Javascript Disabled Detected

You currently have javascript disabled. Several functions may not work. Please re-enable javascript to access full functionality.

Erase C in Hiberfil.sys

Started by d.brack , Mar 18 2015 11:23 AM

Worst infected machine ever

This topic is locked

#1
d.brack

Posted 18 March 2015 - 11:23 AM

Member

Member
42 posts

I bought this machine from a friend cheap because it wasn't running right. Anyone up for a challenge. This machine has every bad malware tool I have ever seen and some I've never heard of. I know of Pro PC Cleaner. I tried to uninstall AVG and install Avast. I then found the Trojan EraseC in a boot scan, but of course it couldn't fix it. There are multiple copies of Malwarebytes and AVG. Every file I open I find a new kind of cleaner or antiviral/malware tool... and they have never been recommended by you or the other reputable site I know... BC. I ran the ESET scanner, It showed 18 infections and was able to heal 14. The other files were locked. I am afraid to try to do anymore without advice. I ran the FRST this morning and half the stuff isn't even showing up. I even tried just a straight shift delete on Malwarebytes, but to my surprise there were copies in Program files and Program Data. Avast was also installed in both places, but only one shows.The uninstall files for Malwarebytes and AVG are gone, so it says. Leaning toward the fact that they are just infected. I'm sorry for bringing such a mess, but I would appreciate the help. I would love to have a laptop, but I'm even afraid of running it on my home network. Thanks so much.

FRSTlog:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by RoseCake (administrator) on ROSECAKE-PC on 18-03-2015 11:29:19
Running from C:\Users\RoseCake\Desktop
Loaded Profiles: RoseCake (Available profiles: RoseCake)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser not detected!)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(YouTubeSoft) C:\Program Files (x86)\YouTube Download Pool\G2\youtubeserv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295224 2010-07-01] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-08-17] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [305088 2011-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AVG_UI] => "C:\Program Files (x86)\AVG\AVG2014\avgui.exe" /TRAYONLY
HKLM-x32\...\Run: [gmsd_us_323] => [X]
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-16] (Avast Software s.r.o.)
HKU\S-1-5-21-3583772472-3013558980-347553230-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3583772472-3013558980-347553230-1001\...\MountPoints2: {09f1269d-9ab6-11e2-8fdb-00266cc682d8} - E:\KODAK_Software_Downloader.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\RoseCake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1AB24RN6.lnk
ShortcutTarget: 1AB24RN6.lnk -> C:\ProgramData\{4007dc82-6f9d-7ab4-4007-7dc826f97209}\1AB24RN6.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-3583772472-3013558980-347553230-1001] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3583772472-3013558980-347553230-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-3583772472-3013558980-347553230-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
SearchScopes: HKLM -> DefaultScope {E82CA1BD-FEF0-4F95-AD94-A9970000026B} URL = http://www.google.co...ng}&rlz=1I7TSNF
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {E82CA1BD-FEF0-4F95-AD94-A9970000026B} URL = http://www.google.co...ng}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> DefaultScope {2FC9F537-898D-46D3-B4AF-AF553A281010} URL = http://www.google.co...ng}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {2FC9F537-898D-46D3-B4AF-AF553A281010} URL = http://www.google.co...ng}&rlz=1I7TSNF
SearchScopes: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> DefaultScope {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...}&D=031415=
SearchScopes: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> {015DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = http://www.trovi.com...}&D=031415=
SearchScopes: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> {E0AA9A86-27B4-4FAB-8A85-BFE86CB21DB5} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> {E82CA1BD-FEF0-4F95-AD94-A9970000026B} URL = http://www.google.co...ng}&rlz=1I7TSNF
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-16] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: No Name -> {02478D38-C3F9-4efb-9B51-7695ECA05670} -> No File
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-16] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-29] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
Toolbar: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> No Name - {E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://mywayphotos.r...veX_Control.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)

FireFox:
========
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-16]

Chrome:
=======
CHR Profile: C:\Users\RoseCake\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\RoseCake\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfghefomandejfcfhcindgbnfogdgjj [2015-03-14]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-03-16]
CHR HKLM-x32\...\Chrome\Extension: [ndkhncnongaclekkbelchmeafffimifj] - C:\Users\RoseCake\AppData\Local\Giant Savings\Chrome\Giant Savings.crx [Not Found]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [343336 2015-03-16] (Avast Software s.r.o.)
S4 lyvicocu; C:\Users\RoseCake\AppData\Roaming\C0918958-1426350886-E011-B5A7-00266CC682D8\jnstDA8.tmp [97280 2015-03-16] () [File not signed]
R2 PCCUJobMgr; C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe [126392 2011-02-03] (Symantec Corporation)
S4 vumowoge; C:\Users\RoseCake\AppData\Roaming\C0918958-1426350886-E011-B5A7-00266CC682D8\nsp6A1E.tmp [115712 2015-03-16] () [File not signed]
S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)
R2 YouTubeDownload_G2; C:\Program Files (x86)\YouTube Download Pool\G2\youtubeserv.exe [2971736 2015-03-10] (YouTubeSoft)
S2 AVGIDSAgent; "C:\Program Files (x86)\AVG\AVG2014\avgidsagent.exe" [X]
S2 avgwd; "C:\Program Files (x86)\AVG\AVG2014\avgwdsvc.exe" [X]

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29168 2015-03-16] ()
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [88408 2015-03-16] (Avast Software s.r.o.)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-03-16] (Avast Software s.r.o.)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65736 2015-03-16] ()
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1047320 2015-03-16] (Avast Software s.r.o.)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [441728 2015-03-16] (Avast Software s.r.o.)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [136752 2015-03-16] (Avast Software s.r.o.)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [268640 2015-03-16] ()
R1 Avgdiska; C:\Windows\System32\DRIVERS\avgdiska.sys [153368 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 AVGIDSDriver; C:\Windows\System32\DRIVERS\avgidsdrivera.sys [242968 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 AVGIDSHA; C:\Windows\System32\DRIVERS\avgidsha.sys [190744 2014-06-17] (AVG Technologies CZ, s.r.o.)
S1 Avgldx64; C:\Windows\System32\DRIVERS\avgldx64.sys [235800 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgloga; C:\Windows\System32\DRIVERS\avgloga.sys [328984 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgmfx64; C:\Windows\System32\DRIVERS\avgmfx64.sys [123672 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx64; C:\Windows\System32\DRIVERS\avgrkx64.sys [31512 2014-06-17] (AVG Technologies CZ, s.r.o.)
R1 Avgtdia; C:\Windows\System32\DRIVERS\avgtdia.sys [269080 2014-06-17] (AVG Technologies CZ, s.r.o.)
R0 gfibto; C:\Windows\System32\drivers\gfibto.sys [14456 2012-12-10] (GFI Software)
S3 Lavasoft Kernexplorer; No ImagePath
S3 MBAMSwissArmy; C:\windows\system32\drivers\MBAMSwissArmy.sys [129752 2015-01-04] (Malwarebytes Corporation)
S3 usbbus; C:\Windows\System32\DRIVERS\lgx64bus.sys [17920 2008-11-11] (LG Electronics Inc.)
S3 UsbDiag; C:\Windows\System32\DRIVERS\lgx64diag.sys [27136 2008-11-11] (LG Electronics Inc.)
S3 USBModem; C:\Windows\System32\DRIVERS\lgx64modem.sys [33792 2008-11-11] (LG Electronics Inc.)
S1 qrnfd_1_10_0_9; system32\drivers\qrnfd_1_10_0_9.sys [X]
S3 RSUSBSTOR; System32\Drivers\RtsUStor.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)

==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 11:29 - 2015-03-18 11:30 - 00020319 _____ () C:\Users\RoseCake\Desktop\FRST.txt
2015-03-18 11:16 - 2015-03-18 11:29 - 00000000 ____D () C:\FRST
2015-03-18 11:16 - 2015-03-18 11:16 - 02095616 _____ (Farbar) C:\Users\RoseCake\Desktop\FRST64.exe
2015-03-16 17:53 - 2015-03-16 17:53 - 00003664 _____ () C:\windows\System32\Tasks\IE_ERR4WDR
2015-03-16 17:53 - 2015-03-16 17:53 - 00003640 _____ () C:\windows\System32\Tasks\HDNINSTSCHD
2015-03-16 17:53 - 2015-03-16 17:53 - 00003506 _____ () C:\windows\System32\Tasks\UPDTEXE4_WDR
2015-03-16 17:52 - 2015-03-16 17:56 - 00000000 ____D () C:\Program Files (x86)\Portable WeatherApp
2015-03-16 17:51 - 2015-03-16 17:51 - 00000000 ____D () C:\Users\RoseCake\AppData\Roaming\AVAST Software
2015-03-16 17:46 - 2015-03-16 17:46 - 00001933 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2015-03-16 17:46 - 2015-03-16 17:46 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
2015-03-16 17:45 - 2015-03-17 18:42 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
2015-03-16 17:44 - 2015-03-16 17:44 - 01047320 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSnx.sys
2015-03-16 17:44 - 2015-03-16 17:44 - 00441728 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswSP.sys
2015-03-16 17:44 - 2015-03-16 17:44 - 00364472 _____ (Avast Software s.r.o.) C:\windows\system32\aswBoot.exe
2015-03-16 17:44 - 2015-03-16 17:44 - 00268640 _____ () C:\windows\system32\Drivers\aswVmm.sys
2015-03-16 17:44 - 2015-03-16 17:44 - 00136752 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswStm.sys
2015-03-16 17:44 - 2015-03-16 17:44 - 00093528 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswRdr2.sys
2015-03-16 17:44 - 2015-03-16 17:44 - 00088408 _____ (Avast Software s.r.o.) C:\windows\system32\Drivers\aswMonFlt.sys
2015-03-16 17:44 - 2015-03-16 17:44 - 00065736 _____ () C:\windows\system32\Drivers\aswRvrt.sys
2015-03-16 17:44 - 2015-03-16 17:44 - 00043112 _____ (Avast Software s.r.o.) C:\windows\avastSS.scr
2015-03-16 17:44 - 2015-03-16 17:44 - 00029168 _____ () C:\windows\system32\Drivers\aswHwid.sys
2015-03-16 17:41 - 2015-03-16 17:41 - 00000000 ____D () C:\Program Files\AVAST Software
2015-03-16 17:11 - 2015-03-16 17:11 - 05475064 _____ (Avast Software s.r.o.) C:\Users\Public\Desktop\avast_free_antivirus_setup_online.exe
2015-03-16 17:03 - 2015-03-17 15:30 - 00000000 ____D () C:\Users\RoseCake\Desktop\Tools
2015-03-16 16:18 - 2015-03-17 15:11 - 00000000 ____D () C:\ProgramData\Browser
2015-03-14 14:34 - 2015-03-14 14:34 - 00004026 _____ () C:\windows\System32\Tasks\LaunchSignup
2015-03-14 14:33 - 2015-03-14 14:33 - 00000000 ____D () C:\ProgramData\70d0ef56000030ec
2015-03-14 14:24 - 2015-03-15 07:54 - 00003472 _____ () C:\windows\System32\Tasks\ProPCCleaner_Popup
2015-03-14 14:07 - 2015-03-18 11:07 - 00057624 _____ () C:\windows\PFRO.log
2015-03-14 14:05 - 2015-03-14 14:06 - 00021976 _____ () C:\windows\system32\Drivers\SPPD.sys
2015-03-14 13:59 - 2015-03-14 13:59 - 00628688 _____ (CMI Limited) C:\Users\RoseCake\AppData\Local\nszC33A.tmp
2015-03-14 13:50 - 2015-03-14 13:50 - 00000000 ____D () C:\ProgramData\Windows VXM
2015-03-14 13:50 - 2015-03-14 13:50 - 00000000 ____D () C:\Program Files (x86)\Windows Network Accelerater
2015-03-14 13:23 - 2015-03-14 13:23 - 00000000 ____D () C:\Users\RoseCake\.cache
2015-03-14 13:16 - 2015-03-14 14:07 - 00000376 _____ () C:\windows\Tasks\APSnotifierPP2.job
2015-03-14 13:16 - 2015-03-14 13:16 - 00002832 _____ () C:\windows\System32\Tasks\APSnotifierPP2
2015-03-14 13:16 - 2015-03-14 13:16 - 00000000 ____D () C:\Program Files (x86)\predm
2015-03-14 13:14 - 2015-03-14 13:35 - 00000378 _____ () C:\windows\Tasks\APSnotifierPP1.job
2015-03-14 13:14 - 2015-03-14 13:15 - 00002834 _____ () C:\windows\System32\Tasks\APSnotifierPP1
2015-03-14 13:12 - 2015-03-14 13:12 - 00000000 ____D () C:\Users\RoseCake\Documents\Optimizer Pro
2015-03-14 13:07 - 2015-03-14 13:07 - 00613255 _____ (CMI Limited) C:\Users\RoseCake\AppData\Local\nsk6349.tmp
2015-03-14 13:07 - 2015-03-14 13:07 - 00000000 __SHD () C:\Users\RoseCake\AppData\Roaming\AnyProtectEx
2015-03-14 13:06 - 2015-03-14 14:07 - 00000000 ____D () C:\Program Files (x86)\Ninja Loader
2015-03-14 13:05 - 2015-03-17 15:11 - 00000000 ____D () C:\Program Files (x86)\Optimizer Pro 3.56
2015-03-14 13:05 - 2015-03-14 13:05 - 00000000 ____D () C:\Users\RoseCake\Documents\DreamVideoSoft
2015-03-14 13:04 - 2015-03-16 21:55 - 00000000 ____D () C:\ProgramData\{b95cd953-ab35-e8d1-b95c-cd953ab3654e}
2015-03-14 13:04 - 2015-03-16 18:01 - 00000000 ____D () C:\ProgramData\Optimizer
2015-03-14 13:04 - 2015-03-14 13:04 - 00003116 _____ () C:\windows\System32\Tasks\{4549E9A6-25B5-4CFC-A8C0-17672EA6055F}
2015-03-14 13:04 - 2015-03-14 13:04 - 00000000 ____D () C:\ProgramData\PastaLeadsAgent
2015-03-14 13:04 - 2015-03-14 13:04 - 00000000 ____D () C:\Program Files (x86)\YouTube Download Pool
2015-03-14 13:03 - 2015-03-14 13:03 - 00000000 ____D () C:\Program Files\Common Files\PastaLeads
2015-03-14 13:00 - 2015-03-14 13:00 - 00003208 _____ () C:\windows\System32\Tasks\ProPCCleaner_Start
2015-03-14 13:00 - 2015-03-14 13:00 - 00000000 ____D () C:\Users\RoseCake\AppData\Local\Pro_PC_Cleaner
2015-03-14 12:59 - 2015-03-15 07:57 - 00000000 ____D () C:\Users\RoseCake\Documents\ProPCCleaner
2015-03-14 12:57 - 2015-03-14 12:59 - 00000000 _____ () C:\END
2015-03-14 12:56 - 2015-03-14 12:56 - 00002225 _____ () C:\windows\patsearch.bin
2015-03-14 12:56 - 2015-03-14 12:56 - 00000000 ____H () C:\windows\system32\Drivers\Msft_Kernel_webTinstMKTN_01009.Wdf
2015-03-14 12:55 - 2015-03-16 17:59 - 00001346 _____ () C:\windows\Tasks\TSZK.job
2015-03-14 12:54 - 2015-03-18 11:22 - 00000976 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job
2015-03-14 12:54 - 2015-03-17 12:59 - 00000980 _____ () C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job
2015-03-14 12:54 - 2015-03-14 18:59 - 00000000 ____D () C:\Program Files (x86)\globalUpdate
2015-03-14 12:54 - 2015-03-14 12:54 - 00003978 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineUA
2015-03-14 12:54 - 2015-03-14 12:54 - 00003724 _____ () C:\windows\System32\Tasks\globalUpdateUpdateTaskMachineCore
2015-03-14 12:54 - 2015-03-14 12:54 - 00000000 ____D () C:\Users\RoseCake\AppData\Local\globalUpdate
2015-03-14 12:53 - 2015-03-17 15:12 - 00000000 ____D () C:\Users\RoseCake\AppData\Local\SmartWeb
2015-03-14 12:42 - 2015-03-17 15:12 - 00000000 ____D () C:\Users\RoseCake\AppData\Local\C0918958-1426336956-E011-B5A7-00266CC682D8
2015-03-14 12:42 - 2015-03-14 12:42 - 00000000 ____D () C:\ProgramData\11be24a400006fb3
2015-03-14 12:39 - 2015-03-17 15:11 - 00000000 ____D () C:\ProgramData\{4007dc82-6f9d-7ab4-4007-7dc826f97209}
2015-03-14 12:39 - 2015-03-16 19:00 - 00000000 ____D () C:\Users\RoseCake\AppData\Roaming\C0918958-1426351151-E011-B5A7-00266CC682D8
2015-03-14 12:38 - 2015-03-14 12:38 - 00000088 _____ () C:\Users\RoseCake\AppData\Local\dd8aabaa03142635a973ae46125b9ccc
2015-03-14 12:36 - 2015-03-14 14:38 - 00000000 ____D () C:\Program Files (x86)\StormWatch
2015-03-14 12:35 - 2015-03-17 15:11 - 00000000 ____D () C:\ProgramData\{05ef0d6c-1f36-5967-05ef-f0d6c1f335b0}
2015-03-14 12:34 - 2015-03-16 17:53 - 00000000 ____D () C:\Users\RoseCake\AppData\Roaming\C0918958-1426350886-E011-B5A7-00266CC682D8
2015-03-13 07:28 - 2015-03-13 07:29 - 02057008 _____ () C:\Users\RoseCake\Downloads\Adaware_Installer (1).exe
2015-03-11 11:36 - 2015-02-20 00:41 - 00041984 _____ (Microsoft Corporation) C:\windows\system32\lpk.dll
2015-03-11 11:36 - 2015-02-20 00:40 - 00100864 _____ (Microsoft Corporation) C:\windows\system32\fontsub.dll
2015-03-11 11:36 - 2015-02-20 00:40 - 00046080 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2015-03-11 11:36 - 2015-02-20 00:40 - 00014336 _____ (Microsoft Corporation) C:\windows\system32\dciman32.dll
2015-03-11 11:36 - 2015-02-20 00:13 - 00070656 _____ (Microsoft Corporation) C:\windows\SysWOW64\fontsub.dll
2015-03-11 11:36 - 2015-02-20 00:13 - 00034304 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2015-03-11 11:36 - 2015-02-20 00:13 - 00010240 _____ (Microsoft Corporation) C:\windows\SysWOW64\dciman32.dll
2015-03-11 11:36 - 2015-02-20 00:12 - 00025600 _____ (Microsoft Corporation) C:\windows\SysWOW64\lpk.dll
2015-03-11 11:36 - 2015-02-19 23:29 - 00372224 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2015-03-11 11:36 - 2015-02-19 23:09 - 00299008 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2015-03-11 11:36 - 2015-02-02 23:34 - 05554104 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2015-03-11 11:36 - 2015-02-02 23:34 - 00693176 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2015-03-11 11:36 - 2015-02-02 23:34 - 00094656 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mountmgr.sys
2015-03-11 11:36 - 2015-02-02 23:33 - 00616360 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2015-03-11 11:36 - 2015-02-02 23:31 - 14632960 _____ (Microsoft Corporation) C:\windows\system32\wmp.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 04121600 _____ (Microsoft Corporation) C:\windows\system32\mf.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 01574400 _____ (Microsoft Corporation) C:\windows\system32\quartz.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00782848 _____ (Microsoft Corporation) C:\windows\system32\wmdrmsdk.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00641024 _____ (Microsoft Corporation) C:\windows\system32\msscp.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00503808 _____ (Microsoft Corporation) C:\windows\system32\srcore.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00432128 _____ (Microsoft Corporation) C:\windows\system32\mfplat.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00371712 _____ (Microsoft Corporation) C:\windows\system32\qdvd.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00325632 _____ (Microsoft Corporation) C:\windows\system32\msnetobj.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00229376 _____ (Microsoft Corporation) C:\windows\system32\wintrust.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00206848 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00188416 _____ (Microsoft Corporation) C:\windows\system32\pcasvc.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00063488 _____ (Microsoft Corporation) C:\windows\system32\setbcdlocale.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00050176 _____ (Microsoft Corporation) C:\windows\system32\srclient.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00037376 _____ (Microsoft Corporation) C:\windows\system32\pcadm.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\msmmsp.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\spwmp.dll
2015-03-11 11:36 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\msdxm.ocx
2015-03-11 11:36 - 2015-02-02 23:31 - 00005120 _____ (Microsoft Corporation) C:\windows\system32\dxmasf.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 12625920 _____ (Microsoft Corporation) C:\windows\system32\wmploc.DLL
2015-03-11 11:36 - 2015-02-02 23:30 - 01480192 _____ (Microsoft Corporation) C:\windows\system32\crypt32.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 01202176 _____ (Microsoft Corporation) C:\windows\system32\drmv2clt.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 01069056 _____ (Microsoft Corporation) C:\windows\system32\cryptui.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00842240 _____ (Microsoft Corporation) C:\windows\system32\blackbox.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00631808 _____ (Microsoft Corporation) C:\windows\system32\evr.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00497664 _____ (Microsoft Corporation) C:\windows\system32\drmmgrtn.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00296960 _____ (Microsoft Corporation) C:\windows\system32\rstrui.exe
2015-03-11 11:36 - 2015-02-02 23:30 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00187904 _____ (Microsoft Corporation) C:\windows\system32\cryptsvc.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00146944 _____ (Microsoft Corporation) C:\windows\system32\appidpolicyconverter.exe
2015-03-11 11:36 - 2015-02-02 23:30 - 00140288 _____ (Microsoft Corporation) C:\windows\system32\cryptnet.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00126464 _____ (Microsoft Corporation) C:\windows\system32\audiodg.exe
2015-03-11 11:36 - 2015-02-02 23:30 - 00112640 _____ (Microsoft Corporation) C:\windows\system32\smss.exe
2015-03-11 11:36 - 2015-02-02 23:30 - 00082432 _____ (Microsoft Corporation) C:\windows\system32\cryptsp.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00058880 _____ (Microsoft Corporation) C:\windows\system32\appidapi.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00055808 _____ (Microsoft Corporation) C:\windows\system32\rrinstaller.exe
2015-03-11 11:36 - 2015-02-02 23:30 - 00043520 _____ (Microsoft Corporation) C:\windows\system32\csrsrv.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00032256 _____ (Microsoft Corporation) C:\windows\system32\appidsvc.dll
2015-03-11 11:36 - 2015-02-02 23:30 - 00024576 _____ (Microsoft Corporation) C:\windows\system32\mfpmp.exe
2015-03-11 11:36 - 2015-02-02 23:30 - 00017920 _____ (Microsoft Corporation) C:\windows\system32\appidcertstorecheck.exe
2015-03-11 11:36 - 2015-02-02 23:30 - 00011264 _____ (Microsoft Corporation) C:\windows\system32\pcawrk.exe
2015-03-11 11:36 - 2015-02-02 23:30 - 00009728 _____ (Microsoft Corporation) C:\windows\system32\pcalua.exe
2015-03-11 11:36 - 2015-02-02 23:29 - 00008704 _____ (Microsoft Corporation) C:\windows\system32\pcaevts.dll
2015-03-11 11:36 - 2015-02-02 23:28 - 00006656 _____ (Microsoft Corporation) C:\windows\system32\apisetschema.dll
2015-03-11 11:36 - 2015-02-02 23:19 - 00663552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\PEAuth.sys
2015-03-11 11:36 - 2015-02-02 23:16 - 03973048 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntkrnlpa.exe
2015-03-11 11:36 - 2015-02-02 23:16 - 03917760 _____ (Microsoft Corporation) C:\windows\SysWOW64\ntoskrnl.exe
2015-03-11 11:36 - 2015-02-02 23:12 - 11411968 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmp.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 03209728 _____ (Microsoft Corporation) C:\windows\SysWOW64\mf.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 01329664 _____ (Microsoft Corporation) C:\windows\SysWOW64\quartz.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 01174528 _____ (Microsoft Corporation) C:\windows\SysWOW64\crypt32.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 01005056 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptui.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00988160 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmv2clt.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00744960 _____ (Microsoft Corporation) C:\windows\SysWOW64\blackbox.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00617984 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmdrmsdk.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00519680 _____ (Microsoft Corporation) C:\windows\SysWOW64\qdvd.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00504320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msscp.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00489984 _____ (Microsoft Corporation) C:\windows\SysWOW64\evr.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00406016 _____ (Microsoft Corporation) C:\windows\SysWOW64\drmmgrtn.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00354816 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfplat.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00265216 _____ (Microsoft Corporation) C:\windows\SysWOW64\msnetobj.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00179200 _____ (Microsoft Corporation) C:\windows\SysWOW64\wintrust.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00143872 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsvc.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00103936 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptnet.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00103424 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfps.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00081408 _____ (Microsoft Corporation) C:\windows\SysWOW64\cryptsp.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00050688 _____ (Microsoft Corporation) C:\windows\SysWOW64\appidapi.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00043008 _____ (Microsoft Corporation) C:\windows\SysWOW64\srclient.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00008192 _____ (Microsoft Corporation) C:\windows\SysWOW64\spwmp.dll
2015-03-11 11:36 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2015-03-11 11:36 - 2015-02-02 23:12 - 00004096 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxmasf.dll
2015-03-11 11:36 - 2015-02-02 23:11 - 12625408 _____ (Microsoft Corporation) C:\windows\SysWOW64\wmploc.DLL
2015-03-11 11:36 - 2015-02-02 23:11 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\rrinstaller.exe
2015-03-11 11:36 - 2015-02-02 23:11 - 00023040 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfpmp.exe
2015-03-11 11:36 - 2015-02-02 23:08 - 00006656 _____ (Microsoft Corporation) C:\windows\SysWOW64\apisetschema.dll
2015-03-11 11:36 - 2015-02-02 22:32 - 00061440 _____ (Microsoft Corporation) C:\windows\system32\Drivers\appid.sys
2015-03-11 11:36 - 2015-01-16 22:48 - 01067520 _____ (Microsoft Corporation) C:\windows\system32\msctf.dll
2015-03-11 11:36 - 2015-01-16 22:30 - 00828928 _____ (Microsoft Corporation) C:\windows\SysWOW64\msctf.dll
2015-03-11 11:36 - 2014-10-31 18:24 - 00619056 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2015-03-11 11:36 - 2014-06-27 20:21 - 00532176 _____ (Microsoft Corporation) C:\windows\system32\winresume.exe
2015-03-11 11:36 - 2014-06-27 20:21 - 00457400 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2015-03-11 11:35 - 2015-02-02 23:28 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\mferror.dll
2015-03-11 11:35 - 2015-02-02 23:09 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\mferror.dll
2015-03-11 11:34 - 2015-02-13 01:26 - 12875264 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2015-03-11 11:34 - 2015-02-13 01:22 - 14177280 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2015-03-11 11:34 - 2015-02-02 23:31 - 00215552 _____ (Microsoft Corporation) C:\windows\system32\ubpm.dll
2015-03-11 11:34 - 2015-02-02 23:12 - 00171520 _____ (Microsoft Corporation) C:\windows\SysWOW64\ubpm.dll
2015-03-11 11:33 - 2015-03-06 01:56 - 00155576 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
2015-03-11 11:33 - 2015-03-06 01:56 - 00095680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecdd.sys
2015-03-11 11:33 - 2015-03-06 01:42 - 01461760 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00341504 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00136192 _____ (Microsoft Corporation) C:\windows\system32\sspicli.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00029184 _____ (Microsoft Corporation) C:\windows\system32\sspisrv.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00028160 _____ (Microsoft Corporation) C:\windows\system32\secur32.dll
2015-03-11 11:33 - 2015-03-06 01:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
2015-03-11 11:33 - 2015-03-06 01:41 - 00064000 _____ (Microsoft Corporation) C:\windows\system32\auditpol.exe
2015-03-11 11:33 - 2015-03-06 01:41 - 00031232 _____ (Microsoft Corporation) C:\windows\system32\lsass.exe
2015-03-11 11:33 - 2015-03-06 01:39 - 00060416 _____ (Microsoft Corporation) C:\windows\system32\msobjs.dll
2015-03-11 11:33 - 2015-03-06 01:38 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
2015-03-11 11:33 - 2015-03-06 01:36 - 00686080 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
2015-03-11 11:33 - 2015-03-06 01:10 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
2015-03-11 11:33 - 2015-03-06 01:10 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
2015-03-11 11:33 - 2015-03-06 01:10 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
2015-03-11 11:33 - 2015-03-06 01:10 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
2015-03-11 11:33 - 2015-03-06 01:10 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
2015-03-11 11:33 - 2015-03-06 01:10 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
2015-03-11 11:33 - 2015-03-06 01:10 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
2015-03-11 11:33 - 2015-03-06 01:10 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
2015-03-11 11:33 - 2015-03-06 01:09 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
2015-03-11 11:33 - 2015-03-06 01:09 - 00050176 _____ (Microsoft Corporation) C:\windows\SysWOW64\auditpol.exe
2015-03-11 11:33 - 2015-03-06 01:07 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
2015-03-11 11:33 - 2015-03-06 01:07 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\msobjs.dll
2015-03-11 11:33 - 2015-03-06 01:06 - 00686080 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
2015-03-11 11:33 - 2015-02-25 23:25 - 03204096 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2015-03-11 11:33 - 2015-02-02 23:31 - 01424896 _____ (Microsoft Corporation) C:\windows\system32\WindowsCodecs.dll
2015-03-11 11:33 - 2015-02-02 23:12 - 01230848 _____ (Microsoft Corporation) C:\windows\SysWOW64\WindowsCodecs.dll
2015-03-11 11:33 - 2015-01-30 19:56 - 00459336 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2015-03-11 11:32 - 2015-02-23 23:15 - 00389800 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2015-03-11 11:32 - 2015-02-23 22:32 - 00342696 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2015-03-11 11:32 - 2015-02-20 21:16 - 25021440 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2015-03-11 11:32 - 2015-02-20 20:41 - 12827648 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2015-03-11 11:32 - 2015-02-20 20:27 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
2015-03-11 11:32 - 2015-02-20 20:27 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
2015-03-11 11:32 - 2015-02-20 20:25 - 19720192 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2015-03-11 11:32 - 2015-02-20 19:58 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
2015-03-11 11:32 - 2015-02-20 19:32 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
2015-03-11 11:32 - 2015-02-19 23:06 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
2015-03-11 11:32 - 2015-02-19 23:05 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
2015-03-11 11:32 - 2015-02-19 22:50 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
2015-03-11 11:32 - 2015-02-19 22:49 - 00584192 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2015-03-11 11:32 - 2015-02-19 22:49 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
2015-03-11 11:32 - 2015-02-19 22:48 - 02886144 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
2015-03-11 11:32 - 2015-02-19 22:47 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
2015-03-11 11:32 - 2015-02-19 22:41 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
2015-03-11 11:32 - 2015-02-19 22:40 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
2015-03-11 11:32 - 2015-02-19 22:36 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
2015-03-11 11:32 - 2015-02-19 22:35 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
2015-03-11 11:32 - 2015-02-19 22:35 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
2015-03-11 11:32 - 2015-02-19 22:34 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
2015-03-11 11:32 - 2015-02-19 22:32 - 06035456 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2015-03-11 11:32 - 2015-02-19 22:26 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
2015-03-11 11:32 - 2015-02-19 22:22 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
2015-03-11 11:32 - 2015-02-19 22:22 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
2015-03-11 11:32 - 2015-02-19 22:13 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
2015-03-11 11:32 - 2015-02-19 22:09 - 00503296 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2015-03-11 11:32 - 2015-02-19 22:08 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
2015-03-11 11:32 - 2015-02-19 22:08 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
2015-03-11 11:32 - 2015-02-19 22:08 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
2015-03-11 11:32 - 2015-02-19 22:06 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
2015-03-11 11:32 - 2015-02-19 22:05 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
2015-03-11 11:32 - 2015-02-19 22:03 - 02278400 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
2015-03-11 11:32 - 2015-02-19 22:01 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
2015-03-11 11:32 - 2015-02-19 22:00 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
2015-03-11 11:32 - 2015-02-19 21:58 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
2015-03-11 11:32 - 2015-02-19 21:56 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
2015-03-11 11:32 - 2015-02-19 21:56 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
2015-03-11 11:32 - 2015-02-19 21:49 - 00801280 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2015-03-11 11:32 - 2015-02-19 21:49 - 00718848 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2015-03-11 11:32 - 2015-02-19 21:47 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
2015-03-11 11:32 - 2015-02-19 21:46 - 02125824 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2015-03-11 11:32 - 2015-02-19 21:43 - 14398976 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2015-03-11 11:32 - 2015-02-19 21:41 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
2015-03-11 11:32 - 2015-02-19 21:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
2015-03-11 11:32 - 2015-02-19 21:30 - 04300288 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2015-03-11 11:32 - 2015-02-19 21:28 - 02358784 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2015-03-11 11:32 - 2015-02-19 21:24 - 02052608 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2015-03-11 11:32 - 2015-02-19 21:24 - 00689152 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2015-03-11 11:32 - 2015-02-19 21:23 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
2015-03-11 11:32 - 2015-02-19 21:16 - 01548288 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2015-03-11 11:32 - 2015-02-19 21:03 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2015-03-11 11:32 - 2015-02-19 21:01 - 01888256 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2015-03-11 11:32 - 2015-02-19 20:57 - 01311232 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2015-03-11 11:32 - 2015-02-19 20:55 - 00710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2015-03-11 11:32 - 2015-02-03 23:16 - 00465920 _____ (Microsoft Corporation) C:\windows\system32\WMPhoto.dll
2015-03-11 11:32 - 2015-02-03 22:54 - 00417792 _____ (Microsoft Corporation) C:\windows\SysWOW64\WMPhoto.dll
2015-03-09 17:30 - 2015-03-16 21:33 - 00000385 _____ () C:\Users\RoseCake\AppData\Roaming\TSZK
2015-03-01 17:03 - 2015-03-01 17:04 - 00274448 _____ () C:\windows\Minidump\030115-51402-01.dmp
2015-02-28 20:53 - 2015-02-28 20:53 - 00372808 _____ () C:\windows\Minidump\022815-54007-01.dmp
2015-02-26 20:02 - 2015-02-26 20:02 - 00041312 _____ () C:\Users\RoseCake\Downloads\2011-040_Semi-Skilled_Laborers (1).htm
2015-02-25 15:12 - 2015-03-01 17:03 - 269291659 _____ () C:\windows\MEMORY.DMP
2015-02-25 15:12 - 2015-02-25 15:13 - 00274448 _____ () C:\windows\Minidump\022515-77220-01.dmp
2015-02-25 07:14 - 2015-01-08 19:44 - 00419936 _____ () C:\windows\SysWOW64\locale.nls
2015-02-25 07:14 - 2015-01-08 19:43 - 00419936 _____ () C:\windows\system32\locale.nls
2015-02-23 06:45 - 2015-03-18 11:22 - 00011495 _____ () C:\windows\setupact.log
2015-02-23 06:45 - 2015-02-23 06:45 - 00000000 _____ () C:\windows\setuperr.log

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-03-18 11:29 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-03-18 11:29 - 2009-07-14 00:45 - 00024608 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-03-18 11:25 - 2011-06-14 22:59 - 02090688 _____ () C:\windows\WindowsUpdate.log
2015-03-18 11:23 - 2011-10-15 12:01 - 00062768 _____ () C:\Users\RoseCake\AppData\Local\GDIPFONTCACHEV1.DAT
2015-03-18 11:22 - 2009-07-14 01:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
2015-03-18 11:07 - 2009-07-14 00:45 - 00286312 _____ () C:\windows\system32\FNTCACHE.DAT
2015-03-18 11:05 - 2014-04-20 07:31 - 00003950 _____ () C:\windows\System32\Tasks\User_Feed_Synchronization-{C9B8EEFF-24C8-40B0-B5F1-C902ECA77D6D}
2015-03-17 16:18 - 2013-12-26 07:17 - 00000830 _____ () C:\windows\Tasks\Adobe Flash Player Updater.job
2015-03-17 16:17 - 2014-06-12 10:37 - 00000000 ____D () C:\ProgramData\MFAData
2015-03-16 20:42 - 2011-06-14 23:51 - 00000000 ____D () C:\Program Files (x86)\Google
2015-03-16 20:37 - 2011-10-15 12:02 - 00000000 ____D () C:\Users\RoseCake\AppData\Roaming\Toshiba
2015-03-16 17:36 - 2013-05-11 14:26 - 00000000 ____D () C:\ProgramData\AVAST Software
2015-03-16 16:57 - 2014-11-15 15:31 - 00000000 ____D () C:\Users\RoseCake\AppData\Local\Lavasoft
2015-03-16 16:57 - 2014-03-23 10:23 - 00000000 ____D () C:\Program Files (x86)\Lavasoft
2015-03-16 16:56 - 2014-10-19 11:10 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Lavasoft
2015-03-16 16:41 - 2011-10-15 11:59 - 00001077 _____ () C:\Users\RoseCake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-03-14 14:53 - 2009-07-14 01:13 - 00783464 _____ () C:\windows\system32\PerfStringBackup.INI
2015-03-14 14:01 - 2011-10-15 12:05 - 00000000 ____D () C:\Users\RoseCake\AppData\Local\CrashDumps
2015-03-14 13:49 - 2014-05-01 18:26 - 00000000 ____D () C:\Program Files (x86)\Amazon
2015-03-14 13:36 - 2012-07-08 18:27 - 00776078 _____ () C:\windows\SysWOW64\PerfStringBackup.INI
2015-03-14 13:23 - 2011-10-15 11:55 - 00000000 ____D () C:\Users\RoseCake
2015-03-14 13:22 - 2011-06-14 23:15 - 00000000 ____D () C:\Program Files (x86)\Realtek
2015-03-14 13:22 - 2011-03-29 22:48 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
2015-03-13 06:15 - 2009-07-14 01:09 - 00000000 ____D () C:\windows\System32\Tasks\WPD
2015-03-13 06:14 - 2011-10-15 11:59 - 00000912 _____ () C:\Users\RoseCake\Downloads\Downloads.lnk
2015-03-13 06:10 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\SysWOW64\Dism
2015-03-13 06:10 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\Dism
2015-03-12 20:39 - 2013-07-15 06:44 - 00000000 ____D () C:\windows\system32\MRT
2015-03-12 20:26 - 2012-04-10 21:40 - 122905848 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe
2015-03-07 08:16 - 2009-07-13 23:20 - 00000000 ____D () C:\windows\system32\NDF
2015-03-01 17:03 - 2013-04-29 11:40 - 00000000 ____D () C:\windows\Minidump
2015-03-01 17:03 - 2009-07-14 01:08 - 00032656 _____ () C:\windows\Tasks\SCHEDLGU.TXT

==================== Files in the root of some directories =======

2015-03-09 17:30 - 2015-03-16 21:33 - 0000385 _____ () C:\Users\RoseCake\AppData\Roaming\TSZK
2015-03-14 12:38 - 2015-03-14 12:38 - 0000088 _____ () C:\Users\RoseCake\AppData\Local\dd8aabaa03142635a973ae46125b9ccc
2015-03-14 13:07 - 2015-03-14 13:07 - 0613255 _____ (CMI Limited) C:\Users\RoseCake\AppData\Local\nsk6349.tmp
2015-03-14 13:59 - 2015-03-14 13:59 - 0628688 _____ (CMI Limited) C:\Users\RoseCake\AppData\Local\nszC33A.tmp

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-03-17 15:28

==================== End Of Log ============================

Addtion.txt

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-03-2015
Ran by RoseCake at 2015-03-18 11:32:06
Running from C:\Users\RoseCake\Desktop
Boot Mode: Normal
==========================================================

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: avast! Antivirus (Disabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Disabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.5.1.17730 - Adobe Systems Inc.)
Adobe Flash Player 16 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 16.0.0.305 - Adobe Systems Incorporated)
Adobe Reader X MUI (HKLM-x32\...\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}) (Version: 10.0.0 - Adobe Systems Incorporated)
Amazon Links (HKLM-x32\...\{3135D885-9D9A-4B4D-8D45-9DB05DA115CA}) (Version: 2.02 - TOSHIBA Corporation)
Atheros Communications Inc.® AR81Family Gigabit/Fast Ethernet Driver (HKLM-x32\...\{3108C217-BE83-42E4-AE9E-A56A2A92E549}) (Version: 1.0.0.36 - Atheros Communications Inc.)
ATI Catalyst Install Manager (HKLM\...\{1D27E8CF-7546-F200-4CA3-CD2F39909F5A}) (Version: 3.0.808.0 - ATI Technologies, Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.2.2214 - AVAST Software)
AVG 2014 (HKLM\...\AVG) (Version: 2014.0.4716 - AVG Technologies)
AVG 2014 (Version: 14.0.4007 - AVG Technologies) Hidden
AVG 2014 (Version: 14.0.4716 - AVG Technologies) Hidden
ccc-core-static (x32 Version: 2011.0216.726.13233 - ATI) Hidden
Citrix online plug-in - web (HKLM-x32\...\CitrixOnlinePluginPackWeb) (Version: 12.1.44.1 - Citrix Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.54.1.0 - Conexant)
D3DX10 (x32 Version: 15.4.2368.0902 - Microsoft) Hidden
Java™ 6 Update 20 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83216020FF}) (Version: 6.0.200 - Sun Microsystems, Inc.)
Junk Mail filter update (x32 Version: 15.4.3502.0922 - Microsoft Corporation) Hidden
Label@Once 1.0 (HKLM-x32\...\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}) (Version: 1.0 - Corel)
LG USB Modem driver (HKLM-x32\...\{C3ABE126-2BB2-4246-BFE1-6797679B3579}) (Version: - )
Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
Mesh Runtime (x32 Version: 15.4.5722.2 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
Microsoft Office 2000 Premium (HKLM-x32\...\{00000409-78E1-11D2-B60F-006097C998E7}) (Version: 9.00.2720 - Microsoft Corporation)
Microsoft Office 2010 (HKLM-x32\...\{95140000-0070-0000-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Click-to-Run 2010 (HKLM-x32\...\Office14.Click2Run) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Office Starter 2010 - English (HKLM-x32\...\{90140011-0066-0409-0000-0000000FF1CE}) (Version: 14.0.4763.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
PlayReady PC Runtime amd64 (HKLM\...\{BCA9334F-B6C9-4F65-9A73-AC5A329A4D04}) (Version: 1.3.0 - Microsoft Corporation)
PlayReady PC Runtime x86 (HKLM-x32\...\{CCA5EAAD-92F4-4B7A-B5EE-14294C66AB61}) (Version: 1.3.0 - Microsoft Corporation)
Rapport (Version: 3.5.1205.18 - Trusteer) Hidden
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0016 - REALTEK Semiconductor Corp.)
Skype Launcher (HKLM-x32\...\{DA84ECBF-4B79-47F2-B34C-95C38484C058}) (Version: 2.01 - TOSHIBA Corporation)
Toshiba App Place (HKLM-x32\...\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}) (Version: 1.0.6.3 - Toshiba)
TOSHIBA Application Installer (HKLM-x32\...\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}) (Version: 9.0.1.1 - TOSHIBA)
TOSHIBA Assist (HKLM-x32\...\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}) (Version: 4.02.02 - TOSHIBA CORPORATION)
Toshiba Book Place (HKLM-x32\...\{92C7DC44-DAD3-49FE-B89B-F92C6BA9A331}) (Version: 2.2.6775 - K-NFB Reading Technology, Inc.)
TOSHIBA Bulletin Board (HKLM-x32\...\InstallShield_{C14518AF-1A0F-4D39-8011-69BAA01CD380}) (Version: 1.6.08.64 - TOSHIBA Corporation)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.1.0.4 for x64 - TOSHIBA Corporation)
TOSHIBA Face Recognition (HKLM-x32\...\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}) (Version: 3.1.3.64 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM-x32\...\{8E9CEA3B-EBD1-439C-A01D-830CB39613C6}) (Version: 2.00.14 - TOSHIBA Corporation)
TOSHIBA HDD/SSD Alert (HKLM-x32\...\InstallShield_{D4322448-B6AF-4316-B859-D8A0E84DCB38}) (Version: 3.1.64.6 - TOSHIBA Corporation)
Toshiba Laptop Checkup (HKLM-x32\...\NortonPCCheckup) (Version: 2.0.10.26 - Symantec Corporation)
TOSHIBA Media Controller (HKLM-x32\...\{983CD6FE-8320-4B80-A8F6-0D0366E0AA22}) (Version: 1.0.80.8.64 - TOSHIBA CORPORATION)
Toshiba Online Backup (HKLM-x32\...\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}) (Version: 2.0.0.25 - Toshiba)
TOSHIBA Quality Application (HKLM-x32\...\{E69992ED-A7F6-406C-9280-1C156417BC49}) (Version: 1.0.3 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.1.3.5109 - TOSHIBA CORPORATION)
TOSHIBA ReelTime (HKLM-x32\...\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}) (Version: 1.7.16.64 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM-x32\...\{AC6569FA-6919-442A-8552-073BE69E247A}) (Version: 2.1.45 - TOSHIBA)
TOSHIBA Supervisor Password (HKLM-x32\...\{073B89C3-BA88-41B5-965F-B35A88EAE838}) (Version: 2.00.07 - TOSHIBA Corporation)
TOSHIBA Value Added Package (HKLM-x32\...\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}) (Version: 1.3.22.64 - TOSHIBA Corporation)
TOSHIBA Web Camera Application (HKLM-x32\...\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}) (Version: 2.0.1.1 - TOSHIBA Corporation)
ToshibaRegistration (HKLM-x32\...\{5AF550B4-BB67-4E7E-82F1-2C4300279050}) (Version: 1.0.4 - Toshiba)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 15.4.3508.1109 - Microsoft Corporation)
Windows Live Mesh ActiveX Control for Remote Connections (HKLM-x32\...\{2902F983-B4C1-44BA-B85D-5C6D52E2C441}) (Version: 15.4.5722.2 - Microsoft Corporation)
WMV9/VC-1 Video Playback (Version: 1.00.0000 - ATI Technologies Inc.) Hidden

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

==================== Restore Points =========================

12-03-2015 20:20:00 Windows Update
13-03-2015 07:30:19 AA11
14-03-2015 13:19:43 Removed Realtek USB 2.0 Card Reader
14-03-2015 14:40:51 Windows Update
16-03-2015 16:18:59 AA11
16-03-2015 16:37:39 AA11
16-03-2015 16:56:04 LavasoftWeCompanion
16-03-2015 17:13:08 avast! antivirus system restore point
16-03-2015 17:40:28 avast! antivirus system restore point
16-03-2015 17:54:40 Removed WeatherApp

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-13 22:34 - 2009-06-10 17:00 - 00000824 ____N C:\windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {198C343B-CCED-42C5-8523-422F45BAF623} - System32\Tasks\IE_ERR4WDR => C:\Program Files (x86)\Portable WeatherApp\IEError.exe
Task: {204F4E2E-CCBB-42D1-AAEA-C09676C69693} - System32\Tasks\ProPCCleaner_Start => C:\Program Files (x86)\Pro PC Cleaner\ProPCCleaner.exe <==== ATTENTION
Task: {277338C4-A96A-4F04-B187-2D47266CA691} - System32\Tasks\{4549E9A6-25B5-4CFC-A8C0-17672EA6055F} => pcalua.exe -a C:\ProgramData\HealthAlert\uninstall.exe -c /kb=y /ic=1
Task: {344BAD38-53A2-4545-B53C-BB3FD395C88E} - System32\Tasks\Advanced System Protector => C:\Program Files (x86)\RegClean Pro\SystweakASP.exe <==== ATTENTION
Task: {3A54FD7A-5261-4063-80BA-2DBF8BFABF24} - System32\Tasks\Right Backup_startup => C:\Program Files (x86)\Right Backup\RightBackup.exe
Task: {4413AFAB-43C8-450E-82D8-0B27959E3284} - System32\Tasks\{FD7C27AD-94A4-4693-BF16-6248C4AC4AAF} => pcalua.exe -a "C:\Program Files\AVAST Software\Avast\aswRunDll.exe" -c "C:\Program Files\AVAST Software\Avast\Setup\setiface.dll" RunSetup
Task: {55E9C570-885A-492F-8D54-69BF5882442C} - System32\Tasks\UPDTEXE4_WDR => C:\Program Files (x86)\Portable WeatherApp\updater.exe
Task: {5A5F876E-6933-4B95-A0AF-62E1F58E5214} - System32\Tasks\ProPCCleaner_Popup => C:\Program Files (x86)\Pro PC Cleaner\Splash.exe <==== ATTENTION
Task: {5F2B99E9-DC23-4533-B8B3-96DF72F6B5C1} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-02-05] (Adobe Systems Incorporated)
Task: {68782E2D-6268-48D2-A297-F963F1615554} - System32\Tasks\globalUpdateUpdateTaskMachineUA => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {6B34869C-CF2F-4795-8D0C-BC5D536AB7EE} - System32\Tasks\APSnotifierPP1 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {6E75224A-F99A-477C-B5FD-A3D54BBEA097} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {7FAF9ECE-AD29-41FB-BA54-901BA7536554} - System32\Tasks\Ad-Aware Update (Weekly) => C:\Program Files (x86)\Lavasoft\Ad-Aware\Ad-AwareAdmin.exe
Task: {A3655BE2-9521-471A-B43A-DAFD1D4015E2} - System32\Tasks\HDNINSTSCHD => C:\windows\PCBHDNW\hdnInstaller.exe
Task: {B1C4DE32-E64F-4D26-ABE3-573B66B1FF3C} - System32\Tasks\globalUpdateUpdateTaskMachineCore => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: {BCF003E8-97CC-4375-97CD-81DB790E93F0} - System32\Tasks\Advanced System Protector_startup => C:\Program Files (x86)\Advanced System Protector\AdvancedSystemProtector.exe <==== ATTENTION
Task: {CE926887-268D-4EC5-ABC6-67029BB97BFA} - System32\Tasks\APSnotifierPP2 => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: {F4643CCD-1974-4F33-B1C3-D395C1981BE8} - System32\Tasks\LaunchSignup => C:\Program Files (x86)\MyPC Backup\Signup Wizard.exe <==== ATTENTION
Task: {F8EDCECC-4ECD-4F9E-8815-91AF065C8B0C} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-03-16] (Avast Software s.r.o.)
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\APSnotifierPP1.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\APSnotifierPP2.job => C:\Program Files (x86)\AnyProtectEx\AnyProtect.exe <==== ATTENTION
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineCore.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\globalUpdateUpdateTaskMachineUA.job => C:\Program Files (x86)\globalUpdate\Update\GoogleUpdate.exe <==== ATTENTION
Task: C:\windows\Tasks\TSZK.job => C:\Users\RoseCake\AppData\Roaming\TSZK.exe <==== ATTENTION

==================== Loaded Modules (whitelisted) ==============

2010-04-07 19:07 - 2010-04-07 19:07 - 09468728 _____ () C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
2009-11-03 16:26 - 2009-11-03 16:26 - 00053560 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
2010-03-03 17:15 - 2010-03-03 17:15 - 00019256 _____ () C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
2011-03-29 22:48 - 2009-06-22 18:40 - 00022328 _____ () C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
2009-03-12 22:08 - 2009-03-12 22:08 - 00048640 _____ () C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
2009-07-25 20:38 - 2009-07-25 20:38 - 00017800 _____ () C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
2010-02-05 20:44 - 2010-02-05 20:44 - 00079192 _____ () C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosIPCWraper.dll
2015-03-16 17:44 - 2015-03-16 17:44 - 00104400 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-03-16 17:44 - 2015-03-16 17:44 - 00081728 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2015-03-18 10:32 - 2015-03-18 10:32 - 02922496 _____ () C:\Program Files\AVAST Software\Avast\defs\15031800\algo.dll
2015-03-16 17:44 - 2015-03-16 17:44 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2015-03-16 17:44 - 2015-03-16 17:44 - 01359872 _____ () C:\Program Files\AVAST Software\Avast\libglesv2.dll
2015-03-16 17:44 - 2015-03-16 17:44 - 00212992 _____ () C:\Program Files\AVAST Software\Avast\libegl.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3583772472-3013558980-347553230-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\RoseCake\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: Media is not connected to internet.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

==================== Accounts: =============================

Administrator (S-1-5-21-3583772472-3013558980-347553230-500 - Administrator - Disabled)
Guest (S-1-5-21-3583772472-3013558980-347553230-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3583772472-3013558980-347553230-1002 - Limited - Enabled)
RoseCake (S-1-5-21-3583772472-3013558980-347553230-1001 - Administrator - Enabled) => C:\Users\RoseCake

==================== Faulty Device Manager Devices =============

Name: Teredo Tunneling Pseudo-Interface
Description: Microsoft Teredo Tunneling Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: tunnel
Problem: : This device cannot start. (Code10)
Resolution: Device failed to start. Click "Update Driver" to update the drivers for this device.
On the "General Properties" tab of the device, click "Troubleshoot" to start the troubleshooting wizard.

Name: qrnfd_1_10_0_9
Description: qrnfd_1_10_0_9
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: qrnfd_1_10_0_9
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (03/18/2015 11:32:46 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: Information only.
(Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (03/18/2015 11:22:47 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 11:22:29 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (03/18/2015 11:08:58 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 10:51:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program Explorer.EXE version 6.1.7601.17567 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: 564

Start Time: 01d06187fa30d7fc

Termination Time: 1607

Application Path: C:\windows\Explorer.EXE

Report Id: 2764b3d5-cd7e-11e4-b1a0-00266cc682d8

Error: (03/18/2015 10:30:53 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/18/2015 10:30:08 AM) (Source: Toshiba App Place) (EventID: 0) (User: )
Description: System.ArgumentOutOfRangeException: Number must be either non-negative and less than or equal to Int32.MaxValue or -1.
Parameter name: dueTime
Stack Trace:
   at System.Threading.Timer..ctor(TimerCallback callback, Object state, Int32 dueTime, Int32 period)
   at System.Timers.Timer.set_Enabled(Boolean value)
   at SnappCloud.ActivationReminder.AraClient.PostInit()
   at SnappCloud.ActivationReminder.Program.Main(String[] args)

Error: (03/17/2015 06:41:28 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: //./root/CIMV2SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 990x80041003

Error: (03/17/2015 04:17:27 PM) (Source: MsiInstaller) (EventID: 1013) (User: RoseCake-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- SA_Error25101: StandardAction(0xC007620D): We have detected that Avast Free Antivirus, is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

Error: (03/17/2015 04:17:24 PM) (Source: MsiInstaller) (EventID: 1013) (User: RoseCake-PC)
Description: SA_Error1709: StandardAction(0xC00706AD): Product: AVG 2014 -- SA_Error25101: StandardAction(0xC007620D): We have detected that Avast Free Antivirus, is already installed on your system, therefore the installation can not continue. We recommend that you uninstall this product first and then try to launch the installation again.

System errors:
=============
Error: (03/18/2015 11:22:46 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
Avgldx64
qrnfd_1_10_0_9

Error: (03/18/2015 11:22:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVG WatchDog service failed to start due to the following error:
%%2

Error: (03/18/2015 11:22:26 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The AVGIDSAgent service failed to start due to the following error:
%%2

Error: (03/18/2015 11:08:00 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}

Error: (03/18/2015 11:08:00 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}

Error: (03/18/2015 11:07:55 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084EventSystem{1BE1F766-5536-11D1-B726-00C04FB926AF}

Error: (03/18/2015 11:07:48 AM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: The following boot-start or system-start driver(s) failed to load:
aswRvrt
aswSnx
aswSP
aswVmm
Avgdiska
AVGIDSDriver
Avgldx64
ctxusbm
discache
qrnfd_1_10_0_9
spldr
Wanarpv6

Error: (03/18/2015 11:07:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The Client Virtualization Handler service depends on the Application Virtualization Client service which failed to start because of the following error:
%%1068

Error: (03/18/2015 11:07:44 AM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: The AVGIDSAgent service depends on the AVGIDSDriver service which failed to start because of the following error:
%%31

Error: (03/18/2015 11:07:48 AM) (Source: DCOM) (EventID: 10005) (User: )
Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}

Microsoft Office Sessions:
=========================
Error: (03/18/2015 11:32:46 AM) (Source: CVHSVC) (EventID: 100) (User: )
Description: (Patch task for {90140011-0066-0409-0000-0000000FF1CE}): DownloadLatest Failed: There are currently no active network connections. Background Intelligent Transfer Service (BITS) will try again when an adapter is connected.

Error: (03/18/2015 10:51:14 AM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Explorer.EXE6.1.7601.1756756401d06187fa30d7fc1607C:\windows\Explorer.EXE2764b3d5-cd7e-11e4-b1a0-00266cc682d8

==================== Memory info ===========================

Processor: AMD C-50 Processor
Percentage of memory in use: 62%
Total physical RAM: 1638.87 MB
Available physical RAM: 610.52 MB
Total Pagefile: 3277.73 MB
Available Pagefile: 2158.34 MB
Total Virtual: 8192 MB
Available Virtual: 8191.86 MB

==================== Drives ================================

Drive c: (TI106147W0C) (Fixed) (Total:220.08 GB) (Free:183.23 GB) NTFS ==>[System with boot components (obtained from reading drive)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 232.9 GB) (Disk ID: 2B538AD9)
Partition 1: (Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Not Active) - (Size=220.1 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=11.3 GB) - (Type=17)

==================== End Of Log ============================

Thank you so much again, for anyone brave enough to tackle this. Most tutorials I see are saying I need a flash drive. I hope not, but what will be, will be. Thanks.

#2
zep516

Posted 18 March 2015 - 04:51 PM

Trusted Helper

Malware Removal
8,093 posts

Hello,

Hi! My name is zep516 and Welcome to Geekstogo!
I'll do the best I can to resolve your computer issue
Please make sure to carefully read any instruction that I give you. If you're not sure, or if something unexpected happens, don't continue Stop and ask! Never be afraid to ask questions!

Next

Please download AdwCleaner by Xplode onto your Desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click the Scan button and wait for the process to complete.
Click the Report button and the report will open in Notepad.
NOTE: If you get an error message, it means that nothing was found. Exit from AdwCleaner.
Click on the Clean button follow the prompts.
A log file will automatically open after the scan has finished and the PC has rebooted.
Please post the content of that log file with your next answer.
You can find the log file at C:\AdwCleaner
Next

Please download Junkware Removal Tool to your Desktop.

Please close your security software to avoid potential conflicts. See Here how to disable you security protection (Anti Virus)
Run the tool by double-clicking it. If you are using Windows Vista or 7, right-mouse click it and select Run as administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete, depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your Desktop and will automatically open.
Please post the contents of JRT.txt into your reply.

In your next reply post;
- The AdwCleaner [SO].txt Log
- The JRT.txt Log
Thanks
Joe

#3
d.brack

Posted 18 March 2015 - 06:42 PM

Member

Topic Starter
Member
42 posts

Thanks so much for getting back to me so quickly. Here are the logs you requested.

SO Log:

# AdwCleaner v4.112 - Logfile created 18/03/2015 at 20:07:13
# Updated 09/03/2015 by Xplode
# Database : 2015-03-15.1 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x64)
# Username : RoseCake - ROSECAKE-PC
# Running from : C:\Users\RoseCake\Desktop\adwcleaner_4.112.exe
# Option : Cleaning

***** [ Services ] *****

Service Deleted : qrnfd_1_10_0_9

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\Browser
Folder Deleted : C:\ProgramData\ParetoLogic
Folder Deleted : C:\ProgramData\Search Protection
Folder Deleted : C:\ProgramData\Systweak
Folder Deleted : C:\ProgramData\11be24a400006fb3
Folder Deleted : C:\ProgramData\70d0ef56000030ec
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Right Backup
Folder Deleted : C:\Program Files (x86)\globalUpdate
Folder Deleted : C:\Program Files (x86)\predm
Folder Deleted : C:\Program Files (x86)\Toolbar Cleaner
Folder Deleted : C:\Program Files (x86)\Uninstaller
Folder Deleted : C:\Program Files (x86)\StormWatch
Folder Deleted : C:\Program Files (x86)\Optimizer Pro 3.56
Folder Deleted : C:\windows\SysWOW64\config\systemprofile\AppData\Roaming\Systweak
Folder Deleted : C:\Users\RoseCake\AppData\Local\globalUpdate
Folder Deleted : C:\Users\RoseCake\AppData\Local\SmartWeb
Folder Deleted : C:\Users\RoseCake\AppData\Local\Pro_PC_Cleaner
Folder Deleted : C:\Users\RoseCake\AppData\LocalLow\adawaretb
Folder Deleted : C:\Users\RoseCake\AppData\LocalLow\mapsgalaxy_39
Folder Deleted : C:\Users\RoseCake\AppData\LocalLow\MyScrapNook_12
Folder Deleted : C:\Users\RoseCake\AppData\Roaming\AnyProtectEx
Folder Deleted : C:\Users\RoseCake\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\RoseCake\AppData\Roaming\ParetoLogic
Folder Deleted : C:\Users\RoseCake\AppData\Roaming\pccustubinstaller
Folder Deleted : C:\Users\RoseCake\AppData\Roaming\rightbackup
Folder Deleted : C:\Users\RoseCake\AppData\Roaming\SecureSearch
Folder Deleted : C:\Users\RoseCake\AppData\Roaming\Systweak
Folder Deleted : C:\Users\RoseCake\Documents\Optimizer Pro
Folder Deleted : C:\Users\RoseCake\Documents\ProPCCleaner
File Deleted : C:\END
File Deleted : C:\windows\patsearch.bin
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\windows\System32\sasnative64.exe

***** [ Scheduled tasks ] *****

Task Deleted : Advanced System Protector
Task Deleted : Advanced System Protector_startup
Task Deleted : APSnotifierPP1
Task Deleted : APSnotifierPP2
Task Deleted : globalUpdateUpdateTaskMachineCore
Task Deleted : globalUpdateUpdateTaskMachineUA
Task Deleted : LaunchSignup
Task Deleted : Right Backup_startup
Task Deleted : ProPCCleaner_Start
Task Deleted : ProPCCleaner_Popup

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\ndkhncnongaclekkbelchmeafffimifj
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\superfish.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\www.superfish.com
Key Deleted : HKLM\SOFTWARE\Classes\MapsGalaxy_39.PseudoTransparentPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MapsGalaxy_39.PseudoTransparentPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\MapsGalaxy_39.SettingsPlugin
Key Deleted : HKLM\SOFTWARE\Classes\MapsGalaxy_39.SettingsPlugin.1
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{058F0E48-61CA-4964-9FBA-1978A1BB060D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{18F33C35-8EF2-40D7-8BA4-932B0121B472}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{459DD0F7-0D55-D3DC-67BC-E6BE37E9D762}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{8F0B76E1-4E46-427B-B55B-B90593468AC6}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{82024F98-F9FB-47F4-860F-887E41883C9D}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E70EAE41-BB5A-440E-BF6E-BE2A280FD49C}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{6C97A91E-4524-4019-86AF-2AA2D567BF5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{E5A7A645-8318-4895-B85C-EDC606B80DB6}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FCE4F01-64EC-42F1-83E1-1E08D38605D2}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1A2A195A-A0F9-4006-AF02-3F05EEFDE792}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2D9DB233-DC4B-4677-946C-5FA5ABCF506B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3AE76A17-C344-4A83-81CE-65EFEE41E42D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4C0A69B0-CE97-42B7-86FC-08280C99C74D}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4E9EB4D5-C929-4005-AC62-1856B1DA5A24}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8FAF962C-3EDE-405E-B1D0-62B8235C6044}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{C1F5E799-B218-4C32-B189-3C389BA140BB}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F60C9408-3110-4C98-A139-ABE1EE1111DD}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{015DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Key Deleted : HKCU\Software\AnyProtect
Key Deleted : HKCU\Software\Cr_Installer
Key Deleted : HKCU\Software\distromatic
Key Deleted : HKCU\Software\GlobalUpdate
Key Deleted : HKCU\Software\IGearSettings
Key Deleted : HKCU\Software\Optimizer Pro
Key Deleted : HKCU\Software\ParetoLogic
Key Deleted : HKCU\Software\systweak
Key Deleted : HKCU\Software\usyndication.com
Key Deleted : HKCU\Software\StormWatchApp
Key Deleted : HKCU\Software\GAMESDESKTOP
Key Deleted : HKCU\Software\Super Optimizer
Key Deleted : HKCU\Software\ProPCCleanerLanguage
Key Deleted : HKCU\Software\ProPCCleanerConfig
Key Deleted : HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKCU\Software\AppDataLow\Software\adawarebp
Key Deleted : HKCU\Software\AppDataLow\Software\BlockAndSurf
Key Deleted : HKCU\Software\AppDataLow\Software\Crossrider
Key Deleted : HKCU\Software\AppDataLow\Software\DynConIE
Key Deleted : HKLM\SOFTWARE\{1146AC44-2F03-4431-B4FD-889BC837521F}
Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Key Deleted : HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Key Deleted : HKLM\SOFTWARE\AVG SafeGuard toolbar
Key Deleted : HKLM\SOFTWARE\GlobalUpdate
Key Deleted : HKLM\SOFTWARE\ParetoLogic
Key Deleted : HKLM\SOFTWARE\systweak
Key Deleted : HKLM\SOFTWARE\Tutorials
Key Deleted : HKLM\SOFTWARE\StormWatchApp
Key Deleted : HKLM\SOFTWARE\SpeedBrowser
Key Deleted : HKLM\SOFTWARE\GAMESDESKTOP
Key Deleted : HKLM\SOFTWARE\IGS
Key Deleted : HKLM\SOFTWARE\QuickRef_1.10.0.9
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Toolbar Cleaner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VOPackage
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\sweetlittlebluebird.com
Data Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings [ProxyOverride] - <-loopback>

***** [ Web browsers ] *****

-\\ Internet Explorer v11.0.9600.17689

-\\ Google Chrome v

*************************

AdwCleaner[R0].txt - [9710 bytes] - [18/03/2015 19:53:23]
AdwCleaner[S0].txt - [8906 bytes] - [18/03/2015 20:07:13]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8965 bytes] ##########

