ROOTKIT NIGHTMARE - 3 Devices on same network

Page 1 of 2 12 LastLast

  1. condens8
    Posts : 5
    Windows 8 & 10 (multiple devices)
       New #1

    ROOTKIT NIGHTMARE - 3 Devices on same network


    Hi there,

    I realized that I had a virus while going through some file directories on my new computer. Didn't know about rootkits or viruses really so I started looking into it and educating myself, I now have a grasp of the problem but it is extremely advanced. I know I just need to wipe everything and start over but after numerous attempts , all the reinstalls have the malware IN the system directory. I have messed around with getting permissions back and what not, but Im at a loss from what to do now. I ive used TDS Killer with no success, used a lot of diagnostic tools from sysinternals, avira, avast - nothing other than GMER really showed anything. This is my windows 8 computer GMER scan, I have another windows 8 computer as well as a brand new desktop running 10. All of them are effed up. Here is just a taste of the madness. PS from my research of logs on the comp ive found stuff going back to 2014- and i have been unaaware the whole time. it has taken over everything.

    Some noticeable issues I've personally observed:

    -Network is definitely hijacked, tunnels are installed, remote users etc. I did take all permissions back with cmd
    - Havent really deleted anything out of fear but have disabled a lot of network processes on my win10 asus, cant seem to hook up networking because the hackers were redirecting the connection THROUGH their server so the map needs to be rewritten.
    - svchost.exe , chrome.exe , microsoftedge.exe as well as a bunch more below, but I seem to have everything apparently.
    - A LOT of .dll and .manifest files where they shouldnt be. It may be related to a bootkit because even when I try to do a wipe and factory reset, all of the system directories are the same and clearly infected.

