Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Can't Access Any Files or Run Any Programs [Solved]


  • This topic is locked This topic is locked

#1
PresMatt

PresMatt

    Member

  • Member
  • PipPip
  • 66 posts
Hi,

First, thanks for taking the time to help me!

My girlfriend, a photographer, went to use her editing computer (Windows 7) tonight and when she sat down and fired up lightroom she said things were really slow. She rebooted a few times and then asked me to take a look at it because she was having issues with opening programs at all. I sat down and started messing with it trying to get anything at all to open. Here's a description of the boot process... Everything loads fine and appears to be ok at first glance. The only odd thing is the wireless internet icon spins and then stops/freezes and doesn't connect properly. It registers all the networks but doesn't actually connect, it acts like it's frozen. If you try to open any files/programs on the desktop it highlights them and the cursor starts spinning but nothing actually opens. I then try the start menu. When clicking it, possibly depending on the time since bootup, one of two things happens. One, the start button freezes after clicking on it and nothing happens. Two, you are able to see all the programs but once you click one it freezes the entire start menu and nothing happens. If you try ctrl+alt+delete, it will allow you to access the menu but trying to Start Task Manager doesn't really do anything. It seems to either freeze or just ignore the click and take you back to the desktop. We are typically pretty careful with what this machine accesses since it's her "working" computer, but every defense has it's weakness...

I tried running AVG in Safe Mode and it said it found 2 medium threats and removed them but did not give me their names.

I then tried Spy-bot search and destroy in safe mode which found issues but all of them were cookies and low level, non threatening items.

Finally I tried doing a system restore to Feb 14th, which is the last known date that everything worked fine. This did not fix the issue and everything remains the same as described.

In safe more, I experience no issues what -so-ever. The networking works fine and I'm currently posting this in safe mode.

The only hardware changes made during this time period would be that we used an old mouse briefly while we were getting a new one. It worked fine, we bought a new one today, and the problem persists so it is likely unrelated... but, better to have too much info, right?

Here's the OTL Log.

OTL logfile created on: 2/17/2014 11:20:16 PM - Run 1
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Crystal\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

31.89 Gb Total Physical Memory | 29.92 Gb Available Physical Memory | 93.82% Memory free
63.77 Gb Paging File | 61.85 Gb Available in Paging File | 96.98% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 5.91 Gb Free Space | 4.96% Space Free | Partition Type: NTFS
Drive D: | 643.23 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS
Drive E: | 2794.39 Gb Total Space | 700.74 Gb Free Space | 25.08% Space Free | Partition Type: NTFS

Computer Name: CCP-EDITING | User Name: Crystal | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/17 23:07:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Crystal\Desktop\OTL.exe
PRC - [2014/02/04 20:39:10 | 001,863,048 | ---- | M] (Adobe Systems, Inc.) -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_12_0_0_44.exe
PRC - [2013/12/25 00:08:29 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe


========== Modules (No Company Name) ==========

MOD - [2014/02/04 20:39:09 | 016,287,624 | ---- | M] () -- C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll
MOD - [2013/12/25 00:08:29 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
MOD - [2011/03/17 00:11:16 | 004,297,568 | ---- | M] () -- C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
MOD - [2010/10/20 15:45:26 | 008,801,120 | ---- | M] () -- C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/02/06 04:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/19 19:23:22 | 006,254,152 | ---- | M] (COMODO) [Auto | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013/09/24 10:53:32 | 000,164,056 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013/06/10 15:28:06 | 000,084,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/02/04 20:39:11 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/28 08:35:50 | 002,135,232 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2014/01/20 13:16:20 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2014/01/20 12:15:26 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2014/01/05 22:11:48 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2013/12/25 00:08:29 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/17 21:22:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/09/12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/11/19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/09/11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/09/11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/08/21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/07/05 08:23:18 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/04/09 15:21:10 | 000,036,864 | ---- | M] (Realtek) [Auto | Stopped] -- C:\Program Files (x86)\Wireless Card\RtlService.exe -- (AsusSE)
SRV - [2012/02/06 11:17:22 | 000,214,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/07/15 00:03:00 | 000,021,488 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2011/07/13 06:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2011/07/13 06:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2011/02/09 16:36:58 | 000,457,200 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/13 00:12:14 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/24 10:54:12 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013/09/17 21:22:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/01 15:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/17 23:18:42 | 000,060,416 | ---- | M] (GenesysLogic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GeneStor.sys -- (GeneStor)
DRV:64bit: - [2013/02/17 23:01:10 | 000,845,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2013/02/17 20:06:37 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53)
DRV:64bit: - [2013/01/18 23:52:08 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/19 12:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/11/19 12:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012/08/27 19:51:00 | 000,230,280 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rusb3xhc.sys -- (rusb3xhc)
DRV:64bit: - [2012/08/27 19:50:58 | 000,114,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rusb3hub.sys -- (rusb3hub)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 08:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 03:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 03:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 03:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/09/21 17:56:24 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/05/24 02:00:00 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/05/10 16:28:48 | 000,017,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2011/05/09 20:42:14 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 16:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 16:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/02/09 00:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2011/02/09 00:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2011/02/09 00:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2010/11/20 21:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/05/23 18:47:08 | 000,164,848 | ---- | M] (Sonic Solutions) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\syscowad64v.sys -- (SysCow)
DRV:64bit: - [2009/11/18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2012/09/03 01:20:00 | 000,037,976 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 C1 EE 86 82 0D CE 01 [binary data]
IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....fr&d=2013-12-13 00:12:18&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg....fr&d=2013-12-13 00:12:18&v=17.1.2.1&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.126
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/06/20 23:17:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49 [2014/02/17 22:49:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 04:22:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 04:22:56 | 000,000,000 | ---D | M]

[2013/02/17 20:13:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crystal\AppData\Roaming\Mozilla\Extensions
[2013/09/27 19:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crystal\AppData\Roaming\Mozilla\Firefox\Profiles\ud73nv1s.default\extensions
[2013/12/25 00:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/25 00:08:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/20 23:17:56 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 <video>) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5
[2013/05/03 14:15:43 | 000,003,723 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O4 - HKLM..\Run: [] File not found
O4 - HKU\S-1-5-19..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-20..\Run: [Sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-3908123399-674081707-2029318344-1000..\Run: [AdobeBridge] File not found
O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKU\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0049F15D-8C1E-4A5A-8BA0-4B6181A37EBD}: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80FB2891-4AE4-404C-882F-D1A226AC8B46}: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2001/05/31 22:02:58 | 000,000,047 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
O33 - MountPoints2\{516764c9-79dd-11e2-8fc1-806e6f6e6963}\Shell - "" = AutoRun
O33 - MountPoints2\{516764c9-79dd-11e2-8fc1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Monsetup.exe -- [2004/10/21 15:10:23 | 004,464,026 | R--- | M] (Macromedia, Inc.)
O33 - MountPoints2\{851e2966-da2a-11e2-8be5-bc5ff483b15b}\Shell - "" = AutoRun
O33 - MountPoints2\{851e2966-da2a-11e2-8be5-bc5ff483b15b}\Shell\AutoRun\command - "" = L:\Setup.exe
O33 - MountPoints2\{cfc1dc35-2d6d-11e3-a3e7-bc5ff483b15b}\Shell - "" = AutoRun
O33 - MountPoints2\{cfc1dc35-2d6d-11e3-a3e7-bc5ff483b15b}\Shell\AutoRun\command - "" = L:\setup.exe -a
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/17 23:07:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Crystal\Desktop\OTL.exe
[2014/02/17 23:01:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/02/17 22:17:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/02/13 03:10:55 | 000,548,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\vbscript.dll
[2014/02/13 03:10:35 | 000,574,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/13 03:10:35 | 000,440,832 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/13 03:10:35 | 000,218,624 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/13 03:10:35 | 000,195,584 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/13 03:10:35 | 000,164,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/13 03:10:35 | 000,033,792 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/13 03:10:35 | 000,004,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/13 03:10:34 | 000,817,664 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/13 03:10:34 | 000,708,608 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/13 03:10:34 | 000,703,488 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/13 03:10:34 | 000,627,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/13 03:10:34 | 000,553,472 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/13 03:10:34 | 000,139,264 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/13 03:10:34 | 000,112,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/13 03:10:34 | 000,111,616 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/13 03:10:34 | 000,066,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/13 03:10:34 | 000,061,952 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/13 03:10:34 | 000,051,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/13 03:10:34 | 000,048,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/13 03:10:34 | 000,032,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/13 03:10:33 | 002,041,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/13 03:10:33 | 001,964,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/13 03:10:31 | 005,768,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/12 22:27:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2014/02/12 22:27:18 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2014/02/12 22:27:01 | 000,658,432 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_isv.exe
[2014/02/12 22:27:01 | 000,626,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate.exe
[2014/02/12 22:27:01 | 000,594,944 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_isv.exe
[2014/02/12 22:27:01 | 000,572,416 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate.exe
[2014/02/12 22:27:01 | 000,553,984 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp.exe
[2014/02/12 22:27:01 | 000,552,960 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\RMActivate_ssp_isv.exe
[2014/02/12 22:27:01 | 000,528,384 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msdrm.dll
[2014/02/12 22:27:01 | 000,510,976 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp.exe
[2014/02/12 22:27:01 | 000,508,928 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\RMActivate_ssp_isv.exe
[2014/02/12 22:27:01 | 000,488,448 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc.dll
[2014/02/12 22:27:01 | 000,485,888 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_isv.dll
[2014/02/12 22:27:01 | 000,428,032 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc.dll
[2014/02/12 22:27:01 | 000,423,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_isv.dll
[2014/02/12 22:27:01 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp_isv.dll
[2014/02/12 22:27:01 | 000,123,392 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\secproc_ssp.dll
[2014/02/12 22:27:01 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp_isv.dll
[2014/02/12 22:27:01 | 000,087,040 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\secproc_ssp.dll
[2014/02/12 22:26:33 | 003,928,064 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d2d1.dll
[2014/02/12 22:26:33 | 002,565,120 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\d3d10warp.dll
[2014/02/08 00:22:09 | 000,000,000 | ---D | C] -- C:\Users\Crystal\Desktop\Jenn blog
[2014/02/04 23:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2014/01/30 19:47:31 | 000,000,000 | ---D | C] -- C:\Users\Crystal\Desktop\amy+logan blog
[2014/01/29 22:17:56 | 000,000,000 | ---D | C] -- C:\Users\Crystal\Desktop\blog
[2014/01/21 00:21:05 | 000,000,000 | ---D | C] -- C:\Users\Crystal\.NationsPhoto
[2014/01/21 00:21:01 | 000,000,000 | ---D | C] -- C:\Users\Crystal\.roescache
[2014/01/21 00:21:00 | 000,000,000 | ---D | C] -- C:\Users\Crystal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NPL ROES
[2014/01/20 19:44:08 | 000,000,000 | ---D | C] -- C:\Users\Crystal\Desktop\print

========== Files - Modified Within 30 Days ==========

[2014/02/17 23:07:43 | 000,785,214 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/17 23:07:43 | 000,663,906 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/17 23:07:43 | 000,122,982 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/17 23:07:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Crystal\Desktop\OTL.exe
[2014/02/17 23:03:28 | 4204,388,347 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/17 23:03:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/17 23:02:14 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/02/15 19:25:16 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/15 19:25:16 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/14 01:39:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/14 00:57:55 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/02/13 03:11:52 | 000,777,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/12 23:20:41 | 000,098,973 | ---- | M] () -- C:\Users\Crystal\Desktop\greg.jpg
[2014/02/12 22:47:17 | 003,708,355 | ---- | M] () -- C:\Users\Crystal\Desktop\greg.psd
[2014/02/12 22:23:31 | 000,248,083 | ---- | M] () -- C:\Users\Crystal\Desktop\African-black-hair.jpg
[2014/02/12 22:18:02 | 000,221,681 | ---- | M] () -- C:\Users\Crystal\Desktop\Crystal Carpenter.jpg
[2014/02/12 22:11:39 | 000,219,272 | ---- | M] () -- C:\Users\Crystal\Desktop\Greg Thomas.jpg
[2014/02/08 00:16:31 | 000,003,072 | ---- | M] () -- C:\Users\Crystal\AppData\Roaming\Millers Designer Plus Prefsv3
[2014/02/06 05:30:12 | 000,004,096 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollectorres.dll
[2014/02/06 05:07:39 | 000,066,048 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iesetup.dll
[2014/02/06 05:06:47 | 000,048,640 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwproxystub.dll
[2014/02/06 04:56:03 | 000,033,792 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\iernonce.dll
[2014/02/06 04:52:11 | 000,574,976 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2014/02/06 04:49:03 | 000,139,264 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2014/02/06 04:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieetwcollector.exe
[2014/02/06 04:48:11 | 000,708,608 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9diag.dll
[2014/02/06 04:32:49 | 000,218,624 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ie4uinit.exe
[2014/02/06 04:17:15 | 000,195,584 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msrating.dll
[2014/02/06 04:11:37 | 005,768,704 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2014/02/06 04:01:36 | 000,061,952 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iesetup.dll
[2014/02/06 04:00:46 | 000,051,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieetwproxystub.dll
[2014/02/06 03:57:13 | 000,627,200 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\msfeeds.dll
[2014/02/06 03:52:21 | 000,032,768 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\iernonce.dll
[2014/02/06 03:50:32 | 002,041,856 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2014/02/06 03:49:22 | 000,440,832 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2014/02/06 03:47:22 | 000,112,128 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2014/02/06 03:46:27 | 000,553,472 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript9diag.dll
[2014/02/06 03:25:43 | 000,164,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msrating.dll
[2014/02/06 03:09:30 | 001,964,032 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2014/02/06 02:40:06 | 000,817,664 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysNative\ieapfltr.dll
[2014/02/06 02:34:31 | 000,703,488 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\ieapfltr.dll
[2014/02/04 23:18:04 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2014/02/04 20:39:10 | 000,692,616 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2014/02/04 20:39:10 | 000,071,048 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2014/01/30 18:11:19 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2014/01/30 18:11:19 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2014/01/21 00:21:00 | 000,002,183 | ---- | M] () -- C:\Users\Crystal\Desktop\NPL ROES.lnk

========== Files Created - No Company Name ==========

[2014/02/12 22:48:39 | 000,098,973 | ---- | C] () -- C:\Users\Crystal\Desktop\greg.jpg
[2014/02/12 22:46:54 | 003,708,355 | ---- | C] () -- C:\Users\Crystal\Desktop\greg.psd
[2014/02/12 22:23:31 | 000,248,083 | ---- | C] () -- C:\Users\Crystal\Desktop\African-black-hair.jpg
[2014/02/12 22:12:16 | 000,221,681 | ---- | C] () -- C:\Users\Crystal\Desktop\Crystal Carpenter.jpg
[2014/02/12 22:11:42 | 000,219,272 | ---- | C] () -- C:\Users\Crystal\Desktop\Greg Thomas.jpg
[2014/01/21 00:21:00 | 000,002,183 | ---- | C] () -- C:\Users\Crystal\Desktop\NPL ROES.lnk
[2013/12/13 00:12:15 | 000,003,744 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/10/07 23:17:43 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\Gif89.dll
[2013/10/07 23:17:25 | 000,012,062 | ---- | C] () -- C:\Windows\SysWow64\drivers\MTiCtwl.sys
[2013/04/07 23:30:42 | 000,000,132 | ---- | C] () -- C:\Users\Crystal\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/03/27 18:54:53 | 000,003,072 | ---- | C] () -- C:\Users\Crystal\AppData\Roaming\Millers Designer Plus Prefsv3
[2013/02/17 23:19:46 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\UMonit.exe
[2013/02/17 23:19:43 | 000,172,097 | ---- | C] () -- C:\Windows\SysWow64\NoMSGuninstall.exe
[2013/02/17 23:19:43 | 000,001,519 | ---- | C] () -- C:\Windows\SysWow64\_IconCfg0.ini
[2013/02/17 23:19:43 | 000,000,821 | ---- | C] () -- C:\Windows\SysWow64\ProductName.ini
[2013/02/17 23:19:43 | 000,000,181 | ---- | C] () -- C:\Windows\SysWow64\IconCfg0.ini
[2013/02/17 22:23:06 | 000,777,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/17 20:51:55 | 000,000,017 | ---- | C] () -- C:\Users\Crystal\AppData\Local\resmon.resmoncfg
[2013/02/17 17:29:19 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/06/19 18:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 07:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 07:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 07:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== Alternate Data Streams ==========

@Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34

< End of report >


Please let me know of any additional information you require.
Thanks again for your help!!!
Matt
  • 0

Advertisements


#2
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,161 posts
Hello PresMatt and welcome to the Virus, Spyware, Malware Removal forum !!

My name is Crowbar and I'll be the malware removal Geek that will be helping you remove any infections you may have on your computer.

  • Please read all of my response through at least once before attempting to follow the procedures described.
  • Please save my instructions as a text file on your desktop, or print them out, as you may not be able to access this thread at times.
  • Please follow the steps exactly as written, in the same order.
  • If there's anything you don't understand or isn't totally clear, please ask me any questions that you may have.
  • Please do not attach any log files to your replies unless I specifically ask you. Instead please copy and paste so as to include the log in your reply. You can do this in separate posts if it's easier for you.
  • This process is not an instant process - please stick with me until I tell you that your machine is clean. If you don't see any symptoms it does not mean your system is clear of malware
  • Please don't run any other scans or other software unless I ask you to, as it will make this repair more difficult.
Also please note before we begin:
Please be aware that removing Malware can be a potentially hazardous undertaking. I will take care not to knowingly suggest courses of action that might damage your computer. However it is impossible for me to foresee all interactions that may happen between the software on your computer and those we'll use to clear you of infection, and I cannot %100 guarantee the safety of your system. It is possible that we might encounter situations where the only recourse is to re-format and re-install your operating system, or to necessitate you taking your computer to a repair shop.
Because of this, I advise you to backup any personal files and folders before we start.

Hi there,
It appears that you have 2 anti virus programs running at the same time. This will not only slow down your computer, it will also make it less secure.
Do you have a paid subscription with either Comodo or AVG? Personally, I would dump both of them, and go with either Microsoft Secutiry Essentials (free), or Avast! (free version, but a paid version is also available)
Whatever you choose, you will have to uninstall any current AV with it's special removal tool. I can guide thru the process.


Step 1
We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :commands
    [createrestorepoint]
    :OTL
    [2013/05/03 14:15:43 | 000,003,723 | ---- | M] () -- C:\Program Files (x86)\mozilla firefox\searchplugins\safeguard-secure-search.xml
    O32 - AutoRun File - [2001/05/31 22:02:58 | 000,000,047 | R--- | M] () - D:\AUTORUN.INF -- [ CDFS ]
    O33 - MountPoints2\{516764c9-79dd-11e2-8fc1-806e6f6e6963}\Shell - "" = AutoRun
    O33 - MountPoints2\{516764c9-79dd-11e2-8fc1-806e6f6e6963}\Shell\AutoRun\command - "" = D:\Monsetup.exe -- [2004/10/21 15:10:23 | 004,464,026 | R--- | M] (Macromedia, Inc.)
    O33 - MountPoints2\{851e2966-da2a-11e2-8be5-bc5ff483b15b}\Shell - "" = AutoRun
    O33 - MountPoints2\{851e2966-da2a-11e2-8be5-bc5ff483b15b}\Shell\AutoRun\command - "" = L:\Setup.exe
    O33 - MountPoints2\{cfc1dc35-2d6d-11e3-a3e7-bc5ff483b15b}\Shell - "" = AutoRun
    O33 - MountPoints2\{cfc1dc35-2d6d-11e3-a3e7-bc5ff483b15b}\Shell\AutoRun\command - "" = L:\setup.exe -a
    @Alternate Data Stream - 119 bytes -> C:\ProgramData\TEMP:5C321E34
    :commands
    [emptytemp]
    [Reboot]

  • Then click the Run Fix button at the top
  • Let the program run unhindered, reboot the PC when it is done
  • Open OTL again and click the Quick Scan button. Post the log it produces in your next reply.

Step 2
Please download AdwCleaner by Xplode and save to your Desktop.
Double-click AdwCleaner.exe to run the tool.
Note: Windows Vista, Windows 7/8 users right-click and select Run as administrator.
Click the Scan button.
AdwCleaner will begin. Be patient as the scan may take some time to complete.
After the scan has finished, click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that logfile in your next reply.
A copy of that logfile will also be saved in the C:\AdwCleaner folder.

Step 3
Posted Image Please download Junkware Removal Tool to your desktop.
  • Shut down your protection software now to avoid potential conflicts.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

Step 4
If you computer now starts in normal mode please do the following, let me know if it does not start in normal mode.
Download OTL to your Desktop

  • Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Select All Users
  • Under the Custom Scan box paste this in

netsvcs
BASESERVICES
%SYSTEMDRIVE%\*.exe
/md5start
services.*
explorer.exe
winlogon.exe
Userinit.exe
svchost.exe
qmgr.dll
winsock.*
/md5stop
dir "%systemdrive%\*" /S /A:L /C
CREATERESTOREPOINT

  • Click the Quick Scan button. Do not change any settings unless otherwise told to do so. The scan wont take long.
  • Post OTL.txt in your next response

In your next reply I would like to see:
  • OTL fix log
  • ADWcleaner log
  • Junkware Removal Tool log
  • OTL custom scan log
  • There should be a file on the desktop Extras.txt. Please post that file in your next response
  • Does the computer start normally now?

  • 0

#3
PresMatt

PresMatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Hi Crowbar, thanks for taking the time to help. Steps 1 - 3 were completed in Safe Mode with networking since I'm unable to really do anything in normal startup. After finishing the steps, it still does NOT work correctly. I'm still getting to the desktop and anytime you click anything it sort of greys the item out and then after clicking a few items the entire screen goes sort of transparent grey. Please let me know what else you would like me to try! Since I wasn't able to boot normally, I did not complete step 4. Once we get this figured out, I would like to discuss anti virus solutions further.

Step 1 OTL Log

OTL logfile created on: 2/18/2014 10:05:42 PM - Run 2
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Crystal\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

31.89 Gb Total Physical Memory | 30.04 Gb Available Physical Memory | 94.20% Memory free
63.77 Gb Paging File | 61.95 Gb Available in Paging File | 97.14% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 23.17 Gb Free Space | 19.44% Space Free | Partition Type: NTFS
Drive E: | 2794.39 Gb Total Space | 701.17 Gb Free Space | 25.09% Space Free | Partition Type: NTFS

Computer Name: CCP-EDITING | User Name: Crystal | Logged in as Administrator.
Boot Mode: SafeMode with Networking | Scan Mode: Current user | Quick Scan | Include 64bit Scans
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2014/02/17 23:07:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Crystal\Desktop\OTL.exe
PRC - [2013/12/25 00:08:29 | 000,275,568 | ---- | M] (Mozilla Corporation) -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe


========== Modules (No Company Name) ==========

MOD - [2013/12/25 00:08:29 | 003,559,024 | ---- | M] () -- C:\Program Files (x86)\Mozilla Firefox\mozjs.dll


========== Services (SafeList) ==========

SRV:64bit: - [2014/02/06 04:48:45 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)
SRV:64bit: - [2013/10/19 19:23:22 | 006,254,152 | ---- | M] (COMODO) [Auto | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2013/09/24 10:53:32 | 000,164,056 | ---- | M] (COMODO) [On_Demand | Stopped] -- C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe -- (cmdvirth)
SRV:64bit: - [2013/06/10 15:28:06 | 000,084,624 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe -- (MsDepSvc)
SRV:64bit: - [2013/05/26 23:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV:64bit: - [2012/06/19 19:10:34 | 000,634,632 | ---- | M] (Intel® Corporation) [Auto | Stopped] -- C:\Program Files\Intel\iCLS Client\HeciServer.exe -- (Intel®
SRV:64bit: - [2009/07/13 19:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)
SRV - [2014/02/04 20:39:11 | 000,257,928 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2014/01/28 08:35:50 | 002,135,232 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2014/01/20 13:16:20 | 000,070,352 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe -- (CLPSLauncher)
SRV - [2014/01/20 12:15:26 | 002,327,248 | ---- | M] (Comodo Security Solutions, Inc.) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe -- (GeekBuddyRSP)
SRV - [2014/01/05 22:11:48 | 001,771,544 | ---- | M] (AVG Secure Search) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe -- (vToolbarUpdater17.3.0)
SRV - [2013/12/25 00:08:29 | 000,119,408 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)
SRV - [2013/12/21 00:04:16 | 000,065,432 | ---- | M] (Adobe Systems Incorporated) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2013/11/11 22:02:14 | 003,478,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2013/09/24 01:33:08 | 000,348,008 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Stopped] -- C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe -- (avgwd)
SRV - [2013/09/17 21:22:24 | 001,364,256 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe -- (nvUpdatusService)
SRV - [2013/09/12 00:17:46 | 000,414,496 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe -- (Stereo Service)
SRV - [2012/12/14 02:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)
SRV - [2012/11/19 12:15:20 | 000,014,904 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe -- (IAStorDataMgrSvc)
SRV - [2012/09/11 13:51:42 | 000,365,344 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe -- (UNS)
SRV - [2012/09/11 13:51:42 | 000,277,792 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe -- (LMS)
SRV - [2012/08/21 06:32:04 | 000,166,720 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\Jhi_service.exe -- (jhi_service)
SRV - [2012/07/09 00:40:10 | 000,104,912 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2012/07/05 08:23:18 | 000,129,856 | ---- | M] (Intel Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe -- (Intel®
SRV - [2012/04/09 15:21:10 | 000,036,864 | ---- | M] (Realtek) [Auto | Stopped] -- C:\Program Files (x86)\Wireless Card\RtlService.exe -- (AsusSE)
SRV - [2012/02/06 11:17:22 | 000,214,896 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe -- (MotoHelper)
SRV - [2011/07/15 00:03:00 | 000,021,488 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe -- (BOT4Service)
SRV - [2011/07/13 06:41:52 | 000,340,976 | ---- | M] (Rovi Corporation) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe -- (RoxWatch12)
SRV - [2011/07/13 06:41:30 | 001,095,664 | ---- | M] (Rovi Corporation) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe -- (RoxMediaDB13)
SRV - [2011/02/09 16:36:58 | 000,457,200 | ---- | M] () [Auto | Stopped] -- C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe -- (9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269)
SRV - [2010/02/19 13:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/06/10 15:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/12/13 00:12:14 | 000,046,368 | ---- | M] (AVG Technologies) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtpx64.sys -- (avgtp)
DRV:64bit: - [2013/11/05 21:55:48 | 000,150,808 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgdiska.sys -- (Avgdiska)
DRV:64bit: - [2013/11/04 21:52:42 | 000,240,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgidsdrivera.sys -- (AVGIDSDriver)
DRV:64bit: - [2013/10/31 23:00:18 | 000,212,280 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Stopped] -- C:\Windows\SysNative\drivers\avgldx64.sys -- (Avgldx64)
DRV:64bit: - [2013/10/31 22:49:46 | 000,294,712 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgloga.sys -- (Avgloga)
DRV:64bit: - [2013/10/24 22:25:58 | 000,194,872 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgidsha.sys -- (AVGIDSHA)
DRV:64bit: - [2013/10/01 00:52:08 | 000,123,704 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgmfx64.sys -- (Avgmfx64)
DRV:64bit: - [2013/09/24 10:54:12 | 000,023,168 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2013/09/17 21:22:42 | 000,196,384 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\nvhda64v.sys -- (NVHDA)
DRV:64bit: - [2013/09/10 00:43:02 | 000,031,544 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\avgrkx64.sys -- (Avgrkx64)
DRV:64bit: - [2013/08/01 15:07:06 | 000,251,192 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\avgtdia.sys -- (Avgtdia)
DRV:64bit: - [2013/02/17 23:18:42 | 000,060,416 | ---- | M] (GenesysLogic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GeneStor.sys -- (GeneStor)
DRV:64bit: - [2013/02/17 23:01:10 | 000,845,416 | ---- | M] (Realtek Semiconductor Corporation ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rtl8192ce.sys -- (RTL8192Ce)
DRV:64bit: - [2013/02/17 20:06:37 | 000,141,920 | ---- | M] (Acronis) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\vsflt53.sys -- (vidsflt53)
DRV:64bit: - [2013/01/18 23:52:08 | 000,046,568 | ---- | M] () [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ISCTD64.sys -- (ISCT)
DRV:64bit: - [2012/12/14 02:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)
DRV:64bit: - [2012/11/19 12:10:38 | 000,652,344 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorA.sys -- (iaStorA)
DRV:64bit: - [2012/11/19 12:10:36 | 000,028,216 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStorF.sys -- (iaStorF)
DRV:64bit: - [2012/08/27 19:51:00 | 000,230,280 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rusb3xhc.sys -- (rusb3xhc)
DRV:64bit: - [2012/08/27 19:50:58 | 000,114,568 | ---- | M] (Renesas Electronics Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\rusb3hub.sys -- (rusb3hub)
DRV:64bit: - [2012/08/23 08:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)
DRV:64bit: - [2012/08/23 08:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2012/08/23 08:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)
DRV:64bit: - [2012/07/17 18:12:08 | 000,062,784 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2012/03/01 00:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/27 03:01:00 | 000,788,760 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3xhc.sys -- (iusb3xhc)
DRV:64bit: - [2012/02/27 03:01:00 | 000,356,120 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\iusb3hub.sys -- (iusb3hub)
DRV:64bit: - [2012/02/27 03:01:00 | 000,016,152 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iusb3hcs.sys -- (iusb3hcs)
DRV:64bit: - [2011/09/21 17:56:24 | 000,049,760 | ---- | M] (Asmedia Technology) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\asahci64.sys -- (asahci64)
DRV:64bit: - [2011/05/24 02:00:00 | 000,055,952 | ---- | M] (Rovi Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)
DRV:64bit: - [2011/05/10 16:28:48 | 000,017,192 | ---- | M] (Windows ® Win 7 DDK provider) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\AsrAppCharger.sys -- (AsrAppCharger)
DRV:64bit: - [2011/05/09 20:42:14 | 000,425,000 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\k57nd60a.sys -- (k57nd60a)
DRV:64bit: - [2011/03/11 00:41:12 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/03/11 00:41:12 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/03/04 16:00:14 | 000,390,632 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmtxhci.sys -- (asmtxhci)
DRV:64bit: - [2011/03/04 16:00:14 | 000,126,952 | ---- | M] (ASMedia Technology Inc) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\asmthub3.sys -- (asmthub3)
DRV:64bit: - [2011/02/09 00:00:00 | 000,027,632 | ---- | M] (Sonic Solutions) [Kernel | System | Stopped] -- C:\Windows\SysNative\drivers\SaibVdAd64.sys -- (SaibVdAd64)
DRV:64bit: - [2011/02/09 00:00:00 | 000,027,120 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Sahdad64.sys -- (Sahdad64)
DRV:64bit: - [2011/02/09 00:00:00 | 000,019,952 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\Saibad64.sys -- (Saibad64)
DRV:64bit: - [2010/11/20 21:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)
DRV:64bit: - [2010/11/20 21:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/05/23 18:47:08 | 000,164,848 | ---- | M] (Sonic Solutions) [File_System | Boot | Running] -- C:\Windows\SysNative\drivers\syscowad64v.sys -- (SysCow)
DRV:64bit: - [2009/11/18 07:12:00 | 000,032,344 | ---- | M] (Creative Technology Ltd.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\MBfilt64.sys -- (MBfilt)
DRV:64bit: - [2009/07/13 19:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/13 19:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/13 19:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/06/10 14:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/10 14:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/10 14:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/10 14:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/06 16:06:00 | 000,014,464 | ---- | M] (Western Digital Technologies) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\wdcsam64.sys -- (WDC_SAM)
DRV - [2012/09/03 01:20:00 | 000,037,976 | ---- | M] (Windows ® Win 7 DDK provider) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\CFRMD.sys -- (CFRMD)
DRV - [2009/07/13 19:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...ms}&FORM=IE8SRC

IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com/
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/?ocid=iehp
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = D4 C1 EE 86 82 0D CE 01 [binary data]
IE - HKCU\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKCU\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...Box&FORM=IE10SR
IE - HKCU\..\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}: "URL" = http://mysearch.avg....fr&d=2013-12-13 00:12:18&v=17.1.2.1&pid=safeguard&sg=0&sap=dsp&q={searchTerms}
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local;192.168.*.*

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "AVG Secure Search"
FF - prefs.js..browser.startup.homepage: "http://mysearch.avg....fr&d=2013-12-13 00:12:18&v=17.1.2.1&pid=safeguard&sg=0&sap=hp"
FF - prefs.js..extensions.enabledAddons: %7B23fcfd51-4958-4f00-80a3-ae97e717ed8b%7D:2.1.2.126
FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:26.0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_170.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_12_0_0_44.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin: C:\Program Files (x86)\Common Files\AVG Secure Search\SiteSafetyInstaller\17.3.0\\npsitesafety.dll ()
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIIPT.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@intel-webapi.intel.com/Intel WebAPI updater: C:\Program Files (x86)\Intel\Intel® Management Engine Components\IPT\npIntelWebAPIUpdater.dll (Intel Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.25.2: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.25.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~2\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVision: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dv.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\@nvidia.com/3DVisionStreaming: C:\Program Files (x86)\NVIDIA Corporation\3D Vision\npnv3dvstreaming.dll (NVIDIA Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2013/06/20 23:17:56 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\[email protected]: C:\ProgramData\AVG SafeGuard toolbar\FireFoxExt\17.3.0.49 [2014/02/17 22:49:41 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 04:22:56 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components
FF - HKEY_CURRENT_USER\software\mozilla\Mozilla Firefox 26.0\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2014/01/15 04:22:56 | 000,000,000 | ---D | M]

[2013/02/17 20:13:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crystal\AppData\Roaming\Mozilla\Extensions
[2013/09/27 19:08:01 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Crystal\AppData\Roaming\Mozilla\Firefox\Profiles\ud73nv1s.default\extensions
[2013/12/25 00:08:27 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions
[2013/12/25 00:08:29 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2013/06/20 23:17:56 | 000,000,000 | ---D | M] (DivX Plus Web Player HTML5 &lt;video&gt;) -- C:\PROGRAM FILES (X86)\DIVX\DIVX PLUS WEB PLAYER\FIREFOX\DIVXHTML5

O1 HOSTS File: ([2009/06/10 15:00:26 | 000,000,824 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O2:64bit: - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2:64bit: - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (AVG SafeGuard toolbar) - {95B7759C-8C7F-4BF1-B163-73684A933233} - C:\Program Files (x86)\AVG SafeGuard toolbar\17.3.0.49\AVG SafeGuard toolbar_toolbar.dll (AVG Secure Search)
O4 - HKLM..\Run: [] File not found
O4 - HKCU..\Run: [AdobeBridge] File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoChangeStartMenu = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoClose = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoLogOff = 0
O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)
O1364bit: - gopher Prefix: missing
O13 - gopher Prefix: missing
O16 - DPF: {CF84DAC5-A4F5-419E-A0BA-C01FFD71112F} http://content.syste...el_4.5.13.0.cab (SysInfo Class)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{0049F15D-8C1E-4A5A-8BA0-4B6181A37EBD}: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{80FB2891-4AE4-404C-882F-D1A226AC8B46}: DhcpNameServer = 68.113.206.10 24.217.0.5 71.92.29.130
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\viprotocol - No CLSID value found
O18 - Protocol\Handler\viprotocol {B658800C-F66E-4EF3-AB85-6C0C227862A9} - C:\Program Files (x86)\Common Files\AVG Secure Search\ViProtocolInstaller\17.3.0\ViProtocol.dll (AVG Secure Search)
O20:64bit: - AppInit_DLLs: (C:\Windows\system32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2014/02/18 22:02:30 | 000,000,000 | ---D | C] -- C:\_OTL
[2014/02/17 23:07:27 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Crystal\Desktop\OTL.exe
[2014/02/17 23:01:23 | 000,000,000 | ---D | C] -- C:\Windows\pss
[2014/02/17 22:17:59 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Spybot - Search & Destroy 2
[2014/02/08 00:22:09 | 000,000,000 | ---D | C] -- C:\Users\Crystal\Desktop\Jenn blog
[2014/02/04 23:18:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\COMODO
[2014/01/30 19:47:31 | 000,000,000 | ---D | C] -- C:\Users\Crystal\Desktop\amy+logan blog
[2014/01/29 22:17:56 | 000,000,000 | ---D | C] -- C:\Users\Crystal\Desktop\blog
[2014/01/21 00:21:05 | 000,000,000 | ---D | C] -- C:\Users\Crystal\.NationsPhoto
[2014/01/21 00:21:01 | 000,000,000 | ---D | C] -- C:\Users\Crystal\.roescache
[2014/01/21 00:21:00 | 000,000,000 | ---D | C] -- C:\Users\Crystal\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\NPL ROES
[2014/01/20 19:44:08 | 000,000,000 | ---D | C] -- C:\Users\Crystal\Desktop\print

========== Files - Modified Within 30 Days ==========

[2014/02/18 22:04:28 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2014/02/18 22:04:27 | 4204,388,347 | -HS- | M] () -- C:\hiberfil.sys
[2014/02/18 22:03:42 | 000,000,828 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d-Logon.job
[2014/02/17 23:07:43 | 000,785,214 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2014/02/17 23:07:43 | 000,663,906 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2014/02/17 23:07:43 | 000,122,982 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2014/02/17 23:07:27 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Crystal\Desktop\OTL.exe
[2014/02/15 19:25:16 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2014/02/15 19:25:16 | 000,022,096 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2014/02/14 01:39:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2014/02/14 00:57:55 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\ISM-UpdateService-4e00205a-2ab1-4423-8f77-cc25b82cde1d.job
[2014/02/13 03:11:52 | 000,777,336 | ---- | M] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2014/02/12 23:20:41 | 000,098,973 | ---- | M] () -- C:\Users\Crystal\Desktop\greg.jpg
[2014/02/12 22:47:17 | 003,708,355 | ---- | M] () -- C:\Users\Crystal\Desktop\greg.psd
[2014/02/12 22:23:31 | 000,248,083 | ---- | M] () -- C:\Users\Crystal\Desktop\African-black-hair.jpg
[2014/02/12 22:18:02 | 000,221,681 | ---- | M] () -- C:\Users\Crystal\Desktop\Crystal Carpenter.jpg
[2014/02/12 22:11:39 | 000,219,272 | ---- | M] () -- C:\Users\Crystal\Desktop\Greg Thomas.jpg
[2014/02/08 00:16:31 | 000,003,072 | ---- | M] () -- C:\Users\Crystal\AppData\Roaming\Millers Designer Plus Prefsv3
[2014/02/04 23:18:04 | 000,002,043 | ---- | M] () -- C:\Users\Public\Desktop\GeekBuddy.lnk
[2014/01/30 18:11:19 | 000,057,096 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysNative\certsentry.dll
[2014/01/30 18:11:19 | 000,048,392 | ---- | M] (COMODO CA Limited) -- C:\Windows\SysWow64\certsentry.dll
[2014/01/21 00:21:00 | 000,002,183 | ---- | M] () -- C:\Users\Crystal\Desktop\NPL ROES.lnk

