F4DA7CB9628A7913DD52B2444B14FEB9D588FF6558CF52CEB8955EB ] Beep            C:\WINDOWS\system32\drivers\Beep.sys
18:43:13.0636 0x0a04  Beep - ok
18:43:13.0701 0x0a04  [ 53AA55632B94622F2DC3695E86EF9363, 9B5BB8EDA48A37AE97BCD42D83B25A6D10AA6231EABE745DCCE6D60E19094A6F ] BFE             C:\WINDOWS\System32\bfe.dll
18:43:13.0732 0x0a04  BFE - ok
18:43:13.0933 0x0a04  [ F10EFCE086C794F8A7C2C7A3EA52AC5F, 498C4A75DCC560CE1A6B7F671572A4CB2F4D5EA402E45399B7CF471CFBC48241 ] BHDrvx64        C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\BASHDefs\20140801.001_6ff\BHDrvx64.sys
18:43:14.0013 0x0a04  BHDrvx64 - ok
18:43:14.0075 0x0a04  [ D598C44A7072D3108D8D8102EC5E07F7, D7472E9BAAB7B6E1D30F4E153412E2A16EE5C08DE2BF8BFF4D65089825226FE0 ] BITS            C:\WINDOWS\System32\qmgr.dll
18:43:14.0154 0x0a04  BITS - ok
18:43:14.0177 0x0a04  [ B17AC10B47C7FCB44D22A1F06415840E, 990D6F629D93F4F913D218ACE5187A26DCB762BAFB2BB279CCE8CAF2755D85A5 ] bowser          C:\WINDOWS\system32\DRIVERS\bowser.sys
18:43:14.0183 0x0a04  bowser - ok
18:43:14.0227 0x0a04  [ 038FA1B55531E7020DB705B42FCCE373, 023E87E3204D64890D6FEA78E762E5BC5BD0A59325EBC264834727779EEEDBC5 ] BrokerInfrastructure C:\WINDOWS\System32\bisrv.dll
18:43:14.0236 0x0a04  BrokerInfrastructure - ok
18:43:14.0272 0x0a04  [ 310068BDA80B1D55C36580FD8A873FAF, A75412FF1F483461F526E9A359DCEECA5E683441514464D5ED82D1A9740D583E ] Browser         C:\WINDOWS\System32\browser.dll
18:43:14.0280 0x0a04  Browser - ok
18:43:14.0339 0x0a04  [ 5ED7B1EE371751CF2ACAE89E7FC566FA, 965A4A754D8418F1DCF421277799754D55D78F8AD6652C56879D22208F5B5DCA ] BTATH_A2DP      C:\WINDOWS\system32\drivers\btath_a2dp.sys
18:43:14.0355 0x0a04  BTATH_A2DP - ok
18:43:14.0383 0x0a04  [ 31BDF24D1C9213A0E891568FE643C79C, DA6C06A282934E87D4BB8E4356C76898B5AAC79C1634440CE09514F22EE3112B ] btath_avdt      C:\WINDOWS\system32\drivers\btath_avdt.sys
18:43:14.0389 0x0a04  btath_avdt - ok
18:43:14.0413 0x0a04  [ C6978F7EBA6F37D626482AC6B9390630, B4BF939AB9962A61DE9518604C20347DC2A6FCDCEB3D8AEF295AF12E6F2CDCF3 ] BTATH_BUS       C:\WINDOWS\System32\drivers\btath_bus.sys
18:43:14.0415 0x0a04  BTATH_BUS - ok
18:43:14.0444 0x0a04  [ 4AF7C20F94DAC343C01ED671C82DCB99, 2AABD85D9D76461DE883E0F13F61C391BA81E6198FF88268B319474E25A196C8 ] BTATH_HCRP      C:\WINDOWS\System32\drivers\btath_hcrp.sys
18:43:14.0453 0x0a04  BTATH_HCRP - ok
18:43:14.0479 0x0a04  [ 785C38070043BEEE9E9D591DE4067244, 1C8D15B8A9E80A2799E7094C4AE111FEA9FBC6EAA4A61B13EFE59314C9794949 ] BTATH_LWFLT     C:\WINDOWS\system32\DRIVERS\btath_lwflt.sys
18:43:14.0483 0x0a04  BTATH_LWFLT - ok
18:43:14.0516 0x0a04  [ 31EC5FC3FC5CB273F2709AAF4AD88ED4, 804401CEBBB24443AE0A304FCF5CB6B0D7679BA7FC5DC3BFF968B0B44FE34EC1 ] BTATH_RCP       C:\WINDOWS\System32\drivers\btath_rcp.sys
18:43:14.0523 0x0a04  BTATH_RCP - ok
18:43:14.0569 0x0a04  [ 0D70E980F91FDBF3DB55922CECCE4616, 8800CBFB91CFDE6980D689F928E259298330DF91357F0DDD9D6E51D4462AD144 ] BtFilter        C:\WINDOWS\system32\DRIVERS\btfilter.sys
18:43:14.0603 0x0a04  BtFilter - ok
18:43:14.0635 0x0a04  [ 6695200F455E251F0BCC9CE4D0978D59, 4DB2F967E449581A9330EF43E794B45B93581564B20C5B991FC1EC665A640D69 ] BthAvrcpTg      C:\WINDOWS\System32\drivers\BthAvrcpTg.sys
18:43:14.0638 0x0a04  BthAvrcpTg - ok
18:43:14.0680 0x0a04  [ A8B20D852B07AE19A13B5D47EC4E4C3B, 86571C9E2BA15BB169CAB2D24C4D0598154C02FD173638CAFC685A7F6B09472D ] BthEnum         C:\WINDOWS\System32\drivers\BthEnum.sys
18:43:14.0684 0x0a04  BthEnum - ok
18:43:14.0699 0x0a04  [ 616EB8748C988AEE98D93DA141C3D3B4, 15A055B0496BDB29CBCF6EEBF112D4BA1C7A2FF39124728830D0FD1FD7A404CB ] BthHFEnum       C:\WINDOWS\System32\drivers\bthhfenum.sys
18:43:14.0703 0x0a04  BthHFEnum - ok
18:43:14.0716 0x0a04  [ DCB4EBD928A6FB368BE6CAE522412DE1, 9E1345F29467054689B9F48B5CCB567760D36610A4EA9AF41B829EAD60347269 ] bthhfhid        C:\WINDOWS\System32\drivers\BthHFHid.sys
18:43:14.0720 0x0a04  bthhfhid - ok
18:43:14.0752 0x0a04  [ 42201C346F0B8C458E1E9CDE04D68A2C, 6168FD0D10CD06B00B5C79D5D2B5C353AAC22FD99CE8D417DDBA33ED63CFB8BF ] BthLEEnum       C:\WINDOWS\system32\DRIVERS\BthLEEnum.sys
18:43:14.0761 0x0a04  BthLEEnum - ok
18:43:14.0773 0x0a04  [ 033916CE8784A848B9A3D686B7F66D97, B4D0514D59646CF6B70D4FA488CF95C38EA38CC5C509329CC8753E897C640AFA ] BTHMODEM        C:\WINDOWS\System32\drivers\bthmodem.sys
18:43:14.0777 0x0a04  BTHMODEM - ok
18:43:14.0791 0x0a04  [ 091BB978E9504D0AD14586929431A957, ACED02B879026A228E35F40847C210BC30A5AFC948FFE922DB21663E4A8DFF1D ] BthPan          C:\WINDOWS\system32\DRIVERS\bthpan.sys
18:43:14.0798 0x0a04  BthPan - ok
18:43:14.0884 0x0a04  [ 13795CAA34239D97A7211E7F9D96E012, C4F3402B063A7CFCE386D1AE9255975A199164BA9E7DCDB6129725213A0642B1 ] BTHPORT         C:\WINDOWS\System32\Drivers\BTHport.sys
18:43:14.0952 0x0a04  BTHPORT - ok
18:43:14.0980 0x0a04  [ A4387C3D271959313E2577DB7BE8BA7A, C71474802102102EBE04DF036EEB2F5FB3380BE288E3842F19F234EFAE977D70 ] bthserv         C:\WINDOWS\system32\bthserv.dll
18:43:14.0986 0x0a04  bthserv - ok
18:43:15.0023 0x0a04  [ 1F715957F5236D30B6020A19A4271F6A, C06B637C2C6919E2DE1055AE249AE3EAF7B4890799F22BF5757CC10CEF145043 ] BTHUSB          C:\WINDOWS\System32\Drivers\BTHUSB.sys
18:43:15.0046 0x0a04  BTHUSB - ok
18:43:15.0152 0x0a04  [ 0510396A957E9FD7205BA62D3CAE4528, C80C39EB3A87C5111132E96E966CF74ACABA36DE7714B545A707027D35995792 ] ccSet_N360      C:\WINDOWS\system32\drivers\N360x64\1504000.00D\ccSetx64.sys
18:43:15.0160 0x0a04  ccSet_N360 - ok
18:43:15.0214 0x0a04  [ E41F70406C34F1CB667B4B27D81AD162, 8869C7EB9CBF68B90640765D15DB5B8DACEF45025C1E580AA94D96E32560274B ] ccSet_NARA      C:\WINDOWS\system32\drivers\NARAx64\0401000.00E\ccSetx64.sys
18:43:15.0221 0x0a04  ccSet_NARA - ok
18:43:15.0257 0x0a04  [ 990B1BABE6E81FB18E65A87EBEFB1772, 1820D4AC57E1D4B7FB5AA89C277B16910ED73712878D2B43FE542CE16DFE16C3 ] cdfs            C:\WINDOWS\system32\DRIVERS\cdfs.sys
18:43:15.0263 0x0a04  cdfs - ok
18:43:15.0292 0x0a04  [ 339BFF85D788268752DA8C9644B188EE, C2279F1A39AED39865A5027D2FD087F8E82F3ED8C94BA4D922855B98E792AFC5 ] cdrom           C:\WINDOWS\System32\drivers\cdrom.sys
18:43:15.0301 0x0a04  cdrom - ok
18:43:15.0335 0x0a04  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] CertPropSvc     C:\WINDOWS\System32\certprop.dll
18:43:15.0343 0x0a04  CertPropSvc - ok
18:43:15.0354 0x0a04  [ F64B7D1A37CC1D5F421D5359EEC81E2E, 2B4879DD32B2C20B94847755E22B1BCBE2B567B3989C57A9BA2DD783307EFFDB ] circlass        C:\WINDOWS\System32\drivers\circlass.sys
18:43:15.0358 0x0a04  circlass - ok
18:43:15.0395 0x0a04  [ 9905168708DB68849B879B5548F68AB3, B7A495E57B9398704988DC472126CBC5B8D76761A34F51732FBF6CC88E3AB79A ] CLFS            C:\WINDOWS\system32\drivers\CLFS.sys
18:43:15.0410 0x0a04  CLFS - ok
18:43:15.0466 0x0a04  [ 2DC8538A2260647484A6C921CA837313, 094059DD66B0C50A1CAE288F920107B0B6AD1AA5758284E35B92C131EDEA30EA ] CmBatt          C:\WINDOWS\System32\drivers\CmBatt.sys
18:43:15.0478 0x0a04  CmBatt - ok
18:43:15.0625 0x0a04  [ DBF9E5346431557BF56F41E7F8EC0DC1, D5FA34C873DA9BE40301D53198355556506AB5145B78B14D0AA88570A0058589 ] CNG             C:\WINDOWS\system32\Drivers\cng.sys
18:43:15.0660 0x0a04  CNG - ok
18:43:15.0702 0x0a04  [ 0E5B1E9E7122EDAAF1F6CE047965CA92, 803E585B92D1E2E5B6BF67BE511E88DC2629A12407C3E30F7AEFB544D390A9B8 ] CompositeBus    C:\WINDOWS\System32\drivers\CompositeBus.sys
18:43:15.0705 0x0a04  CompositeBus - ok
18:43:15.0716 0x0a04  COMSysApp - ok
18:43:15.0731 0x0a04  [ D9CB0782AF819548072AA45B70F8B22D, 04796F39ABB88759A534DE3D0C51F684BF2A8DE1F4028B657CCFDBDD39A6618C ] condrv          C:\WINDOWS\system32\drivers\condrv.sys
18:43:15.0734 0x0a04  condrv - ok
18:43:15.0770 0x0a04  [ 5CE2742F063731EC10C1B2EE386A2C08, 309919BDDD4649AFB95A99DCF8AFC3BAE10F9BC1E2819C0794CFD0F80682C223 ] CryptSvc        C:\WINDOWS\system32\cryptsvc.dll
18:43:15.0775 0x0a04  CryptSvc - ok
18:43:15.0804 0x0a04  [ FAEF4C245BE832DB41B15DAAC336AFB7, 1F8C98AB0DF4327FCB01FE0356025488E19B48A45FFFA50576B49A8587FAC42B ] dam             C:\WINDOWS\system32\drivers\dam.sys
18:43:15.0808 0x0a04  dam - ok
18:43:15.0883 0x0a04  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] DcomLaunch      C:\WINDOWS\system32\rpcss.dll
18:43:15.0929 0x0a04  DcomLaunch - ok
18:43:15.0974 0x0a04  [ C8650D1F61149AA546BDBC99172EBBC1, D9592ED1B6F23B6EC76A0B93635B6E38702311B0A6982F0F9DEC37FCDAF1288B ] defragsvc       C:\WINDOWS\System32\defragsvc.dll
18:43:15.0990 0x0a04  defragsvc - ok
18:43:16.0024 0x0a04  [ 5EAEF67AE2AF4D2DC664B649DB7B2E16, ADAC7FD6AC12B50F4998C5EB0BD770DD4B80A94C4CC1B9376AD77648E48D012D ] DeviceAssociationService C:\WINDOWS\system32\das.dll
18:43:16.0040 0x0a04  DeviceAssociationService - ok
18:43:16.0118 0x0a04  [ D06DB4200F9444B2386E6C0E68CD574A, 7266A22D6AF86813CF8AB13BE40384D20C24CE72EF75B0C467C5F88F5B058B1E ] DeviceFastLaneService C:\Program Files\Packard Bell\Packard Bell Device Fast-lane\DeviceFastLaneSvc.exe
18:43:16.0138 0x0a04  DeviceFastLaneService - ok
18:43:16.0171 0x0a04  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] DeviceInstall   C:\WINDOWS\system32\umpnpmgr.dll
18:43:16.0180 0x0a04  DeviceInstall - ok
18:43:16.0218 0x0a04  [ 431141C6859990824D17F71C30A78728, 448B3DC20C8FDD5B66217E0E01DBCC4904F94BDA0826F109D139DDD2C2D7FBF2 ] Dfsc            C:\WINDOWS\system32\Drivers\dfsc.sys
18:43:16.0224 0x0a04  Dfsc - ok
18:43:16.0265 0x0a04  [ 9E0E72222264745ADEB0E5AC680B0ED6, 576AFC8741695396A3B8E9DBDD3703E9D70370437D09D162262E47A140D101B4 ] Dhcp            C:\WINDOWS\system32\dhcpcore.dll
18:43:16.0289 0x0a04  Dhcp - ok
18:43:16.0325 0x0a04  [ 3C736FAE17BA6F91BA37594AAB139CD0, 34304A194105B19E7ADD80108DC85C3B7AA9E942C84A7EF93C475CE1D9AE4615 ] discache        C:\WINDOWS\system32\drivers\discache.sys
18:43:16.0328 0x0a04  discache - ok
18:43:16.0371 0x0a04  [ AE3786294CC246A5403783E1B86A0168, 29A7B4B490CBB16DAEF5D67D0A58A2577CF3FEE8F889484DB867F6913D9D2A28 ] disk            C:\WINDOWS\system32\drivers\disk.sys
18:43:16.0376 0x0a04  disk - ok
18:43:16.0507 0x0a04  [ 4C659CCED934CEF8FEB731949052320D, 49EA4444059E6B95EF7A0B02C2D9FEB318FCE31ED412738B22E08EE7344423F0 ] DiskDoctorService C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\Disk Doctor\DiskDoctorSrv.exe
18:43:16.0574 0x0a04  DiskDoctorService - ok
18:43:16.0613 0x0a04  [ 82A7C72593793FE1EADA7A305BD1567A, 75F432E4C75AE9EFF553BD860B3B250853BDDA85C17DBD9B7242D74593506A86 ] dmvsc           C:\WINDOWS\System32\drivers\dmvsc.sys
18:43:16.0616 0x0a04  dmvsc - ok
18:43:16.0660 0x0a04  [ 066B9710B36AB550E01EEFCA52155968, DCA9F3F4856A6866D3F5A2EEE34E96A83F40198DB0B5AC6381A7568DE1F56FAB ] Dnscache        C:\WINDOWS\System32\dnsrslvr.dll
18:43:16.0672 0x0a04  Dnscache - ok
18:43:16.0715 0x0a04  [ 9949AD2ABA168A618D46C799D6CC898C, DFAC86A0AEE83C9EFE1BEE9EC15C8CAF1D619D55AF3ACC3986057A5AC985D06A ] dot3svc         C:\WINDOWS\System32\dot3svc.dll
18:43:16.0727 0x0a04  dot3svc - ok
18:43:16.0755 0x0a04  [ 109FC3F80BF4F4DC5A071058074F13C1, F30736F45BA1811D59E9CB1C172D8D1EA9F5A7D36DCFFBFC9E7E02448C1CF851 ] DPS             C:\WINDOWS\system32\dps.dll
18:43:16.0766 0x0a04  DPS - ok
18:43:16.0799 0x0a04  [ 9C7C183F937951AE17C5B8B3259CF3FF, 8ED607139F15D08B4835ACF864421BA4C08C88FE90B9AAF707F5D8514D7731B1 ] drmkaud         C:\WINDOWS\system32\drivers\drmkaud.sys
18:43:16.0800 0x0a04  drmkaud - ok
18:43:16.0838 0x0a04  [ F87F4AAAF6664906248D11D5E579A53B, F283932F68ED93891EEF00C18724359AB7057E922A3CDC8BC6F33F84D2B0BEE5 ] DsmSvc          C:\WINDOWS\System32\DeviceSetupManager.dll
18:43:16.0848 0x0a04  DsmSvc - ok
18:43:16.0947 0x0a04  [ E6AF4DF1817953D73C519B17CF849756, 26A90EB368A3F572086F223ABED87B8FC6F998AE401C9E52BEB5EE76AB052702 ] DXGKrnl         C:\WINDOWS\System32\drivers\dxgkrnl.sys
18:43:17.0026 0x0a04  DXGKrnl - ok
18:43:17.0059 0x0a04  [ 58BA473DD88F5FC1932282BA683AA03E, B8A4407D3006D91BE88F9C5389AC1CACC73BEBF6F66433A1E5EB8E58E8836C12 ] Eaphost         C:\WINDOWS\System32\eapsvc.dll
18:43:17.0066 0x0a04  Eaphost - ok
18:43:17.0247 0x0a04  [ 5AB97B3282D7D6114949D1EB5C8598E4, FB9449CC1CDC12C12AA0469BB6ACC770CB011250EDFD86E9600E754610608EFD ] ebdrv           C:\WINDOWS\system32\drivers\evbda.sys
18:43:17.0404 0x0a04  ebdrv - ok
18:43:17.0504 0x0a04  [ 5E346ADBAD5110EAB2E9808ABE877A00, 4B72C34E41B8AA15D166F65B5A037A1230A9FF65F827D18A57E2198573616EAD ] eeCtrl          C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\eeCtrl64.sys
18:43:17.0526 0x0a04  eeCtrl - ok
18:43:17.0561 0x0a04  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] EFS             C:\WINDOWS\System32\lsass.exe
18:43:17.0566 0x0a04  EFS - ok
18:43:17.0606 0x0a04  [ 66D60BD9A4C05616ABECA2A901475098, 8111550DB03FFD72F1822F47B16F075DA92874B64F19342D7CF60B0EE648AFEF ] EhStorClass     C:\WINDOWS\system32\drivers\EhStorClass.sys
18:43:17.0610 0x0a04  EhStorClass - ok
18:43:17.0631 0x0a04  [ A61D0F543024E458C0FE32352E1978E2, BDE6BC140300EAF790F16466C28897CE0BD7D94DCED13FDE20AA4AACA0F6A4FD ] EhStorTcgDrv    C:\WINDOWS\system32\drivers\EhStorTcgDrv.sys
18:43:17.0637 0x0a04  EhStorTcgDrv - ok
18:43:17.0725 0x0a04  [ 616E1B9130314EB0E331197940AA625B, A4736A31EFF6D35A27B0EC14A7C855B7577301500E20CE936B0F1C0013F0FDF0 ] ePowerSvc       C:\Program Files\Packard Bell\Packard Bell Power Management\ePowerSvc.exe
18:43:17.0752 0x0a04  ePowerSvc - ok
18:43:17.0798 0x0a04  [ 773ACF5823046FA40D7FD898559A7228, 7DF39C42F781E7864CC791E3449CCDF0124930D128D168E8F9C80374640FFBE7 ] EraserUtilRebootDrv C:\Program Files (x86)\Common Files\Symantec Shared\EENGINE\EraserUtilRebootDrv.sys
18:43:17.0820 0x0a04  EraserUtilRebootDrv - ok
18:43:17.0838 0x0a04  [ D790D058D67582DB9C84C2D33695FE6B, A5763D7F6D191EA4B290B3E92D842AC36FD46DF598472E70B46E45D8CCD2F912 ] ErrDev          C:\WINDOWS\System32\drivers\errdev.sys
18:43:17.0840 0x0a04  ErrDev - ok
18:43:17.0914 0x0a04  [ F9E01C2D9F8BC049E04CF5DC24A5F638, CB6CCB59C77D4A59DDA846608AABEF1DFEC24C8422712AB8D59E27C13D731D2E ] EventSystem     C:\WINDOWS\system32\es.dll
18:43:17.0937 0x0a04  EventSystem - ok
18:43:17.0979 0x0a04  [ 7A4D6FEB8C52B3FE855E4DCDF9107E03, 6B0146A4C9AD32DCDC2DEE8E8C5A29F687665458486449E0D37B151ED63B8ADC ] exfat           C:\WINDOWS\system32\drivers\exfat.sys
18:43:17.0988 0x0a04  exfat - ok
18:43:18.0014 0x0a04  [ 60996602A7111FD2D086E803F33E4282, E62A91C90F8542990BEA4E6A5D9DD3D070F4EB23B4C13414C5DA2B0219509749 ] fastfat         C:\WINDOWS\system32\drivers\fastfat.sys
18:43:18.0024 0x0a04  fastfat - ok
18:43:18.0074 0x0a04  [ F0E7F8382ED5E138B0DFA4CB5058BCFE, 6247C7B75F975F5AB080FFB9881EF58A6F360219F7AF2DE871F38E80CAF3B62C ] Fax             C:\WINDOWS\system32\fxssvc.exe
18:43:18.0120 0x0a04  Fax - ok
18:43:18.0146 0x0a04  [ 73B2D11DF0B6E03A0CB0323218ACB3E4, BA9256919BAA2E0760F6A658B557FDC389ACE8F9820D1A41FD995FC5613F5AA6 ] fdc             C:\WINDOWS\System32\drivers\fdc.sys
18:43:18.0148 0x0a04  fdc - ok
18:43:18.0171 0x0a04  [ 0828E3E7BD77C89149EAD3232BFD38DB, A6A296647A4EDBFF59124E3A9C0AB48759AA1738615ACFA5A454FF6BD3C31BA2 ] fdPHost         C:\WINDOWS\system32\fdPHost.dll
18:43:18.0175 0x0a04  fdPHost - ok
18:43:18.0190 0x0a04  [ 872506AAB591E8908DF4461475AF92DF, 772F2D08CB95775E438822B9EA005CBA92ED4071ADAB2C0101156A7D037D4704 ] FDResPub        C:\WINDOWS\system32\fdrespub.dll
18:43:18.0194 0x0a04  FDResPub - ok
18:43:18.0233 0x0a04  [ 0588950D93A426F97C7AAADB1A9B0458, ABCB3619BD58CAC438FC032495AE45A7B6FFDD4BD33C1B3D1BC7F9F13FCB727A ] fhsvc           C:\WINDOWS\system32\fhsvc.dll
18:43:18.0241 0x0a04  fhsvc - ok
18:43:18.0260 0x0a04  [ 88A9EBACD1058ABB237A6B4E96E7F397, 263D25D33B679EB01D97763701347C31B2F72E28CE2C7EC8013EA77756D98BE1 ] FileInfo        C:\WINDOWS\system32\drivers\fileinfo.sys
18:43:18.0265 0x0a04  FileInfo - ok
18:43:18.0283 0x0a04  [ 9E4EE3A0B00FF7D5F42A4AF9744CBA02, 1D7BFB00D74A28AC13ECBA1E0036D50EE79266AC02CEDB2632466BF9DD46F211 ] Filetrace       C:\WINDOWS\system32\drivers\filetrace.sys
18:43:18.0286 0x0a04  Filetrace - ok
18:43:18.0301 0x0a04  [ B1D4C168FF7B8579E3745888658FFB1D, 1A5C13E902A0C788A8B995ADD2FBC3303005911C0AA3F3F4497D3016AA0EF583 ] flpydisk        C:\WINDOWS\System32\drivers\flpydisk.sys
18:43:18.0304 0x0a04  flpydisk - ok
18:43:18.0345 0x0a04  [ B33EC133AE4E6C1881D2302D93D2467D, 77E3A16257EA3698B3FCD947D004144E8D1EEE48EF5C82DF49B1B9B2B3C61DB2 ] FltMgr          C:\WINDOWS\system32\drivers\fltmgr.sys
18:43:18.0361 0x0a04  FltMgr - ok
18:43:18.0454 0x0a04  [ 0BCDC0FF11B984162B0CF0FF6E9E0146, D44A3CECBA36B7A64854E244FA6B5E65047896BF9983D20B431410FBBA36697A ] FontCache       C:\WINDOWS\system32\FntCache.dll
18:43:18.0522 0x0a04  FontCache - ok
18:43:18.0593 0x0a04  [ 0B56259F5611787222A04A8F254E51D4, F77AEC0ACBFAF9154E32223B84B613229DACCD953AEBC3E96C27570F9AB10FD0 ] FontCache3.0.0.0 C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
18:43:18.0596 0x0a04  FontCache3.0.0.0 - ok
18:43:18.0614 0x0a04  [ A5F7873A39E4E9FAAAE59B7E9E36B705, 32036109F5A50E9F3BEF97C5B28AE8179B3A5E22517868A83CADE4671FF90DEC ] FsDepends       C:\WINDOWS\system32\drivers\FsDepends.sys
18:43:18.0618 0x0a04  FsDepends - ok
18:43:18.0649 0x0a04  [ A6DD7D491F587F4BC13FB972977DC8E8, B86F97F17F6F443EC16DEF67CCA4EF78AFE56078D2877838A982FECB19557C87 ] Fs_Rec          C:\WINDOWS\system32\drivers\Fs_Rec.sys
18:43:18.0651 0x0a04  Fs_Rec - ok
18:43:18.0691 0x0a04  [ C1646A95EAC515F60CDB2A7A8A013C1E, F559B83C02B17265EDE95DD497C1A94E402F07EC251FC47449F789907AFFED14 ] fvevol          C:\WINDOWS\system32\DRIVERS\fvevol.sys
18:43:18.0711 0x0a04  fvevol - ok
18:43:18.0731 0x0a04  [ A969D92973DFA895E7776B4BFE36DBB2, 7528E6983ECC59291A7A386E4E459B19D1593ABDDFFD276E2F01B0EA21693E20 ] FxPPM           C:\WINDOWS\System32\drivers\fxppm.sys
18:43:18.0733 0x0a04  FxPPM - ok
18:43:18.0745 0x0a04  [ 52BC441E07A827EBAB70CDC7EAEDB28D, 8DECBD8E12EA52039742599CFBBF0D3B6610B57EF8D9DAEEEA33D202A478D286 ] gagp30kx        C:\WINDOWS\system32\drivers\gagp30kx.sys
18:43:18.0749 0x0a04  gagp30kx - ok
18:43:18.0784 0x0a04  [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM     C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys
18:43:18.0787 0x0a04  GEARAspiWDM - ok
18:43:18.0823 0x0a04  [ 721F8EEF5E9747F32670DEFF7FB92541, E0A8EF70753E260C2C7D93D316B5EF9589DB086FDF829BDA2958C6A09CE471A6 ] gencounter      C:\WINDOWS\System32\drivers\vmgencounter.sys
18:43:18.0825 0x0a04  gencounter - ok
18:43:18.0856 0x0a04  [ FC2B8B06BDBD3B6457F5A3DA9AD2410E, 4BF196E1CAC94E9265EBEB68F41C3E29F0C709ECFF9420B5B1C9C82680D5D6A8 ] GPIOClx0101     C:\WINDOWS\system32\Drivers\msgpioclx.sys
18:43:18.0862 0x0a04  GPIOClx0101 - ok
18:43:18.0958 0x0a04  [ 5358678C6370F2ADC5291849F6503262, 841633D7A936C3889690C67E189BAD4C6B294C196FFFE5B564FCECDFE46A9E52 ] gpsvc           C:\WINDOWS\System32\gpsvc.dll
18:43:19.0026 0x0a04  gpsvc - ok
18:43:19.0082 0x0a04  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:19.0104 0x0a04  gupdate - ok
18:43:19.0126 0x0a04  [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
18:43:19.0131 0x0a04  gupdatem - ok
18:43:19.0174 0x0a04  [ 630555943E5A3FE21010CE91EC7FC84F, 20D7247A4363EE9E851501D89A466564ADCAEC304DE42280E4E09AD8499436A9 ] HdAudAddService C:\WINDOWS\system32\drivers\HdAudio.sys
18:43:19.0197 0x0a04  HdAudAddService - ok
18:43:19.0230 0x0a04  [ 7D87B5B6C7188D553E11B59DC7F0B111, FC633DB71E1D72E8AD8F89BBB54324CC6ED17F5594EF55DD0BDB58EE1F601FF5 ] HDAudBus        C:\WINDOWS\System32\drivers\HDAudBus.sys
18:43:19.0234 0x0a04  HDAudBus - ok
18:43:19.0264 0x0a04  [ 3F76BBA53D65E85A7F53E7A71082082C, D1E18815BB19CD11007C4A66162C76F55D4FE6B09B34ED45969C7ECC29D394AD ] HidBatt         C:\WINDOWS\System32\drivers\HidBatt.sys
18:43:19.0267 0x0a04  HidBatt - ok
18:43:19.0311 0x0a04  [ 085F150D002B7F0153D3C06DDF33A143, 41847FD02608ECFE3A6B4B38CBDE8416B0EF17491868511FD704B0BCC280338E ] HidBth          C:\WINDOWS\System32\drivers\hidbth.sys
18:43:19.0316 0x0a04  HidBth - ok
18:43:19.0327 0x0a04  [ CC4A07E51D89575CAB6F4EB590D87CD4, DFB4EAF0923EF9FF6C42EDD1EA5E4025F243C9BE2D03D5423FE8A897DC01D657 ] hidi2c          C:\WINDOWS\System32\drivers\hidi2c.sys
18:43:19.0330 0x0a04  hidi2c - ok
18:43:19.0360 0x0a04  [ DC96F7DACB777CDEAEF9958A50BFDA06, 7CE79F32D5EE65C0178CFF56523825D3EE01095B2CE8C67634A6604A821A9086 ] HidIr           C:\WINDOWS\System32\drivers\hidir.sys
18:43:19.0364 0x0a04  HidIr - ok
18:43:19.0389 0x0a04  [ FAC37D7B3D6354A5A5E19A45B50B4008, 2962B552A1DA545DFDEF0886582E82596FE8A3A19AAF989B025AFDA84D16D4EC ] hidserv         C:\WINDOWS\system32\hidserv.dll
18:43:19.0394 0x0a04  hidserv - ok
18:43:19.0430 0x0a04  [ 012C354B4AB48E9A7A657DF39E3A2073, B15D0089CE509FF1CF73DFE095425C1C99FC3971622DCAAD9CAEB989A12A4FDB ] HidUsb          C:\WINDOWS\System32\drivers\hidusb.sys
18:43:19.0432 0x0a04  HidUsb - ok
18:43:19.0464 0x0a04  [ 43F884B61A24377567CD0FEB35236334, B3BA36B527C8D6D83DE2FBCD8D503B87FD2611BF15B07A7BC138DC8BAE6A50C1 ] hkmsvc          C:\WINDOWS\system32\kmsvc.dll
18:43:19.0471 0x0a04  hkmsvc - ok
18:43:19.0497 0x0a04  [ 33DFC14DFDCCFA7AA10E392F6A8EC1CF, E6967F3F465C6E903221BC0FCBAE7D05FD18C0BF110D929335F5935364B3C1BC ] HomeGroupListener C:\WINDOWS\system32\ListSvc.dll
18:43:19.0511 0x0a04  HomeGroupListener - ok
18:43:19.0560 0x0a04  [ E0D9F6FE18FA7F53ADD29AF719CE2B7E, B965DCC72625188F3B896CB447B7696F22687266EAFC5AA270E2AD53DD9F324D ] HomeGroupProvider C:\WINDOWS\system32\provsvc.dll
18:43:19.0581 0x0a04  HomeGroupProvider - ok
18:43:19.0618 0x0a04  [ 64DB7A8D97CA53DCCF93D0A1E08342CF, 02CAB7F28D3830C482683425C60044239C6F1562556688A274CA2C237C846E76 ] HpSAMD          C:\WINDOWS\system32\drivers\HpSAMD.sys
18:43:19.0622 0x0a04  HpSAMD - ok
18:43:19.0689 0x0a04  [ F4A91D985EB9D1D2717D538F3424603C, 454AD2FF3A7963B9835AEF300F6672F92D0CCF59593BA2CCC83F0EC1446BB659 ] HTTP            C:\WINDOWS\system32\drivers\HTTP.sys
18:43:19.0734 0x0a04  HTTP - ok
18:43:19.0761 0x0a04  [ 2A98301068801700906C06649860FE94, 664394A52326289DCA0828B0041A105653F4FEF3E3DCCC3787AAE0F6FDC73A14 ] hwpolicy        C:\WINDOWS\system32\drivers\hwpolicy.sys
18:43:19.0763 0x0a04  hwpolicy - ok
18:43:19.0790 0x0a04  [ DC76901D82097C9E297F20C287CB9A27, 01A412D0D8A65050BE4250A7C4B9F98A4C43FD891827761E0C830369A5F9F09C ] hyperkbd        C:\WINDOWS\System32\drivers\hyperkbd.sys
18:43:19.0791 0x0a04  hyperkbd - ok
18:43:19.0801 0x0a04  [ 716413AB3CA12DE0A7222D28C1C9352C, B82B586BD9DBD70DDA19A02504E8CB00DA53677703AB848B53387601C5BAD3D3 ] HyperVideo      C:\WINDOWS\system32\DRIVERS\HyperVideo.sys
18:43:19.0804 0x0a04  HyperVideo - ok
18:43:19.0832 0x0a04  [ C9E9CBF73AFFBFE3E801EFB516787BA3, 1A850D614BDA6AA4195CC657702BC6242BA51B90131717743182AA160F65E72C ] i8042prt        C:\WINDOWS\System32\drivers\i8042prt.sys
18:43:19.0838 0x0a04  i8042prt - ok
18:43:19.0881 0x0a04  [ 5E394EBD26FD68AA9300332C46BEDD62, 56A5DA7CE08C07B519E55D0A46AA9D10B640349808EFE02B3278267B75B5F603 ] iaStorV         C:\WINDOWS\system32\drivers\iaStorV.sys
18:43:19.0899 0x0a04  iaStorV - ok
18:43:19.0983 0x0a04  [ F6F8CDA3CC5207BFD0B319A26E33ACD3, 6630DEE80A85DA972D3734A5D67E274AEE7042A73AB45E19E15DC989AE88459E ] IDSVia64        C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\IPSDefs\20140808.002\IDSvia64.sys
18:43:20.0018 0x0a04  IDSVia64 - ok
18:43:20.0057 0x0a04  [ 24847A06B84339FEEDE5CABF3D27D320, 7727B1DAD0D4A1D474FBBEFCEBDF36A1F07D1AA300869AE57A24ED91BF84B6B4 ] iirsp           C:\WINDOWS\system32\drivers\iirsp.sys
18:43:20.0061 0x0a04  iirsp - ok
18:43:20.0152 0x0a04  [ E455C83E029121270BED73CDAC381F37, 433D525C19DBF26FAC28853C606C872D973104842B0EF1B2BF2EAC85457E2953 ] IKEEXT          C:\WINDOWS\System32\ikeext.dll
18:43:20.0220 0x0a04  IKEEXT - ok
18:43:20.0416 0x0a04  [ 7D7711B0F972C73AE46105B42092D82E, AC66AE06B65C03BCEE2FF90732B13B651862382CDFEE85A6B5497DF3A2FF75A2 ] IntcAzAudAddService C:\WINDOWS\system32\drivers\RTKVHD64.sys
18:43:20.0586 0x0a04  IntcAzAudAddService - ok
18:43:20.0623 0x0a04  [ 4F37726CF764CA18A8A84F85EF3A7F24, 6212B23917526E127CE641A11A58DA93651FFE70829C4079FE465DBDC81CF470 ] intelide        C:\WINDOWS\system32\drivers\intelide.sys
18:43:20.0625 0x0a04  intelide - ok
18:43:20.0648 0x0a04  [ E15CDF68DD73423F15D4AC404793AF0D, E2D0136AF68D1A73EB3A63C83284B4661222CB0A4AFACCF276CB57CBD4850287 ] intelppm        C:\WINDOWS\System32\drivers\intelppm.sys
18:43:20.0653 0x0a04  intelppm - ok
18:43:20.0666 0x0a04  [ 8FCA66234A0933D796BB780B7953BAB9, 7DD677F5EE09A8D7A75C9E475B5E6B3DCA49D1E846C7D160B839D7029B1C5B6D ] IpFilterDriver  C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
18:43:20.0671 0x0a04  IpFilterDriver - ok
18:43:20.0735 0x0a04  [ C217B8D2E58C57A319B16125C3D4B69C, 905BB858E1782BD08FF080A4A604CE662440A15601B178FBD30269C306C04CCF ] iphlpsvc        C:\WINDOWS\System32\iphlpsvc.dll
18:43:20.0780 0x0a04  iphlpsvc - ok
18:43:20.0816 0x0a04  [ A4071DA3AE419F9694BFCB267C7DB8D7, 392DEE1DA51606C29418A98D2861F115E9F67C688B4281C53E87BA73A98809FB ] IPMIDRV         C:\WINDOWS\System32\drivers\IPMIDrv.sys
18:43:20.0821 0x0a04  IPMIDRV - ok
18:43:20.0845 0x0a04  [ 3969B9C218DD3FAA9F4ED2FFC3651C02, 93447F124CC55FB17055126432194153E1BB8F0FD95A47608494B6834A5F7089 ] IPNAT           C:\WINDOWS\system32\drivers\ipnat.sys
18:43:20.0852 0x0a04  IPNAT - ok
18:43:20.0871 0x0a04  [ 25CD7C4BB2863FFC2B0B311F0AEBF77C, 4099BAA2DB4ADB93B878D71E241B7D9EB7E0EE7ED0FE2450CCB9E4718B3726EB ] IRENUM          C:\WINDOWS\system32\drivers\irenum.sys
18:43:20.0873 0x0a04  IRENUM - ok
18:43:20.0883 0x0a04  [ D940C5BB9DC92E588533C19ABCC3D2C2, D1442854CEDE86F2C187A35851E74C873D34B772C60BC118FA1577F79C03364D ] isapnp          C:\WINDOWS\system32\drivers\isapnp.sys
18:43:20.0886 0x0a04  isapnp - ok
18:43:20.0927 0x0a04  [ E6530FD4F61B40F338BF4355A21B9A09, FE9BF039B9901BEC260A69F7C49ACFA9881AD470DCCBA70C7EC36F518DA71702 ] iScsiPrt        C:\WINDOWS\System32\drivers\msiscsi.sys
18:43:20.0940 0x0a04  iScsiPrt - ok
18:43:20.0957 0x0a04  [ 8FBD94B69D6423E20ABCD59D86368B21, 218EF992095E365EC917413749856A64D55D8129D77098E24D670843233377F4 ] kbdclass        C:\WINDOWS\System32\drivers\kbdclass.sys
18:43:20.0961 0x0a04  kbdclass - ok
18:43:20.0982 0x0a04  [ E88C932ABDF8185A62C8F2FC7B051FB6, 67F9AF58237A11F0BF3D15AA5B32E5CE66B7AA039B999D938F7F6E63DCEA7A6E ] kbdhid          C:\WINDOWS\System32\drivers\kbdhid.sys
18:43:20.0985 0x0a04  kbdhid - ok
18:43:21.0006 0x0a04  [ FB6C185092E18011EF49989425C2AA87, 043524409E0A764201DD221C48B7DEEA0D161945EB37D4B88313BAB2299949DF ] kdnic           C:\WINDOWS\system32\DRIVERS\kdnic.sys
18:43:21.0008 0x0a04  kdnic - ok
18:43:21.0028 0x0a04  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] KeyIso          C:\WINDOWS\system32\lsass.exe
18:43:21.0032 0x0a04  KeyIso - ok
18:43:21.0072 0x0a04  [ 8B3EB6372436195B8EA8AE09A184BCE2, 9AFB7A9D6AEEBF5994C85B355155024768116E2D537C9FA169BC3F4594ECD35C ] KSecDD          C:\WINDOWS\system32\Drivers\ksecdd.sys
18:43:21.0077 0x0a04  KSecDD - ok
18:43:21.0118 0x0a04  [ 3DD9C86EA88E8B5A51904AD87E1F2E78, F9EC9A571212117C01934CD29057EB1B3FA095F670294244AF7D9387D3F6E555 ] KSecPkg         C:\WINDOWS\system32\Drivers\ksecpkg.sys
18:43:21.0192 0x0a04  KSecPkg - ok
18:43:21.0217 0x0a04  [ 81492FEEBF2F26455B00EE8DBAE8A1B0, E33AA2DFB2D3BB30B02CDADA2EC290F86329DA3198327A653F39A843D86390B9 ] ksthunk         C:\WINDOWS\system32\drivers\ksthunk.sys
18:43:21.0219 0x0a04  ksthunk - ok
18:43:21.0261 0x0a04  [ 5825DBACEDC3812B5CF8D40B997BF210, 1C2997BCC707C1029B21876E093038CE3BBF6E6694B4CCF7EEDD47172ED9A541 ] KtmRm           C:\WINDOWS\system32\msdtckrm.dll
18:43:21.0278 0x0a04  KtmRm - ok
18:43:21.0317 0x0a04  [ B914A7133D759C53FAA5C08F33C09A4E, CBB24CECD689A56826EBA5CC6901ADD6E9BFCC27272B4DC2951E1E08B01609BC ] L1C             C:\WINDOWS\system32\DRIVERS\L1C63x64.sys
18:43:21.0323 0x0a04  L1C - ok
18:43:21.0366 0x0a04  [ 256EE31588257E8A555DBFAA13F1908E, B6817F632EDEA483E35BF26846DCDD4E95E860620959179B2A5D8AD7EEDDB126 ] LanmanServer    C:\WINDOWS\system32\srvsvc.dll
18:43:21.0384 0x0a04  LanmanServer - ok
18:43:21.0421 0x0a04  [ 16650912BE5A94B40E0B3B4C39652B56, 908C2C9367AE0AC9AECB5D91514BB33ACD746D99F19C1A8DD6A9550E9CAD9E00 ] LanmanWorkstation C:\WINDOWS\System32\wkssvc.dll
18:43:21.0435 0x0a04  LanmanWorkstation - ok
18:43:21.0463 0x0a04  [ CEEFD29FC551F289810B0B9381B321DC, 900F206B487B2190D9363F28AA4BA0CD7DCFE1D005BE05A48AF74B1B81194691 ] lltdio          C:\WINDOWS\system32\DRIVERS\lltdio.sys
18:43:21.0465 0x0a04  lltdio - ok
18:43:21.0506 0x0a04  [ BCF53485E0A94722CDE3C4A93CD8EB8C, D24E1066EB102245A89A5D17D608DB9DF6B71C99F1C77E070B95EFD17D268141 ] lltdsvc         C:\WINDOWS\System32\lltdsvc.dll
18:43:21.0521 0x0a04  lltdsvc - ok
18:43:21.0548 0x0a04  [ 95DD1E89A772A383E0FDC677A2E2ED44, 94701ACC1F4D5422CB7084609BC25D34A05F68829DB5030AA6697BD7DBC3B0B2 ] LMDriver        C:\WINDOWS\System32\drivers\LMDriver.sys
18:43:21.0550 0x0a04  LMDriver - ok
18:43:21.0570 0x0a04  [ 5A2F7F1CBC2E631A497DAD16164E06D2, 35274FC6C386380B01B5E8F467E71A2C4E2FB2AD701554F9B1A9B036B0340142 ] lmhosts         C:\WINDOWS\System32\lmhsvc.dll
18:43:21.0574 0x0a04  lmhosts - ok
18:43:21.0626 0x0a04  [ E1A37D1BF2F57345D078C324693F6A38, 99EF79344DB7EB1EBCABA716112FD23A350574BD67C451F421207E5341704504 ] LMSvc           C:\Program Files\Packard Bell\Packard Bell Launch Manager\LMSvc.exe
18:43:21.0644 0x0a04  LMSvc - ok
18:43:21.0684 0x0a04  [ 022CDD12161B063D7852B1075BF3FFF2, E21267243AF2FC208D27E67827B1264A762C99AECEDB7AD2C48A04F421A6B2F0 ] LSI_SAS         C:\WINDOWS\system32\drivers\lsi_sas.sys
18:43:21.0684 0x0a04  LSI_SAS - ok
18:43:21.0700 0x0a04  [ 07AD59D669B996F29F91817F0ECFA34F, 026F332F862D142BFFC9D169CCD17A35BFB6B301EEC72AA13E16369B3520919C ] LSI_SAS2        C:\WINDOWS\system32\drivers\lsi_sas2.sys
18:43:21.0700 0x0a04  LSI_SAS2 - ok
18:43:21.0731 0x0a04  [ 216FB796AA4E252ACCE93B1BCB80B5EC, 5B1E49B5F7B9C7A778198D27F8EE500FE35DC32D40B22A3D6ED67560BEB04212 ] LSI_SCSI        C:\WINDOWS\system32\drivers\lsi_scsi.sys
18:43:21.0731 0x0a04  LSI_SCSI - ok
18:43:21.0762 0x0a04  [ 5E80530AF37102488EE980B4A92AF99F, 364E18EAD9AC22F8A306B24C6C43E58224F6BE2744EFEAA2484696B8D9880851 ] LSI_SSS         C:\WINDOWS\system32\drivers\lsi_sss.sys
18:43:21.0762 0x0a04  LSI_SSS - ok
18:43:21.0825 0x0a04  [ 1DC9B701F8EB7D67774035AC9C3104F6, 77371267CDA605F78674BF8FA14B134B22299CD96EADA60A68762207595F0B46 ] LSM             C:\WINDOWS\System32\lsm.dll
18:43:21.0840 0x0a04  LSM - ok
18:43:21.0871 0x0a04  [ 2BDC5D711FA61307CE6190D47C956368, 6BCDC6CBB9783F1ABE8957BDA94AF977DFB2A310BB6D19085EFC8609C97FD180 ] luafv           C:\WINDOWS\system32\drivers\luafv.sys
18:43:21.0871 0x0a04  luafv - ok
18:43:21.0887 0x0a04  [ 9B0D829C3BE4E7472DB9DD2B79908E3C, ACED5806FFF39E84007B5A3DCB16315329DC53007F46B1BEEDC391CC659F7DD3 ] megasas         C:\WINDOWS\system32\drivers\megasas.sys
18:43:21.0887 0x0a04  megasas - ok
18:43:21.0934 0x0a04  [ ECC3F54C7AFC318271C4F0B4606D8DB0, FD1ACB18B8C912C7A57DABCD5460800DD0721A82E09C8D79C47B3392D61CBEA6 ] MegaSR          C:\WINDOWS\system32\drivers\MegaSR.sys
18:43:21.0949 0x0a04  MegaSR - ok
18:43:21.0981 0x0a04  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] MMCSS           C:\WINDOWS\system32\mmcss.dll
18:43:21.0996 0x0a04  MMCSS - ok
18:43:21.0996 0x0a04  [ 780098AD5DA8A4822E2563984C85EF7B, 29312970774E944B5ED388316CF3D350DCABF721F9695737B0AC56BE878B0446 ] Modem           C:\WINDOWS\system32\drivers\modem.sys
18:43:22.0012 0x0a04  Modem - ok
18:43:22.0027 0x0a04  [ EA8EAD3F5B762F889CC7F3966625B48B, B701A42E5E08B7BC6601560446146803182E5DC631AB73E9408F19CB6432F121 ] monitor         C:\WINDOWS\System32\drivers\monitor.sys
18:43:22.0043 0x0a04  monitor - ok
18:43:22.0074 0x0a04  [ 618446B98C79776654340CE27C73485E, EFE7169FDD545933B5949DA2D09266971C0C3E6894E7BD8AFE29E41567C72B16 ] mouclass        C:\WINDOWS\System32\drivers\mouclass.sys
18:43:22.0074 0x0a04  mouclass - ok
18:43:22.0090 0x0a04  [ C0ADEBED913295803B579ED288936CBB, 58F71541166D1DA07C18FBD27458D55E3F8AD7291CB7496B3A2F01372A5B0CAE ] mouhid          C:\WINDOWS\System32\drivers\mouhid.sys
18:43:22.0090 0x0a04  mouhid - ok
18:43:22.0121 0x0a04  [ 89D263DBF08119CE16273991C120D6DD, 9771EDAD266F0E234E71DFB6792F396710E051F2ADCA5CDADEBBD2790D0E6054 ] mountmgr        C:\WINDOWS\system32\drivers\mountmgr.sys
18:43:22.0121 0x0a04  mountmgr - ok
18:43:22.0168 0x0a04  [ 4CCBBD4944777CA100B9A6C2F149A46F, 7FC172FAF8266BFBBBBAD94FD67EA3C1872F5927DC3900A9A54DB2DFE34E7415 ] mpsdrv          C:\WINDOWS\system32\drivers\mpsdrv.sys
18:43:22.0168 0x0a04  mpsdrv - ok
18:43:22.0230 0x0a04  [ 9DE3341BD4E14BC5FADFCAD3019F2D0D, 37E0531EADABC6D4BCC496826651D4D14CF0D10156FF13C11BDE466084B44FF4 ] MpsSvc          C:\WINDOWS\system32\mpssvc.dll
18:43:22.0293 0x0a04  MpsSvc - ok
18:43:22.0339 0x0a04  [ 3D70147F55F1EC84EB9139ED7FFE48BC, 12429C2FDDDA13815F0E18F9009011AA5360955759A23A38175543F480CB92EF ] MRxDAV          C:\WINDOWS\system32\drivers\mrxdav.sys
18:43:22.0339 0x0a04  MRxDAV - ok
18:43:22.0386 0x0a04  [ 7A761AEE58658378BBA45D360F874CB0, 31972E63D93E07D92EF69571B7ED1E69B1358DCA5BEED62A9372F6411B4DFDB3 ] mrxsmb          C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
18:43:22.0402 0x0a04  mrxsmb - ok
18:43:22.0433 0x0a04  [ 06D5F2FA3C61E8EA91648EA8E9F99FD3, C665B7896501D42C73955F4EAF4FA3C6B2C9286957D6023C235AFBF9BFB761C6 ] mrxsmb10        C:\WINDOWS\system32\DRIVERS\mrxsmb10.sys
18:43:22.0449 0x0a04  mrxsmb10 - ok
18:43:22.0480 0x0a04  [ 697B78CE3925E4FBFC544232A5E9E2EB, 2D03425513572F6098BAAF82C0EDB49EBAB88438971D349CA1917DA0BDB76334 ] mrxsmb20        C:\WINDOWS\system32\DRIVERS\mrxsmb20.sys
18:43:22.0480 0x0a04  mrxsmb20 - ok
18:43:22.0511 0x0a04  [ 98487487D6B3797CA927E9D7B030AE13, 05840AF0DD2E3CB596DA768DBD0728B52210EC05B55AB5921E697AD8956938DD ] MsBridge        C:\WINDOWS\system32\DRIVERS\bridge.sys
18:43:22.0527 0x0a04  MsBridge - ok
18:43:22.0558 0x0a04  [ 4A07458EB4F17573BD39F22029A991C1, 74D7A1882EA4D19B8F090C2813489E5D3F759BF4AF2D88AE852EC6510C405B5E ] MSDTC           C:\WINDOWS\System32\msdtc.exe
18:43:22.0558 0x0a04  MSDTC - ok
18:43:22.0605 0x0a04  [ 3886F1F2A4D2900ABAA7E4486BEEE6A2, ECCA22985838A914EDC866C491DEB64B9FF5110EFA9BEE541F634AC5EC3081F9 ] Msfs            C:\WINDOWS\system32\drivers\Msfs.sys
18:43:22.0605 0x0a04  Msfs - ok
18:43:22.0636 0x0a04  [ C32A7A39B960A42BA9D4FBE47213CA03, 4DA48587138972DA5E95AEDBBBE73BA8CCADC8172C6654427ABEAC8047B27E95 ] msgpiowin32     C:\WINDOWS\System32\drivers\msgpiowin32.sys
18:43:22.0636 0x0a04  msgpiowin32 - ok
18:43:22.0651 0x0a04  [ D3857A767B91A061B408CCAB02DA4F40, A4D780772086AD8717EE6DC2B6189F796939FB5E5AA08FD9D1984101998FBECF ] mshidkmdf       C:\WINDOWS\System32\drivers\mshidkmdf.sys
18:43:22.0667 0x0a04  mshidkmdf - ok
18:43:22.0667 0x0a04  [ 839B48910FB1E887635C48F3EC11A05E, F8CFD99911500CC1B6A90C8E2A1697BD5A6E5776A62A62FE5B342FE204C936B1 ] mshidumdf       C:\WINDOWS\System32\drivers\mshidumdf.sys
18:43:22.0667 0x0a04  mshidumdf - ok
18:43:22.0683 0x0a04  [ 55C0DB741E3AB7463242B185B1C2997C, D2E2A5B48A64EA0EC2A6566C08E65A38D11CEA64BCA7B57793BA0D009E4D974A ] msisadrv        C:\WINDOWS\system32\drivers\msisadrv.sys
18:43:22.0698 0x0a04  msisadrv - ok
18:43:22.0729 0x0a04  [ 216C6B035A4BA5560E1255BD8E5BB89F, A14E038604B9A5506DB145A4D9F51E2751AC825240D2744924F39C332B5DE00B ] MSiSCSI         C:\WINDOWS\system32\iscsiexe.dll
18:43:22.0745 0x0a04  MSiSCSI - ok
18:43:22.0745 0x0a04  msiserver - ok
18:43:22.0776 0x0a04  [ 509809566E49F4411055864EA8D437CD, 70F37BF9C759E8BCA1C6AC8FB9805950925E1C648ED37E8561A0F7A407DFDC28 ] MSKSSRV         C:\WINDOWS\system32\drivers\MSKSSRV.sys
18:43:22.0776 0x0a04  MSKSSRV - ok
18:43:22.0792 0x0a04  [ 63145201D6458E4958E572E7D6FC2604, EDD4A8A3BBE94B983554B1117734E66A2647B867269C5F0567C47EDE6F3FACCB ] MsLldp          C:\WINDOWS\system32\DRIVERS\mslldp.sys
18:43:22.0792 0x0a04  MsLldp - ok
18:43:22.0807 0x0a04  [ 99D526E803DB6D7FF290FD98B6204641, 4AFAA3B1186621AEAD19E12D3DBE104DD8FCD5C106F9EC3ADA4AD1BC7093E61F ] MSPCLOCK        C:\WINDOWS\system32\drivers\MSPCLOCK.sys
18:43:22.0807 0x0a04  MSPCLOCK - ok
18:43:22.0823 0x0a04  [ 06FA77C3E2A491ADCD704C5E73006269, 465A7EE5387E6C11398A554F73437278F5BF110356E7F49F315905C1F2459278 ] MSPQM           C:\WINDOWS\system32\drivers\MSPQM.sys
18:43:22.0823 0x0a04  MSPQM - ok
18:43:22.0854 0x0a04  [ E134EC4DE11CF78CB01432D180710D84, BB111F97AEEFDCA5866B157E9957599CD7A4952B5BCCA0B0BCA9EDFCD17E61FE ] MsRPC           C:\WINDOWS\system32\drivers\MsRPC.sys
18:43:22.0870 0x0a04  MsRPC - ok
18:43:22.0901 0x0a04  [ B5AECF12F09DEE97C9FCAA5BA016CE1E, F5305C4CE6C93A3A3481BD13BE0C23FE26571E11029ACFFE75FB78913681FCFC ] mssmbios        C:\WINDOWS\System32\drivers\mssmbios.sys
18:43:22.0901 0x0a04  mssmbios - ok
18:43:22.0917 0x0a04  [ 72D66A05E0F99F2528F6C6204FD22AA1, B14D433BC5795F1DC4C672302285E665DC012693E75574F60664AAD8874DE562 ] MSTEE           C:\WINDOWS\system32\drivers\MSTEE.sys
18:43:22.0932 0x0a04  MSTEE - ok
18:43:22.0932 0x0a04  [ 8AAAE399FC255FA105D4158CBA289001, 2F55C02605B4A3406B289FF9D46C76260B9138E3DE96AFAEA0E0522E5A2A746C ] MTConfig        C:\WINDOWS\System32\drivers\MTConfig.sys
18:43:22.0932 0x0a04  MTConfig - ok
18:43:22.0963 0x0a04  [ 3BCB702F3E6CC622DCAFCAA45D7CDE0A, 00D33A4AB3E7C5F65F59C63F8E2FD27EF38D5484595F785D5632E9414E29352C ] Mup             C:\WINDOWS\system32\Drivers\mup.sys
18:43:22.0963 0x0a04  Mup - ok
18:43:22.0979 0x0a04  [ 3A1E095277BBD406CEA8EA6B76950664, 47838F307A6354E77C19A7B1F3F3E22726EF60403B611F358AD6FFE81D7214E7 ] mvumis          C:\WINDOWS\system32\drivers\mvumis.sys
18:43:22.0995 0x0a04  mvumis - ok
18:43:23.0041 0x0a04  [ 5E1659BD35E69AA6083FF8D552E5B1D5, 947106A030853C755B375DF96833C60704327ABD1393F2CA04859A6651A4155D ] N360            C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\N360.exe
18:43:23.0057 0x0a04  N360 - ok
18:43:23.0119 0x0a04  [ 4B18840511D720BA118D3017E8165875, 724458A69269A5AE57E8DAB74FF3C198A79B6F7A9602BF38A70B4A40543ED167 ] napagent        C:\WINDOWS\system32\qagentRT.dll
18:43:23.0135 0x0a04  napagent - ok
18:43:23.0182 0x0a04  [ 43D7388A90A4C6EA346A4D6FF0377479, DFDCFA448B49C8A577056070AF516F08CD2E452706A3CF9173195ABA4256F35D ] NativeWifiP     C:\WINDOWS\system32\DRIVERS\nwifi.sys
18:43:23.0197 0x0a04  NativeWifiP - ok
18:43:23.0322 0x0a04  [ E0E4A1F81A7D69C595A8A9DDAD084C19, 8F55F3637AE8BFFB0ACE37AFC5122026525137E0B2923899B779C1BD08DF0E22 ] NAUpdate        c:\Program Files (x86)\Nero\Update\NASvc.exe
18:43:23.0353 0x0a04  NAUpdate - ok
18:43:23.0431 0x0a04  [ 702E07EC32F96ACDB873E9A5465D4401, 2C6B1C8BA0BF4791AEA064062DCA3678AE4443DF19DB37D6CB55BA6297D8A238 ] NAVENG          C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140811.003\ENG64.SYS
18:43:23.0431 0x0a04  NAVENG - ok
18:43:23.0541 0x0a04  [ 302EA314A1AF0D7CEF0A3D0195F79561, 046DBC2D9D028F2D2E8BAE745CA2ADEF42741689BFF743A13B81EA4228DDCDC6 ] NAVEX15         C:\Program Files (x86)\Norton 360\NortonData\21.1.0.18\Definitions\VirusDefs\20140811.003\EX64.SYS
18:43:23.0650 0x0a04  NAVEX15 - ok
18:43:23.0697 0x0a04  [ 6A0C3996DA7DAE6D6939676D786EEEC4, 6E8A4C6234FD3040BC889E92016A4D5AC7BCAF5059521E50C733966163A546A0 ] NcaSvc          C:\WINDOWS\System32\ncasvc.dll
18:43:23.0697 0x0a04  NcaSvc - ok
18:43:23.0728 0x0a04  [ C982FE4CC91DECE2259F494FCEB4030F, 4C285407E6F9FBBA92180F4063AEFB736ED142D802F0151002F0CC20AB7BB4E5 ] NcdAutoSetup    C:\WINDOWS\System32\NcdAutoSetup.dll
18:43:23.0728 0x0a04  NcdAutoSetup - ok
18:43:23.0806 0x0a04  [ A10E176F3B2BF83EDE7B5C4658C93B66, 42F2FAEB4A29BBC6727D7E159D3E7E2E66D33785E5C98496EEB44D281601A23E ] NDIS            C:\WINDOWS\system32\drivers\ndis.sys
18:43:23.0868 0x0a04  NDIS - ok
18:43:23.0899 0x0a04  [ 39C8A1D9D46F5E83A016BCAB72455284, 80DBED610E0818C2C7122FBC5BC8C15BCE981538AE48DC48F464A86389AF3F68 ] NdisCap         C:\WINDOWS\system32\DRIVERS\ndiscap.sys
18:43:23.0899 0x0a04  NdisCap - ok
18:43:23.0915 0x0a04  [ 762941932B7E4C588E48A577BA9D6440, 71FA1870E398CB848D8294FEF6C60E0499CAB9A16EC3F487564C41072590E4F3 ] NdisImPlatform  C:\WINDOWS\system32\DRIVERS\NdisImPlatform.sys
18:43:23.0931 0x0a04  NdisImPlatform - ok
18:43:23.0946 0x0a04  [ 7A6F8A6D0E01432EBA294EF29CDD0FA7, D902AE15194A9F8A2198914FC76184FE7E2B589747275952A04A52853128FDB8 ] NdisTapi        C:\WINDOWS\system32\DRIVERS\ndistapi.sys
18:43:23.0946 0x0a04  NdisTapi - ok
18:43:23.0977 0x0a04  [ 79AB68BB3FFF974AD4F41FA559F4EC67, 1745EC6520B48E325C56D98A1F4DB9CE135FE3E097B3D66E6598791132CAD7BD ] Ndisuio         C:\WINDOWS\system32\DRIVERS\ndisuio.sys
18:43:23.0977 0x0a04  Ndisuio - ok
18:43:23.0993 0x0a04  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NdisWan         C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:43:24.0009 0x0a04  NdisWan - ok
18:43:24.0024 0x0a04  [ 62C7DBF4F9301F76CF87D4B9D8F57BF8, D51FEF198F74FDF583826E259E4736F51CD49908194104677889FD135EEC2EBC ] NDISWANLEGACY   C:\WINDOWS\system32\DRIVERS\ndiswan.sys
18:43:24.0024 0x0a04  NDISWANLEGACY - ok
18:43:24.0055 0x0a04  [ 3730942D7DB2F8BB5F84542B7FF6F650, 89C9D7D7305205BDB304CE6DA7D1A57EDE86A9D77429698802A39D75EB78CAAB ] NDProxy         C:\WINDOWS\system32\drivers\NDProxy.sys
18:43:24.0055 0x0a04  NDProxy - ok
18:43:24.0087 0x0a04  [ D3F60A4345FCA9C1BE68AD7D0D6DE770, 214AF09F4B021C2F8655FBC8AC8C801E89CD9115CDE690FAEBDA69D63D660EDD ] Ndu             C:\WINDOWS\system32\drivers\Ndu.sys
18:43:24.0102 0x0a04  Ndu - ok
18:43:24.0118 0x0a04  [ 7C203A76394F9AE68F69EEE5F9612C4A, 2222654915913BDC9367A2075714906A10CF22C047A7494CD59CB71834ED1B62 ] NetBIOS         C:\WINDOWS\system32\DRIVERS\netbios.sys
18:43:24.0133 0x0a04  NetBIOS - ok
18:43:24.0165 0x0a04  [ 7CEC25C682D319D484630B3952C31A11, 025C46B367E0570E9E3F9DF1564C3E47B1524E9E9A180BBDF0E9C684838F5E42 ] NetBT           C:\WINDOWS\system32\DRIVERS\netbt.sys
18:43:24.0180 0x0a04  NetBT - ok
18:43:24.0196 0x0a04  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] Netlogon        C:\WINDOWS\system32\lsass.exe
18:43:24.0196 0x0a04  Netlogon - ok
18:43:24.0243 0x0a04  [ 89519D29CBEC2121CA65CC29C4D345E0, F3BA7BCAFEC8DD8B29837458D1B2B1DEE748AEAAAE0575FD3AAE65CFC72A04CD ] Netman          C:\WINDOWS\System32\netman.dll
18:43:24.0258 0x0a04  Netman - ok
18:43:24.0305 0x0a04  [ 79FA9393C67EBBF92A56923592CF7A7C, A8AB8A6346B97B68810CC632F425085BE9E63ACAED0F119A7BFD03F2DA4AA5F6 ] netprofm        C:\WINDOWS\System32\netprofmsvc.dll
18:43:24.0336 0x0a04  netprofm - ok
18:43:24.0399 0x0a04  [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
18:43:24.0414 0x0a04  NetTcpPortSharing - ok
18:43:24.0461 0x0a04  [ 12DD2800E4EEA37DC9AE256AD62423B4, 34740469EEA8740CBACD881CB232C9ABB9AB180DE5F45336BC6DBE154259F29B ] nfrd960         C:\WINDOWS\system32\drivers\nfrd960.sys
18:43:24.0461 0x0a04  nfrd960 - ok
18:43:24.0508 0x0a04  [ 80ABCD4C2DE9FD832477303AE0CA3BE5, 98F3958E650CEB1006D92980503E1B176D2CA55D2A6742C1C27CDE829D137DA9 ] NlaSvc          C:\WINDOWS\System32\nlasvc.dll
18:43:24.0539 0x0a04  NlaSvc - ok
18:43:24.0757 0x0a04  [ 9B70CE32DD84A674B100BEA37F756016, 4B52FDA1FB24B02AE149AC70F46F3605B85A2A8AC5B948260BF53A5F076A674A ] NOBU            C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuAgent.exe
18:43:24.0945 0x0a04  NOBU - ok
18:43:25.0007 0x0a04  [ 17E19A742FB30C002F8B43575451DBE1, 59D226A4A5B5281C399BE96C694915E38EEAF335D31F346B0C65D8F469D7C9C3 ] Npfs            C:\WINDOWS\system32\drivers\Npfs.sys
18:43:25.0023 0x0a04  Npfs - ok
18:43:25.0038 0x0a04  [ 8ED299C30792544264E558BEA79F0947, 8A03FDA9AADB79ECBCBCDC988B7D8CF0672689C9DF673A2ECFE0D2D88A9C6A6B ] npsvctrig       C:\WINDOWS\System32\drivers\npsvctrig.sys
18:43:25.0038 0x0a04  npsvctrig - ok
18:43:25.0054 0x0a04  [ 832B5FDF0B5577713FD7F2465FCD0ACE, 4A551CDBACED47DD781EC59F8B59A13D66EFD85DCF636BCFCBACFE5972A78E93 ] nsi             C:\WINDOWS\system32\nsisvc.dll
18:43:25.0069 0x0a04  nsi - ok
18:43:25.0085 0x0a04  [ 689B3B1E95C70ABF7AFF29F9406EF1E0, 8B62D8AE53E1B3218158FADC0075682AB06D18998CF5DE82C920A9CD91C0652F ] nsiproxy        C:\WINDOWS\system32\drivers\nsiproxy.sys
18:43:25.0085 0x0a04  nsiproxy - ok
18:43:25.0210 0x0a04  [ 7BE3EDFFA3216F989A6BDCB14795DD08, 19A2D0120C46CA9BCFBC16DC3E65687ACDDCBA33B79128188652BA2AFAA2EE2F ] Ntfs            C:\WINDOWS\system32\drivers\Ntfs.sys
18:43:25.0319 0x0a04  Ntfs - ok
18:43:25.0397 0x0a04  [ A66FCAB18F99477770BDEE6527E94C54, F15B8455B27391857E2CEF6342E6A59DE01EBC3616FFEE575F78479411905813 ] NU16StartManagerSvc C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\StartManSvc.exe
18:43:25.0444 0x0a04  NU16StartManagerSvc - ok
18:43:25.0459 0x0a04  [ 4163ADE07DB51843AE31F65B94F5398D, 4349E7EF1EE1E71E1F436BA42F5B58871D82B987D513BA2D6E1CEB8A21BD1B20 ] Null            C:\WINDOWS\system32\drivers\Null.sys
18:43:25.0459 0x0a04  Null - ok
18:43:25.0491 0x0a04  [ D6D34118263412D3AAA8348A9572B7F2, 66106A25BC5A4CA7697A23ED67CEDB5C0BF678EA70FD967A405D2DF76F4CA3A4 ] nvraid          C:\WINDOWS\system32\drivers\nvraid.sys
18:43:25.0491 0x0a04  nvraid - ok
18:43:25.0506 0x0a04  [ 27AFC428D1D32ABD04A86763A4EDDEA9, 0920866013A8C8CFEE00E6AECDD41736F5501C49837E2D785998734F087F6B98 ] nvstor          C:\WINDOWS\system32\drivers\nvstor.sys
18:43:25.0522 0x0a04  nvstor - ok
18:43:25.0553 0x0a04  [ 051CFB5107BAAE510419BDC41F8C4036, 9990906F17A3886EF301D2AA6556263B52A1C0554C6BD18331AF44ECECAEE4B5 ] nv_agp          C:\WINDOWS\system32\drivers\nv_agp.sys
18:43:25.0553 0x0a04  nv_agp - ok
18:43:25.0600 0x0a04  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] p2pimsvc        C:\WINDOWS\system32\pnrpsvc.dll
18:43:25.0615 0x0a04  p2pimsvc - ok
18:43:25.0662 0x0a04  [ 4319FD931DCD796435ECB5DB4A04FBA5, 20185B2F359EEC202B37019A4E4F5B914ADCF78B97AF0CBD91EECED2259FC6DE ] p2psvc          C:\WINDOWS\system32\p2psvc.dll
18:43:25.0693 0x0a04  p2psvc - ok
18:43:25.0709 0x0a04  [ 4563DAF8C6A740AD7F501E219BD10766, 7A1212DDAE2D66A9C2041262796904E36036CDC4C5B75C2F66B8DF9D89F7C25D ] Parport         C:\WINDOWS\System32\drivers\parport.sys
18:43:25.0725 0x0a04  Parport - ok
18:43:25.0740 0x0a04  [ D6ACCF9F2EEEEA711C14EFD976E573F3, 60D2A81832A8D24F91C3EF134440D5026354917F59462BACBCE7A01D84767D91 ] partmgr         C:\WINDOWS\system32\drivers\partmgr.sys
18:43:25.0756 0x0a04  partmgr - ok
18:43:25.0787 0x0a04  [ 4811D9EC53649105A5A8BEA661B0F936, C77907E03D0561500FCFEAFAC323E9679E66297329901A0CA2BD7E919419A8E8 ] PcaSvc          C:\WINDOWS\System32\pcasvc.dll
18:43:25.0803 0x0a04  PcaSvc - ok
18:43:25.0834 0x0a04  [ 4A003E8F718C1E6A2050CA98CD53E3E2, BCC3BE1EC3FA4967353371D85094D096940A7B5944A6FFCA31E8FBE83D92CC6C ] pci             C:\WINDOWS\system32\drivers\pci.sys
18:43:25.0849 0x0a04  pci - ok
18:43:25.0865 0x0a04  [ F9908D274D458220F91E89B54D78D837, 1E89ABFA6B375383E0297CEE5AF66E37F90E16DD21ABA5C91777A86CDF013B4D ] pciide          C:\WINDOWS\system32\drivers\pciide.sys
18:43:25.0881 0x0a04  pciide - ok
18:43:25.0896 0x0a04  [ 84D19CB6102627932DCB5DFDF89FE269, 2F9C47E076645B35877D9ACA77968EFFCDA8794D76265CD9A4AAA239C4B33C5F ] pcmcia          C:\WINDOWS\system32\drivers\pcmcia.sys
18:43:25.0912 0x0a04  pcmcia - ok
18:43:25.0927 0x0a04  [ CEBBAD5391C2644560C55628A40BFD27, 8AAA6EBD8D89FC91AECCCF1452F53C5650A1A17027FF4E64D224371404CE4C8B ] pcw             C:\WINDOWS\system32\drivers\pcw.sys
18:43:25.0927 0x0a04  pcw - ok
18:43:25.0959 0x0a04  [ 0698DEDEAD6A00AD0D468C687D830FBF, B9DCA1A61F2EF80DB26380F390F2E9A17114D33129D61CF465B949B6A7916CAA ] pdc             C:\WINDOWS\system32\drivers\pdc.sys
18:43:25.0974 0x0a04  pdc - ok
18:43:26.0037 0x0a04  [ 61FE70659CD43E07F94DA4DC31DEC493, 3739B6670B440173FD81DE3D47B0B90FAF296802AD4F57C05BF5CF191BF16022 ] PEAUTH          C:\WINDOWS\system32\drivers\peauth.sys
18:43:26.0083 0x0a04  PEAUTH - ok
18:43:26.0193 0x0a04  [ EB88FA19F0EA05DD04BE9C5FFEEFFE1A, 459CF99D5243C4ACAA38C7B426ADC52F1044C759D06A925D475DF6213AEB85CD ] PerfHost        C:\WINDOWS\SysWow64\perfhost.exe
18:43:26.0208 0x0a04  PerfHost - ok
18:43:26.0317 0x0a04  [ 6E84BFF58F7643499277F29DFA2F8C8D, 401CCF137F35D9690C7B56B2BFEDB2DB72709EBE38626D787904B67640EF6F14 ] pla             C:\WINDOWS\system32\pla.dll
18:43:26.0395 0x0a04  pla - ok
18:43:26.0427 0x0a04  [ 799BE46D45D486704CE0F37CA5385262, BB78DEE83B9DB613B1C083D55FAA458BE3E394AED80EB91B599185A7272F33B3 ] PlugPlay        C:\WINDOWS\system32\umpnpmgr.dll
18:43:26.0442 0x0a04  PlugPlay - ok
18:43:26.0458 0x0a04  [ 8E2414E818C26C4A9C70CB2B8567F04F, A16B22AE143BA070C562FBE5DEF32F7E228F50B302B66E46B46C44C0F50A4461 ] PNRPAutoReg     C:\WINDOWS\system32\pnrpauto.dll
18:43:26.0458 0x0a04  PNRPAutoReg - ok
18:43:26.0505 0x0a04  [ AB76700D764A342D7475FB8F47CAB18C, ECDF705D3E69EF6E7044C98A462A7281D0E7D0D85769C0815555D934B0B69C8D ] PNRPsvc         C:\WINDOWS\system32\pnrpsvc.dll
18:43:26.0520 0x0a04  PNRPsvc - ok
18:43:26.0567 0x0a04  [ 0108C8E5176D590F242701EF5A62CC26, 3A72F5D4402663B7445F6B3C55F01E83A619B6192F7D3CC2DE3C57F9F50D5A2D ] PolicyAgent     C:\WINDOWS\System32\ipsecsvc.dll
18:43:26.0583 0x0a04  PolicyAgent - ok
18:43:26.0629 0x0a04  [ F1E067F56373F11EA4B785CAE823740A, 69BD30E64DA17595FF29C9C9FF9AD4F2F4BE29B688FBAC9DABB2FA9D13A47FF0 ] Power           C:\WINDOWS\system32\umpo.dll
18:43:26.0645 0x0a04  Power - ok
18:43:26.0692 0x0a04  [ 362D47E5B4D67270DE4B8606036F4ADD, 716E229C68D91AEA5B5629F60133D5CBDC0C95ABA54D9DC6264E923CAF4DC6C0 ] PptpMiniport    C:\WINDOWS\system32\DRIVERS\raspptp.sys
18:43:26.0707 0x0a04  PptpMiniport - ok
18:43:26.0973 0x0a04  [ C2D3B3D0060619D5E03E696BD56FF59F, 155954F16B6F9B51BA16F43F1AE6F977B1EC4DE77862C6F6C722293189BE0DD2 ] PrintNotify     C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
18:43:27.0097 0x0a04  PrintNotify - ok
18:43:27.0160 0x0a04  [ DD979EB6A7212F60E4AFBE96EDC7AE6D, BC681D64C5B8F08FD4613D71111853FCD5B05E4BD127D2C6258BAED7627105BE ] Processor       C:\WINDOWS\System32\drivers\processr.sys
18:43:27.0191 0x0a04  Processor - ok
18:43:27.0222 0x0a04  [ 429E8502AD2227CF88F8840FC5BD590D, A186DA46C083580ACEDE9C7E3156865034302CD803140EEEC8E1DE16DA4BC99B ] ProfSvc         C:\WINDOWS\system32\profsvc.dll
18:43:27.0238 0x0a04  ProfSvc - ok
18:43:27.0269 0x0a04  [ EB8034147D4820CD31BFCB11A2A652DF, B10B5E16B7A05D2DB2D5D1945B6146DE15EEDE2C778772A59F104706B5145E46 ] Psched          C:\WINDOWS\system32\DRIVERS\pacer.sys
18:43:27.0269 0x0a04  Psched - ok
18:43:27.0300 0x0a04  [ 0AFBF333B6F87A2F598EAB379AF100B8, D11F3A4D7E4463B62E2DBDE5FC61425B1FDFB07DD1A19BC001D479CA1F554510 ] QWAVE           C:\WINDOWS\system32\qwave.dll
18:43:27.0316 0x0a04  QWAVE - ok
18:43:27.0331 0x0a04  [ 13D47BB0CCA2FC51BD15F8E85C6A078E, EA832A9511007C9E8599C3066E1FA66BE869E8A27886D9A9AC590BD4DFBD1A15 ] QWAVEdrv        C:\WINDOWS\system32\drivers\qwavedrv.sys
18:43:27.0331 0x0a04  QWAVEdrv - ok
18:43:27.0363 0x0a04  [ E94067155C8AA4EF134CB2528E0C9CD7, 6EEF603F64827AB138930DFE379BF8E48E64AE8AA5EE7B9E0CA369022BAAA2EA ] RadioShim       C:\WINDOWS\System32\drivers\RadioShim.sys
18:43:27.0363 0x0a04  RadioShim - ok
18:43:27.0378 0x0a04  [ 873C60F8178100557740A832FCE10B5F, 400EF60CB2C98E2AFE122AF3D01CCE56A1548AF865345EE2194AB74DBCBF4C48 ] RasAcd          C:\WINDOWS\system32\DRIVERS\rasacd.sys
18:43:27.0394 0x0a04  RasAcd - ok
18:43:27.0425 0x0a04  [ 69B93F623B130976243ECA3D84CC99CA, F27617E651EADFAEE479619AAB01CDAA98111BA63E204D5C44A1256732CB0100 ] RasAgileVpn     C:\WINDOWS\system32\DRIVERS\AgileVpn.sys
18:43:27.0425 0x0a04  RasAgileVpn - ok
18:43:27.0456 0x0a04  [ 005F6E54C4A2DA4EBF68FB0392CE8BB0, 2F3C90A04964D4D906238BD557D90F7AC05DF86FE9729C4378B39431F54DDAE3 ] RasAuto         C:\WINDOWS\System32\rasauto.dll
18:43:27.0456 0x0a04  RasAuto - ok
18:43:27.0487 0x0a04  [ A14D625C5AEE5FFE0F47D1A1D419FAAE, 1229B81C23340AD5B436B1FD227876EB41715CE6BD270BA367F18879D26B8F04 ] Rasl2tp         C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
18:43:27.0503 0x0a04  Rasl2tp - ok
18:43:27.0534 0x0a04  [ C923C785A2DE0B396AD6D13ACAFF2DE9, 4F950DA776FBABEC7D546983D6F3018733F61268A4BF95C01D4836AD000BD073 ] RasMan          C:\WINDOWS\System32\rasmans.dll
18:43:27.0550 0x0a04  RasMan - ok
18:43:27.0581 0x0a04  [ 00695B9C2DB6111064499C529E90C042, 3CD4DF4D8001C2BBF52EEEB1F0D587209878BEAC339D268892477AD840D490F1 ] RasPppoe        C:\WINDOWS\system32\DRIVERS\raspppoe.sys
18:43:27.0581 0x0a04  RasPppoe - ok
18:43:27.0597 0x0a04  [ A7F24D8CD1956B0A1FDCB86CC5114DE4, 30489D235362DF62B105378597168B13F4BAC74A8EDDBDA25237E3C017B69FEE ] RasSstp         C:\WINDOWS\system32\DRIVERS\rassstp.sys
18:43:27.0597 0x0a04  RasSstp - ok
18:43:27.0659 0x0a04  [ CA03D642ACE58E1BA54E4B383F91CD69, 39BB942603801CF11FBEA28E24F8C8D1EF2AF615D1FABF951683A015D6A6EF37 ] rdbss           C:\WINDOWS\system32\DRIVERS\rdbss.sys
18:43:27.0675 0x0a04  rdbss - ok
18:43:27.0706 0x0a04  [ CA7DF5EC95D8DE0DD24BE7FF97369F68, 153E6F716CA935DBCACB8FF1BB8DE5F5551CE3D18878225470E45893CA69BDB8 ] rdpbus          C:\WINDOWS\System32\drivers\rdpbus.sys
18:43:27.0706 0x0a04  rdpbus - ok
18:43:27.0721 0x0a04  [ B2A3AD74FF2E2FFA73AF2567108231B3, DF8CEA6215F75C634D56F6B8AE11ECCEEB5F8CBC091AC3D6D9F7DE214B00A439 ] RDPDR           C:\WINDOWS\system32\drivers\rdpdr.sys
18:43:27.0737 0x0a04  RDPDR - ok
18:43:27.0768 0x0a04  [ 57F4787E4602A3FCA719C0A33137C6DA, D03AE59A184EB5D126F8EAB9D36EE406ABB8B9ED834F2D2496DDB1349FF56F89 ] RdpVideoMiniport C:\WINDOWS\system32\drivers\rdpvideominiport.sys
18:43:27.0768 0x0a04  RdpVideoMiniport - ok
18:43:27.0784 0x0a04  [ B3CB0721E81E30419CE7D837EF4EA151, EC9410818661BF77E4A19694E3A3030E1D983B36F49C72E27F92A1424E0729C2 ] RDPWD           C:\WINDOWS\system32\drivers\RDPWD.sys
18:43:27.0799 0x0a04  RDPWD - ok
18:43:27.0831 0x0a04  [ 62C1F8A0685FE07E998AA296C4F697C4, C636AB2D0F139003A6AD7A12E9DC13EE4485A62F30DA59AF842FF02FE07442EE ] rdyboost        C:\WINDOWS\system32\drivers\rdyboost.sys
18:43:27.0831 0x0a04  rdyboost - ok
18:43:27.0877 0x0a04  [ 3663CCF243EE0C04E9F6F91ED1737273, 31D06445996F99A7F6B32004D1BA63A21C61DE125373F860BA9A9DE5278E8293 ] RemoteAccess    C:\WINDOWS\System32\mprdim.dll
18:43:27.0877 0x0a04  RemoteAccess - ok
18:43:27.0924 0x0a04  [ E80DD61E52EDFFF9DA1ED7260A68855B, 97909F42AE35E28B8F98C01A1D8BAD80A949CDCA0C88FB4ACF0A655DC7C10E45 ] RemoteRegistry  C:\WINDOWS\system32\regsvc.dll
18:43:27.0940 0x0a04  RemoteRegistry - ok
18:43:27.0971 0x0a04  [ CCBFCABDFE2BC22F0645CEAADDB36004, 279EA9075079F91165027CEFD4FBC61A213CA602EE7DE106F7D2D243468706AA ] RFCOMM          C:\WINDOWS\System32\drivers\rfcomm.sys
18:43:27.0987 0x0a04  RFCOMM - ok
18:43:28.0018 0x0a04  [ 73F2E030B5C24E4E41401B5F0D59E6FD, FAA8B5E3159684E0836900C6EAF63857B445F7F180169B56D5790F097EDAA38B ] RpcEptMapper    C:\WINDOWS\System32\RpcEpMap.dll
18:43:28.0033 0x0a04  RpcEptMapper - ok
18:43:28.0065 0x0a04  [ 10B21284B3D964AB3DC45490E57D422E, 12D5E3A7785F21C99C5EAD14A88EB7A86A058E26C091991339356D99D196CC13 ] RpcLocator      C:\WINDOWS\system32\locator.exe
18:43:28.0065 0x0a04  RpcLocator - ok
18:43:28.0127 0x0a04  [ 1EC6E533C954BDDF2A37E7851A7E58FD, C25936A7465B6A2B3D05D2FCB09D91ACC07CFE038A5E968C99CFA9D9F2967DD4 ] RpcSs           C:\WINDOWS\system32\rpcss.dll
18:43:28.0174 0x0a04  RpcSs - ok
18:43:28.0205 0x0a04  [ E04E770DD198B9399640717145E79EBF, 2F9BECB7E4B0A522C6370FD39CFD7DFD3FB5D0A779AECCED2EE855629FA3C952 ] rspndr          C:\WINDOWS\system32\DRIVERS\rspndr.sys
18:43:28.0205 0x0a04  rspndr - ok
18:43:28.0221 0x0a04  [ 752EC7DCD2F96871A3857EEE6AFE965A, 1D0640966B9147A06ED0E733711773E6B4AB8AC6D962D5B369ECB04170D18AD8 ] s3cap           C:\WINDOWS\System32\drivers\vms3cap.sys
18:43:28.0236 0x0a04  s3cap - ok
18:43:28.0267 0x0a04  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] SamSs           C:\WINDOWS\system32\lsass.exe
18:43:28.0267 0x0a04  SamSs - ok
18:43:28.0283 0x0a04  [ 9C7B28CE0D136DB226E24DB3BC817F92, E9DE55D6432ADD08EC75F99F2B5D2BD1F553F4EE55991B1767B1578351EE0BF2 ] sbp2port        C:\WINDOWS\system32\drivers\sbp2port.sys
18:43:28.0299 0x0a04  sbp2port - ok
18:43:28.0345 0x0a04  [ 14316954FCE79C9DE5A0AFF9D42C83AA, B60FB1FAC0299F9560761411711E86EDFA2F8D27B58230E2E4BB37736FAB2287 ] SCardSvr        C:\WINDOWS\System32\SCardSvr.dll
18:43:28.0345 0x0a04  SCardSvr - ok
18:43:28.0361 0x0a04  [ 5D7733A12756B267FCA021672B26BC9E, 01CE5B5F49914B9E099BD909A66296F3A40644AE47BA1D5EBFFB30CD33C70A4A ] scfilter        C:\WINDOWS\system32\DRIVERS\scfilter.sys
18:43:28.0377 0x0a04  scfilter - ok
18:43:28.0470 0x0a04  [ 03F58B3FA4B5329F21F770B1EF8D984A, 32976E64E4960E5996E3CA2F8BA9374E01201C461DE52AF0FA14BA75C784AC25 ] Schedule        C:\WINDOWS\system32\schedsvc.dll
18:43:28.0548 0x0a04  Schedule - ok
18:43:28.0579 0x0a04  [ BAF8F0F55BC300E5F882E521F054E345, FB228DB18F2FA55D8BA35A7E6778EE5D2EB0C29D384F1A0A868F90AE706188D7 ] SCPolicySvc     C:\WINDOWS\System32\certprop.dll
18:43:28.0595 0x0a04  SCPolicySvc - ok
18:43:28.0642 0x0a04  [ F58B030A0664385C707B8C1C63682041, E46AADAA2CD687B9A4B564DC5B002493C8480542588E660BC3DF89EAF9DB0427 ] sdbus           C:\WINDOWS\System32\drivers\sdbus.sys
18:43:28.0657 0x0a04  sdbus - ok
18:43:28.0704 0x0a04  [ 92968277ED491E4B3DDA361E3952361E, 71C50853BB2126A34C7CD014EE44D4B8B39F589E2E8E8E8F4C982E07498E3899 ] SDRSVC          C:\WINDOWS\System32\SDRSVC.dll
18:43:28.0704 0x0a04  SDRSVC - ok
18:43:28.0735 0x0a04  [ BB107AA9980B0DA4E19A3A90C3BD4460, BCB4CF0FFF1FD57302557B68044A88C8EEAAE57C2FEAE8EAD1F410F960298B6D ] sdstor          C:\WINDOWS\System32\drivers\sdstor.sys
18:43:28.0735 0x0a04  sdstor - ok
18:43:28.0767 0x0a04  [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\WINDOWS\system32\drivers\secdrv.sys
18:43:28.0767 0x0a04  secdrv - ok
18:43:28.0813 0x0a04  [ CD282626738B6BC92B6E7CD0AAE95B63, 1A56567C781786C85C63E24E79186EE5C82D3EB2679061B21BA0571A3A6CB7F5 ] seclogon        C:\WINDOWS\system32\seclogon.dll
18:43:28.0813 0x0a04  seclogon - ok
18:43:28.0860 0x0a04  [ 9C51620998F0763039DFA6BF68E475ED, 9E496ADE7CE9A446BE8A2C2FC61B462D966778A94A4C147AABBD25C4821C2BCE ] SENS            C:\WINDOWS\System32\sens.dll
18:43:28.0860 0x0a04  SENS - ok
18:43:28.0891 0x0a04  [ 0D50B4B860DAB65241628D04CD33ACAE, 2AA897C3F9ED076AB9244A32745D18489B076F3ED28A35B868C472131C5B5B46 ] SensrSvc        C:\WINDOWS\system32\sensrsvc.dll
18:43:28.0891 0x0a04  SensrSvc - ok
18:43:28.0923 0x0a04  [ 87C46B239A7EEF30FDFDD5E9BD46130C, F36FB5B20AC58FBD31F7E636059D2D865B751E178E51A03B94ABE0BBD1AB1EC9 ] SerCx           C:\WINDOWS\system32\drivers\SerCx.sys
18:43:28.0923 0x0a04  SerCx - ok
18:43:28.0954 0x0a04  [ 7A1F9347C85FD55E39B8A76B3A25C5AD, 03AF3B23285278A38F4CBEAB7FD326A48FA1EC7F8D044C059CE5403C6D225639 ] Serenum         C:\WINDOWS\System32\drivers\serenum.sys
18:43:28.0969 0x0a04  Serenum - ok
18:43:28.0969 0x0a04  [ F640A0A218BBF857F1D04A15D7D939F6, 948C13886281FE7947E10FB7B34D5CCFE512FB632F1132B6062AC85149F79950 ] Serial          C:\WINDOWS\System32\drivers\serial.sys
18:43:28.0985 0x0a04  Serial - ok
18:43:28.0985 0x0a04  [ F1A5F56B2620B862CC28FF96A0A6DAAB, E5367212B2CADF3820D657CFC27CD961547E28DAB950C68E1380CF97FB68F3F4 ] sermouse        C:\WINDOWS\System32\drivers\sermouse.sys
18:43:29.0001 0x0a04  sermouse - ok
18:43:29.0047 0x0a04  [ CB60A60340788C8D6DE2A269D28086AB, 2D8948E59BB9B00E16D20E425F80E7B862957DBAC9A4D1484E5191FAF333B60D ] SessionEnv      C:\WINDOWS\system32\sessenv.dll
18:43:29.0063 0x0a04  SessionEnv - ok
18:43:29.0079 0x0a04  [ 7EE65419B29302C795714FF8073969A1, E28D89A5423E3A5062030EB2418E9435DD5D8B9D16570046E782D3FCFDA2E79A ] sfloppy         C:\WINDOWS\System32\drivers\sfloppy.sys
18:43:29.0079 0x0a04  sfloppy - ok
18:43:29.0141 0x0a04  [ 090AE16F79C8EAD04E6031F863DA85F3, 3F27BE46DF602B53940414A6E9FEB23B36CFFB8E9A7F41440C3315B8E27D0029 ] SharedAccess    C:\WINDOWS\System32\ipnathlp.dll
18:43:29.0157 0x0a04  SharedAccess - ok
18:43:29.0219 0x0a04  [ A77F3ABE13FCC698511E5DEC7ACEBD5F, 78A43FDA9F770FD8BA107605DB44BC71D8B89D7E75560DA783AA6356C1873C15 ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
18:43:29.0250 0x0a04  ShellHWDetection - ok
18:43:29.0281 0x0a04  [ 2560721D6F16D5B611C36A3A9D28C1B2, 15C30404902654ABA5DB5367FC5BD31343B12A3FC22B4BC5A26B09016447B5ED ] SiSRaid2        C:\WINDOWS\system32\drivers\SiSRaid2.sys
18:43:29.0297 0x0a04  SiSRaid2 - ok
18:43:29.0297 0x0a04  [ 3AA8FDE1DBF65BB8B88B053529554A0D, 8060D946344D043D336F4735363C23C37C91A6DB3F81E575C267B2EC2BECB0EC ] SiSRaid4        C:\WINDOWS\system32\drivers\sisraid4.sys
18:43:29.0313 0x0a04  SiSRaid4 - ok
18:43:29.0344 0x0a04  [ E660156A4588A84305CB772FD2C0DB21, 9492EB6578D4A689945E1FC2440EFA77D461049CDB2D00A645969A71B7DA68E1 ] SNMPTRAP        C:\WINDOWS\System32\snmptrap.exe
18:43:29.0344 0x0a04  SNMPTRAP - ok
18:43:29.0391 0x0a04  [ 9110193D93960E38B8692E4519C75D72, 789381B4CCC056EE431E78E2339AC9802264A1CE4B378DDA9769649664C9A7A0 ] spaceport       C:\WINDOWS\system32\drivers\spaceport.sys
18:43:29.0406 0x0a04  spaceport - ok
18:43:29.0422 0x0a04  [ 3D8679C8DF52EB26EB7583A4E0A29202, DCD9B69299275857712AB200C014AE820C8A9F7E53C4A335A84518FBE4BB56BB ] SpbCx           C:\WINDOWS\system32\drivers\SpbCx.sys
18:43:29.0422 0x0a04  SpbCx - ok
18:43:29.0562 0x0a04  [ CF3AF4684F80F2D965539C6AFD5E9B5D, 7469BB8ECA5EEC5BD2A5ADB4DFCF2EB1ABEDDC2431E0902BA09F04087458835B ] SpeedDiskService C:\Program Files (x86)\Symantec\Norton Utilities 16\Tools\SpeedDisk\SpeedDiskSrv.exe
18:43:29.0625 0x0a04  SpeedDiskService - ok
18:43:29.0687 0x0a04  [ 3F215BF2D4D8D6756298B25B579772C2, 744192D1635E5D296BFD399E870B70592202CEAF95C31C2D2B226A868D33A3FD ] Spooler         C:\WINDOWS\System32\spoolsv.exe
18:43:29.0734 0x0a04  Spooler - ok
18:43:30.0015 0x0a04  [ 061A977C920FBE4BF71FF47C966DDDCA, 746516396B72E4ADB05D978C819CD45FE44EE194756F6DA50121D755439CA590 ] sppsvc          C:\WINDOWS\system32\sppsvc.exe
18:43:30.0280 0x0a04  sppsvc - ok
18:43:30.0436 0x0a04  [ F718A57D946EAC76EFCB351D74E269F4, 473AE48BACEE64A9582814951B731BDDDEB48D2E9D407ACEAA3F0850B536DABA ] SRTSP           C:\WINDOWS\System32\Drivers\N360x64\1504000.00D\SRTSP64.SYS
18:43:30.0467 0x0a04  SRTSP - ok
18:43:30.0498 0x0a04  [ B18CE01B9C09C59422BA7C7064248B35, B355EE2FBB37C4B0EFFE4DC5E0788A26579266828E7988EDC497B0AE7375F8AB ] SRTSPX          C:\WINDOWS\system32\drivers\N360x64\1504000.00D\SRTSPX64.SYS
18:43:30.0498 0x0a04  SRTSPX - ok
18:43:30.0545 0x0a04  [ 0F1FCD575A03ABDE13FCA9D0ADE4DDA6, 61EEB1349489CB85204F1B4E398BE24EDC01FB914120C9DD0487F8EE1EDA055E ] srv             C:\WINDOWS\system32\DRIVERS\srv.sys
18:43:30.0561 0x0a04  srv - ok
18:43:30.0623 0x0a04  [ 8504ADDE9C146C6295B16D13A0007560, 715E3752AE4A276FA8DAFA3B52B699C45D97E747CB25FE4AE307241D206319B7 ] srv2            C:\WINDOWS\system32\DRIVERS\srv2.sys
18:43:30.0685 0x0a04  srv2 - ok
18:43:30.0732 0x0a04  [ BB0F9E19C5CE4DC765B263E2A5561DE1, F7DBC96E049625E4312D8F588FCF2B4AC6318C04D04758982FE9B51DABEC2DAE ] srvnet          C:\WINDOWS\system32\DRIVERS\srvnet.sys
18:43:30.0748 0x0a04  srvnet - ok
18:43:30.0779 0x0a04  [ 7A20882D76D4A78240A5AC9F2C2EBA21, ACA05211EE542999A118BBD2CD051038A7DC8C40C4B8971DC6514BA90E90EC61 ] SSDPSRV         C:\WINDOWS\System32\ssdpsrv.dll
18:43:30.0795 0x0a04  SSDPSRV - ok
18:43:30.0826 0x0a04  [ D233B16999A8E626F6004BD7814C57EC, 5BBFE5DDF1269617ABD1BDBED85A79D99BB52EA29C2BB3A8F4A1827BFAA1A747 ] SstpSvc         C:\WINDOWS\system32\sstpsvc.dll
18:43:30.0826 0x0a04  SstpSvc - ok
18:43:30.0888 0x0a04  [ 4E85355B94CFCB67C135F6521A4895A7, AC4FC65C1E62A54B3834E7FE0A2B1ECC48A2AA563AE5BD508326EE68FFFBBEEE ] stexstor        C:\WINDOWS\system32\drivers\stexstor.sys
18:43:30.0919 0x0a04  stexstor - ok
18:43:31.0044 0x0a04  [ BAC8A721736AECC55A4F71523AEAB65F, B52E1303B13A961A5FC190829E55B6F28ACA409A6EEF44B358D1D210558FE1D8 ] stisvc          C:\WINDOWS\System32\wiaservc.dll
18:43:31.0075 0x0a04  stisvc - ok
18:43:31.0107 0x0a04  [ B240874B2CA0CD02E8CD11E140B14C57, 0FDBEE3DB644175A30065CAF020F375703ADC45A33221788C010F3111707FC25 ] storahci        C:\WINDOWS\system32\drivers\storahci.sys
18:43:31.0122 0x0a04  storahci - ok
18:43:31.0153 0x0a04  [ F74DBC95A57B1EE866D3732EB5F79BE2, E4FE9D5CD0A385ACB60D5D5E8D969F26C3A6BC0C08FF0838DBE9CA106229C8DE ] storflt         C:\WINDOWS\system32\DRIVERS\vmstorfl.sys
18:43:31.0153 0x0a04  storflt - ok
18:43:31.0169 0x0a04  [ 5337E138B49ED1F44CCBA4073BC35C20, 2B296973215E3865A56C46DC3D27F1460D96BC321558CE7A911B05B0E7BF397F ] StorSvc         C:\WINDOWS\system32\storsvc.dll
18:43:31.0169 0x0a04  StorSvc - ok
18:43:31.0200 0x0a04  [ 543CD3CC0E05B8D8815E0D4F040B6F59, 4B57C9534E94A0A67FC82DBD4FAECACA180BEC281FB477550A37C0A04777E09E ] storvsc         C:\WINDOWS\system32\drivers\storvsc.sys
18:43:31.0200 0x0a04  storvsc - ok
18:43:31.0232 0x0a04  [ 8BC1C1ED6EF9C985A3FAA6A72F41679A, 82CC77030D23013572B4A64A64B6156789F253BF56268B790093CE3D345410A0 ] svsvc           C:\WINDOWS\system32\svsvc.dll
18:43:31.0232 0x0a04  svsvc - ok
18:43:31.0263 0x0a04  [ 4AFD66AAE74FFB5986BC240744DC5FC9, 0C9347614E3FD3B4D3B29FA4A5DA23FF6EE4CD9A1FFC378B855B8DE61B2876CF ] swenum          C:\WINDOWS\System32\drivers\swenum.sys
18:43:31.0278 0x0a04  swenum - ok
18:43:31.0309 0x0a04  [ 502F9488540051F3E6C39889ECFA76BB, 22ABD681BE4CF8A1F484C6363C1334B1EF7A6C074D837B0121DE1896887B84C6 ] swprv           C:\WINDOWS\System32\swprv.dll
18:43:31.0341 0x0a04  swprv - ok
18:43:31.0387 0x0a04  [ 5C9EE2303CA7F267665D75237862B39C, 5DECD977A823C14B4D980D3DB621BC875231B741653F0450A027FC9E87725F9D ] SymDS           C:\WINDOWS\system32\drivers\N360x64\1504000.00D\SYMDS64.SYS
18:43:31.0403 0x0a04  SymDS - ok
18:43:31.0497 0x0a04  [ 9F31630D7FC2DD9D5DA1CE359AAD1F46, 296D29EDF53956D1899DE4669AB429C280DF9F183F00AE1CE528E7C575802235 ] SymEFA          C:\WINDOWS\system32\drivers\N360x64\1504000.00D\SYMEFA64.SYS
18:43:31.0575 0x0a04  SymEFA - ok
18:43:31.0590 0x0a04  [ 20F758E6339A16F97DD83389D582E09A, 837016154B7952B645B5545AEB8E2A8878EFA8674E6B96471C3DB5E458B06960 ] SymELAM         C:\WINDOWS\system32\drivers\N360x64\1504000.00D\SymELAM.sys
18:43:31.0606 0x0a04  SymELAM - ok
18:43:31.0637 0x0a04  [ 97E11C50CE52277B377396EA8838E539, E17D03F80E14F961C41F2D54D1EF73D29BF01F38459C5710D786234F8BA3C835 ] SymEvent        C:\WINDOWS\system32\Drivers\SYMEVENT64x86.SYS
18:43:31.0637 0x0a04  SymEvent - ok
18:43:31.0684 0x0a04  [ 48C2934683CBD06F662B088EEF49EF6A, 2212A3588C28F33EFCB1D34618B3054EBBAC6731D177A581D21D1F969FE040C0 ] SymIRON         C:\WINDOWS\system32\drivers\N360x64\1504000.00D\Ironx64.SYS
18:43:31.0684 0x0a04  SymIRON - ok
18:43:31.0746 0x0a04  [ 5570A74FF9B1EFBC5154DD1E2F05C517, 2C883A0334CBE4AE257028805C9BB1E529A80F56BA6D341E8EBB83CB3E46FEB7 ] SymNetS         C:\WINDOWS\System32\Drivers\N360x64\1504000.00D\SYMNETS.SYS
18:43:31.0777 0x0a04  SymNetS - ok
18:43:31.0840 0x0a04  [ 58D6878DACD9C4EA81D352914254426B, 54642AC8ED9360F99A2B3962F5F0DD42A8B2249A2A4DD4E69E6048894A199604 ] SynTP           C:\WINDOWS\system32\DRIVERS\SynTP.sys
18:43:31.0855 0x0a04  SynTP - ok
18:43:31.0965 0x0a04  [ A06CB9269D29EE3D0F3F5630ABB660B8, 519A01FC7D9414B26CCBC23E7FB1CEAF1C91CD173B4F4A4025F8316B7460C584 ] SysMain         C:\WINDOWS\system32\sysmain.dll
18:43:32.0043 0x0a04  SysMain - ok
18:43:32.0089 0x0a04  [ 6FB88606C4A71E1BFAF97D63A676C673, D72F93A482E989ACA50F9647B7AD699A4656AEAACF377BB2B8CEBB094B748852 ] SystemEventsBroker C:\WINDOWS\System32\SystemEventsBrokerServer.dll
18:43:32.0105 0x0a04  SystemEventsBroker - ok
18:43:32.0136 0x0a04  [ A6C06C45C44AD06C70AF8899AEC15BDC, AC2CCCDBA6B94BA85A6D41B47343193D175786D4ECF71AE9C7766ADD63A1273F ] TabletInputService C:\WINDOWS\System32\TabSvc.dll
18:43:32.0136 0x0a04  TabletInputService - ok
18:43:32.0214 0x0a04  [ 88B7721AB551C4325036B25A34A2BF7B, 2817CC6294542524EC373A674535F913440736BEBE81233CA91D5ECD93620B02 ] TapiSrv         C:\WINDOWS\System32\tapisrv.dll
18:43:32.0277 0x0a04  TapiSrv - ok
18:43:32.0448 0x0a04  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] Tcpip           C:\WINDOWS\system32\drivers\tcpip.sys
18:43:32.0635 0x0a04  Tcpip - ok
18:43:32.0776 0x0a04  [ 0E0C16EE82E2F4EBC2FBCA24C8F00D9E, F8B2A0257442E00C5D7C5A15BBD84194D0F0C071424656CA4B8EC850B6898D10 ] TCPIP6          C:\WINDOWS\system32\DRIVERS\tcpip.sys
18:43:32.0854 0x0a04  TCPIP6 - ok
18:43:32.0916 0x0a04  [ 8F2A13A5DF99D72FDDE87F502A66F989, 2228C62ACDB4CBBFDD2BE705E604E0B9A8AEA7146F65F2D8B9B2A2FB49ACFAE1 ] tcpipreg        C:\WINDOWS\system32\drivers\tcpipreg.sys
18:43:32.0916 0x0a04  tcpipreg - ok
18:43:32.0932 0x0a04  [ 73DC722CE5DF26D7638CE2446F2655C7, 9B8E6F6DEA5E0C2AEAC24A31897D2E73F86EF44F1C25FEF82D2C860353793817 ] tdx             C:\WINDOWS\system32\DRIVERS\tdx.sys
18:43:32.0947 0x0a04  tdx - ok
18:43:32.0963 0x0a04  [ F7C8AB5D8AFFAA318D6A21093D139BF4, 0A35052EF7DC8615783A23897358D8C579BE694363615C9563FF629E7B719991 ] terminpt        C:\WINDOWS\System32\drivers\terminpt.sys
18:43:32.0979 0x0a04  terminpt - ok
18:43:33.0041 0x0a04  [ 541EE228D0DEF392F7B2DFD885DD021B, 594D6538FA4DB5EF4D130007D7C29051EC2EDCA39EBB119695B58E9CBB0EB728 ] TermService     C:\WINDOWS\System32\termsrv.dll
18:43:33.0088 0x0a04  TermService - ok
18:43:33.0103 0x0a04  [ 519A6F672FFF56B7D8EE8C730CEC8ECD, 2B36F10C0AE16A261DC0887B1050808BA1F0568F3879E4ABC3D370F08C3FADB7 ] Themes          C:\WINDOWS\system32\themeservice.dll
18:43:33.0119 0x0a04  Themes - ok
18:43:33.0150 0x0a04  [ EEE908BE7143FCA48CF0CB87214E2AB8, 4F9BD299F559DD36DBD93489CFAA753F236FBB70946E034D2E2260059AE20962 ] THREADORDER     C:\WINDOWS\system32\mmcss.dll
18:43:33.0166 0x0a04  THREADORDER - ok
18:43:33.0197 0x0a04  [ 4515B9E4140F04FB3907692DF89FCA87, F68EC56524BDA877646E987BE7414C1D622BD9FF05A5AEADCA39030FDC2B0115 ] TimeBroker      C:\WINDOWS\System32\TimeBrokerServer.dll
18:43:33.0213 0x0a04  TimeBroker - ok
18:43:33.0244 0x0a04  [ E94F7A7B48C7638D1F3F8089344C97B7, 276CDE59614D563A52529BCC4BFC726E5F5BE131C9C4142558A644D79328C810 ] TPM             C:\WINDOWS\system32\drivers\tpm.sys
18:43:33.0259 0x0a04  TPM - ok
18:43:33.0275 0x0a04  [ 8C8CF3041B27E7657ADD0EE17F6DBFCA, A6846478B9E7B0A509E5A28C6C7B66ED39F0247F9AFF01E3C3CADC0DBEF3CA00 ] TrkWks          C:\WINDOWS\System32\trkwks.dll
18:43:33.0291 0x0a04  TrkWks - ok
18:43:33.0353 0x0a04  [ 8ABBB5CE0C62E0A6D28F32F44B7F865C, 4C78FE2A4A25A758D5191C4EDB2A6FE691FF82E7C16C0F146DC96DAD87D4F64E ] TrustedInstaller C:\WINDOWS\servicing\TrustedInstaller.exe
18:43:33.0353 0x0a04  TrustedInstaller - ok
18:43:33.0400 0x0a04  [ 4E7C5FB10A50435523DE0CAA37DE2BD3, D6206DF61950F2541FB754E57C4D9EF9FA0CC1EDD6F6FA4E45F02B47958493F7 ] TsUsbFlt        C:\WINDOWS\system32\drivers\tsusbflt.sys
18:43:33.0400 0x0a04  TsUsbFlt - ok
18:43:33.0415 0x0a04  [ 16D684A820872EE54F6370703AC0B513, 795E20484358424CE9FA766937DD99413025A8AF967D03490392E8E02A382D0B ] TsUsbGD         C:\WINDOWS\System32\drivers\TsUsbGD.sys
18:43:33.0415 0x0a04  TsUsbGD - ok
18:43:33.0447 0x0a04  [ 78C9EE193AC2B4CBDBC48B620314D740, 41523E47D321BFF5778F5E453545B928C0A469C3BBA51578E74D6721D7DF9273 ] tunnel          C:\WINDOWS\system32\DRIVERS\tunnel.sys
18:43:33.0447 0x0a04  tunnel - ok
18:43:33.0462 0x0a04  [ 6D4F67CA56ACA2085DFA2CD89EAFBC1A, AA7DA2207C0236F47859A4791F9D7301E7ADB50A59D831DC859ECC7CA70D3E1D ] uagp35          C:\WINDOWS\system32\drivers\uagp35.sys
18:43:33.0462 0x0a04  uagp35 - ok
18:43:33.0493 0x0a04  [ 6FD6D03B7752C78712E5CFF29A305026, F09C5188AAFCF4C77B05BA1E604F9912782A9F1371F72F959288EBC2725407ED ] UASPStor        C:\WINDOWS\System32\drivers\uaspstor.sys
18:43:33.0493 0x0a04  UASPStor - ok
18:43:33.0540 0x0a04  [ 061BA3EE0D2BE17944990544008CF190, C9236D368EC2281B545E8C008BC2801F21A9716ED3D4DAEDB0751A5008346E81 ] UCX01000        C:\WINDOWS\System32\drivers\ucx01000.sys
18:43:33.0556 0x0a04  UCX01000 - ok
18:43:33.0587 0x0a04  [ 25C50F4EDF70D0A831E0566BD181CCF2, F2F9E86FB5617C16077D2073EC0AA747F76F1EB5148BA110347A84F3C3569F83 ] udfs            C:\WINDOWS\system32\DRIVERS\udfs.sys
18:43:33.0603 0x0a04  udfs - ok
18:43:33.0649 0x0a04  [ FB3475FEA1CCB0DAEA1EBE44D0E3BB7D, 16DE6E0894C356A58AF12BEC2FE9B188F147DD4B16CB2414DE600CE4127F929D ] UI0Detect       C:\WINDOWS\system32\UI0Detect.exe
18:43:33.0649 0x0a04  UI0Detect - ok
18:43:33.0696 0x0a04  [ 07FEBCDF24FABA0D47B635D85A0FFB7A, 452C04B14681EBCE8B1B25B75A1B7CC978722B7DDE54D624E17841B14ACCF65D ] uliagpkx        C:\WINDOWS\system32\drivers\uliagpkx.sys
18:43:33.0696 0x0a04  uliagpkx - ok
18:43:33.0712 0x0a04  [ 02CEB3FE6152668A7BA420B93B664860, 613F27540FD1EFE2442E326F507DACD5A25691C8481937022B7E1104F3E6E9E2 ] umbus           C:\WINDOWS\System32\drivers\umbus.sys
18:43:33.0727 0x0a04  umbus - ok
18:43:33.0727 0x0a04  [ 991EE6B5FC41EAEF99C8AF5B92F2CA09, 30AAD7D18FF5962CEC7180359D148EED5A1BF193DDB2B34508897FC3EBA692C3 ] UmPass          C:\WINDOWS\System32\drivers\umpass.sys
18:43:33.0727 0x0a04  UmPass - ok
18:43:33.0774 0x0a04  [ 43FEFB040A0CC30F795FBF544169594D, F2A730C0F7C883321C378D4564120A40428D7F8E393F02C8D6A08934795A35C7 ] UmRdpService    C:\WINDOWS\System32\umrdp.dll
18:43:33.0790 0x0a04  UmRdpService - ok
18:43:33.0821 0x0a04  [ 14D22C411854AA2560AFC94CD2D5E61F, BB376734733671C02319E6DB1800D41212694446FD65465498C92D4ECBFE7458 ] upnphost        C:\WINDOWS\System32\upnphost.dll
18:43:33.0868 0x0a04  upnphost - ok
18:43:33.0915 0x0a04  [ C976C4306F9AE133D6BBD47FDFC3BF92, 820413D92D6A89055A7F26523BF5CC4B668610C4A06E8B0D163FBF929B1DFA9A ] usbccgp         C:\WINDOWS\System32\drivers\usbccgp.sys
18:43:33.0915 0x0a04  usbccgp - ok
18:43:33.0946 0x0a04  [ 427B6DB8C05A5A977E8C3525370A2595, C67222CA9123AE12D953995326B3B582C146CEA89594B7209DB0B1F628A0118D ] usbcir          C:\WINDOWS\System32\drivers\usbcir.sys
18:43:33.0946 0x0a04  usbcir - ok
18:43:33.0961 0x0a04  [ B24FDEB1B18496F1B463782235AA3AF1, 3F5036F36987C8007D03DAFC3EC30615515BE96D9A1DF879BCD4EB0E66CD50B1 ] usbehci         C:\WINDOWS\System32\drivers\usbehci.sys
18:43:33.0993 0x0a04  usbehci - ok
18:43:34.0024 0x0a04  [ 504901430B6E03B99EBB6BF26E0868C6, D00C0904B7008305DCA5D1E6FED153DD8875CAD14D80348E59F42A182FA7E832 ] usbfilter       C:\WINDOWS\system32\DRIVERS\usbfilter.sys
18:43:34.0024 0x0a04  usbfilter - ok
18:43:34.0071 0x0a04  [ F8C2A832DF9403F5EA8080CBDBDA95FB, 50E9455465672BC13EB945BEC132D2F30BA2EB25C68928D2B4C256F2DB292A83 ] usbhub          C:\WINDOWS\System32\drivers\usbhub.sys
18:43:34.0102 0x0a04  usbhub - ok
18:43:34.0149 0x0a04  [ E5F7328B1D29BCE791862CD3C0DD382A, E520D75CA6E4EDB06F576D97FB6B7CFD46A3EF3A3AC881537DE3BB8C862FE8C3 ] USBHUB3         C:\WINDOWS\System32\drivers\UsbHub3.sys
18:43:34.0164 0x0a04  USBHUB3 - ok
18:43:34.0211 0x0a04  [ 325F6179009B5A7F6118951A5BA422AB, 756CB2893530485E8C3ACFF5A40F4C6EB446E72B2296E8772058E407A5E066DE ] usbohci         C:\WINDOWS\System32\drivers\usbohci.sys
18:43:34.0211 0x0a04  usbohci - ok
18:43:34.0258 0x0a04  [ 9FDBA6982582A6F2354144980F641E7B, 054A65412CB22C5BE970FD3A266E140110D869B614B9F9894628D553CE82C991 ] usbprint        C:\WINDOWS\System32\drivers\usbprint.sys
18:43:34.0258 0x0a04  usbprint - ok
18:43:34.0289 0x0a04  [ BFC7FE4AAEB61317A921871B4085EF4B, CBC3FBAEAD6C82A437CC87A97007EF807C64053AB8FA5C3233C2A0CF6FC8D019 ] USBSTOR         C:\WINDOWS\System32\drivers\USBSTOR.SYS
18:43:34.0305 0x0a04  USBSTOR - ok
18:43:34.0336 0x0a04  [ 1ABF657259DB57F7E5558E4DF1357C0C, 34EAF5DEA3293CFA96BA81B036305FD90ABAE05B9CB73D4F54FB236448C1978C ] usbuhci         C:\WINDOWS\System32\drivers\usbuhci.sys
18:43:34.0336 0x0a04  usbuhci - ok
18:43:34.0367 0x0a04  [ 9EF7C01D3ACCBC243B5CB1A95865B2FF, 367A7640B4992E68EB3E1BBD78D3014742F4CC4056750E389048C653251DAD33 ] usbvideo        C:\WINDOWS\System32\Drivers\usbvideo.sys
18:43:34.0383 0x0a04  usbvideo - ok
18:43:34.0414 0x0a04  [ 8DC398D7B8E02C929A2096E74A170970, 87B3CE84D05F50C33935B28F0AFF1CB15DAA4530768BA1FB25C311609CD4B0A5 ] USBXHCI         C:\WINDOWS\System32\drivers\USBXHCI.SYS
18:43:34.0429 0x0a04  USBXHCI - ok
18:43:34.0461 0x0a04  [ F1DA34D64F2BA200D28A7451804E2FEE, 8BDF328F18F1EB58AC0E383ABA7985BA69EA9622B262CD524E3390FDE824DEEB ] VaultSvc        C:\WINDOWS\system32\lsass.exe
18:43:34.0461 0x0a04  VaultSvc - ok
18:43:34.0492 0x0a04  [ BACECBFF9C97F7627A60B0E0F1FE7EE8, DC82F767D066B93A48A090DC7146EBCCDC54B43C6CD9DF29A160E09E3A531DC8 ] vdrvroot        C:\WINDOWS\system32\drivers\vdrvroot.sys
18:43:34.0507 0x0a04  vdrvroot - ok
18:43:34.0570 0x0a04  [ 1B4488988E5E7512E6C5CD1255E9E973, B82C26E767A8895CFFD76C11D07D5C945C38E1BD32CC27D20A6C0FA7F6064FC5 ] vds             C:\WINDOWS\System32\vds.exe
18:43:34.0617 0x0a04  vds - ok
18:43:34.0648 0x0a04  [ 74FA2D4368DE6F6CE14393EDF1F342BE, C5CE4164B2C3D583A7FB8687ADEADCDB08D36A5AB1965E5FC6949AEED15881C8 ] VerifierExt     C:\WINDOWS\system32\drivers\VerifierExt.sys
18:43:34.0648 0x0a04  VerifierExt - ok
18:43:34.0695 0x0a04  [ 500BE6B2E49883720D0AE8BB859ED7A3, 4606B02A3E8123510676E554635EB5ECF9DC5F2B83928710C8563787C52CC102 ] vhdmp           C:\WINDOWS\System32\drivers\vhdmp.sys
18:43:34.0726 0x0a04  vhdmp - ok
18:43:34.0741 0x0a04  [ F5B4A14B00E89250C50982AC762DDD1D, 581CD97DD42E74A82F06BFB827DFC82618B4A8667ACA7E93C628BB0D056CE8F0 ] viaide          C:\WINDOWS\system32\drivers\viaide.sys
18:43:34.0741 0x0a04  viaide - ok
18:43:34.0757 0x0a04  [ 78DB50F7329F6D1311658DABFFFC8BE0, 8CB0C831608033C4BC1D2DA7FAA7D429333A3654E76A989F7AF85BFC5F086BE9 ] vmbus           C:\WINDOWS\system32\drivers\vmbus.sys
18:43:34.0773 0x0a04  vmbus - ok
18:43:34.0788 0x0a04  [ ECFEE2F2BA3932C7880D1A8F67D68F91, 57DCD55A518A9FBDEF72B511C643B1062C3F7BD339F4B0FC19E9D84C615B968D ] VMBusHID        C:\WINDOWS\System32\drivers\VMBusHID.sys
18:43:34.0788 0x0a04  VMBusHID - ok
18:43:34.0835 0x0a04  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicheartbeat   C:\WINDOWS\System32\ICSvc.dll
18:43:34.0851 0x0a04  vmicheartbeat - ok
18:43:34.0866 0x0a04  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmickvpexchange C:\WINDOWS\System32\ICSvc.dll
18:43:34.0882 0x0a04  vmickvpexchange - ok
18:43:34.0897 0x0a04  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicrdv         C:\WINDOWS\System32\ICSvc.dll
18:43:34.0913 0x0a04  vmicrdv - ok
18:43:34.0944 0x0a04  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicshutdown    C:\WINDOWS\System32\ICSvc.dll
18:43:34.0960 0x0a04  vmicshutdown - ok
18:43:34.0975 0x0a04  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmictimesync    C:\WINDOWS\System32\ICSvc.dll
18:43:34.0991 0x0a04  vmictimesync - ok
18:43:35.0022 0x0a04  [ B8FF4248103E6EA47B9D85C55673ABA3, 4337FA0F0FB5C45BFC42FF17DFAA5DCA394C74BA8283851504AD79F47B69CB0D ] vmicvss         C:\WINDOWS\System32\ICSvc.dll
18:43:35.0038 0x0a04  vmicvss - ok
18:43:35.0053 0x0a04  [ CB60FAAED8B49B812EBBF77EB87D9B18, ADA7C68D4C4981555ED48981E8B7ACBEEF5C39F902EB98782FC3DFF495FE0C33 ] volmgr          C:\WINDOWS\system32\drivers\volmgr.sys
18:43:35.0053 0x0a04  volmgr - ok
18:43:35.0100 0x0a04  [ A74101DA9809251BCD0E5A26BAE0F824, 15A3A7CC31A13C5882812C344D0937A8A4503D12DB07B9F7F2A8191B739CDBF7 ] volmgrx         C:\WINDOWS\system32\drivers\volmgrx.sys
18:43:35.0116 0x0a04  volmgrx - ok
18:43:35.0163 0x0a04  [ 78A5BBA3819FFFC62FFEC3E2220D102D, A95797B97D576374C2CDA8A09E6C51A89BADE428AAA89D5093579C85062E5874 ] volsnap         C:\WINDOWS\system32\drivers\volsnap.sys
18:43:35.0178 0x0a04  volsnap - ok
18:43:35.0194 0x0a04  [ A8DA1C1B52ECEA3726DEBED4FF1B700D, 75C024EC3858DF24FB82FE105BDD1E37900D53EFE9D72F42CDDFFD0742525586 ] vpci            C:\WINDOWS\System32\drivers\vpci.sys
18:43:35.0209 0x0a04  vpci - ok
18:43:35.0225 0x0a04  [ 38A60CD9C009C55C6D3B5586F8E6A353, 7F7E2AE39F1A0A5245650911E310E0948BC22A18262A16FA76B44A042D66312D ] vsmraid         C:\WINDOWS\system32\drivers\vsmraid.sys
18:43:35.0225 0x0a04  vsmraid - ok
18:43:35.0334 0x0a04  [ D0C69E44BC1E1D4AD290FD84104623D8, 4C86760EA4BD2A64FFD42D89284EC3E5048CB2F0F6F3B80D017B41C0D2456A90 ] VSS             C:\WINDOWS\system32\vssvc.exe
18:43:35.0412 0x0a04  VSS - ok
18:43:35.0444 0x0a04  [ A0F6FE0FC2F647C22BBFD6BD4249DBCC, AC2F3C70EDCA0AFBB2606267DFE6D3E8E7B0772140153BAD6B0A9EDE6A1D2F29 ] VSTXRAID        C:\WINDOWS\system32\drivers\vstxraid.sys
18:43:35.0459 0x0a04  VSTXRAID - ok
18:43:35.0490 0x0a04  [ 62460A45435A26A334907E3F2EA45611, FEF86E05117CC0AAB8211CA1542776EB620BD4699BD590D91F16621ED35B9824 ] vwifibus        C:\WINDOWS\System32\drivers\vwifibus.sys
18:43:35.0506 0x0a04  vwifibus - ok
18:43:35.0521 0x0a04  [ 095E943D27025E4D588AF0A72CC2318F, 3CE406A202F93EF8C4BC7317621A672670D734C69166393CA7256D5E5E667041 ] vwififlt        C:\WINDOWS\system32\DRIVERS\vwififlt.sys
18:43:35.0521 0x0a04  vwififlt - ok
18:43:35.0553 0x0a04  [ 73FA1A41A97A5C34ADC03B3577FF1A86, CBA4BC0DA837C163587BBB4BF2AC1549C72440307C984D3CDF8995023718136C ] vwifimp         C:\WINDOWS\system32\DRIVERS\vwifimp.sys
18:43:35.0568 0x0a04  vwifimp - ok
18:43:35.0615 0x0a04  [ F690B6EEAA94576727B24376D7ED3601, A61EE96024C8FC4058481DFB1E7F0AD746565368672FA3B6BA8F9E23D0F47E4C ] W32Time         C:\WINDOWS\system32\w32time.dll
18:43:35.0662 0x0a04  W32Time - ok
18:43:35.0677 0x0a04  [ 6B806E893714019969E2B50D7EF6A4D9, 38FE2B01082DC4C2A0C11A292016A727F48C3DF1293DC3A0216B2254A452263F ] WacomPen        C:\WINDOWS\System32\drivers\wacompen.sys
18:43:35.0677 0x0a04  WacomPen - ok
18:43:35.0709 0x0a04  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarp          C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:43:35.0709 0x0a04  Wanarp - ok
18:43:35.0724 0x0a04  [ 61F6972FF9AC9A8D0B4D62076DC30051, 5A028036461534CA53CB2D6C1D720783D408A9F17FD77AB1ECDD75FBAD9F2381 ] Wanarpv6        C:\WINDOWS\system32\DRIVERS\wanarp.sys
18:43:35.0724 0x0a04  Wanarpv6 - ok
18:43:35.0849 0x0a04  [ 42DF22F8C448E7CD219F6D63743505E2, 063F4280C7BD20CE1360436B76A17DFE17FF611F75337A47373D098CC6C263BF ] wbengine        C:\WINDOWS\system32\wbengine.exe
18:43:35.0927 0x0a04  wbengine - ok
18:43:35.0974 0x0a04  [ 31D37B2F6069C631EF0557D322924812, 6E18A1060F3C8F4BF220E286C44327866A8F9109E74928AA2D8C2DA9C452038B ] WbioSrvc        C:\WINDOWS\System32\wbiosrvc.dll
18:43:36.0005 0x0a04  WbioSrvc - ok
18:43:36.0036 0x0a04  [ AF1349386D4C6786EF4E34FACEF15042, 6B33778409BC54C1955B92508ADDEBAFD629141961B71C94A91DC4CFE8391A13 ] Wcmsvc          C:\WINDOWS\System32\wcmsvc.dll
18:43:36.0052 0x0a04  Wcmsvc - ok
18:43:36.0083 0x0a04  [ 5B5FEAB51172F5513C2CF7B39CFA6A01, 4FDAC5168E00D44781C6F5D98ECD4977A12663C5CE6FFDFF9DBC89A28D6212D8 ] wcncsvc         C:\WINDOWS\System32\wcncsvc.dll
18:43:36.0114 0x0a04  wcncsvc - ok
18:43:36.0130 0x0a04  [ E19556D414332E2BEBA1F368229006B4, AB3454EC85D7B6E62D44C4510C1547AE7F736558588E54B0E265F7B3A5810E15 ] WcsPlugInService C:\WINDOWS\System32\WcsPlugInService.dll
18:43:36.0146 0x0a04  WcsPlugInService - ok
18:43:36.0177 0x0a04  [ B3A4D918DAB90505B6BC7B70632913CB, ECC19DCD7902C29D0682C70B9546CF8B82477A32147EE30EB6750D8499605B46 ] Wd              C:\WINDOWS\system32\drivers\wd.sys
18:43:36.0177 0x0a04  Wd - ok
18:43:36.0208 0x0a04  [ 3772FF85F0098686B0DCD77076AE0786, 8B0221F6003C53856676FFD9CDCFF43DF29B410AB2F340C10BB858F0E6EC14CE ] WdBoot          C:\WINDOWS\system32\drivers\WdBoot.sys
18:43:36.0208 0x0a04  WdBoot - ok
18:43:36.0270 0x0a04  [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\WINDOWS\system32\drivers\Wdf01000.sys
18:43:36.0317 0x0a04  Wdf01000 - ok
18:43:36.0348 0x0a04  [ AB6F7DE8BFBF61A42F8764D9A621BD8B, DEFDC9FDC0B234403EE1339105B8D12B486D77B3BA01A703339B5DB8B95FA4D8 ] WdFilter        C:\WINDOWS\system32\drivers\WdFilter.sys
18:43:36.0364 0x0a04  WdFilter - ok
18:43:36.0411 0x0a04  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiServiceHost  C:\WINDOWS\system32\wdi.dll
18:43:36.0411 0x0a04  WdiServiceHost - ok
18:43:36.0426 0x0a04  [ 240FC332484572227CD1DF82407F33E5, 5210549EC519DD3BCA6BBC995F01E1E3E0988580797E4BD1433F429E0CB30412 ] WdiSystemHost   C:\WINDOWS\system32\wdi.dll
18:43:36.0442 0x0a04  WdiSystemHost - ok
18:43:36.0489 0x0a04  [ 9B1384CE8E681D2D77BB3524B8E86311, BDEF9D0A79A7C26A88088A306F91632F300E587736CDD2C64717EC54DD6E89FF ] WebClient       C:\WINDOWS\System32\webclnt.dll
18:43:36.0504 0x0a04  WebClient - ok
18:43:36.0536 0x0a04  [ 35FD720943D4FCD75C3275BF062FF140, 9D8345E6DE1AE23F93AD0B52D27D1CCFD69EF7EE50654F92CA999BEC4570A773 ] Wecsvc          C:\WINDOWS\system32\wecsvc.dll
18:43:36.0551 0x0a04  Wecsvc - ok
18:43:36.0567 0x0a04  [ 4D2612E3C462B68F499D840B1133263E, 4DDAEB4480AEC31A8184838588E0D3DFA31CE6D2FA6E906926860C75F52DC7B7 ] wercplsupport   C:\WINDOWS\System32\wercplsupport.dll
18:43:36.0567 0x0a04  wercplsupport - ok
18:43:36.0614 0x0a04  [ 5F70EBFC1F75B487DE79501E3CCBDB54, 2FCA57BF60A43B03BB42FBF22BBFC19AD2266FBBD818494AD114125E6E433321 ] WerSvc          C:\WINDOWS\System32\WerSvc.dll
18:43:36.0614 0x0a04  WerSvc - ok
18:43:36.0660 0x0a04  [ 44BB9C31E6242C4BD1CE7C2B440C2533, E603BB001028918B687818E930340008C752679B133037367A8A8E41DA559FFE ] WFPLWFS         C:\WINDOWS\system32\DRIVERS\wfplwfs.sys
18:43:36.0660 0x0a04  WFPLWFS - ok
18:43:36.0691 0x0a04  [ 60E0C220593DA4F7C289CB909D2DBAE0, 057CA7727F748600CC155043081AB9E3244763CF4913F317D13226A515F6FDB6 ] WiaRpc          C:\WINDOWS\System32\wiarpc.dll
18:43:36.0691 0x0a04  WiaRpc - ok
18:43:36.0754 0x0a04  [ A3C7624A42A3447EF5EDD1ED37FE4E60, BD8BDF0A571873FA8277878AF7AED11196CFF1B4DF1EA6BA13BD4887D7B63B94 ] WIMMount        C:\WINDOWS\system32\drivers\wimmount.sys
18:43:36.0754 0x0a04  WIMMount - ok
18:43:36.0785 0x0a04  WinDefend - ok
18:43:36.0863 0x0a04  [ 7911470B6018059A880469A63B65700A, 4B6131491A028FBCA54AC261112D183EFD42E98160545C8E8DFBDA01C87B3FB5 ] WinHttpAutoProxySvc C:\WINDOWS\system32\winhttp.dll
18:43:36.0894 0x0a04  WinHttpAutoProxySvc - ok
18:43:36.0972 0x0a04  [ 3D6B518B71C75C8FA4115A33615C107A, ED7A266013D29D3B1A462464735C3632BEA121D1B32553907AEAA0B00595C3DF ] Winmgmt         C:\WINDOWS\system32\wbem\WMIsvc.dll
18:43:36.0972 0x0a04  Winmgmt - ok
18:43:37.0144 0x0a04  [ 8E212A627F33F6FC3B5F3BB47212F66E, 9BBFE26ABFA14F346FE3711D13D959523EEA23608A33C16F3D750D66CA511911 ] WinRM           C:\WINDOWS\system32\WsmSvc.dll
18:43:37.0300 0x0a04  WinRM - ok
18:43:37.0409 0x0a04  [ 6351724B8FA0255C2DBD970297F00B93, A02F274479F9F32E30C75A5BD991B008B3CCB47D380D5870563EF918DAC5730E ] WlanSvc         C:\WINDOWS\System32\wlansvc.dll
18:43:37.0487 0x0a04  WlanSvc - ok
18:43:37.0612 0x0a04  [ B330CE47FB74A6BE9A3FFFF4B3F64D9B, B76226808406D8B38DE2D3A8CCE633BB507022C8BAAA6C3DAD34204CC6CE1284 ] wlidsvc         C:\WINDOWS\system32\wlidsvc.dll
18:43:37.0721 0x0a04  wlidsvc - ok
18:43:37.0768 0x0a04  [ E2A596CACFC6504306CDB7B593B90084, DF89CF57249553CE922C841F18B99A213185FA1099C053B9BB8C0F6E5BC3FEC0 ] WmiAcpi         C:\WINDOWS\System32\drivers\wmiacpi.sys
18:43:37.0768 0x0a04  WmiAcpi - ok
18:43:37.0815 0x0a04  [ D113499052C5E541906B727779F0F959, 05FB51086C0A0CE3812A7E6098C5A454ECCFE8553669CFA715153564F2226DB0 ] wmiApSrv        C:\WINDOWS\system32\wbem\WmiApSrv.exe
18:43:37.0815 0x0a04  wmiApSrv - ok
18:43:37.0846 0x0a04  WMPNetworkSvc - ok
18:43:37.0862 0x0a04  [ C6FF953D5D6F2EAE3B8883474D5076B3, 001CBB7FBC30209C892869258E5ABD3F0932886E156ECB10DCA599F6D32648BE ] wpcfltr         C:\WINDOWS\system32\DRIVERS\wpcfltr.sys
18:43:37.0862 0x0a04  wpcfltr - ok
18:43:37.0893 0x0a04  [ A6ED163169876BFD2437E872FE2F1509, C13E8676800EEEF690F51C4DEA660B36C8734AE2CCAAC48054E10D74B98949B8 ] WPCSvc          C:\WINDOWS\System32\wpcsvc.dll
18:43:37.0908 0x0a04  WPCSvc - ok
18:43:37.0924 0x0a04  [ 3013658A4D327854BEEC4A08D9655194, C4CF5AA6A47CC55E7037B0BFE20AE0A6442ADDC5DEB89D6861C98C61851FA821 ] WPDBusEnum      C:\WINDOWS\system32\wpdbusenum.dll
18:43:37.0940 0x0a04  WPDBusEnum - ok
18:43:37.0955 0x0a04  [ 0346CAFC181C91C6E2330332EB332ED6, D46F44C339399CAAE13CD71C53A169E95065208E07E5420DE00A4509D6CB056F ] WpdUpFltr       C:\WINDOWS\system32\drivers\WpdUpFltr.sys
18:43:37.0955 0x0a04  WpdUpFltr - ok
18:43:37.0986 0x0a04  [ BC8B5CB336E63BB25EAD1CE8EDD34B81, A42759956EDCCC6D0688240AA4F833FB9CA132D42D2D901CDCBB24DCE1788C1D ] ws2ifsl         C:\WINDOWS\system32\drivers\ws2ifsl.sys
18:43:37.0986 0x0a04  ws2ifsl - ok
18:43:38.0033 0x0a04  [ 012CFE7F0F95266F554EE3B91EE2128A, 866312F6BF7369BE686F1BA9F01311C99E95E268C6E63BE37C841F54F5AA0DB8 ] wscsvc          C:\WINDOWS\System32\wscsvc.dll
18:43:38.0033 0x0a04  wscsvc - ok
18:43:38.0049 0x0a04  WSearch - ok
18:43:38.0220 0x0a04  [ D4D04839F3DFAF09D94BAB1016F7A297, 944A41D251F522EE87189C1D01CF7EEE2C70BF4353BA4005C44F03DB485F843F ] WSService       C:\WINDOWS\System32\WSService.dll
18:43:38.0330 0x0a04  WSService - ok
18:43:38.0501 0x0a04  [ 311E5E1976E0BD9110A88B93158055D5, F1AA738D6AD74C33785EEFE1FBE8A869AAB62417B7D079389293AB1209A849C1 ] wuauserv        C:\WINDOWS\system32\wuaueng.dll
18:43:38.0673 0x0a04  wuauserv - ok
18:43:38.0720 0x0a04  [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\WINDOWS\system32\drivers\WudfPf.sys
18:43:38.0735 0x0a04  WudfPf - ok
18:43:38.0766 0x0a04  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\WINDOWS\System32\drivers\WUDFRd.sys
18:43:38.0766 0x0a04  WUDFRd - ok
18:43:38.0813 0x0a04  [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\WINDOWS\System32\WUDFSvc.dll
18:43:38.0813 0x0a04  wudfsvc - ok
18:43:38.0829 0x0a04  [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFWpdFs       C:\WINDOWS\system32\DRIVERS\WUDFRd.sys
18:43:38.0844 0x0a04  WUDFWpdFs - ok
18:43:38.0891 0x0a04  [ 6D9E07436B6646EC8F7EFFD39B6BA288, 82C1CEA93ECEF17D221AD0F87C5BD96F3FD8143841C16BD9608BD4D58D90B8E0 ] WwanSvc         C:\WINDOWS\System32\wwansvc.dll
18:43:38.0907 0x0a04  WwanSvc - ok
18:43:38.0938 0x0a04  ================ Scan global ===============================
18:43:38.0985 0x0a04  [ DDC1AFBF9DDF880CE9BD3896114D8DED, E2406231EA4D2689A5EDFA9BD1A1BC064359D8D23B37F113A18B5EAE3E2D4050 ] C:\WINDOWS\system32\basesrv.dll
18:43:39.0016 0x0a04  [ E9343076AE704D20BB0D01F3AF3EFFEF, FF2CE4146945976F9480690505CECD3C7C719BAF0F633E6192C8272C75EF295D ] C:\WINDOWS\system32\winsrv.dll
18:43:39.0063 0x0a04  [ BD7C6949984D19AAA609896B675E7357, 5B46538B27BC70F5A3805AA63F6AACDC780C7168468FB535F2D35CF26B9DEE06 ] C:\WINDOWS\system32\sxssrv.dll
18:43:39.0110 0x0a04  [ 8F226143046435C75C033B0C52E90FFE, 54FA316485B57D7B8104FE621F5F40DEC35E3D57C3DF46B5F7EACF57445FE7CA ] C:\WINDOWS\system32\services.exe
18:43:39.0125 0x0a04  [ Global ] - ok
18:43:39.0125 0x0a04  ================ Scan MBR ==================================
18:43:39.0141 0x0a04  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk0\DR0
18:43:39.0156 0x0a04  \Device\Harddisk0\DR0 - ok
18:43:39.0156 0x0a04  ================ Scan VBR ==================================
18:43:39.0172 0x0a04  [ 63ACCF37FFDD0D574EC585CDD14D043A ] \Device\Harddisk0\DR0\Partition1
18:43:39.0172 0x0a04  \Device\Harddisk0\DR0\Partition1 - ok
18:43:39.0188 0x0a04  [ FABBFEF227ABEBC7E2931D647D43C28B ] \Device\Harddisk0\DR0\Partition2
18:43:39.0203 0x0a04  \Device\Harddisk0\DR0\Partition2 - ok
18:43:39.0219 0x0a04  [ F0B08112833A26EEA15D10FDFCBA326B ] \Device\Harddisk0\DR0\Partition3
18:43:39.0219 0x0a04  \Device\Harddisk0\DR0\Partition3 - ok
18:43:39.0234 0x0a04  [ BC48A59B007F9CC4D222443B9AE1F181 ] \Device\Harddisk0\DR0\Partition4
18:43:39.0250 0x0a04  \Device\Harddisk0\DR0\Partition4 - ok
18:43:39.0281 0x0a04  [ 4DAD4FAA7C0D07D2DFA4D330929D8C13 ] \Device\Harddisk0\DR0\Partition5
18:43:39.0281 0x0a04  \Device\Harddisk0\DR0\Partition5 - ok
18:43:39.0297 0x0a04  [ 948714F7220FEB8DA30797A7E7E43336 ] \Device\Harddisk0\DR0\Partition6
18:43:39.0312 0x0a04  \Device\Harddisk0\DR0\Partition6 - ok
18:43:39.0312 0x0a04  ================ Scan generic autorun ======================
18:43:39.0484 0x0a04  [ C46229075C0CE88B2BB71AC5664601CE, 0B8CAD993148AF73EA07D375AA9A1EAA1EADC409DF3E21ECBACF91204D191125 ] C:\Program Files (x86)\Symantec\Norton Online Backup\NOBuClient.exe
18:43:39.0640 0x0a04  Norton Online Backup - ok
18:43:39.0702 0x0a04  [ A025DF526B0FB3DAC3169AE4330FF7A4, 4E78E592259B402BA5D69DB0E4BA754E86406D807A42463EB36BBDA925F3C0EB ] C:\Program Files (x86)\Symantec\Norton Utilities 16\sMonitor\SSDMonitor.exe
18:43:39.0702 0x0a04  SSDMonitor - ok
18:43:39.0702 0x0a04  Waiting for KSN requests completion. In queue: 98
18:43:40.0732 0x0a04  Waiting for KSN requests completion. In queue: 98
18:43:41.0746 0x0a04  Waiting for KSN requests completion. In queue: 98
18:43:42.0807 0x0a04  AV detected via SS2: Windows Defender, C:\Program Files\Windows Defender\MSASCui.exe ( 4.5.218.0 ), 0x60100 ( disabled : updated )
18:43:42.0822 0x0a04  AV detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x52000 ( disabled : updated )
18:43:42.0822 0x0a04  FW detected via SS2: Norton 360, C:\Program Files (x86)\Norton 360\Engine\21.4.0.13\WSCStub.exe ( 21.4.0.0 ), 0x52010 ( disabled )
18:43:42.0854 0x0a04  Win FW state via NFP2: enabled
18:43:45.0475 0x0a04  ============================================================
18:43:45.0475 0x0a04  Scan finished
18:43:45.0475 0x0a04  ============================================================
18:43:45.0490 0x1264  Detected object count: 0
18:43:45.0490 0x1264  Actual detected object count: 0
18:55:15.0991 0x02e8  Deinitialize success
 



#13 LiquidTension

LiquidTension

    SuperMember

  • Retired Classroom Teacher
  • 2,566 posts

Posted 11 August 2014 - 12:42 PM

Hi Catherine,
 
Thank you for getting the TDSSK log, and don't worry about aswMBR. 
 
Please answer the following questions before proceeding with the instructions below.

  • Do you recognise the following files?
    C:\Users\Hespetreet\Downloads\Bilder - Snarvei.lnk
    C:\Users\Hespetreet\Downloads\AnHsinPuTzu.themepack
     
  • Which files/folders do you receive the Access Denied message?
     
  • Which browser(s) do you have Flash issues with? 
     

STEP 1
xlK5Hdb.png Farbar Recovery Scan Tool (FRST) Script

  • Press the Windows Key pdKOQKY.png + r on your keyboard at the same time. Type Notepad and click OK.
  • Copy the entire contents of the codebox below and paste into the Notepad document.
    start
    SearchScopes: HKCU - DefaultScope {AFBCB7E0-F91A-4951-9F31-58FEE57A25C4} URL =
    SearchScopes: HKCU - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL =
    2014-07-20 18:31 - 2014-07-20 18:31 - 00000000 ____D () C:\Users\Hespetreet\AppData\Roaming\Tencent
    2014-07-20 18:31 - 2014-07-20 18:31 - 00000000 ____D () C:\ProgramData\Tencent
    SearchScopes: HKLM - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://no.yhs4.searc...p={searchTerms}
    SearchScopes: HKLM-x32 - {AA9A4890-4262-4441-8977-E2FFCBFB706C} URL = http://no.yhs4.searc...p={searchTerms}
    HKU\S-1-5-21-3604915464-1756807762-4202892429-1001\...\MountPoints2: {9e67ff6c-100b-11e4-be74-206a8a970a09} - "E:\LaunchU3.exe" -a
    AlternateDataStreams: C:\ProgramData\Temp:792D4CF1
    Folder: C:\Users\Hespetreet\AppData\Local\CrashRpt
    CMD: ipconfig /release
    CMD: ipconfig /flushdns 
    CMD: ipconfig /renew
    CMD: netsh winsock reset all
    CMD: netsh int ip reset all
    ​Hosts:
    EmptyTemp:
    end
  • Click FileSave As and type fixlist.txt as the File Name
  • Important: The file must be saved in the same location as FRST64.exe. 

NOTICE: This script is intended for use on this particular machine. Do not use this script on any other machine; doing so may cause damage to your Operating System.

  • Right-Click FRST64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Fix.
  • A log (Fixlog.txt) will open on your desktop. Copy the contents of the log and paste in your next reply.
     

STEP 2
nWhGEI3.png VirusTotal Upload

  • Please go to VirusTotal.com.
  • Click Choose File and locate the following file:
    • C:\WINDOWS\system32\OEMLicense.dll
  • Click Scan it!.
  • If you receive the following notification: File already analysed click Reanalyse.
  • Once the file has been analyzed, copy the page URL at the top of the window and paste in your next reply. 
     

STEP 3
FV5nHwc.png ListParts

  • Please download ListParts (x64) and save the file to your desktop.
  • Right-Click ListParts64.exe and select AVOiBNU.jpg Run as administrator to run the programme.
  • Click Run.
  • Place a checkmark next to List BCD.
  • Click Scan.
  • Click OK.
  • A log will open. Copy the contents of the log and paste in your next reply.
     

======================================================
 
STEP 4
pfNZP4A.png Logs
In your next reply please include the following logs. Please be sure to copy and paste the requested logs, as well as provide information on any questions I may have asked.

  • Answers to questions
  • Fixlog.txt
  • VirusTotal Results
  • ListParts log

50QfLth.png

 

Would you like to help others with malware removal? Join our Classroom and learn how!


#14 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 12 August 2014 - 04:59 AM

Hi Adam I need to reply about the questions before I run those prog.

Q nr 1 I dont recognize the onen whit shortcut to my pics, But I know the other one, It's my desktop theme :)

 

Q nr 3 I think I just have the problem with flash in chrome

 

Q nr 2 I didn't remember all those folders so to give you a good answer I just check whole c:\ First of all I just got denied on random folders and another thing, so much was changed there so weird it was so crazy that it almost was fun to read it, but seriously It made me afraid. I took som screenshots, and have a lot of notebook stuff you can read. So i have to ask you are you ready for lot's of information? If you are how can I send it to you? Omg I'm scared.. i can do the rest while waiting for your reply

 

Btw windows + r just send me to the start page


Edited by Hespetreet, 12 August 2014 - 05:01 AM.


#15 Hespetreet

Hespetreet

    New Member

  • Authentic Member
  • Pip
  • 19 posts

Posted 12 August 2014 - 05:53 AM

https://www.virustot...sis/1407841883/

 

ListParts was download to desktop, but it disappeared it wasn't there so much as a second..


Related Topics



0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users