New
#1
ROOTKIT NIGHTMARE - 3 Devices on same network
Hi there,
I realized that I had a virus while going through some file directories on my new computer. Didn't know about rootkits or viruses really so I started looking into it and educating myself, I now have a grasp of the problem but it is extremely advanced. I know I just need to wipe everything and start over but after numerous attempts , all the reinstalls have the malware IN the system directory. I have messed around with getting permissions back and what not, but Im at a loss from what to do now. I ive used TDS Killer with no success, used a lot of diagnostic tools from sysinternals, avira, avast - nothing other than GMER really showed anything. This is my windows 8 computer GMER scan, I have another windows 8 computer as well as a brand new desktop running 10. All of them are effed up. Here is just a taste of the madness. PS from my research of logs on the comp ive found stuff going back to 2014- and i have been unaaware the whole time. it has taken over everything.
Some noticeable issues I've personally observed:
-Network is definitely hijacked, tunnels are installed, remote users etc. I did take all permissions back with cmd
- Havent really deleted anything out of fear but have disabled a lot of network processes on my win10 asus, cant seem to hook up networking because the hackers were redirecting the connection THROUGH their server so the map needs to be rewritten.
- svchost.exe , chrome.exe , microsoftedge.exe as well as a bunch more below, but I seem to have everything apparently.
- A LOT of .dll and .manifest files where they shouldnt be. It may be related to a bootkit because even when I try to do a wipe and factory reset, all of the system directories are the same and clearly infected.
GMER 2.2.19882 - http://www.gmer.netRootkit scan 2017-01-26 12:05:34Windows 6.2.9200 x64 \Device\Harddisk1\DR1 -> \Device\00000038 WDC_WD7500BPVT-60HXZT3 rev.01.01A01 698.64GBRunning: gmer.exe; Driver: C:\Users\user\AppData\Local\Temp\uwldapob.sys---- Disk sectors - GMER 2.2 ----Disk \Device\Harddisk1\DR1 unknown MBR code---- Threads - GMER 2.2 ----Thread C:\WINDOWS\system32\csrss.exe [636:1380] fffff960008cb2d0Thread C:\WINDOWS\Explorer.EXE [1668:2724] 00007ffbabb0e630Thread C:\WINDOWS\Explorer.EXE [1668:5972] 00007ffbabb0e630Thread C:\WINDOWS\Explorer.EXE [1668:6320] 00007ffbac4ce630Thread C:\WINDOWS\Explorer.EXE [1668:11708] 00007ffba3d7e630Thread C:\WINDOWS\Explorer.EXE [1668:21868] 00007ffbb7f8e630Thread C:\WINDOWS\system32\mmc.exe [20068:21636] 00007ffbcaef28c0---- Processes - GMER 2.2 ----Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso30win32client.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 00000000519d0000Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso40uiwin32client.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 000000000ffc0000Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso98win32client.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 0000000051680000Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso99Lwin32client.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 00000000024b0000Library C:\Program Files (x86)\Common Files\Microsoft Shared\Office16\mso.dll (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 0000000002a20000Library C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE16\ACEOLEDB.DLL (*** suspicious ***) @ C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740] 0000000077710000---- EOF - GMER 2.2 ----END OF QUICK SCAN in SYSTEM FILES BELOW: Full Scan of 3rd partyGMER 2.2.19882 - http://www.gmer.net3rd party scan 2017-01-26 12:13:17Windows 6.2.9200 x64 \Device\Harddisk1\DR1 -> \Device\00000038 WDC_WD7500BPVT-60HXZT3 rev.01.01A01 698.64GBRunning: gmer.exe; Driver: C:\Users\user\AppData\Local\Temp\uwldapob.sys---- Modules - GMER 2.2 ----Module \SystemRoot\System32\drivers\iaStorA.sys (Intel Rapid Storage Technology driver - x64/Intel Corporation SIGNED)(2013-08-07 22:23:46) fffff80068649000-fffff80068903000 (2859008 bytes)Module \SystemRoot\system32\DRIVERS\hpdskflt.sys (HP Disk Filter - SATA/RAID/Hewlett-Packard SIGNED)(2013-03-01 23:40:02) fffff8006919d000-fffff800691a8000 (45056 bytes)Module \SystemRoot\system32\DRIVERS\nvpciflt.sys (NVIDIA Windows Kernel Mode Driver, Version 331.65 /NVIDIA Corporation SIGNED)(2013-10-27 17:04:04) fffff80068e00000-fffff80068e0b000 (45056 bytes)Module \??\C:\WINDOWS\system32\drivers\cbfs5.sys (Callback File System Driver/EldoS Corporation SIGNED)(2017-01-02 19:21:13) fffff80069410000-fffff8006947a000 (434176 bytes)Module \SystemRoot\system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 331.65 /NVIDIA Corporation SIGNED)(2013-10-27 17:04:02) fffff80069ca5000-fffff8006a8dc000 (12808192 bytes)Module \SystemRoot\system32\DRIVERS\igdkmd64.sys (Intel Graphics Kernel Mode Driver/Intel Corporation SIGNED)(2014-10-04 01:36:38) fffff8006aa68000-fffff8006af0c000 (4866048 bytes)Module \SystemRoot\system32\DRIVERS\RtsPer.sys (RTS PCIE READER Driver/RTS Corporation SIGNED)(2014-01-11 17:59:07) fffff8006b359000-fffff8006b3cb000 (466944 bytes)Module \SystemRoot\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics Incorporated SIGNED)(2013-04-24 09:16:22) fffff80069c00000-fffff80069c7f000 (520192 bytes)Module \SystemRoot\system32\DRIVERS\ikbevent.sys(2012-08-17 04:31:26) fffff8006aa00000-fffff8006aa0b000 (45056 bytes)Module \SystemRoot\system32\DRIVERS\imsevent.sys(2012-08-17 04:31:28) fffff8006aa1d000-fffff8006aa28000 (45056 bytes)Module \SystemRoot\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc. SIGNED)(2014-05-07 09:38:02) fffff8006b3f6000-fffff8006b3fd000 (28672 bytes)Module \SystemRoot\system32\DRIVERS\Smb_driver_Intel.sys (Synaptics SMBus Driver/Synaptics Incorporated SIGNED)(2013-04-24 09:16:20) fffff8006aa38000-fffff8006aa45000 (53248 bytes)Module \SystemRoot\system32\DRIVERS\Accelerometer.sys (HP Accelerometer/Hewlett-Packard SIGNED)(2013-03-01 23:40:02) fffff8006aa45000-fffff8006aa53000 (57344 bytes)Module \SystemRoot\System32\drivers\ISCTD64.sys(2012-08-17 04:31:28) fffff800683ef000-fffff80068400000 (69632 bytes)Module \SystemRoot\System32\drivers\iwdbus.sys (Intel® WiDi Solution/Intel Corporation SIGNED)(2014-09-19 02:07:03) fffff8006b4be000-fffff8006b4ca000 (49152 bytes)Module \SystemRoot\system32\DRIVERS\stwrt64.sys (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:49) fffff8006b6da000-fffff8006b764000 (565248 bytes)Module \SystemRoot\System32\Drivers\dump_diskdump.sys fffff8006b6c9000-fffff8006b6d5000 (49152 bytes)Module \SystemRoot\System32\Drivers\dump_iaStorA.sys fffff8006b82d000-fffff8006bae7000 (2859008 bytes)Module \SystemRoot\System32\Drivers\dump_dumpfve.sys fffff8006bae7000-fffff8006bafd000 (90112 bytes)Module \SystemRoot\system32\drivers\WPRO_41_2001.sys(2014-01-11 18:59:15) fffff8006c1c7000-fffff8006c1d3000 (49152 bytes)---- Processes - GMER 2.2 ----Process C:\WINDOWS\system32\dwm.exe [952] (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvumdshimx.dll (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvinitx.dll (NVIDIA shim initialization dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:02) 00007ffbcc780000Library C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll(2013-10-27 17:03:58) 000000000f000000Library C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll (NVIDIA d3d9wrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 00007ffbc9ae0000Library C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll (NVIDIA dxgiwrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 00007ffbc9a90000Library C:\WINDOWS\system32\igd10iumd64.dll (User Mode Driver for Intel(R) Graphics Technology/Intel Corporation)(2014-10-04 01:36:24) 00007ffbcb780000Library C:\WINDOWS\system32\igdusc64.dll (Unified Shader Compiler for Intel(R) Graphics Accelerator/Intel Corporation)(2014-10-04 01:36:50) 00007ffbca210000Process C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe [968] (HP Service/HP SIGNED)(2013-06-07 13:16:54) 0000000001240000Library C:\Program Files (x86)\HP SimplePass\TSLog.dll (TSLog Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:38) 0000000074ab0000Process C:\WINDOWS\system32\nvvsvc.exe [344] (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ff7f6b20000Library C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000066640000Process C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe [412] (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ff7ea090000Library C:\Program Files\NVIDIA Corporation\Display\nvxdapix.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000066030000Library C:\Program Files\NVIDIA Corporation\Display\NvUI.