========== Files Created - No Company Name ==========

[2014/02/12 22:48:39 | 000,098,973 | ---- | C] () -- C:\Users\Crystal\Desktop\greg.jpg
[2014/02/12 22:46:54 | 003,708,355 | ---- | C] () -- C:\Users\Crystal\Desktop\greg.psd
[2014/02/12 22:23:31 | 000,248,083 | ---- | C] () -- C:\Users\Crystal\Desktop\African-black-hair.jpg
[2014/02/12 22:12:16 | 000,221,681 | ---- | C] () -- C:\Users\Crystal\Desktop\Crystal Carpenter.jpg
[2014/02/12 22:11:42 | 000,219,272 | ---- | C] () -- C:\Users\Crystal\Desktop\Greg Thomas.jpg
[2014/01/21 00:21:00 | 000,002,183 | ---- | C] () -- C:\Users\Crystal\Desktop\NPL ROES.lnk
[2013/12/13 00:12:15 | 000,003,744 | ---- | C] () -- C:\Program Files (x86)\Mozilla Firefoxsafeguard-secure-search.xml
[2013/10/07 23:17:43 | 000,065,536 | ---- | C] () -- C:\Windows\SysWow64\Gif89.dll
[2013/10/07 23:17:25 | 000,012,062 | ---- | C] () -- C:\Windows\SysWow64\drivers\MTiCtwl.sys
[2013/04/07 23:30:42 | 000,000,132 | ---- | C] () -- C:\Users\Crystal\AppData\Roaming\Adobe PNG Format CS6 Prefs
[2013/03/27 18:54:53 | 000,003,072 | ---- | C] () -- C:\Users\Crystal\AppData\Roaming\Millers Designer Plus Prefsv3
[2013/02/17 23:19:46 | 000,040,960 | ---- | C] () -- C:\Windows\SysWow64\UMonit.exe
[2013/02/17 23:19:43 | 000,172,097 | ---- | C] () -- C:\Windows\SysWow64\NoMSGuninstall.exe
[2013/02/17 23:19:43 | 000,001,519 | ---- | C] () -- C:\Windows\SysWow64\_IconCfg0.ini
[2013/02/17 23:19:43 | 000,000,821 | ---- | C] () -- C:\Windows\SysWow64\ProductName.ini
[2013/02/17 23:19:43 | 000,000,181 | ---- | C] () -- C:\Windows\SysWow64\IconCfg0.ini
[2013/02/17 22:23:06 | 000,777,336 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2013/02/17 20:51:55 | 000,000,017 | ---- | C] () -- C:\Users\Crystal\AppData\Local\resmon.resmoncfg
[2013/02/17 17:29:19 | 000,451,072 | ---- | C] () -- C:\Windows\SysWow64\ISSRemoveSP.exe
[2012/12/14 02:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll
[2012/12/14 02:42:24 | 000,754,652 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng700.bin
[2012/12/14 02:42:24 | 000,598,384 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng700.bin
[2012/06/19 18:52:42 | 000,001,536 | ---- | C] () -- C:\Windows\SysWow64\IusEventLog.dll

========== ZeroAccess Check ==========

[2009/07/13 22:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64
"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 20:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]
"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 19:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2012/08/21 07:11:31 | 000,857,088 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]
"" = %systemroot%\system32\wbem\fastprox.dll -- [2012/08/21 07:37:44 | 000,636,928 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64
"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2012/08/21 07:08:38 | 000,453,120 | ---- | M] (Microsoft Corporation)
"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2013/02/27 10:10:52 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\Anthropics
[2013/10/27 15:29:09 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\AVG2014
[2013/03/06 20:04:27 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\DAEMON Tools Lite
[2013/02/18 21:33:26 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\HDRsoft
[2013/03/27 18:54:45 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\Millers Designer Plus
[2013/10/06 13:07:52 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\Motorola
[2013/10/31 22:19:43 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\NAVIGON Fresh
[2013/12/06 23:41:32 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\npm
[2013/02/17 20:26:24 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\Seagate
[2013/02/18 21:21:01 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\StageManager.BD092818F67280F4B42B04877600987F0111B594.1
[2013/02/17 20:39:26 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\SystemRequirementsLab
[2013/02/17 20:28:56 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\TuneUp Software
[2013/11/01 00:04:07 | 000,000,000 | ---D | M] -- C:\Users\Crystal\AppData\Roaming\uTorrent

========== Purity Check ==========



< End of report >


+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Step 2 Adwcleaner Log

# AdwCleaner v3.019 - Report created 18/02/2014 at 22:09:57
# Updated 17/02/2014 by Xplode
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Crystal - CCP-EDITING
# Running from : C:\Users\Crystal\Desktop\AdwCleaner.exe
# Option : Clean

***** [ Services ] *****

[#] Service Deleted : vToolbarUpdater17.3.0

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\AVG SafeGuard toolbar
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\boost_interprocess
Folder Deleted : C:\Program Files (x86)\AVG SafeGuard toolbar
Folder Deleted : C:\Program Files (x86)\Common Files\AVG Secure Search
Folder Deleted : C:\Users\Crystal\AppData\Local\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Crystal\AppData\LocalLow\AVG SafeGuard toolbar
Folder Deleted : C:\Users\Crystal\AppData\LocalLow\boost_interprocess
File Deleted : C:\Program Files (x86)\Mozilla Firefox\browser\searchplugins\safeguard-secure-search.xml

***** [ Shortcuts ] *****


***** [ Registry ] *****

Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ScriptHelper.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ViProtocol.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.BrowserWndAPI.1
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj
Key Deleted : HKLM\SOFTWARE\Classes\AVG SafeGuard toolbar.PugiObj.1
Key Deleted : HKLM\SOFTWARE\Classes\protocols\handler\viprotocol
Key Deleted : HKLM\SOFTWARE\Classes\S
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi
Key Deleted : HKLM\SOFTWARE\Classes\ScriptHelper.ScriptHelperApi.1
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE
Key Deleted : HKLM\SOFTWARE\Classes\ViProtocol.ViProtocolOLE.1
Key Deleted : HKLM\SOFTWARE\MozillaPlugins\@avg.com/AVG SiteSafety plugin,version=11.0.0.1,application/x-avg-sitesafety-plugin
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{1FDFF5A2-7BB1-48E1-8081-7236812B12B2}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BB711CB0-C70B-482E-9852-EC05EBD71DBB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{408CFAD9-8F13-4747-8EC7-770A339C7237}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{933B95E2-E7B7-4AD9-B952-7AC336682AE3}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B658800C-F66E-4EF3-AB85-6C0C227862A9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{07CAC314-E962-4F78-89AB-DD002F2490EE}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{74FB6AFD-DD77-4CEB-83BD-AB2B63E63C93}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{C2AC8A0E-E48E-484B-A71C-C7A937FAAB94}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{95B7759C-8C7F-4BF1-B163-73684A933233}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{C6FDD0C3-266A-4DC3-B459-28C697C44CDC}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{95B7759C-8C7F-4BF1-B163-73684A933233}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{95B7759C-8C7F-4BF1-B163-73684A933233}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E92DB5F-AAD9-49D3-8EAB-B40CBE5B1FF7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C401D2CE-DC27-45C7-BC0C-8E6EA7F085D6}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{F25AF245-4A81-40DC-92F9-E9021F207706}
Key Deleted : HKCU\Software\AVG SafeGuard toolbar
Key Deleted : HKCU\Software\FLEXnet
Key Deleted : HKLM\Software\AVG SafeGuard toolbar
Key Deleted : HKLM\Software\AVG Secure Search
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\AVG SafeGuard toolbar

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16518


-\\ Mozilla Firefox v26.0 (en-US)

[ File : C:\Users\Crystal\AppData\Roaming\Mozilla\Firefox\Profiles\ud73nv1s.default\prefs.js ]

Line Deleted : user_pref("browser.search.selectedEngine", "AVG Secure Search");

*************************

AdwCleaner[R0].txt - [6103 octets] - [18/02/2014 22:09:18]
AdwCleaner[S0].txt - [5945 octets] - [18/02/2014 22:09:57]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [6005 octets] ##########

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Step 3 JRT Log

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.1 (02.04.2014:1)
OS: Windows 7 Professional x64
Ran by Crystal on Tue 02/18/2014 at 22:15:42.27
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values



~~~ Registry Keys



~~~ Files



~~~ Folders



~~~ FireFox

Successfully deleted the following from C:\Users\Crystal\AppData\Roaming\mozilla\firefox\profiles\ud73nv1s.default\prefs.js

user_pref("browser.startup.homepage", "hxxp://mysearch.avg.com?cid={5E9F23E4-E6D7-48CD-BBE0-9D80FD7B979D}&mid=f9672c5faf7147d3b00e06827eaf7904-ad1491be2ce6c122f6b66faa90e70c2d
Emptied folder: C:\Users\Crystal\AppData\Roaming\mozilla\firefox\profiles\ud73nv1s.default\minidumps [28 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Tue 02/18/2014 at 22:17:05.84
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
  • 0

#4
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,161 posts
Hello -
I noticed one more thing to point out - you are low on available disk space on your system drive.
You were critically low but cleaning out your temporary files (in the OTL fix) helped alot. I would still like to see you have a little bit more free space on your c: drive, ideally there should be a minimum of %20, and now you are at %19. %25 would be optimum, so is it possible to move some files to another drive, or uninstall some unused programs?

Now for your antivirus, please let me know what you would like to do about that, having 2 of them running is really not good. It would be easier to keep the Comodo AV, but that is totally up to you.

I notice that you have one or more P2P (Peer to Peer) file sharing programs installed on your computer.
  • uTorrent
This is a very easy way to get infected, as many of the files that can be downloaded with these P2P programs are infected with all sorts of malware.
You put your system at a very big risk by downloading these files, and that is why we recommend
that you remove these programs from your computer.
Please visit the following site:
P2P File Sharing: Evaluate the Risks
If you do not want to remove them, please DO NOT use them while we are cleaning your machine, but be assured, if you download files using P2P programs, you will get an infection.

If you need any help removing them I will be glad to assist you.

Step 1
  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan

Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

Step 2
Download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.

Posted Image

  • Put a checkmark beside loaded modules.

Posted Image

  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes then click OK.
Posted Image

  • Click the Start Scan button.
Posted Image
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
Posted Image
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
Posted Image
Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.

In your next reply I would like to see:
  • Please answer question about your Anti Virus issues
  • roguekiller log
  • TDSSKiller log - please be careful and follow the instructions completely, especially about using Skip. Don't delete anything at this point.

  • 0

#5
PresMatt

PresMatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Hi Crowbar.

I want whatever antivirus is safest and works best for free. If you recommend something else other that what I have, I will gladly go with that. The reason there are two is I thought AVG was strictly virus and Comodo was strictly a firewall and could overlap to provide better protection.

Also, the C drive is only used for programs currently being used. It's a SSD that only houses photoshop/lightroom/other photo programs and the OS. The plan is to eventually mirror copy the current SSD to a larger SSD and then use the current system drive as a scratch disk for lightroom/photoshop.

I also got rid of Utorent. I agree, P2P is the best way to get infected with something.

Here is the RK log:

RogueKiller V8.8.8 [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Safe mode with network support
User : Crystal [Admin rights]
Mode : Scan -- Date : 02/19/2014 12:22:22
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 5 ¤¤¤
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 1 ¤¤¤
[V1][SUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Intel Raid 1 Volume SCSI Disk Device +++++
--- User ---
[MBR] dfa36d5281e390ef660d310a06444380
[BSP] 3e0f9a4c37ae8f964a84e3643b8d89c3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) OCZ-VERTEX4 ATA Device +++++
--- User ---
[MBR] 2737e568399bdae84e5eac02b7d94708
[BSP] 1f97a1ca40e8ddda5b8db3cf663ff4fb : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 122002 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_02192014_122222.txt >>


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Here is the TDSSKiller log which didn't find anything:

12:30:18.0726 0x077c TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
12:30:22.0080 0x077c ============================================================
12:30:22.0080 0x077c Current date / time: 2014/02/19 12:30:22.0080
12:30:22.0080 0x077c SystemInfo:
12:30:22.0080 0x077c
12:30:22.0080 0x077c OS Version: 6.1.7601 ServicePack: 1.0
12:30:22.0080 0x077c Product type: Workstation
12:30:22.0080 0x077c ComputerName: CCP-EDITING
12:30:22.0080 0x077c UserName: Crystal
12:30:22.0080 0x077c Windows directory: C:\Windows
12:30:22.0080 0x077c System windows directory: C:\Windows
12:30:22.0080 0x077c Running under WOW64
12:30:22.0080 0x077c Processor architecture: Intel x64
12:30:22.0080 0x077c Number of processors: 8
12:30:22.0080 0x077c Page size: 0x1000
12:30:22.0080 0x077c Boot type: Safe boot with network
12:30:22.0080 0x077c ============================================================
12:30:22.0080 0x077c BG loaded
12:30:22.0112 0x077c System UUID: {30FE9842-0271-F13A-266E-85BC28E8A241}
12:30:22.0392 0x077c Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:30:22.0439 0x077c Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1200000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:30:22.0502 0x077c ============================================================
12:30:22.0502 0x077c \Device\Harddisk1\DR1:
12:30:22.0502 0x077c MBR partitions:
12:30:22.0502 0x077c \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:30:22.0502 0x077c \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
12:30:22.0502 0x077c \Device\Harddisk0\DR0:
12:30:22.0533 0x077c GPT partitions:
12:30:22.0642 0x077c \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6FF43E5A-7992-11E2-A81E-F2CB7F76B652}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:30:22.0642 0x077c \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6FF43E5B-7992-11E2-A81E-F2CB7F76B652}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C8000
12:30:22.0642 0x077c MBR partitions:
12:30:22.0642 0x077c ============================================================
12:30:22.0642 0x077c C: <-> \Device\Harddisk1\DR1\Partition2
12:30:22.0798 0x077c E: <-> \Device\Harddisk0\DR0\Partition2
12:30:22.0798 0x077c ============================================================
12:30:22.0798 0x077c Initialize success
12:30:22.0798 0x077c ============================================================
12:32:12.0358 0x0758 ============================================================
12:32:12.0358 0x0758 Scan started
12:32:12.0358 0x0758 Mode: Manual; SigCheck; TDLFS;
12:32:12.0358 0x0758 ============================================================
12:32:12.0358 0x0758 KSN ping started
12:32:26.0835 0x0758 KSN ping finished: true
12:32:27.0131 0x0758 ================ Scan system memory ========================
12:32:27.0131 0x0758 System memory - ok
12:32:27.0131 0x0758 ================ Scan services =============================
12:32:27.0162 0x0758 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:32:27.0209 0x0758 1394ohci - ok
12:32:27.0225 0x0758 [ C863272577DC93199F9A2D108468EDB9, 4F4FC8E5467E3F930A0EBD5266E52DA2E4D8DEFE4BFAB2CC05E19AFC384C51DC ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
12:32:27.0240 0x0758 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
12:32:27.0256 0x0758 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:32:27.0272 0x0758 ACPI - ok
12:32:27.0272 0x0758 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:32:27.0287 0x0758 AcpiPmi - ok
12:32:27.0287 0x0758 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:32:27.0287 0x0758 AdobeARMservice - ok
12:32:27.0318 0x0758 [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:32:27.0318 0x0758 AdobeFlashPlayerUpdateSvc - ok
12:32:27.0334 0x0758 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:32:27.0350 0x0758 adp94xx - ok
12:32:27.0365 0x0758 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:32:27.0365 0x0758 adpahci - ok
12:32:27.0381 0x0758 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:32:27.0381 0x0758 adpu320 - ok
12:32:27.0381 0x0758 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:32:27.0428 0x0758 AeLookupSvc - ok
12:32:27.0443 0x0758 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
12:32:27.0459 0x0758 AFD - ok
12:32:27.0459 0x0758 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:32:27.0459 0x0758 agp440 - ok
12:32:27.0474 0x0758 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:32:27.0474 0x0758 ALG - ok
12:32:27.0474 0x0758 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:32:27.0490 0x0758 aliide - ok
12:32:27.0490 0x0758 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:32:27.0490 0x0758 amdide - ok
12:32:27.0490 0x0758 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:32:27.0506 0x0758 AmdK8 - ok
12:32:27.0506 0x0758 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:32:27.0521 0x0758 AmdPPM - ok
12:32:27.0521 0x0758 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:32:27.0521 0x0758 amdsata - ok
12:32:27.0537 0x0758 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:32:27.0537 0x0758 amdsbs - ok
12:32:27.0537 0x0758 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:32:27.0552 0x0758 amdxata - ok
12:32:27.0552 0x0758 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:32:27.0599 0x0758 AppID - ok
12:32:27.0615 0x0758 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:32:27.0630 0x0758 AppIDSvc - ok
12:32:27.0630 0x0758 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:32:27.0630 0x0758 Appinfo - ok
12:32:27.0646 0x0758 [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:32:27.0646 0x0758 Apple Mobile Device - ok
12:32:27.0662 0x0758 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:32:27.0662 0x0758 AppMgmt - ok
12:32:27.0662 0x0758 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:32:27.0677 0x0758 arc - ok
12:32:27.0677 0x0758 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:32:27.0693 0x0758 arcsas - ok
12:32:27.0693 0x0758 [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
12:32:27.0693 0x0758 asahci64 - ok
12:32:27.0708 0x0758 [ 6FE3237C1177E66437E7AD0E8AC1A6E5, 3223D4E57150DE8F768BC1BE0E6DCFFC6CA5B09DC7D7ADF283C90929100B0B7B ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
12:32:27.0708 0x0758 asmthub3 - ok
12:32:27.0724 0x0758 [ C4043E39A2ABBC56581CA25DF161E9F7, 1B53A8BEE4823EA842A00F5304428F0B4D14078045CF84ED20D8DF0FB8826040 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
12:32:27.0740 0x0758 asmtxhci - ok
12:32:27.0740 0x0758 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:32:27.0755 0x0758 aspnet_state - ok
12:32:27.0755 0x0758 [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
12:32:27.0755 0x0758 AsrAppCharger - ok
12:32:27.0755 0x0758 [ EA569D48B2E755AF6D96F03F3335D98A, EED2DCDF187A69F36A38129C8A1E0D6FE0EBF9232DEAF68A116E9A26E40AB636 ] AsusSE C:\Program Files (x86)\Wireless Card\RtlService.exe
12:32:27.0771 0x0758 AsusSE - detected UnsignedFile.Multi.Generic ( 1 )
12:32:30.0688 0x0758 Detect skipped due to KSN trusted
12:32:30.0688 0x0758 AsusSE - ok
12:32:30.0688 0x0758 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:32:30.0704 0x0758 AsyncMac - ok
12:32:30.0704 0x0758 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:32:30.0719 0x0758 atapi - ok
12:32:30.0735 0x0758 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:32:30.0766 0x0758 AudioEndpointBuilder - ok
12:32:30.0766 0x0758 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:32:30.0797 0x0758 AudioSrv - ok
12:32:30.0813 0x0758 [ 27CA53E91543B800E16129BCEC3247AD, D13DAF369EDEC383377A7FCE4AA997F8EA6740D18819BBEBAEC0C09C41F700B8 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
12:32:30.0813 0x0758 Avgdiska - ok
12:32:30.0875 0x0758 [ F89B2DACE0FBE54CF65D12B7081C19C3, 64BBA5A29948ABFADB8865CE0D7D0259AB291B8DA04786AB351055D57B49D439 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
12:32:30.0938 0x0758 AVGIDSAgent - ok
12:32:30.0938 0x0758 [ 57250DDDE2523115D0927DBBA745F9FA, 0560733DBECC074016532ABCF2B2428DBA689A9B930993E7544A2D50B0DCAFA9 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:32:30.0953 0x0758 AVGIDSDriver - ok
12:32:30.0953 0x0758 [ 19AD820FC44AA71EDD1BC70B6E3F36B0, 997CA09273476881E4F824803B769BF3B67CC5ADAE8B99EBBD7A72C2205C3153 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
12:32:30.0969 0x0758 AVGIDSHA - ok
12:32:30.0969 0x0758 [ 4BE8BB177B4C2BC3564845EF6D1073F1, 4ACA54EA54F5ABA96A73BD83C0C5A83C37090FEB7CBE67AE94E9CD3E364931C8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
12:32:30.0985 0x0758 Avgldx64 - ok
12:32:30.0985 0x0758 [ D3772CC086FB81F76B5A82C85E1C7C8E, B1BEFD7AC658F28AECEF5468F5815504BDDC8A4203207B6F0CA53C5B216F782D ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
12:32:31.0000 0x0758 Avgloga - ok
12:32:31.0000 0x0758 [ A0BCE5DC2C1F1EE5C1CA19A33375AC23, 517663AEDD7A45607E17910DE60B2847E521472F9C0AB56034617BE2F351DE8D ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
12:32:31.0000 0x0758 Avgmfx64 - ok
12:32:31.0016 0x0758 [ 12FAAF366975B2BF2E93F1866C0E480D, 559480A1434E6805CF4F3DB5352E98387053194BB7B0DB18099B53D306D9951D ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
12:32:31.0016 0x0758 Avgrkx64 - ok
12:32:31.0016 0x0758 [ 4E364FABBD147F59E5D524C9EA86D772, 5D2B1E35EDBF68C23C5BF38B8B7AC484E3430219E0072C4831F58A9E8386A5FD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
12:32:31.0031 0x0758 Avgtdia - ok
12:32:31.0031 0x0758 [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
12:32:31.0031 0x0758 avgtp - ok
12:32:31.0047 0x0758 [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
12:32:31.0063 0x0758 avgwd - ok
12:32:31.0063 0x0758 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:32:31.0078 0x0758 AxInstSV - ok
12:32:31.0094 0x0758 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:32:31.0109 0x0758 b06bdrv - ok
12:32:31.0109 0x0758 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:32:31.0125 0x0758 b57nd60a - ok
12:32:31.0125 0x0758 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:32:31.0141 0x0758 BDESVC - ok
12:32:31.0141 0x0758 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:32:31.0156 0x0758 Beep - ok
12:32:31.0172 0x0758 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:32:31.0187 0x0758 BFE - ok
12:32:31.0203 0x0758 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:32:31.0250 0x0758 BITS - ok
12:32:31.0250 0x0758 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:32:31.0265 0x0758 blbdrive - ok
12:32:31.0281 0x0758 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:32:31.0281 0x0758 Bonjour Service - ok
12:32:31.0297 0x0758 [ C752A6902163B5E9C3554BA69A275F41, 29D729B52700DCCA4E57FE38A5B92103CE79C8C59B6E7162CCB8E7C19BAE1942 ] BOT4Service C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
12:32:31.0297 0x0758 BOT4Service - ok
12:32:31.0297 0x0758 [ 92E3765E2F9E7EE2542C9C2F6318464C, 61A56759847A976AF1949692EAA60A061E8EF865094F2DBC27D65D016CFA14BC ] BOTService C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe
12:32:31.0312 0x0758 BOTService - ok
12:32:31.0312 0x0758 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:32:31.0328 0x0758 bowser - ok
12:32:31.0328 0x0758 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:32:31.0328 0x0758 BrFiltLo - ok
12:32:31.0328 0x0758 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:32:31.0343 0x0758 BrFiltUp - ok
12:32:31.0343 0x0758 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:32:31.0359 0x0758 Browser - ok
12:32:31.0359 0x0758 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:32:31.0375 0x0758 Brserid - ok
12:32:31.0375 0x0758 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:32:31.0390 0x0758 BrSerWdm - ok
12:32:31.0390 0x0758 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:32:31.0390 0x0758 BrUsbMdm - ok
12:32:31.0406 0x0758 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:32:31.0406 0x0758 BrUsbSer - ok
12:32:31.0406 0x0758 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:32:31.0421 0x0758 BTHMODEM - ok
12:32:31.0421 0x0758 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:32:31.0437 0x0758 bthserv - ok
12:32:31.0437 0x0758 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:32:31.0468 0x0758 cdfs - ok
12:32:31.0468 0x0758 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:32:31.0484 0x0758 cdrom - ok
12:32:31.0484 0x0758 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:32:31.0499 0x0758 CertPropSvc - ok
12:32:31.0515 0x0758 CFRMD - ok
12:32:31.0515 0x0758 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:32:31.0515 0x0758 circlass - ok
12:32:31.0531 0x0758 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:32:31.0546 0x0758 CLFS - ok
12:32:31.0546 0x0758 [ 5F050AE8EF2F70C1B4A91ACECBB6BFF9, 03021D1928B913C2F66EDB1985577B796595E157D2B8F0750DAD6E95281E88CD ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
12:32:31.0546 0x0758 CLPSLauncher - ok
12:32:31.0546 0x0758 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:32:31.0562 0x0758 clr_optimization_v2.0.50727_32 - ok
12:32:31.0562 0x0758 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:32:31.0577 0x0758 clr_optimization_v2.0.50727_64 - ok
12:32:31.0577 0x0758 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:32:31.0593 0x0758 clr_optimization_v4.0.30319_32 - ok
12:32:31.0593 0x0758 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:32:31.0609 0x0758 clr_optimization_v4.0.30319_64 - ok
12:32:31.0609 0x0758 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:32:31.0624 0x0758 CmBatt - ok
12:32:31.0718 0x0758 [ 2D1E7E163AB1C927ACBA22CBE4A9F818, 81CAC4AC46573AE997FA98E4FFD5CE88A9BB8D3BE80CA075490EA3168414E649 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
12:32:31.0827 0x0758 cmdAgent - ok
12:32:31.0843 0x0758 [ E34DF9613C8D24C5CB6F8DF8D74E5586, BFE4BC747262439F98A3B39FFF484D350A247143B7F7074BC78C2124798BE448 ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
12:32:31.0843 0x0758 cmderd - ok
12:32:31.0858 0x0758 [ D8E4A9A691BBA24EE242A1FDDF6EBAA1, EC5D49D746DD1B7D8D403F577EB95EE59923BD8DCDBBFE65B4983EC2A33808D4 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
12:32:31.0874 0x0758 cmdGuard - ok
12:32:31.0874 0x0758 [ F6B424B925B67C306BAA85AC79F7A5CC, 910E86EDFD1750324C70167989DDFE17C9E061822039AE35D6F66113E32320D6 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
12:32:31.0889 0x0758 cmdHlp - ok
12:32:31.0889 0x0758 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:32:31.0889 0x0758 cmdide - ok
12:32:31.0889 0x0758 [ A3574DCC6588D6E09E069D2BE61537EC, E9AA0DA9A6C6F22398C2555FA6AA24B2142791B7281E91973842A5E88A2815D4 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
12:32:31.0905 0x0758 cmdvirth - ok
12:32:31.0921 0x0758 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:32:31.0936 0x0758 CNG - ok
12:32:31.0936 0x0758 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:32:31.0936 0x0758 Compbatt - ok
12:32:31.0936 0x0758 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:32:31.0952 0x0758 CompositeBus - ok
12:32:31.0952 0x0758 COMSysApp - ok
12:32:31.0983 0x0758 [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:32:31.0983 0x0758 cphs - ok
12:32:31.0983 0x0758 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:32:31.0999 0x0758 crcdisk - ok
12:32:31.0999 0x0758 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:32:32.0014 0x0758 CryptSvc - ok
12:32:32.0014 0x0758 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:32:32.0030 0x0758 CSC - ok
12:32:32.0045 0x0758 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:32:32.0061 0x0758 CscService - ok
12:32:32.0077 0x0758 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:32:32.0108 0x0758 DcomLaunch - ok
12:32:32.0108 0x0758 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:32:32.0139 0x0758 defragsvc - ok
12:32:32.0139 0x0758 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:32:32.0155 0x0758 DfsC - ok
12:32:32.0170 0x0758 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:32:32.0186 0x0758 Dhcp - ok
12:32:32.0186 0x0758 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:32:32.0201 0x0758 discache - ok
12:32:32.0201 0x0758 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:32:32.0217 0x0758 Disk - ok
12:32:32.0217 0x0758 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:32:32.0217 0x0758 dmvsc - ok
12:32:32.0233 0x0758 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:32:32.0233 0x0758 Dnscache - ok
12:32:32.0248 0x0758 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:32:32.0264 0x0758 dot3svc - ok
12:32:32.0264 0x0758 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:32:32.0295 0x0758 DPS - ok
12:32:32.0342 0x0758 [ 49B2C034D77F9F73C80AC55E795CCB6E, EC3B3AF80FA86222E63ABA646C3452C7AD1B9462A1A18D059F5F7EC18C37D97C ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
12:32:32.0373 0x0758 DragonUpdater - ok
12:32:32.0373 0x0758 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:32:32.0389 0x0758 drmkaud - ok
12:32:32.0404 0x0758 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:32:32.0420 0x0758 DXGKrnl - ok
12:32:32.0435 0x0758 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:32:32.0451 0x0758 EapHost - ok
12:32:32.0498 0x0758 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:32:32.0576 0x0758 ebdrv - ok
12:32:32.0576 0x0758 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
12:32:32.0576 0x0758 EFS - ok
12:32:32.0591 0x0758 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:32:32.0623 0x0758 ehRecvr - ok
12:32:32.0623 0x0758 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:32:32.0638 0x0758 ehSched - ok
12:32:32.0638 0x0758 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:32:32.0654 0x0758 elxstor - ok
12:32:32.0654 0x0758 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:32:32.0669 0x0758 ErrDev - ok
12:32:32.0669 0x0758 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:32:32.0701 0x0758 EventSystem - ok
12:32:32.0701 0x0758 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:32:32.0732 0x0758 exfat - ok
12:32:32.0732 0x0758 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:32:32.0763 0x0758 fastfat - ok
12:32:32.0763 0x0758 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:32:32.0794 0x0758 Fax - ok
12:32:32.0794 0x0758 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:32:32.0794 0x0758 fdc - ok
12:32:32.0794 0x0758 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:32:32.0825 0x0758 fdPHost - ok
12:32:32.0825 0x0758 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:32:32.0841 0x0758 FDResPub - ok
12:32:32.0841 0x0758 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:32:32.0857 0x0758 FileInfo - ok
12:32:32.0857 0x0758 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:32:32.0872 0x0758 Filetrace - ok
12:32:32.0872 0x0758 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:32:32.0872 0x0758 flpydisk - ok
12:32:32.0888 0x0758 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:32:32.0888 0x0758 FltMgr - ok
12:32:32.0919 0x0758 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:32:32.0950 0x0758 FontCache - ok
12:32:32.0950 0x0758 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:32:32.0950 0x0758 FontCache3.0.0.0 - ok
12:32:32.0950 0x0758 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:32:32.0966 0x0758 FsDepends - ok
12:32:32.0966 0x0758 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:32:32.0966 0x0758 Fs_Rec - ok
12:32:32.0981 0x0758 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:32:32.0981 0x0758 fvevol - ok
12:32:32.0997 0x0758 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:32:32.0997 0x0758 gagp30kx - ok
12:32:32.0997 0x0758 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:32:33.0013 0x0758 GEARAspiWDM - ok
12:32:33.0044 0x0758 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
12:32:33.0091 0x0758 GeekBuddyRSP - ok
12:32:33.0091 0x0758 [ 1D265B74A4A6888CDC8EB1A9C6B969C4, 0272B218A120A968EF50ED5508877440EB5515FEB3A12181838080C2EBC39329 ] GeneStor C:\Windows\system32\DRIVERS\GeneStor.sys
12:32:33.0106 0x0758 GeneStor - ok
12:32:33.0122 0x0758 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:32:33.0153 0x0758 gpsvc - ok
12:32:33.0153 0x0758 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:32:33.0153 0x0758 hcw85cir - ok
12:32:33.0169 0x0758 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:32:33.0184 0x0758 HdAudAddService - ok
12:32:33.0184 0x0758 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:32:33.0200 0x0758 HDAudBus - ok
12:32:33.0200 0x0758 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:32:33.0200 0x0758 HidBatt - ok
12:32:33.0200 0x0758 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:32:33.0215 0x0758 HidBth - ok
12:32:33.0215 0x0758 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:32:33.0231 0x0758 HidIr - ok
12:32:33.0231 0x0758 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:32:33.0247 0x0758 hidserv - ok
12:32:33.0247 0x0758 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:32:33.0262 0x0758 HidUsb - ok
12:32:33.0262 0x0758 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:32:33.0293 0x0758 hkmsvc - ok
12:32:33.0293 0x0758 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:32:33.0309 0x0758 HomeGroupListener - ok
12:32:33.0309 0x0758 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:32:33.0325 0x0758 HomeGroupProvider - ok
12:32:33.0325 0x0758 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:32:33.0325 0x0758 HpSAMD - ok
12:32:33.0340 0x0758 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:32:33.0371 0x0758 HTTP - ok
12:32:33.0371 0x0758 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:32:33.0387 0x0758 hwpolicy - ok
12:32:33.0387 0x0758 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:32:33.0387 0x0758 i8042prt - ok
12:32:33.0403 0x0758 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044, 0486DDD6EC60A9695BC8D030158503E02BB0561EEA4B9F4A7FB19F89B3622C90 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
12:32:33.0418 0x0758 iaStorA - ok
12:32:33.0418 0x0758 [ 777788D9B63CCEEEF2DB353BA4EDD454, 36A3099C252F1F18D09A8B03A4F103E5E8AF09C80AB4F08133CCD4D3BB71EE25 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:32:33.0434 0x0758 IAStorDataMgrSvc - ok
12:32:33.0434 0x0758 [ 711241EA1BA9DB44F34D03D2AD00ED08, D23AA8D0495F2783E0395F0E1266A9781BED3FD0504712F9B9D30B88411514B5 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
12:32:33.0434 0x0758 iaStorF - ok
12:32:33.0449 0x0758 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:32:33.0465 0x0758 iaStorV - ok
12:32:33.0481 0x0758 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:32:33.0496 0x0758 idsvc - ok
12:32:33.0496 0x0758 IEEtwCollectorService - ok
12:32:33.0574 0x0758 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:32:33.0699 0x0758 igfx - ok
12:32:33.0699 0x0758 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:32:33.0699 0x0758 iirsp - ok
12:32:33.0715 0x0758 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:32:33.0746 0x0758 IKEEXT - ok
12:32:33.0746 0x0758 [ 7D3B8880385ACFA47174847983C4A7FA, CDD3AD80885C6D321C5DFDC8E83F3E673D5FB5A6A49CC45E343F630386D28662 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
12:32:33.0746 0x0758 inspect - ok
12:32:33.0824 0x0758 [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:32:33.0917 0x0758 IntcAzAudAddService - ok
12:32:33.0933 0x0758 [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:32:33.0949 0x0758 Intel® Capability Licensing Service Interface - ok
12:32:33.0949 0x0758 [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
12:32:33.0949 0x0758 Intel® ME Service - ok
12:32:33.0964 0x0758 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:32:33.0964 0x0758 intelide - ok
12:32:33.0964 0x0758 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:32:33.0980 0x0758 intelppm - ok
12:32:33.0980 0x0758 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:32:33.0995 0x0758 IPBusEnum - ok
12:32:33.0995 0x0758 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:32:34.0027 0x0758 IpFilterDriver - ok
12:32:34.0027 0x0758 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:32:34.0042 0x0758 iphlpsvc - ok
12:32:34.0058 0x0758 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:32:34.0058 0x0758 IPMIDRV - ok
12:32:34.0073 0x0758 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:32:34.0089 0x0758 IPNAT - ok
12:32:34.0105 0x0758 [ 0FF335D687C85097725A53458160E81E, BF8BB3C8AF1822BEB5FF5F8008614B982F277D862B16B6516CA91F73D336E9D4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:32:34.0120 0x0758 iPod Service - ok
12:32:34.0120 0x0758 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:32:34.0136 0x0758 IRENUM - ok
12:32:34.0136 0x0758 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:32:34.0136 0x0758 isapnp - ok
12:32:34.0136 0x0758 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:32:34.0151 0x0758 iScsiPrt - ok
12:32:34.0151 0x0758 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
12:32:34.0167 0x0758 ISCT - ok
12:32:34.0167 0x0758 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:32:34.0167 0x0758 iusb3hcs - ok
12:32:34.0183 0x0758 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
12:32:34.0183 0x0758 iusb3hub - ok
12:32:34.0198 0x0758 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:32:34.0214 0x0758 iusb3xhc - ok
12:32:34.0214 0x0758 [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
12:32:34.0229 0x0758 jhi_service - ok
12:32:34.0229 0x0758 [ 455B75C19BF3F1F2EE3AC10E1169826C, C8CE6DE48E0B4621F2851A994261FA787556A27F9868A8859E5E8A8354028257 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:32:34.0245 0x0758 k57nd60a - ok
12:32:34.0245 0x0758 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:32:34.0261 0x0758 kbdclass - ok
12:32:34.0261 0x0758 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:32:34.0261 0x0758 kbdhid - ok
12:32:34.0261 0x0758 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
12:32:34.0276 0x0758 KeyIso - ok
12:32:34.0276 0x0758 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:32:34.0276 0x0758 KSecDD - ok
12:32:34.0292 0x0758 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:32:34.0292 0x0758 KSecPkg - ok
12:32:34.0292 0x0758 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:32:34.0307 0x0758 ksthunk - ok
12:32:34.0323 0x0758 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:32:34.0354 0x0758 KtmRm - ok
12:32:34.0354 0x0758 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:32:34.0385 0x0758 LanmanServer - ok
12:32:34.0385 0x0758 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:32:34.0401 0x0758 LanmanWorkstation - ok
12:32:34.0401 0x0758 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:32:34.0432 0x0758 lltdio - ok
12:32:34.0432 0x0758 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:32:34.0463 0x0758 lltdsvc - ok
12:32:34.0463 0x0758 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:32:34.0479 0x0758 lmhosts - ok
12:32:34.0495 0x0758 [ 3974B7CE015A6EEF30DA4ADD5F1203D0, ED776F1C1B1834550F3D45591EB1F0829BBA07F9F7CB73F7FBB0AFDEF8F4411B ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:32:34.0495 0x0758 LMS - ok
12:32:34.0495 0x0758 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:32:34.0510 0x0758 LSI_FC - ok
12:32:34.0510 0x0758 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:32:34.0526 0x0758 LSI_SAS - ok
12:32:34.0526 0x0758 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:32:34.0526 0x0758 LSI_SAS2 - ok
12:32:34.0526 0x0758 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:32:34.0541 0x0758 LSI_SCSI - ok
12:32:34.0541 0x0758 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:32:34.0557 0x0758 luafv - ok
12:32:34.0573 0x0758 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
12:32:34.0573 0x0758 MBfilt - ok
12:32:34.0573 0x0758 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:32:34.0588 0x0758 Mcx2Svc - ok
12:32:34.0588 0x0758 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:32:34.0588 0x0758 megasas - ok
12:32:34.0604 0x0758 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:32:34.0604 0x0758 MegaSR - ok
12:32:34.0604 0x0758 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:32:34.0619 0x0758 MEIx64 - ok
12:32:34.0619 0x0758 Microsoft SharePoint Workspace Audit Service - ok
12:32:34.0619 0x0758 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:32:34.0651 0x0758 MMCSS - ok
12:32:34.0651 0x0758 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:32:34.0666 0x0758 Modem - ok
12:32:34.0682 0x0758 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:32:34.0682 0x0758 monitor - ok
12:32:34.0682 0x0758 [ 290750346F5937B02F62594B8EB03215, A676CF1C0F9B4B33B7D1AA8D9C97F144B644F841C9637F57308B436F1AFE5B95 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
12:32:34.0697 0x0758 MotoHelper - ok
12:32:34.0697 0x0758 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:32:34.0713 0x0758 mouclass - ok
12:32:34.0713 0x0758 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:32:34.0713 0x0758 mouhid - ok
12:32:34.0713 0x0758 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:32:34.0729 0x0758 mountmgr - ok
12:32:34.0729 0x0758 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:32:34.0729 0x0758 MozillaMaintenance - ok
12:32:34.0744 0x0758 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:32:34.0744 0x0758 mpio - ok
12:32:34.0744 0x0758 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:32:34.0775 0x0758 mpsdrv - ok
12:32:34.0791 0x0758 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:32:34.0822 0x0758 MpsSvc - ok
12:32:34.0822 0x0758 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:32:34.0838 0x0758 MRxDAV - ok
12:32:34.0838 0x0758 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:32:34.0838 0x0758 mrxsmb - ok
12:32:34.0853 0x0758 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:32:34.0853 0x0758 mrxsmb10 - ok
12:32:34.0869 0x0758 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:32:34.0869 0x0758 mrxsmb20 - ok
12:32:34.0869 0x0758 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:32:34.0885 0x0758 msahci - ok
12:32:34.0885 0x0758 [ 54C3552A83E66BB1522ED770CBF92896, 93FDE6CA96BC06ECDFB682F464CDB4D8A043A83FFE71AED6AE4BD11BB9D3A8A4 ] MsDepSvc C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
12:32:34.0885 0x0758 MsDepSvc - ok
12:32:34.0900 0x0758 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:32:34.0900 0x0758 msdsm - ok
12:32:34.0900 0x0758 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:32:34.0916 0x0758 MSDTC - ok
12:32:34.0916 0x0758 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:32:34.0931 0x0758 Msfs - ok
12:32:34.0931 0x0758 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:32:34.0963 0x0758 mshidkmdf - ok
12:32:34.0963 0x0758 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:32:34.0963 0x0758 msisadrv - ok
12:32:34.0963 0x0758 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:32:34.0994 0x0758 MSiSCSI - ok
12:32:34.0994 0x0758 msiserver - ok
12:32:34.0994 0x0758 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:32:35.0009 0x0758 MSKSSRV - ok
12:32:35.0009 0x0758 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:32:35.0041 0x0758 MSPCLOCK - ok
12:32:35.0041 0x0758 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:32:35.0056 0x0758 MSPQM - ok
12:32:35.0056 0x0758 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:32:35.0072 0x0758 MsRPC - ok
12:32:35.0072 0x0758 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:32:35.0087 0x0758 mssmbios - ok
12:32:35.0087 0x0758 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:32:35.0103 0x0758 MSTEE - ok
12:32:35.0103 0x0758 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:32:35.0119 0x0758 MTConfig - ok
12:32:35.0119 0x0758 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:32:35.0119 0x0758 Mup - ok
12:32:35.0119 0x0758 MySQL - ok
12:32:35.0134 0x0758 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:32:35.0165 0x0758 napagent - ok
12:32:35.0165 0x0758 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:32:35.0181 0x0758 NativeWifiP - ok
12:32:35.0197 0x0758 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:32:35.0228 0x0758 NDIS - ok
12:32:35.0228 0x0758 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:32:35.0243 0x0758 NdisCap - ok
12:32:35.0243 0x0758 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:32:35.0275 0x0758 NdisTapi - ok
12:32:35.0275 0x0758 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:32:35.0290 0x0758 Ndisuio - ok
12:32:35.0290 0x0758 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:32:35.0306 0x0758 NdisWan - ok
12:32:35.0321 0x0758 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:32:35.0337 0x0758 NDProxy - ok
12:32:35.0337 0x0758 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:32:35.0353 0x0758 NetBIOS - ok
12:32:35.0368 0x0758 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:32:35.0384 0x0758 NetBT - ok
12:32:35.0384 0x0758 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
12:32:35.0399 0x0758 Netlogon - ok
12:32:35.0399 0x0758 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:32:35.0431 0x0758 Netman - ok
12:32:35.0431 0x0758 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:32:35.0446 0x0758 NetMsmqActivator - ok
12:32:35.0446 0x0758 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:32:35.0462 0x0758 NetPipeActivator - ok
12:32:35.0462 0x0758 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:32:35.0493 0x0758 netprofm - ok
12:32:35.0493 0x0758 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:32:35.0509 0x0758 NetTcpActivator - ok
12:32:35.0509 0x0758 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:32:35.0509 0x0758 NetTcpPortSharing - ok
12:32:35.0524 0x0758 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:32:35.0524 0x0758 nfrd960 - ok
12:32:35.0524 0x0758 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:32:35.0540 0x0758 NlaSvc - ok
12:32:35.0540 0x0758 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:32:35.0555 0x0758 Npfs - ok
12:32:35.0571 0x0758 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:32:35.0587 0x0758 nsi - ok
12:32:35.0587 0x0758 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:32:35.0602 0x0758 nsiproxy - ok
12:32:35.0633 0x0758 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:32:35.0665 0x0758 Ntfs - ok
12:32:35.0665 0x0758 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:32:35.0696 0x0758 Null - ok
12:32:35.0696 0x0758 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:32:35.0696 0x0758 NVHDA - ok
12:32:35.0867 0x0758 [ CE1B54F1ED2080B15DAF9044EC92075A, DD8557B0E159C09DF3195EC01545CCE2BD580DC2557CCC4F90D3B7C02D07FC36 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:32:36.0070 0x0758 nvlddmkm - ok
12:32:36.0086 0x0758 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:32:36.0086 0x0758 nvraid - ok
12:32:36.0086 0x0758 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:32:36.0101 0x0758 nvstor - ok
12:32:36.0117 0x0758 [ 67E9F641C1B5387F298F3063FAFA022B, F9C9974828632349E426C5375D2FD63744350D3D6FD693071231370D52E76DE7 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:32:36.0133 0x0758 nvsvc - ok
12:32:36.0164 0x0758 [ 3F2800AD31A64853AE0A0389AA8CFB6E, A3D7C75B755430589FA117BF5259098C84B94D31F27EE6A0460B703306A40927 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:32:36.0195 0x0758 nvUpdatusService - ok
12:32:36.0195 0x0758 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:32:36.0211 0x0758 nv_agp - ok
12:32:36.0211 0x0758 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:32:36.0211 0x0758 ohci1394 - ok
12:32:36.0211 0x0758 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:32:36.0226 0x0758 ose - ok
12:32:36.0304 0x0758 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:32:36.0398 0x0758 osppsvc - ok
12:32:36.0398 0x0758 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:32:36.0413 0x0758 p2pimsvc - ok
12:32:36.0429 0x0758 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:32:36.0445 0x0758 p2psvc - ok
12:32:36.0445 0x0758 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:32:36.0445 0x0758 Parport - ok
12:32:36.0460 0x0758 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:32:36.0460 0x0758 partmgr - ok
12:32:36.0460 0x0758 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:32:36.0476 0x0758 PcaSvc - ok
12:32:36.0476 0x0758 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:32:36.0491 0x0758 pci - ok
12:32:36.0491 0x0758 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:32:36.0491 0x0758 pciide - ok
12:32:36.0507 0x0758 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:32:36.0507 0x0758 pcmcia - ok
12:32:36.0507 0x0758 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:32:36.0523 0x0758 pcw - ok
12:32:36.0538 0x0758 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:32:36.0569 0x0758 PEAUTH - ok
12:32:36.0585 0x0758 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:32:36.0616 0x0758 PeerDistSvc - ok
12:32:36.0647 0x0758 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:32:36.0647 0x0758 PerfHost - ok
12:32:36.0679 0x0758 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:32:36.0725 0x0758 pla - ok
12:32:36.0725 0x0758 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:32:36.0741 0x0758 PlugPlay - ok
12:32:36.0741 0x0758 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:32:36.0757 0x0758 PNRPAutoReg - ok
12:32:36.0757 0x0758 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:32:36.0772 0x0758 PNRPsvc - ok
12:32:36.0772 0x0758 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:32:36.0803 0x0758 PolicyAgent - ok
12:32:36.0803 0x0758 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:32:36.0835 0x0758 Power - ok
12:32:36.0835 0x0758 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:32:36.0850 0x0758 PptpMiniport - ok
12:32:36.0866 0x0758 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:32:36.0866 0x0758 Processor - ok
12:32:36.0866 0x0758 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:32:36.0881 0x0758 ProfSvc - ok
12:32:36.0881 0x0758 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:32:36.0881 0x0758 ProtectedStorage - ok
12:32:36.0897 0x0758 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:32:36.0913 0x0758 Psched - ok
12:32:36.0913 0x0758 [ F2EECF8977BD3FE4E38743DDCFBECD20, 37AC3692C9159289C0675886930AA1999AE55196192F4EB22634D8DB46E4D9CC ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:32:36.0928 0x0758 PxHlpa64 - ok
12:32:36.0944 0x0758 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:32:36.0975 0x0758 ql2300 - ok
12:32:36.0991 0x0758 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:32:36.0991 0x0758 ql40xx - ok
12:32:37.0006 0x0758 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:32:37.0022 0x0758 QWAVE - ok
12:32:37.0022 0x0758 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:32:37.0022 0x0758 QWAVEdrv - ok
12:32:37.0037 0x0758 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:32:37.0053 0x0758 RasAcd - ok
12:32:37.0053 0x0758 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:32:37.0069 0x0758 RasAgileVpn - ok
12:32:37.0069 0x0758 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:32:37.0100 0x0758 RasAuto - ok
12:32:37.0100 0x0758 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:32:37.0115 0x0758 Rasl2tp - ok
12:32:37.0131 0x0758 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:32:37.0147 0x0758 RasMan - ok
12:32:37.0162 0x0758 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:32:37.0178 0x0758 RasPppoe - ok
12:32:37.0178 0x0758 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:32:37.0193 0x0758 RasSstp - ok
12:32:37.0209 0x0758 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:32:37.0225 0x0758 rdbss - ok
12:32:37.0225 0x0758 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:32:37.0240 0x0758 rdpbus - ok
12:32:37.0240 0x0758 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:32:37.0256 0x0758 RDPCDD - ok
12:32:37.0271 0x0758 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:32:37.0271 0x0758 RDPDR - ok
12:32:37.0271 0x0758 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:32:37.0303 0x0758 RDPENCDD - ok
12:32:37.0303 0x0758 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:32:37.0318 0x0758 RDPREFMP - ok
12:32:37.0318 0x0758 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:32:37.0334 0x0758 RdpVideoMiniport - ok
12:32:37.0334 0x0758 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:32:37.0349 0x0758 RDPWD - ok
12:32:37.0349 0x0758 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:32:37.0365 0x0758 rdyboost - ok
12:32:37.0365 0x0758 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:32:37.0381 0x0758 RemoteAccess - ok
12:32:37.0396 0x0758 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:32:37.0412 0x0758 RemoteRegistry - ok
12:32:37.0427 0x0758 [ 879BF5333A3DF407019FB16B35F2A352, 074295E96C208642373499612030D0F36BD11B2D178EB8F25225BC88EFB2E6D1 ] RoxMediaDB13 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
12:32:37.0459 0x0758 RoxMediaDB13 - ok
12:32:37.0474 0x0758 [ DDB9FE116DF539AD256AB18C9BCA883B, 887E903E1D152FE2B92B13EFCDFCE6C6EDB7BE6D073B573E9F31E90A7761542B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
12:32:37.0474 0x0758 RoxWatch12 - ok
12:32:37.0474 0x0758 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:32:37.0505 0x0758 RpcEptMapper - ok
12:32:37.0505 0x0758 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:32:37.0505 0x0758 RpcLocator - ok
12:32:37.0521 0x0758 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:32:37.0552 0x0758 RpcSs - ok
12:32:37.0552 0x0758 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:32:37.0568 0x0758 rspndr - ok
12:32:37.0583 0x0758 [ 1E5EBB4FB8B3B0E9DE7AC83759F9C153, 63F701149DBF3D9E60EF70413932E2A42E16C5E9D2E866B1FB73CCE317EDA03A ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
12:32:37.0599 0x0758 RTL8192Ce - ok
12:32:37.0615 0x0758 [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub C:\Windows\system32\DRIVERS\rusb3hub.sys
12:32:37.0615 0x0758 rusb3hub - ok
12:32:37.0630 0x0758 [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc C:\Windows\system32\DRIVERS\rusb3xhc.sys
12:32:37.0630 0x0758 rusb3xhc - ok
12:32:37.0630 0x0758 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:32:37.0646 0x0758 s3cap - ok
12:32:37.0646 0x0758 [ 27DB9153D259D632D15483DEEAB799ED, AC2C54D8ECF93484DE0C14E6966C3BCF3EF315CD4F54A6343C34159EC5F2FFAC ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
12:32:37.0646 0x0758 Sahdad64 - ok
12:32:37.0646 0x0758 [ F77849D909B90BCACFCF7295AECF299B, D77FED8D81E8C8A91DCD975ECD8E7DF7C6611B8686BC9EC01830A0A0FDBF25E8 ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
12:32:37.0661 0x0758 Saibad64 - ok
12:32:37.0661 0x0758 [ 704D415290A568F68DE20942DAC23F7E, C9F23C7D1384B579B2C02682D5C8D8232FADE083C117FAD75DB64FFE31964FB6 ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
12:32:37.0661 0x0758 SaibVdAd64 - ok
12:32:37.0661 0x0758 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
12:32:37.0661 0x0758 SamSs - ok
12:32:37.0677 0x0758 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:32:37.0677 0x0758 sbp2port - ok
12:32:37.0693 0x0758 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:32:37.0708 0x0758 SCardSvr - ok
12:32:37.0708 0x0758 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:32:37.0739 0x0758 scfilter - ok
12:32:37.0755 0x0758 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:32:37.0802 0x0758 Schedule - ok
12:32:37.0802 0x0758 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:32:37.0817 0x0758 SCPolicySvc - ok
12:32:37.0817 0x0758 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:32:37.0833 0x0758 SDRSVC - ok
12:32:37.0833 0x0758 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:32:37.0849 0x0758 secdrv - ok
12:32:37.0864 0x0758 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:32:37.0880 0x0758 seclogon - ok
12:32:37.0880 0x0758 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:32:37.0911 0x0758 SENS - ok
12:32:37.0911 0x0758 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:32:37.0911 0x0758 SensrSvc - ok
12:32:37.0911 0x0758 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:32:37.0927 0x0758 Serenum - ok
12:32:37.0927 0x0758 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:32:37.0927 0x0758 Serial - ok
12:32:37.0942 0x0758 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:32:37.0942 0x0758 sermouse - ok
12:32:37.0942 0x0758 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:32:37.0973 0x0758 SessionEnv - ok
12:32:37.0973 0x0758 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:32:37.0973 0x0758 sffdisk - ok
12:32:37.0989 0x0758 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:32:37.0989 0x0758 sffp_mmc - ok
12:32:37.0989 0x0758 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:32:38.0005 0x0758 sffp_sd - ok
12:32:38.0005 0x0758 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:32:38.0005 0x0758 sfloppy - ok
12:32:38.0020 0x0758 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:32:38.0036 0x0758 SharedAccess - ok
12:32:38.0051 0x0758 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:32:38.0083 0x0758 ShellHWDetection - ok
12:32:38.0083 0x0758 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:32:38.0083 0x0758 SiSRaid2 - ok
12:32:38.0083 0x0758 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:32:38.0098 0x0758 SiSRaid4 - ok
12:32:38.0098 0x0758 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:32:38.0114 0x0758 Smb - ok
12:32:38.0114 0x0758 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:32:38.0129 0x0758 SNMPTRAP - ok
12:32:38.0129 0x0758 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:32:38.0129 0x0758 spldr - ok
12:32:38.0145 0x0758 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:32:38.0161 0x0758 Spooler - ok
12:32:38.0223 0x0758 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:32:38.0301 0x0758 sppsvc - ok
12:32:38.0317 0x0758 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:32:38.0332 0x0758 sppuinotify - ok
12:32:38.0348 0x0758 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:32:38.0363 0x0758 srv - ok
12:32:38.0363 0x0758 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:32:38.0379 0x0758 srv2 - ok
12:32:38.0395 0x0758 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:32:38.0395 0x0758 srvnet - ok
12:32:38.0395 0x0758 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:32:38.0426 0x0758 SSDPSRV - ok
12:32:38.0426 0x0758 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:32:38.0441 0x0758 SstpSvc - ok
12:32:38.0457 0x0758 [ 4F08BE2C2AC568EE9867A9B0F4F09540, 2EACD391B66D649BA458955257912B302270AB883B13FD4034B069B7CECE75FD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:32:38.0473 0x0758 Stereo Service - ok
12:32:38.0473 0x0758 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:32:38.0473 0x0758 stexstor - ok
12:32:38.0488 0x0758 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:32:38.0504 0x0758 stisvc - ok
12:32:38.0519 0x0758 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:32:38.0519 0x0758 storflt - ok
12:32:38.0519 0x0758 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
12:32:38.0519 0x0758 StorSvc - ok
12:32:38.0535 0x0758 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:32:38.0535 0x0758 storvsc - ok
12:32:38.0535 0x0758 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:32:38.0535 0x0758 swenum - ok
12:32:38.0551 0x0758 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:32:38.0566 0x0758 SwitchBoard - detected UnsignedFile.Multi.Generic ( 1 )
12:32:41.0218 0x0758 Detect skipped due to KSN trusted
12:32:41.0218 0x0758 SwitchBoard - ok
12:32:41.0218 0x0758 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:32:41.0249 0x0758 swprv - ok
12:32:41.0265 0x0758 [ 1F1D1BCC1B746DE700E3E21D758262A7, 135498167E222B67A01CCBA534FB2B55B855D1615B2ED4B2D952565C4E993B22 ] SysCow C:\Windows\system32\drivers\syscowad64v.sys
12:32:41.0265 0x0758 SysCow - ok
12:32:41.0296 0x0758 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:32:41.0343 0x0758 SysMain - ok
12:32:41.0343 0x0758 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:32:41.0359 0x0758 TabletInputService - ok
12:32:41.0359 0x0758 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:32:41.0390 0x0758 TapiSrv - ok
12:32:41.0390 0x0758 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:32:41.0405 0x0758 TBS - ok
12:32:41.0437 0x0758 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:32:41.0483 0x0758 Tcpip - ok
12:32:41.0515 0x0758 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:32:41.0546 0x0758 TCPIP6 - ok
12:32:41.0546 0x0758 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:32:41.0561 0x0758 tcpipreg - ok
12:32:41.0561 0x0758 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:32:41.0561 0x0758 TDPIPE - ok
12:32:41.0561 0x0758 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:32:41.0577 0x0758 TDTCP - ok
12:32:41.0577 0x0758 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:32:41.0593 0x0758 tdx - ok
12:32:41.0608 0x0758 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:32:41.0608 0x0758 TermDD - ok
12:32:41.0624 0x0758 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
12:32:41.0655 0x0758 TermService - ok
12:32:41.0655 0x0758 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:32:41.0671 0x0758 Themes - ok
12:32:41.0671 0x0758 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:32:41.0686 0x0758 THREADORDER - ok
12:32:41.0686 0x0758 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:32:41.0717 0x0758 TrkWks - ok
12:32:41.0717 0x0758 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:32:41.0749 0x0758 TrustedInstaller - ok
12:32:41.0749 0x0758 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:32:41.0749 0x0758 tssecsrv - ok
12:32:41.0749 0x0758 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:32:41.0764 0x0758 TsUsbFlt - ok
12:32:41.0764 0x0758 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:32:41.0764 0x0758 TsUsbGD - ok
12:32:41.0780 0x0758 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:32:41.0795 0x0758 tunnel - ok
12:32:41.0795 0x0758 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:32:41.0811 0x0758 uagp35 - ok
12:32:41.0811 0x0758 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:32:41.0842 0x0758 udfs - ok
12:32:41.0842 0x0758 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:32:41.0842 0x0758 UI0Detect - ok
12:32:41.0858 0x0758 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:32:41.0858 0x0758 uliagpkx - ok
12:32:41.0858 0x0758 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:32:41.0858 0x0758 umbus - ok
12:32:41.0873 0x0758 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:32:41.0873 0x0758 UmPass - ok
12:32:41.0873 0x0758 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:32:41.0889 0x0758 UmRdpService - ok
12:32:41.0905 0x0758 [ 1E9A5658E0EBDBC381F52123363F74CB, 62CB592F32BCC10FC9C3AF44941CC473F2F62EEBF829CA383F118650451F8F7E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:32:41.0905 0x0758 UNS - ok
12:32:41.0920 0x0758 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:32:41.0936 0x0758 upnphost - ok
12:32:41.0951 0x0758 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:32:41.0951 0x0758 USBAAPL64 - ok
12:32:41.0951 0x0758 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:32:41.0967 0x0758 usbccgp - ok
12:32:41.0967 0x0758 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:32:41.0983 0x0758 usbcir - ok
12:32:41.0983 0x0758 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:32:41.0983 0x0758 usbehci - ok
12:32:41.0998 0x0758 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:32:42.0014 0x0758 usbhub - ok
12:32:42.0014 0x0758 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:32:42.0014 0x0758 usbohci - ok
12:32:42.0014 0x0758 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:32:42.0029 0x0758 usbprint - ok
12:32:42.0029 0x0758 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:32:42.0029 0x0758 USBSTOR - ok
12:32:42.0045 0x0758 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:32:42.0045 0x0758 usbuhci - ok
12:32:42.0045 0x0758 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:32:42.0076 0x0758 UxSms - ok
12:32:42.0076 0x0758 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
12:32:42.0076 0x0758 VaultSvc - ok
12:32:42.0076 0x0758 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:32:42.0092 0x0758 vdrvroot - ok
12:32:42.0092 0x0758 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:32:42.0123 0x0758 vds - ok
12:32:42.0139 0x0758 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:32:42.0139 0x0758 vga - ok
12:32:42.0139 0x0758 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:32:42.0154 0x0758 VgaSave - ok
12:32:42.0170 0x0758 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:32:42.0170 0x0758 vhdmp - ok
12:32:42.0170 0x0758 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:32:42.0185 0x0758 viaide - ok
12:32:42.0185 0x0758 [ C69A784BEC737CD7460EBF3C3834D65E, 3D4CEC9E677FD6B08BE43DC19B3E422D403137E26A3B72443A513CD4AE5F41A2 ] vidsflt53 C:\Windows\system32\DRIVERS\vsflt53.sys
12:32:42.0185 0x0758 vidsflt53 - ok
12:32:42.0201 0x0758 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:32:42.0201 0x0758 vmbus - ok
12:32:42.0217 0x0758 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:32:42.0217 0x0758 VMBusHID - ok
12:32:42.0217 0x0758 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:32:42.0232 0x0758 volmgr - ok
12:32:42.0232 0x0758 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:32:42.0248 0x0758 volmgrx - ok
12:32:42.0248 0x0758 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:32:42.0263 0x0758 volsnap - ok
12:32:42.0263 0x0758 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:32:42.0279 0x0758 vsmraid - ok
12:32:42.0310 0x0758 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:32:42.0357 0x0758 VSS - ok
12:32:42.0357 0x0758 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:32:42.0373 0x0758 vwifibus - ok
12:32:42.0373 0x0758 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:32:42.0373 0x0758 vwififlt - ok
12:32:42.0388 0x0758 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:32:42.0419 0x0758 W32Time - ok
12:32:42.0419 0x0758 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:32:42.0419 0x0758 WacomPen - ok
12:32:42.0435 0x0758 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:32:42.0451 0x0758 WANARP - ok
12:32:42.0451 0x0758 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:32:42.0466 0x0758 Wanarpv6 - ok
12:32:42.0497 0x0758 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:32:42.0529 0x0758 WatAdminSvc - ok
12:32:42.0544 0x0758 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:32:42.0575 0x0758 wbengine - ok
12:32:42.0591 0x0758 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:32:42.0607 0x0758 WbioSrvc - ok
12:32:42.0607 0x0758 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:32:42.0622 0x0758 wcncsvc - ok
12:32:42.0638 0x0758 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:32:42.0638 0x0758 WcsPlugInService - ok
12:32:42.0638 0x0758 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:32:42.0638 0x0758 Wd - ok
12:32:42.0653 0x0758 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
12:32:42.0653 0x0758 WDC_SAM - ok
12:32:42.0669 0x0758 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:32:42.0685 0x0758 Wdf01000 - ok
12:32:42.0685 0x0758 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:32:42.0716 0x0758 WdiServiceHost - ok
12:32:42.0716 0x0758 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:32:42.0731 0x0758 WdiSystemHost - ok
12:32:42.0731 0x0758 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:32:42.0747 0x0758 WebClient - ok
12:32:42.0747 0x0758 [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:32:42.0763 0x0758 Wecsvc - ok
12:32:42.0763 0x0758 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:32:42.0778 0x0758 wercplsupport - ok
12:32:42.0794 0x0758 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:32:42.0809 0x0758 WerSvc - ok
12:32:42.0809 0x0758 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:32:42.0841 0x0758 WfpLwf - ok
12:32:42.0841 0x0758 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:32:42.0841 0x0758 WIMMount - ok
12:32:42.0841 0x0758 WinDefend - ok
12:32:42.0841 0x0758 WinHttpAutoProxySvc - ok
12:32:42.0856 0x0758 [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:32:42.0856 0x0758 Winmgmt - ok
12:32:42.0903 0x0758 [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM C:\Windows\system32\WsmSvc.dll
12:32:42.0965 0x0758 WinRM - ok
12:32:42.0981 0x0758 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:32:42.0981 0x0758 WinUsb - ok
12:32:42.0997 0x0758 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:32:43.0028 0x0758 Wlansvc - ok
12:32:43.0028 0x0758 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:32:43.0028 0x0758 WmiAcpi - ok
12:32:43.0043 0x0758 [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:32:43.0059 0x0758 wmiApSrv - ok
12:32:43.0059 0x0758 WMPNetworkSvc - ok
12:32:43.0059 0x0758 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:32:43.0059 0x0758 WPCSvc - ok
12:32:43.0075 0x0758 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:32:43.0075 0x0758 WPDBusEnum - ok
12:32:43.0090 0x0758 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:32:43.0106 0x0758 ws2ifsl - ok
12:32:43.0106 0x0758 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:32:43.0121 0x0758 wscsvc - ok
12:32:43.0121 0x0758 WSearch - ok
12:32:43.0168 0x0758 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
12:32:43.0215 0x0758 wuauserv - ok
12:32:43.0215 0x0758 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:32:43.0215 0x0758 WudfPf - ok
12:32:43.0231 0x0758 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:32:43.0231 0x0758 WUDFRd - ok
12:32:43.0246 0x0758 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:32:43.0246 0x0758 wudfsvc - ok
12:32:43.0246 0x0758 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:32:43.0262 0x0758 WwanSvc - ok
12:32:43.0277 0x0758 ================ Scan global ===============================
12:32:43.0277 0x0758 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:32:43.0277 0x0758 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:32:43.0293 0x0758 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:32:43.0293 0x0758 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:32:43.0293 0x0758 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:32:43.0309 0x0758 [ Global ] - ok
12:32:43.0309 0x0758 ================ Scan MBR ==================================
12:32:43.0309 0x0758 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:32:43.0371 0x0758 \Device\Harddisk1\DR1 - ok
12:32:43.0387 0x0758 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:32:44.0681 0x0758 \Device\Harddisk0\DR0 - ok
12:32:44.0681 0x0758 ================ Scan VBR ==================================
12:32:44.0697 0x0758 [ C1FCA6646448F37520AE3159C9BDCEDE ] \Device\Harddisk1\DR1\Partition1
12:32:44.0697 0x0758 \Device\Harddisk1\DR1\Partition1 - ok
12:32:44.0697 0x0758 [ CEAC4CC726B965D6C5F67E3756273405 ] \Device\Harddisk1\DR1\Partition2
12:32:44.0697 0x0758 \Device\Harddisk1\DR1\Partition2 - ok
12:32:44.0697 0x0758 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
12:32:44.0697 0x0758 \Device\Harddisk0\DR0\Partition1 - ok
12:32:44.0697 0x0758 [ 3783204F3B5EEE40320F751D585312BF ] \Device\Harddisk0\DR0\Partition2
12:32:44.0791 0x0758 \Device\Harddisk0\DR0\Partition2 - ok
12:32:44.0791 0x0758 ================ Scan active images ========================
12:32:44.0791 0x0758 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
12:32:44.0791 0x0758 C:\Windows\System32\drivers\crashdmp.sys - ok
12:32:44.0791 0x0758 [ 9BBD8B5855BC6578957F82341F9CDE5A, 7EFEE3053BA99EC3704CCBD71C987DA846F3DD5DB8F9FC2DACA8C328FA55662E ] C:\Windows\System32\drivers\Diskdump.sys
12:32:44.0791 0x0758 C:\Windows\System32\drivers\Diskdump.sys - ok
12:32:44.0791 0x0758 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044, 0486DDD6EC60A9695BC8D030158503E02BB0561EEA4B9F4A7FB19F89B3622C90 ] C:\Windows\System32\drivers\iaStorA.sys
12:32:44.0791 0x0758 C:\Windows\System32\drivers\iaStorA.sys - ok
12:32:44.0806 0x0758 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
12:32:44.0806 0x0758 C:\Windows\System32\drivers\dumpfve.sys - ok
12:32:44.0806 0x0758 [ E34DF9613C8D24C5CB6F8DF8D74E5586, BFE4BC747262439F98A3B39FFF484D350A247143B7F7074BC78C2124798BE448 ] C:\Windows\System32\drivers\cmderd.sys
12:32:44.0806 0x0758 C:\Windows\System32\drivers\cmderd.sys - ok
12:32:44.0806 0x0758 [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] C:\Windows\System32\drivers\avgtpx64.sys
12:32:44.0806 0x0758 C:\Windows\System32\drivers\avgtpx64.sys - ok
12:32:44.0806 0x0758 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
12:32:44.0806 0x0758 C:\Windows\System32\drivers\beep.sys - ok
12:32:44.0806 0x0758 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
12:32:44.0806 0x0758 C:\Windows\System32\drivers\null.sys - ok
12:32:44.0806 0x0758 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
12:32:44.0806 0x0758 C:\Windows\System32\drivers\msfs.sys - ok
12:32:44.0806 0x0758 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
12:32:44.0806 0x0758 C:\Windows\System32\drivers\npfs.sys - ok
12:32:44.0822 0x0758 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\RDPENCDD.sys - ok
12:32:44.0822 0x0758 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\vga.sys - ok
12:32:44.0822 0x0758 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\videoprt.sys - ok
12:32:44.0822 0x0758 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\watchdog.sys - ok
12:32:44.0822 0x0758 [ F6B424B925B67C306BAA85AC79F7A5CC, 910E86EDFD1750324C70167989DDFE17C9E061822039AE35D6F66113E32320D6 ] C:\Windows\System32\drivers\cmdhlp.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\cmdhlp.sys - ok
12:32:44.0822 0x0758 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\tdi.sys - ok
12:32:44.0822 0x0758 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\tdx.sys - ok
12:32:44.0822 0x0758 [ 4E364FABBD147F59E5D524C9EA86D772, 5D2B1E35EDBF68C23C5BF38B8B7AC484E3430219E0072C4831F58A9E8386A5FD ] C:\Windows\System32\drivers\avgtdia.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\avgtdia.sys - ok
12:32:44.0822 0x0758 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
12:32:44.0822 0x0758 C:\Windows\System32\drivers\netbt.sys - ok
12:32:44.0837 0x0758 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] C:\Windows\System32\drivers\afd.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\afd.sys - ok
12:32:44.0837 0x0758 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\pacer.sys - ok
12:32:44.0837 0x0758 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\wfplwf.sys - ok
12:32:44.0837 0x0758 [ 7D3B8880385ACFA47174847983C4A7FA, CDD3AD80885C6D321C5DFDC8E83F3E673D5FB5A6A49CC45E343F630386D28662 ] C:\Windows\System32\drivers\inspect.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\inspect.sys - ok
12:32:44.0837 0x0758 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\netbios.sys - ok
12:32:44.0837 0x0758 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\vwififlt.sys - ok
12:32:44.0837 0x0758 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\nsiproxy.sys - ok
12:32:44.0837 0x0758 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\rdbss.sys - ok
12:32:44.0837 0x0758 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\csc.sys - ok
12:32:44.0837 0x0758 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
12:32:44.0837 0x0758 C:\Windows\System32\drivers\dfsc.sys - ok
12:32:44.0853 0x0758 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
12:32:44.0853 0x0758 C:\Windows\System32\drivers\tunnel.sys - ok
12:32:44.0853 0x0758 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
12:32:44.0853 0x0758 C:\Windows\System32\drivers\hdaudbus.sys - ok
12:32:44.0853 0x0758 [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
12:32:44.0853 0x0758 C:\Windows\System32\ntdll.dll - ok
12:32:44.0853 0x0758 [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe
12:32:44.0853 0x0758 C:\Windows\System32\smss.exe - ok
12:32:44.0853 0x0758 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] C:\Windows\System32\drivers\iusb3xhc.sys
12:32:44.0853 0x0758 C:\Windows\System32\drivers\iusb3xhc.sys - ok
12:32:44.0853 0x0758 [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
12:32:44.0853 0x0758 C:\Windows\System32\drivers\usbd.sys - ok
12:32:44.0853 0x0758 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] C:\Windows\System32\drivers\HECIx64.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\HECIx64.sys - ok
12:32:44.0869 0x0758 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\usbehci.sys - ok
12:32:44.0869 0x0758 [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\usbport.sys - ok
12:32:44.0869 0x0758 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\cdrom.sys - ok
12:32:44.0869 0x0758 [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] C:\Windows\System32\drivers\rusb3xhc.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\rusb3xhc.sys - ok
12:32:44.0869 0x0758 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok
12:32:44.0869 0x0758 [ 455B75C19BF3F1F2EE3AC10E1169826C, C8CE6DE48E0B4621F2851A994261FA787556A27F9868A8859E5E8A8354028257 ] C:\Windows\System32\drivers\k57nd60a.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\k57nd60a.sys - ok
12:32:44.0869 0x0758 [ 1E5EBB4FB8B3B0E9DE7AC83759F9C153, 63F701149DBF3D9E60EF70413932E2A42E16C5E9D2E866B1FB73CCE317EDA03A ] C:\Windows\System32\drivers\rtl8192ce.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\rtl8192ce.sys - ok
12:32:44.0869 0x0758 [ C4043E39A2ABBC56581CA25DF161E9F7, 1B53A8BEE4823EA842A00F5304428F0B4D14078045CF84ED20D8DF0FB8826040 ] C:\Windows\System32\drivers\asmtxhci.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\asmtxhci.sys - ok
12:32:44.0869 0x0758 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
12:32:44.0869 0x0758 C:\Windows\System32\drivers\i8042prt.sys - ok
12:32:44.0884 0x0758 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\blbdrive.sys - ok
12:32:44.0884 0x0758 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] C:\Windows\System32\drivers\ISCTD64.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\ISCTD64.sys - ok
12:32:44.0884 0x0758 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\kbdclass.sys - ok
12:32:44.0884 0x0758 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\wmiacpi.sys - ok
12:32:44.0884 0x0758 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\agilevpn.sys - ok
12:32:44.0884 0x0758 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\CompositeBus.sys - ok
12:32:44.0884 0x0758 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\mssmbios.sys - ok
12:32:44.0884 0x0758 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\rasl2tp.sys - ok
12:32:44.0884 0x0758 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
12:32:44.0884 0x0758 C:\Windows\System32\drivers\ndistapi.sys - ok
12:32:44.0900 0x0758 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\ndiswan.sys - ok
12:32:44.0900 0x0758 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\raspppoe.sys - ok
12:32:44.0900 0x0758 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\raspptp.sys - ok
12:32:44.0900 0x0758 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\rassstp.sys - ok
12:32:44.0900 0x0758 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\rdpbus.sys - ok
12:32:44.0900 0x0758 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\mouclass.sys - ok
12:32:44.0900 0x0758 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\termdd.sys - ok
12:32:44.0900 0x0758 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\ks.sys - ok
12:32:44.0900 0x0758 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
12:32:44.0900 0x0758 C:\Windows\System32\drivers\swenum.sys - ok
12:32:44.0915 0x0758 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
12:32:44.0915 0x0758 C:\Windows\System32\drivers\umbus.sys - ok
12:32:44.0915 0x0758 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] C:\Windows\System32\drivers\iusb3hub.sys
12:32:44.0915 0x0758 C:\Windows\System32\drivers\iusb3hub.sys - ok
12:32:44.0915 0x0758 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
12:32:44.0915 0x0758 C:\Windows\System32\drivers\usbhub.sys - ok
12:32:44.0915 0x0758 [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] C:\Windows\System32\drivers\rusb3hub.sys
12:32:44.0915 0x0758 C:\Windows\System32\drivers\rusb3hub.sys - ok
12:32:44.0931 0x0758 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
12:32:44.0931 0x0758 C:\Windows\System32\drivers\ndproxy.sys - ok
12:32:44.0931 0x0758 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
12:32:44.0931 0x0758 C:\Windows\System32\autochk.exe - ok
12:32:44.0931 0x0758 [ 6FE3237C1177E66437E7AD0E8AC1A6E5, 3223D4E57150DE8F768BC1BE0E6DCFFC6CA5B09DC7D7ADF283C90929100B0B7B ] C:\Windows\System32\drivers\asmthub3.sys
12:32:44.0931 0x0758 C:\Windows\System32\drivers\asmthub3.sys - ok
12:32:44.0931 0x0758 [ 1D265B74A4A6888CDC8EB1A9C6B969C4, 0272B218A120A968EF50ED5508877440EB5515FEB3A12181838080C2EBC39329 ] C:\Windows\System32\drivers\GeneStor.sys
12:32:44.0931 0x0758 C:\Windows\System32\drivers\GeneStor.sys - ok
12:32:44.0931 0x0758 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
12:32:44.0931 0x0758 C:\Windows\System32\nsi.dll - ok
12:32:44.0931 0x0758 [ 263B6E451526A90FF8B1CEC759F22956, 8225A6B0A31A68D3CB11A7A274A7E2153E98F7DF657195408A365A0AF789BD72 ] C:\Windows\System32\wininet.dll
12:32:44.0931 0x0758 C:\Windows\System32\wininet.dll - ok
12:32:44.0931 0x0758 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
12:32:44.0931 0x0758 C:\Windows\System32\user32.dll - ok
12:32:44.0931 0x0758 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
12:32:44.0931 0x0758 C:\Windows\System32\ws2_32.dll - ok
12:32:44.0931 0x0758 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
12:32:44.0931 0x0758 C:\Windows\System32\imm32.dll - ok
12:32:44.0931 0x0758 [ D8973E71F1B35CD3F3DEA7C12D49D0F0, 23CAE14BF9D7208CD2A0B2691B1A64313A24A23E6D70F40AA0572ED37E8B542C ] C:\Windows\System32\kernel32.dll
12:32:44.0931 0x0758 C:\Windows\System32\kernel32.dll - ok
12:32:44.0947 0x0758 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
12:32:44.0947 0x0758 C:\Windows\System32\normaliz.dll - ok
12:32:44.0947 0x0758 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
12:32:44.0947 0x0758 C:\Windows\System32\shlwapi.dll - ok
12:32:44.0947 0x0758 [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll
12:32:44.0947 0x0758 C:\Windows\System32\lpk.dll - ok
12:32:44.0947 0x0758 [ AD662B34B161198B9D66A564EDDA7D43, 335807AA4E88234BF2C639781E92D0DBC41D973754D61AB1DA6C8BA4E108AEBD ] C:\Windows\System32\shell32.dll
12:32:44.0947 0x0758 C:\Windows\System32\shell32.dll - ok
12:32:44.0947 0x0758 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
12:32:44.0947 0x0758 C:\Windows\System32\setupapi.dll - ok
12:32:44.0947 0x0758 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
12:32:44.0947 0x0758 C:\Windows\System32\clbcatq.dll - ok
12:32:44.0947 0x0758 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
12:32:44.0947 0x0758 C:\Windows\System32\psapi.dll - ok
12:32:44.0947 0x0758 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
12:32:44.0947 0x0758 C:\Windows\System32\msctf.dll - ok
12:32:44.0947 0x0758 [ 6300AD525D639CECBB3D144B6D7B30F9, 9A7BA443CC0A40215AC99599F4DF6A852D1DE3BD7AD1FBBCEBCCFD7F86062FA6 ] C:\Windows\System32\iertutil.dll
12:32:44.0947 0x0758 C:\Windows\System32\iertutil.dll - ok
12:32:44.0947 0x0758 [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
12:32:44.0947 0x0758 C:\Windows\System32\advapi32.dll - ok
12:32:44.0962 0x0758 [ 56325BB1FF19F2A5AC8713756AC41140, B2124E57783312EE37D2621E689D8FB4C43A04BDBD4F481225C21038605A28CE ] C:\Windows\System32\gdi32.dll
12:32:44.0962 0x0758 C:\Windows\System32\gdi32.dll - ok
12:32:44.0962 0x0758 [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
12:32:44.0962 0x0758 C:\Windows\System32\imagehlp.dll - ok
12:32:44.0962 0x0758 [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll
12:32:44.0962 0x0758 C:\Windows\System32\rpcrt4.dll - ok
12:32:44.0962 0x0758 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
12:32:44.0962 0x0758 C:\Windows\System32\ole32.dll - ok
12:32:44.0962 0x0758 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
12:32:44.0962 0x0758 C:\Windows\System32\sechost.dll - ok
12:32:44.0962 0x0758 [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll
12:32:44.0962 0x0758 C:\Windows\System32\usp10.dll - ok
12:32:44.0962 0x0758 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
12:32:44.0962 0x0758 C:\Windows\System32\msvcrt.dll - ok
12:32:44.0962 0x0758 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
12:32:44.0962 0x0758 C:\Windows\System32\Wldap32.dll - ok
12:32:44.0962 0x0758 [ 22874047B810B5B174C68ACD7C0B6510, D3DC88210DBC13A2F3B41960C6C0E59A16D1AE20FC24AD059DF3B46A40A77095 ] C:\Windows\System32\urlmon.dll
12:32:44.0962 0x0758 C:\Windows\System32\urlmon.dll - ok
12:32:44.0962 0x0758 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
12:32:44.0962 0x0758 C:\Windows\System32\comdlg32.dll - ok
12:32:44.0978 0x0758 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
12:32:44.0978 0x0758 C:\Windows\System32\difxapi.dll - ok
12:32:44.0978 0x0758 [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
12:32:44.0978 0x0758 C:\Windows\System32\oleaut32.dll - ok
12:32:44.0978 0x0758 [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll
12:32:44.0978 0x0758 C:\Windows\System32\crypt32.dll - ok
12:32:44.0978 0x0758 [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
12:32:44.0978 0x0758 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:32:44.0978 0x0758 [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
12:32:44.0978 0x0758 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:32:44.0978 0x0758 [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll
12:32:44.0978 0x0758 C:\Windows\System32\wintrust.dll - ok
12:32:44.0993 0x0758 [ B22C00ED0491FD7B8803D7DDE2849F4C, 11AB01BF17A4130A3C4EF493A42406DF106B0923DD6DCBFF5958F5C886B9DA93 ] C:\Windows\System32\KernelBase.dll
12:32:44.0993 0x0758 C:\Windows\System32\KernelBase.dll - ok
12:32:44.0993 0x0758 [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
12:32:44.0993 0x0758 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:32:44.0993 0x0758 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
12:32:44.0993 0x0758 C:\Windows\System32\cfgmgr32.dll - ok
12:32:44.0993 0x0758 [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:32:44.0993 0x0758 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:32:44.0993 0x0758 [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:32:44.0993 0x0758 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:32:44.0993 0x0758 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:32:44.0993 0x0758 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:32:44.0993 0x0758 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
12:32:44.0993 0x0758 C:\Windows\System32\comctl32.dll - ok
12:32:44.0993 0x0758 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
12:32:44.0993 0x0758 C:\Windows\System32\devobj.dll - ok
12:32:44.0993 0x0758 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
12:32:44.0993 0x0758 C:\Windows\System32\msasn1.dll - ok
12:32:45.0009 0x0758 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
12:32:45.0009 0x0758 C:\Windows\SysWOW64\normaliz.dll - ok
12:32:45.0009 0x0758 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
12:32:45.0009 0x0758 C:\Windows\System32\drivers\dxapi.sys - ok
12:32:45.0009 0x0758 [ F2BF71FCEAB8FB8A691408C478E2FF4C, B271A8B43FFC29C9CFEA2B50A2370760A38274D491CD2BA02A0EA4D0A3998DE6 ] C:\Windows\System32\win32k.sys
12:32:45.0009 0x0758 C:\Windows\System32\win32k.sys - ok
12:32:45.0009 0x0758 [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll
12:32:45.0009 0x0758 C:\Windows\System32\csrsrv.dll - ok
12:32:45.0009 0x0758 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
12:32:45.0009 0x0758 C:\Windows\System32\csrss.exe - ok
12:32:45.0009 0x0758 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
12:32:45.0009 0x0758 C:\Windows\System32\basesrv.dll - ok
12:32:45.0009 0x0758 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
12:32:45.0009 0x0758 C:\Windows\System32\winsrv.dll - ok
12:32:45.0009 0x0758 [ FEDE0629ECB23650D48989517D4914DA, AD3DFC34F0F4AF0EC7A2C018F7DCEF72DECA85E569BAEBA39484407956594D8B ] C:\Windows\System32\drivers\dxg.sys
12:32:45.0009 0x0758 C:\Windows\System32\drivers\dxg.sys - ok
12:32:45.0009 0x0758 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
12:32:45.0009 0x0758 C:\Windows\System32\tsddd.dll - ok
12:32:45.0009 0x0758 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
12:32:45.0009 0x0758 C:\Windows\System32\KBDUS.DLL - ok
12:32:45.0025 0x0758 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
12:32:45.0025 0x0758 C:\Windows\System32\profapi.dll - ok
12:32:45.0025 0x0758 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
12:32:45.0025 0x0758 C:\Windows\System32\RpcRtRemote.dll - ok
12:32:45.0025 0x0758 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
12:32:45.0025 0x0758 C:\Windows\System32\sxssrv.dll - ok
12:32:45.0025 0x0758 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
12:32:45.0025 0x0758 C:\Windows\System32\wininit.exe - ok
12:32:45.0025 0x0758 [ E30B04A8FE665C52162D70233ABEA9A3, E5586EDF32684B31D438B2BF800FA625F8D73473896995B5FFC907E1742BF79E ] C:\Windows\System32\framebuf.dll
12:32:45.0025 0x0758 C:\Windows\System32\framebuf.dll - ok
12:32:45.0040 0x0758 [ 8BEC4D6AD2864EDF68D9AD0C6AA6C6D1, 9708FC829CA75ADDC5921BAADC191F5BBAF90612164F4EFB042C002A05FC16B4 ] C:\Windows\System32\vga.dll
12:32:45.0040 0x0758 C:\Windows\System32\vga.dll - ok
12:32:45.0040 0x0758 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
12:32:45.0040 0x0758 C:\Windows\System32\sxs.dll - ok
12:32:45.0040 0x0758 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
12:32:45.0040 0x0758 C:\Windows\System32\WlS0WndH.dll - ok
12:32:45.0040 0x0758 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
12:32:45.0040 0x0758 C:\Windows\System32\cryptbase.dll - ok
12:32:45.0040 0x0758 [ 086F906B1D30C0A5D35FE0F6362DAB21, C4C8CD9C60C6426E0402A4BE1D30CE30792D0A5FE1057266467E0C143DD1050C ] C:\Windows\System32\lsasrv.dll
12:32:45.0040 0x0758 C:\Windows\System32\lsasrv.dll - ok
12:32:45.0040 0x0758 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] C:\Windows\System32\lsass.exe
12:32:45.0040 0x0758 C:\Windows\System32\lsass.exe - ok
12:32:45.0040 0x0758 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
12:32:45.0040 0x0758 C:\Windows\System32\lsm.exe - ok
12:32:45.0056 0x0758 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
12:32:45.0056 0x0758 C:\Windows\System32\services.exe - ok
12:32:45.0056 0x0758 [ 7C46EC9CCDE6E793713FA01DB2EB918E, 36647EF5E68B39A972AE2EDBE446F4CCC59ADAC5C4C172F2A66D79139E66BB30 ] C:\Windows\System32\sspisrv.dll
12:32:45.0056 0x0758 C:\Windows\System32\sspisrv.dll - ok
12:32:45.0056 0x0758 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
12:32:45.0056 0x0758 C:\Windows\System32\scesrv.dll - ok
12:32:45.0056 0x0758 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
12:32:45.0056 0x0758 C:\Windows\System32\scext.dll - ok
12:32:45.0056 0x0758 [ 208EAAFF40DA400190AA0605C797BEA2, 24C349881E7102267D1648F9CA6A9AF871F1CAA3290AC96CEABCC3724D833C5B ] C:\Windows\System32\secur32.dll
12:32:45.0056 0x0758 C:\Windows\System32\secur32.dll - ok
12:32:45.0056 0x0758 [ B08EA91C774AA734E0B9881F85CD9F42, C0757F98D190D426EBF5B0B6C151BFFD0A128344BAA4A1BA36DB28C16BB4A0F2 ] C:\Windows\System32\sspicli.dll
12:32:45.0056 0x0758 C:\Windows\System32\sspicli.dll - ok
12:32:45.0056 0x0758 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
12:32:45.0056 0x0758 C:\Windows\System32\sysntfy.dll - ok
12:32:45.0056 0x0758 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
12:32:45.0056 0x0758 C:\Windows\System32\wmsgapi.dll - ok
12:32:45.0056 0x0758 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
12:32:45.0056 0x0758 C:\Windows\System32\srvcli.dll - ok
12:32:45.0071 0x0758 [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
12:32:45.0071 0x0758 C:\Windows\System32\winlogon.exe - ok
12:32:45.0071 0x0758 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
12:32:45.0071 0x0758 C:\Windows\System32\samsrv.dll - ok
12:32:45.0071 0x0758 [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
12:32:45.0071 0x0758 C:\Windows\System32\winsta.dll - ok
12:32:45.0071 0x0758 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
12:32:45.0071 0x0758 C:\Windows\System32\cryptdll.dll - ok
12:32:45.0071 0x0758 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
12:32:45.0071 0x0758 C:\Windows\System32\wevtapi.dll - ok
12:32:45.0071 0x0758 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
12:32:45.0071 0x0758 C:\Windows\System32\authz.dll - ok
12:32:45.0071 0x0758 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
12:32:45.0071 0x0758 C:\Windows\System32\cngaudit.dll - ok
12:32:45.0071 0x0758 [ 747B9BA5412422F27934CB21131F0A3E, 2441F925C3B46A15141A0A1E1AA9DFCCA2891D823D55C6E6DA0E30C2DE3A7341 ] C:\Windows\System32\ncrypt.dll
12:32:45.0071 0x0758 C:\Windows\System32\ncrypt.dll - ok
12:32:45.0071 0x0758 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
12:32:45.0071 0x0758 C:\Windows\System32\bcrypt.dll - ok
12:32:45.0071 0x0758 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
12:32:45.0071 0x0758 C:\Windows\System32\msprivs.dll - ok
12:32:45.0087 0x0758 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
12:32:45.0087 0x0758 C:\Windows\System32\negoexts.dll - ok
12:32:45.0087 0x0758 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
12:32:45.0087 0x0758 C:\Windows\System32\netjoin.dll - ok
12:32:45.0087 0x0758 [ 44E1A196DFCB53B01FE4B855C3B56A15, EDC31276EC325B642D07EE79F6E9021CBB7F8AFC32F9A408C91844175BF6B6E2 ] C:\Windows\System32\kerberos.dll
12:32:45.0087 0x0758 C:\Windows\System32\kerberos.dll - ok
12:32:45.0087 0x0758 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
12:32:45.0087 0x0758 C:\Windows\System32\cryptsp.dll - ok
12:32:45.0087 0x0758 [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
12:32:45.0087 0x0758 C:\Windows\System32\mswsock.dll - ok
12:32:45.0087 0x0758 [ E1BB958681BE311E7CFF06CFEC5F1F2B, C2FDFC6C7350788A07DCB99A6A54FB9A96A6A578013DF46D0E5094A3CBF6E862 ] C:\Windows\System32\atmfd.dll
12:32:45.0087 0x0758 C:\Windows\System32\atmfd.dll - ok
12:32:45.0087 0x0758 [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
12:32:45.0087 0x0758 C:\Windows\System32\msv1_0.dll - ok
12:32:45.0087 0x0758 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
12:32:45.0087 0x0758 C:\Windows\System32\netlogon.dll - ok
12:32:45.0087 0x0758 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
12:32:45.0087 0x0758 C:\Windows\System32\wship6.dll - ok
12:32:45.0087 0x0758 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
12:32:45.0087 0x0758 C:\Windows\System32\dnsapi.dll - ok
12:32:45.0103 0x0758 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys
12:32:45.0103 0x0758 C:\Windows\System32\drivers\usbccgp.sys - ok
12:32:45.0103 0x0758 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
12:32:45.0103 0x0758 C:\Windows\System32\logoncli.dll - ok
12:32:45.0103 0x0758 [ 31FFED18C7B836CEC1B559347E32E151, 80BA8E74EC60BF50240D95FC526485FD6A18F2316A4C4E2804C451164676EDEE ] C:\Windows\System32\schannel.dll
12:32:45.0103 0x0758 C:\Windows\System32\schannel.dll - ok
12:32:45.0103 0x0758 [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys
12:32:45.0103 0x0758 C:\Windows\System32\drivers\hidclass.sys - ok
12:32:45.0103 0x0758 [ 856E76B3641746ABBC2946BED1372098, FD93CC7F72560F72CA49AD5609C079E25B8A3A4802E72B127B63A9E7B4884710 ] C:\Windows\System32\drivers\hidparse.sys
12:32:45.0103 0x0758 C:\Windows\System32\drivers\hidparse.sys - ok
12:32:45.0103 0x0758 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys
12:32:45.0103 0x0758 C:\Windows\System32\drivers\hidusb.sys - ok
12:32:45.0118 0x0758 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys
12:32:45.0118 0x0758 C:\Windows\System32\drivers\kbdhid.sys - ok
12:32:45.0118 0x0758 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
12:32:45.0118 0x0758 C:\Windows\System32\rsaenh.dll - ok
12:32:45.0118 0x0758 [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
12:32:45.0118 0x0758 C:\Windows\System32\wdigest.dll - ok
12:32:45.0118 0x0758 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
12:32:45.0118 0x0758 C:\Windows\System32\bcryptprimitives.dll - ok
12:32:45.0118 0x0758 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys
12:32:45.0118 0x0758 C:\Windows\System32\drivers\mouhid.sys - ok
12:32:45.0118 0x0758 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
12:32:45.0118 0x0758 C:\Windows\System32\pku2u.dll - ok
12:32:45.0118 0x0758 [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
12:32:45.0118 0x0758 C:\Windows\System32\TSpkg.dll - ok
12:32:45.0118 0x0758 [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
12:32:45.0118 0x0758 C:\Windows\System32\credssp.dll - ok
12:32:45.0118 0x0758 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
12:32:45.0118 0x0758 C:\Windows\System32\efslsaext.dll - ok
12:32:45.0118 0x0758 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
12:32:45.0118 0x0758 C:\Windows\System32\scecli.dll - ok
12:32:45.0134 0x0758 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
12:32:45.0134 0x0758 C:\Windows\System32\ubpm.dll - ok
12:32:45.0134 0x0758 [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
12:32:45.0134 0x0758 C:\Windows\System32\svchost.exe - ok
12:32:45.0134 0x0758 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
12:32:45.0134 0x0758 C:\Windows\System32\umpnpmgr.dll - ok
12:32:45.0134 0x0758 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
12:32:45.0134 0x0758 C:\Windows\System32\devrtl.dll - ok
12:32:45.0134 0x0758 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
12:32:45.0134 0x0758 C:\Windows\System32\gpapi.dll - ok
12:32:45.0134 0x0758 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
12:32:45.0134 0x0758 C:\Windows\System32\SPInf.dll - ok
12:32:45.0134 0x0758 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
12:32:45.0134 0x0758 C:\Windows\System32\umpo.dll - ok
12:32:45.0134 0x0758 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
12:32:45.0134 0x0758 C:\Windows\System32\userenv.dll - ok
12:32:45.0134 0x0758 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
12:32:45.0134 0x0758 C:\Windows\System32\pcwum.dll - ok
12:32:45.0134 0x0758 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
12:32:45.0134 0x0758 C:\Windows\System32\powrprof.dll - ok
12:32:45.0149 0x0758 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
12:32:45.0149 0x0758 C:\Windows\System32\rpcss.dll - ok
12:32:45.0149 0x0758 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
12:32:45.0149 0x0758 C:\Windows\System32\RpcEpMap.dll - ok
12:32:45.0149 0x0758 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
12:32:45.0149 0x0758 C:\Windows\System32\wshqos.dll - ok
12:32:45.0149 0x0758 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
12:32:45.0149 0x0758 C:\Windows\System32\WSHTCPIP.DLL - ok
12:32:45.0165 0x0758 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
12:32:45.0165 0x0758 C:\Windows\System32\FirewallAPI.dll - ok
12:32:45.0165 0x0758 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
12:32:45.0165 0x0758 C:\Windows\System32\LogonUI.exe - ok
12:32:45.0165 0x0758 [ 34152997FB906895290E0199AC94B85F, 6AEEB989FA6E4354F96F70D0169CC6CAAA56EEE3056F1CD20F5FE846EAC058C1 ] C:\Windows\System32\authui.dll
12:32:45.0165 0x0758 C:\Windows\System32\authui.dll - ok
12:32:45.0165 0x0758 [ A6B726DCA228F7878E38368A1BDC68BE, 30E8300B09B876E3D4B2A9215C9CC070EADF915E1268F425B6F8E0596A0D3539 ] C:\Windows\System32\cryptnet.dll
12:32:45.0165 0x0758 C:\Windows\System32\cryptnet.dll - ok
12:32:45.0165 0x0758 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] C:\Windows\System32\cryptsvc.dll
12:32:45.0165 0x0758 C:\Windows\System32\cryptsvc.dll - ok
12:32:45.0165 0x0758 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
12:32:45.0165 0x0758 C:\Windows\System32\version.dll - ok
12:32:45.0165 0x0758 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
12:32:45.0165 0x0758 C:\Windows\System32\wevtsvc.dll - ok
12:32:45.0181 0x0758 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
12:32:45.0181 0x0758 C:\Windows\System32\cryptui.dll - ok
12:32:45.0181 0x0758 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
12:32:45.0181 0x0758 C:\Windows\System32\profsvc.dll - ok
12:32:45.0181 0x0758 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
12:32:45.0181 0x0758 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
12:32:45.0181 0x0758 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
12:32:45.0181 0x0758 C:\Windows\System32\atl.dll - ok
12:32:45.0181 0x0758 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
12:32:45.0181 0x0758 C:\Windows\System32\MPSSVC.dll - ok
12:32:45.0181 0x0758 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
12:32:45.0181 0x0758 C:\Windows\System32\ntmarta.dll - ok
12:32:45.0181 0x0758 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
12:32:45.0181 0x0758 C:\Windows\System32\drivers\nwifi.sys - ok
12:32:45.0181 0x0758 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
12:32:45.0181 0x0758 C:\Windows\System32\wlansvc.dll - ok
12:32:45.0181 0x0758 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
12:32:45.0181 0x0758 C:\Windows\System32\drivers\ndisuio.sys - ok
12:32:45.0181 0x0758 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
12:32:45.0181 0x0758 C:\Windows\System32\dhcpcore.dll - ok
12:32:45.0196 0x0758 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
12:32:45.0196 0x0758 C:\Windows\System32\dnsrslvr.dll - ok
12:32:45.0196 0x0758 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
12:32:45.0196 0x0758 C:\Windows\System32\eapsvc.dll - ok
12:32:45.0196 0x0758 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
12:32:45.0196 0x0758 C:\Windows\System32\IPHLPAPI.DLL - ok
12:32:45.0196 0x0758 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
12:32:45.0196 0x0758 C:\Windows\System32\keyiso.dll - ok
12:32:45.0196 0x0758 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
12:32:45.0196 0x0758 C:\Windows\System32\lmhsvc.dll - ok
12:32:45.0196 0x0758 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
12:32:45.0196 0x0758 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
12:32:45.0196 0x0758 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
12:32:45.0196 0x0758 C:\Windows\System32\nrpsrv.dll - ok
12:32:45.0196 0x0758 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
12:32:45.0196 0x0758 C:\Windows\System32\nsisvc.dll - ok
12:32:45.0196 0x0758 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
12:32:45.0196 0x0758 C:\Windows\System32\propsys.dll - ok
12:32:45.0212 0x0758 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
12:32:45.0212 0x0758 C:\Windows\System32\samlib.dll - ok
12:32:45.0212 0x0758 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
12:32:45.0212 0x0758 C:\Windows\System32\shacct.dll - ok
12:32:45.0212 0x0758 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
12:32:45.0212 0x0758 C:\Windows\System32\winnsi.dll - ok
12:32:45.0212 0x0758 [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
12:32:45.0212 0x0758 C:\Windows\System32\dhcpcore6.dll - ok
12:32:45.0212 0x0758 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
12:32:45.0212 0x0758 C:\Windows\System32\dnsext.dll - ok
12:32:45.0212 0x0758 [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
12:32:45.0212 0x0758 C:\Windows\System32\eapphost.dll - ok
12:32:45.0212 0x0758 [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
12:32:45.0212 0x0758 C:\Windows\System32\FWPUCLNT.DLL - ok
12:32:45.0212 0x0758 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
12:32:45.0212 0x0758 C:\Windows\System32\dhcpcsvc.dll - ok
12:32:45.0212 0x0758 [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
12:32:45.0212 0x0758 C:\Windows\System32\dhcpcsvc6.dll - ok
12:32:45.0212 0x0758 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
12:32:45.0212 0x0758 C:\Windows\System32\drivers\fltMgr.sys - ok
12:32:45.0227 0x0758 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
12:32:45.0227 0x0758 C:\Windows\System32\dsrole.dll - ok
12:32:45.0227 0x0758 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
12:32:45.0227 0x0758 C:\Windows\System32\PSHED.DLL - ok
12:32:45.0227 0x0758 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
12:32:45.0227 0x0758 C:\Windows\System32\umb.dll - ok
12:32:45.0227 0x0758 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
12:32:45.0227 0x0758 C:\Windows\System32\wtsapi32.dll - ok
12:32:45.0227 0x0758 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
12:32:45.0227 0x0758 C:\Windows\System32\uxtheme.dll - ok
12:32:45.0227 0x0758 [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
12:32:45.0227 0x0758 C:\Windows\System32\wlanmsm.dll - ok
12:32:45.0227 0x0758 [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
12:32:45.0227 0x0758 C:\Windows\System32\wlansec.dll - ok
12:32:45.0243 0x0758 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8, 59C4FE015CCBE922F7AB3838D7F34CACC08DD437B2BAD62926BF4A9C416F7C19 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll
12:32:45.0243 0x0758 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok
12:32:45.0243 0x0758 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
12:32:45.0243 0x0758 C:\Windows\System32\eappprxy.dll - ok
12:32:45.0243 0x0758 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
12:32:45.0243 0x0758 C:\Windows\System32\onex.dll - ok
12:32:45.0243 0x0758 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
12:32:45.0243 0x0758 C:\Windows\System32\eappcfg.dll - ok
12:32:45.0243 0x0758 [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
12:32:45.0243 0x0758 C:\Windows\System32\l2gpstore.dll - ok
12:32:45.0243 0x0758 [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
12:32:45.0243 0x0758 C:\Windows\System32\WinSCard.dll - ok
12:32:45.0243 0x0758 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
12:32:45.0243 0x0758 C:\Windows\System32\wlanutil.dll - ok
12:32:45.0243 0x0758 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
12:32:45.0243 0x0758 C:\Windows\System32\wlgpclnt.dll - ok
12:32:45.0243 0x0758 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
12:32:45.0243 0x0758 C:\Windows\System32\dui70.dll - ok
12:32:45.0259 0x0758 [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll
12:32:45.0259 0x0758 C:\Windows\System32\msxml6.dll - ok
12:32:45.0259 0x0758 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
12:32:45.0259 0x0758 C:\Windows\System32\duser.dll - ok
12:32:45.0259 0x0758 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
12:32:45.0259 0x0758 C:\Windows\System32\hid.dll - ok
12:32:45.0259 0x0758 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
12:32:45.0259 0x0758 C:\Windows\System32\MMDevAPI.dll - ok
12:32:45.0259 0x0758 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
12:32:45.0259 0x0758 C:\Windows\System32\SndVolSSO.dll - ok
12:32:45.0259 0x0758 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
12:32:45.0259 0x0758 C:\Windows\System32\BFE.DLL - ok
12:32:45.0259 0x0758 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
12:32:45.0259 0x0758 C:\Windows\System32\dwmapi.dll - ok
12:32:45.0259 0x0758 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
12:32:45.0259 0x0758 C:\Windows\System32\netcfgx.dll - ok
12:32:45.0259 0x0758 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
12:32:45.0259 0x0758 C:\Windows\System32\xmllite.dll - ok
12:32:45.0259 0x0758 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
12:32:45.0259 0x0758 C:\Windows\System32\slc.dll - ok
12:32:45.0274 0x0758 [ 3D7BB6DD7A87B3E36E44CA94444247A8, 8EC25387910A85624A76C0312A7A8C2A4624E9B7A546FD071F70FE3C2F7F7333 ] C:\Windows\System32\WindowsCodecs.dll
12:32:45.0274 0x0758 C:\Windows\System32\WindowsCodecs.dll - ok
12:32:45.0274 0x0758 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
12:32:45.0274 0x0758 C:\Windows\System32\drivers\bowser.sys - ok
12:32:45.0274 0x0758 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
12:32:45.0274 0x0758 C:\Windows\System32\drivers\mpsdrv.sys - ok
12:32:45.0274 0x0758 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
12:32:45.0274 0x0758 C:\Windows\System32\drivers\mrxsmb.sys - ok
12:32:45.0290 0x0758 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
12:32:45.0290 0x0758 C:\Windows\System32\drivers\mrxsmb10.sys - ok
12:32:45.0290 0x0758 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
12:32:45.0290 0x0758 C:\Windows\System32\wfapigp.dll - ok
12:32:45.0290 0x0758 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
12:32:45.0290 0x0758 C:\Windows\System32\drivers\mrxsmb20.sys - ok
12:32:45.0290 0x0758 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
12:32:45.0290 0x0758 C:\Windows\System32\wkssvc.dll - ok
12:32:45.0290 0x0758 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
12:32:45.0290 0x0758 C:\Windows\System32\IKEEXT.DLL - ok
12:32:45.0290 0x0758 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
12:32:45.0290 0x0758 C:\Windows\System32\netutils.dll - ok
12:32:45.0290 0x0758 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] C:\Windows\System32\nlasvc.dll
12:32:45.0290 0x0758 C:\Windows\System32\nlasvc.dll - ok
12:32:45.0305 0x0758 [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
12:32:45.0305 0x0758 C:\Windows\System32\ncsi.dll - ok
12:32:45.0305 0x0758 [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] C:\Windows\System32\wbem\WMIsvc.dll
12:32:45.0305 0x0758 C:\Windows\System32\wbem\WMIsvc.dll - ok
12:32:45.0305 0x0758 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
12:32:45.0305 0x0758 C:\Windows\System32\winhttp.dll - ok
12:32:45.0305 0x0758 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
12:32:45.0305 0x0758 C:\Windows\System32\ssdpapi.dll - ok
12:32:45.0305 0x0758 [ A5ACADEE1EC8F9105CBD683A4D722CFE, 93DBE3E1F589A892644BFEE583404660C52BDDE77A6A0F154180A3548218DEE5 ] C:\Windows\System32\wbemcomn2.dll
12:32:45.0305 0x0758 C:\Windows\System32\wbemcomn2.dll - ok
12:32:45.0305 0x0758 [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
12:32:45.0305 0x0758 C:\Windows\System32\webio.dll - ok
12:32:45.0305 0x0758 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
12:32:45.0305 0x0758 C:\Windows\System32\mscms.dll - ok
12:32:45.0305 0x0758 [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
12:32:45.0305 0x0758 C:\Windows\System32\vpnikeapi.dll - ok
12:32:45.0305 0x0758 [ FCEABD99844A035DB8D96E6E8BCCBA5E, 6BC5366E6355FBBD69A5FD969BD4F5DBB87CD661EEC53B03C156DA885A477CB8 ] C:\Windows\System32\wbem\fastprox.dll
12:32:45.0305 0x0758 C:\Windows\System32\wbem\fastprox.dll - ok
12:32:45.0305 0x0758 [ 636681CA4ECC169E763A611991E7A0C7, C03B6AE93FFF951628982EB73E6FEED872E1A270AD66158E2F193604DB3DCB9B ] C:\Windows\System32\wbem\WmiDcPrv.dll
12:32:45.0305 0x0758 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
12:32:45.0321 0x0758 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
12:32:45.0321 0x0758 C:\Windows\System32\wkscli.dll - ok
12:32:45.0321 0x0758 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] C:\Windows\System32\IPSECSVC.DLL
12:32:45.0321 0x0758 C:\Windows\System32\IPSECSVC.DLL - ok
12:32:45.0321 0x0758 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
12:32:45.0321 0x0758 C:\Windows\System32\pcasvc.dll - ok
12:32:45.0321 0x0758 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
12:32:45.0321 0x0758 C:\Windows\System32\snmptrap.exe - ok
12:32:45.0321 0x0758 [ D6DA9DDCB8DEA5FD995D37BA346D84DC, 2A90C2F5D9FBFBE9CA795E7C8FCECFEC017EB394DA941CA42625AB0FDDE984DF ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll
12:32:45.0321 0x0758 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok
12:32:45.0321 0x0758 [ 9BC93C9ACFA34DB5A41B89357B31E4ED, C3B9DDCB31970F91F8CAF85D2431903DB1738872775EEFD6712B7646BDE1250C ] C:\Windows\System32\FwRemoteSvr.dll
12:32:45.0321 0x0758 C:\Windows\System32\FwRemoteSvr.dll - ok
12:32:45.0321 0x0758 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
12:32:45.0321 0x0758 C:\Windows\System32\ntdsapi.dll - ok
12:32:45.0321 0x0758 [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll
12:32:45.0321 0x0758 C:\Windows\System32\PeerDistSh.dll - ok
12:32:45.0321 0x0758 [ E9A0777DCA9148157E0EF9B71D7DE353, 954A9A1BC2EF83705AFF479DAFD51C18752AEEB2DE7A7DADD1A0E5A1971868DB ] C:\Windows\System32\RdpGroupPolicyExtension.dll
12:32:45.0321 0x0758 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
12:32:45.0337 0x0758 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
12:32:45.0337 0x0758 C:\Windows\System32\vssapi.dll - ok
12:32:45.0337 0x0758 [ 4D485945E7589FC64E4D6E59ECD483B7, C6497497F13C62D2DD90042DC88914F369289FD5EDED29ADD120A2F083BC354E ] C:\Windows\System32\wbem\wbemprox.dll
12:32:45.0337 0x0758 C:\Windows\System32\wbem\wbemprox.dll - ok
12:32:45.0337 0x0758 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
12:32:45.0337 0x0758 C:\Windows\System32\adtschema.dll - ok
12:32:45.0337 0x0758 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
12:32:45.0337 0x0758 C:\Windows\System32\provsvc.dll - ok
12:32:45.0337 0x0758 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
12:32:45.0337 0x0758 C:\Windows\System32\sstpsvc.dll - ok
12:32:45.0337 0x0758 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
12:32:45.0337 0x0758 C:\Windows\System32\vsstrace.dll - ok
12:32:45.0337 0x0758 [ 0C212FA537F003B8F8C90A85D0F8DF27, 01995129F0985C439B3EAA59ECC5BD451ED65166284BFC0636B3F76E269998C3 ] C:\Windows\System32\wbem\wbemcore.dll
12:32:45.0337 0x0758 C:\Windows\System32\wbem\wbemcore.dll - ok
12:32:45.0337 0x0758 [ 997714A70C11ED43A771AE5A95F0D026, A31E11FA571263890F4AF157FEE02C506D08E5066EE1F2B95456ED161AAA8EBD ] C:\Windows\System32\wbem\WinMgmtR.dll
12:32:45.0337 0x0758 C:\Windows\System32\wbem\WinMgmtR.dll - ok
12:32:45.0337 0x0758 [ A67E03E39172459935C591F6E0534569, 96016B5E6101EE61BF3D6DBC0453942EF0CBAB7E5FC3C63E6BCA7B5D7251F66F ] C:\Windows\System32\wbem\esscli.dll
12:32:45.0337 0x0758 C:\Windows\System32\wbem\esscli.dll - ok
12:32:45.0337 0x0758 [ BA5CA827B50D8FE46478BA867B08D020, 7189389FE97FDF0EE442F0A36A79119EAB848659473D61E7A36205E053C37FFD ] C:\Windows\System32\wbem\wbemsvc.dll
12:32:45.0337 0x0758 C:\Windows\System32\wbem\wbemsvc.dll - ok
12:32:45.0352 0x0758 [ F37BCA66EA95079C806D80B23E041876, 46849672EF9C5DE70A0DF9FE7FA7EA8AC0466525DF02951B51386CE073E97C30 ] C:\Windows\System32\wbem\wmiutils.dll
12:32:45.0352 0x0758 C:\Windows\System32\wbem\wmiutils.dll - ok
12:32:45.0352 0x0758 [ 56C9C92B854E6AB6ECDA5C531B6ACF5A, FA8D18A8E2D6550E86E8F06987D2142C0ADD1F93808D06CB9292B82D850A75A1 ] C:\Windows\System32\wbem\repdrvfs.dll
12:32:45.0352 0x0758 C:\Windows\System32\wbem\repdrvfs.dll - ok
12:32:45.0352 0x0758 [ 0281DDC918760773F676CE924B153AAF, 8EC80BD5A9F0B926F3DD241C65CED1A2F0BABF7830AB4F91B5F9B2312E188BA8 ] C:\Windows\System32\ncobjapi.dll
12:32:45.0352 0x0758 C:\Windows\System32\ncobjapi.dll - ok
12:32:45.0352 0x0758 [ 6C399566C1E3E7D475C3698297221A20, 6BF2C1B0F8BE5712398BCFE88D3355C9B5E102FD22B239BD9DA1530B9CC7B386 ] C:\Windows\System32\wbem\WmiPrvSD.dll
12:32:45.0352 0x0758 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
12:32:45.0352 0x0758 [ 5935C3E7DCDA36AA0E4D9284C8AC319B, A5010D53EC7A200835134FD3F22548DC0719A11483400991334DEE7666D4DAFB ] C:\Windows\System32\wbem\wbemess.dll
12:32:45.0352 0x0758 C:\Windows\System32\wbem\wbemess.dll - ok
12:32:45.0352 0x0758 [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
12:32:45.0352 0x0758 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
12:32:45.0368 0x0758 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
12:32:45.0368 0x0758 C:\Windows\System32\winbrand.dll - ok
12:32:45.0368 0x0758 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
12:32:45.0368 0x0758 C:\Windows\System32\UXInit.dll - ok
12:32:45.0368 0x0758 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
12:32:45.0368 0x0758 C:\Windows\System32\VaultCredProvider.dll - ok
12:32:45.0368 0x0758 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
12:32:45.0368 0x0758 C:\Windows\System32\imageres.dll - ok
12:32:45.0368 0x0758 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
12:32:45.0368 0x0758 C:\Windows\System32\samcli.dll - ok
12:32:45.0368 0x0758 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
12:32:45.0368 0x0758 C:\Windows\System32\dllhost.exe - ok
12:32:45.0368 0x0758 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
12:32:45.0368 0x0758 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
12:32:45.0368 0x0758 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
12:32:45.0368 0x0758 C:\Windows\System32\IDStore.dll - ok
12:32:45.0368 0x0758 [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
12:32:45.0368 0x0758 C:\Windows\System32\AtBroker.exe - ok
12:32:45.0368 0x0758 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
12:32:45.0368 0x0758 C:\Windows\System32\mpr.dll - ok
12:32:45.0383 0x0758 [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
12:32:45.0383 0x0758 C:\Windows\explorer.exe - ok
12:32:45.0383 0x0758 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
12:32:45.0383 0x0758 C:\Windows\System32\userinit.exe - ok
12:32:45.0383 0x0758 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
12:32:45.0383 0x0758 C:\Windows\System32\ExplorerFrame.dll - ok
12:32:45.0383 0x0758 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
12:32:45.0383 0x0758 C:\Windows\System32\apphelp.dll - ok
12:32:45.0383 0x0758 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
12:32:45.0383 0x0758 C:\Windows\System32\EhStorShell.dll - ok
12:32:45.0383 0x0758 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
12:32:45.0383 0x0758 C:\Windows\System32\cscapi.dll - ok
12:32:45.0383 0x0758 [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll
12:32:45.0383 0x0758 C:\Windows\System32\cscdll.dll - ok
12:32:45.0383 0x0758 [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll
12:32:45.0383 0x0758 C:\Windows\System32\cscui.dll - ok
12:32:45.0383 0x0758 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
12:32:45.0383 0x0758 C:\Windows\System32\ntshrui.dll - ok
12:32:45.0399 0x0758 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
12:32:45.0399 0x0758 C:\Windows\System32\IconCodecService.dll - ok
12:32:45.0399 0x0758 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
12:32:45.0399 0x0758 C:\Windows\System32\runonce.exe - ok
12:32:45.0399 0x0758 [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
12:32:45.0399 0x0758 C:\Windows\SysWOW64\ntdll.dll - ok
12:32:45.0399 0x0758 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
12:32:45.0399 0x0758 C:\Windows\SysWOW64\runonce.exe - ok
12:32:45.0399 0x0758 [ 70833F5A59F65908698093889C34BCA2, 25777B910664827FC5C8258E4956CC936E0A1E42A9C7F2F390A83025E685D728 ] C:\Windows\System32\wow64.dll
12:32:45.0399 0x0758 C:\Windows\System32\wow64.dll - ok
12:32:45.0415 0x0758 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll
12:32:45.0415 0x0758 C:\Windows\System32\wow64cpu.dll - ok
12:32:45.0415 0x0758 [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll
12:32:45.0415 0x0758 C:\Windows\System32\wow64win.dll - ok
12:32:45.0415 0x0758 [ 365A5034093AD9E04F433046C4CDF6AB, 5D5B30A883B273D59C6C64286E0BA79DA0BDF1B7EBC791278248A9196701DDDF ] C:\Windows\SysWOW64\kernel32.dll
12:32:45.0415 0x0758 C:\Windows\SysWOW64\kernel32.dll - ok
12:32:45.0415 0x0758 [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
12:32:45.0415 0x0758 C:\Windows\SysWOW64\advapi32.dll - ok
12:32:45.0415 0x0758 [ 1B7343C3765638D4D17CB925F84F8ABE, FDD4F8B409A6C6870C56BBCDCD07902D825FCB13ABB316FD804B6AAAF996600B ] C:\Windows\SysWOW64\KernelBase.dll
12:32:45.0415 0x0758 C:\Windows\SysWOW64\KernelBase.dll - ok
12:32:45.0415 0x0758 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
12:32:45.0415 0x0758 C:\Windows\SysWOW64\msvcrt.dll - ok
12:32:45.0415 0x0758 [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll
12:32:45.0415 0x0758 C:\Windows\SysWOW64\rpcrt4.dll - ok
12:32:45.0430 0x0758 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\sechost.dll - ok
12:32:45.0430 0x0758 [ 42B924C5F3924C1EB2539F22C10D7DF1, 5C922A6B9F4B5320ECEF67E81B37E6736BF01AF964A6966E24C8B29D0DDDDA3B ] C:\Windows\SysWOW64\sspicli.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\sspicli.dll - ok
12:32:45.0430 0x0758 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\cryptbase.dll - ok
12:32:45.0430 0x0758 [ 56E3313690866F99CD17AA1342F64AE1, 4AD4E105C1A6E9BAB9568CA21B15A38C59702EF605AA9058490C56DA070CF846 ] C:\Windows\SysWOW64\gdi32.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\gdi32.dll - ok
12:32:45.0430 0x0758 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\user32.dll - ok
12:32:45.0430 0x0758 [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\lpk.dll - ok
12:32:45.0430 0x0758 [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\usp10.dll - ok
12:32:45.0430 0x0758 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\ole32.dll - ok
12:32:45.0430 0x0758 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
12:32:45.0430 0x0758 C:\Windows\SysWOW64\shlwapi.dll - ok
12:32:45.0430 0x0758 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
12:32:45.0430 0x0758 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
12:32:45.0446 0x0758 [ E02781D4871844DCD30DF1D69A650F78, DC77302F06CD6CF7FC2C3B0F433A4AE41DF869B9F342C0656CCD8A125B3D3318 ] C:\Windows\SysWOW64\shell32.dll
12:32:45.0446 0x0758 C:\Windows\SysWOW64\shell32.dll - ok
12:32:45.0446 0x0758 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
12:32:45.0446 0x0758 C:\Windows\SysWOW64\imm32.dll - ok
12:32:45.0446 0x0758 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
12:32:45.0446 0x0758 C:\Windows\SysWOW64\msctf.dll - ok
12:32:45.0446 0x0758 [ 42B6A94DD747DF2B5F628A2752E62A98, 4A49EAE1322E65FFA6C71F0BEA52CAEC97D1F30DE71FB068CD9FD8318C8287AB ] C:\Windows\System32\ctfmon.exe
12:32:45.0446 0x0758 C:\Windows\System32\ctfmon.exe - ok
12:32:45.0446 0x0758 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
12:32:45.0446 0x0758 C:\Windows\System32\MsCtfMonitor.dll - ok
12:32:45.0446 0x0758 [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
12:32:45.0446 0x0758 C:\Windows\System32\timedate.cpl - ok
12:32:45.0446 0x0758 [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
12:32:45.0446 0x0758 C:\Windows\System32\msutb.dll - ok
12:32:45.0446 0x0758 [ 732E668096B1A37B7BFD4B9021E69A8E, D6302B8DAE374569AD49FE2FC40AA5F485E5D9DD50167F9395D282B5D3EF8F0B ] C:\Windows\System32\oleres.dll
12:32:45.0446 0x0758 C:\Windows\System32\oleres.dll - ok
12:32:45.0446 0x0758 [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
12:32:45.0446 0x0758 C:\Windows\System32\shdocvw.dll - ok
12:32:45.0461 0x0758 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
12:32:45.0461 0x0758 C:\Windows\System32\msftedit.dll - ok
12:32:45.0461 0x0758 [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
12:32:45.0461 0x0758 C:\Windows\System32\msls31.dll - ok
12:32:45.0461 0x0758 [ 7DBA84667DC18877AEF693E3543DFAD7, 499306CE72EB8B873C547C600FD1093B7A79122D656407E69879041690AE588F ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
12:32:45.0461 0x0758 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
12:32:45.0461 0x0758 [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
12:32:45.0461 0x0758 C:\Windows\System32\gameux.dll - ok
12:32:45.0461 0x0758 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
12:32:45.0461 0x0758 C:\Windows\System32\wer.dll - ok
12:32:45.0461 0x0758 [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37599790A5DDD1F1 ] C:\Windows\System32\msi.dll
12:32:45.0461 0x0758 C:\Windows\System32\msi.dll - ok
12:32:45.0461 0x0758 [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
12:32:45.0461 0x0758 C:\Windows\System32\msiltcfg.dll - ok
12:32:45.0461 0x0758 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
12:32:45.0461 0x0758 C:\Windows\System32\DeviceCenter.dll - ok
12:32:45.0461 0x0758 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
12:32:45.0461 0x0758 C:\Windows\System32\linkinfo.dll - ok
12:32:45.0461 0x0758 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
12:32:45.0461 0x0758 C:\Windows\System32\networkexplorer.dll - ok
12:32:45.0477 0x0758 [ 00000000000000000000000000000000, 0000000000000000000000000000000000000000000000000000000000000000 ] C:\Program Files\Photoshop\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe
12:32:45.0477 0x0758 C:\Program Files\Photoshop\Adobe Photoshop CS6 (64 Bit)\Photoshop.exe - ok
12:32:45.0477 0x0758 [ B32AB94A432289AC2DF77A3DCAD32EED, B1021C78F940E6FA7A8992B2733B593B89DA57325A0A0D13D2767F193A78D90F ] C:\Windows\System32\davclnt.dll
12:32:45.0477 0x0758 C:\Windows\System32\davclnt.dll - ok
12:32:45.0477 0x0758 [ 45B24A357C801CE62052FE0CDC8BD4D2, 00602E41B78473825253F6B2557A5C43FBDDCCF713D806929AE7C039FF8F185C ] C:\Windows\System32\davhlpr.dll
12:32:45.0477 0x0758 C:\Windows\System32\davhlpr.dll - ok
12:32:45.0477 0x0758 [ 5F639198C4137075DA50E61C23963C11, 3D03B3BF62B3469069AD6BE2AAEE152CB6722D36C001B8197FEBC2F3EB9ADBE0 ] C:\Windows\System32\drprov.dll
12:32:45.0477 0x0758 C:\Windows\System32\drprov.dll - ok
12:32:45.0477 0x0758 [ BC566D17914B07ABAAB3A5A385CC3300, DCE0A1D26312AA6441FB7122C6EED980AE350D58B2B4B166CB62F983306268E9 ] C:\Windows\System32\ntlanman.dll
12:32:45.0477 0x0758 C:\Windows\System32\ntlanman.dll - ok
12:32:45.0477 0x0758 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
12:32:45.0477 0x0758 C:\Windows\System32\thumbcache.dll - ok
12:32:45.0477 0x0758 [ 4860DF8BA52A33DA8BFD00B983C0C1C6, CF55903D43A4BE86169979AA0EF5EC78CC16680593B99CFBDFE83F7CCEDEEDDB ] C:\Program Files\Lightroom 4.4\lightroom.exe
12:32:45.0477 0x0758 C:\Program Files\Lightroom 4.4\lightroom.exe - ok
12:32:45.0493 0x0758 [ 1818D024AB938E05C2D97A0B1C1004BC, 37C77FBCAD25B83A198DD35AA804ADF0F04FB13F01923E99186490B638702165 ] C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe
12:32:45.0493 0x0758 C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\wordicon.exe - ok
12:32:45.0493 0x0758 [ F2C7BB8ACC97F92E987A2D4087D021B1, 142E1D688EF0568370C37187FD9F2351D7DDEDA574F8BFA9B0FA4EF42DB85AA2 ] C:\Windows\System32\notepad.exe
12:32:45.0493 0x0758 C:\Windows\System32\notepad.exe - ok
12:32:45.0493 0x0758 [ B22CB67919EBAD88B0E8BB9CDA446010, 2F744FEAC48EDE7D6B6D2727F7DDFA80B26D9E3B0009741B00992B19AD85E128 ] C:\Windows\System32\StikyNot.exe
12:32:45.0493 0x0758 C:\Windows\System32\StikyNot.exe - ok
12:32:45.0493 0x0758 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
12:32:45.0493 0x0758 C:\Windows\System32\wdmaud.drv - ok
12:32:45.0493 0x0758 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
12:32:45.0493 0x0758 C:\Windows\System32\winmm.dll - ok
12:32:45.0493 0x0758 [ 10E4A1D2132CCB5C6759F038CDB6F3C9, C6A91CBA00BF87CDB064C49ADAAC82255CBEC6FDD48FD21F9B3B96ABF019916B ] C:\Windows\System32\calc.exe
12:32:45.0493 0x0758 C:\Windows\System32\calc.exe - ok
12:32:45.0493 0x0758 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
12:32:45.0493 0x0758 C:\Windows\System32\ksuser.dll - ok
12:32:45.0493 0x0758 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
12:32:45.0493 0x0758 C:\Windows\System32\avrt.dll - ok
12:32:45.0493 0x0758 [ 458F4590F80563EB2A0A72709BFC2BD9, FF923C051AE380BF30D749EBE9CF310CCAB6572D84EB81B76FB1012BCBDF557F ] C:\Windows\System32\mspaint.exe
12:32:45.0493 0x0758 C:\Windows\System32\mspaint.exe - ok
12:32:45.0508 0x0758 [ 64D7403436A4E09923A1C98E333AB4D5, 33D1F41EDD36617BD9CF80104342F41B2B3C212F803F8C6D75F6CADB0B69B1FA ] C:\Program Files\COMODO\COMODO Internet Security\cistray.exe
12:32:45.0508 0x0758 C:\Program Files\COMODO\COMODO Internet Security\cistray.exe - ok
12:32:45.0508 0x0758 [ 268EF3344DA4258AADBF6AC2614A70C6, B0600FA5A9157215D16DF5F769F51C84454577981208111A3D800A22D3AFDBCB ] C:\Windows\Installer\{76FF0F03-B707-4332-B5D1-A56C8303514E}\iTunesIco.exe
12:32:45.0508 0x0758 C:\Windows\Installer\{76FF0F03-B707-4332-B5D1-A56C8303514E}\iTunesIco.exe - ok
12:32:45.0508 0x0758 [ EB2372E6E6CE9660A19FE90A2DA18595, 816B8AA3FC50113B5535EFCDFAF31AFF3A8CB5358266CA5CA74EC13D0E35C8FF ] C:\Program Files\PhotomatixPro4\PhotomatixPro.exe
12:32:45.0508 0x0758 C:\Program Files\PhotomatixPro4\PhotomatixPro.exe - ok
12:32:45.0508 0x0758 [ 7C74C407EEFE30A423B49E2D10850281, EA882365ECD55EF6C2CADE6AB85483F1EB093348028001C9AF7398741BD7E0F8 ] C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll
12:32:45.0508 0x0758 C:\Program Files\Common Files\Microsoft Shared\OFFICE14\msoshext.dll - ok
12:32:45.0524 0x0758 [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
12:32:45.0524 0x0758 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
12:32:45.0524 0x0758 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
12:32:45.0524 0x0758 C:\Windows\System32\batmeter.dll - ok
12:32:45.0524 0x0758 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
12:32:45.0524 0x0758 C:\Windows\System32\stobject.dll - ok
12:32:45.0524 0x0758 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
12:32:45.0524 0x0758 C:\Windows\System32\es.dll - ok
12:32:45.0524 0x0758 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
12:32:45.0524 0x0758 C:\Windows\System32\prnfldr.dll - ok
12:32:45.0524 0x0758 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
12:32:45.0524 0x0758 C:\Windows\System32\winspool.drv - ok
12:32:45.0524 0x0758 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
12:32:45.0524 0x0758 C:\Windows\System32\DXP.dll - ok
12:32:45.0524 0x0758 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
12:32:45.0524 0x0758 C:\Windows\System32\Syncreg.dll - ok
12:32:45.0524 0x0758 [ CD47548A52B02D254BF6D7F7A5F2BFD3, 86D5431BFA9861CA82E40FAD3D56D63B7A1C7BD375902C70EBA8E96088EA02FD ] C:\Windows\HelpPane.exe
12:32:45.0524 0x0758 C:\Windows\HelpPane.exe - ok
12:32:45.0524 0x0758 [ DB70FE36AC8F594E9E69479C076BADB8, 839D46AEE1407409194AB7B34AC66F0F6EA299BA89680CD8DA8F7729D8FC9E4E ] C:\Windows\System32\HelpPaneProxy.dll
12:32:45.0524 0x0758 C:\Windows\System32\HelpPaneProxy.dll - ok
12:32:45.0539 0x0758 [ 86F1F949DD51FB5A044F1BD34CBE4AA8, AAFA3B8294E2543AFFF1E2C04FF0FA93D517FC20F7622ABE46B57BDCCF235E92 ] C:\Windows\System32\apds.dll
12:32:45.0539 0x0758 C:\Windows\System32\apds.dll - ok
12:32:45.0539 0x0758 [ DB02F4D37E5F7F07A0D0F9FAA68249EE, E5CD7EEA5019D6F7A52E33C3C30800EEE360B9787388E16411FD9057E2918BDA ] C:\Windows\System32\ieframe.dll
12:32:45.0539 0x0758 C:\Windows\System32\ieframe.dll - ok
12:32:45.0539 0x0758 [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
12:32:45.0539 0x0758 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
12:32:45.0539 0x0758 [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:32:45.0539 0x0758 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:32:45.0539 0x0758 [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:32:45.0539 0x0758 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:32:45.0539 0x0758 [ 0D298133C359AB8CB9EB4FA178BF3947, C876CE5E463BB116E41D1C90105D75F2DFCAEBF5FDE2A68AED0D2988470CEB31 ] C:\Windows\System32\msxml3.dll
12:32:45.0539 0x0758 C:\Windows\System32\msxml3.dll - ok
12:32:45.0555 0x0758 [ 04CB7C8FDC6D9640DD82A527208F72C4, 0F8A327B0234A29EAB1F03D9102A3DF7DB4515BF580163198C5A8C174C98DE4F ] C:\Windows\System32\UIAnimation.dll
12:32:45.0555 0x0758 C:\Windows\System32\UIAnimation.dll - ok
12:32:45.0555 0x0758 [ 65AF88D89E9F1F43198EB7D4DBF2E34B, F1E3BC3A4AF6D8481ACC2C20AAF99D63DC96B3B8163E4E503A1336188879367F ] C:\Program Files\Internet Explorer\sqmapi.dll
12:32:45.0555 0x0758 C:\Program Files\Internet Explorer\sqmapi.dll - ok
12:32:45.0555 0x0758 [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
12:32:45.0555 0x0758 C:\Windows\System32\esent.dll - ok
12:32:45.0555 0x0758 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
12:32:45.0555 0x0758 C:\Windows\System32\AltTab.dll - ok
12:32:45.0555 0x0758 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
12:32:45.0555 0x0758 C:\Windows\System32\netprofm.dll - ok
12:32:45.0555 0x0758 [ F9D908DE6B166DAC9B89BF62FA291CE8, D0A918AD60221623BB0278EA94CD6938744617FDBB2054968AFAFC2940648F02 ] C:\Program Files\Bonjour\mdnsNSP.dll
12:32:45.0555 0x0758 C:\Program Files\Bonjour\mdnsNSP.dll - ok
12:32:45.0555 0x0758 [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
12:32:45.0555 0x0758 C:\Windows\System32\nlaapi.dll - ok
12:32:45.0555 0x0758 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
12:32:45.0555 0x0758 C:\Windows\System32\rasadhlp.dll - ok
12:32:45.0555 0x0758 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
12:32:45.0555 0x0758 C:\Windows\System32\npmproxy.dll - ok
12:32:45.0555 0x0758 [ D016F5092E4FFC41147E8555A71D2DDE, 9051A354B68F7B81A8680835E92DFB00D8C2A878E6EAEEAA93A5DB390B965409 ] C:\Windows\System32\mshtml.dll
12:32:45.0555 0x0758 C:\Windows\System32\mshtml.dll - ok
12:32:45.0571 0x0758 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
12:32:45.0571 0x0758 C:\Windows\System32\pnidui.dll - ok
12:32:45.0571 0x0758 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
12:32:45.0571 0x0758 C:\Windows\System32\QUTIL.DLL - ok
12:32:45.0571 0x0758 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
12:32:45.0571 0x0758 C:\Windows\System32\netman.dll - ok
12:32:45.0571 0x0758 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
12:32:45.0571 0x0758 C:\Windows\System32\netshell.dll - ok
12:32:45.0571 0x0758 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
12:32:45.0571 0x0758 C:\Windows\System32\rasdlg.dll - ok
12:32:45.0571 0x0758 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
12:32:45.0571 0x0758 C:\Windows\System32\mprapi.dll - ok
12:32:45.0571 0x0758 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
12:32:45.0571 0x0758 C:\Windows\System32\rasapi32.dll - ok
12:32:45.0571 0x0758 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
12:32:45.0571 0x0758 C:\Windows\System32\rasman.dll - ok
12:32:45.0571 0x0758 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
12:32:45.0571 0x0758 C:\Windows\System32\dot3api.dll - ok
12:32:45.0571 0x0758 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
12:32:45.0571 0x0758 C:\Windows\System32\rtutils.dll - ok
12:32:45.0586 0x0758 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
12:32:45.0586 0x0758 C:\Windows\System32\wlanhlp.dll - ok
12:32:45.0586 0x0758 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
12:32:45.0586 0x0758 C:\Windows\System32\hnetcfg.dll - ok
12:32:45.0586 0x0758 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
12:32:45.0586 0x0758 C:\Windows\System32\wlanapi.dll - ok
12:32:45.0586 0x0758 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
12:32:45.0586 0x0758 C:\Windows\System32\WWanAPI.dll - ok
12:32:45.0586 0x0758 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
12:32:45.0586 0x0758 C:\Windows\System32\wwapi.dll - ok
12:32:45.0586 0x0758 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
12:32:45.0586 0x0758 C:\Windows\System32\QAGENT.DLL - ok
12:32:45.0586 0x0758 [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
12:32:45.0586 0x0758 C:\Windows\ehome\ehSSO.dll - ok
12:32:45.0586 0x0758 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
12:32:45.0586 0x0758 C:\Windows\System32\PortableDeviceApi.dll - ok
12:32:45.0586 0x0758 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
12:32:45.0586 0x0758 C:\Windows\System32\PortableDeviceTypes.dll - ok
12:32:45.0602 0x0758 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
12:32:45.0602 0x0758 C:\Windows\System32\WPDShServiceObj.dll - ok
12:32:45.0602 0x0758 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
12:32:45.0602 0x0758 C:\Windows\System32\srchadmin.dll - ok
12:32:45.0602 0x0758 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
12:32:45.0602 0x0758 C:\Windows\System32\taskschd.dll - ok
12:32:45.0602 0x0758 [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll
12:32:45.0602 0x0758 C:\Windows\System32\mstask.dll - ok
12:32:45.0602 0x0758 [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
12:32:45.0602 0x0758 C:\Windows\System32\webcheck.dll - ok
12:32:45.0602 0x0758 [ 6699A112A3BDC9B52338512894EBA9D6, 10888BB9C3799E1E8B010C0F9088CED376AAD63A509FCE1727C457B022CDC717 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
12:32:45.0602 0x0758 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
12:32:45.0602 0x0758 [ C7494C67A6BF6FE914808E42F8265FEF, 3A3871983F2D9A57739C70365DC3F417D9BF02F5C0C4CC3272EA9F3D380EF962 ] C:\Program Files\Windows Media Player\wmpnssci.dll
12:32:45.0602 0x0758 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
12:32:45.0617 0x0758 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
12:32:45.0617 0x0758 C:\Windows\System32\bthprops.cpl - ok
12:32:45.0617 0x0758 [ C676E5EA388AF7C4C031F56F9B42E362, 7686AF56DF7D8A333C7F741DEA06D0577E88B69F648CEC94C1D6BEFAAE6B4135 ] C:\Windows\System32\d2d1.dll
12:32:45.0617 0x0758 C:\Windows\System32\d2d1.dll - ok
12:32:45.0617 0x0758 [ DD85F00EC31F77315AE992B7B0411D65, 54C7A699252AAC3210BD1B8047292F5BE004FA72B8B5338D9772EF800C7EAED0 ] C:\Windows\System32\DWrite.dll
12:32:45.0617 0x0758 C:\Windows\System32\DWrite.dll - ok
12:32:45.0617 0x0758 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
12:32:45.0617 0x0758 C:\Windows\System32\SyncCenter.dll - ok
12:32:45.0617 0x0758 [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
12:32:45.0617 0x0758 C:\Windows\System32\d3d11.dll - ok
12:32:45.0617 0x0758 [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
12:32:45.0617 0x0758 C:\Windows\System32\dxgi.dll - ok
12:32:45.0617 0x0758 [ E8710B5DDA963E6BA198DF5FB209E72A, 87C8E2467C42BB4AAF53481DD3D27D4B3E06A738630DDA140AC359F0839B907F ] C:\Windows\System32\d3d10warp.dll
12:32:45.0617 0x0758 C:\Windows\System32\d3d10warp.dll - ok
12:32:45.0617 0x0758 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
12:32:45.0617 0x0758 C:\Windows\System32\ActionCenter.dll - ok
12:32:45.0617 0x0758 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
12:32:45.0617 0x0758 C:\Windows\System32\imapi2.dll - ok
12:32:45.0617 0x0758 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
12:32:45.0617 0x0758 C:\Windows\System32\actxprxy.dll - ok
12:32:45.0633 0x0758 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
12:32:45.0633 0x0758 C:\Windows\System32\hgcpl.dll - ok
12:32:45.0633 0x0758 [ B3CE0951E3C1EA3C733573C472EE85F9, F7D81435BA1B85A6B105480B8BF484255CB74B2E31CEA927D8F3546DB6549293 ] C:\Windows\System32\msimtf.dll
12:32:45.0633 0x0758 C:\Windows\System32\msimtf.dll - ok
12:32:45.0633 0x0758 [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
12:32:45.0633 0x0758 C:\Windows\System32\mlang.dll - ok
12:32:45.0633 0x0758 [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
12:32:45.0633 0x0758 C:\Windows\System32\NapiNSP.dll - ok
12:32:45.0649 0x0758 [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
12:32:45.0649 0x0758 C:\Windows\System32\pnrpnsp.dll - ok
12:32:45.0649 0x0758 [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
12:32:45.0649 0x0758 C:\Windows\System32\winrnr.dll - ok
12:32:45.0649 0x0758 [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
12:32:45.0649 0x0758 C:\Windows\System32\FXSST.dll - ok
12:32:45.0649 0x0758 [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
12:32:45.0649 0x0758 C:\Windows\System32\FXSAPI.dll - ok
12:32:45.0649 0x0758 [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
12:32:45.0649 0x0758 C:\Windows\System32\FXSRESM.dll - ok
12:32:45.0649 0x0758 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
12:32:45.0649 0x0758 C:\Windows\System32\FXSSVC.exe - ok
12:32:45.0649 0x0758 [ 8CBBB27369F9F07BC5E874E750EAF9D0, 4C4BEA5AD454692E0A56ACFC83C495CA44B7BB2393388A5582CE3EBE5D81E2E1 ] C:\Windows\System32\wmp.dll
12:32:45.0649 0x0758 C:\Windows\System32\wmp.dll - ok
12:32:45.0649 0x0758 [ AB272BBFB05A8585C3405EFA9F605774, 2E019FB20769BDBAAC5C55B0055602A5AAEC4F93494F4B2A686756ADA3B3D4E2 ] C:\Windows\System32\wmploc.DLL
12:32:45.0649 0x0758 C:\Windows\System32\wmploc.DLL - ok
12:32:45.0649 0x0758 [ 612D62566C617682782FCFDD27D70EAB, 5F09B625F73C7E959E854A7319E2BFCDC0E05A00D53D6AF03221656426A500B0 ] C:\Windows\System32\wbem\NCProv.dll
12:32:45.0649 0x0758 C:\Windows\System32\wbem\NCProv.dll - ok
12:32:45.0649 0x0758 [ 218A400108F280428FA22282D3268BBC, 7712687ABAEF6616E90AE5A321044C102E79EC23F4A1EAFB4278C93724873CB3 ] C:\Windows\System32\wscapi.dll
12:32:45.0649 0x0758 C:\Windows\System32\wscapi.dll - ok
12:32:45.0664 0x0758 [ 81252AA3B13743020BCF2089A5A0D911, BFFB1A5917EC1EDAF6B58EAFD888575299365D09C734FACF5A7D1843680DDFD8 ] C:\Windows\System32\wscinterop.dll
12:32:45.0664 0x0758 C:\Windows\System32\wscinterop.dll - ok
12:32:45.0664 0x0758 [ DF50DAE4C547285E4997A0C61063B632, 24F1B66CD2C5188609F936E7F4947E29EB120C59731E7028285CE6791F31B580 ] C:\Windows\System32\wscui.cpl
12:32:45.0664 0x0758 C:\Windows\System32\wscui.cpl - ok
12:32:45.0664 0x0758 [ F9959237F106F2B2609E61A290C0652E, FCCC12E5AAE1773BF87B1C4BCE71D017DB1A5A7AC189559058EA1ECC72075A82 ] C:\Windows\System32\werconcpl.dll
12:32:45.0664 0x0758 C:\Windows\System32\werconcpl.dll - ok
12:32:45.0664 0x0758 [ 90FDC54CE951C93D541925D7486F1314, F503AA92B6321B6BDB763C9FD191F3FBE928CC8F2D2C388311125CC3D7EAA0F0 ] C:\Windows\System32\framedynos.dll
12:32:45.0664 0x0758 C:\Windows\System32\framedynos.dll - ok
12:32:45.0664 0x0758 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] C:\Windows\System32\wercplsupport.dll
12:32:45.0664 0x0758 C:\Windows\System32\wercplsupport.dll - ok
12:32:45.0664 0x0758 [ FB7784A74CAA1DECE064954E73408F59, DC3FEAAEEB3C82B67A0CEAFF6A11043BF73256E6BED8FB6C9595FAC6DDA6304C ] C:\Program Files\Internet Explorer\ieproxy.dll
12:32:45.0664 0x0758 C:\Program Files\Internet Explorer\ieproxy.dll - ok
12:32:45.0664 0x0758 [ 809AE7D4ACE06BBCF621E5C504BF6FC8, 0BAAB89FB57468F27446947D75CBD6DDFC92D9B8F040144A12656803B2F7BF65 ] C:\Windows\System32\hcproviders.dll
12:32:45.0664 0x0758 C:\Windows\System32\hcproviders.dll - ok
12:32:45.0680 0x0758 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
12:32:45.0680 0x0758 C:\Windows\System32\sfc.dll - ok
12:32:45.0680 0x0758 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
12:32:45.0680 0x0758 C:\Windows\System32\sfc_os.dll - ok
12:32:45.0680 0x0758 [ D9184C5FF3FD526761D518A95ABA74A3, 0C1162320A7F6CD5DC0D55046310CDD755F37FBF0E079CB8A1579AABBB449C9D ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
12:32:45.0680 0x0758 C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
12:32:45.0680 0x0758 [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
12:32:45.0680 0x0758 C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
12:32:45.0680 0x0758 [ EFCD571D096682970EF998DD7154EBC3, AA32C806841251C2528DD81225EBC072BC4509CC586D0B8A65319F0BDA22D92F ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
12:32:45.0680 0x0758 C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
12:32:45.0680 0x0758 [ 03E9314004F504A14A61C3D364B62F66, A3BA6421991241BEA9C8334B62C3088F8F131AB906C3CC52113945D05016A35F ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
12:32:45.0680 0x0758 C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
12:32:45.0680 0x0758 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
12:32:45.0680 0x0758 C:\Windows\SysWOW64\version.dll - ok
12:32:45.0680 0x0758 [ F87EAF29C38913728E14EF9645EED92F, 40BF0483D6DF0BFD508D91C87561080537D9AE469661D20776B617456BA4BB4F ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
12:32:45.0680 0x0758 C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
12:32:45.0680 0x0758 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
12:32:45.0680 0x0758 C:\Windows\SysWOW64\nsi.dll - ok
12:32:45.0695 0x0758 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
12:32:45.0695 0x0758 C:\Windows\SysWOW64\winmm.dll - ok
12:32:45.0695 0x0758 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
12:32:45.0695 0x0758 C:\Windows\SysWOW64\ws2_32.dll - ok
12:32:45.0695 0x0758 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
12:32:45.0695 0x0758 C:\Windows\SysWOW64\wsock32.dll - ok
12:32:45.0695 0x0758 [ 7919F90EAE0C6B6085E7AF7F47B14C0F, DF54FF05291A1A177AB57CF8FD0C311EAF14BD5039223F81280F004209A47369 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
12:32:45.0695 0x0758 C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
12:32:45.0695 0x0758 [ 80537057E6EFDC1272F8AF572DAF0FBB, EF925907D18D82795C54245DE1ED0B9EC13553F64C1A7969C3CCFDEF8F40A1D9 ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
12:32:45.0695 0x0758 C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
12:32:45.0695 0x0758 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
12:32:45.0695 0x0758 C:\Windows\SysWOW64\psapi.dll - ok
12:32:45.0695 0x0758 [ 0A09A781B1A209BDCC8E7431055E4C45, 69D439327B5436517424EE9119E3FD2477BE90ADC82EBFD4C857D7B0B28FC52E ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
12:32:45.0695 0x0758 C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
12:32:45.0695 0x0758 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
12:32:45.0695 0x0758 C:\Windows\SysWOW64\msimg32.dll - ok
12:32:45.0695 0x0758 [ DA7214AF0526F182E5AB0244358AE365, 2F39A3E47221CBA6B18A78E8A77DA6B07D4FBA92545BFBE9E235A6F5475EDE10 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
12:32:45.0695 0x0758 C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
12:32:45.0711 0x0758 [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\netapi32.dll - ok
12:32:45.0711 0x0758 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\netutils.dll - ok
12:32:45.0711 0x0758 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\srvcli.dll - ok
12:32:45.0711 0x0758 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\wkscli.dll - ok
12:32:45.0711 0x0758 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
12:32:45.0711 0x0758 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
12:32:45.0711 0x0758 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\samcli.dll - ok
12:32:45.0711 0x0758 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\setupapi.dll - ok
12:32:45.0711 0x0758 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\uxtheme.dll - ok
12:32:45.0711 0x0758 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\winnsi.dll - ok
12:32:45.0711 0x0758 [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
12:32:45.0711 0x0758 C:\Windows\SysWOW64\cfgmgr32.dll - ok
12:32:45.0727 0x0758 [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
12:32:45.0727 0x0758 C:\Windows\SysWOW64\oleaut32.dll - ok
12:32:45.0727 0x0758 [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
12:32:45.0727 0x0758 C:\Windows\SysWOW64\devobj.dll - ok
12:32:45.0727 0x0758 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
12:32:45.0727 0x0758 C:\Windows\SysWOW64\dwmapi.dll - ok
12:32:45.0727 0x0758 [ 1C0E369575F387460E2A5F28269B2CC4, 96F26EF7483F9EB7B79DFCF50BB0261B981322BF8FB9F239D617FEACCEC466C8 ] C:\Windows\SysWOW64\DWrite.dll
12:32:45.0727 0x0758 C:\Windows\SysWOW64\DWrite.dll - ok
12:32:45.0727 0x0758 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
12:32:45.0727 0x0758 C:\Windows\SysWOW64\dbghelp.dll - ok
12:32:45.0727 0x0758 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
12:32:45.0727 0x0758 C:\Windows\SysWOW64\clbcatq.dll - ok
12:32:45.0727 0x0758 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
12:32:45.0727 0x0758 C:\Windows\SysWOW64\propsys.dll - ok
12:32:45.0742 0x0758 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
12:32:45.0742 0x0758 C:\Windows\SysWOW64\ntmarta.dll - ok
12:32:45.0742 0x0758 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
12:32:45.0742 0x0758 C:\Windows\SysWOW64\Wldap32.dll - ok
12:32:45.0742 0x0758 [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
12:32:45.0742 0x0758 C:\Windows\SysWOW64\mswsock.dll - ok
12:32:45.0742 0x0758 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
12:32:45.0742 0x0758 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
12:32:45.0758 0x0758 [ C6097B864F628594ED3E53BA55FE0E0C, 8E3F147436F0E903023EE6DB4A426FBC7F566935DE997C1374CC76F73B229884 ] C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll
12:32:45.0758 0x0758 C:\Program Files (x86)\Mozilla Firefox\browser\components\browsercomps.dll - ok
12:32:45.0758 0x0758 [ D639B766AEBC5CCDA75447D4BCFB952E, 8940842D71FCD967044DB2CE9AFA8991C3BDE125A39563F39FD62703DC3B4183 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
12:32:45.0758 0x0758 [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\cryptsp.dll - ok
12:32:45.0758 0x0758 [ 164EA9CDBA6B4CDD7731A23E7FD933FA, 56CC6528A572D9C18D7F2A168D67F29BA38C28EFCE3B6EE26512C7270DA0B696 ] C:\Windows\SysWOW64\wbemcomn2.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\wbemcomn2.dll - ok
12:32:45.0758 0x0758 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\wship6.dll - ok
12:32:45.0758 0x0758 [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\wshqos.dll - ok
12:32:45.0758 0x0758 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\profapi.dll - ok
12:32:45.0758 0x0758 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
12:32:45.0758 0x0758 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\rsaenh.dll - ok
12:32:45.0758 0x0758 [ 18F421D42906BDFFB4AA430834D368BE, 8C40DA6BAAF1ABB8CCF9DACDA5C41478D7D3049A4A3379BDEA2BBF27779BBDF8 ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
12:32:45.0758 0x0758 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
12:32:45.0773 0x0758 [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
12:32:45.0773 0x0758 C:\Windows\SysWOW64\ntdsapi.dll - ok
12:32:45.0773 0x0758 [ 5A74597CC9007A25458F5F388A539B9D, F17D06938DDDD5F1A643E7BD2F8954C72D5147E0A681497954CA8DB8ABB197DD ] C:\Windows\SysWOW64\wbem\fastprox.dll
12:32:45.0773 0x0758 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
12:32:45.0773 0x0758 [ 241CBD0F099F3D68892D19879E53722D, 61FBBF89B724D553288953BF4FAAED4AF74591A3575800F8BE1D328186501A91 ] C:\Windows\System32\wbem\WmiPrvSE.exe
12:32:45.0773 0x0758 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
12:32:45.0773 0x0758 [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
12:32:45.0773 0x0758 C:\Windows\System32\wbem\cimwin32.dll - ok
12:32:45.0773 0x0758 [ CAD0B60DF3E790FA7DDD205C117BA5C0, 24F5AA7A81739E8D8ACAC1BC256A7AE8BDFE76EEB53830BDD389B5DFB916D22B ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
12:32:45.0773 0x0758 C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
12:32:45.0773 0x0758 [ 193A0626CA65A5AEDDDD161560615D24, CA94E62AE7324DC28C4AB55E0233D5471AE396C73E67CC21E365237D2505DB83 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
12:32:45.0773 0x0758 C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
12:32:45.0773 0x0758 [ C6BCC1BE95AE7258D013EEA1C9159C8D, C04369023EC1FAA55B2FE0F1B773F709E0F33E764C677E8D3D50503BA0BFD011 ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
12:32:45.0773 0x0758 C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
12:32:45.0773 0x0758 [ 463DADBE8F36AB3C8906D5BE6012659D, A63BE9AF340D2C5A95D97D2F97587F610D51B33D7829C422D0EB42B06548C64D ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
12:32:45.0773 0x0758 C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
12:32:45.0773 0x0758 [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
12:32:45.0773 0x0758 C:\Windows\System32\wmi.dll - ok
12:32:45.0773 0x0758 [ 9C89246184979A070B0C6CCF61C68136, 409D5CB32E803B623F79A0CBAB094D33B078ED164002687B1CEA236E2B77C7D8 ] C:\Windows\SysWOW64\wininet.dll
12:32:45.0773 0x0758 C:\Windows\SysWOW64\wininet.dll - ok
12:32:45.0789 0x0758 [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
12:32:45.0789 0x0758 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
12:32:45.0789 0x0758 [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
12:32:45.0789 0x0758 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
12:32:45.0789 0x0758 [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
12:32:45.0789 0x0758 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
12:32:45.0789 0x0758 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
12:32:45.0789 0x0758 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
12:32:45.0789 0x0758 [ 34CBED7698D557DDB43F8732FBC2ACB9, 2406E009E037F0C577984792FD41CECD96078AA8B6EAC9207051CDE8DBED89CD ] C:\Windows\SysWOW64\iertutil.dll
12:32:45.0789 0x0758 C:\Windows\SysWOW64\iertutil.dll - ok
12:32:45.0789 0x0758 [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
12:32:45.0789 0x0758 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
12:32:45.0805 0x0758 [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
12:32:45.0805 0x0758 [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
12:32:45.0805 0x0758 [ 372948BB5E41CE42341C4398DE572E56, A12A3CB0C04FD02A17E202FEE79EA1B4009DAE4B5DB8B9B9D4919D1FFB270CF3 ] C:\Windows\SysWOW64\secur32.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\secur32.dll - ok
12:32:45.0805 0x0758 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\winhttp.dll - ok
12:32:45.0805 0x0758 [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
12:32:45.0805 0x0758 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\webio.dll - ok
12:32:45.0805 0x0758 [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\crypt32.dll - ok
12:32:45.0805 0x0758 [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\wintrust.dll - ok
12:32:45.0805 0x0758 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
12:32:45.0805 0x0758 C:\Windows\SysWOW64\msasn1.dll - ok
12:32:45.0820 0x0758 [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\SysWOW64\mscms.dll
12:32:45.0820 0x0758 C:\Windows\SysWOW64\mscms.dll - ok
12:32:45.0820 0x0758 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
12:32:45.0820 0x0758 C:\Windows\SysWOW64\userenv.dll - ok
12:32:45.0820 0x0758 [ CCDA8E6A2AC68FD417A8BB8D88CBFDAC, EA9226AB7559B9D136566FDF7FCEDA34D0956E8065C6A3B692C88E2A945136E0 ] C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe
12:32:45.0820 0x0758 C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AcroRd32.exe - ok
12:32:45.0820 0x0758 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
12:32:45.0820 0x0758 C:\Windows\SysWOW64\dnsapi.dll - ok
12:32:45.0820 0x0758 [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\SysWOW64\MMDevAPI.dll
12:32:45.0820 0x0758 C:\Windows\SysWOW64\MMDevAPI.dll - ok
12:32:45.0820 0x0758 [ 40947436A70E0034E41123DF5A0A7702, 5D40FD92DA5CA59C1BADB58AD509DB6A6D613F18660A9A270A53ECA85D34C3A9 ] C:\Program Files (x86)\Bonjour\mdnsNSP.dll
12:32:45.0820 0x0758 C:\Program Files (x86)\Bonjour\mdnsNSP.dll - ok
12:32:45.0820 0x0758 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
12:32:45.0820 0x0758 C:\Windows\SysWOW64\rasadhlp.dll - ok
12:32:45.0820 0x0758 [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
12:32:45.0820 0x0758 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
12:32:45.0820 0x0758 [ 69E5A1D579A6A2D1CFC8654A97AA4856, 87852A004B10B5446708CA817C7E35932233398A91ADAAE2E6E5614536EBA49E ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
12:32:45.0820 0x0758 C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll - ok
12:32:45.0820 0x0758 [ DAFEC666766C97810DE8F2FE1804B3A8, 3173EE9B42739B8D0B2596FA4A36B571EF819AA1B6BCD72B7D0C8D34393DC581 ] C:\Windows\SysWOW64\nvapi.dll
12:32:45.0820 0x0758 C:\Windows\SysWOW64\nvapi.dll - ok
12:32:45.0836 0x0758 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
12:32:45.0836 0x0758 C:\Windows\SysWOW64\NapiNSP.dll - ok
12:32:45.0836 0x0758 [ 0BA65122FFA7E37564EE86422DBF7AE8, 3A37FC503D3228D021473AECA285427382518CC36C197E4C9912745BDF3AB757 ] C:\Windows\SysWOW64\nlaapi.dll
12:32:45.0836 0x0758 C:\Windows\SysWOW64\nlaapi.dll - ok
12:32:45.0836 0x0758 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
12:32:45.0836 0x0758 C:\Windows\SysWOW64\pnrpnsp.dll - ok
12:32:45.0836 0x0758 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
12:32:45.0836 0x0758 C:\Windows\SysWOW64\winrnr.dll - ok
12:32:45.0836 0x0758 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
12:32:45.0836 0x0758 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
12:32:45.0836 0x0758 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
12:32:45.0836 0x0758 C:\Windows\SysWOW64\dui70.dll - ok
12:32:45.0836 0x0758 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
12:32:45.0836 0x0758 C:\Windows\SysWOW64\duser.dll - ok
12:32:45.0836 0x0758 [ 9AED8E824CF5FAAB67957EDBC5512060, 2AEE03C5BFD9151C8F304A4A62F12884761E0F2E1611AE91B9CB0CC390A90212 ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
12:32:45.0836 0x0758 C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
12:32:45.0836 0x0758 [ 25CABA7671247023155D72906625ADA7, CEDC787EC2EBC557508F860A20C72266600BB937637F8C2F52A5D2DDB687B8DF ] C:\Users\Crystal\Desktop\TDSSKiller.exe
12:32:45.0836 0x0758 C:\Users\Crystal\Desktop\TDSSKiller.exe - ok
12:32:45.0851 0x0758 [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
12:32:45.0851 0x0758 C:\Windows\SysWOW64\credssp.dll - ok
12:32:45.0851 0x0758 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
12:32:45.0851 0x0758 C:\Windows\SysWOW64\riched20.dll - ok
12:32:45.0867 0x0758 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{0637B6F8-01A4-4510-9BDD-769060C77350}.tmp
12:32:45.0867 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{0637B6F8-01A4-4510-9BDD-769060C77350}.tmp - ok
12:32:45.0867 0x0758 [ 55C11301579A42639736EA3B17A3A588, CBEBDD7C883EF47DB86060AF0F09FD2218161D5FEB0CECEB4A068B9CC63499F8 ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{3EEA0FAA-4331-4953-8F3C-15F78856ACC4}.tmp
12:32:45.0867 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{3EEA0FAA-4331-4953-8F3C-15F78856ACC4}.tmp - ok
12:32:45.0867 0x0758 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{AE864492-3500-40E0-BD5C-6348C5C62EB5}.tmp
12:32:45.0867 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{AE864492-3500-40E0-BD5C-6348C5C62EB5}.tmp - ok
12:32:45.0867 0x0758 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{15FE4D57-B39E-48C6-A42B-525BCF3B8259}.tmp
12:32:45.0867 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{15FE4D57-B39E-48C6-A42B-525BCF3B8259}.tmp - ok
12:32:45.0867 0x0758 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{B37E7791-C0D1-4F95-97D8-77904AF96F56}.tmp
12:32:45.0867 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{B37E7791-C0D1-4F95-97D8-77904AF96F56}.tmp - ok
12:32:45.0867 0x0758 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{0941A660-1696-4206-B36F-18E22B9D02AC}.tmp
12:32:45.0867 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{0941A660-1696-4206-B36F-18E22B9D02AC}.tmp - ok
12:32:45.0867 0x0758 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{5E739E00-4CF4-4762-B9A2-AACBCE5F6C64}.tmp
12:32:45.0867 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{5E739E00-4CF4-4762-B9A2-AACBCE5F6C64}.tmp - ok
12:32:45.0867 0x0758 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{E7649ED2-F74C-4997-9156-F3C8528CFE9D}.tmp
12:32:45.0867 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{E7649ED2-F74C-4997-9156-F3C8528CFE9D}.tmp - ok
12:32:45.0883 0x0758 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{CE155960-4EF2-4EDD-8B9B-303939A9701C}.tmp
12:32:45.0883 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{CE155960-4EF2-4EDD-8B9B-303939A9701C}.tmp - ok
12:32:45.0883 0x0758 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{F0E19952-56F5-449C-8603-1AD6BF66EF82}.tmp
12:32:45.0883 0x0758 C:\Users\Crystal\AppData\Local\Temp\{BA468907-9C63-4FB4-974F-02A066BF13E1}\{F0E19952-56F5-449C-8603-1AD6BF66EF82}.tmp - ok
12:32:45.0883 0x0758 [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
12:32:45.0883 0x0758 C:\Windows\SysWOW64\msi.dll - ok
12:32:45.0883 0x0758 [ 10EE09FE06FDA85B05B78873BAD66AD0, 5D194C9C9C7D52DE651C783418E30419D4BC33FB8245F61BABEFFD1372597A36 ] C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe
12:32:45.0883 0x0758 C:\Windows\Installer\{90140000-0011-0000-0000-0000000FF1CE}\xlicons.exe - ok
12:32:45.0883 0x0758 [ 9FE3ED67345F0FF829A4A53B90E09672, F70CD131DCF101B26CD55A57876DB3765B3E15C9D3A8B508FF041C91226EC504 ] C:\Windows\System32\loadperf.dll
12:32:45.0883 0x0758 C:\Windows\System32\loadperf.dll - ok
12:32:45.0883 0x0758 [ 80AD0F52B0ED60373DB6C9F485A22564, E5FAE7232A1192E9309721AFBA788B3A12DF9572C0891F47112A0C3532A8720A ] C:\Windows\System32\wbem\WMIADAP.exe
12:32:45.0883 0x0758 C:\Windows\System32\wbem\WMIADAP.exe - ok
12:32:45.0883 0x0758 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
12:32:45.0883 0x0758 C:\Windows\System32\wbemcomn.dll - ok
12:32:45.0883 0x0758 [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
12:32:45.0883 0x0758 C:\Windows\System32\wbem\wmiprov.dll - ok
12:32:45.0883 0x0758 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
12:32:45.0883 0x0758 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
12:32:45.0883 0x0758 [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
12:32:45.0883 0x0758 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
12:32:45.0898 0x0758 Waiting for KSN requests completion. In queue: 121
12:32:46.0912 0x0758 Waiting for KSN requests completion. In queue: 121
12:32:47.0926 0x0758 Waiting for KSN requests completion. In queue: 121
12:32:48.0956 0x0758 AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x41000 ( enabled : updated )
12:32:49.0034 0x0758 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 6.3.38526.2970 ), 0x61010 ( enabled )
12:32:51.0561 0x0758 ============================================================
12:32:51.0561 0x0758 Scan finished
12:32:51.0561 0x0758 ============================================================
12:32:51.0561 0x04c4 Detected object count: 0
12:32:51.0561 0x04c4 Actual detected object count: 0
12:33:13.0089 0x071c Deinitialize success


I'm about to reboot and try normal windows. I will post again if I am able to get in and things look better. If I haven't posted again in 5 minutes or so, please assume that the issue is still occurring.

Thanks again for your help!
  • 0

#6
PresMatt

PresMatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Hi! It worked, I'm able to use programs and it doesn't lock up now! I'll be sure to check up later today to see if you have any further steps I need to take, help with antivirus, etc.

When I restarted in normal mode, the TDSS wanted to run again, so I allowed it. Here is the log from normal windows.

12:41:40.0406 0x12fc TDSS rootkit removing tool 3.0.0.23 Feb 10 2014 23:32:41
12:41:42.0413 0x12fc ============================================================
12:41:42.0413 0x12fc Current date / time: 2014/02/19 12:41:42.0413
12:41:42.0413 0x12fc SystemInfo:
12:41:42.0413 0x12fc
12:41:42.0413 0x12fc OS Version: 6.1.7601 ServicePack: 1.0
12:41:42.0413 0x12fc Product type: Workstation
12:41:42.0413 0x12fc ComputerName: CCP-EDITING
12:41:42.0413 0x12fc UserName: Crystal
12:41:42.0413 0x12fc Windows directory: C:\Windows
12:41:42.0413 0x12fc System windows directory: C:\Windows
12:41:42.0413 0x12fc Running under WOW64
12:41:42.0413 0x12fc Processor architecture: Intel x64
12:41:42.0413 0x12fc Number of processors: 8
12:41:42.0413 0x12fc Page size: 0x1000
12:41:42.0413 0x12fc Boot type: Normal boot
12:41:42.0413 0x12fc ============================================================
12:44:41.0503 0x12fc KLMD registered as C:\Windows\system32\drivers\74415103.sys
12:44:41.0565 0x12fc System UUID: {30FE9842-0271-F13A-266E-85BC28E8A241}
12:44:41.0830 0x12fc Drive \Device\Harddisk1\DR1 - Size: 0x1DCF856000 (119.24 Gb), SectorSize: 0x200, Cylinders: 0x3CCE, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:44:41.0830 0x12fc Drive \Device\Harddisk0\DR0 - Size: 0x2BAA1200000 (2794.52 Gb), SectorSize: 0x200, Cylinders: 0x59101, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:44:41.0877 0x12fc ============================================================
12:44:41.0877 0x12fc \Device\Harddisk1\DR1:
12:44:41.0877 0x12fc MBR partitions:
12:44:41.0877 0x12fc \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:44:41.0877 0x12fc \Device\Harddisk1\DR1\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0xEE49000
12:44:41.0877 0x12fc \Device\Harddisk0\DR0:
12:44:41.0877 0x12fc GPT partitions:
12:44:41.0893 0x12fc \Device\Harddisk0\DR0\Partition1: GPT, TypeGUID: {E3C9E316-0B5C-4DB8-817D-F92DF00215AE}, UniqueGUID: {6FF43E5A-7992-11E2-A81E-F2CB7F76B652}, Name: Microsoft reserved partition, StartLBA 0x22, BlocksNum 0x40000
12:44:41.0893 0x12fc \Device\Harddisk0\DR0\Partition2: GPT, TypeGUID: {EBD0A0A2-B9E5-4433-87C0-68B6B72699C7}, UniqueGUID: {6FF43E5B-7992-11E2-A81E-F2CB7F76B652}, Name: Basic data partition, StartLBA 0x40800, BlocksNum 0x5D4C8000
12:44:41.0893 0x12fc MBR partitions:
12:44:41.0893 0x12fc ============================================================
12:44:41.0893 0x12fc C: <-> \Device\Harddisk1\DR1\Partition2
12:44:42.0002 0x12fc E: <-> \Device\Harddisk0\DR0\Partition2
12:44:42.0002 0x12fc ============================================================
12:44:42.0002 0x12fc Initialize success
12:44:42.0002 0x12fc ============================================================
12:48:23.0238 0x0848 ============================================================
12:48:23.0238 0x0848 Scan started
12:48:23.0238 0x0848 Mode: Manual;
12:48:23.0238 0x0848 ============================================================
12:48:23.0238 0x0848 KSN ping started
12:49:16.0013 0x0848 KSN ping finished: false
12:49:16.0294 0x0848 ================ Scan system memory ========================
12:49:16.0294 0x0848 System memory - ok
12:49:16.0294 0x0848 ================ Scan services =============================
12:49:16.0325 0x0848 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:49:16.0341 0x0848 1394ohci - ok
12:49:16.0356 0x0848 [ C863272577DC93199F9A2D108468EDB9, 4F4FC8E5467E3F930A0EBD5266E52DA2E4D8DEFE4BFAB2CC05E19AFC384C51DC ] 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 C:\Program Files (x86)\Roxio\BackOnTrack\App\SaibSVC.exe
12:49:16.0356 0x0848 9734BF6A-2DCD-40f0-BAB0-5AAFEEBE1269 - ok
12:49:16.0372 0x0848 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:49:16.0372 0x0848 ACPI - ok
12:49:16.0372 0x0848 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:49:16.0372 0x0848 AcpiPmi - ok
12:49:16.0372 0x0848 [ B362181ED3771DC03B4141927C80F801, 69514E5177A0AEA89C27C2234712F9F82E8D8F99E1FD4273898C9324C6FF7472 ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:49:16.0388 0x0848 AdobeARMservice - ok
12:49:16.0403 0x0848 [ C8C6C0D659734FDBF63F6F421A5416BC, 11C452D77D0A8A5E430D0D0C9949797FFC03D2E3DADB8FBB9B63EDA868AFF83C ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:49:16.0403 0x0848 AdobeFlashPlayerUpdateSvc - ok
12:49:16.0419 0x0848 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
12:49:16.0419 0x0848 adp94xx - ok
12:49:16.0434 0x0848 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys
12:49:16.0434 0x0848 adpahci - ok
12:49:16.0434 0x0848 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
12:49:16.0450 0x0848 adpu320 - ok
12:49:16.0450 0x0848 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:49:16.0450 0x0848 AeLookupSvc - ok
12:49:16.0466 0x0848 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys
12:49:16.0466 0x0848 AFD - ok
12:49:16.0466 0x0848 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys
12:49:16.0466 0x0848 agp440 - ok
12:49:16.0481 0x0848 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe
12:49:16.0481 0x0848 ALG - ok
12:49:16.0481 0x0848 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys
12:49:16.0481 0x0848 aliide - ok
12:49:16.0481 0x0848 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys
12:49:16.0481 0x0848 amdide - ok
12:49:16.0481 0x0848 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
12:49:16.0481 0x0848 AmdK8 - ok
12:49:16.0481 0x0848 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
12:49:16.0497 0x0848 AmdPPM - ok
12:49:16.0497 0x0848 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:49:16.0497 0x0848 amdsata - ok
12:49:16.0497 0x0848 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
12:49:16.0497 0x0848 amdsbs - ok
12:49:16.0512 0x0848 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:49:16.0512 0x0848 amdxata - ok
12:49:16.0512 0x0848 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys
12:49:16.0512 0x0848 AppID - ok
12:49:16.0512 0x0848 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:49:16.0512 0x0848 AppIDSvc - ok
12:49:16.0512 0x0848 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll
12:49:16.0512 0x0848 Appinfo - ok
12:49:16.0528 0x0848 [ 4FE5C6D40664AE07BE5105874357D2ED, 70DD05EE80B77EB2F781E0919885D1BBB1119EA1A8955935AF5AECD05E30F14A ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:49:16.0528 0x0848 Apple Mobile Device - ok
12:49:16.0528 0x0848 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll
12:49:16.0528 0x0848 AppMgmt - ok
12:49:16.0544 0x0848 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys
12:49:16.0544 0x0848 arc - ok
12:49:16.0544 0x0848 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys
12:49:16.0544 0x0848 arcsas - ok
12:49:16.0544 0x0848 [ 4DFF4312661F54EE87DC9A13CAEE60E0, 8821D2CA4036E764EFF71108735148FF54D3275DDCE1860EC7D67B2355E8DF82 ] asahci64 C:\Windows\system32\DRIVERS\asahci64.sys
12:49:16.0544 0x0848 asahci64 - ok
12:49:16.0559 0x0848 [ 6FE3237C1177E66437E7AD0E8AC1A6E5, 3223D4E57150DE8F768BC1BE0E6DCFFC6CA5B09DC7D7ADF283C90929100B0B7B ] asmthub3 C:\Windows\system32\DRIVERS\asmthub3.sys
12:49:16.0559 0x0848 asmthub3 - ok
12:49:16.0559 0x0848 [ C4043E39A2ABBC56581CA25DF161E9F7, 1B53A8BEE4823EA842A00F5304428F0B4D14078045CF84ED20D8DF0FB8826040 ] asmtxhci C:\Windows\system32\DRIVERS\asmtxhci.sys
12:49:16.0575 0x0848 asmtxhci - ok
12:49:16.0575 0x0848 [ 108FB6DDB69E537A2EA53F425363FAE5, B12A9F5338D39805E08A44A335FF7AA77F2266F535A2F5C8412CC746C75E5B1D ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
12:49:16.0575 0x0848 aspnet_state - ok
12:49:16.0575 0x0848 [ E1AFEE1584C74050DE0DD16DE2A54BF3, 77C8D98159D8BCDC7917B04977949823D50C49D0D13587310E060A4B8893AE42 ] AsrAppCharger C:\Windows\system32\DRIVERS\AsrAppCharger.sys
12:49:16.0575 0x0848 AsrAppCharger - ok
12:49:16.0590 0x0848 [ EA569D48B2E755AF6D96F03F3335D98A, EED2DCDF187A69F36A38129C8A1E0D6FE0EBF9232DEAF68A116E9A26E40AB636 ] AsusSE C:\Program Files (x86)\Wireless Card\RtlService.exe
12:49:16.0590 0x0848 AsusSE - ok
12:49:16.0590 0x0848 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:49:16.0590 0x0848 AsyncMac - ok
12:49:16.0590 0x0848 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys
12:49:16.0590 0x0848 atapi - ok
12:49:16.0606 0x0848 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:49:16.0606 0x0848 AudioEndpointBuilder - ok
12:49:16.0622 0x0848 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:49:16.0637 0x0848 AudioSrv - ok
12:49:16.0637 0x0848 [ 27CA53E91543B800E16129BCEC3247AD, D13DAF369EDEC383377A7FCE4AA997F8EA6740D18819BBEBAEC0C09C41F700B8 ] Avgdiska C:\Windows\system32\DRIVERS\avgdiska.sys
12:49:16.0637 0x0848 Avgdiska - ok
12:49:16.0700 0x0848 [ F89B2DACE0FBE54CF65D12B7081C19C3, 64BBA5A29948ABFADB8865CE0D7D0259AB291B8DA04786AB351055D57B49D439 ] AVGIDSAgent C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe
12:49:16.0731 0x0848 AVGIDSAgent - ok
12:49:16.0746 0x0848 [ 57250DDDE2523115D0927DBBA745F9FA, 0560733DBECC074016532ABCF2B2428DBA689A9B930993E7544A2D50B0DCAFA9 ] AVGIDSDriver C:\Windows\system32\DRIVERS\avgidsdrivera.sys
12:49:16.0746 0x0848 AVGIDSDriver - ok
12:49:16.0746 0x0848 [ 19AD820FC44AA71EDD1BC70B6E3F36B0, 997CA09273476881E4F824803B769BF3B67CC5ADAE8B99EBBD7A72C2205C3153 ] AVGIDSHA C:\Windows\system32\DRIVERS\avgidsha.sys
12:49:16.0746 0x0848 AVGIDSHA - ok
12:49:16.0762 0x0848 [ 4BE8BB177B4C2BC3564845EF6D1073F1, 4ACA54EA54F5ABA96A73BD83C0C5A83C37090FEB7CBE67AE94E9CD3E364931C8 ] Avgldx64 C:\Windows\system32\DRIVERS\avgldx64.sys
12:49:16.0762 0x0848 Avgldx64 - ok
12:49:16.0762 0x0848 [ D3772CC086FB81F76B5A82C85E1C7C8E, B1BEFD7AC658F28AECEF5468F5815504BDDC8A4203207B6F0CA53C5B216F782D ] Avgloga C:\Windows\system32\DRIVERS\avgloga.sys
12:49:16.0778 0x0848 Avgloga - ok
12:49:16.0778 0x0848 [ A0BCE5DC2C1F1EE5C1CA19A33375AC23, 517663AEDD7A45607E17910DE60B2847E521472F9C0AB56034617BE2F351DE8D ] Avgmfx64 C:\Windows\system32\DRIVERS\avgmfx64.sys
12:49:16.0778 0x0848 Avgmfx64 - ok
12:49:16.0778 0x0848 [ 12FAAF366975B2BF2E93F1866C0E480D, 559480A1434E6805CF4F3DB5352E98387053194BB7B0DB18099B53D306D9951D ] Avgrkx64 C:\Windows\system32\DRIVERS\avgrkx64.sys
12:49:16.0778 0x0848 Avgrkx64 - ok
12:49:16.0793 0x0848 [ 4E364FABBD147F59E5D524C9EA86D772, 5D2B1E35EDBF68C23C5BF38B8B7AC484E3430219E0072C4831F58A9E8386A5FD ] Avgtdia C:\Windows\system32\DRIVERS\avgtdia.sys
12:49:16.0793 0x0848 Avgtdia - ok
12:49:16.0793 0x0848 [ A1F53D2A00E64679A1D81B61D2333D06, 41D4F252693A2382A1C1FB85A49DF5AAB5B21620DC09A0E1A7F66A437E3A0B3B ] avgtp C:\Windows\system32\drivers\avgtpx64.sys
12:49:16.0793 0x0848 avgtp - ok
12:49:16.0809 0x0848 [ B747B6BB015E552F49C634BB19540F3D, 5000AD41BD101BC06D595484B6E58DEEBB962939ACF4B24DE515771D1C4AE3ED ] avgwd C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe
12:49:16.0809 0x0848 avgwd - ok
12:49:16.0809 0x0848 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:49:16.0809 0x0848 AxInstSV - ok
12:49:16.0824 0x0848 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys
12:49:16.0824 0x0848 b06bdrv - ok
12:49:16.0840 0x0848 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:49:16.0840 0x0848 b57nd60a - ok
12:49:16.0856 0x0848 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll
12:49:16.0856 0x0848 BDESVC - ok
12:49:16.0856 0x0848 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys
12:49:16.0856 0x0848 Beep - ok
12:49:16.0871 0x0848 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll
12:49:16.0871 0x0848 BFE - ok
12:49:16.0887 0x0848 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\System32\qmgr.dll
12:49:16.0902 0x0848 BITS - ok
12:49:16.0902 0x0848 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:49:16.0902 0x0848 blbdrive - ok
12:49:16.0918 0x0848 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:49:16.0934 0x0848 Bonjour Service - ok
12:49:16.0934 0x0848 [ C752A6902163B5E9C3554BA69A275F41, 29D729B52700DCCA4E57FE38A5B92103CE79C8C59B6E7162CCB8E7C19BAE1942 ] BOT4Service C:\Program Files (x86)\Roxio\BackOnTrack\App\BService.exe
12:49:16.0934 0x0848 BOT4Service - ok
12:49:16.0934 0x0848 [ 92E3765E2F9E7EE2542C9C2F6318464C, 61A56759847A976AF1949692EAA60A061E8EF865094F2DBC27D65D016CFA14BC ] BOTService C:\Program Files (x86)\Roxio\BackOnTrack\Instant Restore\BOTService.exe
12:49:16.0934 0x0848 BOTService - ok
12:49:16.0949 0x0848 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:49:16.0949 0x0848 bowser - ok
12:49:16.0949 0x0848 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
12:49:16.0949 0x0848 BrFiltLo - ok
12:49:16.0949 0x0848 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
12:49:16.0949 0x0848 BrFiltUp - ok
12:49:16.0949 0x0848 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll
12:49:16.0949 0x0848 Browser - ok
12:49:16.0965 0x0848 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:49:16.0965 0x0848 Brserid - ok
12:49:16.0965 0x0848 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:49:16.0965 0x0848 BrSerWdm - ok
12:49:16.0980 0x0848 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:49:16.0980 0x0848 BrUsbMdm - ok
12:49:16.0980 0x0848 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:49:16.0980 0x0848 BrUsbSer - ok
12:49:16.0980 0x0848 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
12:49:16.0980 0x0848 BTHMODEM - ok
12:49:16.0980 0x0848 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll
12:49:16.0996 0x0848 bthserv - ok
12:49:16.0996 0x0848 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:49:16.0996 0x0848 cdfs - ok
12:49:16.0996 0x0848 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:49:16.0996 0x0848 cdrom - ok
12:49:17.0012 0x0848 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll
12:49:17.0012 0x0848 CertPropSvc - ok
12:49:17.0012 0x0848 CFRMD - ok
12:49:17.0012 0x0848 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys
12:49:17.0012 0x0848 circlass - ok
12:49:17.0027 0x0848 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys
12:49:17.0027 0x0848 CLFS - ok
12:49:17.0027 0x0848 [ 5F050AE8EF2F70C1B4A91ACECBB6BFF9, 03021D1928B913C2F66EDB1985577B796595E157D2B8F0750DAD6E95281E88CD ] CLPSLauncher C:\Program Files (x86)\Common Files\COMODO\launcher_service.exe
12:49:17.0027 0x0848 CLPSLauncher - ok
12:49:17.0043 0x0848 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:49:17.0043 0x0848 clr_optimization_v2.0.50727_32 - ok
12:49:17.0043 0x0848 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:49:17.0043 0x0848 clr_optimization_v2.0.50727_64 - ok
12:49:17.0058 0x0848 [ 6D7C8A951AF6AD6835C029B3CB88D333, 66F3D79887B2449B4C6912D1A258D1A96056888F51A8AA24FEDF37942AD5BDBB ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:49:17.0058 0x0848 clr_optimization_v4.0.30319_32 - ok
12:49:17.0058 0x0848 [ 86329C35FF23CFEF0FB6C0023BA06BCE, D915CE7AD564F97A1C3B047D5248B7EF67ADDC59687FBC90F1776C21DAA0D3FD ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:49:17.0058 0x0848 clr_optimization_v4.0.30319_64 - ok
12:49:17.0058 0x0848 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys
12:49:17.0074 0x0848 CmBatt - ok
12:49:17.0183 0x0848 [ 2D1E7E163AB1C927ACBA22CBE4A9F818, 81CAC4AC46573AE997FA98E4FFD5CE88A9BB8D3BE80CA075490EA3168414E649 ] cmdAgent C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe
12:49:17.0246 0x0848 cmdAgent - ok
12:49:17.0261 0x0848 [ E34DF9613C8D24C5CB6F8DF8D74E5586, BFE4BC747262439F98A3B39FFF484D350A247143B7F7074BC78C2124798BE448 ] cmderd C:\Windows\system32\DRIVERS\cmderd.sys
12:49:17.0261 0x0848 cmderd - ok
12:49:17.0277 0x0848 [ D8E4A9A691BBA24EE242A1FDDF6EBAA1, EC5D49D746DD1B7D8D403F577EB95EE59923BD8DCDBBFE65B4983EC2A33808D4 ] cmdGuard C:\Windows\system32\DRIVERS\cmdguard.sys
12:49:17.0277 0x0848 cmdGuard - ok
12:49:17.0277 0x0848 [ F6B424B925B67C306BAA85AC79F7A5CC, 910E86EDFD1750324C70167989DDFE17C9E061822039AE35D6F66113E32320D6 ] cmdHlp C:\Windows\system32\DRIVERS\cmdhlp.sys
12:49:17.0277 0x0848 cmdHlp - ok
12:49:17.0292 0x0848 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:49:17.0292 0x0848 cmdide - ok
12:49:17.0292 0x0848 [ A3574DCC6588D6E09E069D2BE61537EC, E9AA0DA9A6C6F22398C2555FA6AA24B2142791B7281E91973842A5E88A2815D4 ] cmdvirth C:\Program Files\COMODO\COMODO Internet Security\cmdvirth.exe
12:49:17.0292 0x0848 cmdvirth - ok
12:49:17.0308 0x0848 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys
12:49:17.0308 0x0848 CNG - ok
12:49:17.0308 0x0848 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys
12:49:17.0308 0x0848 Compbatt - ok
12:49:17.0324 0x0848 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
12:49:17.0324 0x0848 CompositeBus - ok
12:49:17.0324 0x0848 COMSysApp - ok
12:49:17.0339 0x0848 [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe
12:49:17.0339 0x0848 cphs - ok
12:49:17.0355 0x0848 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
12:49:17.0355 0x0848 crcdisk - ok
12:49:17.0355 0x0848 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:49:17.0355 0x0848 CryptSvc - ok
12:49:17.0370 0x0848 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys
12:49:17.0370 0x0848 CSC - ok
12:49:17.0386 0x0848 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll
12:49:17.0402 0x0848 CscService - ok
12:49:17.0417 0x0848 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:49:17.0417 0x0848 DcomLaunch - ok
12:49:17.0433 0x0848 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll
12:49:17.0433 0x0848 defragsvc - ok
12:49:17.0433 0x0848 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:49:17.0433 0x0848 DfsC - ok
12:49:17.0448 0x0848 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll
12:49:17.0448 0x0848 Dhcp - ok
12:49:17.0448 0x0848 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys
12:49:17.0448 0x0848 discache - ok
12:49:17.0464 0x0848 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys
12:49:17.0464 0x0848 Disk - ok
12:49:17.0464 0x0848 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys
12:49:17.0464 0x0848 dmvsc - ok
12:49:17.0464 0x0848 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:49:17.0480 0x0848 Dnscache - ok
12:49:17.0480 0x0848 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll
12:49:17.0480 0x0848 dot3svc - ok
12:49:17.0495 0x0848 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll
12:49:17.0495 0x0848 DPS - ok
12:49:17.0526 0x0848 [ 49B2C034D77F9F73C80AC55E795CCB6E, EC3B3AF80FA86222E63ABA646C3452C7AD1B9462A1A18D059F5F7EC18C37D97C ] DragonUpdater C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
12:49:17.0558 0x0848 DragonUpdater - ok
12:49:17.0558 0x0848 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:49:17.0558 0x0848 drmkaud - ok
12:49:17.0573 0x0848 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:49:17.0589 0x0848 DXGKrnl - ok
12:49:17.0589 0x0848 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll
12:49:17.0589 0x0848 EapHost - ok
12:49:17.0651 0x0848 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys
12:49:17.0698 0x0848 ebdrv - ok
12:49:17.0698 0x0848 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe
12:49:17.0698 0x0848 EFS - ok
12:49:17.0714 0x0848 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:49:17.0729 0x0848 ehRecvr - ok
12:49:17.0729 0x0848 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe
12:49:17.0729 0x0848 ehSched - ok
12:49:17.0745 0x0848 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
12:49:17.0760 0x0848 elxstor - ok
12:49:17.0760 0x0848 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:49:17.0760 0x0848 ErrDev - ok
12:49:17.0776 0x0848 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll
12:49:17.0776 0x0848 EventSystem - ok
12:49:17.0776 0x0848 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys
12:49:17.0776 0x0848 exfat - ok
12:49:17.0792 0x0848 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:49:17.0792 0x0848 fastfat - ok
12:49:17.0807 0x0848 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe
12:49:17.0823 0x0848 Fax - ok
12:49:17.0823 0x0848 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys
12:49:17.0823 0x0848 fdc - ok
12:49:17.0823 0x0848 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll
12:49:17.0823 0x0848 fdPHost - ok
12:49:17.0823 0x0848 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll
12:49:17.0823 0x0848 FDResPub - ok
12:49:17.0823 0x0848 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:49:17.0823 0x0848 FileInfo - ok
12:49:17.0838 0x0848 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:49:17.0838 0x0848 Filetrace - ok
12:49:17.0838 0x0848 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
12:49:17.0838 0x0848 flpydisk - ok
12:49:17.0838 0x0848 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:49:17.0854 0x0848 FltMgr - ok
12:49:17.0870 0x0848 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll
12:49:17.0885 0x0848 FontCache - ok
12:49:17.0885 0x0848 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:49:17.0885 0x0848 FontCache3.0.0.0 - ok
12:49:17.0901 0x0848 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:49:17.0901 0x0848 FsDepends - ok
12:49:17.0901 0x0848 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:49:17.0901 0x0848 Fs_Rec - ok
12:49:17.0901 0x0848 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:49:17.0901 0x0848 fvevol - ok
12:49:17.0916 0x0848 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
12:49:17.0916 0x0848 gagp30kx - ok
12:49:17.0916 0x0848 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:49:17.0916 0x0848 GEARAspiWDM - ok
12:49:17.0948 0x0848 [ 39B47A50DC3D5E898298468307765710, 06268FF65CF69E2B0822477C2D1DA44721B1ADBE4F06C0D3AC0B70C2A18D8DC6 ] GeekBuddyRSP C:\Program Files (x86)\Common Files\COMODO\GeekBuddyRSP.exe
12:49:17.0979 0x0848 GeekBuddyRSP - ok
12:49:17.0994 0x0848 [ 1D265B74A4A6888CDC8EB1A9C6B969C4, 0272B218A120A968EF50ED5508877440EB5515FEB3A12181838080C2EBC39329 ] GeneStor C:\Windows\system32\DRIVERS\GeneStor.sys
12:49:17.0994 0x0848 GeneStor - ok
12:49:18.0010 0x0848 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll
12:49:18.0010 0x0848 gpsvc - ok
12:49:18.0026 0x0848 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:49:18.0026 0x0848 hcw85cir - ok
12:49:18.0026 0x0848 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:49:18.0041 0x0848 HdAudAddService - ok
12:49:18.0041 0x0848 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
12:49:18.0041 0x0848 HDAudBus - ok
12:49:18.0041 0x0848 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
12:49:18.0041 0x0848 HidBatt - ok
12:49:18.0041 0x0848 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys
12:49:18.0057 0x0848 HidBth - ok
12:49:18.0057 0x0848 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys
12:49:18.0057 0x0848 HidIr - ok
12:49:18.0057 0x0848 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\system32\hidserv.dll
12:49:18.0057 0x0848 hidserv - ok
12:49:18.0057 0x0848 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:49:18.0057 0x0848 HidUsb - ok
12:49:18.0057 0x0848 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:49:18.0072 0x0848 hkmsvc - ok
12:49:18.0072 0x0848 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:49:18.0072 0x0848 HomeGroupListener - ok
12:49:18.0088 0x0848 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:49:18.0088 0x0848 HomeGroupProvider - ok
12:49:18.0088 0x0848 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:49:18.0088 0x0848 HpSAMD - ok
12:49:18.0104 0x0848 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:49:18.0119 0x0848 HTTP - ok
12:49:18.0119 0x0848 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:49:18.0119 0x0848 hwpolicy - ok
12:49:18.0119 0x0848 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
12:49:18.0119 0x0848 i8042prt - ok
12:49:18.0135 0x0848 [ AE0C5DF7E7DA3E7AC29B64CFA8C4F044, 0486DDD6EC60A9695BC8D030158503E02BB0561EEA4B9F4A7FB19F89B3622C90 ] iaStorA C:\Windows\system32\DRIVERS\iaStorA.sys
12:49:18.0150 0x0848 iaStorA - ok
12:49:18.0150 0x0848 [ 777788D9B63CCEEEF2DB353BA4EDD454, 36A3099C252F1F18D09A8B03A4F103E5E8AF09C80AB4F08133CCD4D3BB71EE25 ] IAStorDataMgrSvc C:\Program Files (x86)\Intel\Intel® Rapid Storage Technology\IAStorDataMgrSvc.exe
12:49:18.0150 0x0848 IAStorDataMgrSvc - ok
12:49:18.0150 0x0848 [ 711241EA1BA9DB44F34D03D2AD00ED08, D23AA8D0495F2783E0395F0E1266A9781BED3FD0504712F9B9D30B88411514B5 ] iaStorF C:\Windows\system32\DRIVERS\iaStorF.sys
12:49:18.0150 0x0848 iaStorF - ok
12:49:18.0166 0x0848 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:49:18.0166 0x0848 iaStorV - ok
12:49:18.0182 0x0848 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:49:18.0197 0x0848 idsvc - ok
12:49:18.0197 0x0848 IEEtwCollectorService - ok
12:49:18.0275 0x0848 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys
12:49:18.0353 0x0848 igfx - ok
12:49:18.0353 0x0848 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys
12:49:18.0353 0x0848 iirsp - ok
12:49:18.0369 0x0848 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll
12:49:18.0384 0x0848 IKEEXT - ok
12:49:18.0400 0x0848 [ 7D3B8880385ACFA47174847983C4A7FA, CDD3AD80885C6D321C5DFDC8E83F3E673D5FB5A6A49CC45E343F630386D28662 ] inspect C:\Windows\system32\DRIVERS\inspect.sys
12:49:18.0400 0x0848 inspect - ok
12:49:18.0462 0x0848 [ F242E36CDA231701CFA702641C20FAEC, 47350EF8474F83249A9126AB6894145732CA0B68DA2EE001940C9E4AEF128B88 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
12:49:18.0525 0x0848 IntcAzAudAddService - ok
12:49:18.0540 0x0848 [ B353F1834FCD36D77BE3F74992C147D4, BFBC42B500FC7D6D2B523F988DD54156D2B6132CBE366EB591BF45556959A8E9 ] Intel® Capability Licensing Service Interface C:\Program Files\Intel\iCLS Client\HeciServer.exe
12:49:18.0540 0x0848 Intel® Capability Licensing Service Interface - ok
12:49:18.0556 0x0848 [ 125BED41A1AFDA9CAB2B6177553D5758, 00A6267AACC467FA09B49ECC6076F4C666BE98931C97D821E3225D68A3FF1BF1 ] Intel® ME Service C:\Program Files (x86)\Intel\Intel® Management Engine Components\FWService\IntelMeFWService.exe
12:49:18.0556 0x0848 Intel® ME Service - ok
12:49:18.0556 0x0848 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys
12:49:18.0556 0x0848 intelide - ok
12:49:18.0556 0x0848 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:49:18.0556 0x0848 intelppm - ok
12:49:18.0556 0x0848 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:49:18.0572 0x0848 IPBusEnum - ok
12:49:18.0572 0x0848 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:49:18.0572 0x0848 IpFilterDriver - ok
12:49:18.0587 0x0848 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:49:18.0587 0x0848 iphlpsvc - ok
12:49:18.0587 0x0848 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:49:18.0587 0x0848 IPMIDRV - ok
12:49:18.0603 0x0848 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:49:18.0603 0x0848 IPNAT - ok
12:49:18.0618 0x0848 [ 0FF335D687C85097725A53458160E81E, BF8BB3C8AF1822BEB5FF5F8008614B982F277D862B16B6516CA91F73D336E9D4 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:49:18.0618 0x0848 iPod Service - ok
12:49:18.0634 0x0848 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:49:18.0634 0x0848 IRENUM - ok
12:49:18.0634 0x0848 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:49:18.0634 0x0848 isapnp - ok
12:49:18.0634 0x0848 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:49:18.0634 0x0848 iScsiPrt - ok
12:49:18.0650 0x0848 [ 4EE2423C38F43D37F8497A672FD10BDC, 031C5272DD28809255CF4FA8E6DE45DBFBD9A363BBD5156D0AEE0787C4297980 ] ISCT C:\Windows\system32\DRIVERS\ISCTD64.sys
12:49:18.0650 0x0848 ISCT - ok
12:49:18.0650 0x0848 [ 846354992EBB373F452EB9182D501B08, 453459133DCA875E93CAAE9852E652F3794F8C31CE53526C47A181FDBABE6849 ] iusb3hcs C:\Windows\system32\DRIVERS\iusb3hcs.sys
12:49:18.0650 0x0848 iusb3hcs - ok
12:49:18.0650 0x0848 [ 1D88A23853387D34D52CC8F9DDBFC56C, D00083B61E93E7E1D247EAB332787912FCF7605AF7043F071238C50E4A15016B ] iusb3hub C:\Windows\system32\DRIVERS\iusb3hub.sys
12:49:18.0665 0x0848 iusb3hub - ok
12:49:18.0681 0x0848 [ FC5EFD7C797DF19DFB999F0605A7924E, C56CE3840F3B11D81BED38E5F59ABCA190DFB7127F06263193870312A83379AF ] iusb3xhc C:\Windows\system32\DRIVERS\iusb3xhc.sys
12:49:18.0681 0x0848 iusb3xhc - ok
12:49:18.0696 0x0848 [ 5B14FDE79871F83A5E0DCDC01F78BECF, B3103D4671F7BD4843C62D6080894E068F7E794CB02D7A84AEFB5AC10EA23BDE ] jhi_service C:\Program Files (x86)\Intel\Intel® Management Engine Components\DAL\jhi_service.exe
12:49:18.0696 0x0848 jhi_service - ok
12:49:18.0696 0x0848 [ 455B75C19BF3F1F2EE3AC10E1169826C, C8CE6DE48E0B4621F2851A994261FA787556A27F9868A8859E5E8A8354028257 ] k57nd60a C:\Windows\system32\DRIVERS\k57nd60a.sys
12:49:18.0712 0x0848 k57nd60a - ok
12:49:18.0712 0x0848 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:49:18.0712 0x0848 kbdclass - ok
12:49:18.0712 0x0848 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:49:18.0712 0x0848 kbdhid - ok
12:49:18.0712 0x0848 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe
12:49:18.0712 0x0848 KeyIso - ok
12:49:18.0728 0x0848 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:49:18.0728 0x0848 KSecDD - ok
12:49:18.0728 0x0848 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:49:18.0728 0x0848 KSecPkg - ok
12:49:18.0728 0x0848 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:49:18.0728 0x0848 ksthunk - ok
12:49:18.0743 0x0848 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll
12:49:18.0743 0x0848 KtmRm - ok
12:49:18.0759 0x0848 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\system32\srvsvc.dll
12:49:18.0759 0x0848 LanmanServer - ok
12:49:18.0759 0x0848 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:49:18.0759 0x0848 LanmanWorkstation - ok
12:49:18.0774 0x0848 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:49:18.0774 0x0848 lltdio - ok
12:49:18.0774 0x0848 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:49:18.0790 0x0848 lltdsvc - ok
12:49:18.0790 0x0848 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:49:18.0790 0x0848 lmhosts - ok
12:49:18.0790 0x0848 [ 3974B7CE015A6EEF30DA4ADD5F1203D0, ED776F1C1B1834550F3D45591EB1F0829BBA07F9F7CB73F7FBB0AFDEF8F4411B ] LMS C:\Program Files (x86)\Intel\Intel® Management Engine Components\LMS\LMS.exe
12:49:18.0790 0x0848 LMS - ok
12:49:18.0806 0x0848 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
12:49:18.0806 0x0848 LSI_FC - ok
12:49:18.0806 0x0848 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
12:49:18.0806 0x0848 LSI_SAS - ok
12:49:18.0806 0x0848 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
12:49:18.0821 0x0848 LSI_SAS2 - ok
12:49:18.0821 0x0848 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
12:49:18.0821 0x0848 LSI_SCSI - ok
12:49:18.0821 0x0848 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys
12:49:18.0821 0x0848 luafv - ok
12:49:18.0821 0x0848 [ 8FF2D95CBA49B405C5DE27039FF0BF35, 03BF7FC7F1C2C76EDB583BA342EA1C325DB8058517744EF2A78529D3938F4DC1 ] MBfilt C:\Windows\system32\drivers\MBfilt64.sys
12:49:18.0837 0x0848 MBfilt - ok
12:49:18.0837 0x0848 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:49:18.0837 0x0848 Mcx2Svc - ok
12:49:18.0837 0x0848 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys
12:49:18.0837 0x0848 megasas - ok
12:49:18.0852 0x0848 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
12:49:18.0852 0x0848 MegaSR - ok
12:49:18.0852 0x0848 [ 772A1DEEDFDBC244183B5C805D1B7D85, 7D821B8DF1F174E5414FFDEAB5207DB687740E9842F7203600AEBA086945AFC9 ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys
12:49:18.0852 0x0848 MEIx64 - ok
12:49:18.0852 0x0848 Microsoft SharePoint Workspace Audit Service - ok
12:49:18.0868 0x0848 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll
12:49:18.0868 0x0848 MMCSS - ok
12:49:18.0868 0x0848 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys
12:49:18.0868 0x0848 Modem - ok
12:49:18.0868 0x0848 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:49:18.0868 0x0848 monitor - ok
12:49:18.0884 0x0848 [ 290750346F5937B02F62594B8EB03215, A676CF1C0F9B4B33B7D1AA8D9C97F144B644F841C9637F57308B436F1AFE5B95 ] MotoHelper C:\Program Files (x86)\Motorola\MotoHelper\MotoHelperService.exe
12:49:18.0884 0x0848 MotoHelper - ok
12:49:18.0884 0x0848 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:49:18.0884 0x0848 mouclass - ok
12:49:18.0884 0x0848 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:49:18.0884 0x0848 mouhid - ok
12:49:18.0884 0x0848 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:49:18.0899 0x0848 mountmgr - ok
12:49:18.0899 0x0848 [ 338037EFA0E8E8699B2667D57B751574, 59E0D39806D0C4EB57913AA013242837FD39AD378726AEE42D250CBA87C1C3BF ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:49:18.0899 0x0848 MozillaMaintenance - ok
12:49:18.0899 0x0848 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys
12:49:18.0899 0x0848 mpio - ok
12:49:18.0915 0x0848 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:49:18.0915 0x0848 mpsdrv - ok
12:49:18.0930 0x0848 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:49:18.0946 0x0848 MpsSvc - ok
12:49:18.0946 0x0848 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:49:18.0946 0x0848 MRxDAV - ok
12:49:18.0946 0x0848 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:49:18.0962 0x0848 mrxsmb - ok
12:49:18.0962 0x0848 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:49:18.0962 0x0848 mrxsmb10 - ok
12:49:18.0977 0x0848 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:49:18.0977 0x0848 mrxsmb20 - ok
12:49:18.0977 0x0848 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys
12:49:18.0977 0x0848 msahci - ok
12:49:18.0977 0x0848 [ 54C3552A83E66BB1522ED770CBF92896, 93FDE6CA96BC06ECDFB682F464CDB4D8A043A83FFE71AED6AE4BD11BB9D3A8A4 ] MsDepSvc C:\Program Files\IIS\Microsoft Web Deploy\MsDepSvc.exe
12:49:18.0977 0x0848 MsDepSvc - ok
12:49:18.0993 0x0848 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:49:18.0993 0x0848 msdsm - ok
12:49:18.0993 0x0848 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe
12:49:18.0993 0x0848 MSDTC - ok
12:49:18.0993 0x0848 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:49:18.0993 0x0848 Msfs - ok
12:49:19.0008 0x0848 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:49:19.0008 0x0848 mshidkmdf - ok
12:49:19.0008 0x0848 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:49:19.0008 0x0848 msisadrv - ok
12:49:19.0008 0x0848 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:49:19.0008 0x0848 MSiSCSI - ok
12:49:19.0008 0x0848 msiserver - ok
12:49:19.0024 0x0848 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:49:19.0024 0x0848 MSKSSRV - ok
12:49:19.0024 0x0848 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:49:19.0024 0x0848 MSPCLOCK - ok
12:49:19.0024 0x0848 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:49:19.0024 0x0848 MSPQM - ok
12:49:19.0024 0x0848 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:49:19.0040 0x0848 MsRPC - ok
12:49:19.0040 0x0848 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
12:49:19.0040 0x0848 mssmbios - ok
12:49:19.0040 0x0848 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:49:19.0040 0x0848 MSTEE - ok
12:49:19.0040 0x0848 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
12:49:19.0040 0x0848 MTConfig - ok
12:49:19.0055 0x0848 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys
12:49:19.0055 0x0848 Mup - ok
12:49:19.0055 0x0848 MySQL - ok
12:49:19.0055 0x0848 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll
12:49:19.0071 0x0848 napagent - ok
12:49:19.0071 0x0848 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:49:19.0086 0x0848 NativeWifiP - ok
12:49:19.0102 0x0848 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys
12:49:19.0118 0x0848 NDIS - ok
12:49:19.0118 0x0848 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:49:19.0118 0x0848 NdisCap - ok
12:49:19.0118 0x0848 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:49:19.0118 0x0848 NdisTapi - ok
12:49:19.0133 0x0848 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:49:19.0133 0x0848 Ndisuio - ok
12:49:19.0133 0x0848 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:49:19.0133 0x0848 NdisWan - ok
12:49:19.0133 0x0848 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:49:19.0133 0x0848 NDProxy - ok
12:49:19.0149 0x0848 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:49:19.0149 0x0848 NetBIOS - ok
12:49:19.0149 0x0848 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:49:19.0149 0x0848 NetBT - ok
12:49:19.0149 0x0848 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe
12:49:19.0164 0x0848 Netlogon - ok
12:49:19.0164 0x0848 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll
12:49:19.0180 0x0848 Netman - ok
12:49:19.0180 0x0848 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:49:19.0180 0x0848 NetMsmqActivator - ok
12:49:19.0196 0x0848 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:49:19.0196 0x0848 NetPipeActivator - ok
12:49:19.0196 0x0848 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll
12:49:19.0211 0x0848 netprofm - ok
12:49:19.0211 0x0848 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:49:19.0211 0x0848 NetTcpActivator - ok
12:49:19.0227 0x0848 [ 5243CFC2E7161C91C2B355240035B9E4, CFD77485A9D7BC47F3A9C53D73B2AE2D5D04B90ED38628F3124EA569F4DE969E ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
12:49:19.0227 0x0848 NetTcpPortSharing - ok
12:49:19.0227 0x0848 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
12:49:19.0227 0x0848 nfrd960 - ok
12:49:19.0242 0x0848 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:49:19.0242 0x0848 NlaSvc - ok
12:49:19.0242 0x0848 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:49:19.0242 0x0848 Npfs - ok
12:49:19.0242 0x0848 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll
12:49:19.0242 0x0848 nsi - ok
12:49:19.0258 0x0848 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:49:19.0258 0x0848 nsiproxy - ok
12:49:19.0274 0x0848 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:49:19.0305 0x0848 Ntfs - ok
12:49:19.0305 0x0848 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys
12:49:19.0305 0x0848 Null - ok
12:49:19.0320 0x0848 [ 554964B900AE2954B8B589B6287034AC, C6C9EA3ADAFEBBF2AF944E4A0656BD795AD37706008CC0CA3F2150BD709476E7 ] NVHDA C:\Windows\system32\drivers\nvhda64v.sys
12:49:19.0320 0x0848 NVHDA - ok
12:49:19.0492 0x0848 [ CE1B54F1ED2080B15DAF9044EC92075A, DD8557B0E159C09DF3195EC01545CCE2BD580DC2557CCC4F90D3B7C02D07FC36 ] nvlddmkm C:\Windows\system32\DRIVERS\nvlddmkm.sys
12:49:19.0617 0x0848 nvlddmkm - ok
12:49:19.0632 0x0848 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:49:19.0632 0x0848 nvraid - ok
12:49:19.0632 0x0848 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:49:19.0648 0x0848 nvstor - ok
12:49:19.0664 0x0848 [ 67E9F641C1B5387F298F3063FAFA022B, F9C9974828632349E426C5375D2FD63744350D3D6FD693071231370D52E76DE7 ] nvsvc C:\Windows\system32\nvvsvc.exe
12:49:19.0664 0x0848 nvsvc - ok
12:49:19.0695 0x0848 [ 3F2800AD31A64853AE0A0389AA8CFB6E, A3D7C75B755430589FA117BF5259098C84B94D31F27EE6A0460B703306A40927 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
12:49:19.0710 0x0848 nvUpdatusService - ok
12:49:19.0710 0x0848 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:49:19.0710 0x0848 nv_agp - ok
12:49:19.0726 0x0848 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:49:19.0726 0x0848 ohci1394 - ok
12:49:19.0726 0x0848 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:49:19.0726 0x0848 ose - ok
12:49:19.0820 0x0848 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
12:49:19.0882 0x0848 osppsvc - ok
12:49:19.0898 0x0848 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:49:19.0898 0x0848 p2pimsvc - ok
12:49:19.0913 0x0848 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll
12:49:19.0913 0x0848 p2psvc - ok
12:49:19.0929 0x0848 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys
12:49:19.0929 0x0848 Parport - ok
12:49:19.0929 0x0848 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:49:19.0929 0x0848 partmgr - ok
12:49:19.0929 0x0848 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll
12:49:19.0944 0x0848 PcaSvc - ok
12:49:19.0944 0x0848 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys
12:49:19.0944 0x0848 pci - ok
12:49:19.0944 0x0848 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys
12:49:19.0944 0x0848 pciide - ok
12:49:19.0960 0x0848 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
12:49:19.0960 0x0848 pcmcia - ok
12:49:19.0960 0x0848 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys
12:49:19.0960 0x0848 pcw - ok
12:49:19.0976 0x0848 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:49:19.0991 0x0848 PEAUTH - ok
12:49:20.0007 0x0848 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll
12:49:20.0022 0x0848 PeerDistSvc - ok
12:49:20.0054 0x0848 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:49:20.0054 0x0848 PerfHost - ok
12:49:20.0069 0x0848 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll
12:49:20.0100 0x0848 pla - ok
12:49:20.0100 0x0848 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:49:20.0116 0x0848 PlugPlay - ok
12:49:20.0116 0x0848 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:49:20.0116 0x0848 PNRPAutoReg - ok
12:49:20.0132 0x0848 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:49:20.0132 0x0848 PNRPsvc - ok
12:49:20.0147 0x0848 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:49:20.0147 0x0848 PolicyAgent - ok
12:49:20.0163 0x0848 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\Windows\system32\umpo.dll
12:49:20.0163 0x0848 Power - ok
12:49:20.0163 0x0848 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:49:20.0163 0x0848 PptpMiniport - ok
12:49:20.0163 0x0848 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys
12:49:20.0178 0x0848 Processor - ok
12:49:20.0178 0x0848 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll
12:49:20.0178 0x0848 ProfSvc - ok
12:49:20.0178 0x0848 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe
12:49:20.0178 0x0848 ProtectedStorage - ok
12:49:20.0194 0x0848 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:49:20.0194 0x0848 Psched - ok
12:49:20.0194 0x0848 [ F2EECF8977BD3FE4E38743DDCFBECD20, 37AC3692C9159289C0675886930AA1999AE55196192F4EB22634D8DB46E4D9CC ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys
12:49:20.0194 0x0848 PxHlpa64 - ok
12:49:20.0225 0x0848 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys
12:49:20.0241 0x0848 ql2300 - ok
12:49:20.0256 0x0848 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
12:49:20.0256 0x0848 ql40xx - ok
12:49:20.0256 0x0848 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll
12:49:20.0256 0x0848 QWAVE - ok
12:49:20.0272 0x0848 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:49:20.0272 0x0848 QWAVEdrv - ok
12:49:20.0272 0x0848 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:49:20.0272 0x0848 RasAcd - ok
12:49:20.0272 0x0848 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:49:20.0272 0x0848 RasAgileVpn - ok
12:49:20.0272 0x0848 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll
12:49:20.0288 0x0848 RasAuto - ok
12:49:20.0288 0x0848 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:49:20.0288 0x0848 Rasl2tp - ok
12:49:20.0303 0x0848 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll
12:49:20.0303 0x0848 RasMan - ok
12:49:20.0303 0x0848 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:49:20.0303 0x0848 RasPppoe - ok
12:49:20.0319 0x0848 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:49:20.0319 0x0848 RasSstp - ok
12:49:20.0319 0x0848 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:49:20.0319 0x0848 rdbss - ok
12:49:20.0334 0x0848 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:49:20.0334 0x0848 rdpbus - ok
12:49:20.0334 0x0848 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:49:20.0334 0x0848 RDPCDD - ok
12:49:20.0334 0x0848 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys
12:49:20.0334 0x0848 RDPDR - ok
12:49:20.0350 0x0848 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:49:20.0350 0x0848 RDPENCDD - ok
12:49:20.0350 0x0848 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:49:20.0350 0x0848 RDPREFMP - ok
12:49:20.0350 0x0848 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
12:49:20.0350 0x0848 RdpVideoMiniport - ok
12:49:20.0366 0x0848 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:49:20.0366 0x0848 RDPWD - ok
12:49:20.0366 0x0848 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:49:20.0366 0x0848 rdyboost - ok
12:49:20.0381 0x0848 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:49:20.0381 0x0848 RemoteAccess - ok
12:49:20.0381 0x0848 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:49:20.0381 0x0848 RemoteRegistry - ok
12:49:20.0412 0x0848 [ 879BF5333A3DF407019FB16B35F2A352, 074295E96C208642373499612030D0F36BD11B2D178EB8F25225BC88EFB2E6D1 ] RoxMediaDB13 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxMediaDB13.exe
12:49:20.0428 0x0848 RoxMediaDB13 - ok
12:49:20.0428 0x0848 [ DDB9FE116DF539AD256AB18C9BCA883B, 887E903E1D152FE2B92B13EFCDFCE6C6EDB7BE6D073B573E9F31E90A7761542B ] RoxWatch12 C:\Program Files (x86)\Common Files\Roxio Shared\13.0\SharedCOM\RoxWatch13.exe
12:49:20.0444 0x0848 RoxWatch12 - ok
12:49:20.0444 0x0848 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:49:20.0444 0x0848 RpcEptMapper - ok
12:49:20.0444 0x0848 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe
12:49:20.0444 0x0848 RpcLocator - ok
12:49:20.0459 0x0848 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\system32\rpcss.dll
12:49:20.0459 0x0848 RpcSs - ok
12:49:20.0475 0x0848 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:49:20.0475 0x0848 rspndr - ok
12:49:20.0490 0x0848 [ 1E5EBB4FB8B3B0E9DE7AC83759F9C153, 63F701149DBF3D9E60EF70413932E2A42E16C5E9D2E866B1FB73CCE317EDA03A ] RTL8192Ce C:\Windows\system32\DRIVERS\rtl8192Ce.sys
12:49:20.0490 0x0848 RTL8192Ce - ok
12:49:20.0506 0x0848 [ A29F3787FEA005C8355F62321BE9E065, A1BE2758EE21CBFB00E6F32D3C62323D890BD9AD177E880390CFAD9F5326A9B3 ] rusb3hub C:\Windows\system32\DRIVERS\rusb3hub.sys
12:49:20.0506 0x0848 rusb3hub - ok
12:49:20.0506 0x0848 [ 0FE1DB20DA9863CD5B397717FF07738B, 3BCA3269A6ECA501508F2BAC56DB9C0B2DAD3DDA853C5FB168E4C628A94E1C83 ] rusb3xhc C:\Windows\system32\DRIVERS\rusb3xhc.sys
12:49:20.0522 0x0848 rusb3xhc - ok
12:49:20.0522 0x0848 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys
12:49:20.0522 0x0848 s3cap - ok
12:49:20.0522 0x0848 [ 27DB9153D259D632D15483DEEAB799ED, AC2C54D8ECF93484DE0C14E6966C3BCF3EF315CD4F54A6343C34159EC5F2FFAC ] Sahdad64 C:\Windows\system32\Drivers\Sahdad64.sys
12:49:20.0522 0x0848 Sahdad64 - ok
12:49:20.0522 0x0848 [ F77849D909B90BCACFCF7295AECF299B, D77FED8D81E8C8A91DCD975ECD8E7DF7C6611B8686BC9EC01830A0A0FDBF25E8 ] Saibad64 C:\Windows\system32\Drivers\Saibad64.sys
12:49:20.0522 0x0848 Saibad64 - ok
12:49:20.0522 0x0848 [ 704D415290A568F68DE20942DAC23F7E, C9F23C7D1384B579B2C02682D5C8D8232FADE083C117FAD75DB64FFE31964FB6 ] SaibVdAd64 C:\Windows\system32\Drivers\SaibVdAd64.sys
12:49:20.0522 0x0848 SaibVdAd64 - ok
12:49:20.0537 0x0848 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe
12:49:20.0537 0x0848 SamSs - ok
12:49:20.0537 0x0848 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:49:20.0537 0x0848 sbp2port - ok
12:49:20.0537 0x0848 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:49:20.0553 0x0848 SCardSvr - ok
12:49:20.0553 0x0848 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:49:20.0553 0x0848 scfilter - ok
12:49:20.0568 0x0848 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll
12:49:20.0584 0x0848 Schedule - ok
12:49:20.0584 0x0848 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll
12:49:20.0600 0x0848 SCPolicySvc - ok
12:49:20.0600 0x0848 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:49:20.0600 0x0848 SDRSVC - ok
12:49:20.0600 0x0848 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:49:20.0600 0x0848 secdrv - ok
12:49:20.0600 0x0848 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll
12:49:20.0615 0x0848 seclogon - ok
12:49:20.0615 0x0848 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\System32\sens.dll
12:49:20.0615 0x0848 SENS - ok
12:49:20.0615 0x0848 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:49:20.0615 0x0848 SensrSvc - ok
12:49:20.0615 0x0848 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:49:20.0615 0x0848 Serenum - ok
12:49:20.0631 0x0848 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:49:20.0631 0x0848 Serial - ok
12:49:20.0631 0x0848 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys
12:49:20.0631 0x0848 sermouse - ok
12:49:20.0631 0x0848 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll
12:49:20.0646 0x0848 SessionEnv - ok
12:49:20.0646 0x0848 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:49:20.0646 0x0848 sffdisk - ok
12:49:20.0646 0x0848 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:49:20.0646 0x0848 sffp_mmc - ok
12:49:20.0646 0x0848 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:49:20.0646 0x0848 sffp_sd - ok
12:49:20.0646 0x0848 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
12:49:20.0646 0x0848 sfloppy - ok
12:49:20.0662 0x0848 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:49:20.0662 0x0848 SharedAccess - ok
12:49:20.0678 0x0848 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:49:20.0678 0x0848 ShellHWDetection - ok
12:49:20.0678 0x0848 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
12:49:20.0693 0x0848 SiSRaid2 - ok
12:49:20.0693 0x0848 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
12:49:20.0693 0x0848 SiSRaid4 - ok
12:49:20.0693 0x0848 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:49:20.0693 0x0848 Smb - ok
12:49:20.0709 0x0848 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:49:20.0709 0x0848 SNMPTRAP - ok
12:49:20.0709 0x0848 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys
12:49:20.0709 0x0848 spldr - ok
12:49:20.0724 0x0848 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe
12:49:20.0724 0x0848 Spooler - ok
12:49:20.0787 0x0848 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe
12:49:20.0818 0x0848 sppsvc - ok
12:49:20.0834 0x0848 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:49:20.0834 0x0848 sppuinotify - ok
12:49:20.0834 0x0848 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys
12:49:20.0849 0x0848 srv - ok
12:49:20.0849 0x0848 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:49:20.0865 0x0848 srv2 - ok
12:49:20.0865 0x0848 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:49:20.0865 0x0848 srvnet - ok
12:49:20.0880 0x0848 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:49:20.0880 0x0848 SSDPSRV - ok
12:49:20.0880 0x0848 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:49:20.0880 0x0848 SstpSvc - ok
12:49:20.0896 0x0848 [ 4F08BE2C2AC568EE9867A9B0F4F09540, 2EACD391B66D649BA458955257912B302270AB883B13FD4034B069B7CECE75FD ] Stereo Service C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
12:49:20.0896 0x0848 Stereo Service - ok
12:49:20.0912 0x0848 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys
12:49:20.0912 0x0848 stexstor - ok
12:49:20.0912 0x0848 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll
12:49:20.0927 0x0848 stisvc - ok
12:49:20.0927 0x0848 [ 7785DC213270D2FC066538DAF94087E7, F09CB2895241719CA5147B2EE9F7ECBD0303AFFB5CD896F06D4D29BAAAFC207B ] storflt C:\Windows\system32\drivers\vmstorfl.sys
12:49:20.0927 0x0848 storflt - ok
12:49:20.0927 0x0848 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll
12:49:20.0943 0x0848 StorSvc - ok
12:49:20.0943 0x0848 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys
12:49:20.0943 0x0848 storvsc - ok
12:49:20.0943 0x0848 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
12:49:20.0943 0x0848 swenum - ok
12:49:20.0958 0x0848 [ F577910A133A592234EBAAD3F3AFA258, 36F514740EE2D2B2F7ABFFFA13D575233EC4CE774EB58BF889C09930FEF1F443 ] SwitchBoard C:\Program Files (x86)\Common Files\Adobe\SwitchBoard\SwitchBoard.exe
12:49:20.0958 0x0848 SwitchBoard - ok
12:49:20.0974 0x0848 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll
12:49:20.0974 0x0848 swprv - ok
12:49:20.0990 0x0848 [ 1F1D1BCC1B746DE700E3E21D758262A7, 135498167E222B67A01CCBA534FB2B55B855D1615B2ED4B2D952565C4E993B22 ] SysCow C:\Windows\system32\drivers\syscowad64v.sys
12:49:20.0990 0x0848 SysCow - ok
12:49:21.0021 0x0848 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll
12:49:21.0036 0x0848 SysMain - ok
12:49:21.0052 0x0848 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:49:21.0052 0x0848 TabletInputService - ok
12:49:21.0052 0x0848 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll
12:49:21.0068 0x0848 TapiSrv - ok
12:49:21.0068 0x0848 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll
12:49:21.0068 0x0848 TBS - ok
12:49:21.0114 0x0848 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:49:21.0130 0x0848 Tcpip - ok
12:49:21.0161 0x0848 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:49:21.0192 0x0848 TCPIP6 - ok
12:49:21.0192 0x0848 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:49:21.0192 0x0848 tcpipreg - ok
12:49:21.0192 0x0848 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:49:21.0192 0x0848 TDPIPE - ok
12:49:21.0208 0x0848 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:49:21.0208 0x0848 TDTCP - ok
12:49:21.0208 0x0848 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:49:21.0208 0x0848 tdx - ok
12:49:21.0208 0x0848 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
12:49:21.0208 0x0848 TermDD - ok
12:49:21.0224 0x0848 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll
12:49:21.0239 0x0848 TermService - ok
12:49:21.0239 0x0848 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll
12:49:21.0239 0x0848 Themes - ok
12:49:21.0239 0x0848 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll
12:49:21.0255 0x0848 THREADORDER - ok
12:49:21.0255 0x0848 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll
12:49:21.0255 0x0848 TrkWks - ok
12:49:21.0255 0x0848 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:49:21.0270 0x0848 TrustedInstaller - ok
12:49:21.0270 0x0848 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:49:21.0270 0x0848 tssecsrv - ok
12:49:21.0270 0x0848 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:49:21.0270 0x0848 TsUsbFlt - ok
12:49:21.0270 0x0848 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
12:49:21.0286 0x0848 TsUsbGD - ok
12:49:21.0286 0x0848 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:49:21.0286 0x0848 tunnel - ok
12:49:21.0286 0x0848 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
12:49:21.0286 0x0848 uagp35 - ok
12:49:21.0302 0x0848 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:49:21.0302 0x0848 udfs - ok
12:49:21.0317 0x0848 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:49:21.0317 0x0848 UI0Detect - ok
12:49:21.0317 0x0848 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:49:21.0317 0x0848 uliagpkx - ok
12:49:21.0317 0x0848 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys
12:49:21.0317 0x0848 umbus - ok
12:49:21.0317 0x0848 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys
12:49:21.0333 0x0848 UmPass - ok
12:49:21.0333 0x0848 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll
12:49:21.0333 0x0848 UmRdpService - ok
12:49:21.0348 0x0848 [ 1E9A5658E0EBDBC381F52123363F74CB, 62CB592F32BCC10FC9C3AF44941CC473F2F62EEBF829CA383F118650451F8F7E ] UNS C:\Program Files (x86)\Intel\Intel® Management Engine Components\UNS\UNS.exe
12:49:21.0348 0x0848 UNS - ok
12:49:21.0364 0x0848 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll
12:49:21.0364 0x0848 upnphost - ok
12:49:21.0364 0x0848 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:49:21.0380 0x0848 USBAAPL64 - ok
12:49:21.0380 0x0848 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:49:21.0380 0x0848 usbccgp - ok
12:49:21.0380 0x0848 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:49:21.0380 0x0848 usbcir - ok
12:49:21.0395 0x0848 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci C:\Windows\system32\drivers\usbehci.sys
12:49:21.0395 0x0848 usbehci - ok
12:49:21.0395 0x0848 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:49:21.0411 0x0848 usbhub - ok
12:49:21.0411 0x0848 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci C:\Windows\system32\drivers\usbohci.sys
12:49:21.0411 0x0848 usbohci - ok
12:49:21.0411 0x0848 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\drivers\usbprint.sys
12:49:21.0411 0x0848 usbprint - ok
12:49:21.0411 0x0848 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:49:21.0426 0x0848 USBSTOR - ok
12:49:21.0426 0x0848 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:49:21.0426 0x0848 usbuhci - ok
12:49:21.0426 0x0848 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll
12:49:21.0426 0x0848 UxSms - ok
12:49:21.0426 0x0848 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe
12:49:21.0426 0x0848 VaultSvc - ok
12:49:21.0442 0x0848 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:49:21.0442 0x0848 vdrvroot - ok
12:49:21.0442 0x0848 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe
12:49:21.0458 0x0848 vds - ok
12:49:21.0458 0x0848 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:49:21.0458 0x0848 vga - ok
12:49:21.0458 0x0848 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys
12:49:21.0473 0x0848 VgaSave - ok
12:49:21.0473 0x0848 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:49:21.0473 0x0848 vhdmp - ok
12:49:21.0473 0x0848 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys
12:49:21.0473 0x0848 viaide - ok
12:49:21.0489 0x0848 [ C69A784BEC737CD7460EBF3C3834D65E, 3D4CEC9E677FD6B08BE43DC19B3E422D403137E26A3B72443A513CD4AE5F41A2 ] vidsflt53 C:\Windows\system32\DRIVERS\vsflt53.sys
12:49:21.0489 0x0848 vidsflt53 - ok
12:49:21.0489 0x0848 [ 86EA3E79AE350FEA5331A1303054005F, 7E7D6027EB41E591633C7383A5D29A3BA8ECFC08C177D2BCF741EE27686B1691 ] vmbus C:\Windows\system32\drivers\vmbus.sys
12:49:21.0489 0x0848 vmbus - ok
12:49:21.0504 0x0848 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys
12:49:21.0504 0x0848 VMBusHID - ok
12:49:21.0504 0x0848 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:49:21.0504 0x0848 volmgr - ok
12:49:21.0520 0x0848 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:49:21.0520 0x0848 volmgrx - ok
12:49:21.0520 0x0848 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:49:21.0536 0x0848 volsnap - ok
12:49:21.0536 0x0848 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
12:49:21.0536 0x0848 vsmraid - ok
12:49:21.0567 0x0848 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe
12:49:21.0582 0x0848 VSS - ok
12:49:21.0614 0x0848 [ 8F2CA8990B6F47A398ECF203330E5E47, D8060B1A722F3C73079EA38E6D1669B2AB12BB79D901EE445A899090B6A0E4B8 ] vToolbarUpdater17.3.0 C:\Program Files (x86)\Common Files\AVG Secure Search\vToolbarUpdater\17.3.0\ToolbarUpdater.exe
12:49:21.0629 0x0848 vToolbarUpdater17.3.0 - ok
12:49:21.0645 0x0848 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\system32\DRIVERS\vwifibus.sys
12:49:21.0645 0x0848 vwifibus - ok
12:49:21.0645 0x0848 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\Windows\system32\DRIVERS\vwififlt.sys
12:49:21.0645 0x0848 vwififlt - ok
12:49:21.0660 0x0848 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll
12:49:21.0660 0x0848 W32Time - ok
12:49:21.0660 0x0848 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
12:49:21.0660 0x0848 WacomPen - ok
12:49:21.0676 0x0848 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:49:21.0676 0x0848 WANARP - ok
12:49:21.0676 0x0848 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:49:21.0676 0x0848 Wanarpv6 - ok
12:49:21.0707 0x0848 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:49:21.0723 0x0848 WatAdminSvc - ok
12:49:21.0738 0x0848 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe
12:49:21.0770 0x0848 wbengine - ok
12:49:21.0770 0x0848 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:49:21.0785 0x0848 WbioSrvc - ok
12:49:21.0785 0x0848 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:49:21.0801 0x0848 wcncsvc - ok
12:49:21.0801 0x0848 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:49:21.0801 0x0848 WcsPlugInService - ok
12:49:21.0801 0x0848 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys
12:49:21.0801 0x0848 Wd - ok
12:49:21.0801 0x0848 [ A3D04EBF5227886029B4532F20D026F7, D90F7B9C176008675DA0B5FD7E4973CBC2A04172CEDF8FB7D3B3B4F27B5440D7 ] WDC_SAM C:\Windows\system32\DRIVERS\wdcsam64.sys
12:49:21.0801 0x0848 WDC_SAM - ok
12:49:21.0816 0x0848 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:49:21.0832 0x0848 Wdf01000 - ok
12:49:21.0832 0x0848 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:49:21.0848 0x0848 WdiServiceHost - ok
12:49:21.0848 0x0848 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:49:21.0848 0x0848 WdiSystemHost - ok
12:49:21.0848 0x0848 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll
12:49:21.0863 0x0848 WebClient - ok
12:49:21.0863 0x0848 [ D5BA7D43FA2EF656BF7E98A188391E40, 56CF132B7C43A0F9C7C4D070730315FE7AFD2E87E94014DFC3D7107BB52B9C64 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:49:21.0863 0x0848 Wecsvc - ok
12:49:21.0879 0x0848 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:49:21.0879 0x0848 wercplsupport - ok
12:49:21.0879 0x0848 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll
12:49:21.0879 0x0848 WerSvc - ok
12:49:21.0879 0x0848 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:49:21.0894 0x0848 WfpLwf - ok
12:49:21.0894 0x0848 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:49:21.0894 0x0848 WIMMount - ok
12:49:21.0894 0x0848 WinDefend - ok
12:49:21.0894 0x0848 WinHttpAutoProxySvc - ok
12:49:21.0910 0x0848 [ 136760C1E9697BAF4ECDEAE5590A0806, 12E80D0923D794F4C520FEA7CB98EF581231B996FB1876EB20995E6E457EFF56 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:49:21.0910 0x0848 Winmgmt - ok
12:49:21.0972 0x0848 [ 3BB6B401A780BF434C8F58137DE10BF7, 1A377C39B78B92A1A1FED699EE5E5ED0271A6FFAC143F1D29FC1FDF4D726A522 ] WinRM C:\Windows\system32\WsmSvc.dll
12:49:22.0004 0x0848 WinRM - ok
12:49:22.0019 0x0848 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:49:22.0019 0x0848 WinUsb - ok
12:49:22.0035 0x0848 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll
12:49:22.0050 0x0848 Wlansvc - ok
12:49:22.0050 0x0848 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
12:49:22.0050 0x0848 WmiAcpi - ok
12:49:22.0066 0x0848 [ 4DF841632B62A7CF19A79A05046A8AB1, D80F28FD7FEB95DB83976EAFECB2E9AE1423DA4D34EC5D820FC39A33444B82DA ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:49:22.0066 0x0848 wmiApSrv - ok
12:49:22.0066 0x0848 WMPNetworkSvc - ok
12:49:22.0066 0x0848 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:49:22.0066 0x0848 WPCSvc - ok
12:49:22.0082 0x0848 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:49:22.0082 0x0848 WPDBusEnum - ok
12:49:22.0082 0x0848 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:49:22.0082 0x0848 ws2ifsl - ok
12:49:22.0082 0x0848 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\System32\wscsvc.dll
12:49:22.0097 0x0848 wscsvc - ok
12:49:22.0097 0x0848 WSearch - ok
12:49:22.0128 0x0848 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll
12:49:22.0175 0x0848 wuauserv - ok
12:49:22.0175 0x0848 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:49:22.0175 0x0848 WudfPf - ok
12:49:22.0175 0x0848 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:49:22.0191 0x0848 WUDFRd - ok
12:49:22.0191 0x0848 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:49:22.0191 0x0848 wudfsvc - ok
12:49:22.0206 0x0848 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll
12:49:22.0206 0x0848 WwanSvc - ok
12:49:22.0206 0x0848 ================ Scan global ===============================
12:49:22.0206 0x0848 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll
12:49:22.0222 0x0848 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:49:22.0238 0x0848 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll
12:49:22.0238 0x0848 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll
12:49:22.0238 0x0848 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe
12:49:22.0253 0x0848 [ Global ] - ok
12:49:22.0253 0x0848 ================ Scan MBR ==================================
12:49:22.0253 0x0848 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR1
12:49:22.0300 0x0848 \Device\Harddisk1\DR1 - ok
12:49:22.0300 0x0848 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:49:22.0316 0x0848 \Device\Harddisk0\DR0 - ok
12:49:22.0316 0x0848 ================ Scan VBR ==================================
12:49:22.0316 0x0848 [ C1FCA6646448F37520AE3159C9BDCEDE ] \Device\Harddisk1\DR1\Partition1
12:49:22.0316 0x0848 \Device\Harddisk1\DR1\Partition1 - ok
12:49:22.0316 0x0848 [ CEAC4CC726B965D6C5F67E3756273405 ] \Device\Harddisk1\DR1\Partition2
12:49:22.0316 0x0848 \Device\Harddisk1\DR1\Partition2 - ok
12:49:22.0316 0x0848 [ B1E27AA018409DE6BFD73F8AFB883A65 ] \Device\Harddisk0\DR0\Partition1
12:49:22.0316 0x0848 \Device\Harddisk0\DR0\Partition1 - ok
12:49:22.0331 0x0848 [ 3783204F3B5EEE40320F751D585312BF ] \Device\Harddisk0\DR0\Partition2
12:49:22.0456 0x0848 \Device\Harddisk0\DR0\Partition2 - ok
12:49:22.0456 0x0848 ================ Scan active images ========================
12:49:22.0456 0x0848 Waiting for KSN requests completion. In queue: 255
12:49:23.0470 0x0848 Waiting for KSN requests completion. In queue: 195
12:49:24.0484 0x0848 Waiting for KSN requests completion. In queue: 83
12:49:25.0498 0x0848 Waiting for KSN requests completion. In queue: 55
12:49:26.0512 0x0848 Waiting for KSN requests completion. In queue: 28
12:49:27.0557 0x0848 AV detected via SS2: AVG AntiVirus Free Edition 2014, C:\Program Files (x86)\AVG\AVG2014\avgwsc.exe ( 14.0.0.4110 ), 0x41000 ( enabled : updated )
12:49:27.0557 0x0848 FW detected via SS2: COMODO Firewall, C:\Program Files\COMODO\COMODO Internet Security\cfpconfg.exe ( 6.3.38526.2970 ), 0x61010 ( enabled )
12:49:27.0557 0x0848 ============================================================
12:49:27.0557 0x0848 Scan finished
12:49:27.0557 0x0848 ============================================================
12:49:27.0573 0x08d0 Detected object count: 0
12:49:27.0573 0x08d0 Actual detected object count: 0
12:49:33.0282 0x1290 Deinitialize success
  • 0

#7
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,161 posts
Hi again,
Great news that the computer starts up in normal mode now :thumbsup:
I would like to see the extras.txt file that was generated. The Extras.txt should be on the desktop, and if it's not, please do step 2 for me, if you find the file, you can omit step 2. :)

It looked to me like the Comodo program was the full package with the anti virus, but now that you say it's the firewall, I see my error, facepalm for me :blush:
Personally I am not fond of AVG, but that's just my preference. It is fine to leave on there.

Your temporary files are being saved on your SSD, so it would be a great idea to clean these files out often to keep as much free space as possible on that drive. I don't want to see it down to the 4.96% you had in the first OTL log. I recommend downloading this program here and running it weekly or so. It is written by the same person that wrote the OTL program, so it is safe to use. Just download it to your desktop. When running it, right click the icon, then select Run as administrator. No need to run it right now, but you can keep it around for future use.
When Windows runs low on free space, it can get quite cranky and act up.

Step 1
  • Download RogueKiller and save it on your desktop.
  • Quit all programs
  • Start RogueKiller.exe.
  • Wait until Prescan has finished ...
  • Click on Scan

Posted Image

  • Wait for the end of the scan.
  • The report has been created on the desktop.
  • Click on the Delete button.

Posted Image

  • The report has been created on the desktop.

  • Next click on the ShortcutsFix
Posted Image
  • The report has been created on the desktop.

Please post: All RKreport.txt text files located on your desktop.

Step 2
This will generate a fresh extras.txt file -
Start the OTL program
  • Right click on the icon and select Run as administrator to run it. Make sure all other windows are closed and to let it run uninterrupted.
  • Click on the NONE button, it's up on the top.
  • Check the Scan All Users box
  • In the Extra Registry section, please select Use SafeList
  • Click the Run Scan button. The scan wont take long.
  • When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL, and the OTL.txt file will be mostly empty
  • Please copy (Edit->Select All, Edit->Copy) the contents of Extras.txt and post it in your next reply

In your next reply I would like to see:
  • roguekiller log files
  • extras.txt
  • How is the computer running, ok still?

  • 0

#8
PresMatt

PresMatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
Hi again crowbar! Thus far everything seems to be running wonderfully!

As for the anti virus, is there any particular reason you prefer the other options over AVG? I'm looking for whatever is the easiest to manage with the most protection and if something better is out there, I would like to hear what you have to say.

Below are the three separate logs created by RogueKiller. I also ran OTL but both the OTL.txt and Extras.txt files were completely empty.

RogueKiller V8.8.8 [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Crystal [Admin rights]
Mode : Scan -- Date : 02/19/2014 20:23:52
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0214c (C:\Users\Crystal\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=f9672c5faf7147d3b00e06827eaf7904-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=0214c [x][x]) -> FOUND
[RUN][SUSP PATH] HKUS\S-1-5-21-3908123399-674081707-2029318344-1000\[...]\Run : AVG-Secure-Search-Update_0214c (C:\Users\Crystal\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=f9672c5faf7147d3b00e06827eaf7904-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=0214c [x][x]) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> FOUND
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> FOUND
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> FOUND
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> FOUND

¤¤¤ Scheduled tasks : 3 ¤¤¤
[V1][SUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND
[V2][SUSP PATH] CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} : C:\Users\Crystal\AppData\Local\Temp\cis909B.exe - --PostUninstall {15198508-521A-4D69-8E5B-B94A6CCFF805} [x][x] -> FOUND
[V2][SUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> FOUND

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Intel Raid 1 Volume SCSI Disk Device +++++
--- User ---
[MBR] dfa36d5281e390ef660d310a06444380
[BSP] 3e0f9a4c37ae8f964a84e3643b8d89c3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) OCZ-VERTEX4 ATA Device +++++
--- User ---
[MBR] 2737e568399bdae84e5eac02b7d94708
[BSP] 1f97a1ca40e8ddda5b8db3cf663ff4fb : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 122002 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_S_02192014_202352.txt >>


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

RogueKiller V8.8.8 [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Crystal [Admin rights]
Mode : Remove -- Date : 02/19/2014 20:25:05
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Registry Entries : 7 ¤¤¤
[RUN][SUSP PATH] HKCU\[...]\Run : AVG-Secure-Search-Update_0214c (C:\Users\Crystal\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=f9672c5faf7147d3b00e06827eaf7904-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=0214c [x][x]) -> DELETED
[RUN][SUSP PATH] HKUS\S-1-5-21-3908123399-674081707-2029318344-1000\[...]\Run : AVG-Secure-Search-Update_0214c (C:\Users\Crystal\AppData\Roaming\AVG 0214c Campaign\AVG-Secure-Search-Update-0214c.exe /PROMPT /mid=f9672c5faf7147d3b00e06827eaf7904-ad1491be2ce6c122f6b66faa90e70c2decf7d34c /CMPID=0214c [x][x]) -> [0x2] The system cannot find the file specified.
[HJ POL][PUM] HKCU\[...]\System : DisableTaskMgr (0) -> DELETED
[HJ POL][PUM] HKCU\[...]\System : DisableRegistryTools (0) -> DELETED
[HJ SMENU][PUM] HKCU\[...]\Advanced : Start_ShowMyGames (0) -> REPLACED (1)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK][PUM] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

¤¤¤ Scheduled tasks : 3 ¤¤¤
[V1][SUSP PATH] ROC_REG_JAN_DELETE.job : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> DELETED
[V2][SUSP PATH] CIS_{15198508-521A-4D69-8E5B-B94A6CCFF805} : C:\Users\Crystal\AppData\Local\Temp\cis909B.exe - --PostUninstall {15198508-521A-4D69-8E5B-B94A6CCFF805} [x][x] -> DELETED
[V2][SUSP PATH] ROC_REG_JAN_DELETE : C:\ProgramData\AVG January 2013 Campaign\ROC.exe - /DELETE_FROM_SYSTEM=1 [7] -> DELETED

¤¤¤ Startup Entries : 0 ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ Browser Addons : 0 ¤¤¤

¤¤¤ Particular Files / Folders: ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ Infection : ¤¤¤

¤¤¤ HOSTS File: ¤¤¤
--> %SystemRoot%\System32\drivers\etc\hosts




¤¤¤ MBR Check: ¤¤¤

+++++ PhysicalDrive0: (\\.\PHYSICALDRIVE0 @ SCSI) Intel Raid 1 Volume SCSI Disk Device +++++
--- User ---
[MBR] dfa36d5281e390ef660d310a06444380
[BSP] 3e0f9a4c37ae8f964a84e3643b8d89c3 : Windows 7/8 MBR Code
Partition table:
0 - [XXXXXX] UNKNOWN (0x00) [VISIBLE] Offset (sectors): 1 | Size: 2097151 Mo
User = LL1 ... OK!
Error reading LL2 MBR! ([0x1] Incorrect function. )

+++++ PhysicalDrive1: (\\.\PHYSICALDRIVE1 @ IDE) OCZ-VERTEX4 ATA Device +++++
--- User ---
[MBR] 2737e568399bdae84e5eac02b7d94708
[BSP] 1f97a1ca40e8ddda5b8db3cf663ff4fb : Windows 7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 2048 | Size: 100 Mo
1 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 206848 | Size: 122002 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[0]_D_02192014_202505.txt >>
RKreport[0]_S_02192014_202352.txt


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++=

RogueKiller V8.8.8 [Feb 19 2014] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://forum.adlice.com
Website : http://www.adlice.co...es/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Crystal [Admin rights]
Mode : Shortcuts HJfix -- Date : 02/19/2014 20:26:14
| ARK || FAK || MBR |

¤¤¤ Bad processes : 0 ¤¤¤

¤¤¤ Driver : [NOT LOADED 0x0] ¤¤¤

¤¤¤ External Hives: ¤¤¤

¤¤¤ File attributes restored: ¤¤¤
Desktop: Success 0 / Fail 0
Quick launch: Success 0 / Fail 0
Programs: Success 0 / Fail 0
Start menu: Success 0 / Fail 0
User folder: Success 0 / Fail 0
My documents: Success 0 / Fail 0
My favorites: Success 0 / Fail 0
My pictures: Success 0 / Fail 0
My music: Success 0 / Fail 0
My videos: Success 0 / Fail 0
Local drives: Success 5 / Fail 47
Backup: [NOT FOUND]

Drives:
[C:] \Device\HarddiskVolume2 -- 0x3 --> Restored
[D:] \Device\CdRom0 -- 0x5 --> Skipped
[E:] \Device\HarddiskVolume4 -- 0x3 --> Restored
[F:] \Device\HarddiskVolume7 -- 0x2 --> Restored
[G:] \Device\HarddiskVolume6 -- 0x2 --> Restored
[H:] \Device\HarddiskVolume9 -- 0x2 --> Restored
[I:] \Device\HarddiskVolume8 -- 0x2 --> Restored
[J:] \Device\HarddiskVolume5 -- 0x2 --> Restored

¤¤¤ Infection : ¤¤¤

Finished : << RKreport[0]_SC_02192014_202614.txt >>
RKreport[0]_D_02192014_202505.txt;RKreport[0]_S_02192014_202352.txt



Thanks for your help!
  • 0

#9
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,161 posts
Hello,
Im really glad to hear your computer is running wonderfully!! I don't usually see that word associated with a computer! :lol:

Since you asked, I don't prefer AVG mainly because it's a big drain on the computer's resources, and there is a lot of bloat - extra stuff, like toolbars. The AV that I like for being easy on system resources would be Microsoft Security Essentials, and it's free. I do like Avast! as I feel it has the best detection rates. Personally I use Windows Defender because I have Windows 8, it's the same as MSE, but just re-branded. However... AVG is free, and it does decent detections.

TL;DR - I like MSE or Avast!

If you do decide to dump AVG, let's wait until I declare your logs clean - I will point you to the proper removal tool for it.


Now back to reality ---

That's wierd that the extras.txt was blank, are you sure you selected Use SafeList in the Extra Registry section?
You can try it again, it won't hurt anything as it's only scanning and not fixing anything.
If it's still blank, I will try another program.

Now, since you say the computer is running well, let's sweep for any remnants that could re-infect you.

Step 1
Posted Image Please download Malwarebytes' Anti-Malware from Here.

Double Click mbam-setup.exe to install the application.
  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes' Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Quick Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart.(See Extra Note)
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy&Paste the entire report in your next reply.
Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.

Step 2
Note: You can use either Internet Explorer or Mozilla FireFox for this Scan.

Vista / 7 users: You will need to to right-click on the either the IE or FF icon in the Start Menu or Quick Launch Bar on the Taskbar and select Run as Administrator from the context menu.

Please go here then click on: Posted Image
You will however need to disable your current installed Anti-Virus, how to do so can be read here.

If using Mozilla Firefox you will need to download esetsmartinstaller_enu.exe when prompted then double click on it to install.
All of the following instructions work with either Internet Explorer or Mozilla FireFox.
  • Select the option YES, I accept the Terms of Use then click on: Posted Image
  • When prompted allow Add-On/Active X to install.
  • Make sure that the option Remove found threats is NOT checked.
  • Make sure that the option Scan archives is checked.
  • Now click on Advanced Settings and select the following:
    • Scan for potentially unwanted applications
    • scan for potentially unsafe applications
    • Enable Anti-Stealth Technology
  • Now click on: Posted Image
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • When completed select Uninstall application on close, make sure you copy the logfile first!
  • Now click on: Posted Image
  • Use notepad to open the logfile located at C:\Program Files\ESET\ESET Online Scanner\log.txt
  • Copy and paste that log as a reply to this topic.
Note: Do not forget to re-enable your Anti-Virus application after running the above scan!

In your next reply I would like to see:
  • Extras.txt if you get it working, otherwise don't worry about it.
  • MalwareBytes log file
  • ESET online scan log - carefull, this log is easy to miss.

  • 0

#10
PresMatt

PresMatt

    Member

  • Topic Starter
  • Member
  • PipPip
  • 66 posts
I'm not a huge fan of the bloat that comes with AVG either. I hate that it's changed my default to AVG secure despite my changing it back to Google. I think I may try Avast!

Here are the logs you requested. I got the Extras.txt log to generate but I had to run OTL 3 times before it would generate anything. The first two times it just said locked up with the program not responding message. Third time was the charm though.

OTL Extras logfile created on: 2/21/2014 12:08:45 AM - Run 4
OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Crystal\Desktop
64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.11.9600.16518)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

31.89 Gb Total Physical Memory | 27.59 Gb Available Physical Memory | 86.52% Memory free
63.77 Gb Paging File | 56.46 Gb Available in Paging File | 88.53% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 119.14 Gb Total Space | 17.65 Gb Free Space | 14.82% Space Free | Partition Type: NTFS
Drive E: | 2794.39 Gb Total Space | 688.53 Gb Free Space | 24.64% Space Free | Partition Type: NTFS
Drive J: | 29.80 Gb Total Space | 23.37 Gb Free Space | 78.45% Space Free | Partition Type: FAT32

Computer Name: CCP-EDITING | User Name: Crystal | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: Off | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Photoshop\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OpenAsAWebSite] -- C:\Program Files (x86)\Microsoft WebMatrix\WebMatrix.exe #ExecuteCommand# SiteFromFolder %L (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
htmlfile [print] -- "%systemroot%\system32\rundll32.exe" "%systemroot%\system32\mshtml.dll",PrintHTML "%1"
http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Photoshop\Adobe Bridge CS6 (64 Bit)\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [OpenAsAWebSite] -- C:\Program Files (x86)\Microsoft WebMatrix\WebMatrix.exe #ExecuteCommand# SiteFromFolder %L (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall" = 0
"DisableNotifications" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0F1F634F-9145-4DE9-97E7-AD6F890E8E50}" = rport=139 | protocol=6 | dir=out | app=system |
"{12484597-3C9D-41C6-8B88-5646EEAC712F}" = lport=139 | protocol=6 | dir=in | app=system |
"{13938193-BABD-4C1F-A492-6B5B1660862C}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{16F8F7E4-8EA2-48E4-ABA8-F660E5B9555F}" = rport=138 | protocol=17 | dir=out | app=system |
"{209914B8-7E6F-498D-BD6E-BF820ED45E4A}" = lport=68 | protocol=17 | dir=in | name=dhcp-port-2 |
"{3A69331F-6543-42BB-ACD8-2DFCD4C3F127}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{3DC742A4-8515-4067-80C1-E5193542EE69}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{3EFDCEB6-CA5A-44EF-A681-F8FB536FA274}" = lport=137 | protocol=17 | dir=in | app=system |
"{46FF5011-51A5-4770-A9E5-645AA5E8EA67}" = rport=445 | protocol=6 | dir=out | app=system |
"{4B0B0DDD-BE54-4381-B666-0C23D07F7AFB}" = lport=67 | protocol=17 | dir=in | name=dhcp-port |
"{509DFD7B-F4F3-463A-B83C-199E659864D6}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{5744930D-47A9-4160-93AC-0662229581D7}" = lport=138 | protocol=17 | dir=in | app=system |
"{5F2EB0DC-9A0A-4A06-A111-5A398CD677E7}" = lport=67 | protocol=17 | dir=in | name=dhcp-port |
"{80FCFBA3-4FB6-4E31-95E1-F49DF3F57A43}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\outlook.exe |
"{82B8D2DD-485B-48EB-A008-BDDECBEA489D}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |
"{87CE01AA-7ED1-4058-A725-5E6AD0E8DFC3}" = lport=1542 | protocol=17 | dir=in | name=realtek wps udp prot |
"{9260150D-CF3D-450D-8169-155E77C5D939}" = lport=53 | protocol=17 | dir=in | name=realtek ap udp prot |
"{A301912C-9408-4A57-9888-F5712293FD82}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | [email protected],-28539 |
"{AFB35324-AF6C-49DD-B526-749739F159D5}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |
"{B1D99409-3816-40E7-B96C-80A7D865B3B8}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |
"{CC00A04B-B53B-445E-A11D-DABB9C4F933B}" = lport=1542 | protocol=6 | dir=in | name=realtek wps tcp prot |
"{CDA324F8-9BA8-4239-B5E6-F8D9041D989A}" = lport=68 | protocol=17 | dir=in | name=dhcp-port-2 |
"{D46807D5-BEE2-47F5-BE93-BD31C45E44C6}" = lport=10243 | protocol=6 | dir=in | app=system |
"{D4B3A178-1E55-4902-866E-B02A6B980132}" = lport=445 | protocol=6 | dir=in | app=system |
"{D8BA29E9-B40C-4373-A86C-51F42371D78C}" = rport=137 | protocol=17 | dir=out | app=system |
"{DCCA6CA0-8D35-43D3-A4CE-72442E9A7B99}" = rport=10243 | protocol=6 | dir=out | app=system |
"{E067915B-EC49-489F-9706-B8D501871BEA}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |
"{EF45DA26-0F40-41B3-AB70-778C328E1A16}" = lport=2869 | protocol=6 | dir=in | app=system |
"{F699B9D0-B6FD-4E7C-BAC6-62E66C4F65B1}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{049317A3-5141-4BD7-A317-F7758D08032D}" = protocol=58 | dir=out | [email protected],-28546 |
"{163A21B6-F027-4E1E-8B7D-F18CDA8019EA}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{1F74407E-A2D8-4FBF-B9D5-DB7475BB4E44}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{20FDB5F6-3BDB-44D9-8C83-2E679FDC7172}" = protocol=6 | dir=in | app=c:\windows\temp\cmc_dragon\restart_helper.exe |
"{2836FE18-EC05-4710-AFCC-F95288691C06}" = protocol=6 | dir=out | app=system |
"{31BEB290-7F9A-4309-ADBE-BEBCB62CA273}" = protocol=58 | dir=in | [email protected],-28545 |
"{37FB95B3-E528-4E32-AC2D-5996B3D5C0C3}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{399C168C-9D1C-4180-A4ED-DF9E3101F5B4}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{3A8B7766-BC21-4DA7-AF2E-2770A878C010}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{3E15577D-EF22-4090-9CEC-BB890ABD9046}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{3EC07BE7-C419-479D-96E7-D8DE1E79BCD2}" = protocol=17 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{4451C60F-52FC-42A6-945A-8CC0F17DDFF2}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\groove.exe |
"{4ECF7524-4922-4C36-AF05-BE8B92F4C9B2}" = protocol=1 | dir=out | [email protected],-28544 |
"{54C06B2C-9280-4FBD-8DB9-75321D0017B4}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{5B24EB0B-D6BD-4956-A313-5CD428E07B5F}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |
"{5BF823F5-6F73-4530-A78A-550B3246D0FC}" = protocol=6 | dir=in | app=c:\program files (x86)\wireless card\rtldhcp.exe |
"{60A32D9B-90CE-4E8D-8013-F3930A605703}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |
"{6D0D56BA-99BB-4B01-AE2F-6CFA90D0D281}" = protocol=17 | dir=in | app=c:\windows\temp\cmc_dragon\restart_helper.exe |
"{6F27FE90-60BB-46AA-BB79-639B444E3E3C}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgmfapx.exe |
"{76E318B2-1D18-4475-A675-072E48F63A6E}" = protocol=17 | dir=in | app=c:\program files (x86)\wireless card\rtwlan.exe |
"{7AF21863-2A66-4391-A6CC-E3ABB8A67F64}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{817B2401-8A7C-4248-9A09-583288EE0882}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |
"{8422F428-775D-486F-896E-196508CB0780}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{86868EB0-442B-49EF-8259-675C27C14445}" = protocol=1 | dir=in | [email protected],-28543 |
"{8A5131A1-4C10-44C4-AFEC-FB32613DE31D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgemca.exe |
"{8BDD5786-BBE3-49D2-8C9B-2187B03DE7EF}" = protocol=17 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{925C7F34-CD78-4CFA-B24B-26EBFA943DB5}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{92658886-215E-4E26-9560-29E95C57FF92}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2013\avgmfapx.exe |
"{9AC914CA-F7AD-426E-8C39-6901FA5F8FAA}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{A443BCA2-5516-4204-BC60-368B9CADE8D5}" = protocol=6 | dir=in | app=c:\program files (x86)\common files\comodo\geekbuddyrsp.exe |
"{ABDEFE67-40EF-4179-9B23-346B490D882D}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgnsa.exe |
"{AFA01BF7-4B70-4B98-8E0B-F4FCEC4FDAFD}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{B227E095-131B-4243-BB74-0622A36202EB}" = protocol=17 | dir=in | app=c:\windows\temp\cmc_dragon\restart_helper.exe |
"{B4E5C682-E857-4B64-8A89-8CF5B8E12AC8}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |
"{B8D39773-4E9E-4F4B-B012-4E5F61AFE3F0}" = protocol=6 | dir=in | app=c:\program files (x86)\wireless card\rtwlan.exe |
"{B8EC44D7-8018-44E2-B37D-8B10F168F56F}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{BA323C93-23CD-4ED3-B025-066DFE6BE8DA}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |
"{C1809FB1-24C8-410D-AE37-7B877A777DE9}" = protocol=17 | dir=in | app=c:\program files (x86)\wireless card\rtldhcp.exe |
"{D55DBA64-F6ED-4D9E-854C-7102948706E8}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |
"{DCA659B7-DE78-4627-B735-3194218FB979}" = protocol=6 | dir=in | app=c:\windows\temp\cmc_dragon\restart_helper.exe |
"{DD84DC80-9436-4C58-9E8D-2283A9B7C672}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |
"{E4CB902B-9023-4BA3-A4FD-55486BCE55E5}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |
"{E6B7B8CB-BF50-42C4-A675-5A9AD9E7D805}" = protocol=6 | dir=in | app=c:\program files (x86)\avg\avg2014\avgdiagex.exe |
"{E858E6A6-136C-4938-9075-6D1478798CF2}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |
"{ECD269D6-C48B-4546-AAE9-EACA2097FB01}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ED3B8C4D-9EB6-475C-889B-B6964BD1A47D}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |
"{ED453098-3FF8-4D7D-8FCE-4688B8990DA1}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{01FB752A-92D8-429A-8540-5A7838233443}" = MySQL Server 5.1
"{0517F875-BBB2-4812-A63E-733B33CEF215}" = Roxio System Rollback
"{093F13A3-177C-493E-8958-912A0C690B64}" = COMODO Firewall
"{0DCF275C-3D88-48CC-B374-ACA7365EF966}" = Windows Azure Libraries for .NET – v2.2
"{0E8670B8-3965-4930-ADA6-570348B67153}" = Microsoft SQL Server 2012 Transact-SQL ScriptDom
"{11A955CD-4398-405A-886D-E464C3618FBF}" = Adobe Photoshop Lightroom 4.4 64-bit
"{16C7D2AD-20CA-491E-80BC-8607A9AACED9}" = Microsoft Web Platform Installer 4.6
"{1AD147D0-BE0E-3D6C-AC11-64F6DC4163F1}" = Microsoft .NET Framework 4.5
"{1D8E6291-B0D5-35EC-8441-6616F567A0F7}" = Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219
"{21B133D6-5979-47F0-BE1C-F6A6B304693F}" = Visual Studio 2010 x64 Redistributables
"{26A24AE4-039D-4CA4-87B4-2F86417025FF}" = Java 7 Update 25 (64-bit)
"{2F72F540-1F60-4266-9506-952B21D6640D}" = Apple Mobile Device Support
"{34883B9C-CDFE-46F0-9C5B-935484C218C3}" = AVG 2014
"{3674F088-9B90-473A-AAC3-20A00D8D810C}" = Microsoft Web Deploy 3.5
"{36E619BC-A234-4EC3-849B-779A7C865A45}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}" = Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148
"{4FD80311-508F-42C3-A004-4CC8D08231F5}" = AVG 2013
"{61C3230C-D69D-44E7-B974-F8BBADB49EE6}" = Motorola Mobile Drivers Installation 5.5.0
"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour
"{76FF0F03-B707-4332-B5D1-A56C8303514E}" = iTunes
"{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}" = IIS 8.0 Express
"{863C94A6-E432-4C88-9C68-FB668AE66621}" = Windows Azure Authoring Tools - v2.2
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C775E70-A791-4DA8-BCC3-6AB7136F4484}" = Visual Studio 2012 x64 Redistributables
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2010
"{90140000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2010
"{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033" = Microsoft .NET Framework 4.5
"{977D1ABF-4089-4CA7-BA33-CC75808B7ACE}" = Intel® Trusted Connect Service Client
"{9D6DFAD6-09E5-445E-A4B5-A388FEEBD90D}" = RBVirtualFolder64Inst
"{9DCA0803-0890-4631-94BA-17DE31C49C40}" = Microsoft Camera Codec Pack
"{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb" = IIS Express Application Compatibility Database for x64
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision" = NVIDIA 3D Vision Driver 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 327.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB" = NVIDIA 3D Vision Controller Driver 310.90
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX" = NVIDIA PhysX System Software 9.12.1031
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update" = NVIDIA Update 1.14.17
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver" = NVIDIA HD Audio Driver 1.3.26.4
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{C91DCB72-F5BB-410D-A91A-314F5D1B4284}" = Broadcom NetLink Controller
"{CE470020-CCCF-4C09-9AB9-B710A4FBE2C8}" = AVG 2014
"{DB9C43F7-0B0F-4E43-9E6B-F945C71C469E}" = VD64Inst
"{F1949145-EB64-4DE7-9D81-E6D27937146C}" = Microsoft System CLR Types for SQL Server 2012 (x64)
"{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb" = IIS Express Application Compatibility Database for x86
"ASRock App Charger_is1" = ASRock App Charger v1.0.5
"AVG" = AVG 2014
"PhotomatixPro42x64_is1" = Photomatix Pro version 4.2.5
"WinRAR archiver" = WinRAR 4.20 (64-bit)

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{1086280C-97AB-42F7-BA69-2F83C12D1E2D}" = iisnode for iis 7.x dev package
"{17528CE4-C333-48FB-A9E4-D841E795CDCE}" = Renesas Electronics USB 3.0 Host Controller Driver
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{240C3DDD-C5E9-4029-9DF7-95650D040CF2}" = Intel® USB 3.0 eXtensible Host Controller Driver
"{26A24AE4-039D-4CA4-87B4-2F83217017FF}" = Java 7 Update 25
"{2B682751-E749-441C-A4B3-1F538E26E56E}" = Roxio System Rollback Recovery Disk
"{302763FD-5CEA-4DFF-80C8-9B41414C4822}" = Roxio CinePlayer
"{3A9527CF-4E91-4683-A03F-F1AD022126E5}" = DirectX 9 Runtime
"{3BD70150-9D30-488F-8CA7-CE99EF8324CC}" = GeekBuddy
"{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}" = Intel® Rapid Storage Technology
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4C1CB8FA-89A5-476A-89B6-C69BDC668A9F}" = Microsoft WebMatrix 3
"{51C7AD07-C3F6-4635-8E8A-231306D810FE}" = Cisco LEAP Module
"{556BEFE2-30FF-4113-98F4-01234396DF2B}" = ASUS PCE-N15 WLAN Card Utilities & Driver
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{5D09C772-ECB3-442B-9CC6-B4341C78FDC2}" = Apple Application Support
"{5EE7D259-D137-4438-9A5F-42F432EC0421}" = VC80CRTRedist - 8.0.50727.4053
"{61942EF5-2CD8-47D4-869C-2E9A8BB085F1}" = Asmedia ASM106x SATA Host Controller Driver
"{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}" = Cisco EAP-FAST Module
"{65153EA5-8B6E-43B6-857B-C6E4FC25798A}" = Intel® Management Engine Components
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{729B89D0-946A-407E-A121-343BD3320C40}" = Roxio BackOnTrack
"{74EB3499-8B95-4B5C-96EB-7B342F3FD0C6}" = Adobe Photoshop CS6
"{77CDA026-3860-4C95-8233-34F3CEF121FB}" = Roxio Creator 2012 Pro
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{837b34e3-7c30-493c-8f6a-2b0f04e2912c}" = Microsoft Visual C++ 2005 Redistributable
"{86DDDAAD-AEB9-42E5-BE01-0E8FABD2BB29}" = Roxio Video Capture USB
"{8B922CF8-8A6C-41CE-A858-F1755D7F5D29}" = NVIDIA PhysX
"{90140000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2010
"{90140000-0011-0000-0000-0000000FF1CE}_Office14.PROPLUS_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2010
"{90140000-0015-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2010
"{90140000-0016-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2010
"{90140000-0018-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2010
"{90140000-0019-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2010
"{90140000-001A-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2010
"{90140000-001B-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.PROPLUS_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2010
"{90140000-001F-040C-0000-0000000FF1CE}_Office14.PROPLUS_{46298F6A-1E7E-4D4A-B5F5-106A4F0E48C6}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2010
"{90140000-001F-0C0A-0000-0000000FF1CE}_Office14.PROPLUS_{DEA87BE2-FFCC-4F33-9946-FCBE55A1E998}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.PROPLUS_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2010
"{90140000-002C-0409-0000-0000000FF1CE}_Office14.PROPLUS_{7CA93DF4-8902-449E-A42E-4C5923CFBDE3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2010
"{90140000-0044-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2010
"{90140000-006E-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2010
"{90140000-00A1-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2010
"{90140000-00BA-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2010
"{90140000-0115-0409-0000-0000000FF1CE}_Office14.PROPLUS_{4560037C-E356-444A-A015-D21F487D809E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0116-0409-1000-0000000FF1CE}_Office14.PROPLUS_{D6C6B46A-6CE1-4561-84A0-EFD58B8AB979}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2010
"{90140000-0117-0409-0000-0000000FF1CE}_Office14.PROPLUS_{6BD185A0-E67F-4F77-8BCD-E34EA6AE76DF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{92E19B5A-1985-49BF-9022-9CF4AD652C72}" = MySQL Connector Net 6.5.4
"{94017829-308A-4EB4-B11B-18706186AFAE}" = Windows Azure Command Line Tools
"{94CAC2F1-C856-47F4-AF24-65A1E75AEDB9}" = MotoHelper MergeModules
"{9569E6BC-326A-432F-97AB-35263A327BF1}" = Roxio Burn - Secure
"{959B7F35-2819-40C5-A0CD-3C53B5FCC935}" = AFT Turbo Driver 4075
"{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}" = Visual Studio 2012 x86 Redistributables
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{A6C48A9F-694A-4234-B3AA-62590B668927}" = Intel® Manageability Engine Firmware Recovery Agent
"{AAB42DD0-9551-4E30-A3E4-F87D4A4E1C52}" = Roxio Creator 2012 Pro
"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.06)
"{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"{BD3EAE4D-862D-4D41-8BB5-F5C2CFFE6022}" = Roxio BackOnTrackPE
"{BD99B630-E3FF-4DB5-AA19-BC9990021429}" = node.js
"{BFEAAE77-BD7F-4534-B286-9C5CB4697EB1}" = PDF Settings CS6
"{C0E5147E-C9F3-4360-9ED0-2E875F11766C}" = Respondus LockDown Browser
"{C7CA731B-BF9A-46D9-92CF-8A8737AE9240}" = System Requirements Lab for Intel
"{CE86D656-C887-4EF1-B2D7-2A1075435964}" = Face Filter
"{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}" = Microsoft System CLR Types for SQL Server 2012
"{E4FB0B39-C991-4EE7-95DD-1A1A7857D33D}" = Asmedia ASM104x USB 3.0 Host Controller Driver
"{E7FCA9E4-CDCB-472B-B168-567B16088E89}" = Windows Azure Storage Tools - v2.2
"{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}" = Cisco PEAP Module
"{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F51D9393-BB14-4566-99BF-D6ED63AEFCD7}" = Natural Color
"{F53529E7-07B1-409A-ACE0-3910D2338D12}" = Roxio Creator 2012 Pro
"{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}" = Microsoft SQL Server 2012 Data-Tier App Framework
"{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
"{FFAC39DA-CF79-434B-A6E0-4055689667D9}" = Roxio CinePlayer Decoder Pack
"Adobe Flash Player ActiveX" = Adobe Flash Player 12 ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 12 Plugin
"AVG SafeGuard toolbar" = AVG SafeGuard toolbar
"Comodo Dragon" = Comodo Dragon
"DivX Setup.divx.com" = DivX Setup
"FileHippo.com" = FileHippo.com Update Checker
"InstallShield_{17528CE4-C333-48FB-A9E4-D841E795CDCE}" = Renesas Electronics USB 3.0 Host Controller Driver
"InstallShield_{B8A2869E-30CA-40C5-9CF8-BD7354E57EF8}" = SmartSound Common Data
"MotoHelper" = MotoHelper 2.1.41 Driver 5.5.0
"Mozilla Firefox 27.0.1 (x86 en-US)" = Mozilla Firefox 27.0.1 (x86 en-US)
"MozillaMaintenanceService" = Mozilla Maintenance Service
"NVIDIAStereo" = NVIDIA Stereoscopic 3D Driver
"Office14.PROPLUS" = Microsoft Office Professional Plus 2010
"PortraitProfessional11_is1" = Portrait Professional 11.2
"SpywareBlaster_is1" = SpywareBlaster 5.0

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-3908123399-674081707-2029318344-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Millers Designer Plus" = Millers Designer Plus

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2/20/2014 6:17:12 AM | Computer Name = CCP-Editing | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 8003

Error - 2/20/2014 6:17:12 AM | Computer Name = CCP-Editing | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 8003

Error - 2/20/2014 6:17:13 AM | Computer Name = CCP-Editing | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2/20/2014 6:17:13 AM | Computer Name = CCP-Editing | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 9002

Error - 2/20/2014 6:17:13 AM | Computer Name = CCP-Editing | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 9002

Error - 2/20/2014 6:17:14 AM | Computer Name = CCP-Editing | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: Continuously busy for more than a second

Error - 2/20/2014 6:17:14 AM | Computer Name = CCP-Editing | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledEvent 10000

Error - 2/20/2014 6:17:14 AM | Computer Name = CCP-Editing | Source = Bonjour Service | ID = 100
Description = Task Scheduling Error: m->NextScheduledSPRetry 10000

Error - 2/21/2014 2:02:20 AM | Computer Name = CCP-Editing | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: a40 Start Time:
01cf2eca192c261f Termination Time: 16 Application Path: C:\Users\Crystal\Desktop\OTL.exe

Report
Id: b60897d6-9abd-11e3-a9e1-bc5ff483b15b

Error - 2/21/2014 2:07:15 AM | Computer Name = CCP-Editing | Source = Application Hang | ID = 1002
Description = The program OTL.exe version 3.2.69.0 stopped interacting with Windows
and was closed. To see if more information about the problem is available, check
the problem history in the Action Center control panel. Process ID: 8a4 Start Time:
01cf2eca8071b205 Termination Time: 29672 Application Path: C:\Users\Crystal\Desktop\OTL.exe

Report
Id: 5479d910-9abe-11e3-a9e1-bc5ff483b15b

[ System Events ]
Error - 2/19/2014 2:41:40 PM | Computer Name = CCP-Editing | Source = Service Control Manager | ID = 7034
Description = The Intel® Rapid Storage Technology service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/19/2014 2:44:49 PM | Computer Name = CCP-Editing | Source = volsnap | ID = 393252
Description = The shadow copies of volume C: were aborted because the shadow copy
storage could not grow due to a user imposed limit.

Error - 2/19/2014 10:17:32 PM | Computer Name = CCP-Editing | Source = Service Control Manager | ID = 7034
Description = The MySQL service terminated unexpectedly. It has done this 1 time(s).

Error - 2/19/2014 10:17:32 PM | Computer Name = CCP-Editing | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
CFRMD

Error - 2/19/2014 10:17:33 PM | Computer Name = CCP-Editing | Source = Service Control Manager | ID = 7034
Description = The Intel® Rapid Storage Technology service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/19/2014 10:19:29 PM | Computer Name = CCP-Editing | Source = DCOM | ID = 10010
Description =

Error - 2/19/2014 10:38:46 PM | Computer Name = CCP-Editing | Source = Service Control Manager | ID = 7034
Description = The MySQL service terminated unexpectedly. It has done this 1 time(s).

Error - 2/19/2014 10:38:46 PM | Computer Name = CCP-Editing | Source = Service Control Manager | ID = 7026
Description = The following boot-start or system-start driver(s) failed to load:
CFRMD

Error - 2/19/2014 10:38:48 PM | Computer Name = CCP-Editing | Source = Service Control Manager | ID = 7034
Description = The Intel® Rapid Storage Technology service terminated unexpectedly.
It has done this 1 time(s).

Error - 2/20/2014 2:44:43 AM | Computer Name = CCP-Editing | Source = DCOM | ID = 10010
Description =


< End of report >
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Malwarebytes Anti-Malware 1.75.0.1300
www.malwarebytes.org

Database version: v2014.02.21.02

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 11.0.9600.16518
Crystal :: CCP-EDITING [administrator]

2/21/2014 12:10:32 AM
mbam-log-2014-02-21 (00-10-32).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 242599
Time elapsed: 2 minute(s), 9 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 0
(No malicious items detected)

(end)


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

C:\ProgramData\COMODO\Cis\Quarantine\data\{DF1509D8-DBB9-4307-B6D6-8E0D0831BEAB} a variant of Win32/Bunndle potentially unsafe application
C:\Users\All Users\COMODO\Cis\Quarantine\data\{DF1509D8-DBB9-4307-B6D6-8E0D0831BEAB} a variant of Win32/Bunndle potentially unsafe application
E:\Crystal Clear Photography\Business\Graphics\fonts\frzfonts_d165396.exe a variant of Win32/InstallIQ.A potentially unwanted application


++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Thanks Crowbar, have a nice weekend!
  • 0

#11
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,161 posts
Hi again,
I'm having a great weekend so far, thank you. Finally above freezing for a little while :D

I'm not a huge fan of the bloat that comes with AVG either. I hate that it's changed my default to AVG secure despite my changing it back to Google. I think I may try Avast!


I think that would be a wise move, Avast! has a free version, but the paid version is top notch. Full disclosure: I don't work for them, and I do not make any money from them.
If you are going to do the switch, here is what I think you should do.
  • First, download the Avast! installer, this way you don't have to go out and get it while you are unprotected.
  • Second, remove AVG normally, via the control panel > uninstall a program
  • Third, after a reboot, run the AVG removal tool, located here, right click on it and select Run as administrator
  • Fourth, after a reboot, run the Avast! installer.

I see one file in your last post that I want to remove, so this OTL fix will do that:
We need to do an OTL fix:

Note: If you have Malwarebytes 1.6 or higher installed please disable it for the duration of this fix as it may interfere with the successfully execution of the script below. If it still hangs then please uninstall MalwareBytes' and run this fix again.
Run OTL
  • Under the Custom Scans/Fixes box at the bottom, paste in the following

    :commands
    [createrestorepoint]
    :files
    E:\Crystal Clear Photography\Business\Graphics\fonts\frzfonts_d165396.exe

  • Then click the Run Fix button at the top

Other than that file being removed, I am happy with what I see here --

Subject to no further problems :)

I will remove my tools now and give some recommendations, but, I would like you to run for 24 hours or so and come back if you have any problems

Now the best part of the day ----- Your log now appears clean :thumbsup:

A good workman always cleans up after himself so..The following will implement some cleanup procedures as well as reset System Restore points:

SPRING CLEAN

We need to remove the tools we've used during cleaning your machine

  • Download Delfix from here
  • Ensure Remove disinfection tools is ticked
    Also tick:
  • Create registry backup
  • Purge system restore
Posted Image

<li>Click Run
The program will run for a few moments and then notepad will open with a log. Please reply one more time with this log, so I know that I removed everything.

Now that you are clean, to help protect your computer in the future I recommend that you get the following free programmes:
CryptoPrevent
Please intstall this program to ensure that the crypto ransomware malware does not take hold of your system.
Posted Image

Posted Image
Malwarebytes. Update and run weekly to keep your system clean

Download and install FileHippo update checker and run it monthly it will show you which programs on your system need updating and give a download link

It is critical to have both a firewall and anti virus to protect your system and to keep them updated. To keep your operating system up to date visit

Posted Image
Do you use Java If you do not use it, you are better off uninstalling it completely. Go to your Control Panel, Uninstall a Program, then find any instance of Java in the list and click on Uninstall - do this until there are no instances of Java in the list. If you do use Java....
Your Java is out of date. Older versions have vulnerabilities that malware can use to infect your system.
Please follow these steps to remove older version of Java components and upgrade the application.

Upgrading Java:
  • Go to this site and click Do I have Java
  • It will check your current version and then offer to update to the latest version

To learn more about how to protect yourself while on the internet read these two articles:
How did I get infected in the first place ?
So how did I get infectd in the first place

Keep safe :wave:
  • 0

#12
Crowbar

Crowbar

    Teacher

  • GeekU Moderator
  • 4,161 posts
Since this issue appears to be resolved ... this Topic has been closed. Glad we could help. :)

If you're the topic starter, and need this topic reopened, please contact a staff member with the address of the thread.

Everyone else please begin a New Topic.
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP