Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

Computer acts infected [Solved]


  • This topic is locked This topic is locked

#1
eles

eles

    Member

  • Member
  • PipPip
  • 33 posts

The computer has been sick for some time. It got worse in the last few days. This is what I experienced.
I'd like to get some help please.

FRST logs are after my commentary.

Yesterday I ran Comodo. It found:
     autorun     winsock file not found     c:\windows\system32\drivers\winsock.sys
     cce.exe     smart scan         modified hosts & exe hijack - applied repairs - modified hosts repair failed
     full scan    Abnormal system settings - modified hosts
                       Threats   [email protected]   
                                      c:\ProgramData\AOL Downloads\triton_suite_install\6.1.41.2\setup.exe
     killswitch  Nothing

Today, after TrojWare.Win32.Agent had been removed, I saw ipz*launcher (from triton_suite_install) using most of the cpu.
    All I had running was notepad and firefox
I later found 3 AOL folders in Program Data and deleted all 3 (one had the file triton_suite_install)

In the last 5 days, webroot removed
    dc21.tmp in c:\users\jo ann\appdata\local\temp\low
    b145.tmp in c:\users\jo ann\appdata\local\temp\low
    noi4t2f8.exe.part in c:\users\jo ann\appdata\local\temp
    frst.exe in c:\users\jo ann\desktop\farbar (I had whitelisted it)

Some simple tasks take forever

Desktop, Internet and Documents
    Display size / zoom randomly changes
    Lot of redirects
    Windows will open that I never opened and was never on - this even happens on the desktop when I'm not on the internet.
    The screen sometimes jumps 1 or 2 lines when I click something, this causes the click to register on the wrong line
    Sometimes it will not let me give a name to a untitled doc in save as. I couldn't close without losing data
    I tried to open notepad through the start menu and ie downloads came up instead.
        It looked like I was trying to download notepad.exe and asked if I wanted to save or run.
    The system has tried to overlay another doc on top of what I'm editing - sometimes the overlay wasn't even an open file
    Sometimes it will jump to home or end in a multipage doc
    Asks me if I want to save changes when I changed nothing

Mouse
    Curser sometimes gets an extreme case of the jitters and moves across the screen
    Things get clicked on when I never clicked
    Scroll wheel switches to changing zoom - must reboot to restore function
    Scroll up/down switches to scroll left/right
    Many times, mouse clicks don't register
    Mouse driver is current

GTG
    Signin redirected me to a facebook signin page - the only place I was on that dialog box was to uncheck
        the Remember Me box - I hadn't signed in yet
    Something keeps regularly logging me out of GTG

Registry
    Lot of garbage from uninstalled (and never installed files and programs like Chrome and gupdate)

Changed my ixquick homepage
Adware cleaner quarantine still there even though adware has been uninstalled

If you like, I also have an OTL log from today.

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:09-08-2015
Ran by Jo Ann (administrator) on JOANNS_LAPTOP (10-08-2015 18:00:29)
Running from C:\Users\Jo Ann\Desktop\LS\Farbar
Loaded Profiles: Jo Ann (Available Profiles: Jo Ann)
Platform: Microsoft Windows 7 Home Premium  Service Pack 1 (X86) Language: English (United States)
Internet Explorer Version 9 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo...very-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Webroot) C:\Program Files\Webroot\WRSA.exe
(TOSHIBA CORPORATION) C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
() C:\Toshiba\IVP\ISM\pinger.exe
(Webroot) C:\Program Files\Webroot\WRSA.exe
(Paramount Software UK Ltd) C:\Program Files\Macrium\Reflect\ReflectService.exe
() C:\Toshiba\IVP\swupdate\swupdtmr.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
(Ulead Systems, Inc.) C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
(Microsoft Corp.) C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe

==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1348904 2008-08-14] (Synaptics, Inc.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [12017368 2014-02-14] (Realtek Semiconductor)
HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard)
HKLM\...\Run: [WRSVC] => C:\Program Files\Webroot\WRSA.exe [822728 2015-07-24] (Webroot)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [334896 2015-06-08] (Oracle Corporation)
HKLM\...\RunOnce: [Malwarebytes Anti-Malware (cleanup)] => C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\mbamdor.exe [54072 2015-03-17] (Malwarebytes Corporation)
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner.exe [6405912 2015-06-01] (Piriform Ltd)
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\Run: [] => [X]
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled [2015-04-03] ()

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.microsoft...d=ie&ar=msnhome
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft...=ie&ar=iesearch
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.bing.com/
SearchScopes: HKLM -> {AD10AD0D-7081-41DA-B695-C309C1885A85} URL = http://www.google.co...Page={startPage};
SearchScopes: HKU\S-1-5-21-2741620654-2478720017-686529755-1000 -> {CF739809-1C6C-47C0-85B9-569DBB141420} URL =
BHO: Java™ Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_51\bin\ssv.dll [2015-07-20] (Oracle Corporation)
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17] (Microsoft Corp.)
BHO: Webroot Filtering Extension -> {C9C42510-9B41-42c1-9DCD-7282A2D07C61} -> C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll [2015-06-02] (Webroot)
BHO: Java™ Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_51\bin\jp2ssv.dll [2015-07-20] (Oracle Corporation)
Toolbar: HKU\.DEFAULT -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Toolbar: HKU\S-1-5-21-2741620654-2478720017-686529755-1000 -> WOT - {71576546-354D-41C9-AAE8-31F2EC22BF0D} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://fpdownload.ma...director/sw.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.ma...t/ultrashim.cab
DPF: {CAFEEFAC-0018-0000-0040-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444543540000} http://fpdownload2.m...ash/swflash.cab
Handler: belarc - {6318E0AB-2E93-11D1-B8ED-00608CC9A71F} - C:\Program Files\Belarc\BelarcAdvisor\System\BAVoilaX.dll [2013-04-16] (Belarc, Inc.)
Handler: wot - {C2A44D6B-CB9F-4663-88A6-DF2F26E4D952} - C:\Program Files\WOT\WOT.dll [2013-09-02] ()
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{11001E69-6F19-4F9D-A4EE-BCD170AB0B6B}: [DhcpNameServer] 192.168.0.1 205.171.2.25

FireFox:
========
FF ProfilePath: C:\Users\Jo Ann\AppData\Roaming\Mozilla\Firefox\Profiles\5erogpxw.default
FF DefaultSearchEngine.US: Ixquick HTTPS
FF Homepage: https://ixquick.com/...bde9d856a3b1f89
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_18_0_0_209.dll [2015-07-18] ()
FF Plugin: @adobe.com/ShockwavePlayer -> C:\Windows\system32\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin: @java.com/DTPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\dtplugin\npDeployJava1.dll [2015-07-20] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.51.2 -> C:\Program Files\Java\jre1.8.0_51\bin\plugin2\npjp2.dll [2015-07-20] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.40416.0\npctrl.dll [2015-04-15] ( Microsoft Corporation)
FF Plugin: @rocketlife.com/RocketLife Secure Plug-In Layer;version=1.0.5 -> C:\ProgramData\Visan\plugins\npRLSecurePluginLayer.dll [2011-09-20] (RocketLife, LLP)
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-12] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-12] (Google Inc.)
FF SearchPlugin: C:\Users\Jo Ann\AppData\Roaming\Mozilla\Firefox\Profiles\5erogpxw.default\searchplugins\ixquick-https.xml [2015-03-30]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: No Name - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2012-08-22]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: No Name - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-08-17]
FF HKLM\...\Firefox\Extensions: [[email protected]] - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer
FF Extension: Webroot Filtering Extension - C:\ProgramData\WRData\PKG\FIREFOX\WebrootSecure_SocketServer [2013-12-04]
FF HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\Firefox\Extensions: [[email protected]] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

Chrome:
=======
CHR Profile: C:\Users\Jo Ann\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Docs) - C:\Users\Jo Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2014-09-03]
CHR Extension: (Webroot Filtering Extension) - C:\Users\Jo Ann\AppData\Local\Google\Chrome\User Data\Default\Extensions\kjeghcllfecehndceplomkocgfbklffd [2014-09-03]
CHR HKLM\...\Chrome\Extension: [okfhiodnpcnnnpgbjbhfebjnbagmfhab] - C:\ProgramData\WRData\pkg\lpchrome.crx [2012-11-15]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 CFSvcs; C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe [40960 2006-11-14] (TOSHIBA CORPORATION) [File not signed]
S3 getPlusHelper; C:\Program Files\NOS\bin\getPlus_Helper.dll [68000 2010-03-29] (NOS Microsystems Ltd.)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 HPSLPSVC; C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL [694784 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 MsMpSvc; c:\Program Files\Microsoft Security Client\MsMpEng.exe [22184 2015-01-30] (Microsoft Corporation)
R2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S3 Olympus DVR Service; C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe [176128 2011-05-10] (OLYMPUS IMAGING CORP.) [File not signed]
R2 pinger; C:\Toshiba\IVP\ISM\pinger.exe [136816 2007-01-25] ()
R2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 ReflectService.exe; C:\Program Files\Macrium\Reflect\ReflectService.exe [2462160 2014-07-21] (Paramount Software UK Ltd)
R2 Swupdtmr; c:\Toshiba\IVP\swupdate\swupdtmr.exe [63096 2007-01-25] ()
R2 TODDSrv; C:\Windows\system32\TODDSrv.exe [114688 2006-05-25] (TOSHIBA Corporation) [File not signed]
R2 UleadBurningHelper; C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe [49152 2006-08-23] (Ulead Systems, Inc.) [File not signed]
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation)
R2 WRSVC; C:\Program Files\Webroot\WRSA.exe [822728 2015-07-24] (Webroot)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

U0 egev; C:\Windows\System32\drivers\rlvg.sys [52440 2015-08-10] (Malwarebytes Corporation)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [31088 2010-12-16] (Elaborate Bytes AG)
R3 HP8207_8307; C:\Windows\System32\DRIVERS\HP8207_8307.sys [13952 2010-02-04] (Windows ® Win 7 DDK provider)
S4 KR10I; C:\Windows\system32\drivers\kr10i.sys [216320 2007-01-03] (TOSHIBA CORPORATION) [File not signed]
S4 KR3NPXP; C:\Windows\system32\drivers\kr3npxp.sys [479488 2007-01-03] (TOSHIBA CORPORATION) [File not signed]
R3 NETwLv32; C:\Windows\System32\DRIVERS\NETwLv32.sys [6639616 2013-10-31] (Intel Corporation)
R0 pssnap; C:\Windows\System32\DRIVERS\pssnap.sys [13528 2014-07-21] ()
R0 SmartDefragDriver; C:\Windows\System32\Drivers\SmartDefragDriver.sys [15672 2013-05-22] ()
S3 SWDUMon; C:\Windows\System32\DRIVERS\SWDUMon.sys [13464 2013-11-06] ()
R3 UVCFTR; C:\Windows\System32\Drivers\UVCFTR_S.SYS [17960 2009-04-10] (Chicony Electronics Co., Ltd.)
R0 WRkrn; C:\Windows\System32\drivers\WRkrn.sys [117784 2015-07-24] (Webroot)
S3 wrUrlFlt; C:\Windows\system32\DRIVERS\wrUrlFlt.sys [37432 2015-06-02] (Webroot)
U5 AppMgmt; C:\Windows\system32\svchost.exe [20992 2009-07-13] (Microsoft Corporation)
U5 VWiFiFlt; C:\Windows\System32\Drivers\VWiFiFlt.sys [48128 2009-07-13] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-10 16:52 - 2015-08-10 16:52 - 00052440 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\rlvg.sys
2015-08-09 22:59 - 2015-08-09 22:59 - 00000000 ____D C:\CCE_Quarantine
2015-08-09 19:39 - 2015-03-27 18:41 - 00000027 _____ C:\Windows\system32\Drivers\etc\hosts.ccebak
2015-08-09 15:57 - 2015-08-09 15:57 - 00001258 _____ C:\Users\Public\Desktop\YTD Video Downloader.lnk
2015-08-09 15:57 - 2015-08-09 15:57 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\YTD Video Downloader
2015-08-05 16:18 - 2015-08-05 16:27 - 00000000 ____D C:\Users\Jo Ann\AppData\Local\SpeedFixToolPro
2015-08-05 16:18 - 2015-08-05 16:19 - 00000000 ____D C:\Users\Jo Ann\Documents\SpeedFixToolPro
2015-08-04 15:38 - 2015-07-20 11:56 - 02943488 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-08-04 15:38 - 2015-07-20 11:56 - 02061312 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-08-04 15:38 - 2015-07-20 11:56 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-08-04 15:38 - 2015-07-20 11:56 - 00173056 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-08-04 15:38 - 2015-07-20 11:56 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-08-04 15:38 - 2015-07-20 11:56 - 00093184 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-08-04 15:38 - 2015-07-20 11:56 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-08-04 15:38 - 2015-07-20 11:56 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-08-04 15:38 - 2015-07-20 11:56 - 00034816 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-08-04 15:38 - 2015-07-20 11:56 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-08-04 15:38 - 2015-07-20 11:56 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-07-31 22:24 - 2015-08-10 16:00 - 00500491 _____ C:\Windows\WindowsUpdate.log
2015-07-31 22:24 - 2015-02-18 01:06 - 00123904 _____ (Microsoft Corporation) C:\Windows\system32\poqexec.exe
2015-07-29 18:31 - 2015-06-11 11:57 - 06131200 _____ (Microsoft Corporation) C:\Windows\system32\mstscax.dll
2015-07-29 18:31 - 2015-06-11 11:57 - 00856064 _____ (Microsoft Corporation) C:\Windows\system32\rdvidcrl.dll
2015-07-29 18:31 - 2015-06-11 11:57 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\tsgqec.dll
2015-07-29 18:31 - 2015-06-11 09:20 - 00355840 _____ (Microsoft Corporation) C:\Windows\system32\wksprt.exe
2015-07-29 18:30 - 2015-06-15 15:47 - 00101824 _____ (Microsoft Corporation) C:\Windows\system32\consent.exe
2015-07-29 18:30 - 2015-06-15 15:43 - 02364416 _____ (Microsoft Corporation) C:\Windows\system32\msi.dll
2015-07-29 18:30 - 2015-06-15 15:43 - 01805824 _____ (Microsoft Corporation) C:\Windows\system32\authui.dll
2015-07-29 18:30 - 2015-06-15 15:43 - 00337408 _____ (Microsoft Corporation) C:\Windows\system32\msihnd.dll
2015-07-29 18:30 - 2015-06-15 15:43 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\appinfo.dll
2015-07-29 18:30 - 2015-06-15 15:42 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\msiexec.exe
2015-07-29 18:30 - 2015-06-15 15:37 - 00025088 _____ (Microsoft Corporation) C:\Windows\system32\msimsg.dll
2015-07-29 17:54 - 2015-06-09 13:35 - 02745856 _____ (Microsoft Corporation) C:\Windows\system32\rdpcorets.dll
2015-07-29 17:54 - 2015-06-09 13:35 - 00013824 _____ (Microsoft Corporation) C:\Windows\system32\RdpGroupPolicyExtension.dll
2015-07-29 02:01 - 2015-06-25 02:46 - 02383872 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2015-07-29 02:01 - 2015-06-01 17:47 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\cewmdm.dll
2015-07-29 02:01 - 2015-05-08 21:14 - 00169984 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
2015-07-29 02:01 - 2015-05-08 21:13 - 00868352 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
2015-07-29 02:01 - 2015-05-08 21:13 - 00293376 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
2015-07-29 02:01 - 2015-05-08 21:12 - 00271360 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
2015-07-29 02:01 - 2015-05-08 21:08 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 21:08 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 19:59 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 19:59 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 19:59 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
2015-07-29 02:01 - 2015-05-08 19:59 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
2015-07-28 23:38 - 2015-07-01 14:46 - 00137664 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
2015-07-28 23:38 - 2015-07-01 14:46 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
2015-07-28 23:38 - 2015-07-01 14:30 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00248832 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00221184 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
2015-07-28 23:38 - 2015-07-01 14:30 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
2015-07-28 23:38 - 2015-07-01 14:29 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
2015-07-28 23:38 - 2015-07-01 14:29 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
2015-07-28 23:38 - 2015-07-01 14:27 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
2015-07-28 23:38 - 2015-07-01 14:26 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
2015-07-28 23:38 - 2015-07-01 14:24 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
2015-07-28 23:38 - 2015-07-01 13:18 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
2015-07-28 23:38 - 2015-07-01 13:18 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
2015-07-28 23:38 - 2015-07-01 13:18 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
2015-07-28 18:45 - 2015-07-28 18:45 - 00000000 ____D C:\Users\Jo Ann\New folder
2015-07-26 18:06 - 2015-07-26 18:06 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SoftLogica
2015-07-26 18:06 - 2015-07-26 18:06 - 00000000 ____D C:\Program Files\SoftLogica
2015-07-26 15:42 - 2015-04-29 12:07 - 11411456 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2015-07-26 15:42 - 2015-04-29 12:07 - 00008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2015-07-26 15:42 - 2015-04-29 12:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2015-07-26 15:42 - 2015-04-29 12:07 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2015-07-26 15:42 - 2015-04-29 12:05 - 12625408 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2015-07-26 14:50 - 2015-07-02 23:31 - 12386304 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-07-26 14:50 - 2015-07-02 23:18 - 02382848 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2015-07-26 14:50 - 2015-06-22 09:23 - 01139712 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-07-26 14:50 - 2015-06-22 09:21 - 01804288 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-07-26 14:50 - 2015-06-22 09:21 - 00421888 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-07-26 14:50 - 2015-06-22 09:21 - 00142848 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2015-07-26 14:50 - 2015-06-22 09:21 - 00065024 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2015-07-26 14:50 - 2015-06-22 09:21 - 00041472 _____ (Microsoft Corporation) C:\Windows\system32\msfeedsbs.dll
2015-07-26 14:50 - 2015-06-22 09:20 - 00353792 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2015-07-26 14:50 - 2015-06-22 09:20 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\mshta.exe
2015-07-26 14:50 - 2015-06-22 09:20 - 00010752 _____ (Microsoft Corporation) C:\Windows\system32\msfeedssync.exe
2015-07-26 14:49 - 2015-06-22 09:27 - 01810432 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-07-26 14:49 - 2015-06-22 09:27 - 00367616 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2015-07-26 14:49 - 2015-06-22 09:24 - 09750528 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-07-26 14:49 - 2015-06-22 09:22 - 01427968 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2015-07-26 14:49 - 2015-06-22 09:22 - 01129472 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-07-26 14:49 - 2015-06-22 09:21 - 00718336 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-07-26 14:49 - 2015-06-22 09:21 - 00607744 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-07-26 14:49 - 2015-06-22 09:21 - 00231936 _____ (Microsoft Corporation) C:\Windows\system32\url.dll
2015-07-26 14:49 - 2015-06-22 09:20 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2015-07-26 14:49 - 2015-06-22 09:20 - 00176640 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2015-07-26 14:49 - 2015-06-22 09:20 - 00073216 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-07-22 23:27 - 2015-07-14 20:55 - 00070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2015-07-22 23:27 - 2015-07-14 20:55 - 00034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2015-07-22 23:27 - 2015-07-14 20:55 - 00026624 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2015-07-22 23:27 - 2015-07-14 20:55 - 00010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2015-07-22 23:27 - 2015-07-14 19:52 - 00299008 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2015-07-20 14:08 - 2015-07-22 21:15 - 00000000 ____D C:\Program Files\Common Files\Java

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-08-10 18:00 - 2015-02-14 14:07 - 00000000 ____D C:\FRST
2015-08-10 17:51 - 2015-03-07 23:12 - 00119512 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-08-10 17:45 - 2015-06-10 14:23 - 00000000 __RHD C:\Users\Jo Ann\Desktop\LS
2015-08-10 16:52 - 2015-03-30 13:23 - 00000000 ____D C:\ProgramData\YTD Video Downloader
2015-08-10 15:44 - 2012-05-06 14:01 - 00000000 ____D C:\ProgramData\WRData
2015-08-10 14:26 - 2010-11-20 15:01 - 00803272 _____ C:\Windows\system32\PerfStringBackup.INI
2015-08-10 13:28 - 2009-12-06 10:20 - 00018864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-08-10 13:28 - 2009-12-06 10:20 - 00018864 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-08-10 13:20 - 2009-07-13 22:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT
2015-08-06 20:07 - 2009-07-13 20:37 - 00000000 ____D C:\Windows\rescache
2015-08-04 20:50 - 2014-07-12 22:24 - 00000000 ____D C:\Users\Jo Ann\AppData\Local\Adobe
2015-08-04 20:49 - 2012-05-06 16:45 - 00000000 ____D C:\Program Files\Common Files\Adobe
2015-08-04 20:49 - 2007-02-28 14:19 - 00000000 ____D C:\Program Files\Adobe
2015-08-04 20:25 - 2007-04-29 14:21 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Jasc Software
2015-08-04 20:25 - 2007-04-29 14:20 - 00000000 ____D C:\Program Files\Jasc Software Inc
2015-08-03 08:44 - 2012-10-13 19:43 - 00778416 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2015-08-03 08:44 - 2012-10-13 19:43 - 00142512 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2015-07-30 14:10 - 2009-07-13 20:37 - 00000000 ____D C:\Windows\IME
2015-07-29 21:29 - 2015-04-03 15:12 - 00000000 ____D C:\Users\Jo Ann\AppData\Roaming\Audacity
2015-07-29 02:43 - 2009-07-13 22:33 - 00445720 _____ C:\Windows\system32\FNTCACHE.DAT
2015-07-28 18:45 - 2015-03-12 00:31 - 00000000 ____D C:\Users\Jo Ann
2015-07-26 20:14 - 2015-04-20 17:03 - 00000000 ____D C:\Users\Jo Ann\AppData\Local\CrashDumps
2015-07-26 19:33 - 2015-03-27 22:47 - 00000000 ____D C:\Program Files\Sophos
2015-07-25 01:21 - 2015-03-26 22:52 - 00000000 ____D C:\AdwCleaner
2015-07-24 15:56 - 2012-05-06 14:01 - 00166128 _____ (Webroot) C:\Windows\system32\WRusr.dll
2015-07-24 15:56 - 2012-05-06 14:01 - 00117784 _____ (Webroot) C:\Windows\system32\Drivers\WRkrn.sys
2015-07-22 21:18 - 2009-07-13 20:37 - 00000000 ____D C:\Windows\system32\wfp
2015-07-22 21:17 - 2015-04-19 01:27 - 00000000 ___SD C:\Windows\system32\GWX
2015-07-22 21:17 - 2015-03-07 23:11 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware
2015-07-22 21:17 - 2014-01-01 16:45 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2015-07-22 21:17 - 2012-05-06 14:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Webroot SecureAnywhere
2015-07-22 21:17 - 2009-12-06 12:49 - 00000000 ____D C:\Program Files\Webroot
2015-07-22 21:17 - 2008-02-11 12:43 - 00000000 ____D C:\ProgramData\pdf995
2015-07-22 21:16 - 2014-01-01 16:38 - 00000000 ____D C:\ProgramData\Oracle
2015-07-22 21:16 - 2009-07-13 20:37 - 00000000 ____D C:\Windows\registration
2015-07-22 21:15 - 2007-02-28 14:37 - 00000000 ____D C:\Program Files\Java
2015-07-20 20:09 - 2015-03-27 14:06 - 00000000 ____D C:\Users\Jo Ann\.FBReader
2015-07-20 14:07 - 2015-07-10 18:47 - 00096352 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2015-07-15 21:51 - 2013-07-15 16:01 - 00000000 ____D C:\Windows\system32\MRT
2015-07-13 21:52 - 2009-07-13 20:37 - 00000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
2015-07-11 16:11 - 2015-07-08 18:55 - 00000000 ____D C:\Users\Jo Ann\Desktop\Printer
2015-07-11 08:12 - 2015-06-06 13:43 - 00000000 ____D C:\Program Files\Mozilla Firefox
2015-07-11 08:12 - 2015-03-30 19:46 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service

==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2015-08-05 19:33

==================== End of log ============================

- - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - - -

Additional scan result of Farbar Recovery Scan Tool (x86) Version:09-08-2015
Ran by Jo Ann (2015-08-10 18:01:40)
Running from C:\Users\Jo Ann\Desktop\LS\Farbar
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-2741620654-2478720017-686529755-500 - Administrator - Disabled)
Guest (S-1-5-21-2741620654-2478720017-686529755-501 - Limited - Disabled)
Jo Ann (S-1-5-21-2741620654-2478720017-686529755-1000 - Administrator - Enabled) => C:\Users\Jo Ann

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Webroot SecureAnywhere (Enabled - Up to date) {66A6FE14-08CB-F415-3742-517201416109}
AV: Microsoft Security Essentials (Disabled - Out of date) {B7ECF8CD-0188-6703-DBA4-AA65C6ACFB0A}
AS: Microsoft Security Essentials (Disabled - Out of date) {0C8D1929-27B2-688D-E114-9117BD2BB1B7}
AS: Webroot SecureAnywhere (Enabled - Up to date) {DDC71FF0-2EF1-FB9B-0DF2-6A007AC62BB4}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
Acrobat.com (Version: 2.1.0 - Adobe Systems Incorporated) Hidden
Actiontec Gateway (HKLM\...\{9692FD03-6662-4E62-B08C-30DFF51651E1}) (Version:  - )
Adblock Plus for IE (32-bit) (HKLM\...\{A243D0E2-D027-4340-AA12-6B13B2A96AC0}) (Version: 1.4 - Eyeo GmbH)
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.63 - NOS Microsystems Ltd.)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
AIO_CDA_ProductContext (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Audacity 2.1.0 (HKLM\...\Audacity_is1) (Version: 2.1.0 - Audacity Team)
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BufferChm (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6100 (Version: 130.0.365.000 - Hewlett-Packard) Hidden
c6100_Help (Version: 82.0.256.000 - Hewlett-Packard) Hidden
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.260.0526L - Chicony Electronics Co.,Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.02 - TOSHIBA)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DIGOpt (Version: 9.0.0917.2 - Your Company Name) Hidden
DocProc (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (Version: 130.0.418.000 - Hewlett-Packard) Hidden
FBReader for Windows (HKLM\...\FBReader for Windows) (Version:  - )
Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (Version: 1.3.26.9 - Google Inc.) Hidden
GPBaseService2 (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Handy Recovery 5.5 (HKLM\...\{4196D960-68B0-4BEB-B312-3C1B4654068D}) (Version: 5.5 - SoftLogica)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
K-Lite Codec Pack 7.0.0 (Standard) (HKLM\...\KLiteCodecPack_is1) (Version: 7.0.0 - )
Macrium Reflect Free Edition (HKLM\...\MacriumReflect) (Version: 5.3 - Paramount Software (UK) Ltd.)
Macrium Reflect Free Edition (Version: 5.3.7299 - Paramount Software (UK) Ltd.) Hidden
MakeMKV v1.8.6 (HKLM\...\MakeMKV) (Version: v1.8.6 - GuinpinSoft inc)
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Marvell Miniport Driver (HKLM\...\{C950420B-4182-49EA-850A-A6A2ABF06C6B}) (Version: 10.0.4.3 - Marvell)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{13CD417D-F1F1-4AC4-945D-FDDEB884756F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40416.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Core Components (x86) ENU  (HKLM\...\{FF63121D-91C6-42CC-B341-F1AA729728E7}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Sync Framework 2.0 Provider Services (x86) ENU  (HKLM\...\{D3A80508-CD83-4CA3-8671-914A1BC78B61}) (Version: 2.0.1578.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Move Networks Media Player for Internet Explorer (HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\Move Networks Player - IE) (Version:  - )
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (Version: 1.0.0.0 - Webroot Software, Inc.) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (Version: 130.0.572.000 - Hewlett-Packard) Hidden
OLYMPUS Master 2 (HKLM\...\{CB49B376-1136-44B4-83FA-036334B59937}) (Version: 1.0.2 - OLYMPUS IMAGING CORP.)
Olympus Sonority (HKLM\...\{BFE5EE53-FB9C-4E32-B652-A85C55E1F081}) (Version: 1.3.2 - OLYMPUS IMAGING CORP.)
Quicken WillMaker Plus 2009 (HKLM\...\Quicken WillMaker Plus 2009) (Version:  - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.3.550.0 - SAMSUNG Electronics Co., Ltd.)
Scan (Version: 140.0.80.000 - Hewlett-Packard) Hidden
smartmontools (HKLM\...\smartmontools) (Version: 6.3 2014-07-26 r3976 (sf-6.3-1) - smartmontools.org)
SmartWebPrinting (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}) (Version: 2.00.0001 - Texas Instruments Inc.)
TIPCI (Version: 2.00.0001 - Texas Instruments Inc.) Hidden
Toolbox (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.00.03 - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 7.00.24 - TOSHIBA)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.6 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM\...\{B97599D2-01F7-4551-96D8-674D3D886F7B}) (Version: 2.00.02MWM - )
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.7.0.2 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD03) - Agere Systems)
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.2 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version:  - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version:  - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version:  - )
TOSHIBA Supervisor Password (HKLM\...\{744E2BC2-EC6F-44D5-AA68-451B4131383B}) (Version: 2.00.01MWM - )
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.13 - TOSHIBA Corporation)
TrayApp (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (Version: 11.0.0 - Hewlett-Packard) Hidden
VirtualCloneDrive (HKLM\...\VirtualCloneDrive) (Version:  - Elaborate Bytes)
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Webroot SecureAnywhere (HKLM\...\WRUNINST) (Version: 9.0.1.35 - Webroot)
Windows Driver Package - Chicony (usbvideo) Image  (05/12/2009 6.3.251.0512) (HKLM\...\84BA15BD1DFEAA8A233F801B29BDC48DEE17B71F) (Version: 05/12/2009 6.3.251.0512 - Chicony)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version:  - )
WinDVD for TOSHIBA (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.108 - InterVideo Inc.)
WinDVD for TOSHIBA (Version: 8.0-B6.108 - InterVideo Inc.) Hidden
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)
YTD Video Downloader 4.9.1 (HKLM\...\{1a413f37-ed88-4fec-9666-5c48dc4b7bb7}) (Version: 4.9.1 - GreenTree Applications SRL) <==== ATTENTION

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2741620654-2478720017-686529755-1000_Classes\CLSID\{3A999A50-AB25-4A20-90A9-08F71FCE320F}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-2741620654-2478720017-686529755-1000_Classes\CLSID\{98087D89-B93F-4BCF-A998-AE4D9F607C14}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)
CustomCLSID: HKU\S-1-5-21-2741620654-2478720017-686529755-1000_Classes\CLSID\{B286F068-5B17-4AE8-989B-8F9A199C47BA}\InprocServer32 -> C:\Windows\system32\spool\DRIVERS\W32X86\3\HPCDMC32.DLL (HP)

==================== Restore Points =========================

24-06-2015 15:30:26 6-24
26-06-2015 16:01:39 Windows Update
30-06-2015 13:26:47 Windows Update
03-07-2015 16:01:27 Windows Update
07-07-2015 12:25:29 Windows Update
10-07-2015 18:45:43 Removed Java 7 Update 76
13-07-2015 21:37:22 Revo Uninstaller's restore point - Tweaking.com - Windows Repair
14-07-2015 16:01:00 Windows Update
15-07-2015 21:41:07 Windows Update
20-07-2015 15:36:53 Removed Java 8 Update 51
21-07-2015 01:19:47 Windows Update
22-07-2015 01:26:31 Windows Update
22-07-2015 21:11:51 Restore Operation
22-07-2015 22:54:36 Windows Update
22-07-2015 23:27:52 Windows Update
23-07-2015 09:03:04 Revo Uninstaller's restore point - Adobe Reader XI (11.0.12)
23-07-2015 09:34:56 Installed Adobe Reader XI.
24-07-2015 23:55:39 Revo Uninstaller's restore point - SUPERAntiSpyware
26-07-2015 14:50:41 Windows Update
26-07-2015 15:42:37 Windows Update
26-07-2015 19:17:21 Revo Uninstaller's restore point - Sophos Virus Removal Tool
28-07-2015 19:50:50 Windows Update
28-07-2015 20:44:26 Windows Update
28-07-2015 21:03:56 Windows Update
28-07-2015 21:18:10 Windows Update
28-07-2015 23:39:28 Windows Update
28-07-2015 23:59:25 Windows Update
29-07-2015 02:01:52 Windows Update
29-07-2015 17:54:57 Windows Update
29-07-2015 18:31:38 Windows Update
31-07-2015 22:24:33 Windows Update
03-08-2015 17:20:53 Windows Update
04-08-2015 15:38:56 Windows Update
04-08-2015 20:13:45 Revo Uninstaller's restore point - Jasc Paint Shop Pro 9
05-08-2015 16:21:41 Revo Uninstaller's restore point - Speed Fix Tool Pro
05-08-2015 16:27:32 Revo Uninstaller's restore point - Speed Fix Tool Pro
07-08-2015 16:01:28 Windows Update

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2006-11-02 04:23 - 2015-03-27 18:41 - 00000027 ____A C:\Windows\system32\Drivers\etc\hosts
127.0.0.1       localhost

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {17BB6590-07B9-4350-87D7-307CDDA1E2C7} - System32\Tasks\{E9843E6B-161A-41FC-A1E7-2CA0F8484AC7} => pcalua.exe -a "C:\Users\Jo Ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LN7GJDVF\JavaSetup6u32.exe" -d "C:\Users\Jo Ann\Desktop"
Task: {2C9624D9-2C01-4DE3-9B10-F52497504433} - System32\Tasks\{CB450940-9E88-40E6-9644-02B3D41D0D84} => pcalua.exe -a "C:\Users\Jo Ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V7UFYYYB\msicuu2.exe" -d "C:\Users\Jo Ann\Desktop"
Task: {71F30A00-C293-4EDD-9EBE-FE83A4359806} - System32\Tasks\Java Update Scheduler => C:\Program Files\Common Files\Java\Java Update\jusched.exe [2015-06-08] (Oracle Corporation)
Task: {89CBCB5A-4F4E-4148-9813-29A25F0CA3FB} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2009-07-13] (Microsoft Corporation)
Task: {B6A13842-A718-4F44-92C5-E14AEEA5A260} - System32\Tasks\{0DADAEDA-73C6-46B7-AD1A-B64F93F275A2} => pcalua.exe -a E:\JCs\msicuu2.exe -d "C:\Users\Jo Ann\Desktop"
Task: {F55A3F67-1E95-4A76-B76E-308983E5BE35} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-06-01] (Piriform Ltd)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Loaded Modules (Whitelisted) ==============

2008-02-11 12:43 - 2008-02-11 12:43 - 00051716 _____ () C:\Windows\System32\pdf995mon.dll
2007-02-28 14:14 - 2007-01-25 19:47 - 00136816 _____ () C:\Toshiba\IVP\ISM\pinger.exe
2007-02-28 14:14 - 2007-01-25 19:50 - 00063096 _____ () c:\Toshiba\IVP\swupdate\swupdtmr.exe

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\1001night.biz -> 1001night.biz

There are 4617 more restricted sites.

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2741620654-2478720017-686529755-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jo Ann\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1 - 205.171.2.25
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: ) (ConsentPromptBehaviorUser: ) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AdobeFlashPlayerUpdateSvc => 3
MSCONFIG\Services: HomeGroupProvider => 2
MSCONFIG\Services: NitroReaderDriverReadSpool3 => 2
MSCONFIG\Services: SkypeUpdate => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Device Detector 4.lnk => C:\Windows\pss\Device Detector 4.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk => C:\Windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: HotKeysCmds => "C:\Windows\system32\hkcmd.exe"
MSCONFIG\startupreg: QuickTime Task => "C:\Program Files\QuickTime\QTTask.exe" -atboottime
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TPwrMain => "C:\Program Files\TOSHIBA\Power Saver\TPwrMain.EXE"
MSCONFIG\startupreg: VirtualCloneDrive => "C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe" /s

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D98FC9BA-5918-47EF-BD6F-171C84CC6898}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{39C8D04B-49AE-489F-9F08-5DFBF1C78A4E}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{53124464-4DA1-49FA-BC45-CC9BBFC002AD}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{5E90AFE9-ADD8-456E-9855-6BC8CF2E35C7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{BF47063C-846D-417D-9521-F0932628BCFA}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{9629B294-C187-4D9F-A53E-ADD08B3E23F5}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{D3960862-3C8B-40DE-90EA-823120F02EDB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{A2721396-018B-4425-A02C-E0E61A81D95F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{A6FAE68C-5F68-4EAA-B657-3A5CA8A01C73}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{13409163-FD58-4BA9-9771-49D52853DFCE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{4B91D592-CCB8-462A-B327-5A08A6F21A14}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{94B374A0-CF42-4844-92D9-CD4B9388DFF7}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{0DC8DBAF-F000-4E77-B596-F55E74434B7D}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe
FirewallRules: [{5C4078E0-F16D-4D1A-9CEA-D04144AF440B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe
FirewallRules: [{A86DF90A-28C2-46D2-AD39-6BEFCBE64370}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe
FirewallRules: [{39A6913C-EA6E-4376-BE06-83816DA9E2CE}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{88324388-270F-4FE7-B3E3-ABD898F16623}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{D2935953-CCF3-4747-9CDF-2C2AFCDD99BB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe
FirewallRules: [{E66BEAAA-9D49-4834-820F-DD21BE0F5752}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{76A6A0C3-4B4A-4483-BEDF-71DCD9BDED34}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{55FA543E-EE59-4BA3-9D48-8976DE123BC6}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe
FirewallRules: [{C53247D0-E666-4A6A-A845-289777C38615}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe
FirewallRules: [TCP Query User{509ECA36-BCFC-4352-A0D2-490D5CCA5E07}C:\program files\makemkv\makemkvcon.exe] => (Block) C:\program files\makemkv\makemkvcon.exe
FirewallRules: [UDP Query User{E2DBD15B-3405-42F2-B10C-5F3EEA6680A5}C:\program files\makemkv\makemkvcon.exe] => (Block) C:\program files\makemkv\makemkvcon.exe
FirewallRules: [{B2D3462D-E517-42C5-A4CA-84397F0759E3}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
FirewallRules: [{70A2CCA8-CAE9-42A3-8472-B5333CA8C065}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [{7738B64E-91F7-4BAA-A9BB-3784CAD2BCC2}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe
FirewallRules: [TCP Query User{883507BF-33C9-4056-BEA7-B1C98FF814BB}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
FirewallRules: [UDP Query User{BCC90374-4628-436C-B2C2-A619C4ED0859}C:\program files\mozilla firefox\firefox.exe] => (Block) C:\program files\mozilla firefox\firefox.exe
StandardProfile\AuthorizedApplications: [C:\TOSHIBA\Ivp\ISM\pinger.exe] => Enabled:Toshiba Software Upgrades Pinger
StandardProfile\AuthorizedApplications: [C:\TOSHIBA\ivp\NetInt\Netint.exe] => Enabled:NIE - Toshiba Software Upgrades Engine

==================== Faulty Device Manager Devices =============

Name: Photosmart C6100 series
Description: Photosmart C6100 series
Class Guid: {4d36e971-e325-11ce-bfc1-08002be10318}
Manufacturer: HP
Service:
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

==================== Event log errors: =========================

Application errors:
==================
Error: (08/08/2015 06:06:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/08/2015 06:06:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/08/2015 06:06:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/08/2015 11:54:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/08/2015 11:54:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/08/2015 11:54:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/07/2015 04:42:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/07/2015 04:42:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/07/2015 04:42:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/06/2015 07:59:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

System errors:
=============
Error: (08/10/2015 01:20:26 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (08/10/2015 01:20:26 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (08/10/2015 12:00:29 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (08/10/2015 12:00:29 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (08/09/2015 11:35:31 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (08/09/2015 11:35:31 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (08/09/2015 11:02:52 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (08/09/2015 11:02:52 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (08/09/2015 10:22:18 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Error: (08/09/2015 10:22:17 PM) (Source: Disk) (EventID: 11) (User: )
Description: The driver detected a controller error on \Device\Harddisk2\DR2.

Microsoft Office:
=========================
Error: (08/08/2015 06:06:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\XP\x64\DPInst.exe

Error: (08/08/2015 06:06:01 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\Win7\64bit\DPInst.exe

Error: (08/08/2015 06:06:00 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\Vista\64bit\DPInst.exe

Error: (08/08/2015 11:54:48 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\xp\x64\DPInst.exe

Error: (08/08/2015 11:54:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\win7\64bit\DPInst.exe

Error: (08/08/2015 11:54:47 AM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\vista\64bit\DPInst.exe

Error: (08/07/2015 04:42:31 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\XP\x64\DPInst.exe

Error: (08/07/2015 04:42:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\Win7\64bit\DPInst.exe

Error: (08/07/2015 04:42:30 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\Vista\64bit\DPInst.exe

Error: (08/06/2015 07:59:25 PM) (Source: SideBySide) (EventID: 33) (User: )
Description: Microsoft.Windows.Common-Controls,language="&#x2a;",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\XP\x64\DPInst.exe

==================== Memory info ===========================

Processor: Intel® Core™2 CPU T5300 @ 1.73GHz
Percentage of memory in use: 43%
Total physical RAM: 2038.05 MB
Available physical RAM: 1158.87 MB
Total Virtual: 4076.11 MB
Available Virtual: 3100.58 MB

==================== Drives ================================

Drive c: (SQ004328V04) (Fixed) (Total:147.58 GB) (Free:77.53 GB) NTFS ==>[drive with boot components (obtained from BCD)]
Drive f: (BLUE B) (Removable) (Total:7.52 GB) (Free:1.14 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 149.1 GB) (Disk ID: B528710F)
Partition 1: (Not Active) - (Size=1.5 GB) - (Type=27)
Partition 2: (Active) - (Size=147.6 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows XP) (Size: 7.5 GB) (Disk ID: C3072E18)
Partition 1: (Active) - (Size=7.5 GB) - (Type=0C)

==================== End of log ============================


  • 0

Advertisements


#2
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hello Eles and Welcome! :welcome:

My name is Dan, and I'll be helping you with your issues. If someone else is helping you, either here or at another malware removal assistance site, please let me know so that I may direct my efforts to helping another user.  The Staff at Geeks To Go are ALL volunteers; please keep that in mind if I don’t answer your post as quickly as you’d like. I give what time I can.  PLEASE be patient. ;)
 

  • Please note that you should have Administrator rights to perform any fixes.
  • Before we proceed, you may wish to print instructions for easy reference during the fix.  Please be aware that many of the required URLs are hyperlinks in the blue names shown on your screen. Part of the fix may require you to be in Safe Mode, which might not allow you to access the internet, or my instructions.
  • Please understand that malware removal is a complicated, multi-step process.  Therefore please stay with me until I tell you that your system is clean.  
  • Please do not make any system or program changes, or run any tools unless I specifically ask you to.  Attempting malware removal or clean-up yourself will only extend the time it will take to get your system clean.    If you get stuck or have questions, please stop and ask so I can help you.
  • Be sure to back up any personal data files you need to keep (documents, photos, etc.) to a USB flash drive or external hard disk.  While every attempt will be made to precisely repair the infections on your computer, due to the complexity and unpredictability of malware clean-up, there is always a risk of data loss.
  • When posting logs, please Copy & Paste the log file contents into a reply.  Use multiple posts if necessary, but please do not attach them or post them on a file hosting site, unless specifically asked to do so.

OK, let's see what we can take care of...

 

You've reported several issues here.  We should make sure the system is clean and then see where things are at.

First
You have multiple anti-virus, anti-spyware or firewall  programs running on your computer.

Running two or more real-time anti-virus, anti-spyware or firewall monitors at the same time can cause a conflict. That conflict can result in slow computer performance, error messages, program crashes or other types of failure. You will very likely end up with little or no protection.

 

Since you have Webroot Secure Anywhere, I would suggest disabling Windows Defender real-time protection by going to the Control Panel > Windows Defender > Tools > Options > Real-time protection and uncheck the "Use real-time protection (recommended)" check-box.

 

 

Second

Programs uninstall

Go to the Control Panel > Uninstall a program or Programs and Features, and uninstall the following programs:

  • YTD Video Downloader 4.9.1

 

Third

Run a FRST Fix

  • Download the attached fixlist.txt file and save it to the Desktop: Attached File  fixlist.txt   3.02KB   89 downloads

    (Note: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.)

    Notice: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.

     
  • Run FRST/FRST64 from your Desktop and press the Fix button just once and wait.
    FRST_Fix_zps8lrdygec.png
     
  • If for some reason the tool needs a restart, please make sure you let the system restart normally.  After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop named Fixlog.txt. Please post the contents of that log file into your next reply.

 

Fourth

Run Junkware Removal Tool:

Please download Junkware Removal Tool to your Desktop.

  • Shut down your protection software now to avoid potential conflicts.  See here for more information.
  • Run the tool by double-clicking it. If you are using Windows Vista, 7, or 8; instead of double-clicking, right-mouse click JRT.exe and select "Run as Administrator".
  • The tool will open and start scanning your system.
  • Please be patient as this can take a while to complete depending on your system's specifications.
  • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
  • Post the contents of JRT.txt into your next message.

 

Fifth

AdwCleaner by Xplode

Download AdwCleaner from here or from here. Save the file to the Desktop.

Note: If you are using IE 8 or above you may get a warning that stops the program from downloading. Just click on the warning and allow the download to complete.

Close all open windows and browsers.

  • XP users: Double click the AdwCleaner icon to start the program.
  • Vista/7/8 users: Right click the AdwCleaner icon on the desktop, click Run as administrator and accept the UAC prompt to run AdwCleaner.
    You will see the following console:
    AdwCleaner_Scan_zpsvt1mvqxm.png
  • Click the Scan button and wait for the scan to finish.
  • After the Scan has finished the window may or may not show what it found and above, in the progress bar, you will see: Pending. Please uncheck elements you don't want to remove. Please Do Not delete anything at this time.
  • Do not click the Cleaning button.
  • Click the Logfile button to get the log.
  • Copy and Paste it into your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[R0].txt.
  • Click the X in the upper right corner of the program or click the File menu and click Exit to close the program.

 

Finally

In your next reply, please copy/paste the contents of the following logs:

  • FRST fixlog
  • JRT log
  • AdwCleaner log

And tell me how the system is running. :)

 

 


  • 0

#3
eles

eles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Hi Dan,

I did everything on the list up to Junkware Removal Tool. It appears to be hung. It's been running for hours and hasn't gotten past Checking Registry. It doesn't appear to be getting any cycles in task manager. Is it ok to kill it and restart the utility?

Larry
  • 0

#4
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Sure, but before trying again, make sure to shut down Webroot SecureAnywhere by following these instructions.

 

Then, right click on JRT.exe and Run as Administrator...


  • 0

#5
eles

eles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

I had already done both those things - both shields were off as well as the firewall and I ran it from an elevated prompt.

I'll restart JRT.

Couldn't X out - Task Manager won't even kill it -  time for a 3 finger salute.

btw, I typically don't have access to this computer until after noon or 1.

Thanx


Edited by Eles, 16 August 2015 - 06:54 PM.

  • 0

#6
eles

eles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Hello

 

No noticeable differences.

 

I looked at the Hosts file and it looked ok.  Yesterday, I tried to run Microsoft Fixit 50267 for the Hosts file and it didn't do anything.

 

Here are the logs - and thanx

 

Fix result of Farbar Recovery Scan Tool (x86) Version:16-08-2015
Ran by Jo Ann (2015-08-16 13:23:35) Run:2
Running from C:\Users\Jo Ann\Desktop\LS 8-13\After 8-13 save to B\GTG\Dano Fix
Loaded Profiles: Jo Ann (Available Profiles: Jo Ann)
Boot Mode: Normal

==============================================

fixlist content:
*****************
CreateRestorePoint:
HKLM\...\Policies\Explorer: [NoFolderOptions] 0
HKLM\...\Policies\Explorer: [NoViewOnDrive] 0
HKLM\...\Policies\Explorer: [NoControlPanel] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRun] 0
HKLM\...\Policies\Explorer: [DisableLocalMachineRunOnce] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRun] 0
HKLM\...\Policies\Explorer: [DisableCurrentUserRunOnce] 0
HKLM\...\Policies\Explorer: [NoViewContextMenu] 0
HKLM\...\Policies\Explorer: [NoShellSearchButton] 0
HKLM\...\Policies\Explorer: [NoFind] 0
HKLM\...\Policies\Explorer: [NoFile] 0
HKLM\...\Policies\Explorer: [HideClock] 0
HKLM\...\Policies\Explorer: [NoTrayContextMenu] 0
HKLM\...\Policies\Explorer: [NoTrayItemsDisplay] 0
HKLM\...\Policies\Explorer: [NoSetFolders] 0
HKLM\...\Policies\Explorer: [NoDevMgrUpdate] 0
HKLM\...\Policies\Explorer: [NoSetTaskbar] 0
HKLM\...\Policies\Explorer: [NoDeletePrinter] 0
HKLM\...\Policies\Explorer: [NoDFSTab] 0
HKLM\...\Policies\Explorer: [NoChangeStartMenu] 0
HKLM\...\Policies\Explorer: [NoLogoff] 0
HKLM\...\Policies\Explorer: [NoWindowsUpdate] 0
HKLM\...\Policies\Explorer: [NoEncryptOnMove] 0
HKLM\...\Policies\Explorer: [NoRunasInstallPrompt] 0
HKLM\...\Policies\Explorer: [NoResolveSearch] 0
HKLM\...\Policies\Explorer: [NoSaveSettings] 0
HKLM\...\Policies\Explorer: [NoHardwareTab] 0
HKLM\...\Policies\Explorer: [NoStartMenuSubFolders] 0
HKLM\...\Policies\Explorer: [NoDesktop] 0
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\...\Run: [] => [X]
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1 205.171.2.25
Tcpip\..\Interfaces\{11001E69-6F19-4F9D-A4EE-BCD170AB0B6B}: [DhcpNameServer] 192.168.0.1 205.171.2.25
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
Task: {17BB6590-07B9-4350-87D7-307CDDA1E2C7} - System32\Tasks\{E9843E6B-161A-41FC-A1E7-2CA0F8484AC7} => pcalua.exe -a "C:\Users\Jo Ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\LN7GJDVF\JavaSetup6u32.exe" -d "C:\Users\Jo Ann\Desktop"
Task: {2C9624D9-2C01-4DE3-9B10-F52497504433} - System32\Tasks\{CB450940-9E88-40E6-9644-02B3D41D0D84} => pcalua.exe -a "C:\Users\Jo Ann\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\V7UFYYYB\msicuu2.exe" -d "C:\Users\Jo Ann\Desktop"
HKU\.DEFAULT\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\.DEFAULT\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-19\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\.exe: exefile => "%1" %* <===== ATTENTION
HKU\S-1-5-20\Software\Classes\exefile: "%1" %* <===== ATTENTION
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\Software\Classes\exefile: "%1" %* <===== ATTENTION
Reg: reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
Reg: reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f
RemoveProxy:
Hosts:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state ON
CMD: ipconfig /flushdns
EmptyTemp:
CMD: bitsadmin /reset /allusers
*****************

Restore point was successfully created.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFolderOptions => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewOnDrive => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoControlPanel => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRun => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableLocalMachineRunOnce => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRun => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\DisableCurrentUserRunOnce => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoViewContextMenu => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoShellSearchButton => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFind => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoFile => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\HideClock => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayContextMenu => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoTrayItemsDisplay => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetFolders => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDevMgrUpdate => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSetTaskbar => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDeletePrinter => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDFSTab => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoChangeStartMenu => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoLogoff => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoWindowsUpdate => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoEncryptOnMove => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoRunasInstallPrompt => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoResolveSearch => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoSaveSettings => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoHardwareTab => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoStartMenuSubFolders => value removed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer\\NoDesktop => value removed successfully.
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully.
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{11001E69-6F19-4F9D-A4EE-BCD170AB0B6B}\\DhcpNameServer => value removed successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{17BB6590-07B9-4350-87D7-307CDDA1E2C7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17BB6590-07B9-4350-87D7-307CDDA1E2C7}" => key removed successfully.
C:\Windows\System32\Tasks\{E9843E6B-161A-41FC-A1E7-2CA0F8484AC7} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E9843E6B-161A-41FC-A1E7-2CA0F8484AC7}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C9624D9-2C01-4DE3-9B10-F52497504433}" => key removed successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C9624D9-2C01-4DE3-9B10-F52497504433}" => key removed successfully.
C:\Windows\System32\Tasks\{CB450940-9E88-40E6-9644-02B3D41D0D84} => moved successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{CB450940-9E88-40E6-9644-02B3D41D0D84}" => key removed successfully.
"HKU\.DEFAULT\Software\Classes\exefile" => key removed successfully.
"HKU\.DEFAULT\Software\Classes\.exe" => key removed successfully.
HKU\.DEFAULT\Software\Classes\exefile => key not found.
"HKU\S-1-5-19\Software\Classes\exefile" => key removed successfully.
"HKU\S-1-5-19\Software\Classes\.exe" => key removed successfully.
HKU\S-1-5-19\Software\Classes\exefile => key not found.
"HKU\S-1-5-20\Software\Classes\exefile" => key removed successfully.
"HKU\S-1-5-20\Software\Classes\.exe" => key removed successfully.
HKU\S-1-5-20\Software\Classes\exefile => key not found.
"HKU\S-1-5-21-2741620654-2478720017-686529755-1000\Software\Classes\exefile" => key removed successfully.

========= reg delete HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= reg add HKLM\SOFTWARE\Policies\Microsoft\Windows\IPSec\Policy\Local /f =========

The operation completed successfully.

========= End of Reg: =========

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully.
HKU\S-1-5-21-2741620654-2478720017-686529755-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully.

========= End of RemoveProxy: =========

"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not restore Hosts.

=========  netsh advfirewall reset =========

Ok.

========= End of CMD: =========

=========  netsh advfirewall set allprofiles state ON =========

Ok.

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 7.5.6 (08.10.2015:1)
OS: Windows 7 Home Premium x86
Ran by Jo Ann on Sun 08/16/2015 at 19:21:25.84
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Tasks

~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{71576546-354D-41C9-AAE8-31F2EC22BF0D}

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{71576546-354D-41C9-AAE8-31F2EC22BF0D}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{CF739809-1C6C-47C0-85B9-569DBB141420}

~~~ Files

~~~ Folders

~~~ FireFox

Successfully deleted the following from C:\Users\Jo Ann\AppData\Roaming\mozilla\firefox\profiles\5erogpxw.default\prefs.js

user_pref(browser.search.defaultenginename.US, Ixquick HTTPS);
user_pref(browser.startup.homepage, hxxps://ixquick.com/do/mypage.pl?prf=7a4948c088bd636c7bde9d856a3b1f89);

~~~ Chrome

[C:\Users\Jo Ann\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - default search provider reset

[C:\Users\Jo Ann\Appdata\Local\Google\Chrome\User Data\Default\Preferences] - Extensions Deleted:

[C:\Users\Jo Ann\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - default search provider reset

[C:\Users\Jo Ann\Appdata\Local\Google\Chrome\User Data\Default\Secure Preferences] - Extensions Deleted:

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Sun 08/16/2015 at 19:27:08.06
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# AdwCleaner v5.000 - Logfile created 16/08/2015 at 19:34:31
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Jo Ann - JOANNS_LAPTOP
# Running from : E:\LS 8-13\GTG\Dano Fix\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

File Found : C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

Key Found : HKU\.DEFAULT\Software\Avg Secure Update
Key Found : HKCU\Software\Avg Secure Update
Key Found : HKCU\Software\SlimWare Utilities Inc
Key Found : HKLM\SOFTWARE\Avg Secure Update

***** [ Web browsers ] *****

*************************

C:\AdwCleaner[S3].txt - [828 octets] - [16/08/2015 19:34:31]

########## EOF - C:\AdwCleaner[S3].txt - [890 octets] ##########


Edited by Eles, 16 August 2015 - 08:02 PM.