    GMER 2.2.19882 - http://www.gmer.netRootkit scan 2017-01-26 12:05:34Windows 6.2.9200 x64 \Device\Harddisk1\DR1 -> \Device\00000038 WDC_WD7500BPVT-60HXZT3 rev.01.01A01 698.64GBRunning: gmer.exe; Driver: C:\Users\user\AppData\Local\Temp\uwldapob.sys---- Disk sectors - GMER 2.2 ----Disk \Device\Harddisk1\DR1 unknown MBR code---- Threads - GMER 2.2 ----Thread C:\WINDOWS\system32\csrss.exe [636:1380] fffff960008cb2d0Thread C:\WINDOWS\Explorer.EXE [1668:2724] 00007ffbabb0e630Thread C:\WINDOWS\Explorer.EXE [1668:5972] 00007ffbabb0e630Thread C:\WINDOWS\Explorer.EXE [1668:6320] 00007ffbac4ce630Thread C:\WINDOWS\Explorer.EXE [1668:11708] 00007ffba3d7e630Thread C:\WINDOWS\Explorer.EXE [1668:21868] 00007ffbb7f8e630Thread C:\WINDOWS\system32\mmc.exe [20068:21636] 00007ffbcaef28c0---- Processes - GMER 2.2 ----Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso30win32client.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 00000000519d0000Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso40uiwin32client.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 000000000ffc0000Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso98win32client.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 0000000051680000Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso99Lwin32client.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 00000000024b0000Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 0000000002a20000Library C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\ACEOLEDB.DLL (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 0000000077710000---- EOF - GMER 2.2 ----END OF QUICK SCAN in SYSTEM FILES BELOW: Full Scan of 3rd partyGMER 2.2.19882 - http://www.gmer.net3rd party scan 2017-01-26 12:13:17Windows 6.2.9200 x64 \Device\Harddisk1\DR1 -> \Device\00000038 WDC_WD7500BPVT-60HXZT3 rev.01.01A01 698.64GBRunning: gmer.exe; Driver: C:\Users\user\AppData\Local\Temp\uwldapob.sys---- Modules - GMER 2.2 ----Module \SystemRoot\System32\drivers\iaStorA.sys (Intel Rapid Storage Technology driver - x64/Intel Corporation SIGNED)(2013-08-07 22:23:46) fffff80068649000-fffff80068903000 (2859008 bytes)Module \SystemRoot\system32\DRIVERS\hpdskflt.sys (HP Disk Filter - SATA/RAID/Hewlett-Packard SIGNED)(2013-03-01 23:40:02) fffff8006919d000-fffff800691a8000 (45056 bytes)Module \SystemRoot\system32\DRIVERS\nvpciflt.sys (NVIDIA Windows Kernel Mode Driver, Version 331.65 /NVIDIA Corporation SIGNED)(2013-10-27 17:04:04) fffff80068e00000-fffff80068e0b000 (45056 bytes)Module \??\C:\WINDOWS\system32\drivers\cbfs5.sys (Callback File System Driver/EldoS Corporation SIGNED)(2017-01-02 19:21:13) fffff80069410000-fffff8006947a000 (434176 bytes)Module \SystemRoot\system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 331.65 /NVIDIA Corporation SIGNED)(2013-10-27 17:04:02) fffff80069ca5000-fffff8006a8dc000 (12808192 bytes)Module \SystemRoot\system32\DRIVERS\igdkmd64.sys (Intel Graphics Kernel Mode Driver/Intel Corporation SIGNED)(2014-10-04 01:36:38) fffff8006aa68000-fffff8006af0c000 (4866048 bytes)Module \SystemRoot\system32\DRIVERS\RtsPer.sys (RTS PCIE READER Driver/RTS Corporation SIGNED)(2014-01-11 17:59:07) fffff8006b359000-fffff8006b3cb000 (466944 bytes)Module \SystemRoot\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics Incorporated SIGNED)(2013-04-24 09:16:22) fffff80069c00000-fffff80069c7f000 (520192 bytes)Module \SystemRoot\system32\DRIVERS\ikbevent.sys(2012-08-17 04:31:26) fffff8006aa00000-fffff8006aa0b000 (45056 bytes)Module \SystemRoot\system32\DRIVERS\imsevent.sys(2012-08-17 04:31:28) fffff8006aa1d000-fffff8006aa28000 (45056 bytes)Module \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc. SIGNED)(2014-05-07 09:38:02) fffff8006b3f6000-fffff8006b3fd000 (28672 bytes)Module \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys (Synaptics SMBus Driver/Synaptics Incorporated SIGNED)(2013-04-24 09:16:20) fffff8006aa38000-fffff8006aa45000 (53248 bytes)Module \SystemRoot\system32\DRIVERS\Accelerometer.sys (HP Accelerometer/Hewlett-Packard SIGNED)(2013-03-01 23:40:02) fffff8006aa45000-fffff8006aa53000 (57344 bytes)Module \SystemRoot\System32\drivers\ISCTD64.sys(2012-08-17 04:31:28) fffff800683ef000-fffff80068400000 (69632 bytes)Module \SystemRoot\System32\drivers\iwdbus.sys (Intel® WiDi Solution/Intel Corporation SIGNED)(2014-09-19 02:07:03) fffff8006b4be000-fffff8006b4ca000 (49152 bytes)Module \SystemRoot\system32\DRIVERS\stwrt64.sys (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:49) fffff8006b6da000-fffff8006b764000 (565248 bytes)Module \SystemRoot\System32\Drivers\dump_diskdump.sys fffff8006b6c9000-fffff8006b6d5000 (49152 bytes)Module \SystemRoot\System32\Drivers\dump_iaStorA.sys fffff8006b82d000-fffff8006bae7000 (2859008 bytes)Module \SystemRoot\System32\Drivers\dump_dumpfve.sys fffff8006bae7000-fffff8006bafd000 (90112 bytes)Module \SystemRoot\system32\drivers\WPRO_41_2001.sys(2014-01-11 18:59:15) fffff8006c1c7000-fffff8006c1d3000 (49152 bytes)---- Processes - GMER 2.2 ----Process C:\WINDOWS\system32\dwm.exe [952] (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvumdshimx.dll (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvinitx.dll (NVIDIA shim initialization dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:02) 00007ffbcc780000Library C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll(2013-10-27 17:03:58) 000000000f000000Library C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll (NVIDIA d3d9wrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 00007ffbc9ae0000Library C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll (NVIDIA dxgiwrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 00007ffbc9a90000Library C:\WINDOWS\system32\igd10iumd64.dll (User Mode Driver for Intel(R) Graphics Technology/Intel Corporation)(2014-10-04 01:36:24) 00007ffbcb780000Library C:\WINDOWS\system32\igdusc64.dll (Unified Shader Compiler for Intel(R) Graphics Accelerator/Intel Corporation)(2014-10-04 01:36:50) 00007ffbca210000Process C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [968] (HP Service/HP SIGNED)(2013-06-07 13:16:54) 0000000001240000Library C:\Program Files (x86)\HP SimplePass\TSLog.dll (TSLog Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:38) 0000000074ab0000Process C:\WINDOWS\system32\nvvsvc.exe [344] (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ff7f6b20000Library C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000066640000Process C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [412] (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ff7ea090000Library C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000066030000Library C:\Program Files\NVIDIA Corporation\Display\NvUI.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000065b90000Library C:\WINDOWS\system32\nvumdshimx.dll (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvapi64.dll (NVIDIA NVAPI Library, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:46) 00007ffbc9b40000Library C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000066640000Library C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll(2014-11-05 05:42:44) 00007ffbcd710000Library C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00000000659e0000Process C:\WINDOWS\System32\svchost.exe [428] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\WINDOWS\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll (Audio Processing Object for Windows Vista/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 00000000654b0000Process C:\WINDOWS\system32\svchost.exe [640] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\WINDOWS\system32\svchost.exe [780] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\WINDOWS\system32\nvvsvc.exe [1028] (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ff7f6b20000Library C:\WINDOWS\system32\NVSVC64.DLL (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ffbcb370000Library C:\WINDOWS\system32\nvapi64.dll (NVIDIA NVAPI Library, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:46) 00007ffbc9b40000Library C:\WINDOWS\system32\NVSVCR.DLL (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ffbc94a0000Library C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000066640000Library C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00000000659e0000Process C:\WINDOWS\system32\igfxCUIService.exe [1108] (igfxCUIService Module/Intel Corporation SIGNED)(2014-10-04 01:36:52) 00007ff6c5460000Process C:\WINDOWS\system32\Hpservice.exe [1312] (HpService/Hewlett-Packard Company SIGNED)(2013-03-01 23:40:02) 00007ff679050000Library C:\WINDOWS\system32\accelerometerdll.DLL (HP Mobile Data Protection User Mode DLL/Hewlett-Packard Company SIGNED)(2013-03-01 23:40:02) 00007ffbc8d50000Process C:\Windows\System32\WUDFHost.exe [1388] (Validity WBF Driver/Validity Sensors, Inc. SIGNED)(2013-03-19 22:22:48) 00007ffbc8720000Library C:\Windows\System32\drivers\UMDF\wbf_vfs_0050.dll (Validity WBF Driver/Validity Sensors, Inc. SIGNED)(2013-03-19 22:22:48) 00007ffbc8720000Library C:\Windows\System32\vcsAPIFORWBF.dll (Validity VCS Extended API Library/Validity Sensors, Inc. SIGNED)(2013-03-19 22:21:56) 0000000180000000Process C:\WINDOWS\system32\svchost.exe [1512] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\WINDOWS\System32\spoolsv.exe [1744] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [1912] (Adobe Acrobat Update Service/CA - G2 SIGNED)(2016-12-20 06:38:14) 0000000000c70000Process C:\Program Files\Bonjour\mDNSResponder.exe [1936] (Bonjour Service/Apple Inc. SIGNED)(2011-08-31 06:05:32) 00007ff7cb160000Process C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe [1956] (Host Process/Google Inc. SIGNED)(2016-10-17 02:31:44) 0000000001240000Process C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe [2028] (Host Process/Google Inc. SIGNED)(2016-10-17 02:31:44) 0000000001240000Process C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2040] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\WINDOWS\system32\DbxSvc.exe [1052] (Dropbox Service/Dropbox, Inc. SIGNED)(2017-01-04 05:25:16) 00007ff74cc60000Process C:\WINDOWS\System32\svchost.exe [1780] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2060](2012-08-17 04:36:54) 00007ff6cde20000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\LServ.dll (Log Server/Intel Corporation)(2012-08-17 04:33:46) 00007ffbc2d20000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll(2012-08-17 04:36:56) 00007ffbc2b20000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll (ISCT Net Detect Module/Intel Corporation SIGNED)(2012-08-17 04:36:56) 00007ffbc2a50000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTRemoteWake.dll (ISCT Always Reachable Module/TODO: <Company name> SIGNED)(2012-08-17 04:36:56) 00007ffbc29f0000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\wpcap.dll (wpcap.dll Dynamic Link Library - based on libpcap 1.0rel0b branch (20091008)/CACE Technologies SIGNED)(2012-08-17 04:36:54) 0000000180000000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\packet.dll (packet.dll Wrapper Dynamic Link Library/CACE Technologies SIGNED)(2012-08-17 04:36:52) 0000000001140000Library C:\WINDOWS\system32\WPRO_41_2001woem.tmp (packet.dll (Vista) Dynamic Link Library/CACE Technologies SIGNED)(2017-01-26 01:15:49) 0000000001c70000Process C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2180] (NIHardwareService/Native Instruments GmbH SIGNED)(2013-11-27 10:34:02) 00007ff68bf10000Process C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2296] (Reimage Real Time Protection/Reimage® SIGNED)(2016-11-06 15:59:12) 00007ff70d590000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe [2336] (Reimage System Protection/Reimage® SIGNED)(2016-11-06 15:59:16) 00007ff619d20000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [2352] (Unified Remote/Unified Intents AB SIGNED)(2016-12-03 05:05:26) 00000000013c0000Library C:\Program Files (x86)\Unified Remote 3\wcl.dll (Wireless Communication Library C++ Developer/Soft Service Company)(2016-12-03 05:05:28) 00000000728f0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [2644] (Monotype SkyFontsService/Monotype Imaging Inc. SIGNED)(2016-09-22 20:38:56) 00000000005b0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\dd84ea2df483c0bd8415651d9dec7d1d \System.ServiceProcess.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:57) 00007ffbbead0000Library C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Ext.Core.dll (Monotype SkyFonts Core/Monotype Imaging Inc.)(2016-09-22 20:38:48) 0000000019a70000Library C:\Program Files\Monotype\SkyFonts\NLog.dll (NLog for .NET Framework 4/NLog)(2013-04-08 19:15:56) 0000000000e70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Configuration\cc6c6f8f123d664502b6824e465278fc \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 17:27:49) 00007ffbbe870000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml\89953ee3f20b52d4a56e0562c0d26c14\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:27) 00007ffbbdeb0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Drawing\e33c77f535725e729987b0cfe94e9668\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:09) 00007ffbbdc30000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3aaa51fb913a2de4fec6a1a5935d96e6 \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:16) 00007ffbbcc70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\970a91298480f8937aa6af8c5b63b371\ System.ServiceModel.ni.dll (System.ServiceModel.dll/Microsoft Corporation)(2016-12-17 17:28:54) 00007ffbbaa00000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Data\e098aca3187d15cc2d5d6142ae0d6d64\System.D ata.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:04) 00007ffbba140000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\fe95bb1bc7be6223179723407a5a8b51 \System.Runtime.Serialization.ni.dll (System.Runtime.Serialization.dll/Microsoft Corporation)(2016-12-17 17:28:22) 00007ffbb9ab0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\40f19aaa8b7309dc458bac4333dc9112\SMDiag nostics.ni.dll (SMDiagnostics.dll/Microsoft Corporation)(2016-12-17 17:30:34) 00007ffbb9a80000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\0ac47742c7836b4fcc2f19b2e4c6d66d \System.ServiceModel.Internals.ni.dll (System.ServiceModel.Internals.dll/Microsoft Corporation)(2016-12-17 17:30:35) 00007ffbb9790000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Transactions\9e50cfe88d4b6dbf6e5a09f177175d5b\ System.Transactions.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:58) 00007ffbb9640000Process C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2228] (TeamViewer 11/TeamViewer GmbH SIGNED)(2016-08-12 18:41:05) 0000000000ca0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [2476] (ToolbarU Application /AVG Secure Search SIGNED)(2014-06-03 04:55:14) 0000000000120000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe [2668](2014-06-03 04:55:14) 0000000000ca0000Library C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll(2014-06-03 04:55:14) 0000000071e00000Process C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3296] (Synaptics TouchPad Enhancements/Synaptics Incorporated SIGNED)(2013-04-24 09:15:58) 0000000000400000Library C:\WINDOWS\system32\SynCOM.dll (SynCOM/Synaptics Incorporated SIGNED)(2013-04-24 09:16:04) 0000000010000000Library C:\WINDOWS\SYSTEM32\SynTPAPI.dll (SynTPAPI/Synaptics Incorporated SIGNED)(2013-04-24 09:16:08) 0000000063010000Library C:\Program Files\Synaptics\SynTP\SynTPRes.dll (TouchPad Resource Library/Synaptics Incorporated SIGNED)(2013-04-24 09:16:16) 00000000033b0000Process C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [1488] (Microsoft Common Language Runtime Class Library/Microsoft Corporation)(2015-01-19 04:39:42) 00007ffbb3ff0000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\mscorlib\6227ee011c9930128c5ad76841ecf2ee\mscorlib.ni .dll (Microsoft Common Language Runtime Class Library/Microsoft Corporation)(2015-01-19 04:39:42) 00007ffbb3ff0000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System\4393c8e53a5625379e2aac0aa580c442\System.ni.dll (.NET Framework/Microsoft Corporation)(2016-05-17 05:39:36) 00007ffbb34c0000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\0710058637a1bd90cad8b59f0d7d32fc \System.ServiceProcess.ni.dll (.NET Framework/Microsoft Corporation)(2016-05-17 06:48:19) 00007ffbb3470000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\WindowsBase\267f2adaf07827f9639c26c2aae0fc10\WindowsB ase.ni.dll (WindowsBase.dll/Microsoft Corporation)(2016-10-15 06:42:43) 00007ffbb2e10000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\PresentationCore\f11b8c35351975aa2e0555b2c979351c\Pre sentationCore.ni.dll (PresentationCore.dll/Microsoft Corporation)(2016-10-15 06:43:10) 00007ffbb1e30000Process C:\WINDOWS\Explorer.EXE [1668] (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\SYSTEM32\nvumdshimx.dll (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvinitx.dll (NVIDIA shim initialization dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:02) 00007ffbcc780000Library C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll (Dropbox Shell Extension/Dropbox, Inc. SIGNED)(2017-01-23 21:45:56) 00007ffbcd730000Library C:\WINDOWS\system32\igd10iumd64.dll (User Mode Driver for Intel(R) Graphics Technology/Intel Corporation)(2014-10-04 01:36:24) 00007ffbcb780000Library C:\WINDOWS\SYSTEM32\igdusc64.dll (Unified Shader Compiler for Intel(R) Graphics Accelerator/Intel Corporation)(2014-10-04 01:36:50) 00007ffbca210000Library C:\Program Files\FileZilla FTP Client\fzshellext_64.dll(2016-07-27 14:52:52) 0000000065500000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSContextMenu.dll (ASUS WebStorage Windows ContextMenu Dll/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:56) 0000000008520000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\LogicNP.EZShellExtensions.dll ( / )(2009-03-02 02:07:52) 000000000c160000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.V9921e851#\1b6337801a7cd11357d3c3d4d1e8804c \Microsoft.VisualBasic.ni.dll (Visual Basic Runtime Library/Microsoft Corporation)(2016-12-17 16:33:45) 00007ffbabb40000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\eCaremeDLL.dll (ASUS WebStorage Windows Lib DLL/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:54) 0000000010670000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\log4net.dll (Apache log4net for .NET Framework 2.0/The Apache Software Foundation)(2013-11-17 21:51:36) 0000000010e80000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Configuration\cc6c6f8f123d664502b6824e465278fc \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 17:27:49) 00007ffbbe870000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml\89953ee3f20b52d4a56e0562c0d26c14\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:27) 00007ffbbdeb0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Drawing\e33c77f535725e729987b0cfe94e9668\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:09) 00007ffbbdc30000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3aaa51fb913a2de4fec6a1a5935d96e6 \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:16) 00007ffbbcc70000Library C:\Program Files (x86)\AVG\AVG2014\avgsysa.dll (AVG SYS Library/AVG Technologies CZ, s.r.o. SIGNED)(2014-12-16 20:03:02) 00007ffba3960000Library C:\WINDOWS\system32\nvapi64.dll (NVIDIA NVAPI Library, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:46) 00007ffbc9b40000Library C:\WINDOWS\SYSTEM32\Nv3DAppShExtR.dll (NVIDIA US English language resource library/NVIDIA Corporation)(2014-11-05 05:42:44) 00007ffbabae0000Library C:\WINDOWS\system32\nvshext.dll (NVIDIA Display Shell Extension/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000065300000Library C:\WINDOWS\system32\igfxDTCM.dll (igfxDTCM Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb8280000Library C:\WINDOWS\system32\igfxDH.dll (igfxDH Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1c90000Library C:\WINDOWS\system32\igfxLHM.dll (igfxLHM Module/Intel Corporation)(2014-10-04 01:36:54) 00007ffbb1a90000Library C:\WINDOWS\system32\igfxDI.dll (igfxDI Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1a40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Management\6cd96fbad7d4d5ec89692774279f4cef\Sy stem.Management.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:10) 00007ffba7300000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\Interop.SimpleAES64Lib.dll ( / )(2011-09-05 07:20:04) 0000000011460000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\Interop.SIMPLEAESLib.dll ( / )(2011-09-05 07:20:04) 0000000027340000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\SimpleAES64.dll (SimpleAES64/eCareme Technologies, Inc. SIGNED)(2010-09-28 01:44:46) 0000000180000000Library C:\Program Files (x86)\Google\Drive\contextmenu64.dll (Google Drive shell extension/Google SIGNED)(2016-12-01 00:59:36) 00007ffbb8130000Library C:\Program Files (x86)\Notepad++\NppShell_06.dll(2016-05-17 22:42:40) 0000000048260000Library C:\WINDOWS\system32\nv3dappshext.dll (NVIDIA Shell Extensions/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ffb8db10000Process C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2496](2014-04-25 13:12:25) 00000000000f0000Process C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe [4104](2016-07-21 23:13:24) 00000000002e0000Process C:\WINDOWS\system32\igfxEM.exe [4200] (igfxEM Module/Intel Corporation SIGNED)(2014-10-04 01:36:54) 00007ff719800000Library C:\WINDOWS\system32\igfxDH.dll (igfxDH Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1c90000Library C:\WINDOWS\system32\igfxLHM.dll (igfxLHM Module/Intel Corporation)(2014-10-04 01:36:54) 00007ffbb1a90000Library C:\WINDOWS\system32\igfxDI.dll (igfxDI Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1a40000Process C:\WINDOWS\system32\igfxHK.exe [4208] (igfxHK Module/Intel Corporation SIGNED)(2014-10-04 01:36:54) 00007ff6a94d0000Library C:\WINDOWS\system32\igfxDH.dll (igfxDH Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1c90000Library C:\WINDOWS\system32\igfxLHM.dll (igfxLHM Module/Intel Corporation)(2014-10-04 01:36:54) 00007ffbb1a90000Process C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe [4444](2013-06-07 13:16:28) 0000000000590000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\3081c095cd326a3366ec5d4c4ad0034b\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:34) 000000006df40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ee313ec152b39f7bce30944cb7f9338f \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:14) 000000006d2f0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2c6097450e483e713ed2021691f09a0d\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:18) 000000006c9f0000Library C:\Program Files (x86)\HP SimplePass\BioLayerAdapter.dll (BioLayerAdapter Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:16) 0000000070640000Library C:\Program Files (x86)\HP SimplePass\TSLog.dll (TSLog Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:38) 0000000074ab0000Library C:\Program Files (x86)\HP SimplePass\biolayer.dll (BioLayer Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:14) 00000000714e0000Library C:\Program Files (x86)\HP SimplePass\DataManager.dll (DataManager Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:20) 0000000070e00000Library C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll (TrueAPI Dynamic Link Library/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) 0000000070850000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\0f8b1cd9a653724349c0c2d97317b28b\Cus tomMarshalers.ni.dll (Microsoft .NET Framework Custom Marshalers/Microsoft Corporation)(2016-12-17 15:45:55) 000000006c140000Process C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [4920] (NVIDIA Settings/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ff78de10000Library C:\Program Files\NVIDIA Corporation\Display\NvUI.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000065b90000Library C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU64.DLL (Easy daemon API/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) 00007ffbc84e0000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll (NVIDIA Update Components, 1.15.2.0/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) 00007ffbc7fa0000Library C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL (NVIDIA US English language resource library/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) 00007ffbc83f0000Process C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE [4336] (Synaptics Pointing Device Helper/Synaptics Incorporated SIGNED)(2013-04-24 09:16:00) 0000000000400000Process C:\Windows\System32\skydrive.exe [4768] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library 00007ffbae9d0000Process C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2416] (Google Drive/Google SIGNED)(2016-12-01 00:59:34) 0000000000400000Process C:\Users\user\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2552] (SpotifyWebHelper/Spotify Ltd SIGNED)(2016-07-28 03:46:46) 0000000000400000Process C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3324] (Unified Remote/Unified Intents AB SIGNED)(2016-12-03 05:05:26) 00000000013c0000Library C:\Program Files (x86)\Unified Remote 3\wcl.dll (Wireless Communication Library C++ Developer/Soft Service Company)(2016-12-03 05:05:28) 00000000728f0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe [3456] (Hp Accelerometer System Tray/Hewlett-Packard Company SIGNED)(2013-03-02 00:07:14) 00007ff6423e0000Library C:\WINDOWS\SYSTEM32\accelerometerdll.DLL (HP Mobile Data Protection User Mode DLL/Hewlett-Packard Company SIGNED)(2013-03-01 23:40:02) 00007ffbc8d50000Process C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe [3888] (McAfee Security Scanner Scheduler/McAfee, Inc. SIGNED)(2016-12-14 13:53:48) 00007ff70c040000Process C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4340] (Dropbox/Dropbox, Inc. SIGNED)(2017-01-23 21:45:55) 0000000000f20000Library C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll(2017-01-23 21:45:56) 00000000719a0000Library C:\Program Files (x86)\Dropbox\Client\PYTHON27.DLL (Python Core/Python Software Foundation SIGNED)(2017-01-23 21:45:58) 000000006b4f0000Library C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd(2017-01-10 18:14:33) 0000000071ab0000Library C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd(2017-01-10 18:14:33) 0000000071a90000Library C:\Program Files (x86)\Dropbox\Client\select.pyd(2017-01-10 18:14:32) 0000000071990000Library C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd(2017-01-10 18:14:32) 0000000071980000Library C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd(2017-01-10 18:14:32) 000000006b440000Library C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd(2017-01-23 21:45:55) 0000000071970000Library C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd(2017-01-10 18:14:33) 0000000071950000Library C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd(2017-01-23 21:45:55) 000000006b2a0000Library C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd(2017-01-23 21:45:55) 0000000071940000Library C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd(2017-01-23 21:45:57) 0000000071910000Library C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd(2017-01-23 21:45:56) 00000000716d0000Library C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll(2017-01-23 21:45:58) 000000006b280000Library C:\Program Files (x86)\Dropbox\Client\win32api.pyd(2017-01-10 18:14:32) 000000006b260000Library C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd(2017-01-10 18:14:33) 00000000704f0000Library C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd(2017-01-23 21:45:57) 000000006c130000Library C:\Program Files (x86)\Dropbox\Client\fastpath.pyd(2017-01-23 21:45:56) 000000006b250000Library C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll(2017-01-23 21:45:58) 000000006b1e0000Library C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd(2017-01-23 21:45:56) 000000006b1d0000Library C:\Program Files (x86)\Dropbox\Client\win32event.pyd(2017-01-10 18:14:32) 000000006b1c0000Library C:\Program Files (x86)\Dropbox\Client\win32security.pyd(2017-01-10 18:14:32) 000000006b1a0000Library C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd(2017-01-10 18:14:32) 000000006b110000Library C:\Program Files (x86)\Dropbox\Client\win32file.pyd(2017-01-10 18:14:32) 000000006b0e0000Library C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd(2017-01-10 18:14:33) 000000006b0b0000Library C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd(2017-01-10 18:14:32) 000000006b0a0000Library C:\Program Files (x86)\Dropbox\Client\win32gui.pyd(2017-01-10 18:14:32) 000000006b070000Library C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd(2017-01-10 18:14:32) 000000006b060000Library C:\Program Files (x86)\Dropbox\Client\win32process.pyd(2017-01-10 18:14:32) 000000006b050000Library C:\Program Files (x86)\Dropbox\Client\win32service.pyd(2017-01-10 18:14:32) 000000006b040000Library C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd(2017-01-10 18:14:32) 000000006b030000Library C:\Program Files (x86)\Dropbox\Client\win32profile.pyd(2017-01-10 18:14:32) 000000006b020000Library C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd(2017-01-23 21:45:55) 000000006ad60000Library C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd(2017-01-23 21:45:56) 000000006ad50000Library C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd(2017-01-10 18:14:33) 000000006ad00000Library C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd(2017-01-23 21:45:55) 000000006acf0000Library C:\Program Files (x86)\Dropbox\Client\win32ts.pyd(2017-01-10 18:14:32) 000000006ac80000Library C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd(2017-01-10 18:14:33) 000000006ac70000Library C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd(2017-01-23 21:46:01) 000000006ac30000Library C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd(2017-01-23 21:46:01) 000000006ac20000Library C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd(2017-01-23 21:46:01) 000000006ac10000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd(2017-01-23 21:45:57) 000000006aa50000Library C:\Program Files (x86)\Dropbox\Client\Qt5Core.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000006a650000Library C:\Program Files (x86)\Dropbox\Client\icuin55.dll (ICU I18N DLL/The ICU Project SIGNED)(2017-01-23 21:45:56) 000000004a900000Library C:\Program Files (x86)\Dropbox\Client\icuuc55.dll (ICU Common DLL/The ICU Project SIGNED)(2017-01-23 21:45:56) 0000000006240000Library C:\Program Files (x86)\Dropbox\Client\icudt55.dll (ICU Data DLL/The ICU Project SIGNED)(2017-01-23 21:45:56) 0000000068d10000Library C:\Program Files (x86)\Dropbox\Client\sip.pyd(2017-01-10 18:14:32) 0000000068c60000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd(2017-01-23 21:45:57) 0000000068bd0000Library C:\Program Files (x86)\Dropbox\Client\Qt5Network.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 00000000689f0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd(2017-01-23 21:45:58) 0000000068630000Library C:\Program Files (x86)\Dropbox\Client\Qt5Widgets.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 00000000681f0000Library C:\Program Files (x86)\Dropbox\Client\Qt5Gui.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 0000000067d60000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd(2017-01-23 21:45:57) 000000006adf0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd(2017-01-23 21:45:58) 000000006adc0000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebKit.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 0000000065a30000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd(2017-01-23 21:45:58) 0000000065760000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebKitWidgets.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 00000000654a0000Library C:\Program Files (x86)\Dropbox\Client\Qt5PrintSupport.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 0000000065380000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd(2017-01-23 21:45:57) 0000000065340000Library C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd(2017-01-23 21:46:01) 0000000065310000Library C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd(2017-01-10 18:14:33) 00000000652b0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd(2017-01-23 21:45:58) 0000000065290000Library C:\Program Files (x86)\Dropbox\Client\Qt5WinExtras.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 0000000064fa0000Library C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd(2017-01-10 18:14:33) 0000000064f90000Library C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd(2017-01-23 21:45:56) 0000000064b90000Library C:\Program Files (x86)\Dropbox\Client\librsync.dll(2017-01-23 21:45:56) 0000000064b80000Library C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL(2017-01-23 21:45:56) 0000000064b60000Library C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:57) 0000000063b20000Library C:\WINDOWS\SYSTEM32\nvumdshim.dll 0000000061c30000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll(2013-10-27 17:03:58) 000000000f000000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll (NVIDIA d3d9wrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:56) 0000000061880000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll (NVIDIA dxgiwrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 0000000061810000Library C:\Program Files (x86)\Dropbox\Client\libEGL.dll(2017-01-23 21:45:56) 000000006ada0000Library C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll(2017-01-23 21:45:56) 000000005f1c0000Library C:\Program Files (x86)\Dropbox\Client\d3dcompiler_47.dll (Direct3D HLSL Compiler for Redistribution/Microsoft Corporation SIGNED)(2017-01-23 21:45:55) 000000005ee60000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd(2017-01-23 21:45:57) 000000005d270000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebChannel.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005d250000Library C:\Program Files (x86)\Dropbox\Client\Qt5Qml.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005cfd0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd(2017-01-23 21:45:58) 000000005cfa0000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineWidgets.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005cf70000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebEngine.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005cf40000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineCore.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005aa40000Library C:\Program Files (x86)\Dropbox\Client\Qt5Quick.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005a7e0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd(2017-01-23 21:45:57) 000000005a780000Library C:\Program Files (x86)\Dropbox\Client\win32print.pyd(2017-01-10 18:14:32) 000000005a770000Library C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qgif.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:57) 000000005a760000Library C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:57) 000000005a720000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Library C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd(2017-01-10 18:14:33) 000000005a680000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd(2017-01-23 21:45:57) 0000000052180000Process C:\Program Files (x86)\Google\Drive\googledrivesync.exe [4004] (Google Drive/Google SIGNED)(2016-12-01 00:59:34) 0000000000400000Library C:\Users\user\AppData\Local\Temp\_MEI24162\python27.dll (Python Core/Python Software Foundation)(2017-01-26 01:17:40) 000000001e000000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32api.pyd(2017-01-26 01:17:42) 000000001e8c0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\pywintypes27.dll(2017-01-26 01:17:31) 000000001e7a0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\pythoncom27.dll(2017-01-26 01:17:40) 0000000000680000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32com.shell.shell.pyd(2017-01-26 01:17:42) 000000001e800000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_hashlib.pyd(2017-01-26 01:17:32) 0000000010000000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._core_.pyd(2017-01-26 01:17:45) 0000000002eb0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxbase30u_vc90.dll (wxWidgets base library/wxWidgets development team)(2017-01-26 01:17:48) 0000000002fe0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxbase30u_net_vc90.dll (wxWidgets network library/wxWidgets development team)(2017-01-26 01:17:47) 00000000006f0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxmsw30u_core_vc90.dll (wxWidgets core library/wxWidgets development team)(2017-01-26 01:17:48) 00000000031e0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxmsw30u_adv_vc90.dll (wxWidgets advanced library/wxWidgets development team)(2017-01-26 01:17:48) 00000000036b0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._gdi_.pyd(2017-01-26 01:17:45) 0000000001f80000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._windows_.pyd(2017-01-26 01:17:46) 0000000003ff0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxmsw30u_html_vc90.dll (wxWidgets html library/wxWidgets development team)(2017-01-26 01:17:48) 00000000040c0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._controls_.pyd(2017-01-26 01:17:45) 0000000004380000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._misc_.pyd(2017-01-26 01:17:46) 0000000004490000Library C:\Users\user\AppData\Local\Temp\_MEI24162\pysqlite2._sqlite.pyd(2017-01-26 01:17:40) 0000000004550000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_ctypes.pyd(2017-01-26 01:17:32) 000000001d1a0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\unicodedata.pyd(2017-01-26 01:17:42) 0000000004600000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32file.pyd(2017-01-26 01:17:42) 000000001ea10000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32security.pyd(2017-01-26 01:17:44) 000000001ec80000Library C:\Users\user\AppData\Local\Temp\_MEI24162\hashobjs_ext.pyd(2017-01-26 01:17:36) 0000000001e40000Library C:\Users\user\AppData\Local\Temp\_MEI24162\thumbnails_ext.pyd(2017-01-26 01:17:41) 0000000001e50000Library C:\Users\user\AppData\Local\Temp\_MEI24162\usb_ext.pyd(2017-01-26 01:17:42) 0000000002750000Library C:\Users\user\AppData\Local\Temp\_MEI24162\common.time34.pyd(2017-01-26 01:17:36) 0000000001e60000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32event.pyd(2017-01-26 01:17:42) 000000001e9b0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32gui.pyd(2017-01-26 01:17:43) 000000001ea40000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_socket.pyd(2017-01-26 01:17:34) 0000000002770000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_ssl.pyd(2017-01-26 01:17:35) 00000000046b0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_elementtree.pyd(2017-01-26 01:17:32) 000000001d100000Library C:\Users\user\AppData\Local\Temp\_MEI24162\pyexpat.pyd(2017-01-26 01:17:40) 0000000004160000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32inet.pyd(2017-01-26 01:17:43) 000000001eaa0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_psutil_windows.pyd(2017-01-26 01:17:33) 0000000004190000Library C:\Users\user\AppData\Local\Temp\_MEI24162\windows._lib_cacheinvalidation.pyd(2017-01-26 01:17:44) 0000000068c80000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32crypt.pyd(2017-01-26 01:17:42) 000000001e980000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._wizard.pyd(2017-01-26 01:17:46) 00000000041c0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._html2.pyd(2017-01-26 01:17:46) 00000000067b0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxmsw30u_webview_vc90.dll (wxWidgets webview library/wxWidgets development team)(2017-01-26 01:17:49) 00000000067e0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_multiprocessing.pyd(2017-01-26 01:17:33) 0000000006800000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_yappi.pyd(2017-01-26 01:17:35) 0000000006810000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32process.pyd(2017-01-26 01:17:43) 000000001ebf0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._animate.pyd(2017-01-26 01:17:45) 0000000006830000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32pipe.pyd(2017-01-26 01:17:43) 000000001eb90000Library C:\Users\user\AppData\Local\Temp\_MEI24162\select.pyd(2017-01-26 01:17:41) 0000000006860000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32pdh.pyd(2017-01-26 01:17:43) 000000001eb60000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32profile.pyd(2017-01-26 01:17:43) 000000001ec20000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32ts.pyd(2017-01-26 01:17:44) 000000001ed40000Process C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [4680] (IAStorDataSvc/Intel Corporation SIGNED)(2013-08-07 22:24:00) 0000000000420000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\ffd6b03c9c22babe077ac712b5ae07bc \System.ServiceProcess.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:07) 000000006afe0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\3f1d4f966ac8c60b9feda19d7c4e0716 \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 16:27:27) 0000000067c70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2c6097450e483e713ed2021691f09a0d\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:18) 000000006c9f0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\11a7447288b497bb2b5a68952a381a30\Sy stem.Management.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:36) 0000000067b40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\25c7df74c5f9106164045637d5b7704a\ System.ServiceModel.ni.dll (System.ServiceModel.dll/Microsoft Corporation)(2016-12-17 16:33:06) 0000000066890000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\3c0fb11cdbe7a1d094ac6a8a5cf17d16 \System.ServiceModel.Internals.ni.dll (System.ServiceModel.Internals.dll/Microsoft Corporation)(2016-12-25 14:29:58) 00000000653d0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\05f73057f2db606b707a4436b45c896d\SMDiag nostics.ni.dll (SMDiagnostics.dll/Microsoft Corporation)(2016-12-25 14:29:57) 0000000065320000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d0fe1dacc16e11a786d16583caba0064 \System.Runtime.Serialization.ni.dll (System.Runtime.Serialization.dll/Microsoft Corporation)(2016-12-17 16:27:39) 0000000064fe0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bc1a8f4cdb3213c981f4de8834f8367 \System.ServiceModel.Web.ni.dll (System.ServiceModel.Web.dll/Microsoft Corporation)(2016-12-30 13:43:20) 0000000064e80000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\477f8ddee72b23a41956085d50c680c1 \System.IdentityModel.ni.dll (System.IdentityModel.dll/Microsoft Corporation)(2016-12-30 13:43:39) 0000000064ba0000Library C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll (Intel Private Storage Interface Interop/Intel Corporation)(2013-08-07 22:24:00) 00000000649c0000Library C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll (Intel Storage Driver Interface Dynamic Library/Intel Corporation)(2013-08-07 22:24:00) 0000000063c20000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\336e731e017000367f7bf960c99229b0\System.D ata.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:32) 0000000063410000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\e53807bd702571eaf0fd13c0255dbd05 \System.Configuration.Install.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:27) 0000000061850000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\a7ba2431fab5869c9a3af6c178805c15\WindowsB ase.ni.dll (WindowsBase.dll/Microsoft Corporation)(2016-12-17 16:27:08) 0000000061440000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\3081c095cd326a3366ec5d4c4ad0034b\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:34) 000000006df40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3977bb460fbe8696c8a07553bbd74c48\Pre sentationCore.ni.dll (PresentationCore.dll/Microsoft Corporation)(2016-12-17 16:27:14) 00000000609b0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ee313ec152b39f7bce30944cb7f9338f \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:14) 000000006d2f0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\f84be5bc7d4d79567759f69a926f8452\Syst em.Numerics.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-25 14:24:23) 000000005ee30000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [3036] (NVIDIA Settings Update Manager/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) 0000000000ee0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5148] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5204] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5236] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5324] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5396] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5540] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\AsusWSPanel.exe [5644] (ASUS Webstorage Panel/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:50) 0000000000210000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Drawing\e33c77f535725e729987b0cfe94e9668\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:09) 00007ffbbdc30000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3aaa51fb913a2de4fec6a1a5935d96e6 \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:16) 00007ffbbcc70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.V9921e851#\1b6337801a7cd11357d3c3d4d1e8804c \Microsoft.VisualBasic.ni.dll (Visual Basic Runtime Library/Microsoft Corporation)(2016-12-17 16:33:45) 00007ffbabb40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Configuration\cc6c6f8f123d664502b6824e465278fc \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 17:27:49) 00007ffbbe870000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml\89953ee3f20b52d4a56e0562c0d26c14\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:27) 00007ffbbdeb0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\eCaremeDLL.dll (ASUS WebStorage Windows Lib DLL/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:54) 000000001b0e0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\log4net.dll (Apache log4net for .NET Framework 2.0/The Apache Software Foundation)(2013-11-17 21:51:36) 000000001af80000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Management\6cd96fbad7d4d5ec89692774279f4cef\Sy stem.Management.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:10) 00007ffba7300000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.SimpleAES64Lib.dll ( / )(2011-09-05 07:20:04) 0000000000ca0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.SIMPLEAESLib.dll ( / )(2011-09-05 07:20:04) 000000001af60000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\SimpleAES64.dll (SimpleAES64/eCareme Technologies, Inc. SIGNED)(2010-09-28 01:44:46) 0000000180000000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [7308] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\AsusWSService.exe [7696] (ASUS WebStorage Service/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:46) 0000000000970000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Drawing\e33c77f535725e729987b0cfe94e9668\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:09) 00007ffbbdc30000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3aaa51fb913a2de4fec6a1a5935d96e6 \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:16) 00007ffbbcc70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Data\e098aca3187d15cc2d5d6142ae0d6d64\System.D ata.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:04) 00007ffbba140000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml\89953ee3f20b52d4a56e0562c0d26c14\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:27) 00007ffbbdeb0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\log4net.dll (Apache log4net for .NET Framework 2.0/The Apache Software Foundation)(2013-11-17 21:51:36) 0000000002920000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\eCaremeDLL.dll (ASUS WebStorage Windows Lib DLL/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:54) 000000001b5a0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.SimpleAES64Lib.dll ( / )(2011-09-05 07:20:04) 0000000001030000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.SIMPLEAESLib.dll ( / )(2011-09-05 07:20:04) 00000000010a0000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\SimpleAES64.dll (SimpleAES64/eCareme Technologies, Inc. SIGNED)(2010-09-28 01:44:46) 0000000180000000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Management\6cd96fbad7d4d5ec89692774279f4cef\Sy stem.Management.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:10) 00007ffba7300000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Configuration\cc6c6f8f123d664502b6824e465278fc \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 17:27:49) 00007ffbbe870000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.V9921e851#\1b6337801a7cd11357d3c3d4d1e8804c \Microsoft.VisualBasic.ni.dll (Visual Basic Runtime Library/Microsoft Corporation)(2016-12-17 16:33:45) 00007ffbabb40000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.IWshRuntimeLibrary.dll ( / )(2010-06-15 03:19:52) 000000001b460000Process C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [5780] (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\SYSTEM32\nvumdshimx.dll (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvinitx.dll (NVIDIA shim initialization dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:02) 00007ffbcc780000Library C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll(2013-10-27 17:03:58) 000000000f000000Library C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll (NVIDIA d3d9wrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 00007ffbc9ae0000Library C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll (NVIDIA dxgiwrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 00007ffbc9a90000Library C:\WINDOWS\system32\igd10iumd64.dll (User Mode Driver for Intel(R) Graphics Technology/Intel Corporation)(2014-10-04 01:36:24) 00007ffbcb780000Library C:\WINDOWS\SYSTEM32\igdusc64.dll (Unified Shader Compiler for Intel(R) Graphics Accelerator/Intel Corporation)(2014-10-04 01:36:50) 00007ffbca210000Process C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740](2013-10-27 17:03:58) 0000000002300000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll(2013-10-27 17:03:58) 0000000002300000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll (NVIDIA d3d9wrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:56) 0000000061880000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll (NVIDIA dxgiwrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 0000000061810000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5964] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\WINDOWS\explorer.exe [8736] (Dropbox Shell Extension/Dropbox, Inc. SIGNED)(2017-01-23 21:45:56) 00007ffbcd730000Library C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll (Dropbox Shell Extension/Dropbox, Inc. SIGNED)(2017-01-23 21:45:56) 00007ffbcd730000Library C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google Drive shell extension/Google SIGNED)(2016-12-01 00:59:34) 00007ffb9e140000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll (AsusWSShellExt64/ASUS Cloud Corporation.)(2015-04-22 13:59:34) 00007ffb9d370000Library C:\WINDOWS\system32\cbfsMntNtf5.dll (Mount Notifier/EldoS Corporation SIGNED)(2017-01-02 19:21:14) 0000000180000000Process C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [5012] (AAM Updates Notifier Application/Adobe Systems Incorporated SIGNED)(2014-04-24 21:10:48) 0000000000200000Library C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterCore.dll (Adobe Updater Core Library/Adobe Systems Incorporated SIGNED)(2014-04-24 21:10:50) 00000000712b0000Library C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\LogSession.dll (LogSession/Adobe Systems Incorporated SIGNED)(2014-04-24 21:10:49) 0000000010000000Process C:\Program Files (x86)\HP SimplePass\TouchControl.exe [5944] (TouchControl/AuthenTec Inc. SIGNED)(2013-06-07 13:16:42) 00000000010a0000Library C:\Program Files (x86)\HP SimplePass\biolayer.dll (BioLayer Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:14) 00000000714e0000Library C:\Program Files (x86)\HP SimplePass\TrueSuiteDlg.dll (TSLog Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:54) 0000000051220000Library C:\Program Files (x86)\HP SimplePass\EnumWindowsUsers.dll (EnumWindowsUsers.dll/HP SIGNED)(2013-06-07 13:16:24) 0000000010000000Library C:\Program Files (x86)\HP SimplePass\AutoSoftwareUpdate.dll (HP update module/HP SIGNED)(2013-06-07 13:16:14) 00000000524f0000Library C:\Program Files (x86)\HP SimplePass\TSLog.dll (TSLog Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:38) 0000000074ab0000Library C:\Program Files (x86)\HP SimplePass\DataManager.dll (DataManager Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:20) 0000000070e00000Library C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll (TrueAPI Dynamic Link Library/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) 0000000070850000Library C:\Program Files (x86)\HP SimplePass\TokenMachine.dll (Token Machine Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:40) 00000000717d0000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni .dll (Microsoft Common Language Runtime Class Library/Microsoft Corporation)(2015-01-19 04:41:04) 0000000050170000Library C:\Program Files (x86)\HP SimplePass\DownloadManager.dll(2013-06-07 13:16:22) 0000000002a70000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\c8c33f01cccbd17232e84bdd620da61d\System.ni.dll (.NET Framework/Microsoft Corporation)(2016-05-17 05:38:54) 0000000077850000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\dec6b18b4628b3976c17a50272e06e21 \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-05-17 06:45:26) 0000000050070000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7cc1b35a02cafe07523e0eabd670fac3\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-05-17 05:39:23) 00000000629d0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\WINDOWS\system32\svchost.exe [9156] (Validity WBF Engine Adapter/Validity Sensors, Inc. SIGNED)(2013-03-19 22:50:08) 0000000180000000Library C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\VCSWBFENGINEADAPTER.DLL (Validity WBF Engine Adapter/Validity Sensors, Inc. SIGNED)(2013-03-19 22:50:08) 0000000180000000Process C:\Program Files\Common Files\AuthenTec\TrueService.exe [5800] (TrueAPI Server/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) 00007ff6428a0000Process C:\Program Files\Common Files\AuthenTec\TrueService.exe [5812] (TrueAPI Server/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) 00007ff6428a0000Process C:\Program Files\Windows Defender\MpCmdRun.exe [11256] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10548] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [11760] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [7368] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [11436] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [19920] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22128] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [26600] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [26200] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23628] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [26140] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [27380] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\WINDOWS\system32\AUDIODG.EXE [4348] (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:48) 00000000650a0000Library C:\WINDOWS\system32\stapo64.dll (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:48) 00000000650a0000Library C:\WINDOWS\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll (Audio Processing Object for Windows Vista/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 00000000654b0000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll(2014-01-11 16:55:45) 0000000180000000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll (DLL_CSHP Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:45) 000000d464160000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcsii64.dll (DLL_CSII Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:45) 000000d4641d0000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq64.dll (DLL_GEQ Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464260000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll (DLL_HP360 Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d4642d0000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slhlim64.dll (DLL_VolumeIQ Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464300000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll (DLL_MAXV Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464550000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll (DLL_TSHD Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464510000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slvipp64.dll (DLL_VIPPlus Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464720000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slviq64.dll (DLL_VolumeIQ Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d4647b0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28236] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28132] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23156] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28604] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process E:\gmer\gmer.exe [27752](2017-01-25 00:56:21) 0000000000400000---- Services - GMER 2.2 ----Service C:\WINDOWS\system32\DRIVERS\Accelerometer.sys (HP Accelerometer/Hewlett-Packard SIGNED)(2013-03-01 23:40:02) [MANUAL] AccelerometerService C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service/CA - G2 SIGNED)(2016-12-20 06:38:14) [AUTO] AdobeARMserviceService C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 24.0 r0/CA - G2 SIGNED)(2014-01-11 19:37:01) [MANUAL] AdobeFlashPlayerUpdateSvcService AvgService C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Identity Protection Service/AVG Technologies CZ, s.r.o. SIGNED)(2014-12-16 20:15:26) [AUTO] AVGIDSAgentService C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Watchdog Service/AVG Technologies CZ, s.r.o. SIGNED)(2014-12-16 20:09:34) [AUTO] avgwdService C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc. SIGNED)(2011-08-31 06:05:32) [AUTO] Bonjour ServiceService C:\WINDOWS\system32\drivers\cbfs5.sys (Callback File System Driver/EldoS Corporation SIGNED)(2017-01-02 19:21:13) [SYSTEM] cbfs5Service C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe (Host Process/Google Inc. SIGNED)(2016-10-17 02:31:44) [AUTO] chromotingService CngHwAssistService C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe (IntelCpHeciSvc Executable/Intel Corporation SIGNED)(2014-10-04 01:36:56) [MANUAL] cphsService C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox Update/Dropbox, Inc. SIGNED)(2016-12-11 17:53:59) [AUTO] dbupdateService C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox Update/Dropbox, Inc. SIGNED)(2016-12-11 17:53:59) [MANUAL] dbupdatemService C:\WINDOWS\system32\DbxSvc.exe (Dropbox Service/Dropbox, Inc. SIGNED)(2017-01-04 05:25:16) [AUTO] DbxSvcService C:\WINDOWS\system32\DRIVERS\ssudbus.sys (SAMSUNG USB Composite Device Driver/Samsung Electronics Co., Ltd. SIGNED)(2016-09-05 12:47:06) [MANUAL] dg_ssudbusService C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (HP Service/HP SIGNED)(2013-06-07 13:16:54) [AUTO] FPLServiceService C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc. SIGNED)(2014-05-07 09:38:02) [MANUAL] GEARAspiWDMService C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Installer/Google Inc. SIGNED)(2014-01-11 22:04:49) [AUTO] gupdateService C:\WINDOWS\system32\DRIVERS\hpdskflt.sys (HP Disk Filter - SATA/RAID/Hewlett-Packard SIGNED)(2013-03-01 23:40:02) [BOOT] hpdskfltService C:\WINDOWS\system32\Hpservice.exe (HpService/Hewlett-Packard Company SIGNED)(2013-03-01 23:40:02) [AUTO] hpsrvService ialmService C:\WINDOWS\System32\drivers\iaStorA.sys (Intel Rapid Storage Technology driver - x64/Intel Corporation SIGNED)(2013-08-07 22:23:46) [BOOT] iaStorAService C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (IAStorDataSvc/Intel Corporation SIGNED)(2013-08-07 22:24:00) [AUTO] IAStorDataMgrSvcService C:\WINDOWS\system32\DRIVERS\igdkmd64.sys (Intel Graphics Kernel Mode Driver/Intel Corporation SIGNED)(2014-10-04 01:36:38) [MANUAL] igfxService C:\WINDOWS\system32\igfxCUIService.exe (igfxCUIService Module/Intel Corporation SIGNED)(2014-10-04 01:36:52) [AUTO] igfxCUIService1.0.0.0Service C:\WINDOWS\system32\DRIVERS\ikbevent.sys(2012-08-17 04:31:26) [MANUAL] ikbeventService C:\WINDOWS\system32\DRIVERS\imsevent.sys(2012-08-17 04:31:28) [MANUAL] imseventService C:\WINDOWS\system32\drivers\intelaud.sys (Intel® WiDi Solution/Intel Corporation SIGNED)(2014-09-19 02:07:03) [MANUAL] intaud_WaveExtensibleService C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (64-bit)/Apple Inc. SIGNED)(2014-02-21 10:54:44) [MANUAL] iPod ServiceService C:\WINDOWS\System32\drivers\ISCTD64.sys(2012-08-17 04:31:28) [MANUAL] ISCTService C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe(2012-08-17 04:36:54) [AUTO] ISCTAgentService C:\WINDOWS\System32\drivers\iwdbus.sys (Intel® WiDi Solution/Intel Corporation SIGNED)(2014-09-19 02:07:03) [MANUAL] iwdbusService C:\WINDOWS\System32\Drivers\kf1avs.sys (Traktor Kontrol F1/Native Instruments GmbH SIGNED)(2011-09-15 13:48:56) [MANUAL] kf1avsService C:\WINDOWS\System32\Drivers\kf1usb.sys (Traktor Kontrol F1/Native Instruments GmbH SIGNED)(2011-09-15 13:48:56) [MANUAL] kf1usb_svcService C:\WINDOWS\System32\Drivers\kz2avs.sys (Traktor Kontrol Z2/Native Instruments GmbH SIGNED)(2012-12-18 08:50:16) [MANUAL] kz2avsService C:\WINDOWS\System32\Drivers\kz2usb.sys (Traktor Kontrol Z2/Native Instruments GmbH SIGNED)(2012-12-18 08:50:16) [MANUAL] kz2usb_svcService C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe (Component Host Service/McAfee, Inc. SIGNED)(2016-12-14 13:52:08) [MANUAL] McComponentHostServiceService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (NIHardwareService/Native Instruments GmbH SIGNED)(2013-11-27 10:34:02) [AUTO] NIHardwareServiceService C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 331.65 /NVIDIA Corporation SIGNED)(2013-10-27 17:04:02) [MANUAL] nvlddmkmService C:\WINDOWS\system32\DRIVERS\nvpciflt.sys (NVIDIA Windows Kernel Mode Driver, Version 331.65 /NVIDIA Corporation SIGNED)(2013-10-27 17:04:04) [BOOT] nvpcifltService C:\WINDOWS\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) [AUTO] nvsvcService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Settings Update Manager/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) [AUTO] nvUpdatusServiceService PACKETDRIVERService RDMANDKService RDPUDDService C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Reimage Real Time Protection/Reimage® SIGNED)(2016-11-06 15:59:12) [AUTO] ReimageRealTimeProtectorService C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Remote/Unified Intents AB SIGNED)(2016-12-03 05:05:26) [AUTO] RemoteServerWinService C:\WINDOWS\system32\DRIVERS\RtsPer.sys (RTS PCIE READER Driver/RTS Corporation SIGNED)(2014-01-11 17:59:07) [MANUAL] RTSPERService C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe (Monotype SkyFontsService/Monotype Imaging Inc. SIGNED)(2016-09-22 20:38:56) [AUTO] SkyFontsServiceService C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys (Synaptics SMBus Driver/Synaptics Incorporated SIGNED)(2013-04-24 09:16:20) [MANUAL] SmbDrvIService C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (SAMSUNG Android Modem Device Driver/Samsung Electronics Co., Ltd. SIGNED)(2016-09-05 12:47:12) [MANUAL] ssudmdmService C:\WINDOWS\system32\DRIVERS\stwrt64.sys (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:49) [MANUAL] STHDAService C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics Incorporated SIGNED)(2013-04-24 09:16:22) [MANUAL] SynTPService C:\WINDOWS\System32\Drivers\ta6avs.sys (Traktor Audio 6/Native Instruments GmbH SIGNED)(2012-12-18 08:51:54) [MANUAL] ta6avsService C:\WINDOWS\System32\Drivers\ta6usb.sys (Traktor Audio 6/Native Instruments GmbH SIGNED)(2012-12-18 08:51:54) [MANUAL] ta6usb_svcService C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer 11/TeamViewer GmbH SIGNED)(2016-08-12 18:41:05) [AUTO] TeamViewerService C:\Program Files\Common Files\AuthenTec\TrueService.exe (TrueAPI Server/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) [MANUAL] TrueServiceService C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe (SHAREit Service/SHAREit Technologies Co.Ltd SIGNED)(2016-12-12 14:55:06) [MANUAL] uSHAREitSvcService uvhidService C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe (ToolbarU Application /AVG Secure Search SIGNED)(2014-06-03 04:55:14) [AUTO] vToolbarUpdater18.1.7Service workerddService C:\WINDOWS\system32\drivers\WPRO_41_2001.sys(2014-01-11 18:59:15) [MANUAL] WPRO_41_2001---- Registry - GMER 2.2 ----Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000@CoInstallers32 C:\WINDOWS\SYSTEM32\igfxCoIn_v3960.dll (Intel(R) Graphics Media Accelerator Driver Coinstaller/Intel Corporation)(2014-10-04 01:36:56)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000@UserModeDriverName C:\WINDOWS\system32\igdumdim64.dll (User Mode Driver for Intel(R) Graphics Technology/Intel Corporation)(2014-10-04 01:36:50)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000@OpenGLDriverName C:\WINDOWS\system32\ig75icd64.dll (OpenGL(R) Driver for Intel(R) Graphics Accelerator/Intel Corporation)(2014-10-04 01:36:20)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000@MiracastDriverName C:\WINDOWS\system32\IntelWiDiMCUMD64.dll (IntelWiDiMCUMD.dll/Intel Corporation SIGNED)(2014-10-04 01:36:58)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0001@CoInstallers32 C:\WINDOWS\SYSTEM32\nvdispgenco6433165.dll (Generic Coinstaller/NVIDIA Corporation SIGNED)(2013-10-27 17:03:58)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0001@UserModeDriverName C:\WINDOWS\system32\nvd3dumx.dll (NVIDIA WDDM D3D Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}\0000@CoInstallers32 C:\WINDOWS\SYSTEM32\IntcDAuC.dll (Intel(R) Display Audio Coinstaller/Intel(R) Corporation)(2013-03-20 05:37:48)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}\0007@CoInstallers32 C:\WINDOWS\SYSTEM32\st646454.dll (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:47)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}\0000@CoInstallers32 C:\WINDOWS\SYSTEM32\SynTPCo18.dll (Synaptics Pointing Device Driver Co-Installer/Synaptics Incorporated SIGNED)(2013-04-24 09:16:10)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0043@CoInstallers32 C:\WINDOWS\SYSTEM32\HPMDPCoInst.dll (HP Mobile Data Protection CoInstaller/Hewlett-Packard SIGNED)(2013-03-01 23:40:02)
      My Computer
    Quote Quote

  3. cottonball
    Posts : 579
    Windows 10 Home
       New #2

    condense8,

    Welcome to TenForums!

    Please make sure the GMER report is for the Windows 10 computer.
    Copy the results of the GMER report to Notepad and make sure you use: Format > Word Wrap
    It is very difficult to read the above.

    Also, include the GMER header info:
    Example
    GMER 2.2.19882 - http://www.gmer.net
    Rootkit scan 2017-01-23 21:00:50
    Windows 6.2.9200 x64 \Device\Harddisk0\DR0 -> \Device\00000034 Samsung_SSD_840_EVO_250GB rev.EXT0BB6Q 232.89GB
    Running: g1mer.exe; Driver: C:\WINDOWS\TEMP\pxlyapod.sys


    You mention 3 devices. Are they three computers? Are these computers used at, or, for a business?
      My Computer
    Quote Quote

  4. Samuria
    Posts : 8,103
    windows 10
       New #3

    Do you have a boot dvd for 8 and 10 to do a clean install? the rootkit its self isnt the problem its there to bring hidden malware and thats the problem. Booting from an install dvd deleteing all partitions would be the best and quickest way to go
      My Computer
    Quote Quote

  6. condens8
    Posts : 5
    Windows 8 & 10 (multiple devices)
    Thread Starter
       New #4

    No they are all personal, two laptops and one desktop home computers with me and my roomy. Thanks for responding btw. I will do that. Right now im trying a hard reset with the windows 10 computer and just going at it again. It's actually so out of control I have no idea how to salvage this whenever i hook up networking so much is going on and then I lose admin privileges, i just did on the win10 computer and it shut down but I have taken out all the cords again and I dont even want to put my usb in there again to contaminate it. There is a LOT of malware on there. Almost everything seems to be compromised ive never seen anything like this. I will post the reports from the Asus Win10 computer but it nmight be a bit im trying a factory reinstall and im praying there is a partition because i dont have anything to do a fresh install with all of my system folders are compromised on every device.
      My Computer
    Quote Quote

  7. Borg 386
    Posts : 39,945
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition, Win 11 Pro
       New #5

    It sounds like your best recourse is to do a full install from a clean source, d/l a clean version of windows, make a bootable USB or CD and proceed from there. After doing a complete wipe of the drive, as some rootkits can survive a reinstall.

    Rootkits invite more malware to the party unfortunately, so starting over seems like the best option.

    Windows 10 - Clean Install

    USB Flash Drive - Create to Install Windows 10

    Windows 10 ISO Download

    Windows 8 and Windows 8.1 ISO - Download or Create

    If you want to do some further investigation into the rootkit, you can d/l GParted. This is a bootable partition manager that will show hidden partitions. Rootkits don't always show up on Disk Management in Windows.

    GParted -- A free application for graphically managing disk
    device partitions

    Rootkits will show up at the end of the drive as a hidden boot partition, usually 1 - 10 MB in size depending on the rootkit variant. You can use GParted to delete the hidden boot partition & re-establish the correct partition as the boot.
    Last edited by Borg 386; 27 Jan 2017 at 09:38.
      My Computer
    Quote Quote

  8. cottonball
    Posts : 579
    Windows 10 Home
       New #6

    condens8,

    The following is a tool that may show the cause of the problems in your Windows 10 computer.
    It is also used to fix problems using a script (Fixlist)

    If you wish to give it a try and see if you can run it on W10, it goes as follows:

    On a clean machine, please download Farbar Recovery Scan Tool
    Farbar Recovery Scan Tool Download
    Save to a USB flash drive.
    Note: You need to run the version compatible with your system: 32-bit, or 64-bit
    Remove the flash drive from the good computer, and connect the flash drive into the troubled PC.

    Next, access the Recovery Environment options via reboot in Windows 10:
    Open the Start menu.
    Click the Power button
    Press and hold down the SHIFT key on the and click the Restart option while still holding down the SHIFT key.
    Windows 10 will perform a reboot.

    In the prompt that appears, select Troubleshoot and then: Advanced Options
    In Advanced Options, select: Command Prompt
    Select your Account to continue, and enter your Password.

    At the Command Prompt:

    Type in notepad and press: Enter
    Notepad opens. Under File menu select: Open
    Select This PC (on the left) and find your flash drive letter. Make note of it, and close Notepad.

    At the command window type D:\frst (for x64 bit version type D:\frst64) and press: Enter
    Note: Replace letter Dwith the drive letter of your flash drive.
    The tool will start to run.
    When the tool opens click Yes to disclaimer.
    Next, press: Scan

    When done FRST places a log (FRST.txt) on the flash drive. At the scan completed prompt, press: OK
    Close FRST and its report.
    Close the Command Prompt using the [X] button on the top right.
    Back at Options, select: Turn off your PC

    Remove the USB flash drive, and plug it into a working computer.

    Please attach the FRST.txt, located on the USB flash drive, to your reply.


    This can also be run on a Windows 8 computer, however, you need to go to EightForums and post the results. System Security - Windows 8 Forums
      My Computer
    Quote Quote

  9. condens8
    Posts : 5
    Windows 8 & 10 (multiple devices)
    Thread Starter
       New #7

    Thanks for everything, unfortunately every computer is compromised. I am pretty sure its originating from the router but for now I have the FRST64 File attached. Thank youfor the clean bootdisk links, I really needed those because I keep wiping and restoring to factory settings but that doesn't do the trick. I just wiped themAttachment 118832Attachment 118833Addition_28-01-2017 01.57.49.txtFRST_28-01-2017 01.57.49.txtShortcut_28-01-2017 01.57.49.txt all again and as soon as the computers turn on they are FLOODED with malware coming in from a secure connection that works even when I disconnect the internet. When I go to device manager, theres a computer that is controlling all of mine called ACPI X64 or something , but yea they are all zombie computers so I just don't know what to do I have literally spent 10 days on this. Isnt there something I can do on command prompt to get out of the network? after that then I can address the malware...
      My Computer
    Quote Quote

  10. Borg 386
    Posts : 39,945
    Win 7 32, Win 7 64 Pro, Win 8.1 64 Pro, Win 10 64 Education Edition, Win 11 Pro
       New #8

    You may wish to consider resetting the router. There is usually a tiny hole in the back that you insert a paper clip into & this will reset it. Use Google to look up your router make/model along with instructions for resetting yours.
      My Computer
    Quote Quote

  12. cottonball
    Posts : 579
    Windows 10 Home
       New #9

    condens8,

    For some reason, do not see a Rootkit in the reports for the Windows 10 PC. It may be decimated by now.

    What shows on the Addition.txt is a series of Task entries with no files:

    Task: {13C3F96C-8B8A-435D-99B8-4DEA56C62266} - \McAfee\McAfee Auto Maintenance Task Agent -> No File <==== ATTENTION
    Task: {1B43F125-8177-453E-A833-848826107B54} - \ASUS\Power_Manager_background -> No File <==== ATTENTION
    Task: {1BEA74BF-0911-4969-BF41-5FB69166BE66} - \ASUS\ASUS Manager HotKey Service -> No File <==== ATTENTION
    Task: {233E0E18-D941-490D-8434-D6EFD0CA077D} - \ASUS\ASUS Manager BackgroundWindow -> No File <==== ATTENTION
    Task: {4C323DCC-7F9D-4902-AFCC-024DAC0076F0} - \ASUS\SyncUp -> No File <==== ATTENTION
    Task: {519855B8-35AE-4385-B988-387D15A48E87} - \ASUS\ASUS Updater -> No File <==== ATTENTION
    Task: {6601321E-FD64-4E68-B8B9-B14B19FEA565} - \ASUS\ASUS Manager - PC Cleanup - SecureDeleteBackground -> No File <==== ATTENTION
    Task: {87FAD967-43CD-4B9A-9B0B-D30739D43370} - \ASUS\ASUS Product Register Service -> No File <==== ATTENTION
    Task: {B65A66DF-53B6-450E-B2BA-47FADD5A658D} - \ASUS\ASUS Update Checker -> No File <==== ATTENTION
    Task: {FC02C326-B8DB-4AA2-BE4A-0A306D5F6A20} - \McAfeeLogon -> No File <==== ATTENTION

    We can take action to clean that area.

    It would be helpful to download and run GMER on the W10 computer:
    http://www2.gmer.net/download.php
    (Downloads a file with a random name)
    Save to the Desktop.

    Also, disconnect from the Internet, and temporarily disable your AntiVirus program.

    Double-click on the randomly named GMER icon to run the program.

    GMER opens to the Rootkit/Malware tab and performs an automatic quick scan.
    If you receive a warning about rootkit activity and are asked to fully scan your system click: No

    Next, on the right side, please do the following:
    Uncheck: IAT/EAT
    Uncheck: Show All

    Click: Scan

    If you see a rootkit warning window, click: OK

    When the scan is finished, Save the results to your Desktop as gmer.log

    You can now exit GMER, enable your AntiVirus, and reconnect your computer to the Internet.

    Then, please attach the contents of gmer.log in your reply.


    Have you thought about posting the GMER report you already have in EightForums:
    System Security - Windows 8 Forums

    You need to select Format > Word Wrap to bake it readable.
      My Computer
    Quote Quote

  13. cottonball
    Posts : 579
    Windows 10 Home
       New #10

    condens8,

    Been trying to go through the several sections of the GMER report (very hard to read) for the Windows 8.1 PC, and cannot seem to find an indication of a RootKit.

    Were any entries presented with a red color?

    There are, however, some items labeled "suspicious", and they belong to C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\

    Please do the following:

    Find each file identified below, and run it through VirusTotal
    VirusTotal - Free Online Virus, Malware and URL Scanner

    Press: Choose File

    Navigate to the following files, one at a time, and double click on it so the file name is populated, then click: Scan it!

    IMPORTANT! If the file is listed as already analyzed, click on: Reanalyse file now

    C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE
    C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso30win32client.dll (*** suspicious ***)
    C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso40uiwin32client.dll (*** suspicious ***)
    C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso98win32client.dll (*** suspicious ***)
    C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso99Lwin32client.dll (*** suspicious ***)
    C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso.dll (*** suspicious ***)
    C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\ACEOLEDB.DLL (*** suspicious ***)
    Once completed, highlight the information in the address bar and provide the link in your reply.


    Next, please download and extract Malwarebytes Anti-Rootkit:
    Malwarebytes | Anti-Rootkit BETA - Free Rootkit Scanner & Remover
    'Save as' to your Desktop.

    (Caution: This is a beta version so please be sure to read the disclaimer and back up any important data before using.)

    Open the MBAR folder, right-click mbar.exe, and select: Run as Administrator

    At the mail MBAR console, click: Update

    When the updating finishes, click Next, then: Scan

    If informed that the AppInit_Dlls rootkit is present, select not to fix it, and proceed with the scan.

    With some infections, you may see two messages boxes:
    Could not load protection driver, if so, Click: OK
    Could not load DDA driver, if so, Click: Yes
    Allow the driver to load after a restart.

    Next, if malware is found, do NOT press: Cleanup
    Just Exit the program.

    Please attach the contents of the system-log text document created by the tool.
    It is located in the MBAR folder.
      My Computer
    Quote Quote

 

  Related Discussions
Network devices not showing
in Network and Sharing

Since updating windows 10 it has made my PC2 network device vanish from Network list? I have googled and YouTube every possible solution. Everything to network discovery is set to Turn on. Can someone please help? Windows 10 pro - 20H2
After recently updating 2 PCs on a home network (both plugged into only router..then Charter Spectrum Modem) I can no longer access files and folders from each. The PCs now see/show each other as "MEDIA DEVICES" and clicking on each opens Windows...
Hi All, Any thoughts as to why my neighbors TV is showing on my PC devices as a "Display". I understand the Microsoft Wifi-Direct Principles and how to turn off, but I am on a LAN not Wireless and the virtual adapter is not present! If I can...
Devices on network cant see W10 PC
in Network and Sharing

So I just upgraded from W7 to W10 and now none of the devices connected to my home network can see my PC. I have media players (WD and Nvidia Shield) devices and they cant see my PC. Ive worked at this all day with limited success. I downloaded...
Network Devices
in Network and Sharing

Clean install of 10049 and 10056(leaked). Network devices do not show up under Network.Did a update of both still not showing. Did a clean install of 100041.Devices show up ok .Upgraded to 10061 still ok.Is this a bug in 10049 ?
Our Sites
Site Links
About Us
Windows 10 Forums is an independent web site and has not been authorized, sponsored, or otherwise approved by Microsoft Corporation. "Windows 10" and related materials are trademarks of Microsoft Corp.

 © Designer Media Ltd
All times are GMT -5. The time now is 20:45.
Find Us




Windows 10 Forums