JRT:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.4.5 (03.17.2015:1)
OS: Windows 7 Home Premium x64
Ran by RoseCake on Wed 03/18/2015 at 20:15:17.54
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Eventlog\Application\update mega browse
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.DynamicBarButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.DynamicBarButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.FeedManager
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.FeedManager.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.HTMLMenu
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.HTMLMenu.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.HTMLPanel
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.HTMLPanel.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.MultipleButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.MultipleButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.Radio
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.Radio.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.RadioSettings
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.RadioSettings.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ScriptButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ScriptButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ThirdPartyInstaller
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ThirdPartyInstaller.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ToolbarProtector
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.ToolbarProtector.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.UrlAlertButton
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.UrlAlertButton.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.XMLSessionPlugin
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\MapsGalaxy_39.XMLSessionPlugin.1

~~~ Files

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\ad-aware browsing protection"
Successfully deleted: [Folder] "C:\Users\RoseCake\AppData\Roaming\fixcleaner"
Successfully deleted: [Folder] "C:\Users\RoseCake\appdata\local\adawarebp"
Successfully deleted: [Empty Folder] C:\Users\RoseCake\appdata\local\{1123E870-2E09-4143-BAD6-100A2909877E}
Successfully deleted: [Empty Folder] C:\Users\RoseCake\appdata\local\{9C0904D5-6031-4CC4-8B49-B7EEEE93E882}
Successfully deleted: [Empty Folder] C:\Users\RoseCake\appdata\local\{A4218FF7-3102-4D55-9D57-0BF7ACADA471}
Successfully deleted: [Empty Folder] C:\Users\RoseCake\appdata\local\{AFDF9C67-9FAF-44AB-B806-0794D84D796A}
Successfully deleted: [Empty Folder] C:\Users\RoseCake\appdata\local\{C57F887B-AAF6-45A9-90A7-E0DFEE8ACA95}
Successfully deleted: [Empty Folder] C:\Users\RoseCake\appdata\local\{CE760E63-89A1-441A-A8D5-36320BCD0381}
Successfully deleted: [Empty Folder] C:\Users\RoseCake\appdata\local\{DB56F6B1-0FBE-49C6-AE0F-E674B8A5B277}
Successfully deleted: [Empty Folder] C:\Users\RoseCake\appdata\local\{E8255963-0952-45A6-8B2D-B9D6A1554DD7}

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Wed 03/18/2015 at 20:31:07.30
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Thanks again!

#4
zep516

Posted 18 March 2015 - 06:49 PM

Trusted Helper

Malware Removal
8,093 posts

Next
Download and run the AVG removal tool
http://download.avg....4_2014_4116.exe
Save the file to the desktop, and run the tool
Post the log report it should create one.

Next

You may skip the download part since you have Malwarebytes already installed.

Please download Malwarebytes Anti-Malware to your desktop
Install the progamme and select update
Once it has updated select Settings > Detection and Protection
Tick Scan for rootkits

Go back to the Dashboard and select Scan Now

If threats are detected, click the Apply Actions button, MBAM will ask for a reboot.

On completion of the scan (or after the reboot) select View Detailed Log
Select Export > Select text file and save to the desktop
Post that log

#5
d.brack

Posted 19 March 2015 - 07:40 AM

Member

Topic Starter
Member
42 posts

AVG Removal Tool Log:

"Running zap for product code {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}:Thu 03/19/2015 5:59:22.99"

C:\Users\RoseCake\Desktop>C:\Users\RoseCake\AppData\Local\Temp\avg-37413b18-3173-4545-8f49-453f5b97b16d.exe TW! {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} /nologo

***** Zapping data for user S-1-5-18 for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} *****
MsiZapInfo: Performing operations for user S-1-5-18
Searching for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} cached package. . .
   Removed file: C:\windows\Installer\22285f3.msi
Searching for install property data for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
   Removed \475C0C1D58361DE4BB9DB226CFCE0EFE\InstallProperties
Searching for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data in the HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall key. . .
   Removed \{D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}
Searching user's global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
   Removed upgrade code '475C0C1D58361DE4BB9DB226CFCE0EFE' at HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
   Removed \Features
   Removed \Patches
   Removed \Usage
   Removed \Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching per-machine global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching old global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching per-machine location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Classes\Installer\UpgradeCodes...
   Removed upgrade code '475C0C1D58361DE4BB9DB226CFCE0EFE' at HKLM\Software\Classes\Installer\UpgradeCodes
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
   Removed \Media
   Removed \Net
   Removed \SourceList
   Removed \Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE
Searching HKLM\Software\Classes\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
   Removed \Software\Classes\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE
Searching for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} in per-user managed location. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching for shared DLL counts for components tied to the product 475C0C1D58361DE4BB9DB226CFCE0EFE. . .
   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product 475C0C1D58361DE4BB9DB226CFCE0EFE. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE client info data. . .
   Removed client of component 003DACB09341D224FA6375ED6BCAC29D
   Removed client of component 00E6EFE95C130EB4F819B6D0623775F2
   Removed client of component 019D6DCC9830FE942BEF507646214642
   Removed client of component 027C7C4F208E36D49A77947C93A6BE7C
   Removed client of component 02B603CDCA377F7479C99874713D2705
   Removed client of component 02D3475DA821A3C44916BDFD77F2902A
   Removed client of component 030B0D1B7BA3DBD4589C3E5B2FC35CDD
   Removed client of component 032661D862AC7F54AA51705383D42861
   Removed client of component 03AE73B2D936C65488D20805B4DF97C7
   Removed client of component 0501048477932D447BB3E930161DC011
   Removed client of component 05AFA7267A7742D4DBA8CF1002690639
   Removed client of component 065A738359B9D534BACB46BD5EB16ECF
   Removed client of component 06E2CCFFB3F60DB4D83C08F0649383F5
   Removed client of component 071FB5EAB8C1BEC46B913E360EF68BB8
   Removed client of component 07762C5AEAEA9684EAD061A1F69B8FAA
   Removed client of component 0817335BEE101BC47A132CC6C853050C
   Removed client of component 087B67A58BB977C47B16957CBA89BD6B
   Removed client of component 0958544750741B549AE9266E52CD8217
   Removed client of component 09C3302A4A78CA24E948CD452430A8BE
   Removed client of component 09ED75C1E35B2F64CA19CEAD4C24AB08
   Removed client of component 0A011181018A8864F98E69B15D22643B
   Removed client of component 0A774F2399F3DB646A81460444F83217
   Removed client of component 0AD699A3EA0364746945CDC47A22C58A
   Removed client of component 0AF5F2B94E71E454586C2C56A98C8603
   Removed client of component 0B4BC9949AE842D488DDF78732E893FA
   Removed client of component 0B9EE285915E16C49803F4380EA5174B
   Removed client of component 0BBDC3DF3B11B4F4AA1E374601ACCCEF
   Removed client of component 0BC2850B588A22942853275942B1B568
   Removed client of component 0D59DBAA68ED7DE48AACDC7285302973
   Removed client of component 0D6E1289A538F7041AF021373989F7D9
   Removed client of component 0E68FBB9C7BBCB4438B1AAD93B162A24
   Removed client of component 0F2EC3ACBD15E4941ABD6373B4513889
   Removed client of component 0F54FA46E57543A46A85A32FDB5C9239
   Removed client of component 0F956CAAD8A39D04BA5C963AF60AE313
   Removed client of component 11082F6E17F76A341A91759573F4856A
   Removed client of component 112615B997AF0CF4287076051A166DAF
   Removed client of component 1176B5991436965408E80EF5E2BA8A5D
   Removed client of component 11A5E72A3C6C1234983CCB5E60EF5473
   Removed client of component 121D01E5046E0C647AA9593ABAA3C803
   Removed client of component 124DAFF99A410DE4A95BA50D88272A5B
   Removed client of component 1250B690B093C3E4F99E84BA5829810F
   Removed client of component 125D7CA21F23C7B44925340C18A3DB07
   Removed client of component 125DA4F5CC4BBF243B9F56A5AA992797
   Removed client of component 1302810D9A38C2F49A6FD3AC5253281A
   Removed client of component 13047D7A9A83CF34197860A83C66AE91
   Removed client of component 133DD970AFD182A4791BE6DC8FF77E50
   Removed client of component 143C6102133658F428FDBCB902FFC43D
   Removed client of component 147522D0DF65E3645A630716CA31E0D3
   Removed client of component 14F68B742779E3042980CE0C8967D934
   Removed client of component 14FD6105D3BE9EF4688EF7BCA234893B
   Removed client of component 15937F78658FBEA4DB1A445AE93837C2
   Removed client of component 162735E4B33ABD44F87E254121F5F818
   Removed client of component 169CD017C93B9CE4799049AFA79E04F9
   Removed client of component 16D707C88B8B93B43A16FC66B96B1CA7
   Removed client of component 172B82B0BC9705445806D835D8D959CA
   Removed client of component 1736B97F3D294D74CB2CF3A76880D9E3
   Removed client of component 17B548971C3E0134FAD245E50D3E3823
   Removed client of component 17BB3DBE2E27DB54BA25A07BC7A8CB95
   Removed client of component 17E0017A43069AA4681365C24E54F8DC
   Removed client of component 196A4F301525C7B478B69A8544F38D28
   Removed client of component 198168DF455D9434C88B055D93C951FE
   Removed client of component 1993C86839574DD45BD92E8E321605DA
   Removed client of component 19AD0C630C80CB045A9BB10090B976AD
   Removed client of component 1A223565A84D3AF4CAD76D877506FCDA
   Removed client of component 1B280650FE06B68458276D597CA85EDC
   Removed client of component 1B40620857B711B49909F5745CF58306
   Removed client of component 1C28AAD2D6BDFBF4B9C0DA4434F5952E
   Removed client of component 1D4BA4A7392E3A4479A224109C53701E
   Removed client of component 1D96A6DE8CA9AB841AA8C5745917E03A
   Removed client of component 1E9AF0842D912A645AB387DCF55224AA
   Removed client of component 1FDF680B071C6C447A594112A4084862
   Removed client of component 20DA03FE3C742E248A8DB5835C365E59
   Removed client of component 2106B298B9524BB46848605DC088D1D8
   Removed client of component 21C493F576FA1C142836A4C47F9BE7AE
   Removed client of component 22575824549742544859969EAA7679CE
   Removed client of component 227A84C561A4FCB42B34275B71083610
   Removed client of component 23298090337206741BA1ADA8D3AB4E96
   Removed client of component 23E1F04D30FBE3D42A1EA30A70F40504
   Removed client of component 23E662EFBD9C30943B63359B5C432865
   Removed client of component 23E715FD58DEA984283F2ABC486DA1CF
   Removed client of component 23E735B1D4DAD114CAAE81671348B04F
   Removed client of component 24523D21C99EC374CA5F4DC243E374CC
   Removed client of component 247387F4958362548941ADCC6796F991
   Removed client of component 24EBF7C3D3C0CB047971FEF8D579ABB4
   Removed client of component 24F1F977AF13F6F4B81F6104FE297DC6
   Removed client of component 2520E86DE367C8244BEF3A186FAEE3FA
   Removed client of component 2579AC85D7E870F4E997DFAB420C852E
   Removed client of component 25C760EF011F6D8439B2927A2FA3E9E9
   Removed client of component 287C3BD8B4C76B647B843FAAD14A15C9
   Removed client of component 28933658B2ADFB24D98CC0223F7B09B1
   Removed client of component 292ADDD7EE99DFF4892B0334A91CA022
   Removed client of component 294BAA1F4B1FE1644A6F5BCDD81E7751
   Removed client of component 2953253AA030EF44A81FDF3F21AFE614
   Removed client of component 2A2C03623FAED9F4E96C811E1F76B28B
   Removed client of component 2CC639D7D71063F429EE0FEFAD74A1B3
   Removed client of component 2CE8AC9E1C268664182188E0B87DE7BD
   Removed client of component 2D56CCBB52263F141A29BD9F3755DA87
   Removed client of component 2D8A01A1AB7F07E499EB851D9A70E6E6
   Removed client of component 2D944CD02EE67FA4C93EB299B455A791
   Removed client of component 2DC753D5984B8384B8DA8196C661DCD4
   Removed client of component 2E93BF84413E08D4A9C6688322F253A7
   Removed client of component 2EE150485A91DC54FAC6B9BAAC4EB4F2
   Removed client of component 3107A8D1EB7673E4F93FF0526117023F
   Removed client of component 3116C58A6E150EB4AB878351B829A3E7
   Removed client of component 3118304BC24558549A72C2CCFA626E6A
   Removed client of component 319F350EFA3BC9C4D8FB303F8627600F
   Removed client of component 32DB5648D539A164A9B90B68CFF3C7E8
   Removed client of component 3349976144DF81542895A3C0BFEA39F5
   Removed client of component 3387ABD526469A342BAF65CA5C580B52
   Removed client of component 33ED7A994BBB8754DB14638F896D36D3
   Removed client of component 3434D62C2093DC04797E15550EA4F6A2
   Removed client of component 344848DD31882FD49BC4BBC2D0DB41F6
   Removed client of component 3497740298909B74BA8BA843CB4E4A11
   Removed client of component 34A298524AAC1654E9FF99565918FCDF
   Removed client of component 35D6ABCF7DD40AE489CDC52D6A78CA2C
   Removed client of component 35F16DB0C49F2794CA7D85512EE3D5B7
   Removed client of component 366D7E52940966943B9720F6E6705CB9
   Removed client of component 3710C944B0FF63E47861392B59EFB6A2
   Removed client of component 37CBE185811AE1C4388EBB175B71A4C8
   Removed client of component 38AE9CC0DBC8FF84E85B404A63D429AB
   Removed client of component 3958941706B53D845908204A6B23CE60
   Removed client of component 3961A18A47BB5324AA145BFC71209D86
   Removed client of component 3971D29583777D841AB8A9584A86E2C7
   Removed client of component 39F9D3F62606B6041902BD664C2DC7DF
   Removed client of component 3B4E3E26D1034184BB057C0D6B2E8735
   Removed client of component 3B5D8DDF76CDC304B993B2E6BE2EEBAD
   Removed client of component 3BAFDE2C80506B145BD3A4D66FE83ECB
   Removed client of component 3C7873194CF42EA498C0A773924CF5AB
   Removed client of component 3CE5C85CD618C904281DCBC1B4A1DFB8
   Removed client of component 3CEE213B6C44B414B9F1937B800B9FA5
   Removed client of component 3D299224A5C620B4794036740D1DD8CB
   Removed client of component 3D57D3AB61FBBE04495C0A04D9B1F462
   Removed client of component 3D9F3ED53B1CAFA43B42648BB895EF93
   Removed client of component 3E50E0F5227E31B4C9692FAABE07044F
   Removed client of component 3E583B6FDB2573947A16C81BA5BFD079
   Removed client of component 3E867A7C39AAED74A8AA6153534F047C
   Removed client of component 3EABB319E23936F42B8E1C922C02CBE8
   Removed client of component 3EE5B81FC5ECE0643AD892157421DFD4
   Removed client of component 3F1D22CD5C854164E83BACF6BFE167B5
   Removed client of component 3FF0132B8A8E43346BE1D645F3A66023
   Removed client of component 402C78B217148CA4FBB82BF292039E76
   Removed client of component 40780D21CFA8A9A4CA7D5707CBF61023
   Removed client of component 41024B026372C9A468E1B965BD359FB0
   Removed client of component 41869D34C2C0FB24BB0F6AD4CB36F3B5
   Removed client of component 41AA7058CCAB60540928BA3F9BDFDA0B
   Removed client of component 421C936DB40364544A70696FCCA6AF0A
   Removed client of component 4262BB688472B764885E03E74638BC61
   Removed client of component 42880575DF40D6342B4D6C02576F4287
   Removed client of component 42E613BC40D065042BC699CCCABEFD8A
   Removed client of component 43FE4666E7BE4384C9D6D9D1165AADA4
   Removed client of component 44B25578D2109A548A23EEB4FD1B71BD
   Removed client of component 44D41E65811F7BB408760448BE847397
   Removed client of component 45F91B88A504156478FFD22A825BAF01
   Removed client of component 460717AE1B1059C4EB0BB66EAF397AD9
   Removed client of component 460A71BE83D076D449BB0AE4599759FB
   Removed client of component 462A631BB703A4548A2B7DBB63EDAFF8
   Removed client of component 478BFEF0BF1CD1744A8B99FB4178142D
   Removed client of component 47ABA1BCEFA4011408D57CA1B85F6D0F
   Removed client of component 4805B53BF1A6B344AAD7F148D10F869B
   Removed client of component 48F53776BB675444CBDA040D3B91705A
   Removed client of component 49B1EDE2C2FF28F4389EA52D324F51D6
   Removed client of component 4A22416726B8B6B499B3697412F34582
   Removed client of component 4AE07606FC567CB4FA73EDACC242C0CF
   Removed client of component 4AFA539C11100BB4389513EFD28EFFBF
   Removed client of component 4C4D6329CC3754C46B3C19EA15C75045
   Removed client of component 4C762B8E9A924EA4894E8ADA529CED0A
   Removed client of component 4CE2ED4BAC71A6C42A5C3169C32956AE
   Removed client of component 4D0167221BB9B3D43B43EF3A745A1292
   Removed client of component 4D33BE144B40AC6419007DC74F39A267
   Removed client of component 4D5B107CF719FF24AB6E50118D97FC7A
   Removed client of component 4EB7C6CCEDFF9704891A608A5B900FF3
   Removed client of component 4F2CE14525C93024198F620C6D51B8DB
   Removed client of component 4F82A6D2B24353B4BA0F0E452B253C82
   Removed client of component 4FE038D2B2DA574439794F8657E6B107
   Removed client of component 505B3583CF2D18744BE9A7F230D312C7
   Removed client of component 5103F56A313CD2E458596535E73E1DF9
   Removed client of component 5151E1B160E2D2D449B2564552A6FC9C
   Removed client of component 521C63A6C65BF0947AD077CA85D5E0C0
   Removed client of component 52309164E7721A04EAE6457173F344D8
   Removed client of component 5249446598926494D91F9F2055068FAE
   Removed client of component 526CFABCF5E419749B361E2C66B396DF
   Removed client of component 528AAAA5719DB2540B64251808055520
   Removed client of component 53DA775AEC55151438546EDFA2656BBB
   Removed client of component 54486E81CEF9C9249B6182AFA9E761EE
   Removed client of component 5508BEBA30B7E514593684C4A59DB2B3
   Removed client of component 550D8EF204542CF47A1444F7F82C896C
   Removed client of component 5517DFDDA81A53948831BE335AA0874A
   Removed client of component 5530421FD500201499676B7891922BA9
   Removed client of component 553486A52F2B2774E9CA119658789620
   Removed client of component 5537E3884343FDC48ACFC062D3E99F8A
   Removed client of component 554B76B97B673D8468A5A64D86775DC6
   Removed client of component 56D59B64D9F2D78479AFCADADA141268
   Removed client of component 58870A97F1C30FF44950CF8BC5592C27
   Removed client of component 5A00C99446F7F8840B19F4AF4020C941
   Removed client of component 5C605206CB26CE24590B6200589C909A
   Removed client of component 5C67311FB2195ED40B081EE3303D953A
   Removed client of component 5C7036117AF49FA48B848B6F09B75F43
   Removed client of component 5C7BB6F87E1D1C84498E05BFDD6187BB
   Removed client of component 5CC057EE62249B64A8B2DB398EFF216B
   Removed client of component 5E227417B55459A41817B1D9CF4F9488
   Removed client of component 5E40735327C20C74D96646B056E2600B
   Removed client of component 5F40799971E057147A8E4EE7B8ADAF0F
   Removed client of component 5FC14D54BA9B55B4BB0931035A54808E
   Removed client of component 605DA653F01A97B40BBE97216F0BB29C
   Removed client of component 609485A502660E5409114C601E39F957
   Removed client of component 60EFD1FC571CBF948B9E5DE9FAEAA429
   Removed client of component 6191FC72B899D9D409D59E677609FAF4
   Removed client of component 61FB7CCC2DF7BA643BD7B4A79EA2A70D
   Removed client of component 624BB461518C0F94CB88FFBA9572EEC0
   Removed client of component 6253CB557135D7D4287B599FB3B201AA
   Removed client of component 62C1DFD8B06176D4AA34BD2BB0D46EFC
   Removed client of component 635A8BDBB1417E246A2DA2A681000CA5
   Removed client of component 637CF61EE5AC09346BA673596A158BBF
   Removed client of component 63993DE25B932FA4F80F38EBE7F71E72
   Removed client of component 63EAE62B8178BF4488B63F7588FE7606
   Removed client of component 6447070F131AE214DB84E406233E3376
   Removed client of component 6468CB58E2A5BA04BB76B459D96BE698
   Removed client of component 64C85FB60D68FCC44A9B30D09034DE4B
   Removed client of component 64D4101ABFAD9C54EBE915E59F91A270
   Removed client of component 654FD6FD7F74FF047BBF46A837C689F5
   Removed client of component 656BDDB1A266A7F40A533F293263BCD0
   Removed client of component 656FD3C6A7E3EFB4F9E663F93B6FF3F9
   Removed client of component 671E5A2686CD4174A96325F252161B32
   Removed client of component 679DBB467F3964A40B7A4B8E6C00B92C
   Removed client of component 679EF077FD9A35D49AC6A389FDDBB345
   Removed client of component 6814B28B99BEA1647849569D8C41B066
   Removed client of component 6875890B4B1EB4B48B7CD97D5BA9F9F1
   Removed client of component 6880645B29820EC4D95FECC32D13C3A5
   Removed client of component 694DE79985D66EB43833F2E11E1E7E1B
   Removed client of component 69A6F144A153F364499AD9E627047D55
   Removed client of component 69A7EC33A6AD59E46A512E459F125E62
   Removed client of component 6A93A02ADE963AB4EA3963505708CD0D
   Removed client of component 6BA6F96819F8470439D8D52879235EA1
   Removed client of component 6C119490142FAD046A599B72B8192015
   Removed client of component 6C4E31F4CD40DCC4599D82C21D859168
   Removed client of component 6C52FB974CDEE5A46A91901A86715672
   Removed client of component 6C7ADF025124DB84FB7D81841888CA24
   Removed client of component 6C8E845A1F4ECE841997FF7FE5540F92
   Removed client of component 6D100AC98924A5949B94075E70B6E34B
   Removed client of component 6E360BFEB10C66545A8E65DD1FBB0040
   Removed client of component 6E37685F8F839374AA5E26C7684D7823
   Removed client of component 6EFC63BA06F66A74FB050D719A36FE4E
   Removed client of component 6F41F9934D1EE594AA13B115836A5AE5
   Removed client of component 6FA991F53D8D5224CBD916536977CA6A
   Removed client of component 6FBC6B036F5C1D444B87A62DC3789A02
   Removed client of component 701C047C78925CF4BA13D63FB4BEF156
   Removed client of component 710CD25E13A238C479CF7A2582A19196
   Removed client of component 725C7A427990F9D41A64CB4791162A3A
   Removed client of component 7283A35AD7AA84F4AA82587F9EAD6275
   Removed client of component 7503F88B04454FB4AB5547DA54C71BCA
   Removed client of component 7530F01E59F3CF64EB5F40FADFF6F612
   Removed client of component 759CD54ED64971649BB1D7BF25E4E813
   Removed client of component 75DF69F69F518474DBE558D41A593044
   Removed client of component 777A353C80D2CD342A9DE859EE313420
   Removed client of component 77BE5AD65E6D3C8478A21692FA43DDEC
   Removed client of component 78290BA75F9ADBF4FACAD6CC0DC68D78
   Removed client of component 7831E34F306CF3B4385B4A21D7C7EFF9
   Removed client of component 78FC5F53088CCFA4FA6C6A6E0E32BFA7
   Removed client of component 79968B83CB3F96E4092A202DDA9427CA
   Removed client of component 79B11BB842CA22F439DDA8D19359F7F5
   Removed client of component 79D9B8FDB19446747941F058A3CDF1C7
   Removed client of component 7A63B484BC06A9F4A838A24633672248
   Removed client of component 7A907191D857AF54A889BA70A37C2207
   Removed client of component 7AB633B85A12D8548B626C28C75B5A4B
   Removed client of component 7AE8A4C6FA6F1144EB0A7F8EDC02E54C
   Removed client of component 7B2F0B76E1570C3448A4A7742FFFEB9E
   Removed client of component 7B8CD8CE9A63B5F40BD50B14D21B5344
   Removed client of component 7BF7522EBE3A7444D99B23B8CDE9CA07
   Removed client of component 7CE0B72C07B28764299C613E7DE7ABBD
   Removed client of component 7CFC371DA037B5046BB80C9CAB41FFED
   Removed client of component 7D7F109C2D9DA16409481062B5920528
   Removed client of component 7E44042A68452594FB563C948CEA436A
   Removed client of component 7F2195191CEF3C24693DF3C8D16CB932
   Removed client of component 7F7E60C8284EDD741874FC4AEA1EFE41
   Removed client of component 80576D92A5DF89E49BAAC23013A79D1A
   Removed client of component 8059EF54980851B49974AF1D327398BA
   Removed client of component 80E2C898EE900CC4EBAE6EC804996A73
   Removed client of component 815E23030D8062F4F8F1EEB9325BD21C
   Removed client of component 8210034744FD2914EBB2659E8ECBD7F7
   Removed client of component 82B4CB870A8CD27419F6DB8D16EFCEFE
   Removed client of component 82D36BB70CE103E41AAAD80CD78959B4
   Removed client of component 82D408F25F240EC4FA347F6268C59124
   Removed client of component 830A55BE899B01C44BBFAE5712F6C4B5
   Removed client of component 8316422F72CB8E844BBA428F4764E9FD
   Removed client of component 84C197CBE2D2AF74495BCFFE1CBA2BC1
   Removed client of component 84D8766071B325543821B0E034184B13
   Removed client of component 8522735B715FF9646A75E84257E915D9
   Removed client of component 85BF9D7E4F676984CAFAAFB20F4D5FE0
   Removed client of component 85D574270999EE94086CD4B30E819F47
   Removed client of component 85EC1D8B7BE494A4A9DE14D2271176C6
   Removed client of component 86E12799030AE2F40B4F5DDADCB061B0
   Removed client of component 871FCE025568BB1468C1D39235630C79
   Removed client of component 8727F171D840B9F4F8FFF4B164365B0D
   Removed client of component 87484B542ED1C9741BF8E61893BE49F2
   Removed client of component 87B564C177E0BE54BB972C2B384611DE
   Removed client of component 8845AA62A1F0F7F429C618EB2111B597
   Removed client of component 884EEF98BA55AFF4588444169FC94135
   Removed client of component 88557CFC702FC2C498AE48D5EB9BCE3C
   Removed client of component 8887837B4F0847A459EAC26B33E2BF7B
   Removed client of component 89A96EA9DC49CEE44BE0F018E69781DF
   Removed client of component 8A04B02DB6821D142A61298817670BD1
   Removed client of component 8A109E89BB7046543BBF2FFAA7C70C41
   Removed client of component 8A375CE46E2775E4D868F9EFC08A3E4A
   Removed client of component 8A740F5C9445035499C47A9BC26BE605
   Removed client of component 8A925D0579586BF4DA8DDF387AFDACC4
   Removed client of component 8B4D9423A4CE8E143898292C762029DD
   Removed client of component 8B5BC1C170CABFA4D85081BEEA06E6A9
   Removed client of component 8B866D47363E57847AB5CE0F1226DDFB
   Removed client of component 8B86736796787EB4FBC1B0E11A4D8459
   Removed client of component 8BD5EFE664BE06F438E31692DDCC0B2E
   Removed client of component 8BED6DBB0E5688F4C9DAFBF9C7AC83A0
   Removed client of component 8C2E657456ED1984BB6C1C5183A8C8F4
   Removed client of component 8C750FD17BE892E44BE4C42629E2606F
   Removed client of component 8C77B61DC9A30234699A5067EA2B2020
   Removed client of component 8CC88827D720A8640B39141AE7548DDB
   Removed client of component 8CE878715D5B44142ADB8B83E09DCC27
   Removed client of component 8D28961803C40E04499BE58EFC5ED8A4
   Removed client of component 8D3C17FB35F3ACA41AAA91894C690638
   Removed client of component 8E9D40AB6EE535040BC15A009861EEE8
   Removed client of component 8EA7E5CD887B88C4C8B1A88EA9EF7E7D
   Removed client of component 8EE5CE7E4D014A24BA92094AAEB35D39
   Removed client of component 8FFB5185772C1BF41B0C7551346671DD
   Removed client of component 90AA7B13B3A32E047A5317B0F156B9EE
   Removed client of component 912D09655D463E049B22D23008B7D3D2
   Removed client of component 915B43CD22A990A4CA5780D379B2D127
   Removed client of component 917BDB8D9B59B164798D001D1B48AA5D
   Removed client of component 917C67D9BD30C264B8C3B138CD9B5DD9
   Removed client of component 91975046B981F2A4DA138797B3131B85
   Removed client of component 91D99C0A7B473F84CBA33037565C6C5A
   Removed client of component 93F89FA5CEDA5414AA9B4A4C6BDED02B
   Removed client of component 9438C12B5E177394293C8595D010F18F
   Removed client of component 961294F76542D2D428C51933F45EFD0A
   Removed client of component 96343C6A096987A4EB222D426523EA4D
   Removed client of component 964A33E77500CC34B8D3F5DEAD6212A6
   Removed client of component 96D113D2C113AB94AAA517A76B84D4C8
   Removed client of component 972FAEF6AFE442A4D903ACCBC74D2931
   Removed client of component 98600A0B2BC9138468A5251CBA1AFD03
   Removed client of component 988EA6739A5898440A8A1A731DB7F5CA
   Removed client of component 98C8F211486DB8D4681C532AEB5883CA
   Removed client of component 98EF22373F469D341A70C5AF10B012C6
   Removed client of component 990FA3483805EA34584506ABA456547A
   Removed client of component 99222B677B8AFC44DBA2449F4E5ADAA9
   Removed client of component 99D0716A0BF135C4A8EB463AD030168F
   Removed client of component 99D7A1314E42CA844ABC71345A2C3861
   Removed client of component 99E2CA9BF360CF046B8C68ECC6E94401
   Removed client of component 9AB0CEA1A43F5BD42AF45023329C25BA
   Removed client of component 9B618C1E60FA66045865E3205C388624
   Removed client of component 9BB809DC9C0AD5A4FA4838CB2D8823B7
   Removed client of component 9C1BA1C806590894EBF9CE4E7BC456C3
   Removed client of component 9C60C99396F43BC41A781845CF9F3BE6
   Removed client of component 9CF8B479511867147A4102AE77C2AA10
   Removed client of component 9DAF950F786AD5E4D883664E9F5DB76D
   Removed client of component 9DFAD1E8B423B2A4E841979411E38AAE
   Removed client of component 9E39ABF2EC3247C49A382D984DB78622
   Removed client of component 9EC1785D834EE0B47AE7692F5AE67EA6
   Removed client of component A041776AFE4C1F4418949DAF9F296FAC
   Removed client of component A0824B094F51E7E41BFD0AF90A9CE633
   Removed client of component A11187FA89AD8394287CFD2CB071DD2F
   Removed client of component A169FC6F5B33BFF4389DBBFC9D40F9A7
   Removed client of component A23FE14B5B245794589AD97950AAD2F8
   Removed client of component A2B4F39C5B6F9374CA926CDE194C0D9C
   Removed client of component A3565552127137A4BBBFAEC3768DC923
   Removed client of component A37674C626031934CB8C363115DDABFC
   Removed client of component A3E3B247631F4A442ACB3AEAB72F21F9
   Removed client of component A4A90605B01B67B4AADADD7F26826E53
   Removed client of component A5AE1C12040CE1B48BC5CD67FC176838
   Removed client of component A5EFD6C72C40E534C9EF8B6D4A0B0B86
   Removed client of component A6AADA483BE43E544BBB3C9F6985B6C9
   Removed client of component A6B14596E83E013449DB9EC7844D9E62
   Removed client of component A73F5A4BF80CF2E4CB1F213802A925FC
   Removed client of component A754AE0AE1C52EC498470B0914896271
   Removed client of component A7D33C375620C3F469D81C3C2A16C348
   Removed client of component A7E5F875B0C626D45AFAFEBFAD92B3D8
   Removed client of component A816255CF8FA5E64896E4752CCC1CBCF
   Removed client of component A89175A47FEDBB24E9343DC4ADDEDE2B
   Removed client of component A89EA44CF0CE63B438E667DEFDA83612
   Removed client of component A9D68D2BE44798E46900711EBBDDFF8E
   Removed client of component AA08BB493F1FE4D4989938D60D476DFD
   Removed client of component AAFF642FAE482FD44947F4BB3D93AFE9
   Removed client of component ABFA16D808E59734B8D958D17860E418
   Removed client of component AD0214EBBAB58D14FB61017894F1CBD3
   Removed client of component AD1BE0AF07D5C89489BA8E7E634FF589
   Removed client of component ADF6B64A39E5F264BA2504E5611ABCB1
   Removed client of component AF56F2F4D3FA99E4B8B9684D3B9FA998
   Removed client of component AF6D66E6521C4734CB74FB3B0C4DE206
   Removed client of component AF7E969226ECD4E42BA7E71D02D93C1C
   Removed client of component B0DE7004B5DA2D74BA4F8E32F70C88A4
   Removed client of component B18FCD2536BBF054C828BDECADAFCADF
   Removed client of component B2E7C13409C24AB478DEB358022B60B3
   Removed client of component B314C373E5EF71B4DB13EA5FF7D842D5
   Removed client of component B3485883A8E71E34B8BC9B8AFAB208A6
   Removed client of component B39530A550A53C64984B643532F9A624
   Removed client of component B3F4924CDBAC6E54B9CA02F36EDA1097
   Removed client of component B4626E66B4E33D54BB18F40EF698200C
   Removed client of component B4A43D29A542ED94593D7DADC0880A89
   Removed client of component B650FB65012D5B94F901706F3053D050
   Removed client of component B65192AC69286F3438A2BA788C0509D6
   Removed client of component B68312EFE3F04D24385CE0D5788DAFAC
   Removed client of component B68C8CB71C1519C4E993755D99E85B5C
   Removed client of component B6D0804A314D9794CB2DC1CA9447CC87
   Removed client of component B6EC21AC51E3DA848ABB5489DC2EE60B
   Removed client of component B779F7A2943FC6F4BA775B43893566A4
   Removed client of component B7B900FDBFAA6E149A407768A1CF8B9F
   Removed client of component B7F0F05AC6540234CBC110FA2BAD03DD
   Removed client of component B81D3F89B8E181F4392AE7E09F442D98
   Removed client of component B8E38A0C875F67046A612609185B51CD
   Removed client of component B91817B46FB764F47A585544585CE37D
   Removed client of component B92BAAC16586D264EA21412030CDFDF9
   Removed client of component B930784514AB98E46B4611AF3C642900
   Removed client of component B949150D9C99A2C46BD35A4D4513E928
   Removed client of component BA1851385350AD64E8CCA64A8E829D3F
   Removed client of component BA19CE8EF6BA6F24D9B712731392387C
   Removed client of component BA592DD5801166A4783B2ABB7DFCAAEA
   Removed client of component BB93DD8D72EEFDE46AD8588536FD0226
   Removed client of component BBFEF3221A429D843A78B92D22C67516
   Removed client of component BD2B62E916116C0428427FB7151B2934
   Removed client of component BD76AE19B91D85947B3DBD282FA82201
   Removed client of component BDCC41D552008524986B07B631437E7E
   Removed client of component BDF72D2EB500BF74587576A2DE172909
   Removed client of component BE042B8CB86D1744A8496ECEE17CF866
   Removed client of component BF0890B5A2AD8964397633FE835B3AEC
   Removed client of component BF0A0F149F939CE49B1EEEBE28E20C4F
   Removed client of component C115007211C1E7541A87010681E9293B
   Removed client of component C18BE537A267FA84F830D74B09B61EB5
   Removed client of component C34B68D6A3F15E843BB99B40DD8BC8A0
   Removed client of component C35C96E5318F87943BA2C7FF213600DF
   Removed client of component C35E272F2C4895D47AE0B9BBBD946744
   Removed client of component C4510237E76B4AB48B7745003B5EE7FB
   Removed client of component C4B9A91A3A856294EA0378CE3438E887
   Removed client of component C53C1649CCF572F419631475DDAD88C4
   Removed client of component C578AEDF79545DC4FA7732DF49328387
   Removed client of component C5B4D3C1056FEDE4F95BD77B9A57883F
   Removed client of component C628190E7ED52444D893E0F3B47B7D05
   Removed client of component C637BB50A17037A4BAE009DE9BC69F26
   Removed client of component C6A7BA118CFC52A44909A0A61D383D2E
   Removed client of component C73820546517D6242BB1FDF46E53B540
   Removed client of component C758BF4D52D046247BCC050EFA4268F5
   Removed client of component C7C1DBAE4915402409C17BB9FBFDE393
   Removed client of component C819DE66BF1D7644BB1D05B860AC50DA
   Removed client of component C86ECB0254D2EA0459006533318ADEC5
   Removed client of component C886527D8FC6F67409CC1785EAD83508
   Removed client of component C92DFE61F97EA4E4EBE3148B852F4184
   Removed client of component C92EBB2B109DF94488A51DD0763D3C2B
   Removed client of component C9C81CF71E785EB49B4511AF3107C1EA
   Removed client of component CA05931C129CDD44998C2B87DF960B97
   Removed client of component CA51165322F7379488F13166D55C0589
   Removed client of component CA5480E24FAD3BF4BA9B31445EA6A047
   Removed client of component CAC0284B6E0AE0F4293D438981A83E1A
   Removed client of component CAC986659E7883C46B2C5B1E051AF087
   Removed client of component CAFC10B44BE1BC74D9BE2853CB4B5BE9
   Removed client of component CB6B247C02C64C144AE0B5D96A454EA4
   Removed client of component CBAA1F4125BA4774A98AF795628BAE1C
   Removed client of component CBF8A6F55495C6E4E96A26578BBEED8C
   Removed client of component CC14EAF4B354C124BB92E0469CDD15AC
   Removed client of component CC77A605D1DBFCE4BBC5EC60E85884DB
   Removed client of component CCA3E9DE68046554D960B41F45EB3EE0
   Removed client of component CD0EB3B5EF524B24489E27B72D29875F
   Removed client of component CD23AAA257CE4154B9100C07C7A16CE0
   Removed client of component CD66AF4025A77E54FAF9EDC9AEDE7D6F
   Removed client of component CD82E369DC0CBC14296A09E49A627E74
   Removed client of component CDDA8B1C698EB5048AEA03FFE923403E
   Removed client of component CE14BB14ED37E664D96E7AC2023F7FC7
   Removed client of component CE80066AB4257B9458430ECF4B123991
   Removed client of component CF163BC562949F64689449A9BABDAAAE
   Removed client of component D01F0BE85A9772D42B0E74095F0C8D28
   Removed client of component D0ACE2835EBB8DE40A4C08883440277E
   Removed client of component D1BFC4C4EA87959438C122C8AF8CAF31
   Removed client of component D1E6F422B4E60604B9F7539B93430888
   Removed client of component D2A2694B188EDC94B9A48691563024E0
   Removed client of component D2B310E459B565A45BDB5AF2C6789F94
   Removed client of component D2FD539E0FDD6B24E85F7C905980CD3A
   Removed client of component D3CE37D9CFFFF6444B6A5C70F9ACDA36
   Removed client of component D47BBBDC06A6AEE4EB686B913C8A229E
   Removed client of component D529440237075E34EBF11D4DF2580A3B
   Removed client of component D6A513C5405ACA3488AFDDFAF7FD3B60
   Removed client of component D70D3E390C5CF89498058903AC3FC54B
   Removed client of component D78F64769AB6A8045B0DABF06D587428
   Removed client of component D7A7EA6353183174F8C4B01101F30F9F
   Removed client of component D7EBAC522A7713B4F914293B55FFD01A
   Removed client of component D8298C0B8D20D754EB88FDA30141ED8E
   Removed client of component D8B78445635ED914781A830098523357
   Removed client of component D9B31D81F4D0A2D4BABB2B9629A34864
   Removed client of component D9C08DEDA66394B43931B6659B0CCA85
   Removed client of component D9EEE8E3E726D0B418C54641D93DFB58
   Removed client of component DA4BBCFE1E541324683E3F51F6261BF6
   Removed client of component DB58CEE8BF737534DB601050A92A2CB6
   Removed client of component DBC34FA295FD34E448032773D50FA0E1
   Removed client of component DBE70E88FB953DF4A9BDB105ACF14472
   Removed client of component DC1F9D40B1ED0B44F9ADAC2FFDC340B0
   Removed client of component DC5AA9E7B1949194288FAAF038800A45
   Removed client of component DDA4EB03C6D8E904FADE5DF7C5AA5F7B
   Removed client of component DE069801CE7E17B40B524BA51AE0DD77
   Removed client of component DE8E0966D77D625488B0098AA84D3EA7
   Removed client of component DED37E3DC59A861488551091BA9D676E
   Removed client of component DEFEC02033B51BC4D909AD83BFB93524
   Removed client of component DF50166349168604AB1D6A04FB3862A8
   Removed client of component DF9213F23D92CE0428F20FFCEF3B5DA7
   Removed client of component E0F0D68847B5C0642A6D035957178B9C
   Removed client of component E1FB6AD5B877BB240B44D206352AC9B9
   Removed client of component E3D4B6373899A6348BD4CA35349EB05F
   Removed client of component E4A262A6AB007F64394940F7FB9A8658
   Removed client of component E4B757C7D2C7A5843AF0BCAAC773C143
   Removed client of component E71B47F3C43642F4E9CCA42E49EB20A9
   Removed client of component E7A2C0D8C4549624E85142EB5FE081A1
   Removed client of component E801C06D396EB0348B9CCCEB16D1D950
   Removed client of component E84D10A0C980CF34CBC7A4CACFF494A2
   Removed client of component EA27225FFDF2795408752A64623D29C8
   Removed client of component EAF9A6A03F253DB40A216C65F9DA433D
   Removed client of component EB06BD404D6EB77448B48C83D896EEAE
   Removed client of component EB0D5A0E3774A00418837869F2BF994D
   Removed client of component EC7E7AE3F2B2E7F458439A44586357C8
   Removed client of component EDCF07883D3DBFF45B0975C777C72C40
   Removed client of component EE17C6ECD49101D4A9E26A125AD58A23
   Removed client of component EE30CAF1CC0336C4794F78416D385089
   Removed client of component EF16F1D5F59B3314A8E0E40F356E3BD0
   Removed client of component EF6A6E4CC534DDB448C30B580F09BF04
   Removed client of component F0839BF88786D904D842E3A12C0E09FD
   Removed client of component F1891BB221904B341B7091375963FC6D
   Removed client of component F26F5B64E7708704F8BEDB95B55BC662
   Removed client of component F2C5A77CBC8FC6B44983E3915744BA9C
   Removed client of component F2E01FFADAAE0D74B922B591FA924641
   Removed client of component F2E6DC5AC4ACEB14283ACF26F8210AF2
   Removed client of component F325D7BB7989D8F4D876651E5811E2A6
   Removed client of component F3426782C8C07DA47A4EA1F19D4C1F1F
   Removed client of component F381FC9F6222B7F42960398104012BFD
   Removed client of component F3901B56FCAA4FC40B642719A2FED94A
   Removed client of component F3E1445D12DC4E24C95C6F285418EB9D
   Removed client of component F483C049FBB817341A859598EDE03C8E
   Removed client of component F56AFC852A30654418BC16C5210A79FB
   Removed client of component F5802DF25E7A5B3488815957957AB22D
   Removed client of component F5BE904EDB27C2040ABBD98C2DC92170
   Removed client of component F6659B2B6CBE121408E2145D7F9CFBA1
   Removed client of component F6B3F6A04ABF29D498E97452B2CAC9BF
   Removed client of component F90929B552959724E88DE687FDA596C9
   Removed client of component F9C0C8D8BAA8A7C4AA144B5125AB7F7A
   Removed client of component FA19CEB8B751F644D90141FA48E92E81
   Removed client of component FA1C54E1AEB2213419544FADAA8B30D3
   Removed client of component FA58C0EAFF729D1489AC20086AFC9A25
   Removed client of component FA6D43A07B7C18D48B55E235CDDFF894
   Removed client of component FAAD009E1CDE20E47B9E20950884B35E
   Removed client of component FB6AF74955D4C804896834D35A77C457
   Removed client of component FD86DFD84E806434B90A9F9BC51454AC
   Removed client of component FEC2F008B4F3B384F8E0429FCD2189F5
   Removed client of component FF490D268516ABE4F85EEB97FE67903E
   Removed client of component FFBE0AD2B8A30A54294B6BC63339CE55
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE client info data. . .
Searching for Installer files and folders associated with the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder

***** Zapping data for user S-1-5-18 for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} *****
MsiZapInfo: Performing operations for user S-1-5-18
Searching for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} cached package. . .
Searching for install property data for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching user's global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching per-machine global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching old global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching per-machine location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Classes\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} in per-user managed location. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching for shared DLL counts for components tied to the product 475C0C1D58361DE4BB9DB226CFCE0EFE. . .
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product 475C0C1D58361DE4BB9DB226CFCE0EFE. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE client info data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE client info data. . .
Searching for Installer files and folders associated with the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder

***** Zapping data for user S-1-5-21-3583772472-3013558980-347553230-1001 for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} *****
MsiZapInfo: Performing operations for user S-1-5-21-3583772472-3013558980-347553230-1001
Searching for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} cached package. . .
Searching for install property data for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data in the HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall key. . .
Searching user's global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3583772472-3013558980-347553230-1001\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3583772472-3013558980-347553230-1001\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3583772472-3013558980-347553230-1001\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching per-machine global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching old global config location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching per-machine location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching HKLM\Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Classes\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching old per-user location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKCU\Software\Classes\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKCU\Software\Classes\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching per-user location for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKCU\Software\Microsoft\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKCU\Software\Microsoft\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching for product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF} in per-user managed location. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3583772472-3013558980-347553230-1001\Installer\UpgradeCodes...
Searching for patches for product 475C0C1D58361DE4BB9DB226CFCE0EFE in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3583772472-3013558980-347553230-1001\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3583772472-3013558980-347553230-1001\Installer\Products\475C0C1D58361DE4BB9DB226CFCE0EFE for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3583772472-3013558980-347553230-1001\Installer\Features\475C0C1D58361DE4BB9DB226CFCE0EFE for product feature data. . .
Searching for shared DLL counts for components tied to the product 475C0C1D58361DE4BB9DB226CFCE0EFE. . .
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product 475C0C1D58361DE4BB9DB226CFCE0EFE. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE client info data. . .
Searching for product 475C0C1D58361DE4BB9DB226CFCE0EFE client info data. . .
Searching for Installer files and folders associated with the product {D1C0C574-6385-4ED1-BBD9-2B62FCECE0EF}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder
"Running zap for product code {6C9778CB-2167-402E-B37E-10431C01F4C4}:Thu 03/19/2015 5:59:31.85"

C:\Users\RoseCake\Desktop>C:\Users\RoseCake\AppData\Local\Temp\avg-37413b18-3173-4545-8f49-453f5b97b16d.exe TW! {6C9778CB-2167-402E-B37E-10431C01F4C4} /nologo

***** Zapping data for user S-1-5-18 for product {6C9778CB-2167-402E-B37E-10431C01F4C4} *****
MsiZapInfo: Performing operations for user S-1-5-18
Searching for the product {6C9778CB-2167-402E-B37E-10431C01F4C4} cached package. . .
   Removed file: C:\windows\Installer\4a046c.msi
Searching for install property data for product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
   Removed \BC8779C67612E2043BE70134C1104F4C\InstallProperties
Searching for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data in the HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall key. . .
   Removed \{6C9778CB-2167-402E-B37E-10431C01F4C4}
Searching user's global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
   Removed upgrade code 'BC8779C67612E2043BE70134C1104F4C' at HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
   Removed \Features
   Removed \Patches
   Removed \Usage
   Removed \Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching per-machine global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching old global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching per-machine location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Classes\Installer\UpgradeCodes...
   Removed upgrade code 'BC8779C67612E2043BE70134C1104F4C' at HKLM\Software\Classes\Installer\UpgradeCodes
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
   Removed \Media
   Removed \Net
   Removed \SourceList
   Removed \Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C
Searching HKLM\Software\Classes\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
   Removed \Software\Classes\Installer\Features\BC8779C67612E2043BE70134C1104F4C
Searching for product {6C9778CB-2167-402E-B37E-10431C01F4C4} in per-user managed location. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching for shared DLL counts for components tied to the product BC8779C67612E2043BE70134C1104F4C. . .
   HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product BC8779C67612E2043BE70134C1104F4C. . .
Searching for product BC8779C67612E2043BE70134C1104F4C client info data. . .
   Removed client of component 2F3EE2BD79797F2488F1FB0C87DCC436
   Removed client of component 693BC5DC9FF71574B87DD599AF3E300C
   Removed client of component AC395BE4B2B8635489A419917C137F01
   Removed client of component D4100AADBCDAFCB45A480533DDB4A8D3
   Removed client of component D4CEAD7A152772141BBD7E21B03D8469
Searching for product BC8779C67612E2043BE70134C1104F4C client info data. . .
Searching for Installer files and folders associated with the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder

***** Zapping data for user S-1-5-18 for product {6C9778CB-2167-402E-B37E-10431C01F4C4} *****
MsiZapInfo: Performing operations for user S-1-5-18
Searching for the product {6C9778CB-2167-402E-B37E-10431C01F4C4} cached package. . .
Searching for install property data for product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching user's global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching per-machine global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching old global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching per-machine location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Classes\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching for product {6C9778CB-2167-402E-B37E-10431C01F4C4} in per-user managed location. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-18\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching for shared DLL counts for components tied to the product BC8779C67612E2043BE70134C1104F4C. . .
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product BC8779C67612E2043BE70134C1104F4C. . .
Searching for product BC8779C67612E2043BE70134C1104F4C client info data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C client info data. . .
Searching for Installer files and folders associated with the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder

***** Zapping data for user S-1-5-21-3583772472-3013558980-347553230-1001 for product {6C9778CB-2167-402E-B37E-10431C01F4C4} *****
MsiZapInfo: Performing operations for user S-1-5-21-3583772472-3013558980-347553230-1001
Searching for the product {6C9778CB-2167-402E-B37E-10431C01F4C4} cached package. . .
Searching for install property data for product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data in the HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall key. . .
Searching user's global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3583772472-3013558980-347553230-1001\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3583772472-3013558980-347553230-1001\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-21-3583772472-3013558980-347553230-1001\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching per-machine global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching old global config location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching per-machine location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Classes\Installer\Components for published component data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Assemblies for .Net assembly data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Win32Assemblies for Win32 assembly data for the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching HKLM\Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Classes\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching old per-user location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Classes\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKCU\Software\Classes\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKCU\Software\Classes\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching per-user location for product {6C9778CB-2167-402E-B37E-10431C01F4C4} data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKCU\Software\Microsoft\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKCU\Software\Microsoft\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching for product {6C9778CB-2167-402E-B37E-10431C01F4C4} in per-user managed location. . .
Searching for product BC8779C67612E2043BE70134C1104F4C upgrade codes in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3583772472-3013558980-347553230-1001\Installer\UpgradeCodes...
Searching for patches for product BC8779C67612E2043BE70134C1104F4C in Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3583772472-3013558980-347553230-1001\Installer\Products\BC8779C67612E2043BE70134C1104F4C\Patches
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3583772472-3013558980-347553230-1001\Installer\Products\BC8779C67612E2043BE70134C1104F4C for product data. . .
Searching HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Managed\S-1-5-21-3583772472-3013558980-347553230-1001\Installer\Features\BC8779C67612E2043BE70134C1104F4C for product feature data. . .
Searching for shared DLL counts for components tied to the product BC8779C67612E2043BE70134C1104F4C. . .
HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\Components key is not present.
Searching for shared DLL counts for components tied to the product BC8779C67612E2043BE70134C1104F4C. . .
Searching for product BC8779C67612E2043BE70134C1104F4C client info data. . .
Searching for product BC8779C67612E2043BE70134C1104F4C client info data. . .
Searching for Installer files and folders associated with the product {6C9778CB-2167-402E-B37E-10431C01F4C4}. . .
Searching for files and folders in the user's profile. . .
Searching for files and folders in the %WINDIR%\Installer folder

MBAM Log:

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 3/19/2015
Scan Time: 6:32:41 AM
Logfile: mbamlog.txt
Administrator: Yes

Version: 2.00.4.1028
Malware Database: v2015.03.19.03
Rootkit Database: v2015.02.25.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: RoseCake

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 342613
Time Elapsed: 45 min, 5 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.LocalTemperature.A, HKLM\SOFTWARE\WOW6432NODE\LOCALTEMP, Quarantined, [03a6b072c4c6c2743d4b8c24748fe41c],
PUP.Optional.Cinema.A, HKU\S-1-5-21-3583772472-3013558980-347553230-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\CinemaP-1.9cV14.03-nv-ie, Quarantined, [4663140eb9d17fb756c1e1ef5da61fe1],

Registry Values: 2
PUP.Optional.LocalTemperature.A, HKLM\SOFTWARE\WOW6432NODE\LOCALTEMP|GUID, C3193C56-E2D9-4888-AAEF-8FD75A867393, Quarantined, [03a6b072c4c6c2743d4b8c24748fe41c]
PUP.Optional.GamesDesktop.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|gmsd_us_323, Quarantined, [06a380a2e6a465d12ae65070fc07ad53],

Registry Data: 0
(No malicious items detected)

Folders: 7
PUP.Optional.PastaLeads.A, C:\ProgramData\PastaLeadsAgent, Quarantined, [614853cfc8c21323407c9e0b847f31cf],
PUP.Optional.PastaLeads.A, C:\Program Files\Common Files\PastaLeads, Quarantined, [545526fc167469cd46776b3e20e3758b],
PUP.Optional.PastaLeads.A, C:\Program Files\Common Files\PastaLeads\PastaLeads Client, Quarantined, [545526fc167469cd46776b3e20e3758b],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3, Quarantined, [42670e14d1b987afdf5801aa62a134cc],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\config, Quarantined, [42670e14d1b987afdf5801aa62a134cc],
PUP.Optional.CrossRider.A, C:\Users\RoseCake\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0, Quarantined, [faafc0622466b185e9148526719235cb],
PUP.Optional.CrossRider.A, C:\Users\RoseCake\AppData\Local\Google\Chrome\User Data\Default\Extensions\plfghefomandejfcfhcindgbnfogdgjj\1.26.25_0\extensionData, Quarantined, [faafc0622466b185e9148526719235cb],

Files: 5
PUP.Optional.WebTInst.A, C:\Windows\System32\drivers\Msft_Kernel_webTinstMKTN_01009.Wdf, Delete-on-Reboot, ,
PUP.Optional.PastaLeads.A, C:\ProgramData\PastaLeadsAgent\startprocess.js, Quarantined, [614853cfc8c21323407c9e0b847f31cf],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\systeinfo.vpx, Quarantined, [42670e14d1b987afdf5801aa62a134cc],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\vxmclient.exe, Quarantined, [42670e14d1b987afdf5801aa62a134cc],
PUP.Optional.VXMClient.A, C:\Program Files (x86)\Windows Network Accelerater\v3\config\systeinfo.vpx, Quarantined, [42670e14d1b987afdf5801aa62a134cc],

Physical Sectors: 0
(No malicious items detected)

(end)

#6
zep516

Posted 19 March 2015 - 02:56 PM

Trusted Helper

Malware Removal
8,093 posts

Please download TDSSKiller by Kaspersky and save it to your desktop.

Right-click on icon and select Run as Administrator to start the tool.
Click on Change parameters and put a checkmark beside Loaded modules. A reboot will be needed to apply the changes, allow it to do so.
Your machine may appear very slow and unusable after that - it's normal.
TDSSKiller will run automaticaly. Click on Change parameters and click OK.
Click the Start Scan button and wait patiently.

If anything will be found follow this guidelines:

If a suspicious object is detected, the default action will be Skip, click on Continue
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
If Cure is not available, please choose Skip instead.
Do not choose Delete unless instructed!

#7
d.brack

Posted 19 March 2015 - 06:08 PM

Member

Topic Starter
Member
42 posts

Hi Joe. Sorry for the abrupt post this morning but I had a heck of a time with it. Things were acting funky. I tried to post the first log of the first tool I used and it was before the reboot. It was just loops and loops and I was working on autopilot and didn't bother to check it. Here it was 492 KB. It was too long, of course. Well I fought with it like 5 times getting errors that didn't bother to tell me that. ARRGG! Then I went and looked at the log, saw the loops and figured out to check the size. After that it only took me like 3 more tries, LOL. That's what I get for working 3 hours before I usually even get up. So, anyway, I ran the TDSS Killer and it showed no infections. I am a little concerned about that Trojan that was found by AVAST on that first boot scan, but I think it might be starting to be ok. I have a terrible time typing on a laptop, so the cursor jumps all over the place on me! Whatcha think? Think we're clean? Thanks so much for your time, sweetie!

#8
zep516

Posted 19 March 2015 - 06:19 PM

Trusted Helper

Malware Removal
8,093 posts

We have a ways to go yet, I'll tell you when we are clean.

I need to see that tdss log report please..

Joe

#9
d.brack

Posted 20 March 2015 - 09:42 AM

Member

Topic Starter
Member
42 posts

Sorry for failing to post the report. I didn't see it requested. No worries. I got it copied and pasted to notepad and I hope it's not too big, LOL Here you go...

10:18:39.0344 0x0e48 TDSS rootkit removing tool 3.0.0.44 Jan 22 2015 08:27:04
10:18:40.0702 0x0e48 ============================================================
10:18:40.0702 0x0e48 Current date / time: 2015/03/20 10:18:40.0702
10:18:40.0702 0x0e48 SystemInfo:
10:18:40.0702 0x0e48
10:18:40.0702 0x0e48 OS Version: 6.1.7601 ServicePack: 1.0
10:18:40.0702 0x0e48 Product type: Workstation
10:18:40.0702 0x0e48 ComputerName: ROSECAKE-PC
10:18:40.0717 0x0e48 UserName: RoseCake
10:18:40.0717 0x0e48 Windows directory: C:\windows
10:18:40.0717 0x0e48 System windows directory: C:\windows
10:18:40.0717 0x0e48 Running under WOW64
10:18:40.0717 0x0e48 Processor architecture: Intel x64
10:18:40.0717 0x0e48 Number of processors: 2
10:18:40.0717 0x0e48 Page size: 0x1000
10:18:40.0717 0x0e48 Boot type: Normal boot
10:18:40.0717 0x0e48 ============================================================
10:18:40.0717 0x0e48 BG loaded
10:18:41.0825 0x0e48 System UUID: {93707F4C-7CDB-D41F-288A-C0652BEA7056}
10:18:44.0664 0x0e48 Drive \Device\Harddisk0\DR0 - Size: 0x3A38B2E000 ( 232.89 Gb ), SectorSize: 0x200, Cylinders: 0x76C1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
10:18:44.0695 0x0e48 ============================================================
10:18:44.0695 0x0e48 \Device\Harddisk0\DR0:
10:18:44.0695 0x0e48 MBR partitions:
10:18:44.0695 0x0e48 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1B82B800
10:18:44.0695 0x0e48 ============================================================
10:18:44.0742 0x0e48 C: <-> \Device\Harddisk0\DR0\Partition1
10:18:44.0742 0x0e48 ============================================================
10:18:44.0742 0x0e48 Initialize success
10:18:44.0742 0x0e48 ============================================================
10:19:08.0669 0x0d80 ============================================================
10:19:08.0669 0x0d80 Scan started
10:19:08.0669 0x0d80 Mode: Manual;
10:19:08.0669 0x0d80 ============================================================
10:19:08.0669 0x0d80 KSN ping started
10:19:11.0477 0x0d80 KSN ping finished: true
10:19:32.0943 0x0d80 ================ Scan system memory ========================
10:19:32.0943 0x0d80 System memory - ok
10:19:32.0943 0x0d80 ================ Scan services =============================
10:19:35.0236 0x0d80 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci        C:\windows\system32\drivers\1394ohci.sys
10:19:35.0298 0x0d80 1394ohci - ok
10:19:35.0485 0x0d80 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI            C:\windows\system32\drivers\ACPI.sys
10:19:35.0532 0x0d80 ACPI - ok
10:19:35.0626 0x0d80 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi         C:\windows\system32\drivers\acpipmi.sys
10:19:35.0626 0x0d80 AcpiPmi - ok
10:19:37.0201 0x0d80 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:19:37.0233 0x0d80 AdobeFlashPlayerUpdateSvc - ok
10:19:37.0467 0x0d80 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx         C:\windows\system32\drivers\adp94xx.sys
10:19:37.0560 0x0d80 adp94xx - ok
10:19:37.0794 0x0d80 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci         C:\windows\system32\drivers\adpahci.sys
10:19:37.0841 0x0d80 adpahci - ok
10:19:38.0075 0x0d80 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320         C:\windows\system32\drivers\adpu320.sys
10:19:38.0091 0x0d80 adpu320 - ok
10:19:38.0200 0x0d80 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc     C:\windows\System32\aelupsvc.dll
10:19:38.0215 0x0d80 AeLookupSvc - ok
10:19:38.0481 0x0d80 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] AFD             C:\windows\system32\drivers\afd.sys
10:19:38.0543 0x0d80 AFD - ok
10:19:38.0668 0x0d80 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440          C:\windows\system32\drivers\agp440.sys
10:19:38.0683 0x0d80 agp440 - ok
10:19:38.0793 0x0d80 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG             C:\windows\System32\alg.exe
10:19:38.0808 0x0d80 ALG - ok
10:19:38.0917 0x0d80 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide          C:\windows\system32\drivers\aliide.sys
10:19:38.0917 0x0d80 aliide - ok
10:19:39.0073 0x0d80 [ A8B81D750556FB9A9266EC65BFAB63AF, B407B26449C102D8379D4E55110DB468F06FB3F8439637A79B1B95208E7A2C10 ] AMD External Events Utility C:\windows\system32\atiesrxx.exe
10:19:39.0089 0x0d80 AMD External Events Utility - ok
10:19:39.0214 0x0d80 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide          C:\windows\system32\drivers\amdide.sys
10:19:39.0214 0x0d80 amdide - ok
10:19:39.0323 0x0d80 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8           C:\windows\system32\drivers\amdk8.sys
10:19:39.0323 0x0d80 AmdK8 - ok
10:19:41.0226 0x0d80 [ 7A1AC757F3A2A3126A806B7319CAB21B, C4F18BA78659619B0FEB7C793BB2B97666C8A97E000A3C0AB3D8E294436559D1 ] amdkmdag        C:\windows\system32\DRIVERS\atikmdag.sys
10:19:41.0944 0x0d80 amdkmdag - ok
10:19:42.0084 0x0d80 [ EEF6F806EEDFD1C746071F1FD684870E, 05944FC38D01A8D547239CBC39F723FF640C53FFAF493A3FF7CC3F222302BC91 ] amdkmdap        C:\windows\system32\DRIVERS\atikmpag.sys
10:19:42.0115 0x0d80 amdkmdap - ok
10:19:42.0240 0x0d80 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM          C:\windows\system32\DRIVERS\amdppm.sys
10:19:42.0240 0x0d80 AmdPPM - ok
10:19:42.0349 0x0d80 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata         C:\windows\system32\drivers\amdsata.sys
10:19:42.0365 0x0d80 amdsata - ok
10:19:42.0459 0x0d80 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs          C:\windows\system32\drivers\amdsbs.sys
10:19:42.0474 0x0d80 amdsbs - ok
10:19:42.0583 0x0d80 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata         C:\windows\system32\drivers\amdxata.sys
10:19:42.0583 0x0d80 amdxata - ok
10:19:42.0755 0x0d80 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7, B8953CC6B833E76F1483EFDB0198F14FA43E530D1A9FEA33260FD2EDB811B230 ] amd_sata        C:\windows\system32\DRIVERS\amd_sata.sys
10:19:42.0755 0x0d80 amd_sata - ok
10:19:42.0833 0x0d80 [ 23726116B4FBCC84FC45B95157C08F5F, BCF1762FFB36D3846628917DC86CF26A83BDFE7D3DE54F8D6B1B1D3AC3E73F02 ] amd_xata        C:\windows\system32\DRIVERS\amd_xata.sys
10:19:42.0849 0x0d80 amd_xata - ok
10:19:42.0973 0x0d80 [ 90C53BD47979FB8814F465A08B885102, 5EDFC1909FC1FF9133A534DFCC5408CF3A777AC41FB21FAD375436E3D86C02EC ] AppID           C:\windows\system32\drivers\appid.sys
10:19:42.0989 0x0d80 AppID - ok
10:19:43.0067 0x0d80 [ 72D4757510FDA69D729169C00AFC211E, FB9686D0D94EE7C19A3994C29E8331A6EC3020B2980B2CC75F72F3AB25512C15 ] AppIDSvc        C:\windows\System32\appidsvc.dll
10:19:43.0067 0x0d80 AppIDSvc - ok
10:19:43.0348 0x0d80 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo         C:\windows\System32\appinfo.dll
10:19:43.0348 0x0d80 Appinfo - ok
10:19:43.0457 0x0d80 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc             C:\windows\system32\drivers\arc.sys
10:19:43.0473 0x0d80 arc - ok
10:19:43.0519 0x0d80 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas          C:\windows\system32\drivers\arcsas.sys
10:19:43.0535 0x0d80 arcsas - ok
10:19:43.0956 0x0d80 [ 9A262EDD17F8473B91B333D6B031A901, 05DFBD3A7D83FDE1D062EA719ACA9EC48CB7FD42D17DDD88B82E5D25469ADD23 ] aspnet_state    C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
10:19:44.0112 0x0d80 aspnet_state - ok
10:19:44.0206 0x0d80 [ BA4B999D245287608A79C92CDAE6F3C1, 799CC0FB185FDF3438687184944E6F6AB6EE73B3B542542D3C13C0FF1A8C0276 ] aswHwid         C:\windows\system32\drivers\aswHwid.sys
10:19:44.0206 0x0d80 aswHwid - ok
10:19:44.0299 0x0d80 [ 245D3A0670491E1F88759EC45C9F7314, 1FFBDDDC6FCD29770B439933EEB8BE1ABA9149193932B2481720E8E9F265A797 ] aswMonFlt       C:\windows\system32\drivers\aswMonFlt.sys
10:19:44.0315 0x0d80 aswMonFlt - ok
10:19:44.0487 0x0d80 [ BC18D5B42B19564BA09156410E1FB9BE, 0DA9636632462208AE4D360BFE5A8187644B036A0D43E981665D888A5363B953 ] aswRdr          C:\windows\system32\drivers\aswRdr2.sys
10:19:44.0502 0x0d80 aswRdr - ok
10:19:44.0705 0x0d80 [ 713AFFD4E38553AEF04617C985B4030B, A09FBE4D49390024E8CF93352EACEB5AC53BEE5A4E5A76F5BE0341F8A002C4DD ] aswRvrt         C:\windows\system32\drivers\aswRvrt.sys
10:19:44.0721 0x0d80 aswRvrt - ok
10:19:45.0142 0x0d80 [ 669F6B37965756E407B447272B5EE39F, FE2C0A8F96415191650485AED637A45B26E7B9A25A4BFB5D809844BD24FD6BA9 ] aswSnx          C:\windows\system32\drivers\aswSnx.sys
10:19:45.0235 0x0d80 aswSnx - ok
10:19:45.0532 0x0d80 [ 3A145C94A519E52FE7E99460DD0DF53C, 91E9544B1B72FCC32463BF34838DAA9F14DCABF3BE9FE9382087ACDB3B4FC598 ] aswSP           C:\windows\system32\drivers\aswSP.sys
10:19:45.0610 0x0d80 aswSP - ok
10:19:45.0828 0x0d80 [ 8CDA894FA86D03FB43063D5FD85EFCAE, 20D110ACC84300514557AB6E565CFA0101DA749559B52877A41A509E79314AF6 ] aswStm          C:\windows\system32\drivers\aswStm.sys
10:19:45.0844 0x0d80 aswStm - ok
10:19:46.0093 0x0d80 [ 11644D8399F4AC8BB12C2364DCB87CB4, 828C3A03AB9D5F0650C7B90B7479CCAAD586B22BB7AC6DB7C91E8D9D80427DFB ] aswVmm          C:\windows\system32\drivers\aswVmm.sys
10:19:46.0218 0x0d80 aswVmm - ok
10:19:46.0327 0x0d80 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac        C:\windows\system32\DRIVERS\asyncmac.sys
10:19:46.0343 0x0d80 AsyncMac - ok
10:19:46.0468 0x0d80 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi           C:\windows\system32\drivers\atapi.sys
10:19:46.0468 0x0d80 atapi - ok
10:19:46.0780 0x0d80 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
10:19:46.0827 0x0d80 AudioEndpointBuilder - ok
10:19:46.0920 0x0d80 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] AudioSrv        C:\windows\System32\Audiosrv.dll
10:19:46.0967 0x0d80 AudioSrv - ok
10:19:47.0731 0x0d80 [ 35714DC1ADD995681D890D4382C75721, C1D10F2D47D348DCEA363B676E35A363FE8FA0E24295C4AD90F7EA37826A822D ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:19:47.0763 0x0d80 avast! Antivirus - ok
10:19:48.0262 0x0d80 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV        C:\windows\System32\AxInstSV.dll
10:19:48.0277 0x0d80 AxInstSV - ok
10:19:48.0402 0x0d80 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv         C:\windows\system32\drivers\bxvbda.sys
10:19:48.0433 0x0d80 b06bdrv - ok
10:19:48.0543 0x0d80 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a        C:\windows\system32\DRIVERS\b57nd60a.sys
10:19:48.0558 0x0d80 b57nd60a - ok
10:19:48.0683 0x0d80 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC          C:\windows\System32\bdesvc.dll
10:19:48.0699 0x0d80 BDESVC - ok
10:19:48.0839 0x0d80 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep            C:\windows\system32\drivers\Beep.sys
10:19:48.0839 0x0d80 Beep - ok
10:19:49.0026 0x0d80 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE             C:\windows\System32\bfe.dll
10:19:49.0104 0x0d80 BFE - ok
10:19:49.0245 0x0d80 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS            C:\windows\System32\qmgr.dll
10:19:49.0323 0x0d80 BITS - ok
10:19:49.0635 0x0d80 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive        C:\windows\system32\DRIVERS\blbdrive.sys
10:19:49.0650 0x0d80 blbdrive - ok
10:19:49.0791 0x0d80 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser          C:\windows\system32\DRIVERS\bowser.sys
10:19:49.0791 0x0d80 bowser - ok
10:19:49.0869 0x0d80 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo        C:\windows\system32\drivers\BrFiltLo.sys
10:19:49.0869 0x0d80 BrFiltLo - ok
10:19:49.0947 0x0d80 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp        C:\windows\system32\drivers\BrFiltUp.sys
10:19:49.0962 0x0d80 BrFiltUp - ok
10:19:50.0118 0x0d80 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser         C:\windows\System32\browser.dll
10:19:50.0134 0x0d80 Browser - ok
10:19:50.0368 0x0d80 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid         C:\windows\System32\Drivers\Brserid.sys
10:19:50.0415 0x0d80 Brserid - ok
10:19:50.0571 0x0d80 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm        C:\windows\System32\Drivers\BrSerWdm.sys
10:19:50.0586 0x0d80 BrSerWdm - ok
10:19:50.0649 0x0d80 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm        C:\windows\System32\Drivers\BrUsbMdm.sys
10:19:50.0649 0x0d80 BrUsbMdm - ok
10:19:50.0711 0x0d80 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer        C:\windows\System32\Drivers\BrUsbSer.sys
10:19:50.0711 0x0d80 BrUsbSer - ok
10:19:50.0789 0x0d80 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM        C:\windows\system32\drivers\bthmodem.sys
10:19:50.0789 0x0d80 BTHMODEM - ok
10:19:50.0945 0x0d80 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv         C:\windows\system32\bthserv.dll
10:19:50.0945 0x0d80 bthserv - ok
10:19:51.0085 0x0d80 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs            C:\windows\system32\DRIVERS\cdfs.sys
10:19:51.0085 0x0d80 cdfs - ok
10:19:51.0210 0x0d80 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom           C:\windows\system32\DRIVERS\cdrom.sys
10:19:51.0226 0x0d80 cdrom - ok
10:19:51.0288 0x0d80 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc     C:\windows\System32\certprop.dll
10:19:51.0288 0x0d80 CertPropSvc - ok
10:19:51.0382 0x0d80 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass        C:\windows\system32\drivers\circlass.sys
10:19:51.0397 0x0d80 circlass - ok
10:19:51.0475 0x0d80 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS            C:\windows\system32\CLFS.sys
10:19:51.0507 0x0d80 CLFS - ok
10:19:51.0647 0x0d80 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
10:19:51.0741 0x0d80 clr_optimization_v2.0.50727_32 - ok
10:19:52.0427 0x0d80 [ B4D73F04E9BC076F7CDAC4327DF636BB, 1ADED20D5A0D0A76E2F85CB778FD06BAB814868D35F8532E17D67045FF4770C2 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
10:19:52.0458 0x0d80 clr_optimization_v2.0.50727_64 - ok
10:19:54.0237 0x0d80 [ E87213F37A13E2B54391E40934F071D0, 7EB221127EFB5BF158FB03D18EFDA2C55FB6CE3D1A1FE69C01D70DBED02C87E5 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
10:19:54.0736 0x0d80 clr_optimization_v4.0.30319_32 - ok
10:19:54.0798 0x0d80 [ 4AEDAB50F83580D0B4D6CF78191F92AA, D113C47013B018B45161911B96E93AF96A2F3B34FA47061BF6E7A71FBA03194A ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
10:19:55.0438 0x0d80 clr_optimization_v4.0.30319_64 - ok
10:19:55.0625 0x0d80 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt          C:\windows\system32\DRIVERS\CmBatt.sys
10:19:55.0641 0x0d80 CmBatt - ok
10:19:55.0781 0x0d80 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide          C:\windows\system32\drivers\cmdide.sys
10:19:55.0797 0x0d80 cmdide - ok
10:19:56.0155 0x0d80 [ 27667A788130A7F7A5858DE27572E6D7, 5501D80BCCB7A811ECCED3828DFD0A5D948BBED8504E9BCC4A3BFB840DD41CBC ] CNG             C:\windows\system32\Drivers\cng.sys
10:19:56.0233 0x0d80 CNG - ok
10:19:57.0310 0x0d80 [ 99B1B888B793DE320C5479B3C953781F, 6A499F916132998FBDFA587823A11C2ED1D27DED10374F6A41BA5861A2FF969E ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
10:19:57.0513 0x0d80 CnxtHdAudService - ok
10:19:57.0731 0x0d80 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt        C:\windows\system32\drivers\compbatt.sys
10:19:57.0747 0x0d80 Compbatt - ok
10:19:57.0934 0x0d80 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus    C:\windows\system32\DRIVERS\CompositeBus.sys
10:19:57.0934 0x0d80 CompositeBus - ok
10:19:57.0981 0x0d80 COMSysApp - ok
10:19:58.0090 0x0d80 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk         C:\windows\system32\drivers\crcdisk.sys
10:19:58.0105 0x0d80 crcdisk - ok
10:19:58.0495 0x0d80 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] CryptSvc        C:\windows\system32\cryptsvc.dll
10:19:58.0527 0x0d80 CryptSvc - ok
10:19:58.0776 0x0d80 [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] ctxusbm         C:\windows\system32\DRIVERS\ctxusbm.sys
10:19:58.0776 0x0d80 ctxusbm - ok
10:20:00.0009 0x0d80 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
10:20:00.0055 0x0d80 cvhsvc - ok
10:20:00.0430 0x0d80 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch      C:\windows\system32\rpcss.dll
10:20:00.0508 0x0d80 DcomLaunch - ok
10:20:00.0695 0x0d80 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc       C:\windows\System32\defragsvc.dll
10:20:00.0742 0x0d80 defragsvc - ok
10:20:00.0991 0x0d80 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC            C:\windows\system32\Drivers\dfsc.sys
10:20:00.0991 0x0d80 DfsC - ok
10:20:01.0241 0x0d80 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp            C:\windows\system32\dhcpcore.dll
10:20:01.0303 0x0d80 Dhcp - ok
10:20:01.0381 0x0d80 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache        C:\windows\system32\drivers\discache.sys
10:20:01.0397 0x0d80 discache - ok
10:20:01.0506 0x0d80 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk            C:\windows\system32\drivers\disk.sys
10:20:01.0522 0x0d80 Disk - ok
10:20:01.0725 0x0d80 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache        C:\windows\System32\dnsrslvr.dll
10:20:01.0740 0x0d80 Dnscache - ok
10:20:01.0896 0x0d80 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc         C:\windows\System32\dot3svc.dll
10:20:01.0927 0x0d80 dot3svc - ok
10:20:02.0130 0x0d80 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS             C:\windows\system32\dps.dll
10:20:02.0146 0x0d80 DPS - ok
10:20:02.0317 0x0d80 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud         C:\windows\system32\drivers\drmkaud.sys
10:20:02.0317 0x0d80 drmkaud - ok
10:20:02.0707 0x0d80 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] DXGKrnl         C:\windows\System32\drivers\dxgkrnl.sys
10:20:02.0817 0x0d80 DXGKrnl - ok
10:20:02.0910 0x0d80 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost         C:\windows\System32\eapsvc.dll
10:20:02.0926 0x0d80 EapHost - ok
10:20:04.0189 0x0d80 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv           C:\windows\system32\drivers\evbda.sys
10:20:04.0548 0x0d80 ebdrv - ok
10:20:04.0642 0x0d80 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] EFS             C:\windows\System32\lsass.exe
10:20:04.0657 0x0d80 EFS - ok
10:20:05.0203 0x0d80 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr         C:\windows\ehome\ehRecvr.exe
10:20:05.0297 0x0d80 ehRecvr - ok
10:20:05.0437 0x0d80 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched         C:\windows\ehome\ehsched.exe
10:20:05.0453 0x0d80 ehSched - ok
10:20:05.0671 0x0d80 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor         C:\windows\system32\drivers\elxstor.sys
10:20:05.0734 0x0d80 elxstor - ok
10:20:05.0765 0x0d80 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev          C:\windows\system32\drivers\errdev.sys
10:20:05.0765 0x0d80 ErrDev - ok
10:20:06.0061 0x0d80 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem     C:\windows\system32\es.dll
10:20:06.0124 0x0d80 EventSystem - ok
10:20:06.0217 0x0d80 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat           C:\windows\system32\drivers\exfat.sys
10:20:06.0233 0x0d80 exfat - ok
10:20:06.0358 0x0d80 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat         C:\windows\system32\drivers\fastfat.sys
10:20:06.0483 0x0d80 fastfat - ok
10:20:06.0701 0x0d80 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax             C:\windows\system32\fxssvc.exe
10:20:06.0748 0x0d80 Fax - ok
10:20:06.0795 0x0d80 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc             C:\windows\system32\drivers\fdc.sys
10:20:06.0810 0x0d80 fdc - ok
10:20:06.0919 0x0d80 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost         C:\windows\system32\fdPHost.dll
10:20:06.0919 0x0d80 fdPHost - ok
10:20:07.0013 0x0d80 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub        C:\windows\system32\fdrespub.dll
10:20:07.0044 0x0d80 FDResPub - ok
10:20:07.0138 0x0d80 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo        C:\windows\system32\drivers\fileinfo.sys
10:20:07.0153 0x0d80 FileInfo - ok
10:20:07.0216 0x0d80 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace       C:\windows\system32\drivers\filetrace.sys
10:20:07.0216 0x0d80 Filetrace - ok
10:20:07.0325 0x0d80 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk        C:\windows\system32\drivers\flpydisk.sys
10:20:07.0325 0x0d80 flpydisk - ok
10:20:07.0434 0x0d80 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr          C:\windows\system32\drivers\fltmgr.sys
10:20:07.0450 0x0d80 FltMgr - ok
10:20:07.0793 0x0d80 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache       C:\windows\system32\FntCache.dll
10:20:07.0918 0x0d80 FontCache - ok
10:20:08.0058 0x0d80 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
10:20:08.0074 0x0d80 FontCache3.0.0.0 - ok
10:20:08.0167 0x0d80 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends       C:\windows\system32\drivers\FsDepends.sys
10:20:08.0183 0x0d80 FsDepends - ok
10:20:08.0277 0x0d80 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec          C:\windows\system32\drivers\Fs_Rec.sys
10:20:08.0292 0x0d80 Fs_Rec - ok
10:20:08.0417 0x0d80 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol          C:\windows\system32\DRIVERS\fvevol.sys
10:20:08.0433 0x0d80 fvevol - ok
10:20:08.0589 0x0d80 [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] FwLnk           C:\windows\system32\DRIVERS\FwLnk.sys
10:20:08.0589 0x0d80 FwLnk - ok
10:20:08.0713 0x0d80 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx        C:\windows\system32\drivers\gagp30kx.sys
10:20:08.0713 0x0d80 gagp30kx - ok
10:20:08.0791 0x0d80 [ 14908F4F9005C29DE8F5587E271390EE, 43DDFA99F52467F91019DB858989F111EBE48A2BED8D43EA2C15D1FD3C104489 ] gfibto          C:\windows\system32\drivers\gfibto.sys
10:20:08.0807 0x0d80 gfibto - ok
10:20:09.0197 0x0d80 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc           C:\windows\System32\gpsvc.dll
10:20:09.0306 0x0d80 gpsvc - ok
10:20:09.0415 0x0d80 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir        C:\windows\system32\drivers\hcw85cir.sys
10:20:09.0431 0x0d80 hcw85cir - ok
10:20:09.0618 0x0d80 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
10:20:09.0696 0x0d80 HdAudAddService - ok
10:20:09.0759 0x0d80 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus        C:\windows\system32\DRIVERS\HDAudBus.sys
10:20:09.0805 0x0d80 HDAudBus - ok
10:20:09.0837 0x0d80 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt         C:\windows\system32\drivers\HidBatt.sys
10:20:09.0837 0x0d80 HidBatt - ok
10:20:09.0930 0x0d80 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth          C:\windows\system32\drivers\hidbth.sys
10:20:09.0946 0x0d80 HidBth - ok
10:20:10.0024 0x0d80 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr           C:\windows\system32\drivers\hidir.sys
10:20:10.0039 0x0d80 HidIr - ok
10:20:10.0102 0x0d80 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv         C:\windows\system32\hidserv.dll
10:20:10.0117 0x0d80 hidserv - ok
10:20:10.0242 0x0d80 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb          C:\windows\system32\drivers\hidusb.sys
10:20:10.0258 0x0d80 HidUsb - ok
10:20:10.0336 0x0d80 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc          C:\windows\system32\kmsvc.dll
10:20:10.0367 0x0d80 hkmsvc - ok
10:20:10.0461 0x0d80 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
10:20:10.0492 0x0d80 HomeGroupListener - ok
10:20:10.0617 0x0d80 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
10:20:10.0648 0x0d80 HomeGroupProvider - ok
10:20:10.0757 0x0d80 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD          C:\windows\system32\drivers\HpSAMD.sys
10:20:10.0757 0x0d80 HpSAMD - ok
10:20:11.0038 0x0d80 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP            C:\windows\system32\drivers\HTTP.sys
10:20:11.0131 0x0d80 HTTP - ok
10:20:11.0209 0x0d80 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy        C:\windows\system32\drivers\hwpolicy.sys
10:20:11.0209 0x0d80 hwpolicy - ok
10:20:11.0365 0x0d80 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt        C:\windows\system32\DRIVERS\i8042prt.sys
10:20:11.0381 0x0d80 i8042prt - ok
10:20:11.0553 0x0d80 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV         C:\windows\system32\drivers\iaStorV.sys
10:20:11.0646 0x0d80 iaStorV - ok
10:20:12.0083 0x0d80 [ C98A5B9D932430AD8EEBD3EF73756EF7, DF7E1D391A0F3345AD61154363922C27BD557DEEACE395A6A8A8A16BFD1BB9A8 ] idsvc           C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
10:20:12.0208 0x0d80 idsvc - ok
10:20:12.0301 0x0d80 IEEtwCollectorService - ok
10:20:12.0426 0x0d80 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp           C:\windows\system32\drivers\iirsp.sys
10:20:12.0426 0x0d80 iirsp - ok
10:20:12.0816 0x0d80 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT          C:\windows\System32\ikeext.dll
10:20:12.0879 0x0d80 IKEEXT - ok
10:20:12.0988 0x0d80 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide        C:\windows\system32\drivers\intelide.sys
10:20:12.0988 0x0d80 intelide - ok
10:20:13.0050 0x0d80 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm        C:\windows\system32\drivers\intelppm.sys
10:20:13.0066 0x0d80 intelppm - ok
10:20:13.0191 0x0d80 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum       C:\windows\system32\ipbusenum.dll
10:20:13.0206 0x0d80 IPBusEnum - ok
10:20:13.0269 0x0d80 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
10:20:13.0284 0x0d80 IpFilterDriver - ok
10:20:13.0550 0x0d80 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc        C:\windows\System32\iphlpsvc.dll
10:20:13.0596 0x0d80 iphlpsvc - ok
10:20:13.0659 0x0d80 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV         C:\windows\system32\drivers\IPMIDrv.sys
10:20:13.0674 0x0d80 IPMIDRV - ok
10:20:13.0752 0x0d80 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT           C:\windows\system32\drivers\ipnat.sys
10:20:13.0768 0x0d80 IPNAT - ok
10:20:13.0815 0x0d80 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM          C:\windows\system32\drivers\irenum.sys
10:20:13.0815 0x0d80 IRENUM - ok
10:20:13.0986 0x0d80 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp          C:\windows\system32\drivers\isapnp.sys
10:20:13.0986 0x0d80 isapnp - ok
10:20:14.0189 0x0d80 [ 96BB922A0981BC7432C8CF52B5410FE6, 236C05509B1040059B15021CBBDBDAF3B9C0F00910142BE5887B2C7561BAAFBA ] iScsiPrt        C:\windows\system32\drivers\msiscsi.sys
10:20:14.0252 0x0d80 iScsiPrt - ok
10:20:14.0376 0x0d80 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass        C:\windows\system32\DRIVERS\kbdclass.sys
10:20:14.0376 0x0d80 kbdclass - ok
10:20:14.0486 0x0d80 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid          C:\windows\system32\drivers\kbdhid.sys
10:20:14.0517 0x0d80 kbdhid - ok
10:20:14.0922 0x0d80 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] KeyIso          C:\windows\system32\lsass.exe
10:20:14.0938 0x0d80 KeyIso - ok
10:20:15.0016 0x0d80 [ 56ED3EE5FED6BF2FC1305CF872042868, 44F77AE3CD83284800FF106156ABCB63047327855E2535EE278289AF6F05579C ] KSecDD          C:\windows\system32\Drivers\ksecdd.sys
10:20:15.0032 0x0d80 KSecDD - ok
10:20:15.0172 0x0d80 [ 8BA90F480705D7153AD0060CCA62222A, B3E610DFAB382368114D026947084A72AFC4F5BF9C28317F411D4ED91E0B3192 ] KSecPkg         C:\windows\system32\Drivers\ksecpkg.sys
10:20:15.0968 0x0d80 KSecPkg - ok
10:20:16.0030 0x0d80 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk         C:\windows\system32\drivers\ksthunk.sys
10:20:16.0030 0x0d80 ksthunk - ok
10:20:16.0124 0x0d80 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm           C:\windows\system32\msdtckrm.dll
10:20:16.0155 0x0d80 KtmRm - ok
10:20:16.0264 0x0d80 [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] L1C             C:\windows\system32\DRIVERS\L1C62x64.sys
10:20:16.0280 0x0d80 L1C - ok
10:20:16.0373 0x0d80 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer    C:\windows\system32\srvsvc.dll
10:20:16.0404 0x0d80 LanmanServer - ok
10:20:16.0514 0x0d80 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
10:20:16.0529 0x0d80 LanmanWorkstation - ok
10:20:16.0623 0x0d80 Lavasoft Kernexplorer - ok
10:20:16.0685 0x0d80 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio          C:\windows\system32\DRIVERS\lltdio.sys
10:20:16.0701 0x0d80 lltdio - ok
10:20:16.0872 0x0d80 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc         C:\windows\System32\lltdsvc.dll
10:20:16.0919 0x0d80 lltdsvc - ok
10:20:16.0950 0x0d80 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts         C:\windows\System32\lmhsvc.dll
10:20:16.0966 0x0d80 lmhosts - ok
10:20:17.0044 0x0d80 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC          C:\windows\system32\drivers\lsi_fc.sys
10:20:17.0060 0x0d80 LSI_FC - ok
10:20:17.0184 0x0d80 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS         C:\windows\system32\drivers\lsi_sas.sys
10:20:17.0216 0x0d80 LSI_SAS - ok
10:20:17.0278 0x0d80 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2        C:\windows\system32\drivers\lsi_sas2.sys
10:20:17.0278 0x0d80 LSI_SAS2 - ok
10:20:17.0387 0x0d80 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI        C:\windows\system32\drivers\lsi_scsi.sys
10:20:17.0403 0x0d80 LSI_SCSI - ok
10:20:17.0512 0x0d80 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv           C:\windows\system32\drivers\luafv.sys
10:20:17.0512 0x0d80 luafv - ok
10:20:18.0682 0x0d80 [ 2010C9156F8BC1A99D3B01EBC5474EA2, 992358CACBA2265E457D46385E2AB423B6F73099548694AD580A3123EF30C95D ] lyvicocu        C:\Users\RoseCake\AppData\Roaming\C0918958-1426350886-E011-B5A7-00266CC682D8\jnstDA8.tmp
10:20:19.0119 0x0d80 lyvicocu - ok
10:20:19.0244 0x0d80 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc         C:\windows\system32\Mcx2Svc.dll
10:20:19.0259 0x0d80 Mcx2Svc - ok
10:20:19.0353 0x0d80 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas         C:\windows\system32\drivers\megasas.sys
10:20:19.0368 0x0d80 megasas - ok
10:20:19.0571 0x0d80 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR          C:\windows\system32\drivers\MegaSR.sys
10:20:19.0618 0x0d80 MegaSR - ok
10:20:19.0743 0x0d80 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS           C:\windows\system32\mmcss.dll
10:20:19.0758 0x0d80 MMCSS - ok
10:20:19.0821 0x0d80 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem           C:\windows\system32\drivers\modem.sys
10:20:19.0821 0x0d80 Modem - ok
10:20:19.0930 0x0d80 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor         C:\windows\system32\DRIVERS\monitor.sys
10:20:19.0930 0x0d80 monitor - ok
10:20:19.0992 0x0d80 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass        C:\windows\system32\DRIVERS\mouclass.sys
10:20:19.0992 0x0d80 mouclass - ok
10:20:20.0133 0x0d80 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid          C:\windows\system32\drivers\mouhid.sys
10:20:20.0133 0x0d80 mouhid - ok
10:20:20.0258 0x0d80 [ 87BCD1034CBF33537D4D4C251D39BA26, CB9DD235B62B79383F99873D75E26EEA5EE7914CA89E4B75992207F83420437F ] mountmgr        C:\windows\system32\drivers\mountmgr.sys
10:20:20.0273 0x0d80 mountmgr - ok
10:20:20.0585 0x0d80 [ 81E8AF6407EC3F41908FE37F054353EA, 756C7656ED68AEAE4225E952ED1CED0717264D3378DB8DF0B2D70B6EBC67C62F ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
10:20:20.0616 0x0d80 MozillaMaintenance - ok
10:20:20.0741 0x0d80 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio            C:\windows\system32\drivers\mpio.sys
10:20:20.0757 0x0d80 mpio - ok
10:20:20.0882 0x0d80 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv          C:\windows\system32\drivers\mpsdrv.sys
10:20:20.0897 0x0d80 mpsdrv - ok
10:20:21.0381 0x0d80 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc          C:\windows\system32\mpssvc.dll
10:20:21.0490 0x0d80 MpsSvc - ok
10:20:21.0646 0x0d80 [ AE3334958D8F631FF14A0AEB3D7EFB3A, F5FD6B61F896104C20DFC43FEE2FCE6930B73F78DF876BD19A333EABB9139C6D ] MRxDAV          C:\windows\system32\drivers\mrxdav.sys
10:20:21.0927 0x0d80 MRxDAV - ok
10:20:22.0098 0x0d80 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb          C:\windows\system32\DRIVERS\mrxsmb.sys
10:20:22.0130 0x0d80 mrxsmb - ok
10:20:22.0301 0x0d80 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10        C:\windows\system32\DRIVERS\mrxsmb10.sys
10:20:22.0317 0x0d80 mrxsmb10 - ok
10:20:22.0379 0x0d80 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20        C:\windows\system32\DRIVERS\mrxsmb20.sys
10:20:22.0395 0x0d80 mrxsmb20 - ok
10:20:22.0442 0x0d80 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci          C:\windows\system32\drivers\msahci.sys
10:20:22.0442 0x0d80 msahci - ok
10:20:22.0598 0x0d80 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm           C:\windows\system32\drivers\msdsm.sys
10:20:22.0769 0x0d80 msdsm - ok
10:20:22.0878 0x0d80 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC           C:\windows\System32\msdtc.exe
10:20:22.0910 0x0d80 MSDTC - ok
10:20:23.0034 0x0d80 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs            C:\windows\system32\drivers\Msfs.sys
10:20:23.0034 0x0d80 Msfs - ok
10:20:23.0097 0x0d80 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf       C:\windows\System32\drivers\mshidkmdf.sys
10:20:23.0097 0x0d80 mshidkmdf - ok
10:20:23.0206 0x0d80 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv        C:\windows\system32\drivers\msisadrv.sys
10:20:23.0222 0x0d80 msisadrv - ok
10:20:23.0409 0x0d80 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI         C:\windows\system32\iscsiexe.dll
10:20:23.0440 0x0d80 MSiSCSI - ok
10:20:23.0456 0x0d80 msiserver - ok
10:20:23.0565 0x0d80 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV         C:\windows\system32\drivers\MSKSSRV.sys
10:20:24.0407 0x0d80 MSKSSRV - ok
10:20:24.0672 0x0d80 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK        C:\windows\system32\drivers\MSPCLOCK.sys
10:20:24.0672 0x0d80 MSPCLOCK - ok
10:20:24.0828 0x0d80 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM           C:\windows\system32\drivers\MSPQM.sys
10:20:24.0844 0x0d80 MSPQM - ok
10:20:24.0984 0x0d80 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC           C:\windows\system32\drivers\MsRPC.sys
10:20:25.0062 0x0d80 MsRPC - ok
10:20:25.0172 0x0d80 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios        C:\windows\system32\DRIVERS\mssmbios.sys
10:20:25.0187 0x0d80 mssmbios - ok
10:20:25.0234 0x0d80 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE           C:\windows\system32\drivers\MSTEE.sys
10:20:25.0234 0x0d80 MSTEE - ok
10:20:25.0312 0x0d80 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig        C:\windows\system32\drivers\MTConfig.sys
10:20:25.0328 0x0d80 MTConfig - ok
10:20:25.0359 0x0d80 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup             C:\windows\system32\Drivers\mup.sys
10:20:25.0374 0x0d80 Mup - ok
10:20:25.0593 0x0d80 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent        C:\windows\system32\qagentRT.dll
10:20:25.0640 0x0d80 napagent - ok
10:20:25.0905 0x0d80 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP     C:\windows\system32\DRIVERS\nwifi.sys
10:20:25.0952 0x0d80 NativeWifiP - ok
10:20:26.0357 0x0d80 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS            C:\windows\system32\drivers\ndis.sys
10:20:26.0451 0x0d80 NDIS - ok
10:20:26.0654 0x0d80 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap         C:\windows\system32\DRIVERS\ndiscap.sys
10:20:26.0654 0x0d80 NdisCap - ok
10:20:26.0747 0x0d80 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi        C:\windows\system32\DRIVERS\ndistapi.sys
10:20:26.0747 0x0d80 NdisTapi - ok
10:20:26.0794 0x0d80 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio         C:\windows\system32\DRIVERS\ndisuio.sys
10:20:26.0825 0x0d80 Ndisuio - ok
10:20:26.0966 0x0d80 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan         C:\windows\system32\DRIVERS\ndiswan.sys
10:20:26.0981 0x0d80 NdisWan - ok
10:20:27.0090 0x0d80 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy         C:\windows\system32\drivers\NDProxy.sys
10:20:27.0090 0x0d80 NDProxy - ok
10:20:27.0153 0x0d80 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS         C:\windows\system32\DRIVERS\netbios.sys
10:20:27.0168 0x0d80 NetBIOS - ok
10:20:27.0324 0x0d80 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT           C:\windows\system32\DRIVERS\netbt.sys
10:20:27.0340 0x0d80 NetBT - ok
10:20:27.0418 0x0d80 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] Netlogon        C:\windows\system32\lsass.exe
10:20:27.0434 0x0d80 Netlogon - ok
10:20:27.0605 0x0d80 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman          C:\windows\System32\netman.dll
10:20:27.0668 0x0d80 Netman - ok
10:20:27.0808 0x0d80 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetMsmqActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:20:28.0042 0x0d80 NetMsmqActivator - ok
10:20:28.0292 0x0d80 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetPipeActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:20:28.0307 0x0d80 NetPipeActivator - ok
10:20:28.0494 0x0d80 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm        C:\windows\System32\netprofm.dll
10:20:28.0588 0x0d80 netprofm - ok
10:20:28.0838 0x0d80 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpActivator C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:20:28.0853 0x0d80 NetTcpActivator - ok
10:20:28.0947 0x0d80 [ 21318671BCAD3ACF16638F98D4D00973, CEA6E3B6BCB4B74A9ACACBEEA12EEA967BBC2240398E2EBC04D7910109CACA11 ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
10:20:28.0962 0x0d80 NetTcpPortSharing - ok
10:20:29.0118 0x0d80 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960         C:\windows\system32\drivers\nfrd960.sys
10:20:29.0118 0x0d80 nfrd960 - ok
10:20:29.0306 0x0d80 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] NlaSvc          C:\windows\System32\nlasvc.dll
10:20:29.0352 0x0d80 NlaSvc - ok
10:20:29.0399 0x0d80 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs            C:\windows\system32\drivers\Npfs.sys
10:20:29.0820 0x0d80 Npfs - ok
10:20:29.0992 0x0d80 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi             C:\windows\system32\nsisvc.dll
10:20:30.0008 0x0d80 nsi - ok
10:20:30.0086 0x0d80 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy        C:\windows\system32\drivers\nsiproxy.sys
10:20:30.0086 0x0d80 nsiproxy - ok
10:20:30.0725 0x0d80 [ 1A29A59A4C5BA6F8C85062A613B7E2B2, CC137F499A12C724D4166C2D85E9F447413419A0683DAC6F1A802B7F210C77F1 ] Ntfs            C:\windows\system32\drivers\Ntfs.sys
10:20:30.0897 0x0d80 Ntfs - ok
10:20:30.0990 0x0d80 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null            C:\windows\system32\drivers\Null.sys
10:20:31.0006 0x0d80 Null - ok
10:20:31.0037 0x0d80 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid          C:\windows\system32\drivers\nvraid.sys
10:20:31.0053 0x0d80 nvraid - ok
10:20:31.0100 0x0d80 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor          C:\windows\system32\drivers\nvstor.sys
10:20:31.0115 0x0d80 nvstor - ok
10:20:31.0162 0x0d80 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp          C:\windows\system32\drivers\nv_agp.sys
10:20:31.0178 0x0d80 nv_agp - ok
10:20:31.0209 0x0d80 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394        C:\windows\system32\drivers\ohci1394.sys
10:20:31.0224 0x0d80 ohci1394 - ok
10:20:31.0396 0x0d80 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
10:20:31.0474 0x0d80 ose - ok
10:20:33.0845 0x0d80 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
10:20:34.0422 0x0d80 osppsvc - ok
10:20:34.0734 0x0d80 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc        C:\windows\system32\pnrpsvc.dll
10:20:34.0781 0x0d80 p2pimsvc - ok
10:20:34.0922 0x0d80 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc          C:\windows\system32\p2psvc.dll
10:20:35.0015 0x0d80 p2psvc - ok
10:20:35.0124 0x0d80 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport         C:\windows\system32\drivers\parport.sys
10:20:35.0171 0x0d80 Parport - ok
10:20:35.0265 0x0d80 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr         C:\windows\system32\drivers\partmgr.sys
10:20:35.0280 0x0d80 partmgr - ok
10:20:35.0436 0x0d80 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] PcaSvc          C:\windows\System32\pcasvc.dll
10:20:35.0452 0x0d80 PcaSvc - ok
10:20:35.0858 0x0d80 [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] PCCUJobMgr      C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
10:20:35.0873 0x0d80 PCCUJobMgr - ok
10:20:36.0029 0x0d80 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci             C:\windows\system32\drivers\pci.sys
10:20:36.0060 0x0d80 pci - ok
10:20:36.0185 0x0d80 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide          C:\windows\system32\drivers\pciide.sys
10:20:36.0216 0x0d80 pciide - ok
10:20:36.0372 0x0d80 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia          C:\windows\system32\drivers\pcmcia.sys
10:20:36.0404 0x0d80 pcmcia - ok
10:20:36.0513 0x0d80 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw             C:\windows\system32\drivers\pcw.sys
10:20:36.0513 0x0d80 pcw - ok
10:20:36.0934 0x0d80 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] PEAUTH          C:\windows\system32\drivers\peauth.sys
10:20:37.0043 0x0d80 PEAUTH - ok
10:20:39.0711 0x0d80 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost        C:\windows\SysWow64\perfhost.exe
10:20:39.0726 0x0d80 PerfHost - ok
10:20:39.0867 0x0d80 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect        C:\windows\system32\DRIVERS\pgeffect.sys
10:20:39.0882 0x0d80 PGEffect - ok
10:20:40.0366 0x0d80 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla             C:\windows\system32\pla.dll
10:20:40.0506 0x0d80 pla - ok
10:20:40.0725 0x0d80 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay        C:\windows\system32\umpnpmgr.dll
10:20:40.0865 0x0d80 PlugPlay - ok
10:20:40.0928 0x0d80 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg     C:\windows\system32\pnrpauto.dll
10:20:40.0943 0x0d80 PNRPAutoReg - ok
10:20:41.0130 0x0d80 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc         C:\windows\system32\pnrpsvc.dll
10:20:41.0240 0x0d80 PNRPsvc - ok
10:20:41.0505 0x0d80 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent     C:\windows\System32\ipsecsvc.dll
10:20:41.0708 0x0d80 PolicyAgent - ok
10:20:41.0895 0x0d80 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power           C:\windows\system32\umpo.dll
10:20:41.0926 0x0d80 Power - ok
10:20:42.0113 0x0d80 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport    C:\windows\system32\DRIVERS\raspptp.sys
10:20:42.0113 0x0d80 PptpMiniport - ok
10:20:42.0222 0x0d80 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor       C:\windows\system32\drivers\processr.sys
10:20:42.0238 0x0d80 Processor - ok
10:20:42.0456 0x0d80 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] ProfSvc         C:\windows\system32\profsvc.dll
10:20:42.0488 0x0d80 ProfSvc - ok
10:20:42.0581 0x0d80 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] ProtectedStorage C:\windows\system32\lsass.exe
10:20:42.0581 0x0d80 ProtectedStorage - ok
10:20:42.0706 0x0d80 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched          C:\windows\system32\DRIVERS\pacer.sys
10:20:42.0737 0x0d80 Psched - ok
10:20:43.0392 0x0d80 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300          C:\windows\system32\drivers\ql2300.sys
10:20:43.0658 0x0d80 ql2300 - ok
10:20:43.0767 0x0d80 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx          C:\windows\system32\drivers\ql40xx.sys
10:20:43.0782 0x0d80 ql40xx - ok
10:20:43.0970 0x0d80 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE           C:\windows\system32\qwave.dll
10:20:43.0985 0x0d80 QWAVE - ok
10:20:44.0141 0x0d80 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv        C:\windows\system32\drivers\qwavedrv.sys
10:20:44.0141 0x0d80 QWAVEdrv - ok
10:20:44.0250 0x0d80 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd          C:\windows\system32\DRIVERS\rasacd.sys
10:20:44.0250 0x0d80 RasAcd - ok
10:20:44.0375 0x0d80 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn     C:\windows\system32\DRIVERS\AgileVpn.sys
10:20:44.0375 0x0d80 RasAgileVpn - ok
10:20:44.0469 0x0d80 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto         C:\windows\System32\rasauto.dll
10:20:44.0484 0x0d80 RasAuto - ok
10:20:44.0640 0x0d80 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp         C:\windows\system32\DRIVERS\rasl2tp.sys
10:20:44.0656 0x0d80 Rasl2tp - ok
10:20:44.0796 0x0d80 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan          C:\windows\System32\rasmans.dll
10:20:44.0828 0x0d80 RasMan - ok
10:20:45.0046 0x0d80 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe        C:\windows\system32\DRIVERS\raspppoe.sys
10:20:45.0046 0x0d80 RasPppoe - ok
10:20:45.0140 0x0d80 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp         C:\windows\system32\DRIVERS\rassstp.sys
10:20:45.0155 0x0d80 RasSstp - ok
10:20:45.0296 0x0d80 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss           C:\windows\system32\DRIVERS\rdbss.sys
10:20:45.0342 0x0d80 rdbss - ok
10:20:45.0452 0x0d80 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus          C:\windows\system32\drivers\rdpbus.sys
10:20:45.0467 0x0d80 rdpbus - ok
10:20:45.0561 0x0d80 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD          C:\windows\system32\DRIVERS\RDPCDD.sys
10:20:45.0561 0x0d80 RDPCDD - ok
10:20:45.0748 0x0d80 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD        C:\windows\system32\drivers\rdpencdd.sys
10:20:45.0748 0x0d80 RDPENCDD - ok
10:20:45.0857 0x0d80 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP        C:\windows\system32\drivers\rdprefmp.sys
10:20:45.0873 0x0d80 RDPREFMP - ok
10:20:46.0013 0x0d80 [ FE571E088C2D83619D2D48D4E961BF41, 88C5A2FCB1D0E528657842E39963471A6E42FCA3FCDF37955AEC8258AB4C48EA ] RDPWD           C:\windows\system32\drivers\RDPWD.sys
10:20:46.0029 0x0d80 RDPWD - ok
10:20:46.0434 0x0d80 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost        C:\windows\system32\drivers\rdyboost.sys
10:20:46.0512 0x0d80 rdyboost - ok
10:20:46.0590 0x0d80 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess    C:\windows\System32\mprdim.dll
10:20:46.0606 0x0d80 RemoteAccess - ok
10:20:46.0902 0x0d80 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
10:20:46.0949 0x0d80 RemoteRegistry - ok
10:20:47.0136 0x0d80 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper    C:\windows\System32\RpcEpMap.dll
10:20:47.0152 0x0d80 RpcEptMapper - ok
10:20:47.0230 0x0d80 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator      C:\windows\system32\locator.exe
10:20:47.0230 0x0d80 RpcLocator - ok
10:20:47.0417 0x0d80 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs           C:\windows\system32\rpcss.dll
10:20:47.0464 0x0d80 RpcSs - ok
10:20:47.0542 0x0d80 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr          C:\windows\system32\DRIVERS\rspndr.sys
10:20:47.0558 0x0d80 rspndr - ok
10:20:47.0604 0x0d80 RSUSBSTOR - ok
10:20:47.0932 0x0d80 [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] RTL8192Ce       C:\windows\system32\DRIVERS\rtl8192Ce.sys
10:20:48.0057 0x0d80 RTL8192Ce - ok
10:20:48.0088 0x0d80 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] SamSs           C:\windows\system32\lsass.exe
10:20:48.0104 0x0d80 SamSs - ok
10:20:48.0135 0x0d80 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port        C:\windows\system32\drivers\sbp2port.sys
10:20:48.0150 0x0d80 sbp2port - ok
10:20:48.0244 0x0d80 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr        C:\windows\System32\SCardSvr.dll
10:20:48.0260 0x0d80 SCardSvr - ok
10:20:48.0353 0x0d80 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter        C:\windows\system32\DRIVERS\scfilter.sys
10:20:48.0353 0x0d80 scfilter - ok
10:20:48.0696 0x0d80 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule        C:\windows\system32\schedsvc.dll
10:20:48.0806 0x0d80 Schedule - ok
10:20:48.0852 0x0d80 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc     C:\windows\System32\certprop.dll
10:20:48.0852 0x0d80 SCPolicySvc - ok
10:20:48.0962 0x0d80 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC          C:\windows\System32\SDRSVC.dll
10:20:48.0993 0x0d80 SDRSVC - ok
10:20:49.0086 0x0d80 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv          C:\windows\system32\drivers\secdrv.sys
10:20:49.0102 0x0d80 secdrv - ok
10:20:49.0164 0x0d80 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon        C:\windows\system32\seclogon.dll
10:20:49.0164 0x0d80 seclogon - ok
10:20:49.0258 0x0d80 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS            C:\windows\System32\sens.dll
10:20:49.0289 0x0d80 SENS - ok
10:20:49.0492 0x0d80 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc        C:\windows\system32\sensrsvc.dll
10:20:49.0508 0x0d80 SensrSvc - ok
10:20:49.0586 0x0d80 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum         C:\windows\system32\drivers\serenum.sys
10:20:49.0586 0x0d80 Serenum - ok
10:20:49.0710 0x0d80 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial          C:\windows\system32\drivers\serial.sys
10:20:49.0726 0x0d80 Serial - ok
10:20:49.0788 0x0d80 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse        C:\windows\system32\drivers\sermouse.sys
10:20:49.0788 0x0d80 sermouse - ok
10:20:49.0898 0x0d80 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv      C:\windows\system32\sessenv.dll
10:20:49.0929 0x0d80 SessionEnv - ok
10:20:49.0991 0x0d80 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk         C:\windows\system32\drivers\sffdisk.sys
10:20:50.0007 0x0d80 sffdisk - ok
10:20:50.0038 0x0d80 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc        C:\windows\system32\drivers\sffp_mmc.sys
10:20:50.0038 0x0d80 sffp_mmc - ok
10:20:50.0085 0x0d80 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd         C:\windows\system32\drivers\sffp_sd.sys
10:20:50.0147 0x0d80 sffp_sd - ok
10:20:50.0194 0x0d80 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy         C:\windows\system32\drivers\sfloppy.sys
10:20:50.0210 0x0d80 sfloppy - ok
10:20:50.0428 0x0d80 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] Sftfs           C:\windows\system32\DRIVERS\Sftfslh.sys
10:20:50.0522 0x0d80 Sftfs - ok
10:20:50.0849 0x0d80 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:20:50.0912 0x0d80 sftlist - ok
10:20:51.0208 0x0d80 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] Sftplay         C:\windows\system32\DRIVERS\Sftplaylh.sys
10:20:51.0255 0x0d80 Sftplay - ok
10:20:51.0848 0x0d80 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] Sftredir        C:\windows\system32\DRIVERS\Sftredirlh.sys
10:20:51.0910 0x0d80 Sftredir - ok
10:20:52.0097 0x0d80 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] Sftvol          C:\windows\system32\DRIVERS\Sftvollh.sys
10:20:52.0097 0x0d80 Sftvol - ok
10:20:52.0331 0x0d80 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:20:52.0362 0x0d80 sftvsa - ok
10:20:52.0565 0x0d80 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess    C:\windows\System32\ipnathlp.dll
10:20:52.0628 0x0d80 SharedAccess - ok
10:20:52.0877 0x0d80 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
10:20:52.0955 0x0d80 ShellHWDetection - ok
10:20:53.0111 0x0d80 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2        C:\windows\system32\drivers\SiSRaid2.sys
10:20:53.0111 0x0d80 SiSRaid2 - ok
10:20:53.0174 0x0d80 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4        C:\windows\system32\drivers\sisraid4.sys
10:20:53.0189 0x0d80 SiSRaid4 - ok
10:20:53.0330 0x0d80 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb             C:\windows\system32\DRIVERS\smb.sys
10:20:53.0345 0x0d80 Smb - ok
10:20:53.0532 0x0d80 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP        C:\windows\System32\snmptrap.exe
10:20:53.0532 0x0d80 SNMPTRAP - ok
10:20:53.0579 0x0d80 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr           C:\windows\system32\drivers\spldr.sys
10:20:53.0579 0x0d80 spldr - ok
10:20:53.0907 0x0d80 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler         C:\windows\System32\spoolsv.exe
10:20:54.0063 0x0d80 Spooler - ok
10:20:55.0872 0x0d80 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc          C:\windows\system32\sppsvc.exe
10:20:56.0122 0x0d80 sppsvc - ok
10:20:56.0543 0x0d80 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify     C:\windows\system32\sppuinotify.dll
10:20:56.0574 0x0d80 sppuinotify - ok
10:20:56.0808 0x0d80 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv             C:\windows\system32\DRIVERS\srv.sys
10:20:56.0855 0x0d80 srv - ok
10:20:57.0058 0x0d80 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2            C:\windows\system32\DRIVERS\srv2.sys
10:20:57.0261 0x0d80 srv2 - ok
10:20:57.0822 0x0d80 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet          C:\windows\system32\DRIVERS\srvnet.sys
10:20:57.0838 0x0d80 srvnet - ok
10:20:58.0025 0x0d80 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV         C:\windows\System32\ssdpsrv.dll
10:20:58.0275 0x0d80 SSDPSRV - ok
10:20:58.0556 0x0d80 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc         C:\windows\system32\sstpsvc.dll
10:20:58.0805 0x0d80 SstpSvc - ok
10:20:59.0086 0x0d80 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor        C:\windows\system32\drivers\stexstor.sys
10:20:59.0086 0x0d80 stexstor - ok
10:20:59.0414 0x0d80 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc          C:\windows\System32\wiaservc.dll
10:20:59.0523 0x0d80 stisvc - ok
10:20:59.0616 0x0d80 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum          C:\windows\system32\DRIVERS\swenum.sys
10:20:59.0616 0x0d80 swenum - ok
10:20:59.0757 0x0d80 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv           C:\windows\System32\swprv.dll
10:20:59.0882 0x0d80 swprv - ok
10:21:00.0162 0x0d80 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain         C:\windows\system32\sysmain.dll
10:21:00.0365 0x0d80 SysMain - ok
10:21:00.0490 0x0d80 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
10:21:00.0506 0x0d80 TabletInputService - ok
10:21:00.0568 0x0d80 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv         C:\windows\System32\tapisrv.dll
10:21:00.0599 0x0d80 TapiSrv - ok
10:21:00.0646 0x0d80 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS             C:\windows\System32\tbssvc.dll
10:21:00.0662 0x0d80 TBS - ok
10:21:01.0005 0x0d80 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] Tcpip           C:\windows\system32\drivers\tcpip.sys
10:21:01.0208 0x0d80 Tcpip - ok
10:21:01.0598 0x0d80 [ 04ADD18EE5CC9FBEDAEC1DD1CD0CB45E, F05C0C4CA3DD234AD5D60CF1EF763C9A1D9EC3C157E180C2D75CC07E6B02A611 ] TCPIP6          C:\windows\system32\DRIVERS\tcpip.sys
10:21:01.0769 0x0d80 TCPIP6 - ok
10:21:01.0894 0x0d80 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg        C:\windows\system32\drivers\tcpipreg.sys
10:21:01.0894 0x0d80 tcpipreg - ok
10:21:01.0956 0x0d80 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst        C:\windows\system32\DRIVERS\tdcmdpst.sys
10:21:01.0972 0x0d80 tdcmdpst - ok
10:21:02.0019 0x0d80 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE          C:\windows\system32\drivers\tdpipe.sys
10:21:02.0034 0x0d80 TDPIPE - ok
10:21:02.0097 0x0d80 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP           C:\windows\system32\drivers\tdtcp.sys
10:21:02.0097 0x0d80 TDTCP - ok
10:21:02.0159 0x0d80 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] tdx             C:\windows\system32\DRIVERS\tdx.sys
10:21:02.0175 0x0d80 tdx - ok
10:21:02.0237 0x0d80 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD          C:\windows\system32\DRIVERS\termdd.sys
10:21:02.0253 0x0d80 TermDD - ok
10:21:02.0393 0x0d80 [ 008CD4EBFABCF78D0F19B3778492648C, 9050490EEE0AD86E73F0A82D83E4FC29DF84F6B6FDB389AE135FD712B5F425BE ] TermService     C:\windows\System32\termsrv.dll
10:21:02.0456 0x0d80 TermService - ok
10:21:02.0502 0x0d80 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes          C:\windows\system32\themeservice.dll
10:21:02.0518 0x0d80 Themes - ok
10:21:02.0549 0x0d80 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER     C:\windows\system32\mmcss.dll
10:21:02.0565 0x0d80 THREADORDER - ok
10:21:02.0674 0x0d80 [ DFE9BA871B9F3DBB591BD113611CBCC0, 8AD07A7C08A68B590819F93614D518D15121BAB4BBC453B12A4E5137874FD4BC ] TMachInfo       C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
10:21:02.0674 0x0d80 TMachInfo - ok
10:21:02.0736 0x0d80 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv         C:\windows\system32\TODDSrv.exe
10:21:02.0752 0x0d80 TODDSrv - ok
10:21:02.0924 0x0d80 [ DB9719688C08F42705FEB3F6A0C98B91, D8E837F2F5C3838312001CCDD37448ABAE3DD6452CE6DC26241678E0F3A584CE ] TosCoSrv        C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
10:21:02.0970 0x0d80 TosCoSrv - ok
10:21:03.0111 0x0d80 [ 74C2FA8C3765EE71A9C22182EC108457, A7073FAB6CE6FB9824544A9CDCCA441D08FD87D68EB564DCB1186FC257776221 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
10:21:03.0126 0x0d80 TOSHIBA HDD SSD Alert Service - ok
10:21:03.0189 0x0d80 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks          C:\windows\System32\trkwks.dll
10:21:03.0204 0x0d80 TrkWks - ok
10:21:03.0329 0x0d80 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
10:21:03.0360 0x0d80 TrustedInstaller - ok
10:21:03.0423 0x0d80 [ E232A3B43A894BB327FC161529BD9ED1, F2673DA8C920F21ACCECC25F7C59A05822E5E577D47F126EDF9C94FEB4B30C5F ] tssecsrv        C:\windows\system32\DRIVERS\tssecsrv.sys
10:21:03.0423 0x0d80 tssecsrv - ok
10:21:03.0501 0x0d80 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt        C:\windows\system32\drivers\tsusbflt.sys
10:21:03.0501 0x0d80 TsUsbFlt - ok
10:21:03.0532 0x0d80 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD         C:\windows\system32\drivers\TsUsbGD.sys
10:21:03.0532 0x0d80 TsUsbGD - ok
10:21:03.0626 0x0d80 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel          C:\windows\system32\DRIVERS\tunnel.sys
10:21:03.0641 0x0d80 tunnel - ok
10:21:03.0704 0x0d80 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ           C:\windows\system32\DRIVERS\TVALZ_O.SYS
10:21:03.0704 0x0d80 TVALZ - ok
10:21:03.0735 0x0d80 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35          C:\windows\system32\drivers\uagp35.sys
10:21:03.0750 0x0d80 uagp35 - ok
10:21:03.0813 0x0d80 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs            C:\windows\system32\DRIVERS\udfs.sys
10:21:03.0844 0x0d80 udfs - ok
10:21:03.0906 0x0d80 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect       C:\windows\system32\UI0Detect.exe
10:21:03.0922 0x0d80 UI0Detect - ok
10:21:03.0953 0x0d80 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx        C:\windows\system32\drivers\uliagpkx.sys
10:21:03.0969 0x0d80 uliagpkx - ok
10:21:04.0016 0x0d80 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus           C:\windows\system32\DRIVERS\umbus.sys
10:21:04.0016 0x0d80 umbus - ok
10:21:04.0078 0x0d80 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass          C:\windows\system32\drivers\umpass.sys
10:21:04.0078 0x0d80 UmPass - ok
10:21:04.0203 0x0d80 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost        C:\windows\System32\upnphost.dll
10:21:04.0234 0x0d80 upnphost - ok
10:21:04.0312 0x0d80 [ 5FCC71487888589A9244AF54CFEFAB29, 26ABD7B15B92231CB3090E888B15673964DC50BEDF65583A3FEA74DD315D5088 ] usbbus          C:\windows\system32\DRIVERS\lgx64bus.sys
10:21:04.0312 0x0d80 usbbus - ok
10:21:04.0359 0x0d80 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] usbccgp         C:\windows\system32\DRIVERS\usbccgp.sys
10:21:04.0374 0x0d80 usbccgp - ok
10:21:04.0437 0x0d80 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir          C:\windows\system32\drivers\usbcir.sys
10:21:04.0452 0x0d80 usbcir - ok
10:21:04.0515 0x0d80 [ 3FB6E423F7567C92C32EA786F5FD0C69, E9914DCCC0898497B4300D3D5ED424670551A4C8CB8F4DBF860BB86DBFCEF71A ] UsbDiag         C:\windows\system32\DRIVERS\lgx64diag.sys
10:21:04.0530 0x0d80 UsbDiag - ok
10:21:04.0562 0x0d80 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] usbehci         C:\windows\system32\DRIVERS\usbehci.sys
10:21:04.0577 0x0d80 usbehci - ok
10:21:04.0640 0x0d80 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] usbhub          C:\windows\system32\DRIVERS\usbhub.sys
10:21:04.0671 0x0d80 usbhub - ok
10:21:04.0702 0x0d80 [ 78D551F5B93488B4666F5FC8DD4815F3, 04036C917AB2F5ADD556C29BDD767859D48812EAC6081EC6EF510AF2167BE967 ] USBModem        C:\windows\system32\DRIVERS\lgx64modem.sys
10:21:04.0718 0x0d80 USBModem - ok
10:21:04.0780 0x0d80 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] usbohci         C:\windows\system32\DRIVERS\usbohci.sys
10:21:04.0780 0x0d80 usbohci - ok
10:21:04.0842 0x0d80 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint        C:\windows\system32\drivers\usbprint.sys
10:21:04.0858 0x0d80 usbprint - ok
10:21:04.0905 0x0d80 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR         C:\windows\system32\DRIVERS\USBSTOR.SYS
10:21:04.0920 0x0d80 USBSTOR - ok
10:21:05.0030 0x0d80 [ DD253AFC3BC6CBA412342DE60C3647F3, 146F8613F1057AC054DC3593E84BC52899DA27EA33B0E72ACFB78C3699ADCDE7 ] usbuhci         C:\windows\system32\drivers\usbuhci.sys
10:21:05.0030 0x0d80 usbuhci - ok
10:21:05.0108 0x0d80 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] usbvideo        C:\windows\System32\Drivers\usbvideo.sys
10:21:05.0139 0x0d80 usbvideo - ok
10:21:05.0170 0x0d80 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms           C:\windows\System32\uxsms.dll
10:21:05.0186 0x0d80 UxSms - ok
10:21:05.0217 0x0d80 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] VaultSvc        C:\windows\system32\lsass.exe
10:21:05.0217 0x0d80 VaultSvc - ok
10:21:05.0248 0x0d80 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot        C:\windows\system32\drivers\vdrvroot.sys
10:21:05.0248 0x0d80 vdrvroot - ok
10:21:05.0357 0x0d80 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds             C:\windows\System32\vds.exe
10:21:05.0404 0x0d80 vds - ok
10:21:05.0498 0x0d80 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga             C:\windows\system32\DRIVERS\vgapnp.sys
10:21:05.0513 0x0d80 vga - ok
10:21:05.0529 0x0d80 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave         C:\windows\System32\drivers\vga.sys
10:21:05.0544 0x0d80 VgaSave - ok
10:21:05.0591 0x0d80 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp           C:\windows\system32\drivers\vhdmp.sys
10:21:05.0607 0x0d80 vhdmp - ok
10:21:05.0669 0x0d80 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide          C:\windows\system32\drivers\viaide.sys
10:21:05.0669 0x0d80 viaide - ok
10:21:05.0716 0x0d80 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr          C:\windows\system32\drivers\volmgr.sys
10:21:05.0716 0x0d80 volmgr - ok
10:21:05.0778 0x0d80 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx         C:\windows\system32\drivers\volmgrx.sys
10:21:05.0810 0x0d80 volmgrx - ok
10:21:05.0888 0x0d80 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap         C:\windows\system32\drivers\volsnap.sys
10:21:05.0919 0x0d80 volsnap - ok
10:21:05.0981 0x0d80 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid         C:\windows\system32\drivers\vsmraid.sys
10:21:05.0997 0x0d80 vsmraid - ok
10:21:06.0324 0x0d80 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS             C:\windows\system32\vssvc.exe
10:21:06.0512 0x0d80 VSS - ok
10:21:06.0870 0x0d80 [ B8AEAC85EFEDF1F53B80DC100D0B3B2D, 5730A7827ECE9A45F4C217FD9EBBAC1EE1FA41BDA10D6BFA88BB29586F3DBA4D ] vumowoge        C:\Users\RoseCake\AppData\Roaming\C0918958-1426350886-E011-B5A7-00266CC682D8\nsp6A1E.tmp
10:21:06.0886 0x0d80 vumowoge - ok
10:21:06.0917 0x0d80 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus        C:\windows\system32\DRIVERS\vwifibus.sys
10:21:06.0917 0x0d80 vwifibus - ok
10:21:06.0964 0x0d80 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt        C:\windows\system32\DRIVERS\vwififlt.sys
10:21:06.0964 0x0d80 vwififlt - ok
10:21:07.0026 0x0d80 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] vwifimp         C:\windows\system32\DRIVERS\vwifimp.sys
10:21:07.0026 0x0d80 vwifimp - ok
10:21:07.0104 0x0d80 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time         C:\windows\system32\w32time.dll
10:21:07.0151 0x0d80 W32Time - ok
10:21:07.0198 0x0d80 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen        C:\windows\system32\drivers\wacompen.sys
10:21:07.0198 0x0d80 WacomPen - ok
10:21:07.0307 0x0d80 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP          C:\windows\system32\DRIVERS\wanarp.sys
10:21:07.0323 0x0d80 WANARP - ok
10:21:07.0338 0x0d80 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6        C:\windows\system32\DRIVERS\wanarp.sys
10:21:07.0354 0x0d80 Wanarpv6 - ok
10:21:07.0588 0x0d80 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc     C:\windows\system32\Wat\WatAdminSvc.exe
10:21:07.0744 0x0d80 WatAdminSvc - ok
10:21:07.0916 0x0d80 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine        C:\windows\system32\wbengine.exe
10:21:08.0087 0x0d80 wbengine - ok
10:21:08.0134 0x0d80 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc        C:\windows\System32\wbiosrvc.dll
10:21:08.0165 0x0d80 WbioSrvc - ok
10:21:08.0228 0x0d80 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc         C:\windows\System32\wcncsvc.dll
10:21:08.0259 0x0d80 wcncsvc - ok
10:21:08.0290 0x0d80 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
10:21:08.0306 0x0d80 WcsPlugInService - ok
10:21:08.0352 0x0d80 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd              C:\windows\system32\drivers\wd.sys
10:21:08.0352 0x0d80 Wd - ok
10:21:08.0462 0x0d80 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000        C:\windows\system32\drivers\Wdf01000.sys
10:21:08.0555 0x0d80 Wdf01000 - ok
10:21:08.0618 0x0d80 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiServiceHost C:\windows\system32\wdi.dll
10:21:08.0633 0x0d80 WdiServiceHost - ok
10:21:08.0649 0x0d80 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] WdiSystemHost   C:\windows\system32\wdi.dll
10:21:08.0680 0x0d80 WdiSystemHost - ok
10:21:08.0742 0x0d80 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient       C:\windows\System32\webclnt.dll
10:21:08.0774 0x0d80 WebClient - ok
10:21:08.0836 0x0d80 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc          C:\windows\system32\wecsvc.dll
10:21:08.0852 0x0d80 Wecsvc - ok
10:21:08.0883 0x0d80 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport   C:\windows\System32\wercplsupport.dll
10:21:08.0898 0x0d80 wercplsupport - ok
10:21:08.0945 0x0d80 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc          C:\windows\System32\WerSvc.dll
10:21:08.0976 0x0d80 WerSvc - ok
10:21:08.0992 0x0d80 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf          C:\windows\system32\DRIVERS\wfplwf.sys
10:21:08.0992 0x0d80 WfpLwf - ok
10:21:09.0070 0x0d80 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount        C:\windows\system32\drivers\wimmount.sys
10:21:09.0070 0x0d80 WIMMount - ok
10:21:09.0117 0x0d80 WinDefend - ok
10:21:09.0164 0x0d80 WinHttpAutoProxySvc - ok
10:21:09.0335 0x0d80 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt         C:\windows\system32\wbem\WMIsvc.dll
10:21:09.0366 0x0d80 Winmgmt - ok
10:21:09.0663 0x0d80 [ D929ABD465A2DED963DA8B30946A8D5C, DE8DBFB01C11D2AE903CBD6A974D6F995E9813CE2D6484B7DA06EAE4C545842A ] WinRM           C:\windows\system32\WsmSvc.dll
10:21:09.0897 0x0d80 WinRM - ok
10:21:09.0975 0x0d80 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb          C:\windows\system32\DRIVERS\WinUsb.sys
10:21:09.0990 0x0d80 WinUsb - ok
10:21:10.0131 0x0d80 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc         C:\windows\System32\wlansvc.dll
10:21:10.0256 0x0d80 Wlansvc - ok
10:21:10.0365 0x0d80 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc        C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
10:21:10.0365 0x0d80 wlcrasvc - ok
10:21:10.0817 0x0d80 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:21:11.0036 0x0d80 wlidsvc - ok
10:21:11.0067 0x0d80 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi         C:\windows\system32\drivers\wmiacpi.sys
10:21:11.0067 0x0d80 WmiAcpi - ok
10:21:11.0145 0x0d80 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv        C:\windows\system32\wbem\WmiApSrv.exe
10:21:11.0160 0x0d80 wmiApSrv - ok
10:21:11.0223 0x0d80 WMPNetworkSvc - ok
10:21:11.0270 0x0d80 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc          C:\windows\System32\wpcsvc.dll
10:21:11.0285 0x0d80 WPCSvc - ok
10:21:11.0332 0x0d80 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum      C:\windows\system32\wpdbusenum.dll
10:21:11.0363 0x0d80 WPDBusEnum - ok
10:21:11.0410 0x0d80 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl         C:\windows\system32\drivers\ws2ifsl.sys
10:21:11.0410 0x0d80 ws2ifsl - ok
10:21:11.0457 0x0d80 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc          C:\windows\System32\wscsvc.dll
10:21:11.0472 0x0d80 wscsvc - ok
10:21:11.0488 0x0d80 WSearch - ok
10:21:11.0894 0x0d80 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] wuauserv        C:\windows\system32\wuaueng.dll
10:21:12.0128 0x0d80 wuauserv - ok
10:21:12.0174 0x0d80 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf          C:\windows\system32\drivers\WudfPf.sys
10:21:12.0174 0x0d80 WudfPf - ok
10:21:12.0237 0x0d80 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd          C:\windows\system32\DRIVERS\WUDFRd.sys
10:21:12.0252 0x0d80 WUDFRd - ok
10:21:12.0299 0x0d80 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc         C:\windows\System32\WUDFSvc.dll
10:21:12.0330 0x0d80 wudfsvc - ok
10:21:12.0377 0x0d80 [ 04F82965C09CBDF646B487E145060301, 2CD8533EDBE24C3E42EB7550E20F8A2EB9E5E345B165DEF543163A6BC1FDD18B ] WwanSvc         C:\windows\System32\wwansvc.dll
10:21:12.0424 0x0d80 WwanSvc - ok
10:21:12.0986 0x0d80 [ AC9A3A92A878DE61621E7544B2C4AF29, 63477061504DCE449F5EAC55DC1CAF905E6C5DAB30A1A018AAA15A2400D6F21C ] YouTubeDownload_G2 C:\Program Files (x86)\YouTube Download Pool\G2\youtubeserv.exe
10:21:13.0251 0x0d80 YouTubeDownload_G2 - ok
10:21:13.0313 0x0d80 ================ Scan global ===============================
10:21:13.0360 0x0d80 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
10:21:13.0469 0x0d80 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
10:21:13.0516 0x0d80 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\windows\system32\winsrv.dll
10:21:13.0578 0x0d80 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
10:21:13.0703 0x0d80 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
10:21:13.0734 0x0d80 [ Global ] - ok
10:21:13.0734 0x0d80 ================ Scan MBR ==================================
10:21:13.0750 0x0d80 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
10:21:14.0655 0x0d80 \Device\Harddisk0\DR0 - ok
10:21:14.0670 0x0d80 ================ Scan VBR ==================================
10:21:14.0686 0x0d80 [ 4B2EBEDB962D6AD0A9670E1B543E8AE4 ] \Device\Harddisk0\DR0\Partition1
10:21:14.0702 0x0d80 \Device\Harddisk0\DR0\Partition1 - ok
10:21:14.0702 0x0d80 ================ Scan active images ========================
10:21:14.0717 0x0d80 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
10:21:14.0717 0x0d80 C:\Windows\System32\drivers\crashdmp.sys - ok
10:21:14.0733 0x0d80 [ B3222734D80013D2C73841B0C549FA63, F712A301B74F4E55E37189B989E02E845B15BFAF70749DA4000DA26E40CCFC90 ] C:\Windows\System32\drivers\Diskdump.sys
10:21:14.0733 0x0d80 C:\Windows\System32\drivers\Diskdump.sys - ok
10:21:14.0748 0x0d80 [ CAEE7C1AFC9F1C9EE8DD11ACD18D22E7, B8953CC6B833E76F1483EFDB0198F14FA43E530D1A9FEA33260FD2EDB811B230 ] C:\Windows\System32\drivers\amd_sata.sys
10:21:14.0748 0x0d80 C:\Windows\System32\drivers\amd_sata.sys - ok
10:21:14.0764 0x0d80 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
10:21:14.0764 0x0d80 C:\Windows\System32\drivers\dumpfve.sys - ok
10:21:14.0780 0x0d80 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
10:21:14.0780 0x0d80 C:\Windows\System32\drivers\cdrom.sys - ok
10:21:14.0811 0x0d80 [ 669F6B37965756E407B447272B5EE39F, FE2C0A8F96415191650485AED637A45B26E7B9A25A4BFB5D809844BD24FD6BA9 ] C:\Windows\System32\drivers\aswSnx.sys
10:21:14.0811 0x0d80 C:\Windows\System32\drivers\aswSnx.sys - ok
10:21:14.0826 0x0d80 [ 3A145C94A519E52FE7E99460DD0DF53C, 91E9544B1B72FCC32463BF34838DAA9F14DCABF3BE9FE9382087ACDB3B4FC598 ] C:\Windows\System32\drivers\aswSP.sys
10:21:14.0826 0x0d80 C:\Windows\System32\drivers\aswSP.sys - ok
10:21:14.0842 0x0d80 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
10:21:14.0842 0x0d80 C:\Windows\System32\drivers\null.sys - ok
10:21:14.0858 0x0d80 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
10:21:14.0858 0x0d80 C:\Windows\System32\drivers\beep.sys - ok
10:21:14.0889 0x0d80 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
10:21:14.0889 0x0d80 C:\Windows\System32\drivers\watchdog.sys - ok
10:21:14.0904 0x0d80 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
10:21:14.0904 0x0d80 C:\Windows\System32\drivers\videoprt.sys - ok
10:21:14.0920 0x0d80 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
10:21:14.0920 0x0d80 C:\Windows\System32\drivers\vga.sys - ok
10:21:14.0936 0x0d80 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
10:21:14.0936 0x0d80 C:\Windows\System32\drivers\RDPCDD.sys - ok
10:21:14.0951 0x0d80 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
10:21:14.0951 0x0d80 C:\Windows\System32\drivers\RDPENCDD.sys - ok
10:21:14.0967 0x0d80 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
10:21:14.0967 0x0d80 C:\Windows\System32\drivers\RDPREFMP.sys - ok
10:21:14.0982 0x0d80 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
10:21:14.0982 0x0d80 C:\Windows\System32\drivers\msfs.sys - ok
10:21:15.0014 0x0d80 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
10:21:15.0014 0x0d80 C:\Windows\System32\drivers\npfs.sys - ok
10:21:15.0029 0x0d80 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
10:21:15.0029 0x0d80 C:\Windows\System32\drivers\tdi.sys - ok
10:21:15.0045 0x0d80 [ 70988118145F5F10EF24720B97F35F65, F80C806417A68047FFB3D63214BC4AE5445315219AC594E043293006B704A63D ] C:\Windows\System32\drivers\tdx.sys
10:21:15.0045 0x0d80 C:\Windows\System32\drivers\tdx.sys - ok
10:21:15.0060 0x0d80 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
10:21:15.0060 0x0d80 C:\Windows\System32\drivers\netbt.sys - ok
10:21:15.0060 0x0d80 [ FA886682CFC5D36718D3E436AACF10B9, F80AB4F91AA6B5C7ECCB000D8E1BC2CF776DC3D69B3D9EBC2558C19035A6B3AB ] C:\Windows\System32\drivers\afd.sys
10:21:15.0060 0x0d80 C:\Windows\System32\drivers\afd.sys - ok
10:21:15.0092 0x0d80 [ BC18D5B42B19564BA09156410E1FB9BE, 0DA9636632462208AE4D360BFE5A8187644B036A0D43E981665D888A5363B953 ] C:\Windows\System32\drivers\aswRdr2.sys
10:21:15.0092 0x0d80 C:\Windows\System32\drivers\aswRdr2.sys - ok
10:21:15.0107 0x0d80 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
10:21:15.0107 0x0d80 C:\Windows\System32\drivers\wfplwf.sys - ok
10:21:15.0138 0x0d80 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
10:21:15.0138 0x0d80 C:\Windows\System32\drivers\pacer.sys - ok
10:21:15.0154 0x0d80 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
10:21:15.0154 0x0d80 C:\Windows\System32\drivers\vwififlt.sys - ok
10:21:15.0170 0x0d80 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
10:21:15.0170 0x0d80 C:\Windows\System32\drivers\netbios.sys - ok
10:21:15.0185 0x0d80 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
10:21:15.0185 0x0d80 C:\Windows\System32\drivers\wanarp.sys - ok
10:21:15.0201 0x0d80 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
10:21:15.0201 0x0d80 C:\Windows\System32\drivers\termdd.sys - ok
10:21:15.0216 0x0d80 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
10:21:15.0216 0x0d80 C:\Windows\System32\drivers\rdbss.sys - ok
10:21:15.0248 0x0d80 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
10:21:15.0248 0x0d80 C:\Windows\System32\drivers\nsiproxy.sys - ok
10:21:15.0263 0x0d80 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
10:21:15.0263 0x0d80 C:\Windows\System32\drivers\mssmbios.sys - ok
10:21:15.0279 0x0d80 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
10:21:15.0279 0x0d80 C:\Windows\System32\drivers\discache.sys - ok
10:21:15.0294 0x0d80 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
10:21:15.0294 0x0d80 C:\Windows\System32\drivers\dfsc.sys - ok
10:21:15.0310 0x0d80 [ BA8E5B2291C01EF71CA80E25F0C79D55, 913C85EC00752AEEE2E29C6664085865DA45A091789C0F8CB015208D69F1915A ] C:\Windows\System32\drivers\ctxusbm.sys
10:21:15.0310 0x0d80 C:\Windows\System32\drivers\ctxusbm.sys - ok
10:21:15.0341 0x0d80 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
10:21:15.0341 0x0d80 C:\Windows\System32\drivers\blbdrive.sys - ok
10:21:15.0357 0x0d80 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
10:21:15.0357 0x0d80 C:\Windows\System32\drivers\tunnel.sys - ok
10:21:15.0372 0x0d80 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] C:\Windows\System32\drivers\amdppm.sys
10:21:15.0372 0x0d80 C:\Windows\System32\drivers\amdppm.sys - ok
10:21:15.0388 0x0d80 [ EEF6F806EEDFD1C746071F1FD684870E, 05944FC38D01A8D547239CBC39F723FF640C53FFAF493A3FF7CC3F222302BC91 ] C:\Windows\System32\drivers\atikmpag.sys
10:21:15.0388 0x0d80 C:\Windows\System32\drivers\atikmpag.sys - ok
10:21:15.0419 0x0d80 [ 63D3C30B497347495B8EA78A38188969, 6A20A3B547EA8D98211EE38498713A70EECA596D3351E0D745DDB0D8FBA1D534 ] C:\Windows\System32\smss.exe
10:21:15.0419 0x0d80 C:\Windows\System32\smss.exe - ok
10:21:15.0435 0x0d80 [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll
10:21:15.0435 0x0d80 C:\Windows\System32\ntdll.dll - ok
10:21:15.0450 0x0d80 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
10:21:15.0450 0x0d80 C:\Windows\System32\autochk.exe - ok
10:21:15.0466 0x0d80 [ 7A1AC757F3A2A3126A806B7319CAB21B, C4F18BA78659619B0FEB7C793BB2B97666C8A97E000A3C0AB3D8E294436559D1 ] C:\Windows\System32\drivers\atikmdag.sys
10:21:15.0466 0x0d80 C:\Windows\System32\drivers\atikmdag.sys - ok
10:21:15.0482 0x0d80 [ 87CE5C8965E101CCCED1F4675557E868, 077D98F0F130B2FC710208BA34016EF2B2506EE2BD71740B228145E34A3046F1 ] C:\Windows\System32\drivers\dxgkrnl.sys
10:21:15.0482 0x0d80 C:\Windows\System32\drivers\dxgkrnl.sys - ok
10:21:15.0497 0x0d80 [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys
10:21:15.0497 0x0d80 C:\Windows\System32\drivers\dxgmms1.sys - ok
10:21:15.0513 0x0d80 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] C:\Windows\System32\drivers\tdcmdpst.sys
10:21:15.0513 0x0d80 C:\Windows\System32\drivers\tdcmdpst.sys - ok
10:21:15.0528 0x0d80 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
10:21:15.0528 0x0d80 C:\Windows\System32\ws2_32.dll - ok
10:21:15.0544 0x0d80 [ 01F9FEB7F0C84EA1AC6A9B4D7C6B0435, F1B6177A8FDC97C397A6438B791C358BB1EA1A422A92817063338F906E243943 ] C:\Windows\System32\shell32.dll
10:21:15.0544 0x0d80 C:\Windows\System32\shell32.dll - ok
10:21:15.0560 0x0d80 [ 12FEB33791920678F8433701C822BCFD, 7D1AD944CF0532D5AF951ACCE064EA9288F068964603674854CD7658D2B96039 ] C:\Windows\System32\drivers\usbport.sys
10:21:15.0560 0x0d80 C:\Windows\System32\drivers\usbport.sys - ok
10:21:15.0575 0x0d80 [ 765A92D428A8DB88B960DA5A8D6089DC, 56DE8A2ED58E53B202C399CA7BACB1551136303C2EE0AB426BDBBF880E3C542C ] C:\Windows\System32\drivers\usbohci.sys
10:21:15.0575 0x0d80 C:\Windows\System32\drivers\usbohci.sys - ok
10:21:15.0591 0x0d80 [ 18A85013A3E0F7E1755365D287443965, 811C5EDF38C765BCF71BCE25CB6626FF6988C3699F5EF1846240EA0052F34C33 ] C:\Windows\System32\drivers\usbehci.sys
10:21:15.0591 0x0d80 C:\Windows\System32\drivers\usbehci.sys - ok
10:21:15.0606 0x0d80 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
10:21:15.0606 0x0d80 C:\Windows\System32\drivers\hdaudbus.sys - ok
10:21:15.0638 0x0d80 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
10:21:15.0638 0x0d80 C:\Windows\System32\drivers\i8042prt.sys - ok
10:21:15.0653 0x0d80 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
10:21:15.0653 0x0d80 C:\Windows\System32\drivers\kbdclass.sys - ok
10:21:15.0669 0x0d80 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
10:21:15.0669 0x0d80 C:\Windows\System32\drivers\mouclass.sys - ok
10:21:15.0684 0x0d80 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
10:21:15.0684 0x0d80 C:\Windows\System32\drivers\CmBatt.sys - ok
10:21:15.0700 0x0d80 [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] C:\Windows\System32\drivers\rtl8192ce.sys
10:21:15.0700 0x0d80 C:\Windows\System32\drivers\rtl8192ce.sys - ok
10:21:15.0716 0x0d80 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
10:21:15.0716 0x0d80 C:\Windows\System32\drivers\vwifibus.sys - ok
10:21:15.0731 0x0d80 [ 0E154DA6CA9105354A07D0C576804037, 10A7F6E2A031C2D96B362411DCA2C347E7D7B6ADED9021674E0E633AB9F45D7B ] C:\Windows\System32\drivers\L1C62x64.sys
10:21:15.0731 0x0d80 C:\Windows\System32\drivers\L1C62x64.sys - ok
10:21:15.0747 0x0d80 [ 60ACB128E64C35C2B4E4AAB1B0A5C293, 7B476AB5E95529A894F95397C753662F4C58D1FE89F4648271251DA77C5A3FA9 ] C:\Windows\System32\drivers\FwLnk.sys
10:21:15.0747 0x0d80 C:\Windows\System32\drivers\FwLnk.sys - ok
10:21:15.0762 0x0d80 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
10:21:15.0762 0x0d80 C:\Windows\System32\drivers\CompositeBus.sys - ok
10:21:15.0794 0x0d80 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
10:21:15.0794 0x0d80 C:\Windows\System32\drivers\agilevpn.sys - ok
10:21:15.0809 0x0d80 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
10:21:15.0809 0x0d80 C:\Windows\System32\drivers\rasl2tp.sys - ok
10:21:15.0825 0x0d80 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
10:21:15.0825 0x0d80 C:\Windows\System32\drivers\ndistapi.sys - ok
10:21:15.0840 0x0d80 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
10:21:15.0840 0x0d80 C:\Windows\System32\drivers\ndiswan.sys - ok
10:21:15.0856 0x0d80 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
10:21:15.0856 0x0d80 C:\Windows\System32\drivers\raspppoe.sys - ok
10:21:15.0872 0x0d80 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
10:21:15.0872 0x0d80 C:\Windows\System32\drivers\raspptp.sys - ok
10:21:15.0887 0x0d80 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
10:21:15.0887 0x0d80 C:\Windows\System32\drivers\rassstp.sys - ok
10:21:15.0903 0x0d80 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
10:21:15.0903 0x0d80 C:\Windows\System32\comdlg32.dll - ok
10:21:15.0918 0x0d80 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
10:21:15.0918 0x0d80 C:\Windows\System32\difxapi.dll - ok
10:21:15.0934 0x0d80 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
10:21:15.0934 0x0d80 C:\Windows\System32\drivers\ks.sys - ok
10:21:15.0950 0x0d80 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
10:21:15.0950 0x0d80 C:\Windows\System32\drivers\swenum.sys - ok
10:21:15.0965 0x0d80 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
10:21:15.0965 0x0d80 C:\Windows\System32\drivers\umbus.sys - ok
10:21:15.0981 0x0d80 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
10:21:15.0981 0x0d80 C:\Windows\System32\ole32.dll - ok
10:21:15.0996 0x0d80 [ 088CF6AFCD5CDD44E40C0ACDE3C1A5E0, AC6AFCAE3A58AAABC972B3D6A1ED383A59910C689F38D9D4A059A0A535BA1039 ] C:\Windows\System32\usp10.dll
10:21:15.0996 0x0d80 C:\Windows\System32\usp10.dll - ok
10:21:16.0012 0x0d80 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
10:21:16.0012 0x0d80 C:\Windows\System32\sechost.dll - ok
10:21:16.0043 0x0d80 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
10:21:16.0043 0x0d80 C:\Windows\System32\clbcatq.dll - ok
10:21:16.0059 0x0d80 [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll
10:21:16.0059 0x0d80 C:\Windows\System32\advapi32.dll - ok
10:21:16.0074 0x0d80 [ 8D1196CFBB223621F2C67D45710F25BA, B5D7AFE51833B24FC9576F3AED3D8A2B290E5846060E73F9FFFAC1890A8B6003 ] C:\Windows\System32\drivers\usbhub.sys
10:21:16.0074 0x0d80 C:\Windows\System32\drivers\usbhub.sys - ok
10:21:16.0090 0x0d80 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
10:21:16.0090 0x0d80 C:\Windows\System32\imm32.dll - ok
10:21:16.0106 0x0d80 [ AE4FEDD98096C09A8A86E021FC5E9D67, 211F62C48BA8A5C98DE03EB7CCC7AD53A3CC849B9D893C546087CB76C635C863 ] C:\Windows\System32\oleaut32.dll
10:21:16.0106 0x0d80 C:\Windows\System32\oleaut32.dll - ok
10:21:16.0121 0x0d80 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
10:21:16.0121 0x0d80 C:\Windows\System32\setupapi.dll - ok
10:21:16.0152 0x0d80 [ 62269DEFF17AB006217330A24EA8577B, 52A13380A2AEA1CF61D9CE3CF62AADB9B6833A7D2B0236437CDF976A2BF42F50 ] C:\Windows\System32\iertutil.dll
10:21:16.0152 0x0d80 C:\Windows\System32\iertutil.dll - ok
10:21:16.0168 0x0d80 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
10:21:16.0168 0x0d80 C:\Windows\System32\msvcrt.dll - ok
10:21:16.0184 0x0d80 [ E88A78273D429554B6B2D2BDA945ED9B, B090BB1E1EE7F3386491C39699D61458E8F9146C7AB86D41B9E39F2C04CDDF58 ] C:\Windows\System32\msctf.dll
10:21:16.0184 0x0d80 C:\Windows\System32\msctf.dll - ok
10:21:16.0199 0x0d80 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
10:21:16.0199 0x0d80 C:\Windows\System32\nsi.dll - ok
10:21:16.0215 0x0d80 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
10:21:16.0215 0x0d80 C:\Windows\System32\Wldap32.dll - ok
10:21:16.0246 0x0d80 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
10:21:16.0246 0x0d80 C:\Windows\System32\drivers\ndproxy.sys - ok
10:21:16.0262 0x0d80 [ 36F99BD8A0F09BDBB7850A138845A014, 2E89D7408C356C2795C03A3B73652E81C1DA2F2C1B3A25582CE573BB0CABD0A4 ] C:\Windows\System32\wininet.dll
10:21:16.0262 0x0d80 C:\Windows\System32\wininet.dll - ok
10:21:16.0277 0x0d80 [ E0D3CD5841E5C7BE7B94BA946AF1E498, 4EAE1B226255623DA41A047633994D6902F6D4CA5757BF5D85E227378336227F ] C:\Windows\System32\drivers\drmk.sys
10:21:16.0277 0x0d80 C:\Windows\System32\drivers\drmk.sys - ok
10:21:16.0293 0x0d80 [ 1E0B4CBBA91C6B041A14ECC2186F7E24, 63039A317F906454A0652704DA2D646658A148B9B55BFB5D2F4B27997F357DF9 ] C:\Windows\System32\drivers\portcls.sys
10:21:16.0293 0x0d80 C:\Windows\System32\drivers\portcls.sys - ok
10:21:16.0308 0x0d80 [ 99B1B888B793DE320C5479B3C953781F, 6A499F916132998FBDFA587823A11C2ED1D27DED10374F6A41BA5861A2FF969E ] C:\Windows\System32\drivers\CHDRT64.sys
10:21:16.0308 0x0d80 C:\Windows\System32\drivers\CHDRT64.sys - ok
10:21:16.0324 0x0d80 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
10:21:16.0324 0x0d80 C:\Windows\System32\normaliz.dll - ok
10:21:16.0355 0x0d80 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
10:21:16.0355 0x0d80 C:\Windows\System32\drivers\ksthunk.sys - ok
10:21:16.0371 0x0d80 [ D2A513EE880D71BDE7F0257F38B9D019, 7BDBFEA312061C0498E4C09EF5E4B3AAA23309E7448028F67EAA6F8F7188E871 ] C:\Windows\System32\kernel32.dll
10:21:16.0371 0x0d80 C:\Windows\System32\kernel32.dll - ok
10:21:16.0386 0x0d80 [ F947D57534E01E3CA597BCF2AD8AE65B, 498A87443CE3344F82B19D4903F128337B5B3DA49D3C208F796394DA6B3A8946 ] C:\Windows\System32\rpcrt4.dll
10:21:16.0386 0x0d80 C:\Windows\System32\rpcrt4.dll - ok
10:21:16.0402 0x0d80 [ 860528C9E50AB84935843B23A80E665E, 1BBC4FC384A2C9B2E30DC8D84C435A6A8E1993F074CDBF0A6A3AC774A3E62AD4 ] C:\Windows\System32\gdi32.dll
10:21:16.0402 0x0d80 C:\Windows\System32\gdi32.dll - ok
10:21:16.0418 0x0d80 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
10:21:16.0418 0x0d80 C:\Windows\System32\user32.dll - ok
10:21:16.0433 0x0d80 [ B4F29F65AD3114051F01E9403346047F, 7EB58545211C51E95B3F45C47C1F7CCE05B707D168E7C20F46D36E19EE3D8DFC ] C:\Windows\System32\imagehlp.dll
10:21:16.0433 0x0d80 C:\Windows\System32\imagehlp.dll - ok
10:21:16.0449 0x0d80 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
10:21:16.0449 0x0d80 C:\Windows\System32\psapi.dll - ok
10:21:16.0464 0x0d80 [ 501A38B72FA264605123B4FACF53F057, 7D10DE88B97D7BCAE84ADAF4B60304469F60C9DE1CB578095DBA1B4DEC26E45B ] C:\Windows\System32\urlmon.dll
10:21:16.0464 0x0d80 C:\Windows\System32\urlmon.dll - ok
10:21:16.0480 0x0d80 [ F351B0E520502552734BE70AA5940784, BFB7F7104430DCD404329FD5D551C9DC90A6D51E8141C662E11FAEB6EBD1F853 ] C:\Windows\System32\lpk.dll
10:21:16.0480 0x0d80 C:\Windows\System32\lpk.dll - ok
10:21:16.0496 0x0d80 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
10:21:16.0496 0x0d80 C:\Windows\System32\shlwapi.dll - ok
10:21:16.0511 0x0d80 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll
10:21:16.0511 0x0d80 C:\Windows\System32\comctl32.dll - ok
10:21:16.0527 0x0d80 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll
10:21:16.0527 0x0d80 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
10:21:16.0542 0x0d80 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
10:21:16.0542 0x0d80 C:\Windows\System32\devobj.dll - ok
10:21:16.0574 0x0d80 [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll
10:21:16.0574 0x0d80 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
10:21:16.0589 0x0d80 [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll
10:21:16.0589 0x0d80 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok
10:21:16.0605 0x0d80 [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll
10:21:16.0605 0x0d80 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok
10:21:16.0620 0x0d80 [ 3FECBED0EACABD22E024EF4E50CF987B, 9E2F4DA1F96C3D02D1125E4A695478CEF53C7327C997D12038FEDB3141721643 ] C:\Windows\System32\crypt32.dll
10:21:16.0620 0x0d80 C:\Windows\System32\crypt32.dll - ok
10:21:16.0636 0x0d80 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
10:21:16.0636 0x0d80 C:\Windows\System32\cfgmgr32.dll - ok
10:21:16.0652 0x0d80 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
10:21:16.0652 0x0d80 C:\Windows\System32\userenv.dll - ok
10:21:16.0667 0x0d80 [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll
10:21:16.0667 0x0d80 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
10:21:16.0683 0x0d80 [ 577D0B947B49DB83E2054FA169B2ECBF, 339187FE8E03C877AF4E26C9581121D70624F47CABC601E331365846A68CF1E5 ] C:\Windows\System32\wintrust.dll
10:21:16.0683 0x0d80 C:\Windows\System32\wintrust.dll - ok
10:21:16.0698 0x0d80 [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll
10:21:16.0698 0x0d80 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
10:21:16.0714 0x0d80 [ 851BB346CD59D9B3BC8854384C7DD5C3, 0CA1BCBDA6CB8CAC1186B3BE13C3937EDF46264FDFFCEBDF94C7EB10DE957DC6 ] C:\Windows\System32\KernelBase.dll
10:21:16.0714 0x0d80 C:\Windows\System32\KernelBase.dll - ok
10:21:16.0730 0x0d80 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
10:21:16.0730 0x0d80 C:\Windows\System32\profapi.dll - ok
10:21:16.0761 0x0d80 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
10:21:16.0761 0x0d80 C:\Windows\System32\msasn1.dll - ok
10:21:16.0776 0x0d80 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
10:21:16.0776 0x0d80 C:\Windows\SysWOW64\normaliz.dll - ok
10:21:16.0792 0x0d80 [ FFA06EF43987ED0DD42AD59B260C0C78, 260518D5E077E55E0F2099037DBEFA93016FD4D4655456DDB3147AF9CBE7BF6B ] C:\Windows\System32\drivers\usbd.sys
10:21:16.0792 0x0d80 C:\Windows\System32\drivers\usbd.sys - ok
10:21:16.0808 0x0d80 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] C:\Windows\System32\drivers\USBSTOR.SYS
10:21:16.0808 0x0d80 C:\Windows\System32\drivers\USBSTOR.SYS - ok
10:21:16.0823 0x0d80 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
10:21:16.0823 0x0d80 C:\Windows\System32\drivers\dxapi.sys - ok
10:21:16.0839 0x0d80 [ A0DEE06D68F210CA090FD4D9A33CDC12, B80284833D862E47D45951E5608FCDEEC872D4FAB606C8DA903ECEED431AEE69 ] C:\Windows\System32\win32k.sys
10:21:16.0839 0x0d80 C:\Windows\System32\win32k.sys - ok
10:21:16.0854 0x0d80 [ DCA68B0943D6FA415F0C56C92158A83A, BEE5A5B33B22D1DF50B884D46D89FC3B8286EB16E38AD5A20F0A49E5C6766C57 ] C:\Windows\System32\drivers\usbccgp.sys
10:21:16.0854 0x0d80 C:\Windows\System32\drivers\usbccgp.sys - ok
10:21:16.0870 0x0d80 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
10:21:16.0870 0x0d80 C:\Windows\System32\csrss.exe - ok
10:21:16.0886 0x0d80 [ BE7DA70C9F4A97CCA9ED78B70BCFC9AC, C3ED45EB81ABED88B55A62307BC635B8240F722203F722B4F026A4001DE89F06 ] C:\Windows\System32\csrsrv.dll
10:21:16.0886 0x0d80 C:\Windows\System32\csrsrv.dll - ok
10:21:16.0901 0x0d80 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
10:21:16.0901 0x0d80 C:\Windows\System32\basesrv.dll - ok
10:21:16.0917 0x0d80 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll
10:21:16.0917 0x0d80 C:\Windows\System32\winsrv.dll - ok
10:21:16.0932 0x0d80 [ 1F775DA4CF1A3A1834207E975A72E9D7, 6D3DE5BD3EF3A76E997E5BAF900C51D25308F5A9682D1F62017F577A24095B90 ] C:\Windows\System32\drivers\usbvideo.sys
10:21:16.0932 0x0d80 C:\Windows\System32\drivers\usbvideo.sys - ok
10:21:16.0948 0x0d80 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] C:\Windows\System32\drivers\PGEffect.sys
10:21:16.0948 0x0d80 C:\Windows\System32\drivers\PGEffect.sys - ok
10:21:16.0964 0x0d80 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
10:21:16.0964 0x0d80 C:\Windows\System32\drivers\monitor.sys - ok
10:21:16.0979 0x0d80 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
10:21:16.0979 0x0d80 C:\Windows\System32\tsddd.dll - ok
10:21:16.0995 0x0d80 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
10:21:16.0995 0x0d80 C:\Windows\System32\sxssrv.dll - ok
10:21:17.0010 0x0d80 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
10:21:17.0010 0x0d80 C:\Windows\System32\wininit.exe - ok
10:21:17.0026 0x0d80 [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll
10:21:17.0026 0x0d80 C:\Windows\System32\cdd.dll - ok
10:21:17.0042 0x0d80 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
10:21:17.0042 0x0d80 C:\Windows\System32\RpcRtRemote.dll - ok
10:21:17.0073 0x0d80 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
10:21:17.0073 0x0d80 C:\Windows\System32\KBDUS.DLL - ok
10:21:17.0088 0x0d80 [ 8CEBD9D0A0A879CDE9F36F4383B7CAEA, 7AA73B8E7D4D700C164D0410DCF84EA1CCCB0F7DD513E47A2EF0DAE5F16CAE45 ] C:\Windows\System32\winlogon.exe
10:21:17.0088 0x0d80 C:\Windows\System32\winlogon.exe - ok
10:21:17.0104 0x0d80 [ C23B6D9D16FD86F446BE607CA18389D9, 331FA37B5A059FE85C5D1368A42293A7BAE2581F3F1F15B48364644136066C14 ] C:\Windows\System32\winsta.dll
10:21:17.0104 0x0d80 C:\Windows\System32\winsta.dll - ok
10:21:17.0120 0x0d80 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
10:21:17.0120 0x0d80 C:\Windows\System32\WlS0WndH.dll - ok
10:21:17.0135 0x0d80 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
10:21:17.0135 0x0d80 C:\Windows\System32\sxs.dll - ok
10:21:17.0151 0x0d80 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
10:21:17.0151 0x0d80 C:\Windows\System32\cryptbase.dll - ok
10:21:17.0166 0x0d80 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
10:21:17.0166 0x0d80 C:\Windows\System32\apphelp.dll - ok
10:21:17.0182 0x0d80 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
10:21:17.0182 0x0d80 C:\Windows\System32\services.exe - ok
10:21:17.0198 0x0d80 [ B6C7729936AAF8E0697F0A7DCA82CED8, 9706E5234364488DD18527AAC82760E5ECB6EC9EBFDD4D04D2708D3C9C576FE6 ] C:\Windows\System32\lsass.exe
10:21:17.0198 0x0d80 C:\Windows\System32\lsass.exe - ok
10:21:17.0213 0x0d80 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
10:21:17.0213 0x0d80 C:\Windows\System32\lsm.exe - ok
10:21:17.0229 0x0d80 [ DB2904A4CEBC39DF8892A613BEC71512, C6B292DBD13D3DC47C166262F32FF23CC93B14141CC2B5CF91DF0688F7339FA1 ] C:\Windows\System32\lsasrv.dll
10:21:17.0229 0x0d80 C:\Windows\System32\lsasrv.dll - ok
10:21:17.0244 0x0d80 [ 54CD467B3A6DA02E9449DB7FB1830612, 3745740CC2774810AA3D892E8A89AE5E39BD2BA4FE16E4AFEE7C13A8037C5E1D ] C:\Windows\System32\sspisrv.dll
10:21:17.0244 0x0d80 C:\Windows\System32\sspisrv.dll - ok
10:21:17.0260 0x0d80 [ 7BC39275661EA7DEE54135AA26DF733E, 233E9AE18096687CA4AB259CE755F4B6DF374B9CB85D7E3DD56D0D478F2A07AC ] C:\Windows\System32\sspicli.dll
10:21:17.0260 0x0d80 C:\Windows\System32\sspicli.dll - ok
10:21:17.0276 0x0d80 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
10:21:17.0276 0x0d80 C:\Windows\System32\sysntfy.dll - ok
10:21:17.0291 0x0d80 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
10:21:17.0291 0x0d80 C:\Windows\System32\wmsgapi.dll - ok
10:21:17.0307 0x0d80 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
10:21:17.0307 0x0d80 C:\Windows\System32\scext.dll - ok
10:21:17.0322 0x0d80 [ 473BCBFFC55C9FE33D502035322E759D, FCA66D52B57334C097DB31AE786D984B20FF1833BC57B570010528778EF2FB71 ] C:\Windows\System32\secur32.dll
10:21:17.0322 0x0d80 C:\Windows\System32\secur32.dll - ok
10:21:17.0338 0x0d80 [ FE72C89986E1BA32AD926A820491F23F, 610A51FB6934A33EA15B1C00EB77B39A21B877BE30D424280DFAC47F3BF3365B ] C:\Windows\System32\scesrv.dll
10:21:17.0338 0x0d80 C:\Windows\System32\scesrv.dll - ok
10:21:17.0369 0x0d80 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
10:21:17.0369 0x0d80 C:\Windows\System32\samsrv.dll - ok
10:21:17.0385 0x0d80 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
10:21:17.0385 0x0d80 C:\Windows\System32\srvcli.dll - ok
10:21:17.0400 0x0d80 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
10:21:17.0400 0x0d80 C:\Windows\System32\cryptdll.dll - ok
10:21:17.0416 0x0d80 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
10:21:17.0416 0x0d80 C:\Windows\System32\wevtapi.dll - ok
10:21:17.0432 0x0d80 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
10:21:17.0432 0x0d80 C:\Windows\System32\authz.dll - ok
10:21:17.0447 0x0d80 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
10:21:17.0447 0x0d80 C:\Windows\System32\cngaudit.dll - ok
10:21:17.0463 0x0d80 [ 28CC69865D5DC458EDDCEA35F01D71DA, 05B26069A48333789EDCB74F1F920A207E42E36BB64E1212E082C0BDAB593CFF ] C:\Windows\System32\ncrypt.dll
10:21:17.0463 0x0d80 C:\Windows\System32\ncrypt.dll - ok
10:21:17.0478 0x0d80 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
10:21:17.0478 0x0d80 C:\Windows\System32\bcrypt.dll - ok
10:21:17.0494 0x0d80 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
10:21:17.0494 0x0d80 C:\Windows\System32\msprivs.dll - ok
10:21:17.0510 0x0d80 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
10:21:17.0510 0x0d80 C:\Windows\System32\netjoin.dll - ok
10:21:17.0525 0x0d80 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
10:21:17.0525 0x0d80 C:\Windows\System32\negoexts.dll - ok
10:21:17.0541 0x0d80 [ 1DB278E5834B08F9A184F953F2D31FF7, F20D02FB05E08D47F4175F683331ADA0490EBF9BBEE1425C4129E70AFCD3AC5D ] C:\Windows\System32\kerberos.dll
10:21:17.0541 0x0d80 C:\Windows\System32\kerberos.dll - ok
10:21:17.0556 0x0d80 [ 94BC902494AFC9F5EBC5FBB61445D73F, 3CDC171E39A480120F3CAF6EE85569B226DBAD17EB52940D3EBBE1084B551ED2 ] C:\Windows\System32\cryptsp.dll
10:21:17.0556 0x0d80 C:\Windows\System32\cryptsp.dll - ok
10:21:17.0572 0x0d80 [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll
10:21:17.0572 0x0d80 C:\Windows\System32\mswsock.dll - ok
10:21:17.0588 0x0d80 [ 6536829F6EA1149527728A210F493B79, 722460EBC7ABD4CAD4FC1C5AAE724A0DABCBA1A052BD33AE0D61F6EDB417C83B ] C:\Windows\System32\msv1_0.dll
10:21:17.0588 0x0d80 C:\Windows\System32\msv1_0.dll - ok
10:21:17.0603 0x0d80 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
10:21:17.0603 0x0d80 C:\Windows\System32\wship6.dll - ok
10:21:17.0619 0x0d80 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
10:21:17.0619 0x0d80 C:\Windows\System32\netlogon.dll - ok
10:21:17.0634 0x0d80 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
10:21:17.0634 0x0d80 C:\Windows\System32\dnsapi.dll - ok
10:21:17.0650 0x0d80 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
10:21:17.0650 0x0d80 C:\Windows\System32\logoncli.dll - ok
10:21:17.0666 0x0d80 [ 3807605BDA83C0DA729A5219CEBB9041, 9CE898363AC7F6D2C74C61193C8AC033AC27B516488572A6B580AA9EA7CA8511 ] C:\Windows\System32\schannel.dll
10:21:17.0666 0x0d80 C:\Windows\System32\schannel.dll - ok
10:21:17.0681 0x0d80 [ 9B644AC070576AAE701910874C241DBD, C16C566C491ED1AB1CFB4F08A129C2A5A973115062D8C6EC2529B55EC18E89C9 ] C:\Windows\System32\wdigest.dll
10:21:17.0681 0x0d80 C:\Windows\System32\wdigest.dll - ok
10:21:17.0697 0x0d80 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
10:21:17.0697 0x0d80 C:\Windows\System32\rsaenh.dll - ok
10:21:17.0728 0x0d80 [ E1404987DCD392AF9D67F6A26CE21175, B5257F1355E0D383C7D698BD770CC905EEE15B5C4870EBC3DBC7BDB85AAD0833 ] C:\Windows\System32\TSpkg.dll
10:21:17.0728 0x0d80 C:\Windows\System32\TSpkg.dll - ok
10:21:17.0744 0x0d80 [ 1306E6A1BF4D506CD687DF9F947270F2, 3ED566F618D90BCCB3C76BA976911536FFC5631F7A6A91BF322628F8AAE498B4 ] C:\Windows\System32\pku2u.dll
10:21:17.0744 0x0d80 C:\Windows\System32\pku2u.dll - ok
10:21:17.0744 0x0d80 [ 55C892560C1B42BC57FB61AEFCED2F22, 9A15D6559B4FD2FE3A5C5CE13F3C1AD01D9576F6023BDBD12336A1654D33EC63 ] C:\Windows\System32\LIVESSP.DLL
10:21:17.0744 0x0d80 C:\Windows\System32\LIVESSP.DLL - ok
10:21:17.0759 0x0d80 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
10:21:17.0759 0x0d80 C:\Windows\System32\bcryptprimitives.dll - ok
10:21:17.0775 0x0d80 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
10:21:17.0775 0x0d80 C:\Windows\System32\efslsaext.dll - ok
10:21:17.0806 0x0d80 [ 92F920EE9EAF7306B4AB8124D474AB52, 1FEF727158730E3AC378071EDF3B1E6EDD7B305A60CA66FD241B08D967B0A194 ] C:\Windows\System32\credssp.dll
10:21:17.0806 0x0d80 C:\Windows\System32\credssp.dll - ok
10:21:17.0822 0x0d80 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
10:21:17.0822 0x0d80 C:\Windows\System32\scecli.dll - ok
10:21:17.0837 0x0d80 [ 1FB81632476857E8451DDA8A456EF3CE, 29D672F0D642D601FD0AC0BB406423AE71039556A882122BBEE3F4F6F61F3C89 ] C:\Windows\System32\ubpm.dll
10:21:17.0837 0x0d80 C:\Windows\System32\ubpm.dll - ok
10:21:17.0853 0x0d80 [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe
10:21:17.0853 0x0d80 C:\Windows\System32\svchost.exe - ok
10:21:17.0868 0x0d80 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
10:21:17.0868 0x0d80 C:\Windows\System32\umpnpmgr.dll - ok
10:21:17.0884 0x0d80 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
10:21:17.0884 0x0d80 C:\Windows\System32\SPInf.dll - ok
10:21:17.0900 0x0d80 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
10:21:17.0900 0x0d80 C:\Windows\System32\devrtl.dll - ok
10:21:17.0915 0x0d80 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
10:21:17.0915 0x0d80 C:\Windows\System32\gpapi.dll - ok
10:21:17.0931 0x0d80 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
10:21:17.0931 0x0d80 C:\Windows\System32\umpo.dll - ok
10:21:17.0946 0x0d80 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
10:21:17.0946 0x0d80 C:\Windows\System32\pcwum.dll - ok
10:21:17.0962 0x0d80 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
10:21:17.0962 0x0d80 C:\Windows\System32\powrprof.dll - ok
10:21:17.0978 0x0d80 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
10:21:17.0978 0x0d80 C:\Windows\System32\drivers\luafv.sys - ok
10:21:17.0993 0x0d80 [ 245D3A0670491E1F88759EC45C9F7314, 1FFBDDDC6FCD29770B439933EEB8BE1ABA9149193932B2481720E8E9F265A797 ] C:\Windows\System32\drivers\aswMonFlt.sys
10:21:17.0993 0x0d80 C:\Windows\System32\drivers\aswMonFlt.sys - ok
10:21:18.0009 0x0d80 [ 2575511AF67AA1FA068CCC4918E2C2A3, 3152FF5AC2CF6FE966DA59B1B33E22F9BD9B6BB4310441870528364BA9501A4D ] C:\Windows\System32\drivers\Sftvollh.sys
10:21:18.0009 0x0d80 C:\Windows\System32\drivers\Sftvollh.sys - ok
10:21:18.0024 0x0d80 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
10:21:18.0024 0x0d80 C:\Windows\System32\rpcss.dll - ok
10:21:18.0040 0x0d80 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
10:21:18.0040 0x0d80 C:\Windows\System32\RpcEpMap.dll - ok
10:21:18.0056 0x0d80 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
10:21:18.0056 0x0d80 C:\Windows\System32\WSHTCPIP.DLL - ok
10:21:18.0087 0x0d80 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
10:21:18.0087 0x0d80 C:\Windows\System32\wshqos.dll - ok
10:21:18.0102 0x0d80 [ A8B81D750556FB9A9266EC65BFAB63AF, B407B26449C102D8379D4E55110DB468F06FB3F8439637A79B1B95208E7A2C10 ] C:\Windows\System32\atiesrxx.exe
10:21:18.0102 0x0d80 C:\Windows\System32\atiesrxx.exe - ok
10:21:18.0118 0x0d80 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
10:21:18.0118 0x0d80 C:\Windows\System32\FirewallAPI.dll - ok
10:21:18.0134 0x0d80 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
10:21:18.0134 0x0d80 C:\Windows\System32\wtsapi32.dll - ok
10:21:18.0149 0x0d80 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
10:21:18.0149 0x0d80 C:\Windows\System32\version.dll - ok
10:21:18.0165 0x0d80 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
10:21:18.0165 0x0d80 C:\Windows\System32\LogonUI.exe - ok
10:21:18.0180 0x0d80 [ 5DFFC12BF7DB53BDB401804A3C3A475E, DEACB4BFF904AD77389A8326BFCF12A490E1A7A10B68049D253552F1FC630FA3 ] C:\Windows\System32\authui.dll
10:21:18.0180 0x0d80 C:\Windows\System32\authui.dll - ok
10:21:18.0196 0x0d80 [ 410F6B1BE785F3630B4782F8E3D85A24, 8DBCBC1A4EA684A973E259873589304485F95FCD7B04F345BE77AD107426B11E ] C:\Windows\System32\cryptui.dll
10:21:18.0196 0x0d80 C:\Windows\System32\cryptui.dll - ok
10:21:18.0212 0x0d80 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
10:21:18.0212 0x0d80 C:\Windows\System32\wevtsvc.dll - ok
10:21:18.0227 0x0d80 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
10:21:18.0227 0x0d80 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
10:21:18.0243 0x0d80 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
10:21:18.0243 0x0d80 C:\Windows\System32\shacct.dll - ok
10:21:18.0258 0x0d80 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
10:21:18.0258 0x0d80 C:\Windows\System32\samlib.dll - ok
10:21:18.0274 0x0d80 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
10:21:18.0274 0x0d80 C:\Windows\System32\netprofm.dll - ok
10:21:18.0290 0x0d80 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
10:21:18.0290 0x0d80 C:\Windows\System32\propsys.dll - ok
10:21:18.0305 0x0d80 [ 65CF54B1D8CB1B085B6D8BC210E2C45F, C88CA7E5CED719428A98C012D6FFABC944B1E99181961951C5904D397FB2934D ] C:\Windows\System32\adtschema.dll
10:21:18.0305 0x0d80 C:\Windows\System32\adtschema.dll - ok
10:21:18.0321 0x0d80 [ 6968D02DC38757C3FBE7ED7C2F9670AA, C8B3115DDB32EFBE8C56C5AA78EEA05BBB77DF3F75CC2A04532EB32327E4735A ] C:\Windows\System32\audiosrv.dll
10:21:18.0321 0x0d80 C:\Windows\System32\audiosrv.dll - ok
10:21:18.0336 0x0d80 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
10:21:18.0336 0x0d80 C:\Windows\System32\uxtheme.dll - ok
10:21:18.0352 0x0d80 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll
10:21:18.0352 0x0d80 C:\Windows\System32\FntCache.dll - ok
10:21:18.0368 0x0d80 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
10:21:18.0368 0x0d80 C:\Windows\System32\mmcss.dll - ok
10:21:18.0383 0x0d80 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
10:21:18.0383 0x0d80 C:\Windows\System32\avrt.dll - ok
10:21:18.0399 0x0d80 [ A9A87481B1A6589898C1DAB37C03E4AB, 803DB46E9FEE4E45B63A13A8CE3E589D7498532B8A7D8C3424E210E6A9AAC61F ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll
10:21:18.0399 0x0d80 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_2b283fd671e9bf4d\GdiPlus.dll - ok
10:21:18.0414 0x0d80 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
10:21:18.0414 0x0d80 C:\Windows\System32\MMDevAPI.dll - ok
10:21:18.0430 0x0d80 [ B6A58491307B4CADA572583D863DC602, 5C44936605E52C9533E4CE22F18FAB8211475877F71EFD88DA4D02FD608C90A3 ] C:\Windows\System32\profsvc.dll
10:21:18.0430 0x0d80 C:\Windows\System32\profsvc.dll - ok
10:21:18.0446 0x0d80 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
10:21:18.0446 0x0d80 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
10:21:18.0477 0x0d80 [ B1DF2D87DC8BF6072699AC8301B37796, D5A6FD1EDB627324DFA1A0555F1777A3313EF29DDE29982C3CE59DAF1ED0D105 ] C:\Windows\System32\WUDFPlatform.dll
10:21:18.0477 0x0d80 C:\Windows\System32\WUDFPlatform.dll - ok
10:21:18.0492 0x0d80 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
10:21:18.0492 0x0d80 C:\Windows\System32\wlansvc.dll - ok
10:21:18.0508 0x0d80 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
10:21:18.0508 0x0d80 C:\Windows\System32\dui70.dll - ok
10:21:18.0524 0x0d80 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
10:21:18.0524 0x0d80 C:\Windows\System32\drivers\fltMgr.sys - ok
10:21:18.0539 0x0d80 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
10:21:18.0539 0x0d80 C:\Windows\System32\PSHED.DLL - ok
10:21:18.0539 0x0d80 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
10:21:18.0539 0x0d80 C:\Windows\System32\duser.dll - ok
10:21:18.0555 0x0d80 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
10:21:18.0555 0x0d80 C:\Windows\System32\MPSSVC.dll - ok
10:21:18.0586 0x0d80 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
10:21:18.0586 0x0d80 C:\Windows\System32\SndVolSSO.dll - ok
10:21:18.0602 0x0d80 [ 6E974F1C384615DEB0710E44F4847351, C4480AAB7DF230D4AD4277DC6312069E75E44BCCDADBE313551DA17581CBD17F ] C:\Windows\System32\audiodg.exe
10:21:18.0602 0x0d80 C:\Windows\System32\audiodg.exe - ok
10:21:18.0617 0x0d80 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
10:21:18.0617 0x0d80 C:\Windows\System32\hid.dll - ok
10:21:18.0633 0x0d80 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
10:21:18.0633 0x0d80 C:\Windows\System32\dwmapi.dll - ok
10:21:18.0648 0x0d80 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
10:21:18.0648 0x0d80 C:\Windows\System32\xmllite.dll - ok
10:21:18.0664 0x0d80 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
10:21:18.0664 0x0d80 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
10:21:18.0680 0x0d80 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
10:21:18.0680 0x0d80 C:\Windows\System32\ntmarta.dll - ok
10:21:18.0695 0x0d80 [ 0A4D03A4C0F908B15B8A4C48FB18F197, C84534817005245E6AC225D2197761D25D3117F3A9FAA841BD7B4B51AC4740DA ] C:\Windows\System32\WindowsCodecs.dll
10:21:18.0695 0x0d80 C:\Windows\System32\WindowsCodecs.dll - ok
10:21:18.0711 0x0d80 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
10:21:18.0711 0x0d80 C:\Windows\System32\gpsvc.dll - ok
10:21:18.0726 0x0d80 [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll
10:21:18.0726 0x0d80 C:\Windows\System32\nlaapi.dll - ok
10:21:18.0758 0x0d80 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
10:21:18.0758 0x0d80 C:\Windows\System32\atl.dll - ok
10:21:18.0773 0x0d80 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
10:21:18.0773 0x0d80 C:\Windows\System32\themeservice.dll - ok
10:21:18.0789 0x0d80 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
10:21:18.0789 0x0d80 C:\Windows\System32\es.dll - ok
10:21:18.0804 0x0d80 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
10:21:18.0804 0x0d80 C:\Windows\System32\dsrole.dll - ok
10:21:18.0820 0x0d80 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
10:21:18.0820 0x0d80 C:\Windows\System32\slc.dll - ok
10:21:18.0836 0x0d80 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
10:21:18.0836 0x0d80 C:\Windows\System32\winbrand.dll - ok
10:21:18.0851 0x0d80 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
10:21:18.0851 0x0d80 C:\Windows\System32\VaultCredProvider.dll - ok
10:21:18.0867 0x0d80 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
10:21:18.0867 0x0d80 C:\Windows\System32\comres.dll - ok
10:21:18.0882 0x0d80 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
10:21:18.0882 0x0d80 C:\Windows\System32\Sens.dll - ok
10:21:18.0898 0x0d80 [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll
10:21:18.0898 0x0d80 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
10:21:18.0914 0x0d80 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
10:21:18.0914 0x0d80 C:\Windows\System32\uxsms.dll - ok
10:21:18.0929 0x0d80 [ 8CDA894FA86D03FB43063D5FD85EFCAE, 20D110ACC84300514557AB6E565CFA0101DA749559B52877A41A509E79314AF6 ] C:\Windows\System32\drivers\aswStm.sys
10:21:18.0929 0x0d80 C:\Windows\System32\drivers\aswStm.sys - ok
10:21:18.0945 0x0d80 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
10:21:18.0945 0x0d80 C:\Windows\System32\BioCredProv.dll - ok
10:21:18.0960 0x0d80 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
10:21:18.0960 0x0d80 C:\Windows\System32\drivers\lltdio.sys - ok
10:21:18.0976 0x0d80 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
10:21:18.0976 0x0d80 C:\Windows\System32\drivers\nwifi.sys - ok
10:21:18.0992 0x0d80 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
10:21:18.0992 0x0d80 C:\Windows\System32\drivers\ndisuio.sys - ok
10:21:19.0007 0x0d80 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
10:21:19.0007 0x0d80 C:\Windows\System32\winbio.dll - ok
10:21:19.0023 0x0d80 [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll
10:21:19.0023 0x0d80 C:\Windows\System32\credui.dll - ok
10:21:19.0038 0x0d80 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
10:21:19.0038 0x0d80 C:\Windows\System32\drivers\rspndr.sys - ok
10:21:19.0054 0x0d80 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
10:21:19.0054 0x0d80 C:\Windows\System32\lmhsvc.dll - ok
10:21:19.0070 0x0d80 [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll
10:21:19.0070 0x0d80 C:\Windows\System32\netapi32.dll - ok
10:21:19.0085 0x0d80 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
10:21:19.0085 0x0d80 C:\Windows\System32\nsisvc.dll - ok
10:21:19.0101 0x0d80 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
10:21:19.0101 0x0d80 C:\Windows\System32\vaultcli.dll - ok
10:21:19.0116 0x0d80 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
10:21:19.0116 0x0d80 C:\Windows\System32\IPHLPAPI.DLL - ok
10:21:19.0132 0x0d80 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
10:21:19.0132 0x0d80 C:\Windows\System32\netutils.dll - ok
10:21:19.0148 0x0d80 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
10:21:19.0148 0x0d80 C:\Windows\System32\nrpsrv.dll - ok
10:21:19.0163 0x0d80 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
10:21:19.0163 0x0d80 C:\Windows\System32\samcli.dll - ok
10:21:19.0179 0x0d80 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
10:21:19.0179 0x0d80 C:\Windows\System32\winnsi.dll - ok
10:21:19.0194 0x0d80 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
10:21:19.0194 0x0d80 C:\Windows\System32\wkscli.dll - ok
10:21:19.0226 0x0d80 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
10:21:19.0226 0x0d80 C:\Windows\System32\dhcpcore.dll - ok
10:21:19.0241 0x0d80 [ A5FE3B758D54C108664B1BBFA07833A3, 0B7FF264AEA21ADE795A3B2555951FB0D1994BD7DA7B6970482FFB58CEF4BE56 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll
10:21:19.0241 0x0d80 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCP.dll - ok
10:21:19.0257 0x0d80 [ 84D6ECEAEA78C64EF280F62CBA9BCA09, 427F97E50ACB36F81ACF8D81FB74B8049DFA5ADAC6640B36CE28AD220B2E8675 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll
10:21:19.0257 0x0d80 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVHelper.dll - ok
10:21:19.0272 0x0d80 [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll
10:21:19.0272 0x0d80 C:\Windows\System32\dhcpcore6.dll - ok
10:21:19.0288 0x0d80 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
10:21:19.0288 0x0d80 C:\Windows\System32\dnsrslvr.dll - ok
10:21:19.0304 0x0d80 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
10:21:19.0304 0x0d80 C:\Windows\System32\keyiso.dll - ok
10:21:19.0319 0x0d80 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
10:21:19.0319 0x0d80 C:\Windows\System32\eapsvc.dll - ok
10:21:19.0335 0x0d80 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7, 10860A572AF26ABFBDC035BCC5205F1EE1D53C7DBF66CA99D9C97D2003BC58D2 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
10:21:19.0335 0x0d80 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
10:21:19.0350 0x0d80 [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL
10:21:19.0350 0x0d80 C:\Windows\System32\FWPUCLNT.DLL - ok
10:21:19.0366 0x0d80 [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
10:21:19.0366 0x0d80 C:\Windows\System32\eapphost.dll - ok
10:21:19.0382 0x0d80 [ 06A754FE28A06F780A099703CFCAAA22, FCADF16C88EEC651258149616202CC29D649FE8CBBBA481BEA9A67C2ED82844B ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
10:21:19.0382 0x0d80 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
10:21:19.0397 0x0d80 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
10:21:19.0397 0x0d80 C:\Windows\System32\dnsext.dll - ok
10:21:19.0413 0x0d80 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
10:21:19.0413 0x0d80 C:\Windows\System32\umb.dll - ok
10:21:19.0428 0x0d80 [ 9AE75388EE2C110216B8319584E8AC34, 6F5E79903FF4B6A17E42949E4D09CE25DB944062317CAA5346FC9F39CBAE575F ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll
10:21:19.0428 0x0d80 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVCtrl.dll - ok
10:21:19.0444 0x0d80 [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
10:21:19.0444 0x0d80 C:\Windows\System32\wlanmsm.dll - ok
10:21:19.0460 0x0d80 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
10:21:19.0460 0x0d80 C:\Windows\System32\dhcpcsvc.dll - ok
10:21:19.0475 0x0d80 [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll
10:21:19.0475 0x0d80 C:\Windows\System32\dhcpcsvc6.dll - ok
10:21:19.0491 0x0d80 [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
10:21:19.0491 0x0d80 C:\Windows\System32\wlansec.dll - ok
10:21:19.0522 0x0d80 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
10:21:19.0522 0x0d80 C:\Windows\System32\onex.dll - ok
10:21:19.0538 0x0d80 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
10:21:19.0538 0x0d80 C:\Windows\System32\eappprxy.dll - ok
10:21:19.0553 0x0d80 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
10:21:19.0553 0x0d80 C:\Windows\System32\eappcfg.dll - ok
10:21:19.0569 0x0d80 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
10:21:19.0569 0x0d80 C:\Windows\System32\winmm.dll - ok
10:21:19.0584 0x0d80 [ 2A9238A326763122424E07EF320D5D3A, 8654CABFC1DCEA16C57BFD93C776E7EA33072F288B79CEE8FACECF69173EA4FE ] C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll
10:21:19.0584 0x0d80 C:\Program Files\TOSHIBA\SmartFaceV\FaceRec.dll - ok
10:21:19.0600 0x0d80 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
10:21:19.0600 0x0d80 C:\Windows\System32\wlgpclnt.dll - ok
10:21:19.0616 0x0d80 [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
10:21:19.0616 0x0d80 C:\Windows\System32\l2gpstore.dll - ok
10:21:19.0631 0x0d80 [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
10:21:19.0631 0x0d80 C:\Windows\System32\WinSCard.dll - ok
10:21:19.0647 0x0d80 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
10:21:19.0647 0x0d80 C:\Windows\System32\wlanutil.dll - ok
10:21:19.0662 0x0d80 [ 0E3A7EC2B9590EA7767BBB1823630DEA, 6858B7050465DB8505CF9E932868B123B925376C05363EA5A9198B2AE15CF728 ] C:\Windows\System32\msxml6.dll
10:21:19.0662 0x0d80 C:\Windows\System32\msxml6.dll - ok
10:21:19.0678 0x0d80 [ 91175B7E997CFAC64F271A15B4217BC7, 64F01CFD0FB239407D8D59AAA529E8AC4CAC59472A6D924C0F7DF41DED53A5B1 ] C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll
10:21:19.0678 0x0d80 C:\Program Files\TOSHIBA\SmartFaceV\FaceHI.dll - ok
10:21:19.0694 0x0d80 [ 35714DC1ADD995681D890D4382C75721, C1D10F2D47D348DCEA363B676E35A363FE8FA0E24295C4AD90F7EA37826A822D ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
10:21:19.0694 0x0d80 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
10:21:19.0709 0x0d80 [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll
10:21:19.0709 0x0d80 C:\Windows\SysWOW64\ntdll.dll - ok
10:21:19.0725 0x0d80 [ 2A107B611C91CD256466C58C0D776E9D, 58EA4F6E0FE7EFB8D3024AE71EE16848C2A00BA5224C8054C80134F99D9A72AB ] C:\Windows\System32\wow64.dll
10:21:19.0725 0x0d80 C:\Windows\System32\wow64.dll - ok
10:21:19.0740 0x0d80 [ C79EBD253B2E6D32F63FAEF314371443, E586AF26068C978ED95B0778C095D987D18E2CCFC294076DBDE44B48326E805A ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll
10:21:19.0740 0x0d80 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVLogOn.dll - ok
10:21:19.0756 0x0d80 [ 7434E01FBCA3CB86539C39412A31D5E1, E40D5AEBB3A5D8F53C76E3FBF0C07B9C0227914C869F57622EA44A212383EE6D ] C:\Windows\System32\wow64win.dll
10:21:19.0756 0x0d80 C:\Windows\System32\wow64win.dll - ok
10:21:19.0787 0x0d80 [ 0F090A77E664CB0F70AB8D3B230B760C, A08EA0409B3BF88AB12792F721FA3A692BBE640DF2A06641E142843A7044EC5E ] C:\Windows\System32\wow64cpu.dll
10:21:19.0787 0x0d80 C:\Windows\System32\wow64cpu.dll - ok
10:21:19.0803 0x0d80 [ 76161B9D78A275F8F28DD67436013110, E4AE9648BDED9035D39DF20C3A6F453F67D49D7899038B21D88FFD4EFFCC4C08 ] C:\Windows\SysWOW64\kernel32.dll
10:21:19.0803 0x0d80 C:\Windows\SysWOW64\kernel32.dll - ok
10:21:19.0818 0x0d80 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
10:21:19.0818 0x0d80 C:\Windows\System32\certCredProvider.dll - ok
10:21:19.0834 0x0d80 [ 7097425051CE67B450EBF2B1390AE492, 45354BA04E383B65D13A073F63EA5EA185D8B0C1E208B6671ED8EBC64711D109 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
10:21:19.0834 0x0d80 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
10:21:19.0850 0x0d80 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
10:21:19.0850 0x0d80 C:\Windows\System32\rasplap.dll - ok
10:21:19.0865 0x0d80 [ 461B713DE7F353C6447B744F1A049930, 3551C57128DAFA009C9DB3EE0D798D94B269D1605F74897566D7E79E5FDD437B ] C:\Windows\SysWOW64\KernelBase.dll
10:21:19.0865 0x0d80 C:\Windows\SysWOW64\KernelBase.dll - ok
10:21:19.0881 0x0d80 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
10:21:19.0881 0x0d80 C:\Windows\System32\rasapi32.dll - ok
10:21:19.0896 0x0d80 [ AF7F7DB95DD418AE8FD4A2207265FD21, 979C421EE55AE960F7BE071E1F418EE29E5E60BF4348AFF49588444FBF4FCFEC ] C:\Program Files\AVAST Software\Avast\log.dll
10:21:19.0896 0x0d80 C:\Program Files\AVAST Software\Avast\log.dll - ok
10:21:19.0912 0x0d80 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
10:21:19.0912 0x0d80 C:\Windows\System32\rasman.dll - ok
10:21:19.0928 0x0d80 [ 3E29914113EC4B968BA5EB1F6D194A0A, C8D5572CA8D7624871188F0ACABC3AE60D4C5A4F6782D952B9038DE3BC28B39A ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll
10:21:19.0928 0x0d80 C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcp110.dll - ok
10:21:19.0943 0x0d80 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
10:21:19.0943 0x0d80 C:\Windows\System32\rtutils.dll - ok
10:21:19.0959 0x0d80 [ 4BA25D2CBE1587A841DCFB8C8C4A6EA6, B30160E759115E24425B9BCDF606EF6EBCE4657487525EDE7F1AC40B90FF7E49 ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll
10:21:19.0959 0x0d80 C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\msvcr110.dll - ok
10:21:19.0974 0x0d80 [ D2BB44212B5C35C6F6246D588F468E7C, 4E7E04DADFBB03C67CDAE83A1D00A319E58009CCE44FF85A867AD1EB29A86D5B ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
10:21:19.0990 0x0d80 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
10:21:20.0006 0x0d80 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
10:21:20.0006 0x0d80 C:\Windows\System32\UXInit.dll - ok
10:21:20.0021 0x0d80 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
10:21:20.0021 0x0d80 C:\Windows\SysWOW64\user32.dll - ok
10:21:20.0037 0x0d80 [ 1DE82F4F43FB84887296A6769A4CF9A6, F38960EED4FC2A0BE6F72DD941DDE1018F67AD8AF6A2F42EE2FAC6AEB1A8CDFD ] C:\Windows\System32\atieclxx.exe
10:21:20.0037 0x0d80 C:\Windows\System32\atieclxx.exe - ok
10:21:20.0052 0x0d80 [ 980305AC3AF53C1964A11190451ABB32, D0FE0845F9FB51B1F556E3A1D327F30603033A1FAFC17DFA3D5047B93C7D4D82 ] C:\Windows\SysWOW64\gdi32.dll
10:21:20.0052 0x0d80 C:\Windows\SysWOW64\gdi32.dll - ok
10:21:20.0068 0x0d80 [ 01D9C9A70323BC7E5835B92442DD7EC2, 67D788F1F34A16483A8AD9A712A772D2A7B7687DEF899F87D48C013C4731B727 ] C:\Windows\SysWOW64\lpk.dll
10:21:20.0068 0x0d80 C:\Windows\SysWOW64\lpk.dll - ok
10:21:20.0084 0x0d80 [ A5F833506BF6A1B5D693E1499DEE2444, 045874B7D37F49216E37D551076FF440E29DB5196564E714207DF753DF7FDDEE ] C:\Windows\SysWOW64\usp10.dll
10:21:20.0084 0x0d80 C:\Windows\SysWOW64\usp10.dll - ok
10:21:20.0099 0x0d80 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
10:21:20.0099 0x0d80 C:\Windows\SysWOW64\msvcrt.dll - ok
10:21:20.0115 0x0d80 [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll
10:21:20.0115 0x0d80 C:\Windows\SysWOW64\advapi32.dll - ok
10:21:20.0130 0x0d80 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
10:21:20.0130 0x0d80 C:\Windows\SysWOW64\sechost.dll - ok
10:21:20.0146 0x0d80 [ D8BED6BA298DBAAF6F3D746739FCD333, 83A40845EC448943F4737B730F95860983919677D84922E44EED4BECDFA71A31 ] C:\Windows\SysWOW64\rpcrt4.dll
10:21:20.0146 0x0d80 C:\Windows\SysWOW64\rpcrt4.dll - ok
10:21:20.0162 0x0d80 [ 04934912B1317F2F8816208067A32B96, 026B28926F2968675E0B60A3BFF96238905EEE7CFEDCB3022FF5F2FA86E688CE ] C:\Windows\SysWOW64\sspicli.dll
10:21:20.0162 0x0d80 C:\Windows\SysWOW64\sspicli.dll - ok
10:21:20.0177 0x0d80 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
10:21:20.0177 0x0d80 C:\Windows\SysWOW64\cryptbase.dll - ok
10:21:20.0193 0x0d80 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
10:21:20.0193 0x0d80 C:\Windows\SysWOW64\ole32.dll - ok
10:21:20.0208 0x0d80 [ CC5A22C34B7633515979A0E0D3E66D98, 66C761FD49CFE4A4A5C2981AF85C31620828668528AE6A34AB22EF8B7DCCBA8B ] C:\Windows\System32\atiadlxx.dll
10:21:20.0208 0x0d80 C:\Windows\System32\atiadlxx.dll - ok
10:21:20.0224 0x0d80 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
10:21:20.0224 0x0d80 C:\Windows\System32\netcfgx.dll - ok
10:21:20.0240 0x0d80 [ 2F790E8EF4BE9ABDB024EAB76D87F490, 0C2F24277962F62AF5E5DEF8482FAED9B46D389FE11294784A42CCEAC9581373 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
10:21:20.0240 0x0d80 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
10:21:20.0255 0x0d80 [ 9738A18F587E2969C8EF4AD90D429941, 8E018DAB8BB2DD97D09564B525B1BC4ED677310A608FFE45B43E1D71BF1C67B7 ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
10:21:20.0255 0x0d80 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
10:21:20.0286 0x0d80 [ 340EECB781E6C06A6171B3068DA208AD, C3368488DFA5AAC05CAF9D636430111A0DDFB3EBFE6D69F10366F1C22890A99B ] C:\Windows\SysWOW64\shell32.dll
10:21:20.0286 0x0d80 C:\Windows\SysWOW64\shell32.dll - ok
10:21:20.0302 0x0d80 [ 6A638FC4BFDDC4D9B186C28C91BD1A01, 5521F1DC515586777EC4837E0AEAA3E613CC178AF1074031C4D0D0C695A93168 ] C:\Windows\System32\drivers\vwifimp.sys
10:21:20.0302 0x0d80 C:\Windows\System32\drivers\vwifimp.sys - ok
10:21:20.0318 0x0d80 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
10:21:20.0318 0x0d80 C:\Windows\System32\imageres.dll - ok
10:21:20.0333 0x0d80 [ C2F774926126774301A2B5E070D930A9, 4F2B34D338BF24DDEEA9A1FF581CDA9F121D48D5CCDA6BC5671B81C4D968AFD9 ] C:\Windows\System32\atimuixx.dll
10:21:20.0333 0x0d80 C:\Windows\System32\atimuixx.dll - ok
10:21:20.0349 0x0d80 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
10:21:20.0349 0x0d80 C:\Windows\SysWOW64\shlwapi.dll - ok
10:21:20.0364 0x0d80 [ 500FDC29BF4948E7C4E0022965B5085D, C4D6E02118F14E571D9D04B46A9AF9C88E27B43F8270938C01EB9E92A3BE797F ] C:\Program Files\AVAST Software\Avast\ashbase.dll
10:21:20.0364 0x0d80 C:\Program Files\AVAST Software\Avast\ashbase.dll - ok
10:21:20.0380 0x0d80 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
10:21:20.0380 0x0d80 C:\Windows\SysWOW64\ws2_32.dll - ok
10:21:20.0396 0x0d80 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
10:21:20.0396 0x0d80 C:\Windows\SysWOW64\wsock32.dll - ok
10:21:20.0411 0x0d80 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
10:21:20.0411 0x0d80 C:\Windows\SysWOW64\nsi.dll - ok
10:21:20.0427 0x0d80 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
10:21:20.0427 0x0d80 C:\Windows\SysWOW64\psapi.dll - ok
10:21:20.0442 0x0d80 [ D5EC42139D6A6158CF188975C50B6A60, C3551F8FC9DC58483B3AF4F80163C7A187F879FA89A7E36C28FD462FC24478FC ] C:\Windows\SysWOW64\wintrust.dll
10:21:20.0442 0x0d80 C:\Windows\SysWOW64\wintrust.dll - ok
10:21:20.0458 0x0d80 [ 74264B7F57A16D25CB581C07964D324A, AA91EE0910ECBD7D190A05EBA48F1D348756C2D4B217B7FE2DF3AF92AD4A176D ] C:\Windows\SysWOW64\crypt32.dll
10:21:20.0458 0x0d80 C:\Windows\SysWOW64\crypt32.dll - ok
10:21:20.0474 0x0d80 [ A7D8ADF6B67651B343381213B34200BE, C44FA016CC8791633FE0EF35D2D8B2EE5A8055D871DC4F0F8FDBBCF7373D580E ] C:\Program Files\AVAST Software\Avast\CommChannel.dll
10:21:20.0474 0x0d80 C:\Program Files\AVAST Software\Avast\CommChannel.dll - ok
10:21:20.0489 0x0d80 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
10:21:20.0489 0x0d80 C:\Windows\SysWOW64\msasn1.dll - ok
10:21:20.0505 0x0d80 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
10:21:20.0505 0x0d80 C:\Windows\SysWOW64\winhttp.dll - ok
10:21:20.0520 0x0d80 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
10:21:20.0520 0x0d80 C:\Windows\SysWOW64\webio.dll - ok
10:21:20.0536 0x0d80 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
10:21:20.0536 0x0d80 C:\Windows\SysWOW64\dnsapi.dll - ok
10:21:20.0567 0x0d80 [ 7DA8F12B61BE1D51C51AA5D661C22D7D, 9060E38F423C33DD7E1EC933AC863B3B81F87C25220CCDDC4FDF788C0A1BFFAC ] C:\Program Files\AVAST Software\Avast\avastIP.dll
10:21:20.0567 0x0d80 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
10:21:20.0583 0x0d80 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
10:21:20.0583 0x0d80 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
10:21:20.0598 0x0d80 [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
10:21:20.0598 0x0d80 C:\Windows\SysWOW64\rasapi32.dll - ok
10:21:20.0614 0x0d80 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
10:21:20.0614 0x0d80 C:\Windows\SysWOW64\winnsi.dll - ok
10:21:20.0630 0x0d80 [ DEDCA06DD4F8E560085D7C287BDF25CC, 33AEAC272EF44B001849C081DBBE77E5C33818602DCA061887ADD4EC79420914 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
10:21:20.0630 0x0d80 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
10:21:20.0645 0x0d80 [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
10:21:20.0645 0x0d80 C:\Windows\SysWOW64\rasman.dll - ok
10:21:20.0661 0x0d80 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
10:21:20.0661 0x0d80 C:\Windows\SysWOW64\setupapi.dll - ok
10:21:20.0676 0x0d80 [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
10:21:20.0676 0x0d80 C:\Windows\SysWOW64\cfgmgr32.dll - ok
10:21:20.0692 0x0d80 [ A208DAC2932649CFF82A6A684D8BB1F6, 849A82E9BEA587E8221935F5132443F298412CF4D983C23C396510C7776CED41 ] C:\Windows\SysWOW64\oleaut32.dll
10:21:20.0692 0x0d80 C:\Windows\SysWOW64\oleaut32.dll - ok
10:21:20.0708 0x0d80 [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
10:21:20.0708 0x0d80 C:\Windows\SysWOW64\devobj.dll - ok
10:21:20.0723 0x0d80 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
10:21:20.0723 0x0d80 C:\Windows\SysWOW64\version.dll - ok
10:21:20.0754 0x0d80 [ EA6EA6912F27F05C61D8D747517EB47E, 51BBBAAD920F7294C505264658ED1D64C7F67518C440F57B9499A085EC305DA4 ] C:\Windows\SysWOW64\wininet.dll
10:21:20.0754 0x0d80 C:\Windows\SysWOW64\wininet.dll - ok
10:21:20.0770 0x0d80 [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll
10:21:20.0770 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok
10:21:20.0786 0x0d80 [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll
10:21:20.0786 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok
10:21:20.0801 0x0d80 [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll
10:21:20.0801 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok
10:21:20.0817 0x0d80 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll
10:21:20.0817 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok
10:21:20.0832 0x0d80 [ 52B4DECDC70B8758380D37EA2CDD4254, 09744585AE1F2DAD2075E0AEFFF2D2D5E266B8364A6FC95EB5F54149F8EFDA31 ] C:\Windows\SysWOW64\iertutil.dll
10:21:20.0832 0x0d80 C:\Windows\SysWOW64\iertutil.dll - ok
10:21:20.0848 0x0d80 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
10:21:20.0848 0x0d80 C:\Windows\System32\dllhost.exe - ok
10:21:20.0864 0x0d80 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll
10:21:20.0864 0x0d80 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok
10:21:20.0879 0x0d80 [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll
10:21:20.0879 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok
10:21:20.0910 0x0d80 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
10:21:20.0910 0x0d80 C:\Windows\SysWOW64\userenv.dll - ok
10:21:20.0926 0x0d80 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
10:21:20.0926 0x0d80 C:\Windows\SysWOW64\profapi.dll - ok
10:21:20.0926 0x0d80 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
10:21:20.0926 0x0d80 C:\Windows\SysWOW64\imm32.dll - ok
10:21:20.0942 0x0d80 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
10:21:20.0942 0x0d80 C:\Windows\System32\IDStore.dll - ok
10:21:20.0957 0x0d80 [ 84B460BB65567ED42DD605FA044DB370, 4CA82B2581F417D8D6D81F446F81283D3DE91C8E8E0BC2DC3DA4CF8D55E765F5 ] C:\Windows\SysWOW64\msctf.dll
10:21:20.0957 0x0d80 C:\Windows\SysWOW64\msctf.dll - ok
10:21:20.0988 0x0d80 [ 23566F9723771108D2E6CD768AC27407, FAC0293DD1061B151E779BF4B245E6652C951FEDEBC602A166156DFBD38B5D67 ] C:\Windows\System32\AtBroker.exe
10:21:20.0988 0x0d80 C:\Windows\System32\AtBroker.exe - ok
10:21:21.0004 0x0d80 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
10:21:21.0004 0x0d80 C:\Windows\System32\mpr.dll - ok
10:21:21.0020 0x0d80 [ 5C5E3AFD499E5146FEF1DA5EF8A23205, 9A26FFAFFB26FA6549C6DA75F76238A903CA723F9DAD356FBA8D91067FE312FD ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
10:21:21.0020 0x0d80 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
10:21:21.0035 0x0d80 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
10:21:21.0035 0x0d80 C:\Windows\System32\userinit.exe - ok
10:21:21.0051 0x0d80 [ D80BE4F77BDE6FC84B05F04FB80BC969, 8838F26BBB212BCD64ED12962E981C716841893FB34ADAA096BEFA5FAF399129 ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
10:21:21.0051 0x0d80 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
10:21:21.0066 0x0d80 [ 42447D560F5A202F27810E84F6A21F57, 79DA95A8FD4AB81EB37AA351CAE554BAA16BE51E46B439140CC732A207184AA7 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
10:21:21.0066 0x0d80 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
10:21:21.0082 0x0d80 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
10:21:21.0082 0x0d80 C:\Windows\System32\dwm.exe - ok
10:21:21.0098 0x0d80 [ 6E7D42C70EF7B4BB2C08766408D5BEF1, 4D58E7E8A889CFA6194146C448C67068AC325BB77ADDB7AC7265EA5CE97A81EA ] C:\Program Files\AVAST Software\Avast\libeay32.dll
10:21:21.0098 0x0d80 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
10:21:21.0113 0x0d80 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
10:21:21.0113 0x0d80 C:\Windows\System32\dwmredir.dll - ok
10:21:21.0129 0x0d80 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
10:21:21.0129 0x0d80 C:\Windows\System32\dwmcore.dll - ok
10:21:21.0144 0x0d80 [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll
10:21:21.0160 0x0d80 C:\Windows\SysWOW64\netapi32.dll - ok
10:21:21.0176 0x0d80 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
10:21:21.0176 0x0d80 C:\Windows\SysWOW64\netutils.dll - ok
10:21:21.0191 0x0d80 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
10:21:21.0191 0x0d80 C:\Windows\SysWOW64\srvcli.dll - ok
10:21:21.0222 0x0d80 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
10:21:21.0222 0x0d80 C:\Windows\SysWOW64\wkscli.dll - ok
10:21:21.0238 0x0d80 [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll
10:21:21.0238 0x0d80 C:\Windows\System32\d3d10_1.dll - ok
10:21:21.0254 0x0d80 [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
10:21:21.0254 0x0d80 C:\Windows\explorer.exe - ok
10:21:21.0269 0x0d80 [ B54FD1991E659FD61EF1D34EC27AAECD, 4BB2F43322093F02B2FBCC4B2456437356555DA48DC6DA67FC55A1B457D32149 ] C:\Windows\SysWOW64\cryptsp.dll
10:21:21.0269 0x0d80 C:\Windows\SysWOW64\cryptsp.dll - ok
10:21:21.0285 0x0d80 [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll
10:21:21.0285 0x0d80 C:\Windows\System32\d3d10_1core.dll - ok
10:21:21.0316 0x0d80 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
10:21:21.0316 0x0d80 C:\Windows\SysWOW64\rsaenh.dll - ok
10:21:21.0332 0x0d80 [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll
10:21:21.0332 0x0d80 C:\Windows\System32\dxgi.dll - ok
10:21:21.0347 0x0d80 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
10:21:21.0347 0x0d80 C:\Windows\System32\ExplorerFrame.dll - ok
10:21:21.0363 0x0d80 [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll
10:21:21.0363 0x0d80 C:\Windows\System32\d3d11.dll - ok
10:21:21.0378 0x0d80 [ 2666EB66FB6C33825C89DB811393AB42, F6DE80E86D04D03786EE5D949FB08E95337F9DF6440152053F210E7A94E1CC45 ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
10:21:21.0378 0x0d80 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
10:21:21.0410 0x0d80 [ 00B79C4B2426248B259C1C796BDB1683, 1D02768088A58C40F5F88DB50A1BEE132F354DFFB222E3E66823FD8019062F62 ] C:\Windows\System32\aticfx64.dll
10:21:21.0410 0x0d80 C:\Windows\System32\aticfx64.dll - ok
10:21:21.0425 0x0d80 [ 8ECFBA222FB5D84757B394CB74EB0FBE, 161997032DD8F2F5F6D574A8C5EB956ABE5B527078FA2A78288293B8155E79AC ] C:\Windows\System32\atiuxp64.dll
10:21:21.0425 0x0d80 C:\Windows\System32\atiuxp64.dll - ok
10:21:21.0441 0x0d80 [ 0BA2124F68B73D4FE774F932C5D5CBB4, 2997F992ED51F58A24BFBDEDA6BF02D3251CE84E75AA7B1C148700470D5CC2F4 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
10:21:21.0441 0x0d80 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
10:21:21.0456 0x0d80 [ 2720C94ADCC1727A66365CCB1CE456C4, 7A6978A117406E39CEE7ED051F02DE04E76EC51AA65B3F4774712C1C317F410C ] C:\Windows\System32\msi.dll
10:21:21.0456 0x0d80 C:\Windows\System32\msi.dll - ok
10:21:21.0472 0x0d80 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
10:21:21.0472 0x0d80 C:\Windows\System32\shsvcs.dll - ok
10:21:21.0488 0x0d80 [ 8E8D2218A15D2CA62E2EB12C59B8D86D, ED1E5C9B559A4B07261CB5D7F6897F7EDFE4B6F20E963AAFF2E72A208A66BBD4 ] C:\Windows\System32\atidxx64.dll
10:21:21.0488 0x0d80 C:\Windows\System32\atidxx64.dll - ok
10:21:21.0503 0x0d80 [ 7364B71F792DFD5E14F9736BAD4AA824, FD76285A9AEFCCB6CEDF536490EBE343D58BF796A09235A3EE4BB97935D8637A ] C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
10:21:21.0503 0x0d80 C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll - ok
10:21:21.0534 0x0d80 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
10:21:21.0534 0x0d80 C:\Windows\System32\EhStorShell.dll - ok
10:21:21.0550 0x0d80 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
10:21:21.0550 0x0d80 C:\Windows\System32\ntshrui.dll - ok
10:21:21.0566 0x0d80 [ 4D6FBEFB0AF26932C98587329CB12415, 9C3E79E8FF665C77302919AF137B94FA6420A176C79A450E2C0A20BBEA2417CB ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
10:21:21.0566 0x0d80 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
10:21:21.0581 0x0d80 [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
10:21:21.0581 0x0d80 C:\Windows\System32\uDWM.dll - ok
10:21:21.0597 0x0d80 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
10:21:21.0597 0x0d80 C:\Windows\System32\cscapi.dll - ok
10:21:21.0612 0x0d80 [ E51EEF12B893652E1D6058ED8D601D86, E963F82DDF7CF5329331533E0A33A5676D41BD010B7B45CC265B206BADAEEFD6 ] C:\Program Files\AVAST Software\Avast\aavmrpch.dll
10:21:21.0612 0x0d80 C:\Program Files\AVAST Software\Avast\aavmrpch.dll - ok
10:21:21.0628 0x0d80 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
10:21:21.0628 0x0d80 C:\Windows\System32\IconCodecService.dll - ok
10:21:21.0659 0x0d80 [ 278C354DA8C3D6C7B717C278887F0CE4, 04D1D9115634018DCD8BA67B8621B3D2BD63D250C08BBE4A28943818C1C82ECA ] C:\Program Files\AVAST Software\Avast\ashTask.dll
10:21:21.0659 0x0d80 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
10:21:21.0675 0x0d80 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
10:21:21.0675 0x0d80 C:\Windows\System32\fveapi.dll - ok
10:21:21.0690 0x0d80 [ D7819F436809AB91666E6F48E0744AF6, ED93FF3406D3409F6745ACE5FF2449DE730A008FBF4A792AB54515C7736700A3 ] C:\Program Files\AVAST Software\Avast\aswAux.dll
10:21:21.0690 0x0d80 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
10:21:21.0706 0x0d80 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
10:21:21.0706 0x0d80 C:\Windows\System32\fvecerts.dll - ok
10:21:21.0722 0x0d80 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
10:21:21.0722 0x0d80 C:\Windows\System32\tbs.dll - ok
10:21:21.0737 0x0d80 [ 437F0D88126052221119459A2E91F5CE, F5BCD63675589EF0A482F3FB470754D3C30027D6FA5264C9F490F50C8D026A13 ] C:\Program Files\AVAST Software\Avast\aswLog.dll
10:21:21.0737 0x0d80 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
10:21:21.0753 0x0d80 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
10:21:21.0753 0x0d80 C:\Windows\System32\wiarpc.dll - ok
10:21:21.0784 0x0d80 [ 265C5E29F80CD6BC9AFD3915E844778F, A43EDFF943CF01F010E37A79D592B28F6DEABC192F4840811F6CB9D481F357B7 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
10:21:21.0784 0x0d80 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
10:21:21.0800 0x0d80 [ E18F4E56C42CC5361B44211E8B6DA33D, 895CDDA0304F24C86EE87519CB1D16B1D105A1B033ED9ADD9225A36E77F6AF1E ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
10:21:21.0800 0x0d80 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
10:21:21.0815 0x0d80 [ 33A9B998A31D1692380CD4296B8B2BDC, 6893BDCEC9852641AB54CFC29B05DD54C287E150156C1741B292F3B7CDA898E2 ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
10:21:21.0815 0x0d80 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
10:21:21.0831 0x0d80 [ 5C3151177363D75BDAC79258CF89DF10, 7C8F0F9ABE2D3FDC3E8810347070114DD146EADF8045E6E7E2398931D50DF563 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
10:21:21.0831 0x0d80 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
10:21:21.0846 0x0d80 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
10:21:21.0846 0x0d80 C:\Windows\System32\schedsvc.dll - ok
10:21:21.0878 0x0d80 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
10:21:21.0878 0x0d80 C:\Windows\System32\ktmw32.dll - ok
10:21:21.0893 0x0d80 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
10:21:21.0893 0x0d80 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
10:21:21.0909 0x0d80 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
10:21:21.0909 0x0d80 C:\Windows\System32\taskcomp.dll - ok
10:21:21.0924 0x0d80 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
10:21:21.0924 0x0d80 C:\Windows\System32\drivers\http.sys - ok
10:21:21.0940 0x0d80 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe
10:21:21.0940 0x0d80 C:\Windows\System32\spoolsv.exe - ok
10:21:21.0971 0x0d80 [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
10:21:21.0971 0x0d80 C:\Windows\SysWOW64\wscisvif.dll - ok
10:21:21.0987 0x0d80 [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
10:21:21.0987 0x0d80 C:\Windows\SysWOW64\wscapi.dll - ok
10:21:22.0002 0x0d80 [ DF5A43B79BE1F2069B43A494DEE299A9, F131FD987039E6BB15BFA9EF696754AF420B35B5398DF55C2FEF3336D0CFBE71 ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswEngin.dll
10:21:22.0002 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswEngin.dll - ok
10:21:22.0018 0x0d80 [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe
10:21:22.0018 0x0d80 C:\Windows\System32\taskhost.exe - ok
10:21:22.0049 0x0d80 [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
10:21:22.0049 0x0d80 C:\Windows\SysWOW64\powrprof.dll - ok
10:21:22.0065 0x0d80 [ 5B2AC165AE6BFEE032017C96E505581A, 2BB9CD4EC34CBA0E154FB7C1BC1BBC0EE14B63F811AD5B487308258944B2412E ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswCmnIS.dll
10:21:22.0065 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswCmnIS.dll - ok
10:21:22.0080 0x0d80 [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll
10:21:22.0080 0x0d80 C:\Windows\System32\PlaySndSrv.dll - ok
10:21:22.0096 0x0d80 [ 5DFF30DFD74F3B1ED9B530476766C640, 57AE37A38FA9088798315B97DEE4E72ACFC484AE6C6397D462833EF467A14F05 ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswCmnOS.dll
10:21:22.0112 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswCmnOS.dll - ok
10:21:22.0127 0x0d80 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
10:21:22.0127 0x0d80 C:\Windows\System32\BFE.DLL - ok
10:21:22.0143 0x0d80 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll
10:21:22.0143 0x0d80 C:\Windows\System32\MsCtfMonitor.dll - ok
10:21:22.0174 0x0d80 [ 193BE1A0E9488B90A5043DFDEB028A85, 9BCF8E3D818109441BB35F78C2E5E67E62C0BD25CC98AF48D5148CF3BBC3F50C ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswCmnBS.dll
10:21:22.0174 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswCmnBS.dll - ok
10:21:22.0190 0x0d80 [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll
10:21:22.0190 0x0d80 C:\Windows\System32\msutb.dll - ok
10:21:22.0205 0x0d80 [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll
10:21:22.0205 0x0d80 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
10:21:22.0236 0x0d80 [ B1B584DA4F80C4B5F646531945374D9C, 3B7BBA9F88279DF9D53BAF186E36F657AB803C39DC46A018AF33025399E71496 ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswScan.dll
10:21:22.0236 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswScan.dll - ok
10:21:22.0252 0x0d80 [ 0C975B389E5F25982453FB8DD8C3102D, C439136283C863764979F86F5A7498DDF1CF92BC6835A0E28D8CBF63C159FD0B ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswRep.dll
10:21:22.0252 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswRep.dll - ok
10:21:22.0268 0x0d80 [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll
10:21:22.0268 0x0d80 C:\Windows\System32\HotStartUserAgent.dll - ok
10:21:22.0283 0x0d80 [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
10:21:22.0283 0x0d80 C:\Windows\System32\esent.dll - ok
10:21:22.0314 0x0d80 [ CA7B5F897F0C8C9013E357EAF5D502C0, EDA6A82AD8BBEC23ED8BDF0A0FD07BDB3E7952C2E12CA1E67223B3026933002A ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswFiDb.dll
10:21:22.0314 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswFiDb.dll - ok
10:21:22.0330 0x0d80 [ 85D81A8911C07247BFECBF1E0BAA53AA, 627ACEDA1858CF8049202A250308A5EF49C1058A38A2D08290D58D240E50C98D ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswCleanerDLL.dll
10:21:22.0330 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswCleanerDLL.dll - ok
10:21:22.0346 0x0d80 [ 9AE4F24D67D6A4309B4B2C1A76473C69, B08E6395AAB521DB6F39D702674BE4A328D85DA97554851763333481938DA3DA ] C:\Program Files\AVAST Software\Avast\defs\15032000\algo.dll
10:21:22.0346 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\algo.dll - ok
10:21:22.0377 0x0d80 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
10:21:22.0377 0x0d80 C:\Windows\System32\drivers\bowser.sys - ok
10:21:22.0392 0x0d80 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
10:21:22.0392 0x0d80 C:\Windows\System32\drivers\mpsdrv.sys - ok
10:21:22.0392 0x0d80 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
10:21:22.0392 0x0d80 C:\Windows\System32\drivers\mrxsmb.sys - ok
10:21:22.0424 0x0d80 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
10:21:22.0424 0x0d80 C:\Windows\System32\drivers\mrxsmb10.sys - ok
10:21:22.0439 0x0d80 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
10:21:22.0439 0x0d80 C:\Windows\System32\drivers\mrxsmb20.sys - ok
10:21:22.0455 0x0d80 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
10:21:22.0455 0x0d80 C:\Windows\System32\wkssvc.dll - ok
10:21:22.0470 0x0d80 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
10:21:22.0470 0x0d80 C:\Windows\SysWOW64\clbcatq.dll - ok
10:21:22.0486 0x0d80 [ BA4B999D245287608A79C92CDAE6F3C1, 799CC0FB185FDF3438687184944E6F6AB6EE73B3B542542D3C13C0FF1A8C0276 ] C:\Windows\System32\drivers\aswHwid.sys
10:21:22.0486 0x0d80 C:\Windows\System32\drivers\aswHwid.sys - ok
10:21:22.0502 0x0d80 [ 1CD76A83B9E8E9A5A3519B39E28354D9, F9931743B99820FFBFB13136DFFD92F86802D543F9D8478648CDC554FB38899D ] C:\Windows\System32\cryptsvc.dll
10:21:22.0502 0x0d80 C:\Windows\System32\cryptsvc.dll - ok
10:21:22.0517 0x0d80 [ 1BE9877B199184D7657BC4CFCB7B4A99, 69A99CB1B006CBAA2481795D228D4394B48BEEDC7D22FEF7B982E81CC52E6FCD ] C:\Windows\System32\cryptnet.dll
10:21:22.0517 0x0d80 C:\Windows\System32\cryptnet.dll - ok
10:21:22.0548 0x0d80 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
10:21:22.0548 0x0d80 C:\Windows\System32\dps.dll - ok
10:21:22.0564 0x0d80 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
10:21:22.0564 0x0d80 C:\Windows\System32\vssapi.dll - ok
10:21:22.0580 0x0d80 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
10:21:22.0580 0x0d80 C:\Windows\System32\taskschd.dll - ok
10:21:22.0595 0x0d80 [ 244C6722289F4869068992FD7D8A8832, 8644D0A55C46C3F081F0AB43D253D13E56E77D89336A87108DB8C47D6EDC3A64 ] C:\Windows\SysWOW64\wbem\wbemdisp.dll
10:21:22.0595 0x0d80 C:\Windows\SysWOW64\wbem\wbemdisp.dll - ok
10:21:22.0611 0x0d80 [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
10:21:22.0611 0x0d80 C:\Windows\SysWOW64\wbemcomn.dll - ok
10:21:22.0626 0x0d80 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
10:21:22.0626 0x0d80 C:\Windows\System32\vsstrace.dll - ok
10:21:22.0658 0x0d80 [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
10:21:22.0658 0x0d80 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
10:21:22.0658 0x0d80 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
10:21:22.0658 0x0d80 C:\Windows\SysWOW64\sxs.dll - ok
10:21:22.0689 0x0d80 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
10:21:22.0689 0x0d80 C:\Windows\System32\wfapigp.dll - ok
10:21:22.0704 0x0d80 [ 5610B0425518D185331CB8E968D060E6, E235186C3BF266EE9EC733D2CFF35E3A65DE039C19B14260F4054F34B5E8AD41 ] C:\Windows\SysWOW64\wbem\wmiutils.dll
10:21:22.0704 0x0d80 C:\Windows\SysWOW64\wbem\wmiutils.dll - ok
10:21:22.0720 0x0d80 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
10:21:22.0720 0x0d80 C:\Windows\System32\mscms.dll - ok
10:21:22.0736 0x0d80 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] C:\Windows\System32\IKEEXT.DLL
10:21:22.0736 0x0d80 C:\Windows\System32\IKEEXT.DLL - ok
10:21:22.0751 0x0d80 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
10:21:22.0751 0x0d80 C:\Windows\System32\FDResPub.dll - ok
10:21:22.0767 0x0d80 [ 8B301D474B478E9A92823BAB50A7BC49, 8181816035F41B1DABEC05E65E4F67BCD785F56760A61F1049E91BA39D42F01D ] C:\Windows\System32\nlasvc.dll
10:21:22.0767 0x0d80 C:\Windows\System32\nlasvc.dll - ok
10:21:22.0782 0x0d80 [ DB2D62AA2DF6B1F3D690A9EC9701AA2C, BEAC55E1AA0494565F1547DF5E6FE20FCEA66461764C016FCB68D8BFF0F0C375 ] C:\Windows\System32\pcasvc.dll
10:21:22.0782 0x0d80 C:\Windows\System32\pcasvc.dll - ok
10:21:22.0892 0x0d80 [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
10:21:22.0892 0x0d80 C:\Windows\System32\WSDApi.dll - ok
10:21:22.0907 0x0d80 [ D4FAC263861BAE06971C7F7D0A8EBF15, D494DEF0024288B9CC56EC6B500FF5828144BE9B8E7033340509EC5E68F8DED0 ] C:\Windows\System32\ncsi.dll
10:21:22.0907 0x0d80 C:\Windows\System32\ncsi.dll - ok
10:21:22.0923 0x0d80 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
10:21:22.0923 0x0d80 C:\Windows\System32\winhttp.dll - ok
10:21:22.0938 0x0d80 [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
10:21:22.0938 0x0d80 C:\Windows\System32\webio.dll - ok
10:21:22.0954 0x0d80 [ 2F86BE1818C2D7AC90478E3323EE7FCB, CE721FCFFDC9D24483DEB6BB77DAFEBE79BA143CA2EE68BF28E2A9297AADB2D4 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
10:21:22.0954 0x0d80 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe - ok
10:21:22.0970 0x0d80 [ EF4FA1D31D146EA0C04D16E75FCA6BCF, 082BE15794CFA546C61B2585E2947C82A869596864E2F099A82FB7943D7B9B4D ] C:\Windows\System32\aepic.dll
10:21:22.0970 0x0d80 C:\Windows\System32\aepic.dll - ok
10:21:23.0001 0x0d80 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
10:21:23.0001 0x0d80 C:\Windows\System32\sfc_os.dll - ok
10:21:23.0016 0x0d80 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
10:21:23.0016 0x0d80 C:\Windows\System32\snmptrap.exe - ok
10:21:23.0032 0x0d80 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
10:21:23.0032 0x0d80 C:\Windows\System32\sfc.dll - ok
10:21:23.0094 0x0d80 [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
10:21:23.0094 0x0d80 C:\Windows\System32\webservices.dll - ok
10:21:23.0110 0x0d80 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
10:21:23.0110 0x0d80 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
10:21:23.0126 0x0d80 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
10:21:23.0126 0x0d80 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
10:21:23.0157 0x0d80 [ 88104CCBC329D185A881031A11259229, 0FC57B9BAC8B917091E72CCA831EA909A5DB294980F211AA4F7D2A7836C9D2EE ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccL90U.dll
10:21:23.0157 0x0d80 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccL90U.dll - ok
10:21:23.0172 0x0d80 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
10:21:23.0172 0x0d80 C:\Windows\System32\ssdpapi.dll - ok
10:21:23.0188 0x0d80 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
10:21:23.0188 0x0d80 C:\Windows\System32\fundisc.dll - ok
10:21:23.0204 0x0d80 [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
10:21:23.0204 0x0d80 C:\Windows\System32\vpnikeapi.dll - ok
10:21:23.0219 0x0d80 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
10:21:23.0219 0x0d80 C:\Windows\SysWOW64\dbghelp.dll - ok
10:21:23.0235 0x0d80 [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
10:21:23.0235 0x0d80 C:\Windows\System32\aeevts.dll - ok
10:21:23.0266 0x0d80 [ 10EAB90C1AE8271B5FE5A8930987EE5C, 53E72964AA75526B161F859A509CB046809AE47C65DC998F0E49AC8AED9066EA ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
10:21:23.0266 0x0d80 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
10:21:23.0282 0x0d80 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] C:\Windows\System32\iphlpsvc.dll
10:21:23.0282 0x0d80 C:\Windows\System32\iphlpsvc.dll - ok
10:21:23.0297 0x0d80 [ ED6E75158D28D33A2E2A020AC5B2B59D, 0F364D9A88304C45F31318605C417A70A9D0E4CF087D73E949B42C12CC76CD6C ] C:\Windows\System32\drivers\PEAuth.sys
10:21:23.0297 0x0d80 C:\Windows\System32\drivers\PEAuth.sys - ok
10:21:23.0313 0x0d80 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
10:21:23.0313 0x0d80 C:\Windows\System32\drivers\secdrv.sys - ok
10:21:23.0344 0x0d80 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
10:21:23.0344 0x0d80 C:\Windows\System32\sstpsvc.dll - ok
10:21:23.0360 0x0d80 [ 2046AA7491DE7EFA4D70E615D9BC9D09, A8763D059AD68D5842C407FA9644E0B129BEF0F63CD87E62B80B05441EDC3489 ] C:\Windows\System32\drivers\Sftfslh.sys
10:21:23.0360 0x0d80 C:\Windows\System32\drivers\Sftfslh.sys - ok
10:21:23.0375 0x0d80 [ 0921ED273D89BA9778437ECD26B6A78A, 9B0B35EFE28F9F9808B56F715FC28DD58EB4AF2D80A55556DD3F71FE3933DFC8 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccVrTrst.dll
10:21:23.0375 0x0d80 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccVrTrst.dll - ok
10:21:23.0391 0x0d80 [ 0E0446BC4D51BE4263ACB7E33491191C, 2AD039FB440560658C4E06F67CC192EF71577EF3FF789A43C08430CE5EAE5A70 ] C:\Windows\System32\drivers\Sftplaylh.sys
10:21:23.0391 0x0d80 C:\Windows\System32\drivers\Sftplaylh.sys - ok
10:21:23.0406 0x0d80 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
10:21:23.0406 0x0d80 C:\Windows\System32\provsvc.dll - ok
10:21:23.0422 0x0d80 [ 39B1D0A636A400304565D4521FAD6D77, 1F01DB35B5A477AA7A77585C9304E6B5F3E67807531305BCA93A7F494CED8F59 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
10:21:23.0422 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
10:21:23.0438 0x0d80 [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\SysWOW64\imagehlp.dll
10:21:23.0438 0x0d80 C:\Windows\SysWOW64\imagehlp.dll - ok
10:21:23.0469 0x0d80 [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
10:21:23.0469 0x0d80 C:\Windows\SysWOW64\Faultrep.dll - ok
10:21:23.0484 0x0d80 [ 7A71DA6D6F75AB73475128F787DD8EAD, FD3141312B789D8EA0ACC4E1380BC8FE8ED5F528560300A92D136C327873E0A7 ] C:\Windows\SysWOW64\ncrypt.dll
10:21:23.0484 0x0d80 C:\Windows\SysWOW64\ncrypt.dll - ok
10:21:23.0500 0x0d80 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
10:21:23.0500 0x0d80 C:\Windows\System32\httpapi.dll - ok
10:21:23.0516 0x0d80 [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
10:21:23.0516 0x0d80 C:\Windows\SysWOW64\bcrypt.dll - ok
10:21:23.0531 0x0d80 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
10:21:23.0531 0x0d80 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
10:21:23.0547 0x0d80 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
10:21:23.0547 0x0d80 C:\Windows\System32\drivers\srvnet.sys - ok
10:21:23.0562 0x0d80 [ 84974782ED5D108DA2EFAF3C6534A760, 91153B03E3493BF9443D9BBD4EDCE9E57386116A16FCA6F7986C87F4C24E561A ] C:\Windows\SysWOW64\secur32.dll
10:21:23.0562 0x0d80 C:\Windows\SysWOW64\secur32.dll - ok
10:21:23.0578 0x0d80 [ 30F5B3E28636009A0B194057AAE4392A, 88A9D0BA84A14DFA04AF2611242D52714CD2FA40E8EC0A69EC4C027DBF801EE2 ] C:\Windows\SysWOW64\credssp.dll
10:21:23.0578 0x0d80 C:\Windows\SysWOW64\credssp.dll - ok
10:21:23.0609 0x0d80 [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
10:21:23.0609 0x0d80 C:\Windows\SysWOW64\gpapi.dll - ok
10:21:23.0625 0x0d80 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] C:\Windows\System32\wiaservc.dll
10:21:23.0625 0x0d80 C:\Windows\System32\wiaservc.dll - ok
10:21:23.0640 0x0d80 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
10:21:23.0640 0x0d80 C:\Windows\System32\sysmain.dll - ok
10:21:23.0656 0x0d80 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] C:\Windows\System32\drivers\tcpipreg.sys
10:21:23.0656 0x0d80 C:\Windows\System32\drivers\tcpipreg.sys - ok
10:21:23.0672 0x0d80 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] C:\Windows\System32\TODDSrv.exe
10:21:23.0672 0x0d80 C:\Windows\System32\TODDSrv.exe - ok
10:21:23.0687 0x0d80 [ 4050600091370422C9B20AC34DC1ACAC, AE69C547B1161AC0EAA64C87DF1EE92A50A698E1B0562B54EE022EF1A8DE3ED1 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvc.dll
10:21:23.0687 0x0d80 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvc.dll - ok
10:21:23.0703 0x0d80 [ 09A06ECC3CE3048B17F25F75ACC63D14, 2E4D2D828EF037199E965B1297F212822007030581DFDBD24E741E9BAC196643 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccIPC.dll
10:21:23.0703 0x0d80 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccIPC.dll - ok
10:21:23.0734 0x0d80 [ DB9719688C08F42705FEB3F6A0C98B91, D8E837F2F5C3838312001CCDD37448ABAE3DD6452CE6DC26241678E0F3A584CE ] C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
10:21:23.0734 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe - ok
10:21:23.0750 0x0d80 [ 290FF9CEEE331A781A6E074D0ACED403, CD422800ADEADB66B02B46D3EDE878DACBA24C94D84B2FEAFED0AB8A0276286D ] C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll
10:21:23.0750 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TPwrReg.dll - ok
10:21:23.0765 0x0d80 [ 3BAA4BAE71460C5CEB40D5E9339A61BC, AC4212DFDB69B9A9D7A35C94FB6681643C66BB720630F70E3B49010FC746D690 ] C:\Windows\SysWOW64\cryptnet.dll
10:21:23.0765 0x0d80 C:\Windows\SysWOW64\cryptnet.dll - ok
10:21:23.0781 0x0d80 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
10:21:23.0781 0x0d80 C:\Windows\SysWOW64\Wldap32.dll - ok
10:21:23.0796 0x0d80 [ 6742B4A075A90AFA3515EC117A56A649, 7188025698D3E5DFD8AEE8C1286B74469D98B00E57D1C147A426FBE18CDD33C3 ] C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll
10:21:23.0796 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TPwrFunc.dll - ok
10:21:23.0812 0x0d80 [ 0364256B4A2A93A8C8CDA6B3B5A0EFF5, BDA403E6CACC249C467671FB1FAF7B77FB019326BC18F9F6CF377104520E2654 ] C:\Windows\System32\wiatrace.dll
10:21:23.0812 0x0d80 C:\Windows\System32\wiatrace.dll - ok
10:21:23.0828 0x0d80 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
10:21:23.0828 0x0d80 C:\Windows\SysWOW64\SensApi.dll - ok
10:21:23.0843 0x0d80 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
10:21:23.0843 0x0d80 C:\Windows\System32\trkwks.dll - ok
10:21:23.0874 0x0d80 [ 725E8022808C6B92D99EF36F2E9FCE02, 19162034B0CFBEC5757BD15EB6756336E45771ECCACC6B6EAA152EABF1D1D646 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\diMaster.dll
10:21:23.0874 0x0d80 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\diMaster.dll - ok
10:21:23.0890 0x0d80 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
10:21:23.0890 0x0d80 C:\Windows\System32\wbem\WMIsvc.dll - ok
10:21:23.0906 0x0d80 [ 7E47C328FC4768CB8BEAFBCFAFA70362, C98BD6A0C2F70E069D5FD3BAB31BD028DFEAC0490D180BBC28A14BE375897D8C ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
10:21:23.0906 0x0d80 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
10:21:23.0921 0x0d80 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
10:21:23.0921 0x0d80 C:\Windows\System32\wbemcomn.dll - ok
10:21:23.0937 0x0d80 [ 2B61F6766CAE1125C00DD9DDD268D876, 0E8F4E171B270BE04918216C98CFBFD0338A5B9968568C2EFB0E56DC91C46C1F ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSet.dll
10:21:23.0937 0x0d80 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSet.dll - ok
10:21:23.0968 0x0d80 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
10:21:23.0968 0x0d80 C:\Windows\SysWOW64\apphelp.dll - ok
10:21:23.0984 0x0d80 [ 5B465C535EA4F73C4B14A1320B8CA5F8, 5AFF2BB6DAD8AB9228970D2B34790F6513F6CC8975489B6696922CF8FA1E24C8 ] C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccJobMgr.dll
10:21:23.0984 0x0d80 C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccJobMgr.dll - ok
10:21:23.0999 0x0d80 [ F70E3FB4D733710E1509779B9ED87D6B, 0FC06FB68846F6018D00ED8EB804A1CAE7AC960A5C5E5A5FD58C9CC9BBE2E402 ] C:\Program Files (x86)\Java\jre6\bin\keytool.exe
10:21:23.0999 0x0d80 C:\Program Files (x86)\Java\jre6\bin\keytool.exe - ok
10:21:24.0015 0x0d80 [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
10:21:24.0015 0x0d80 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
10:21:24.0030 0x0d80 [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
10:21:24.0030 0x0d80 C:\Windows\System32\wbem\WinMgmtR.dll - ok
10:21:24.0046 0x0d80 [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
10:21:24.0046 0x0d80 C:\Windows\System32\SensApi.dll - ok
10:21:24.0062 0x0d80 [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
10:21:24.0062 0x0d80 C:\Windows\System32\wbem\fastprox.dll - ok
10:21:24.0077 0x0d80 [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
10:21:24.0077 0x0d80 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
10:21:24.0108 0x0d80 [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe
10:21:24.0108 0x0d80 C:\Windows\System32\conhost.exe - ok
10:21:24.0124 0x0d80 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
10:21:24.0124 0x0d80 C:\Windows\SysWOW64\wtsapi32.dll - ok
10:21:24.0140 0x0d80 [ FD67683FBA9B2C4BB551780BD8846F64, 4BB7C956EA8D2CE63F5BF80FAE652F98416A7635202AEE04FC8D81000E6363DF ] C:\Windows\SysWOW64\winsta.dll
10:21:24.0140 0x0d80 C:\Windows\SysWOW64\winsta.dll - ok
10:21:24.0155 0x0d80 [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
10:21:24.0155 0x0d80 C:\Windows\System32\wbem\wbemcore.dll - ok
10:21:24.0171 0x0d80 [ 1075AB2C077B415760C0E948856B5126, D67804B4A038FC06BD84CBF9C047DD4C13073622027F825371DB98867EF4E9B9 ] C:\Windows\System32\wer.dll
10:21:24.0171 0x0d80 C:\Windows\System32\wer.dll - ok
10:21:24.0186 0x0d80 [ 3E841D9600370FED618CFBD102A7D37E, 871657973B750C8838A4E2626A1FDB1BF9250334305D24FE17D9210CEF9B2F37 ] C:\Program Files (x86)\Java\jre6\bin\jli.dll
10:21:24.0186 0x0d80 C:\Program Files (x86)\Java\jre6\bin\jli.dll - ok
10:21:24.0202 0x0d80 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll
10:21:24.0202 0x0d80 C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll - ok
10:21:24.0233 0x0d80 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
10:21:24.0233 0x0d80 C:\Windows\System32\ntdsapi.dll - ok
10:21:24.0249 0x0d80 [ A1AC92C4EB1A4AE2906709A5FB94D822, B5A3DB477B5A66B3B18323D68B231A48576325E8F415131DF053366E07D16F86 ] C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll
10:21:24.0249 0x0d80 C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll - ok
10:21:24.0264 0x0d80 [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
10:21:24.0264 0x0d80 C:\Windows\System32\wbem\wbemprox.dll - ok
10:21:24.0280 0x0d80 [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
10:21:24.0280 0x0d80 C:\Windows\System32\wbem\esscli.dll - ok
10:21:24.0296 0x0d80 [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
10:21:24.0296 0x0d80 C:\Windows\System32\wbem\wbemsvc.dll - ok
10:21:24.0311 0x0d80 [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
10:21:24.0311 0x0d80 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
10:21:24.0327 0x0d80 [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
10:21:24.0327 0x0d80 C:\Windows\System32\wbem\wmiutils.dll - ok
10:21:24.0342 0x0d80 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
10:21:24.0342 0x0d80 C:\Windows\SysWOW64\winmm.dll - ok
10:21:24.0358 0x0d80 [ AC9A3A92A878DE61621E7544B2C4AF29, 63477061504DCE449F5EAC55DC1CAF905E6C5DAB30A1A018AAA15A2400D6F21C ] C:\Program Files (x86)\YouTube Download Pool\G2\youtubeserv.exe
10:21:24.0358 0x0d80 C:\Program Files (x86)\YouTube Download Pool\G2\youtubeserv.exe - ok
10:21:24.0389 0x0d80 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
10:21:24.0389 0x0d80 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
10:21:24.0405 0x0d80 [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
10:21:24.0405 0x0d80 C:\Windows\System32\wbem\repdrvfs.dll - ok
10:21:24.0420 0x0d80 [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
10:21:24.0420 0x0d80 C:\Windows\SysWOW64\ntdsapi.dll - ok
10:21:24.0436 0x0d80 [ BCE9B4544F0A88B0D9F77CCDABD1D63E, 78F238DFFF37709592469351967EE59BE973CB88BB6F2AB51C82BE750D3A8DF6 ] C:\Program Files (x86)\Java\jre6\bin\verify.dll
10:21:24.0436 0x0d80 C:\Program Files (x86)\Java\jre6\bin\verify.dll - ok
10:21:24.0452 0x0d80 [ 66F62C08CB04E690B3F649E3F72460BC, 810384134832F202DECA6CDA1B99ACCC71125E56B69C240185A2EC9AE43D070B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
10:21:24.0452 0x0d80 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
10:21:24.0467 0x0d80 [ BFAEFEDD5C54A40EA42EA5BCBE3215A6, 716B3395C5B537A43905F1E5715385C17E1DB0E4969DC7BCC583C434729C1F54 ] C:\Program Files (x86)\Java\jre6\bin\java.dll
10:21:24.0467 0x0d80 C:\Program Files (x86)\Java\jre6\bin\java.dll - ok
10:21:24.0498 0x0d80 [ 1D748A18416CE95461B79E5CCBEFFAA8, C784A57BAD005DCB63F4B5617037791817615042A8D8DC8EBD6C00A103459022 ] C:\Program Files (x86)\Java\jre6\bin\hpi.dll
10:21:24.0498 0x0d80 C:\Program Files (x86)\Java\jre6\bin\hpi.dll - ok
10:21:24.0514 0x0d80 [ FB4FF002962F6B06BE36F4DF11D2A0B9, 1204291AE0E5F8542A483BF169492FF6885DAC280D4C7A0F1107B671B8DD310C ] C:\Program Files (x86)\Java\jre6\bin\zip.dll
10:21:24.0514 0x0d80 C:\Program Files (x86)\Java\jre6\bin\zip.dll - ok
10:21:24.0530 0x0d80 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
10:21:24.0530 0x0d80 C:\Windows\SysWOW64\msimg32.dll - ok
10:21:24.0545 0x0d80 [ 364ECFF4ABD9D575F4F7CF7EB7928EF3, BA2E0A2AC40AE75A6ED2284B9066AB447C4F328000146B4C72BC1CA922827065 ] C:\Windows\System32\msxml3.dll
10:21:24.0545 0x0d80 C:\Windows\System32\msxml3.dll - ok
10:21:24.0561 0x0d80 [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
10:21:24.0561 0x0d80 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
10:21:24.0576 0x0d80 [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
10:21:24.0576 0x0d80 C:\Windows\System32\ncobjapi.dll - ok
10:21:24.0592 0x0d80 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
10:21:24.0592 0x0d80 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
10:21:24.0608 0x0d80 [ B35C35C55FED3DD7F995C77F63CBC29B, CC7D181CF79BF2D8B229569C156BB13B4A11951C2F6CEF0E5E88B90138E96867 ] C:\Windows\SysWOW64\urlmon.dll
10:21:24.0608 0x0d80 C:\Windows\SysWOW64\urlmon.dll - ok
10:21:24.0639 0x0d80 [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
10:21:24.0639 0x0d80 C:\Windows\System32\wbem\wbemess.dll - ok
10:21:24.0654 0x0d80 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
10:21:24.0654 0x0d80 C:\Windows\SysWOW64\propsys.dll - ok
10:21:24.0670 0x0d80 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
10:21:24.0670 0x0d80 C:\Windows\System32\taskeng.exe - ok
10:21:24.0686 0x0d80 [ 1C60E09CA1C3A045BC4D367F67C915B7, DF1ED88CB57DA1AB1A4245AE0D5B42AFA3396EBF67B99411FFFB0DD06DE1AEAF ] C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll
10:21:24.0686 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-ole32-l1-1-0.dll - ok
10:21:24.0701 0x0d80 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
10:21:24.0701 0x0d80 C:\Windows\SysWOW64\uxtheme.dll - ok
10:21:24.0717 0x0d80 [ 70A176BF2ED362862944C371838262F8, 7F54164AB73160826991B565D1B1804BA9F6223830503B5A4F84B7E8AEFAF6A1 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
10:21:24.0717 0x0d80 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
10:21:24.0748 0x0d80 [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A03B595733AEBC2 ] C:\Windows\SysWOW64\security.dll
10:21:24.0748 0x0d80 C:\Windows\SysWOW64\security.dll - ok
10:21:24.0764 0x0d80 [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
10:21:24.0764 0x0d80 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
10:21:24.0779 0x0d80 [ 77C5A741A7452812F278EF2C18478862, 0B763679EB7EFB8ED9DCE7B429706E939BB65BA6BCF1BAE0E0426D4E87074B8C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
10:21:24.0779 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
10:21:24.0795 0x0d80 [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
10:21:24.0795 0x0d80 C:\Windows\System32\dssenh.dll - ok
10:21:24.0810 0x0d80 [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
10:21:24.0810 0x0d80 C:\Windows\System32\sqmapi.dll - ok
10:21:24.0826 0x0d80 [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
10:21:24.0826 0x0d80 C:\Windows\System32\wdscore.dll - ok
10:21:24.0842 0x0d80 [ 3F1D0820E8F8A3E4F99333A6DCC2B95A, 61238B92EABA8175CDD1944CEB985128736B2515BFCF65B94108DC72747E9AA6 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
10:21:24.0842 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
10:21:24.0857 0x0d80 [ E227B810296AA27E6C69307A7B6456E5, 0FBF1C90362EA0D12B4B0E18A2FB3E3AC90E116C30BE4CBE95F12EB4882FB985 ] C:\Windows\SysWOW64\msxml6.dll
10:21:24.0857 0x0d80 C:\Windows\SysWOW64\msxml6.dll - ok
10:21:24.0888 0x0d80 [ E70E7C2EEC214FB2FE50DBFC8E98CB85, 3884117DB6B9CAEC669DAF4D2B2068CEE31298967C7EEC9DF5379D1A6A800659 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
10:21:24.0888 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
10:21:24.0904 0x0d80 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
10:21:24.0904 0x0d80 C:\Windows\SysWOW64\mpr.dll - ok
10:21:24.0920 0x0d80 [ 85181D316D88082CF39D2F33FD47C6B5, F92AEA12F662BDCE7EE950B41B06454797996E596CBF3482F9A406B21782E28C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
10:21:24.0920 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
10:21:24.0935 0x0d80 [ 9D79C992E1607D2CD7B13A0F97557858, 4D2DFF755C54E93ECEDD12F3A4DB856BA9AA4375DB06F5D8DB8D15C26347D361 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
10:21:24.0935 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
10:21:24.0966 0x0d80 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
10:21:24.0966 0x0d80 C:\Windows\System32\hnetcfg.dll - ok
10:21:24.0982 0x0d80 [ 49ACA548B2423F1C67898E6AC719A9A6, 23D84137EAB9AFDD31CBB6776B6B25AD135A120AF7F7885EB5BBF9E0A2CCC4C1 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll
10:21:24.0982 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok
10:21:24.0998 0x0d80 [ 8AA502B025916688E71E55BB59BED6F9, EB527CFF2C45753C580C30ACCB8BCE0961383994F1BDDF8A1B6138C220D7AD03 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
10:21:24.0998 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
10:21:25.0013 0x0d80 [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll
10:21:25.0013 0x0d80 C:\Windows\SysWOW64\mswsock.dll - ok
10:21:25.0029 0x0d80 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
10:21:25.0029 0x0d80 C:\Windows\SysWOW64\wship6.dll - ok
10:21:25.0060 0x0d80 [ 66E073D8D83833DB525B4174C060E840, E8FD9A0A7E166DCEA3717CF184EB4D86600F837DE55CF9C036440BCEFBC09508 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
10:21:25.0060 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
10:21:25.0076 0x0d80 [ 6607C2182C6A53ED983813AFE2F85768, FC9E718ABC4E0FBC7B0DD145F9C377A1800A7776AD832AB645796E13B1E15A1F ] C:\Windows\System32\wbem\cimwin32.dll
10:21:25.0076 0x0d80 C:\Windows\System32\wbem\cimwin32.dll - ok
10:21:25.0091 0x0d80 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\SysWOW64\netprofm.dll
10:21:25.0091 0x0d80 C:\Windows\SysWOW64\netprofm.dll - ok
10:21:25.0107 0x0d80 [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
10:21:25.0107 0x0d80 C:\Windows\SysWOW64\logoncli.dll - ok
10:21:25.0154 0x0d80 [ CB55B9AAB060C803BE4AD229AA0FEC28, 58CF3D7BC275E4460766A5FC1B5D871C1F8995071AB81BB04BFB7BF98E0C9866 ] C:\Windows\SysWOW64\msi.dll
10:21:25.0216 0x0d80 C:\Windows\SysWOW64\msi.dll - ok
10:21:25.0216 0x0d80 [ FE48346938C1CDDDF4E4097DB9B99764, AC01FE84504B863DFA19D38BE854F518521072AB697DF51C888545CFBC839F4F ] C:\Windows\SysWOW64\nlaapi.dll
10:21:25.0216 0x0d80 C:\Windows\SysWOW64\nlaapi.dll - ok
10:21:25.0247 0x0d80 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
10:21:25.0247 0x0d80 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
10:21:25.0263 0x0d80 [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\SysWOW64\dhcpcsvc6.dll
10:21:25.0263 0x0d80 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
10:21:25.0278 0x0d80 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
10:21:25.0278 0x0d80 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
10:21:25.0294 0x0d80 [ 9D4A1690AF93F233E15380398BEC7431, 8CC99491880DBC444651EB7D245EEE46FE77F4FA74FECFCD29E734AA21AF9D75 ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
10:21:25.0294 0x0d80 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
10:21:25.0310 0x0d80 [ 1484B9EBF567346582DE571B0E164AE0, 9862BF22B2E32DABE7A82ACEE5B4EA1F0A93BDC3C71B20A6A4E568CCCD76A7A6 ] C:\Windows\System32\framedynos.dll
10:21:25.0310 0x0d80 C:\Windows\System32\framedynos.dll - ok
10:21:25.0325 0x0d80 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
10:21:25.0325 0x0d80 C:\Windows\SysWOW64\rasadhlp.dll - ok
10:21:25.0356 0x0d80 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
10:21:25.0356 0x0d80 C:\Windows\System32\drivers\srv2.sys - ok
10:21:25.0356 0x0d80 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
10:21:25.0356 0x0d80 C:\Windows\System32\TSChannel.dll - ok
10:21:25.0388 0x0d80 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
10:21:25.0388 0x0d80 C:\Windows\System32\drivers\srv.sys - ok
10:21:25.0403 0x0d80 [ C00DB14550E4BD49737F311C644E45FF, 7085C47DADEED82B6F98ED3903197D76B648E9D6CC67D40C789E236264D9A0DC ] C:\Windows\System32\wmi.dll
10:21:25.0403 0x0d80 C:\Windows\System32\wmi.dll - ok
10:21:25.0419 0x0d80 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
10:21:25.0419 0x0d80 C:\Windows\SysWOW64\fltLib.dll - ok
10:21:25.0434 0x0d80 [ C5FB982CD266E604ED3142102C26D62C, A6BC0D72E98F924274ECAD49C85F0775D1CD45B97CD43F53DF3992B560835FC5 ] C:\Windows\System32\drivers\Sftredirlh.sys
10:21:25.0434 0x0d80 C:\Windows\System32\drivers\Sftredirlh.sys - ok
10:21:25.0497 0x0d80 [ 080255CDCB878813B481B8C348D47D8E, 75808821FBC732D0504795B8F85852E4C01D3B412989A1E597E1295CFF7B7A45 ] C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
10:21:25.0497 0x0d80 C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe - ok
10:21:25.0512 0x0d80 [ D5063B86DC3F85B93D02AF68099F4C9A, 34BAC25824A66BC93F0B8A63B1B9FB8FF946576AF9A13F92052E20D0C8E2A37E ] C:\Windows\SysWOW64\schannel.dll
10:21:25.0512 0x0d80 C:\Windows\SysWOW64\schannel.dll - ok
10:21:25.0528 0x0d80 [ 7C2DAC7E5A4C8A94791EDC72117C28DF, 2C2CFBFF2DFCD54A17D05B0D6C30EDB97ABB271B7B1C2337B4691A3831C4663D ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
10:21:25.0528 0x0d80 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
10:21:25.0559 0x0d80 [ B9D27A731428F0FE0220561C68641ABF, 63847853CD33CB609C0A98E9AF0309740BB1E3F0F195CF7441F657CDCCB1F347 ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
10:21:25.0559 0x0d80 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
10:21:25.0575 0x0d80 [ 058A664D485DDA3E803D3CB2014D7E64, 8C93F4AC1C16C25420F3D1B905FEEAA7E77FCE5BF63234F4F1BE0F6747CD8077 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
10:21:25.0575 0x0d80 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
10:21:25.0590 0x0d80 [ FFC61EBF30E8F9B1A28477412C1C960C, C86E963C89DBBD147592DCDDCE73F3DB47589632AB3C6D768016F649767AED28 ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
10:21:25.0590 0x0d80 C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
10:21:25.0606 0x0d80 [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
10:21:25.0606 0x0d80 C:\Windows\SysWOW64\wlanapi.dll - ok
10:21:25.0622 0x0d80 [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
10:21:25.0622 0x0d80 C:\Windows\SysWOW64\wlanutil.dll - ok
10:21:25.0637 0x0d80 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
10:21:25.0637 0x0d80 C:\Windows\SysWOW64\NapiNSP.dll - ok
10:21:25.0653 0x0d80 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
10:21:25.0653 0x0d80 C:\Windows\SysWOW64\pnrpnsp.dll - ok
10:21:25.0668 0x0d80 [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\SysWOW64\netshell.dll
10:21:25.0668 0x0d80 C:\Windows\SysWOW64\netshell.dll - ok
10:21:25.0684 0x0d80 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
10:21:25.0684 0x0d80 C:\Windows\SysWOW64\dwmapi.dll - ok
10:21:25.0715 0x0d80 [ 007863E45F25AA47A4C30D0930BBFD85, 60F2ABA40D520FCA2C57FA2DB72E111C14F21821DA17F662837506B80C269634 ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll
10:21:25.0715 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
10:21:25.0731 0x0d80 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
10:21:25.0731 0x0d80 C:\Windows\SysWOW64\winrnr.dll - ok
10:21:25.0746 0x0d80 [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\SysWOW64\FWPUCLNT.DLL
10:21:25.0746 0x0d80 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
10:21:25.0762 0x0d80 [ 92B479C77DF906F707BF6D2D0EDC08E4, D54593E41F706F2141207AA322E54240F22935CE8E2B1FFEB2A2A367EDC21F45 ] C:\Program Files\AVAST Software\Avast\defs\15032000\exts.dll
10:21:25.0762 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\exts.dll - ok
10:21:25.0778 0x0d80 [ AEBCC8CCC1471B723AE21EB097F64A3F, A2CFEF321071CD659F496D16DA4DA5CAE168152727BA1C14DFE2783E8B9C0F62 ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
10:21:25.0778 0x0d80 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
10:21:25.0793 0x0d80 [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\SysWOW64\wshqos.dll
10:21:25.0793 0x0d80 C:\Windows\SysWOW64\wshqos.dll - ok
10:21:25.0824 0x0d80 [ C887734DC1F836C33600ECFB61052637, 680B3EEC070F8F0215A3449A3A1FD232E5FC58425BC9F745995264AFC7691919 ] C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll
10:21:25.0824 0x0d80 C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll - ok
10:21:25.0871 0x0d80 [ 515FDEE94F79BEA9B43166432805F4BD, 1A78B32C557EEB4FFC2714325A3FA4D50E3D3C8A4E0ED83582C7EAD1AB6B4E93 ] C:\Program Files\AVAST Software\Avast\aswDnsCache.dll
10:21:25.0871 0x0d80 C:\Program Files\AVAST Software\Avast\aswDnsCache.dll - ok
10:21:25.0887 0x0d80 [ 7A18E6D6B50E9A1504FAB897A0997D8A, D92A25CDE560D16E4D5071E13570B784D2BB4C6CA1ACD2687A78774DE4249CA7 ] C:\Program Files\AVAST Software\Avast\aswAra.dll
10:21:25.0887 0x0d80 C:\Program Files\AVAST Software\Avast\aswAra.dll - ok
10:21:25.0918 0x0d80 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
10:21:25.0918 0x0d80 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
10:21:25.0934 0x0d80 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
10:21:25.0934 0x0d80 C:\Windows\SysWOW64\comdlg32.dll - ok
10:21:25.0949 0x0d80 [ 19064CF6809DE4E60EC02254DAB99BA9, BBA10B9F64A1658595115E3A8B689BFF88C83D8C07F1CDF63C523FEA53E78CAF ] C:\Program Files\AVAST Software\Avast\aswJSScan.dll
10:21:25.0949 0x0d80 C:\Program Files\AVAST Software\Avast\aswJSScan.dll - ok
10:21:25.0965 0x0d80 [ FBD3BE49925AB1943247F1AE5293E722, 0A781161F1B6DF80169271B2CEFCC17556961570A833EC6C07923680DE2B5388 ] C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll
10:21:25.0965 0x0d80 C:\Program Files\AVAST Software\Avast\aswPatchMgt.dll - ok
10:21:25.0980 0x0d80 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
10:21:25.0980 0x0d80 C:\Windows\SysWOW64\samcli.dll - ok
10:21:25.0996 0x0d80 [ 2757AF4D375DA9EA4418F25E0BC085F7, 5597C4D4B5EEAE4CC9055406040A7668B98FEE06BB4A16C0EE04C94AE5F7A9BF ] C:\Program Files\AVAST Software\Avast\setup\instup.exe
10:21:25.0996 0x0d80 C:\Program Files\AVAST Software\Avast\setup\instup.exe - ok
10:21:26.0027 0x0d80 [ 34449CDAD27331698CBD81799F88418F, 29A35AF168A947AFEFC425FE2A2A0F40D317376FD9A058BB74ED8F79C2887C6E ] C:\Program Files\AVAST Software\Avast\defs\15032000\swhealthex.dll
10:21:26.0027 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\swhealthex.dll - ok
10:21:26.0043 0x0d80 [ 5707463AD3864F07F1BB5CCB80857E3A, 3E592F2403884D01E624CBCC2D4398085F4771CA5BC1912B77284D3C73580D19 ] C:\Program Files\AVAST Software\Avast\setup\Instup.dll
10:21:26.0043 0x0d80 C:\Program Files\AVAST Software\Avast\setup\Instup.dll - ok
10:21:26.0058 0x0d80 [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
10:21:26.0058 0x0d80 C:\Windows\SysWOW64\oleacc.dll - ok
10:21:26.0074 0x0d80 [ EE19C85CA685A275BE346EC41F1870F9, F071D88C38C62E9D88DDE29F451B2B581499758A7E60BDA6DED3376280C5A635 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll
10:21:26.0074 0x0d80 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18455_none_72d576ad8665e853\GdiPlus.dll - ok
10:21:26.0090 0x0d80 [ 373FC71054A0AF865E61A61079001A10, 622B01972D9FD4595596D0D6748EA9763C063C9BFD2C181FAE6F7E568962910F ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswAR.dll
10:21:26.0090 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswAR.dll - ok
10:21:26.0121 0x0d80 [ C1CC8BA8BA5A2CB302AB271BCF80CB0A, 0AD642F83A240508C05D9DECC1936DE769D00EC69A78C3038AD11FA11306BF28 ] C:\Program Files\AVAST Software\Avast\defs\15032000\aswRawFS.dll
10:21:26.0121 0x0d80 C:\Program Files\AVAST Software\Avast\defs\15032000\aswRawFS.dll - ok
10:21:26.0136 0x0d80 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
10:21:26.0136 0x0d80 C:\Windows\SysWOW64\winspool.drv - ok
10:21:26.0152 0x0d80 [ FD557A50A65E44041CD2FCEF4BEB04DB, 746D5958F7198895D35A23566D3736D993D57726BF59D91421D8091C48926A26 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
10:21:26.0152 0x0d80 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
10:21:26.0168 0x0d80 [ A7E746F7E13542ED4A9BFC2D34043E82, 65BAA624D01CAF1C883141502E37384DDFDFDBC6E053F2B7DC996D1D9407081A ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
10:21:26.0168 0x0d80 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
10:21:26.0183 0x0d80 [ E9BB0CD09DA17C71FD1B9954D75AEEF7, FF5E2F04F1FD56FDD19368150B5750275F0A44E9EA9820C8087E84ECBBF45286 ] C:\Windows\SysWOW64\credui.dll
10:21:26.0183 0x0d80 C:\Windows\SysWOW64\credui.dll - ok
10:21:26.0199 0x0d80 [ 565A30B70BE8A9B171839003F2D69683, 808BFBF2A0EC54417A254FDA0B22472CEA4A50F4C0952A6AB0ADF1119BD2543E ] C:\Windows\SysWOW64\hlink.dll
10:21:26.0199 0x0d80 C:\Windows\SysWOW64\hlink.dll - ok
10:21:26.0214 0x0d80 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
10:21:26.0214 0x0d80 C:\Windows\System32\srvsvc.dll - ok
10:21:26.0230 0x0d80 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] C:\Windows\System32\browser.dll
10:21:26.0230 0x0d80 C:\Windows\System32\browser.dll - ok
10:21:26.0261 0x0d80 [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
10:21:26.0261 0x0d80 C:\Windows\System32\netmsg.dll - ok
10:21:26.0277 0x0d80 [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
10:21:26.0277 0x0d80 C:\Windows\System32\sscore.dll - ok
10:21:26.0292 0x0d80 [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
10:21:26.0292 0x0d80 C:\Windows\System32\clusapi.dll - ok
10:21:26.0308 0x0d80 [ 74AF1FFCAFD60DA88A386AE161F56438, FFDAC2829D384EEF04E4B756E25971C03B446A96A0CBE879801FB796AA79E7CA ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
10:21:26.0308 0x0d80 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
10:21:26.0324 0x0d80 [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
10:21:26.0324 0x0d80 C:\Windows\System32\resutils.dll - ok
10:21:26.0339 0x0d80 [ D835EDB2FC3368F3366C07493DFF2B41, CAFEB1DB1D8AFEAC5E0981E37C04B558D351D638CB1C9D91D7693E2C428BA074 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
10:21:26.0339 0x0d80 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
10:21:26.0370 0x0d80 [ 28AD5E311996A34025CFB07E131058DD, 89C8B29105DE5917A33A7682C8A62CB543609F1227A4890D7130646A0F54D946 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
10:21:26.0370 0x0d80 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
10:21:26.0386 0x0d80 [ C7D334A01C66BF07B92D04CD7A981B7F, 2F9FC8C71F0C6B1AFBBCE26531F0E15317A043B0CC038F445FD4113AD5150871 ] C:\Windows\SysWOW64\msv1_0.dll
10:21:26.0386 0x0d80 C:\Windows\SysWOW64\msv1_0.dll - ok
10:21:26.0402 0x0d80 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
10:21:26.0402 0x0d80 C:\Windows\System32\rasadhlp.dll - ok
10:21:26.0417 0x0d80 [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
10:21:26.0417 0x0d80 C:\Windows\SysWOW64\cryptdll.dll - ok
10:21:26.0433 0x0d80 [ 537184E7306E06BB22C5B93D2AFA4DF8, 24603B2F70B33B23FC84AA0B98E0B80EA41F64C2A1FEDCEA364D73A46194BA21 ] C:\Windows\SysWOW64\msxml3.dll
10:21:26.0433 0x0d80 C:\Windows\SysWOW64\msxml3.dll - ok
10:21:26.0448 0x0d80 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] C:\Windows\System32\qmgr.dll
10:21:26.0448 0x0d80 C:\Windows\System32\qmgr.dll - ok
10:21:26.0464 0x0d80 [ C6F7473B55510F0B93961DA03D8E3B38, 4BAB9274DED8F7AC4A52B8739F501323FFFA0367CAA24BFAFDB5523812E0CE39 ] C:\Windows\System32\wdi.dll
10:21:26.0464 0x0d80 C:\Windows\System32\wdi.dll - ok
10:21:26.0480 0x0d80 [ 29409ED7400CA5BCCC30C0EE5147A60D, FCC41E4308A1648CE810105AACED08295C53E25178D6C40C9DF61E9397C579D6 ] C:\Windows\System32\bitsperf.dll
10:21:26.0480 0x0d80 C:\Windows\System32\bitsperf.dll - ok
10:21:26.0495 0x0d80 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] C:\Windows\System32\appinfo.dll
10:21:26.0495 0x0d80 C:\Windows\System32\appinfo.dll - ok
10:21:26.0526 0x0d80 [ D713D6446DDBB474D801F361B4B186EA, C21091309C2407684D429C5601B3959A67BAAE88DCF1412239774109301AF5B9 ] C:\Windows\System32\perftrack.dll
10:21:26.0526 0x0d80 C:\Windows\System32\perftrack.dll - ok
10:21:26.0542 0x0d80 [ D9431DCF90B0253773F51FDEFE7FD42F, E53C40CC0EC603CF67305F0AA81389124CF6E709A22DABF13563CBAD15897422 ] C:\Windows\System32\bitsigd.dll
10:21:26.0542 0x0d80 C:\Windows\System32\bitsigd.dll - ok
10:21:26.0558 0x0d80 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
10:21:26.0558 0x0d80 C:\Windows\System32\wscsvc.dll - ok
10:21:26.0573 0x0d80 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
10:21:26.0573 0x0d80 C:\Windows\System32\netman.dll - ok
10:21:26.0620 0x0d80 [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
10:21:26.0620 0x0d80 C:\Windows\System32\dbghelp.dll - ok
10:21:26.0636 0x0d80 [ 96DB78C9C50CEED9DA5050EFFEE272A2, 51CF3E1F96555A4E4B5BC0DE2598CE5A0199F495644A91C2105F25A5A4CF10E3 ] C:\Windows\System32\upnp.dll
10:21:26.0636 0x0d80 C:\Windows\System32\upnp.dll - ok
10:21:26.0651 0x0d80 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
10:21:26.0651 0x0d80 C:\Windows\System32\netshell.dll - ok
10:21:26.0667 0x0d80 [ 7DF186D86CF8C571A12AAB788C777F84, A2C1064BFDEF2A85CB12A11E55728BCC09933C115C278403F07B27DB2C36C710 ] C:\Windows\SysWOW64\wscproxystub.dll
10:21:26.0667 0x0d80 C:\Windows\SysWOW64\wscproxystub.dll - ok
10:21:26.0682 0x0d80 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
10:21:26.0682 0x0d80 C:\Windows\System32\npmproxy.dll - ok
10:21:26.0714 0x0d80 [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
10:21:26.0714 0x0d80 C:\Windows\System32\diagperf.dll - ok
10:21:26.0729 0x0d80 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
10:21:26.0729 0x0d80 C:\Windows\System32\wpdbusenum.dll - ok
10:21:26.0745 0x0d80 [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\SysWOW64\npmproxy.dll
10:21:26.0745 0x0d80 C:\Windows\SysWOW64\npmproxy.dll - ok
10:21:26.0760 0x0d80 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] C:\Windows\System32\ssdpsrv.dll
10:21:26.0760 0x0d80 C:\Windows\System32\ssdpsrv.dll - ok
10:21:26.0776 0x0d80 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
10:21:26.0776 0x0d80 C:\Windows\System32\PortableDeviceApi.dll - ok
10:21:26.0792 0x0d80 [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
10:21:26.0792 0x0d80 C:\Windows\System32\wdiasqmmodule.dll - ok
10:21:26.0807 0x0d80 [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
10:21:26.0807 0x0d80 C:\Windows\System32\p2pcollab.dll - ok
10:21:26.0838 0x0d80 [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
10:21:26.0838 0x0d80 C:\Windows\System32\Apphlpdm.dll - ok
10:21:26.0854 0x0d80 [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
10:21:26.0854 0x0d80 C:\Windows\System32\pnpts.dll - ok
10:21:26.0885 0x0d80 [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
10:21:26.0885 0x0d80 C:\Windows\System32\radardt.dll - ok
10:21:26.0901 0x0d80 [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
10:21:26.0901 0x0d80 C:\Windows\System32\wbem\NCProv.dll - ok
10:21:26.0916 0x0d80 [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
10:21:26.0916 0x0d80 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
10:21:26.0932 0x0d80 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
10:21:26.0932 0x0d80 C:\Windows\System32\QAGENTRT.DLL - ok
10:21:26.0948 0x0d80 [ A3FCC4F97551087D65F8FEE879FEF736, 000EA00FD2644531F38D215972C22FE2BCE5B01CF483071398053099A342BF74 ] C:\Windows\System32\tdh.dll
10:21:26.0948 0x0d80 C:\Windows\System32\tdh.dll - ok
10:21:26.0963 0x0d80 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
10:21:26.0963 0x0d80 C:\Windows\System32\fveui.dll - ok
10:21:26.0979 0x0d80 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
10:21:26.0979 0x0d80 C:\Windows\System32\pnidui.dll - ok
10:21:26.0994 0x0d80 [ 61FF576450CCC80564B850BC3FB6713A, B2843BC9E2F62D27DCF6787D063378926748CE75002BADA1873DCB5039883705 ] C:\Windows\System32\wuaueng.dll
10:21:26.0994 0x0d80 C:\Windows\System32\wuaueng.dll - ok
10:21:27.0010 0x0d80 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
10:21:27.0010 0x0d80 C:\Windows\System32\dot3api.dll - ok
10:21:27.0026 0x0d80 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
10:21:27.0026 0x0d80 C:\Windows\System32\wlanhlp.dll - ok
10:21:27.0041 0x0d80 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
10:21:27.0041 0x0d80 C:\Windows\System32\wlanapi.dll - ok
10:21:27.0072 0x0d80 [ BD311BB00DD0D656C091AC8888C2369D, 323E6ABE5F5DE26104E6ED5478D7B5DA63E0A477D40B8756797B39290DF3D9F9 ] C:\Windows\System32\wmp.dll
10:21:27.0072 0x0d80 C:\Windows\System32\wmp.dll - ok
10:21:27.0088 0x0d80 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] C:\Windows\System32\drivers\WUDFRd.sys
10:21:27.0088 0x0d80 C:\Windows\System32\drivers\WUDFRd.sys - ok
10:21:27.0104 0x0d80 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
10:21:27.0104 0x0d80 C:\Windows\System32\runonce.exe - ok
10:21:27.0119 0x0d80 [ 0DB2758CF1BAFE22E0970FDA0785B74C, 325DEABB182FCA8DCB426AD0095B3524C8F77F2A9204E703391F631B2C4A1157 ] C:\Windows\System32\wuapi.dll
10:21:27.0119 0x0d80 C:\Windows\System32\wuapi.dll - ok
10:21:27.0135 0x0d80 [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
10:21:27.0135 0x0d80 C:\Windows\System32\cabinet.dll - ok
10:21:27.0166 0x0d80 [ 7EC6617005F76714C7E16605E7A8AB06, 5940168249A9C1791CBD71C8F22FC618E8932808E1478986D89A386A5DA458AC ] C:\Windows\System32\wups.dll
10:21:27.0166 0x0d80 C:\Windows\System32\wups.dll - ok
10:21:27.0182 0x0d80 [ E629F1A051C82795DDFFD3E8D4855811, 6E4DFFEAB2795C98EA6DCAF10EA6D97413D0F8CA0C04869CB20B74FF4D6FE679 ] C:\Windows\System32\dimsjob.dll
10:21:27.0182 0x0d80 C:\Windows\System32\dimsjob.dll - ok
10:21:27.0197 0x0d80 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] C:\Windows\System32\drivers\WUDFPf.sys
10:21:27.0197 0x0d80 C:\Windows\System32\drivers\WUDFPf.sys - ok
10:21:27.0213 0x0d80 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] C:\Windows\System32\WUDFSvc.dll
10:21:27.0213 0x0d80 C:\Windows\System32\WUDFSvc.dll - ok
10:21:27.0228 0x0d80 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
10:21:27.0228 0x0d80 C:\Windows\SysWOW64\runonce.exe - ok
10:21:27.0244 0x0d80 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
10:21:27.0244 0x0d80 C:\Windows\SysWOW64\ntmarta.dll - ok
10:21:27.0260 0x0d80 [ 35CB97CBC3EDC463418ED4997AAB29B6, EE60EABE2D87CEDD68FB8985B6C5D70930015FB2B8DB9FDCB4044587BC6ECA4C ] C:\Windows\System32\pautoenr.dll
10:21:27.0260 0x0d80 C:\Windows\System32\pautoenr.dll - ok
10:21:27.0275 0x0d80 [ AC5DF873913B00E554D8F553459BC431, 86FC6E15BD67AEB714E44C088EDA1C17BAC25A1EC67A518A05878D594F293394 ] C:\Windows\System32\qmgrprxy.dll
10:21:27.0275 0x0d80 C:\Windows\System32\qmgrprxy.dll - ok
10:21:27.0306 0x0d80 [ 85B45B4B285B159ACDB355FC8C1E8925, EBB4A5472306A284D3A845347E2A79B13EFCCBA86705E1D49DE8AC44D8D06112 ] C:\Windows\SysWOW64\qmgrprxy.dll
10:21:27.0306 0x0d80 C:\Windows\SysWOW64\qmgrprxy.dll - ok
10:21:27.0322 0x0d80 [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
10:21:27.0322 0x0d80 C:\Windows\System32\NapiNSP.dll - ok
10:21:27.0338 0x0d80 [ 94DFBB481BF51158B216E23C5C1C9D6E, 0199086A70B9B63E48A7A15C8AE5442E9C6BC0173BD80A104DE1BE6A6C25F202 ] C:\Windows\System32\certcli.dll
10:21:27.0338 0x0d80 C:\Windows\System32\certcli.dll - ok
10:21:27.0353 0x0d80 [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
10:21:27.0353 0x0d80 C:\Windows\System32\pnrpnsp.dll - ok
10:21:27.0369 0x0d80 [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
10:21:27.0369 0x0d80 C:\Windows\System32\winrnr.dll - ok
10:21:27.0400 0x0d80 [ 263B26106606A010CF877472B535E4BB, 43ECE89E428D2BB34244894BEBA1B946B0767649D15B1C715223E4E471A9E504 ] C:\Windows\System32\CertEnroll.dll
10:21:27.0400 0x0d80 C:\Windows\System32\CertEnroll.dll - ok
10:21:27.0416 0x0d80 [ AA7079AD52B8BFBAE94167D54C32F84F, CB05C1B298376D38412FA48C74601197B79EBF7C957D8F22061E2B213C8DE0BC ] C:\Windows\System32\powertracker.dll
10:21:27.0416 0x0d80 C:\Windows\System32\powertracker.dll - ok
10:21:27.0431 0x0d80 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
10:21:27.0431 0x0d80 C:\Windows\SysWOW64\cmd.exe - ok
10:21:27.0447 0x0d80 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
10:21:27.0447 0x0d80 C:\Windows\System32\aelupsvc.dll - ok
10:21:27.0462 0x0d80 [ 8ABFE00F213F2571498F1B8FD7939A98, B557EC9EFD33612BAFE01FFD304B50EFB8C3C19763470560DA950B5AB4A9AC9C ] C:\Windows\System32\WUDFHost.exe
10:21:27.0462 0x0d80 C:\Windows\System32\WUDFHost.exe - ok
10:21:27.0478 0x0d80 [ 8D9A2881C641074AE002E7D1C9A0BB3D, 690CA5E8B3341B48D28198D731627FB92B8AB110883322A61D40E7046B79733A ] C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe
10:21:27.0478 0x0d80 C:\Program Files\AVAST Software\Avast\BrowserCleanup.exe - ok
10:21:27.0494 0x0d80 [ 25AE683DCB4AE7E6F1B193A0CB9DB35F, 9DC4BE1A51A3E94DB05369222CFCBA2125DA519EAAC46823EAECD738974463EF ] C:\Windows\System32\WUDFx.dll
10:21:27.0494 0x0d80 C:\Windows\System32\WUDFx.dll - ok
10:21:27.0509 0x0d80 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
10:21:27.0509 0x0d80 C:\Windows\SysWOW64\winbrand.dll - ok
10:21:27.0525 0x0d80 [ 91D6F0AB79AA36FFB932157865206F35, 5C20EA92737A4409DF4601D6D256DBC7A8D0AE4C31A32F20054E873473B27781 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
10:21:27.0525 0x0d80 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
10:21:27.0540 0x0d80 [ 9864D52F15AD32094A636C6B5281D9E7, 2DBECE721AA11509F6D5005C5FB965EB0DF28729D0B6C524BB35603C1243BA42 ] C:\Windows\System32\WMVCORE.DLL
10:21:27.0540 0x0d80 C:\Windows\System32\WMVCORE.DLL - ok
10:21:27.0572 0x0d80 [ 938FA6F63B210FB8EF5A7B2FC1229431, 545DDA9C32DF14B50688F8192A345FE66D2DB3F8763ECBF85B38AC829E49E1D9 ] C:\Program Files\AVAST Software\Avast\avastui.exe
10:21:27.0572 0x0d80 C:\Program Files\AVAST Software\Avast\avastui.exe - ok
10:21:27.0587 0x0d80 [ E868396BC5F8957A9E39BD9A28EA814D, 39029EC9DE2FA488C56100D42EDFEFAA737EE1949CCCD7D86E342FA7425FF91D ] C:\Windows\SysWOW64\ieframe.dll
10:21:27.0587 0x0d80 C:\Windows\SysWOW64\ieframe.dll - ok
10:21:27.0603 0x0d80 [ AACC48FE239F0DF126DA2F28930A5B83, D55E7D9AA79B1875E9074CFFBBCD484024902566B49806A8639B5C04847DFF89 ] C:\Windows\System32\WMASF.DLL
10:21:27.0603 0x0d80 C:\Windows\System32\WMASF.DLL - ok
10:21:27.0634 0x0d80 [ 389CA818132C1D7DCF0C791E8D9035DE, 5E54799F92CC604FABEF2F97AFD97F9CAD70D01BCDBC41FAC408D60821927C12 ] C:\Windows\System32\PortableDeviceClassExtension.dll
10:21:27.0634 0x0d80 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
10:21:27.0650 0x0d80 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
10:21:27.0650 0x0d80 C:\Windows\System32\PortableDeviceTypes.dll - ok
10:21:27.0665 0x0d80 [ 60F4AEFA103D421EA4A40E31409B4756, 037A8605CA504A4FF43E9D4DE9017CEA1E26D3556C975872C747E24D8B0835EF ] C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll
10:21:27.0665 0x0d80 C:\Windows\SysWOW64\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
10:21:27.0681 0x0d80 [ 3C13F26A4766752314A5413038BD86B4, 9D40DAC4319BC9F4CBC3B172EE54C0A4D39CB511F5ACCFE40449EDEADCE87951 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe
10:21:27.0681 0x0d80 C:\Program Files (x86)\Malwarebytes Anti-Malware\mbam.exe - ok
10:21:27.0712 0x0d80 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\SysWOW64\shdocvw.dll
10:21:27.0712 0x0d80 C:\Windows\SysWOW64\shdocvw.dll - ok
10:21:27.0728 0x0d80 [ 9C5DAAED3B3C06DBC95228CC407B8B70, E306E5C4A1C0D4B63840E38098B9FF2F4267FA4F519C7841E5A0C25A8DFF96D8 ] C:\Users\RoseCake\AppData\Local\Temp\{B90F9002-ADA2-4979-B658-136B55FB4DD7}.exe
10:21:27.0728 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{B90F9002-ADA2-4979-B658-136B55FB4DD7}.exe - ok
10:21:27.0743 0x0d80 [ 9B492E53629FBA9F72037673B62C33CA, 1884B8A5A7810D1379D6472C2C0C42B135A344E65BDB1AC5B86596357A73CC36 ] C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.dll
10:21:27.0743 0x0d80 C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AcroRd32.dll - ok
10:21:27.0759 0x0d80 [ 5F3628DCF926C4499BE1DC74431DFBC8, 66AC303AA71A703B844055CFAE66EB06A8E2BED7A1388C95C7A8263D23EAE25C ] C:\Windows\SysWOW64\WindowsCodecs.dll
10:21:27.0759 0x0d80 C:\Windows\SysWOW64\WindowsCodecs.dll - ok
10:21:27.0774 0x0d80 [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\SysWOW64\EhStorShell.dll
10:21:27.0774 0x0d80 C:\Windows\SysWOW64\EhStorShell.dll - ok
10:21:27.0790 0x0d80 [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\SysWOW64\ntshrui.dll
10:21:27.0790 0x0d80 C:\Windows\SysWOW64\ntshrui.dll - ok
10:21:27.0806 0x0d80 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
10:21:27.0806 0x0d80 C:\Windows\SysWOW64\cscapi.dll - ok
10:21:27.0821 0x0d80 [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\SysWOW64\slc.dll
10:21:27.0821 0x0d80 C:\Windows\SysWOW64\slc.dll - ok
10:21:27.0837 0x0d80 [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\SysWOW64\imageres.dll
10:21:27.0837 0x0d80 C:\Windows\SysWOW64\imageres.dll - ok
10:21:27.0868 0x0d80 [ 3FFF65488E27B1B9DD03A3DE456C0D87, 68F06771ED95755A7891AE827E4129F6438FA82FAE81A938CE5C1E4130EB0A2F ] C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll
10:21:27.0868 0x0d80 C:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Adobe AIR.dll - ok
10:21:27.0884 0x0d80 [ 43F7CA0473BB0FC9DD44ECF328B8D1FA, CBD2D60782D29FBA3AD473C95F4B4137875A0D5611F2ADCD0F8DF470C35B5AA6 ] C:\Program Files (x86)\Java\jre6\bin\java.exe
10:21:27.0884 0x0d80 C:\Program Files (x86)\Java\jre6\bin\java.exe - ok
10:21:27.0899 0x0d80 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
10:21:27.0899 0x0d80 C:\Windows\SysWOW64\sfc.dll - ok
10:21:27.0915 0x0d80 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
10:21:27.0915 0x0d80 C:\Windows\SysWOW64\sfc_os.dll - ok
10:21:27.0930 0x0d80 [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
10:21:27.0930 0x0d80 C:\Windows\SysWOW64\devrtl.dll - ok
10:21:27.0962 0x0d80 [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
10:21:27.0962 0x0d80 C:\Windows\System32\timedate.cpl - ok
10:21:27.0977 0x0d80 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
10:21:27.0977 0x0d80 C:\Windows\System32\actxprxy.dll - ok
10:21:27.0993 0x0d80 [ 23B001185B7C3CB1F4BDEB143E6B45B7, AB3A5AB346F6353B43B06FBE20B7785DA988975E2C8B73A6588F107FFAAACC47 ] C:\Windows\System32\shdocvw.dll
10:21:27.0993 0x0d80 C:\Windows\System32\shdocvw.dll - ok
10:21:28.0008 0x0d80 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
10:21:28.0008 0x0d80 C:\Windows\System32\linkinfo.dll - ok
10:21:28.0024 0x0d80 [ FA752544EE1EE59E8AD938CBB43CAC93, EA633416EF79F5FC1C841D46F3AAEC6A56BD09D2FD8B9CD8584E4AF65B890974 ] C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll
10:21:28.0024 0x0d80 C:\PROGRA~2\WIC4A1~1\MESSEN~1\msgslang.dll - ok
10:21:28.0040 0x0d80 [ 2BCBA6052374959A30BD7948444DBB79, 46224A2B729026FEEBC3C6A09E69919D477097848DB2CA0C2F5B166CDF379660 ] C:\Windows\System32\gameux.dll
10:21:28.0040 0x0d80 C:\Windows\System32\gameux.dll - ok
10:21:28.0055 0x0d80 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
10:21:28.0055 0x0d80 C:\Windows\System32\msftedit.dll - ok
10:21:28.0071 0x0d80 [ 2EBD0C5B090125AECF017C57344C45AB, 4FF8F2460115C60AD164EE0DC2079E1601B8AA21A1BA8033B7B731FAF85411B6 ] C:\Windows\System32\msls31.dll
10:21:28.0071 0x0d80 C:\Windows\System32\msls31.dll - ok
10:21:28.0086 0x0d80 [ 80041798F2F049259241393A2017DB02, 59B8913A129EC26FB111C2C614C0C7440D521F65BAF32E57CA48E34337C0DDEE ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
10:21:28.0086 0x0d80 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
10:21:28.0118 0x0d80 [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
10:21:28.0118 0x0d80 C:\Windows\System32\msiltcfg.dll - ok
10:21:28.0133 0x0d80 [ 2335F6BF8A127E31EB0E2D9A82F188A0, 884D99127DD61219FCE6FA86132D071B3AC323DF1116F885A8E0332A713F41D4 ] C:\Windows\System32\ieframe.dll
10:21:28.0133 0x0d80 C:\Windows\System32\ieframe.dll - ok
10:21:28.0164 0x0d80 [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{E41BC878-60D7-441A-B590-3CE06C07C651}.tmp
10:21:28.0164 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{E41BC878-60D7-441A-B590-3CE06C07C651}.tmp - ok
10:21:28.0180 0x0d80 [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{7E425B56-E90A-45FC-ADB7-3CF04C74B280}.tmp
10:21:28.0180 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{7E425B56-E90A-45FC-ADB7-3CF04C74B280}.tmp - ok
10:21:28.0211 0x0d80 [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{921C126A-B0D3-454A-A0A2-3443100EF6E2}.tmp
10:21:28.0211 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{921C126A-B0D3-454A-A0A2-3443100EF6E2}.tmp - ok
10:21:28.0227 0x0d80 [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{F74D7185-FA3E-4334-AE7A-A5B0A0130AC6}.tmp
10:21:28.0227 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{F74D7185-FA3E-4334-AE7A-A5B0A0130AC6}.tmp - ok
10:21:28.0242 0x0d80 [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{D48D9A6B-1B1A-4F94-B34C-9313737A994C}.tmp
10:21:28.0242 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{D48D9A6B-1B1A-4F94-B34C-9313737A994C}.tmp - ok
10:21:28.0258 0x0d80 [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{B8EA37E2-C8E8-42A2-BAEF-83D082ED9022}.tmp
10:21:28.0258 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{B8EA37E2-C8E8-42A2-BAEF-83D082ED9022}.tmp - ok
10:21:28.0274 0x0d80 [ 9108540E866F75C7AF2B91DD921A8091, 7208C8E05E818781D7F2703B86848FC90651E0D8BE10362863250F2283CEC511 ] C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll
10:21:28.0274 0x0d80 C:\Windows\System32\api-ms-win-downlevel-shell32-l1-1-0.dll - ok
10:21:28.0289 0x0d80 [ 4F12EAD0B4C8BDAED5A11CC11F394B0A, EF769C2C2564D42979746B8BFD1D6E6532BFAB3BFCE2D09A0A17D0E64498B9B3 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
10:21:28.0289 0x0d80 C:\Program Files\CONEXANT\SAII\SAIICpl.exe - ok
10:21:28.0320 0x0d80 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
10:21:28.0320 0x0d80 C:\Windows\System32\DeviceCenter.dll - ok
10:21:28.0336 0x0d80 [ FB4045578F5180BDB1963AB352B78548, 8E645A63436EE6CDDB78E6064AEB04ECE39208F760A3EF13A3F49FDF41505E21 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll
10:21:28.0336 0x0d80 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l2-1-0.dll - ok
10:21:28.0352 0x0d80 [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{580AB428-5539-4C9C-9BAF-C9F92835CA7D}.tmp
10:21:28.0352 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{580AB428-5539-4C9C-9BAF-C9F92835CA7D}.tmp - ok
10:21:28.0367 0x0d80 [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{5CB03491-68A4-4936-9838-CBF48F18A01D}.tmp
10:21:28.0367 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{5CB03491-68A4-4936-9838-CBF48F18A01D}.tmp - ok
10:21:28.0383 0x0d80 [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{9EA72587-E82A-46AA-82C2-B2021D3BAE38}.tmp
10:21:28.0383 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{9EA72587-E82A-46AA-82C2-B2021D3BAE38}.tmp - ok
10:21:28.0414 0x0d80 [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{82476B4C-EA93-4339-A240-CF9D146D04EA}.tmp
10:21:28.0414 0x0d80 C:\Users\RoseCake\AppData\Local\Temp\{EE35587F-188D-4C28-B66F-BE12B3CB8A73}\{82476B4C-EA93-4339-A240-CF9D146D04EA}.tmp - ok
10:21:28.0430 0x0d80 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
10:21:28.0430 0x0d80 C:\Windows\System32\thumbcache.dll - ok
10:21:28.0445 0x0d80 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
10:21:28.0445 0x0d80 C:\Windows\System32\networkexplorer.dll - ok
10:21:28.0476 0x0d80 [ 78F72D892C6ADAD140A1C83411000936, A912E6717646290FA609AA9A0EAB5A5E5EBF9E5E03CFA81F7239BFE056B258E2 ] C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe
10:21:28.0476 0x0d80 C:\Program Files\TOSHIBA\SmartFaceV\SmartFaceVWatcher.exe - ok
10:21:28.0492 0x0d80 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
10:21:28.0492 0x0d80 C:\Windows\System32\wdmaud.drv - ok
10:21:28.0508 0x0d80 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
10:21:28.0508 0x0d80 C:\Windows\System32\ksuser.dll - ok
10:21:28.0523 0x0d80 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
10:21:28.0523 0x0d80 C:\Windows\SysWOW64\riched20.dll - ok
10:21:28.0539 0x0d80 [ C0AE7ABD87254B2789C8CB34AF274A65, AD2ACECAB8D76C05582762CF4F9C9E72DF6B780DFF40256F402DA3774D88B0CA ] C:\Windows\System32\AudioSes.dll
10:21:28.0539 0x0d80 C:\Windows\System32\AudioSes.dll - ok
10:21:28.0554 0x0d80 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
10:21:28.0554 0x0d80 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
10:21:28.0586 0x0d80 [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
10:21:28.0586 0x0d80 C:\Windows\System32\msacm32.drv - ok
10:21:28.0601 0x0d80 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
10:21:28.0601 0x0d80 C:\Windows\System32\msacm32.dll - ok
10:21:28.0617 0x0d80 [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
10:21:28.0617 0x0d80 C:\Windows\System32\midimap.dll - ok
10:21:28.0632 0x0d80 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
10:21:28.0632 0x0d80 C:\Windows\SysWOW64\duser.dll - ok
10:21:28.0648 0x0d80 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
10:21:28.0648 0x0d80 C:\Windows\SysWOW64\dui70.dll - ok
10:21:28.0664 0x0d80 [ 3A7BC2DC99D3C5B172465E890B3C3B14, F7D4792B818460903899E948DA1B445D3ADE7D8A32B791782B4E5038949827CB ] C:\Windows\System32\AudioEng.dll
10:21:28.0664 0x0d80 C:\Windows\System32\AudioEng.dll - ok
10:21:28.0695 0x0d80 [ DD4858B270A850F704BB017180CFB128, C386B5068C345A5D21F6842FCEC9BF58706B06313095A1B4F4D8F949EB84C610 ] C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
10:21:28.0695 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe - ok
10:21:28.0710 0x0d80 [ 7BC64DEEFD0E6812E21DE89F0CF50A49, 5B2C0C3C03E897AC104809DB3F3688CC95CC07F34893438ED43E0E071CB0B3F4 ] C:\Windows\System32\AUDIOKSE.dll
10:21:28.0710 0x0d80 C:\Windows\System32\AUDIOKSE.dll - ok
10:21:28.0726 0x0d80 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
10:21:28.0726 0x0d80 C:\Windows\System32\stobject.dll - ok
10:21:28.0742 0x0d80 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
10:21:28.0742 0x0d80 C:\Windows\System32\batmeter.dll - ok
10:21:28.0757 0x0d80 [ AA0B1A7B4750F655936F2F82B5E84428, 443A3822D3BD776922402353C7E8C1257DB2A3D8EE335265934C52BB5820A972 ] C:\Windows\System32\CX64AP40.dll
10:21:28.0757 0x0d80 C:\Windows\System32\CX64AP40.dll - ok
10:21:28.0773 0x0d80 [ 7577CACC4F6C07175062C03CD1B7B763, 9830CEA453B30360F9D304FA39FFD207064A3AD2E6447A864E4AD9BFADC3E892 ] C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
10:21:28.0788 0x0d80 C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe - ok
10:21:28.0804 0x0d80 [ 31F829385328ECA5BA89CC9481548DC7, D10EE55668E3A83CD60F0BE700CD48509C875F0BBF0B31C65C62ACCB911A4312 ] C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll
10:21:28.0804 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TtosFunc.dll - ok
10:21:28.0820 0x0d80 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
10:21:28.0820 0x0d80 C:\Windows\System32\winspool.drv - ok
10:21:28.0835 0x0d80 [ 4CF86120D5B040CFDFBFC1D3CCD947B1, 9701EAABF8E5B2A339F691541210F32DC896A4A89E5BB6A151783A3399CF041B ] C:\Program Files\TOSHIBA\Power Saver\TCooling.dll
10:21:28.0835 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TCooling.dll - ok
10:21:28.0851 0x0d80 [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
10:21:28.0851 0x0d80 C:\Windows\System32\WMALFXGFXDSP.dll - ok
10:21:28.0866 0x0d80 [ 0BC72EA80234382701EAFC1BE0ECD7E4, 542A1F0D17708A9E31F6E4BC9AB7A4BB6113D94C9F31238FCE686E78D8E215A3 ] C:\Windows\System32\mfplat.dll
10:21:28.0866 0x0d80 C:\Windows\System32\mfplat.dll - ok
10:21:28.0898 0x0d80 [ DF7A114D5DE40CAFBEB4BE5A85D800BB, A3573EDE73AFAFB5253B23258EF0EC25AC9FB922AF60D362C1C9E74B376273A9 ] C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll
10:21:28.0898 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TOddPwr.dll - ok
10:21:28.0913 0x0d80 [ C2975FF1603C3BA18249CFC8972ED5A7, 78124516BD4C58C5134D474D679EC83BEBEB5848C7413FB5B0ADD859A75EF78D ] C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll
10:21:28.0913 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TPwrSrv.dll - ok
10:21:28.0929 0x0d80 [ E3A5BCCDE902CAFB26B38655C96D1573, 4C8416989BDD147FE0ACC1271A5320AFFC0B0B198191849F52CFDD38AAC0F7B3 ] C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll
10:21:28.0929 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TPwrBrightness.dll - ok
10:21:28.0944 0x0d80 [ 220BA8DF678118DD72D33B3F1BC377D0, 1988F3B47B2BA04E1D3EFBCD550FDBEE138EDF8CBCBC1ADF71AE7716E02B3285 ] C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll
10:21:28.0944 0x0d80 C:\Program Files\TOSHIBA\Power Saver\T1394Pwr.dll - ok
10:21:28.0960 0x0d80 [ 2E432B04EDF8135D619E42ACAB77DE35, 021D2CD05BCAD7CAE33C17568440FA9F6E7EB217F437BA64E186CE11B27EC614 ] C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll
10:21:28.0960 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TKBLEDPwr.dll - ok
10:21:28.0976 0x0d80 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
10:21:28.0976 0x0d80 C:\Windows\System32\prnfldr.dll - ok
10:21:29.0007 0x0d80 [ 3B80FE5F849B6928EAF591C44E00C610, EAC93D44779384C9335813DC55AAF62FBC6E9D1978E86315FFF6DC122F2FCE03 ] C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll
10:21:29.0007 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TSDPwr.dll - ok
10:21:29.0022 0x0d80 [ E0B534B30741001CB4A5DFE7CDC4D1AA, 96BA30F96B9B0C1C2F8D4B45B494C4AEFACE647F5831B572DEDC506A9CA256F1 ] C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll
10:21:29.0022 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TPCIePwr.dll - ok
10:21:29.0038 0x0d80 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
10:21:29.0038 0x0d80 C:\Windows\System32\DXP.dll - ok
10:21:29.0054 0x0d80 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
10:21:29.0054 0x0d80 C:\Windows\System32\Syncreg.dll - ok
10:21:29.0069 0x0d80 [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
10:21:29.0069 0x0d80 C:\Windows\ehome\ehSSO.dll - ok
10:21:29.0100 0x0d80 [ 32F848093F4E8FFDFC1C9CCC37D4A312, 645077FADA66D3B19B7E1B18C27FEFFCD3115AD3B48AD2DC6019416120E15120 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
10:21:29.0100 0x0d80 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe - ok
10:21:29.0116 0x0d80 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
10:21:29.0116 0x0d80 C:\Windows\System32\AltTab.dll - ok
10:21:29.0132 0x0d80 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
10:21:29.0132 0x0d80 C:\Windows\System32\WPDShServiceObj.dll - ok
10:21:29.0147 0x0d80 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
10:21:29.0147 0x0d80 C:\Windows\System32\QUTIL.DLL - ok
10:21:29.0178 0x0d80 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
10:21:29.0178 0x0d80 C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe - ok
10:21:29.0194 0x0d80 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
10:21:29.0194 0x0d80 C:\Windows\System32\srchadmin.dll - ok
10:21:29.0210 0x0d80 [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
10:21:29.0210 0x0d80 C:\Windows\System32\SearchIndexer.exe - ok
10:21:29.0225 0x0d80 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
10:21:29.0225 0x0d80 C:\Windows\System32\rasdlg.dll - ok
10:21:29.0241 0x0d80 [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
10:21:29.0241 0x0d80 C:\Windows\System32\tquery.dll - ok
10:21:29.0256 0x0d80 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
10:21:29.0256 0x0d80 C:\Windows\System32\mprapi.dll - ok
10:21:29.0288 0x0d80 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
10:21:29.0288 0x0d80 C:\Windows\System32\ActionCenter.dll - ok
10:21:29.0303 0x0d80 [ F9EF20F6FDA1444C0864BD7AEDC10CAF, E6A18BD7200E7DE7599753DA27469AEC479A315931956D457547F243FCB92C2A ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
10:21:29.0303 0x0d80 C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
10:21:29.0319 0x0d80 [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
10:21:29.0319 0x0d80 C:\Windows\System32\mssrch.dll - ok
10:21:29.0334 0x0d80 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
10:21:29.0334 0x0d80 C:\Windows\System32\WWanAPI.dll - ok
10:21:29.0350 0x0d80 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
10:21:29.0350 0x0d80 C:\Windows\System32\wwapi.dll - ok
10:21:29.0381 0x0d80 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
10:21:29.0381 0x0d80 C:\Windows\System32\QAGENT.DLL - ok
10:21:29.0397 0x0d80 [ D4C27F1DA94250FBDBFA67E98ADE918E, E8B67406B93463DC6EC2875EDCBAA01067D64B5E4A9CF67D4B412ADEEFF788E8 ] C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
10:21:29.0397 0x0d80 C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe - ok
10:21:29.0412 0x0d80 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
10:21:29.0412 0x0d80 C:\Windows\System32\bthprops.cpl - ok
10:21:29.0428 0x0d80 [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
10:21:29.0428 0x0d80 C:\Windows\System32\msidle.dll - ok
10:21:29.0444 0x0d80 [ 1EACBDA651416F8EB879C86496524043, 1D4F4873C772167A2261D873BE4D9CA950D45F3DF85DCA31E6D5DE5640FA234F ] C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll
10:21:29.0444 0x0d80 C:\Program Files\TOSHIBA\BulletinBoard\TosNcUi.dll - ok
10:21:29.0459 0x0d80 [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
10:21:29.0459 0x0d80 C:\Windows\System32\mssprxy.dll - ok
10:21:29.0490 0x0d80 [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
10:21:29.0490 0x0d80 C:\Windows\System32\oledlg.dll - ok
10:21:29.0506 0x0d80 [ 8AF58D3072D00B3634F2C8184A9B821F, E29431480C9B714503E016BBF0C5A11156F26F08F88131696C04232E7C8538F7 ] C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
10:21:29.0506 0x0d80 C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe - ok
10:21:29.0522 0x0d80 [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
10:21:29.0522 0x0d80 C:\Windows\System32\en-US\tquery.dll.mui - ok
10:21:29.0537 0x0d80 [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
10:21:29.0537 0x0d80 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
10:21:29.0568 0x0d80 [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
10:21:29.0568 0x0d80 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
10:21:29.0584 0x0d80 [ B58DC8BEA322E1AA38B9CA4F2AA4C496, DFBEF71E6D7670A755CD0F0171E0115EB2422804F0AF980B86647D82F18E6492 ] C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll
10:21:29.0584 0x0d80 C:\Program Files\TOSHIBA\FlashCards\TCrdMain.dll - ok
10:21:29.0600 0x0d80 [ AAB13578D84A89F5E56B35671C9345A2, FD9A3DE59E03CA33D73753A7C7830536D3E6FE14D8EFD4F9132FCBA94781A444 ] C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll
10:21:29.0600 0x0d80 C:\Program Files\TOSHIBA\FlashCards\TCrdEvnt.dll - ok
10:21:29.0615 0x0d80 [ FDC1F94B79D3C08E5D66341E3CD6688E, 82AAADA4C6D783D77578EAB82CF7F1AB98F6A7CE22670BEF151D976F210ED5FD ] C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE
10:21:29.0615 0x0d80 C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE - ok
10:21:29.0631 0x0d80 [ 9C96B167C21F6DCCF68E96853B0A8F93, 5BC0C953CFB64B045632678E941CFD706AF18AC19D1A1AA98650A55E4DE95EC7 ] C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll
10:21:29.0631 0x0d80 C:\Program Files\TOSHIBA\FlashCards\FnPRTSC.dll - ok
10:21:29.0646 0x0d80 [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
10:21:29.0646 0x0d80 C:\Windows\System32\FXSST.dll - ok
10:21:29.0662 0x0d80 [ 2A3C072BD9CF5EC9C812B9369CD3D927, 0C38ED016D0ECBE789793B0EEAC17B32245DC80AAF3EB393FA02C1BE8DDF98AF ] C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
10:21:29.0662 0x0d80 C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe - ok
10:21:29.0678 0x0d80 [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
10:21:29.0678 0x0d80 C:\Windows\System32\mscoree.dll - ok
10:21:29.0709 0x0d80 [ D44067027714CC58B8AB0AC38FDA1A0B, 56E96A58B5A53A68485F8D2F7BA286F2B174AB910BD45145258D48251F489F02 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
10:21:29.0709 0x0d80 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
10:21:29.0724 0x0d80 [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
10:21:29.0724 0x0d80 C:\Windows\System32\FXSAPI.dll - ok
10:21:29.0740 0x0d80 [ E38285015CF83E596D422AE8A66C0E6E, F3074DF17E08079342821AE31D6892136D1B86F62A25A76BF42DA571444AE928 ] C:\Program Files (x86)\Microsoft Office\Office\MSO9.DLL
10:21:29.0740 0x0d80 C:\Program Files (x86)\Microsoft Office\Office\MSO9.DLL - ok
10:21:29.0756 0x0d80 [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
10:21:29.0756 0x0d80 C:\Windows\System32\FXSRESM.dll - ok
10:21:29.0787 0x0d80 [ 831DB2AF3C761915D19E2EF2C64E6D87, CA1CD4ACDC88572DF1802980D31B2672AE0101A51A453C4A4DD52F7EF0BCD343 ] C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll
10:21:29.0787 0x0d80 C:\Program Files\TOSHIBA\FlashCards\BlackPng.dll - ok
10:21:29.0802 0x0d80 [ 9B8F2F20589230F09C70BA0A9C589C9F, 12CBCE1A7B81146B8D62C25BFBE2D50D53BD78D6008B5A673F3EBBFA83471639 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
10:21:29.0802 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
10:21:29.0818 0x0d80 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
10:21:29.0818 0x0d80 C:\Windows\System32\FXSSVC.exe - ok
10:21:29.0834 0x0d80 [ 5AA41DAE9F06F612507EDE512C0C30E2, C79D800DB1A4D74C3BA292B6FB2395401A487241077CFC9947A733078C6571F0 ] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe
10:21:29.0834 0x0d80 C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TobuActivation.exe - ok
10:21:29.0849 0x0d80 [ F6DF4B43737BFAF3D9314C00F4547AC7, 8113E0239D2C5F26D11AF346FA3DEDA182C5A0C968F6BF5467C59222153448CA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll
10:21:29.0849 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnESC.dll - ok
10:21:29.0865 0x0d80 [ 8402A407CB307B5E61CC7FF29F2EFC93, 6841DBB3A7478F7AE3E7188746055DAB7F460487759C3FF84C3A051AC6663AB0 ] C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll
10:21:29.0865 0x0d80 C:\Program Files\TOSHIBA\FlashCards\FnSticky.dll - ok
10:21:29.0880 0x0d80 [ C9CB4FB4CA7D5FDA648478EB8966353F, 3E2ACDB7C926984C04559A0C191B093061388885F0E96BFB869B622E172183F6 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll
10:21:29.0880 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnZ.dll - ok
10:21:29.0896 0x0d80 [ 11615D80DC10ABB83D2A9002B70A4E36, 554352B737D78D53C8935D7D603A5FE5343496C63296625193598BC93B46E889 ] C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll
10:21:29.0896 0x0d80 C:\Program Files\TOSHIBA\FlashCards\TWarnMsg\TWarnMsg.dll - ok
10:21:29.0912 0x0d80 [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2ADF7FD0DC8EEF66 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
10:21:29.0912 0x0d80 C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe - ok
10:21:29.0927 0x0d80 [ E08F0527A16426C2D90F4823572B27FC, 604FC77348E4BE00E19F69791B6696E3F5ADB23354FAB70A4469A4F446CA55B9 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe
10:21:29.0927 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\TCrdKBB.exe - ok
10:21:29.0943 0x0d80 [ 6229E1291BB78816A45296882D9A12C6, 66CBEABCCD107BD1ED220512393EE021321C4CD8780BFBDEE4547D2A6E63BB89 ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
10:21:29.0943 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\concentr.exe - ok
10:21:29.0958 0x0d80 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
10:21:29.0958 0x0d80 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
10:21:29.0974 0x0d80 [ B7D2BB84C590F0AE9DA51DBB065A780E, 02C10FC003D824878F41EC9223C215BC69B65CF6D2BFE16343942CABFA26F128 ] C:\Windows\SysWOW64\cryptui.dll
10:21:29.0974 0x0d80 C:\Windows\SysWOW64\cryptui.dll - ok
10:21:29.0990 0x0d80 [ 41124D72DE99D9C18477DE81CA2FFCDA, 228DE874397AB188B4D3C10ED6CC1003C808A0B71A901E79E1E28945AF2E076F ] C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll
10:21:29.0990 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\ctxmui.dll - ok
10:21:30.0005 0x0d80 [ 816302CEB82AB1946B6FF8F537E39D37, FA8837AE6DC5D775B1622A85E6529B2A316093BE81BBC753C20B7297BCE0E27D ] C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll
10:21:30.0005 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\CCMSDK.dll - ok
10:21:30.0021 0x0d80 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
10:21:30.0021 0x0d80 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
10:21:30.0036 0x0d80 [ 88B0BCC23660D466879099F26CCB8CA5, 825EBF5C7A723650145C695A4DD89027E928B3611D89BF19AAE47687ABA0E5CA ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll
10:21:30.0036 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF1.dll - ok
10:21:30.0052 0x0d80 [ A7DA2525A4344F79176A0DFA517E647E, EEDB2DEC71820031BA6D138A13F1C86CDFFA4A115525B9AD65ADADE99C383629 ] C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll
10:21:30.0052 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TFunc2.dll - ok
10:21:30.0068 0x0d80 [ E6BC081DDE7391AD0A044C0796A86D08, A8273EC82761B975F3F6E8E0EFF6824FCFCCB4E270E9CF8446D0B3FE2307E047 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll
10:21:30.0068 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF3.dll - ok
10:21:30.0083 0x0d80 [ EDE3D67AE2951D330AA6A4EB7FEF7739, B58CE8164247DE3393F44E117890B57DDC6BBEC3F311A236CDA1C0D254E9BA74 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll
10:21:30.0083 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF4.dll - ok
10:21:30.0099 0x0d80 [ 95D2DD9BF2FDBFABB46CE24114A247E0, 96259388C091CDDA01A7968F77F5C08B9C1B5AB943F9B0CCF6543FC618C450B8 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll
10:21:30.0099 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF5.dll - ok
10:21:30.0130 0x0d80 [ 5D60B71F5445398C4FA5FEB0D0D7218F, E612602C181E3E2F0529FA0D3C75C84594ECAEEE389F3C151102E772D538947F ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.dll
10:21:30.0130 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\resource\en\ctxmuiUI.dll - ok
10:21:30.0146 0x0d80 [ 8AA0A1A69A7AE4AE4E63AAA8A92F70E4, 36B5F6EF0E2962213982F0AA9B4DBDC12180B65B509C05F896A53D0AF539819E ] C:\Windows\System32\atipdl64.dll
10:21:30.0146 0x0d80 C:\Windows\System32\atipdl64.dll - ok
10:21:30.0161 0x0d80 [ 35B5EEBF76C8AA07164C11B58ADA506D, C7932373676E5CE3F6D4AB498E20508410A614FD92AE97B98949834C05CEA634 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dll
10:21:30.0177 0x0d80 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\fe6ac93181b40a571892e14bfb9d65f2\mscorlib.ni.dll - ok
10:21:30.0192 0x0d80 [ 5A462CA146417C53309FAE0852B7FC3F, 7DEC6269D50887D386976E4E643B41CC3192359A867A1A4A26F57D9988D66DDB ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll
10:21:30.0192 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF67.dll - ok
10:21:30.0208 0x0d80 [ 76772BABA8ABEB992A672F5C139B9B2D, A49C2C2967A0956A43DD2FEA5B39373B3B47DE5E191C0F2465CD9FFDDD8E4F60 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll
10:21:30.0208 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF8Dll.dll - ok
10:21:30.0224 0x0d80 [ 1B1431D9520C7578AD5633ED2A70625F, 6852FAC1355CA69226B727A1355D6DA8C0865F5EEDA45D7690701CFED7C542A1 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
10:21:30.0224 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
10:21:30.0239 0x0d80 [ AFA2ADF20A1C8741DCB49931087FAE63, 5F6BED001A773F1AC0131434517CEBF2413296EFDA215FB3DC0BDDD18FF31282 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.dll
10:21:30.0239 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\resource\en\concenUI.dll - ok
10:21:30.0255 0x0d80 [ 684C3847C7E6EAEFBB72C92CFEB7F455, D3F47EC58AF1A6C44BD45D4679E71EE52F4227DBFA7558057D1C014362335A9C ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll
10:21:30.0255 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF9.dll - ok
10:21:30.0270 0x0d80 [ 66935625C1758EFEFFAF8CF0E020A6F9, BF9F3CCBFD7477E0535737D76BC1E6D6CDBB91D3F7CDE8D3220AC7F388605529 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll
10:21:30.0270 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF10.dll - ok
10:21:30.0286 0x0d80 [ 4C671C688884F18152441DC16AA629F6, 19158CE47E09ADB0265A983E9FBC11C1A2532377B22512B15829CFB148FA8441 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll
10:21:30.0286 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnF11.dll - ok
10:21:30.0302 0x0d80 [ 9C4E90343294E9549FB81E52681F5008, CC014454B73BA70249C7362E96B29206435D425297FD623C18E4DA98FFD374F9 ] C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll
10:21:30.0302 0x0d80 C:\Program Files\TOSHIBA\Power Saver\TFunctab.dll - ok
10:21:30.0317 0x0d80 [ 13BC9BF69A7A03ED92BFDF36E9B4C508, 149CE3DBB6808495246E838C98AA21644CD1B2C13E6AB5C0C534C49946088BB3 ] C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll
10:21:30.0317 0x0d80 C:\Program Files\TOSHIBA\FlashCards\Hotkey\FnSpace.dll - ok
10:21:30.0333 0x0d80 [ 1C90330DAEF6ACC78AD6C906A46A26D6, BA6F3009C613E99B317FFCEF001BEF5CC74AF27A227D05FB6DEB1EC0FC0D1BB0 ] C:\Program Files\AVAST Software\Avast\libcef.dll
10:21:30.0333 0x0d80 C:\Program Files\AVAST Software\Avast\libcef.dll - ok
10:21:30.0348 0x0d80 [ 0390219E584F39505E046E6568D3BDDE, 3D747AA7F80CB9F6E862517AFB4CFBDC18233E33C56DF703635C87B8B4093EA6 ] C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll
10:21:30.0348 0x0d80 C:\Program Files\TOSHIBA\TOSHIBA Assist\NotifyX.dll - ok
10:21:30.0380 0x0d80 [ C79AE9E8179337395320E0175EDA7A4E, 7FAB3D9454C8530864B6A6B62B88D84E146BF50424342DC7E423121299CD4DBD ] C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
10:21:30.0380 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe - ok
10:21:30.0395 0x0d80 [ 6BE1A6D5C978F6E57FC052C8F8C57540, 9EB1BADCA15DD2AEC79D739C63B8872715B03E839D955AEE0E859A6D292FEDA3 ] C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll
10:21:30.0395 0x0d80 C:\Program Files (x86)\Toshiba\PCDiag\NotifyPCD.dll - ok
10:21:30.0411 0x0d80 [ 4773A6F221AD2A84D98135E39253DB8F, F90C99D616C46A522882D12AAEA9155BAF3401DF8743A2F65E3EBA90D8B27ACB ] C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll
10:21:30.0411 0x0d80 C:\Program Files\TOSHIBA\SmoothView\NotifyTZU.dll - ok
10:21:30.0426 0x0d80 [ F00AE7B953ABEF1B53FBBA187DFC8238, 6FFA160FB6821A725A7D81E1BECE1DE89E3E022B33E56A7468E2E0B4C8B2AE31 ] C:\Windows\System32\webcheck.dll
10:21:30.0426 0x0d80 C:\Windows\System32\webcheck.dll - ok
10:21:30.0442 0x0d80 [ D56DB55F7CD6FADBEB334266CFECCB32, 7AAE964D009D7BCFF1CAC6786D04ED37C4BEA2EDD17112491988E83B1046E6F5 ] C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll
10:21:30.0442 0x0d80 C:\Program Files\TOSHIBA\TOSHIBA Disc Creator\NotifyTDC.dll - ok
10:21:30.0442 0x0d80 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
10:21:30.0442 0x0d80 C:\Windows\System32\SyncCenter.dll - ok
10:21:30.0473 0x0d80 [ 1F5AFD468EB5E09E9ED75A087529EAB5, 8204DBCC054C1E54B6065BACB78C55716681AD91759E25111B4E4797E51D0AA3 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
10:21:30.0473 0x0d80 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
10:21:30.0489 0x0d80 [ 236A40829213BA4C594A8429172DF1B1, 2D33A3B19B3C433B34E287967FF71108DA6C6C7E833F8BB3F6880AE905C78E0B ] C:\Program Files\TOSHIBA\Utilities\NotifyX.dll
10:21:30.0489 0x0d80 C:\Program Files\TOSHIBA\Utilities\NotifyX.dll - ok
10:21:30.0504 0x0d80 [ C85C84A0A8DD1FB97A1AC18850754ADB, 1FB82A6BC65BFE99900B9D09F665811305C03A7BAA1A72D315D1586E9AF310D9 ] C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll
10:21:30.0504 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\ProgressNotificationCommon.dll - ok
10:21:30.0520 0x0d80 [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
10:21:30.0520 0x0d80 C:\Windows\System32\SearchProtocolHost.exe - ok
10:21:30.0536 0x0d80 [ C5CD3F5DA15C9327CFD37A6CE64A0F8B, FEA02782514BA380A330D7808F4B9906AC2998445500ECCF654ECFD2711015FE ] C:\Program Files (x86)\Citrix\ICA Client\wfcwinn.dll
10:21:30.0536 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\wfcwinn.dll - ok
10:21:30.0551 0x0d80 [ 23DD132EB3B74C796C7D8A9B36F6DBE0, 670CCAEB03E0A70CF7386D0B7F126FA88F3C175444A330E2A0A908702F8D53BE ] C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll
10:21:30.0551 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\acrdlg.dll - ok
10:21:30.0567 0x0d80 [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
10:21:30.0567 0x0d80 C:\Windows\System32\msshooks.dll - ok
10:21:30.0582 0x0d80 [ 1EB4EF0B39A8E1063AC695FDD3EA3153, E87DE8206DD4701C2F421A1FCED9639B70113317D1864C5E06D145BFD364374F ] C:\Program Files (x86)\Citrix\ICA Client\statuin.dll
10:21:30.0582 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\statuin.dll - ok
10:21:30.0598 0x0d80 [ CEA218C62769F248E42CB0BE920EAAAD, 4C98BF8ED1111B0F527660A2DBC39CC873BCEDD1CC29896BC90D5D4A92CB7717 ] C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll
10:21:30.0598 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\confmgr.dll - ok
10:21:30.0614 0x0d80 [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
10:21:30.0614 0x0d80 C:\Windows\System32\SearchFilterHost.exe - ok
10:21:30.0629 0x0d80 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
10:21:30.0629 0x0d80 C:\Windows\System32\imapi2.dll - ok
10:21:30.0645 0x0d80 [ D8750C31FDED1233DC0C7CA9DDDE152B, D7BD19A60C37B503EEE43D5FC8585E88407E83377846089DCF03E2E46F41EDB4 ] C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll
10:21:30.0645 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\ctxlogging.dll - ok
10:21:30.0660 0x0d80 [ 8E6DFB62228784FB9FE65454E4C02B50, 04DCF62EA8A61685F14D2B7E1AB21E80050E5216AC1D577EBA5456DF8E401D12 ] C:\Program Files (x86)\Citrix\ICA Client\icafile.dll
10:21:30.0660 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\icafile.dll - ok
10:21:30.0692 0x0d80 [ BDD83E29B58C1D32407A9032D9F7981B, C2E5DB790D36F9CE955E3A72515B9E0E0653AE99E3CDA259903BAE6380C93DF8 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c7fb84e825f6604d7f4684ab96cbd148\System.ni.dll
10:21:30.0692 0x0d80 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c7fb84e825f6604d7f4684ab96cbd148\System.ni.dll - ok
10:21:30.0707 0x0d80 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
10:21:30.0707 0x0d80 C:\Windows\System32\hgcpl.dll - ok
10:21:30.0707 0x0d80 [ B8C8745E44387CC0C2C198C2ECBBC101, 7EFBA109BD651582609B61E8E21009C13A7EE377C54A1C810BC6AF1C643A55A1 ] C:\Program Files (x86)\Citrix\ICA Client\cst.dll
10:21:30.0707 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\cst.dll - ok
10:21:30.0723 0x0d80 [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
10:21:30.0723 0x0d80 C:\Windows\System32\mssph.dll - ok
10:21:30.0738 0x0d80 [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
10:21:30.0738 0x0d80 C:\Windows\System32\mapi32.dll - ok
10:21:30.0754 0x0d80 [ 2291B6B771B37424F02673F582571ACA, DD541D831CA779C62D8E96FF233C26A7198CAD19C7043BCF7871AAD3318D35B7 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\20dbd669c42888d4bf4949279ecaec94\System.Drawing.ni.dll
10:21:30.0754 0x0d80 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\20dbd669c42888d4bf4949279ecaec94\System.Drawing.ni.dll - ok
10:21:30.0785 0x0d80 [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
10:21:30.0785 0x0d80 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
10:21:30.0801 0x0d80 [ 504D9C55C6252AE98B484A0B1ACCFF41, 0D2CC6DAE50A11A573FAC58E350717D24386314CB39623B49CDA9B152D55E407 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll
10:21:30.0801 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\resource\en\ProgressNotificationCommonUI.dll - ok
10:21:30.0816 0x0d80 [ C3A3DAD23EDE43CB680C65AA3F445DDB, 03566135BD3D87B435E164164EB0F7E0130D20D2A8CEFAD533406A5F80F892EA ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.dll
10:21:30.0816 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\resource\en\statuiUI.dll - ok
10:21:30.0832 0x0d80 [ EE7145B3687BBDE3E0D5511A2E54FCAB, 0B38D5572ADB5032071DFD52088C7B5A5BF3421FC8B7A9D19BDA764F0F843CB5 ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\cstUI.dll
10:21:30.0832 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\resource\en\cstUI.dll - ok
10:21:30.0848 0x0d80 [ 2A94C72936494A365F67FD6C1D41E678, 1B25413E64D1C46B935B2F869B8E85FEA0455A32164ADA755B3143E2F30C0EEF ] C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.dll
10:21:30.0848 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\resource\en\wfcrunUI.dll - ok
10:21:30.0863 0x0d80 [ A96D46F739A4C51E521833FB3F48A0FA, D183225287D83E3FDCF4594389FE24F6AEDECA9D29100FDE81194E1DBCB080FD ] C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll
10:21:30.0863 0x0d80 C:\Program Files (x86)\Citrix\ICA Client\CCMProxy.dll - ok
10:21:30.0879 0x0d80 [ 4EFA9B87B1DEC01DEDA96746BF548E85, D90F65048871C0533E42E259700469C53081625E6B283687A0D9AE390E6ED04D ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\19bfbbbe2ebf4db54647f4aed0f3c443\System.Windows.Forms.ni.dll
10:21:30.0879 0x0d80 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\19bfbbbe2ebf4db54647f4aed0f3c443\System.Windows.Forms.ni.dll - ok
10:21:30.0894 0x0d80 [ A033934BCD9F97AA942A37CA22784D33, B227769C6B76E2A91B9C4EB8C2A1547FF938EE9EC15BAB458A7E89FEBE919D38 ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
10:21:30.0894 0x0d80 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
10:21:30.0910 0x0d80 [ B8DE851298E99A005BFD34AA906B3FE8, 33F631C0B561199B5FEB9020FAA99E50EFA9F421D7484FFA640C5561494726DA ] C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll
10:21:30.0910 0x0d80 C:\Windows\winsxs\x86_avast.vc110.crt_2036b14a11e83e4a_11.0.60610.1_none_1d37a43bbfe1dc9c\mfc110u.dll - ok
10:21:30.0926 0x0d80 [ ABAC57D3B1C8E5E3C5A86F3D311CAA5F, 74DF953CB69A46B04AA9D77A07C50D346976DB4283FDFEE3637935C482C7DF30 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll
10:21:30.0941 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\Culture.dll - ok
10:21:30.0957 0x0d80 [ 3AAA236CCAFEA59D5CD5CAF73845B840, 77D8353A61BF41E87D9D96CE4E6C9AAB76917D236750D67D53A84EFC962D2780 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\e388e09d57ab6d56558f3b32543a34ba\System.Core.ni.dll
10:21:30.0957 0x0d80 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Core\e388e09d57ab6d56558f3b32543a34ba\System.Core.ni.dll - ok
10:21:30.0972 0x0d80 [ D5A0DDE2F6D883F2B41D307AFFDF216E, DC03768CF4310D9356686EC44DD811A975B0C38BAC40F0A6129D8F6A6DCF9560 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\8b936558407ab33fd18006f6774034a8\System.Configuration.ni.dll
10:21:30.0972 0x0d80 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Configuration\8b936558407ab33fd18006f6774034a8\System.Configuration.ni.dll - ok
10:21:30.0972 0x0d80 [ CDAD3376DFF3D9AC7FDCBE2B94B0D3C8, C0B22B8C402EEEAF68F5380BC265C15418934D2F702F0A43674EC93853E26040 ] C:\Windows\System32\shfolder.dll
10:21:30.0972 0x0d80 C:\Windows\System32\shfolder.dll - ok
10:21:30.0988 0x0d80 [ 9367E701FDC42E0DAC6D294E199F2797, DB85EFD97AE4149EFF996BBF39AC61FF37419C8010DE10809E0033964B173552 ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll
10:21:30.0988 0x0d80 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Runtime.Seri#\5015b90fbd31c9ba4fff989b2c79711b\System.Runtime.Serialization.ni.dll - ok
10:21:31.0019 0x0d80 [ EAC3306A70B7E02DD6A3AA8FED054575, B7FAAEA395026BE4CAF75BD9F535B92AEDFB2E540FEEC986BFD43E9DDC9CB0DB ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\d09a5530f1283b469957bf146e2f4d65\System.Xml.ni.dll
10:21:31.0019 0x0d80 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Xml\d09a5530f1283b469957bf146e2f4d65\System.Xml.ni.dll - ok
10:21:31.0035 0x0d80 [ 1E4DD631FA5C864DCDC6C0D10AE15515, 96ED5741226582A77E088BE061569C4117D1C957CDEDF7B7BC41751791020351 ] C:\Program Files\AVAST Software\Avast\HTMLayout.dll
10:21:31.0035 0x0d80 C:\Program Files\AVAST Software\Avast\HTMLayout.dll - ok
10:21:31.0050 0x0d80 [ 3855B7E82DEA7F28C3B620F44487FCC4, 75344F6F0C5CE5A0943077037AC4DC31ED969520093E99E153A1F909B35AD16C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe
10:21:31.0050 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\csc.exe - ok
10:21:31.0066 0x0d80 [ 03D07A681B8E42A1BE4F7B3B3DCCF4D9, F57608AAA15C6997282EE081D03A9E399DA4CEF04AEF103E184DBC5DBB25522C ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll
10:21:31.0066 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cscomp.dll - ok
10:21:31.0082 0x0d80 [ 07E0306DC01B29CA1D82E25F689B820F, B988BF6A558CDCD683ECFE991A16DD8E61C00F9296A22895386F360C8292A597 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll
10:21:31.0082 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\alink.dll - ok
10:21:31.0097 0x0d80 [ E3A4D59ED585226D381225521BF2A36D, F674A23628241D6AB133E081966B5FA7DFA597E966096970C2172783124CF3DC ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll
10:21:31.0097 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorpe.dll - ok
10:21:31.0113 0x0d80 [ E26F8BDFB6DF8F4A722D2D79A3A14E78, 043746CBE6975DD6FD69F299E3D9B06CF4A45140A56C2161A358DDEEB2D4F623 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe
10:21:31.0113 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\cvtres.exe - ok
10:21:31.0128 0x0d80 [ 0C50CF2497D363F4D9881FC11744EDD2, E58596F0F9AFD30B09BC1A623CBB7AA9015BD2FB4F7A24C113C09373FE513442 ] C:\Program Files\AVAST Software\Avast\aswData.dll
10:21:31.0128 0x0d80 C:\Program Files\AVAST Software\Avast\aswData.dll - ok
10:21:31.0144 0x0d80 [ A612EEFA2B0FC00748B34E776D8AA453, 1E0C22ADECECB5D8A6E92E53D27BC2BB86B3531CBEDFB7768AC31811373C3D3F ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll
10:21:31.0144 0x0d80 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\diasymreader.dll - ok
10:21:31.0160 0x0d80 [ 6A786FF5FDEBD0DFAF71436543ACBF52, 8714C47D76C1F0A27BFA3D3C2C522F85ECBCB3E2885D5796DFB3DCAD4125D208 ] C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
10:21:31.0160 0x0d80 C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe - ok
10:21:31.0175 0x0d80 [ 88C39BF626B5B357D2FA84A9144FC485, 65C50CCD36DCC3347FC12CDB5C98BF9D44169F6566F9A54171368006C463774A ] C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll
10:21:31.0191 0x0d80 C:\Program Files\AVAST Software\Avast\aswRemoteCache.dll - ok
10:21:31.0206 0x0d80 [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
10:21:31.0206 0x0d80 C:\Windows\SysWOW64\cabinet.dll - ok
10:21:31.0206 0x0d80 ================ Scan generic autorun ======================
10:21:31.0316 0x0d80 [ 4F12EAD0B4C8BDAED5A11CC11F394B0A, EF769C2C2564D42979746B8BFD1D6E6532BFAB3BFCE2D09A0A17D0E64498B9B3 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
10:21:31.0347 0x0d80 SmartAudio - ok
10:21:31.0347 0x0d80 SmartFaceVWatcher - ok
10:21:31.0362 0x0d80 TPwrMain - ok
10:21:31.0362 0x0d80 SmoothView - ok
10:21:31.0378 0x0d80 00TCrdMain - ok
10:21:31.0394 0x0d80 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
10:21:31.0409 0x0d80 TosVolRegulator - ok
10:21:31.0487 0x0d80 [ F9EF20F6FDA1444C0864BD7AEDC10CAF, E6A18BD7200E7DE7599753DA27469AEC479A315931956D457547F243FCB92C2A ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
10:21:31.0534 0x0d80 TosSENotify - ok
10:21:31.0534 0x0d80 TosNC - ok
10:21:31.0534 0x0d80 TosReelTimeMonitor - ok
10:21:31.0674 0x0d80 [ 2A3C072BD9CF5EC9C812B9369CD3D927, 0C38ED016D0ECBE789793B0EEAC17B32245DC80AAF3EB393FA02C1BE8DDF98AF ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe
10:21:31.0752 0x0d80 ToshibaServiceStation - ok
10:21:32.0049 0x0d80 [ 5AA41DAE9F06F612507EDE512C0C30E2, C79D800DB1A4D74C3BA292B6FB2395401A487241077CFC9947A733078C6571F0 ] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe
10:21:32.0267 0x0d80 NortonOnlineBackupReminder - ok
10:21:32.0361 0x0d80 [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2ADF7FD0DC8EEF66 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
10:21:32.0392 0x0d80 ToshibaAppPlace - ok
10:21:32.0486 0x0d80 [ 6229E1291BB78816A45296882D9A12C6, 66CBEABCCD107BD1ED220512393EE021321C4CD8780BFBDEE4547D2A6E63BB89 ] C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
10:21:32.0501 0x0d80 ConnectionCenter - ok
10:21:33.0110 0x0d80 [ 938FA6F63B210FB8EF5A7B2FC1229431, 545DDA9C32DF14B50688F8192A345FE66D2DB3F8763ECBF85B38AC829E49E1D9 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
10:21:33.0624 0x0d80 AvastUI.exe - ok
10:21:33.0843 0x0d80 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:21:33.0921 0x0d80 Sidebar - ok
10:21:33.0968 0x0d80 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:21:33.0983 0x0d80 mctadmin - ok
10:21:34.0092 0x0d80 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
10:21:34.0170 0x0d80 Sidebar - ok
10:21:34.0202 0x0d80 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
10:21:34.0217 0x0d80 mctadmin - ok
10:21:34.0248 0x0d80 Web Companion - ok
10:21:34.0248 0x0d80 Waiting for KSN requests completion. In queue: 12
10:21:35.0262 0x0d80 Waiting for KSN requests completion. In queue: 12
10:21:36.0276 0x0d80 Waiting for KSN requests completion. In queue: 12
10:21:37.0290 0x0d80 Waiting for KSN requests completion. In queue: 12
10:21:38.0460 0x0d80 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 10.2.2214.845 ), 0x41000 ( enabled : updated )
10:21:38.0554 0x0d80 Win FW state via NFP2: enabled
10:21:41.0877 0x0d80 ============================================================
10:21:41.0877 0x0d80 Scan finished
10:21:41.0877 0x0d80 ============================================================
10:21:41.0908 0x0d94 Detected object count: 0
10:21:41.0908 0x0d94 Actual detected object count: 0

Looking forward to your reply. Thanks so much again!

#10
zep516

Posted 20 March 2015 - 01:26 PM

Trusted Helper

Malware Removal
8,093 posts

That looks good and you're right I never requested the log. I'll need to change that in the future.

Lets look at a "new" FRST Scan now and see what is left.

Open FRST from the desktop,

Hit scan, make sure there is a check mark in the additions.txt check box so that it creates that log too, then post both log reports.

In your next reply post;

FRST.txt
Additions.txt

Thanks
Joe

#11
d.brack

Posted 20 March 2015 - 02:47 PM

Member

Topic Starter
Member
42 posts

Hi Joe. I've got the logs. One thing. When I got this, I tried to turn the internal mic off because of my paranoia about these laptops. As I was doing so, all of a sudden it said it wasn't there! It said the mic was not on the computer. ?????? I was wondering if you might see a driver or switch or something in this log that will turn it back on. I Skype, but haven't done anything with this yet. Thanks. Here are the logs:

FRST:

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-03-2015
Ran by RoseCake (administrator) on ROSECAKE-PC on 20-03-2015 16:17:31
Running from C:\Users\RoseCake\Desktop
Loaded Profiles: RoseCake (Available profiles: RoseCake)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: English (United States)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TPwrMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\SmoothView\SmoothView.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\BulletinBoard\TosNcCore.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\ToshibaServiceStation.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\concentr.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Citrix Systems, Inc.) C:\Program Files (x86)\Citrix\ICA Client\wfcrun32.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Power Saver\TosCoSrv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
(YouTubeSoft) C:\Program Files (x86)\YouTube Download Pool\G2\youtubeserv.exe
(Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
(Microsoft Corporation) C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
(Symantec Corporation) C:\Program Files (x86)\Norton PC Checkup\Engine\2.0.10.26\ccSvcHst.exe
(Avast Software s.r.o.) C:\Program Files\AVAST Software\Avast\avastui.exe
(Microsoft Corporation) C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
(TOSHIBA Corporation) C:\Program Files (x86)\Toshiba\TOSHIBA Service Station\TMachInfo.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSENotify.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SAIICpl.exe [316032 2010-12-14] (Conexant systems, Inc.)
HKLM\...\Run: [SmartFaceVWatcher] => C:\Program Files\Toshiba\SmartFaceV\SmartFaceVWatcher.exe [238080 2009-10-19] (TOSHIBA Corporation)
HKLM\...\Run: [TPwrMain] => C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE [566184 2010-09-28] (TOSHIBA Corporation)
HKLM\...\Run: [SmoothView] => C:\Program Files\Toshiba\SmoothView\SmoothView.exe [508216 2009-07-28] (TOSHIBA Corporation)
HKLM\...\Run: [00TCrdMain] => C:\Program Files\TOSHIBA\FlashCards\TCrdMain.exe [915320 2010-05-10] (TOSHIBA Corporation)
HKLM\...\Run: [TosVolRegulator] => C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [24376 2009-11-11] (TOSHIBA Corporation)
HKLM\...\Run: [TosSENotify] => C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [709976 2010-02-05] (TOSHIBA Corporation)
HKLM\...\Run: [TosNC] => C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [595816 2010-04-23] (TOSHIBA Corporation)
HKLM\...\Run: [TosReelTimeMonitor] => C:\Program Files\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [38304 2010-07-09] (TOSHIBA Corporation)
HKLM-x32\...\Run: [ToshibaServiceStation] => C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\ToshibaServiceStation.exe [1295224 2010-07-01] (TOSHIBA Corporation)
HKLM-x32\...\Run: [NortonOnlineBackupReminder] => C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe [3218792 2010-08-17] (Toshiba)
HKLM-x32\...\Run: [ToshibaAppPlace] => C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe [552960 2010-09-23] (Toshiba)
HKLM-x32\...\Run: [ConnectionCenter] => C:\Program Files (x86)\Citrix\ICA Client\concentr.exe [305088 2011-04-25] (Citrix Systems, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5511352 2015-03-19] (Avast Software s.r.o.)
HKU\S-1-5-21-3583772472-3013558980-347553230-1001\...\Run: [Web Companion] => C:\Program Files (x86)\Lavasoft\Web Companion\Application\WebCompanion.exe --minimize
HKU\S-1-5-21-3583772472-3013558980-347553230-1001\...\MountPoints2: {09f1269d-9ab6-11e2-8fdb-00266cc682d8} - E:\KODAK_Software_Downloader.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Office.lnk
ShortcutTarget: Microsoft Office.lnk -> C:\Program Files (x86)\Microsoft Office\Office\OSA9.EXE (Microsoft Corporation)
Startup: C:\Users\RoseCake\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\1AB24RN6.lnk
ShortcutTarget: 1AB24RN6.lnk -> C:\ProgramData\{4007dc82-6f9d-7ab4-4007-7dc826f97209}\1AB24RN6.exe (No File)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (Avast Software s.r.o.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyEnable: [S-1-5-21-3583772472-3013558980-347553230-1001] => Internet Explorer proxy is enabled.
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-3583772472-3013558980-347553230-1001\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/
HKU\S-1-5-21-3583772472-3013558980-347553230-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
SearchScopes: HKLM -> {E82CA1BD-FEF0-4F95-AD94-A9970000026B} URL = http://www.google.co...ng}&rlz=1I7TSNF
SearchScopes: HKLM-x32 -> {2FC9F537-898D-46D3-B4AF-AF553A281010} URL = http://www.google.co...ng}&rlz=1I7TSNF
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> {E0AA9A86-27B4-4FAB-8A85-BFE86CB21DB5} URL = https://www.google.c...?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> {E82CA1BD-FEF0-4F95-AD94-A9970000026B} URL = http://www.google.co...ng}&rlz=1I7TSNF
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-03-16] (Avast Software s.r.o.)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-16] (Adobe Systems Incorporated)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-03-16] (Avast Software s.r.o.)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2010-09-21] (Microsoft Corp.)
BHO-x32: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-03-29] (Sun Microsystems, Inc.)
Toolbar: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-3583772472-3013558980-347553230-1001 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset...lineScanner.cab
DPF: HKLM-x32 {BEA7310D-06C4-4339-A784-DC3804819809} http://mywayphotos.r...veX_Control.cab
Handler-x32: http - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: http - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: https - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: ipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF42-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Handler-x32: msdaipp - {E1D2BF40-A96B-11D1-9C6B-0000F875AC61} - C:\PROGRA~2\COMMON~1\System\OLEDB~1\MSDAIPP.DLL [1999-02-03] (Microsoft Corporation)
Filter-x32: application/x-ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica; charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=euc-jp - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=ISO-8859-1 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS936 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS949 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=MS950 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF-8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: application/x-ica;charset=UTF8 - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Filter-x32: ica - {CFB6322E-CC85-4d1b-82C7-893888A236BC} - C:\Program Files (x86)\Citrix\ICA Client\IcaMimeFilter.dll [2011-04-25] (Citrix Systems, Inc.)
Tcpip\Parameters: [DhcpNameServer] 75.75.76.76 75.75.75.75

FireFox:
========
FF ProfilePath: C:\Users\RoseCake\AppData\Roaming\Mozilla\Firefox\Profiles\8c7y18iw.default
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-13] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3508.1109 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2010-11-10] (Microsoft Corporation)
FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-03-16]