  • 0

#7
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Please follow the instructions carefully.  I requested that the tools be downloaded to the Desktop, not a subfolder there or on an external drive like E:\LS 8-13\GTG\Dano Fix\AdwCleaner.exe.  This is done for good reasons :)

 

By "no notable differences", do you mean the windows opening by themselves and redirects are still happening?

 

Let's try this:

 

First
Run TDSSKiller

Please download the latest version of TDSSKiller from here and save it to your Desktop.

  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
    start-screen_zpsc9nndrww.jpg
  • Put a checkmark beside loaded modules.
    TDSS_loaded_mods_zpsaefsbmfv.png
  • A reboot will be needed to apply the changes. Do it.
  • TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
  • Then click on Change parameters in TDSSKiller.
  • Check all boxes are selected, then click OK.
  • Click the Start Scan button.
  • The scan should take no longer than 2 minutes.
  • If a suspicious object is detected, the default action will be Skip, click on Continue.
    tdss%20threat.JPG
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
    Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
    Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
  • Get the report by selecting Reports
    tdss%20report.JPG
  • A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste its contents on your next reply.

Second
MiniToolBox by Farbar

Please download Farbar MiniToolBox, save it to your desktop and run it.  

Checkmark the following checkboxes:

  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.

Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

 

Finally
In your next reply, please copy/paste the contents of the following logs:

  • TDSSKiller log
  • MiniToolbox log

  • 0

#8
eles

eles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts
Noticed differences:
Spurious openings and redirects are no longer evident.
Keystroke and mouse clicks still sometimes don't register.
Mouse still occasionally has a mind of its own.

I don't know why TDSS gave me 2 logs

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

13:49:04.0944 0x0d1c TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:49:40.0964 0x0d1c ============================================================
13:49:40.0964 0x0d1c Current date / time: 2015/08/17 13:49:40.0964
13:49:40.0964 0x0d1c SystemInfo:
13:49:40.0964 0x0d1c
13:49:40.0964 0x0d1c OS Version: 6.1.7601 ServicePack: 1.0
13:49:40.0964 0x0d1c Product type: Workstation
13:49:40.0980 0x0d1c ComputerName: JOANNS_LAPTOP
13:49:40.0980 0x0d1c UserName: Jo Ann
13:49:40.0980 0x0d1c Windows directory: C:\Windows
13:49:40.0980 0x0d1c System windows directory: C:\Windows
13:49:40.0980 0x0d1c Processor architecture: Intel x86
13:49:40.0980 0x0d1c Number of processors: 2
13:49:40.0980 0x0d1c Page size: 0x1000
13:49:40.0980 0x0d1c Boot type: Normal boot
13:49:40.0980 0x0d1c ============================================================
13:49:43.0429 0x0d1c KLMD registered as C:\Windows\system32\drivers\65362853.sys
13:49:43.0803 0x0d1c System UUID: {EB386112-D643-2FC7-DFE3-FAAF806C3A4D}
13:49:44.0817 0x0d1c Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
13:49:44.0817 0x0d1c Drive \Device\Harddisk1\DR1 - Size: 0x3BA300000 ( 14.91 Gb ), SectorSize: 0x200, Cylinders: 0x79A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
13:49:44.0833 0x0d1c ============================================================
13:49:44.0833 0x0d1c \Device\Harddisk0\DR0:
13:49:44.0833 0x0d1c MBR partitions:
13:49:44.0833 0x0d1c \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1272B000
13:49:44.0833 0x0d1c \Device\Harddisk1\DR1:
13:49:44.0833 0x0d1c MBR partitions:
13:49:44.0833 0x0d1c \Device\Harddisk1\DR1\Partition1: MBR, Type 0xC, StartLBA 0x20, BlocksNum 0x1DD17E0
13:49:44.0833 0x0d1c ============================================================
13:49:44.0880 0x0d1c C: <-> \Device\Harddisk0\DR0\Partition1
13:49:44.0880 0x0d1c ============================================================
13:49:44.0880 0x0d1c Initialize success
13:49:44.0880 0x0d1c ============================================================
13:54:30.0400 0x0148 KLMD registered as C:\Windows\system32\drivers\59944055.sys
13:54:32.0553 0x0148 Deinitialize success

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

13:56:05.0594 0x0c58 TDSS rootkit removing tool 3.1.0.5 Jul 24 2015 12:29:57
13:56:06.0046 0x0c58 ============================================================
13:56:06.0046 0x0c58 Current date / time: 2015/08/17 13:56:06.0046
13:56:06.0046 0x0c58 SystemInfo:
13:56:06.0046 0x0c58
13:56:06.0046 0x0c58 OS Version: 6.1.7601 ServicePack: 1.0
13:56:06.0046 0x0c58 Product type: Workstation
13:56:06.0046 0x0c58 ComputerName: JOANNS_LAPTOP
13:56:06.0046 0x0c58 UserName: Jo Ann
13:56:06.0046 0x0c58 Windows directory: C:\Windows
13:56:06.0046 0x0c58 System windows directory: C:\Windows
13:56:06.0046 0x0c58 Processor architecture: Intel x86
13:56:06.0046 0x0c58 Number of processors: 2
13:56:06.0046 0x0c58 Page size: 0x1000
13:56:06.0046 0x0c58 Boot type: Normal boot
13:56:06.0046 0x0c58 ============================================================
13:56:06.0062 0x0c58 BG loaded
13:56:06.0967 0x0c58 System UUID: {EB386112-D643-2FC7-DFE3-FAAF806C3A4D}
13:56:07.0653 0x0c58 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
13:56:07.0653 0x0c58 ============================================================
13:56:07.0653 0x0c58 \Device\Harddisk0\DR0:
13:56:07.0653 0x0c58 MBR partitions:
13:56:07.0653 0x0c58 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x1272B000
13:56:07.0653 0x0c58 ============================================================
13:56:07.0794 0x0c58 C: <-> \Device\Harddisk0\DR0\Partition1
13:56:07.0794 0x0c58 ============================================================
13:56:07.0794 0x0c58 Initialize success
13:56:07.0794 0x0c58 ============================================================
14:01:20.0752 0x03f4 ============================================================
14:01:20.0767 0x03f4 Scan started
14:01:20.0767 0x03f4 Mode: Manual; SigCheck; TDLFS;
14:01:20.0767 0x03f4 ============================================================
14:01:20.0767 0x03f4 KSN ping started
14:01:23.0903 0x03f4 KSN ping finished: true
14:01:27.0210 0x03f4 ================ Scan system memory ========================
14:01:27.0210 0x03f4 System memory - ok
14:01:27.0210 0x03f4 ================ Scan services =============================
14:01:27.0772 0x03f4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] 1394ohci C:\Windows\system32\DRIVERS\1394ohci.sys
14:01:28.0037 0x03f4 1394ohci - ok
14:01:28.0115 0x03f4 [ CEA80C80BED809AA0DA6FEBC04733349, AE69C142DC2210A4AE657C23CEA4A6E7CB32C4F4EBA039414123CAC52157509B ] ACPI C:\Windows\system32\drivers\ACPI.sys
14:01:28.0162 0x03f4 ACPI - ok
14:01:28.0209 0x03f4 [ 1EFBC664ABFF416D1D07DB115DCB264F, BF94D069D692140B792DBF4FD3CB0127D27C26CC5BFB6B0C28A8B6346767EE58 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
14:01:28.0318 0x03f4 AcpiPmi - ok
14:01:28.0411 0x03f4 [ 21E785EBD7DC90A06391141AAC7892FB, A2D3D764C5E6DC0AD5AAF48485FFB8B121D2A40DC08ECF2D2CB92278A1002B25 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
14:01:28.0505 0x03f4 adp94xx - ok
14:01:28.0567 0x03f4 [ 0C676BC278D5B59FF5ABD57BBE9123F2, 339E8A433D186BAAB6FCB44C82CC9FB6FCD63C87981449494CBEB2072CB6B7BB ] adpahci C:\Windows\system32\drivers\adpahci.sys
14:01:28.0630 0x03f4 adpahci - ok
14:01:28.0692 0x03f4 [ 7C7B5EE4B7B822EC85321FE23A27DB33, A934AFB71D439555E6376DA9B34F82E8D39A300A4547BE9AC9311F6A3C36270C ] adpu320 C:\Windows\system32\drivers\adpu320.sys
14:01:28.0739 0x03f4 adpu320 - ok
14:01:28.0801 0x03f4 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
14:01:28.0989 0x03f4 AeLookupSvc - ok
14:01:29.0098 0x03f4 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] AFD C:\Windows\system32\drivers\afd.sys
14:01:29.0207 0x03f4 AFD - ok
14:01:29.0457 0x03f4 [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] AgereSoftModem C:\Windows\system32\DRIVERS\AGRSM.sys
14:01:29.0613 0x03f4 AgereSoftModem - ok
14:01:29.0675 0x03f4 [ 507812C3054C21CEF746B6EE3D04DD6E, D7E59350AC338AD229E3D10C76E32AE16D120311B263714A9CD94AB538633B0E ] agp440 C:\Windows\system32\drivers\agp440.sys
14:01:29.0722 0x03f4 agp440 - ok
14:01:29.0784 0x03f4 [ 8B30250D573A8F6B4BD23195160D8707, 64EC289AFCD63D84EAFD9D81C50D0A77BCC79A1EFF32C50B2776BB0C0151757D ] aic78xx C:\Windows\system32\drivers\djsvs.sys
14:01:29.0831 0x03f4 aic78xx - ok
14:01:29.0909 0x03f4 [ 18A54E132947CD98FEA9ACCC57F98F13, 9D39AF972785E49F0DD12C4BAEF39A79CD69F098886BF152AF1B7CCE2E902115 ] ALG C:\Windows\System32\alg.exe
14:01:29.0987 0x03f4 ALG - ok
14:01:30.0049 0x03f4 [ 0D40BCF52EA90FC7DF2AEAB6503DEA44, 1D1AA8F50935D976C29DE7A84708CADBBBDD936F0DD2C059E820F0D21367B3B6 ] aliide C:\Windows\system32\drivers\aliide.sys
14:01:30.0081 0x03f4 aliide - ok
14:01:30.0143 0x03f4 [ 3C6600A0696E90A463771C7422E23AB5, 370B33DC1C25B981628A318BAE434A78A5F0A0DA93C2896DC7A3D7B87AE1A5E7 ] amdagp C:\Windows\system32\drivers\amdagp.sys
14:01:30.0174 0x03f4 amdagp - ok
14:01:30.0205 0x03f4 [ CD5914170297126B6266860198D1D4F0, 2239FCBD1A7EC27CE4F10DA36AE6BD6CCB87E5128C82CA71B84BFE5AF5602A60 ] amdide C:\Windows\system32\drivers\amdide.sys
14:01:30.0252 0x03f4 amdide - ok
14:01:30.0299 0x03f4 [ 00DDA200D71BAC534BF56A9DB5DFD666, CA316B1FFD85BA1CF8664B3229DA1F238A5341E016059F7ED89702324CFD124B ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
14:01:30.0377 0x03f4 AmdK8 - ok
14:01:30.0455 0x03f4 [ 3CBF30F5370FDA40DD3E87DF38EA53B6, 7EACF1743367BE805357B6FD10F8F99E9B1C301FE3782D77719347B13DFA65EC ] AmdPPM C:\Windows\system32\drivers\amdppm.sys
14:01:30.0533 0x03f4 AmdPPM - ok
14:01:30.0611 0x03f4 [ D320BF87125326F996D4904FE24300FC, F767D8C5C58D57202905D829F7AE1B1FF33937F407FDCE4C90E32A6638F27416 ] amdsata C:\Windows\system32\drivers\amdsata.sys
14:01:30.0673 0x03f4 amdsata - ok
14:01:30.0736 0x03f4 [ EA43AF0C423FF267355F74E7A53BDABA, 3F1335909AB0281A2FBDD7AD90E18309E091656CD32B48894B992789D8C61DB4 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys
14:01:30.0783 0x03f4 amdsbs - ok
14:01:30.0814 0x03f4 [ 46387FB17B086D16DEA267D5BE23A2F2, 8B8AC61B91F154B4EB5CC6DECB5FCCEBA8B42EFE94859947136AD06681EA8ED0 ] amdxata C:\Windows\system32\drivers\amdxata.sys
14:01:30.0861 0x03f4 amdxata - ok
14:01:30.0923 0x03f4 [ 81F97D8F8B3FB94A451CC6F7CF8B2965, 8DEBA4E47E1016D69740C0BB7CDD23852D86E0D42C1C1EA5A847ECB115C38CB1 ] AppID C:\Windows\system32\drivers\appid.sys
14:01:31.0032 0x03f4 AppID - ok
14:01:31.0063 0x03f4 [ F5090F8FA6757C58E17BAEAA86093636, 5E14CF3032DF5801240F45C59AA93962EA41AA5648A0C6458D16D9B9D95A131F ] AppIDSvc C:\Windows\System32\appidsvc.dll
14:01:31.0141 0x03f4 AppIDSvc - ok
14:01:31.0188 0x03f4 [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] Appinfo C:\Windows\System32\appinfo.dll
14:01:31.0235 0x03f4 Appinfo - ok
14:01:31.0297 0x03f4 [ 2932004F49677BD84DBC72EDB754FFB3, 73F84582244AC53994A2F4499A119B4A84A6BF7FD3046C29A8080C763DE540B8 ] arc C:\Windows\system32\drivers\arc.sys
14:01:31.0344 0x03f4 arc - ok
14:01:31.0360 0x03f4 [ 5D6F36C46FD283AE1B57BD2E9FEB0BC7, F7C9C3B4F2C816F57A43B2921672858C291054220BADE291044343778216F6BA ] arcsas C:\Windows\system32\drivers\arcsas.sys
14:01:31.0407 0x03f4 arcsas - ok
14:01:31.0687 0x03f4 [ 537B2948976F5D9B5767B74A63EBB395, 1A14F8B582E74AD15B612EDA5B707AA3CB0B2A107ED14572B4232EAA7383B634 ] aspnet_state C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe
14:01:31.0797 0x03f4 aspnet_state - ok
14:01:31.0859 0x03f4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
14:01:32.0046 0x03f4 AsyncMac - ok
14:01:32.0093 0x03f4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] atapi C:\Windows\system32\drivers\atapi.sys
14:01:32.0124 0x03f4 atapi - ok
14:01:32.0249 0x03f4 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:01:32.0311 0x03f4 AudioEndpointBuilder - ok
14:01:32.0374 0x03f4 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] Audiosrv C:\Windows\System32\Audiosrv.dll
14:01:32.0452 0x03f4 Audiosrv - ok
14:01:32.0530 0x03f4 [ 6E30D02AAC9CAC84F421622E3A2F6178, 229DC527C1D6C778BCA2C855A2A6F6D2C4B0F4F6DE56C886B3AAD26E3347952C ] AxInstSV C:\Windows\System32\AxInstSV.dll
14:01:32.0655 0x03f4 AxInstSV - ok
14:01:32.0842 0x03f4 [ 1A231ABEC60FD316EC54C66715543CEC, 09E2897BA80737997A286EA5408C03DD3CC0EBACD24CB391C2455B6D4BE7D67E ] b06bdrv C:\Windows\system32\drivers\bxvbdx.sys
14:01:32.0935 0x03f4 b06bdrv - ok
14:01:32.0998 0x03f4 [ BD8869EB9CDE6BBE4508D869929869EE, F4363A12EBFDBB89C69FD59B22F9EE05BADA07D477A1DF2DE01F59D6EE496543 ] b57nd60x C:\Windows\system32\DRIVERS\b57nd60x.sys
14:01:33.0091 0x03f4 b57nd60x - ok
14:01:33.0138 0x03f4 [ EE1E9C3BB8228AE423DD38DB69128E71, ED54FD9795F3A4D32F02BED6052AD9404409A05644CDBEBFF19C662D104DA95A ] BDESVC C:\Windows\System32\bdesvc.dll
14:01:33.0216 0x03f4 BDESVC - ok
14:01:33.0232 0x03f4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] Beep C:\Windows\system32\drivers\Beep.sys
14:01:33.0310 0x03f4 Beep - ok
14:01:33.0419 0x03f4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] BFE C:\Windows\System32\bfe.dll
14:01:33.0497 0x03f4 BFE - ok
14:01:33.0731 0x03f4 [ E585445D5021971FAE10393F0F1C3961, 178C008A9A0A6BFDA65EB0B98C510271360AD4474F22F13594F5EB60AA4E1CF5 ] BITS C:\Windows\System32\qmgr.dll
14:01:33.0887 0x03f4 BITS - ok
14:01:33.0934 0x03f4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
14:01:33.0981 0x03f4 blbdrive - ok
14:01:34.0043 0x03f4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
14:01:34.0137 0x03f4 bowser - ok
14:01:34.0152 0x03f4 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys
14:01:34.0199 0x03f4 BrFiltLo - ok
14:01:34.0230 0x03f4 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys
14:01:34.0308 0x03f4 BrFiltUp - ok
14:01:34.0355 0x03f4 [ 77361D72A04F18809D0EFB6CCEB74D4B, 55E7DB65BB29FF421F138CDFF05E5ECFFC7C8862FAA68F6179A3BA9D6B69AE64 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
14:01:34.0464 0x03f4 BridgeMP - ok
14:01:34.0542 0x03f4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] Browser C:\Windows\System32\browser.dll
14:01:34.0636 0x03f4 Browser - ok
14:01:34.0761 0x03f4 [ 845B8CE732E67F3B4133164868C666EA, 9309B094CD9B5EBC46295A5EB806BED472C3CEDE3B5F6F497EBDABA496A2A27F ] Brserid C:\Windows\System32\Drivers\Brserid.sys
14:01:34.0854 0x03f4 Brserid - ok
14:01:34.0885 0x03f4 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
14:01:34.0963 0x03f4 BrSerWdm - ok
14:01:34.0995 0x03f4 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
14:01:35.0073 0x03f4 BrUsbMdm - ok
14:01:35.0135 0x03f4 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
14:01:35.0197 0x03f4 BrUsbSer - ok
14:01:35.0244 0x03f4 [ ED3DF7C56CE0084EB2034432FC56565A, B5B75E002E7BC0209582C635CCCA26DB569BDB23C33A126634E00C6434BF941B ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys
14:01:35.0322 0x03f4 BTHMODEM - ok
14:01:35.0416 0x03f4 [ 1DF19C96EEF6C29D1C3E1A8678E07190, 1F4BB161FF3A1C5B1465BB52F3520FEDB7ACB1FAA132466F07D16DB8E394AEA5 ] bthserv C:\Windows\system32\bthserv.dll
14:01:35.0541 0x03f4 bthserv - ok
14:01:35.0587 0x03f4 [ 77EA11B065E0A8AB902D78145CA51E10, 160EB3BBE9E5F3CC4A02584E6F2576A812C7565B940D74838B983F1EE51FA73A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
14:01:35.0728 0x03f4 cdfs - ok
14:01:35.0821 0x03f4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
14:01:35.0899 0x03f4 cdrom - ok
14:01:35.0946 0x03f4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] CertPropSvc C:\Windows\System32\certprop.dll
14:01:36.0040 0x03f4 CertPropSvc - ok
14:01:36.0211 0x03f4 [ C82162949BBA6CC5D006C7BD008F3CF1, 635E5B5C5AF3ACECA6115DAC8E576390B258C6590EE9727DB6FA68B13FD85297 ] CFSvcs C:\Program Files\TOSHIBA\ConfigFree\CFSvcs.exe
14:01:36.0274 0x03f4 CFSvcs - detected UnsignedFile.Multi.Generic ( 1 )
14:01:39.0316 0x03f4 Detect skipped due to KSN trusted
14:01:39.0316 0x03f4 CFSvcs - ok
14:01:39.0378 0x03f4 [ 3FE3FE94A34DF6FB06E6418D0F6A0060, 6B3A2A26609A75B690D4C0B3059E40822F3B3DB08943F58EC496BABDA7D0A735 ] circlass C:\Windows\system32\drivers\circlass.sys
14:01:39.0456 0x03f4 circlass - ok
14:01:39.0581 0x03f4 [ 33A60554882FDF59CDA3E1806370BBA1, 3DE5451E1CB84AAEBD03F54BEFC670C401447B4881A8B022748B6ECF0F500F01 ] CLFS C:\Windows\system32\CLFS.sys
14:01:39.0643 0x03f4 CLFS - ok
14:01:39.0753 0x03f4 [ F13EC8A783E0CB0D6DC26A3CA848B7B8, 0809E3B71709F1343086EEB6C820543C1A7119E74EEF8AC1AEE1F81093ABEC66 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:01:39.0799 0x03f4 clr_optimization_v2.0.50727_32 - ok
14:01:39.0846 0x03f4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:01:39.0940 0x03f4 clr_optimization_v4.0.30319_32 - ok
14:01:39.0987 0x03f4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
14:01:40.0049 0x03f4 CmBatt - ok
14:01:40.0096 0x03f4 [ C537B1DB64D495B9B4717B4D6D9EDBF2, 400EEFE662DE117C9CC956E4CBD5E98F28F962E7447CD93E8A78FDD8CA39EB4B ] cmdide C:\Windows\system32\drivers\cmdide.sys
14:01:40.0143 0x03f4 cmdide - ok
14:01:40.0330 0x03f4 [ 3051724F223EA48968B19567DE2A81F4, DCC27DE1B2B35866FC6DBDE95A368E7D0D346B6C3F31D0BACA63DD39B0A8874E ] CNG C:\Windows\system32\Drivers\cng.sys
14:01:40.0501 0x03f4 CNG - ok
14:01:40.0579 0x03f4 [ A6023D3823C37043986713F118A89BEE, FAC239A7FA6251C7EDFFA34B4BAE3910B8BC0BD4A3574B6DB6931A8D691E207B ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
14:01:40.0626 0x03f4 Compbatt - ok
14:01:40.0673 0x03f4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys
14:01:40.0735 0x03f4 CompositeBus - ok
14:01:40.0767 0x03f4 COMSysApp - ok
14:01:40.0860 0x03f4 [ 2C4EBCFC84A9B44F209DFF6C6E6C61D1, 6FC323217D82EF661BA0E3F949B61B05BB5235D1A69C81D24876C2153FAECEF6 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
14:01:40.0954 0x03f4 crcdisk - ok
14:01:41.0016 0x03f4 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] CryptSvc C:\Windows\system32\cryptsvc.dll
14:01:41.0094 0x03f4 CryptSvc - ok
14:01:41.0328 0x03f4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] DcomLaunch C:\Windows\system32\rpcss.dll
14:01:41.0453 0x03f4 DcomLaunch - ok
14:01:41.0562 0x03f4 [ 8D6E10A2D9A5EED59562D9B82CF804E1, 888F9650F4E872BA8F4E0C27E38A6672A561042B17EBA40E306A22357965B0AD ] defragsvc C:\Windows\System32\defragsvc.dll
14:01:41.0687 0x03f4 defragsvc - ok
14:01:41.0749 0x03f4 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
14:01:41.0874 0x03f4 DfsC - ok
14:01:41.0968 0x03f4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] Dhcp C:\Windows\system32\dhcpcore.dll
14:01:42.0046 0x03f4 Dhcp - ok
14:01:42.0077 0x03f4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] discache C:\Windows\system32\drivers\discache.sys
14:01:42.0186 0x03f4 discache - ok
14:01:42.0249 0x03f4 [ 565003F326F99802E68CA78F2A68E9FF, ABC42B24DBA4FFC411120E09278EF26AF56CCAB463B69B4BD6C530B4A07063D2 ] Disk C:\Windows\system32\drivers\disk.sys
14:01:42.0295 0x03f4 Disk - ok
14:01:42.0342 0x03f4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] Dnscache C:\Windows\System32\dnsrslvr.dll
14:01:42.0451 0x03f4 Dnscache - ok
14:01:42.0514 0x03f4 [ 366BA8FB4B7BB7435E3B9EACB3843F67, 65B7C61ACF34F1F0149045AA9E09A3F917A927963237A385A914D0B80551DC31 ] dot3svc C:\Windows\System32\dot3svc.dll
14:01:42.0623 0x03f4 dot3svc - ok
14:01:42.0717 0x03f4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] DPS C:\Windows\system32\dps.dll
14:01:42.0841 0x03f4 DPS - ok
14:01:42.0904 0x03f4 [ B918E7C5F9BF77202F89E1A9539F2EB4, C589A37DE50BBEF22E2DAA9682EA43147F614AA1AF7DAAA942BA5FC192313A0B ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
14:01:42.0997 0x03f4 drmkaud - ok
14:01:43.0138 0x03f4 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
14:01:43.0231 0x03f4 DXGKrnl - ok
14:01:43.0325 0x03f4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] EapHost C:\Windows\System32\eapsvc.dll
14:01:43.0403 0x03f4 EapHost - ok
14:01:44.0729 0x03f4 [ 024E1B5CAC09731E4D868E64DBFB4AB0, AB0826A74BBEE5B7A1B035861B665C79BC98305CFC7D82BEF420558FBD3EE994 ] ebdrv C:\Windows\system32\drivers\evbdx.sys
14:01:45.0353 0x03f4 ebdrv - ok
14:01:45.0431 0x03f4 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] EFS C:\Windows\System32\lsass.exe
14:01:45.0493 0x03f4 EFS - ok
14:01:45.0915 0x03f4 [ A8C362018EFC87BEB013EE28F29C0863, 07971C681FBD391C0BA0172618AF8AD77520182207F1C57F134B34D6A113857F ] ehRecvr C:\Windows\ehome\ehRecvr.exe
14:01:46.0133 0x03f4 ehRecvr - ok
14:01:46.0258 0x03f4 [ D389BFF34F80CAEDE417BF9D1507996A, 12859B9925D7A4631DE61A820922F43F56ED23C2AF014CBF36322685E5CF641E ] ehSched C:\Windows\ehome\ehsched.exe
14:01:46.0383 0x03f4 ehSched - ok
14:01:46.0695 0x03f4 [ 0ED67910C8C326796FAA00B2BF6D9D3C, 97FAA7627A162B0AEC15545E0165D13355D535B4157604BB87F8EEB72ECD24A8 ] elxstor C:\Windows\system32\drivers\elxstor.sys
14:01:46.0835 0x03f4 elxstor - ok
14:01:46.0851 0x03f4 [ 8FC3208352DD3912C94367A206AB3F11, 69B65C12BDADD4B730508674B1B77C5496612B4ACCC447DB9AFE49ADEA8CBF02 ] ErrDev C:\Windows\system32\drivers\errdev.sys
14:01:46.0929 0x03f4 ErrDev - ok
14:01:47.0163 0x03f4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] EventSystem C:\Windows\system32\es.dll
14:01:47.0303 0x03f4 EventSystem - ok
14:01:47.0397 0x03f4 [ 2DC9108D74081149CC8B651D3A26207F, 75CB47923A867DDAC512701CE71DFCFC340FC3A2E27F4255D0836A1FBC463176 ] exfat C:\Windows\system32\drivers\exfat.sys
14:01:47.0537 0x03f4 exfat - ok
14:01:47.0646 0x03f4 [ 7E0AB74553476622FB6AE36F73D97D35, 41463A255FDA1D550B3385EC7C73ABC343B1BBBE9CEE4DF9F2A8B3E7338C4947 ] fastfat C:\Windows\system32\drivers\fastfat.sys
14:01:47.0771 0x03f4 fastfat - ok
14:01:47.0880 0x03f4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] Fax C:\Windows\system32\fxssvc.exe
14:01:48.0021 0x03f4 Fax - ok
14:01:48.0083 0x03f4 [ E817A017F82DF2A1F8CFDBDA29388B29, 4CC9320A21E6FEA2D16C48D6BEA14391B695BD541A3C5FDDAEEE086A414FC837 ] fdc C:\Windows\system32\drivers\fdc.sys
14:01:48.0145 0x03f4 fdc - ok
14:01:48.0270 0x03f4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] fdPHost C:\Windows\system32\fdPHost.dll
14:01:48.0473 0x03f4 fdPHost - ok
14:01:48.0598 0x03f4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] FDResPub C:\Windows\system32\fdrespub.dll
14:01:48.0738 0x03f4 FDResPub - ok
14:01:48.0816 0x03f4 [ 6CF00369C97F3CF563BE99BE983D13D8, F65F35324A2FB9DFB533B1C4D089D990CC242218FE83414329D07B786D8EFF33 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
14:01:48.0847 0x03f4 FileInfo - ok
14:01:48.0941 0x03f4 [ 42C51DC94C91DA21CB9196EB64C45DB9, 388C68D12ECC8FFE3116FEAAF4DB7B80CF4A3F97E935788DD21C6ADE2369F635 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
14:01:49.0035 0x03f4 Filetrace - ok
14:01:49.0081 0x03f4 [ 87907AA70CB3C56600F1C2FB8841579B, CA1CD82A1CD453617CE5EA431A1836997F14E3580554E8A516D9FE1E9926D979 ] flpydisk C:\Windows\system32\drivers\flpydisk.sys
14:01:49.0128 0x03f4 flpydisk - ok
14:01:49.0191 0x03f4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
14:01:49.0237 0x03f4 FltMgr - ok
14:01:49.0768 0x03f4 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] FontCache C:\Windows\system32\FntCache.dll
14:01:49.0971 0x03f4 FontCache - ok
14:01:50.0314 0x03f4 [ E56F39F6B7FDA0AC77A79B0FD3DE1A2F, DBED26852B99B362152DA9CD4F31A1883EF6F9B496F3CF3772A197BA72DB61DA ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
14:01:50.0439 0x03f4 FontCache3.0.0.0 - ok
14:01:50.0579 0x03f4 [ 1A16B57943853E598CFF37FE2B8CBF1D, 87609F46F3B8123552141FD70866E895220B1BBD92BC2B580CAF49201AA0197E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
14:01:50.0782 0x03f4 FsDepends - ok
14:01:50.0875 0x03f4 [ 7DAE5EBCC80E45D3253F4923DC424D05, 8A2C4D5591509B0B0A44583520617A9AE34F32BB6E68A012A7D7870ED24F703A ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
14:01:50.0985 0x03f4 Fs_Rec - ok
14:01:51.0047 0x03f4 [ E306A24D9694C724FA2491278BF50FDB, 1D246B9C28550640EACBF8CF9DC980FD75106B92832D392FEBEF0C7012353091 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
14:01:51.0109 0x03f4 fvevol - ok
14:01:51.0187 0x03f4 [ CBC22823628544735625B280665E434E, 6B5A3FE469CACE241F3332E6E6B3D0ACB3C2EB3DF0297C744F5A155992F0B411 ] FwLnk C:\Windows\system32\DRIVERS\FwLnk.sys
14:01:51.0281 0x03f4 FwLnk - ok
14:01:51.0312 0x03f4 [ 65EE0C7A58B65E74AE05637418153938, 0E1A398ADD8411AF4CCC3344D67BE1B261320C58328BD5C5855A357476FAEBEF ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
14:01:51.0359 0x03f4 gagp30kx - ok
14:01:51.0562 0x03f4 [ 0879DC7444A201DF84E69C5DD5083D61, 04DA6A5BED342A7C6CBF52DF784C17AF8A53D73F179BF70A80B556F884BEC98B ] getPlusHelper C:\Program Files\NOS\bin\getPlus_Helper.dll
14:01:51.0624 0x03f4 getPlusHelper - ok
14:01:51.0874 0x03f4 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] gpsvc C:\Windows\System32\gpsvc.dll
14:01:52.0061 0x03f4 gpsvc - ok
14:01:52.0233 0x03f4 [ C44E3C2BAB6837DB337DDEE7544736DB, 88A24FF7D2FECCEAFFD421B2039A0FB623DA47A6B220B80EF1E52DD26D9E222D ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
14:01:52.0342 0x03f4 hcw85cir - ok
14:01:52.0404 0x03f4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
14:01:52.0482 0x03f4 HDAudBus - ok
14:01:52.0560 0x03f4 [ 1D58A7F3E11A9731D0EAAAA8405ACC36, 7056FA18B86FBD52C4A6092D80476C02553EA053D6A0BEDB01A2FA5E152D5215 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys
14:01:52.0779 0x03f4 HidBatt - ok
14:01:52.0810 0x03f4 [ 89448F40E6DF260C206A193A4683BA78, 71E0FCC32AE6FF8DFF420DB0383D6A200E1EAE14BD2E32453F92CE18B31C1F3C ] HidBth C:\Windows\system32\drivers\hidbth.sys
14:01:52.0888 0x03f4 HidBth - ok
14:01:52.0935 0x03f4 [ CF50B4CF4A4F229B9F3C08351F99CA5E, B97843620AF80FF0EC8F2C438255C0A42A756C6314FAF3DEF415DE16E14C108F ] HidIr C:\Windows\system32\drivers\hidir.sys
14:01:52.0981 0x03f4 HidIr - ok
14:01:53.0044 0x03f4 [ 2BC6F6A1992B3A77F5F41432CA6B3B6B, 2AF3312F1C8C8923C0A29AA5DAE57CE269417E53DEA2F0CCCC8DB57029698FE1 ] hidserv C:\Windows\System32\hidserv.dll
14:01:53.0153 0x03f4 hidserv - ok
14:01:53.0231 0x03f4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] HidUsb C:\Windows\system32\drivers\hidusb.sys
14:01:53.0325 0x03f4 HidUsb - ok
14:01:53.0371 0x03f4 [ 196B4E3F4CCCC24AF836CE58FACBB699, 7A2E1F603A073421FA0987EFB96647F1F0F2D4E0C82AA62EBC041585DA811DAF ] hkmsvc C:\Windows\system32\kmsvc.dll
14:01:53.0481 0x03f4 hkmsvc - ok
14:01:53.0621 0x03f4 [ 6658F4404DE03D75FE3BA09F7ABA6A30, E51D9C1580A283EB862F09B73AAE1B647DD683A53F3DD99834222F12DD15E40F ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:01:53.0715 0x03f4 HomeGroupListener - ok
14:01:53.0855 0x03f4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:01:53.0917 0x03f4 HomeGroupProvider - ok
14:01:53.0980 0x03f4 [ D3C8A505DC4EAB76CD2ACF39D9CD0B76, F76AB76E861E4B9E281F484F76BA3508555CCE9269178D2D01E6CB4E4C473B7E ] HP8207_8307 C:\Windows\system32\DRIVERS\HP8207_8307.sys
14:01:54.0089 0x03f4 HP8207_8307 - ok
14:01:55.0243 0x03f4 [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:01:55.0353 0x03f4 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
14:01:58.0301 0x03f4 Detect skipped due to KSN trusted
14:01:58.0301 0x03f4 hpqcxs08 - ok
14:01:58.0426 0x03f4 [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] hpqddsvc C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:01:58.0441 0x03f4 hpqddsvc - detected UnsignedFile.Multi.Generic ( 1 )
14:02:01.0390 0x03f4 Detect skipped due to KSN trusted
14:02:01.0390 0x03f4 hpqddsvc - ok
14:02:01.0499 0x03f4 [ 295FDC419039090EB8B49FFDBB374549, 670E8015FD374640C6570F56F7FE8DE4D8F92E7A8072F5D1B2B95D0BD699CEF7 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
14:02:01.0608 0x03f4 HpSAMD - ok
14:02:02.0107 0x03f4 [ 79737E0F7D25DE8405CB34D4C9882253, 798E44BAE6CD4ECBC801ACE4089E18388ABD18744B901F53452D8103081DE967 ] HPSLPSVC C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:02:02.0248 0x03f4 HPSLPSVC - detected UnsignedFile.Multi.Generic ( 1 )
14:02:05.0196 0x03f4 Detect skipped due to KSN trusted
14:02:05.0196 0x03f4 HPSLPSVC - ok
14:02:05.0399 0x03f4 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] HTTP C:\Windows\system32\drivers\HTTP.sys
14:02:05.0539 0x03f4 HTTP - ok
14:02:05.0571 0x03f4 [ 0C4E035C7F105F1299258C90886C64C5, CFB4FBE7B28058E6D3E6E508CF3C1645F6AAE0AFEB4C5364835B9C42311DF0D4 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
14:02:05.0633 0x03f4 hwpolicy - ok
14:02:05.0711 0x03f4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
14:02:05.0773 0x03f4 i8042prt - ok
14:02:05.0929 0x03f4 [ 5CD5F9A5444E6CDCB0AC89BD62D8B76E, 72870092A80C6DAE0105025B0ED8B607E98BA81E59298364A7FE4C9C56C68FF0 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
14:02:06.0007 0x03f4 iaStorV - ok
14:02:06.0507 0x03f4 [ 3E9213A2A050BF429E91898C90F8B4E3, D80ABE5691087661B19F01927B631CB8C5291120B814B6F863F046E0D643E9E4 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
14:02:06.0663 0x03f4 idsvc - ok
14:02:08.0909 0x03f4 [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
14:02:09.0377 0x03f4 igfx - ok
14:02:09.0502 0x03f4 [ 4173FF5708F3236CF25195FECD742915, 0A9C0701DF6EAC6602BE342FC13C7950EF04BB5BDF7D96C2C5DABBD2A29AA55D ] iirsp C:\Windows\system32\drivers\iirsp.sys
14:02:09.0580 0x03f4 iirsp - ok
14:02:09.0689 0x03f4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] IKEEXT C:\Windows\System32\ikeext.dll
14:02:09.0814 0x03f4 IKEEXT - ok
14:02:11.0233 0x03f4 [ C6B9C84B5965E4BD6B9967B16058E4DE, F2F4F4C0522025782022E8F162A09697B18461DD06CB07E12B330AE00A7ABEFE ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHDA.sys
14:02:11.0499 0x03f4 IntcAzAudAddService - ok
14:02:11.0701 0x03f4 [ A0F12F2C9BA6C72F3987CE780E77C130, 5F53DF8BE1621AA7DFB655CFD9C95E0AFA1AD3CE2E290E19D7B7FB3C6E380034 ] intelide C:\Windows\system32\drivers\intelide.sys
14:02:11.0764 0x03f4 intelide - ok
14:02:11.0811 0x03f4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
14:02:11.0889 0x03f4 intelppm - ok
14:02:11.0967 0x03f4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
14:02:12.0076 0x03f4 IPBusEnum - ok
14:02:12.0123 0x03f4 [ 709D1761D3B19A932FF0238EA6D50200, 0A9D2C3A6E91CA45540555B40CB4E2DF3EBE98C1D164C4EECEE20C86782F5823 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:02:12.0232 0x03f4 IpFilterDriver - ok
14:02:12.0497 0x03f4 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
14:02:12.0669 0x03f4 iphlpsvc - ok
14:02:12.0762 0x03f4 [ 4BD7134618C1D2A27466A099062547BF, 20284ABEF4433A59E2981F4143CAEC67DC990864FE0B9E3DC70EE0B88539E964 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
14:02:12.0887 0x03f4 IPMIDRV - ok
14:02:12.0934 0x03f4 [ A5FA468D67ABCDAA36264E463A7BB0CD, EDB828D596E43372F97DAE1AADA46428C4C45FB80646DDC64FAD5F25C826CF63 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
14:02:13.0043 0x03f4 IPNAT - ok
14:02:13.0168 0x03f4 [ 42996CFF20A3084A56017B7902307E9F, 688176DAB91BE569280E4822E4C5BDE755794D293591C53F8047AD59C441751D ] IRENUM C:\Windows\system32\drivers\irenum.sys
14:02:13.0246 0x03f4 IRENUM - ok
14:02:13.0308 0x03f4 [ 1F32BB6B38F62F7DF1A7AB7292638A35, 86522358680FBB1CEBC56B4D139290689BB0F71A3EC78CE883E4D75D0B37586F ] isapnp C:\Windows\system32\drivers\isapnp.sys
14:02:13.0355 0x03f4 isapnp - ok
14:02:13.0527 0x03f4 [ EB34CE31FABD4DC4343FD2AD16D2CAF9, D21C91227A15DA89ECF522345D0AB80B3B7FC24A230596DABDB8BD3B7554CE8C ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
14:02:13.0636 0x03f4 iScsiPrt - ok
14:02:13.0729 0x03f4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
14:02:13.0776 0x03f4 kbdclass - ok
14:02:13.0792 0x03f4 [ 9E3CED91863E6EE98C24794D05E27A71, 90CF59F20E14E4A5A793266805E82BF7AE1F0CF4C7BAB1FD2EEF3B53C5DF770F ] kbdhid C:\Windows\system32\drivers\kbdhid.sys
14:02:13.0901 0x03f4 kbdhid - ok
14:02:13.0917 0x03f4 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] KeyIso C:\Windows\system32\lsass.exe
14:02:13.0963 0x03f4 KeyIso - ok
14:02:14.0151 0x03f4 [ 1E0D65F7FFEB4E99B2EEC1CCB5754CC8, FE56EA89A4D7751EAB089C58514A824FBEDB44065CF3132B897AC613E211B46B ] KR10I C:\Windows\system32\drivers\kr10i.sys
14:02:14.0229 0x03f4 KR10I - detected UnsignedFile.Multi.Generic ( 1 )
14:02:17.0193 0x03f4 Detect skipped due to KSN trusted
14:02:17.0193 0x03f4 KR10I - ok
14:02:17.0505 0x03f4 [ 485E005CD51FF502FB16483EB4B69C17, 8294524C21C18BA5A32B926BD497C67A4ED49FB3654C93D11681C01D30769998 ] KR3NPXP C:\Windows\system32\drivers\kr3npxp.sys
14:02:17.0629 0x03f4 KR3NPXP - detected UnsignedFile.Multi.Generic ( 1 )
14:02:20.0578 0x03f4 Detect skipped due to KSN trusted
14:02:20.0578 0x03f4 KR3NPXP - ok
14:02:20.0656 0x03f4 [ A1F4064171DB9F314BDABA0B43014CA4, DFAB60F6C8D00DC4AC55D32D797095E82C00F71E33F6EE989B03EE0A1D340FEF ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
14:02:20.0718 0x03f4 KSecDD - ok
14:02:20.0781 0x03f4 [ 8A8BA57DF21630B36B2FAA229AC5B1D1, D6B407D23453E8547B9F64BC8B484A593347E8252A25B9637BA8F8C067B1E057 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
14:02:20.0827 0x03f4 KSecPkg - ok
14:02:20.0983 0x03f4 [ 89A7B9CC98D0D80C6F31B91C0A310FCD, 4583CAEEE0D50C0C7CE955E533FDA063CDC37B69033D41EF22EF1BA242E4C747 ] KtmRm C:\Windows\system32\msdtckrm.dll
14:02:21.0124 0x03f4 KtmRm - ok
14:02:21.0249 0x03f4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] LanmanServer C:\Windows\System32\srvsvc.dll
14:02:21.0373 0x03f4 LanmanServer - ok
14:02:21.0420 0x03f4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:02:21.0514 0x03f4 LanmanWorkstation - ok
14:02:21.0592 0x03f4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
14:02:21.0670 0x03f4 lltdio - ok
14:02:21.0779 0x03f4 [ 5700673E13A2117FA3B9020C852C01E2, 6684A2905EE8C438F2A64BE47E51A54D287B08DEFB8E0AE7FC2809D845EE3C5F ] lltdsvc C:\Windows\System32\lltdsvc.dll
14:02:21.0919 0x03f4 lltdsvc - ok
14:02:21.0951 0x03f4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] lmhosts C:\Windows\System32\lmhsvc.dll
14:02:22.0075 0x03f4 lmhosts - ok
14:02:22.0138 0x03f4 [ EB119A53CCF2ACC000AC71B065B78FEF, 1FD60735C4945AE565C223F0B47EAF9602D8777E3D15600914C1A9D761215AF9 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
14:02:22.0185 0x03f4 LSI_FC - ok
14:02:22.0216 0x03f4 [ 8ADE1C877256A22E49B75D1CC9161F9C, 3D64F233DC866537E50549A7C1A2B40A954055B22F0BDA39825B04C38C607CB7 ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
14:02:22.0263 0x03f4 LSI_SAS - ok
14:02:22.0278 0x03f4 [ DC9DC3D3DAA0E276FD2EC262E38B11E9, A264990857CBC74036799E17A087130626C0A09BE19879019BAF2D761C62AECC ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys
14:02:22.0325 0x03f4 LSI_SAS2 - ok
14:02:22.0356 0x03f4 [ 0A036C7D7CAB643A7F07135AC47E0524, 2F662D07FCB74B8D493156DB555EAA90A47E93CF14C7B30039D2FE47EB8682B8 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
14:02:22.0403 0x03f4 LSI_SCSI - ok
14:02:22.0465 0x03f4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] luafv C:\Windows\system32\drivers\luafv.sys
14:02:22.0543 0x03f4 luafv - ok
14:02:22.0621 0x03f4 [ BFB9EE8EE977EFE85D1A3105ABEF6DD1, D2A84EBF0C0B7A14AD432FD2EF43CC12300027AEA3FA4075659FB088AB62B588 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
14:02:22.0699 0x03f4 Mcx2Svc - ok
14:02:22.0996 0x03f4 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
14:02:23.0043 0x03f4 MDM - ok
14:02:23.0167 0x03f4 [ 0FFF5B045293002AB38EB1FD1FC2FB74, 49071B565FD5B2DE43EC00D8518C3BE70843F38919E82F13104B8C1FAFB20374 ] megasas C:\Windows\system32\drivers\megasas.sys
14:02:23.0230 0x03f4 megasas - ok
14:02:23.0292 0x03f4 [ DCBAB2920C75F390CAF1D29F675D03D6, 85C3A7A010BEA5E3C6179161B295F2CB900A6A214833A5F87A4327392880E2BB ] MegaSR C:\Windows\system32\drivers\MegaSR.sys
14:02:23.0355 0x03f4 MegaSR - ok
14:02:23.0448 0x03f4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] MMCSS C:\Windows\system32\mmcss.dll
14:02:23.0526 0x03f4 MMCSS - ok
14:02:23.0589 0x03f4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] Modem C:\Windows\system32\drivers\modem.sys
14:02:23.0698 0x03f4 Modem - ok
14:02:23.0760 0x03f4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
14:02:23.0854 0x03f4 monitor - ok
14:02:23.0916 0x03f4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
14:02:23.0963 0x03f4 mouclass - ok
14:02:24.0057 0x03f4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
14:02:24.0150 0x03f4 mouhid - ok
14:02:24.0244 0x03f4 [ 644905A19D0F37F2233DFCE53BC4BC19, F52CB40AA0FD1EBF8CBF0F3BFB20C47142C637719840877FB93F10D085EB8C2B ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
14:02:24.0306 0x03f4 mountmgr - ok
14:02:24.0415 0x03f4 [ 22A7042C70F90F8261840740DDBB5176, AD0075C97D2D7C568D5CFB1C3A02DCE3BC01941844A759B29CD4DE4AF2F5FC45 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
14:02:24.0478 0x03f4 MozillaMaintenance - ok
14:02:24.0525 0x03f4 [ 2D699FB6E89CE0D8DA14ECC03B3EDFE0, D3D903EEA465D77345AAC9B9F02CDEADF4831212EA2DE4FCA33BEE26EBB47420 ] mpio C:\Windows\system32\drivers\mpio.sys
14:02:24.0571 0x03f4 mpio - ok
14:02:24.0603 0x03f4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
14:02:24.0712 0x03f4 mpsdrv - ok
14:02:25.0008 0x03f4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] MpsSvc C:\Windows\system32\mpssvc.dll
14:02:25.0117 0x03f4 MpsSvc - ok
14:02:25.0180 0x03f4 [ 03F899F521D2AAED1C55008F734DF252, 4E56A51476A13F5630719018037B1F63DF9ACEA1CFE782AF04E669BD696954C5 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
14:02:25.0305 0x03f4 MRxDAV - ok
14:02:25.0367 0x03f4 [ 01C5B803F6E1FDF8F16F0763DA9B997D, 721B5C6E8E71453D6494971C14CFD93F1A180098D4EE35572EAACEF6FC6B0442 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
14:02:25.0414 0x03f4 mrxsmb - ok
14:02:25.0523 0x03f4 [ C48A8284F018BEAAFC7A027A570D9C84, DD29ACC08E9F57ED426D11F8A3E2F0EA53F373200D249225627124F65D1EC1BD ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:02:25.0570 0x03f4 mrxsmb10 - ok
14:02:25.0648 0x03f4 [ C1CC047CE391BB88350379153BC1C8FA, 2DC83A61F871A87CFC6E56BF5F164271E7E72694B33E58D842F5759A3DE8F4C7 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:02:25.0695 0x03f4 mrxsmb20 - ok
14:02:25.0726 0x03f4 [ 012C5F4E9349E711E11E0F19A8589F0A, 208B92DFCF7AD43202660FBBC9FF5E03AEDBEE38178FF3628EB74CB6CD37C584 ] msahci C:\Windows\system32\drivers\msahci.sys
14:02:25.0788 0x03f4 msahci - ok
14:02:25.0835 0x03f4 [ 55055F8AD8BE27A64C831322A780A228, C2C9FD1F61302997117B1CD0835E8234405BB80084065ED05363B77868397304 ] msdsm C:\Windows\system32\drivers\msdsm.sys
14:02:25.0913 0x03f4 msdsm - ok
14:02:25.0960 0x03f4 [ E1BCE74A3BD9902B72599C0192A07E27, 5162EB623FE64E9DFEAC6CA2410EFA1314E62EC13207FFBFED2D61AA887603C4 ] MSDTC C:\Windows\System32\msdtc.exe
14:02:26.0038 0x03f4 MSDTC - ok
14:02:26.0085 0x03f4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] Msfs C:\Windows\system32\drivers\Msfs.sys
14:02:26.0163 0x03f4 Msfs - ok
14:02:26.0194 0x03f4 [ 3E1E5767043C5AF9367F0056295E9F84, B2EDFECD3C14E4FE1BA87D9A86334043A9BD696A554EBD186DA7EAEB2EBD4F70 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
14:02:26.0334 0x03f4 mshidkmdf - ok
14:02:26.0381 0x03f4 [ 0A4E5757AE09FA9622E3158CC1AEF114, ED574E420E57374E328C7C526504ECA569C164287966F06019EC207CB17F2C54 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
14:02:26.0443 0x03f4 msisadrv - ok
14:02:26.0584 0x03f4 [ 90F7D9E6B6F27E1A707D4A297F077828, BEFC220EAA7307849600748842ACB9254A6A91158812D9B23EFAF912C498BA7F ] MSiSCSI C:\Windows\system32\iscsiexe.dll
14:02:26.0662 0x03f4 MSiSCSI - ok
14:02:26.0677 0x03f4 msiserver - ok
14:02:26.0771 0x03f4 [ 8C0860D6366AAFFB6C5BB9DF9448E631, 949C5A14E57F2D7385543C17C3485E7ADE36EA2016F6E0A1866571D2EDE90A77 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
14:02:26.0865 0x03f4 MSKSSRV - ok
14:02:27.0005 0x03f4 [ F26F7A5B18C717E57E3B6B306ABEC00B, 4C49C67A48F6B77E38A7FD28C960C92DFF371ACF0722C6EE4DF5F4B382937870 ] MsMpSvc c:\Program Files\Microsoft Security Client\MsMpEng.exe
14:02:27.0052 0x03f4 MsMpSvc - ok
14:02:27.0145 0x03f4 [ 3EA8B949F963562CEDBB549EAC0C11CE, 1B0B2F16A1790282504F3C548D47C3281EFB440D5D9711A1EF76D6371B768D2D ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
14:02:27.0239 0x03f4 MSPCLOCK - ok
14:02:27.0270 0x03f4 [ F456E973590D663B1073E9C463B40932, 48BA6D5580EE7B6A4C06E04772FD35B51779553FC0DD6C5C30DD8B5DEEB25B11 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
14:02:27.0364 0x03f4 MSPQM - ok
14:02:27.0457 0x03f4 [ 0E008FC4819D238C51D7C93E7B41E560, 141FCEBDD05874407EAEC35A9DCD3BB16F2A428F23E55487D6A5DBFCADBF10D2 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
14:02:27.0551 0x03f4 MsRPC - ok
14:02:27.0613 0x03f4 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
14:02:27.0645 0x03f4 mssmbios - ok
14:02:27.0691 0x03f4 [ B42C6B921F61A6E55159B8BE6CD54A36, 6BB0A7BE005B8F281E551D1B8046CE4202372BC7AE0161881C858BFAC675FE1C ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
14:02:27.0816 0x03f4 MSTEE - ok
14:02:27.0847 0x03f4 [ 33599130F44E1F34631CEA241DE8AC84, E15B31D1AFDC8DC6D2B21D4215796A99ECC69EEDBB06CEED01AECC3C99A44C8B ] MTConfig C:\Windows\system32\drivers\MTConfig.sys
14:02:27.0910 0x03f4 MTConfig - ok
14:02:27.0957 0x03f4 [ 159FAD02F64E6381758C990F753BCC80, E55AB01DCFA95ECAB24A2A9656E28FF9D064BA08B3D82DC8AA42F5991BA09598 ] Mup C:\Windows\system32\Drivers\mup.sys
14:02:28.0003 0x03f4 Mup - ok
14:02:28.0175 0x03f4 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] napagent C:\Windows\system32\qagentRT.dll
14:02:28.0284 0x03f4 napagent - ok
14:02:28.0393 0x03f4 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
14:02:28.0503 0x03f4 NativeWifiP - ok
14:02:28.0737 0x03f4 [ 8C9C922D71F1CD4DEF73F186416B7896, 15FF43CD90C7913F83B35F2E7986561584588E8A45196EBD965C3A355836A9C7 ] NDIS C:\Windows\system32\drivers\ndis.sys
14:02:28.0846 0x03f4 NDIS - ok
14:02:28.0877 0x03f4 [ 0E1787AA6C9191D3D319E8BAFE86F80C, F535022747355B2C66424BDA892D7DCB820C2EB8EE05BAE5BC6D1B1D65186278 ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
14:02:28.0986 0x03f4 NdisCap - ok
14:02:29.0064 0x03f4 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
14:02:29.0158 0x03f4 NdisTapi - ok
14:02:29.0205 0x03f4 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
14:02:29.0298 0x03f4 Ndisuio - ok
14:02:29.0345 0x03f4 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
14:02:29.0454 0x03f4 NdisWan - ok
14:02:29.0517 0x03f4 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
14:02:29.0610 0x03f4 NDProxy - ok
14:02:29.0673 0x03f4 [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
14:02:29.0719 0x03f4 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:02:32.0917 0x03f4 Detect skipped due to KSN trusted
14:02:32.0917 0x03f4 Net Driver HPZ12 - ok
14:02:32.0996 0x03f4 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
14:02:33.0074 0x03f4 NetBIOS - ok
14:02:33.0245 0x03f4 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
14:02:33.0354 0x03f4 NetBT - ok
14:02:33.0401 0x03f4 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] Netlogon C:\Windows\system32\lsass.exe
14:02:33.0448 0x03f4 Netlogon - ok
14:02:33.0620 0x03f4 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] Netman C:\Windows\System32\netman.dll
14:02:33.0744 0x03f4 Netman - ok
14:02:33.0822 0x03f4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:02:33.0900 0x03f4 NetMsmqActivator - ok
14:02:34.0010 0x03f4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetPipeActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:02:34.0056 0x03f4 NetPipeActivator - ok
14:02:34.0150 0x03f4 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] netprofm C:\Windows\System32\netprofm.dll
14:02:34.0259 0x03f4 netprofm - ok
14:02:34.0322 0x03f4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpActivator C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:02:34.0368 0x03f4 NetTcpActivator - ok
14:02:34.0431 0x03f4 [ E58808846B62041BFB05395E1CED6499, 5387F2CE6B494337725D2BF3EB563912E6EE33918F2872C5FE07BEDBB0F761EE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe
14:02:34.0478 0x03f4 NetTcpPortSharing - ok
14:02:36.0225 0x03f4 [ 58218EC6B61B1169CF54AAB0D00F5FE2, B76ABB2AD78CE68D30F0F08563B0593D658298CDCF1B138B6E9FB0D64CBCC3C2 ] netw5v32 C:\Windows\system32\DRIVERS\netw5v32.sys
14:02:36.0880 0x03f4 netw5v32 - ok
14:02:38.0986 0x03f4 [ D4EF7A9767C05905500EC312CB29EF46, 464DE67D1BE3A3A684206B2D494FEE723FB5B6559F3783EF929352F22B0A9492 ] NETwLv32 C:\Windows\system32\DRIVERS\NETwLv32.sys
14:02:39.0501 0x03f4 NETwLv32 - ok
14:02:39.0610 0x03f4 [ 1D85C4B390B0EE09C7A46B91EFB2C097, 6A8850B151E88EE371F3CC543A946302DDF9494908D684B8B0C706A42CC54348 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
14:02:39.0657 0x03f4 nfrd960 - ok
14:02:39.0735 0x03f4 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] NlaSvc C:\Windows\System32\nlasvc.dll
14:02:39.0844 0x03f4 NlaSvc - ok
14:02:39.0875 0x03f4 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] Npfs C:\Windows\system32\drivers\Npfs.sys
14:02:39.0984 0x03f4 Npfs - ok
14:02:40.0062 0x03f4 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] nsi C:\Windows\system32\nsisvc.dll
14:02:40.0140 0x03f4 nsi - ok
14:02:40.0234 0x03f4 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
14:02:40.0312 0x03f4 nsiproxy - ok
14:02:40.0796 0x03f4 [ C8DFF8D07755A66C7A4A738930F0FEAC, A2CC58312CE57988ABD976155BE91F558DCEC4C23481C6FBE64B361D511A36EA ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
14:02:40.0936 0x03f4 Ntfs - ok
14:02:40.0998 0x03f4 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] Null C:\Windows\system32\drivers\Null.sys
14:02:41.0139 0x03f4 Null - ok
14:02:41.0201 0x03f4 [ B3E25EE28883877076E0E1FF877D02E0, 402B6FED6FBBF645190396DC141141EF52DD059DABD01F8AC9CF01D23664070C ] nvraid C:\Windows\system32\drivers\nvraid.sys
14:02:41.0248 0x03f4 nvraid - ok
14:02:41.0310 0x03f4 [ 4380E59A170D88C4F1022EFF6719A8A4, 93EDB3F4CDBF53C9C1970DD29AB146E390695C568180847BA8903F5FBEABCFF2 ] nvstor C:\Windows\system32\drivers\nvstor.sys
14:02:41.0357 0x03f4 nvstor - ok
14:02:41.0388 0x03f4 [ 5A0983915F02BAE73267CC2A041F717D, D83461D74597BF2BE042FEFCC27FCD18BF63CB8135B0666D731D50951C3468A8 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
14:02:41.0435 0x03f4 nv_agp - ok
14:02:41.0482 0x03f4 [ 08A70A1F2CDDE9BB49B885CB817A66EB, 0BB98123B544124B144F3E95D77E01E973D060B8B2302503FF24ABBBE803EB63 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
14:02:41.0544 0x03f4 ohci1394 - ok
14:02:41.0669 0x03f4 [ 6186C9AB11F20EF09F0531344F561CB0, 166B791F40FFFC35054FB3F47A93955DF3E338A1E3C36388FCF2E3029AA30FB5 ] Olympus DVR Service C:\Program Files\Common Files\Olympus Shared\DeviceManager\olydvrsv.exe
14:02:41.0700 0x03f4 Olympus DVR Service - detected UnsignedFile.Multi.Generic ( 1 )
14:02:44.0852 0x03f4 Detect skipped due to KSN trusted
14:02:44.0852 0x03f4 Olympus DVR Service - ok
14:02:45.0008 0x03f4 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
14:02:45.0054 0x03f4 ose - ok
14:02:45.0210 0x03f4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
14:02:45.0320 0x03f4 p2pimsvc - ok
14:02:45.0444 0x03f4 [ 59C3DDD501E39E006DAC31BF55150D91, E02B63AB7F34CF6FF3F644AF354D10004E6F50014E03172D80BD78934EF71EF1 ] p2psvc C:\Windows\system32\p2psvc.dll
14:02:45.0507 0x03f4 p2psvc - ok
14:02:45.0569 0x03f4 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] Parport C:\Windows\system32\drivers\parport.sys
14:02:45.0632 0x03f4 Parport - ok
14:02:45.0741 0x03f4 [ 3F34A1B4C5F6475F320C275E63AFCE9B, 31295D5121C0C3F2085E0EEBA260EEE4CA003993C026E2F81986D19158036E6B ] partmgr C:\Windows\system32\drivers\partmgr.sys
14:02:45.0803 0x03f4 partmgr - ok
14:02:45.0834 0x03f4 [ EB0A59F29C19B86479D36B35983DAADC, AC09AFE7F13BE4079D01383BAC44091997E1AAF6512C9673A42B9E3780EB08A8 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
14:02:45.0881 0x03f4 Parvdm - ok
14:02:45.0975 0x03f4 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] PcaSvc C:\Windows\System32\pcasvc.dll
14:02:46.0068 0x03f4 PcaSvc - ok
14:02:46.0146 0x03f4 [ 673E55C3498EB970088E812EA820AA8F, 1F81315664B8CBFDD569416C0ECCE4C6251F34577313A0858AB46609781303B5 ] pci C:\Windows\system32\drivers\pci.sys
14:02:46.0193 0x03f4 pci - ok
14:02:46.0302 0x03f4 [ AFE86F419014DB4E5593F69FFE26CE0A, CAF36E61BE7B511D3A03A65FF5A3017CEE4D2F53005B410F2D4A2AAE9FED4C00 ] pciide C:\Windows\system32\drivers\pciide.sys
14:02:46.0349 0x03f4 pciide - ok
14:02:46.0396 0x03f4 [ F396431B31693E71E8A80687EF523506, BC614FC21E029E2497F1CCE3131BBD295B827F2310762B47D5BBC7703D80554B ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
14:02:46.0458 0x03f4 pcmcia - ok
14:02:46.0505 0x03f4 [ 250F6B43D2B613172035C6747AEEB19F, A91F15B133F2619912CF750E6F3662E011CD0FA4B9477CE532CE3196D23307D9 ] pcw C:\Windows\system32\drivers\pcw.sys
14:02:46.0568 0x03f4 pcw - ok
14:02:46.0692 0x03f4 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
14:02:46.0802 0x03f4 PEAUTH - ok
14:02:46.0911 0x03f4 [ 6DBF2AC2BDAFF355995AB25ECCC4CFE1, F2DD39F6B1489276A913FD62D6C068D79EABADC417D404143E3D2FF8C20CDE01 ] pinger C:\Toshiba\IVP\ISM\pinger.exe
14:02:46.0958 0x03f4 pinger - ok
14:02:47.0504 0x03f4 [ 414BBA67A3DED1D28437EB66AEB8A720, D6DF254E2615FA402044824DCD9004F579FC0DF74B90E44C99D5F0253CF8AD88 ] pla C:\Windows\system32\pla.dll
14:02:47.0831 0x03f4 pla - ok
14:02:47.0972 0x03f4 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] PlugPlay C:\Windows\system32\umpnpmgr.dll
14:02:48.0112 0x03f4 PlugPlay - ok
14:02:48.0174 0x03f4 [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
14:02:48.0237 0x03f4 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
14:02:51.0310 0x03f4 Detect skipped due to KSN trusted
14:02:51.0310 0x03f4 Pml Driver HPZ12 - ok
14:02:51.0404 0x03f4 [ 63FF8572611249931EB16BB8EED6AFC8, 9732CCBCB93A7A4BEC88812B952C20244479E9BD781240C195E57F09E619EA33 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
14:02:51.0575 0x03f4 PNRPAutoReg - ok
14:02:51.0700 0x03f4 [ 82A8521DDC60710C3D3D3E7325209BEC, C4E34571EDD57C7FBB3D736B5FE8BD154624705B5C8EA2EC898F19F75B9A5942 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
14:02:51.0762 0x03f4 PNRPsvc - ok
14:02:51.0965 0x03f4 [ 53946B69BA0836BD95B03759530C81EC, 7F14A34635354CCA0F5342C8D9DF5A6AA1B94F6A508BD8834029E9BACF252920 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
14:02:52.0090 0x03f4 PolicyAgent - ok
14:02:52.0199 0x03f4 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] Power C:\Windows\system32\umpo.dll
14:02:52.0340 0x03f4 Power - ok
14:02:52.0402 0x03f4 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
14:02:52.0527 0x03f4 PptpMiniport - ok
14:02:52.0574 0x03f4 [ 85B1E3A0C7585BC4AAE6899EC6FCF011, 1E067113C146D6842D7FB04007F363D6FB7783C6BC7C9AB6614E44075C4F86C3 ] Processor C:\Windows\system32\drivers\processr.sys
14:02:52.0667 0x03f4 Processor - ok
14:02:52.0714 0x03f4 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] ProfSvc C:\Windows\system32\profsvc.dll
14:02:52.0776 0x03f4 ProfSvc - ok
14:02:52.0808 0x03f4 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:02:52.0886 0x03f4 ProtectedStorage - ok
14:02:52.0917 0x03f4 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] Psched C:\Windows\system32\DRIVERS\pacer.sys
14:02:53.0010 0x03f4 Psched - ok
14:02:53.0307 0x03f4 [ AB95ECF1F6659A60DDC166D8315B0751, 0ED6D3460D28978BADF31B930DBB3298A6A10EFF8883763EABA0E36A21A0E83D ] ql2300 C:\Windows\system32\drivers\ql2300.sys
14:02:53.0494 0x03f4 ql2300 - ok
14:02:53.0556 0x03f4 [ B4DD51DD25182244B86737DC51AF2270, 7E62B04F054A6330B7F9968222523BDE8F3EE47A11D17E6C0E2D5ACDC07B9E6B ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
14:02:53.0681 0x03f4 ql40xx - ok
14:02:53.0822 0x03f4 [ 31AC809E7707EB580B2BDB760390765A, A8481FD19A0F778F5591B7676F591F664ADC68B6867E663C0F9564173F4AC909 ] QWAVE C:\Windows\system32\qwave.dll
14:02:53.0946 0x03f4 QWAVE - ok
14:02:53.0993 0x03f4 [ 584078CA1B95CA72DF2A27C336F9719D, 836F115C92D343463C14A9DE39648C1EFA7C7EE4720F5C692EE0F68B84830121 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
14:02:54.0040 0x03f4 QWAVEdrv - ok
14:02:54.0071 0x03f4 [ 30A81B53C766D0133BB86D234E5556AB, 726C6B83B5ACAA84CAB1689B6DD6DDAE3199D61A57B5D7B5B5A0F62FCF838090 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
14:02:54.0165 0x03f4 RasAcd - ok
14:02:54.0243 0x03f4 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
14:02:54.0305 0x03f4 RasAgileVpn - ok
14:02:54.0368 0x03f4 [ A60F1839849C0C00739787FD5EC03F13, B210DFA5A843CF1DA73635F168E2EA5052CBED15C664F8523CDFB34CA165D0E0 ] RasAuto C:\Windows\System32\rasauto.dll
14:02:54.0524 0x03f4 RasAuto - ok
14:02:54.0555 0x03f4 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
14:02:54.0648 0x03f4 Rasl2tp - ok
14:02:54.0773 0x03f4 [ CB9E04DC05EACF5B9A36CA276D475006, 4D8C0AEF1D4F84F375AD2BAF786C9F6C52316A3E655B913449E71AD7C0FCA56E ] RasMan C:\Windows\System32\rasmans.dll