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000065b90000Library C:\WINDOWS\system32\nvumdshimx.dll (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvapi64.dll (NVIDIA NVAPI Library, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:46) 00007ffbc9b40000Library C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000066640000Library C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll(2014-11-05 05:42:44) 00007ffbcd710000Library C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00000000659e0000Process C:\WINDOWS\System32\svchost.exe [428] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\WINDOWS\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll (Audio Processing Object for Windows Vista/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 00000000654b0000Process C:\WINDOWS\system32\svchost.exe [640] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\WINDOWS\system32\svchost.exe [780] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\WINDOWS\system32\nvvsvc.exe [1028] (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ff7f6b20000Library C:\WINDOWS\system32\NVSVC64.DLL (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ffbcb370000Library C:\WINDOWS\system32\nvapi64.dll (NVIDIA NVAPI Library, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:46) 00007ffbc9b40000Library C:\WINDOWS\system32\NVSVCR.DLL (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ffbc94a0000Library C:\Program Files\NVIDIA Corporation\Display\nvxdbat.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000066640000Library C:\Program Files\NVIDIA Corporation\Display\nvxdplcy.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00000000659e0000Process C:\WINDOWS\system32\igfxCUIService.exe [1108] (igfxCUIService Module/Intel Corporation SIGNED)(2014-10-04 01:36:52) 00007ff6c5460000Process C:\WINDOWS\system32\Hpservice.exe [1312] (HpService/Hewlett-Packard Company SIGNED)(2013-03-01 23:40:02) 00007ff679050000Library C:\WINDOWS\system32\accelerometerdll.DLL (HP Mobile Data Protection User Mode DLL/Hewlett-Packard Company SIGNED)(2013-03-01 23:40:02) 00007ffbc8d50000Process C:\Windows\System32\WUDFHost.exe [1388] (Validity WBF Driver/Validity Sensors, Inc. SIGNED)(2013-03-19 22:22:48) 00007ffbc8720000Library C:\Windows\System32\drivers\UMDF\wbf_vfs_0050.dll (Validity WBF Driver/Validity Sensors, Inc. SIGNED)(2013-03-19 22:22:48) 00007ffbc8720000Library C:\Windows\System32\vcsAPIFORWBF.dll (Validity VCS Extended API Library/Validity Sensors, Inc. SIGNED)(2013-03-19 22:21:56) 0000000180000000Process C:\WINDOWS\system32\svchost.exe [1512] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\WINDOWS\System32\spoolsv.exe [1744] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [1912] (Adobe Acrobat Update Service/CA - G2 SIGNED)(2016-12-20 06:38:14) 0000000000c70000Process C:\Program Files\Bonjour\mDNSResponder.exe [1936] (Bonjour Service/Apple Inc. SIGNED)(2011-08-31 06:05:32) 00007ff7cb160000Process C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe [1956] (Host Process/Google Inc. SIGNED)(2016-10-17 02:31:44) 0000000001240000Process C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe [2028] (Host Process/Google Inc. SIGNED)(2016-10-17 02:31:44) 0000000001240000Process C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [2040] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\WINDOWS\system32\DbxSvc.exe [1052] (Dropbox Service/Dropbox, Inc. SIGNED)(2017-01-04 05:25:16) 00007ff74cc60000Process C:\WINDOWS\System32\svchost.exe [1780] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe [2060](2012-08-17 04:36:54) 00007ff6cde20000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\LServ.dll (Log Server/Intel Corporation)(2012-08-17 04:33:46) 00007ffbc2d20000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\NetworkHeuristic.dll(2012-08-17 04:36:56) 00007ffbc2b20000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTNetDetect.dll (ISCT Net Detect Module/Intel Corporation SIGNED)(2012-08-17 04:36:56) 00007ffbc2a50000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\ISCTRemoteWake.dll (ISCT Always Reachable Module/TODO: <Company name> SIGNED)(2012-08-17 04:36:56) 00007ffbc29f0000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\wpcap.dll (wpcap.dll Dynamic Link Library - based on libpcap 1.0rel0b branch (20091008)/CACE Technologies SIGNED)(2012-08-17 04:36:54) 0000000180000000Library C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\packet.dll (packet.dll Wrapper Dynamic Link Library/CACE Technologies SIGNED)(2012-08-17 04:36:52) 0000000001140000Library C:\WINDOWS\system32\WPRO_41_2001woem.tmp (packet.dll (Vista) Dynamic Link Library/CACE Technologies SIGNED)(2017-01-26 01:15:49) 0000000001c70000Process C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe [2180] (NIHardwareService/Native Instruments GmbH SIGNED)(2013-11-27 10:34:02) 00007ff68bf10000Process C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe [2296] (Reimage Real Time Protection/Reimage® SIGNED)(2016-11-06 15:59:12) 00007ff70d590000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files\Reimage\Reimage Protector\ReiSystem.exe [2336] (Reimage System Protection/Reimage® SIGNED)(2016-11-06 15:59:16) 00007ff619d20000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [2352] (Unified Remote/Unified Intents AB SIGNED)(2016-12-03 05:05:26) 00000000013c0000Library C:\Program Files (x86)\Unified Remote 3\wcl.dll (Wireless Communication Library C++ Developer/Soft Service Company)(2016-12-03 05:05:28) 00000000728f0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe [2644] (Monotype SkyFontsService/Monotype Imaging Inc. SIGNED)(2016-09-22 20:38:56) 00000000005b0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Serv759bfb78#\dd84ea2df483c0bd8415651d9dec7d1d \System.ServiceProcess.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:57) 00007ffbbead0000Library C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Ext.Core.dll (Monotype SkyFonts Core/Monotype Imaging Inc.)(2016-09-22 20:38:48) 0000000019a70000Library C:\Program Files\Monotype\SkyFonts\NLog.dll (NLog for .NET Framework 4/NLog)(2013-04-08 19:15:56) 0000000000e70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Configuration\cc6c6f8f123d664502b6824e465278fc \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 17:27:49) 00007ffbbe870000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml\89953ee3f20b52d4a56e0562c0d26c14\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:27) 00007ffbbdeb0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Drawing\e33c77f535725e729987b0cfe94e9668\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:09) 00007ffbbdc30000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3aaa51fb913a2de4fec6a1a5935d96e6 \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:16) 00007ffbbcc70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.ServiceModel\970a91298480f8937aa6af8c5b63b371\ System.ServiceModel.ni.dll (System.ServiceModel.dll/Microsoft Corporation)(2016-12-17 17:28:54) 00007ffbbaa00000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Data\e098aca3187d15cc2d5d6142ae0d6d64\System.D ata.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:04) 00007ffbba140000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Runteb92aa12#\fe95bb1bc7be6223179723407a5a8b51 \System.Runtime.Serialization.ni.dll (System.Runtime.Serialization.dll/Microsoft Corporation)(2016-12-17 17:28:22) 00007ffbb9ab0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\SMDiagnostics\40f19aaa8b7309dc458bac4333dc9112\SMDiag nostics.ni.dll (SMDiagnostics.dll/Microsoft Corporation)(2016-12-17 17:30:34) 00007ffbb9a80000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Servd1dec626#\0ac47742c7836b4fcc2f19b2e4c6d66d \System.ServiceModel.Internals.ni.dll (System.ServiceModel.Internals.dll/Microsoft Corporation)(2016-12-17 17:30:35) 00007ffbb9790000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Transactions\9e50cfe88d4b6dbf6e5a09f177175d5b\ System.Transactions.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:58) 00007ffbb9640000Process C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [2228] (TeamViewer 11/TeamViewer GmbH SIGNED)(2016-08-12 18:41:05) 0000000000ca0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe [2476] (ToolbarU Application /AVG Secure Search SIGNED)(2014-06-03 04:55:14) 0000000000120000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\loggingserver.exe [2668](2014-06-03 04:55:14) 0000000000ca0000Library C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\log4cplusU.dll(2014-06-03 04:55:14) 0000000071e00000Process C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3296] (Synaptics TouchPad Enhancements/Synaptics Incorporated SIGNED)(2013-04-24 09:15:58) 0000000000400000Library C:\WINDOWS\system32\SynCOM.dll (SynCOM/Synaptics Incorporated SIGNED)(2013-04-24 09:16:04) 0000000010000000Library C:\WINDOWS\SYSTEM32\SynTPAPI.dll (SynTPAPI/Synaptics Incorporated SIGNED)(2013-04-24 09:16:08) 0000000063010000Library C:\Program Files\Synaptics\SynTP\SynTPRes.dll (TouchPad Resource Library/Synaptics Incorporated SIGNED)(2013-04-24 09:16:16) 00000000033b0000Process C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [1488] (Microsoft Common Language Runtime Class Library/Microsoft Corporation)(2015-01-19 04:39:42) 00007ffbb3ff0000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\mscorlib\6227ee011c9930128c5ad76841ecf2ee\mscorlib.ni .dll (Microsoft Common Language Runtime Class Library/Microsoft Corporation)(2015-01-19 04:39:42) 00007ffbb3ff0000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System\4393c8e53a5625379e2aac0aa580c442\System.ni.dll (.NET Framework/Microsoft Corporation)(2016-05-17 05:39:36) 00007ffbb34c0000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\System.ServiceProce#\0710058637a1bd90cad8b59f0d7d32fc \System.ServiceProcess.ni.dll (.NET Framework/Microsoft Corporation)(2016-05-17 06:48:19) 00007ffbb3470000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\WindowsBase\267f2adaf07827f9639c26c2aae0fc10\WindowsB ase.ni.dll (WindowsBase.dll/Microsoft Corporation)(2016-10-15 06:42:43) 00007ffbb2e10000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_64\PresentationCore\f11b8c35351975aa2e0555b2c979351c\Pre sentationCore.ni.dll (PresentationCore.dll/Microsoft Corporation)(2016-10-15 06:43:10) 00007ffbb1e30000Process C:\WINDOWS\Explorer.EXE [1668] (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\SYSTEM32\nvumdshimx.dll (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvinitx.dll (NVIDIA shim initialization dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:02) 00007ffbcc780000Library C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll (Dropbox Shell Extension/Dropbox, Inc. SIGNED)(2017-01-23 21:45:56) 00007ffbcd730000Library C:\WINDOWS\system32\igd10iumd64.dll (User Mode Driver for Intel(R) Graphics Technology/Intel Corporation)(2014-10-04 01:36:24) 00007ffbcb780000Library C:\WINDOWS\SYSTEM32\igdusc64.dll (Unified Shader Compiler for Intel(R) Graphics Accelerator/Intel Corporation)(2014-10-04 01:36:50) 00007ffbca210000Library C:\Program Files\FileZilla FTP Client\fzshellext_64.dll(2016-07-27 14:52:52) 0000000065500000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSContextMenu.dll (ASUS WebStorage Windows ContextMenu Dll/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:56) 0000000008520000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\LogicNP.EZShellExtensions.dll ( / )(2009-03-02 02:07:52) 000000000c160000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.V9921e851#\1b6337801a7cd11357d3c3d4d1e8804c \Microsoft.VisualBasic.ni.dll (Visual Basic Runtime Library/Microsoft Corporation)(2016-12-17 16:33:45) 00007ffbabb40000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\eCaremeDLL.dll (ASUS WebStorage Windows Lib DLL/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:54) 0000000010670000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\log4net.dll (Apache log4net for .NET Framework 2.0/The Apache Software Foundation)(2013-11-17 21:51:36) 0000000010e80000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Configuration\cc6c6f8f123d664502b6824e465278fc \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 17:27:49) 00007ffbbe870000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml\89953ee3f20b52d4a56e0562c0d26c14\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:27) 00007ffbbdeb0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Drawing\e33c77f535725e729987b0cfe94e9668\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:09) 00007ffbbdc30000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3aaa51fb913a2de4fec6a1a5935d96e6 \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:16) 00007ffbbcc70000Library C:\Program Files (x86)\AVG\AVG2014\avgsysa.dll (AVG SYS Library/AVG Technologies CZ, s.r.o. SIGNED)(2014-12-16 20:03:02) 00007ffba3960000Library C:\WINDOWS\system32\nvapi64.dll (NVIDIA NVAPI Library, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:46) 00007ffbc9b40000Library C:\WINDOWS\SYSTEM32\Nv3DAppShExtR.dll (NVIDIA US English language resource library/NVIDIA Corporation)(2014-11-05 05:42:44) 00007ffbabae0000Library C:\WINDOWS\system32\nvshext.dll (NVIDIA Display Shell Extension/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000065300000Library C:\WINDOWS\system32\igfxDTCM.dll (igfxDTCM Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb8280000Library C:\WINDOWS\system32\igfxDH.dll (igfxDH Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1c90000Library C:\WINDOWS\system32\igfxLHM.dll (igfxLHM Module/Intel Corporation)(2014-10-04 01:36:54) 00007ffbb1a90000Library C:\WINDOWS\system32\igfxDI.dll (igfxDI Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1a40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Management\6cd96fbad7d4d5ec89692774279f4cef\Sy stem.Management.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:10) 00007ffba7300000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\Interop.SimpleAES64Lib.dll ( / )(2011-09-05 07:20:04) 0000000011460000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\Interop.SIMPLEAESLib.dll ( / )(2011-09-05 07:20:04) 0000000027340000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\SimpleAES64.dll (SimpleAES64/eCareme Technologies, Inc. SIGNED)(2010-09-28 01:44:46) 0000000180000000Library C:\Program Files (x86)\Google\Drive\contextmenu64.dll (Google Drive shell extension/Google SIGNED)(2016-12-01 00:59:36) 00007ffbb8130000Library C:\Program Files (x86)\Notepad++\NppShell_06.dll(2016-05-17 22:42:40) 0000000048260000Library C:\WINDOWS\system32\nv3dappshext.dll (NVIDIA Shell Extensions/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ffb8db10000Process C:\Program Files (x86)\Avg Secure Update\AVG-Secure-Search-Update_0414c.exe [2496](2014-04-25 13:12:25) 00000000000f0000Process C:\Program Files (x86)\Screenhero, Inc\Screenhero\Screenhero.daemon.exe [4104](2016-07-21 23:13:24) 00000000002e0000Process C:\WINDOWS\system32\igfxEM.exe [4200] (igfxEM Module/Intel Corporation SIGNED)(2014-10-04 01:36:54) 00007ff719800000Library C:\WINDOWS\system32\igfxDH.dll (igfxDH Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1c90000Library C:\WINDOWS\system32\igfxLHM.dll (igfxLHM Module/Intel Corporation)(2014-10-04 01:36:54) 00007ffbb1a90000Library C:\WINDOWS\system32\igfxDI.dll (igfxDI Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1a40000Process C:\WINDOWS\system32\igfxHK.exe [4208] (igfxHK Module/Intel Corporation SIGNED)(2014-10-04 01:36:54) 00007ff6a94d0000Library C:\WINDOWS\system32\igfxDH.dll (igfxDH Module/Intel Corporation)(2014-10-04 01:36:52) 00007ffbb1c90000Library C:\WINDOWS\system32\igfxLHM.dll (igfxLHM Module/Intel Corporation)(2014-10-04 01:36:54) 00007ffbb1a90000Process C:\Program Files (x86)\HP SimplePass\IEWebSiteLogon.exe [4444](2013-06-07 13:16:28) 0000000000590000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\3081c095cd326a3366ec5d4c4ad0034b\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:34) 000000006df40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ee313ec152b39f7bce30944cb7f9338f \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:14) 000000006d2f0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2c6097450e483e713ed2021691f09a0d\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:18) 000000006c9f0000Library C:\Program Files (x86)\HP SimplePass\BioLayerAdapter.dll (BioLayerAdapter Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:16) 0000000070640000Library C:\Program Files (x86)\HP SimplePass\TSLog.dll (TSLog Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:38) 0000000074ab0000Library C:\Program Files (x86)\HP SimplePass\biolayer.dll (BioLayer Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:14) 00000000714e0000Library C:\Program Files (x86)\HP SimplePass\DataManager.dll (DataManager Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:20) 0000000070e00000Library C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll (TrueAPI Dynamic Link Library/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) 0000000070850000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\CustomMarshalers\0f8b1cd9a653724349c0c2d97317b28b\Cus tomMarshalers.ni.dll (Microsoft .NET Framework Custom Marshalers/Microsoft Corporation)(2016-12-17 15:45:55) 000000006c140000Process C:\Program Files\NVIDIA Corporation\Display\nvtray.exe [4920] (NVIDIA Settings/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 00007ff78de10000Library C:\Program Files\NVIDIA Corporation\Display\NvUI.dll (NVIDIA User Experience Driver Component/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) 0000000065b90000Library C:\Program Files\NVIDIA Corporation\Update Common\easyDaemonAPIU64.DLL (Easy daemon API/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) 00007ffbc84e0000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\NVIDIA Corporation\Update Common\NvUpdt.dll (NVIDIA Update Components, 1.15.2.0/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) 00007ffbc7fa0000Library C:\Program Files\NVIDIA Corporation\Update Common\NVUPDTR.DLL (NVIDIA US English language resource library/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) 00007ffbc83f0000Process C:\PROGRAM FILES\SYNAPTICS\SYNTP\SYNTPHELPER.EXE [4336] (Synaptics Pointing Device Helper/Synaptics Incorporated SIGNED)(2013-04-24 09:16:00) 0000000000400000Process C:\Windows\System32\skydrive.exe [4768] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library 00007ffbae9d0000Process C:\Program Files (x86)\Google\Drive\googledrivesync.exe [2416] (Google Drive/Google SIGNED)(2016-12-01 00:59:34) 0000000000400000Process C:\Users\user\AppData\Roaming\Spotify\SpotifyWebHelper.exe [2552] (SpotifyWebHelper/Spotify Ltd SIGNED)(2016-07-28 03:46:46) 0000000000400000Process C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe [3324] (Unified Remote/Unified Intents AB SIGNED)(2016-12-03 05:05:26) 00000000013c0000Library C:\Program Files (x86)\Unified Remote 3\wcl.dll (Wireless Communication Library C++ Developer/Soft Service Company)(2016-12-03 05:05:28) 00000000728f0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Hewlett-Packard\HP 3D DriveGuard\AccelerometerSt.exe [3456] (Hp Accelerometer System Tray/Hewlett-Packard Company SIGNED)(2013-03-02 00:07:14) 00007ff6423e0000Library C:\WINDOWS\SYSTEM32\accelerometerdll.DLL (HP Mobile Data Protection User Mode DLL/Hewlett-Packard Company SIGNED)(2013-03-01 23:40:02) 00007ffbc8d50000Process C:\Program Files\McAfee Security Scan\3.11.474\SSScheduler.exe [3888] (McAfee Security Scanner Scheduler/McAfee, Inc. SIGNED)(2016-12-14 13:53:48) 00007ff70c040000Process C:\Program Files (x86)\Dropbox\Client\Dropbox.exe [4340] (Dropbox/Dropbox, Inc. SIGNED)(2017-01-23 21:45:55) 0000000000f20000Library C:\Program Files (x86)\Dropbox\Client\dropbox_watchdog.dll(2017-01-23 21:45:56) 00000000719a0000Library C:\Program Files (x86)\Dropbox\Client\PYTHON27.DLL (Python Core/Python Software Foundation SIGNED)(2017-01-23 21:45:58) 000000006b4f0000Library C:\Program Files (x86)\Dropbox\Client\_multiprocessing.pyd(2017-01-10 18:14:33) 0000000071ab0000Library C:\Program Files (x86)\Dropbox\Client\_ctypes.pyd(2017-01-10 18:14:33) 0000000071a90000Library C:\Program Files (x86)\Dropbox\Client\select.pyd(2017-01-10 18:14:32) 0000000071990000Library C:\Program Files (x86)\Dropbox\Client\tornado.speedups.pyd(2017-01-10 18:14:32) 0000000071980000Library C:\Program Files (x86)\Dropbox\Client\unicodedata.pyd(2017-01-10 18:14:32) 000000006b440000Library C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._constant_time.pyd(2017-01-23 21:45:55) 0000000071970000Library C:\Program Files (x86)\Dropbox\Client\_cffi_backend.pyd(2017-01-10 18:14:33) 0000000071950000Library C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._openssl.pyd(2017-01-23 21:45:55) 000000006b2a0000Library C:\Program Files (x86)\Dropbox\Client\cryptography.hazmat.bindings._padding.pyd(2017-01-23 21:45:55) 0000000071940000Library C:\Program Files (x86)\Dropbox\Client\pyexpat.pyd(2017-01-23 21:45:57) 0000000071910000Library C:\Program Files (x86)\Dropbox\Client\faulthandler.pyd(2017-01-23 21:45:56) 00000000716d0000Library C:\Program Files (x86)\Dropbox\Client\pywintypes27.dll(2017-01-23 21:45:58) 000000006b280000Library C:\Program Files (x86)\Dropbox\Client\win32api.pyd(2017-01-10 18:14:32) 000000006b260000Library C:\Program Files (x86)\Dropbox\Client\winffi.crt.compiled._winffi_crt.pyd(2017-01-10 18:14:33) 00000000704f0000Library C:\Program Files (x86)\Dropbox\Client\psutil._psutil_windows.pyd(2017-01-23 21:45:57) 000000006c130000Library C:\Program Files (x86)\Dropbox\Client\fastpath.pyd(2017-01-23 21:45:56) 000000006b250000Library C:\Program Files (x86)\Dropbox\Client\pythoncom27.dll(2017-01-23 21:45:58) 000000006b1e0000Library C:\Program Files (x86)\Dropbox\Client\mmapfile.pyd(2017-01-23 21:45:56) 000000006b1d0000Library C:\Program Files (x86)\Dropbox\Client\win32event.pyd(2017-01-10 18:14:32) 000000006b1c0000Library C:\Program Files (x86)\Dropbox\Client\win32security.pyd(2017-01-10 18:14:32) 000000006b1a0000Library C:\Program Files (x86)\Dropbox\Client\win32com.shell.shell.pyd(2017-01-10 18:14:32) 000000006b110000Library C:\Program Files (x86)\Dropbox\Client\win32file.pyd(2017-01-10 18:14:32) 000000006b0e0000Library C:\Program Files (x86)\Dropbox\Client\winffi.kernel32.compiled._winffi_kernel32.pyd(2017-01-10 18:14:33) 000000006b0b0000Library C:\Program Files (x86)\Dropbox\Client\win32clipboard.pyd(2017-01-10 18:14:32) 000000006b0a0000Library C:\Program Files (x86)\Dropbox\Client\win32gui.pyd(2017-01-10 18:14:32) 000000006b070000Library C:\Program Files (x86)\Dropbox\Client\win32pipe.pyd(2017-01-10 18:14:32) 000000006b060000Library C:\Program Files (x86)\Dropbox\Client\win32process.pyd(2017-01-10 18:14:32) 000000006b050000Library C:\Program Files (x86)\Dropbox\Client\win32service.pyd(2017-01-10 18:14:32) 000000006b040000Library C:\Program Files (x86)\Dropbox\Client\win32evtlog.pyd(2017-01-10 18:14:32) 000000006b030000Library C:\Program Files (x86)\Dropbox\Client\win32profile.pyd(2017-01-10 18:14:32) 000000006b020000Library C:\Program Files (x86)\Dropbox\Client\breakpad.client.windows.handler.pyd(2017-01-23 21:45:55) 000000006ad60000Library C:\Program Files (x86)\Dropbox\Client\dropbox.infinite.win.compiled._driverinstallation.pyd(2017-01-23 21:45:56) 000000006ad50000Library C:\Program Files (x86)\Dropbox\Client\_jpegtran.pyd(2017-01-10 18:14:33) 000000006ad00000Library C:\Program Files (x86)\Dropbox\Client\cpuid.compiled._cpuid.pyd(2017-01-23 21:45:55) 000000006acf0000Library C:\Program Files (x86)\Dropbox\Client\win32ts.pyd(2017-01-10 18:14:32) 000000006ac80000Library C:\Program Files (x86)\Dropbox\Client\winscreenshot.compiled._CaptureScreenshot.pyd(2017-01-10 18:14:33) 000000006ac70000Library C:\Program Files (x86)\Dropbox\Client\winffi.iphlpapi.compiled._winffi_iphlpapi.pyd(2017-01-23 21:46:01) 000000006ac30000Library C:\Program Files (x86)\Dropbox\Client\winffi.winerror.compiled._winffi_winerror.pyd(2017-01-23 21:46:01) 000000006ac20000Library C:\Program Files (x86)\Dropbox\Client\winffi.wininet.compiled._winffi_wininet.pyd(2017-01-23 21:46:01) 000000006ac10000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtCore.pyd(2017-01-23 21:45:57) 000000006aa50000Library C:\Program Files (x86)\Dropbox\Client\Qt5Core.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000006a650000Library C:\Program Files (x86)\Dropbox\Client\icuin55.dll (ICU I18N DLL/The ICU Project SIGNED)(2017-01-23 21:45:56) 000000004a900000Library C:\Program Files (x86)\Dropbox\Client\icuuc55.dll (ICU Common DLL/The ICU Project SIGNED)(2017-01-23 21:45:56) 0000000006240000Library C:\Program Files (x86)\Dropbox\Client\icudt55.dll (ICU Data DLL/The ICU Project SIGNED)(2017-01-23 21:45:56) 0000000068d10000Library C:\Program Files (x86)\Dropbox\Client\sip.pyd(2017-01-10 18:14:32) 0000000068c60000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtNetwork.pyd(2017-01-23 21:45:57) 0000000068bd0000Library C:\Program Files (x86)\Dropbox\Client\Qt5Network.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 00000000689f0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWidgets.pyd(2017-01-23 21:45:58) 0000000068630000Library C:\Program Files (x86)\Dropbox\Client\Qt5Widgets.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 00000000681f0000Library C:\Program Files (x86)\Dropbox\Client\Qt5Gui.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 0000000067d60000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtGui.pyd(2017-01-23 21:45:57) 000000006adf0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKit.pyd(2017-01-23 21:45:58) 000000006adc0000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebKit.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 0000000065a30000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebKitWidgets.pyd(2017-01-23 21:45:58) 0000000065760000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebKitWidgets.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 00000000654a0000Library C:\Program Files (x86)\Dropbox\Client\Qt5PrintSupport.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 0000000065380000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtPrintSupport.pyd(2017-01-23 21:45:57) 0000000065340000Library C:\Program Files (x86)\Dropbox\Client\winffi.user32.compiled._winffi_user32.pyd(2017-01-23 21:46:01) 0000000065310000Library C:\Program Files (x86)\Dropbox\Client\winxpgui.pyd(2017-01-10 18:14:33) 00000000652b0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWinExtras.pyd(2017-01-23 21:45:58) 0000000065290000Library C:\Program Files (x86)\Dropbox\Client\Qt5WinExtras.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 0000000064fa0000Library C:\Program Files (x86)\Dropbox\Client\winverifysignature.compiled._VerifySignature.pyd(2017-01-10 18:14:33) 0000000064f90000Library C:\Program Files (x86)\Dropbox\Client\librsyncffi.compiled._librsyncffi.pyd(2017-01-23 21:45:56) 0000000064b90000Library C:\Program Files (x86)\Dropbox\Client\librsync.dll(2017-01-23 21:45:56) 0000000064b80000Library C:\Program Files (x86)\Dropbox\Client\dropbox_sqlite_ext.DLL(2017-01-23 21:45:56) 0000000064b60000Library C:\Program Files (x86)\Dropbox\Client\plugins\platforms\qwindows.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:57) 0000000063b20000Library C:\WINDOWS\SYSTEM32\nvumdshim.dll 0000000061c30000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll(2013-10-27 17:03:58) 000000000f000000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll (NVIDIA d3d9wrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:56) 0000000061880000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll (NVIDIA dxgiwrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 0000000061810000Library C:\Program Files (x86)\Dropbox\Client\libEGL.dll(2017-01-23 21:45:56) 000000006ada0000Library C:\Program Files (x86)\Dropbox\Client\libGLESv2.dll(2017-01-23 21:45:56) 000000005f1c0000Library C:\Program Files (x86)\Dropbox\Client\d3dcompiler_47.dll (Direct3D HLSL Compiler for Redistribution/Microsoft Corporation SIGNED)(2017-01-23 21:45:55) 000000005ee60000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebChannel.pyd(2017-01-23 21:45:57) 000000005d270000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebChannel.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005d250000Library C:\Program Files (x86)\Dropbox\Client\Qt5Qml.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005cfd0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtWebEngineWidgets.pyd(2017-01-23 21:45:58) 000000005cfa0000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineWidgets.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005cf70000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebEngine.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005cf40000Library C:\Program Files (x86)\Dropbox\Client\Qt5WebEngineCore.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005aa40000Library C:\Program Files (x86)\Dropbox\Client\Qt5Quick.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:58) 000000005a7e0000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQml.pyd(2017-01-23 21:45:57) 000000005a780000Library C:\Program Files (x86)\Dropbox\Client\win32print.pyd(2017-01-10 18:14:32) 000000005a770000Library C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qgif.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:57) 000000005a760000Library C:\Program Files (x86)\Dropbox\Client\plugins\imageformats\qjpeg.dll (C++ application development framework./The Qt Company Ltd SIGNED)(2017-01-23 21:45:57) 000000005a720000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Library C:\Program Files (x86)\Dropbox\Client\winffi.winhttp.compiled._winffi_winhttp.pyd(2017-01-10 18:14:33) 000000005a680000Library C:\Program Files (x86)\Dropbox\Client\PyQt5.QtQuick.pyd(2017-01-23 21:45:57) 0000000052180000Process C:\Program Files (x86)\Google\Drive\googledrivesync.exe [4004] (Google Drive/Google SIGNED)(2016-12-01 00:59:34) 0000000000400000Library C:\Users\user\AppData\Local\Temp\_MEI24162\python27.dll (Python Core/Python Software Foundation)(2017-01-26 01:17:40) 000000001e000000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32api.pyd(2017-01-26 01:17:42) 000000001e8c0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\pywintypes27.dll(2017-01-26 01:17:31) 000000001e7a0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\pythoncom27.dll(2017-01-26 01:17:40) 0000000000680000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32com.shell.shell.pyd(2017-01-26 01:17:42) 000000001e800000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_hashlib.pyd(2017-01-26 01:17:32) 0000000010000000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._core_.pyd(2017-01-26 01:17:45) 0000000002eb0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxbase30u_vc90.dll (wxWidgets base library/wxWidgets development team)(2017-01-26 01:17:48) 0000000002fe0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxbase30u_net_vc90.dll (wxWidgets network library/wxWidgets development team)(2017-01-26 01:17:47) 00000000006f0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxmsw30u_core_vc90.dll (wxWidgets core library/wxWidgets development team)(2017-01-26 01:17:48) 00000000031e0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxmsw30u_adv_vc90.dll (wxWidgets advanced library/wxWidgets development team)(2017-01-26 01:17:48) 00000000036b0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._gdi_.pyd(2017-01-26 01:17:45) 0000000001f80000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._windows_.pyd(2017-01-26 01:17:46) 0000000003ff0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxmsw30u_html_vc90.dll (wxWidgets html library/wxWidgets development team)(2017-01-26 01:17:48) 00000000040c0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._controls_.pyd(2017-01-26 01:17:45) 0000000004380000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._misc_.pyd(2017-01-26 01:17:46) 0000000004490000Library C:\Users\user\AppData\Local\Temp\_MEI24162\pysqlite2._sqlite.pyd(2017-01-26 01:17:40) 0000000004550000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_ctypes.pyd(2017-01-26 01:17:32) 000000001d1a0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\unicodedata.pyd(2017-01-26 01:17:42) 0000000004600000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32file.pyd(2017-01-26 01:17:42) 000000001ea10000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32security.pyd(2017-01-26 01:17:44) 000000001ec80000Library C:\Users\user\AppData\Local\Temp\_MEI24162\hashobjs_ext.pyd(2017-01-26 01:17:36) 0000000001e40000Library C:\Users\user\AppData\Local\Temp\_MEI24162\thumbnails_ext.pyd(2017-01-26 01:17:41) 0000000001e50000Library C:\Users\user\AppData\Local\Temp\_MEI24162\usb_ext.pyd(2017-01-26 01:17:42) 0000000002750000Library C:\Users\user\AppData\Local\Temp\_MEI24162\common.time34.pyd(2017-01-26 01:17:36) 0000000001e60000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32event.pyd(2017-01-26 01:17:42) 000000001e9b0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32gui.pyd(2017-01-26 01:17:43) 000000001ea40000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_socket.pyd(2017-01-26 01:17:34) 0000000002770000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_ssl.pyd(2017-01-26 01:17:35) 00000000046b0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_elementtree.pyd(2017-01-26 01:17:32) 000000001d100000Library C:\Users\user\AppData\Local\Temp\_MEI24162\pyexpat.pyd(2017-01-26 01:17:40) 0000000004160000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32inet.pyd(2017-01-26 01:17:43) 000000001eaa0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_psutil_windows.pyd(2017-01-26 01:17:33) 0000000004190000Library C:\Users\user\AppData\Local\Temp\_MEI24162\windows._lib_cacheinvalidation.pyd(2017-01-26 01:17:44) 0000000068c80000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32crypt.pyd(2017-01-26 01:17:42) 000000001e980000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._wizard.pyd(2017-01-26 01:17:46) 00000000041c0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._html2.pyd(2017-01-26 01:17:46) 00000000067b0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wxmsw30u_webview_vc90.dll (wxWidgets webview library/wxWidgets development team)(2017-01-26 01:17:49) 00000000067e0000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_multiprocessing.pyd(2017-01-26 01:17:33) 0000000006800000Library C:\Users\user\AppData\Local\Temp\_MEI24162\_yappi.pyd(2017-01-26 01:17:35) 0000000006810000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32process.pyd(2017-01-26 01:17:43) 000000001ebf0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Library C:\Users\user\AppData\Local\Temp\_MEI24162\wx._animate.pyd(2017-01-26 01:17:45) 0000000006830000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32pipe.pyd(2017-01-26 01:17:43) 000000001eb90000Library C:\Users\user\AppData\Local\Temp\_MEI24162\select.pyd(2017-01-26 01:17:41) 0000000006860000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32pdh.pyd(2017-01-26 01:17:43) 000000001eb60000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32profile.pyd(2017-01-26 01:17:43) 000000001ec20000Library C:\Users\user\AppData\Local\Temp\_MEI24162\win32ts.pyd(2017-01-26 01:17:44) 000000001ed40000Process C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [4680] (IAStorDataSvc/Intel Corporation SIGNED)(2013-08-07 22:24:00) 0000000000420000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Serv759bfb78#\ffd6b03c9c22babe077ac712b5ae07bc \System.ServiceProcess.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:07) 000000006afe0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Configuration\3f1d4f966ac8c60b9feda19d7c4e0716 \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 16:27:27) 0000000067c70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Xml\2c6097450e483e713ed2021691f09a0d\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:18) 000000006c9f0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Management\11a7447288b497bb2b5a68952a381a30\Sy stem.Management.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:36) 0000000067b40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.ServiceModel\25c7df74c5f9106164045637d5b7704a\ System.ServiceModel.ni.dll (System.ServiceModel.dll/Microsoft Corporation)(2016-12-17 16:33:06) 0000000066890000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servd1dec626#\3c0fb11cdbe7a1d094ac6a8a5cf17d16 \System.ServiceModel.Internals.ni.dll (System.ServiceModel.Internals.dll/Microsoft Corporation)(2016-12-25 14:29:58) 00000000653d0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\SMDiagnostics\05f73057f2db606b707a4436b45c896d\SMDiag nostics.ni.dll (SMDiagnostics.dll/Microsoft Corporation)(2016-12-25 14:29:57) 0000000065320000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Runteb92aa12#\d0fe1dacc16e11a786d16583caba0064 \System.Runtime.Serialization.ni.dll (System.Runtime.Serialization.dll/Microsoft Corporation)(2016-12-17 16:27:39) 0000000064fe0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Servf73e6522#\0bc1a8f4cdb3213c981f4de8834f8367 \System.ServiceModel.Web.ni.dll (System.ServiceModel.Web.dll/Microsoft Corporation)(2016-12-30 13:43:20) 0000000064e80000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.IdentityModel\477f8ddee72b23a41956085d50c680c1 \System.IdentityModel.ni.dll (System.IdentityModel.dll/Microsoft Corporation)(2016-12-30 13:43:39) 0000000064ba0000Library C:\Program Files\Intel\Intel(R) Rapid Storage Technology\PsiData.dll (Intel Private Storage Interface Interop/Intel Corporation)(2013-08-07 22:24:00) 00000000649c0000Library C:\Program Files\Intel\Intel(R) Rapid Storage Technology\ISDI2.dll (Intel Storage Driver Interface Dynamic Library/Intel Corporation)(2013-08-07 22:24:00) 0000000063c20000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Data\336e731e017000367f7bf960c99229b0\System.D ata.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:32) 0000000063410000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Confe64a9051#\e53807bd702571eaf0fd13c0255dbd05 \System.Configuration.Install.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:27) 0000000061850000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\WindowsBase\a7ba2431fab5869c9a3af6c178805c15\WindowsB ase.ni.dll (WindowsBase.dll/Microsoft Corporation)(2016-12-17 16:27:08) 0000000061440000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Drawing\3081c095cd326a3366ec5d4c4ad0034b\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:27:34) 000000006df40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\PresentationCore\3977bb460fbe8696c8a07553bbd74c48\Pre sentationCore.ni.dll (PresentationCore.dll/Microsoft Corporation)(2016-12-17 16:27:14) 00000000609b0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Windows.Forms\ee313ec152b39f7bce30944cb7f9338f \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 16:33:14) 000000006d2f0000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_32\System.Numerics\f84be5bc7d4d79567759f69a926f8452\Syst em.Numerics.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-25 14:24:23) 000000005ee30000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe [3036] (NVIDIA Settings Update Manager/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) 0000000000ee0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5148] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5204] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5236] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5324] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5396] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5540] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\AsusWSPanel.exe [5644] (ASUS Webstorage Panel/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:50) 0000000000210000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Drawing\e33c77f535725e729987b0cfe94e9668\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:09) 00007ffbbdc30000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3aaa51fb913a2de4fec6a1a5935d96e6 \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:16) 00007ffbbcc70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.V9921e851#\1b6337801a7cd11357d3c3d4d1e8804c \Microsoft.VisualBasic.ni.dll (Visual Basic Runtime Library/Microsoft Corporation)(2016-12-17 16:33:45) 00007ffbabb40000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Configuration\cc6c6f8f123d664502b6824e465278fc \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 17:27:49) 00007ffbbe870000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml\89953ee3f20b52d4a56e0562c0d26c14\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:27) 00007ffbbdeb0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\eCaremeDLL.dll (ASUS WebStorage Windows Lib DLL/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:54) 000000001b0e0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\log4net.dll (Apache log4net for .NET Framework 2.0/The Apache Software Foundation)(2013-11-17 21:51:36) 000000001af80000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Management\6cd96fbad7d4d5ec89692774279f4cef\Sy stem.Management.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:10) 00007ffba7300000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.SimpleAES64Lib.dll ( / )(2011-09-05 07:20:04) 0000000000ca0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.SIMPLEAESLib.dll ( / )(2011-09-05 07:20:04) 000000001af60000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\SimpleAES64.dll (SimpleAES64/eCareme Technologies, Inc. SIGNED)(2010-09-28 01:44:46) 0000000180000000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [7308] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\AsusWSService.exe [7696] (ASUS WebStorage Service/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:46) 0000000000970000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Drawing\e33c77f535725e729987b0cfe94e9668\Syste m.Drawing.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:09) 00007ffbbdc30000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Windows.Forms\3aaa51fb913a2de4fec6a1a5935d96e6 \System.Windows.Forms.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:16) 00007ffbbcc70000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Data\e098aca3187d15cc2d5d6142ae0d6d64\System.D ata.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:04) 00007ffbba140000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Xml\89953ee3f20b52d4a56e0562c0d26c14\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:29:27) 00007ffbbdeb0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\log4net.dll (Apache log4net for .NET Framework 2.0/The Apache Software Foundation)(2013-11-17 21:51:36) 0000000002920000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\eCaremeDLL.dll (ASUS WebStorage Windows Lib DLL/ASUS Cloud Corporation SIGNED)(2016-10-19 09:02:54) 000000001b5a0000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.SimpleAES64Lib.dll ( / )(2011-09-05 07:20:04) 0000000001030000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.SIMPLEAESLib.dll ( / )(2011-09-05 07:20:04) 00000000010a0000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\SimpleAES64.dll (SimpleAES64/eCareme Technologies, Inc. SIGNED)(2010-09-28 01:44:46) 0000000180000000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Management\6cd96fbad7d4d5ec89692774279f4cef\Sy stem.Management.ni.dll (.NET Framework/Microsoft Corporation)(2016-12-17 17:28:10) 00007ffba7300000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\System.Configuration\cc6c6f8f123d664502b6824e465278fc \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-12-17 17:27:49) 00007ffbbe870000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.V9921e851#\1b6337801a7cd11357d3c3d4d1e8804c \Microsoft.VisualBasic.ni.dll (Visual Basic Runtime Library/Microsoft Corporation)(2016-12-17 16:33:45) 00007ffbabb40000Library C:\Program Files (x86)\ASUS\WebStorage\2.2.12.577\Interop.IWshRuntimeLibrary.dll ( / )(2010-06-15 03:19:52) 000000001b460000Process C:\WINDOWS\ImmersiveControlPanel\SystemSettings.exe [5780] (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\SYSTEM32\nvumdshimx.dll (NVIDIA D3D Shim Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:06) 00007ffbcc4d0000Library C:\WINDOWS\system32\nvinitx.dll (NVIDIA shim initialization dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:04:02) 00007ffbcc780000Library C:\Program Files\NVIDIA Corporation\CoProcManager\detoured.dll(2013-10-27 17:03:58) 000000000f000000Library C:\Program Files\NVIDIA Corporation\CoProcManager\nvd3d9wrapx.dll (NVIDIA d3d9wrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 00007ffbc9ae0000Library C:\Program Files\NVIDIA Corporation\CoProcManager\nvdxgiwrapx.dll (NVIDIA dxgiwrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 00007ffbc9a90000Library C:\WINDOWS\system32\igd10iumd64.dll (User Mode Driver for Intel(R) Graphics Technology/Intel Corporation)(2014-10-04 01:36:24) 00007ffbcb780000Library C:\WINDOWS\SYSTEM32\igdusc64.dll (Unified Shader Compiler for Intel(R) Graphics Accelerator/Intel Corporation)(2014-10-04 01:36:50) 00007ffbca210000Process C:\Program Files (x86)\Microsoft Office\Root\VFS\ProgramFilesCommonX86\Microsoft Shared\OFFICE16\CSISYNCCLIENT.EXE [6740](2013-10-27 17:03:58) 0000000002300000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\detoured.dll(2013-10-27 17:03:58) 0000000002300000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvd3d9wrap.dll (NVIDIA d3d9wrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:56) 0000000061880000Library C:\Program Files (x86)\NVIDIA Corporation\CoProcManager\nvdxgiwrap.dll (NVIDIA dxgiwrap dll, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58) 0000000061810000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [5964] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\WINDOWS\explorer.exe [8736] (Dropbox Shell Extension/Dropbox, Inc. SIGNED)(2017-01-23 21:45:56) 00007ffbcd730000Library C:\Program Files (x86)\Dropbox\Client\DropboxExt64.11.0.dll (Dropbox Shell Extension/Dropbox, Inc. SIGNED)(2017-01-23 21:45:56) 00007ffbcd730000Library C:\Program Files (x86)\Google\Drive\googledrivesync64.dll (Google Drive shell extension/Google SIGNED)(2016-12-01 00:59:34) 00007ffb9e140000Library C:\Program Files (x86)\Common Files\AWS\2.2.12.577\ASUSWSShellExt64.dll (AsusWSShellExt64/ASUS Cloud Corporation.)(2015-04-22 13:59:34) 00007ffb9d370000Library C:\WINDOWS\system32\cbfsMntNtf5.dll (Mount Notifier/EldoS Corporation SIGNED)(2017-01-02 19:21:14) 0000000180000000Process C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\AAM Updates Notifier.exe [5012] (AAM Updates Notifier Application/Adobe Systems Incorporated SIGNED)(2014-04-24 21:10:48) 0000000000200000Library C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterCore.dll (Adobe Updater Core Library/Adobe Systems Incorporated SIGNED)(2014-04-24 21:10:50) 00000000712b0000Library C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\LogSession.dll (LogSession/Adobe Systems Incorporated SIGNED)(2014-04-24 21:10:49) 0000000010000000Process C:\Program Files (x86)\HP SimplePass\TouchControl.exe [5944] (TouchControl/AuthenTec Inc. SIGNED)(2013-06-07 13:16:42) 00000000010a0000Library C:\Program Files (x86)\HP SimplePass\biolayer.dll (BioLayer Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:14) 00000000714e0000Library C:\Program Files (x86)\HP SimplePass\TrueSuiteDlg.dll (TSLog Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:54) 0000000051220000Library C:\Program Files (x86)\HP SimplePass\EnumWindowsUsers.dll (EnumWindowsUsers.dll/HP SIGNED)(2013-06-07 13:16:24) 0000000010000000Library C:\Program Files (x86)\HP SimplePass\AutoSoftwareUpdate.dll (HP update module/HP SIGNED)(2013-06-07 13:16:14) 00000000524f0000Library C:\Program Files (x86)\HP SimplePass\TSLog.dll (TSLog Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:38) 0000000074ab0000Library C:\Program Files (x86)\HP SimplePass\DataManager.dll (DataManager Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:20) 0000000070e00000Library C:\Program Files (x86)\Common Files\AuthenTec\TrueAPI.dll (TrueAPI Dynamic Link Library/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) 0000000070850000Library C:\Program Files (x86)\HP SimplePass\TokenMachine.dll (Token Machine Dynamic Link Library/HP SIGNED)(2013-06-07 13:16:40) 00000000717d0000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\mscorlib\5bd3374f05d46ba0563f44d032209f08\mscorlib.ni .dll (Microsoft Common Language Runtime Class Library/Microsoft Corporation)(2015-01-19 04:41:04) 0000000050170000Library C:\Program Files (x86)\HP SimplePass\DownloadManager.dll(2013-06-07 13:16:22) 0000000002a70000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System\c8c33f01cccbd17232e84bdd620da61d\System.ni.dll (.NET Framework/Microsoft Corporation)(2016-05-17 05:38:54) 0000000077850000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Configuration\dec6b18b4628b3976c17a50272e06e21 \System.Configuration.ni.dll (System.Configuration.dll/Microsoft Corporation)(2016-05-17 06:45:26) 0000000050070000Library C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\System.Xml\7cc1b35a02cafe07523e0eabd670fac3\System.Xm l.ni.dll (.NET Framework/Microsoft Corporation)(2016-05-17 05:39:23) 00000000629d0000Library C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:02) 0000000072990000Process C:\WINDOWS\system32\svchost.exe [9156] (Validity WBF Engine Adapter/Validity Sensors, Inc. SIGNED)(2013-03-19 22:50:08) 0000000180000000Library C:\WINDOWS\SYSTEM32\WINBIOPLUGINS\VCSWBFENGINEADAPTER.DLL (Validity WBF Engine Adapter/Validity Sensors, Inc. SIGNED)(2013-03-19 22:50:08) 0000000180000000Process C:\Program Files\Common Files\AuthenTec\TrueService.exe [5800] (TrueAPI Server/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) 00007ff6428a0000Process C:\Program Files\Common Files\AuthenTec\TrueService.exe [5812] (TrueAPI Server/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) 00007ff6428a0000Process C:\Program Files\Windows Defender\MpCmdRun.exe [11256] (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Library C:\Program Files\Bonjour\mdnsNSP.dll (Bonjour Namespace Provider/Apple Inc. SIGNED)(2011-08-31 06:05:32) 0000000065760000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [10548] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [11760] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [7368] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [11436] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [19920] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [22128] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [26600] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [26200] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23628] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [26140] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [27380] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\WINDOWS\system32\AUDIODG.EXE [4348] (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:48) 00000000650a0000Library C:\WINDOWS\system32\stapo64.dll (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:48) 00000000650a0000Library C:\WINDOWS\system32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sluapo64.dll (Audio Processing Object for Windows Vista/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 00000000654b0000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcc3d64.dll(2014-01-11 16:55:45) 0000000180000000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcshp64.dll (DLL_CSHP Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:45) 000000d464160000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slcsii64.dll (DLL_CSII Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:45) 000000d4641d0000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slgeq64.dll (DLL_GEQ Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464260000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slh36064.dll (DLL_HP360 Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d4642d0000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slhlim64.dll (DLL_VolumeIQ Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464300000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slmaxv64.dll (DLL_MAXV Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464550000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\sltshd64.dll (DLL_TSHD Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464510000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slvipp64.dll (DLL_VIPPlus Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d464720000Library C:\WINDOWS\System32\SRSLabs\{176F4E15-8F7C-4833-ADED-81FAE8CCD186}\slviq64.dll (DLL_VolumeIQ Dynamic Link Library/SRS Labs, Inc. SIGNED)(2014-01-11 16:55:46) 000000d4647b0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28236] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28132] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [23156] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [28604] (Google Chrome/Google Inc. SIGNED)(2014-01-11 22:06:52) 00000000001a0000Process E:\gmer\gmer.exe [27752](2017-01-25 00:56:21) 0000000000400000---- Services - GMER 2.2 ----Service C:\WINDOWS\system32\DRIVERS\Accelerometer.sys (HP Accelerometer/Hewlett-Packard SIGNED)(2013-03-01 23:40:02) [MANUAL] AccelerometerService C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe (Adobe Acrobat Update Service/CA - G2 SIGNED)(2016-12-20 06:38:14) [AUTO] AdobeARMserviceService C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe (Adobe® Flash® Player Update Service 24.0 r0/CA - G2 SIGNED)(2014-01-11 19:37:01) [MANUAL] AdobeFlashPlayerUpdateSvcService AvgService C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe (AVG Identity Protection Service/AVG Technologies CZ, s.r.o. SIGNED)(2014-12-16 20:15:26) [AUTO] AVGIDSAgentService C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe (AVG Watchdog Service/AVG Technologies CZ, s.r.o. SIGNED)(2014-12-16 20:09:34) [AUTO] avgwdService C:\Program Files\Bonjour\mDNSResponder.exe (Bonjour Service/Apple Inc. SIGNED)(2011-08-31 06:05:32) [AUTO] Bonjour ServiceService C:\WINDOWS\system32\drivers\cbfs5.sys (Callback File System Driver/EldoS Corporation SIGNED)(2017-01-02 19:21:13) [SYSTEM] cbfs5Service C:\Program Files (x86)\Google\Chrome Remote Desktop\55.0.2883.17\remoting_host.exe (Host Process/Google Inc. SIGNED)(2016-10-17 02:31:44) [AUTO] chromotingService CngHwAssistService C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe (IntelCpHeciSvc Executable/Intel Corporation SIGNED)(2014-10-04 01:36:56) [MANUAL] cphsService C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox Update/Dropbox, Inc. SIGNED)(2016-12-11 17:53:59) [AUTO] dbupdateService C:\Program Files (x86)\Dropbox\Update\DropboxUpdate.exe (Dropbox Update/Dropbox, Inc. SIGNED)(2016-12-11 17:53:59) [MANUAL] dbupdatemService C:\WINDOWS\system32\DbxSvc.exe (Dropbox Service/Dropbox, Inc. SIGNED)(2017-01-04 05:25:16) [AUTO] DbxSvcService C:\WINDOWS\system32\DRIVERS\ssudbus.sys (SAMSUNG USB Composite Device Driver/Samsung Electronics Co., Ltd. SIGNED)(2016-09-05 12:47:06) [MANUAL] dg_ssudbusService C:\Program Files (x86)\HP SimplePass\TrueSuiteService.exe (HP Service/HP SIGNED)(2013-06-07 13:16:54) [AUTO] FPLServiceService C:\WINDOWS\system32\DRIVERS\GEARAspiWDM.sys (CD DVD Filter/GEAR Software Inc. SIGNED)(2014-05-07 09:38:02) [MANUAL] GEARAspiWDMService C:\Program Files (x86)\Google\Update\GoogleUpdate.exe (Google Installer/Google Inc. SIGNED)(2014-01-11 22:04:49) [AUTO] gupdateService C:\WINDOWS\system32\DRIVERS\hpdskflt.sys (HP Disk Filter - SATA/RAID/Hewlett-Packard SIGNED)(2013-03-01 23:40:02) [BOOT] hpdskfltService C:\WINDOWS\system32\Hpservice.exe (HpService/Hewlett-Packard Company SIGNED)(2013-03-01 23:40:02) [AUTO] hpsrvService ialmService C:\WINDOWS\System32\drivers\iaStorA.sys (Intel Rapid Storage Technology driver - x64/Intel Corporation SIGNED)(2013-08-07 22:23:46) [BOOT] iaStorAService C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe (IAStorDataSvc/Intel Corporation SIGNED)(2013-08-07 22:24:00) [AUTO] IAStorDataMgrSvcService C:\WINDOWS\system32\DRIVERS\igdkmd64.sys (Intel Graphics Kernel Mode Driver/Intel Corporation SIGNED)(2014-10-04 01:36:38) [MANUAL] igfxService C:\WINDOWS\system32\igfxCUIService.exe (igfxCUIService Module/Intel Corporation SIGNED)(2014-10-04 01:36:52) [AUTO] igfxCUIService1.0.0.0Service C:\WINDOWS\system32\DRIVERS\ikbevent.sys(2012-08-17 04:31:26) [MANUAL] ikbeventService C:\WINDOWS\system32\DRIVERS\imsevent.sys(2012-08-17 04:31:28) [MANUAL] imseventService C:\WINDOWS\system32\drivers\intelaud.sys (Intel® WiDi Solution/Intel Corporation SIGNED)(2014-09-19 02:07:03) [MANUAL] intaud_WaveExtensibleService C:\Program Files\iPod\bin\iPodService.exe (iPodService Module (64-bit)/Apple Inc. SIGNED)(2014-02-21 10:54:44) [MANUAL] iPod ServiceService C:\WINDOWS\System32\drivers\ISCTD64.sys(2012-08-17 04:31:28) [MANUAL] ISCTService C:\Program Files\Intel\Intel(R) Smart Connect Technology Agent\iSCTAgent.exe(2012-08-17 04:36:54) [AUTO] ISCTAgentService C:\WINDOWS\System32\drivers\iwdbus.sys (Intel® WiDi Solution/Intel Corporation SIGNED)(2014-09-19 02:07:03) [MANUAL] iwdbusService C:\WINDOWS\System32\Drivers\kf1avs.sys (Traktor Kontrol F1/Native Instruments GmbH SIGNED)(2011-09-15 13:48:56) [MANUAL] kf1avsService C:\WINDOWS\System32\Drivers\kf1usb.sys (Traktor Kontrol F1/Native Instruments GmbH SIGNED)(2011-09-15 13:48:56) [MANUAL] kf1usb_svcService C:\WINDOWS\System32\Drivers\kz2avs.sys (Traktor Kontrol Z2/Native Instruments GmbH SIGNED)(2012-12-18 08:50:16) [MANUAL] kz2avsService C:\WINDOWS\System32\Drivers\kz2usb.sys (Traktor Kontrol Z2/Native Instruments GmbH SIGNED)(2012-12-18 08:50:16) [MANUAL] kz2usb_svcService C:\Program Files\McAfee Security Scan\3.11.474\McCHSvc.exe (Component Host Service/McAfee, Inc. SIGNED)(2016-12-14 13:52:08) [MANUAL] McComponentHostServiceService C:\Program Files\Common Files\Native Instruments\Hardware\NIHardwareService.exe (NIHardwareService/Native Instruments GmbH SIGNED)(2013-11-27 10:34:02) [AUTO] NIHardwareServiceService C:\WINDOWS\system32\DRIVERS\nvlddmkm.sys (NVIDIA Windows Kernel Mode Driver, Version 331.65 /NVIDIA Corporation SIGNED)(2013-10-27 17:04:02) [MANUAL] nvlddmkmService C:\WINDOWS\system32\DRIVERS\nvpciflt.sys (NVIDIA Windows Kernel Mode Driver, Version 331.65 /NVIDIA Corporation SIGNED)(2013-10-27 17:04:04) [BOOT] nvpcifltService C:\WINDOWS\system32\nvvsvc.exe (NVIDIA Driver Helper Service, Version 331.65/NVIDIA Corporation SIGNED)(2014-11-05 05:42:44) [AUTO] nvsvcService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe (NVIDIA Settings Update Manager/NVIDIA Corporation SIGNED)(2014-01-11 17:06:37) [AUTO] nvUpdatusServiceService PACKETDRIVERService RDMANDKService RDPUDDService C:\Program Files\Reimage\Reimage Protector\ReiGuard.exe (Reimage Real Time Protection/Reimage® SIGNED)(2016-11-06 15:59:12) [AUTO] ReimageRealTimeProtectorService C:\Program Files (x86)\Unified Remote 3\RemoteServerWin.exe (Unified Remote/Unified Intents AB SIGNED)(2016-12-03 05:05:26) [AUTO] RemoteServerWinService C:\WINDOWS\system32\DRIVERS\RtsPer.sys (RTS PCIE READER Driver/RTS Corporation SIGNED)(2014-01-11 17:59:07) [MANUAL] RTSPERService C:\Program Files\Monotype\SkyFonts\Monotype.SkyFonts.Service.exe (Monotype SkyFontsService/Monotype Imaging Inc. SIGNED)(2016-09-22 20:38:56) [AUTO] SkyFontsServiceService C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys (Synaptics SMBus Driver/Synaptics Incorporated SIGNED)(2013-04-24 09:16:20) [MANUAL] SmbDrvIService C:\WINDOWS\system32\DRIVERS\ssudmdm.sys (SAMSUNG Android Modem Device Driver/Samsung Electronics Co., Ltd. SIGNED)(2016-09-05 12:47:12) [MANUAL] ssudmdmService C:\WINDOWS\system32\DRIVERS\stwrt64.sys (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:49) [MANUAL] STHDAService C:\WINDOWS\system32\DRIVERS\SynTP.sys (Synaptics Touchpad Driver/Synaptics Incorporated SIGNED)(2013-04-24 09:16:22) [MANUAL] SynTPService C:\WINDOWS\System32\Drivers\ta6avs.sys (Traktor Audio 6/Native Instruments GmbH SIGNED)(2012-12-18 08:51:54) [MANUAL] ta6avsService C:\WINDOWS\System32\Drivers\ta6usb.sys (Traktor Audio 6/Native Instruments GmbH SIGNED)(2012-12-18 08:51:54) [MANUAL] ta6usb_svcService C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer 11/TeamViewer GmbH SIGNED)(2016-08-12 18:41:05) [AUTO] TeamViewerService C:\Program Files\Common Files\AuthenTec\TrueService.exe (TrueAPI Server/AuthenTec, Inc. SIGNED)(2013-01-08 07:31:42) [MANUAL] TrueServiceService C:\Program Files (x86)\SHAREit Technologies\SHAREit\SHAREit.Service.exe (SHAREit Service/SHAREit Technologies Co.Ltd SIGNED)(2016-12-12 14:55:06) [MANUAL] uSHAREitSvcService uvhidService C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\18.1.7\ToolbarUpdater.exe (ToolbarU Application /AVG Secure Search SIGNED)(2014-06-03 04:55:14) [AUTO] vToolbarUpdater18.1.7Service workerddService C:\WINDOWS\system32\drivers\WPRO_41_2001.sys(2014-01-11 18:59:15) [MANUAL] WPRO_41_2001---- Registry - GMER 2.2 ----Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000@CoInstallers32 C:\WINDOWS\SYSTEM32\igfxCoIn_v3960.dll (Intel(R) Graphics Media Accelerator Driver Coinstaller/Intel Corporation)(2014-10-04 01:36:56)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000@UserModeDriverName C:\WINDOWS\system32\igdumdim64.dll (User Mode Driver for Intel(R) Graphics Technology/Intel Corporation)(2014-10-04 01:36:50)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000@OpenGLDriverName C:\WINDOWS\system32\ig75icd64.dll (OpenGL(R) Driver for Intel(R) Graphics Accelerator/Intel Corporation)(2014-10-04 01:36:20)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0000@MiracastDriverName C:\WINDOWS\system32\IntelWiDiMCUMD64.dll (IntelWiDiMCUMD.dll/Intel Corporation SIGNED)(2014-10-04 01:36:58)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0001@CoInstallers32 C:\WINDOWS\SYSTEM32\nvdispgenco6433165.dll (Generic Coinstaller/NVIDIA Corporation SIGNED)(2013-10-27 17:03:58)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e968-e325-11ce-bfc1-08002be10318}\0001@UserModeDriverName C:\WINDOWS\system32\nvd3dumx.dll (NVIDIA WDDM D3D Driver, Version 331.65 /NVIDIA Corporation)(2013-10-27 17:03:58)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}\0000@CoInstallers32 C:\WINDOWS\SYSTEM32\IntcDAuC.dll (Intel(R) Display Audio Coinstaller/Intel(R) Corporation)(2013-03-20 05:37:48)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96c-e325-11ce-bfc1-08002be10318}\0007@CoInstallers32 C:\WINDOWS\SYSTEM32\st646454.dll (IDT PC Audio/IDT, Inc.)(2014-01-11 16:55:47)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e96f-e325-11ce-bfc1-08002be10318}\0000@CoInstallers32 C:\WINDOWS\SYSTEM32\SynTPCo18.dll (Synaptics Pointing Device Driver Co-Installer/Synaptics Incorporated SIGNED)(2013-04-24 09:16:10)Reg HKLM\SYSTEM\CurrentControlSet\Control\Class\{4d36e97d-e325-11ce-bfc1-08002be10318}\0043@CoInstallers32 C:\WINDOWS\SYSTEM32\HPMDPCoInst.dll (HP Mobile Data Protection CoInstaller/Hewlett-Packard SIGNED)(2013-03-01 23:40:02)