14:02:54.0898 0x03f4 RasMan - ok
14:02:54.0960 0x03f4 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
14:02:55.0038 0x03f4 RasPppoe - ok
14:02:55.0085 0x03f4 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
14:02:55.0194 0x03f4 RasSstp - ok
14:02:55.0241 0x03f4 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
14:02:55.0382 0x03f4 rdbss - ok
14:02:55.0460 0x03f4 [ 0D8F05481CB76E70E1DA06EE9F0DA9DF, 2AFCBE3237D27AFBF095F91F1FCCA63E6890F34A9E4F00E5C34C92394CDA89FB ] rdpbus C:\Windows\system32\drivers\rdpbus.sys
14:02:55.0584 0x03f4 rdpbus - ok
14:02:55.0616 0x03f4 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
14:02:55.0694 0x03f4 RDPCDD - ok
14:02:55.0772 0x03f4 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
14:02:55.0865 0x03f4 RDPENCDD - ok
14:02:55.0912 0x03f4 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
14:02:56.0021 0x03f4 RDPREFMP - ok
14:02:56.0115 0x03f4 [ 65375DF758CA1872AB7EBBBA457FD5E6, 8AC7681F51277E799C22FF95FA0B833E9E260D37C0416319FF05B66FB3948005 ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys
14:02:56.0224 0x03f4 RdpVideoMiniport - ok
14:02:56.0271 0x03f4 [ CD9214A6AE17D188D17C3CF8CB9CC693, 2E16FF1F7446F0600D6519010FD05A30B94D97167C16B3E7FC396A97D8139D60 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
14:02:56.0380 0x03f4 RDPWD - ok
14:02:56.0427 0x03f4 [ 518395321DC96FE2C9F0E96AC743B656, 5F6A0880B4F3EE7196259EA362DA9554B0687B0236F9A8E5CF7A4A77F01F1776 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
14:02:56.0505 0x03f4 rdyboost - ok
14:02:56.0567 0x03f4 [ 7B5E1419717FAC363A31CC302895217A, 048B96B127CC20833948DAE53C59886D5C725ECA7A744424A01339447D2DDC32 ] RemoteAccess C:\Windows\System32\mprdim.dll
14:02:56.0645 0x03f4 RemoteAccess - ok
14:02:56.0723 0x03f4 [ CB9A8683F4EF2BF99E123D79950D7935, B9FA3E7E91E76D975CF40BFA37909E50F29CC13AB1399007884710651827E9AA ] RemoteRegistry C:\Windows\system32\regsvc.dll
14:02:56.0832 0x03f4 RemoteRegistry - ok
14:02:56.0910 0x03f4 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
14:02:57.0020 0x03f4 RpcEptMapper - ok
14:02:57.0098 0x03f4 [ 94D36C0E44677DD26981D2BFEEF2A29D, D77A93AC60536F3706E8A0154C0C2199E888B7748C84DB7437254FF175F4DF55 ] RpcLocator C:\Windows\system32\locator.exe
14:02:57.0160 0x03f4 RpcLocator - ok
14:02:57.0316 0x03f4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] RpcSs C:\Windows\system32\rpcss.dll
14:02:57.0410 0x03f4 RpcSs - ok
14:02:57.0456 0x03f4 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
14:02:57.0534 0x03f4 rspndr - ok
14:02:57.0581 0x03f4 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] SamSs C:\Windows\system32\lsass.exe
14:02:57.0612 0x03f4 SamSs - ok
14:02:57.0659 0x03f4 [ 05D860DA1040F111503AC416CCEF2BCA, DAE2F37D09A5A42F945BC8E27E4EA2303521081783A80CEE7FEE7C5A1C2CFC5E ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
14:02:57.0690 0x03f4 sbp2port - ok
14:02:57.0737 0x03f4 [ 8FC518FFE9519C2631D37515A68009C4, 21E10585470CF9FC3BD1977F8A426686CD2FA6BD2094B9E3594B21C7C4541D25 ] SCardSvr C:\Windows\System32\SCardSvr.dll
14:02:57.0846 0x03f4 SCardSvr - ok
14:02:57.0893 0x03f4 [ 0693B5EC673E34DC147E195779A4DCF6, AF1B56FBF3ADABF94CD9DBA67586B8746DE135151F6B3D1B0EE315BC1E2DB670 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
14:02:58.0002 0x03f4 scfilter - ok
14:02:58.0143 0x03f4 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] Schedule C:\Windows\system32\schedsvc.dll
14:02:58.0283 0x03f4 Schedule - ok
14:02:58.0330 0x03f4 [ 319C6B309773D063541D01DF8AC6F55F, 182F392FE839499D159A30A3CD04B5D0C87219930BFB1A7456880B7DA75B9820 ] SCPolicySvc C:\Windows\System32\certprop.dll
14:02:58.0408 0x03f4 SCPolicySvc - ok
14:02:58.0455 0x03f4 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
14:02:58.0502 0x03f4 sdbus - ok
14:02:58.0548 0x03f4 [ 08236C4BCE5EDD0A0318A438AF28E0F7, 77727F963F63C4CEC11E7AAD5FB3836179701D512CA9436C3170B9E6A4E5F888 ] SDRSVC C:\Windows\System32\SDRSVC.dll
14:02:58.0642 0x03f4 SDRSVC - ok
14:02:58.0704 0x03f4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
14:02:58.0782 0x03f4 secdrv - ok
14:02:58.0814 0x03f4 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] seclogon C:\Windows\system32\seclogon.dll
14:02:58.0938 0x03f4 seclogon - ok
14:02:58.0970 0x03f4 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] SENS C:\Windows\system32\sens.dll
14:02:59.0048 0x03f4 SENS - ok
14:02:59.0094 0x03f4 [ 50087FE1EE447009C9CC2997B90DE53F, B5E6CF1D991F87C29C5E28198E0962E31FFB499A46C3BD43FC20391693389959 ] SensrSvc C:\Windows\system32\sensrsvc.dll
14:02:59.0204 0x03f4 SensrSvc - ok
14:02:59.0219 0x03f4 [ 9AD8B8B515E3DF6ACD4212EF465DE2D1, E2F019BCD1446236D078D46065DD151DD068778F33BE2F1E8A0CC1EA2F954E86 ] Serenum C:\Windows\system32\drivers\serenum.sys
14:02:59.0297 0x03f4 Serenum - ok
14:02:59.0360 0x03f4 [ 5FB7FCEA0490D821F26F39CC5EA3D1E2, A26DB2EB9F3E2509B4EBA949DB97595CC32332D9321DF68283BFC102E66D766F ] Serial C:\Windows\system32\drivers\serial.sys
14:02:59.0406 0x03f4 Serial - ok
14:02:59.0422 0x03f4 [ 79BFFB520327FF916A582DFEA17AA813, 7A2A9D69BE02228591186A9F4453D4B5FD98837CA422C873C48040170E8BD18C ] sermouse C:\Windows\system32\drivers\sermouse.sys
14:02:59.0484 0x03f4 sermouse - ok
14:02:59.0547 0x03f4 [ 4AE380F39A0032EAB7DD953030B26D28, C8F5F2DD59574E966FDF3057867BB959A554BAB6FD5DC6F1427094A6BC2B2809 ] SessionEnv C:\Windows\system32\sessenv.dll
14:02:59.0672 0x03f4 SessionEnv - ok
14:02:59.0687 0x03f4 [ 9F976E1EB233DF46FCE808D9DEA3EB9C, 6A5C53F27F8BCA85CE206EE7D196176F67EC6FFA5D4830373A20792C149B5E75 ] sffdisk C:\Windows\system32\DRIVERS\sffdisk.sys
14:02:59.0750 0x03f4 sffdisk - ok
14:02:59.0796 0x03f4 [ 932A68EE27833CFD57C1639D375F2731, 11D6B98FBEEE2B9C7B06EF7091857BBD3B349077997D6261D66280668FD1B5C3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
14:02:59.0859 0x03f4 sffp_mmc - ok
14:02:59.0890 0x03f4 [ 6D4CCAEDC018F1CF52866BBBAA235982, AAC41F5C97B3FE5A3DC0838457EB8CC9BB71FCA16D3EDBB67D603F0A9D46C131 ] sffp_sd C:\Windows\system32\DRIVERS\sffp_sd.sys
14:02:59.0952 0x03f4 sffp_sd - ok
14:02:59.0999 0x03f4 [ DB96666CC8312EBC45032F30B007A547, C3AE60FC65A36E96E0D2CC6E184481D70F91A19DC3E2E17E2873DD670A592DD7 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
14:03:00.0062 0x03f4 sfloppy - ok
14:03:00.0233 0x03f4 [ D1A079A0DE2EA524513B6930C24527A2, E2BC16DBCF38841EECD49C6FA1A9AC89C17F332F12606CA826F058E995E1B83D ] SharedAccess C:\Windows\System32\ipnathlp.dll
14:03:00.0342 0x03f4 SharedAccess - ok
14:03:00.0452 0x03f4 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:03:00.0545 0x03f4 ShellHWDetection - ok
14:03:00.0608 0x03f4 [ 2565CAC0DC9FE0371BDCE60832582B2E, 1A775214E86B83C2F1799F12D71077D81C89AD32734A248BA88787B7F104B79D ] sisagp C:\Windows\system32\drivers\sisagp.sys
14:03:00.0654 0x03f4 sisagp - ok
14:03:00.0686 0x03f4 [ A9F0486851BECB6DDA1D89D381E71055, 7E909538AB758C18AC2CCBFFEE17BA36FA6ED2E674AA70924AA87AC61375FF35 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys
14:03:00.0748 0x03f4 SiSRaid2 - ok
14:03:00.0764 0x03f4 [ 3727097B55738E2F554972C3BE5BC1AA, 75D52A596A298C33EC79A3B0B80F25492C08A182ABC679401502DA9597687566 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
14:03:00.0826 0x03f4 SiSRaid4 - ok
14:03:00.0873 0x03f4 [ BF302072DC8374CF4E118FD88AA817A2, 0C394C8B27E4DCF42F30AC726E5F1F3A84CA84265B9E1B17981986BA0E122649 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
14:03:00.0904 0x03f4 SmartDefragDriver - ok
14:03:00.0935 0x03f4 [ 3E21C083B8A01CB70BA1F09303010FCE, 803F8F91299C387110F34A49340E7136AAE91B418E2977A36285EA8F432FF197 ] Smb C:\Windows\system32\DRIVERS\smb.sys
14:03:01.0013 0x03f4 Smb - ok
14:03:01.0107 0x03f4 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
14:03:01.0154 0x03f4 SNMPTRAP - ok
14:03:01.0200 0x03f4 [ 95CF1AE7527FB70F7816563CBC09D942, CE8BACB91A5A86CBCE82619C6C1873B4D7593B00CED3B522E41B8F7F6258CC65 ] spldr C:\Windows\system32\drivers\spldr.sys
14:03:01.0247 0x03f4 spldr - ok
14:03:01.0403 0x03f4 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] Spooler C:\Windows\System32\spoolsv.exe
14:03:01.0497 0x03f4 Spooler - ok
14:03:02.0495 0x03f4 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] sppsvc C:\Windows\system32\sppsvc.exe
14:03:02.0838 0x03f4 sppsvc - ok
14:03:02.0916 0x03f4 [ B0180B20B065D89232A78A40FE56EAA6, 4D045B23AD58A8822BE9F20119744A8D47455469D54494745CEB099951DA60FF ] sppuinotify C:\Windows\system32\sppuinotify.dll
14:03:03.0026 0x03f4 sppuinotify - ok
14:03:03.0166 0x03f4 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] srv C:\Windows\system32\DRIVERS\srv.sys
14:03:03.0275 0x03f4 srv - ok
14:03:03.0431 0x03f4 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
14:03:03.0509 0x03f4 srv2 - ok
14:03:03.0634 0x03f4 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
14:03:03.0681 0x03f4 srvnet - ok
14:03:03.0790 0x03f4 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
14:03:03.0915 0x03f4 SSDPSRV - ok
14:03:03.0946 0x03f4 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] SstpSvc C:\Windows\system32\sstpsvc.dll
14:03:04.0040 0x03f4 SstpSvc - ok
14:03:04.0086 0x03f4 [ DB32D325C192B801DF274BFD12A7E72B, F089DBA719E22BC269720A6B840B873A4AF5639745DB0C3DBC8BD2F2839A1ABA ] stexstor C:\Windows\system32\drivers\stexstor.sys
14:03:04.0133 0x03f4 stexstor - ok
14:03:04.0180 0x03f4 [ EDB05BD63148796F23EA78506404A538, 8EBF623D3DEB6CCAC75AAFCF8B23271029A28BE29D459088E40FBF109E80AA17 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
14:03:04.0242 0x03f4 StillCam - ok
14:03:04.0508 0x03f4 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] StiSvc C:\Windows\System32\wiaservc.dll
14:03:04.0632 0x03f4 StiSvc - ok
14:03:04.0695 0x03f4 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] swenum C:\Windows\system32\DRIVERS\swenum.sys
14:03:04.0742 0x03f4 swenum - ok
14:03:04.0882 0x03f4 [ A28BD92DF340E57B024BA433165D34D7, 889CC7FF143C3549982128473FF927CD80CF36485A347EF399C1271C8CE12CE4 ] swprv C:\Windows\System32\swprv.dll
14:03:05.0022 0x03f4 swprv - ok
14:03:05.0116 0x03f4 [ 327786C5D6BCF284FAB14C2B5751F514, BD15ED73BEED860711D414E31BE3853D580A5C10B6001F7102FD260397063D81 ] Swupdtmr c:\Toshiba\IVP\swupdate\swupdtmr.exe
14:03:05.0147 0x03f4 Swupdtmr - ok
14:03:05.0225 0x03f4 [ A5CF31080E99718949BCC38C83F13452, 4514521B54212337E125018235BDB552A376DB33A4C4A45813271A54C6BE4EBE ] symsnap C:\Windows\system32\DRIVERS\symsnap.sys
14:03:05.0256 0x03f4 symsnap - ok
14:03:05.0350 0x03f4 [ 70534D1E4F9AC990536D5FB5B550B3DE, BD7F52FAD8FDF7F5FE37B6E6101D1386816F371894DD46D799FF4107F98134A1 ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
14:03:05.0412 0x03f4 SynTP - ok
14:03:05.0537 0x03f4 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] SysMain C:\Windows\system32\sysmain.dll
14:03:05.0693 0x03f4 SysMain - ok
14:03:05.0756 0x03f4 [ 763FECDC3D30C815FE72DD57936C6CD1, 1A62C7E63E426D56894F4121C75D9C60FC9A14469ADBD0D6F0B94B8DE48CDA3E ] TabletInputService C:\Windows\System32\TabSvc.dll
14:03:05.0865 0x03f4 TabletInputService - ok
14:03:05.0912 0x03f4 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] TapiSrv C:\Windows\System32\tapisrv.dll
14:03:06.0021 0x03f4 TapiSrv - ok
14:03:06.0052 0x03f4 [ B799D9FDB26111737F58288D8DC172D9, 409A60819A4305699E2E492A6190637FAAEBD19E745A5DB2A5D6977106C86591 ] TBS C:\Windows\System32\tbssvc.dll
14:03:06.0099 0x03f4 TBS - ok
14:03:06.0395 0x03f4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
14:03:06.0551 0x03f4 Tcpip - ok
14:03:06.0894 0x03f4 [ 5579DD18546999F5D0EC39D018726C6B, 82432BACEE75C34F21222D9CC1607223C2940947118A63DB239777A4B1442AD3 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
14:03:07.0019 0x03f4 TCPIP6 - ok
14:03:07.0097 0x03f4 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
14:03:07.0128 0x03f4 tcpipreg - ok
14:03:07.0222 0x03f4 [ 1825BCEB47BF41C5A9F0E44DE82FC27A, 6E5F2654852060A61728686A1877A1EA93645EEED0D2612842D951B4E83750A3 ] tdcmdpst C:\Windows\system32\DRIVERS\tdcmdpst.sys
14:03:07.0284 0x03f4 tdcmdpst - ok
14:03:07.0331 0x03f4 [ 1CB91B2BD8F6DD367DFC2EF26FD751B2, 879E2827354BB21573AC6A7CCEB746D44214540687E6882FFCB4089546FBD954 ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
14:03:07.0394 0x03f4 TDPIPE - ok
14:03:07.0440 0x03f4 [ 2C2C5AFE7EE4F620D69C23C0617651A8, E828D974C3F9D7004A030C3AD448096C736FDB4C4C1707D043E567D08C845103 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
14:03:07.0487 0x03f4 TDTCP - ok
14:03:07.0550 0x03f4 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] tdx C:\Windows\system32\DRIVERS\tdx.sys
14:03:07.0612 0x03f4 tdx - ok
14:03:07.0643 0x03f4 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
14:03:07.0690 0x03f4 TermDD - ok
14:03:07.0862 0x03f4 [ FCFD4F50419B4BC72E80066DA10D2E54, 7C2314A57A404525F0444986332DBAE0964A3359374671598387051D7AAE72AE ] TermService C:\Windows\System32\termsrv.dll
14:03:08.0002 0x03f4 TermService - ok
14:03:08.0080 0x03f4 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] Themes C:\Windows\system32\themeservice.dll
14:03:08.0236 0x03f4 Themes - ok
14:03:08.0283 0x03f4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] THREADORDER C:\Windows\system32\mmcss.dll
14:03:08.0361 0x03f4 THREADORDER - ok
14:03:08.0439 0x03f4 [ E4C85C291DDB3DC5E4A2F227CA465BA6, 743AC3C497DE0DEA466E52FA992DF9AFF65C2F8ED6C6FD69DF3C14221E05DDD2 ] tifm21 C:\Windows\system32\drivers\tifm21.sys
14:03:08.0501 0x03f4 tifm21 - ok
14:03:08.0579 0x03f4 [ D540858E65BFA6FDED41AD2495ECE344, DB85A860F4C07D1370F34AA7F39FAE5DF7E47C1BE65B4D39954FC37CA703A199 ] TODDSrv C:\Windows\system32\TODDSrv.exe
14:03:08.0626 0x03f4 TODDSrv - detected UnsignedFile.Multi.Generic ( 1 )
14:03:11.0793 0x03f4 Detect skipped due to KSN trusted
14:03:11.0793 0x03f4 TODDSrv - ok
14:03:11.0980 0x03f4 [ AF41337C08D1C240AF14BA4CAB02BF02, C95FB998440582A62B0DACDFEB81D85F2D9972C705CBBC53BD6C50D5D208397F ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
14:03:12.0042 0x03f4 TosCoSrv - ok
14:03:12.0120 0x03f4 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] TrkWks C:\Windows\System32\trkwks.dll
14:03:12.0276 0x03f4 TrkWks - ok
14:03:12.0432 0x03f4 [ 2C49B175AEE1D4364B91B531417FE583, 6C7995E18F84E465C376D1D5F153C15ACB66CDEA86EE5BF186677F572E7E129B ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:03:12.0542 0x03f4 TrustedInstaller - ok
14:03:12.0604 0x03f4 [ 6C5139E4283249518F7743D7043775B3, 58684E8C90EBAC65459A97C905CDCFE3A915CFF7E8E96071DE1AC3489F85E67F ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
14:03:12.0651 0x03f4 tssecsrv - ok
14:03:12.0698 0x03f4 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
14:03:12.0776 0x03f4 TsUsbFlt - ok
14:03:12.0854 0x03f4 [ 01246F0BAAD7B68EC0F472AA41E33282, 51F975AF029AD015576FFFA3E88F5DBB8B40C7CD30ECDEDE8AFABCB08C954199 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys
14:03:12.0963 0x03f4 TsUsbGD - ok
14:03:13.0025 0x03f4 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
14:03:13.0072 0x03f4 tunnel - ok
14:03:13.0119 0x03f4 [ 792A8B80F8188ABA4B2BE271583F3E46, BFE96D13926F3CB7D807CEBB5E190736B742EB5C93F7FED08AA5D145F4B6A874 ] TVALZ C:\Windows\system32\DRIVERS\TVALZ_O.SYS
14:03:13.0150 0x03f4 TVALZ - ok
14:03:13.0166 0x03f4 [ 750FBCB269F4D7DD2E420C56B795DB6D, E1A95C59148FE463539C34336FD0E74B31A33B8AB2B8E34AA10349C3347471D7 ] uagp35 C:\Windows\system32\drivers\uagp35.sys
14:03:13.0181 0x03f4 uagp35 - ok
14:03:13.0228 0x03f4 [ EE43346C7E4B5E63E54F927BABBB32FF, BAD6FC3BEE45E644D5A6A0A31428F5B2AEC72A0AA0C74EF8177B1FE23EEF3AA9 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
14:03:13.0306 0x03f4 udfs - ok
14:03:13.0353 0x03f4 [ 8344FD4FCE927880AA1AA7681D4927E5, 1B54EFA60A221E2B9FFE59BB41C7E7D8B5AC6826F1C5577456D81371D464255A ] UI0Detect C:\Windows\system32\UI0Detect.exe
14:03:13.0400 0x03f4 UI0Detect - ok
14:03:13.0556 0x03f4 [ 332D341D92B933600D41953B08360DFB, 213A5C84ABB0D627C05B355084A26A5081645D4EC398FF19EF6BBCB690B10055 ] UleadBurningHelper C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
14:03:13.0571 0x03f4 UleadBurningHelper - detected UnsignedFile.Multi.Generic ( 1 )
14:03:16.0520 0x03f4 Detect skipped due to KSN trusted
14:03:16.0520 0x03f4 UleadBurningHelper - ok
14:03:16.0598 0x03f4 [ 44E8048ACE47BEFBFDC2E9BE4CBC8880, 5D96D90FDF68AE470CC92CA9DF9DA2C05A53EF455A5A109DBBF7C96F3238257C ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
14:03:16.0629 0x03f4 uliagpkx - ok
14:03:16.0676 0x03f4 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] umbus C:\Windows\system32\DRIVERS\umbus.sys
14:03:16.0738 0x03f4 umbus - ok
14:03:16.0785 0x03f4 [ 7550AD0C6998BA1CB4843E920EE0FEAC, 24C001E422C3B3B920CDCF6003A3179CE464DE4284775403DD5122EF9780460D ] UmPass C:\Windows\system32\drivers\umpass.sys
14:03:16.0832 0x03f4 UmPass - ok
14:03:16.0894 0x03f4 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] upnphost C:\Windows\System32\upnphost.dll
14:03:17.0019 0x03f4 upnphost - ok
14:03:17.0081 0x03f4 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
14:03:17.0128 0x03f4 usbccgp - ok
14:03:17.0206 0x03f4 [ 2352AB5F9F8F097BF9D41D5A4718A041, 25BC7828C625B9B2A5110C25B230C5828CEC18EC97ECF9EC4745E8930CBF472C ] usbcir C:\Windows\system32\drivers\usbcir.sys
14:03:17.0284 0x03f4 usbcir - ok
14:03:17.0300 0x03f4 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] usbehci C:\Windows\system32\drivers\usbehci.sys
14:03:17.0346 0x03f4 usbehci - ok
14:03:17.0424 0x03f4 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
14:03:17.0487 0x03f4 usbhub - ok
14:03:17.0549 0x03f4 [ A6FB7957EA7AFB1165991E54CE934B74, 1CE83D9E3276AE380F720C7700A17D58A37A2A77FD72DA69EE0C756B88DB3689 ] usbohci C:\Windows\system32\drivers\usbohci.sys
14:03:17.0612 0x03f4 usbohci - ok
14:03:17.0658 0x03f4 [ 797D862FE0875E75C7CC4C1AD7B30252, 1BBE745E4C85F8911076F6032ACD7A35FAC048D3CB1500C64E08D8B2C70A1069 ] usbprint C:\Windows\system32\drivers\usbprint.sys
14:03:17.0705 0x03f4 usbprint - ok
14:03:17.0768 0x03f4 [ F991AB9CC6B908DB552166768176896A, AD8E7A16B23B244B7F834622D4E38B5844193C6E31EF96F61E0E2EA16C945026 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:03:17.0830 0x03f4 USBSTOR - ok
14:03:17.0877 0x03f4 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
14:03:17.0924 0x03f4 usbuhci - ok
14:03:17.0955 0x03f4 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] usbvideo C:\Windows\system32\Drivers\usbvideo.sys
14:03:18.0002 0x03f4 usbvideo - ok
14:03:18.0048 0x03f4 [ 237C444FBD1C697A2E3FA60F02C61F22, AF3BBC57C0DCF7BEA78324170ED24FF44894D9F6BA3541040E4AF7BD5473E17F ] UVCFTR C:\Windows\system32\Drivers\UVCFTR_S.SYS
14:03:18.0080 0x03f4 UVCFTR - ok
14:03:18.0126 0x03f4 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] UxSms C:\Windows\System32\uxsms.dll
14:03:18.0204 0x03f4 UxSms - ok
14:03:18.0236 0x03f4 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] VaultSvc C:\Windows\system32\lsass.exe
14:03:18.0282 0x03f4 VaultSvc - ok
14:03:18.0329 0x03f4 [ A059C4C3EDB09E07D21A8E5C0AABD3CB, BDD3729B49DF2E2FC72FFEF9D10235B481A671DE5A721B6B9A80873B7A343F07 ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
14:03:18.0360 0x03f4 vdrvroot - ok
14:03:18.0532 0x03f4 [ C3CD30495687C2A2F66A65CA6FD89BE9, 582E4706C1D6A151020D14B26C7BF166F4E42BDD6E410F30EC452469270C5E9B ] vds C:\Windows\System32\vds.exe
14:03:18.0672 0x03f4 vds - ok
14:03:18.0719 0x03f4 [ 17C408214EA61696CEC9C66E388B14F3, 829C0416672E2B2DFABCFE641E7F281F41E8DBB3C0EF11C7784CB9BB94F87E97 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
14:03:18.0766 0x03f4 vga - ok
14:03:18.0782 0x03f4 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] VgaSave C:\Windows\System32\drivers\vga.sys
14:03:18.0891 0x03f4 VgaSave - ok
14:03:18.0953 0x03f4 [ 5461686CCA2FDA57B024547733AB42E3, 2721D0659AA890172FCAD4EC4D926B58ACD0EE4887DA51545DC7237420D5BF84 ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
14:03:19.0016 0x03f4 vhdmp - ok
14:03:19.0078 0x03f4 [ C829317A37B4BEA8F39735D4B076E923, 55D1796AE750071E1E05BD7702B6C355CCFFE27B4C00E93E7044C3184732B497 ] viaagp C:\Windows\system32\drivers\viaagp.sys
14:03:19.0125 0x03f4 viaagp - ok
14:03:19.0156 0x03f4 [ E02F079A6AA107F06B16549C6E5C7B74, B530DCE3EE4F285B3D5F69F7148D17E016D54F04E6F93706B829A34567748788 ] ViaC7 C:\Windows\system32\drivers\viac7.sys
14:03:19.0234 0x03f4 ViaC7 - ok
14:03:19.0312 0x03f4 [ E43574F6A56A0EE11809B48C09E4FD3C, 3687BF638E21C00E62ABFED70D728B91ADA08F7164CA898E654F31DA196589E9 ] viaide C:\Windows\system32\drivers\viaide.sys
14:03:19.0374 0x03f4 viaide - ok
14:03:19.0390 0x03f4 [ 4C63E00F2F4B5F86AB48A58CD990F212, 9796BD4B9CFEEEAF57C5E332A732EFC2770B21F9B35301A5D202F5FC52C1E035 ] volmgr C:\Windows\system32\drivers\volmgr.sys
14:03:19.0437 0x03f4 volmgr - ok
14:03:19.0499 0x03f4 [ B5BB72067DDDDBBFB04B2F89FF8C3C87, 65B9AD55F43940A5FDD88B6EC5034A7E375DF8E6F5F1AE6519A4BD6B7E992EBC ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
14:03:19.0562 0x03f4 volmgrx - ok
14:03:19.0655 0x03f4 [ F497F67932C6FA693D7DE2780631CFE7, DAE544ED99D2CF570DA31343BD87D2F856D0D13529656D38E1BF854C77F017F6 ] volsnap C:\Windows\system32\drivers\volsnap.sys
14:03:19.0702 0x03f4 volsnap - ok
14:03:19.0764 0x03f4 [ 9DFA0CC2F8855A04816729651175B631, 37FD9E43A2A3F125E94A315FB4CD8A1B5499A5FD74806EB2D1E5DA88C070D3A3 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
14:03:19.0811 0x03f4 vsmraid - ok
14:03:20.0092 0x03f4 [ 209A3B1901B83AEB8527ED211CCE9E4C, 1A431F6409F8E0531F600F8F988ECECECB902DA26BBAAF1DE74A5CAC29A7CB44 ] VSS C:\Windows\system32\vssvc.exe
14:03:20.0310 0x03f4 VSS - ok
14:03:20.0357 0x03f4 [ 90567B1E658001E79D7C8BBD3DDE5AA6, EFC23BEEA7F54A2DC56CB523DAD1AF0358D904C5278BF08873910E2DB3F13557 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
14:03:20.0420 0x03f4 vwifibus - ok
14:03:20.0513 0x03f4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] W32Time C:\Windows\system32\w32time.dll
14:03:20.0622 0x03f4 W32Time - ok
14:03:20.0669 0x03f4 [ DE3721E89C653AA281428C8A69745D90, 501C78056ED4295625D8A5412025FD2F0CA24077044D3A5800BA79DF3D946516 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
14:03:20.0716 0x03f4 WacomPen - ok
14:03:20.0747 0x03f4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
14:03:20.0856 0x03f4 WANARP - ok
14:03:20.0888 0x03f4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
14:03:20.0950 0x03f4 Wanarpv6 - ok
14:03:21.0371 0x03f4 [ 353A04C273EC58475D8633E75CCD5604, FFAE53B6B53AEFC9E8A10BF27480E072D74430276BEB532FE1D473E9616D8CE0 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
14:03:21.0527 0x03f4 WatAdminSvc - ok
14:03:21.0855 0x03f4 [ 691E3285E53DCA558E1A84667F13E15A, 12EDB66EF8FC100402BEA221F354D3BD5542F6DDF715B6E7D873D6BAE7E3D329 ] wbengine C:\Windows\system32\wbengine.exe
14:03:22.0026 0x03f4 wbengine - ok
14:03:22.0104 0x03f4 [ 9614B5D29DC76AC3C29F6D2D3AA70E67, A2FFB92F0030B4CD771E862DA575ECCF2F3A5B4B85858C1241A0C59262C0EC88 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
14:03:22.0182 0x03f4 WbioSrvc - ok
14:03:22.0260 0x03f4 [ 34EEE0DFAADB4F691D6D5308A51315DC, A040A03E25A0C78B9E26F86C2DF95BCAF8E7EC90183CEB295615D3265350EBEE ] wcncsvc C:\Windows\System32\wcncsvc.dll
14:03:22.0354 0x03f4 wcncsvc - ok
14:03:22.0370 0x03f4 [ 5D930B6357A6D2AF4D7653BDABBF352F, 677FF2ED14EE0B0CAA710DA81556CC16D5971DAB10E7C7432D167A87CA6F0EAA ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:03:22.0432 0x03f4 WcsPlugInService - ok
14:03:22.0479 0x03f4 [ 1112A9BADACB47B7C0BB0392E3158DFF, 1AE2AFA125973571F91E6945FE8A735F63D76EBB250A0075D98C580167FD9ED4 ] Wd C:\Windows\system32\drivers\wd.sys
14:03:22.0526 0x03f4 Wd - ok
14:03:22.0604 0x03f4 [ 25944D2CC49E0A6C581D02A74B7D6645, AF8FFAFEC07F1A6A3D4008E609E8E1D705A8DFCC7995C766E3946887203F7BEE ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
14:03:22.0682 0x03f4 Wdf01000 - ok
14:03:22.0728 0x03f4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiServiceHost C:\Windows\system32\wdi.dll
14:03:22.0822 0x03f4 WdiServiceHost - ok
14:03:22.0838 0x03f4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] WdiSystemHost C:\Windows\system32\wdi.dll
14:03:22.0884 0x03f4 WdiSystemHost - ok
14:03:22.0962 0x03f4 [ 75E8EBD7040CE238684333F97014762A, 2CA0B267FBAEB303D1F8B639D733DC0DE17BA1276CC9096035B4F2BBBED3EF7F ] WebClient C:\Windows\System32\webclnt.dll
14:03:23.0056 0x03f4 WebClient - ok
14:03:23.0103 0x03f4 [ 760F0AFE937A77CFF27153206534F275, A53940BA28854486FF18F16B98A3314B36322B0B6EFB54D08B921315BEB0ADD5 ] Wecsvc C:\Windows\system32\wecsvc.dll
14:03:23.0228 0x03f4 Wecsvc - ok
14:03:23.0259 0x03f4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] wercplsupport C:\Windows\System32\wercplsupport.dll
14:03:23.0337 0x03f4 wercplsupport - ok
14:03:23.0415 0x03f4 [ 08E420D873E4FD85241EE2421B02C4A4, E1E9436EB096FF7DE9A76DA6217035257EF9FC7565DDB9016DCA3859E7F1EF0F ] WerSvc C:\Windows\System32\WerSvc.dll
14:03:23.0508 0x03f4 WerSvc - ok
14:03:23.0555 0x03f4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
14:03:23.0633 0x03f4 WfpLwf - ok
14:03:23.0696 0x03f4 [ 090A2B8F055343815556A01F725F6C35, 6DFF89DD1C805A6CD485821877B46CCA44CBD150A4D5F40727817E694751F4E2 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys
14:03:23.0758 0x03f4 WimFltr - ok
14:03:23.0774 0x03f4 [ 5CF95B35E59E2A38023836FFF31BE64C, CEA21302B3E855EE592810D4E0DE10E47A47A393064C435463CD54598735CD8D ] WIMMount C:\Windows\system32\drivers\wimmount.sys
14:03:23.0820 0x03f4 WIMMount - ok
14:03:24.0008 0x03f4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
14:03:24.0101 0x03f4 WinDefend - ok
14:03:24.0132 0x03f4 WinHttpAutoProxySvc - ok
14:03:24.0320 0x03f4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
14:03:24.0398 0x03f4 Winmgmt - ok
14:03:24.0694 0x03f4 [ 1DE9BD23AFA36150586C732D876D9B74, 32CF2C8EC18CFDA677AB72A182EB4B839DCC72BFCD6CA309BE2F434991CAE973 ] WinRM C:\Windows\system32\WsmSvc.dll
14:03:24.0866 0x03f4 WinRM - ok
14:03:24.0975 0x03f4 [ A67E5F9A400F3BD1BE3D80613B45F708, E170A8BD31A779403DC9C43ED6483DA8E186512D3EE700B87F6BA292E284E367 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
14:03:25.0022 0x03f4 WinUsb - ok
14:03:25.0224 0x03f4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] Wlansvc C:\Windows\System32\wlansvc.dll
14:03:25.0349 0x03f4 Wlansvc - ok
14:03:25.0599 0x03f4 [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:03:25.0755 0x03f4 wlidsvc - ok
14:03:25.0833 0x03f4 [ 0217679B8FCA58714C3BF2726D2CA84E, 4494984B922DCF24D37BCD0E6831CEBD07D1CA49235D04E821D17ED3DF84ED2A ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
14:03:25.0895 0x03f4 WmiAcpi - ok
14:03:25.0958 0x03f4 [ 6EB6B66517B048D87DC1856DDF1F4C3F, EBB534C4829477C70062ADBB5626236B02FE563A544C53FA255E79F3CA170FE8 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
14:03:26.0004 0x03f4 wmiApSrv - ok
14:03:26.0410 0x03f4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
14:03:26.0535 0x03f4 WMPNetworkSvc - ok
14:03:26.0613 0x03f4 [ A2F0EC770A92F2B3F9DE6D518E11409C, 6838F2148B11285E00DC449D51F8AD85AAE57694E89BA2C607B87AC1C650D845 ] WPCSvc C:\Windows\System32\wpcsvc.dll
14:03:26.0722 0x03f4 WPCSvc - ok
14:03:26.0738 0x03f4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
14:03:26.0800 0x03f4 WPDBusEnum - ok
14:03:26.0847 0x03f4 [ F5881D8891109DF70A0A62D00AC8817C, 147C422F78B93DA1FC1126136F811D3001900025338CB20B31023096C18359EA ] WRkrn C:\Windows\system32\drivers\WRkrn.sys
14:03:26.0894 0x03f4 WRkrn - ok
14:03:27.0174 0x03f4 [ 193CAE0DDAFC32EB75167316A8C7FD79, FA58C2AD0AE4D1BC5B07426735E17B14BC027349FFE9EBA0F26D6B2D5432B3C3 ] WRSVC C:\Program Files\Webroot\WRSA.exe
14:03:27.0284 0x03f4 WRSVC - ok
14:03:27.0424 0x03f4 [ CC3C2E76C59C8FB10504D726183FB9FF, 051BD909BD289CFE9C5210F86509987D471017937391ABCE8F1B20AC25F8E3EE ] wrUrlFlt C:\Windows\system32\DRIVERS\wrUrlFlt.sys
14:03:27.0455 0x03f4 wrUrlFlt - ok
14:03:27.0486 0x03f4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
14:03:27.0564 0x03f4 ws2ifsl - ok
14:03:27.0627 0x03f4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] wscsvc C:\Windows\system32\wscsvc.dll
14:03:27.0705 0x03f4 wscsvc - ok
14:03:27.0752 0x03f4 WSearch - ok
14:03:28.0313 0x03f4 [ A7A67674E51F2B050AAC4C477297EEE2, FA6DA2AA7869A99AB3D19509D7F2411E5E2C9ADB6D8DB97D7B8FAF1F6E160687 ] wuauserv C:\Windows\system32\wuaueng.dll
14:03:28.0516 0x03f4 wuauserv - ok
14:03:28.0594 0x03f4 [ 06E6F32C8D0A3F66D956F57B43A2E070, 9A6BD96A28294B0372F16E13D652FD603308F64B74A56E41E0C68C5E8011F943 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
14:03:28.0672 0x03f4 WudfPf - ok
14:03:28.0734 0x03f4 [ 867C301E8B790040AE9CF6486E8041DF, D867D6498C987944D99508B2FAD6D6B749FA1EDFE8124B0863D4A642352F0855 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
14:03:28.0812 0x03f4 WUDFRd - ok
14:03:28.0890 0x03f4 [ FE47B7BC8EA320C2D9B5E5BF6E303765, 34518DBD1E9EA6E5DA62273B18613761E1D9C6B4E074A93C6D639FBAF02222EA ] wudfsvc C:\Windows\System32\WUDFSvc.dll
14:03:28.0937 0x03f4 wudfsvc - ok
14:03:29.0000 0x03f4 [ 7CC38741B8F68F1E0D5D79DA6123666A, F90D2DA1C9AFB506C381CD386E1430931B5F81813FEDFD720F87FBC54E7A00DA ] WwanSvc C:\Windows\System32\wwansvc.dll
14:03:29.0109 0x03f4 WwanSvc - ok
14:03:29.0327 0x03f4 [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] yukonw7 C:\Windows\system32\DRIVERS\yk62x86.sys
14:03:29.0374 0x03f4 yukonw7 - ok
14:03:29.0405 0x03f4 ================ Scan global ===============================
14:03:29.0499 0x03f4 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\system32\basesrv.dll
14:03:29.0577 0x03f4 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
14:03:29.0624 0x03f4 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\system32\winsrv.dll
14:03:29.0686 0x03f4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\system32\sxssrv.dll
14:03:29.0795 0x03f4 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\system32\services.exe
14:03:29.0826 0x03f4 [ Global ] - ok
14:03:29.0826 0x03f4 ================ Scan MBR ==================================
14:03:29.0858 0x03f4 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
14:03:33.0836 0x03f4 \Device\Harddisk0\DR0 - ok
14:03:33.0836 0x03f4 ================ Scan VBR ==================================
14:03:33.0882 0x03f4 [ 932E5DBFBF43AC3B3DCE5CDA4461083E ] \Device\Harddisk0\DR0\Partition1
14:03:33.0929 0x03f4 \Device\Harddisk0\DR0\Partition1 - ok
14:03:33.0929 0x03f4 ================ Scan active images ========================
14:03:33.0929 0x03f4 [ 338C86357871C167A96AB976519BF59E, F28CC534523D1701B0552F5D7E18E88369C4218BDB1F69110C3E31D395884AD6 ] C:\Windows\System32\drivers\atapi.sys
14:03:33.0929 0x03f4 C:\Windows\System32\drivers\atapi.sys - ok
14:03:33.0945 0x03f4 [ B7EFEF22FF426EC4158A177CB3B558D3, 87D8F07E23B928B9D71B13B0F43A6235BAFC48879CFCF5920889849D09FFCD6C ] C:\Windows\System32\drivers\crashdmp.sys
14:03:33.0945 0x03f4 C:\Windows\System32\drivers\crashdmp.sys - ok
14:03:33.0960 0x03f4 [ 5428227D4730EBDFC842E9FB593F8C8A, C62A122FC8A04B63A94F337699A70901ED04B0F20AEC9538EC6E83ED2D18F1E3 ] C:\Windows\System32\drivers\Dumpata.sys
14:03:33.0960 0x03f4 C:\Windows\System32\drivers\Dumpata.sys - ok
14:03:33.0976 0x03f4 [ 62A63EF2F3053B461CB327E4D69AAA74, 26CC8BBC9BB6C53B46C837FA75C5449508989C26949BD19EB8E03E37F7928456 ] C:\Windows\System32\drivers\dumpfve.sys
14:03:33.0976 0x03f4 C:\Windows\System32\drivers\dumpfve.sys - ok
14:03:33.0992 0x03f4 [ BE167ED0FDB9C1FA1133953C18D5A6C9, E26A851CA13E7300F977E5B20FA5D25FD0E1442AB6AD5DB58BBDB2DAAD87027C ] C:\Windows\System32\drivers\cdrom.sys
14:03:33.0992 0x03f4 C:\Windows\System32\drivers\cdrom.sys - ok
14:03:33.0992 0x03f4 [ F9756A98D69098DCA8945D62858A812C, 572ADBFCFDE2030B34A013AADC14DBC144EB3F34D06991E2464A3EA9605BC045 ] C:\Windows\System32\drivers\null.sys
14:03:33.0992 0x03f4 C:\Windows\System32\drivers\null.sys - ok
14:03:34.0007 0x03f4 [ 505506526A9D467307B3C393DEDAF858, 8AD6F1492E357F57CF42261497BA29122045D4FC0DCC9669AA5AC9B2A4BABFA4 ] C:\Windows\System32\drivers\beep.sys
14:03:34.0007 0x03f4 C:\Windows\System32\drivers\beep.sys - ok
14:03:34.0023 0x03f4 [ 8E38096AD5C8570A6F1570A61E251561, 4DBA3C1397A2203548F45F006E66D99F837903F601ABBCE2304754F783CA8A39 ] C:\Windows\System32\drivers\vga.sys
14:03:34.0023 0x03f4 C:\Windows\System32\drivers\vga.sys - ok
14:03:34.0038 0x03f4 [ 15C126D1B55814B9E5CAB10A9C1F4C67, CD118B6508355037294AE940E039C095BA9E4A96AA129D38DB0AEC0C393D0F00 ] C:\Windows\System32\drivers\videoprt.sys
14:03:34.0038 0x03f4 C:\Windows\System32\drivers\videoprt.sys - ok
14:03:34.0054 0x03f4 [ CB45A417C8EF7BA6BAC67EDCDDED8700, 0D9AD2498A7D3B7C3E485A5803D2BDF781B38E07E3C2B5980859073EF6FD9B8A ] C:\Windows\System32\drivers\watchdog.sys
14:03:34.0054 0x03f4 C:\Windows\System32\drivers\watchdog.sys - ok
14:03:34.0070 0x03f4 [ 23DAE03F29D253AE74C44F99E515F9A1, 8FED93D10B2062F0526FE3508101F8FCF8F72DEB90AFB472EB7CBAE83A0EC430 ] C:\Windows\System32\drivers\RDPCDD.sys
14:03:34.0070 0x03f4 C:\Windows\System32\drivers\RDPCDD.sys - ok
14:03:34.0070 0x03f4 [ 5A53CA1598DD4156D44196D200C94B8A, 8112FE14FEC94C67B1C5BDE4171E37584F1D0098D2C557C9E4BDD3E0291E25E4 ] C:\Windows\System32\drivers\RDPENCDD.sys
14:03:34.0070 0x03f4 C:\Windows\System32\drivers\RDPENCDD.sys - ok
14:03:34.0085 0x03f4 [ 44B0A53CD4F27D50ED461DAE0C0B4E1F, CDA80B08E67AD034081C0C920CD66147689F1844403CBC552F65005E7C011A91 ] C:\Windows\System32\drivers\RDPREFMP.sys
14:03:34.0085 0x03f4 C:\Windows\System32\drivers\RDPREFMP.sys - ok
14:03:34.0101 0x03f4 [ DAEFB28E3AF5A76ABCC2C3078C07327F, 6EB558532400B489763BAE7203538DE5F196282A8CB46A1B31D59120FC5AFCEF ] C:\Windows\System32\drivers\msfs.sys
14:03:34.0101 0x03f4 C:\Windows\System32\drivers\msfs.sys - ok
14:03:34.0101 0x03f4 [ 1DB262A9F8C087E8153D89BEF3D2235F, A51EE5D5AD3CD76B74BEA9C66C462608BF3B50C53DAA4110A75DB10495A8C101 ] C:\Windows\System32\drivers\npfs.sys
14:03:34.0101 0x03f4 C:\Windows\System32\drivers\npfs.sys - ok
14:03:34.0116 0x03f4 [ 7FE680A3DFA421C4A8E4879AE4C5AAB0, A4C64E155AB2843823CD3586756BA7681CFDEA50812095468221503BBAD30DCD ] C:\Windows\System32\drivers\tdx.sys
14:03:34.0116 0x03f4 C:\Windows\System32\drivers\tdx.sys - ok
14:03:34.0132 0x03f4 [ D0B388DA1D111A34366E04EB4A5DD156, 60D226F027F4025CC032CAFF73A80FAFB5FA75445654FDCF80CA8C0419C6E938 ] C:\Windows\System32\drivers\afd.sys
14:03:34.0132 0x03f4 C:\Windows\System32\drivers\afd.sys - ok
14:03:34.0148 0x03f4 [ 280122DDCF04B378EDD1AD54D71C1E54, F98B2ADE34F7E67C7C06C1D0FFB80ECBC353D044D4B4784CD952910345DC2ED0 ] C:\Windows\System32\drivers\netbt.sys
14:03:34.0148 0x03f4 C:\Windows\System32\drivers\netbt.sys - ok
14:03:34.0163 0x03f4 [ 8B9A943F3B53861F2BFAF6C186168F79, 88E2F79F32AFBA17CB8377A508B83A1EC2315E9F3A365F591C87FE4525AA6713 ] C:\Windows\System32\drivers\wfplwf.sys
14:03:34.0163 0x03f4 C:\Windows\System32\drivers\wfplwf.sys - ok
14:03:34.0179 0x03f4 [ 6DB3276587B853BF886B69528FDB048C, 9972FF6DF0DF6F86D1E9BCEF4C29064748B217DA196B0633C30D3D580144951C ] C:\Windows\System32\drivers\ws2ifsl.sys
14:03:34.0179 0x03f4 C:\Windows\System32\drivers\ws2ifsl.sys - ok
14:03:34.0194 0x03f4 [ 6270CCAE2A86DE6D146529FE55B3246A, 463209CBAF1B0E269DC8FC6FBDEE5BB7E5ADB5D3F024930BFD0B97E0A9678883 ] C:\Windows\System32\drivers\pacer.sys
14:03:34.0194 0x03f4 C:\Windows\System32\drivers\pacer.sys - ok
14:03:34.0210 0x03f4 [ 80B275B1CE3B0E79909DB7B39AF74D51, 75B406B0D9D28239D4EB2A298419A5F78A58237D88C5FD688EF1DFFAFACCF796 ] C:\Windows\System32\drivers\netbios.sys
14:03:34.0210 0x03f4 C:\Windows\System32\drivers\netbios.sys - ok
14:03:34.0210 0x03f4 [ 04DBF4B01EA4BF25A9A3E84AFFAC9B20, 0D81B427720637882077C5024D738191F858FC734ED040697872D906351EF663 ] C:\Windows\System32\drivers\termdd.sys
14:03:34.0210 0x03f4 C:\Windows\System32\drivers\termdd.sys - ok
14:03:34.0226 0x03f4 [ 3C3C78515F5AB448B022BDF5B8FFDD2E, 35284174A42039C3C1FF8A3C8BC187A5E067C7782FC62D19749C2CB28C4E36C7 ] C:\Windows\System32\drivers\wanarp.sys
14:03:34.0226 0x03f4 C:\Windows\System32\drivers\wanarp.sys - ok
14:03:34.0241 0x03f4 [ FC6B9FF600CC585EA38B12589BD4E246, F05DB01AE1955D2468CE6B51E51998B111CA3B0BDEED090EE6B99B625CBA564A ] C:\Windows\System32\drivers\mssmbios.sys
14:03:34.0241 0x03f4 C:\Windows\System32\drivers\mssmbios.sys - ok
14:03:34.0241 0x03f4 [ E9A0A4D07E53D8FEA2BB8387A3293C58, 690CAD6C4E35ECC1172A2E1FD3933DF73158B3BF42CB21244269612A53DE4D7A ] C:\Windows\System32\drivers\nsiproxy.sys
14:03:34.0241 0x03f4 C:\Windows\System32\drivers\nsiproxy.sys - ok
14:03:34.0257 0x03f4 [ D528BC58A489409BA40334EBF96A311B, C71E9A4B101DB6C3183B9F97B9098D73D6FE1B12C05C2EB3CE8A8041BEE6BA61 ] C:\Windows\System32\drivers\rdbss.sys
14:03:34.0257 0x03f4 C:\Windows\System32\drivers\rdbss.sys - ok
14:03:34.0272 0x03f4 [ 1A050B0274BFB3890703D490F330C0DA, 79D74F4679A2EE040FAAF4D0392A9311239A10A5F8A5CCB48656C6F89B6D62FB ] C:\Windows\System32\drivers\discache.sys
14:03:34.0272 0x03f4 C:\Windows\System32\drivers\discache.sys - ok
14:03:34.0272 0x03f4 [ F024449C97EC1E464AAFFDA18593DB88, 7EF1E241892E098A472BCA14C724DFF1AACCF190954AF1C4A38B6D542CC74BD2 ] C:\Windows\System32\drivers\dfsc.sys
14:03:34.0288 0x03f4 C:\Windows\System32\drivers\dfsc.sys - ok
14:03:34.0288 0x03f4 [ 2287078ED48FCFC477B05B20CF38F36F, 55BCA6174E6034A8D61CBE4126B2F1989F6052BFA624BEA9C0A0A664AEC74521 ] C:\Windows\System32\drivers\blbdrive.sys
14:03:34.0288 0x03f4 C:\Windows\System32\drivers\blbdrive.sys - ok
14:03:34.0304 0x03f4 [ B2FA25D9B17A68BB93D58B0556E8C90D, 0146931B733CAB1CD87F94C35F97E110D6ED6C55EAFF03345400A29AEDE99BDE ] C:\Windows\System32\drivers\tunnel.sys
14:03:34.0304 0x03f4 C:\Windows\System32\drivers\tunnel.sys - ok
14:03:34.0319 0x03f4 [ CBC22823628544735625B280665E434E, 6B5A3FE469CACE241F3332E6E6B3D0ACB3C2EB3DF0297C744F5A155992F0B411 ] C:\Windows\System32\drivers\FwLnk.sys
14:03:34.0319 0x03f4 C:\Windows\System32\drivers\FwLnk.sys - ok
14:03:34.0319 0x03f4 [ 3B514D27BFC4ACCB4037BC6685F766E0, F12D7AC62F8550E6F33B28AD751D8413AB7FFEF963242D99FFA76CE8A48B027A ] C:\Windows\System32\drivers\intelppm.sys
14:03:34.0319 0x03f4 C:\Windows\System32\drivers\intelppm.sys - ok
14:03:34.0335 0x03f4 [ DEA805815E587DAD1DD2C502220B5616, 2D6A7668C95352B818F5EC59FF462894935833D34190257DA9CAC7E67FD3631C ] C:\Windows\System32\drivers\CmBatt.sys
14:03:34.0335 0x03f4 C:\Windows\System32\drivers\CmBatt.sys - ok
14:03:34.0350 0x03f4 [ 2E5F8CB2EDB36F404D0111471D934B70, 2C2431D5BED682F8C1460215E92C1437CD996D11DE85EB8D6AD799D8EDC08762 ] C:\Windows\System32\ntdll.dll
14:03:34.0350 0x03f4 C:\Windows\System32\ntdll.dll - ok
14:03:34.0350 0x03f4 [ 485436C2A90318218777401FB973558C, 1074498F797CE300A8A3C07584EE7B3036B3A672F92161925474641E850CECDE ] C:\Windows\System32\smss.exe
14:03:34.0350 0x03f4 C:\Windows\System32\smss.exe - ok
14:03:34.0366 0x03f4 [ F88A52EB62019D6A62FDD9E08034DBD8, 2E035366E9A1A26FB15F1E4857056E6AD7932BCE8CC68BB4B655609F424D2756 ] C:\Windows\System32\autochk.exe
14:03:34.0366 0x03f4 C:\Windows\System32\autochk.exe - ok
14:03:34.0382 0x03f4 [ 9467514EA189475A6E7FDC5D7BDE9D3F, E6F5B99BF6B614832770F9310B06334A8174C7660DDEC7589433640527A14683 ] C:\Windows\System32\drivers\igdkmd32.sys
14:03:34.0382 0x03f4 C:\Windows\System32\drivers\igdkmd32.sys - ok
14:03:34.0382 0x03f4 [ F1DD3ACAEE5E6B4BBC69BC6DF75CEF66, 6CCAD926934EACBE92FDFA1AE46DA6101D78A0B44AE38594E3A88FEBB35D230F ] C:\Windows\System32\user32.dll
14:03:34.0382 0x03f4 C:\Windows\System32\user32.dll - ok
14:03:34.0397 0x03f4 [ 070C5B9D3006602A07757179D9B56F5D, 7B24E38ADDEEDD9168D0C87275AC0936D0A4F1195810F9736118076589BC18BA ] C:\Windows\System32\difxapi.dll
14:03:34.0397 0x03f4 C:\Windows\System32\difxapi.dll - ok
14:03:34.0413 0x03f4 [ 3583A5A8CC2E682BFFBD4630D0FEC08B, FD0F184B358FCECAA763444B414074BEF4E871EB7527D88385519FC158435C72 ] C:\Windows\System32\drivers\dxgkrnl.sys
14:03:34.0413 0x03f4 C:\Windows\System32\drivers\dxgkrnl.sys - ok
14:03:34.0413 0x03f4 [ 0EC652D17AB4607745FB4E6958E8FAB6, 4103548218674B39EE707D216F9EF6E224D9FA2E016A0262247C8FB1D4B588A5 ] C:\Windows\System32\drivers\dxgmms1.sys
14:03:34.0413 0x03f4 C:\Windows\System32\drivers\dxgmms1.sys - ok
14:03:34.0428 0x03f4 [ 9036377B8A6C15DC2EEC53E489D159B5, 1E56D2ACFE92E6DF96D755B05C63D580EED82C210F075C8623E138BEE6BCD41B ] C:\Windows\System32\drivers\hdaudbus.sys
14:03:34.0428 0x03f4 C:\Windows\System32\drivers\hdaudbus.sys - ok
14:03:34.0444 0x03f4 [ B07C5B7EFDF936FF93D4F540938725BE, A9D559B0A99937CC4E7F065566054DAFCCD0C6C3AA98B47ADF7CB2ABD30B0182 ] C:\Windows\System32\drivers\yk62x86.sys
14:03:34.0444 0x03f4 C:\Windows\System32\drivers\yk62x86.sys - ok
14:03:34.0444 0x03f4 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\System32\normaliz.dll
14:03:34.0444 0x03f4 C:\Windows\System32\normaliz.dll - ok
14:03:34.0460 0x03f4 [ D4EF7A9767C05905500EC312CB29EF46, 464DE67D1BE3A3A684206B2D494FEE723FB5B6559F3783EF929352F22B0A9492 ] C:\Windows\System32\drivers\NETwLv32.sys
14:03:34.0460 0x03f4 C:\Windows\System32\drivers\NETwLv32.sys - ok
14:03:34.0475 0x03f4 [ 8BDA634EFDF57668B44E6B181FF29429, C48EA7343662762CFFFF0A4FDFC8721A656D59D1D74B9A73EB6F5019AB70583C ] C:\Windows\System32\iertutil.dll
14:03:34.0475 0x03f4 C:\Windows\System32\iertutil.dll - ok
14:03:34.0491 0x03f4 [ 172D2960EF38795D2819A35268672F3D, 3F27745F228B49F5582871492C185F2CBD5ABF728AB01F9215FBB54FF5D2791E ] C:\Windows\System32\gdi32.dll
14:03:34.0491 0x03f4 C:\Windows\System32\gdi32.dll - ok
14:03:34.0491 0x03f4 [ 957655757F43858692289B96F73716D8, 544DA3D99D91AE823EDD84A70C21048D879CE51AF238EF61D37517857961B751 ] C:\Windows\System32\kernel32.dll
14:03:34.0491 0x03f4 C:\Windows\System32\kernel32.dll - ok
14:03:34.0506 0x03f4 [ EC2C5AF37B76D7B58C642CB74423DB7A, BE1F6F2CE3B1539DAC23B73EA655B77E6E628E5E55BD16091E76934723BE77B1 ] C:\Windows\System32\drivers\usbport.sys
14:03:34.0506 0x03f4 C:\Windows\System32\drivers\usbport.sys - ok
14:03:34.0522 0x03f4 [ D40855F89B69305140BBD7E9A3BA2DA6, 745DC6D770666F6B19C2B6AA89C21D1A314732E291453BFA2367F9AF86F97C3C ] C:\Windows\System32\drivers\usbehci.sys
14:03:34.0522 0x03f4 C:\Windows\System32\drivers\usbehci.sys - ok
14:03:34.0522 0x03f4 [ 78780C3EBCE17405B1CCD07A3A8A7D72, FBFF3111E22EE0B4BCAFA81F89AAE985135BFF48EEFD130C09B49CCF8A9946B9 ] C:\Windows\System32\drivers\usbuhci.sys
14:03:34.0522 0x03f4 C:\Windows\System32\drivers\usbuhci.sys - ok
14:03:34.0538 0x03f4 [ 1B133875B8AA8AC48969BD3458AFE9F5, 01753BDD47F3F9BC0E0D23A069B9C56D4AE6A6B6295BC19B95AE245D25B12744 ] C:\Windows\System32\drivers\1394ohci.sys
14:03:34.0538 0x03f4 C:\Windows\System32\drivers\1394ohci.sys - ok
14:03:34.0553 0x03f4 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\System32\ole32.dll
14:03:34.0553 0x03f4 C:\Windows\System32\ole32.dll - ok
14:03:34.0553 0x03f4 [ BB4120F96C0EF1E81BE1AA78CC9EE3B6, C8C732330AEE31D77BC695ACB12B7642D549CC27A02C3D4002675308B80A6234 ] C:\Windows\System32\urlmon.dll
14:03:34.0553 0x03f4 C:\Windows\System32\urlmon.dll - ok
14:03:34.0569 0x03f4 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\System32\setupapi.dll
14:03:34.0569 0x03f4 C:\Windows\System32\setupapi.dll - ok
14:03:34.0584 0x03f4 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\System32\clbcatq.dll
14:03:34.0584 0x03f4 C:\Windows\System32\clbcatq.dll - ok
14:03:34.0584 0x03f4 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\System32\ws2_32.dll
14:03:34.0584 0x03f4 C:\Windows\System32\ws2_32.dll - ok
14:03:34.0600 0x03f4 [ 4A8E2F20809CC161107FAA94F6CF2685, 561DCE9E49696288A9EE802C0BEF424EB34A1C29B6D8931CCD5C7E26CB4F88EA ] C:\Windows\System32\imm32.dll
14:03:34.0600 0x03f4 C:\Windows\System32\imm32.dll - ok
14:03:34.0616 0x03f4 [ E4C85C291DDB3DC5E4A2F227CA465BA6, 743AC3C497DE0DEA466E52FA992DF9AFF65C2F8ED6C6FD69DF3C14221E05DDD2 ] C:\Windows\System32\drivers\tifm21.sys
14:03:34.0616 0x03f4 C:\Windows\System32\drivers\tifm21.sys - ok
14:03:34.0616 0x03f4 [ 0328BE1C7F1CBA23848179F8762E391C, EA80853F04BAE6F46F658B3EFED34BFDDE20E6F2BDA349EBC17EC75DFF19855D ] C:\Windows\System32\drivers\sdbus.sys
14:03:34.0616 0x03f4 C:\Windows\System32\drivers\sdbus.sys - ok
14:03:34.0631 0x03f4 [ F151F0BDC47F4A28B1B20A0818EA36D6, 84B24B5796D9F70A8C37773F5484A4606CC7908370CCD942627ACBEDC4952D79 ] C:\Windows\System32\drivers\i8042prt.sys
14:03:34.0631 0x03f4 C:\Windows\System32\drivers\i8042prt.sys - ok
14:03:34.0647 0x03f4 [ ADEF52CA1AEAE82B50DF86B56413107E, A3AE1E96B04AC81665ABBD3CB267DFB3F78376DAE18FB0DBD447908DDAAA22D2 ] C:\Windows\System32\drivers\kbdclass.sys
14:03:34.0647 0x03f4 C:\Windows\System32\drivers\kbdclass.sys - ok
14:03:34.0647 0x03f4 [ 74F805AB12EB0E3E49E469F19FF02640, 23A845F9162ECE37B6CF5B2537562C69705A4192D19438109B5212E111A49004 ] C:\Windows\System32\drivers\usbd.sys
14:03:34.0647 0x03f4 C:\Windows\System32\drivers\usbd.sys - ok
14:03:34.0662 0x03f4 [ 70534D1E4F9AC990536D5FB5B550B3DE, BD7F52FAD8FDF7F5FE37B6E6101D1386816F371894DD46D799FF4107F98134A1 ] C:\Windows\System32\drivers\SynTP.sys
14:03:34.0662 0x03f4 C:\Windows\System32\drivers\SynTP.sys - ok
14:03:34.0678 0x03f4 [ FB18CC1D4C2E716B6B903B0AC0CC0609, F10CCA63493782B16DE6B96B94A27078DBE68AECEF34FDF840CFF86D2C6E3C5E ] C:\Windows\System32\drivers\mouclass.sys
14:03:34.0678 0x03f4 C:\Windows\System32\drivers\mouclass.sys - ok
14:03:34.0678 0x03f4 [ 1825BCEB47BF41C5A9F0E44DE82FC27A, 6E5F2654852060A61728686A1877A1EA93645EEED0D2612842D951B4E83750A3 ] C:\Windows\System32\drivers\tdcmdpst.sys
14:03:34.0678 0x03f4 C:\Windows\System32\drivers\tdcmdpst.sys - ok
14:03:34.0694 0x03f4 [ 57EC4AEF73660166074D8F7F31C0D4FD, C66B425EC4DB5E7FD289AE631C9B019EB16717C55E80FAE964BB22203E4AACEF ] C:\Windows\System32\drivers\agilevpn.sys
14:03:34.0694 0x03f4 C:\Windows\System32\drivers\agilevpn.sys - ok
14:03:34.0709 0x03f4 [ CBE8C58A8579CFE5FCCF809E6F114E89, AC083A1C649EBA18C59FCC1772D0784B10E2B8C63094E3C14388E147DBC3F6DF ] C:\Windows\System32\drivers\CompositeBus.sys
14:03:34.0709 0x03f4 C:\Windows\System32\drivers\CompositeBus.sys - ok
14:03:34.0725 0x03f4 [ E4A8AEC125A2E43A9E32AFEEA7C9C888, 6EA181117126FC70B3C1DD1AC73CC26D1603A2CF49E47F66623E2C9489C49B55 ] C:\Windows\System32\drivers\ndistapi.sys
14:03:34.0725 0x03f4 C:\Windows\System32\drivers\ndistapi.sys - ok
14:03:34.0725 0x03f4 [ 38FBE267E7E6983311179230FACB1017, CFD1CBCA59650795C030DB30E5795B37C11C736E14003AE1DAB081BA5C0C9B14 ] C:\Windows\System32\drivers\ndiswan.sys
14:03:34.0725 0x03f4 C:\Windows\System32\drivers\ndiswan.sys - ok
14:03:34.0740 0x03f4 [ D9F91EAFEC2815365CBE6D167E4E332A, 8350457A39D141C13807E7DB5A8D4113197C4016F7744B9993391F4AEA0C4A5C ] C:\Windows\System32\drivers\rasl2tp.sys
14:03:34.0740 0x03f4 C:\Windows\System32\drivers\rasl2tp.sys - ok
14:03:34.0756 0x03f4 [ 0FE8B15916307A6AC12BFB6A63E45507, 64119474DE7499E6E8B82E78BBD50074B3AA70B3E8329089FAE9B7F29919004E ] C:\Windows\System32\drivers\raspppoe.sys
14:03:34.0756 0x03f4 C:\Windows\System32\drivers\raspppoe.sys - ok
14:03:34.0756 0x03f4 [ 631E3E205AD6D86F2AED6A4A8E69F2DB, 1D3BF0CFC37D91A3A56246920B9CF1084E78A055D56E85A773417809C58C8065 ] C:\Windows\System32\drivers\raspptp.sys
14:03:34.0756 0x03f4 C:\Windows\System32\drivers\raspptp.sys - ok
14:03:34.0772 0x03f4 [ 44101F495A83EA6401D886E7FD70096B, 56A0CE5C89870752B9B2AB795C1A248CA28209E049B2F20CCA0308CBE2488A0A ] C:\Windows\System32\drivers\rassstp.sys
14:03:34.0772 0x03f4 C:\Windows\System32\drivers\rassstp.sys - ok
14:03:34.0787 0x03f4 [ 5DCEF0C32BE0F33277326586FA503689, B6AEB5DE8F2430D2032DAF5B58DBB4E192F6113DB5379F5AD8189A7AC2560EEA ] C:\Windows\System32\drivers\ks.sys
14:03:34.0787 0x03f4 C:\Windows\System32\drivers\ks.sys - ok
14:03:34.0787 0x03f4 [ E58C78A848ADD9610A4DB6D214AF5224, 1575A90EB22A4FB066459BDA00C6CAC10198C3C8C74493721EC6D34B51F50426 ] C:\Windows\System32\drivers\swenum.sys
14:03:34.0787 0x03f4 C:\Windows\System32\drivers\swenum.sys - ok
14:03:34.0803 0x03f4 [ D295BED4B898F0FD999FCFA9B32B071B, D4130DB4AE76EE6DC0B8E7A4FEF5CB8B26EBD822C21021F6FA78FD29C1E211C2 ] C:\Windows\System32\drivers\umbus.sys
14:03:34.0803 0x03f4 C:\Windows\System32\drivers\umbus.sys - ok
14:03:34.0818 0x03f4 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\System32\msvcrt.dll
14:03:34.0818 0x03f4 C:\Windows\System32\msvcrt.dll - ok
14:03:34.0834 0x03f4 [ E7B9D5FF20FFDD4AAE2EF1D1B8C27A37, 689D126B1B42140D5049015E3E324268E6542D4BC6CC14E31D8B89A25B94BAA5 ] C:\Windows\System32\imagehlp.dll
14:03:34.0834 0x03f4 C:\Windows\System32\imagehlp.dll - ok
14:03:34.0834 0x03f4 [ A208DAC2932649CFF82A6A684D8BB1F6, 849A82E9BEA587E8221935F5132443F298412CF4D983C23C396510C7776CED41 ] C:\Windows\System32\oleaut32.dll
14:03:34.0834 0x03f4 C:\Windows\System32\oleaut32.dll - ok
14:03:34.0850 0x03f4 [ E8F4B60533305021DC93D591486CC19B, 7F5192289D52921A9A2CA6AD3934C83D448C464DFDA3C8C90F78E39EE06E0A76 ] C:\Windows\System32\rpcrt4.dll
14:03:34.0850 0x03f4 C:\Windows\System32\rpcrt4.dll - ok
14:03:34.0850 0x03f4 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\System32\sechost.dll
14:03:34.0865 0x03f4 C:\Windows\System32\sechost.dll - ok
14:03:34.0865 0x03f4 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\System32\shlwapi.dll
14:03:34.0865 0x03f4 C:\Windows\System32\shlwapi.dll - ok
14:03:34.0881 0x03f4 [ 152110AF82E06FF13C325EB99236B271, DD6DEF40A7D7E3CDB64E3B73986CED710511AEA9128431331D8DA4EABF55D49B ] C:\Windows\System32\wininet.dll
14:03:34.0881 0x03f4 C:\Windows\System32\wininet.dll - ok
14:03:34.0896 0x03f4 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\System32\comdlg32.dll
14:03:34.0896 0x03f4 C:\Windows\System32\comdlg32.dll - ok
14:03:34.0896 0x03f4 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\System32\nsi.dll
14:03:34.0896 0x03f4 C:\Windows\System32\nsi.dll - ok
14:03:34.0912 0x03f4 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\System32\psapi.dll
14:03:34.0912 0x03f4 C:\Windows\System32\psapi.dll - ok
14:03:34.0928 0x03f4 [ 340EECB781E6C06A6171B3068DA208AD, C3368488DFA5AAC05CAF9D636430111A0DDFB3EBFE6D69F10366F1C22890A99B ] C:\Windows\System32\shell32.dll
14:03:34.0928 0x03f4 C:\Windows\System32\shell32.dll - ok
14:03:34.0928 0x03f4 [ EDF2DF71C4F1E13A6AC75F5224DE655A, 1764D155C6B99201774B57195349304259232A12868ECFC2069CA49443EBDC2C ] C:\Windows\System32\drivers\usbhub.sys
14:03:34.0928 0x03f4 C:\Windows\System32\drivers\usbhub.sys - ok
14:03:34.0943 0x03f4 [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\System32\advapi32.dll
14:03:34.0943 0x03f4 C:\Windows\System32\advapi32.dll - ok
14:03:34.0959 0x03f4 [ 6D77D118D54BF6C5045B02CF0FA8D9AF, F0A88B509701BCE066D8E9301CC9BDBF1ED330DB32A3C8E7F2A8C80EB6A5671E ] C:\Windows\System32\lpk.dll
14:03:34.0959 0x03f4 C:\Windows\System32\lpk.dll - ok
14:03:34.0959 0x03f4 [ A5F833506BF6A1B5D693E1499DEE2444, 045874B7D37F49216E37D551076FF440E29DB5196564E714207DF753DF7FDDEE ] C:\Windows\System32\usp10.dll
14:03:34.0959 0x03f4 C:\Windows\System32\usp10.dll - ok
14:03:34.0974 0x03f4 [ 84B460BB65567ED42DD605FA044DB370, 4CA82B2581F417D8D6D81F446F81283D3DE91C8E8E0BC2DC3DA4CF8D55E765F5 ] C:\Windows\System32\msctf.dll
14:03:34.0974 0x03f4 C:\Windows\System32\msctf.dll - ok
14:03:34.0990 0x03f4 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\System32\Wldap32.dll
14:03:34.0990 0x03f4 C:\Windows\System32\Wldap32.dll - ok
14:03:34.0990 0x03f4 [ 87A703DECCDC1BFCAC67E1D4686F67B6, 65A63317F306845E160822C6284AF2148EB645769C1B86D9075581DD5334D883 ] C:\Windows\System32\KernelBase.dll
14:03:35.0006 0x03f4 C:\Windows\System32\KernelBase.dll - ok
14:03:35.0006 0x03f4 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\System32\comctl32.dll
14:03:35.0006 0x03f4 C:\Windows\System32\comctl32.dll - ok
14:03:35.0021 0x03f4 [ 74264B7F57A16D25CB581C07964D324A, AA91EE0910ECBD7D190A05EBA48F1D348756C2D4B217B7FE2DF3AF92AD4A176D ] C:\Windows\System32\crypt32.dll
14:03:35.0021 0x03f4 C:\Windows\System32\crypt32.dll - ok
14:03:35.0021 0x03f4 [ CC4ED8BEA78B0DCA6F217E014C3291A7, 01104182E4E6FB3CF6397936D30B2CE3486967586D1B94187B59A8232DAE39FF ] C:\Windows\System32\devobj.dll
14:03:35.0021 0x03f4 C:\Windows\System32\devobj.dll - ok
14:03:35.0037 0x03f4 [ D5EC42139D6A6158CF188975C50B6A60, C3551F8FC9DC58483B3AF4F80163C7A187F879FA89A7E36C28FD462FC24478FC ] C:\Windows\System32\wintrust.dll
14:03:35.0037 0x03f4 C:\Windows\System32\wintrust.dll - ok
14:03:35.0037 0x03f4 [ 3FFAEA12666E565FF51BF2FCA674F543, 95BA8DBDA495C170E075F48627D7DD89C6B29BE0CE0D0D8316B0236692675060 ] C:\Windows\System32\cfgmgr32.dll
14:03:35.0037 0x03f4 C:\Windows\System32\cfgmgr32.dll - ok
14:03:35.0052 0x03f4 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\System32\msasn1.dll
14:03:35.0052 0x03f4 C:\Windows\System32\msasn1.dll - ok
14:03:35.0052 0x03f4 [ A4BDC541E69674FBFF1A8FF00BE913F2, 18CCFD063E9870B8B6958715BC0414C4D920AE63528EA1E9D7E30F7138918FFA ] C:\Windows\System32\drivers\ndproxy.sys
14:03:35.0052 0x03f4 C:\Windows\System32\drivers\ndproxy.sys - ok
14:03:35.0068 0x03f4 [ 9842041E2F5ACE1E2F5FB4EF02053DC8, 8260D3DDCC92987CA3A456ABD0982A7C81DBBEDB87DE781039F2E4BCCF27DB6D ] C:\Windows\System32\drivers\drmk.sys
14:03:35.0068 0x03f4 C:\Windows\System32\drivers\drmk.sys - ok
14:03:35.0084 0x03f4 [ EB6137D696A9B4E9718AC6F8641CB4C9, 438B6177F8BF50E17226D9C4E5FAE42D82178CCDD79979C78B15261B459E153E ] C:\Windows\System32\drivers\portcls.sys
14:03:35.0084 0x03f4 C:\Windows\System32\drivers\portcls.sys - ok
14:03:35.0084 0x03f4 [ C6B9C84B5965E4BD6B9967B16058E4DE, F2F4F4C0522025782022E8F162A09697B18461DD06CB07E12B330AE00A7ABEFE ] C:\Windows\System32\drivers\RTKVHDA.sys
14:03:35.0084 0x03f4 C:\Windows\System32\drivers\RTKVHDA.sys - ok
14:03:35.0099 0x03f4 [ 7E10E3BB9B258AD8A9300F91214D67B9, CE5FAD7BF78234B64EAADF64DB23F3C342AADB9C5E3B0168E57863F494F30318 ] C:\Windows\System32\drivers\AGRSM.sys
14:03:35.0099 0x03f4 C:\Windows\System32\drivers\AGRSM.sys - ok
14:03:35.0115 0x03f4 [ F001861E5700EE84E2D4E52C712F4964, F4DC5AEED6F34D76CCEF360862CC47EF71097BE0813C8CE04EE5F0DB387DFFAE ] C:\Windows\System32\drivers\modem.sys
14:03:35.0115 0x03f4 C:\Windows\System32\drivers\modem.sys - ok
14:03:35.0115 0x03f4 [ D3C8A505DC4EAB76CD2ACF39D9CD0B76, F76AB76E861E4B9E281F484F76BA3508555CCE9269178D2D01E6CB4E4C473B7E ] C:\Windows\System32\drivers\HP8207_8307.sys
14:03:35.0115 0x03f4 C:\Windows\System32\drivers\HP8207_8307.sys - ok
14:03:35.0130 0x03f4 [ 5FCD3320AAE71506B43F9E12E4E72172, 067531833F90241A181EF082D85CFF74336D68DAB0AADE4393C1F35CD662DAAE ] C:\Windows\System32\drivers\dxapi.sys
14:03:35.0130 0x03f4 C:\Windows\System32\drivers\dxapi.sys - ok
14:03:35.0130 0x03f4 [ 358B1F17A8E5419AD108D5E5C522F674, C0C3ED1DCA7ABB86D4F8F8B4BC1B9846C64E0F2D39733EBEF32F0B5E5748D22A ] C:\Windows\System32\win32k.sys
14:03:35.0130 0x03f4 C:\Windows\System32\win32k.sys - ok
14:03:35.0146 0x03f4 [ 342271F6142E7C70805B8A81E1BA5F5C, F9112B88FEC5EF10A7AEDF88DCEE61956D1FCDE7CB42197216E8265578713786 ] C:\Windows\System32\csrss.exe
14:03:35.0146 0x03f4 C:\Windows\System32\csrss.exe - ok
14:03:35.0146 0x03f4 [ B68B44D003D3FF5E245F6B3761496082, 0BED841E65815DD0F25FA3A9868765E254BE857A7AD4ADB1FD6488F5EC9B2C07 ] C:\Windows\System32\csrsrv.dll
14:03:35.0146 0x03f4 C:\Windows\System32\csrsrv.dll - ok
14:03:35.0162 0x03f4 [ DAB748AE0439955ED2FA22357533DDDB, 73EDD402C7479DDCE1998D0C7E99E1EC2974F64EFC33A851439CC85D09EDCDF9 ] C:\Windows\System32\basesrv.dll
14:03:35.0162 0x03f4 C:\Windows\System32\basesrv.dll - ok
14:03:35.0162 0x03f4 [ A83DD77AC941A8B1B2652035EA589149, 8F879178E154B3F9F367FB3D6F9A21B129F36796CD3B6A76A9E7CFDD0F63332C ] C:\Windows\System32\winsrv.dll
14:03:35.0162 0x03f4 C:\Windows\System32\winsrv.dll - ok
14:03:35.0177 0x03f4 [ 50ABE682EBE752EAF62B18790D6D491C, E01499C4F81CC49A89590A07CB814D21126CE52DCD3FACADB6D1E243940C69FA ] C:\Windows\System32\drivers\hidclass.sys
14:03:35.0177 0x03f4 C:\Windows\System32\drivers\hidclass.sys - ok
14:03:35.0193 0x03f4 [ F1B27299F547D452EDAEF01FC187CB91, 574FC8ACB349244122E6D76333E2BB72680639EEF61C0B679F8485023B619263 ] C:\Windows\System32\drivers\hidparse.sys
14:03:35.0193 0x03f4 C:\Windows\System32\drivers\hidparse.sys - ok
14:03:35.0193 0x03f4 [ 10C19F8290891AF023EAEC0832E1EB4D, E208553029488A6EE2F5216CC9FE5F93E9931A94C0D0625253BB159E30642853 ] C:\Windows\System32\drivers\hidusb.sys
14:03:35.0193 0x03f4 C:\Windows\System32\drivers\hidusb.sys - ok
14:03:35.0208 0x03f4 [ 2C388D2CD01C9042596CF3C8F3C7B24D, B2FB72272BB01AEDA4047B57C943B7E9BD8A6497854F8CC34672AAA592D0A703 ] C:\Windows\System32\drivers\mouhid.sys
14:03:35.0208 0x03f4 C:\Windows\System32\drivers\mouhid.sys - ok
14:03:35.0208 0x03f4 [ 79D10964DE86B292320E9DFE02282A23, 52714827B7EEDACA55326A4E4F6158D4942DFAA3BACDE303A2F569BF3F4FAA72 ] C:\Windows\System32\drivers\monitor.sys
14:03:35.0208 0x03f4 C:\Windows\System32\drivers\monitor.sys - ok
14:03:35.0224 0x03f4 [ 0803FBA9FE829D61AE26EC0BCC910C46, 30D00E2C7DFC630C99C1599587D4F9C272BC30D444E07C961AA05BF84587806B ] C:\Windows\System32\drivers\usbccgp.sys
14:03:35.0224 0x03f4 C:\Windows\System32\drivers\usbccgp.sys - ok
14:03:35.0240 0x03f4 [ DE014425522610BEDCA3821BB8C0F1D5, D6FEA0DF07F89834AEEE8C02CC7FD41068D758B6CCECE2EEE5CF4B9DB646FA1E ] C:\Windows\System32\drivers\usbvideo.sys
14:03:35.0240 0x03f4 C:\Windows\System32\drivers\usbvideo.sys - ok
14:03:35.0240 0x03f4 [ 237C444FBD1C697A2E3FA60F02C61F22, AF3BBC57C0DCF7BEA78324170ED24FF44894D9F6BA3541040E4AF7BD5473E17F ] C:\Windows\System32\drivers\UVCFTR_S.SYS
14:03:35.0240 0x03f4 C:\Windows\System32\drivers\UVCFTR_S.SYS - ok
14:03:35.0255 0x03f4 [ 7C76B61A5E1EF5D1FA554CF134100F18, 2B07C27A2C9A5D939CE9255C67E87B4EF8BFD3B011A592CC0E6994E660483648 ] C:\Windows\System32\tsddd.dll
14:03:35.0255 0x03f4 C:\Windows\System32\tsddd.dll - ok
14:03:35.0255 0x03f4 [ 364455805E64882844EE9ACB72522830, 906561DBBB33F744844CF27E456226044C85DF0FCFD26DE1FD11E09E2CFA6F8F ] C:\Windows\System32\sxssrv.dll
14:03:35.0255 0x03f4 C:\Windows\System32\sxssrv.dll - ok
14:03:35.0271 0x03f4 [ B5C5DCAD3899512020D135600129D665, F6B4D18FA0D3C4958711AC0D476C21A6FDF2897F989A0AD290B43F463DD8B5B0 ] C:\Windows\System32\wininit.exe
14:03:35.0271 0x03f4 C:\Windows\System32\wininit.exe - ok
14:03:35.0271 0x03f4 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\System32\profapi.dll
14:03:35.0271 0x03f4 C:\Windows\System32\profapi.dll - ok
14:03:35.0286 0x03f4 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\System32\RpcRtRemote.dll
14:03:35.0286 0x03f4 C:\Windows\System32\RpcRtRemote.dll - ok
14:03:35.0302 0x03f4 [ 357B990A4249D7F7485B230C0CC8825A, FE15918D883B0861D6BBA0E6AC77ABD8FE42C8F76869768BE4FD1F2A5027BD7A ] C:\Windows\System32\KBDUS.DLL
14:03:35.0302 0x03f4 C:\Windows\System32\KBDUS.DLL - ok
14:03:35.0302 0x03f4 [ 5860EE5C807CB3866551B845123493C6, E8EBD2A2AF76ABD8091A21CDF2650EB9239E1B41E73F656C8C13E5B2CF3CABE5 ] C:\Windows\System32\cdd.dll
14:03:35.0302 0x03f4 C:\Windows\System32\cdd.dll - ok
14:03:35.0318 0x03f4 [ 633C2C060CF857099F6C4F8D75C952B1, 95E14B5212301900BC9DDB6B42735B114D364188E9B312C786511258106398C8 ] C:\Windows\System32\WlS0WndH.dll
14:03:35.0318 0x03f4 C:\Windows\System32\WlS0WndH.dll - ok
14:03:35.0318 0x03f4 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\System32\sxs.dll
14:03:35.0318 0x03f4 C:\Windows\System32\sxs.dll - ok
14:03:35.0333 0x03f4 [ E97B4515FC3846CB5C6853C40E71EF28, 20986C3716156EEA2DFF4925292253CA32B7215921068644368C209933852DED ] C:\Windows\System32\cryptbase.dll
14:03:35.0333 0x03f4 C:\Windows\System32\cryptbase.dll - ok
14:03:35.0349 0x03f4 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\System32\apphelp.dll
14:03:35.0349 0x03f4 C:\Windows\System32\apphelp.dll - ok
14:03:35.0349 0x03f4 [ 52449FD429D6053B78AE564DEF303870, 473E42C5B48493C84CF1B22D054AD1C788FCE3603E439ABC77A3B37DACFF9F1C ] C:\Windows\System32\winlogon.exe
14:03:35.0349 0x03f4 C:\Windows\System32\winlogon.exe - ok
14:03:35.0364 0x03f4 [ FD67683FBA9B2C4BB551780BD8846F64, 4BB7C956EA8D2CE63F5BF80FAE652F98416A7635202AEE04FC8D81000E6363DF ] C:\Windows\System32\winsta.dll
14:03:35.0364 0x03f4 C:\Windows\System32\winsta.dll - ok
14:03:35.0364 0x03f4 [ 8AEA9A37C1A3565A204D37C5E72AB791, 939903F93FF37525A6C4B5CBA29CDEEE6D6055C42D605E80AE787F2A76F9870E ] C:\Windows\System32\lsm.exe
14:03:35.0364 0x03f4 C:\Windows\System32\lsm.exe - ok
14:03:35.0380 0x03f4 [ 0780A42DBD7D9969F9BF4A19AA4285B5, 8EA41124A4E97732C5DAA616457FBA7111CB38986F3427FA776ED00BC1407171 ] C:\Windows\System32\services.exe
14:03:35.0380 0x03f4 C:\Windows\System32\services.exe - ok
14:03:35.0380 0x03f4 [ DC0B4400073A404B53F571126B58F480, 022F1E8431C6299D8DFA287A570B0D24C2FFDCD8BF79420BAA1637E5366B4459 ] C:\Windows\System32\lsass.exe
14:03:35.0380 0x03f4 C:\Windows\System32\lsass.exe - ok
14:03:35.0396 0x03f4 [ F569BC1AB95791FB322BD287B55A1598, 38B987331C215BFC5419A27107AB5CDB6BB6D765F789E7DDA88CDE5F9497B554 ] C:\Windows\System32\sspisrv.dll
14:03:35.0396 0x03f4 C:\Windows\System32\sspisrv.dll - ok
14:03:35.0396 0x03f4 [ BA51FFE170C5B3AE8EC4F5BD2581A29E, CF734875C91B6C547A5F0BA68FB10ECDFD5FF24166A0D69309C27DC712C22F4B ] C:\Windows\System32\sysntfy.dll
14:03:35.0396 0x03f4 C:\Windows\System32\sysntfy.dll - ok
14:03:35.0411 0x03f4 [ FF16B4DD3F7AF975FBB9F201F8DBA312, 99C8E30F08A0BF8100F024692460CCC04BE4BC7A8DE02F9BD9EA3736B515497A ] C:\Windows\System32\sspicli.dll
14:03:35.0411 0x03f4 C:\Windows\System32\sspicli.dll - ok
14:03:35.0427 0x03f4 [ D412B1B72C5AB020218E9A047D90CA05, A9CF8134DB968D259DF4DCC736159841BCB8DF309BEED4FB44F99033B8D31B39 ] C:\Windows\System32\wmsgapi.dll
14:03:35.0427 0x03f4 C:\Windows\System32\wmsgapi.dll - ok
14:03:35.0427 0x03f4 [ B3BC38B886CA53C92D52EF724A9F0D45, FDA8F38557279A27DDECCC741C6760EBE8054C9D51AC6D17D362122882D062F3 ] C:\Windows\System32\scesrv.dll
14:03:35.0427 0x03f4 C:\Windows\System32\scesrv.dll - ok
14:03:35.0442 0x03f4 [ 3369D021265E369D57317D61FA86DD79, 25A3BE3619324578C5B7CCB4585D89131DC60A969D35F9573FF20CCD67809BA3 ] C:\Windows\System32\scext.dll
14:03:35.0442 0x03f4 C:\Windows\System32\scext.dll - ok
14:03:35.0442 0x03f4 [ 81E207D09B2A7723A549EFB34B47C7EA, 1961D162EB0C0B3CE0F3E5CC9A94B7057D85B32F6D4A099A737881F2A5512DF9 ] C:\Windows\System32\secur32.dll
14:03:35.0442 0x03f4 C:\Windows\System32\secur32.dll - ok
14:03:35.0458 0x03f4 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\System32\srvcli.dll
14:03:35.0458 0x03f4 C:\Windows\System32\srvcli.dll - ok
14:03:35.0474 0x03f4 [ 7F221F90FD88EB1E5860E7F6C90ED595, 3460FF89C8C52C705B9D57EC05769499461679E13949F10506EC96DD1B5A001E ] C:\Windows\System32\lsasrv.dll
14:03:35.0474 0x03f4 C:\Windows\System32\lsasrv.dll - ok
14:03:35.0474 0x03f4 [ C6A5FBD4977305E1FA23E02C042DB463, A6EB5E4B8051A258D40A385609E930318EAA3494C8466F48542B806FE6A7C47A ] C:\Windows\System32\drivers\TsUsbFlt.sys
14:03:35.0474 0x03f4 C:\Windows\System32\drivers\TsUsbFlt.sys - ok
14:03:35.0489 0x03f4 [ 245F4691314F42D4D1BC06442F0B2086, 281DD81E06547BEB0DDB1FBB68B149961F1DEE268C9E9648DE662900ECB40FE0 ] C:\Windows\System32\samsrv.dll
14:03:35.0489 0x03f4 C:\Windows\System32\samsrv.dll - ok
14:03:35.0489 0x03f4 [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\System32\cryptdll.dll
14:03:35.0489 0x03f4 C:\Windows\System32\cryptdll.dll - ok
14:03:35.0505 0x03f4 [ 82C089EA2A3EEFADF3588EA71E8BDADA, 2F3BB32EE2C0673058A74DEEB2D405E5E79F833F33C4D289A93EB3C618A86E75 ] C:\Windows\System32\wevtapi.dll
14:03:35.0505 0x03f4 C:\Windows\System32\wevtapi.dll - ok
14:03:35.0505 0x03f4 [ FB4EB9352B7D698E6B3C2AA2ED724DAD, 534AB280ACD29E88FD1BD8838E1231D9364E649C917547A838F51EC8AB941EE2 ] C:\Windows\System32\authz.dll
14:03:35.0505 0x03f4 C:\Windows\System32\authz.dll - ok
14:03:35.0520 0x03f4 [ FC7650224790CAE75A5E9231961FDEC5, D634FC1F43AAC41D8B440BD4C1E7576886CDE683EDE4CAF06C43163B5E176CBB ] C:\Windows\System32\bcrypt.dll
14:03:35.0520 0x03f4 C:\Windows\System32\bcrypt.dll - ok
14:03:35.0520 0x03f4 [ 50BA656134F78AF64E4DD3C8B6FEFD7E, F7AB96E0C9658B0444FD473E87165199FA90AE5CE434B40FBA1DB324925DF886 ] C:\Windows\System32\cngaudit.dll
14:03:35.0536 0x03f4 C:\Windows\System32\cngaudit.dll - ok
14:03:35.0536 0x03f4 [ CA017983095846BFCFBE9C02B40958B3, E6FC981D127164A607D73CDC297C1E943C87084AEE170392239108C5D54FD361 ] C:\Windows\System32\ncrypt.dll
14:03:35.0536 0x03f4 C:\Windows\System32\ncrypt.dll - ok
14:03:35.0552 0x03f4 [ C90878913DF3DC504790282043DB5F4C, 5DC30020A523B5B219A219D74208A1249A43510D70723985817A021249D97036 ] C:\Windows\System32\msprivs.dll
14:03:35.0552 0x03f4 C:\Windows\System32\msprivs.dll - ok
14:03:35.0552 0x03f4 [ E343CABBD8D600ABAF3F11625D33B3D0, AA73D0F205749C291BF5EF179BDF3BF30977E36C87F4FF5361942EE024E848F9 ] C:\Windows\System32\netjoin.dll
14:03:35.0552 0x03f4 C:\Windows\System32\netjoin.dll - ok
14:03:35.0567 0x03f4 [ 4466D67AC240FE1CCCB32BE743BCB488, C0631DAF996F86B9EC1BCEDFBCB7001708F67E88014D220AD0D96766C1F0C608 ] C:\Windows\System32\kerberos.dll
14:03:35.0567 0x03f4 C:\Windows\System32\kerberos.dll - ok
14:03:35.0583 0x03f4 [ 6DCFAEC6D1334AA6CDF8961DB4633CBF, DA7A26935691379DA0DBA829DEDE82401BCA7D35E28BFBFE3F9CE38AFF344737 ] C:\Windows\System32\negoexts.dll
14:03:35.0583 0x03f4 C:\Windows\System32\negoexts.dll - ok
14:03:35.0583 0x03f4 [ B54FD1991E659FD61EF1D34EC27AAECD, 4BB2F43322093F02B2FBCC4B2456437356555DA48DC6DA67FC55A1B457D32149 ] C:\Windows\System32\cryptsp.dll
14:03:35.0583 0x03f4 C:\Windows\System32\cryptsp.dll - ok
14:03:35.0598 0x03f4 [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\System32\mswsock.dll
14:03:35.0598 0x03f4 C:\Windows\System32\mswsock.dll - ok
14:03:35.0598 0x03f4 [ E344031017D52F5F1A4C759A815625CC, 295C1DCF4ED0986B400B5D18CA53C94272896CF0BC35B18E3D4095AF807F0238 ] C:\Windows\System32\msv1_0.dll
14:03:35.0598 0x03f4 C:\Windows\System32\msv1_0.dll - ok
14:03:35.0614 0x03f4 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\System32\wship6.dll
14:03:35.0614 0x03f4 C:\Windows\System32\wship6.dll - ok
14:03:35.0614 0x03f4 [ C1809B9907ADEDAF16F50C894100883B, 464CF897CB376DCDC9A584A2A470B5B82D99C595DC55930778B162E605CDFBA8 ] C:\Windows\System32\netlogon.dll
14:03:35.0614 0x03f4 C:\Windows\System32\netlogon.dll - ok
14:03:35.0630 0x03f4 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\System32\dnsapi.dll
14:03:35.0630 0x03f4 C:\Windows\System32\dnsapi.dll - ok
14:03:35.0630 0x03f4 [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\System32\logoncli.dll
14:03:35.0630 0x03f4 C:\Windows\System32\logoncli.dll - ok
14:03:35.0645 0x03f4 [ 98226182583DF1715F1BE6CCEA6E8D95, 6C989925EE88AD076E298EF4261CAC96EABE2B737E26606BAE96A1662F99D7B5 ] C:\Windows\System32\schannel.dll
14:03:35.0645 0x03f4 C:\Windows\System32\schannel.dll - ok
14:03:35.0645 0x03f4 [ 6AE6E08938D5BA9D8BA305506620B48D, BEE7663CD185E1CC5C6E4CC27A5072B277CAADAE964C6747EFE6454A05098E95 ] C:\Windows\System32\wdigest.dll
14:03:35.0645 0x03f4 C:\Windows\System32\wdigest.dll - ok
14:03:35.0661 0x03f4 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\System32\rsaenh.dll
14:03:35.0661 0x03f4 C:\Windows\System32\rsaenh.dll - ok
14:03:35.0661 0x03f4 [ 98B3C919C6B9C5F810FF2CAFA339822B, 3F9F0AFD05D82E6CEE70A6E888B0203B94BCF926BC7AC59FA5079BF94E36F6E8 ] C:\Windows\System32\pku2u.dll
14:03:35.0661 0x03f4 C:\Windows\System32\pku2u.dll - ok
14:03:35.0676 0x03f4 [ 393FDE87F56A8E98AC1B37ADB2181332, 723891D111B24B931A73490D9493D8C1FF9665CC8C6BF3BA4A690A1CFA5B30A5 ] C:\Windows\System32\TSpkg.dll
14:03:35.0676 0x03f4 C:\Windows\System32\TSpkg.dll - ok
14:03:35.0676 0x03f4 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\System32\bcryptprimitives.dll
14:03:35.0676 0x03f4 C:\Windows\System32\bcryptprimitives.dll - ok
14:03:35.0692 0x03f4 [ 45DAF17CA094EB0A3E7A3955B31F03B6, 54D7138E94975B68820984C2C384EACFD9E1FE51621E049166AFCDA44C1007C2 ] C:\Windows\System32\LIVESSP.DLL
14:03:35.0692 0x03f4 C:\Windows\System32\LIVESSP.DLL - ok
14:03:35.0692 0x03f4 [ 96741CBB4CC3638A2BCB11F93B92B738, BAC6B0A0AA6828175628944DB5EAC928025F572CD2FAA2AE4C2B84A1F9BF1AF8 ] C:\Windows\System32\credssp.dll
14:03:35.0692 0x03f4 C:\Windows\System32\credssp.dll - ok
14:03:35.0708 0x03f4 [ 91F434FF6606ED9BDC6A05D651B69553, F2CF43DDDE2241E8A25F710A516371E0C56D99195022D9715A98379C753929B3 ] C:\Windows\System32\efslsaext.dll
14:03:35.0708 0x03f4 C:\Windows\System32\efslsaext.dll - ok
14:03:35.0723 0x03f4 [ 8124944EC89D6A1815E4E53F5B96AAF4, A6766BD0F62A381C9899F66E5C32731BD91600363F4CFBE560BC8AA2B111C790 ] C:\Windows\System32\scecli.dll
14:03:35.0723 0x03f4 C:\Windows\System32\scecli.dll - ok
14:03:35.0723 0x03f4 [ B804EAA9E037580F96C22537C2ECB62A, 325A94B7C916965D5B9C7EFB5DB78988E8E6D53D270593C95B8E88D242D81E21 ] C:\Windows\System32\ubpm.dll
14:03:35.0723 0x03f4 C:\Windows\System32\ubpm.dll - ok
14:03:35.0739 0x03f4 [ 54A47F6B5E09A77E61649109C6A08866, 121118A0F5E0E8C933EFD28C9901E54E42792619A8A3A6D11E1F0025A7324BC2 ] C:\Windows\System32\svchost.exe
14:03:35.0739 0x03f4 C:\Windows\System32\svchost.exe - ok
14:03:35.0739 0x03f4 [ EC7BC28D207DA09E79B3E9FAF8B232CA, A42F8F69C3CD753D787A5D558659DEA2CC306C896D75B8C82549219CF654504F ] C:\Windows\System32\umpnpmgr.dll
14:03:35.0739 0x03f4 C:\Windows\System32\umpnpmgr.dll - ok
14:03:35.0754 0x03f4 [ FD07F21E0A19C27ED4E1EEC2B07452B3, DF54C00B021AF64BB04EDEBCA6F41CCF48F1959DD53ADE545FAFC565F1243392 ] C:\Windows\System32\devrtl.dll
14:03:35.0754 0x03f4 C:\Windows\System32\devrtl.dll - ok
14:03:35.0754 0x03f4 [ 4BDBBE5E4208022DD794F7EEEB0F7366, 4F69BA2EDABFA63A300B9F1880349EFAE185B899DD5C561E7B3BA6AAA4B22D6A ] C:\Windows\System32\SPInf.dll
14:03:35.0754 0x03f4 C:\Windows\System32\SPInf.dll - ok
14:03:35.0770 0x03f4 [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\System32\gpapi.dll
14:03:35.0770 0x03f4 C:\Windows\System32\gpapi.dll - ok
14:03:35.0770 0x03f4 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\System32\userenv.dll
14:03:35.0770 0x03f4 C:\Windows\System32\userenv.dll - ok
14:03:35.0786 0x03f4 [ 5893EBDCE371174AC89ECD7731DD6D77, 31CC55F4724CFD95E48954B38C0A04D674399FD243083A816893ED5E5A770086 ] C:\Windows\System32\pcwum.dll
14:03:35.0786 0x03f4 C:\Windows\System32\pcwum.dll - ok
14:03:35.0786 0x03f4 [ F87D30E72E03D579A5199CCB3831D6EA, B09328E89954584F97908FA5946376BA990B8C650DABCBF3CA3B08719937C694 ] C:\Windows\System32\umpo.dll
14:03:35.0786 0x03f4 C:\Windows\System32\umpo.dll - ok
14:03:35.0801 0x03f4 [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\System32\powrprof.dll
14:03:35.0801 0x03f4 C:\Windows\System32\powrprof.dll - ok
14:03:35.0801 0x03f4 [ 193CAE0DDAFC32EB75167316A8C7FD79, FA58C2AD0AE4D1BC5B07426735E17B14BC027349FFE9EBA0F26D6B2D5432B3C3 ] C:\Program Files\Webroot\WRSA.exe
14:03:35.0801 0x03f4 C:\Program Files\Webroot\WRSA.exe - ok
14:03:35.0817 0x03f4 [ D875981DE4B198D245D8BD6832805A8F, 0B37F9C095698E0EA56285DE1BB2274C34B950B62545FD89CB6E3E12D34C0337 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18852_none_72d5ba7586659cb4\GdiPlus.dll
14:03:35.0817 0x03f4 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18852_none_72d5ba7586659cb4\GdiPlus.dll - ok
14:03:35.0832 0x03f4 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\System32\IPHLPAPI.DLL
14:03:35.0832 0x03f4 C:\Windows\System32\IPHLPAPI.DLL - ok
14:03:35.0832 0x03f4 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\System32\msimg32.dll
14:03:35.0832 0x03f4 C:\Windows\System32\msimg32.dll - ok
14:03:35.0832 0x03f4 [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\System32\netapi32.dll
14:03:35.0848 0x03f4 C:\Windows\System32\netapi32.dll - ok
14:03:35.0848 0x03f4 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\System32\netutils.dll
14:03:35.0848 0x03f4 C:\Windows\System32\netutils.dll - ok
14:03:35.0864 0x03f4 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\System32\samcli.dll
14:03:35.0864 0x03f4 C:\Windows\System32\samcli.dll - ok
14:03:35.0864 0x03f4 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\System32\winnsi.dll
14:03:35.0864 0x03f4 C:\Windows\System32\winnsi.dll - ok
14:03:35.0879 0x03f4 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\System32\wkscli.dll
14:03:35.0879 0x03f4 C:\Windows\System32\wkscli.dll - ok
14:03:35.0879 0x03f4 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\System32\winhttp.dll
14:03:35.0879 0x03f4 C:\Windows\System32\winhttp.dll - ok
14:03:35.0895 0x03f4 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\System32\webio.dll
14:03:35.0895 0x03f4 C:\Windows\System32\webio.dll - ok
14:03:35.0895 0x03f4 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\System32\winspool.drv
14:03:35.0895 0x03f4 C:\Windows\System32\winspool.drv - ok
14:03:35.0910 0x03f4 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\System32\NapiNSP.dll
14:03:35.0910 0x03f4 C:\Windows\System32\NapiNSP.dll - ok
14:03:35.0910 0x03f4 [ 50E0DD0A5B8D8BC353578F2F73926697, 9A453F60FC0149417105BB5B4CB910D614A3D832D98313A58D0EA36BABED4460 ] C:\Windows\System32\nlaapi.dll
14:03:35.0910 0x03f4 C:\Windows\System32\nlaapi.dll - ok
14:03:35.0926 0x03f4 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\System32\pnrpnsp.dll
14:03:35.0926 0x03f4 C:\Windows\System32\pnrpnsp.dll - ok
14:03:35.0926 0x03f4 [ 4355CF8BD07B0E48C111FC3D2F36D313, B3C5837C29A71E82CA4C7A887FE219C26A5CAA1230AD7E5853C4B3035C7CC94D ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
14:03:35.0926 0x03f4 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
14:03:35.0942 0x03f4 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\System32\winrnr.dll
14:03:35.0942 0x03f4 C:\Windows\System32\winrnr.dll - ok
14:03:35.0942 0x03f4 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\System32\dhcpcsvc.dll
14:03:35.0942 0x03f4 C:\Windows\System32\dhcpcsvc.dll - ok
14:03:35.0957 0x03f4 [ 81F6C1AE23B1C493D9E996C3103915D7, E22408B4D2EDE2F89E686A4FDCD4057BE27B86D050E9CB489F0FFB39C72AEC1D ] C:\Windows\System32\dhcpcsvc6.dll
14:03:35.0957 0x03f4 C:\Windows\System32\dhcpcsvc6.dll - ok
14:03:35.0957 0x03f4 [ F0D0E883EBBDC7615DC9EDEA0FFB2817, 58F1395445018CB16ED4D3710443FB5B0E087043F6A69F7B10D72D0455958954 ] C:\Windows\System32\FWPUCLNT.DLL
14:03:35.0957 0x03f4 C:\Windows\System32\FWPUCLNT.DLL - ok
14:03:35.0973 0x03f4 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\System32\rasadhlp.dll
14:03:35.0973 0x03f4 C:\Windows\System32\rasadhlp.dll - ok
14:03:35.0973 0x03f4 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\System32\WSHTCPIP.DLL
14:03:35.0973 0x03f4 C:\Windows\System32\WSHTCPIP.DLL - ok
14:03:35.0988 0x03f4 [ 6703E366CC18D3B6E534F5CF7DF39CEE, 7396B9AF938284D99EC51206A7B2FA4A0DC10A493DCE6707818B03A7473782C4 ] C:\Windows\System32\drivers\luafv.sys
14:03:35.0988 0x03f4 C:\Windows\System32\drivers\luafv.sys - ok
14:03:35.0988 0x03f4 [ 7660F01D3B38ACA1747E397D21D790AF, 04611B43705C064C2A8331F6D3F8E4530295694AE2C3E3EC3F62CFF4A5EFA88D ] C:\Windows\System32\rpcss.dll
14:03:35.0988 0x03f4 C:\Windows\System32\rpcss.dll - ok
14:03:36.0004 0x03f4 [ 78D072F35BC45D9E4E1B61895C152234, 80C924EE1156B4E3172E83DCB9C60817E87885FB9377647E0BF90153E415B1CA ] C:\Windows\System32\RpcEpMap.dll
14:03:36.0004 0x03f4 C:\Windows\System32\RpcEpMap.dll - ok
14:03:36.0004 0x03f4 [ 81F08948A0F1475894C99D4D19A158A8, 93334DA369BF976E498265E432CAF63D898D378C6B32947DF355366ABE2A0FAC ] C:\Windows\System32\wshqos.dll
14:03:36.0004 0x03f4 C:\Windows\System32\wshqos.dll - ok
14:03:36.0020 0x03f4 [ B7DC2E397A8C532B44E258F97D0A4577, 9170E2037EB23CA23E699B2269631DC8A48E49B40E141410014E080CE75EF0CF ] C:\Program Files\Microsoft Security Client\MpSvc.dll
14:03:36.0020 0x03f4 C:\Program Files\Microsoft Security Client\MpSvc.dll - ok
14:03:36.0020 0x03f4 [ F26F7A5B18C717E57E3B6B306ABEC00B, 4C49C67A48F6B77E38A7FD28C960C92DFF371ACF0722C6EE4DF5F4B382937870 ] C:\Program Files\Microsoft Security Client\MsMpEng.exe
14:03:36.0020 0x03f4 C:\Program Files\Microsoft Security Client\MsMpEng.exe - ok
14:03:36.0035 0x03f4 [ 3F50200237961034FACE602373838980, F97D72CC75D921CF8F8E0544614407358AEFF97A8F48E4A89F82689EE8F2FC86 ] C:\Windows\System32\FirewallAPI.dll
14:03:36.0035 0x03f4 C:\Windows\System32\FirewallAPI.dll - ok
14:03:36.0051 0x03f4 [ 3EF0D8AB08385AAB5802E773511A2E6A, 1A7EE4BC646767004372EAEA9BC0A2071790E739101F7D25ECD9C95D3F29AFD6 ] C:\Windows\System32\LogonUI.exe
14:03:36.0051 0x03f4 C:\Windows\System32\LogonUI.exe - ok
14:03:36.0066 0x03f4 [ 7B4277F9E9F48D5D8E6AEA341F8048E8, 5EC3B6F261AD03C70386BF014E8D627402E604A8333049C6F1D93D459AC90495 ] C:\Windows\System32\authui.dll
14:03:36.0066 0x03f4 C:\Windows\System32\authui.dll - ok
14:03:36.0066 0x03f4 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\System32\version.dll
14:03:36.0066 0x03f4 C:\Windows\System32\version.dll - ok
14:03:36.0082 0x03f4 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\System32\wtsapi32.dll
14:03:36.0082 0x03f4 C:\Windows\System32\wtsapi32.dll - ok
14:03:36.0098 0x03f4 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\System32\cscapi.dll
14:03:36.0098 0x03f4 C:\Windows\System32\cscapi.dll - ok
14:03:36.0098 0x03f4 [ 241E015DD809CFB23242F890B1FC575B, 763381DCBACF06FD8D043B14D383B6F4D5295B8E665796C59603F15F3E3E36FC ] C:\Windows\System32\wevtsvc.dll
14:03:36.0098 0x03f4 C:\Windows\System32\wevtsvc.dll - ok
14:03:36.0113 0x03f4 [ FD9692A3D31E021207D3C2A9DDDC2BE3, 5295EFAD9BD4B59996935A41825392C12A4C968D161BEEA37797F90AF8E54229 ] C:\Windows\System32\profsvc.dll
14:03:36.0113 0x03f4 C:\Windows\System32\profsvc.dll - ok
14:03:36.0113 0x03f4 [ C1619A13B10CAC5038BF7129F57D8DE3, 9F71EA6C844650658938E68CCC1383F92D37C68E46E08461A8351491185BA791 ] C:\Windows\System32\audiosrv.dll
14:03:36.0113 0x03f4 C:\Windows\System32\audiosrv.dll - ok
14:03:36.0129 0x03f4 [ 79DBEC62307D008048310513A223FD8B, A7057CF69C0427363492EAC6105AA610ED32CE5F7D6012A4EDD45B9E68D95DF9 ] C:\ProgramData\WRData\PKG\wrUrl.dll
14:03:36.0129 0x03f4 C:\ProgramData\WRData\PKG\wrUrl.dll - ok
14:03:36.0129 0x03f4 [ 6EC244F102C7F129678E5F7309D1366D, C30DA201AC623DA440B0A0716534557C578218C2A591FA8893CCCBD96B4518F9 ] C:\Windows\System32\FntCache.dll
14:03:36.0129 0x03f4 C:\Windows\System32\FntCache.dll - ok
14:03:36.0144 0x03f4 [ 139D3AB6AA920C34C50CBFFB9EB7D222, 5A5D205E16E6AFDCC965E4144FE6E104157DE7541D31727520363F2670513940 ] C:\Windows\System32\avrt.dll
14:03:36.0144 0x03f4 C:\Windows\System32\avrt.dll - ok
14:03:36.0144 0x03f4 [ 146B6F43A673379A3C670E86D89BE5EA, C4412DCF80DE6B55466F399413271364F14BC0819C224AA161EDDC31A9775440 ] C:\Windows\System32\mmcss.dll
14:03:36.0144 0x03f4 C:\Windows\System32\mmcss.dll - ok
14:03:36.0160 0x03f4 [ 500CE4E7D0F7260F2835BC84C50D213C, 86369D0F6E5433807A3BC1AC36173C0D3B954E15FBA91C6AD48367317C2C30FC ] C:\ProgramData\WRData\PKG\wrPhreshPhish.dll
14:03:36.0160 0x03f4 C:\ProgramData\WRData\PKG\wrPhreshPhish.dll - ok
14:03:36.0160 0x03f4 [ 243974EC02F7AE49E4179C54624143AB, 755FA67F7BF10E3C6336788D297FBAA70F28F630852A43A78D3F7D7E3A7ECED0 ] C:\Windows\System32\MMDevAPI.dll
14:03:36.0176 0x03f4 C:\Windows\System32\MMDevAPI.dll - ok
14:03:36.0176 0x03f4 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\System32\propsys.dll
14:03:36.0176 0x03f4 C:\Windows\System32\propsys.dll - ok
14:03:36.0191 0x03f4 [ BA22D9E89EE5E65427F7F5357696707A, 2EEB98645F722114DA4CC008FF2CC254C2CE6FB1281F4767DF6B2BB3A1C3959E ] C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll
14:03:36.0191 0x03f4 C:\Program Files\Webroot\WRData\PKG\Vistax86\wrflt.dll - ok
14:03:36.0191 0x03f4 [ BA22D9E89EE5E65427F7F5357696707A, 2EEB98645F722114DA4CC008FF2CC254C2CE6FB1281F4767DF6B2BB3A1C3959E ] C:\ProgramData\WRData\PKG\Vistax86\wrflt.dll
14:03:36.0191 0x03f4 C:\ProgramData\WRData\PKG\Vistax86\wrflt.dll - ok
14:03:36.0207 0x03f4 [ CC3C2E76C59C8FB10504D726183FB9FF, 051BD909BD289CFE9C5210F86509987D471017937391ABCE8F1B20AC25F8E3EE ] C:\ProgramData\WRData\PKG\Vistax86\wrUrlFlt.sys
14:03:36.0207 0x03f4 C:\ProgramData\WRData\PKG\Vistax86\wrUrlFlt.sys - ok
14:03:36.0207 0x03f4 [ CC3C2E76C59C8FB10504D726183FB9FF, 051BD909BD289CFE9C5210F86509987D471017937391ABCE8F1B20AC25F8E3EE ] C:\Windows\System32\drivers\wrUrlFlt.sys
14:03:36.0207 0x03f4 C:\Windows\System32\drivers\wrUrlFlt.sys - ok
14:03:36.0222 0x03f4 [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\System32\wbemcomn.dll
14:03:36.0222 0x03f4 C:\Windows\System32\wbemcomn.dll - ok
14:03:36.0222 0x03f4 [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\System32\wbem\wbemprox.dll
14:03:36.0222 0x03f4 C:\Windows\System32\wbem\wbemprox.dll - ok
14:03:36.0238 0x03f4 [ CFE8B425822E478B530A590896ECF091, 06FA18781C74EE675873E206CFC723CFFE5B499009C46928F9954A1D2638BD66 ] C:\Windows\System32\audiodg.exe
14:03:36.0238 0x03f4 C:\Windows\System32\audiodg.exe - ok
14:03:36.0238 0x03f4 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\System32\ntmarta.dll
14:03:36.0238 0x03f4 C:\Windows\System32\ntmarta.dll - ok
14:03:36.0254 0x03f4 [ 346DAA8204508A44B7211CC28B830CC5, 5BD1A61AAA873331545D950CD1D5718E1F86A0C940C73033D6E93281CB2125D1 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458\comctl32.dll
14:03:36.0254 0x03f4 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.18807_none_41e554362bd82458\comctl32.dll - ok
14:03:36.0254 0x03f4 [ 5987EA8A82C53359BCD2C29D6588583E, 59E2DF91F8DA9E33DE65FA67A6A49A7C3F524618A87EAEFC8A28C5304E7FAB85 ] C:\Windows\System32\linkinfo.dll
14:03:36.0254 0x03f4 C:\Windows\System32\linkinfo.dll - ok
14:03:36.0269 0x03f4 [ 03F3B770DFBED6131653CEDA8CA780F0, 77373919DCA647F09851E7E460AE78FBD89F21516B961F84AC4446304E51E09C ] C:\Windows\System32\ntshrui.dll
14:03:36.0269 0x03f4 C:\Windows\System32\ntshrui.dll - ok
14:03:36.0269 0x03f4 [ 8B74CEC6980D4816B0037AE9A27E538F, 8721EDB4C51BF6020002FA5DDB1987C68590F9F433A2F18D9756B2DAC7542CB6 ] C:\Windows\System32\slc.dll
14:03:36.0269 0x03f4 C:\Windows\System32\slc.dll - ok
14:03:36.0285 0x03f4 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\System32\fltLib.dll
14:03:36.0285 0x03f4 C:\Windows\System32\fltLib.dll - ok
14:03:36.0285 0x03f4 [ B7D2BB84C590F0AE9DA51DBB065A780E, 02C10FC003D824878F41EC9223C215BC69B65CF6D2BFE16343942CABFA26F128 ] C:\Windows\System32\cryptui.dll
14:03:36.0285 0x03f4 C:\Windows\System32\cryptui.dll - ok
14:03:36.0300 0x03f4 [ F14A9B1778376D0B1788E402AC1F831A, 6110F29669E03F8163B5CD7124BE0FF329F36C18529FA3B8FF70FC00B2D8AA02 ] C:\Windows\System32\shacct.dll
14:03:36.0300 0x03f4 C:\Windows\System32\shacct.dll - ok
14:03:36.0300 0x03f4 [ C30A3E5DEEEBA22E782AC54C5AF5F352, 80939A7B5354032256706C6CA0C3CCC7E67CD1C1C81EAEA2CBC74997C0863662 ] C:\Windows\System32\samlib.dll
14:03:36.0300 0x03f4 C:\Windows\System32\samlib.dll - ok
14:03:36.0316 0x03f4 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\System32\dui70.dll
14:03:36.0316 0x03f4 C:\Windows\System32\dui70.dll - ok
14:03:36.0316 0x03f4 [ 63BFDF555DA2075A77D677829C3CCCD0, 13B0C0576A0158FBEE6C216136F8C66373C8E6592895D3D824EC67147B9190E9 ] C:\Windows\System32\uxtheme.dll
14:03:36.0316 0x03f4 C:\Windows\System32\uxtheme.dll - ok
14:03:36.0332 0x03f4 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\System32\duser.dll
14:03:36.0332 0x03f4 C:\Windows\System32\duser.dll - ok
14:03:36.0332 0x03f4 [ 2CFA4569350B7F84F815E9EC34E85766, 8DE5F880F23435256E697C24BDDFA9B8994ACC3FAA063AF274BEC918FE012788 ] C:\Windows\System32\SndVolSSO.dll
14:03:36.0332 0x03f4 C:\Windows\System32\SndVolSSO.dll - ok
14:03:36.0347 0x03f4 [ 63DF770DF74ACB370EF5A16727069AAF, B8F96336BF87F1153C245D19606CBD10FBE7CF2795BCC762F2A1B57CB7C39116 ] C:\Windows\System32\hid.dll
14:03:36.0347 0x03f4 C:\Windows\System32\hid.dll - ok
14:03:36.0347 0x03f4 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\System32\dwmapi.dll
14:03:36.0347 0x03f4 C:\Windows\System32\dwmapi.dll - ok
14:03:36.0363 0x03f4 [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\System32\xmllite.dll
14:03:36.0363 0x03f4 C:\Windows\System32\xmllite.dll - ok
14:03:36.0363 0x03f4 [ A41BF25E4F145E1BC00445B6421B9E11, F6E087AB1E4A14FAA20B45328FD793D062AE5A8351FA127EFD3ACB7A691962A4 ] C:\Windows\System32\adtschema.dll
14:03:36.0363 0x03f4 C:\Windows\System32\adtschema.dll - ok
14:03:36.0378 0x03f4 [ 5F3628DCF926C4499BE1DC74431DFBC8, 66AC303AA71A703B844055CFAE66EB06A8E2BED7A1388C95C7A8263D23EAE25C ] C:\Windows\System32\WindowsCodecs.dll
14:03:36.0378 0x03f4 C:\Windows\System32\WindowsCodecs.dll - ok
14:03:36.0378 0x03f4 [ E897EAF5ED6BA41E081060C9B447A673, A428DC68516F19C6C53A8B62E4BDB2587E70FB751B9D77700B6B147D347DA157 ] C:\Windows\System32\gpsvc.dll
14:03:36.0378 0x03f4 C:\Windows\System32\gpsvc.dll - ok
14:03:36.0394 0x03f4 [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\System32\atl.dll
14:03:36.0394 0x03f4 C:\Windows\System32\atl.dll - ok
14:03:36.0394 0x03f4 [ 42FB6AFD6B79D9FE07381609172E7CA4, B57C85091209A2FAD19ED490B8FA7FC98F12911F9C9CACE9AF1E540780CE6700 ] C:\Windows\System32\themeservice.dll
14:03:36.0394 0x03f4 C:\Windows\System32\themeservice.dll - ok
14:03:36.0410 0x03f4 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\System32\winbrand.dll
14:03:36.0410 0x03f4 C:\Windows\System32\winbrand.dll - ok
14:03:36.0425 0x03f4 [ 2F040CF0613A6D64DCBBA9EE81F5A5AE, DA16117429AF47230CD7C136407C81951B8D2E45A8B7A9DC6948407AA2EC4ADD ] C:\Windows\System32\dsrole.dll
14:03:36.0425 0x03f4 C:\Windows\System32\dsrole.dll - ok
14:03:36.0425 0x03f4 [ F6916EFC29D9953D5D0DF06882AE8E16, ED41893960018D5EC2F7829B1DE4B6967D9FD074D60B11B9EB854E3E0948EC24 ] C:\Windows\System32\es.dll
14:03:36.0425 0x03f4 C:\Windows\System32\es.dll - ok
14:03:36.0441 0x03f4 [ 65BF13016A3C22775F3E17591AE5268A, 7DFE2F99D33D47E4A55ACBE83FE5B536A2983742522629414D5F941043C591D3 ] C:\Windows\System32\VaultCredProvider.dll
14:03:36.0441 0x03f4 C:\Windows\System32\VaultCredProvider.dll - ok
14:03:36.0441 0x03f4 [ DCB7FCDCC97F87360F75D77425B81737, F8289AF2C458C167038EEFE613EE5E3D6D5B3308B8784168374BC81C47891CE5 ] C:\Windows\System32\Sens.dll
14:03:36.0441 0x03f4 C:\Windows\System32\Sens.dll - ok
14:03:36.0441 0x03f4 [ 081E6E1C91AEC36758902A9F727CD23C, 9FDAA17A3B99067E035E5D76305427F15FFDBC5D304B2BB78AFC6463EDDE1A75 ] C:\Windows\System32\uxsms.dll
14:03:36.0441 0x03f4 C:\Windows\System32\uxsms.dll - ok
14:03:36.0456 0x03f4 [ 4BCC63ED1C3D15B2635A8AE2B854B3EB, 4CF29B4E896996145D54263FD06358E16C3FE2CD39C3AF6BCCE607590C637555 ] C:\Windows\System32\SmartcardCredentialProvider.dll
14:03:36.0456 0x03f4 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
14:03:36.0472 0x03f4 [ E59F08ED9D2A128CE436BBFC232247F6, 9CD690C1B7CB6CA59F6AB2752A5AF2FC5A057CCBDA4166900F0AC68296972060 ] C:\Windows\System32\BioCredProv.dll
14:03:36.0472 0x03f4 C:\Windows\System32\BioCredProv.dll - ok
14:03:36.0472 0x03f4 [ 3FAD263CE1E2A6FFF40D00043B2275E3, 0063D7DAD57CA78C3DCE6A2E7D4FF7A47DBBBBAA33F92AEF747D8102E055D1AA ] C:\Windows\System32\winbio.dll
14:03:36.0472 0x03f4 C:\Windows\System32\winbio.dll - ok
14:03:36.0488 0x03f4 [ F7611EC07349979DA9B0AE1F18CCC7A6, 879AA7A391966F00761CA039C25EBC62F6712DD5461694911EEC673E12DE103E ] C:\Windows\System32\drivers\lltdio.sys
14:03:36.0488 0x03f4 C:\Windows\System32\drivers\lltdio.sys - ok
14:03:36.0488 0x03f4 [ E9BB0CD09DA17C71FD1B9954D75AEEF7, FF5E2F04F1FD56FDD19368150B5750275F0A44E9EA9820C8087E84ECBBF45286 ] C:\Windows\System32\credui.dll
14:03:36.0488 0x03f4 C:\Windows\System32\credui.dll - ok
14:03:36.0503 0x03f4 [ 36B8D5903CEEF0AA42A1EE002BD27FF1, CBD5C4D0E05B9A2657D816B655FFFC386807061594DEAABA754658D3152F7403 ] C:\Windows\System32\vaultcli.dll
14:03:36.0503 0x03f4 C:\Windows\System32\vaultcli.dll - ok
14:03:36.0503 0x03f4 [ 6D8CACF3B1B54943EFCF420C2D667B37, 64EB621EC68077761A0662BE78D2D17ADA982FCFE4D3BBD3A96D0D990BD8541A ] C:\Windows\System32\certCredProvider.dll
14:03:36.0503 0x03f4 C:\Windows\System32\certCredProvider.dll - ok
14:03:36.0519 0x03f4 [ 26384429FCD85D83746F63E798AB1480, 957C115C263A4B4DC854558B43ECE632D8E2BCCB744E23A01EBA7476BA2E7FFB ] C:\Windows\System32\drivers\nwifi.sys
14:03:36.0519 0x03f4 C:\Windows\System32\drivers\nwifi.sys - ok
14:03:36.0519 0x03f4 [ D8A65DAFB3EB41CBB622745676FCD072, 874D3C3D247C4A309DA813DB1D2EDB0037D3C489824BD5FE95B0C20699764EF7 ] C:\Windows\System32\drivers\ndisuio.sys
14:03:36.0519 0x03f4 C:\Windows\System32\drivers\ndisuio.sys - ok
14:03:36.0534 0x03f4 [ 032B0D36AD92B582D869879F5AF5B928, 0F8F18A6A0A689957B886D9368015889091094EDA18BE532093F06A70A7CE184 ] C:\Windows\System32\drivers\rspndr.sys
14:03:36.0534 0x03f4 C:\Windows\System32\drivers\rspndr.sys - ok
14:03:36.0534 0x03f4 [ F598DCBF5B7171362A2418E27D73276B, 6C319BCC67A57229FC5669135857C189B417B2B725571FA251FC017DB147E1B6 ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL
14:03:36.0534 0x03f4 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDCREDPROV.DLL - ok
14:03:36.0550 0x03f4 [ FFE4BEC5C187C426A17AE76A773063A6, 0003F7DBCE52F3E7B467FBB6522623E7318E22BC2E1BB5890AFAE29682543F99 ] C:\Windows\System32\rasplap.dll
14:03:36.0550 0x03f4 C:\Windows\System32\rasplap.dll - ok
14:03:36.0550 0x03f4 [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\System32\rasapi32.dll
14:03:36.0550 0x03f4 C:\Windows\System32\rasapi32.dll - ok
14:03:36.0566 0x03f4 [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\System32\rasman.dll
14:03:36.0566 0x03f4 C:\Windows\System32\rasman.dll - ok
14:03:36.0566 0x03f4 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\System32\rtutils.dll
14:03:36.0566 0x03f4 C:\Windows\System32\rtutils.dll - ok
14:03:36.0581 0x03f4 [ A12829E9974F57E9B5DBFEA7C93190F6, 1EC2A36CAF30A706B6082C5CA79B6A33FA99342E144508DB1415D1611E631EBC ] C:\Windows\System32\UXInit.dll
14:03:36.0581 0x03f4 C:\Windows\System32\UXInit.dll - ok
14:03:36.0581 0x03f4 [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\System32\oleacc.dll
14:03:36.0581 0x03f4 C:\Windows\System32\oleacc.dll - ok
14:03:36.0597 0x03f4 [ FD049C25A168D3DE310D9207B7B6367B, 48966605E7CF87996068AC1A2E563F90F6F152E710323792C633E10BCBA480E4 ] C:\Windows\System32\UIAutomationCore.dll
14:03:36.0597 0x03f4 C:\Windows\System32\UIAutomationCore.dll - ok
14:03:36.0597 0x03f4 [ 808D8A8B2A3074002852BC856D419576, 1AFDEAAD071D398F4663E82D58510ABC0A30048018866C59AB53D3ECB6E6D349 ] C:\Windows\System32\comres.dll
14:03:36.0597 0x03f4 C:\Windows\System32\comres.dll - ok
14:03:36.0612 0x03f4 [ BA387E955E890C8A88306D9B8D06BF17, 3477BD9686C5777A93251C154512671AAA7533B18C536DF51F7B1D6D28E7F8A5 ] C:\Windows\System32\nsisvc.dll
14:03:36.0612 0x03f4 C:\Windows\System32\nsisvc.dll - ok
14:03:36.0612 0x03f4 [ 827CB0D6C3F8057EA037FF271F8E9795, 82760DBDDD38D2A31CAAF51D065DF4E7E1D0F0C22733A0AF653776EBF7B79470 ] C:\Windows\System32\imageres.dll
14:03:36.0612 0x03f4 C:\Windows\System32\imageres.dll - ok
14:03:36.0628 0x03f4 [ 55CA01BA19D0006C8F2639B6C045E08B, 4DBBDC820C514DB18CC13F8EE178F8C4E39C295C6E3C255416C235553CE7BDC1 ] C:\Windows\System32\lmhsvc.dll
14:03:36.0628 0x03f4 C:\Windows\System32\lmhsvc.dll - ok
14:03:36.0628 0x03f4 [ D2A937964199F647B1C3BC435712E5D9, 03029296547750229C0C484CD09D67286096B92661C41DF67C60019DEF75A2F7 ] C:\Windows\System32\nrpsrv.dll
14:03:36.0628 0x03f4 C:\Windows\System32\nrpsrv.dll - ok
14:03:36.0644 0x03f4 [ 5826854E4E420E29F59C2865F0FA562F, F62B0AD7C2C0390A715B018180C2C9E6349FEFF605B9C02426099EE632A65D97 ] C:\Program Files\Windows Defender\MpEvMsg.dll
14:03:36.0644 0x03f4 C:\Program Files\Windows Defender\MpEvMsg.dll - ok
14:03:36.0659 0x03f4 [ E9E01EB683C132F7FA27CD607B8A2B63, 4D9037B458C522874619143A4176BCED42472C68933E6E83D37B67242706F3C4 ] C:\Windows\System32\dhcpcore.dll
14:03:36.0659 0x03f4 C:\Windows\System32\dhcpcore.dll - ok
14:03:36.0659 0x03f4 [ 33EF4861F19A0736B11314AAD9AE28D0, 4C4B84365D85758E3263B88F157D8B086B392C6F1EA5F0F3DB6BF87EF90248EC ] C:\Windows\System32\dnsrslvr.dll
14:03:36.0659 0x03f4 C:\Windows\System32\dnsrslvr.dll - ok
14:03:36.0675 0x03f4 [ AF75DBA674E55221B7A055B0A4345F16, 50F1B550F4EBFA946564EB66BBD17C308DCB08055017E010095A94C2EBCE208D ] C:\Windows\System32\keyiso.dll
14:03:36.0675 0x03f4 C:\Windows\System32\keyiso.dll - ok
14:03:36.0675 0x03f4 [ 9A892B3439884C62B04718F0303A49E9, E3A772832BE440B074628FCAE06FACA451E2329BAEDD62CAB54310B44AF6BA4A ] C:\Windows\System32\eapphost.dll
14:03:36.0675 0x03f4 C:\Windows\System32\eapphost.dll - ok
14:03:36.0690 0x03f4 [ 8600142FA91C1B96367D3300AD0F3F3A, 5713625E27DF11FAAFDA7AC79899A6AD813166E167088FA990EC5DE87DBE83DF ] C:\Windows\System32\eapsvc.dll
14:03:36.0690 0x03f4 C:\Windows\System32\eapsvc.dll - ok
14:03:36.0690 0x03f4 [ 100103C6535C66265267F5EEA5F5846E, DC5972BC1FCABDC51E4DF4D5124D408BB03F2EFAF25AB70C921DD7A03A12DFD4 ] C:\Windows\System32\dnsext.dll
14:03:36.0690 0x03f4 C:\Windows\System32\dnsext.dll - ok
14:03:36.0706 0x03f4 [ EF71BA5DF59034962B0C62314A71351A, BB31EDFCCFF1CE984CDE0E1D8996BF70DC28F97B6685AE54172F2F4BAFA56A0F ] C:\Windows\System32\dhcpcore6.dll
14:03:36.0706 0x03f4 C:\Windows\System32\dhcpcore6.dll - ok
14:03:36.0706 0x03f4 [ D33E95C0A2754061233B58DC41F8094C, C957FD018DCCC8EA4BFD0EBB16A8A65B5F8AD543929EE92251C8718872BBA628 ] C:\Windows\System32\umb.dll
14:03:36.0706 0x03f4 C:\Windows\System32\umb.dll - ok
14:03:36.0722 0x03f4 [ 16935C98FF639D185086A3529B1F2067, E9C6B73A572A04FCE9B1B0E6815F941B10332D9A6D55B92927C2B1275F119091 ] C:\Windows\System32\wlansvc.dll
14:03:36.0722 0x03f4 C:\Windows\System32\wlansvc.dll - ok
14:03:36.0722 0x03f4 [ 3C9035085141162416A0DD34DBF3F3C1, 31856241BBCC5AEC32C36BD073667001ECBA3A65C1D55B26A9CEE186CE1C03E6 ] C:\Windows\System32\wlanmsm.dll
14:03:36.0722 0x03f4 C:\Windows\System32\wlanmsm.dll - ok
14:03:36.0737 0x03f4 [ 20C06A50DFC097E134BC6FA8444CA9BC, 7739CF0ABCA918C9A49D655FB4E032163BBFB7064844F0C8EBDA282CB0225DFC ] C:\Windows\System32\wlansec.dll
14:03:36.0737 0x03f4 C:\Windows\System32\wlansec.dll - ok
14:03:36.0737 0x03f4 [ F748F53FE09D21D8ECBB6421E6792024, 38F737673F8B089B2540CE7015A4DF7081754F7CC83BFF85199B70555AF32ED0 ] C:\Windows\System32\onex.dll
14:03:36.0737 0x03f4 C:\Windows\System32\onex.dll - ok
14:03:36.0753 0x03f4 [ 5A5FEDDF02588B8F9FE4A95E5E7EAE97, 364A2DC446E9AB091A216D0EED559CEA334AA46EC0BC693CBD6CE1DE0F89317B ] C:\Windows\System32\eappcfg.dll
14:03:36.0753 0x03f4 C:\Windows\System32\eappcfg.dll - ok
14:03:36.0753 0x03f4 [ 666E57B6B51824D1D235F80A3DD70A13, B2ACCABDD5D8B23E502FE691C1DEE4A2C0EA20EDCDE5B4000557579D56D411EC ] C:\Windows\System32\eappprxy.dll
14:03:36.0753 0x03f4 C:\Windows\System32\eappprxy.dll - ok
14:03:36.0768 0x03f4 [ C1585EAA67C37A05BF6F93726FAFC069, 50401A628053871D5B864E2493018236A117F177AD1E466EDE6FB3CACBD6C5BD ] C:\Windows\System32\l2gpstore.dll
14:03:36.0768 0x03f4 C:\Windows\System32\l2gpstore.dll - ok
14:03:36.0768 0x03f4 [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\System32\wlanutil.dll
14:03:36.0768 0x03f4 C:\Windows\System32\wlanutil.dll - ok
14:03:36.0784 0x03f4 [ 749F9795F01C35EEBE100A87D82B9681, 03A636328D3D97AFA6B5D6B3085EA8D27C3DBCAEA5986FD74904FC754378CD64 ] C:\Windows\System32\wlgpclnt.dll
14:03:36.0784 0x03f4 C:\Windows\System32\wlgpclnt.dll - ok
14:03:36.0784 0x03f4 [ 9419ABF3163B6F0E3AD3DD2B381C879F, 75029AFDB5F8A8F74A63B6C8165E77110E2FBAEC0021A9613035BFFEC646A54E ] C:\Windows\System32\WinSCard.dll
14:03:36.0784 0x03f4 C:\Windows\System32\WinSCard.dll - ok
14:03:36.0800 0x03f4 [ E227B810296AA27E6C69307A7B6456E5, 0FBF1C90362EA0D12B4B0E18A2FB3E3AC90E116C30BE4CBE95F12EB4882FB985 ] C:\Windows\System32\msxml6.dll
14:03:36.0800 0x03f4 C:\Windows\System32\msxml6.dll - ok
14:03:36.0815 0x03f4 [ 414DA952A35BF5D50192E28263B40577, 9C9BAFB9880DA6CC728506A142BE124E186219610DCC3460657A3CA93C865DF1 ] C:\Windows\System32\shsvcs.dll
14:03:36.0815 0x03f4 C:\Windows\System32\shsvcs.dll - ok
14:03:36.0815 0x03f4 [ A04BB13F8A72F8B6E8B4071723E4E336, E63287FF71C39CBF64C3347C455324C8437F9CF398153E269543588B65389502 ] C:\Windows\System32\schedsvc.dll
14:03:36.0815 0x03f4 C:\Windows\System32\schedsvc.dll - ok
14:03:36.0831 0x03f4 [ 38B13C0DF479DBA23ECFA815159BA86E, C289C65AF3FB689AD6B770AB0E815860D9EA36FB2A8DE9F1818C63AD0FE47CBD ] C:\Windows\System32\ktmw32.dll
14:03:36.0831 0x03f4 C:\Windows\System32\ktmw32.dll - ok
14:03:36.0831 0x03f4 [ 1FF7E4F548C7C372C804938F0D5B36AE, F20409733F67853CBF51FD83E4DB73260FED7B7A4F361C6B3482D78C990E16FC ] C:\Windows\System32\netcfgx.dll
14:03:36.0831 0x03f4 C:\Windows\System32\netcfgx.dll - ok
14:03:36.0846 0x03f4 [ E6D90DC604F407B3B5E0FD285E46B2A0, 41C0E25E93E6985445410B23058B8972E7720464ABDB41D84FF10CCAC204921A ] C:\Windows\System32\fveapi.dll
14:03:36.0846 0x03f4 C:\Windows\System32\fveapi.dll - ok
14:03:36.0846 0x03f4 [ EAFC149CD3BD78C443E31BB157841197, 9045425B0C7A23D5A96D1084FB3B1DED35852B3FB1DCB942DEB4A5B906126CA4 ] C:\Windows\System32\tbs.dll
14:03:36.0846 0x03f4 C:\Windows\System32\tbs.dll - ok
14:03:36.0862 0x03f4 [ C87F28A34B3840F4B40011D170B1A159, 4FB94B9197C5FA73E1A74BA8DCD4ACE830C927FD67B117426714CCD7396E3CB9 ] C:\Windows\System32\fvecerts.dll
14:03:36.0862 0x03f4 C:\Windows\System32\fvecerts.dll - ok
14:03:36.0862 0x03f4 [ 1C3E8371377E988B683797A132EFFE1B, CC4A9B9084F163428973A04D77CADDAA838C5761BF9E55971FAD7275BB9D2194 ] C:\Windows\System32\taskcomp.dll
14:03:36.0862 0x03f4 C:\Windows\System32\taskcomp.dll - ok
14:03:36.0878 0x03f4 [ E2D56AE1D40E3725084054CD8E9CFBB1, 7548C22DE09DCCC9BA41BA1DE331CFD0B18DDA00A40E27DFB8EA551CDF7050BC ] C:\Windows\System32\wiarpc.dll
14:03:36.0878 0x03f4 C:\Windows\System32\wiarpc.dll - ok
14:03:36.0878 0x03f4 [ 487569E5DA56A5A432FF8AF6D3599CF9, 7C974D8379C60B4F69A20B01876C49181B0A63AC318C4BD0A21DABFF27A15C9D ] C:\Windows\System32\drivers\http.sys
14:03:36.0878 0x03f4 C:\Windows\System32\drivers\http.sys - ok
14:03:36.0893 0x03f4 [ 9AEA093B8F9C37CF45538382CABA2475, CC63239C412067AA72318ADB8BB80BCDF2CA60DA05D814D32753C92508BC16A8 ] C:\Windows\System32\spoolsv.exe
14:03:36.0893 0x03f4 C:\Windows\System32\spoolsv.exe - ok
14:03:36.0893 0x03f4 [ 8C338238C16777A802D6A9211EB2BA50, 0D08A47CD403EDA5E8CAD7409BBBBCDC29A9861D2DC41D42B68B22B1AA1EBDD6 ] C:\Windows\System32\netprofm.dll
14:03:36.0893 0x03f4 C:\Windows\System32\netprofm.dll - ok
14:03:36.0909 0x03f4 [ 1E2BAC209D184BB851E1A187D8A29136, 53933C938DA5126986FFF2918C1F522ABE93ABAB460AE32E4453161C2F7B68DF ] C:\Windows\System32\BFE.DLL
14:03:36.0909 0x03f4 C:\Windows\System32\BFE.DLL - ok
14:03:36.0909 0x03f4 [ 8F2DA3028D5FCBD1A060A3DE64CD6506, E234672E9CFE1A95AD2E78E306E41E010B870221E6EBBC0E2B0BE2FA5CE0CD76 ] C:\Windows\System32\drivers\bowser.sys
14:03:36.0909 0x03f4 C:\Windows\System32\drivers\bowser.sys - ok
14:03:36.0924 0x03f4 [ AD2723A7B53DD1AACAE6AD8C0BFBF4D0, 1D6DCFA0E56C3E55B6AED819176E751502F863BA0FCF4F0B3253A81D208141A2 ] C:\Windows\System32\drivers\mpsdrv.sys
14:03:36.0924 0x03f4 C:\Windows\System32\drivers\mpsdrv.sys - ok
14:03:36.0924 0x03f4 [ 9835584E999D25004E1EE8E5F3E3B881, 71798B0CBE9AE69F1F29B845319019C69EC7F415CBABB3B87DDE92C360675021 ] C:\Windows\System32\MPSSVC.dll
14:03:36.0924 0x03f4 C:\Windows\System32\MPSSVC.dll - ok
14:03:36.0940 0x03f4 [ 8B0B4C5927A333A05513791758350DC4, 52FF08569678F3DA6D52FAE200E4C8C85E986805987EF1CDC0616C29664E7D64 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
14:03:36.0940 0x03f4 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
14:03:36.0940 0x03f4 [ D5CF1536137026ACDED95BF6CBF849F6, 1F98483A28319F06716F4EC4E1F48DE3B2DC07783D6406EED9B4DBADC9C17E65 ] C:\Windows\System32\WUDFPlatform.dll
14:03:36.0940 0x03f4 C:\Windows\System32\WUDFPlatform.dll - ok
14:03:36.0956 0x03f4 [ 01C5B803F6E1FDF8F16F0763DA9B997D, 721B5C6E8E71453D6494971C14CFD93F1A180098D4EE35572EAACEF6FC6B0442 ] C:\Windows\System32\drivers\mrxsmb.sys
14:03:36.0956 0x03f4 C:\Windows\System32\drivers\mrxsmb.sys - ok
14:03:36.0956 0x03f4 [ 7520EC808E0C35E0EE6F841294316653, 6EC65511B4838A7172A8F89E35C2F9DF4F0BFCE3BE12EDA790F3EB567102FF67 ] C:\Windows\System32\drivers\fltMgr.sys
14:03:36.0956 0x03f4 C:\Windows\System32\drivers\fltMgr.sys - ok
14:03:36.0971 0x03f4 [ D93A937A2A9D2CBC06B3A615A197011F, E55028F641512EC22CEC4674F7E380FE71059A21E51ECB345DDB769A276F30D1 ] C:\Windows\System32\PSHED.DLL
14:03:36.0971 0x03f4 C:\Windows\System32\PSHED.DLL - ok
14:03:36.0971 0x03f4 [ 1F5497D7D3D79C7BF0AB0C8B4C5BFE6E, 27848861F25C00168A1A0FE0722D8E327D2251C4FB69A7968EE5722ECCD129E3 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
14:03:36.0971 0x03f4 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
14:03:36.0987 0x03f4 [ C48A8284F018BEAAFC7A027A570D9C84, DD29ACC08E9F57ED426D11F8A3E2F0EA53F373200D249225627124F65D1EC1BD ] C:\Windows\System32\drivers\mrxsmb10.sys
14:03:36.0987 0x03f4 C:\Windows\System32\drivers\mrxsmb10.sys - ok
14:03:36.0987 0x03f4 [ C1CC047CE391BB88350379153BC1C8FA, 2DC83A61F871A87CFC6E56BF5F164271E7E72694B33E58D842F5759A3DE8F4C7 ] C:\Windows\System32\drivers\mrxsmb20.sys
14:03:36.0987 0x03f4 C:\Windows\System32\drivers\mrxsmb20.sys - ok
14:03:37.0002 0x03f4 [ 58405E4F68BA8E4057C6E914F326ABA2, C3E6519A1A38F1B3597D4391E42ABFE8F1F5E86256C4B3BD876CDAD9BB68B0A6 ] C:\Windows\System32\wkssvc.dll
14:03:37.0002 0x03f4 C:\Windows\System32\wkssvc.dll - ok
14:03:37.0002 0x03f4 [ 2EA877ED5DD9713C5AC74E8EA7348D14, 14BA3722CE5F8FF07F2D97DCDD6558EB49C9B02E5E6FAD6D9F18D354733EFECE ] C:\Windows\System32\drivers\parport.sys
14:03:37.0002 0x03f4 C:\Windows\System32\drivers\parport.sys - ok
14:03:37.0018 0x03f4 [ 019C372B1A9DA73A22D0D35A4D40F5C9, 6DDAF455D528FDC2F8271E5909289E76E54D81AC5563433653FC7E0C6EA5BB70 ] C:\Windows\System32\wfapigp.dll
14:03:37.0018 0x03f4 C:\Windows\System32\wfapigp.dll - ok
14:03:37.0018 0x03f4 [ C82162949BBA6CC5D006C7BD008F3CF1, 635E5B5C5AF3ACECA6115DAC8E576390B258C6590EE9727DB6FA68B13FD85297 ] C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe
14:03:37.0018 0x03f4 C:\Program Files\Toshiba\ConfigFree\CFSvcs.exe - ok
14:03:37.0034 0x03f4 [ 2B30E34B957EC1B1C38F30AB87BF790E, 6EA7AFCEB64AFC94B5E44410015574D16FBE5609C393F1D809F19434370F2762 ] C:\Program Files\Toshiba\ConfigFree\NDSAPI.dll
14:03:37.0034 0x03f4 C:\Program Files\Toshiba\ConfigFree\NDSAPI.dll - ok
14:03:37.0049 0x03f4 [ 9B1A6646F87ACABD82039A38C18E6B19, ECCC360606D9FB4202E2396AF818CAD5800E4575B0F9F7C92EBE48C13444CB29 ] C:\Program Files\Toshiba\ConfigFree\CFWlApi.dll
14:03:37.0049 0x03f4 C:\Program Files\Toshiba\ConfigFree\CFWlApi.dll - ok
14:03:37.0049 0x03f4 [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\System32\wlanapi.dll
14:03:37.0049 0x03f4 C:\Windows\System32\wlanapi.dll - ok
14:03:37.0065 0x03f4 [ 1F5AFD468EB5E09E9ED75A087529EAB5, 8204DBCC054C1E54B6065BACB78C55716681AD91759E25111B4E4797E51D0AA3 ] C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll
14:03:37.0065 0x03f4 C:\Windows\winsxs\x86_microsoft.vc80.mfc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_cbf5e994470a1a8f\mfc80.dll - ok
14:03:37.0065 0x03f4 [ 7F8678C59F188528D60104E697C2361E, 9B4D262B10CB09543ACA9A78482F4EDD905791D2C8C518B574EBA440A71A85B7 ] C:\Windows\System32\mscms.dll
14:03:37.0065 0x03f4 C:\Windows\System32\mscms.dll - ok
14:03:37.0080 0x03f4 [ 52954BE460EC6C54C0ACB2B3B126FFC6, 9F9878EC5ABC74C5A8EE8E1D940F0934F081895B07D844F42F80A638FE713F7B ] C:\Windows\System32\pcasvc.dll
14:03:37.0080 0x03f4 C:\Windows\System32\pcasvc.dll - ok
14:03:37.0080 0x03f4 [ 6A984831644ECA1A33FFEAE4126F4F37, 753E23D2B33D47C52C05D892B052CFD96D93B97FB6E9FCB58EF1E4C4A125BF78 ] C:\Windows\System32\snmptrap.exe
14:03:37.0080 0x03f4 C:\Windows\System32\snmptrap.exe - ok
14:03:37.0096 0x03f4 [ DBC02D918FFF1CAD628ACBE0C0EAA8E8, 02121800D9062692C102475876AE8143EBE46D855E8328B8CDCFE6A2F0D19696 ] C:\Windows\System32\provsvc.dll
14:03:37.0096 0x03f4 C:\Windows\System32\provsvc.dll - ok
14:03:37.0096 0x03f4 [ D318F23BE45D5E3A107469EB64815B50, D74355E6FF215AA8CE53BC9DF16AF2740F2FC2FD754939478A3608BDA8C6DDA0 ] C:\Windows\System32\sstpsvc.dll
14:03:37.0096 0x03f4 C:\Windows\System32\sstpsvc.dll - ok
14:03:37.0112 0x03f4 [ DC0C05C154040D8529E560832C6B3ED4, 00D198D73D487A992E8FB30E3C663FC1880A1BE28676DA72C099C2C814262C35 ] C:\Windows\System32\RdpGroupPolicyExtension.dll
14:03:37.0112 0x03f4 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok
14:03:37.0112 0x03f4 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
14:03:37.0112 0x03f4 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
14:03:37.0127 0x03f4 [ 455727C2E04F1E967AD2DC0FEA9DB830, 8D7CE72CB34C64ED45FC0478B79DEAC5BFB9B10BC5C8C05397A40B84CFE99DEC ] C:\Program Files\Toshiba\ConfigFree\IpAdrSet.dll
14:03:37.0127 0x03f4 C:\Program Files\Toshiba\ConfigFree\IpAdrSet.dll - ok
14:03:37.0127 0x03f4 [ D39DA70FEA6BD713682F70635587DA9E, FF18C97642F48C711D75F32115B1260FE0BDF6072403E5A9226E9BE780AF1969 ] C:\Windows\System32\rasdlg.dll
14:03:37.0127 0x03f4 C:\Windows\System32\rasdlg.dll - ok
14:03:37.0143 0x03f4 [ D4191EFAB91E00FC09257AA5EBAF503B, 161B572CF4C65984EAFDBA95357373BC712AA414B52DDA23523F84151240E337 ] C:\Windows\System32\mprapi.dll
14:03:37.0143 0x03f4 C:\Windows\System32\mprapi.dll - ok
14:03:37.0143 0x03f4 [ 28A09777D2D952122567A8A82F1A2C7B, 772260DF36AE85A0619C51402DE416E0C329976B724C8E9C4F8C013CBB7C7289 ] C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll
14:03:37.0143 0x03f4 C:\Windows\winsxs\x86_microsoft.vc80.mfcloc_1fc8b3b9a1e18e3b_8.0.50727.6195_none_03ce2c72205943d3\mfc80ENU.dll - ok
14:03:37.0158 0x03f4 [ 49474B3E37969AF4B5C076F42B623AFF, BDA6B57E9B60EF1B67C74099263D33A367AAA035667239F76AB8B268FD3E8F23 ] C:\Windows\System32\cryptsvc.dll
14:03:37.0158 0x03f4 C:\Windows\System32\cryptsvc.dll - ok
14:03:37.0158 0x03f4 [ 3BAA4BAE71460C5CEB40D5E9339A61BC, AC4212DFDB69B9A9D7A35C94FB6681643C66BB720630F70E3B49010FC746D690 ] C:\Windows\System32\cryptnet.dll
14:03:37.0158 0x03f4 C:\Windows\System32\cryptnet.dll - ok
14:03:37.0174 0x03f4 [ 7DBE8CBFE79EFBDEB98C9FB08D3A9A5B, 0E76C29D2A974A3F2FBFCB63D066D4136B78E02F6B1F579B1865CA7A76193987 ] C:\Windows\System32\FDResPub.dll
14:03:37.0174 0x03f4 C:\Windows\System32\FDResPub.dll - ok
14:03:37.0174 0x03f4 [ 8EC04CA86F1D68DA9E11952EB85973D6, 2E3FBC2D683D1274E8BC45EEEA87D43B77EDDCAAF0D453296D9FDA6B9D717071 ] C:\Windows\System32\dps.dll
14:03:37.0190 0x03f4 C:\Windows\System32\dps.dll - ok
14:03:37.0190 0x03f4 [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08E6B253855A01CA ] C:\Windows\System32\vssapi.dll
14:03:37.0190 0x03f4 C:\Windows\System32\vssapi.dll - ok
14:03:37.0205 0x03f4 [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC079748E1D6D625F0DF ] C:\Windows\System32\vsstrace.dll
14:03:37.0205 0x03f4 C:\Windows\System32\vsstrace.dll - ok
14:03:37.0205 0x03f4 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\System32\taskschd.dll
14:03:37.0205 0x03f4 C:\Windows\System32\taskschd.dll - ok
14:03:37.0221 0x03f4 [ 62A9878914E2CE805E6B340C5E942DE3, FA867986B2D85952C04FDAA90FDDD68018A4180B33998124CDA93AD0F9EB984E ] C:\Windows\System32\WRusr.dll
14:03:37.0221 0x03f4 C:\Windows\System32\WRusr.dll - ok
14:03:37.0221 0x03f4 [ 73F6C5223F7E9B5780DD4A6C30FCF569, 121A361A572EFC6AC964300DA93BF28DC11E55DDCA29A7C6E6FD12955FBA68B8 ] C:\Windows\System32\WSDApi.dll
14:03:37.0221 0x03f4 C:\Windows\System32\WSDApi.dll - ok
14:03:37.0236 0x03f4 [ DB846EECA70EE9D2E2FF31147C57B0F4, 1086310477697F43EB156314804B7E9100E04966EF3934F9F5E37112C5129954 ] C:\Windows\System32\webservices.dll
14:03:37.0236 0x03f4 C:\Windows\System32\webservices.dll - ok
14:03:37.0236 0x03f4 [ B9C54120F46392100478F58F374E5709, A28EE8B0988F580D5984E815FC78DF41B169260814234AA0E453375542D0957B ] C:\Windows\System32\IKEEXT.DLL
14:03:37.0236 0x03f4 C:\Windows\System32\IKEEXT.DLL - ok
14:03:37.0252 0x03f4 [ 99E8EEF42FE2F4AF29B08C3355DD7685, D57BC2148653DA5596FB49F1086D165B11C9F6C644608202C08305D3C8499CFE ] C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll
14:03:37.0252 0x03f4 C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll - ok
14:03:37.0252 0x03f4 [ 5845B1C54380FB980F68024B3A8B1E66, A7215D59B5C452F1494CFEC0DFC1E4ABE2D17EA0E1D07FBA062901BC3DED21AF ] C:\Windows\System32\vpnikeapi.dll
14:03:37.0252 0x03f4 C:\Windows\System32\vpnikeapi.dll - ok
14:03:37.0268 0x03f4 [ 4909501F53DA2EB6603848944C45F524, B362D95F6F78C22D28AAC0ABAAAB6B6D4B295D130EDA231AAFD7033422564983 ] C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll
14:03:37.0268 0x03f4 C:\Program Files\HP\Digital Imaging\bin\hpqddcmn.dll - ok
14:03:37.0268 0x03f4 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1FFB32B2AF9D5D8 ] C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE
14:03:37.0268 0x03f4 C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MDM.EXE - ok
14:03:37.0283 0x03f4 [ A081CB6FB9A12668F233EB5414BE3A0E, EE2A1311B51D1FEBAF79F45E568A927D8EA7704AFC8495AED2D26927566F61E3 ] C:\Windows\System32\HPZinw12.dll
14:03:37.0283 0x03f4 C:\Windows\System32\HPZinw12.dll - ok
14:03:37.0283 0x03f4 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\System32\wsock32.dll
14:03:37.0283 0x03f4 C:\Windows\System32\wsock32.dll - ok
14:03:37.0299 0x03f4 [ 89D90579E5FB1469CB0464F6512E42B7, 0E85C6935FEAA219C923FF63D17F7C3AF72FF5028E0FF95B66092C6DF64C665C ] C:\Windows\System32\fundisc.dll
14:03:37.0299 0x03f4 C:\Windows\System32\fundisc.dll - ok
14:03:37.0299 0x03f4 [ A63DC5C2EA944E6657203E0C8EDEAF61, F7AD4B09AFB301CE46DF695B22114331A57D52E6D4163FF74787BF68CCF44C78 ] C:\Windows\System32\dllhost.exe
14:03:37.0299 0x03f4 C:\Windows\System32\dllhost.exe - ok
14:03:37.0314 0x03f4 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
14:03:37.0314 0x03f4 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
14:03:37.0330 0x03f4 [ FD62F37F88B15421187928C9200D1523, DDCCB4F7412E76638AA1917B361C4E011514B497983C571FBC3D65464F979657 ] C:\Program Files\Common Files\microsoft shared\VS7DEBUG\PDM.DLL
14:03:37.0330 0x03f4 C:\Program Files\Common Files\microsoft shared\VS7DEBUG\PDM.DLL - ok
14:03:37.0330 0x03f4 [ 7CCCFCA7510684768DA22092D1FA4DB2, BB9E4F8FABBF596D888E6D303CB54A336D9DFF95B36AEA9369D2ED787DDC4B5D ] C:\Windows\System32\netman.dll
14:03:37.0330 0x03f4 C:\Windows\System32\netman.dll - ok
14:03:37.0346 0x03f4 [ EF63EDC07D444AC4B6E88CA6E2841737, F9443F25BBFEE4AB0E25E0B975BCF74AD44341DCBD73FF205A0D849A48291B7A ] C:\Windows\System32\aepic.dll
14:03:37.0346 0x03f4 C:\Windows\System32\aepic.dll - ok
14:03:37.0346 0x03f4 [ 8CD1DEE212E52B9C22E66DBA44991D32, 7FCD0E7964368616434E3B3B080E783658B86524C26F3DB57503414204713E6D ] C:\Windows\System32\httpapi.dll
14:03:37.0346 0x03f4 C:\Windows\System32\httpapi.dll - ok
14:03:37.0361 0x03f4 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\System32\sfc.dll
14:03:37.0361 0x03f4 C:\Windows\System32\sfc.dll - ok
14:03:37.0361 0x03f4 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\System32\sfc_os.dll
14:03:37.0361 0x03f4 C:\Windows\System32\sfc_os.dll - ok
14:03:37.0377 0x03f4 [ F115C5CD29E512F18BD7138A094B77E5, 90C2CE8B256EE9AABF674ADDE7F85E91DAF48EA368452D03C187A4AE027D4E39 ] C:\Windows\System32\nlasvc.dll
14:03:37.0377 0x03f4 C:\Windows\System32\nlasvc.dll - ok
14:03:37.0377 0x03f4 [ 3D811BF538D6F359735D757C94F484B6, 695A28B06EE3106A75D75619A0C72F63E1C81994CBDBEB63C02CECD360A5BE41 ] C:\Program Files\Internet Explorer\msdbg2.dll
14:03:37.0377 0x03f4 C:\Program Files\Internet Explorer\msdbg2.dll - ok
14:03:37.0392 0x03f4 [ AEBC369F7DC72AB3F5B9BDF34FA0D43F, 2A819154AC6C23E97C583D90B4D0C112188B7AE9D8D9B3F88811BFCED124E551 ] C:\Windows\System32\drivers\PEAuth.sys
14:03:37.0392 0x03f4 C:\Windows\System32\drivers\PEAuth.sys - ok
14:03:37.0392 0x03f4 [ EFEE08159B4EFC568D2A2357147A3E44, E7A400DCD2BB3B70AC25F371040AF26ACD72BFB96F3F178921AB435564C6B58B ] C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MSDBG2.DLL
14:03:37.0392 0x03f4 C:\Program Files\Common Files\microsoft shared\VS7DEBUG\MSDBG2.DLL - ok
14:03:37.0408 0x03f4 [ 6DBF2AC2BDAFF355995AB25ECCC4CFE1, F2DD39F6B1489276A913FD62D6C068D79EABADC417D404143E3D2FF8C20CDE01 ] C:\Toshiba\IVP\ISM\pinger.exe
14:03:37.0408 0x03f4 C:\Toshiba\IVP\ISM\pinger.exe - ok
14:03:37.0408 0x03f4 [ 175383778EB24D98C84E624021E3AA0B, FE831AC7C5375FE0F0D2A56F1546F968B2595503CC63FE9A8F819F7910A1604A ] C:\Windows\System32\aeevts.dll
14:03:37.0408 0x03f4 C:\Windows\System32\aeevts.dll - ok
14:03:37.0424 0x03f4 [ 140D9F911182357626165EA0BEB98C4F, 9B24047BF104895FCFDB68694934BDDD92DE98A0E6334A62E987C6DCBFFB9C5B ] C:\Windows\System32\ncsi.dll
14:03:37.0424 0x03f4 C:\Windows\System32\ncsi.dll - ok
14:03:37.0424 0x03f4 [ 28E2231BD34A39C854BDF3923AB2FF86, A95179068F7B86E04F976B724F155DA86253B7F4414F43DBD95F2058282B99E4 ] C:\Windows\System32\ssdpapi.dll
14:03:37.0424 0x03f4 C:\Windows\System32\ssdpapi.dll - ok
14:03:37.0439 0x03f4 [ 75F5E1FE8D55CF8E577E0EC5F2290D3F, F4E2C81F0834018052A481AE8D7DF4780302A6844160CCDC09F7D82D3B992BDE ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll
14:03:37.0439 0x03f4 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_ec80f00e8593ece5\comctl32.dll - ok
14:03:37.0455 0x03f4 [ 65BC271F337637731D3C71455AE1F476, DAD32B61FE0147F8D2DA4C8F016920CD6BB2098F16E3CC2768009763E71DEFBC ] C:\Windows\System32\HPZipm12.dll
14:03:37.0455 0x03f4 C:\Windows\System32\HPZipm12.dll - ok
14:03:37.0455 0x03f4 [ 0B31464B7B2D616BD5F7036673588EC1, AAC717D7FB02D5F7CC11AECC5C87FE6B7224340C569EBF7B77BD8C9F79FAA190 ] C:\Windows\System32\IDStore.dll
14:03:37.0455 0x03f4 C:\Windows\System32\IDStore.dll - ok
14:03:37.0470 0x03f4 [ 72E953215CADE1A726C04AAFDF6B463D, 473866333D2241BAD6918D21EBCBE8F8EEA9344D816788300BCA290A89FBD3DD ] C:\Windows\System32\taskhost.exe
14:03:37.0470 0x03f4 C:\Windows\System32\taskhost.exe - ok
14:03:37.0470 0x03f4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] C:\Windows\System32\drivers\secdrv.sys
14:03:37.0470 0x03f4 C:\Windows\System32\drivers\secdrv.sys - ok
14:03:37.0486 0x03f4 [ A59B3A4442C52060CC7A85293AA3546F, 1776D6DEE51991149265AAF39E17065E301C5FA1FF4068653DC0010B9B27185D ] C:\Windows\System32\seclogon.dll
14:03:37.0486 0x03f4 C:\Windows\System32\seclogon.dll - ok
14:03:37.0486 0x03f4 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
14:03:37.0486 0x03f4 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
14:03:37.0502 0x03f4 [ BE6BD660CAA6F291AE06A718A4FA8ABC, CD38939CFBA80B882D38099194FC1EBAE15A9D27A4D941DD03C55EC745E52E59 ] C:\Windows\System32\drivers\srvnet.sys
14:03:37.0502 0x03f4 C:\Windows\System32\drivers\srvnet.sys - ok
14:03:37.0502 0x03f4 [ D887C9FD02AC9FA880F6E5027A43E118, F38BAD90EC791368C37C21090302708D2DFB83ECE9096609AD9AA667B2E5592E ] C:\Windows\System32\ssdpsrv.dll
14:03:37.0502 0x03f4 C:\Windows\System32\ssdpsrv.dll - ok
14:03:37.0517 0x03f4 [ 3CA2BB895E204478C7A4C9BAF70970CE, DE3196627BC810DD22F58DEE65747BACA25485CCD0CEE2701055ECE1058F1C6A ] C:\Windows\System32\AtBroker.exe
14:03:37.0517 0x03f4 C:\Windows\System32\AtBroker.exe - ok
14:03:37.0517 0x03f4 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\System32\mpr.dll
14:03:37.0517 0x03f4 C:\Windows\System32\mpr.dll - ok
14:03:37.0533 0x03f4 [ E1FB3706030FB4578A0D72C2FC3689E4, A62EC9AA4514CAF2A10C0A3AEF7A36F593A7E7DA370A3F130C24E1B612E19427 ] C:\Windows\System32\wiaservc.dll
14:03:37.0533 0x03f4 C:\Windows\System32\wiaservc.dll - ok
14:03:37.0533 0x03f4 [ 327786C5D6BCF284FAB14C2B5751F514, BD15ED73BEED860711D414E31BE3853D580A5C10B6001F7102FD260397063D81 ] C:\Toshiba\IVP\swupdate\swupdtmr.exe
14:03:37.0533 0x03f4 C:\Toshiba\IVP\swupdate\swupdtmr.exe - ok
14:03:37.0548 0x03f4 [ 61AC3EFDFACFDD3F0F11DD4FD4044223, 538FE1012FEDC72727A8DE0C2C01944B3D35C29812ECEF88E95AAC07235E0B0B ] C:\Windows\System32\userinit.exe
14:03:37.0548 0x03f4 C:\Windows\System32\userinit.exe - ok
14:03:37.0548 0x03f4 [ F58516E2DC0D963EF70D6BFC21FD82C4, 5689BF12B43BE0D6BFBD6B9122A2FF53FCEC766A58A0F3C6B88AE504ACB10E04 ] C:\Windows\System32\PlaySndSrv.dll
14:03:37.0548 0x03f4 C:\Windows\System32\PlaySndSrv.dll - ok
14:03:37.0564 0x03f4 [ 505BF4D1CADEB8D4F8BCD08D944DE25D, 526F07768471F4457CBEAB7093AF0B0242044C89A80A347DB47F44EBADEEA68D ] C:\Windows\System32\dwm.exe
14:03:37.0564 0x03f4 C:\Windows\System32\dwm.exe - ok
14:03:37.0564 0x03f4 [ 3EEBD3BD93DA46A26E89893C7AB2FF3B, 2C7204DCD2BCBC6A250FF0F6477616F327AF41FDB7CABE69E5C357361009FB4E ] C:\Windows\System32\drivers\tcpipreg.sys
14:03:37.0564 0x03f4 C:\Windows\System32\drivers\tcpipreg.sys - ok
14:03:37.0580 0x03f4 [ 754AFC50022C95DA7C86B7020DB78136, 81C58F303DA2E0EC066261890C1D638EE02D2B579BBCB1BB398EDF6A0EBA671E ] C:\Windows\System32\dwmredir.dll
14:03:37.0580 0x03f4 C:\Windows\System32\dwmredir.dll - ok
14:03:37.0580 0x03f4 [ 36650D618CA34C9D357DFD3D89B2C56F, 7C3774E53DCF32CB3A4B3504E32D2A651E18467FA0A6AC4C7993C696741B704B ] C:\Windows\System32\sysmain.dll
14:03:37.0580 0x03f4 C:\Windows\System32\sysmain.dll - ok
14:03:37.0595 0x03f4 [ 613BF4820361543956909043A265C6AC, FCFF02E466D2501630B452627FB218C01E5245A0921EE3D2117E7FD63AC7E98E ] C:\Windows\System32\tapisrv.dll
14:03:37.0595 0x03f4 C:\Windows\System32\tapisrv.dll - ok
14:03:37.0611 0x03f4 [ B087F2B901570F6EF62F6C2E01A480F3, 9303CB715184D161F3BD8E9EE8799009375B17FA1BD5D7EF661D7CD7555AA251 ] C:\Windows\System32\wiatrace.dll
14:03:37.0611 0x03f4 C:\Windows\System32\wiatrace.dll - ok
14:03:37.0611 0x03f4 [ D540858E65BFA6FDED41AD2495ECE344, DB85A860F4C07D1370F34AA7F39FAE5DF7E47C1BE65B4D39954FC37CA703A199 ] C:\Windows\System32\TODDSrv.exe
14:03:37.0611 0x03f4 C:\Windows\System32\TODDSrv.exe - ok
14:03:37.0626 0x03f4 [ 7319102526BD11B45FD66335CF90CA12, F2C7484AE33BEDE8586FB09273665B25DA7E8FEEACF9FEF43EB0B902CE4A0BD9 ] C:\Windows\System32\HotStartUserAgent.dll
14:03:37.0626 0x03f4 C:\Windows\System32\HotStartUserAgent.dll - ok
14:03:37.0626 0x03f4 [ B43687C534A49700BF4B3C9898763752, B4C371CB2C0EAC1803E6C845F629814B2CE4C568022EB6A1C9AC1F293BF74F40 ] C:\Windows\System32\MsCtfMonitor.dll
14:03:37.0626 0x03f4 C:\Windows\System32\MsCtfMonitor.dll - ok
14:03:37.0642 0x03f4 [ 56CEED370508F69A1BA04939BD1BADDA, C84F383F2B3C9581F635E51DA39567F0B5ED2D847B18CCE51022BA4B2FA7EA8D ] C:\Windows\System32\msutb.dll
14:03:37.0642 0x03f4 C:\Windows\System32\msutb.dll - ok
14:03:37.0642 0x03f4 [ AF41337C08D1C240AF14BA4CAB02BF02, C95FB998440582A62B0DACDFEB81D85F2D9972C705CBBC53BD6C50D5D208397F ] C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
14:03:37.0642 0x03f4 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe - ok
14:03:37.0658 0x03f4 [ E3D228104D25427C172368137264F01F, 82831A571DF3A1455B9B0D625FDADBDFDC9356DC214542A0C1B96FDF7AEC024A ] C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll
14:03:37.0658 0x03f4 C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll - ok
14:03:37.0658 0x03f4 [ BE0179D7416A53A0DA29995676940F5F, 423398FFEBA7A4DC21A0F548C0A9AC667451BF3B075323F94F969547594C906A ] C:\Program Files\Toshiba\Power Saver\TPwrReg.dll
14:03:37.0658 0x03f4 C:\Program Files\Toshiba\Power Saver\TPwrReg.dll - ok
14:03:37.0673 0x03f4 [ 4792C0378DB99A9BC2AE2DE6CFFF0C3A, 532A3A812578B2DFD83001DE66FC73689D79EC729409EB572E07E6D65B281712 ] C:\Windows\System32\trkwks.dll
14:03:37.0673 0x03f4 C:\Windows\System32\trkwks.dll - ok
14:03:37.0673 0x03f4 [ 8B88EBBB05A0E56B7DCC708498C02B3E, 9E1EC8B43A88E68767FD8FED2F38E7984357B3F4186D0F907E62F8B6C9FF56AD ] C:\Windows\explorer.exe
14:03:37.0673 0x03f4 C:\Windows\explorer.exe - ok
14:03:37.0689 0x03f4 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\System32\ExplorerFrame.dll
14:03:37.0689 0x03f4 C:\Windows\System32\ExplorerFrame.dll - ok
14:03:37.0689 0x03f4 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\System32\winmm.dll
14:03:37.0689 0x03f4 C:\Windows\System32\winmm.dll - ok
14:03:37.0704 0x03f4 [ F62E510B6AD4C21EB9FE8668ED251826, FA3E5CAC3E67E49377320CFBE4646585E6B62168292768FEA81E4623F9166890 ] C:\Windows\System32\wbem\WMIsvc.dll
14:03:37.0704 0x03f4 C:\Windows\System32\wbem\WMIsvc.dll - ok
14:03:37.0704 0x03f4 [ 881D9F2D6E04E1C323050CF1574870F7, DA02C415977A2E50C3D1E96E227234E7195BD33903C446A17FBE0FA8D14A164F ] C:\Windows\System32\wbem\WinMgmtR.dll
14:03:37.0704 0x03f4 C:\Windows\System32\wbem\WinMgmtR.dll - ok
14:03:37.0720 0x03f4 [ 833FBB672460EFCE8011D262175FAD33, C0C3067A305993CBF056C229771CB0593DD60C9C7AC5130FF1CA610BCA812AB5 ] C:\Windows\System32\upnphost.dll
14:03:37.0720 0x03f4 C:\Windows\System32\upnphost.dll - ok
14:03:37.0720 0x03f4 [ 55187FD710E27D5095D10A472C8BAF1C, AE298E2D3BA366BCBDC092C717214C181E8843FA564A6DFB07FC3238A5A68DC3 ] C:\Windows\System32\w32time.dll
14:03:37.0720 0x03f4 C:\Windows\System32\w32time.dll - ok
14:03:37.0736 0x03f4 [ 497E59D9F01C6F247E72222A61835119, 4C31900BA2F911B2A5AE8F7FCE267DCE17655B20A6B71CD4E38FE1B1692142D1 ] C:\Windows\System32\dwmcore.dll
14:03:37.0736 0x03f4 C:\Windows\System32\dwmcore.dll - ok
14:03:37.0751 0x03f4 [ 701C9EB15E1E23D22F7C7184C0506673, 1CD59E8B8889C93B55F600DA1A7246810E8EAB725EFEF80327AC96344AC596A6 ] C:\Windows\System32\wbem\WmiDcPrv.dll
14:03:37.0751 0x03f4 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
14:03:37.0751 0x03f4 [ 846D0E4DB261CFAF363902E41498E961, D7E5591B7604FD583AF7FDA19E30928B24A6145318A3944E7D207F0CCEEB30D0 ] C:\Windows\System32\EhStorShell.dll
14:03:37.0751 0x03f4 C:\Windows\System32\EhStorShell.dll - ok
14:03:37.0767 0x03f4 [ 082CF481F659FAE0DE51AD060881EB47, BB67D2AF0BB9192D4CCF66C23D80CE5A1B38715556D94E2561DBF8F805FA30A5 ] C:\Program Files\Windows Defender\MpSvc.dll
14:03:37.0767 0x03f4 C:\Program Files\Windows Defender\MpSvc.dll - ok
14:03:37.0767 0x03f4 [ 523CF74A52C9A1762DA8B83AEE734498, 5A739182B916738B611E1BBA9098F8BCC8C4E2CC2CFEFD1BC5CE7941D11CEDFD ] C:\Windows\System32\IconCodecService.dll
14:03:37.0767 0x03f4 C:\Windows\System32\IconCodecService.dll - ok
14:03:37.0782 0x03f4 [ 5E7C103F8475C4289847D15E129C20F7, C6325D3557545FA1DA26B0B1EA9A1C95AED1FA84A93BE29A771DAD9ECB00768B ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE
14:03:37.0782 0x03f4 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVC.EXE - ok
14:03:37.0782 0x03f4 [ 585EB475E7AF55C9065256E8FFB751A1, 5AE557013435DF993F0E872B90A94CBB9E80FA8A080469C300EBCEE62CABA92F ] C:\Windows\System32\wbem\wbemcore.dll
14:03:37.0782 0x03f4 C:\Windows\System32\wbem\wbemcore.dll - ok
14:03:37.0798 0x03f4 [ 74AF6AA2E8B3180AADAE5FE8813CB1CD, FB1C334A76B4E51B1C91141CB7E8B435FE4A8403072112B5F1BAC917649FFC22 ] C:\Windows\System32\localspl.dll
14:03:37.0798 0x03f4 C:\Windows\System32\localspl.dll - ok
14:03:37.0798 0x03f4 [ 03CF941D031F30272D3063E5A4D686F5, 641189DA98156FC8DFABF766EB34726F64E5901AF5F74B42C392C218C892F179 ] C:\Windows\System32\PrintIsolationProxy.dll
14:03:37.0798 0x03f4 C:\Windows\System32\PrintIsolationProxy.dll - ok
14:03:37.0814 0x03f4 [ 629181C26A78EB66B0B4E774E5AC2882, DE39D01ADC4123C81EF77B24D7FC2F66C27CC2D31248EF53C52CD31AC90A95CE ] C:\Windows\System32\spoolss.dll
14:03:37.0814 0x03f4 C:\Windows\System32\spoolss.dll - ok
14:03:37.0814 0x03f4 [ 3C1936A12C62254F914A01BBC6A8DC69, 0068F7A8B0D9E9776B44EAD99007B0CE5A5600633F2B477E9EFAAC644408C70E ] C:\Windows\System32\d3d10_1.dll
14:03:37.0814 0x03f4 C:\Windows\System32\d3d10_1.dll - ok
14:03:37.0829 0x03f4 [ D4212AB475A3B25EC4DF574536C3EDC5, F8BBEECB66BA6DDE5A64ED41D8BF95A1C81470552B4BFD5B11D888156289CCDD ] C:\Windows\System32\d3d10_1core.dll
14:03:37.0829 0x03f4 C:\Windows\System32\d3d10_1core.dll - ok
14:03:37.0829 0x03f4 [ D4F264FE23F8953D840904418220C15E, 72EAF30265A0CC88DEC0FCA7869734D8C93572457C61A2BF1BDFFB20C061DBCD ] C:\Windows\System32\dxgi.dll
14:03:37.0829 0x03f4 C:\Windows\System32\dxgi.dll - ok
14:03:37.0845 0x03f4 [ 6DE66FE7C526637E74CD066461C7C871, 7E8980A3751762180D795EAC38458303BEAF8D1F85AB5F2D10D9CE7013090CBE ] C:\Windows\System32\d3d11.dll
14:03:37.0845 0x03f4 C:\Windows\System32\d3d11.dll - ok
14:03:37.0845 0x03f4 [ 322FD75A97DBA67FC8F97A9957F857F1, 52CC0FBBE9769C0C751F886E0ED58ED263FB9175F323C603E7BAB876AE60D196 ] C:\Windows\System32\mdimon.dll
14:03:37.0845 0x03f4 C:\Windows\System32\mdimon.dll - ok
14:03:37.0860 0x03f4 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\System32\wbem\fastprox.dll
14:03:37.0860 0x03f4 C:\Windows\System32\wbem\fastprox.dll - ok
14:03:37.0860 0x03f4 [ D7C4ABB0F1FFA371928EED0C7A6E24DC, D58665F04A785E5A338CB1A5B021703C820E8A3512663DB7F79CAD5DBEB7D662 ] C:\Windows\System32\msi.dll
14:03:37.0860 0x03f4 C:\Windows\System32\msi.dll - ok
14:03:37.0876 0x03f4 [ 126F8331BD023178C7F0EF2F5EDE16B3, F56DDCC9F282274F2EB073CE33B0CAB7EFC759B9C39B19909FE901E89DA0307F ] C:\Windows\System32\FXSMON.dll
14:03:37.0876 0x03f4 C:\Windows\System32\FXSMON.dll - ok
14:03:37.0876 0x03f4 [ 953D495FABF4574A97AC6644A2A427BC, 05D4E49D387A6EC65A1A4DB9AF61AF2BF4079602DDE1ABD28E1012449AAC8BB3 ] C:\Windows\System32\hpz3l4v2.dll
14:03:37.0876 0x03f4 C:\Windows\System32\hpz3l4v2.dll - ok
14:03:37.0892 0x03f4 [ 28DB6DD0816B33D8FEDCD2ACA1A2042D, 13BB49E82B8B9AAB3FEE8FB6AF7A6D0D594EB5FFAB66C0A34481087EA0019D4D ] C:\Windows\System32\hpz3lw71.dll
14:03:37.0892 0x03f4 C:\Windows\System32\hpz3lw71.dll - ok
14:03:37.0892 0x03f4 [ AF238673651EFC0226EA74239B502A6F, 6D00C9C8D10AB19C56CF44833E13DA1BAA8192F3691D380849EDC462C727D877 ] C:\Windows\System32\pdf995mon.dll
14:03:37.0892 0x03f4 C:\Windows\System32\pdf995mon.dll - ok
14:03:37.0907 0x03f4 [ B390C1D825C7687493BEDE237C6C2F25, 969C456E52695E8AECDDF80995F05D18F6F686AA1AE58A9A661C3069CDF5B1BD ] C:\Windows\System32\tcpmon.dll
14:03:37.0907 0x03f4 C:\Windows\System32\tcpmon.dll - ok
14:03:37.0907 0x03f4 [ 1220595CABA75AB91A6B3FA3B89483CC, 313DFE385336D00DAFBC8DF30F001859C77DEB214BB3F874CE42F22734FFAE4E ] C:\Windows\System32\snmpapi.dll
14:03:37.0907 0x03f4 C:\Windows\System32\snmpapi.dll - ok
14:03:37.0923 0x03f4 [ 6357E2B68753A1F5CF4A68A25C4FD14A, F56BFEEACBB9DAE084F4C275DF0086091F5B83DE7183FA33F4445CD31FBB44E3 ] C:\Windows\System32\wsnmp32.dll
14:03:37.0923 0x03f4 C:\Windows\System32\wsnmp32.dll - ok
14:03:37.0923 0x03f4 [ 923CDD30092DB73EC4A0EBCDDD16C686, 83F94BE7C324FFADCA13780C617A8CAA1C7CD80F205EACA8FBADA83865D1E0D3 ] C:\Windows\System32\usbmon.dll
14:03:37.0923 0x03f4 C:\Windows\System32\usbmon.dll - ok
14:03:37.0938 0x03f4 [ 5AE88135C6A86FCD67BA16AFBB1C8389, 0FC750B5C84F1AFBE93E8A23410360F4B068D367A9AF6FF2E3F6160DA5005DE5 ] C:\Windows\System32\wbem\esscli.dll
14:03:37.0938 0x03f4 C:\Windows\System32\wbem\esscli.dll - ok
14:03:37.0938 0x03f4 [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\System32\ntdsapi.dll
14:03:37.0938 0x03f4 C:\Windows\System32\ntdsapi.dll - ok
14:03:37.0954 0x03f4 [ A8EB761DE499242BECF153B2B34F020E, 3C6F477B5143FCE607FDB088AE471C7037E2BAC01D8CE8C57B5CF1BE57E78D46 ] C:\Windows\System32\WSDMon.dll
14:03:37.0954 0x03f4 C:\Windows\System32\WSDMon.dll - ok
14:03:37.0970 0x03f4 [ 5B8E80EC0D621CDF920AB2141CDBC733, CDF4BD7BE5B6ADEDD06448DCDCF9FCA6FA9EC57788342FF42D0EF09F651C3245 ] C:\Program Files\Windows Defender\MpClient.dll
14:03:37.0970 0x03f4 C:\Program Files\Windows Defender\MpClient.dll - ok
14:03:37.0970 0x03f4 [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\System32\wbem\wbemsvc.dll
14:03:37.0970 0x03f4 C:\Windows\System32\wbem\wbemsvc.dll - ok
14:03:37.0985 0x03f4 [ 5610B0425518D185331CB8E968D060E6, E235186C3BF266EE9EC733D2CFF35E3A65DE039C19B14260F4054F34B5E8AD41 ] C:\Windows\System32\wbem\wmiutils.dll
14:03:37.0985 0x03f4 C:\Windows\System32\wbem\wmiutils.dll - ok
14:03:37.0985 0x03f4 [ F34CFADA6C48DAA41B996D24C7D8D3CA, D294DECC607A6ED7264BEC41FDA3BF12D3F2B3FAFAF55F0C5F2235A9066C97EC ] C:\Windows\System32\fdPnp.dll
14:03:37.0985 0x03f4 C:\Windows\System32\fdPnp.dll - ok
14:03:38.0001 0x03f4 [ CD72C6406BA561BED6D42CB145E55307, F5DD79FCE5CAA5049C74462B366509356B8B5CCB68E14586ED95CDF98F307787 ] C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll
14:03:38.0001 0x03f4 C:\Windows\System32\spool\prtprocs\w32x86\winprint.dll - ok
14:03:38.0001 0x03f4 [ 1B557A1718B7AF07FC35F0D29530089C, FCB9A451990E19FC0B7267B61FDF5C87721F093FD73DA8D996241109EAED832C ] C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4v2.dll
14:03:38.0001 0x03f4 C:\Windows\System32\spool\prtprocs\w32x86\hpzpp4v2.dll - ok
14:03:38.0016 0x03f4 [ 0A404EE18BD87D39B850892A479DF55C, 27B4C3CC32E75574DBD9C1DB189AD7C829B1779605E91C8757B196CA9D1767AC ] C:\Windows\System32\spool\prtprocs\w32x86\hpzppw71.dll
14:03:38.0016 0x03f4 C:\Windows\System32\spool\prtprocs\w32x86\hpzppw71.dll - ok
14:03:38.0016 0x03f4 [ EA8647A21BCB56C5F15712D4B7407501, E6479992B84BD336E672B0A724A3C9FB90AC28CEFD186FCC628006061C9927C0 ] C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
14:03:38.0016 0x03f4 C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll - ok
14:03:38.0032 0x03f4 [ 371E3B05894549113D07CD3081ED55EF, 9973678AC0F50B1F02B379B1D4A7DDF317B724D65BE3FF635FD751EDD1D96B5A ] C:\Windows\System32\wbem\repdrvfs.dll
14:03:38.0032 0x03f4 C:\Windows\System32\wbem\repdrvfs.dll - ok
14:03:38.0032 0x03f4 [ 5C3F9DBA818CD93379D1A0F215270374, 6A4D96AC83989D47D80332E41E627F2607A3B2167E1A5D8E21361136C4424633 ] C:\Windows\System32\esent.dll
14:03:38.0032 0x03f4 C:\Windows\System32\esent.dll - ok
14:03:38.0048 0x03f4 [ FC415B303B1ECF80B5F130A1F7203D02, ACC51D8CCF02E5EFB495BF66538B5F42CFFE5A186BC5762CC286E98509FC5DC4 ] C:\Windows\System32\win32spl.dll
14:03:38.0048 0x03f4 C:\Windows\System32\win32spl.dll - ok
14:03:38.0048 0x03f4 [ D475BBD6FEF8DB2DDE0DA7CCFD2C9042, 8E9D77A216D8DD2BE2B304E60EDF85CE825309E67262FCFF1891AEDE63909599 ] C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL
14:03:38.0048 0x03f4 C:\Program Files\Common Files\microsoft shared\Windows Live\SQMAPI.DLL - ok
14:03:38.0063 0x03f4 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\System32\SensApi.dll
14:03:38.0063 0x03f4 C:\Windows\System32\SensApi.dll - ok
14:03:38.0063 0x03f4 [ 4F8CCD3E7D9F17A7C60FA0AE2466CACF, 77849DD78145EA879E63A42AE1481C0DEA3E16D89BB067229203317E9EDD340D ] C:\Windows\System32\wer.dll
14:03:38.0063 0x03f4 C:\Windows\System32\wer.dll - ok
14:03:38.0079 0x03f4 [ 03F0545BD8D4C77FA0AE1CEEDFCC71AB, 4DF31206DF8F33C2975E23C7257ED930C4EDA8BC4E246D8FDA130BB583083ED0 ] C:\Windows\System32\drivers\srv2.sys
14:03:38.0079 0x03f4 C:\Windows\System32\drivers\srv2.sys - ok
14:03:38.0079 0x03f4 [ 58F67245D041FBE7AF88F4EAF79DF0FA, 67468D6A46FF4D87AD321BFEA42F2FC843D09AA292A119C76D4D795D06028F96 ] C:\Windows\System32\iphlpsvc.dll
14:03:38.0079 0x03f4 C:\Windows\System32\iphlpsvc.dll - ok
14:03:38.0094 0x03f4 [ E4C2764065D66EA1D2D3EBC28FE99C46, 043AEF06A23069DD17675955C834690A5FD8F1948A05B3969F977E823C4E25F5 ] C:\Windows\System32\drivers\srv.sys
14:03:38.0094 0x03f4 C:\Windows\System32\drivers\srv.sys - ok
14:03:38.0094 0x03f4 [ CE292C4C10B8DB6070F262EA2733F0DC, 0A685263DA0277F2D215C4C22BF39E2F869B632B42B8C992E068129F57177BE1 ] C:\Windows\System32\sqmapi.dll
14:03:38.0094 0x03f4 C:\Windows\System32\sqmapi.dll - ok
14:03:38.0110 0x03f4 [ A399514D3B28C9A3453A486BBAAFF1C7, 487CAA68CF4EE0C9DC26975C694A2780ADEFB687D1EDF929CE6E1C7E3722FFE9 ] C:\Windows\System32\wdscore.dll
14:03:38.0110 0x03f4 C:\Windows\System32\wdscore.dll - ok
14:03:38.0110 0x03f4 [ 80572167B6C91D902C369FB752579CA5, 4C791DEBFCFA885F94D76FEFBB49422C69D2391E5A0EEAFBF2EB6964AF81055B ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
14:03:38.0110 0x03f4 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
14:03:38.0126 0x03f4 [ DA5B856A037872BE089CA6967C7050C5, 89E4B83D31B9DF83DA31749DC535BC1E24CE947FDF7571ECBD8856B981319EBC ] C:\Windows\System32\msxml3.dll
14:03:38.0126 0x03f4 C:\Windows\System32\msxml3.dll - ok
14:03:38.0126 0x03f4 [ D27DDE7E0444C7F1819F958469EB7D93, EA13616D78F17CCFD77603F7EE2DDDD159100AA3DF78C1FAAEB4695D5AC7218A ] C:\Windows\System32\inetpp.dll
14:03:38.0126 0x03f4 C:\Windows\System32\inetpp.dll - ok
14:03:38.0141 0x03f4 [ 39C3B2EEBEE102ADDA573C346FF5F3B7, F73D8780E40BF2CCE9CB6A36255BE3254237C331EC98928C4EEC05183DACDA23 ] C:\Windows\System32\igdumd32.dll
14:03:38.0141 0x03f4 C:\Windows\System32\igdumd32.dll - ok
14:03:38.0141 0x03f4 [ D64AF876D53ECA3668BB97B51B4E70AB, D5C07C019BFEAFBEDC29AB5060356A3B07449712B21B50E03378BEF04AF180F9 ] C:\Windows\System32\srvsvc.dll
14:03:38.0141 0x03f4 C:\Windows\System32\srvsvc.dll - ok
14:03:38.0157 0x03f4 [ 3DAA727B5B0A45039B0E1C9A211B8400, 903B51E75F0C503A0E255120F53BF51B047B219FEC1E15F2F1D02DDD562FC73B ] C:\Windows\System32\browser.dll
14:03:38.0157 0x03f4 C:\Windows\System32\browser.dll - ok
14:03:38.0157 0x03f4 [ 6383C60EC0133B14F5705F96369421B2, EAB3FA2344B853148F199F744E716FBB8E9331B9DB588F784274599B6BCE2335 ] C:\Windows\System32\hnetcfg.dll
14:03:38.0157 0x03f4 C:\Windows\System32\hnetcfg.dll - ok
14:03:38.0172 0x03f4 [ E4B72E71EC37A59FE574A998A0C0EB9B, C17B06C936FC47B6AA5221ABF1DDE283F59E5751BEE9CDBCCBAF25CD4E7232AD ] C:\Windows\System32\netmsg.dll
14:03:38.0172 0x03f4 C:\Windows\System32\netmsg.dll - ok
14:03:38.0172 0x03f4 [ AE9898D5600A232CD8AE3298692162E5, 8B94BA9C404B8A21CE023335960E77C73245FB30015161EEFF48573DDB7E6922 ] C:\Windows\System32\clusapi.dll
14:03:38.0172 0x03f4 C:\Windows\System32\clusapi.dll - ok
14:03:38.0188 0x03f4 [ 89E783711AF91AF09E1EF30EF3107446, CA91DABED7508A86A4AFA5F99A4A78D0BA3577168B04C8E3462FC4D55FA33FFD ] C:\Windows\System32\sscore.dll
14:03:38.0188 0x03f4 C:\Windows\System32\sscore.dll - ok
14:03:38.0188 0x03f4 [ 2AF094C822BD6094F14A8E85FB51D52A, F70A4FEC66E64245237D9D1A4C2C87168A26F224FCE648A3D7065E95259887D2 ] C:\Windows\System32\resutils.dll
14:03:38.0188 0x03f4 C:\Windows\System32\resutils.dll - ok
14:03:38.0204 0x03f4 [ 15E298B5EC5B89C5994A59863969D9FF, 8D38B2E023462D0804F72E907D11FF72CE84540EA3B8D83F411C602C3F6A1177 ] C:\Windows\System32\npmproxy.dll
14:03:38.0204 0x03f4 C:\Windows\System32\npmproxy.dll - ok
14:03:38.0204 0x03f4 [ AA53356D60AF47EACC85BC617A4F3F66, 155CB8112AA382D841C1891750FF29EF4F1BF716CD9CDF0F2243209E2CCCAC98 ] C:\Windows\System32\wpdbusenum.dll
14:03:38.0204 0x03f4 C:\Windows\System32\wpdbusenum.dll - ok
14:03:38.0219 0x03f4 [ 46EF9DC96265FD0B423DB72E7C38C2A5, 43801A51FB0E45CFFC73DF6441B54A75FC2FEAF5E0424DFE7AB04FC26CF6CD16 ] C:\Windows\System32\wdi.dll
14:03:38.0219 0x03f4 C:\Windows\System32\wdi.dll - ok
14:03:38.0235 0x03f4 [ D99621C0735B21DCC8BC4FEF02F379EF, C9FAD74DD80B6CCA95B83B767BB55644E775E8DC3FFC05CD89AEF16686F902FD ] C:\Windows\System32\Apphlpdm.dll
14:03:38.0235 0x03f4 C:\Windows\System32\Apphlpdm.dll - ok
14:03:38.0235 0x03f4 [ 530195DA0D84D9855020F2B80D6B267F, AB36F05991530437C7B3F25441B13BC085000F07579964A4CCA0BF029DD6DE7E ] C:\Windows\System32\appinfo.dll
14:03:38.0235 0x03f4 C:\Windows\System32\appinfo.dll - ok
14:03:38.0250 0x03f4 [ C5C867CD7EFAC60D5021223E374DEEC5, 197FEE8F02DE348E75771AC9AD748EFB29939F1AAF02DA6555181EEF787FD099 ] C:\Windows\System32\dimsjob.dll
14:03:38.0250 0x03f4 C:\Windows\System32\dimsjob.dll - ok
14:03:38.0250 0x03f4 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\System32\runonce.exe
14:03:38.0250 0x03f4 C:\Windows\System32\runonce.exe - ok
14:03:38.0266 0x03f4 [ 4FF3EC04CD47DD62181894B71B004E40, 5C45E7E97AAA4E5642C1CD95A44C02D3EE76448534FA6428819AA44BAFECD5A0 ] C:\Windows\System32\d3d10level9.dll
14:03:38.0266 0x03f4 C:\Windows\System32\d3d10level9.dll - ok
14:03:38.0266 0x03f4 [ 2100560AF3F7F2948F2676E44DFB4ECF, 28472E8BEE46DCAE961C7AFEF71EFD5675ECD05492A92631CCB4EF62DFD10F7A ] C:\Windows\System32\uDWM.dll
14:03:38.0266 0x03f4 C:\Windows\System32\uDWM.dll - ok
14:03:38.0282 0x03f4 [ ECF036299AA554B5E0455262857B39D0, E7A08E4AA1677291FB55E1B43511B912D45676652E35C6BA75D1604A8BE5B1D0 ] C:\Windows\System32\diagperf.dll
14:03:38.0282 0x03f4 C:\Windows\System32\diagperf.dll - ok
14:03:38.0282 0x03f4 [ 99B9343280AF6A4C0F27CF2E28E94BBF, 0E29E05E893B2516A1BB5B1D5B7AC91BB55E2B5D463C8C50765328C10BCEA67E ] C:\Windows\System32\dssenh.dll
14:03:38.0282 0x03f4 C:\Windows\System32\dssenh.dll - ok
14:03:38.0297 0x03f4 [ 79737E0F7D25DE8405CB34D4C9882253, 798E44BAE6CD4ECBC801ACE4089E18388ABD18744B901F53452D8103081DE967 ] C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL
14:03:38.0297 0x03f4 C:\Program Files\HP\Digital Imaging\bin\HPSLPSVC32.DLL - ok
14:03:38.0297 0x03f4 [ 1DAE5C46D42B02A6D5862E1482EFB390, 90B14E0A8376AE51872D89C141E88AE144B742805F94B4F7948E295322C78B9D ] C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
14:03:38.0297 0x03f4 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll - ok
14:03:38.0313 0x03f4 [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\System32\shfolder.dll
14:03:38.0313 0x03f4 C:\Windows\System32\shfolder.dll - ok
14:03:38.0313 0x03f4 [ F8E882C10AF4C29E378D1E28D4817CB1, 1164096E044FA9B38CCC462315B9A2F7C43C472091F539F6A4BF7B5EAA389410 ] C:\Windows\System32\pnpts.dll
14:03:38.0313 0x03f4 C:\Windows\System32\pnpts.dll - ok
14:03:38.0328 0x03f4 [ 7E82616BEE76BF5EAA5B30F681414E21, 2138D743C4C09ECD829E194CA42934CB044BFF400921DA9B5FA50371E191656E ] C:\Windows\System32\perftrack.dll
14:03:38.0328 0x03f4 C:\Windows\System32\perftrack.dll - ok
14:03:38.0328 0x03f4 [ DAF0C7D1F4E9B057C8151D0B92A6BDA5, 3533AF6D327E8C95EF35841E7A2BC3B073D561988491E6D130F4EB774AE3BF6C ] C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE
14:03:38.0328 0x03f4 C:\Program Files\Common Files\microsoft shared\Windows Live\WLIDSVCM.EXE - ok
14:03:38.0344 0x03f4 [ E98278865E8DABA21CFE5FE4BE34210A, 3BB431A9F6476EA98C17DF46BA5DFA265E74328D84875E402236ED12E50B6330 ] C:\Windows\System32\PortableDeviceApi.dll
14:03:38.0344 0x03f4 C:\Windows\System32\PortableDeviceApi.dll - ok
14:03:38.0344 0x03f4 [ C693E642ACFBDD76433AF6BE3C3EEE6F, 5241C30CCB095B10B10AD11F42F57B2DEA362C7F6DA36A9A5B23E4DFF113CFD7 ] C:\Windows\System32\PortableDeviceConnectApi.dll
14:03:38.0344 0x03f4 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
14:03:38.0360 0x03f4 [ 7FFD52D73352806969D424EF327D10A7, DD44B084F052EF798997D7A8578E98DD4EF3F0E2A0C522DA2CC169D362C7B900 ] C:\Windows\System32\radardt.dll
14:03:38.0360 0x03f4 C:\Windows\System32\radardt.dll - ok
14:03:38.0360 0x03f4 [ F0016853FA3F38F55FD868FF74C0359B, 49A6A6D610591D0F2FF8A88C8E72D6DCABB8C5FE5D3E995F0CE0E8FC073BA289 ] C:\Windows\System32\wdiasqmmodule.dll
14:03:38.0360 0x03f4 C:\Windows\System32\wdiasqmmodule.dll - ok
14:03:38.0375 0x03f4 [ C4096CA42199428B3D63DC206C197F0E, 76336CD81608650E5AAD02D59D2AC752E7BDD057314BBC7334CECF74D1EAB587 ] C:\Windows\System32\FXSRESM.dll
14:03:38.0375 0x03f4 C:\Windows\System32\FXSRESM.dll - ok
14:03:38.0375 0x03f4 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\System32\cmd.exe
14:03:38.0375 0x03f4 C:\Windows\System32\cmd.exe - ok
14:03:38.0391 0x03f4 [ 015E337ABA03750D890A035819688FE1, 03CF31BF42C45B5F44C7918C8B4B6F9DE4667E6140506E4D0CF823282C167576 ] C:\Windows\System32\conhost.exe
14:03:38.0391 0x03f4 C:\Windows\System32\conhost.exe - ok
14:03:38.0391 0x03f4 [ 359B32AF2AB2E0F77DE6EB522AB9F165, E1B38807D2D6691BC3E955B28CD69A1898A7736C9BE91427469029F68E0C2DBF ] C:\Windows\System32\ieframe.dll
14:03:38.0391 0x03f4 C:\Windows\System32\ieframe.dll - ok
14:03:38.0406 0x03f4 [ 3CDE2911462FEC80064A409C07710C06, DBEC8669B1B8FA68750B17008C4328B223F8263EBE02C550780926C23D38D7D3 ] C:\Windows\System32\wbem\WmiPrvSD.dll
14:03:38.0406 0x03f4 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
14:03:38.0406 0x03f4 [ A4CC7227A452C4909F9499D91B184364, 56111E57D17553BE3EAB8DA2DC42C7132E4458549AFFC08975B7A7204D8F5E76 ] C:\Windows\System32\ncobjapi.dll
14:03:38.0406 0x03f4 C:\Windows\System32\ncobjapi.dll - ok
14:03:38.0422 0x03f4 [ 2C4A87CA8C00E98EFDCFA2E8EC9A3503, DA59CE662E98E56D89E2894D2AC8B9F324C16DA23C860640EDC2C82E0AD06097 ] C:\Windows\System32\shdocvw.dll
14:03:38.0422 0x03f4 C:\Windows\System32\shdocvw.dll - ok
14:03:38.0422 0x03f4 [ B350509B6C9296529BC464C60FEEAEF1, CC653ED001FE6A2BE5A9687572A70CEF9FAB258A57896643379E5D6C1D8E4F1F ] C:\Windows\System32\wbem\wbemess.dll
14:03:38.0422 0x03f4 C:\Windows\System32\wbem\wbemess.dll - ok
14:03:38.0438 0x03f4 [ 0170A4503F85F2D7ABCBEF0419B1C35A, 98E2E72DB2B7BA1385A0CCCBD52390797B566B8F05AC13973C871394BF5949DF ] C:\Users\Jo Ann\AppData\Local\temp\{5535D5AD-4944-499D-A66D-0E38BA561B6E}.exe
14:03:38.0438 0x03f4 C:\Users\Jo Ann\AppData\Local\temp\{5535D5AD-4944-499D-A66D-0E38BA561B6E}.exe - ok
14:03:38.0453 0x03f4 [ C0B8B96D018849FD8CCF15FED84E8782, E107AA4ADE150DC309C39BBF47292E7A7F8DD439FAB30791676BC8A1133B9AFD ] C:\Windows\System32\ie4uinit.exe
14:03:38.0453 0x03f4 C:\Windows\System32\ie4uinit.exe - ok
14:03:38.0453 0x03f4 [ F0FEFB0B5D25A75D478A4317139D937E, CB6EB2891130A410A80F6A1BF0CAC66C429DB7D4ADD0D8484CA4F83D17856441 ] C:\Windows\System32\iedkcs32.dll
14:03:38.0453 0x03f4 C:\Windows\System32\iedkcs32.dll - ok
14:03:38.0469 0x03f4 [ 7E9917D5309A90E7576653BFE39F80D8, 3525795CA69EF165AAAA20C878A20DF5A5F183CF6F8358A0132A88153E6459C6 ] C:\Windows\System32\timedate.cpl
14:03:38.0469 0x03f4 C:\Windows\System32\timedate.cpl - ok
14:03:38.0469 0x03f4 [ 8B5EEFEEC1E6D1A72A06C526628AD161, 026CDF4C96F4D493E7BABF79A14C4B0B5ADCCEF0B081FFFA2E3B243B2414167F ] C:\Windows\System32\aelupsvc.dll
14:03:38.0469 0x03f4 C:\Windows\System32\aelupsvc.dll - ok
14:03:38.0484 0x03f4 [ 32F4D839CA942236F933A78C3DC404F9, EF925A407D2FC4C8806A6F3EA85BA5C2BC6651EDAADBA29F306034AA9EBC2A54 ] C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll
14:03:38.0484 0x03f4 C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll - ok
14:03:38.0484 0x03f4 [ D2958325C1AE1AE37A83334C6229E3BC, D8263CB39A25447442B75A8D8E8111DF671D645DA90A33865C089DEDA9706904 ] C:\Windows\System32\actxprxy.dll
14:03:38.0484 0x03f4 C:\Windows\System32\actxprxy.dll - ok
14:03:38.0500 0x03f4 [ F1278B3514EA6FA9BC39B20D26139AAC, 7FA1B8CCBB4771F3105EEACE2C13F949FA65C7F53817C783BDF9770F94FF12B5 ] C:\Windows\System32\msiltcfg.dll
14:03:38.0500 0x03f4 C:\Windows\System32\msiltcfg.dll - ok
14:03:38.0500 0x03f4 [ 64E211E0FDFCE4D186DF58BB7D0503BC, 6B9E12979119BAD721D493A9CEFDC7B4150121D5590222069FD1B8D80F9AC5C0 ] C:\Windows\System32\gameux.dll
14:03:38.0500 0x03f4 C:\Windows\System32\gameux.dll - ok
14:03:38.0516 0x03f4 [ 7E529A58112744373D4921D797E0BF1F, C98D3EEF419256067AE3379A4E98A197C6859624EE1A335D029EE183565DC6B2 ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{1449528D-4FF9-4195-A319-869EA5477E7D}.tmp
14:03:38.0516 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{1449528D-4FF9-4195-A319-869EA5477E7D}.tmp - ok
14:03:38.0516 0x03f4 [ 8782E4B9D1D0A82A99C4C934F261D2EC, D0F4829ACCA92937ECE4A41FBC0C2BD083C01EC6FF94C0F76DD94B6945161E6A ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{B4355429-8E36-4108-9A73-FC0BB1F2BCEE}.tmp
14:03:38.0516 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{B4355429-8E36-4108-9A73-FC0BB1F2BCEE}.tmp - ok
14:03:38.0531 0x03f4 [ 7223441A755C62EC4132E0EFE1FE2C76, 52E120E30B5AD191BCD7EB4264F16278A41932DC035C0681A6F5082A3F29DA8D ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{D1F3749E-4876-4A0C-8E95-681B79C5A987}.tmp
14:03:38.0531 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{D1F3749E-4876-4A0C-8E95-681B79C5A987}.tmp - ok
14:03:38.0531 0x03f4 [ 81270A0C525D8970FC178D31D795C087, 92DF7190125C6D7334E740B6984BDA8CB381AE3F9CFB260375684166FBB982A2 ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{2FDC1FAD-F5FD-4079-9C3E-9ACDA5E9C83C}.tmp
14:03:38.0531 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{2FDC1FAD-F5FD-4079-9C3E-9ACDA5E9C83C}.tmp - ok
14:03:38.0547 0x03f4 [ DBBDB7AAFF126419847385D9A2C0F704, C773383E0ED15EAEBDD359B38AE40ED8CD0CE14774D0DFF764D6E2A03F5EBC7A ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{1DF00577-7D71-41BB-B41A-220779C0F006}.tmp
14:03:38.0547 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{1DF00577-7D71-41BB-B41A-220779C0F006}.tmp - ok
14:03:38.0562 0x03f4 [ 8A6BFCB7E417417702916AF055B76DAE, 6477CF88B52D0D41755E1A7BDE6F86B73D5E0B5E0184E51DD198BE6B513D40CD ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{85F00611-92B7-4B2E-BBCC-E5A8D152ABFA}.tmp
14:03:38.0562 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{85F00611-92B7-4B2E-BBCC-E5A8D152ABFA}.tmp - ok
14:03:38.0562 0x03f4 [ C769DABBDE83748FA38A6161DB2C74EE, AB63838FDDC90EEBEB1DE0A8F22FB09B223DCBA9957457535B41F0F3EFF5CB3B ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{A532D073-F0A1-4746-9426-CC9E03628579}.tmp
14:03:38.0562 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{A532D073-F0A1-4746-9426-CC9E03628579}.tmp - ok
14:03:38.0578 0x03f4 [ 988BA85FC4FE7C6D0D14B2536CC9F367, 4D9DBD7F70D101ED120A0EF87E6EE45BD641615DD53C672E6A0710A9EEAA85AD ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{309F5CEF-E8D0-41BD-92E2-AA7076E0CA96}.tmp
14:03:38.0578 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{309F5CEF-E8D0-41BD-92E2-AA7076E0CA96}.tmp - ok
14:03:38.0578 0x03f4 [ 828BEAB67CFA903ADC7337128265F39C, 9D917D9C566501B39BACCF08C0E329BC92FC37EC8C0BF46C3FF6BB7CFEA9B974 ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{AFD72407-1D32-40FF-8D43-8515E775EB22}.tmp
14:03:38.0578 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{AFD72407-1D32-40FF-8D43-8515E775EB22}.tmp - ok
14:03:38.0594 0x03f4 [ 2AF6561372C979081B73022462EAD3A1, CB8D0B78292B0531F20CB50E18F63BE971AC4D0D0A5C0D767A3C9701B08C6530 ] C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{EA8C1C76-8E8D-427C-BA15-7EC269D14CB8}.tmp
14:03:38.0594 0x03f4 C:\Users\JOANN~1\AppData\Local\temp\{FE58A42C-7FFF-4AD4-9528-4ECFD8C7CB96}\{EA8C1C76-8E8D-427C-BA15-7EC269D14CB8}.tmp - ok
14:03:38.0594 0x03f4 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\System32\riched20.dll
14:03:38.0594 0x03f4 C:\Windows\System32\riched20.dll - ok
14:03:38.0609 0x03f4 [ 3A16EA01FCFAAB40882DB5BFEE632322, 04ED66BEFDB822181EBD1D84CBF0B17AAADF8455AE742F44D7ADCB26AB07BDAD ] C:\Windows\System32\msftedit.dll
14:03:38.0609 0x03f4 C:\Windows\System32\msftedit.dll - ok
14:03:38.0609 0x03f4 [ F7FE730CE31B54145DEE1F1482BCCDD7, E7F0F59AB2B0D5EC5FE9B966006D06FE0FCEDBA99E2A4A8A6D410A0490F1F017 ] C:\Windows\System32\ndiscapCfg.dll
14:03:38.0609 0x03f4 C:\Windows\System32\ndiscapCfg.dll - ok
14:03:38.0625 0x03f4 [ 03F364F70669D6CCDFBB648C735A1CC1, 6D9DAE8350FB2C8B5FB4F2E11896CF7B49FB9CC297178B7C0C6E1D0D2838DF46 ] C:\Windows\System32\tcpmib.dll
14:03:38.0625 0x03f4 C:\Windows\System32\tcpmib.dll - ok
14:03:38.0625 0x03f4 [ BA54A966F873B043FDFCDA0B77937855, D410F6919D7A6E11615EEE2D20267F258B5A9B934E255D9B9CAF20CC77B1EDB5 ] C:\Windows\System32\mgmtapi.dll
14:03:38.0625 0x03f4 C:\Windows\System32\mgmtapi.dll - ok
14:03:38.0640 0x03f4 [ 9A7B54D57594233EEB17892BAD309970, 64EF2A51BFA13455038DCB6773F9DEF6FD46FAA1F1CF47E7B61D3E64466DA5AA ] C:\Windows\System32\mprmsg.dll
14:03:38.0640 0x03f4 C:\Windows\System32\mprmsg.dll - ok
14:03:38.0640 0x03f4 [ 761A3A4038C1FD4F5795427907C28484, B9338BC022DC5B8C0502E6A88E7D76E03C19A828861A922360B147441FB09285 ] C:\Windows\System32\rascfg.dll
14:03:38.0640 0x03f4 C:\Windows\System32\rascfg.dll - ok
14:03:38.0656 0x03f4 [ 640A476C8867AEAAD8FF9F59A61AFE2F, 075E550CF94840B806E88772A2C05DC12B68B0B55ED4A2A0B5BD69539D67A40E ] C:\Windows\System32\PrintIsolationHost.exe
14:03:38.0656 0x03f4 C:\Windows\System32\PrintIsolationHost.exe - ok
14:03:38.0656 0x03f4 [ FC70115B86B7BC41467BE7A5696C44C5, 8ED2828F49F679D58B97F17865823C1349993CFC6B9FB7E0BF06F88B3EDD04C6 ] C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL
14:03:38.0656 0x03f4 C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL - ok
14:03:38.0672 0x03f4 [ CAFC0B884E5590B5E80D84F592388B3D, FFCA66AEB6869BCC7A469C5E968B20A2DFA49D97E4E598CC36E839047FF7AB2B ] C:\Windows\System32\tcpipcfg.dll
14:03:38.0672 0x03f4 C:\Windows\System32\tcpipcfg.dll - ok
14:03:38.0672 0x03f4 [ 88D312B5462C8F7D1CD85B0B31ECA143, BF5DC143D64998491930AF053CD90EB7EF762FB45094E54B3CE458E07303CC7F ] C:\Windows\System32\spool\drivers\w32x86\3\HPZUIW71.DLL
14:03:38.0672 0x03f4 C:\Windows\System32\spool\drivers\w32x86\3\HPZUIW71.DLL - ok
14:03:38.0687 0x03f4 [ A36FB747298925AE58E866A48B6D394D, 2BA689D9D06A42C346E44B0E19F8ED136262AD21D7DC273D64D28CA06C400438 ] C:\Program Files\Common Files\microsoft shared\ink\penusa.dll
14:03:38.0687 0x03f4 C:\Program Files\Common Files\microsoft shared\ink\penusa.dll - ok
14:03:38.0687 0x03f4 [ 8A9D7D75CB9BEF94058502AFE53CD677, 00BA00207F9243DEB68B922D9340915854228A15AA4209CE75E96CAB5FD33875 ] C:\Program Files\Common Files\microsoft shared\ink\skchui.dll
14:03:38.0687 0x03f4 C:\Program Files\Common Files\microsoft shared\ink\skchui.dll - ok
14:03:38.0703 0x03f4 [ 35AAE2E841AA1A949775168E119482C9, 2457985F6113E565DCEBE58A14C644EAE1397CDB50393C03A2A94F279C053D93 ] C:\Windows\System32\msls31.dll
14:03:38.0703 0x03f4 C:\Windows\System32\msls31.dll - ok
14:03:38.0703 0x03f4 [ 672D7C5080ACB003343006405DA2E621, 5F28C83A20ECB1F20894B60725477BEF0D672817DFDB9822FB345A3270A0C095 ] C:\Windows\System32\thumbcache.dll
14:03:38.0703 0x03f4 C:\Windows\System32\thumbcache.dll - ok
14:03:38.0718 0x03f4 [ 86345D30828786E1CC6AF12DF769D136, 8E038B6F661F984B33491053D5A0CF0398FF48AC629EA8B90ABA0BA8CC4B4D45 ] C:\Windows\System32\GWX\GWX.exe
14:03:38.0718 0x03f4 C:\Windows\System32\GWX\GWX.exe - ok
14:03:38.0718 0x03f4 [ 3D57FFBAD3ED16B63DE3879BAB0FB56F, 6BEAF5AFC98961190B004E8DE57CD5F9F39117287AE18D59DDB2EC5C0A0C6622 ] C:\Windows\System32\networkexplorer.dll
14:03:38.0718 0x03f4 C:\Windows\System32\networkexplorer.dll - ok
14:03:38.0734 0x03f4 [ 2A39F32E0067CBF221611FE1FA8C6D8F, C6D1CAB7BC87F8EB7D801BE3E3DA9B631932A94468E7A6F46D60A43C9AB08EE7 ] C:\Windows\System32\DeviceCenter.dll
14:03:38.0734 0x03f4 C:\Windows\System32\DeviceCenter.dll - ok
14:03:38.0734 0x03f4 [ D205C24A9D069049FE2DF2A1B38726A7, B98F420B57A34FDA24F9A655319245EEF86EF4A952014FFA018070A01D5CBC4C ] C:\Windows\System32\wdmaud.drv
14:03:38.0734 0x03f4 C:\Windows\System32\wdmaud.drv - ok
14:03:38.0750 0x03f4 [ 6E240D6C2F0DB74BED13AD723D3AB0A1, 99811F1EF27E0B6DDCF79DD07F49931FD55788407AB48C019C1E1B7592919614 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
14:03:38.0750 0x03f4 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
14:03:38.0750 0x03f4 [ 9C67F6BBDA3881CFD02095160CF91576, 6CE97C6F0AD8BE183DE935A7AAB7D46821E8DE9E55A4BFF54ACB49D056826A94 ] C:\Windows\System32\ksuser.dll
14:03:38.0750 0x03f4 C:\Windows\System32\ksuser.dll - ok
14:03:38.0765 0x03f4 [ 089B5F924E96BA9C40E4E4522BF43770, F89434E0129FDA710BB9817C5D104415E7642A40B66969F577370761B1C45B4B ] C:\Program Files\Windows Defender\MpRTP.dll
14:03:38.0765 0x03f4 C:\Program Files\Windows Defender\MpRTP.dll - ok
14:03:38.0781 0x03f4 [ 401D25136E26B237D77DA1BF1198B3BD, 382F977D56683367E095C7B3249708CA412E12AF18C19958470C2256EB9E4082 ] C:\Windows\System32\tdh.dll
14:03:38.0781 0x03f4 C:\Windows\System32\tdh.dll - ok
14:03:38.0781 0x03f4 [ 78DE417B7921DACA072059E6BF410FC7, 8A32772A5500F6076D207EA7194C67B4147BCE28DEA4B582C2129BEC4A42D7CD ] C:\Windows\System32\wshnetbs.dll
14:03:38.0781 0x03f4 C:\Windows\System32\wshnetbs.dll - ok
14:03:38.0796 0x03f4 [ 45D9F6CD2469CDB6A640DD4BD2B01471, 21704ADB83B26DD9C2D4D248FE61F3FEC2003D6748BB6A830334F0FDA9610362 ] C:\Windows\System32\nci.dll
14:03:38.0796 0x03f4 C:\Windows\System32\nci.dll - ok
14:03:38.0796 0x03f4 [ 9E6AF823733C70E207D9FB6731A63B3D, 2E10E0CD623243A465315985630C25906B700F1F2DA52BC641F4900615B4F28E ] C:\Windows\System32\wlaninst.dll
14:03:38.0796 0x03f4 C:\Windows\System32\wlaninst.dll - ok
14:03:38.0812 0x03f4 [ 5B6EF0861BB5AC0EC347548E85C24A1D, 790EAEF1025293E45436654AD04C6D4E1A366879C0DA176AF157B0465E3A9A21 ] C:\Windows\System32\wwaninst.dll
14:03:38.0812 0x03f4 C:\Windows\System32\wwaninst.dll - ok
14:03:38.0812 0x03f4 [ 50B8937A81360D16A5C772302BD32CFE, F38E9FE868D769CA59E899F0ADAE4112396CD06AB44F13306CD175670859A4C3 ] C:\Windows\System32\AudioSes.dll
14:03:38.0812 0x03f4 C:\Windows\System32\AudioSes.dll - ok
14:03:38.0828 0x03f4 [ D70D4FE47BCBE1EF9170F110A19BEC34, 3BC9313F3A188CA61A05C958EFB519EA1E82F051A4C44BB82FD3A6CD42BE38AB ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
14:03:38.0828 0x03f4 C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe - ok
14:03:38.0828 0x03f4 [ 85683DF1F917E4D7F6BE1A04986BF1C8, D68D9F525D31C1843B6EC8FA950166FA1F34DB71222716E7B22DD33981C152B6 ] C:\Windows\System32\msacm32.dll
14:03:38.0828 0x03f4 C:\Windows\System32\msacm32.dll - ok
14:03:38.0843 0x03f4 [ 07393A09C46083588E751B63B03C8301, 36E2351CF5FA05FEAAEB340B5E04B107B53C8174F8333559D8AEA40BEB94F678 ] C:\Windows\System32\msacm32.drv
14:03:38.0843 0x03f4 C:\Windows\System32\msacm32.drv - ok
14:03:38.0843 0x03f4 [ 5A12C364AD1D4FCC0AD0E56DBBC34462, 5FDF434BE4E15311AC83754CF85B5451F5A219D768A5DE3DC4FD9AE0B57B0AD9 ] C:\Windows\System32\midimap.dll
14:03:38.0843 0x03f4 C:\Windows\System32\midimap.dll - ok
14:03:38.0859 0x03f4 [ 390951D528C971215AC220BA12F60DEC, 4FB3064B870EA36FF23713954F517E547DB302097091BAAFE254F5C0FE1E45B9 ] C:\Windows\System32\SynCOM.dll
14:03:38.0859 0x03f4 C:\Windows\System32\SynCOM.dll - ok
14:03:38.0859 0x03f4 [ A7FA423E62CA375D0B12B752C446568F, 5668167C9ACF57EEEECE0F8E619230B1557CA89AA332E1DC671186416297BB29 ] C:\Windows\System32\SynTPAPI.dll
14:03:38.0859 0x03f4 C:\Windows\System32\SynTPAPI.dll - ok
14:03:38.0874 0x03f4 [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe
14:03:38.0874 0x03f4 C:\Program Files\HP\Digital Imaging\bin\HpqSRmon.exe - ok
14:03:38.0874 0x03f4 [ 2D21189858856316D55EAD55DF4964C2, EAFBDB78EF3AD21C3E87042CB32B52229D5E086E505848C123DFDD97AF9AAF34 ] C:\Windows\System32\AudioEng.dll
14:03:38.0874 0x03f4 C:\Windows\System32\AudioEng.dll - ok
14:03:38.0890 0x03f4 [ 68239842340DDFF8993DFD9127553EDA, 9FEC34A35D5A91FEF1C4859AFD0C2538C5CD3E1792FB118487368CFDF66CBCA0 ] C:\Windows\System32\igfxtray.exe
14:03:38.0890 0x03f4 C:\Windows\System32\igfxtray.exe - ok
14:03:38.0890 0x03f4 [ 004763BDF8E48244DBB9FDFDE3065EBC, AA88911C51D73C501C67F62A907425EF91D1820D3ED581F0952619EBB6216F14 ] C:\Windows\System32\hkcmd.exe
14:03:38.0890 0x03f4 C:\Windows\System32\hkcmd.exe - ok
14:03:38.0906 0x03f4 [ E87FD80D1C1D038B90B43E1F10461115, 2CC4924633C5DEC7B9D29F98A5EE911FBD4BAC3AF88C3A8769000404711785F5 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll
14:03:38.0906 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpengine.dll - ok
14:03:38.0906 0x03f4 [ CD1102E5D340216138C7F56FA8D26998, 805BE128B6A52E304A91AD44B6A7322BAD5F72CD400DB5E74D8EF47424894266 ] C:\Windows\System32\igfxpers.exe
14:03:38.0906 0x03f4 C:\Windows\System32\igfxpers.exe - ok
14:03:38.0921 0x03f4 [ FCD688586654203879805259141D76FF, 4B312606CF22408C2A358C0FA4E7369B355F11C7677EB2FBD56797900C522772 ] C:\Windows\System32\hccutils.dll
14:03:38.0921 0x03f4 C:\Windows\System32\hccutils.dll - ok
14:03:38.0921 0x03f4 [ F2A24E4AEC0F8D5DBAB10CB87A8EFED2, 1E2084BB76072596AB2E846DB45318453E1C82C1141385B7D73A1AD5EB30E8BD ] C:\Windows\System32\sti.dll
14:03:38.0921 0x03f4 C:\Windows\System32\sti.dll - ok
14:03:38.0937 0x03f4 [ A56F4029FDCF4F817E78953CDA953E28, 3B4CEF1113B358D4D12F326B861E1FF25934D8865173C7A05F5851B94AC140FD ] C:\Windows\System32\AUDIOKSE.dll
14:03:38.0937 0x03f4 C:\Windows\System32\AUDIOKSE.dll - ok
14:03:38.0937 0x03f4 [ 4C1F26CFCA34E978CC1311F9F080F675, DD4F03FF5AB5652B7BE7EBEB4F9C373684A400E0807956BA698479AD6A4740BC ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
14:03:38.0937 0x03f4 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
14:03:38.0952 0x03f4 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:03:38.0952 0x03f4 C:\Program Files\Common Files\Java\Java Update\jusched.exe - ok
14:03:38.0952 0x03f4 [ 0E85C11F8850D524B02181C6E02BA9AE, 8703566931067CCF949E9779E4D328DD21210329DD687459300C83DDD06390A8 ] C:\Windows\System32\dsound.dll
14:03:38.0952 0x03f4 C:\Windows\System32\dsound.dll - ok
14:03:38.0968 0x03f4 [ 936F728E04ACCF3F38801CFFCF1E3F40, 59CA86096F4B928E364B6A3C0408615F068BB8BC02DCFC5EAF4873EC6D6E0797 ] C:\Windows\System32\oledlg.dll
14:03:38.0968 0x03f4 C:\Windows\System32\oledlg.dll - ok
14:03:38.0968 0x03f4 [ D9C51528488EA0D98D3C4D02ABD16759, F295E2560909F7763412DFCD0A9BF78AF30EBF5AB48841A90FF6F41053EBA174 ] C:\Windows\System32\igfxsrvc.exe
14:03:38.0968 0x03f4 C:\Windows\System32\igfxsrvc.exe - ok
14:03:38.0984 0x03f4 [ 1AF42B0FD84CCEB4A3A310A4049F52F1, AE82A395668C094B3E13A8979773E58BA0C886EB4961F9D7A2B75708699ACC03 ] C:\Windows\System32\RtkAPO.dll
14:03:38.0984 0x03f4 C:\Windows\System32\RtkAPO.dll - ok
14:03:38.0984 0x03f4 [ 6313BA5D7F348576758CE789AF7E548A, FE8DA6EB0D551B98BF1C7A64EDE9F1CEEAF05BA312B9C07EAEEEFA1C0032A6AA ] C:\Program Files\CCleaner\CCleaner.exe
14:03:38.0984 0x03f4 C:\Program Files\CCleaner\CCleaner.exe - ok
14:03:38.0999 0x03f4 [ EAB975DB4C2805927FE5BD047D05C9AA, 8F5497B1A2652B5EAA5D35BD314B5F90C5140207427DAE6068D665FA44D3FD56 ] C:\Windows\System32\netshell.dll
14:03:38.0999 0x03f4 C:\Windows\System32\netshell.dll - ok
14:03:39.0015 0x03f4 [ ECF6459A9C158BA07877221CF86D9E81, 24C1E0FBEECAEE865B2B79A7513751A5D2F53DDAE009A3FD807CFFF35FF90E18 ] C:\Windows\System32\igfxsrvc.dll
14:03:39.0015 0x03f4 C:\Windows\System32\igfxsrvc.dll - ok
14:03:39.0015 0x03f4 [ 4E30ED3E551E867ADD1C8D58F5EDD9DF, C933ABF1069128F4AB73DA47B2E7C029249804D65F50720897ECCAB3F4A07C27 ] C:\Windows\System32\WMALFXGFXDSP.dll
14:03:39.0015 0x03f4 C:\Windows\System32\WMALFXGFXDSP.dll - ok
14:03:39.0030 0x03f4 [ AED01A07B3F9B7AC9EBEC89EBE78B0A1, A63A0B3F0F47D66355D26CAF8E98A34F5CDBDAB9007615D724DD3A533B59CD87 ] C:\Windows\System32\igfxdev.dll
14:03:39.0030 0x03f4 C:\Windows\System32\igfxdev.dll - ok
14:03:39.0030 0x03f4 [ F04812AAE2DBF637E710AA9D9DB115E5, 219ED7887E23944BFEF8F3B321B38B7F44D9D2AAD81AC7B564C0E8A9435CB672 ] C:\Windows\System32\consent.exe
14:03:39.0030 0x03f4 C:\Windows\System32\consent.exe - ok
14:03:39.0046 0x03f4 [ C5667EE72D7364BE81516C0707FEF724, 04E3E6C5C7CE219FFADF6B6C63D66B251BCD1587CE207107688A30F7B1F00721 ] C:\Windows\System32\mfplat.dll
14:03:39.0046 0x03f4 C:\Windows\System32\mfplat.dll - ok
14:03:39.0046 0x03f4 [ 2A41F6EFB2482ADEA2732090B1A0CB14, 219DE729C5298F16E07DCFB8E426693A1A8C00D662CE50A749B654547BCD2D20 ] C:\Windows\System32\RtkApoApi.dll
14:03:39.0046 0x03f4 C:\Windows\System32\RtkApoApi.dll - ok
14:03:39.0062 0x03f4 [ 82685F1428D91993698FAA35D388CD59, 91022B42B3D40F1D78704FF1FDD09626C5C9B8D6642600A12AEB5DE9D1F01F04 ] C:\Windows\System32\RTCOM\RtkCfg.dll
14:03:39.0062 0x03f4 C:\Windows\System32\RTCOM\RtkCfg.dll - ok
14:03:39.0062 0x03f4 [ 4B9E4CE667DF26ADA061AA81E9AA841D, F6C151A14ADF4229AC8192EE9B7C3C5445619EECCCCEB647F3674360D65284B9 ] C:\Windows\System32\spfileq.dll
14:03:39.0062 0x03f4 C:\Windows\System32\spfileq.dll - ok
14:03:39.0077 0x03f4 [ 912649A1B3F9E6ACB3899FBDABA2ED5F, 049DFA9EA45A888B984E459B927A0F8AA4C10B9D36C6C0A0FE57F6329BEAF555 ] C:\Windows\System32\stobject.dll
14:03:39.0077 0x03f4 C:\Windows\System32\stobject.dll - ok
14:03:39.0077 0x03f4 [ 67C1B58706B47EEBA4E117AC197289E6, 9213E55DA854563E3A99369A4FAD853C0A97241A4F6D93F98444C57ADEEF89C1 ] C:\Windows\System32\batmeter.dll
14:03:39.0077 0x03f4 C:\Windows\System32\batmeter.dll - ok
14:03:39.0093 0x03f4 [ C8333F1F77A1B2E25F2202E892CAF634, 7A614AA4353ECE8175B6AB7B25EE26FAB22DF2A53C9A5A694B3A3B56F6C783A7 ] C:\Windows\System32\prnfldr.dll
14:03:39.0093 0x03f4 C:\Windows\System32\prnfldr.dll - ok
14:03:39.0093 0x03f4 [ ADDB05C93272A62606599B24730BD645, 38E2E2979C48549A3B72807B33254DB3AC106DB1FD2790C8AC1B27CDE86EC38F ] C:\Windows\System32\DXP.dll
14:03:39.0093 0x03f4 C:\Windows\System32\DXP.dll - ok
14:03:39.0108 0x03f4 [ 856CFFCD835528136367BB1A8FE1DB87, 97EE0B243F460BE737D18B634559BC6389064BA013890E69B650E5152AB873C8 ] C:\Windows\System32\Syncreg.dll
14:03:39.0108 0x03f4 C:\Windows\System32\Syncreg.dll - ok
14:03:39.0108 0x03f4 [ F8F03D206F7D5811D630349A23E9B9B9, D8F63A2DF5E79103BC3DD36BF09E60D095577BCB30BADA8763168E0199ED4CD8 ] C:\Windows\ehome\ehSSO.dll
14:03:39.0108 0x03f4 C:\Windows\ehome\ehSSO.dll - ok
14:03:39.0108 0x03f4 [ 735263DA17BF5BAF9CCD483843BF9D5A, A493F9191EA3F37A53474E94B3917EA038B29545FC62B1634CE47F05EA2FF5C6 ] C:\Windows\System32\WPDShServiceObj.dll
14:03:39.0108 0x03f4 C:\Windows\System32\WPDShServiceObj.dll - ok
14:03:39.0124 0x03f4 [ ADB45A977BD9E45790CA496DB84BA148, BB251C9A5D2F5C6BDFB22C6BA235748472FC28AF2ADAF1CE7948352301DDE3C1 ] C:\Windows\System32\PortableDeviceTypes.dll
14:03:39.0124 0x03f4 C:\Windows\System32\PortableDeviceTypes.dll - ok
14:03:39.0140 0x03f4 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\System32\dbghelp.dll
14:03:39.0140 0x03f4 C:\Windows\System32\dbghelp.dll - ok
14:03:39.0140 0x03f4 [ 674B0C0F6A448EB185CAAB9C51D44032, 6722351F46BF70BA967844D3239CD801DFC4538A4EB6C478D8497F27F7FD9F1D ] C:\Windows\System32\srchadmin.dll
14:03:39.0140 0x03f4 C:\Windows\System32\srchadmin.dll - ok
14:03:39.0155 0x03f4 [ B2B3DAE040F6B5AE1DF52B0CD7631A18, 062680EFF24EB83FF34DDD76043DB9ABB476C8FEE7BBE869A1E7F7FC8891314F ] C:\Windows\System32\AltTab.dll
14:03:39.0155 0x03f4 C:\Windows\System32\AltTab.dll - ok
14:03:39.0155 0x03f4 [ 236F286E103FD44BD85FDD93097FD5DD, C369C98E76FEFBB05A12ABEECCF89C75132419B56866ED9AB77F61F84BA62785 ] C:\Windows\System32\SearchIndexer.exe
14:03:39.0155 0x03f4 C:\Windows\System32\SearchIndexer.exe - ok
14:03:39.0171 0x03f4 [ 3D6F22551D422F97AACB0BB927E4C846, 9AB7C9F2E7F3D1CEC4553D0DF57E074121957055A9A4349946D354ACB6FC4579 ] C:\Windows\System32\pnidui.dll
14:03:39.0171 0x03f4 C:\Windows\System32\pnidui.dll - ok
14:03:39.0171 0x03f4 [ 4F2659160AFCCA990305816946F69407, 9E70685B73B3EAB78C55863BABCEECC7CCA89475B508B2A9C651ADE6FDE0751A ] C:\Windows\System32\taskeng.exe
14:03:39.0171 0x03f4 C:\Windows\System32\taskeng.exe - ok
14:03:39.0186 0x03f4 [ 465DBF63A5049E4DB4BC5C12FFE781CB, D12F6A9FB92144B2CFFD28BD72C234BA42F882EF22122DB83CE5EB1B8EBE9017 ] C:\Windows\System32\tquery.dll
14:03:39.0186 0x03f4 C:\Windows\System32\tquery.dll - ok
14:03:39.0186 0x03f4 [ 659E04E74135927CA6D7BC5E75C84417, 635CAF4AA78ACFBA30F855C82EFA696E826D710011E960E39817EE0CB6975149 ] C:\Windows\System32\TSChannel.dll
14:03:39.0186 0x03f4 C:\Windows\System32\TSChannel.dll - ok
14:03:39.0202 0x03f4 [ 0241CB16136B9A4939CA0395768AE286, E7A3A0BDB4AC4BD718C93BE650541F96603739BDB3DB6860665DCC073DA8007D ] C:\Windows\System32\mssrch.dll
14:03:39.0202 0x03f4 C:\Windows\System32\mssrch.dll - ok
14:03:39.0202 0x03f4 [ BD626EF05967D14C772B8096292731A3, FE3838B41DCAFC52089D909E7F411186D993C08AC149E093352D691D57C9BE71 ] C:\Windows\System32\QUTIL.DLL
14:03:39.0202 0x03f4 C:\Windows\System32\QUTIL.DLL - ok
14:03:39.0218 0x03f4 [ E3D5E244807AD655787FCD25477CC1BC, 8A378249C936914DBFEDAE310D6ACB93D488C8F490EC4AAB435861C413A5BB0F ] C:\Windows\System32\bthprops.cpl
14:03:39.0218 0x03f4 C:\Windows\System32\bthprops.cpl - ok
14:03:39.0218 0x03f4 [ 9A39A2A5F443A756C568C6ED5748AFE4, 13C2790985CBA9CD325BA20364A665DB50B769B7DDE93E6BE20F25427BDB34F8 ] C:\Windows\System32\ActionCenter.dll
14:03:39.0218 0x03f4 C:\Windows\System32\ActionCenter.dll - ok
14:03:39.0233 0x03f4 [ 04B88428A872390D235BE52D38A9D4EF, F6954D514B67547738EB012456342D65289B0B18A0304BBAD5BDAA3436181C77 ] C:\Windows\System32\dot3api.dll
14:03:39.0233 0x03f4 C:\Windows\System32\dot3api.dll - ok
14:03:39.0233 0x03f4 [ 81600E2E27ED61427AAD865B9BCDDB9D, 0D7D39C0A5A2C24FAADCA41658A1C62D13180B462C78103BDF6DBD76B64DD79A ] C:\Windows\System32\msidle.dll
14:03:39.0233 0x03f4 C:\Windows\System32\msidle.dll - ok
14:03:39.0249 0x03f4 [ 2DDEA2C345DA5BC589EFD398F220DB0E, B515B15BE7CB66F94B7A9B802719DAF7D50E1FE2832B66B6883AC0023060800D ] C:\Windows\System32\SyncCenter.dll
14:03:39.0249 0x03f4 C:\Windows\System32\SyncCenter.dll - ok
14:03:39.0264 0x03f4 [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\System32\mssprxy.dll
14:03:39.0264 0x03f4 C:\Windows\System32\mssprxy.dll - ok
14:03:39.0264 0x03f4 [ B63E24E9271E99FD4540E3CA22A937DA, A9E75FBF482C4447E887E5B6EBAD96FE827F0BBD1101F1D8B54EE178D3AEAA7E ] C:\Windows\System32\en-US\tquery.dll.mui
14:03:39.0264 0x03f4 C:\Windows\System32\en-US\tquery.dll.mui - ok
14:03:39.0280 0x03f4 [ 8063046AA70B97CA9985672B8848FB2E, C7A7F2D216D1F0D7F28A22E4933DB3D821AC52CC2EF7AE8BA08D18104FCF8B81 ] C:\Windows\System32\wlanhlp.dll
14:03:39.0280 0x03f4 C:\Windows\System32\wlanhlp.dll - ok
14:03:39.0280 0x03f4 [ 53683A331F8A1BB20ADD0330F1DE6388, 5525766F740268FF5287F927CD784B885F5B8523374AC2858256E6757CDED9F4 ] C:\Program Files\Windows Media Player\wmpnscfg.exe
14:03:39.0280 0x03f4 C:\Program Files\Windows Media Player\wmpnscfg.exe - ok
14:03:39.0296 0x03f4 [ C02AA67276FEE0C15CC4D6D616BDE95E, 24B0FFA2903CC77FEDE6B491647BB759C4AE054E38A19EFA0D2662AC2959570B ] C:\Windows\System32\WWanAPI.dll
14:03:39.0296 0x03f4 C:\Windows\System32\WWanAPI.dll - ok
14:03:39.0296 0x03f4 [ F2ED6D00921CA138289E5E0CCB9ABF87, 528F249CE0835CA4D8B7C4940F5132DF1155EB344177BEA4CD7FCF9B8DCCCA4B ] C:\Windows\System32\wwapi.dll
14:03:39.0296 0x03f4 C:\Windows\System32\wwapi.dll - ok
14:03:39.0296 0x03f4 [ 02530B0B7E048DD5AC8D52DAEACAEB2B, 2DEB454F8B71EC54C59185E2F1D679F7EC1C7AEFCD1D59761FDD3D70CABE0254 ] C:\Windows\System32\QAGENT.DLL
14:03:39.0311 0x03f4 C:\Windows\System32\QAGENT.DLL - ok
14:03:39.0311 0x03f4 [ 8F8AB20AA863EA95A421B9D54C74F20C, BA71E3EED39E78EC554049464D4112EB3A15419F0C5809D9C7CB7F1746BDEBD3 ] C:\Program Files\Windows Media Player\wmpnssci.dll
14:03:39.0311 0x03f4 C:\Program Files\Windows Media Player\wmpnssci.dll - ok
14:03:39.0327 0x03f4 [ 3B40D3A61AA8C21B88AE57C58AB3122E, 6C67DCB007C3CDF2EB0BBF5FD89C32CD7800C20F7166872F8C387BE262C5CD21 ] C:\Program Files\Windows Media Player\wmpnetwk.exe
14:03:39.0327 0x03f4 C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
14:03:39.0327 0x03f4 [ 5CF15474FFDB5005E54958DF6EDD97AB, D4DBB3AACBB7679948258FFC53472FE8B5D0B3EC06D572EE2BDBF45CE608D86D ] C:\Windows\System32\wmdrmdev.dll
14:03:39.0327 0x03f4 C:\Windows\System32\wmdrmdev.dll - ok
14:03:39.0342 0x03f4 [ DCC148408770F2D55B201F8FC26438A1, 5D31418991960C3BE7F0F3CEF2B00FC7B426B529B82DB1E4D13AE20AFEF6322A ] C:\Windows\System32\drmv2clt.dll
14:03:39.0342 0x03f4 C:\Windows\System32\drmv2clt.dll - ok
14:03:39.0342 0x03f4 [ B14BB9288AEF95502AF89D48CE4ABF50, 545F5716E98E0B6478C989C1562E3431A83248C9B930B2D52144388B4FB66861 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key
14:03:39.0342 0x03f4 C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv_SID_S-1-5-20\Indiv01.key - ok
14:03:39.0358 0x03f4 [ 954EA9B34F155C844B11F4047A8F6F89, 44703118AE57D44C802DFA5619DC1CA55C5C046D666CE546E5870D722786E395 ] C:\Windows\System32\upnp.dll
14:03:39.0358 0x03f4 C:\Windows\System32\upnp.dll - ok
14:03:39.0358 0x03f4 [ A98E8F79C738CAF23C152DBCABD978FE, 74A46135EA434FD9BA2C7A9B618CF612C8B46DD92B697B103A2EFAD73C6F44E6 ] C:\Windows\System32\wmp.dll
14:03:39.0358 0x03f4 C:\Windows\System32\wmp.dll - ok
14:03:39.0374 0x03f4 [ C2D6A4475B87651D5909E364439FDA52, BE9B898A8396F977E05A22D6EDF7B6B4EF4C16E159806453D03C2A918D24C19F ] C:\Windows\System32\FXSST.dll
14:03:39.0374 0x03f4 C:\Windows\System32\FXSST.dll - ok
14:03:39.0374 0x03f4 [ 942E57152F1CD0533644AB30EF1A4728, 4F72510BECFAFDBB06C9CAAC66BA9E95225DE1EA12B4D2FD5B67492A2E628ABD ] C:\Windows\System32\FXSAPI.dll
14:03:39.0374 0x03f4 C:\Windows\System32\FXSAPI.dll - ok
14:03:39.0374 0x03f4 [ 967EA5B213E9984CBE270205DF37755B, 43153E23210B03FAE16897D62D55B8742F834EDC695F8401EAB5DE307F62602D ] C:\Windows\System32\FXSSVC.exe
14:03:39.0389 0x03f4 C:\Windows\System32\FXSSVC.exe - ok
14:03:39.0389 0x03f4 [ 5193DE33F3284C447E0D31DAFBF92570, EA0F12B0C2F9DD4EA651BD96FC88AE5584364F2C0D4138E8E3D4F18F226717FE ] C:\Windows\System32\webcheck.dll
14:03:39.0389 0x03f4 C:\Windows\System32\webcheck.dll - ok
14:03:39.0405 0x03f4 [ DA27A4EA7B7C77FAFDB3F94D83E310C1, D08600A768CE03C6926D43400BAB7A308CECDFFECE0BF3DA2AE6F9238D09FF34 ] C:\Windows\System32\wmploc.DLL
14:03:39.0405 0x03f4 C:\Windows\System32\wmploc.DLL - ok
14:03:39.0405 0x03f4 [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\System32\mlang.dll
14:03:39.0405 0x03f4 C:\Windows\System32\mlang.dll - ok
14:03:39.0420 0x03f4 [ E1AC89F6C5252057E6062843E36A6701, 32BE52836F2A011D46957AD60ABA48986B87026FD50ED09D8495460C7F1AB23E ] C:\Windows\System32\SearchProtocolHost.exe
14:03:39.0420 0x03f4 C:\Windows\System32\SearchProtocolHost.exe - ok
14:03:39.0420 0x03f4 [ A5D237B8673025B052C0E6FDB6A883E8, 0DAE34965C08F7450938A5145D2B53C68AA917744B8C6FCB130A35C03C5CEF6F ] C:\Windows\System32\msshooks.dll
14:03:39.0420 0x03f4 C:\Windows\System32\msshooks.dll - ok
14:03:39.0436 0x03f4 [ A6CD6B3F71E13E2E45B727FB8A47EA87, 4D84F6B03185DA961543ADFB927CBC17A1A9F216AC24E9A9228780AD7DD0222E ] C:\Windows\System32\SearchFilterHost.exe
14:03:39.0436 0x03f4 C:\Windows\System32\SearchFilterHost.exe - ok
14:03:39.0436 0x03f4 [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\System32\mscoree.dll
14:03:39.0436 0x03f4 C:\Windows\System32\mscoree.dll - ok
14:03:39.0452 0x03f4 [ 79EA94E7A55E673B1E5202E666B61EC2, EA3842A12007730551C981D8C28149515B23B822697FD883E4387A0CAE1809BB ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
14:03:39.0452 0x03f4 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
14:03:39.0452 0x03f4 [ 2D11BC8B460957E62E4420373A0D8BDA, 56105E84333998D43DFCDA9E8A4D70EAC43076CFF8389B2E525EC5C3017DC5FD ] C:\Windows\System32\imapi2.dll
14:03:39.0452 0x03f4 C:\Windows\System32\imapi2.dll - ok
14:03:39.0467 0x03f4 [ DB67C7C62038BDE813CB6486581A7611, DC0ACAA2795BBF4C8C35CE9DD9C14636ACFD94296CDC103696B64357CC2C84BB ] C:\Windows\System32\mssph.dll
14:03:39.0467 0x03f4 C:\Windows\System32\mssph.dll - ok
14:03:39.0467 0x03f4 [ C7952D0A4C43A965A1741916BB134751, 84EF222159E8C444A1D9D2E6509245716E4106C8032861DBFF399001A529BF94 ] C:\Windows\System32\hgcpl.dll
14:03:39.0467 0x03f4 C:\Windows\System32\hgcpl.dll - ok
14:03:39.0483 0x03f4 [ 8BC9DB92C4B2F3BE89185BEAB2AFC1F6, 4F40D5CCE264290C8DD73A5766062A55ED4CF77D8F6B59D453DDB6F88B640D7E ] C:\Windows\System32\mapi32.dll
14:03:39.0483 0x03f4 C:\Windows\System32\mapi32.dll - ok
14:03:39.0483 0x03f4 [ 8B57A1AD493653BB57F281FE75DD175B, 65A54DDCA45CED94F7CF079632F127C247DD9E5E4D2B074593F89621F8CC6C55 ] C:\Windows\System32\NaturalLanguage6.dll
14:03:39.0483 0x03f4 C:\Windows\System32\NaturalLanguage6.dll - ok
14:03:39.0498 0x03f4 [ 2992932C1AB1D29A1A4A9E8CB8530CBF, 894FB2246F09FAC7E78FA1DC0159E888944AD3F4E66844BCE01A967B789CC82B ] C:\Windows\System32\NlsData0009.dll
14:03:39.0498 0x03f4 C:\Windows\System32\NlsData0009.dll - ok
14:03:39.0498 0x03f4 [ 3E417FE6D340057DD306677E1AF89291, A2C9907220ECB39A6CB1156F8A111095D66EC908616202AAD1BB6810AF2C903F ] C:\Program Files\Internet Explorer\ieproxy.dll
14:03:39.0498 0x03f4 C:\Program Files\Internet Explorer\ieproxy.dll - ok
14:03:39.0514 0x03f4 [ C8CB301BF896C7C556BBE963FADF5BB6, 94ABF348C70E4BE391B9344CC730A0A98D6EB042EA1D031840DA3DB74A76849C ] C:\Windows\System32\NlsLexicons0009.dll
14:03:39.0514 0x03f4 C:\Windows\System32\NlsLexicons0009.dll - ok
14:03:39.0514 0x03f4 [ 3F2B83695E5BF11930C16AF50E991F96, 339535078CDDEF3B0C7C749E7C53634C3B1C7FF18E808F118E1DF36D748A6E15 ] C:\Windows\System32\wmpps.dll
14:03:39.0514 0x03f4 C:\Windows\System32\wmpps.dll - ok
14:03:39.0530 0x03f4 [ 7B97346CE563B74BBCC120FC83E5A6D9, 03D8BE3F69A02EF22C50365A236CCD56D3A53580B332D1AF51B5560FCB7CD7FD ] C:\Windows\System32\wmpmde.dll
14:03:39.0530 0x03f4 C:\Windows\System32\wmpmde.dll - ok
14:03:39.0530 0x03f4 [ 81C0FA250EF6DC1C6B3FA2BCE81D6C2E, B1F7FCDA2C8D81CB3661F014745E00423CDDA99AD7909C7BB52DBFA414F2F23D ] C:\Windows\System32\WinSATAPI.dll
14:03:39.0530 0x03f4 C:\Windows\System32\WinSATAPI.dll - ok
14:03:39.0545 0x03f4 [ ADC90EBBE2823C23A0406ACD3D6E9312, 81134759A39C0191C72D6C0DEF72200FC9C117DB1FD56DC7465E5045F41AFE52 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL
14:03:39.0545 0x03f4 C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL - ok
14:03:39.0545 0x03f4 [ CBBD4D79EEC3EF5A4ADAE9697944C6B9, 5A642C6C384E69F4B25FFF250EFC8ED4FC6398132C811CBA8B5144F20F0CC621 ] C:\Windows\System32\MSMPEG2ENC.DLL
14:03:39.0545 0x03f4 C:\Windows\System32\MSMPEG2ENC.DLL - ok
14:03:39.0561 0x03f4 [ 5BB8C06EB5EA4BA22EE8A678F2D79B25, 019E9274DE2F5BAB16B4632B8A2E93DFC8DF0C08EC4EEA947B337FD29EB2E0CC ] C:\Windows\System32\devenum.dll
14:03:39.0561 0x03f4 C:\Windows\System32\devenum.dll - ok
14:03:39.0561 0x03f4 [ 7069AAB8536F29ED7323140973A2894B, 04B7FB6C64BFA3B80549F35CEF36D5DAE5D19A40E42444B3665B6BEFDF98EB5F ] C:\Windows\System32\msdmo.dll
14:03:39.0561 0x03f4 C:\Windows\System32\msdmo.dll - ok
14:03:39.0576 0x03f4 [ 4FB491AC8D46AAF22BA8BC5C73DABEF7, CBE2392792D209E15E44AC29E906FFDD5FBF6EED8BAB0D97D66E109AB2C5C56E ] C:\Windows\System32\wbem\WmiPrvSE.exe
14:03:39.0576 0x03f4 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
14:03:39.0576 0x03f4 [ C6B0509AA89F656247694E2D6ABF7255, 5E8ABE4B83590E499C418D79FAB152AD3B0FD01E94F137B192518D6DD24E5D97 ] C:\Windows\System32\wbem\wmiprov.dll
14:03:39.0576 0x03f4 C:\Windows\System32\wbem\wmiprov.dll - ok
14:03:39.0592 0x03f4 [ 572B94CD013551839CD5B7406BB9B062, E99BB7080EE75DA2F0AC17BC419824D955B28620930A78B0E00F888DAA3E0473 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasbase.vdm
14:03:39.0592 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasbase.vdm - ok
14:03:39.0608 0x03f4 [ 230EA9ABBC3432CDE388F4891E76E867, 97B169AE84128FE9986BCD70C92FCBA8EB8C814F1C8FD7923BF34B3B984B2745 ] C:\Windows\System32\udhisapi.dll
14:03:39.0608 0x03f4 C:\Windows\System32\udhisapi.dll - ok
14:03:39.0608 0x03f4 [ 8EA828557815EFF697029CAC4367BB83, B65A1ACE67534D1C437711B56D60DD5BBFF904E4CB43DBB69F1CED4D9C16F2F0 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm
14:03:39.0608 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm - ok
14:03:39.0623 0x03f4 [ BBBDBB37A4EE82340ECCC2972CC06FC2, 1DB3C90FA7DC8F635862B2EC1C3D3F3EB23113ABD5DF3A639054644A9AC55CBB ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{604EA66E-3EA0-4E7F-B6C3-3F36901B3B9F}\mpengine.dll
14:03:39.0623 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{604EA66E-3EA0-4E7F-B6C3-3F36901B3B9F}\mpengine.dll - ok
14:03:39.0623 0x03f4 [ BCE9781151A7DB02A341AC0965027DCD, 2337FA4AB1353EBDC1F25C1DF8D4BFC76ED39AD642D3CC0D644C18DF48C4C747 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{604EA66E-3EA0-4E7F-B6C3-3F36901B3B9F}\mpasbase.vdm
14:03:39.0623 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{604EA66E-3EA0-4E7F-B6C3-3F36901B3B9F}\mpasbase.vdm - ok
14:03:39.0639 0x03f4 [ B81CD082EEDA1092D51F388DC6BE7033, 12374F9A16F520F4D42FA44F3F9FC20A4F7B9BA231A570D21E2550F971D01502 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{604EA66E-3EA0-4E7F-B6C3-3F36901B3B9F}\mpasdlta.vdm
14:03:39.0639 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{604EA66E-3EA0-4E7F-B6C3-3F36901B3B9F}\mpasdlta.vdm - ok
14:03:39.0639 0x03f4 [ E87FD80D1C1D038B90B43E1F10461115, 2CC4924633C5DEC7B9D29F98A5EE911FBD4BAC3AF88C3A8769000404711785F5 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C0FB97A0-CE54-4B60-8615-221C5E094FB5}\mpengine.dll
14:03:39.0639 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C0FB97A0-CE54-4B60-8615-221C5E094FB5}\mpengine.dll - ok
14:03:39.0654 0x03f4 [ 572B94CD013551839CD5B7406BB9B062, E99BB7080EE75DA2F0AC17BC419824D955B28620930A78B0E00F888DAA3E0473 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C0FB97A0-CE54-4B60-8615-221C5E094FB5}\mpasbase.vdm
14:03:39.0654 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C0FB97A0-CE54-4B60-8615-221C5E094FB5}\mpasbase.vdm - ok
14:03:39.0654 0x03f4 [ 8EA828557815EFF697029CAC4367BB83, B65A1ACE67534D1C437711B56D60DD5BBFF904E4CB43DBB69F1CED4D9C16F2F0 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C0FB97A0-CE54-4B60-8615-221C5E094FB5}\mpasdlta.vdm
14:03:39.0654 0x03f4 C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{C0FB97A0-CE54-4B60-8615-221C5E094FB5}\mpasdlta.vdm - ok
14:03:39.0670 0x03f4 [ 3CA5D661E6C5DDE5574D02F324C32E53, 24035EEDFA68FF23829937E76BD2015EC765269BE78DA34865700155F9F7ED1D ] C:\Program Files\Windows Defender\MsMpLics.dll
14:03:39.0670 0x03f4 C:\Program Files\Windows Defender\MsMpLics.dll - ok
14:03:39.0670 0x03f4 [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\System32\wscapi.dll
14:03:39.0670 0x03f4 C:\Windows\System32\wscapi.dll - ok
14:03:39.0686 0x03f4 [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\System32\wscisvif.dll
14:03:39.0686 0x03f4 C:\Windows\System32\wscisvif.dll - ok
14:03:39.0686 0x03f4 [ 7DF186D86CF8C571A12AAB788C777F84, A2C1064BFDEF2A85CB12A11E55728BCC09933C115C278403F07B27DB2C36C710 ] C:\Windows\System32\wscproxystub.dll
14:03:39.0686 0x03f4 C:\Windows\System32\wscproxystub.dll - ok
14:03:39.0701 0x03f4 [ F148865E4AC4F715E322EA06E6E21D84, 88CF0A1CB18BA9CA3D356EAF2F7EF8892CDDD9BF55798E64E4351C1ED111575A ] C:\Windows\System32\wbem\NCProv.dll
14:03:39.0701 0x03f4 C:\Windows\System32\wbem\NCProv.dll - ok
14:03:39.0701 0x03f4 [ F5AB4D2E36625F355E81539239765107, 48E6AD65EEFD6C54F938F5753EF58377CDA77ADBB41CD8635F0040D61EFB92A4 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:03:39.0701 0x03f4 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
14:03:39.0717 0x03f4 [ CED41CB18C8E98D1EA7126D894842FCA, BE4B126437E7956D1B176B932870D16491B73AA412F743062DA0AE765775CF5C ] C:\Windows\System32\msvcr120_clr0400.dll
14:03:39.0717 0x03f4 C:\Windows\System32\msvcr120_clr0400.dll - ok
14:03:39.0732 0x03f4 [ F3222C893BD2F5821A0179E5C71E88FB, A85B947249DBB986358CCD4B158DD58A9301F074F3C6CCCDEF2D01F432E59D1B ] C:\Windows\System32\fdPHost.dll
14:03:39.0732 0x03f4 C:\Windows\System32\fdPHost.dll - ok
14:03:39.0732 0x03f4 [ DE6F4B7E62FDE776F3DE8E5FB5A05C48, 703587D10434C1D6755E5F17EB2110433A506E51ECC5329E2CCA0B8380C455EC ] C:\Windows\System32\fdWSD.dll
14:03:39.0732 0x03f4 C:\Windows\System32\fdWSD.dll - ok
14:03:39.0732 0x03f4 [ 674611721264013DB169EC12AFC9C3B6, 7BC2791EF2239483F1F71A7F0F53E59002F5A1297A39BE3AF51CA34FFCE2CE24 ] C:\Windows\System32\fdSSDP.dll
14:03:39.0732 0x03f4 C:\Windows\System32\fdSSDP.dll - ok
14:03:39.0748 0x03f4 [ ACB364B9075A45C0736E5C47BE5CAE19, 202F77C659103D2D0E787B8CB0A23BE32EA5AA2E6B3B0A0F0A8DFA906AB3C0C0 ] C:\Windows\System32\IPBusEnum.dll
14:03:39.0748 0x03f4 C:\Windows\System32\IPBusEnum.dll - ok
14:03:39.0748 0x03f4 [ 3FF0FA0A81910617739644A06D06D016, 6B6828E06332805FDA887ED181464FD11A16F49ACADE2856F3CF69E98D81DEDB ] C:\Windows\System32\fdProxy.dll
14:03:39.0764 0x03f4 C:\Windows\System32\fdProxy.dll - ok
14:03:39.0764 0x03f4 [ CF87A1DE791347E75B98885214CED2B8, 7AF4E03D751C951A4E5FBA28200DABFE6B3BF055490163EEEEA84EBA4D0F368A ] C:\Windows\System32\sppsvc.exe
14:03:39.0764 0x03f4 C:\Windows\System32\sppsvc.exe - ok
14:03:39.0764 0x03f4 [ 6F5D49EFE0E7164E03AE773A3FE25340, 15B6AFF7455538189A96F8863CC995A271E02C6FBDAC15B037D44DDA65E61339 ] C:\Windows\System32\wscsvc.dll
14:03:39.0764 0x03f4 C:\Windows\System32\wscsvc.dll - ok
14:03:39.0779 0x03f4 [ D16D818E9930A6E5B4F6476DD0998D1A, 11284FBAE473325322DA0CA6F9317B9A700A666D6D907BBBC812FD0E7BE7FE67 ] C:\Windows\System32\drivers\spsys.sys
14:03:39.0779 0x03f4 C:\Windows\System32\drivers\spsys.sys - ok
14:03:39.0779 0x03f4 [ A7A67674E51F2B050AAC4C477297EEE2, FA6DA2AA7869A99AB3D19509D7F2411E5E2C9ADB6D8DB97D7B8FAF1F6E160687 ] C:\Windows\System32\wuaueng.dll
14:03:39.0779 0x03f4 C:\Windows\System32\wuaueng.dll - ok
14:03:39.0795 0x03f4 [ 3A11396EAC2414012155AB14E5C1E332, 27B2DF1C2980098025EC43B354C150BA1CE795F1138DFC03C763A115BBF77010 ] C:\Windows\System32\sppwinob.dll
14:03:39.0795 0x03f4 C:\Windows\System32\sppwinob.dll - ok
14:03:39.0795 0x03f4 [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\System32\cabinet.dll
14:03:39.0810 0x03f4 C:\Windows\System32\cabinet.dll - ok
14:03:39.0810 0x03f4 [ 387A8A473ECC5BA02CF453277C1F3274, 3F36D3088B0F7CB0CC2C31E8F908527EC5502F0D3153D20332745B7BBF8B04D7 ] C:\Windows\System32\mspatcha.dll
14:03:39.0810 0x03f4 C:\Windows\System32\mspatcha.dll - ok
14:03:39.0826 0x03f4 [ 1B0EC94520CAB89A9CE1B2DA405166AF, 129102C98C8B3D403C85604C9A2AFC0471CDB1212FD2C5487D73FC089FC88F0C ] C:\Windows\System32\p2pcollab.dll
14:03:39.0826 0x03f4 C:\Windows\System32\p2pcollab.dll - ok
14:03:39.0826 0x03f4 [ 61D57A5D7C6D9AFE10E77DAE6E1B445E, D252248532142E9E2332DA693BC51B795102CA938B568FF04981E98B19BFBC5C ] C:\Windows\System32\QAGENTRT.DLL
14:03:39.0826 0x03f4 C:\Windows\System32\QAGENTRT.DLL - ok
14:03:39.0842 0x03f4 [ 9FD6496B6D91C8BE2A10BD55EAE2D5F2, FC71F6CC24FE61BF83DD3E237C00DD0002D84DC303DB9570B241BF8212B8639D ] C:\Windows\System32\fveui.dll
14:03:39.0842 0x03f4 C:\Windows\System32\fveui.dll - ok
14:03:39.0842 0x03f4 [ A02515B58D318F427FBA64437FB0EDDF, 11EB7C507978F8A0E3AB94D2404E6930637D16B9D6FD9F7B2731CCC3B69825D4 ] C:\Windows\System32\wuapi.dll
14:03:39.0842 0x03f4 C:\Windows\System32\wuapi.dll - ok
14:03:39.0857 0x03f4 [ FBECE2B32A3658AEB609DC5A1021100F, BB291A19F3BD475A090D5B8A07A2C5DC3953D4ED79A715FB7DA54A911AAAE683 ] C:\Windows\System32\wups.dll
14:03:39.0857 0x03f4 C:\Windows\System32\wups.dll - ok
14:03:39.0857 0x03f4 [ FA431688A66C577DD2A1FD10FFF1982E, C58F80ADBEC2E9827CABE225FE1ECB7FF55AFCCEB7412A2083A1969DF3EC22E1 ] C:\Windows\System32\wu.upgrade.ps.dll
14:03:39.0857 0x03f4 C:\Windows\System32\wu.upgrade.ps.dll - ok
14:03:39.0873 0x03f4 [ 07F701C4135D3AF95D0663A5E943D919, F614641B063B5DADEAC601B5358782285C2B0384AB25BCC38D4A6C5EFA60F8A4 ] C:\Windows\System32\wups2.dll
14:03:39.0873 0x03f4 C:\Windows\System32\wups2.dll - ok
14:03:39.0873 0x03f4 [ 421D9645B72CD341ECDBB0FCE06C97DE, C2F0DF431E526A8F6F3F521E1BD26838A6A7B5F8E5DBDD044871815DBC5FF6B1 ] C:\Windows\System32\sppobjs.dll
14:03:39.0873 0x03f4 C:\Windows\System32\sppobjs.dll - ok
14:03:39.0888 0x03f4 [ ADD2ADE1C2B285AB8378D2DAAF991481, 7965A705F37924C0EC7A934E64E89C5DF4069816E2EEA3509E0AC90F78910519 ] C:\Windows\System32\drivers\asyncmac.sys
14:03:39.0888 0x03f4 C:\Windows\System32\drivers\asyncmac.sys - ok
14:03:39.0888 0x03f4 [ C9708C9F3DBA3DBFB1D2FEE1E9DABAD0, 7913CE825562662F2B58DEA0A083B8FCDA3D6137CB021E0EF78D6716193DF06A ] C:\Windows\System32\twext.dll
14:03:39.0888 0x03f4 C:\Windows\System32\twext.dll - ok
14:03:39.0904 0x03f4 [ 20A20A911CD79A6F6839167149A05668, D197F6EB8F716A53F3F3240BDA977736874F4E83C86389867DF8C060D7C7BC01 ] C:\Windows\System32\syncui.dll
14:03:39.0904 0x03f4 C:\Windows\System32\syncui.dll - ok
14:03:39.0904 0x03f4 [ D23E615E0969AECC1134E372B0B295D1, 0467D67FD8245CA0C49DBF34C52A3BDB6CDAE0CBE84B42D44100E4E4E52B16F2 ] C:\Windows\System32\synceng.dll
14:03:39.0904 0x03f4 C:\Windows\System32\synceng.dll - ok
14:03:39.0904 0x03f4 [ B57053CD59114D36952461EE638D3784, F5C54321A7A8119215E525CAD44B723DD9699A13F754669D29761833C3936575 ] C:\Windows\System32\acppage.dll
14:03:39.0920 0x03f4 C:\Windows\System32\acppage.dll - ok
14:03:39.0920 0x03f4 [ 6DEC220DD29CA10F46A19AFD37C50978, 775F6F2C4960C5F73EA12071751686E3B8B3D074FA8F9D049922FC9F1BC8FC02 ] C:\Program Files\Internet Explorer\iexplore.exe
14:03:39.0920 0x03f4 C:\Program Files\Internet Explorer\iexplore.exe - ok
14:03:39.0935 0x03f4 [ DD502A2E7B85EA7A3814C1034E6C23D3, 551D6C28DA6116DC65111BFA21E23BA8AE77193BEAF3DF505C343E6DC3CD5304 ] C:\Windows\AppPatch\AcGenral.dll
14:03:39.0935 0x03f4 C:\Windows\AppPatch\AcGenral.dll - ok
14:03:39.0935 0x03f4 [ EF5A10237AFB61E3D2F22B8036C4C722, 0D81F19C10953006D3B9626B3B067B2695F559106831084D185E2D0E85AB7249 ] C:\Program Files\Internet Explorer\sqmapi.dll
14:03:39.0935 0x03f4 C:\Program Files\Internet Explorer\sqmapi.dll - ok
14:03:39.0951 0x03f4 [ 43C9CF6825CEA58F1815B7C3DBBB385C, C79DB405D588C77E4ACAE3BC26080213BEEB604C0A109AFDF88031FC46B4CBC0 ] C:\Windows\System32\Wpc.dll
14:03:39.0951 0x03f4 C:\Windows\System32\Wpc.dll - ok
14:03:39.0951 0x03f4 [ FDF36C5B3EA4204E5BF6C8BDA24DAC6D, 06D9A2F6D4D76DDFEF560115F00A0C8BFF3014AC51DFE1D385E96AEBF0EC8F06 ] C:\Windows\System32\mshtml.dll
14:03:39.0951 0x03f4 C:\Windows\System32\mshtml.dll - ok
14:03:39.0966 0x03f4 [ F461B95F07F8307B973F811B6FE71A4D, 99F6864D730E8EDE550B69737BD1D6775D30DA50B8491A77BCEDDED4A6B091E6 ] C:\Program Files\Microsoft Office\OFFICE11\OUTLLIB.DLL
14:03:39.0966 0x03f4 C:\Program Files\Microsoft Office\OFFICE11\OUTLLIB.DLL - ok
14:03:39.0966 0x03f4 [ 8519AB4218ABE94411C89B2D0EDE8111, 526F95F72688B57A0232604461910EE4ADDEC9B42F628A5F8A3C423FFF29D53E ] C:\Windows\System32\ieui.dll
14:03:39.0966 0x03f4 C:\Windows\System32\ieui.dll - ok
14:03:39.0982 0x03f4 [ 00FD527BDCC8259B70BCEDC4E8C81BE0, 4FDB28A97133C1268E7BA9DD8DA3E879E2BBBF6CF5A87E66D62AA863BB5B53CF ] C:\Program Files\Internet Explorer\IEShims.dll
14:03:39.0982 0x03f4 C:\Program Files\Internet Explorer\IEShims.dll - ok
14:03:39.0982 0x03f4 [ 97FD1294C84559DD1DCDD27CC37D9885, 8D57BA0195EC1EFD1DF889C561C42E475CF7D16AFC9336D659B3D05B0BB2E896 ] C:\Windows\System32\jscript9.dll
14:03:39.0982 0x03f4 C:\Windows\System32\jscript9.dll - ok
14:03:39.0998 0x03f4 [ EE9D715AF1B928982F417238B9914484, 89A55A54F4513ECA86DF9442E752F0642D73018B2D5D9F05590789AB1F98B4D0 ] C:\Windows\System32\ieapfltr.dll
14:03:39.0998 0x03f4 C:\Windows\System32\ieapfltr.dll - ok
14:03:39.0998 0x03f4 [ 1D1EAA16D193C6A2D45981ED3914D22A, 587228942AA867FBA0D2A04F52A3431F33453B2C2735E4C45D621A4358BB9BB0 ] C:\Windows\System32\msimtf.dll
14:03:39.0998 0x03f4 C:\Windows\System32\msimtf.dll - ok
14:03:40.0013 0x03f4 [ 14800BD31701A5047AC3145BB1E698AE, 05B4E33B14B9623EE065634708D9C4CDC7226146F9614C4F374E6B097BB35A50 ] C:\Windows\System32\d2d1.dll
14:03:40.0013 0x03f4 C:\Windows\System32\d2d1.dll - ok
14:03:40.0013 0x03f4 [ C22AB1781BC6F0BB1C9B352CF66DBFFC, 4B813DBD4D9A85502F0B58A956AE89EA22278E82B50485DFAF2C4D3B5CDBB8B1 ] C:\Windows\System32\DWrite.dll
14:03:40.0013 0x03f4 C:\Windows\System32\DWrite.dll - ok
14:03:40.0029 0x03f4 [ 79896A78039C9A63C56197843CFBAD0B, 01F23611A8F702BCA0CDBB583B7E4EC22EFF1DE1A5B6A8A02450106F5B19EBCD ] C:\Windows\System32\d3d10warp.dll
14:03:40.0029 0x03f4 C:\Windows\System32\d3d10warp.dll - ok
14:03:40.0029 0x03f4 [ F175E53C7C3B25A9029A131FB578B155, 474286F3070D37B418FDEC34B27B027618B025FA5EEA9AA6C8546E0CA8B34133 ] C:\Windows\System32\wscinterop.dll
14:03:40.0029 0x03f4 C:\Windows\System32\wscinterop.dll - ok
14:03:40.0044 0x03f4 [ 7FD5532C142DB6C9CC47AA4DCF71FDEC, 16BBC7ABBEC24B66A4824D8A4FFDB76A488E6F07182103F5292A3033542BF77A ] C:\Windows\System32\wscui.cpl
14:03:40.0044 0x03f4 C:\Windows\System32\wscui.cpl - ok
14:03:40.0044 0x03f4 [ 0DD65078CE8E24DA43C74ECC17E1EDB7, 5C3DC0529E997E4B4F51922533B4288F67DDD33610B3A2F496C32375E7EA8E6F ] C:\Windows\System32\url.dll
14:03:40.0044 0x03f4 C:\Windows\System32\url.dll - ok
14:03:40.0060 0x03f4 [ 1869BD251211FB6275067372A45682D6, 71E2377FD47C437E82BC5CD136EC9A0B385DE7707B6D483A00E412776F88B6DA ] C:\Windows\System32\werconcpl.dll
14:03:40.0060 0x03f4 C:\Windows\System32\werconcpl.dll - ok
14:03:40.0060 0x03f4 [ D0481FB85BEEDD30A0884BE327880F80, D28D53F8FFE4F6D728281BC0FBEF4EB435C153774855AE6348D0B75C80C2EC78 ] C:\Windows\System32\framedynos.dll
14:03:40.0060 0x03f4 C:\Windows\System32\framedynos.dll - ok
14:03:40.0076 0x03f4 [ AC804569BB2364FB6017370258A4091B, 1856F354146A5946F3E7D0DD09726FC8A3502B0F0776FEADDF10669C81CC28E2 ] C:\Windows\System32\wercplsupport.dll
14:03:40.0076 0x03f4 C:\Windows\System32\wercplsupport.dll - ok
14:03:40.0076 0x03f4 [ 57CE9D8350B1DD76EEC596C423C3C0BC, 289BB8EFEB2CA0E6905DD83F3F0156EA7B215221F675F6EA93ABF87DF61C8D3D ] C:\Windows\System32\hcproviders.dll
14:03:40.0076 0x03f4 C:\Windows\System32\hcproviders.dll - ok
14:03:40.0091 0x03f4 [ 6A7D31B962B330354D8A928BDE56780D, 2D94AAF2473A54A015CB10FAF717A34781A5F5D3F92DA3884CC00FAFA17F5A33 ] C:\Windows\System32\Macromed\Flash\Flash32_18_0_0_209.ocx
14:03:40.0091 0x03f4 C:\Windows\System32\Macromed\Flash\Flash32_18_0_0_209.ocx - ok
14:03:40.0091 0x03f4 [ 5E08AC958BE05247FF1539E0D1CE7905, C6E7419EA72D1703F72292743A999F4A6CF0C6734BA1EE92C6AF18BA8B1A3A23 ] C:\Windows\System32\dinput8.dll
14:03:40.0091 0x03f4 C:\Windows\System32\dinput8.dll - ok
14:03:40.0107 0x03f4 [ BB70C91EB0E7068D5197DAA2A987C0E1, 2BED60BD388F1D4597C4A9D6171A35E4B7E20990B6E814A6C2503B0A6B23DF83 ] C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe
14:03:40.0107 0x03f4 C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.exe - ok
14:03:40.0107 0x03f4 [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\System32\d3d9.dll
14:03:40.0107 0x03f4 C:\Windows\System32\d3d9.dll - ok
14:03:40.0122 0x03f4 [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\System32\d3d8thk.dll
14:03:40.0122 0x03f4 C:\Windows\System32\d3d8thk.dll - ok
14:03:40.0122 0x03f4 [ 90FB1802D488FFA9029854A77D4F3F27, FBEAB2065307A2BD9C78D3ABB4F80B8311F3EA68B2F23FD1EF80C24E1DBA1F4D ] C:\Windows\System32\oleaccrc.dll
14:03:40.0122 0x03f4 C:\Windows\System32\oleaccrc.dll - ok
14:03:40.0138 0x03f4 [ 3A7F4633EBF998B27FBB0D7A1883774D, 2743A5D35838D531DE32639784D21D92C07E639AC47D00EC059BF038DFD7DC7D ] C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.dll
14:03:40.0138 0x03f4 C:\Windows\System32\Macromed\Flash\FlashUtil32_18_0_0_209_ActiveX.dll - ok
14:03:40.0138 0x03f4 [ CB67C2B94302DC94BC15ED6553A5C1C7, AB75F74122123027AF37F8B95CFF1A63852BC2B05F9D7910F0A7FE752AF388FF ] C:\Windows\System32\wbem\cimwin32.dll
14:03:40.0154 0x03f4 C:\Windows\System32\wbem\cimwin32.dll - ok
14:03:40.0154 0x03f4 [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A03B595733AEBC2 ] C:\Windows\System32\security.dll
14:03:40.0154 0x03f4 C:\Windows\System32\security.dll - ok
14:03:40.0169 0x03f4 [ 72910F1DEB838E6E08A9017BFB7D4F0B, A2EAE06069778605765ECB4734760BA296707ED6E166F85F31603F5D79ACC125 ] C:\Windows\System32\browcli.dll
14:03:40.0169 0x03f4 C:\Windows\System32\browcli.dll - ok
14:03:40.0169 0x03f4 [ A42E7748BE906434C5FD17161D168C20, 883A263ED30F9D83A788C484FE61BDB3A518FE489CF97DA4AE9599A8E39E6AE7 ] C:\Windows\System32\schedcli.dll
14:03:40.0169 0x03f4 C:\Windows\System32\schedcli.dll - ok
14:03:40.0169 0x03f4 [ 43BE3B9CA431F88E049928DC45C4365C, D370BEBF27FE039D63B2799F636460988DE751E8088BC7187C05E6E4770E3309 ] C:\Windows\System32\wbem\wmipcima.dll
14:03:40.0169 0x03f4 C:\Windows\System32\wbem\wmipcima.dll - ok
14:03:40.0185 0x03f4 [ 907281ED4AD35D41B29FFDC211EBAD80, 42171AE21B62F07511D8AEE66FF8AC6D40D53290BD01BA6125D886EC70CD3B8D ] C:\Windows\System32\wmi.dll
14:03:40.0185 0x03f4 C:\Windows\System32\wmi.dll - ok
14:03:40.0200 0x03f4 [ 8E4B58E12B3FA65ED1462846906E0B59, CD9C3768A229E86B7B9A4363F805A231280EFBC969138977E6F9EBA45C978466 ] C:\Windows\System32\sppc.dll
14:03:40.0200 0x03f4 C:\Windows\System32\sppc.dll - ok
14:03:40.0200 0x03f4 [ 8444A7364D6877922049E99BF4B78C5C, 8BA2EEE84D61743CAA6286D59839963C5ED9AB7C857A4B9926EB640BBE43C425 ] C:\Windows\System32\ELSCore.dll
14:03:40.0200 0x03f4 C:\Windows\System32\ELSCore.dll - ok
14:03:40.0216 0x03f4 [ 7B3FD36359DE5D2EE49D213CCAD13427, 1903FAB91028CCE19AF4B88154EBE2B175F3C4535B0FAE8F2DBB5A83E74C7DD1 ] C:\Windows\System32\elsTrans.dll
14:03:40.0216 0x03f4 C:\Windows\System32\elsTrans.dll - ok
14:03:40.0216 0x03f4 [ 02A2ED8497F437EA200DF3ACED255AFE, 228EF857617715297C31349C9A568E9759D5AA58D5800E9C048AD3F1B9482777 ] C:\Windows\System32\elslad.dll
14:03:40.0216 0x03f4 C:\Windows\System32\elslad.dll - ok
14:03:40.0232 0x03f4 [ 62A6EB5771580CAE445804389F3F7432, CC529625540204E82794E5494C063371BF7A5164823E6C3B2CCAAC030AE4D5AE ] C:\Windows\System32\WindowsCodecsExt.dll
14:03:40.0232 0x03f4 C:\Windows\System32\WindowsCodecsExt.dll - ok
14:03:40.0232 0x03f4 [ 52799EAD792B0E9AE7FD4BA5BD18FE5C, BE4838F4DB23D56CF75730DD36451C5F0F2ACA36B8A74844E7675DC5D5AD0C58 ] C:\Windows\System32\wbem\WMIADAP.exe
14:03:40.0232 0x03f4 C:\Windows\System32\wbem\WMIADAP.exe - ok
14:03:40.0247 0x03f4 [ 529879612A7FAE235914E3AA6A9A669C, 715843BDDCB7BFB9C6A968F6DC7BBDE0844883FD57CB72608E2D7352F385C7A8 ] C:\Windows\System32\loadperf.dll
14:03:40.0247 0x03f4 C:\Windows\System32\loadperf.dll - ok
14:03:40.0247 0x03f4 ================ Scan generic autorun ======================
14:03:40.0497 0x03f4 [ 6E240D6C2F0DB74BED13AD723D3AB0A1, 99811F1EF27E0B6DDCF79DD07F49931FD55788407AB48C019C1E1B7592919614 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
14:03:40.0622 0x03f4 SynTPEnh - ok
14:03:44.0288 0x03f4 [ D70D4FE47BCBE1EF9170F110A19BEC34, 3BC9313F3A188CA61A05C958EFB519EA1E82F051A4C44BB82FD3A6CD42BE38AB ] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
14:03:45.0114 0x03f4 RTHDVCPL - ok
14:03:45.0551 0x03f4 [ 72860972F8196EBB3C896F53D2B95470, 95C046A66DD0089377867F073CADCE585B7C69CA23E724DCAD9D896BF01E023D ] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
14:03:45.0582 0x03f4 hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
14:03:48.0531 0x03f4 Detect skipped due to KSN trusted
14:03:48.0531 0x03f4 hpqSRMon - ok
14:03:48.0687 0x03f4 [ 193CAE0DDAFC32EB75167316A8C7FD79, FA58C2AD0AE4D1BC5B07426735E17B14BC027349FFE9EBA0F26D6B2D5432B3C3 ] C:\Program Files\Webroot\WRSA.exe
14:03:48.0780 0x03f4 WRSVC - ok
14:03:48.0843 0x03f4 [ 68239842340DDFF8993DFD9127553EDA, 9FEC34A35D5A91FEF1C4859AFD0C2538C5CD3E1792FB118487368CFDF66CBCA0 ] C:\Windows\system32\igfxtray.exe
14:03:48.0874 0x03f4 IgfxTray - ok
14:03:48.0952 0x03f4 [ 004763BDF8E48244DBB9FDFDE3065EBC, AA88911C51D73C501C67F62A907425EF91D1820D3ED581F0952619EBB6216F14 ] C:\Windows\system32\hkcmd.exe
14:03:48.0983 0x03f4 HotKeysCmds - ok
14:03:49.0046 0x03f4 [ CD1102E5D340216138C7F56FA8D26998, 805BE128B6A52E304A91AD44B6A7322BAD5F72CD400DB5E74D8EF47424894266 ] C:\Windows\system32\igfxpers.exe
14:03:49.0077 0x03f4 Persistence - ok
14:03:49.0217 0x03f4 [ 4F9DD96AECDC12373D4203253D665C6D, 871FF2367ACD5F9A378FED53574BF28A8129224C4B7C4AF074809ED7CF870904 ] C:\Program Files\Common Files\Java\Java Update\jusched.exe
14:03:49.0264 0x03f4 SunJavaUpdateSched - ok
14:03:50.0699 0x03f4 [ 6313BA5D7F348576758CE789AF7E548A, FE8DA6EB0D551B98BF1C7A64EDE9F1CEEAF05BA312B9C07EAEEEFA1C0032A6AA ] C:\Program Files\CCleaner\CCleaner.exe
14:03:51.0120 0x03f4 CCleaner Monitoring - ok
14:03:51.0167 0x03f4 Waiting for KSN requests completion. In queue: 6
14:03:52.0181 0x03f4 Waiting for KSN requests completion. In queue: 5
14:03:53.0195 0x03f4 Waiting for KSN requests completion. In queue: 5
14:03:54.0256 0x03f4 AV detected via SS2: Webroot SecureAnywhere, C:\Program Files\Webroot\WRSA.exe ( 9.0.1.35 ), 0x41000 ( enabled : updated )
14:03:54.0256 0x03f4 AV detected via SS2: Microsoft Security Essentials, C:\Program Files\Microsoft Security Client\msseces.exe ( ), 0x60010 ( disabled : outofdate )
14:03:54.0272 0x03f4 Win FW state via NFP2: enabled ( trusted )
14:03:57.0220 0x03f4 ============================================================
14:03:57.0220 0x03f4 Scan finished
14:03:57.0220 0x03f4 ============================================================
14:03:57.0251 0x0980 Detected object count: 0
14:03:57.0251 0x0980 Actual detected object count: 0

+++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

MiniToolBox by Farbar Version: 25-07-2015 01
Ran by Jo Ann (administrator) on 17-08-2015 at 14:35:10
Running from "C:\Users\Jo Ann\Desktop"
Microsoft Windows 7 Home Premium Service Pack 1 (X86)
Model: Satellite A205 Manufacturer: TOSHIBA
Boot Mode: Normal
***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ==============================

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ==============================


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================

127.0.0.1 localhost

========================= IP Configuration: ================================

Intel® PRO/Wireless 3945ABG Network Connection = Wireless Network Connection (Connected)
Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller = Local Area Connection (Media disconnected)


# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled


popd
# End of IPv4 configuration



Windows IP Configuration

Host Name . . . . . . . . . . . . : JoAnns_Laptop
Primary Dns Suffix . . . . . . . :
Node Type . . . . . . . . . . . . : Hybrid
IP Routing Enabled. . . . . . . . : No
WINS Proxy Enabled. . . . . . . . : No
DNS Suffix Search List. . . . . . : PK5001Z

Wireless LAN adapter Wireless Network Connection:

Connection-specific DNS Suffix . : PK5001Z
Description . . . . . . . . . . . : Intel® PRO/Wireless 3945ABG Network Connection
Physical Address. . . . . . . . . : 00-19-D2-8A-47-B6
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::1ce8:d6dd:cce4:d7b2%12(Preferred)
IPv4 Address. . . . . . . . . . . : 192.168.0.140(Preferred)
Subnet Mask . . . . . . . . . . . : 255.255.255.0
Lease Obtained. . . . . . . . . . : Monday, August 17, 2015 1:55:46 PM
Lease Expires . . . . . . . . . . : Tuesday, August 18, 2015 2:30:36 PM
Default Gateway . . . . . . . . . : 192.168.0.1
DHCP Server . . . . . . . . . . . : 192.168.0.1
DHCPv6 IAID . . . . . . . . . . . : 167778770
DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-0D-C6-7B-95-00-A0-D1-72-C6-04
DNS Servers . . . . . . . . . . . : 192.168.0.1
205.171.2.25
NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
Physical Address. . . . . . . . . : 00-A0-D1-72-C6-04
DHCP Enabled. . . . . . . . . . . : Yes
Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.PK5001Z:

Connection-specific DNS Suffix . : PK5001Z
Description . . . . . . . . . . . : Microsoft ISATAP Adapter #3
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Link-local IPv6 Address . . . . . : fe80::5efe:192.168.0.140%18(Preferred)
Default Gateway . . . . . . . . . :
DNS Servers . . . . . . . . . . . : 192.168.0.1
205.171.2.25
NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter Local Area Connection* 12:

Media State . . . . . . . . . . . : Media disconnected
Connection-specific DNS Suffix . :
Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
DHCP Enabled. . . . . . . . . . . : No
Autoconfiguration Enabled . . . . : Yes
Server: PK5001Z.PK5001Z
Address: 192.168.0.1

Name: google.com
Addresses: 2607:f8b0:400f:803::200e
216.58.217.46


Pinging google.com [216.58.217.46] with 32 bytes of data:
Reply from 216.58.217.46: bytes=32 time=21ms TTL=57
Reply from 216.58.217.46: bytes=32 time=21ms TTL=57

Ping statistics for 216.58.217.46:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 21ms, Maximum = 21ms, Average = 21ms
Server: PK5001Z.PK5001Z
Address: 192.168.0.1

Name: yahoo.com
Addresses: 2001:4998:c:a06::2:4008
2001:4998:58:c02::a9
2001:4998:44:204::a7
98.138.253.109
98.139.183.24
206.190.36.45


Pinging yahoo.com [98.139.183.24] with 32 bytes of data:
Reply from 98.139.183.24: bytes=32 time=73ms TTL=51
Reply from 98.139.183.24: bytes=32 time=76ms TTL=51

Ping statistics for 98.139.183.24:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 73ms, Maximum = 76ms, Average = 74ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
12...00 19 d2 8a 47 b6 ......Intel® PRO/Wireless 3945ABG Network Connection
11...00 a0 d1 72 c6 04 ......Marvell Yukon 88E8039 PCI-E Fast Ethernet Controller
1...........................Software Loopback Interface 1
18...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter #3
16...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination Netmask Gateway Interface Metric
0.0.0.0 0.0.0.0 192.168.0.1 192.168.0.140 25
127.0.0.0 255.0.0.0 On-link 127.0.0.1 306
127.0.0.1 255.255.255.255 On-link 127.0.0.1 306
127.255.255.255 255.255.255.255 On-link 127.0.0.1 306
192.168.0.0 255.255.255.0 On-link 192.168.0.140 281
192.168.0.140 255.255.255.255 On-link 192.168.0.140 281
192.168.0.255 255.255.255.255 On-link 192.168.0.140 281
224.0.0.0 240.0.0.0 On-link 127.0.0.1 306
224.0.0.0 240.0.0.0 On-link 192.168.0.140 281
255.255.255.255 255.255.255.255 On-link 127.0.0.1 306
255.255.255.255 255.255.255.255 On-link 192.168.0.140 281
===========================================================================
Persistent Routes:
None

IPv6 Route Table
===========================================================================
Active Routes:
If Metric Network Destination Gateway
1 306 ::1/128 On-link
12 281 fe80::/64 On-link
18 286 fe80::5efe:192.168.0.140/128
On-link
12 281 fe80::1ce8:d6dd:cce4:d7b2/128
On-link
1 306 ff00::/8 On-link
12 281 ff00::/8 On-link
===========================================================================
Persistent Routes:
None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\system32\NLAapi.dll [52224] (Microsoft Corporation)
Catalog5 02 C:\Windows\system32\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\system32\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog5 06 C:\Windows\system32\winrnr.dll [20992] (Microsoft Corporation)
Catalog5 07 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog5 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL [145648] (Microsoft Corp.)
Catalog9 01 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 02 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 03 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 04 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 05 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 06 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 07 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 08 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 09 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 10 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 11 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 12 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 13 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 14 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 15 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 16 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 17 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 18 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 19 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 20 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 21 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)
Catalog9 22 C:\Windows\system32\mswsock.dll [231424] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (08/16/2015 12:28:47 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c3df780c-2615-4f5e-811d-c6a0a1bc4478}

Error: (08/16/2015 12:13:46 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/16/2015 12:13:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/16/2015 12:13:45 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/14/2015 06:04:56 PM) (Source: Application Error) (User: )
Description: Faulting application name: RunSanDiskSecureAccess_Win.exe, version: 1.1.19755.0, time stamp: 0x4f3af04b
Faulting module name: RunSanDiskSecureAccess_Win.exe, version: 1.1.19755.0, time stamp: 0x4f3af04b
Exception code: 0xc0000005
Fault offset: 0x00a83d40
Faulting process id: 0xd90
Faulting application start time: 0xRunSanDiskSecureAccess_Win.exe0
Faulting application path: RunSanDiskSecureAccess_Win.exe1
Faulting module path: RunSanDiskSecureAccess_Win.exe2
Report Id: RunSanDiskSecureAccess_Win.exe3

Error: (08/13/2015 07:09:08 PM) (Source: Application Hang) (User: )
Description: The program iexplore.exe version 9.0.8112.16684 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Action Center control panel.

Process ID: e34

Start Time: 01d0d62a2224cee2

Termination Time: 31

Application Path: C:\Program Files\Internet Explorer\iexplore.exe

Report Id: 0dcd7ab7-4221-11e5-ad6c-00a0d172c604

Error: (08/12/2015 05:36:53 PM) (Source: VSS) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bf6d2c33-25b1-4d55-9cf9-59e7b9ef0ea8}

Error: (08/08/2015 06:06:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/08/2015 06:06:01 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.

Error: (08/08/2015 06:06:00 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"1".
Dependent Assembly Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0" could not be found.
Please use sxstrace.exe for detailed diagnosis.


System errors:
=============
Error: (08/17/2015 01:55:52 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%1058

Error: (08/17/2015 01:55:38 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (08/17/2015 01:55:38 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (08/17/2015 01:23:29 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%1058

Error: (08/17/2015 01:23:20 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (08/17/2015 01:23:20 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (08/17/2015 12:08:17 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%1058

Error: (08/17/2015 12:08:07 PM) (Source: Service Control Manager) (User: )
Description: The Microsoft Antimalware Service service failed to start due to the following error:
%%1053

Error: (08/17/2015 12:08:07 PM) (Source: Service Control Manager) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Antimalware Service service to connect.

Error: (08/16/2015 09:07:10 PM) (Source: Service Control Manager) (User: )
Description: The Internet Connection Sharing (ICS) service depends on the Remote Access Connection Manager service which failed to start because of the following error:
%%1058


Microsoft Office Sessions:
=========================
Error: (08/16/2015 12:28:47 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {c3df780c-2615-4f5e-811d-c6a0a1bc4478}

Error: (08/16/2015 12:13:46 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\XP\x64\DPInst.exe

Error: (08/16/2015 12:13:45 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\Win7\64bit\DPInst.exe

Error: (08/16/2015 12:13:45 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\Vista\64bit\DPInst.exe

Error: (08/14/2015 06:04:56 PM) (Source: Application Error)(User: )
Description: RunSanDiskSecureAccess_Win.exe1.1.19755.04f3af04bRunSanDiskSecureAccess_Win.exe1.1.19755.04f3af04bc000000500a83d40d9001d0d6edf21256eeE:\RunSanDiskSecureAccess_Win.exeE:\RunSanDiskSecureAccess_Win.exe4239ca59-42e1-11e5-a832-00a0d172c604

Error: (08/13/2015 07:09:08 PM) (Source: Application Hang)(User: )
Description: iexplore.exe9.0.8112.16684e3401d0d62a2224cee231C:\Program Files\Internet Explorer\iexplore.exe0dcd7ab7-4221-11e5-ad6c-00a0d172c604

Error: (08/12/2015 05:36:53 PM) (Source: VSS)(User: )
Description: 0x80070005, Access is denied.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {bf6d2c33-25b1-4d55-9cf9-59e7b9ef0ea8}

Error: (08/08/2015 06:06:01 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\XP\x64\DPInst.exe

Error: (08/08/2015 06:06:01 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\Win7\64bit\DPInst.exe

Error: (08/08/2015 06:06:00 PM) (Source: SideBySide)(User: )
Description: Microsoft.Windows.Common-Controls,language="*",processorArchitecture="amd64",publicKeyToken="6595b64144ccf1df",type="win32",version="6.0.0.0"c:\program files\camera assistant software for toshiba\drivers\Vista\64bit\DPInst.exe


=========================== Installed Programs ============================

32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
Acrobat.com (HKLM\...\{F8131A35-47FD-27AD-116D-0E79AF5DE5EE}) (Version: 2.1.0 - Adobe Systems Incorporated) Hidden
Acrobat.com (HKLM\...\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1) (Version: 2.1.0.0 - Adobe Systems Incorporated)
Actiontec Gateway (HKLM\...\{9692FD03-6662-4E62-B08C-30DFF51651E1}) (Version: - )
Adblock Plus for IE (32-bit) (HKLM\...\{A243D0E2-D027-4340-AA12-6B13B2A96AC0}) (Version: 1.4 - Eyeo GmbH)
Adobe AIR (HKLM\...\{34927EBC-98D4-4D53-98BE-510DF5999F50}) (Version: 17.0.0.124 - Adobe Systems Incorporated) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 17.0.0.124 - Adobe Systems Incorporated)
Adobe Download Manager (HKLM\...\{E2883E8F-472F-4fb0-9522-AC9BF37916A7}) (Version: 1.6.2.63 - NOS Microsystems Ltd.)
Adobe Flash Player 18 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 18 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 18.0.0.209 - Adobe Systems Incorporated)
Adobe Shockwave Player 12.1 (HKLM\...\Adobe Shockwave Player) (Version: 12.1.7.157 - Adobe Systems, Inc.)
AIO_CDA_ProductContext (HKLM\...\{2A7EF808-14F3-4E93-BE3A-1675EE5332A4}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_CDA_Software (HKLM\...\{A7AEE29F-839E-46B5-B347-6D430618129F}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
AIO_Scan (HKLM\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Belarc Advisor 8.4 (HKLM\...\Belarc Advisor) (Version: 8.4.0.0 - Belarc Inc.)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
C6100 (HKLM\...\{0DEF8C02-2EAB-4BFE-A7E0-7990665DF1A9}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
c6100_Help (HKLM\...\{4BD5B5D2-406D-4bc5-BB10-2F0D1D367C95}) (Version: 82.0.256.000 - Hewlett-Packard) Hidden
Camera Assistant Software for Toshiba (HKLM\...\{37C866E4-AA67-4725-9E95-A39968DD7960}) (Version: 1.7.260.0526L - Chicony Electronics Co.,Ltd.)
CCleaner (HKLM\...\CCleaner) (Version: 5.07 - Piriform)
CD/DVD Drive Acoustic Silencer (HKLM\...\{9FE35071-CAB2-4E79-93E7-BFC6A2DC5C5D}) (Version: 2.00.02 - TOSHIBA)
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Copy (HKLM\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 140.0.77.000 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DIGOpt (HKLM\...\{4F1CECBC-670F-4DAA-81D6-944B12450917}) (Version: 9.0.0917.2 - Your Company Name) Hidden
DocProc (HKLM\...\{9B362566-EC1B-4700-BB9C-EC661BDE2175}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Fax (HKLM\...\{440B915A-0C85-45DB-92AE-75AE14704A64}) (Version: 130.0.418.000 - Hewlett-Packard) Hidden
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.26.9 - Google Inc.) Hidden
Google Update Helper (HKLM\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{97486FBE-A3FC-4783-8D55-EA37E9D171CC}) (Version: 5.005.000.002 - Hewlett-Packard)
HPDiagnosticAlert (HKLM\...\{846B5DED-DC8C-4E1A-B5B4-9F5B39A0CACE}) (Version: 1.00.0000 - Microsoft) Hidden
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel® Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Java 8 Update 51 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83218051F0}) (Version: 8.0.510 - Oracle Corporation)
Java Auto Updater (HKLM\...\{4A03706F-666A-4037-7777-5F2748764D10}) (Version: 2.8.51.16 - Oracle Corporation) Hidden
Malwarebytes Anti-Malware version 2.1.4.1018 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.1.4.1018 - Malwarebytes Corporation)
Microsoft .NET Framework 4.5.2 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.51209 - Microsoft Corporation)
Microsoft Baseline Security Analyzer 2.2 (HKLM\...\{13CD417D-F1F1-4AC4-945D-FDDEB884756F}) (Version: 2.2.2170 - Microsoft Corporation)
Microsoft Office File Validation Add-In (HKLM\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Edition 2003 (HKLM\...\{90110409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.40728.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Move Networks Media Player for Internet Explorer (HKCU\...\Move Networks Player - IE) (Version: - )
Mozilla Firefox 39.0 (x86 en-US) (HKLM\...\Mozilla Firefox 39.0 (x86 en-US)) (Version: 39.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 39.0 - Mozilla)
MSXML 4.0 SP2 (KB927978) (HKLM\...\{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 4.0 SP2 and SOAP Toolkit 3.0 (HKLM\...\{32343DB6-9A52-40C9-87E4-5E7C79791C87}) (Version: 1.0.0.0 - Webroot Software, Inc.) Hidden
MSXML 4.0 SP2 Parser and SDK (HKLM\...\{716E0306-8318-4364-8B8F-0CC4E9376BAC}) (Version: 4.20.9818.0 - Microsoft Corporation)
Network (HKLM\...\{75247E38-5C9B-45D6-ADF8-E11CB56B4990}) (Version: 130.0.572.000 - Hewlett-Packard) Hidden
OLYMPUS Master 2 (HKLM\...\{CB49B376-1136-44B4-83FA-036334B59937}) (Version: 1.0.2 - OLYMPUS IMAGING CORP.)
Olympus Sonority (HKLM\...\{BFE5EE53-FB9C-4E32-B652-A85C55E1F081}) (Version: 1.3.2 - OLYMPUS IMAGING CORP.)
Quicken WillMaker Plus 2009 (HKLM\...\Quicken WillMaker Plus 2009) (Version: - )
QuickTime 7 (HKLM\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
Realtek High Definition Audio Driver (HKLM\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7111 - Realtek Semiconductor Corp.)
Scan (HKLM\...\{06A1D88C-E102-4527-AF70-29FFD7AF215A}) (Version: 140.0.80.000 - Hewlett-Packard) Hidden
SmartWebPrinting (HKLM\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Status (HKLM\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
swMSM (HKLM\...\{612C34C7-5E90-47D8-9B5C-0F717DD82726}) (Version: 12.0.0.1 - Adobe Systems, Inc) Hidden
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 11.2.4.0 - Synaptics)
Texas Instruments PCIxx21/x515/xx12 drivers. (HKLM\...\InstallShield_{DB780B85-B4B5-4864-A49C-9B706B169C93}) (Version: 2.00.0001 - Texas Instruments Inc.)
TIPCI (HKLM\...\{DB780B85-B4B5-4864-A49C-9B706B169C93}) (Version: 2.00.0001 - Texas Instruments Inc.) Hidden
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TOSHIBA Assist (HKLM\...\{12B3A009-A080-4619-9A2A-C6DB151D8D67}) (Version: 2.00.03 - )
TOSHIBA ConfigFree (HKLM\...\{BDD83DC9-BEE9-4654-A5DA-CC46C250088D}) (Version: 7.00.24 - TOSHIBA)
TOSHIBA Disc Creator (HKLM\...\{5DA0E02F-970B-424B-BF41-513A5018E4C0}) (Version: 2.0.0.6 - TOSHIBA Corporation)
TOSHIBA Extended Tiles for Windows Mobility Center (HKLM\...\InstallShield_{617C36FD-0CBE-4600-84B2-441CEB12FADF}) (Version: 1.01.00 - TOSHIBA Corporation)
TOSHIBA Hardware Setup (HKLM\...\{B97599D2-01F7-4551-96D8-674D3D886F7B}) (Version: 2.00.02MWM - )
TOSHIBA SD Memory Utilities (HKLM\...\{EBFF48F5-3CFA-436F-8FD5-94FB01D3A0A7}) (Version: 1.7.0.2 - TOSHIBA)
TOSHIBA Software Modem (HKLM\...\TOSHIBA Software Modem) (Version: 2.1.77 (SM2177ALD03) - Agere Systems)
TOSHIBA Software Upgrades (HKLM\...\{425A2BC2-AA64-4107-9C29-484245BBEA05}) (Version: 4.2 - TOSHIBA)
TOSHIBA Speech System Applications (HKLM\...\{EE033C1F-443E-41EC-A0E2-559B539A4E4D}) (Version: - )
TOSHIBA Speech System SR Engine(U.S.) Version1.0 (HKLM\...\{008D69EB-70FF-46AB-9C75-924620DF191A}) (Version: - )
TOSHIBA Speech System TTS Engine(U.S.) Version1.0 (HKLM\...\{3FBF6F99-8EC6-41B4-8527-0A32241B5496}) (Version: - )
TOSHIBA Supervisor Password (HKLM\...\{744E2BC2-EC6F-44D5-AA68-451B4131383B}) (Version: 2.00.01MWM - )
TOSHIBA Value Added Package (HKLM\...\InstallShield_{FEDD27A0-B306-45EF-BF58-B527406B42C8}) (Version: 1.0.13 - TOSHIBA Corporation)
TrayApp (HKLM\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
Visual Studio 2012 x86 Redistributables (HKLM\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Webroot SecureAnywhere (HKLM\...\WRUNINST) (Version: 9.0.1.35 - Webroot)
Windows Driver Package - Chicony (usbvideo) Image (05/12/2009 6.3.251.0512) (HKLM\...\84BA15BD1DFEAA8A233F801B29BDC48DEE17B71F) (Version: 05/12/2009 6.3.251.0512 - Chicony)
Windows Installer Clean Up (HKLM\...\{121634B0-2F4B-11D3-ADA3-00C04F52DD52}) (Version: 3.00.00.0000 - Microsoft Corporation)
Windows Media Encoder 9 Series (HKLM\...\Windows Media Encoder 9) (Version: - )
WinDVD for TOSHIBA (HKLM\...\{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.108 - InterVideo Inc.) Hidden
WinDVD for TOSHIBA (HKLM\...\InstallShield_{20471B27-D702-4FE8-8DEC-0702CC8C0A85}) (Version: 8.0-B6.108 - InterVideo Inc.)
WOT for Internet Explorer (HKLM\...\{373B90E1-A28C-434C-92B6-7281AFA6115A}) (Version: 13.9.2.0 - WOT Services Oy)

========================= Memory info: ===================================

Percentage of memory in use: 28%
Total physical RAM: 2038.05 MB
Available physical RAM: 1447.81 MB
Total Virtual: 4076.11 MB
Available Virtual: 3233.79 MB

========================= Partitions: =====================================

1 Drive c: (SQ004328V04) (Fixed) (Total:147.58 GB) (Free:76.16 GB) NTFS

========================= Users: ========================================

User accounts for \\JOANNS_LAPTOP

Administrator Guest Jo Ann


**** End of log ****
  • 0

#9
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts
Noticed differences:
Spurious openings and redirects are no longer evident.

:thumbsup:

 

Keystroke and mouse clicks still sometimes don't register.
Mouse still occasionally has a mind of its own.

Phantom mouse clicks can be a sign of a rootkit, but from your logs, I don't believe you have this kind of infection.

  • Are your mouse and keyboard wireless or wired?
  • Can you get me the make/model number of each device from the label on the bottom please?
  • Have you tried a different keyboard and/or mouse to test the behavior?
  • Do you have any wireless receivers plugged into the computer, Bluetooth or otherwise)?

I have had a similar issue happen to me on my work laptop.  I forgot to turn the wireless mouse off when putting it in my bag and when I docked the laptop to my wired mouse and keyboard at my desk, my mouse pointer seemed to have a mind of its own and kept scrolling slowly across the screen by itself.  Pulling out the wireless receiver helped isolate this, and turning off the mouse of course fixed it.

 

I don't know why TDSS gave me 2 logs

This is because of TDSSKiller installing its own driver. 

 

Continuing on...

Run AdwCleaner

  • Close all open windows and browsers.
  • Double click the AdwCleaner icon to run AdwCleaner. (Vista, 7, 8 and 10 users: Right click the AdwCleaner icon, click Run as administrator and accept the UAC prompt to run AdwCleaner.)
  • Click the Scan button and wait for the scan to complete.
  • When the Scan has finished the Scan button will be grayed out and the Cleaning button will be activated.
  • Click the Cleaning button.
    AdwCleaner_Clean_zpsmn8bl7wa.png
  • Everything checked will be deleted.
  • When the program has finished cleaning a report appears.
  • Once done it will ask to reboot, allow this
    adwcleaner_delete_restart.jpg
  • On reboot a log will be produced please copy / paste that in your next reply. This report is also saved to C:\AdwCleaner\AdwCleaner[S0].txt

 

Next

Run Malwarebytes' Anti-Malware (already installed):

  • Open it, select the Dashboard tab, and click on "Update Now":
    MBAM_UpdateNow_zpsoh5ms1pk.png
  • If a scan update is available, it will install it. Install any program updates it offers.
  • Please reboot if you are asked to.
  • Start Malwarebytes' Anti-Malware
  • Now select the Settings tab, and check the box next to Scan for rootkits:
    MBAM_ScanSettings_zpsobmtmm4g.png
  • Go back to the Dashboard tab, and click the Scan Now button:
    MBAM_Dash_zpsd9c2j7gn.png
  • The scan may take some time to finish,so please be patient.
    MBAM_Scanning_zps7ytxgci2.png
     
  • When the scan is complete, it will show you the results:
    MBAM_Remove_zpszsjiczt4.png
     
  • Make sure that everything is checked, and click Remove Selected (or similar).
  • When disinfection is completed, a log may open in Notepad and you may be prompted to Restart.  (See Extra Note below)
  • The log is automatically saved by MBAM and can be viewed by going to the History tab and clicking on Application Logs.
  • Choose the latest Scan Log:
    MBAM_ScanLog_zpslkvxr7dk.png
     
  • In the bottom of the Scanning History Log window that opens, you can click on Export > Save to Text file (*.txt).  Save the report to your Desktop.
    MBAM_ExportLog_zpswbzi1y40.png
     
  • Copy & Paste the entire contents of the report log in your next reply.

Extra Note: If MBAM encounters a file that is difficult to remove, you will be presented with 1 of 2 prompts, click OK to either and let MBAM proceed with the disinfection process, if asked to restart the computer, please do so immediately.

 

 

 

Then

Please run a free online scan with the ESET Online Scanner:

Click here and select the blue Run ESET Online Scanner button:
ESET1_zps23a5e840.png

If using Internet Explorer:

  • Accept the Terms of Use and click Start.
  • Allow the running of add-on.

If using Mozilla Firefox or Google Chrome:

  • A link to esetsmartinstaller_enu.exe will be provided. Make sure to download it to the desktop.
  • Double click esetsmartinstaller_enu.exe.
  • Allow the Terms of Use and click Start.

To perform the scan:

  • Make sure that Enable detection of potentially unwanted applications is checked.
  • In the Advanced Settings dropdown menu:
  • Make sure that Remove found threats is unchecked.
  • Scan archives is checked.
  • Scan for potentially unsafe applications and Enable Anti-Stealth technology are checked.
  • Use custom proxy settings is unchecked.
  • Now click on Start.
  • The virus signature database will begin to download. Be patient this make take some time depending on the speed of your Internet Connection.
  • When completed the Online Scan will begin automatically. The scan may take several hours.
  • Do not touch either the Mouse or keyboard during the scan otherwise it may stall.
  • Now click on Finish.
  • Use notepad to open the logfile located at C:\Program Files(x86)\ESET\EsetOnlineScanner\log.txt.
  • Copy and paste that log as a reply to this topic.

Finally
In your next reply, please copy/paste the contents of the following logs:

  • AdwCleaner Cleaning log
  • MBAM log
  • ESET scan log

And answer my mouse/keyboard questions above.  How is the system is running?  :)

 

 


  • 0

#10
eles

eles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

Much better - still an occasional hang -
One of those was earlier today when I was trying to post on GTG.
It took 3 tries - seemed to be associated with using the preview.

AND just now. I did a copy/paste into the posting area and tried to touch it up.
Could not get the mouse curser to register on the text.

•Are your mouse and keyboard wireless or wired?
Laptop - Integral wired keyboard, wireless mouse

•Can you get me the make/model number of each device from the label on the bottom please?
Keyboard - integral on a Toshiba Satellite A205 PSAF0U-01Q009 Laptop
Mouse      - HP 2.4 GHz Wireless Optical Mobile Mouse - Model FHA3510
                 - Synaptics PS/2 Port TouchPad [Mouse] (I don't use)

•Have you tried a different keyboard and/or mouse to test the behavior?
No

•Do you have any wireless receivers plugged into the computer, Bluetooth or otherwise)?
No

I noticed some of the PUPs found by ESET were while it was scanning IOBITs ASC.
I had that program on the computer but uninstalled it long ago.

I think I used the control panel uninstall or CCleaner's uninstall.
This was before I found RevoUninstaller - which digs much deeper.
Should I be manually clearing the AdwCleaner's quarantine?
I have noticed a lot of garbage left behind in the registry for uninstalled programs.
Is there an automated way to clean that out?

Here are the logs - and thanx

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

# AdwCleaner v5.000 - Logfile created 17/08/2015 at 18:01:43
# Updated 14/08/2015 by Xplode
# Database : 2015-08-16.2 [Server]
# Operating system : Windows 7 Home Premium Service Pack 1 (x86)
# Username : Jo Ann - JOANNS_LAPTOP
# Running from : C:\Users\Jo Ann\Desktop\AdwCleaner.exe
# Option : Cleaning

***** [ Services ] *****

***** [ Folders ] *****

***** [ Files ] *****

[-] File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\yahoo.xml

***** [ Shortcuts ] *****

***** [ Scheduled tasks ] *****

***** [ Registry ] *****

[-] Key Deleted : HKU\.DEFAULT\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\Avg Secure Update
[-] Key Deleted : HKCU\Software\SlimWare Utilities Inc
[-] Key Deleted : HKLM\SOFTWARE\Avg Secure Update

***** [ Web browsers ] *****

*************************

:: Proxy settings cleared
:: Winsock settings cleared

*************************

C:\AdwCleaner[C2].txt - [949 octets] - [17/08/2015 18:01:43]
C:\AdwCleaner[S3].txt - [958 octets] - [16/08/2015 19:34:31]
C:\AdwCleaner[S4].txt - [1020 octets] - [17/08/2015 17:59:09]

########## EOF - C:\AdwCleaner[C2].txt - [1136 octets] ##########

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 8/17/2015
Scan Time: 6:11:56 PM
Logfile:
Administrator: Yes

Version: 2.01.8.1057
Malware Database: v2015.08.17.09
Rootkit Database: v2015.08.16.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled

OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Jo Ann

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 336436
Time Elapsed: 36 min, 53 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Warn
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 0
(No malicious items detected)

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 0
(No malicious items detected)

Files: 0
(No malicious items detected)

Physical Sectors: 0
(No malicious items detected)

(end)

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

[email protected] as CAB hook log:
OnlineScanner.ocxregsvr32 probably failed :regsvr32 /s "C:\Program Files\ESET\ESET Online Scanner\OnlineScanner.ocx" Both ways to register activex failed.
[email protected] as downloader log:
all ok
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=28c2b782b37636499be01263d1022d99
# end=init
# utc_time=2015-08-18 01:15:25
# local_time=2015-08-17 07:15:25 (-0700, Mountain Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
Update Init
Update Download
Update Finalize
Updated modules version: 25322
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# EOSSerial=28c2b782b37636499be01263d1022d99
# end=updated
# utc_time=2015-08-18 01:32:16
# local_time=2015-08-17 07:32:16 (-0700, Mountain Daylight Time)
# country="United States"
# osver=6.1.7601 NT Service Pack 1
# product=EOS
# version=8
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.7777
# api_version=3.1.1
# EOSSerial=28c2b782b37636499be01263d1022d99
# engine=25322
# end=finished
# remove_checked=false
# archives_checked=true
# unwanted_checked=true
# unsafe_checked=true
# antistealth_checked=true
# utc_time=2015-08-18 03:11:38
# local_time=2015-08-17 09:11:38 (-0700, Mountain Daylight Time)
# country="United States"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode_1=''
# compatibility_mode=5893 16776573 100 94 18510 191412289 0 0
# compatibility_mode_1='Webroot SecureAnywhere'
# compatibility_mode=16130 16777213 85 100 1324469 5640180 0 0
# scanned=149771
# found=9
# cleaned=0
# scan_time=5962
sh=1E3FF58866D59D4658FE8ED7DCA3E9B73F86BD83 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\APNIC.7z.vir"
sh=C257C91C59CAC092ABB7FE43AF0FB3EE742EDBC8 ft=0 fh=0000000000000000 vn="a variant of Win32/Bundled.Toolbar.Ask.F potentially unsafe application" ac=I fn="C:\AdwCleaner\Quarantine\C\ProgramData\apn\APN-Stub\W3IV6-G\BITFAE3.tmp.vir"
sh=A4EEBE410D33F02BC0A0FCD95BCD59BFEFDFB367 ft=1 fh=1d77c81e183423d0 vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\ProgramData\IObit\ASCDownloader\ASCSetup.exe"
sh=44162B498ADE394964F4CB82012BE7167049D5AD ft=1 fh=2b138af0aa44daae vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\ProgramData\IObit\ASCDownloader\IObit Malware Fighter.exe.bak"
sh=E42C9B513FB2A297C537E225DAF15A24DB6224BA ft=1 fh=28421ae0971c9c15 vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\ProgramData\IObit\ASCDownloader\Smart Defrag.exe.bak"
sh=A4EEBE410D33F02BC0A0FCD95BCD59BFEFDFB367 ft=1 fh=1d77c81e183423d0 vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\Users\All Users\IObit\ASCDownloader\ASCSetup.exe"
sh=44162B498ADE394964F4CB82012BE7167049D5AD ft=1 fh=2b138af0aa44daae vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\Users\All Users\IObit\ASCDownloader\IObit Malware Fighter.exe.bak"
sh=E42C9B513FB2A297C537E225DAF15A24DB6224BA ft=1 fh=28421ae0971c9c15 vn="a variant of Win32/Toolbar.Widgi.B potentially unwanted application" ac=I fn="C:\Users\All Users\IObit\ASCDownloader\Smart Defrag.exe.bak"
sh=90853F3FD952D81A2D3DE72959D37C597D2B16E3 ft=1 fh=77bd63302e168cdd vn="a variant of Win32/OpenCandy.C potentially unsafe application" ac=I fn="C:\Users\Jo Ann\Downloads\advanced-systemcare-setup.exe"

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++


Edited by Eles, 17 August 2015 - 11:02 PM.

  • 0

Advertisements


#11
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

No, you shouldn't need to touch AdwCleaner's quarantine.  Once your machine is completely clean, I will have you run a tool that will handle all the tools that I have used - if they're on the desktop.  The tool will also look for the quarantine folders for FRST, AdwCleaner and other program quarantine folders such as ESET. ;)

 

As far as automated registry cleaners, I know of no automated reliable tools.  Such tools have the tendency to cause more damage than they're worth, and having some innocuous registry keys around isn't really going to hurt anything.

 

Can you enable your touch pad and turn off your wireless mouse to test?  I have never seen a non-Bluetooth wireless mouse that didn't have a  USB receiver of some kind.  There must be a receiver for this mouse but maybe it's on the other side of the laptop and it has a hard time connecting?  Could the mouse batteries be low?  Lint inside the mouse body?

 

Some related reading that might be of interest:

HP FHA-3510 mouse trouble

Repairing HP FHA-3510 (WE790AA) Wireless Mouse Buttons

 

You might also see if you can find a USB mouse to try for a bit to see how that goes.  I had a Logitech Anywhere MX mouse (expensive one that worked even on glass) and the button switches were of inferior quality and failed on me.  Before one of the buttons completely failed, it became difficult to press.  Of course it was the left mouse button. :)

 

Depending on how worn-out your mouse is, I'd consider getting a new one if using the touch pad and/or a wired USB mouse resolved your mouse issues.

 

I will be back with some more steps to complete before we're done here, so please sit tight. 


  • 0

#12
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Hi Christian,

 

I'm looking forward to your answers to the questions in my last post.  I'd like you to run aswMBR as a second-opinion, and I have a FRST fix for you as well...

 

First
Scan with aswMBR

  • Download aswMBR.exe ( 4.5mb ) to your Desktop.
  • Double click the aswMBR.exe program to run it.
  • You may be offered the option of using virtualization, accept that.
  • When it offers to Download the virus database, allow that as well.
  • Click the Scan button to start the scan

AswMBR%20scan.JPG

On completion of the scan, click the Save log button, save the log to your Desktop and post its contents in your next reply.

Second
Run a FRST Fix

  • Download the attached fixlist.txt file and save it to the Desktop: Attached File  fixlist.txt   662bytes   78 downloads

    (Note: It's important that both files, FRST/FRST64 and fixlist.txt are in the same location or the fix will not work.)

    Notice: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.
     
  • Run FRST/FRST64 from your Desktop and press the Fix button just once and wait.
    FRST_Fix_zps8lrdygec.png
     
  • If for some reason the tool needs a restart, please make sure you let the system restart normally.  After that let the tool complete its run.
  • When finished FRST will generate a log on the Desktop named Fixlog.txt. Please post the contents of that log file into your next reply.

Finally
In your next reply, please copy/paste the contents of the following logs:

  • aswMBR log
  • FRST fixlog

And answer my mouse questions from my last post please. :)

 


  • 0

#13
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

Just to clarify, please disregard the line "Hi Christian," above.  It was included in error.  Sorry for any confusion. :)


  • 0

#14
eles

eles

    Member

  • Topic Starter
  • Member
  • PipPip
  • 33 posts

I just clicked in the reply box and it expanded as usual. It said I was logged in on top of the screen.

When I clicked on the more reply options, I got the following message:

 

Sorry, you don't have permission for that!                                           [#20310]
Your secure key, used to verify you are posting the topic, did not match the one submitted.

Please go back, reload the form, and try again.

 

I noticed that it now said I was not signed in.

I logged in again

 

After I pasted the message, the document curser was not evident and when I put the mouse curser

at a line position and left clicked, nothing happened.

 

I don't know what cleared it up.

 

Thanx for the mouse suggestions.
It does have a usb receiver.
I tried to resync the mouse to the pc by unpluging the receiver for 10 seconds.
It's optical, so no lint problem - took it apart anyway just to make sure.
Occasionally I use the touch pad but I really don't like it -
Jo Ann only uses the touch pad and she hasn't said anything about any problems.
The mouse problem has been only occasional and I haven't been on very long today.
So far the mouse problem has not surfaced and everything else is working well.

I'll stay away from the quarantines, but I will clean out the download folders
(which is where some of the threats were located) .

I just turned Webroot back on - we'll see if that had anything to do with the problems


  • 0

#15
DanoNH

DanoNH

    Trusted Helper

  • Malware Removal
  • 2,153 posts

May I see those 2 logs please?

  • aswMBR
  • FRST fixlog

  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP