Tweet
This is my friends laptop. I ran what I could before it died (He forgot the power chord) Will be seeing him on Wednesday, what should the next step be?
-
-
I’d rather all logs be copy and pasted, than attached.
ZHP Diag Scan
Download ZHP Diag to your desktop.- Right Click Run as Admin.
2. Click the Scanner button.
When complete please push the report button.
A notepad will open… copy and paste the report in your next reply. - Right Click Run as Admin.
-
I’ll copy and paste from now on. Unfortunately ZHPDiag is broken with error line 80861 on the 3 computers including his that I’ve tested it on. So until they update that program and fix that error code it is unusable. What else can we try?Comment
-
Quick Diag Scan.
Download Quick Diag to your desktop.
Very Important!! – Make sure program is on your desktop.
Disable your Antivirus/Antispyware prior to scanning.
Right Click Run as Administrator.
Select the Quick Scan.
Post the log that is generated in your next post.Comment
-
I’d also like to see a new TDSS killer log as well.
Rogue Killer Scan.
Download RogueKiller – (Portable) – from one of the following links and save it to your Desktop:
Link 1
Link 2
[ul]
[li]Close all other the running programs[/li][li]Disable ALL Antivirus – Antimalware – Applications.[/li][li]Right Click Rogue Killer and Run as Administrator.[/li][li]Click the Start Scan button.[/li][li]Allow the scan to run – it can take ten minutes or more.[/li][li]Once the scan is complete check All items for removal.[/li][li]https://pchelpforum.net/attachments/...5-54-png.1658/ [/li]
[li]After All items are checked then press Remove Selected.[/li]
[li]Wait until the Status box shows Deleting Finished.[/li][li]Click on open report – then open txt[/li]
[li]Copy the content of the report and paste it here in your next reply.[/li][/ul]Comment
-
@PatL Got an update for us?Comment
-
Yes, he’s bringing the computer over for a few hours tonight. He’ll be here in about 5 hours. Should we do a fixlist with the FRST & Addition we’ve provided?Comment
-
No, I’d like the logs I requested, then we will go from there.Originally posted by PatLComment
-
Okay if Tdsskiller find the same 3 items should we remove them?Comment
-
I will need the logs. We will go from there…Originally posted by PatL
Here actually is a fixlist, run this prior to any of the other tools. I need to see the logs rather than blindly telling you what needs to be removed… If you remove something incorrect with Tdss killer then you may cause the machine to stop booting.Comment
-
[HEADING=1]Fix result of Farbar Recovery Scan Tool (x64) Version:07-09-2015
Ran by Mitch (2017-04-19 16:44:28) Run:1
Running from C:\Users\Mitch\Downloads
Loaded Profiles: Mitch (Available Profiles: Mitch)
Boot Mode: Normal[/HEADING]
fixlist content:
Start
CreateRestorePoint:
Closeprocesses:
Emptytemp:
HKLM...\Run: =>
Winlogon\Notify\igfxcui: igfxdev.dll
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNo tifier.exe [39408 2011-10-20] (Google Inc.)
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000...\MountPoints2: {19bfe83c-2251-11e7-9278-047d7b056e26} - F:\LaunchU3.exe -a
HKU\S-1-5-18...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q “\SearchProtect”
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip..\Interfaces{1C541FE9-C89C-4A5B-A474-C4A84D4970EA}: [DhcpNameServer] 192.168.1.254
Tcpip..\Interfaces{2CC683C3-C270-4C4C-B59E-95069212356D}: [DhcpNameServer] 75.75.75.75 75.75.76.76
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com
SearchScopes: HKLM → DefaultScope {C05BB67E-6FEB-437C-A972-2B461CE3C7E3} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referr er:source?}&ie={inputEncoding}&oe={outputEncoding} &rlz=1I7TSNP
SearchScopes: HKLM → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM → {C05BB67E-6FEB-437C-A972-2B461CE3C7E3} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referr er:source?}&ie={inputEncoding}&oe={outputEncoding} &rlz=1I7TSNP
SearchScopes: HKLM-x32 → DefaultScope {FCA4385E-748B-4959-BDE6-F80B6D1AF17E} URL =
SearchScopes: HKLM-x32 → {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 → {C05BB67E-6FEB-437C-A972-2B461CE3C7E3} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referr er:source?}&ie={inputEncoding}&oe={outputEncoding} &rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 → DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7TSNP_enUS464
SearchScopes: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 → {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7TSNP_enUS464
SearchScopes: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 → {2D67CCD7-10B5-4635-A31C-1E35342F1D50} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referr er:source?}&ie={inputEncoding}&oe={outputEncoding} &rlz=1I7TSNP_enUS464
SearchScopes: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 → {C05BB67E-6FEB-437C-A972-2B461CE3C7E3} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referr er:source?}&ie={inputEncoding}&oe={outputEncoding} &rlz=1I7TSNP
BHO: Windows Live ID Sign-in Helper → {9030D464-4C02-4ABF-8ECC-5164760863C6} → C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: TOSHIBA Media Controller Plug-in → {F3C88694-EFFA-4d78-B409-54B7B2535B14} → C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] ()
BHO-x32: Adobe PDF Link Helper → {18DF081C-E8AD-4283-A596-FA578C2EBDC3} → C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5
Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run \ => value removed successfully
“HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui” => key removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Run \swg => value removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Run \CCleaner Monitoring => value removed successfully
“HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\MountPoints2{19bfe83c-2251-11e7-9278-047d7b056e26}” => key removed successfully
HKCR\CLSID{19bfe83c-2251-11e7-9278-047d7b056e26} => key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOn ce\SpUninstallDeleteDir => value removed successfully
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
“HKLM\SOFTWARE\Policies\Google” => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces{1C541FE9-C89C-4A5B-A474-C4A84D4970EA}\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Param eters\Interfaces{2CC683C3-C270-4C4C-B59E-95069212356D}\DhcpNameServer => value removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Main\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope => value restored successfully
“HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A}” => key removed successfully
HKCR\CLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
“HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{C05BB67E-6FEB-437C-A972-2B461CE3C7E3}” => key removed successfully
HKCR\CLSID{C05BB67E-6FEB-437C-A972-2B461CE3C7E3} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\Wow6432Node\CLSID{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes{C05BB67E-6FEB-437C-A972-2B461CE3C7E3}” => key removed successfully
HKCR\Wow6432Node\CLSID{C05BB67E-6FEB-437C-A972-2B461CE3C7E3} => key not found.
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\DefaultScope => value removed successfully
“HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{012E1000-F331-11DB-8314-0800200C9A66}” => key removed successfully
HKCR\CLSID{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
“HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{2D67CCD7-10B5-4635-A31C-1E35342F1D50}” => key removed successfully
HKCR\CLSID{2D67CCD7-10B5-4635-A31C-1E35342F1D50} => key not found.
“HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes{C05BB67E-6FEB-437C-A972-2B461CE3C7E3}” => key removed successfully
HKCR\CLSID{C05BB67E-6FEB-437C-A972-2B461CE3C7E3} => key not found.
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}” => key removed successfully
“HKCR\CLSID{9030D464-4C02-4ABF-8ECC-5164760863C6}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ex plorer\Browser Helper Objects{F3C88694-EFFA-4d78-B409-54B7B2535B14}” => key removed successfully
“HKCR\CLSID{F3C88694-EFFA-4d78-B409-54B7B2535B14}” => key removed successfully
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curre ntVersion\Explorer\Browser Helper Objects{18DF081C-E8AD-4283-A596-FA578C2EBDC3}” => key removed successfully
“HKCR\Wow6432Node\CLSID{18DF081C-E8AD-4283-A596-FA578C2EBDC3}” => key removed successfully
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curre ntVersion\Explorer\Browser Helper Objects{326E768D-4182-46FD-9C16-1449A49795F4}” => key removed successfully
“HKCR\Wow6432Node\CLSID{326E768D-4182-46FD-9C16-1449A49795F4}” => key removed successfully
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curre ntVersion\Explorer\Browser Helper Objects{9030D464-4C02-4ABF-8ECC-5164760863C6}” => key removed successfully
“HKCR\Wow6432Node\CLSID{9030D464-4C02-4ABF-8ECC-5164760863C6}” => key removed successfully
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curre ntVersion\Explorer\Browser Helper Objects{DBC80044-A445-435b-BC74-9C25C1C588A9}” => key removed successfully
“HKCR\Wow6432Node\CLSID{DBC80044-A445-435b-BC74-9C25C1C588A9}” => key removed successfully
“HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\Curre ntVersion\Explorer\Browser Helper Objects{F3C88694-EFFA-4d78-B409-54B7B2535B14}” => key removed successfully
“HKCR\Wow6432Node\CLSID{F3C88694-EFFA-4d78-B409-54B7B2535B14}” => key removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
“HKLM\Software\MozillaPlugins@microsoft.com/GENUINE” => key removed successfully
“HKLM\Software\Wow6432Node\MozillaPlugins@microsoft.com/GENUINE” => key removed successfully
Chrome NewTab removed successfully
“entry”: “chrome-extension://nlgfkngkdcjlfgcfdmjoafonkkhacilj/blank.html” => Error: No automatic fix found for this entry.
WinDefend => Unable to stop service.
WinDefend => service removed successfully
“C:\Program Files\Windows Defender” => Warning: FRST is scripted not to move this directory.
C:\Users\Mitch\AppData\Roaming\result.db => moved successfully
C:\ProgramData-sxTowviWOjOsNR => moved successfully
C:\ProgramData-sxTowviWOjOsNRr => moved successfully
C:\ProgramData\sxTowviWOjOsNR => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot{11F1A33F-CBC1-4F6D-9E01-9A929078068F}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{11F1A33 F-CBC1-4F6D-9E01-9A929078068F}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The network connection monitor” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{120D0A0 9-1533-4ADC-972A-E0CCF80B6C12}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{120D0A0 9-1533-4ADC-972A-E0CCF80B6C12}” => key removed successfully
C:\windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot{12BA4396-8AB2-4C5C-956A-7785D127DA18}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{12BA439 6-8AB2-4C5C-956A-7785D127DA18}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TrustedI nstaller Update 2” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{12EDA16 F-ED83-4401-8F29-4DA10671434B}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{12EDA16 F-ED83-4401-8F29-4DA10671434B}” => key removed successfully
C:\windows\System32\Tasks{A5998B0C-1130-4D39-8E84-E08EE59A83B6} => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{A5998B0C-1130-4D39-8E84-E08EE59A83B6}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{186F2FE 3-7459-4B77-A9E3-823DB7182825}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{186F2FE 3-7459-4B77-A9E3-823DB7182825}” => key removed successfully
C:\windows\System32\Tasks{86AF29AC-088F-4FA5-BD5F-D1D6DCCFC9A1} => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{86AF29AC-088F-4FA5-BD5F-D1D6DCCFC9A1}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{2C844FD 4-91F8-49A3-A8DD-24443574A0D4}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{2C844FD 4-91F8-49A3-A8DD-24443574A0D4}” => key removed successfully
C:\windows\System32\Tasks{E7ADFC65-B5D1-4B75-B8C0-FEDB8D304BD7} => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{E7ADFC65-B5D1-4B75-B8C0-FEDB8D304BD7}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{30672C8 9-99F7-4B8F-811F-7634C4CDC481}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{30672C8 9-99F7-4B8F-811F-7634C4CDC481}” => key removed successfully
C:\windows\System32\Tasks{4F18DFE4-EB52-4F89-9AAF-F121BC8FE6B9} => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{4F18DFE4-EB52-4F89-9AAF-F121BC8FE6B9}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot{4DEB10BF-3DEA-4965-B44E-D621B736A8C1}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{4DEB10B F-3DEA-4965-B44E-D621B736A8C1}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The Bluetooth service discovery” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{645C558 5-1328-4ECE-8E35-D5B2AD806B53}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{645C558 5-1328-4ECE-8E35-D5B2AD806B53}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFla shPlayerUpdate” => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{7C2F68B E-54F8-4B27-A465-C35FCC63925F} => key not found.
C:\windows\System32\Tasks\REGSERVO => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\REGSERVO => key not found.
C:\Program Files\REGSERVO => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{81FADE4 C-3A5D-4897-8F11-EB50741E1B9B}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{81FADE4 C-3A5D-4897-8F11-EB50741E1B9B}” => key removed successfully
C:\windows\System32\Tasks{31A8C737-17C1-4EAC-8C41-BFB0F2217EB6} => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree{31A8C737-17C1-4EAC-8C41-BFB0F2217EB6}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{88EE322 0-CD60-4D0B-8C6F-8D063148F0C8}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{88EE322 0-CD60-4D0B-8C6F-8D063148F0C8}” => key removed successfully
C:\windows\System32\Tasks\SidebarExecute => moved successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarE xecute” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain{D0D4D60 E-919C-4D10-8E0B-DE408F029196}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks{D0D4D60 E-919C-4D10-8E0B-DE408F029196}” => key removed successfully
“HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TrustedI nstaller Update” => key removed successfully
C:\windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\windows\Tasks\REGSERVO.job => not found.
“C:\ProgramData\TEMP” => “:373E1720 [290]” ADS not found.
“C:\ProgramData\TEMP” => “
1B5B4F1 [112]” ADS not found.
“HKLM\System\CurrentControlSet\Control\SafeBoot\Ne twork\SMPCHelper” => key removed successfully
“HKLM\System\CurrentControlSet\Control\SafeBoot\Ne twork\tvnserver” => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{0736BB0 8-FE89-43DE-BA41-0E6403E6505B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{BCECD81 7-1320-463F-BA21-E50C4293C61B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{9BE0B88 6-70FD-44E2-B6DE-8A626E585D91} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{704859E 0-645A-4D1C-AB72-CD5211475087} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{9A5730A 8-029E-4B01-AF32-9B2FD1E73FBA} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{3DD37CC 2-B822-47F3-A287-91332F4ED452} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{2CD2691 C-1F50-4EFE-9675-3ABB9B3FA039} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{B19AC4B 5-D3B7-44E5-8FDC-EDE0AB91D387} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\TCP Query User{6A6EC8B0-7882-45AB-8EAF-9185BB491734}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\UDP Query User{E647A132-D769-46E8-9F21-C812B75742F4}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\TCP Query User{C7DBDCA4-933F-44C4-BC93-CA7D22154FEF}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\UDP Query User{F498FE58-0685-490C-8C06-B658DC1EF348}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{18CDF3E B-FF5A-4F8A-87EC-E55F07F18CEC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{D11205A 1-18A7-4405-A7D8-C1A0D91EDB29} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{242BE5D B-853C-4AD2-9AE4-D66C0068EE32} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{0D402D8 A-B5A5-48AF-BB01-FCEBE005984B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\FirewallRules\{2A760E5 8-2C01-44CE-9620-E6E7A78606A2} => value removed successfully
========= RemoveProxy: =========
HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVers ion\Internet Settings\Connections\DefaultConnectionSettings => value removed successfully
HKU.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVers ion\Internet Settings\Connections\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Int ernet Settings\Connections\SavedLegacySettings => value removed successfully
========= End of RemoveProxy: =========
========= netsh advfirewall reset =========
Ok.
========= End of CMD: =========
========= netsh advfirewall set allprofiles state On =========
Ok.
========= End of CMD: =========
========= ipconfig /flushdns =========
Windows IP Configuration
Successfully flushed the DNS Resolver Cache.
========= End of CMD: =========
EmptyTemp: => 26.7 MB temporary data Removed.
The system needed a reboot..
==== End of Fixlog 16:45:43 ====Comment
-
--------------- QuickDiag | g3n-h@ckm@n | V3_02.04.17.1 ---------------
----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 19/04/2017 16:49:23
Updated 02/04/2017 | 14.30 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/
Time Zone : (UTC-08:00) Pacific Time (US & Canada)
[Mitch (Administrator)] - [MITCH-PC] (S-1-5-21-2113883840-1160270776-2747418757-1000)
System: Microsoft Windows 7 Home Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1033 (0409)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 7 Home Premium |C:\windows|\Device\Harddisk0\Partition2
Boot : Normal boot
PC: Satellite L755 - TOSHIBA - IdNumber: XB319792W - UUID: 71136460-FBBA-11E0-961F-047D7B056E26
Processor : X64 - 2394 Mhz - Intel(R) Core™ i5-2430M CPU @ 2.40GHz
InsydeH2O Version 03.60.453.40 - en|US|iso8859-1 - INSYDE - S/N: XB319792W - 3.40 - TOSQCI - 1
CoreTemp : ? Celsius
----------| Quick
---------- | SoundDevice
Conexant SmartAudio HD - Status: OK - Manufacturer: Conexant - PNPDeviceID: HDAUDIO\FUNC_01&VEN_14F1&DEV_5069&SUBSYS_1179FC52& REV_1003\4&2152523C&0&0001
Intel(R) Display Audio - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2805&SUBSYS_1179FC50& REV_1000\4&2152523C&0&0301
---------- | Video
Intel(R) HD Graphics Family - Resolution: 1366x768 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumd64,igd10umd64.dll,igd10umd64.dll,igdumdx32,i gd10umd32,igd10umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0116&SUBSYS_FC501179&REV_09\3&115 83659&1&10 - AdapterCompatibility: Intel Corporation - RAM: 1885265920
Inegrated Video Chipset DeviceName: Intel(R) HD Graphics Family - DriverVersion: 8.15.10.2353 - SpecificationVersion: 1025
---------- | Codecs
c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK
---------- | CPU
---------- | Network
WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000
WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000
WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000
WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000
WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000
WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000
WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000
Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC - Ethernet 802.3 - Realtek Semiconductor Corp. - Status: - PnPID : PCI\VEN_10EC&DEV_8176&SUBSYS_818110EC&REV_01\4&2EF 5F2DC&0&00E5
WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000
Microsoft ISATAP Adapter - Tunnel - Microsoft - Status: - PnPID : ROOT*ISATAP\0000
RAS Async Adapter - - - Status: - PnPID :
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) - Ethernet 802.3 - Atheros - Status: - PnPID : PCI\VEN_1969&DEV_2062&SUBSYS_FC501179&REV_C1\4&2F2 8935&0&00E6
Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : ROOT*TEREDO\0000
Microsoft 6to4 Adapter - Tunnel - Microsoft - Status: - PnPID : ROOT*6TO4MP\0000
Microsoft ISATAP Adapter #2 - Tunnel - Microsoft - Status: - PnPID : ROOT*ISATAP\0001
---------- | Memory
RAM = Total (MB) : 4141 | Free (MB) : 2938
Pagefile = Total (MB) : 8280 | Free (MB) : 7039
Virtual = Total (MB) : 4194 | Free (MB) : 4020
Physical Memory 0 : Capacity: 2147483648 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: Micron Technology - PartNumber: 8JSF25664HZ-1G4D1 - S/N: 3756A6B0
Physical Memory 2 : Capacity: 2147483648 - ChannelB-DIMM0 - Posit.: 2 - Manufacturer: Micron Technology - PartNumber: 8JSF25664HZ-1G4D1 - S/N: 3756A6AF
---------- | SID Users
Administrator : [S-1-5-21-2113883840-1160270776-2747418757-500]
Guest : [S-1-5-21-2113883840-1160270776-2747418757-501]
HomeGroupUser$ : [S-1-5-21-2113883840-1160270776-2747418757-1002]
Mitch : [S-1-5-21-2113883840-1160270776-2747418757-1000]
Administrators : [S-1-5-32-544]
Distributed COM Users : [S-1-5-32-562]
Event Log Readers : [S-1-5-32-573]
Guests : [S-1-5-32-546]
IIS_IUSRS : [S-1-5-32-568]
Performance Log Users : [S-1-5-32-559]
Performance Monitor Users : [S-1-5-32-558]
Users : [S-1-5-32-545]
HomeUsers : [S-1-5-21-2113883840-1160270776-2747418757-1001]
---------- | SystemAccounts
Name: Everyone - SID: S-1-1-0 - SIDType: 5 - Status: OK
Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK
Name: CREATOR OWNER - SID: S-1-3-0 - SIDType: 5 - Status: OK
Name: CREATOR GROUP - SID: S-1-3-1 - SIDType: 5 - Status: OK
Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK
Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK
Name: OWNER RIGHTS - SID: S-1-3-4 - SIDType: 5 - Status: OK
Name: DIALUP - SID: S-1-5-1 - SIDType: 5 - Status: OK
Name: NETWORK - SID: S-1-5-2 - SIDType: 5 - Status: OK
Name: BATCH - SID: S-1-5-3 - SIDType: 5 - Status: OK
Name: INTERACTIVE - SID: S-1-5-4 - SIDType: 5 - Status: OK
Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK
Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK
Name: PROXY - SID: S-1-5-8 - SIDType: 5 - Status: OK
Name: SYSTEM - SID: S-1-5-18 - SIDType: 5 - Status: OK
Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK
Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK
Name: Authenticated Users - SID: S-1-5-11 - SIDType: 5 - Status: OK
Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK
Name: TERMINAL SERVER USER - SID: S-1-5-13 - SIDType: 5 - Status: OK
Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK
Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK
Name: LOCAL SERVICE - SID: S-1-5-19 - SIDType: 5 - Status: OK
Name: NETWORK SERVICE - SID: S-1-5-20 - SIDType: 5 - Status: OK
Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK
---------- | Drives
C:\ → [Fixed] | [TI106234W0C] | Total : 449.77 Go | Free : 402.28 Go → NTFS [ATA]
E:\ → [Removable] | | Total : 1.9 Go | Free : 1.5 Go → FAT [USB]
F:\ → [CDROM] | [U3 System] | Total : 0.01 Go | Free : 0 Go → CDFS [USB]
DeviceID: \.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : IDE\DISKTOSHIBA_MK5075GSX_______________________GT 001M__\4&2838251D&0&0.0.0
DeviceID: \.\PHYSICALDRIVE1 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_U3_CRUZER_MICRO&REV_ 4.05\00001889E574CD5F&0
---------- | Windows updates
Last detection : 2012-08-12 21:11:03
Downloaded last ones : 2012-11-16 02:18:27
Installed last ones : 2012-11-16 03:04:58
Next search : 2017-04-19 01:49:50
Windows Is Activated
---------- | Browsers
IE : 9.0.8112.16447 (© Microsoft Corporation.)
GC : 57.0.2987.133 (Copyright 2016 Google Inc.)
Default : “C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” – “%1”
---------- | FlashPlayer
FlashPlayer ActiveX : 18.0.0.232
FlashPlayer Plugin : 18.0.0.232
---------- | Security
AM : Malwarebytes’ Anti-Malware ( 2.3.55.0) [Update : 08/09/2015 10:46:40]
FW : avast! Antivirus Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Running
WMI: Windows Management Instrumentation [Auto(2)] = Running
---------- | Running processes
428 | [Owner : SYSTEM | Parent : 4(System) | 1.22 Mo] - (.Microsoft Corporation - Windows Session Manager.) - (6.1.7600.16385) = C:\Windows\System32\smss.exe [13/07/2009 16:19:50]
528 | [Owner : SYSTEM | Parent : 512() | 4.87 Mo] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [13/07/2009 16:19:49]
600 | [Owner : SYSTEM | Parent : 512() | 4.53 Mo] - (.Microsoft Corporation - Windows Start-Up Application.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [13/07/2009 16:52:37]
624 | [Owner : SYSTEM | Parent : 608() | 20.11 Mo] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [13/07/2009 16:19:49]
656 | [Owner : SYSTEM | Parent : 600(wininit.exe) | 8.78 Mo] - (.Microsoft Corporation - Services and Controller app.) - (6.1.7600.16385) = C:\Windows\System32\services.exe [13/07/2009 16:19:46]
672 | [Owner : SYSTEM | Parent : 600(wininit.exe) | 11.12 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.17725) = C:\Windows\System32\lsass.exe [31/01/2012 15:40:16]
680 | [Owner : SYSTEM | Parent : 600(wininit.exe) | 4.36 Mo] - (.Microsoft Corporation - Local Session Manager Service.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [20/11/2010 20:23:53]
784 | [Owner : SYSTEM | Parent : 656(services.exe) | 9.6 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
876 | [Owner : NETWORK SERVICE | Parent : 656(services.exe) | 7.44 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
936 | [Owner : LOCAL SERVICE | Parent : 656(services.exe) | 18.42 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
968 | [Owner : SYSTEM | Parent : 656(services.exe) | 89.41 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
1012 | [Owner : SYSTEM | Parent : 656(services.exe) | 37.3 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
384 | [Owner : LOCAL SERVICE | Parent : 936(svchost.exe) | ???] - (.Microsoft Corporation - Windows Audio Device Graph Isolation.) - (6.1.7601.17514) = C:\Windows\System32\audiodg.exe [20/11/2010 20:24:32]
540 | [Owner : LOCAL SERVICE | Parent : 656(services.exe) | 11.31 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
892 | [Owner : NETWORK SERVICE | Parent : 656(services.exe) | 12.26 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
1076 | [Owner : SYSTEM | Parent : 608() | 7.17 Mo] - (.Microsoft Corporation - Windows Logon Application.) - (6.1.7601.17514) = C:\Windows\System32\winlogon.exe [20/11/2010 20:24:29]
1108 | [Owner : SYSTEM | Parent : 656(services.exe) | 42.52 Mo] - (.AVAST Software - avast! Service.) - (12.1.3076.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [19/07/2016 18:28:30]
1456 | [Owner : SYSTEM | Parent : 1012(svchost.exe) | 5.28 Mo] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [20/11/2010 20:24:27]
1488 | [Owner : SYSTEM | Parent : 656(services.exe) | 12.18 Mo] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe [20/11/2010 20:24:27]
1524 | [Owner : LOCAL SERVICE | Parent : 656(services.exe) | 13.9 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
1660 | [Owner : LOCAL SERVICE | Parent : 656(services.exe) | 11.41 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
1700 | [Owner : SYSTEM | Parent : 656(services.exe) | 6.54 Mo] - (.Giraffic - Giraffic Video Accelerator Watchdog.) - (0.86.412.230) = C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [13/05/2013 04:56:02]
1352 | [Owner : SYSTEM | Parent : 656(services.exe) | 4.9 Mo] - (.Microsoft Corporation - Microsoft Application Virtualization Virtual Service Agent.) - (4.6.2.22610) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [01/10/2011 09:30:22]
1848 | [Owner : SYSTEM | Parent : 656(services.exe) | 4.31 Mo] - (.TOSHIBA Corporation - TDCSrv Application.) - (1.0.0.8) = C:\Windows\System32\TODDSrv.exe [01/08/2011 00:31:59]
2056 | [Owner : SYSTEM | Parent : 656(services.exe) | 7.18 Mo] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) - (1.0.0.5) = C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [17/05/2011 14:34:18]
2076 | [Owner : SYSTEM | Parent : 1700(Veoh_GirafficWatchdog.exe) | 8.87 Mo] - (.Giraffic - Giraffic Video Accelerator.) - (0.86.412.230) = C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe [13/05/2013 04:55:30]
2180 | [Owner : SYSTEM | Parent : 656(services.exe) | 10.96 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [28/03/2011 21:11:06]
2444 | [Owner : Mitch | Parent : 968(svchost.exe) | 48.48 Mo] - (.Microsoft Corporation - Desktop Window Manager.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [13/07/2009 16:37:38]
2500 | [Owner : SYSTEM | Parent : 656(services.exe) | 16.26 Mo] - (.Copyright 2017. - ZAM.) - (2.72.0.101) = C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [08/09/2015 10:44:23]
2516 | [Owner : SYSTEM | Parent : 2180(WLIDSVC.EXE) | 3.49 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [28/03/2011 21:11:06]
2584 | [Owner : Mitch | Parent : 2436() | 62.96 Mo] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe [01/08/2011 00:22:16]
2884 | [Owner : SYSTEM | Parent : 656(services.exe) | 14.34 Mo] - (.Microsoft Corporation - Microsoft Application Virtualization Client Service.) - (4.6.2.22610) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [01/10/2011 09:30:18]
2460 | [Owner : SYSTEM | Parent : 656(services.exe) | 7.2 Mo] - (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - (1.3.0.0) = C:\Program Files\Toshiba\TECO\TecoService.exe [24/05/2011 09:58:12]
2328 | [Owner : SYSTEM | Parent : 656(services.exe) | 10.2 Mo] - (.Microsoft Corporation - Microsoft Office Client Virtualization Service.) - (14.0.6114.5003) = C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [04/01/2012 15:22:40]
3108 | [Owner : SYSTEM | Parent : 784(svchost.exe) | 7.09 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [20/11/2010 20:24:15]
3460 | [Owner : LOCAL SERVICE | Parent : 968(svchost.exe) | 6.33 Mo] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.1.7601.17514) = C:\Windows\System32\WUDFHost.exe [20/11/2010 20:23:50]
3836 | [Owner : Mitch | Parent : 2584(explorer.exe) | 12.93 Mo] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) - (1.0.0.7) = C:\Program Files\Toshiba\Power Saver\TPwrMain.exe [17/05/2011 14:34:50]
3884 | [Owner : Mitch | Parent : 2584(explorer.exe) | 46.19 Mo] - (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) - (1.0.11.64) = C:\Program Files\Toshiba\FlashCards\TCrdMain.exe [27/04/2011 14:00:42]
4012 | [Owner : Mitch | Parent : 2584(explorer.exe) | 6.25 Mo] - (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) - (1.7.32.0) = C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent 64.exe [20/10/2011 10:16:13]
1840 | [Owner : Mitch | Parent : 2584(explorer.exe) | 7.57 Mo] - (.TOSHIBA Corporation - TOSHIBA eco Utility.) - (1.3.0.0) = C:\Program Files\Toshiba\TECO\Teco.exe [24/05/2011 09:57:52]
1368 | [Owner : Mitch | Parent : 2584(explorer.exe) | 6.89 Mo] - (.TOSHIBA Corporation -.) - (1.0.0.2) = C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe [01/07/2011 11:46:44]
1364 | [Owner : Mitch | Parent : 2584(explorer.exe) | 5.52 Mo] - (.TOSHIBA Corporation - Toshiba Volume Regulator.) - (1.0.0.6) = C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe [20/10/2011 11:03:32]
812 | [Owner : Mitch | Parent : 2584(explorer.exe) | 7.92 Mo] - (.TOSHIBA Corporation - Message Center.) - (1.6.0.64) = C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [27/07/2011 15:44:14]
2808 | [Owner : Mitch | Parent : 2584(explorer.exe) | 25.83 Mo] - (.TOSHIBA Corporation - Monitor of TOSHIBA ReelTime.) - (1.7.9.0) = C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe [28/06/2011 11:29:56]
3720 | [Owner : Mitch | Parent : 1012(svchost.exe) | 6.47 Mo] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [20/11/2010 20:24:27]
1152 | [Owner : Mitch | Parent : 3608() | 12 Mo] - (.- DivX Update.) - (1.0.6.15) = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [28/07/2011 16:08:12]
264 | [Owner : Mitch | Parent : 3608() | 17.14 Mo] - (.AVAST Software - avast! Antivirus.) - (12.1.3076.11) = C:\Program Files\AVAST Software\Avast\avastui.exe [08/08/2016 16:11:02]
3520 | [Owner : SYSTEM | Parent : 656(services.exe) | 10.32 Mo] - (.Microsoft Corporation - Microsoft Windows Search Indexer.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe [01/08/2011 00:26:30]
4648 | [Owner : Mitch | Parent : 2584(explorer.exe) | 26.24 Mo] - (.SosVirus - QuickDiag.) - (2.4.17.1) = E:\quickdiag_3_02.04.17.1.exe [19/04/2017 11:00:56]
5080 | [Owner : SYSTEM | Parent : 656(services.exe) | 4.7 Mo] - (.Intel Corporation - Local Manageability Service.) - (7.0.2.1164) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [20/10/2011 10:07:44]
5104 | [Owner : NETWORK SERVICE | Parent : 656(services.exe) | 12.59 Mo] - (.Microsoft Corporation - Microsoft Software Protection Platform Service.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [20/11/2010 20:23:56]
2004 | [Owner : NETWORK SERVICE | Parent : 656(services.exe) | 25.34 Mo] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [20/11/2010 20:25:05]
2204 | [Owner : SYSTEM | Parent : 656(services.exe) | 7.24 Mo] - (.Intel Corporation - User Notification Service.) - (7.0.2.1164) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [20/10/2011 10:07:46]
3312 | [Owner : NETWORK SERVICE | Parent : 784(svchost.exe) | 11.9 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [20/11/2010 20:24:15]
3036 | [Owner : NETWORK SERVICE | Parent : 784(svchost.exe) | 7.12 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [20/11/2010 20:24:27]
---------- | MD5
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [01/08/2011 00:22:16] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.17567) : C:\windows\Explorer.exe
[MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [20/11/2010 20:23:55] - (.© Microsoft Corporation. - Windows Command Processor.) - [337 Ko] - (6.1.7601.17514) : C:\windows\System32\cmd.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [13/07/2009 16:19:49] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [7.5 Ko] - (6.1.7600.16385) : C:\windows\System32\csrss.exe
[MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [13/07/2009 16:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\windows\System32\dllhost.exe
[MD5.B9B42A302325537D7B9DC52D47F33A73] - [27/12/2011 16:02:44] - (.© Microsoft Corporation. - Windows NT BASE API Client DLL.) - [1135.5 Ko] - (6.1.7601.17651) : C:\windows\System32\Kernel32.dll
[MD5.C118A82CD78818C29AB228366EBF81C3] - [31/01/2012 15:40:16] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30.5 Ko] - (6.1.7601.17725) : C:\windows\System32\lsass.exe
[MD5.5C627D1B1138676C0A7AB2C2C190D123] - [20/11/2010 20:24:01] - (.© Microsoft Corporation. - Distributed COM Services.) - [500 Ko] - (6.1.7601.17514) : C:\windows\System32\rpcss.dll
[MD5.DD81D91FF3B0763C392422865C9AC12E] - [13/07/2009 16:57:20] - (.© Microsoft Corporation. - Windows host process (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\windows\System32\rundll32.exe
[MD5.24ACB7E5BE595468E3B9AA488B9B4FCB] - [13/07/2009 16:19:46] - (.© Microsoft Corporation. - Services and Controller app.) - [321 Ko] - (6.1.7600.16385) : C:\windows\System32\services.exe
[MD5.6F68F63794097E54F36474ED4384B759] - [01/08/2011 00:21:59] - (.© Microsoft Corporation. - Host Process for Windows Services.) - [27 Ko] - (6.1.7601.17568) : C:\windows\System32\svchost.exe
[MD5.FE70103391A64039A921DBFFF9C7AB1B] - [20/11/2010 20:24:09] - (.© Microsoft Corporation. - Multi-User Windows USER API Client DLL.) - [984.5 Ko] - (6.1.7601.17514) : C:\windows\System32\user32.dll
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [20/11/2010 20:24:28] - (.© Microsoft Corporation. - Userinit Logon Application.) - [30 Ko] - (6.1.7601.17514) : C:\windows\System32\userinit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [13/07/2009 16:52:37] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [126 Ko] - (6.1.7600.16385) : C:\windows\System32\Wininit.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [20/11/2010 20:24:29] - (.© Microsoft Corporation. - Windows Logon Application.) - [381.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Winlogon.exe
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - [15/02/2012 17:41:01] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487 Ko] - (6.1.7601.17752) : C:\windows\System32\Drivers\afd.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [13/07/2009 16:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\atapi.sys
[MD5.A34FE1E025E88798E746F484956C0720] - [20/11/2010 20:23:47] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.88 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\ataport.sys
[MD5.B8BD2BB284668C84865658C77574381A] - [13/07/2009 16:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\cdfs.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [20/11/2010 20:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\cdrom.sys
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [20/11/2010 20:24:32] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\dfsc.sys
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [20/11/2010 20:23:47] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\hdaudbus.sys
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [13/07/2009 16:19:58] - (.© Microsoft Corporation. - i8042 Port Driver.) - [103 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\i8042prt.sys
[MD5.D469B77687E12FE43E344806740B624D] - [20/10/2011 10:11:10] - (.Copyright(C) Intel Corporation 1994-2011 - Intel Rapid Storage Technology driver - x64.) - [429.02 Ko] - (10.1.2.1004) : C:\windows\System32\Drivers\iastor.sys
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [13/07/2009 17:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\ipnat.sys
[MD5.A5D9106A73DC88564C825D317CAC68AC] - [01/08/2011 00:25:13] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [154.5 Ko] - (6.1.7601.17605) : C:\windows\System32\Drivers\mrxsmb.sys
[MD5.79B47FD40D9A817E932F9D26FAC0A81C] - [20/11/2010 20:23:55] - (.© Microsoft Corporation. - NDIS 6.20 driver.) - [929.38 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\ndis.sys
[MD5.09594D1089C523423B32A4229263F068] - [20/11/2010 20:23:51] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\netbt.sys
[MD5.A2F74975097F52A00745F9637451FDD8] - [01/08/2011 00:11:50] - (.© Microsoft Corporation. - NT File System Driver.) - [1620.88 Ko] - (6.1.7601.17577) : C:\windows\System32\Drivers\ntfs.sys
[MD5.0086431C29C35BE1DBC43F52CC273887] - [13/07/2009 17:00:41] - (.© Microsoft Corporation. - Parallel Port Driver.) - [95 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\parport.sys
[MD5.471815800AE33E6F1C32FB1B97C490CA] - [20/11/2010 20:24:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\rasl2tp.sys
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [13/07/2009 17:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\smb.sys
[MD5.ACB82BDA8F46C84F465C1AFA517DC4B9] - [14/05/2012 12:32:59] - (.© Microsoft Corporation. - TCP/IP Driver.) - [1873.36 Ko] - (6.1.7601.17802) : C:\windows\System32\Drivers\tcpip.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [20/11/2010 20:24:32] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\tdx.sys
[MD5.DF8126BD41180351A093A3AD2FC8903B] - [01/08/2011 00:17:36] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [289.38 Ko] - (6.1.7601.17567) : C:\windows\System32\Drivers\volsnap.sys
---------- | Locked Applications
---------- | Explorer.exe component call (Microsoft Files Whitelisted)
(.AVAST Software.-.avast! Shell Extension.) - (12.1.3076.0) – C:\Program Files\AVAST Software\Avast\ashShA64.dll
---------- | Svchost.exe component call (Microsoft Files Whitelisted)
---------- | ZeroAccess Check
[HKLM\Software\Classes\CLSID{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\Classes\CLSID{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
---------- | Startings up
Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE...\Run]) - User: NT AUTHORITY\LOCAL SERVICE
Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE...\Run]) - User: NT AUTHORITY\NETWORK SERVICE
CCleaner - (“C:\Program Files\CCleaner\CCleaner64.exe” /AUTO [HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE...\Run]) - User: Mitch-PC\Mitch
TPwrMain - (%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [HKLM\SOFTWARE...\Run]) - User: Public
HSON - (%ProgramFiles%\TOSHIBA\TBS\HSON.exe [HKLM\SOFTWARE...\Run]) - User: Public
TCrdMain - (%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [HKLM\SOFTWARE...\Run]) - User: Public
SmartAudio - (C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [HKLM\SOFTWARE...\Run]) - User: Public
cAudioFilterAgent - (C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe [HKLM\SOFTWARE...\Run]) - User: Public
SynTPEnh - (%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [HKLM\SOFTWARE...\Run]) - User: Public
Teco - (“%ProgramFiles%\TOSHIBA\TECO\Teco.exe” /r [HKLM\SOFTWARE...\Run]) - User: Public
TosWaitSrv - (%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [HKLM\SOFTWARE...\Run]) - User: Public
TosVolRegulator - (C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [HKLM\SOFTWARE...\Run]) - User: Public
TosSENotify - (C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [HKLM\SOFTWARE...\Run]) - User: Public
TosNC - (%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.ex e [HKLM\SOFTWARE...\Run]) - User: Public
TosReelTimeMonitor - (%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonito r.exe [HKLM\SOFTWARE...\Run]) - User: Public
ZAM - (“C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe” /minimized [HKLM\SOFTWARE...\Run]) - User: Public
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Command Processor]
“CompletionChar”=9
“DefaultColor”=0
“EnableExtensions”=1
“PathCompletionChar”=9
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Run]
“CCleaner”=“C:\Program Files\CCleaner\CCleaner64.exe” /AUTO
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“Device”=Microsoft XPS Document Writer,winspool,Ne00:
“UserSelectedDefault”=0
[HKLM\Software\Microsoft\Command Processor]
“CompletionChar”=64
“DefaultColor”=0
“EnableExtensions”=1
“PathCompletionChar”=64
[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
“TPwrMain”=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
“HSON”=%ProgramFiles%\TOSHIBA\TBS\HSON.exe
“TCrdMain”=%ProgramFiles%\TOSHIBA\FlashCards\TCrdM ain.exe
“SmartAudio”=C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
“cAudioFilterAgent”=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe [20/10/2011 10:16:13]
“SynTPEnh”=%ProgramFiles%\Synaptics\SynTP\SynTPEnh .exe
“Teco”=“%ProgramFiles%\TOSHIBA\TECO\Teco.exe” /r
“TosWaitSrv”=%ProgramFiles%\TOSHIBA\TPHM\TosWaitSr v.exe
“TosVolRegulator”=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [20/10/2011 11:03:32]
“TosSENotify”=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [09/06/2011 21:10:20]
“TosNC”=%ProgramFiles%\Toshiba\BulletinBoard\TosNc Core.exe
“TosReelTimeMonitor”=%ProgramFiles%\TOSHIBA\ReelTi me\TosReelTimeMonitor.exe
“ZAM”=“C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe” /minimized
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
“IconServiceLib”=IconCodecService.dll
“DdeSendTimeout”=0
“DesktopHeapLogging”=1
“GDIProcessHandleQuota”=10000
“ShutdownWarningDialogTimeout”=4294967295
“USERNestedWindowLimit”=50
“USERPostMessageLimit”=10000
“USERProcessHandleQuota”=10000
“”=mnmsrvc
“DeviceNotSelectedTimeout”=15
“Spooler”=yes
“TransmissionRetryTimeout”=90
“LoadAppInit_DLLs”=1
“AppInit_DLLs”=
[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
“CompletionChar”=64
“DefaultColor”=0
“EnableExtensions”=1
“PathCompletionChar”=64
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Run]
“TSleepSrv”=%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
“NortonOnlineBackupReminder”=“C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe” UNATTENDED
“ToshibaAppPlace”=“C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe”
“DivXUpdate”=“C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe” /CHECKNOW
“AvastUI.exe”=“C:\Program Files\AVAST Software\Avast\AvastUI.exe” /nogui
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
“IconServiceLib”=IconCodecService.dll
“DdeSendTimeout”=0
“DesktopHeapLogging”=1
“GDIProcessHandleQuota”=10000
“ShutdownWarningDialogTimeout”=4294967295
“USERNestedWindowLimit”=50
“USERPostMessageLimit”=10000
“USERProcessHandleQuota”=10000
“”=mnmsrvc
“DeviceNotSelectedTimeout”=15
“Spooler”=yes
“TransmissionRetryTimeout”=90
“LoadAppInit_DLLs”=1
“AppInit_DLLs”=
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\ShellServiceObjectDelayLoad]
“WebCheck”={E6FB5E20-DE35-11CF-9C87-00AA005127ED}
---------- | Win.ini :
---------- | System.ini :
---------- | Tasks List
avast! Emergency Update
CCleanerSkipUAC
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
SafeZone scheduled Autoupdate 1463186051
{1426D1E5-5A00-4D59-985A-2107F1BEF83C}
{2FB9F27A-DE3A-4CD6-B8B6-B233E63B6955}
{65C76270-92BA-4F63-B82C-13F0D18DD623}
{A8D2B036-36FC-403B-8061-05969D1469A2}
{E210F47C-43C1-4A1F-B297-CCB4BE5B7E4D}
---------- | Startings up registry ¦ Folder
---------- | Other keys
[HKLM\System\CurrentControlSet\Control\SecurityProv iders]
“SecurityProviders”=credssp.dll
[HKLM\System\CurrentControlSet\Control\Terminal Server]
“RCDependentServices”=CertPropSvc
SessionEnv
“NotificationTimeOut”=0
“SnapshotMonitors”=1
“ProductVersion”=5.1
“AllowRemoteRPC”=0
“DelayConMgrTimeout”=0
“fDenyTSConnections”=1
“StartRCM”=0
“TSAdvertise”=0
“DeleteTempDirsOnExit”=1
“fSingleSessionPerUser”=1
“PerSessionTempDir”=0
“TSUserEnabled”=0
“InstanceID”=ca4daa9c-9a14-471f-b520-1caccd3
[HKLM\System\CurrentControlSet\Control\Session Manager]
“CriticalSectionTimeout”=2592000
“GlobalFlag”=0
“HeapDeCommitFreeBlockThreshold”=0
“HeapDeCommitTotalFreeThreshold”=0
“HeapSegmentCommit”=0
“HeapSegmentReserve”=0
“ProcessorControl”=2
“ResourceTimeoutCount”=648000
“BootExecute”=autocheck autochk *
“ExcludeFromKnownDlls”=
“ObjectDirectories”=\Windows
\RPC Control
“ProtectionMode”=1
“NumberOfInitialSessions”=2
[HKLM\System\CurrentControlSet\Control]
“PreshutdownOrder”=wuauserv
gpsvc
trustedinstaller
“WaitToKillServiceTimeout”=200
“CurrentUser”=USERNAME
“BootDriverFlags”=0
“ServiceControlManagerExtension”=%systemroot%\syst em32\scext.dll
“SystemStartOptions”= TESTSIGNING NOEXECUTE=OPTIN
“SystemBootDevice”=multi(0)disk(0)rdisk(0)partitio n(2)
“FirmwareBootDevice”=multi(0)disk(0)rdisk(0)partit ion(1)
[HKLM\System\CurrentControlSet\Control\lsa]
“auditbaseobjects”=0
“auditbasedirectories”=0
“crashonauditfail”=0
“fullprivilegeauditing”=0x00
“Bounds”=0x0030000000200000
“LimitBlankPasswordUse”=1
“NoLmHash”=1
“Notification Packages”=scecli
“Security Packages”=kerberos
msv1_0
schannel
wdigest
tspkg
pku2u
livessp
“Authentication Packages”=msv1_0
“LsaPid”=672
“SecureBoot”=1
“ProductType”=3
“disabledomaincreds”=0
“everyoneincludesanonymous”=0
“forceguest”=0
“restrictanonymous”=0
“restrictanonymoussam”=1
---------- | .LNK with Arguments
---------- | AppCertDlls
---------- | Dnsapi.dll
C:\windows\System32\dnsapi.dll → OK : \drivers\etc\hosts
C:\windows\SysWOW64\dnsapi.dll → OK : \drivers\etc\hosts
---------- | Policies | Registry
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Control Panel\Desktop]
“ScreenSaveActive”=1
“ActiveWndTrackTimeout”=0
“BlockSendInputResets”=0
“CaretWidth”=1
“ClickLockTime”=1200
“CoolSwitchColumns”=7
“CoolSwitchRows”=3
“CursorBlinkRate”=530
“DockMoving”=1
“DragFromMaximize”=1
“DragFullWindows”=1
“DragHeight”=4
“DragWidth”=4
“FocusBorderHeight”=1
“FocusBorderWidth”=1
“FontSmoothing”=2
“FontSmoothingGamma”=0
“FontSmoothingOrientation”=1
“FontSmoothingType”=2
“ForegroundFlashCount”=7
“ForegroundLockTimeout”=200000
“LeftOverlapChars”=3
“MenuShowDelay”=400
“PaintDesktopVersion”=0
“Pattern”=0
“RightOverlapChars”=3
“SnapSizing”=1
“TileWallpaper”=0
“WallpaperOriginX”=0
“WallpaperOriginY”=0
“WallpaperStyle”=10
“WheelScrollChars”=3
“WheelScrollLines”=3
“WindowArrangementActive”=1
“UserPreferencesMask”=0x9E3E078012000000
“Wallpaper”=C:\Users\Mitch\AppData\Roaming\Microso ft\Windows\Themes\TranscodedWallpaper.jpg [26/12/2011 12:57:51]
“WaitToKillAppTimeout”=200
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer]
“ExplorerStartupTraceRecorded”=1
“ShellState”=0x24000000302800000000000000000000000 0000001000000120000000000000022000000
“CleanShutdown”=0
“Browse For Folder Width”=318
“Browse For Folder Height”=288
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced]
“Start_SearchFiles”=2
“ServerAdminUI”=0
“Hidden”=2
“ShowCompColor”=1
“HideFileExt”=1
“DontPrettyPath”=0
“ShowInfoTip”=1
“HideIcons”=0
“MapNetDrvBtn”=0
“WebView”=1
“Filter”=0
“SuperHidden”=0
“SeparateProcess”=0
“AutoCheckSelect”=0
“IconsOnly”=0
“ShowTypeOverlay”=1
“ListviewAlphaSelect”=1
“ListviewShadow”=1
“TaskbarAnimations”=1
“StartMenuInit”=4
“DisablePreviewDesktop”=1
[HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\System]
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableInstallerDetection”=1
“EnableLUA”=1
“EnableSecureUIAPaths”=1
“EnableUIADesktopToggle”=0
“EnableVirtualization”=1
“PromptOnSecureDesktop”=1
“ValidateAdminCodeSignatures”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“scforceoption”=0
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“FilterAdministratorToken”=0
[HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\Explorer]
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
[HKLM\Software\Microsoft\Windows\CurrentVersion\Pol icies\ActiveDesktop]
“NoAddingComponents”=1
“NoComponents”=1
[HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\HideDesktopIcons\NewStartPanel]
“{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}”=1
“{20D04FE0-3AEA-1069-A2D8-08002B30309D}”=1
“{208D2C60-3AEA-1069-A2D7-08002B30309D}”=1
“{871C5380-42A0-1069-A2EA-08002B30309D}”=1
“{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}”=1
“{59031a47-3f72-44a7-89c5-5595fe6b30ee}”=1
“{031E4825-7B94-4dc3-B131-E946B44C8DD5}”=1
“{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}”=1
“{9343812e-1c37-4a49-a12e-4b2d810d956b}”=1
[HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\HideDesktopIcons\ClassicStartMenu]
“{871C5380-42A0-1069-A2EA-08002B30309D}.default”=0
“{9343812e-1c37-4a49-a12e-4b2d810d956b}”=1
[HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced\Folder\Hidden\SHOWALL]
“RegPath”=Software\Microsoft\Windows\CurrentVersio n\Explorer\Advanced
“Text”=@shell32.dll,-30500
“Type”=radio
“CheckedValue”=1
“ValueName”=Hidden
“DefaultValue”=2
“HKeyRoot”=2147483649
“HelpID”=shell.hlp#51105
[HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer]
“ListViewPopupControl”={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}
“BrowserCFCreator”={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}
“GlobalFolderSettings”={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}
“LVPopupSearchControl”={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}
“FileOpenDialog”={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}
“IconUnderline”=2
“GlobalAssocChangedCounter”=22
“DoNotCleanTaskBar”=1
“MultipleInvokePromptMinimum”=10000
[HKLM\Software\Microsoft\Windows\CurrentVersion\Exp lorer\Advanced]
“TaskbarSizeMove”=0
“StartMenuFavorites”=1
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Associations]
“Application”= open %s file - Search
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\System]
“ConsentPromptBehaviorAdmin”=5
“ConsentPromptBehaviorUser”=3
“EnableInstallerDetection”=1
“EnableLUA”=1
“EnableSecureUIAPaths”=1
“EnableUIADesktopToggle”=0
“EnableVirtualization”=1
“PromptOnSecureDesktop”=1
“ValidateAdminCodeSignatures”=0
“dontdisplaylastusername”=0
“legalnoticecaption”=
“legalnoticetext”=
“scforceoption”=0
“shutdownwithoutlogon”=1
“undockwithoutlogon”=1
“FilterAdministratorToken”=0
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\Explorer]
“NoActiveDesktop”=1
“NoActiveDesktopChanges”=1
“ForceActiveDesktopOn”=0
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Policies\ActiveDesktop]
“NoAddingComponents”=1
“NoComponents”=1
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\HideDesktopIcons\NewStartPanel]
“{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}”=1
“{20D04FE0-3AEA-1069-A2D8-08002B30309D}”=1
“{208D2C60-3AEA-1069-A2D7-08002B30309D}”=1
“{871C5380-42A0-1069-A2EA-08002B30309D}”=1
“{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}”=1
“{59031a47-3f72-44a7-89c5-5595fe6b30ee}”=1
“{031E4825-7B94-4dc3-B131-E946B44C8DD5}”=1
“{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}”=1
“{9343812e-1c37-4a49-a12e-4b2d810d956b}”=1
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\HideDesktopIcons\ClassicStartMen u]
“{871C5380-42A0-1069-A2EA-08002B30309D}.default”=0
“{9343812e-1c37-4a49-a12e-4b2d810d956b}”=1
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
“RegPath”=Software\Microsoft\Windows\CurrentVersio n\Explorer\Advanced
“Text”=@shell32.dll,-30500
“Type”=radio
“CheckedValue”=1
“ValueName”=Hidden
“DefaultValue”=2
“HKeyRoot”=2147483649
“HelpID”=shell.hlp#51105
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer]
“ListViewPopupControl”={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}
“BrowserCFCreator”={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}
“GlobalFolderSettings”={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}
“LVPopupSearchControl”={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}
“FileOpenDialog”={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}
“IconUnderline”=2
“GlobalAssocChangedCounter”=92
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Advanced]
“TaskbarSizeMove”=0
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Associations]
“Application”= open %s file - Search
---------- | Winlogon
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
“ExcludeProfileDirs”=AppData\Local;AppData\LocalLo w;$Recycle.Bin
“BuildNumber”=7601
“FirstLogon”=0
“ParseAutoexec”=1
[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
“ReportBootOk”=1
“Shell”=explorer.exe
“PreCreateKnownFolders”={A520A1A4-1780-4FF6-BD18-167343C5AF16}
“Userinit”=C:\Windows\system32\userinit.exe,
“VMApplet”=SystemPropertiesPerformance.exe /pagefile
“AutoRestartShell”=1
“Background”=0 0 0
“CachedLogonsCount”=10
“DebugServerCommand”=no
“ForceUnlockLogon”=0
“LegalNoticeCaption”=
“LegalNoticeText”=
“PasswordExpiryWarning”=5
“PowerdownAfterShutdown”=0
“ShutdownWithoutLogon”=0
“WinStationsDisabled”=0
“DisableCAD”=1
“scremoveoption”=0
“ShutdownFlags”=7
“AutoAdminLogon”=0
“DefaultUserName”=Mitch
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
“ReportBootOk”=1
“Shell”=explorer.exe
“PreCreateKnownFolders”={A520A1A4-1780-4FF6-BD18-167343C5AF16}
“DefaultDomainName”=
“DefaultUserName”=
“Userinit”=userinit.exe,
“VMApplet”=SystemPropertiesPerformance.exe /pagefile
---------- | Associations
[HKLM\Software\Classes.exe]
“”=exefile
“Content Type”=application/x-msdownload
[HKLM\Software\Classes\exefile\Shell\Open\Command]
“”=“%1” %*
“IsolatedCommand”=“%1” %*
[HKLM\Software\Classes.com]
“”=comfile
[HKLM\Software\Classes\comfile\Shell\Open\Command]
“”=“%1” %*
[HKLM\Software\Classes.reg]
“”=regfile
[HKLM\Software\Classes\regfile\Shell\Open\Command]
“”=regedit.exe “%1”
[HKLM\Software\Classes.scr]
“”=scrfile
[HKLM\Software\Classes\scrfile\Shell\Open\Command]
“”=“%1” /S
[HKLM\Software\Classes.bat]
“”=batfile
[HKLM\Software\Classes\batfile\Shell\Open\Command]
“”=“%1” %*
[HKLM\Software\Classes.cmd]
“”=cmdfile
[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
“”=“%1” %*
[HKLM\Software\Classes.pif]
“”=piffile
[HKLM\Software\Classes\piffile\Shell\Open\Command]
“”=“%1” %*
[HKLM\Software\Classes.inf]
“”=inffile
[HKLM\Software\Classes\inffile\Shell\Open\Command]
“”=%SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\Software\Classes.url]
“”=InternetShortcut
[HKLM\Software\Classes.lnk]
“”=lnkfile
[HKLM\Software\Classes.hta]
“PerceivedType”=text
“”=htafile
“Content Type”=application/hta
[HKLM\Software\Classes\htafile\Shell\Open\Command]
“”=C:\Windows\SysWOW64\mshta.exe “%1” %*
[HKLM\Software\Classes\InternetShortcut]
“NeverShowExt”=
“InfoTip”=prop:System.Link.TargetUrl;System.Rating ;System.Link.Description;System.Link.Comment
“EditFlags”=2
“FullDetails”=prop:System.Link.TargetUrl;System.Ra ting;System.Link.Description;System.Link.Comment
“IsShortcut”=
“FriendlyTypeName”=@C:\Windows\System32\ieframe.dl l,-10046
“PreviewDetails”=prop:System.Link.TargetUrl;System .Rating;System.History.VisitCount;System.History.D ateChanged;System.Link.DateVisited;System.Link.Des cription;System.Link.Comment
[HKLM\Software\Classes\Application.Manifest]
“”=Application Manifest
“EditFlags”=65536
“BrowserFlags”=4096
“FriendlyTypeName”=@dfshim.dll,-200
[HKLM\Software\Classes\Application.Reference]
“NeverShowExt”=
“”=Application Reference
“IsShortcut”=
“EditFlags”=131072
“FriendlyTypeName”=@dfshim.dll,-201
[HKLM\Software\Classes\Folder]
“ContentViewModeLayoutPatternForBrowse”=delta
“ContentViewModeForBrowse”=prop:~System.ItemNameDi splay;~System.LayoutPattern.PlaceHolder;~System.La youtPattern.PlaceHolder;~System.LayoutPattern.Plac eHolder;System.DateModified
“ContentViewModeLayoutPatternForSearch”=alpha
“ContentViewModeForSearch”=prop:~System.ItemNameDi splay;System.DateModified;~System.ItemFolderPathDi splay
“”=
“EditFlags”=0xD2030000
“FullDetails”=prop:System.PropGroup.Description;Sy stem.ItemNameDisplay;System.ItemTypeText;System.Si ze
“NoRecentDocs”=
“ThumbnailCutoff”=0
“TileInfo”=prop:System.Title;System.ItemTypeText
[HKLM\Software\WOW6432Node\Classes.exe]
“”=exefile
“Content Type”=application/x-msdownload
[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Op en\Command]
“”=“%1” %*
“IsolatedCommand”=“%1” %*
[HKLM\Software\WOW6432Node\Classes.com]
“”=comfile
[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Op en\Command]
“”=“%1” %*
[HKLM\Software\WOW6432Node\Classes.reg]
“”=regfile
[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Op en\Command]
“”=regedit.exe “%1”
[HKLM\Software\WOW6432Node\Classes.scr]
“”=scrfile
[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Op en\Command]
“”=“%1” /S
[HKLM\Software\WOW6432Node\Classes.bat]
“”=batfile
[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Op en\Command]
“”=“%1” %*
[HKLM\Software\WOW6432Node\Classes.cmd]
“”=cmdfile
[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Op en\Command]
“”=“%1” %*
[HKLM\Software\WOW6432Node\Classes.pif]
“”=piffile
[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Op en\Command]
“”=“%1” %*
[HKLM\Software\WOW6432Node\Classes.inf]
“”=inffile
[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Op en\Command]
“”=%SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\Software\WOW6432Node\Classes.url]
“”=InternetShortcut
[HKLM\Software\WOW6432Node\Classes.lnk]
“”=lnkfile
[HKLM\Software\WOW6432Node\Classes.hta]
“PerceivedType”=text
“”=htafile
“Content Type”=application/hta
[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Op en\Command]
“”=C:\Windows\SysWOW64\mshta.exe “%1” %*
[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
“NeverShowExt”=
“InfoTip”=prop:System.Link.TargetUrl;System.Rating ;System.Link.Description;System.Link.Comment
“EditFlags”=2
“FullDetails”=prop:System.Link.TargetUrl;System.Ra ting;System.Link.Description;System.Link.Comment
“IsShortcut”=
“FriendlyTypeName”=@C:\Windows\System32\ieframe.dl l,-10046
“PreviewDetails”=prop:System.Link.TargetUrl;System .Rating;System.History.VisitCount;System.History.D ateChanged;System.Link.DateVisited;System.Link.Des cription;System.Link.Comment
[HKLM\Software\WOW6432Node\Classes\Application.Mani fest]
“”=Application Manifest
“EditFlags”=65536
“BrowserFlags”=4096
“FriendlyTypeName”=@dfshim.dll,-200
[HKLM\Software\WOW6432Node\Classes\Application.Refe rence]
“NeverShowExt”=
“”=Application Reference
“IsShortcut”=
“EditFlags”=131072
“FriendlyTypeName”=@dfshim.dll,-201
[HKLM\Software\WOW6432Node\Classes\Folder]
“ContentViewModeLayoutPatternForBrowse”=delta
“ContentViewModeForBrowse”=prop:~System.ItemNameDi splay;~System.LayoutPattern.PlaceHolder;~System.La youtPattern.PlaceHolder;~System.LayoutPattern.Plac eHolder;System.DateModified
“ContentViewModeLayoutPatternForSearch”=alpha
“ContentViewModeForSearch”=prop:~System.ItemNameDi splay;System.DateModified;~System.ItemFolderPathDi splay
“”=
“EditFlags”=0xD2030000
“FullDetails”=prop:System.PropGroup.Description;Sy stem.ItemNameDisplay;System.ItemTypeText;System.Si ze
“NoRecentDocs”=
“ThumbnailCutoff”=0
“TileInfo”=prop:System.Title;System.ItemTypeText
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
“”=“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
“ReinstallCommand”=“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” --make-default-browser
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.E XE\Shell\open\Command]
“”=C:\Program Files (x86)\Internet Explorer\iexplore.exe [12/07/2012 12:00:36]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.E XE\InstallInfo]
“ReinstallCommand”=“C:\Windows\System32\ie4uinit.e xe” -reinstall
[HKLM\Software\Clients\StartMenuInternet\SafeZoneSt able\Shell\open\Command]
“”=“C:\Program Files\AVAST Software\SZBrowser\Launcher.exe”
[HKLM\Software\Clients\StartMenuInternet\SafeZoneSt able\InstallInfo]
“ReinstallCommand”=“C:\Program Files\AVAST Software\SZBrowser\Launcher.exe” --makedefaultbrowser
[HKLM\Software\WOW6432Node\Clients\StartMenuInterne t\Google Chrome\Shell\open\Command]
“”=“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe”
[HKLM\Software\WOW6432Node\Clients\StartMenuInterne t\Google Chrome\InstallInfo]
“ReinstallCommand”=“C:\Program Files (x86)\Google\Chrome\Application\chrome.exe” --make-default-browser
[HKLM\Software\WOW6432Node\Clients\StartMenuInterne t\IEXPLORE.EXE\Shell\open\Command]
“”=C:\Program Files (x86)\Internet Explorer\iexplore.exe [12/07/2012 12:00:36]
[HKLM\Software\WOW6432Node\Clients\StartMenuInterne t\IEXPLORE.EXE\InstallInfo]
“ReinstallCommand”=“C:\Windows\System32\ie4uinit.e xe” -reinstall
[HKLM\Software\WOW6432Node\Clients\StartMenuInterne t\SafeZoneStable\Shell\open\Command]
“”=“C:\Program Files\AVAST Software\SZBrowser\Launcher.exe”
[HKLM\Software\WOW6432Node\Clients\StartMenuInterne t\SafeZoneStable\InstallInfo]
“ReinstallCommand”=“C:\Program Files\AVAST Software\SZBrowser\Launcher.exe” --makedefaultbrowser
---------- | AppcompatFlags
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
“C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe”=2
“SIGN.MEDIA=1D75FBE setup.exe”=1
“SIGN.IE=0E2560 DivXInstaller.exe”=1
“C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe”=1
“C:\ProgramData\WebEx\WebEx\1124\atinst.exe”=1
“C:\Users\Mitch\Desktop\setup.exe”=1
“C:\Users\Mitch\Desktop\OpenOffice 4.1.1 (en-US) Installation Files\setup.exe”=1
[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
“C:\Program Files\AVAST Software\SZBrowser\Launcher.exe”=32
---------- | IFEO
---------- | Mountpoints2
---------- | Windows
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
“MouseSpeed”=#USR:Control Panel\Mouse
“MouseThreshold1”=#USR:Control Panel\Mouse
“MouseThreshold2”=#USR:Control Panel\Mouse
“SwapMouseButtons”=#USR:Control Panel\Mouse
“Beep”=#USR:Control Panel\Sound
“DoubleClickSpeed”=#USR:Control Panel\Mouse
“CoolSwitch”=USR:Control Panel\Desktop
“DoubleClickHeight”=#USR:Control Panel\Mouse
“DoubleClickWidth”=#USR:Control Panel\Mouse
“DragFullWindows”=USR:Control Panel\Desktop
“InitialKeyboardIndicators”=USR:Control Panel\Keyboard
“LowPowerActive”=#USR:Control Panel\Desktop
“LowPowerTimeOut”=#USR:Control Panel\Desktop
“PowerOffActive”=#USR:Control Panel\Desktop
“PowerOffTimeOut”=#USR:Control Panel\Desktop
“ScreenSaveActive”=#USR:Control Panel\Desktop
“ScreenSaveTimeOut”=#USR:Control Panel\Desktop
“SnapToDefaultButton”=#USR:Control Panel\Mouse
“”=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows
“Spooler”=#SYS:Microsoft\Windows NT\CurrentVersion\Windows
“TRANSMISSIONRETRYTIMEOUT”=#SYS:MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS
“DEFAULTSEPARATEVDM”=\REGISTRY\MACHINE\SYSTEM\CURR ENTCONTROLSET\CONTROL\WOW
“APPINIT_DLLS”=SYS:MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS
“DEVICENOTSELECTEDTIMEOUT”=#SYS:MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS
“SWAPDISK”=SYS:MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
“”=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot
“ScreenSaverActive”=USR:Control Panel\Desktop
“ScreenSaverIsSecure”=USR:Control Panel\Desktop
“SCRNSAVE.EXE”=USR:Control Panel\Desktop
“Shell”=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
“MouseSpeed”=#USR:Control Panel\Mouse
“MouseThreshold1”=#USR:Control Panel\Mouse
“MouseThreshold2”=#USR:Control Panel\Mouse
“SwapMouseButtons”=#USR:Control Panel\Mouse
“Beep”=#USR:Control Panel\Sound
“DoubleClickSpeed”=#USR:Control Panel\Mouse
“CoolSwitch”=USR:Control Panel\Desktop
“DoubleClickHeight”=#USR:Control Panel\Mouse
“DoubleClickWidth”=#USR:Control Panel\Mouse
“DragFullWindows”=USR:Control Panel\Desktop
“InitialKeyboardIndicators”=USR:Control Panel\Keyboard
“LowPowerActive”=#USR:Control Panel\Desktop
“LowPowerTimeOut”=#USR:Control Panel\Desktop
“PowerOffActive”=#USR:Control Panel\Desktop
“PowerOffTimeOut”=#USR:Control Panel\Desktop
“ScreenSaveActive”=#USR:Control Panel\Desktop
“ScreenSaveTimeOut”=#USR:Control Panel\Desktop
“SnapToDefaultButton”=#USR:Control Panel\Mouse
“TRANSMISSIONRETRYTIMEOUT”=#SYS:MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS
“DEFAULTSEPARATEVDM”=\REGISTRY\MACHINE\SYSTEM\CURR ENTCONTROLSET\CONTROL\WOW
“APPINIT_DLLS”=SYS:MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS
“DEVICENOTSELECTEDTIMEOUT”=#SYS:MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS
“SWAPDISK”=SYS:MICROSOFT\WINDOWS NT\CURRENTVERSION\WINDOWS
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
“”=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot
“ScreenSaverActive”=USR:Control Panel\Desktop
“ScreenSaverIsSecure”=USR:Control Panel\Desktop
“SCRNSAVE.EXE”=USR:Control Panel\Desktop
“Shell”=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon
[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
“windows”=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
---------- | Security center
[HKLM\SOFTWARE\Microsoft\Security Center]
“cval”=1
[HKLM\SOFTWARE\Microsoft\Security Center\svc]
“VistaSp1”=128920218544262440
“AntiVirusOverride”=0
“AntiSpywareOverride”=0
“FirewallOverride”=0
[HKLM\SOFTWARE\Microsoft\Windows Defender]
“DisableAntiSpyware”=0
“DisableRoutinelyTakingAction”=0
“ProductStatus”=0
“InstallTime”=0xC13BA4F84A8FCC01
[HKLM\Software\WOW6432Node\Microsoft\Windows Defender]
“DisableAntiSpyware”=0
“DisableRoutinelyTakingAction”=1
[HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\DomainProfile]
“EnableFirewall”=1
[HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\StandardProfile]
“EnableFirewall”=1
[HKLM\SYSTEM\CurrentControlSet\services\SharedAcces s\Parameters\FirewallPolicy\PublicProfile]
“EnableFirewall”=1
---------- | Safeboot
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\87566282.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Min imal{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\87566282.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Net work{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
---------- | Winsock (Whitelist)
---------- | Hosts
127.0.0.1 localhost
::1 localhost
---------- | Ping
Ping request could not find host google.com. Please check the name and try again.
---------- | @
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Main]
“Disable Script Debugger”=yes
“Anchor Underline”=yes
“Cache_Update_Frequency”=Once_Per_Session
“Display Inline Images”=yes
“Do404Search”=0x01000000
“Local Page”=C:\windows\system32\blank.htm
“Save_Session_History_On_Exit”=no
“Show_FullURL”=no
“Show_StatusBar”=yes
“Show_ToolBar”=yes
“Show_URLinStatusBar”=yes
“Show_URLToolBar”=yes
“Use_DlgBox_Colors”=yes
“Search Page”= Search - Microsoft Bing
“XMLHTTP”=1
“NoUpdateCheck”=1
“DisableScriptDebuggerIE”=yes
“UseClearType”=no
“Enable Browser Extensions”=yes
“Play_Background_Sounds”=yes
“Play_Animations”=yes
“Default_Page_URL”= MSN
“DisableFirstRunCustomize”=1
“SearchDefaultBranded”=1
“CompatibilityFlags”=0
“FullScreen”=no
“Window_Placement”=0x2C0000000200000003000000FFFFF FFFFFFFFFFFFFFFFFFFFFFFFFFFC8000000320000001D04000 082020000
“IconCache”=o3f9fvg
“Use FormSuggest”=yes
“DownloadWindowPlacement”=0x2C00000000000000000000 00FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3B01000055000000 BB03000035020000
“Use Search Asst”=no
“SSLTLSTokens”=0x010000001C000000716E5438394C47633 96545736E4A76566633617A6B6E746A4B76673D00000000000 0000000000000
“AllowWindowReuse”=0
“Isolation”=PMIL
“Start Page”= http://www.google.com
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Int ernet settings]
“IE5_UA_Backup_Flag”=5.0
“User Agent”=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
“EmailName”=User@
“PrivDiscUiShown”=1
“EnableHttp1_1”=1
“WarnOnIntranet”=1
“MimeExclusionListForCache”=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges
“AutoConfigProxy”=wininet.dll
“UseSchannelDirectly”=0x01000000
“WarnOnPost”=0x01000000
“UrlEncoding”=0
“SecureProtocols”=160
“PrivacyAdvanced”=0
“ZonesSecurityUpgrade”=0xC27F1CA508C4CC01
“DisableCachingOfSSLPages”=0
“WarnonZoneCrossing”=0
“CertificateRevocation”=1
“EnableNegotiate”=1
“MigrateProxy”=1
“ProxyEnable”=0
“ReceiveTimeout”=10000
“GlobalUserOffline”=0
[HKLM\Software\Microsoft\Internet Explorer\Main]
“AutoHide”=yes
“Security Risk Page”=about:SecurityRisk
“Extensions Off Page”=about:NoAdd-ons
“Default_Search_URL”= Search - Microsoft Bing
“Default_Page_URL”= MSN
“Anchor_Visitation_Horizon”=0x01000000
“Cache_Percent_of_Disk”=0x0A000000
“Placeholder_Width”=0x1A000000
“Placeholder_Height”=0x1A000000
“Default_Secondary_Page_URL”=
“Use_Async_DNS”=yes
“Start Page”= MSN
“Local Page”=C:\Windows\System32\blank.htm
“Search Page”= Search - Microsoft Bing
“Delete_Temp_Files_On_Exit”=yes
“Enable_Disk_Cache”=yes
“Check_Associations”=yes
“TabProcGrowth”=Medium
“Print_Background”=0
“AlwaysShowMenus”=0
“StatusBarWeb”=1
[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
“blank”=res://mshtml.dll/blank.htm
“NoAdd-onsInfo”=res://ieframe.dll/noaddoninfo.htm
“InPrivate”=res://ieframe.dll/inprivate.htm
“NavigationFailure”=res://ieframe.dll/navcancl.htm
“NoAdd-ons”=res://ieframe.dll/noaddon.htm
“Home”=270
“PostNotCached”=res://ieframe.dll/repost.htm
“DesktopItemNavigationFailure”=res://ieframe.dll/navcancl.htm
“NavigationCanceled”=res://ieframe.dll/navcancl.htm
“OfflineInformation”=res://ieframe.dll/offcancl.htm
“SecurityRisk”=res://ieframe.dll/securityatrisk.htm
[HKLM\Software\Microsoft\Windows\CurrentVersion\URL \DefaultPrefix]
“”=http://
[HKLM\Software\Microsoft\Windows\CurrentVersion\URL \Prefixes]
“mosaic”=http://
“www”=http://
“home”=http://
“ftp”=ftp://
“gopher”=gopher://
[HKLM\Software\Microsoft\Windows\CurrentVersion\Int ernet settings]
“EnablePunycode”=1
“CodeBaseSearchPath”=CODEBASE
“WarnOnIntranet”=1
“MinorVersion”=0
“ActiveXCache”=C:\Windows\Downloaded Program Files
[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
“AutoHide”=yes
“Security Risk Page”=about:SecurityRisk
“Extensions Off Page”=about:NoAdd-ons
“Default_Search_URL”= Search - Microsoft Bing
“Default_Page_URL”= MSN
“Anchor_Visitation_Horizon”=0x01000000
“Cache_Percent_of_Disk”=0x0A000000
“Placeholder_Width”=0x1A000000
“Placeholder_Height”=0x1A000000
“Default_Secondary_Page_URL”=
“Use_Async_DNS”=yes
“Start Page”= MSN
“Local Page”=C:\Windows\SysWOW64\blank.htm
“Search Page”= Search - Microsoft Bing
“Delete_Temp_Files_On_Exit”=yes
“Enable_Disk_Cache”=yes
“TabProcGrowth”=Medium
“Print_Background”=0
“AlwaysShowMenus”=0
“StatusBarWeb”=1
“Enable Browser Extensions”=yes
“Use Search Asst”=no
[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
“blank”=res://mshtml.dll/blank.htm
“NoAdd-onsInfo”=res://ieframe.dll/noaddoninfo.htm
“InPrivate”=res://ieframe.dll/inprivate.htm
“NavigationFailure”=res://ieframe.dll/navcancl.htm
“NoAdd-ons”=res://ieframe.dll/noaddon.htm
“Home”=270
“PostNotCached”=res://ieframe.dll/repost.htm
“DesktopItemNavigationFailure”=res://ieframe.dll/navcancl.htm
“NavigationCanceled”=res://ieframe.dll/navcancl.htm
“OfflineInformation”=res://ieframe.dll/offcancl.htm
“SecurityRisk”=res://ieframe.dll/securityatrisk.htm
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\URL\DefaultPrefix]
“”=http://
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\URL\Prefixes]
“mosaic”=http://
“www”=http://
“home”=http://
“ftp”=ftp://
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Internet settings]
“EnablePunycode”=1
“CodeBaseSearchPath”=CODEBASE
“WarnOnIntranet”=1
“MinorVersion”=0
“ActiveXCache”=C:\Windows\Downloaded Program Files
---------- | reparsepoint
---------- | Detection of offsets
---------- | Notify
---------- | Execution FileExts
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts.avi]
“DivX.AAR.backup”=Windows Media Player
“Progid”=divx_avi_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts.div]
“Progid”=divx_div_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts.divx]
“Progid”=divx_divx_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts.mkv]
“Progid”=divx_mkv_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts.qt]
“Progid”=divx_qt_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts.tix]
“Progid”=divx_tix_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Exp lorer\FileExts.vob]
“Progid”=divx_vob_file
---------- | SIOI | SEH | URLSH
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} – C:\Program Files\AVAST Software\Avast\ashShA64.dll [19/07/2016 18:28:45]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\EnhancedStorageS hell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} – %SystemRoot%\system32\EhStorShell.dll
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} – %SystemRoot%\system32\ntshrui.dll
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\ShellIconOverlayIdentifiers\Enha ncedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} – %SystemRoot%\system32\EhStorShell.dll
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\ShellIconOverlayIdentifiers\Shar ingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} – %SystemRoot%\system32\ntshrui.dll
---------- | Toolbar
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
“Locked”=0
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]
“ITBar7Layout”=0x130000000000000000000000300000001 00006003A00000001000000800600005E01000008000000810 00000000000000700000081000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 06458B9555132E945BB301A82589AAFF173BF90CDF620EF449 93DBB920303BD2E00000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 00000000000000000000000000000000000000000000000000 000000000000000000000000000000000000000000000
“ITBar7Height”=0
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
“Version”=1
“KnownProvidersUpgradeTime”=0x778451D408C4CC01
“DownloadRetries”=0
“ShowSearchSuggestionsInAddressGlobal”=1
[HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
“Locked”=0
[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
“DefaultScope”={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar]
“Locked”=0
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
“DefaultScope”={0633EE93-D776-472f-A0FF-E1416B8B2E3A}
---------- | Extensions
[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) -
---------- | SearchScopes
---------- | Browser Helper Objects
---------- | Chrome
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com/ - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljnie djpjpf = : Google & co - Google - Google & co - [:// Google://www.google.com/webhp*://www.google.com/imgres ] - http://clients2.google.com/service/update2/crx
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\ekdjfcdinekpfcedakhpngcnaa mhiihn = : Bflix browser extension - TheBflix
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\nneajnkjbffgblleaoojgaacok ifdkhm = : MSG_extdesc - MSG_extname
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoe jaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddi lifddb = : MSG_description - short_name: MSG_name - https://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegiea cbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\nlgfkngkdcjlfgcfdmjoafonkk hacilj = : The free Chrome companion to OpenOffice - short_name: OpenOffice for Chrome - https://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccm gmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\nneajnkjbffgblleaoojgaacok ifdkhm = : MSG_extdesc - MSG_extname
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcj beemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleuserco ntent.com - https://clients2.google.com/service/update2/crx
[HKLM\Software\WOW6432Node\Google\Chrome\Extensions \nneajnkjbffgblleaoojgaacokifdkhm]
---------- | Opera
---------- | Firefox
[HKLM\Software\WOW6432Node\mozilla\Firefox\Extensio ns]
“{23fcfd51-4958-4f00-80a3-ae97e717ed8b}”=C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
[HKLM\Software\MozillaPlugins@adobe.com/FlashPlayer] - (Adobe® Flash® Player 18.0.0.232 Plugin) : C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_ 232.dll
[HKLM\Software\MozillaPlugins@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@adobe.com/FlashPlayer] - (Adobe® Flash® Player 18.0.0.232 Plugin) : C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_ 232.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@divx.com/DivX Browser Plugin,version=1.0.0] - (DivX Plus Web Player) : C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@java.com/JavaPlugin] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@microsoft.com/WLPG,version=15.4.3538.0513] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (WildTangent Games App Presence Detector Plugin) : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp .dll
---------- | DNS
---------- | Applications
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Classes\Applications\FreeTorrentView er.exe] : “C:\Program Files (x86)\FreeTorrentViewer\FreeTorrentViewer.exe” “%1”
[HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : “C:\Windows\eHome\ehshell.exe” “%1”
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : “C:\Program Files (x86)\Internet Explorer\iexplore.exe” %1
[HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : “C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe” “%1”
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe “%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll”, ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : “C:\Program Files\AVAST Software\SZBrowser\Launcher.exe” “%1”
[HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer. dll] : “C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe” /LaunchPhotoViewer /v “%1”
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : “%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe” /Open “%L”
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : “%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE” “%1”
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehs hell.exe] : “C:\Windows\eHome\ehshell.exe” “%1”
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iex plore.exe] : “C:\Program Files (x86)\Internet Explorer\iexplore.exe” %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\Mov ieMaker.exe] : “C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe” “%1”
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\not epad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\pho toviewer.dll] : %SystemRoot%\System32\rundll32.exe “%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll”, ImageView_Fullscreen %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZB rowser.exe] : “C:\Program Files\AVAST Software\SZBrowser\Launcher.exe” “%1”
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLX PhotoViewer.dll] : “C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe” /LaunchPhotoViewer /v “%1”
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmp layer.exe] : “%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe” /Open “%L”
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wor dpad.exe] : “%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE” “%1”
---------- | SvcHost (Whitelist)
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
“regsvc”=RemoteRegistry
“DcomLaunch”=Power
PlugPlay
DcomLaunch
“secsvcs”=WinDefend
“bthsvcs”=bthserv
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
“DcomLaunch”=Power
PlugPlay
DcomLaunch
---------- | SvcHost - Netsvcs (Whitelist)
Term - :
---------- | Software
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\9-lab]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Adobe]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\AI_RecycleBin]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\AppDataLow]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\AVAST Software]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Blehjoqlir]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Caphyon]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Clients]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\DivX]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\DivXNetworks]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\GNU]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Google]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Intel]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\JavaSoft]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\KineticJump]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Macromedia]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\MCAFEE]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Mixi.DJ]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\MozillaPlugins]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\ORL]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Piriform]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Policies]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\QtProject]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\SimonTatham]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Stronghold Online Backup]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Strongvault]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Synaptics]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Sysinternals]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Tific]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\TightVNC]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Toshiba]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Trolltech]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\VB and VBA Program Settings]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Veoh]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\WebEx]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Wow6432Node]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\ZebHelpProcess Helper]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Zemana]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\ZHP]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\AppDataLow\Software\DivX]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\AppDataLow\Software\Yahoo]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\ATI Technologies]
[HKLM\Software\CBSTEST]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\CXT]
[HKLM\Software\Cyberlink]
[HKLM\Software\DivX]
[HKLM\Software\ESET]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\IntelVolatile]
[HKLM\Software\JL2005D]
[HKLM\Software\JL2005D_5]
[HKLM\Software\JL2005D_7]
[HKLM\Software\Macromedia]
[HKLM\Software\Microsoft]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\REGSERVO]
[HKLM\Software\SOFTWARE]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\sysinternals]
[HKLM\Software\Toshiba]
[HKLM\Software\TOSHIBA Corporation]
[HKLM\Software\UIU]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Zemana]
[HKLM\Software\ZmnGlobalSDK]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnosti cs]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnostic sProvider]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImperso nation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestr icted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestri cted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesk topHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesk topPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AdobeFlashPlayerUpdate]
[HKLM\Software\WOW6432Node\Atheros Communications Inc.]
[HKLM\Software\WOW6432Node\AVAST Software]
[HKLM\Software\WOW6432Node\DivX]
[HKLM\Software\WOW6432Node\DivXNetworks]
[HKLM\Software\WOW6432Node\Eset]
[HKLM\Software\WOW6432Node\Giraffic]
[HKLM\Software\WOW6432Node\GNU]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\HaaliMkx]
[HKLM\Software\WOW6432Node\Hyperlync]
[HKLM\Software\WOW6432Node\InstallShield]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\JL2005D]
[HKLM\Software\WOW6432Node\JL2005D_5]
[HKLM\Software\WOW6432Node\JL2005D_7]
[HKLM\Software\WOW6432Node\JL6_DECODE]
[HKLM\Software\WOW6432Node\Licenses]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\Malwarebytes’ Anti-Malware]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\MimarSinan]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\Norton]
[HKLM\Software\WOW6432Node\Norton PC Checkup]
[HKLM\Software\WOW6432Node\NPCCU]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\PCTools]
[HKLM\Software\WOW6432Node\Piriform]
[HKLM\Software\WOW6432Node\REALTEK Semiconductor Corp.]
[HKLM\Software\WOW6432Node\SOS]
[HKLM\Software\WOW6432Node\Symantec]
[HKLM\Software\WOW6432Node\Tific]
[HKLM\Software\WOW6432Node\TightVNC]
[HKLM\Software\WOW6432Node\TOSHIBA]
[HKLM\Software\WOW6432Node\TOSHIBA CORPORATION]
[HKLM\Software\WOW6432Node\Ulead Systems]
[HKLM\Software\WOW6432Node\WildTangent]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStor age]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Script edDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Window s Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Window s Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImperso nation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestr icted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestri cted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesk topHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesk topPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]
---------- | Drives
E:
[18/04/2017 16:25:08] - |N| - (.© 2005-2017 Blizzard Entertainment Inc. - StarCraft Launcher.) - [3205616] - (1.0.0.2716) - E:\StarCraft-Setup.exe
[19/04/2017 11:00:56] - |N| - (.Copyright (C) 2013-2017 SosVirus Software - QuickDiag.) - [2776488] - (2.4.17.1) - E:\quickdiag_3_02.04.17.1.exe
[19/04/2017 11:00:59] - |N| - (.-.) - [26286152] - (12.10.5.0) - E:\RogueKillerX64.exe
[15/04/2017 19:57:22] - |N| - (.Malwarebytes - AdwCleaner is a free Adware/PUP removal tool..) - [4089296] - (6.0.4.5) - E:\AdwCleaner.exe
[15/04/2017 19:57:24] - |N| - (.sUBs - ComboFix NSIS Installer.) - [5659546] - (17.4.5.1) - E:\ComboFix.exe
[15/04/2017 19:57:29] - |N| - (.©1999-2015 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [1766912] - (15.3.2017.0) - E:\FRST.exe
[15/04/2017 19:57:31] - |N| - (.©1999-2015 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [2424832] - (15.3.2017.0) - E:\FRST64.exe
[15/04/2017 19:57:35] - |N| - (.- Junkware Removal Tool.) - [1663672] - (8.1.3.0) - E:\JRT.exe
[15/04/2017 19:57:36] - |N| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - E:\rkill.exe
[15/04/2017 19:57:36] - |N| - (.© 1997-2017 AO Kaspersky Lab. - TDSS rootkit removing tool.) - [4922400] - (3.1.0.15) - E:\tdsskiller.exe
[15/04/2017 19:57:37] - |N| - (.Nicolas Coolman - ZHPCleane.) - [2760704] - (2017.4.12.64) - E:\ZHPCleaner.exe
[15/04/2017 19:57:39] - |N| - (.Nicolas Coolman - ZHPDiag.) - [2717696] - (2017.4.11.63) - E:\ZHPDiag3.exe
[15/04/2017 19:59:26] - |N| - (.Copyright (c) 2010 AVAST Software. - avast! Antirootkit.) - [5198336] - (1.0.1.2252) - E:\aswMBR.exe
[15/04/2017 19:59:50] - |N| - (.Copyright (C) 2002-2017 Mark Russinovich - Autostart program viewer.) - [716456] - (13.70.0.0) - E:\Autoruns.exe
[15/04/2017 19:59:50] - |N| - (.Copyright (C) 2002-2017 Mark Russinovich - Autostart program viewer.) - [844464] - (13.70.0.0) - E:\Autoruns64.exe
[15/04/2017 19:59:50] - |N| - (.Copyright (C) 2002-2017 Mark Russinovich - Autostart program viewer.) - [629928] - (13.70.0.0) - E:\autorunsc.exe
[15/04/2017 19:59:50] - |N| - (.Copyright (C) 2002-2017 Mark Russinovich - Autostart program viewer.) - [743088] - (13.70.0.0) - E:\autorunsc64.exe
[16/04/2017 12:41:27] - |N| - (.© Copyright 2017 - Advanced Malware Protection .) - [5774688] - (2.72.0.388) - E:\Zemana.AntiMalware.Setup.exe
[16/04/2017 12:41:31] - |N| - (.Copyright © 2015 - Destroy Windows 10 Spying Rollup Edition.) - [294400] - (1.6.722.0) - E:\DWS_Lite.exe
[16/04/2017 12:41:33] - |N| - (.2005-2017 COMODO. - COMODO Internet Security.) - [5363680] - (10.0.1.6209) - E:\cfw_installer.exe
[16/04/2017 12:41:35] - |N| - (.Copyright (c) 2014 AVAST Software - Avast Antivirus Installer.) - [298459488] - (17.4.3450.0) - E:\avast_free_antivirus_setup_offline.exe
F:
[12/02/2007 18:33:37] - |R| - (.-.) - [1110016] - (1.4.0.7) - F:\LaunchU3.exe
[12/02/2007 12:53:42] - |R| - (.-.) - [277] - (0.0.0.0) - F:\autorun.inf
---------- | C:
[09/09/2015 09:03:18] - |SHD| - [129] - C:$RECYCLE.BIN
[08/09/2015 10:26:24] - |D| - [6280261] - C:\AdwCleaner
[01/08/2011 16:33:07] - |SHD| - [14594356] - C:\Boot
[MD5.259525CFB422E6AC8E87BC9777B1DF73] - [01/08/2011 16:33:08] - |RASH| - (.-.) - [383786] - (0.0.0.0) - C:\bootmgr
[MD5.25D84C10EB6F8103365CEBA15E4FC10C] - [01/08/2011 16:33:10] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK
[05/03/2012 17:06:38] - |D| - [7376] - C:\codec-info
[12/02/2014 17:33:25] - |D| - [0] - C:\components
[13/07/2009 22:08:56] - |SHD| - [0] - C:\Documents and Settings
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1028.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1031.txt
[MD5.99C22D4A31F4EAD4351B71D6F4E5F6A1] - [07/11/2007 09:00:40] - |A| - (.-.) - [10134] - (0.0.0.0) - C:\eula.1033.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1036.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1040.txt
[MD5.9B15A3A055CC6E67EA191A1B7885649A] - [07/11/2007 09:00:40] - |A| - (.-.) - [118] - (0.0.0.0) - C:\eula.1041.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1042.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.2052.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.3082.txt
[MD5.EDE06CD4D95178D6A2DEF6B60BD267F4] - [08/09/2015 19:06:15] - |A| - (.-.) - [42] - (0.0.0.0) - C:\folders.log
[08/09/2015 12:07:03] - |D| - [172037122] - C:\FRST
[MD5.E7832D67AD190A920970CB5ADFC6D5D1] - [06/07/2015 00:59:04] - |A| - (.-.) - [383] - (0.0.0.0) - C:\ftconfig.ini
[MD5.0A6B586FABD072BD7382B5E24194EAC7] - [07/11/2007 09:00:40] - |A| - (.-.) - [1110] - (0.0.0.0) - C:\globdata.ini
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/10/2011 10:01:22] - |ASH| - (.-.) - [3180220416] - (0.0.0.0) - C:\hiberfil.sys
[MD5.520A6D1CBCC9CF642C625FE814C93C58] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. - External Installer.) - [562688] - (9.0.21022.8) - C:\install.exe
[MD5.0DA9AB4977F3E7BA8C65734DF42FDAB6] - [07/11/2007 09:00:40] - |A| - (.-.) - [843] - (0.0.0.0) - C:\install.ini
[MD5.4151A4D07640863783F837E588235837] - [07/11/2007 09:03:18] - |A| - (.(C) Microsoft Corporation. - UI Wrapper Resource DLL.) - [76304] - (9.0.21022.8) - C:\install.res.1028.dll
[MD5.3B8A82E04238655EAEF97E074FB29911] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. Alle Rechte vorbehalten. - Ressourcen-DLL für UI-Wrapper.) - [96272] - (9.0.21022.8) - C:\install.res.1031.dll
[MD5.9EDEB8B1C5C0A4CD3A3016B85108127D] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. - UI Wrapper Resource DLL.) - [91152] - (9.0.21022.8) - C:\install.res.1033.dll
[MD5.5B6FF470CFA7087690E61F87E81EF78A] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. Tous droits réservés. - UI Wrapper Resource DLL.) - [97296] - (9.0.21022.8) - C:\install.res.1036.dll
[MD5.6310AB8FC9E3DBEE80592FC453A34FEE] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. Tutti i diritti riservati. - DLL di risorse del wrapper dell’interfaccia utente.) - [95248] - (9.0.21022.8) - C:\install.res.1040.dll
[MD5.13ED4517152203DE4BC52ACC0255D952] - [07/11/2007 09:03:18] - |A| - (.(C) Copyright Microsoft Corporation. - UI Wrapper Resource DLL.) - [81424] - (9.0.21022.8) - C:\install.res.1041.dll
[MD5.0D4FB4095EA49C1EC89B9E8DB0B936A3] - [07/11/2007 09:03:18] - |A| - (.(C) Microsoft Corporation. - UI 래퍼 리소스 DLL.) - [79888] - (9.0.21022.8) - C:\install.res.1042.dll
[MD5.D7366B34E8AFB605C39EF56E2201FE85] - [07/11/2007 09:03:18] - |A| - (.(C) Microsoft Corporation。保留所有权利。 - 用户界面包装资源 DLL.) - [75792] - (9.0.21022.8) - C:\install.res.2052.dll
[MD5.41BB37A347121F3E5E88D85100638B79] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. Reservados todos los derechos. - Archivo DLL de recursos del contenedor de la interfaz de usuario.) - [96272] - (9.0.21022.8) - C:\install.res.3082.dll
[20/10/2011 10:08:24] - |D| - [0] - C:\Intel
[26/12/2011 13:29:10] - |RHD| - [51376] - C:\MSOCache
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/10/2011 10:01:22] - |ASH| - (.-.) - [4240293888] - (0.0.0.0) - C:\pagefile.sys
[13/07/2009 20:20:08] - |RD| - [3620391207] - C:\Program Files
[13/07/2009 20:20:08] - |RD| - [2821275980] - C:\Program Files (x86)
[13/07/2009 20:20:08] - |HD| - [5932317728] - C:\ProgramData
[19/04/2017 16:49:02] - |D| - [262056] - C:\QuickDiag
[MD5.175ACC4E1CE86A21323F958ACADC63EA] - [19/04/2017 16:49:23] - |A| - (.-.) - [109335] - (0.0.0.0) - C:\QuickDiag.txt
[MD5.DE48895209CD1788ED6A868E36810AE1] - [08/09/2015 18:56:30] - |A| - (.-.) - [3010] - (0.0.0.0) - C:\runcheck.txt
[MD5.F35AAA221EB79BB2F220BCBB354A95A0] - [16/02/2012 08:37:48] - |A| - (.-.) - [510] - (0.0.0.0) - C:\settings.ini
[07/08/2011 05:12:28] - |SHD| - [0] - C:\System Volume Information
[MD5.B0C34B7D3814F5960D5F287F1B6F99B2] - [15/04/2017 20:27:08] - |A| - (.-.) - [5156] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_15.04.2017_20.27.08_log.txt
[MD5.EE15621FF5868EEF8F5996241E0999CD] - [15/04/2017 20:29:05] - |A| - (.-.) - [662380] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_15.04.2017_20.29.05_log.txt
[13/07/2009 20:20:08] - |RD| - [12703902262] - C:\Users
[MD5.06FBA95313F26E300917C6CEA4480890] - [07/11/2007 09:00:40] - |A| - (.-.) - [5686] - (0.0.0.0) - C:\vcredist.bmp
[MD5.E10F2F6E6379E9185F71AEC1421F37B4] - [07/11/2007 09:09:22] - |A| - (.-.) - [1442522] - (0.0.0.0) - C:\VC_RED.cab
[MD5.E0951D3CB1038EB2D2B2B2F336E1AB32] - [07/11/2007 09:12:28] - |A| - (.-.) - [232960] - (0.0.0.0) - C:\VC_RED.MSI
[13/07/2009 20:20:08] - |AD| - [17821766236] - C:\Windows
[09/09/2015 08:23:11] - |D| - [129] - C:\zoek
[MD5.5D100859987E944A435D0FDE6470B9E0] - [08/09/2015 18:57:33] - |A| - (.-.) - [13972] - (0.0.0.0) - C:\zoek-results.log
[MD5.E2F9C6FEE8C7452E5C73A4451B06B93B] - [09/09/2015 08:14:02] - |A| - (.-.) - [14334] - (0.0.0.0) - C:\zoek-results2015-09-09-020615.log
[08/09/2015 18:56:12] - |D| - [0] - C:\zoek_backup
---------- | C:\windows
[13/07/2009 22:32:38] - |D| - [802] - C:\windows\addins
[13/07/2009 20:20:08] - |D| - [5866392] - C:\windows\AppCompat
[13/07/2009 20:20:08] - |D| - [10986720] - C:\windows\AppPatch
[13/07/2009 20:20:08] - |RSD| - [1354042456] - C:\windows\assembly
[MD5.7EFB1577EFBD72521E670188AA546C7D] - [19/07/2016 18:28:32] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.1.3076.0) - C:\windows\avastSS.scr
[MD5.317CD1CE327B6520BF4EE007BCD39E61] - [20/11/2010 20:24:22] - |A| - (.© Microsoft Corporation. - Boot File Servicing Utility.) - [71168] - (6.1.7601.17514) - C:\windows\bfsvc.exe
[MD5.7FDE6771C64AC3B14FEE4997509D1735] - [01/08/2011 00:09:54] - |A| - (.-.) - [2359350] - (0.0.0.0) - C:\windows\Bluestream.bmp
[13/07/2009 20:20:09] - |D| - [29000590] - C:\windows\Boot
[MD5.5F37037B4BE454274C2ABD7F83D4D1AB] - [13/07/2009 22:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\windows\bootstat.dat
[13/07/2009 20:20:09] - |D| - [2418176] - C:\windows\Branding
[MD5.127F716BBD6C46421F08173D9BBD4724] - [01/08/2011 00:55:40] - |A| - (.-.) - [10] - (0.0.0.0) - C:\windows\csup.txt
[13/07/2009 20:20:09] - |D| - [2113488] - C:\windows\Cursors
[13/07/2009 21:45:54] - |D| - [14831063] - C:\windows\debug
[13/07/2009 22:32:38] - |D| - [3003724] - C:\windows\diagnostics
[13/07/2009 22:37:46] - |D| - [0] - C:\windows\DigitalLocker
[13/07/2009 22:32:38] - |D| - [65] - C:\windows\Downloaded Program Files
[21/11/2010 00:16:47] - |D| - [117959129] - C:\windows\ehome
[01/08/2011 00:36:57] - |D| - [106864] - C:\windows\en
[13/07/2009 22:37:46] - |D| - [110080] - C:\windows\en-US
[MD5.2A66E81AE941E54A237490FC35D387C8] - [26/01/2012 14:55:20] - |A| - (.-.) - [1945] - (0.0.0.0) - C:\windows\epplauncher.mif
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [01/08/2011 00:22:16] - |A| - (.© Microsoft Corporation. - Windows Explorer.) - [2871808] - (6.1.7601.17567) - C:\windows\explorer.exe
[13/07/2009 20:20:09] - |RSD| - [354514815] - C:\windows\Fonts
[MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [13/07/2009 16:22:13] - |A| - (.© Microsoft Corporation. - BitLocker Drive Encryption Servicing Utility.) - [15360] - (6.1.7600.16385) - C:\windows\fveupdate.exe
[13/07/2009 20:20:09] - |D| - [30247011] - C:\windows\Globalization
[13/07/2009 20:20:09] - |D| - [29929539] - C:\windows\Help
[MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [13/07/2009 17:29:53] - |A| - (.© Microsoft Corporation. - Microsoft Help and Support.) - [733696] - (6.1.7600.16385) - C:\windows\HelpPane.exe
[MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [13/07/2009 17:29:03] - |A| - (.© Microsoft Corporation. - Microsoft® HTML Help Executable.) - [16896] - (6.1.7600.16385) - C:\windows\hh.exe
[MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [21/11/2010 00:17:39] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\windows\HomePremium.xml
[13/07/2009 20:20:09] - |D| - [143546732] - C:\windows\IME
[13/07/2009 20:20:10] - |D| - [75787446] - C:\windows\inf
[01/08/2011 00:10:06] - |SHD| - [1471684921] - C:\windows\Installer
[13/07/2009 20:20:10] - |D| - [48371] - C:\windows\L2Schemas
[13/07/2009 20:20:10] - |D| - [0] - C:\windows\LiveKernelReports
[13/07/2009 20:20:10] - |D| - [61435958] - C:\windows\Logs
[13/07/2009 20:20:10] - |RSD| - [13327133] - C:\windows\Media
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [13/07/2009 17:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\windows\mib.bin
[13/07/2009 20:20:10] - |D| - [713051405] - C:\windows\Microsoft.NET
[13/07/2009 20:20:10] - |D| - [0] - C:\windows\ModemLogs
[MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [13/07/2009 19:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\windows\msdfmap.ini
[01/08/2011 00:11:29] - |HD| - [0] - C:\windows\msdownld.tmp
[MD5.F2C7BB8ACC97F92E987A2D4087D021B1] - [13/07/2009 16:56:36] - |A| - (.© Microsoft Corporation. - Notepad.) - [193536] - (6.1.7600.16385) - C:\windows\notepad.exe
[13/07/2009 22:32:38] - |D| - [65] - C:\windows\Offline Web Pages
[01/08/2011 16:33:22] - |D| - [1511152] - C:\windows\Panther
[01/08/2011 00:34:48] - |D| - [0] - C:\windows\PCHEALTH
[13/07/2009 22:32:38] - |D| - [62090266] - C:\windows\Performance
[13/07/2009 20:20:10] - |D| - [1117380] - C:\windows\PLA
[13/07/2009 20:20:10] - |D| - [2185740] - C:\windows\PolicyDefinitions
[01/08/2011 00:03:11] - |D| - [42683980] - C:\windows\Prefetch
[MD5.2E2C937846A0B8789E5E91739284D17A] - [13/07/2009 16:27:10] - |A| - (.© Microsoft Corporation. - Registry Editor.) - [427008] - (6.1.7600.16385) - C:\windows\regedit.exe
[13/07/2009 20:20:10] - |D| - [22588] - C:\windows\registration
[13/07/2009 20:20:10] - |D| - [4734993] - C:\windows\rescache
[13/07/2009 20:20:10] - |D| - [1677002] - C:\windows\Resources
[13/07/2009 20:20:10] - |D| - [0] - C:\windows\SchCache
[13/07/2009 20:20:10] - |D| - [55533] - C:\windows\schemas
[13/07/2009 20:20:10] - |D| - [1056768] - C:\windows\security
[13/07/2009 21:45:47] - |D| - [37000059] - C:\windows\ServiceProfiles
[13/07/2009 20:20:10] - |D| - [36378692] - C:\windows\servicing
[13/07/2009 21:45:50] - |AD| - [15702] - C:\windows\Setup
[21/11/2010 00:16:47] - |D| - [4544] - C:\windows\ShellNew
[20/10/2011 10:09:09] - |D| - [102468379] - C:\windows\SoftwareDistribution
[13/07/2009 20:20:10] - |D| - [181014046] - C:\windows\Speech
[MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [20/11/2010 20:24:16] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17514) - C:\windows\splwow64.exe
[MD5.9060C3C745E7B2D8E1A81DD061021546] - [13/07/2009 22:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\windows\Starter.xml
[13/07/2009 20:20:10] - |D| - [0] - C:\windows\system
[MD5.286A9EDB379DC3423A528B0864A0F111] - [13/07/2009 19:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\windows\system.ini
[13/07/2009 20:20:10] - |AD| - [3222266207] - C:\windows\System32
[13/07/2009 20:20:14] - |D| - [1193758223] - C:\windows\SysWOW64
[13/07/2009 20:20:14] - |D| - [15] - C:\windows\TAPI
[13/07/2009 20:20:14] - |D| - [32634] - C:\windows\Tasks
[13/07/2009 20:20:14] - |D| - [270614] - C:\windows\Temp
[13/07/2009 20:20:14] - |D| - [0] - C:\windows\tracing
[MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 14:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\windows\twain.dll
[13/07/2009 22:32:38] - |D| - [1724357] - C:\windows\twain_32
[MD5.163A95975E1D8819E653AA3E961371CA] - [20/11/2010 20:25:10] - |A| - (.- Twain_32 Source Manager (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\windows\twain_32.dll
[MD5.F36A271706EDD23C94956AFB56981184] - [13/07/2009 15:47:26] - |A| - (.- Twain_32.dll Client’s 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\windows\twunk_16.exe
[MD5.0BD6E68F3EA0DD62CD86283D86895381] - [13/07/2009 17:14:40] - |A| - (.- Twain.dll Client’s 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\windows\twunk_32.exe
[13/07/2009 20:20:14] - |D| - [12420] - C:\windows\Vss
[13/07/2009 20:20:14] - |D| - [50738281] - C:\windows\Web
[MD5.162904DAA5412143F5403233E77F787E] - [13/07/2009 19:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\windows\win.ini
[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [13/07/2009 21:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\windows\WindowsShell.Manifest
[MD5.C5E3EE1CA9A5E3E23F412F06EC1AB974] - [19/04/2017 16:49:21] - |A| - (.-.) - [3825] - (0.0.0.0) - C:\windows\WindowsUpdate.log
[MD5.1D420D66250BCAAAED05724FB34008CF] - [13/07/2009 17:12:29] - |A| - (.© Microsoft Corporation. - Windows Winhlp32 Stub.) - [9728] - (6.1.7600.16385) - C:\windows\winhlp32.exe
[13/07/2009 20:20:14] - |D| - [8436793729] - C:\windows\winsxs
[MD5.4D620865394151B96C54752B743D6D12] - [13/05/2011 15:42:24] - |A| - (.© 2010 Microsoft Corporation. - Windows Live Photos Screen Saver.) - [302448] - (15.4.3538.513) - C:\windows\WLXPGSS.SCR
[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 13:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\windows\WMSysPr9.prx
[MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [13/07/2009 16:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\windows\write.exe
[MD5.6E3603F3AE9B89E730DF9D9331C76613] - [27/11/2015 18:13:48] - |A| - (.-.) - [216313] - (0.0.0.0) - C:\windows\ZAM.krnl.trace
[MD5.9B0A1BAF95208D25093B2E0611224F54] - [27/11/2015 18:13:43] - |A| - (.-.) - [36708] - (0.0.0.0) - C:\windows\ZAM_Guard.krnl.trace
---------- | C:\windows\System32\GroupPolicy
[10/02/2014 17:29:39] - |D| - [0] - C:\windows\System32\GroupPolicy\User
---------- | Systemroot\System
---------- | Systemroot\Installer (Microsoft Files Whitelisted)
[12/04/2017 15:51:06] - C:\windows\Installer\102958.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:39:47] - C:\windows\Installer\10c67.msi : ( - K-NFB Reading Technology, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:40:21] - C:\windows\Installer\10c6c.msi : (TOSHIBA ReelTime - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/11/2014 13:59:20] - C:\windows\Installer\13ada4.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:18:48] - C:\windows\Installer\18f09.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:18:53] - C:\windows\Installer\18f0e.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:18:55] - C:\windows\Installer\18f13.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/06/2011 15:17:12] - C:\windows\Installer\18f21.msi : (Blank Project Template - TOSHIBA CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/02/2011 15:46:54] - C:\windows\Installer\18f28.msi : ( - Conexant Systems, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:22:08] - C:\windows\Installer\18f2d.msi : (TOSHIBA Web Camera Application - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:23:19] - C:\windows\Installer\18f37.msi : (TOSHIBA Face Recognition - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/06/2011 17:43:30] - C:\windows\Installer\18f3c.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[04/07/2011 23:58:24] - C:\windows\Installer\18f41.msi : (TOSHIBA PC Health Monitor - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[22/06/2011 14:31:42] - C:\windows\Installer\18f45.msi : (Toshiba Online Backup - Toshiba) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/09/2010 10:03:36] - C:\windows\Installer\18f4a.msi : (Toshiba App Place - Toshiba) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:36:08] - C:\windows\Installer\18f5f.msi : (Google Toolbar for Internet Explorer - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:30:14] - C:\windows\Installer\1f3b4.msi : (Java™ SE Runtime Environment 6.0 - Oracle) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:30:26] - C:\windows\Installer\1f3b9.msi : (Additional Font and Media Support - The J2SE Runtime Environment with European languages. This requires [Core]MB on your hard drive.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/06/2011 14:14:34] - C:\windows\Installer\1f3c3.msi : (TOSHIBA Supervisor Password - TOSHIBA) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/06/2011 13:59:32] - C:\windows\Installer\1f3cd.msi : (TOSHIBA Hardware Setup - TOSHIBA) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[09/06/2011 21:41:26] - C:\windows\Installer\1f3d2.msi : (Blank Project Template - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/06/2011 02:36:48] - C:\windows\Installer\1f3d7.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:32:13] - C:\windows\Installer\1f3dd.msi : (TOSHIBA Media Controller for IE - TOSHIBA CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/11/2010 00:03:30] - C:\windows\Installer\1f3e2.msi : (ADOBER~1.0|Adobe Reader X - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:33:16] - C:\windows\Installer\1f3e7.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:37:38] - C:\windows\Installer\1f5ec.msi : (TOSHIBA Bulletin Board - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[04/02/2012 19:45:55] - C:\windows\Installer\262be5.msi : (iLivid Installation - Bandoo Media Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/10/2009 14:11:28] - C:\windows\Installer\36d5b.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/03/2013 16:06:23] - C:\windows\Installer\9118a6.msi : (Strongvault Online Backup - [|Brand]) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/03/2013 17:54:26] - C:\windows\Installer\9118ad.msi : (Strongvault Online Backup - Strongvault Online Backup) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/07/2011 11:36:38] - C:\windows\Installer\938618.msi : ( - DivX, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/06/2011 19:19:36] - C:\windows\Installer\f0c8.msi : (TOSHIBA Value Added Package - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
---------- | %System%*.in*
[13/07/2009 21:57:09] - [73] - C:\windows\System32\desktop.ini
[01/08/2011 00:11:09] - [72822] - C:\windows\System32\ieuinit.inf
[10/06/2009 14:01:25] - [60124] - C:\windows\System32\tcpmon.ini
[01/08/2011 00:11:10] - [72822] - C:\windows\Syswow64\ieuinit.inf
[13/07/2009 21:55:01] - [535] - C:\windows\Syswow64\mapisvc.inf
[26/12/2011 13:20:18] - [744944] - C:\windows\Syswow64\PerfStringBackup.INI
---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:08] - [0 Ko] - C:\windows\AppPatch\Custom\Custom64
[MD5.69AD30E0F6F3EAA751193990F5C48F91] - |A| - [01/08/2011 00:16:03] - (.-.) - [121.76 Ko] - (0.0.0.0) - C:\windows\AppPatch\AppPatch64\sysmain.sdb
[MD5.00000000000000000000000000000000] - |D| - [13/05/2016 17:33:57] - [264.27 Ko] - C:\windows\Temp\SafeZone Installer
[MD5.00000000000000000000000000000000] - |D| - [15/04/2017 20:15:32] - [0 Ko] - C:\windows\Temp_avast_
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [0 Ko] - C:\windows\System32\0409
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [13/07/2009 21:45:49] - (.-.) - [24.03 Ko] - (0.0.0.0) - C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [13/07/2009 21:45:49] - (.-.) - [24.03 Ko] - (0.0.0.0) - C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [4986 Ko] - C:\windows\System32\AdvancedInstallers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [201.5 Ko] - C:\windows\System32\ar-SA
[MD5.4E118AC95A15BD14B8C1E49C5B4CD79B] - |A| - [19/07/2016 18:28:50] - (.Copyright (c) 2014 AVAST Software - avast! start-up scanner.) - [381.82 Ko] - (12.1.3076.0) - C:\windows\System32\aswBoot.exe
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [173 Ko] - C:\windows\System32\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [2401.97 Ko] - C:\windows\System32\Boot
[MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [13/07/2009 17:07:04] - (.Copyright (C) 2008 - Bthpan Context Handler.) - [91.5 Ko] - (1.0.0.1) - C:\windows\System32\BthpanContextHandler.dll
[MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [13/07/2009 16:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\windows\System32\CardGames.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [34687.98 Ko] - C:\windows\System32\catroot
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [24355.13 Ko] - C:\windows\System32\catroot2
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [6111.42 Ko] - C:\windows\System32\CodeIntegrity
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [357 Ko] - C:\windows\System32\com
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [370033.18 Ko] - C:\windows\System32\config
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [219.5 Ko] - C:\windows\System32\cs-CZ
[MD5.AA0B1A7B4750F655936F2F82B5E84428] - |A| - [16/12/2010 17:08:00] - (.©Conexant Systems Inc. - Conexant Audio Processing Objects.) - [1512.13 Ko] - (4.80.40.0) - C:\windows\System32\CX64AP40.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [216.5 Ko] - C:\windows\System32\da-DK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [240.5 Ko] - C:\windows\System32\de-DE
[MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [13/07/2009 21:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\windows\System32\desktop.ini
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [4419.5 Ko] - C:\windows\System32\Dism
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [70516.23 Ko] - C:\windows\System32\drivers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [965199 Ko] - C:\windows\System32\DriverStore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [240.5 Ko] - C:\windows\System32\el-GR
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [1804 Ko] - C:\windows\System32\en
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [34138.31 Ko] - C:\windows\System32\en-US
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [230.5 Ko] - C:\windows\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [160.5 Ko] - C:\windows\System32\et-EE
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [218 Ko] - C:\windows\System32\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [236 Ko] - C:\windows\System32\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\System32\FxsTmp
[MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 13:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\windows\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:11] - [0 Ko] - C:\windows\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [0 Ko] - C:\windows\System32\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [191.5 Ko] - C:\windows\System32\he-IL
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [168 Ko] - C:\windows\System32\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [221 Ko] - C:\windows\System32\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [5.36 Ko] - C:\windows\System32\ias
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [36.27 Ko] - C:\windows\System32\icsxml
[MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 13:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\windows\System32\manage-bde.wsf
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [1981.88 Ko] - C:\windows\System32\manifeststore
[MD5.03E0955A7D8E5E74E7F6986A56A66196] - |A| - [03/10/2010 14:46:00] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [333.34 Ko] - (3.2.1.1) - C:\windows\System32\MaxxAudioAPO30.dll
[MD5.00000000000000000000000000000000] - |SD| - [13/07/2009 21:45:42] - [24.77 Ko] - C:\windows\System32\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [3508.43 Ko] - C:\windows\System32\migration
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [37766.2 Ko] - C:\windows\System32\migwiz
[MD5.00000000000000000000000000000000] - |D| - [14/08/2012 13:58:12] - [0 Ko] - C:\windows\System32\MpEngineStore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [4148.28 Ko] - C:\windows\System32\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [11.33 Ko] - C:\windows\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [212 Ko] - C:\windows\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [512 Ko] - C:\windows\System32\NDF
[MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [13/07/2009 15:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\windows\System32\NetTrace.PLA.Diagnostics.xml
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [85 Ko] - C:\windows\System32\NetworkList
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [229 Ko] - C:\windows\System32\nl-NL
[MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 13:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\windows\System32\onlinesetup.cmd
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [13469.97 Ko] - C:\windows\System32\oobe
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 13:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\windows\System32\PerfCenterCpl.ico
[MD5.284A4599C9BB58A9ADF4A7F8C498CCF0] - |A| - [08/09/2015 13:49:30] - (.-.) - [5.28 Ko] - (0.0.0.0) - C:\windows\System32\PerfStringBackup.TMP
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [224 Ko] - C:\windows\System32\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:50] - [413.88 Ko] - C:\windows\System32\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [222.5 Ko] - C:\windows\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [224 Ko] - C:\windows\System32\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [23.75 Ko] - C:\windows\System32\ras
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [165248.8 Ko] - C:\windows\System32\Recovery
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [0.07 Ko] - C:\windows\System32\restore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [169 Ko] - C:\windows\System32\ro-RO
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [219 Ko] - C:\windows\System32\ru-RU
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [20/11/2010 20:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\windows\System32\ScavengeSpace.xml
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [169.5 Ko] - C:\windows\System32\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [166 Ko] - C:\windows\System32\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [37.8 Ko] - C:\windows\System32\slmgr
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [11586.02 Ko] - C:\windows\System32\SMI
[MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 14:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\windows\System32\spcinstrumentation.man
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [26875.5 Ko] - C:\windows\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [26136.83 Ko] - C:\windows\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [1956.87 Ko] - C:\windows\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [30.19 Ko] - C:\windows\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [170 Ko] - C:\windows\System32\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [216.5 Ko] - C:\windows\System32\sv-SE
[MD5.00000000000000000000000000000000] - |AD| - [13/07/2009 20:20:13] - [409.01 Ko] - C:\windows\System32\sysprep
[MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [20/11/2010 20:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\windows\System32\systemsf.ebd
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [304.27 Ko] - C:\windows\System32\Tasks
[MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 14:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\windows\System32\tcpmon.ini
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [157 Ko] - C:\windows\System32\th-TH
[MD5.F79C9E3947B904FA3200A2204F9C52BB] - |A| - [20/10/2011 10:19:14] - (.Copyright (C) 2011 TOSHIBA CORPORATION - Credential Provider Dll for TOSHIBA Wireless LAN Indicator.) - [96.99 Ko] - (1.0.12.3) - C:\windows\System32\tosWirelessLANIndicatorCP.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [212.5 Ko] - C:\windows\System32\tr-TR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [166.5 Ko] - C:\windows\System32\uk-UA
[MD5.00000000000000000000000000000000] - |D| - [28/12/2011 14:28:42] - [1754.83 Ko] - C:\windows\System32\Wat
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [45558.25 Ko] - C:\windows\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:50] - [60.46 Ko] - C:\windows\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [82214.23 Ko] - C:\windows\System32\wdi
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 14:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\windows\System32\WdsUnattendTemplate.xml
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\System32\wfp
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [73.5 Ko] - C:\windows\System32\WinBioPlugIns
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [8584.71 Ko] - C:\windows\System32\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [46460 Ko] - C:\windows\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [99.06 Ko] - C:\windows\System32\winrm
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [141.5 Ko] - C:\windows\System32\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [63 Ko] - C:\windows\System32\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [141.5 Ko] - C:\windows\System32\zh-TW
[MD5.00000000000000000000000000000000] - |HD| - [21/11/2010 00:06:51] - [0 Ko] - C:\windows\SysWOW64\0409
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [2258.5 Ko] - C:\windows\SysWOW64\AdvancedInstallers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [201.5 Ko] - C:\windows\SysWOW64\ar-SA
[MD5.00000000000000000000000000000000] - |D| - [20/10/2011 10:20:21] - [87.04 Ko] - C:\windows\SysWOW64\Atheros_L1e
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [173 Ko] - C:\windows\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\catroot
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\catroot2
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [302.5 Ko] - C:\windows\SysWOW64\com
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [9620.15 Ko] - C:\windows\SysWOW64\config
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [219.5 Ko] - C:\windows\SysWOW64\cs-CZ
[MD5.B9A550873AB27DB299AEA3D9DE5489D4] - |A| - [20/10/2011 10:05:57] - (.Copyright 2008 - CSVer.) - [52 Ko] - (9.2.0.1015) - C:\windows\SysWOW64\CSVer.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [216.5 Ko] - C:\windows\SysWOW64\da-DK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [240.5 Ko] - C:\windows\SysWOW64\de-DE
[MD5.4E14C3CCBB313666F9DC3D8DAD120C46] - |A| - [13/05/2016 17:50:43] - (.-.) - [221.2 Ko] - (0.0.0.0) - C:\windows\SysWOW64\debug.log
[MD5.C88C969B8E477E4297E4A65D66852BF3] - |A| - [01/08/2011 00:30:24] - (.Copyright © 2011 - Java™ Platform SE binary.) - [461.73 Ko] - (6.0.250.6) - C:\windows\SysWOW64\deployJava1.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [3386.5 Ko] - C:\windows\SysWOW64\Dism
[MD5.F42E95BFB193754E9148DB6434D2E88E] - |A| - [19/02/2010 12:27:36] - (.Copyright © 2000-2009 DivX, Inc. - DivX.) - [703.5 Ko] - (6.9.2.26) - C:\windows\SysWOW64\DivX.dll
[MD5.BF8B26F3B97219B08230E6ADD3A703F7] - |A| - [03/01/2012 17:48:42] - (.© Copyright 2000 - 2009 DivX, Inc. - DivX Control Panel.) - [345.88 Ko] - (1.2.0.11) - C:\windows\SysWOW64\DivXControlPanelApplet.cpl
[MD5.A266D3E430E9FF97E9D659E5F087EF99] - |A| - [19/02/2010 12:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [836 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx07.dll
[MD5.0DADCB1C15AB04A655F7B386FE625B35] - |A| - [19/02/2010 12:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [828 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx0a.dll
[MD5.725C556795DFC534660E784F9324515C] - |A| - [19/02/2010 12:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [836 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx0c.dll
[MD5.E1F94DFDC350BB8CE14655F5DB567149] - |A| - [19/02/2010 12:27:16] - (.Copyright ゥ 2001-2008 DivX, Inc. - DivX.) - [820 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx11.dll
[MD5.AD8E4393EAD5A8A71378BEEE95C59FDA] - |A| - [19/02/2010 12:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [824 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx16.dll
[MD5.90C7F5E71EEFE13F762CFE7B42C7157A] - |A| - [20/10/2011 16:26:22] - (.Copyright © 2005-2006 - dpl100.) - [92 Ko] - (1.3.0.25) - C:\windows\SysWOW64\dpl100.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [3472.71 Ko] - C:\windows\SysWOW64\drivers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [1.05 Ko] - C:\windows\SysWOW64\DriverStore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [240.5 Ko] - C:\windows\SysWOW64\el-GR
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [1648 Ko] - C:\windows\SysWOW64\en
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [30987.63 Ko] - C:\windows\SysWOW64\en-US
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [230.5 Ko] - C:\windows\SysWOW64\es-ES
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [160.5 Ko] - C:\windows\SysWOW64\et-EE
[MD5.093A41D0865DA5C7BE09A0F60A37B7D1] - |A| - [02/01/2012 13:46:19] - (.-.) - [56 Ko] - (0.0.0.0) - C:\windows\SysWOW64\ff_vfw.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [218 Ko] - C:\windows\SysWOW64\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [236 Ko] - C:\windows\SysWOW64\fr-FR
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\SysWOW64\FxsTmp
[MD5.ABCB973D716F4F0DCC1E7DB99E8B03A3] - |A| - [10/02/2016 17:07:32] - (.-.) - [83.85 Ko] - (0.0.0.0) - C:\windows\SysWOW64\generic_uninstaller.log
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [191.5 Ko] - C:\windows\SysWOW64\he-IL
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [168 Ko] - C:\windows\SysWOW64\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [221 Ko] - C:\windows\SysWOW64\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [36.27 Ko] - C:\windows\SysWOW64\icsxml
[MD5.481F6E1CD63E09F0516B5E78B35D333E] - |A| - [04/04/2011 20:07:00] - (.-.) - [142.39 Ko] - (0.0.0.0) - C:\windows\SysWOW64\igcompkrng600.bin
[MD5.D3EEBC1763F15A8EEBB6F056D9726FF8] - |A| - [04/04/2011 20:06:58] - (.-.) - [211.79 Ko] - (0.0.0.0) - C:\windows\SysWOW64\igfcg600m.bin
[MD5.2DAE8EF56FA66F1A76A628CF7B039596] - |A| - [04/04/2011 20:06:58] - (.-.) - [940.54 Ko] - (0.0.0.0) - C:\windows\SysWOW64\igkrng600.bin
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [34095.44 Ko] - C:\windows\SysWOW64\IME
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [1160 Ko] - C:\windows\SysWOW64\InstallShield
[MD5.6B7D1357B144F6FEE941FF1B97F4C5D3] - |A| - [20/10/2011 10:18:27] - (.-.) - [440.5 Ko] - (0.0.0.0) - C:\windows\SysWOW64\ISSRemoveSP.exe
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [235 Ko] - C:\windows\SysWOW64\it-IT
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [163 Ko] - C:\windows\SysWOW64\ja-JP
[MD5.B157E305260FF2A607591F33DE41BFCA] - |A| - [01/08/2011 00:30:24] - (.Copyright © 2011 - Java™ Platform SE binary.) - [141.78 Ko] - (6.0.250.6) - C:\windows\SysWOW64\java.exe
[MD5.364F7A2B4B535659F3B50DE5E5C20123] - |A| - [01/08/2011 00:30:24] - (.Copyright © 2011 - Java™ Platform SE binary.) - [141.78 Ko] - (6.0.250.6) - C:\windows\SysWOW64\javaw.exe
[MD5.A0AC7907D47B54238CA60FC47807F119] - |A| - [01/08/2011 00:30:24] - (.Copyright © 2011 - Java™ Web Start Launcher.) - [153.78 Ko] - (6.0.250.6) - C:\windows\SysWOW64\javaws.exe
[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [13/07/2009 19:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\windows\SysWOW64\korwbrkr.lex
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [05/08/2016 17:07:18] - (.-.) - [0 Ko] - (0.0.0.0) - C:\windows\SysWOW64\last.dump
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/10/2011 10:07:48] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\windows\SysWOW64\log.txt
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\SysWOW64\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [165 Ko] - C:\windows\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [166 Ko] - C:\windows\SysWOW64\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [01/08/2011 00:32:35] - [41496.63 Ko] - C:\windows\SysWOW64\Macromed
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [1968.26 Ko] - C:\windows\SysWOW64\manifeststore
[MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [13/07/2009 21:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\windows\SysWOW64\mapisvc.inf
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [3208.93 Ko] - C:\windows\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [32669.71 Ko] - C:\windows\SysWOW64\migwiz
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [52.28 Ko] - C:\windows\SysWOW64\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [11.33 Ko] - C:\windows\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [212 Ko] - C:\windows\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [51 Ko] - C:\windows\SysWOW64\NetworkList
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [229 Ko] - C:\windows\SysWOW64\nl-NL
[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [13/07/2009 19:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\windows\SysWOW64\noise.kor
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [2566.05 Ko] - C:\windows\SysWOW64\oobe
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 14:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\windows\SysWOW64\PerfCenterCpl.ico
[MD5.217033BD2448E2831F4D77B001C63763] - |A| - [26/12/2011 13:20:18] - (.-.) - [727.48 Ko] - (0.0.0.0) - C:\windows\SysWOW64\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [224 Ko] - C:\windows\SysWOW64\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [413.88 Ko] - C:\windows\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [222.5 Ko] - C:\windows\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [224 Ko] - C:\windows\SysWOW64\pt-PT
[MD5.CE931021E18F385F519E945A8A10548E] - |A| - [02/01/2012 13:46:19] - (.Copyright (C) Project contributors 1998-2004 - POSIX Threads for Windows32 Library.) - [58.86 Ko] - (2.8.0.0) - C:\windows\SysWOW64\pthreadGC2.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [23.75 Ko] - C:\windows\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [0.64 Ko] - C:\windows\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\SysWOW64\restore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [169 Ko] - C:\windows\SysWOW64\ro-RO
[MD5.9E53C231B0A511A48BAF102EDA4FC198] - |A| - [03/02/2011 19:56:46] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynCOM.) - [169.29 Ko] - (15.2.11.1) - C:\windows\SysWOW64\SynCOM.dll
[MD5.23FECDF8EA830C69325A4A9CC21A7F1B] - |A| - [03/02/2011 19:56:48] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynCtrl.) - [213.29 Ko] - (15.2.11.1) - C:\windows\SysWOW64\SynCtrl.dll
[MD5.01C809AEEE4C10100B35D640925A6DB3] - |A| - [03/02/2011 19:56:54] - (.Copyright (C) Synaptics Incorporated 1996-2011 - Synaptics TouchPad Interfaces.) - [105.29 Ko] - (15.2.11.1) - C:\windows\SysWOW64\SynTPCOM.dll
[MD5.179D3637464E602FADD7DF5C428BB9E4] - |A| - [03/02/2011 19:56:58] - (.-.) - [65.29 Ko] - (0.0.0.0) - C:\windows\SysWOW64\SynTPEnhPS.dll
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [977.89 Ko] - C:\windows\SysWOW64\sysprep
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\Tasks
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [157 Ko] - C:\windows\SysWOW64\th-TH
[MD5.2BAB54632EAF98ED75D55E19C46955E4] - |A| - [20/10/2011 10:12:43] - (.Copyright © 1997-8 - THCI.) - [24 Ko] - (1.0.0.1) - C:\windows\SysWOW64\THCI.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [212.5 Ko] - C:\windows\SysWOW64\tr-TR
[MD5.2611F58AEC4BB39387162F749FE8A558] - |A| - [20/10/2011 10:12:43] - (.Copyright © 1997-8 - TSCI.) - [24 Ko] - (1.0.0.1) - C:\windows\SysWOW64\TSCI.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [166.5 Ko] - C:\windows\SysWOW64\uk-UA
[MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [13/07/2009 19:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\windows\SysWOW64\vfpodbc.dll
[MD5.00000000000000000000000000000000] - |D| - [28/12/2011 14:28:42] - [237.33 Ko] - C:\windows\SysWOW64\Wat
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [8731.34 Ko] - C:\windows\SysWOW64\wbem
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [60.46 Ko] - C:\windows\SysWOW64\WCN
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [96.48 Ko] - C:\windows\SysWOW64\wdi
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [8539.71 Ko] - C:\windows\SysWOW64\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [99.06 Ko] - C:\windows\SysWOW64\winrm
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [141.5 Ko] - C:\windows\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [63 Ko] - C:\windows\SysWOW64\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [141.5 Ko] - C:\windows\SysWOW64\zh-TW
[MD5.E4E50E87DE25BD9FDA3DBC4030147981] - |A| - [27/04/2013 16:34:52] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\windows\SysWOW64~stg
---------- | Shell Folders
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Shell Folders]
“!Do not use this registry key”=Use the SHGetFolderPath or SHGetKnownFolderPath function instead
“AppData”=C:\Users\Mitch\AppData\Roaming [26/12/2011 12:56:44]
“Local AppData”=C:\Users\Mitch\AppData\Local [26/12/2011 12:56:44]
“My Video”=C:\Users\Mitch\Videos [26/12/2011 12:56:44]
“{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}”=C:\Users\Mitch\AppData\Roaming\Micr osoft\Windows\Libraries [26/12/2011 12:58:02]
“My Pictures”=C:\Users\Mitch\Pictures [26/12/2011 12:56:44]
“Desktop”=C:\Users\Mitch\Desktop [26/12/2011 12:56:44]
“History”=C:\Users\Mitch\AppData\Local\Microsoft\W indows\History [26/12/2011 12:56:44]
“NetHood”=C:\Users\Mitch\AppData\Roaming\Microsoft \Windows\Network Shortcuts [26/12/2011 12:56:44]
“{56784854-C6CB-462B-8169-88E350ACB882}”=C:\Users\Mitch\Contacts [26/12/2011 12:57:51]
“Cookies”=C:\Users\Mitch\AppData\Roaming\Microsoft \Windows\Cookies [26/12/2011 12:56:44]
“Favorites”=C:\Users\Mitch\Favorites [26/12/2011 12:56:44]
“SendTo”=C:\Users\Mitch\AppData\Roaming\Microsoft\ Windows\SendTo [26/12/2011 12:56:44]
“Start Menu”=C:\Users\Mitch\AppData\Roaming\Microsoft\Win dows\Start Menu [26/12/2011 12:56:44]
“My Music”=C:\Users\Mitch\Music [26/12/2011 12:56:44]
“Programs”=C:\Users\Mitch\AppData\Roaming\Microsof t\Windows\Start Menu\Programs [26/12/2011 12:56:44]
“Recent”=C:\Users\Mitch\AppData\Roaming\Microsoft\ Windows\Recent [26/12/2011 12:56:44]
“CD Burning”=C:\Users\Mitch\AppData\Local\Microsoft\Wi ndows\Burn\Burn [26/12/2011 12:58:13]
“PrintHood”=C:\Users\Mitch\AppData\Roaming\Microso ft\Windows\Printer Shortcuts [26/12/2011 12:56:44]
“{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}”=C:\Users\Mitch\Searches [26/12/2011 12:58:02]
“{374DE290-123F-4565-9164-39C4925E467B}”=C:\Users\Mitch\Downloads [26/12/2011 12:56:44]
“{A520A1A4-1780-4FF6-BD18-167343C5AF16}”=C:\Users\Mitch\AppData\LocalLow [26/12/2011 12:56:45]
“Startup”=C:\Users\Mitch\AppData\Roaming\Microsoft \Windows\Start Menu\Programs\Startup [26/12/2011 12:58:02]
“Administrative Tools”=C:\Users\Mitch\AppData\Roaming\Microsoft\Wi ndows\Start Menu\Programs\Administrative Tools [26/12/2011 12:58:02]
“Personal”=C:\Users\Mitch\Documents [26/12/2011 12:56:44]
“{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}”=C:\Users\Mitch\Links [26/12/2011 12:56:44]
“Cache”=C:\Users\Mitch\AppData\Local\Microsoft\Win dows\Temporary Internet Files [26/12/2011 12:56:44]
“Templates”=C:\Users\Mitch\AppData\Roaming\Microso ft\Windows\Templates [26/12/2011 12:56:44]
“{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}”=C:\Users\Mitch\Saved Games [26/12/2011 12:56:44]
“Fonts”=C:\windows\Fonts [13/07/2009 20:20:09]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\User Shell Folders]
“AppData”=%USERPROFILE%\AppData\Roaming
“Cache”=%USERPROFILE%\AppData\Local\Microsoft\Wind ows\Temporary Internet Files
“Cookies”=%USERPROFILE%\AppData\Roaming\Microsoft\ Windows\Cookies
“Desktop”=%USERPROFILE%\Desktop
“Favorites”=%USERPROFILE%\Favorites
“History”=%USERPROFILE%\AppData\Local\Microsoft\Wi ndows\History
“Local AppData”=%USERPROFILE%\AppData\Local
“My Music”=%USERPROFILE%\Music
“My Pictures”=%USERPROFILE%\Pictures
“My Video”=%USERPROFILE%\Videos
“NetHood”=%USERPROFILE%\AppData\Roaming\Microsoft\ Windows\Network Shortcuts
“Personal”=%USERPROFILE%\Documents
“Programs”=%USERPROFILE%\AppData\Roaming\Microsoft \Windows\Start Menu\Programs
“Recent”=%USERPROFILE%\AppData\Roaming\Microsoft\W indows\Recent
“SendTo”=%USERPROFILE%\AppData\Roaming\Microsoft\W indows\SendTo
“Startup”=%USERPROFILE%\AppData\Roaming\Microsoft\ Windows\Start Menu\Programs\Startup
“Start Menu”=%USERPROFILE%\AppData\Roaming\Microsoft\Wind ows\Start Menu
“Templates”=%USERPROFILE%\AppData\Roaming\Microsof t\Windows\Templates
“{374DE290-123F-4565-9164-39C4925E467B}”=%USERPROFILE%\Downloads
“PrintHood”=%USERPROFILE%\AppData\Roaming\Microsof t\Windows\Printer Shortcuts
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\Shell Folders]
“Common Desktop”=C:\Users\Public\Desktop [13/07/2009 20:20:08]
“Common Start Menu”=C:\ProgramData\Microsoft\Windows\Start Menu [13/07/2009 20:20:08]
“CommonVideo”=C:\Users\Public\Videos [13/07/2009 20:20:08]
“CommonPictures”=C:\Users\Public\Pictures [13/07/2009 20:20:08]
“Common Programs”=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [13/07/2009 20:20:08]
“CommonMusic”=C:\Users\Public\Music [13/07/2009 20:20:08]
“Common Administrative Tools”=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/07/2009 22:32:38]
“Common Startup”=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [13/07/2009 20:20:08]
“Common Documents”=C:\Users\Public\Documents [13/07/2009 20:20:08]
“OEM Links”=C:\ProgramData\OEM Links
“Common Templates”=C:\ProgramData\Microsoft\Windows\Templa tes [13/07/2009 20:20:08]
“Common AppData”=C:\ProgramData [13/07/2009 20:20:08]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Exp lorer\User Shell Folders]
“Common Desktop”=%PUBLIC%\Desktop
“Common Documents”=%PUBLIC%\Documents
“CommonPictures”=%PUBLIC%\Pictures
“CommonMusic”=%PUBLIC%\Music
“CommonVideo”=%PUBLIC%\Videos
“{3D644C9B-1FB8-4f30-9B45-F670235F79C0}”=%PUBLIC%\Downloads
“Common Start Menu”=%ProgramData%\Microsoft\Windows\Start Menu
“Common Programs”=%ProgramData%\Microsoft\Windows\Start Menu\Programs
“Common Startup”=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup
“Common AppData”=%ProgramData%
“Common Templates”=%ProgramData%\Microsoft\Windows\Templat es
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\Shell Folders]
“Common Desktop”=C:\Users\Public\Desktop [13/07/2009 20:20:08]
“Common Start Menu”=C:\ProgramData\Microsoft\Windows\Start Menu [13/07/2009 20:20:08]
“CommonVideo”=C:\Users\Public\Videos [13/07/2009 20:20:08]
“CommonPictures”=C:\Users\Public\Pictures [13/07/2009 20:20:08]
“Common Programs”=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [13/07/2009 20:20:08]
“CommonMusic”=C:\Users\Public\Music [13/07/2009 20:20:08]
“Common Administrative Tools”=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/07/2009 22:32:38]
“Common Startup”=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [13/07/2009 20:20:08]
“Common Documents”=C:\Users\Public\Documents [13/07/2009 20:20:08]
“OEM Links”=C:\ProgramData\OEM Links
“Common Templates”=C:\ProgramData\Microsoft\Windows\Templa tes [13/07/2009 20:20:08]
“Common AppData”=C:\ProgramData [13/07/2009 20:20:08]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Curren tVersion\Explorer\User Shell Folders]
“Common Desktop”=%PUBLIC%\Desktop
“Common Documents”=%PUBLIC%\Documents
“CommonPictures”=%PUBLIC%\Pictures
“CommonMusic”=%PUBLIC%\Music
“CommonVideo”=%PUBLIC%\Videos
“{3D644C9B-1FB8-4f30-9B45-F670235F79C0}”=%PUBLIC%\Downloads
“Common Start Menu”=%ProgramData%\Microsoft\Windows\Start Menu
“Common Programs”=%ProgramData%\Microsoft\Windows\Start Menu\Programs
“Common Startup”=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup
“Common AppData”=%ProgramData%
“Common Templates”=%ProgramData%\Microsoft\Windows\Templat es
---------- | [John]
[30/10/2012 21:56:55] - |D| - [137692117] - C:\Users\John\AppData\Local
[30/10/2012 21:56:55] - |D| - [23523] - C:\Users\John\AppData\LocalLow
[30/10/2012 21:56:55] - |D| - [999663] - C:\Users\John\AppData\Roaming
[30/10/2012 21:56:55] - |SHD| - [1533511099] - C:\Users\John\AppData\Local\Application Data
[30/10/2012 21:57:25] - |A| - [57560] - C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
[30/10/2012 22:02:33] - |D| - [116688372] - C:\Users\John\AppData\Local\Google
[30/10/2012 21:56:55] - |SHD| - [49152] - C:\Users\John\AppData\Local\History
[30/10/2012 22:16:45] - |AH| - [782118] - C:\Users\John\AppData\Local\IconCache.db
[30/10/2012 21:56:55] - |D| - [19912641] - C:\Users\John\AppData\Local\Microsoft
[30/10/2012 21:56:55] - |HD| - [251341] - C:\Users\John\AppData\Local\Temp
[30/10/2012 21:56:55] - |SHD| - [105098] - C:\Users\John\AppData\Local\Temporary Internet Files
[30/10/2012 21:57:25] - |D| - [85] - C:\Users\John\AppData\Local\TOSHIBA
[30/10/2012 21:56:58] - |SD| - [23523] - C:\Users\John\AppData\LocalLow\Microsoft
[30/10/2012 21:57:04] - |D| - [0] - C:\Users\John\AppData\Roaming\Identities
[30/10/2012 21:56:55] - |D| - [2834] - C:\Users\John\AppData\Roaming\Macromedia
[30/10/2012 21:56:55] - |HD| - [0] - C:\Users\John\AppData\Roaming\Media Center Programs
[30/10/2012 21:56:55] - |D| - [994963] - C:\Users\John\AppData\Roaming\Microsoft
[30/10/2012 21:58:42] - |D| - [1866] - C:\Users\John\AppData\Roaming\Toshiba
[30/10/2012 21:56:55] - |D| - [0] - C:\Users\John\AppData\Roaming\Microsoft\Windows\St art Menu\Programs
[30/10/2012 21:56:55] - |D| - [0] - C:\Users\John\AppData\Roaming\Microsoft\Windows\St art Menu\Programs\Accessories
---------- | [Mitch]
[26/12/2011 12:56:44] - |D| - [582652008] - C:\Users\Mitch\AppData\Local
[26/12/2011 12:56:45] - |D| - [14149585] - C:\Users\Mitch\AppData\LocalLow
[26/12/2011 12:56:44] - |D| - [93623248] - C:\Users\Mitch\AppData\Roaming
[03/01/2012 14:45:28] - |HD| - [662420] - C:\Users\Mitch\AppData\Local\Adobe
[26/12/2011 12:56:45] - |SHD| - [6149263590] - C:\Users\Mitch\AppData\Local\Application Data
[01/01/2012 15:53:03] - |HD| - [0] - C:\Users\Mitch\AppData\Local\Apps
[21/07/2016 16:22:09] - |D| - [443696] - C:\Users\Mitch\AppData\Local\CEF
[28/01/2012 16:44:43] - |HD| - [0] - C:\Users\Mitch\AppData\Local\CrashDumps
[19/01/2012 16:41:54] - |HD| - [106] - C:\Users\Mitch\AppData\Local\DDMSettings
[06/02/2012 17:55:19] - |HD| - [34649854] - C:\Users\Mitch\AppData\Local\Diagnostics
[19/04/2017 16:48:18] - |A| - [57560] - C:\Users\Mitch\AppData\Local\GDIPFONTCACHEV1.DAT
[26/12/2011 12:58:38] - |HD| - [135702737] - C:\Users\Mitch\AppData\Local\Google
[26/12/2011 12:56:45] - |SHD| - [65826] - C:\Users\Mitch\AppData\Local\History
[26/12/2011 19:37:50] - |AH| - [3778060] - C:\Users\Mitch\AppData\Local\IconCache.db
[08/01/2013 17:46:39] - |D| - [12549] - C:\Users\Mitch\AppData\Local\Kjs.AppLife.Update
[26/12/2011 12:56:44] - |D| - [33306558] - C:\Users\Mitch\AppData\Local\Microsoft
[08/09/2015 12:00:02] - |D| - [4841] - C:\Users\Mitch\AppData\Local\Microsoft Games
[08/09/2015 10:44:05] - |D| - [0] - C:\Users\Mitch\AppData\Local\Programs
[26/12/2011 13:21:07] - |HD| - [630784] - C:\Users\Mitch\AppData\Local\SoftGrid Client
[26/12/2011 12:56:44] - |D| - [0] - C:\Users\Mitch\AppData\Local\Temp
[26/12/2011 12:56:45] - |SHD| - [32902] - C:\Users\Mitch\AppData\Local\Temporary Internet Files
[01/03/2012 16:06:40] - |D| - [11178124] - C:\Users\Mitch\AppData\Local\Tific
[26/12/2011 12:58:15] - |D| - [2374] - C:\Users\Mitch\AppData\Local\TOSHIBA
[09/09/2015 08:24:22] - |D| - [0] - C:\Users\Mitch\AppData\Local\VirtualStore
[02/01/2012 13:49:23] - |HD| - [481033] - C:\Users\Mitch\AppData\Local\Vivitar Experience Image Manager
[08/09/2015 10:44:09] - |D| - [361505328] - C:\Users\Mitch\AppData\Local\Zemana
[15/04/2017 20:19:39] - |D| - [235984] - C:\Users\Mitch\AppData\Local\ZHP
[03/01/2012 14:45:28] - |HD| - [72761] - C:\Users\Mitch\AppData\LocalLow\Adobe
[19/01/2012 16:41:17] - |HD| - [65536] - C:\Users\Mitch\AppData\LocalLow\boost_interprocess
[26/12/2011 12:56:52] - |SD| - [14009219] - C:\Users\Mitch\AppData\LocalLow\Microsoft
[12/01/2012 16:40:23] - |D| - [2069] - C:\Users\Mitch\AppData\LocalLow\Sun
[01/01/2012 15:03:57] - |SD| - [0] - C:\Users\Mitch\AppData\LocalLow\Temp
[12/07/2012 10:00:11] - |HD| - [0] - C:\Users\Mitch\AppData\LocalLow\WebEx
[26/01/2012 14:49:38] - |HD| - [0] - C:\Users\Mitch\AppData\LocalLow\Yahoo!
[08/09/2015 15:57:04] - |D| - [8180458] - C:\Users\Mitch\AppData\Roaming\9-lab
[26/12/2011 12:58:53] - |D| - [50066919] - C:\Users\Mitch\AppData\Roaming\Adobe
[09/09/2015 09:49:51] - |D| - [1076143] - C:\Users\Mitch\AppData\Roaming\AVAST Software
[08/01/2013 17:10:21] - |D| - [96951] - C:\Users\Mitch\AppData\Roaming\Book Place
[19/01/2012 16:39:36] - |HD| - [93184] - C:\Users\Mitch\AppData\Roaming\DivX
[06/02/2012 16:17:02] - |HD| - [25163] - C:\Users\Mitch\AppData\Roaming\FreeTorrentViewer
[26/12/2011 12:58:41] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\Google
[26/12/2011 12:57:54] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\Identities
[26/12/2011 12:56:44] - |D| - [56466] - C:\Users\Mitch\AppData\Roaming\Macromedia
[26/12/2011 12:56:44] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\Media Center Programs
[26/12/2011 12:56:44] - |SD| - [9256900] - C:\Users\Mitch\AppData\Roaming\Microsoft
[09/02/2012 17:00:52] - |HD| - [282] - C:\Users\Mitch\AppData\Roaming\Product_RM
[26/12/2011 13:21:07] - |D| - [1340739] - C:\Users\Mitch\AppData\Roaming\SoftGrid Client
[26/12/2011 14:28:25] - |HD| - [13208] - C:\Users\Mitch\AppData\Roaming\Tific
[26/12/2011 12:59:36] - |HD| - [16204260] - C:\Users\Mitch\AppData\Roaming\Toshiba
[04/02/2012 20:19:23] - |D| - [695] - C:\Users\Mitch\AppData\Roaming\vlc
[26/12/2011 12:56:55] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\WinBatch
[15/04/2017 20:19:39] - |D| - [5593752] - C:\Users\Mitch\AppData\Roaming\ZHP
[08/09/2015 11:35:29] - |D| - [1618128] - C:\Users\Mitch\AppData\Roaming\ZHP.$quar
[26/12/2011 12:58:02] - |ASH| - [174] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\desktop.ini
[26/12/2011 12:56:44] - |RD| - [26058] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs
[26/12/2011 12:56:44] - |RD| - [14660] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Accessories
[26/12/2011 12:58:02] - |RD| - [174] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Administrative Tools
[26/12/2011 12:58:02] - |ASH| - [476] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\desktop.ini
[06/02/2012 16:16:54] - |D| - [2048] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\FreeTorrentViewer
[02/01/2012 13:46:25] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Haali Media Splitter
[26/12/2011 12:58:04] - |A| - [1458] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Internet Explorer.lnk
[26/12/2011 12:56:44] - |RD| - [580] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Maintenance
[26/12/2011 12:58:02] - |RD| - [174] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup
[18/01/2012 15:30:02] - |D| - [1336] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Veoh Networks, Inc
[02/01/2012 13:49:22] - |D| - [2974] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Vivitar Experience Image Manager
[08/05/2012 12:19:44] - |D| - [2178] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Zoola Games
[26/12/2011 12:58:02] - |ASH| - [174] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\S tart Menu\Programs\Startup\desktop.ini
---------- | [Public]
---------- | C:\ProgramData
[08/09/2015 15:56:57] - |D| - [59744988] - C:\ProgramData\9-lab
[01/08/2011 00:32:52] - |D| - [275704481] - C:\ProgramData\Adobe
[13/07/2009 22:08:56] - |SHD| - [68814947770] - C:\ProgramData\Application Data
[09/09/2015 09:47:10] - |D| - [224539953] - C:\ProgramData\AVAST Software
[13/07/2009 22:08:56] - |SD| - [8159] - C:\ProgramData\Desktop
[19/01/2012 16:26:47] - |D| - [5567819] - C:\ProgramData\DivX
[13/07/2009 22:08:56] - |SHD| - [278] - C:\ProgramData\Documents
[13/07/2009 22:08:56] - |SHD| - [0] - C:\ProgramData\Favorites
[18/01/2012 15:30:05] - |D| - [417032557] - C:\ProgramData\Giraffic
[20/10/2011 10:36:05] - |D| - [544630] - C:\ProgramData\Google
[08/09/2015 10:46:37] - |D| - [11082433] - C:\ProgramData\Malwarebytes
[15/04/2017 20:33:30] - |D| - [0] - C:\ProgramData\Malwarebytes’ Anti-Malware (portable)
[02/07/2015 16:39:47] - |D| - [0] - C:\ProgramData\McAfee
[13/07/2009 20:20:08] - |SD| - [2297060808] - C:\ProgramData\Microsoft
[20/10/2011 10:31:34] - |D| - [78211] - C:\ProgramData\Norton
[20/10/2011 10:31:22] - |HD| - [16233035] - C:\ProgramData\NortonInstaller
[19/04/2017 16:46:51] - |RASH| - [8] - C:\ProgramData\ntuser.pol
[09/02/2012 17:00:53] - |HD| - [0] - C:\ProgramData\PC Tools
[16/05/2016 18:28:25] - |D| - [251246] - C:\ProgramData\REGSERVO64
[13/07/2009 22:08:56] - |SHD| - [266041] - C:\ProgramData\Start Menu
[01/08/2011 00:30:28] - |HD| - [119] - C:\ProgramData\Sun
[21/01/2012 16:11:09] - |AHD| - [0] - C:\ProgramData\TEMP
[13/07/2009 22:08:56] - |SHD| - [0] - C:\ProgramData\Templates
[01/08/2011 00:33:38] - |D| - [5700352] - C:\ProgramData\Toshiba
[08/01/2013 17:20:32] - |D| - [38] - C:\ProgramData\Toshiba Book Place
[26/12/2011 15:31:24] - |HD| - [0] - C:\ProgramData\VirtualizedApplications
[12/07/2012 10:00:11] - |D| - [35191005] - C:\ProgramData\WebEx
[20/10/2011 10:47:06] - |D| - [2587738222] - C:\ProgramData\WildTangent
[26/01/2012 14:49:39] - |HD| - [1503] - C:\ProgramData\Yahoo!
---------- | C:\ProgramData\Microsoft\Windows\Start Menu
[13/07/2009 22:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[13/07/2009 21:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[13/07/2009 20:20:08] - |RD| - [260984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[01/08/2011 00:39:58] - |A| - [2067] - C:\ProgramData\Microsoft\Windows\Start Menu\Toshiba Book Place.lnk
[13/07/2009 21:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk
---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[08/09/2015 15:56:58] - |D| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
[13/07/2009 20:20:08] - |RD| - [43590] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[13/07/2009 22:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[01/08/2011 00:32:56] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[13/05/2016 17:34:11] - |A| - [1048] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[09/09/2015 09:49:35] - |D| - [1951] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[09/09/2015 09:30:45] - |D| - [933] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[20/10/2011 10:44:01] - |D| - [997] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once
[13/07/2009 21:54:23] - |ASH| - [1748] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[19/01/2012 16:39:11] - |D| - [10205] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[02/01/2012 13:46:19] - |D| - [6513] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[13/07/2009 22:32:38] - |RD| - [59259] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[20/10/2011 10:36:03] - |A| - [2206] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[02/01/2012 13:46:25] - |D| - [6121] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[13/07/2009 20:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[08/09/2015 10:46:46] - |D| - [3724] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[01/08/2011 00:05:58] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[01/08/2011 00:43:51] - |A| - [2435] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[27/12/2011 16:59:01] - |D| - [14924] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[01/08/2011 00:34:28] - |D| - [2278] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[20/10/2011 10:21:47] - |D| - [1022] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netwaiting
[20/10/2011 10:33:28] - |D| - [1664] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero
[16/05/2016 18:28:17] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REGSERVO
[13/07/2009 21:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[20/10/2011 10:35:24] - |D| - [1672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[13/07/2009 20:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[21/11/2010 00:16:41] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[01/08/2011 00:31:28] - |D| - [50664] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
[13/07/2009 21:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[01/08/2011 00:05:50] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[13/07/2009 21:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[01/08/2011 00:36:18] - |RD| - [4591] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[01/08/2011 00:35:42] - |A| - [1469] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[01/08/2011 00:35:33] - |A| - [2497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[01/08/2011 00:36:11] - |A| - [1316] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[01/08/2011 00:36:01] - |A| - [1385] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[13/07/2009 21:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[13/07/2009 21:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[03/02/2017 17:52:16] - |D| - [1105] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[13/07/2009 21:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini
---------- | C:\Program Files (x86)
[01/08/2011 00:32:48] - |D| - [470378450] - C:\Program Files (x86)\Adobe
[08/09/2015 11:32:12] - |D| - [0] - C:\Program Files (x86)\Adware Removal Tool by TSA
[20/10/2011 10:18:51] - |D| - [3598306] - C:\Program Files (x86)\Cisco
[13/07/2009 20:20:08] - |D| - [463511913] - C:\Program Files (x86)\Common Files
[20/10/2011 10:21:46] - |D| - [5240840] - C:\Program Files (x86)\Conexant
[20/10/2011 10:44:01] - |D| - [25215938] - C:\Program Files (x86)\Corel
[13/07/2009 21:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[19/01/2012 16:29:18] - |D| - [104819032] - C:\Program Files (x86)\DivX
[02/01/2012 13:46:18] - |D| - [13975902] - C:\Program Files (x86)\ffdshow
[06/02/2012 16:16:53] - |D| - [4158915] - C:\Program Files (x86)\FreeTorrentViewer
[18/01/2012 15:30:05] - |D| - [9726830] - C:\Program Files (x86)\Giraffic
[20/10/2011 10:35:35] - |D| - [545854400] - C:\Program Files (x86)\Google
[02/01/2012 13:46:24] - |D| - [2548909] - C:\Program Files (x86)\Haali
[01/08/2011 00:30:56] - |HD| - [94320865] - C:\Program Files (x86)\InstallShield Installation Information
[20/10/2011 10:05:57] - |D| - [17978039] - C:\Program Files (x86)\Intel
[13/07/2009 20:20:08] - |D| - [5726046] - C:\Program Files (x86)\Internet Explorer
[01/08/2011 00:30:20] - |D| - [90565055] - C:\Program Files (x86)\Java
[08/09/2015 10:46:37] - |D| - [55140333] - C:\Program Files (x86)\Malwarebytes Anti-Malware
[26/12/2011 13:20:10] - |D| - [13000978] - C:\Program Files (x86)\Microsoft Application Virtualization Client
[01/08/2011 00:43:50] - |D| - [6736828] - C:\Program Files (x86)\Microsoft Office
[01/08/2011 00:34:10] - |D| - [38421083] - C:\Program Files (x86)\Microsoft Silverlight
[01/08/2011 00:35:56] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[28/12/2011 14:35:07] - |HD| - [15715] - C:\Program Files (x86)\Microsoft.NET
[13/07/2009 22:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild
[02/01/2012 13:46:50] - |D| - [74014] - C:\Program Files (x86)\MTA
[20/10/2011 10:21:46] - |D| - [6143313] - C:\Program Files (x86)\Netwaiting
[20/10/2011 10:31:34] - |D| - [3586292] - C:\Program Files (x86)\Norton PC Checkup
[20/10/2011 10:31:22] - |D| - [8622003] - C:\Program Files (x86)\NortonInstaller
[01/08/2011 00:39:54] - |D| - [1749892] - C:\Program Files (x86)\PlayReady
[20/10/2011 10:20:50] - |D| - [21429910] - C:\Program Files (x86)\Realtek
[20/10/2011 10:18:27] - |D| - [6179835] - C:\Program Files (x86)\Realtek WLAN Driver
[13/07/2009 22:32:38] - |D| - [36929281] - C:\Program Files (x86)\Reference Assemblies
[02/01/2012 13:46:47] - |D| - [2777102] - C:\Program Files (x86)\TDC13E0
[01/08/2011 00:31:57] - |D| - [196326669] - C:\Program Files (x86)\TOSHIBA
[20/10/2011 10:35:24] - |HD| - [0] - C:\Program Files (x86)\TOSHIBA Corporation
[20/10/2011 10:47:06] - |D| - [283105136] - C:\Program Files (x86)\TOSHIBA Games
[20/10/2011 10:32:57] - |D| - [176048] - C:\Program Files (x86)\Toshiba Online Backup
[13/07/2009 21:57:06] - |HD| - [564154] - C:\Program Files (x86)\Uninstall Information
[18/01/2012 15:29:57] - |D| - [46172460] - C:\Program Files (x86)\Veoh Networks
[20/10/2011 10:47:07] - |D| - [9409955] - C:\Program Files (x86)\WildTangent Games
[13/07/2009 22:32:38] - |D| - [512000] - C:\Program Files (x86)\Windows Defender
[01/08/2011 00:35:00] - |D| - [170778514] - C:\Program Files (x86)\Windows Live
[13/07/2009 20:20:08] - |D| - [6115840] - C:\Program Files (x86)\Windows Mail
[13/07/2009 22:32:38] - |D| - [5008657] - C:\Program Files (x86)\Windows Media Player
[13/07/2009 20:20:08] - |D| - [12062388] - C:\Program Files (x86)\Windows NT
[13/07/2009 22:32:38] - |D| - [4394248] - C:\Program Files (x86)\Windows Photo Viewer
[13/07/2009 22:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices
[13/07/2009 22:32:38] - |D| - [6874184] - C:\Program Files (x86)\Windows Sidebar
[26/01/2012 14:49:37] - |D| - [838761] - C:\Program Files (x86)\Yahoo!
[08/09/2015 10:44:23] - |D| - [17599713] - C:\Program Files (x86)\Zemana AntiMalware
[08/05/2012 12:19:44] - |D| - [931010] - C:\Program Files (x86)\Zoola Games
---------- | C:\Program Files
[08/09/2015 15:56:56] - |D| - [18658370] - C:\Program Files\9-lab
[09/09/2015 09:48:06] - |D| - [1046321339] - C:\Program Files\AVAST Software
[09/09/2015 09:30:42] - |D| - [18005864] - C:\Program Files\CCleaner
[13/07/2009 20:20:08] - |D| - [94321288] - C:\Program Files\Common Files
[20/10/2011 10:15:30] - |D| - [70274856] - C:\Program Files\CONEXANT
[13/07/2009 21:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini
[19/01/2012 16:39:08] - |D| - [5953856] - C:\Program Files\DivX
[13/07/2009 22:32:38] - |D| - [90246164] - C:\Program Files\DVD Maker
[20/10/2011 10:36:28] - |D| - [1030824] - C:\Program Files\Google
[13/07/2009 20:20:08] - |D| - [5967646] - C:\Program Files\Internet Explorer
[13/07/2009 22:32:38] - |D| - [148875826] - C:\Program Files\Microsoft Games
[26/12/2011 13:20:10] - |D| - [1584815] - C:\Program Files\Microsoft Office
[13/07/2009 22:32:38] - |D| - [25757] - C:\Program Files\MSBuild
[01/08/2011 00:10:10] - |D| - [2178436] - C:\Program Files\PlayReady
[13/07/2009 22:32:38] - |D| - [34584745] - C:\Program Files\Reference Assemblies
[20/10/2011 10:19:31] - |D| - [37331569] - C:\Program Files\Synaptics
[01/08/2011 00:30:54] - |D| - [1933101011] - C:\Program Files\Toshiba
[13/07/2009 22:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information
[02/01/2012 13:45:56] - |D| - [50332808] - C:\Program Files\Vivitar Experience Image Manager
[13/07/2009 22:32:38] - |D| - [4016640] - C:\Program Files\Windows Defender
[21/11/2010 00:17:02] - |D| - [9212536] - C:\Program Files\Windows Journal
[01/08/2011 00:34:44] - |D| - [7753535] - C:\Program Files\Windows Live
[13/07/2009 20:20:08] - |D| - [6602240] - C:\Program Files\Windows Mail
[13/07/2009 22:32:38] - |D| - [7665069] - C:\Program Files\Windows Media Player
[13/07/2009 20:20:08] - |D| - [12492468] - C:\Program Files\Windows NT
[13/07/2009 22:32:38] - |D| - [5492504] - C:\Program Files\Windows Photo Viewer
[13/07/2009 22:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices
[13/07/2009 22:32:38] - |D| - [8116131] - C:\Program Files\Windows Sidebar
---------- | C:\Program Files (x86)\Common Files
[01/08/2011 00:32:48] - |D| - [18841090] - C:\Program Files (x86)\Common Files\Adobe
[01/08/2011 00:33:21] - |D| - [31116142] - C:\Program Files (x86)\Common Files\Adobe AIR
[03/12/2015 16:34:21] - |D| - [963111] - C:\Program Files (x86)\Common Files\AV
[26/12/2011 13:20:10] - |D| - [99136] - C:\Program Files (x86)\Common Files\DESIGNER
[19/01/2012 16:39:04] - |D| - [24726272] - C:\Program Files (x86)\Common Files\DivX Shared
[01/08/2011 00:30:49] - |D| - [5261706] - C:\Program Files (x86)\Common Files\InstallShield
[20/10/2011 10:08:53] - |D| - [14245009] - C:\Program Files (x86)\Common Files\Intel
[01/08/2011 00:30:28] - |D| - [1252295] - C:\Program Files (x86)\Common Files\Java
[13/07/2009 20:20:08] - |D| - [39193909] - C:\Program Files (x86)\Common Files\microsoft shared
[28/04/2013 16:36:45] - |D| - [651776] - C:\Program Files (x86)\Common Files\MSSoap
[21/01/2012 16:11:10] - |D| - [50303] - C:\Program Files (x86)\Common Files\PC Tools
[20/10/2011 10:07:44] - |D| - [162236] - C:\Program Files (x86)\Common Files\postureAgent
[19/01/2012 16:39:21] - |D| - [4740928] - C:\Program Files (x86)\Common Files\PX Storage Engine
[13/07/2009 20:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[13/07/2009 20:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines
[13/07/2009 20:20:08] - |D| - [10195955] - C:\Program Files (x86)\Common Files\System
[20/10/2011 11:02:57] - |D| - [3192600] - C:\Program Files (x86)\Common Files\Toshiba Shared
[20/10/2011 10:44:01] - |D| - [8534480] - C:\Program Files (x86)\Common Files\Ulead Systems
[02/04/2012 17:22:26] - |D| - [1123719] - C:\Program Files (x86)\Common Files\WebM Project
[01/08/2011 00:33:59] - |D| - [258054761] - C:\Program Files (x86)\Common Files\Windows Live
---------- | C:\Program Files\Common files
[03/12/2015 16:34:21] - |D| - [963111] - C:\Program Files\Common files\AV
[20/10/2011 10:08:53] - |D| - [15717214] - C:\Program Files\Common files\Intel
[13/07/2009 20:20:08] - |D| - [63583018] - C:\Program Files\Common files\Microsoft Shared
[13/07/2009 20:20:08] - |D| - [2702] - C:\Program Files\Common files\Services
[13/07/2009 20:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines
[13/07/2009 20:20:08] - |D| - [12145651] - C:\Program Files\Common files\System
[20/10/2011 10:16:16] - |D| - [304472] - C:\Program Files\Common files\Waves Audio Ltd
[02/04/2012 17:22:27] - |D| - [996352] - C:\Program Files\Common files\WebM Project
---------- | Tasks
[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [13/07/2009 22:08:49] - |AH| - [6] - C:\windows\Tasks\SA.DAT
[MD5.F82F0CA6BD7DD454AF4A21A47E8C350C] - [13/07/2009 22:08:49] - |A| - [32628] - C:\windows\Tasks\SCHEDLGU.TXT
[MD5.00000000000000000000000000000000] - [03/12/2015 16:34:22] - |D| - [3860] - C:\windows\System32\Tasks\AVAST Software
[MD5.6A4341978BDCE505CC786FE728644E8C] - [09/09/2015 09:49:05] - |A| - [4180] - C:\windows\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[MD5.3B3E3EB66E14C4A359AE144FCF10499F] - [09/09/2015 09:30:45] - |A| - [2790] - C:\windows\System32\Tasks\CCleanerSkipUAC : “C:\Program Files\CCleaner\CCleaner.exe”
[MD5.F485202B5B0AE1A8BDF3DAF1A70E2806] - [20/10/2011 10:35:37] - |A| - [3202] - C:\windows\System32\Tasks\GoogleUpdateTaskMachineC ore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8EFFB6262442F80BEF9E763AF8E5EF21] - [20/10/2011 10:35:38] - |A| - [3330] - C:\windows\System32\Tasks\GoogleUpdateTaskMachineU A : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] - [13/07/2009 20:20:13] - |D| - [266130] - C:\windows\System32\Tasks\Microsoft
[MD5.00000000000000000000000000000000] - [26/12/2011 13:20:21] - |D| - [4392] - C:\windows\System32\Tasks\OfficeSoftwareProtection Platform
[MD5.9F2748EEF770B6B41FB1F829AF0309C0] - [13/05/2016 17:34:12] - |A| - [3890] - C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1463186051 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
[MD5.00000000000000000000000000000000] - [13/07/2009 22:09:57] - |D| - [4478] - C:\windows\System32\Tasks\WPD
[MD5.4373602E4B403E709ED33FF9D8046399] - [17/05/2016 17:50:33] - |A| - [3032] - C:\windows\System32\Tasks{1426D1E5-5A00-4D59-985A-2107F1BEF83C} : C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
[MD5.9516A6365318001C284BCA25D7A8F49D] - [07/02/2016 12:27:13] - |A| - [2982] - C:\windows\System32\Tasks{2FB9F27A-DE3A-4CD6-B8B6-B233E63B6955} : C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE
[MD5.F1B09D09062AA3EE08655972D34F12EF] - [10/02/2016 16:37:55] - |A| - [3294] - C:\windows\System32\Tasks{65C76270-92BA-4F63-B82C-13F0D18DD623} : C:\windows\system32\pcalua.exe
[MD5.9516A6365318001C284BCA25D7A8F49D] - [07/02/2016 12:27:22] - |A| - [2982] - C:\windows\System32\Tasks{A8D2B036-36FC-403B-8061-05969D1469A2} : C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE
[MD5.4373602E4B403E709ED33FF9D8046399] - [17/05/2016 17:50:50] - |A| - [3032] - C:\windows\System32\Tasks{E210F47C-43C1-4A1F-B297-CCB4BE5B7E4D} : C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
[MD5.00000000000000000000000000000000] - [13/07/2009 20:20:14] - |HD| - [0] - C:\windows\Syswow64\Tasks\Microsoft
---------- | Firewall
[HKLM\SYSTEM\CurrentControlSet\Services\sharedacces s\Parameters\FirewallPolicy\FirewallRules]
“Netlogon-NamedPipe-In”=v2.10|Action=Allow|Active=FALSE|Dir=In|Protoco l=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|
---------- | Control\Class
[HKLM\SYSTEM\CurrentControlSet\Control\Class{03F529 37-1FD6-44FB-82C6-FE988F1B1D61}] : (kphpwaqu) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{0475BB 51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{04A83F C2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{126476 0F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{24A0C8 40-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{25DBCE 51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) → @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class{36FC9E 60-C465-11CF-8056-444553540000}] : (USB) → @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4116F6 0B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{43675D 81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) → @%SystemRoot%\system32\McxDriv.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4658EE 7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) → @%systemroot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class{48721B 56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) → @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class{49CE6A C8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) → @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 65-E325-11CE-BFC1-08002BE10318}] : (CDROM) → @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 66-E325-11CE-BFC1-08002BE10318}] : (Computer) → @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 67-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) → @%SystemRoot%\System32\StorProp.dll,-17000
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 68-E325-11CE-BFC1-08002BE10318}] : (Display) → @DispCI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 69-E325-11CE-BFC1-08002BE10318}] : (fdc) → @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 6A-E325-11CE-BFC1-08002BE10318}] : (hdc) → @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 6B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) → @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 6C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) → @mmci.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 6D-E325-11CE-BFC1-08002BE10318}] : (Modem) → @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 6E-E325-11CE-BFC1-08002BE10318}] : (Monitor) → @Montr_CI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 6F-E325-11CE-BFC1-08002BE10318}] : (Mouse) → @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 70-E325-11CE-BFC1-08002BE10318}] : (MTD) → @SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 71-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) → @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 72-E325-11CE-BFC1-08002BE10318}] : (Net) → @NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 73-E325-11CE-BFC1-08002BE10318}] : (NetClient) → @NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 74-E325-11CE-BFC1-08002BE10318}] : (NetService) → @NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 75-E325-11CE-BFC1-08002BE10318}] : (NetTrans) → @NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 77-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) → @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 78-E325-11CE-BFC1-08002BE10318}] : (Ports) → @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 79-E325-11CE-BFC1-08002BE10318}] : (Printer) → @%systemroot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 7B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) → @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 7D-E325-11CE-BFC1-08002BE10318}] : (System) → @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 7E-E325-11CE-BFC1-08002BE10318}] : (Unknown) → @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class{4D36E9 80-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) → @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class{50127D C3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) → @%SystemRoot%\system32\procinst.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class{50906C B8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) → @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class{509994 4A-F6B9-4057-A056-8C550228544C}] : (Memory) → @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class{50DD52 30-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) → @StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class{5175D3 34-C371-4806-B3BA-71FD53C9258D}] : (Sensor) → @%systemroot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class{522119 B9-1B9A-498A-AC52-148B533EFD50}] : (kphpwaqu) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{533C5B 84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) → @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class{53D29E F7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) → @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class{54505F 9E-EE66-4F1D-A63B-B853A1759385}] : (SymNetS) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{56EBD6 88-B772-4181-9610-8633FCEE988D}] : (SymIRON) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{5A4601 0E-C74B-4CB1-A041-D22759FE9F9C}] : (Sftplay) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{6BDD1F C1-810F-11D0-BEC7-08002BE2092F}] : (1394) → @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class{6BDD1F C5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) → @NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class{6BDD1F C6-810F-11D0-BEC7-08002BE2092F}] : (Image) → @%systemroot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class{6D8078 84-7D21-11CF-801C-08002BE10318}] : (TapeDrive) → @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class{6FAE73 B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{71A27C DD-812A-11D0-BEC7-08002BE2092F}] : (Volume) → @%SystemRoot%\System32\SysClass.Dll,-3007
[HKLM\SYSTEM\CurrentControlSet\Control\Class{72631E 54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) → @%SystemRoot%\system32\batt.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class{745A17 A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) → @hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class{7E0006 EA-81A8-4780-B0C8-474E2DBF4D63}] : (IDSVia64) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{7E9CDD E7-C6A8-4A7D-8077-1C7656D98FE5}] : (PGEffect) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{7EBEFB C0-3200-11D2-B4C2-00A0C9697D07}] : (61883) → @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class{87C077 B2-3D3B-4156-938A-EA51B451D6C6}] : (kphpwaqu) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{8AE855 50-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{8BBD94 A0-A150-11D4-A878-0040265B73EE}] : (TosSec) → @oem23.inf,%CLASS_NAME%;TosSec Class
[HKLM\SYSTEM\CurrentControlSet\Control\Class{8ECC05 5D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) → @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class{990A2B D7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) → @sccls.dll,-300
[HKLM\SYSTEM\CurrentControlSet\Control\Class{997B5D 8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) → @%systemroot%\system32\AuxiliaryDisplayClassInstal ler.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class{A0A588 A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) → @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class{BC1037 02-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) → @%SystemRoot%\System32\migwiz\migres.dll,-20
[HKLM\SYSTEM\CurrentControlSet\Control\Class{C06FF2 65-AE09-48F0-812C-16753D7CBA83}] : (AVC) → @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class{C4A06E 97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{C777C1 65-D422-426D-8EBF-6EAF3FB83ADF}] : (aswNdisFlt) →
[HKLM\SYSTEM\CurrentControlSet\Control\Class{CE5939 AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) → @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class{D48179 BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) → @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class{D61CA3 65-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) → @%SystemRoot%\system32\XInput9_1_0.dll,-1000
[HKLM\SYSTEM\CurrentControlSet\Control\Class{D94EE5 D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) → @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class{DB4F6D DD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) → @sccls.dll,-301
[HKLM\SYSTEM\CurrentControlSet\Control\Class{E0CBF0 6C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) → @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class{EEC5AD 98-8080-425F-922A-DABF3DE3F69A}] : (WPD) → @wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class{FB58BE 68-EA9E-4803-847F-2CE814E7B159}] : (kphpwaqu) →
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services {2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] → ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services {A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] → elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services {CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] → ElsLad.dll (Copyright (c) Microsoft Corporation.)
---------- | Loaded modules (whitelist)
[14/07/2009 15:31:18] - (2.0.0.3) - (TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver) - C:\windows\system32\DRIVERS\TVALZ_O.SYS
[24/06/2009 15:36:48] - (4.2.0.0) - (TOSHIBA Corporation - tos_sps64) - C:\windows\system32\DRIVERS\tos_sps64.sys
[08/09/2015 10:44:10] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\windows\System32\drivers\zamguard64.sys
[08/09/2015 10:44:27] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\windows\System32\drivers\zam64.sys
[08/11/2010 12:44:40] - (1.0.0.36) - (Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller) - C:\windows\system32\DRIVERS\L1C62x64.sys
[03/02/2011 19:59:06] - (15.2.11.1) - (Synaptics Incorporated - Synaptics Touchpad Driver) - C:\windows\system32\DRIVERS\SynTP.sys
[01/08/2011 00:40:14] - (2.0.0.3) - (TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64.) - C:\windows\system32\DRIVERS\tdcmdpst.sys
[15/06/2009 13:58:50] - (2.1.0.0) - (TOSHIBA - Generic IO & Memory Access) - C:\windows\system32\DRIVERS\QIOMem.sys
[19/06/2009 19:15:22] - (1.0.0.2) - (TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver for x64) - C:\windows\system32\DRIVERS\TVALZFL.sys
[07/07/2011 15:02:16] - (8.51.2.0) - (Conexant Systems Inc. - 64-bit High Definition Audio Function Driver) - C:\windows\system32\drivers\CHDRT64.sys
[20/10/2011 10:22:53] - (1.0.17.64) - (TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver) - C:\windows\system32\DRIVERS\pgeffect.sys
[13/07/2009 19:36:07] - (4.3.86.0) - (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - Macrovision SECURITY Driver) - C:\windows\System32\Drivers\secdrv.SYS
---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service
R0 - [Kernel Driver] - ACPI (Microsoft ACPI Driver) → system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - amdxata () → system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswRvrt (avast! Revert) → (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswVmm (avast! VM Monitor) → (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - atapi (IDE Channel) → system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) → System32\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () → System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Compbatt (Microsoft Composite Battery Driver) → system32\drivers\compbatt.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Disk (Disk Driver) → system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) → system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) → system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) → System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) → System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iaStor (Intel AHCI Controller) → system32\DRIVERS\iaStor.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecDD () → System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () → System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) → System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msahci () → system32\DRIVERS\msahci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () → system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) → System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) → system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) → System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (PCI Bus Driver) → system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pciide () → system32\DRIVERS\pciide.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) → System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - rdyboost (ReadyBoost) → System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) → (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) → System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - tos_sps64 (TOSHIBA tos_sps64 Service) → system32\DRIVERS\tos_sps64.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - TVALZ (TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver) → system32\DRIVERS\TVALZ_O.SYS - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (Microsoft Virtual Drive Enumerator Driver) → system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgr (Volume Manager Driver) → system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) → System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (Storage volumes) → system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Wd (Microsoft Watchdog Timer Driver) → system32\drivers\wd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Wdf01000 (Kernel Mode Driver Frameworks service) → system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) → \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswKbd (aswKbd) → \SystemRoot\system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswRdr (aswRdr) → \SystemRoot\system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSnx (aswSnx) → \SystemRoot\system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSP (aswSP) → \SystemRoot\system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) → (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - blbdrive () → system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (CD-ROM Driver) → system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) → System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) → System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () → (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (Microsoft System Management BIOS Driver) → system32\DRIVERS\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (NetBIOS Interface) → system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) → System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () → (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) → system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () → (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) → system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) → system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) → System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) → system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) → system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) → system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - TermDD (Terminal Device Driver) → system32\DRIVERS\termdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - VgaSave () → \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) → system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) → system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) → system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ZAM (ZAM Helper Driver) → ??\C:\windows\System32\drivers\zam64.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ZAM_Guard (ZAM Guard Driver) → ??\C:\windows\System32\drivers\zamguard64.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - aswHwid (avast! HardwareID) → \SystemRoot\system32\drivers\aswHwid.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - aswMonFlt (aswMonFlt) → \SystemRoot\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True
S2 - [Kernel Driver] - aswStm (aswStm) → \SystemRoot\system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False
R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) → system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) → \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) → system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) → system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - secdrv (Security Driver) → (?) - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) → System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - TVALZFL (TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver) → system32\DRIVERS\TVALZFL.sys - AcceptPause: False - AcceptStop: True
---------- | System files (Microsoft Files whitelisted)
[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 13:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\windows\System32\Drivers\adp94xx.sys
[MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 14:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\windows\System32\Drivers\adpahci.sys
[MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 14:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\windows\System32\Drivers\adpu320.sys
[MD5.5812713A477A3AD7363C7438CA2EE038] - [13/07/2009 16:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\windows\System32\Drivers\aliide.sys
[MD5.1FF8B4431C353CE385C875F194924C0C] - [13/07/2009 16:19:49] - (.Copyright (C) AMD 2003 - AMD IDE Driver.) - [15.08 Ko] - (6.1.7600.16385) - C:\windows\System32\Drivers\amdide.sys
[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [01/08/2011 00:11:51] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\windows\System32\Drivers\amdsata.sys
[MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 13:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\windows\System32\Drivers\amdsbs.sys
[MD5.540DAF1CEA6094886D72126FD7C33048] - [01/08/2011 00:11:51] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\windows\System32\Drivers\amdxata.sys
[MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 14:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\windows\System32\Drivers\arc.sys
[MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 14:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\windows\System32\Drivers\arcsas.sys
[MD5.A629E4799D4CD6361D1B5D573EA5C2CD] - [09/09/2015 09:48:38] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [36.77 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswHwid.sys
[MD5.97F952A9050CAD88681F5F0F46B8D5A5] - [13/05/2016 10:00:49] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [36.27 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswKbd.sys
[MD5.9C6C17C495E960E52EDE5D038EE92AE1] - [09/09/2015 09:48:39] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [105.77 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswMonFlt.sys
[MD5.8F492911129B1B32818BF894DC0C2C73] - [09/09/2015 09:48:38] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [100.65 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswRdr2.sys
[MD5.4ABDD84A67378E866BC15DDC9916BA71] - [09/09/2015 09:48:39] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [72.8 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswRvrt.sys
[MD5.409CDD1400B404F655EEC1B5850FD3BE] - [09/09/2015 09:48:36] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [1045.8 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswSnx.sys
[MD5.CDB1BE967AFF65D8395B6DF2EA8CBCCF] - [09/09/2015 09:48:39] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [462.49 Ko] - (12.1.3076.7) - C:\windows\System32\Drivers\aswsp.sys
[MD5.F6B5E463A0BB934C26FB319EDC726F65] - [09/09/2015 09:48:41] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [159.09 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswStm.sys
[MD5.FE0EE5CA72BC0D41DCAAFCA70B78274B] - [09/09/2015 09:48:41] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [285.84 Ko] - (12.1.3076.11) - C:\windows\System32\Drivers\aswvmm.sys
[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 13:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\windows\System32\Drivers\b57nd60a.sys
[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [13/07/2009 18:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\windows\System32\Drivers\BrFiltLo.sys
[MD5.B114D3098E9BDB8BEA8B053685831BE6] - [13/07/2009 18:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\windows\System32\Drivers\BrFiltUp.sys
[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [13/07/2009 18:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Brotehr Serial I/F Driver (WDM).) - [280 Ko] - (1.0.1.6) - C:\windows\System32\Drivers\BrSerId.sys
[MD5.A6ECA2151B08A09CACECA35C07F05B42] - [13/07/2009 18:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\windows\System32\Drivers\BrSerWdm.sys
[MD5.B79968002C277E869CF38BD22CD61524] - [13/07/2009 18:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\windows\System32\Drivers\BrUsbMdm.sys
[MD5.A87528880231C54E75EA7A44943B38BF] - [13/07/2009 18:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\windows\System32\Drivers\BrUsbSer.sys
[MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 13:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\windows\System32\Drivers\bxvbda.sys
[MD5.20506F12AFAD3DB588D007EA9325FBBC] - [07/07/2011 15:02:16] - (.© Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) - [1539.63 Ko] - (8.51.2.0) - C:\windows\System32\Drivers\CHDRT64.sys
[MD5.E19D3F095812725D88F9001985B94EDD] - [13/07/2009 16:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\windows\System32\Drivers\cmdide.sys
[MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 13:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\windows\System32\Drivers\elxstor.sys
[MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 13:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\windows\System32\Drivers\evbda.sys
[MD5.915E4E1E21CBFC4CB2415CD34C72800C] - [26/12/2011 12:57:17] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\windows\System32\Drivers\fbd.sys
[MD5.F2523EF6460FC42405B12248338AB2F0] - [13/07/2009 15:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\windows\System32\Drivers\hcw85cir.sys
[MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - [19/10/2010 16:34:26] - (.Copyright © 2006-2010, Intel Corporation. - Intel(R) Management Engine Interface.) - [55.02 Ko] - (7.0.0.1144) - C:\windows\System32\Drivers\HECIx64.sys
[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [20/11/2010 20:23:47] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\windows\System32\Drivers\HpSAMD.sys
[MD5.D469B77687E12FE43E344806740B624D] - [20/10/2011 10:11:10] - (.Copyright(C) Intel Corporation 1994-2011 - Intel Rapid Storage Technology driver - x64.) - [429.02 Ko] - (10.1.2.1004) - C:\windows\System32\Drivers\iaStor.sys
[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [01/08/2011 00:11:50] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\windows\System32\Drivers\iaStorV.sys
[MD5.370C2A8629B30F910F740387795DDC6F] - [04/04/2011 20:10:14] - (.Copyright (c) 1998-2006 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [11975.22 Ko] - (8.15.10.2353) - C:\windows\System32\Drivers\igdkmd64.sys
[MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 14:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\windows\System32\Drivers\iirsp.sys
[MD5.FC727061C0F47C8059E88E05D5C8E381] - [15/10/2010 01:28:16] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [310 Ko] - (6.14.0.3074) - C:\windows\System32\Drivers\IntcDAud.sys
[MD5.CD91D1BD200D9F39682A08E987F0DBE2] - [02/01/2012 13:46:49] - (.Copyright (C) 2007 Jeilin Corporation - Universal Serial Bus Camera Driver.) - [78.98 Ko] - (6.0.6000.16386) - C:\windows\System32\Drivers\jl2005c.sys
[MD5.EBED8B3FF4A823C1A6EEBEED7B29353F] - [08/11/2010 12:44:40] - (.2001-2010 Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) - [75.11 Ko] - (1.0.0.36) - C:\windows\System32\Drivers\L1C62x64.sys
[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 14:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\windows\System32\Drivers\lsi_fc.sys
[MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 14:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\windows\System32\Drivers\lsi_sas.sys
[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 14:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\windows\System32\Drivers\lsi_sas2.sys
[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 14:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\windows\System32\Drivers\lsi_scsi.sys
[MD5.A8D28D5B3E2A528D1EF0E338E44F2820] - [08/09/2015 10:46:37] - (.© Malwarebytes Corporation. - Malwarebytes Anti-Malware.) - [25.21 Ko] - (0.1.15.0) - C:\windows\System32\Drivers\mbam.sys
[MD5.47701ECA633574E122687693B5C5D35C] - [08/09/2015 10:46:37] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [106.71 Ko] - (1.1.21.0) - C:\windows\System32\Drivers\mbamchameleon.sys
[MD5.89DECC6E34AE28029BFC9C4EF186FC46] - [08/09/2015 10:47:01] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [190.21 Ko] - (0.3.0.4) - C:\windows\System32\Drivers\MBAMSwissArmy.sys
[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 13:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\windows\System32\Drivers\megasas.sys
[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 14:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\windows\System32\Drivers\MegaSR.sys
[MD5.AE757332EA130E94E646621CC695B52A] - [08/09/2015 10:46:37] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [62.21 Ko] - (1.0.6.0) - C:\windows\System32\Drivers\mwac.sys
[MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 14:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\windows\System32\Drivers\nfrd960.sys
[MD5.0A92CB65770442ED0DC44834632F66AD] - [01/08/2011 00:11:50] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce™ RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\windows\System32\Drivers\nvraid.sys
[MD5.DAB0E87525C10052BF65F06152F37E4A] - [01/08/2011 00:11:50] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce™ Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\windows\System32\Drivers\nvstor.sys
[MD5.91111CEBBDE8015E822C46120ED9537C] - [20/10/2011 10:22:53] - (.Copyright (c) TOSHIBA Corporation. - TOSHIBA Universal Camera Filter Driver.) - [37.2 Ko] - (1.0.17.64) - C:\windows\System32\Drivers\PGEffect.sys
[MD5.C8FCB4899F8B70CC34E0D9876A80963C] - [15/06/2009 13:58:50] - (.Copyright(C) 2009-2016 TOSHIBA. - Generic IO & Memory Access.) - [12.5 Ko] - (2.1.0.0) - C:\windows\System32\Drivers\QIOMem.sys
[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 13:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\windows\System32\Drivers\ql2300.sys
[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 14:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\windows\System32\Drivers\ql40xx.sys
[MD5.80E356E8BA267DB92DCA373CB4EE11C9] - [20/10/2011 10:20:50] - (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) - [17.6 Ko] - (1.0.2.0) - C:\windows\System32\Drivers\rtcrfilt64.sys
[MD5.945AB249D12CBE044782430C6013AA1A] - [20/10/2011 10:18:27] - (.Copyright (C) 2010 Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) - [439.5 Ko] - (62.1182.331.2010) - C:\windows\System32\Drivers\rtl8187B.sys
[MD5.F79E887762D9A0C3FDE5D188DCA5BB26] - [20/10/2011 10:18:27] - (.Copyright (C) 2010 Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) - [432 Ko] - (6.9110.401.2010) - C:\windows\System32\Drivers\rtl8187Se.sys
[MD5.64FDF4FE366CA42DA2B7D9D424B6E39B] - [20/10/2011 10:18:27] - (.Copyright (C) 2006 Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) - [1083.1 Ko] - (1005.12.105.2011) - C:\windows\System32\Drivers\rtl8192ce.sys
[MD5.2882E3DE7FA60CEDC208A0D9C506C9E1] - [20/10/2011 10:18:27] - (.Copyright (C) 2006 Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) - [1192.6 Ko] - (2019.2.1217.2010) - C:\windows\System32\Drivers\rtl8192se.sys
[MD5.689E5A7993643E216CB553930990DE23] - [20/10/2011 10:18:27] - (.Copyright (C) 2006 Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) - [612.1 Ko] - (2002.0.1222.2010) - C:\windows\System32\Drivers\rtl819xp.sys
[MD5.135A64530D7699AD48F29D73A658DD11] - [20/10/2011 10:20:50] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) - [245.1 Ko] - (6.1.7600.30127) - C:\windows\System32\Drivers\RtsUStor.sys
[MD5.E5DC911D0FEB72CAFF2BBDD6E7C3672F] - [20/10/2011 10:20:50] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) - [300.1 Ko] - (6.1.7600.10008) - C:\windows\System32\Drivers\rtsuvstor.sys
[MD5.3EA8A16169C26AFBEB544E0E48421186] - [13/07/2009 19:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\windows\System32\Drivers\secdrv.sys
[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 13:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\windows\System32\Drivers\sisraid2.sys
[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 14:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\windows\System32\Drivers\sisraid4.sys
[MD5.1D8F61346A123CC5CDE7E2AABB7DFEE0] - [30/08/2016 16:15:58] - (.-.) - [43.9 Ko] - (8.0.4624.2183) - C:\windows\System32\Drivers\staport.sys
[MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 14:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\windows\System32\Drivers\stexstor.sys
[MD5.F5B46DF59FEAA48A442AED7EEB754D4B] - [03/02/2011 19:59:06] - (.Copyright (C) Synaptics Incorporated 1996-2011 - Synaptics Touchpad Driver.) - [1380.55 Ko] - (15.2.11.1) - C:\windows\System32\Drivers\SynTP.sys
[MD5.FD542B661BD22FA69CA789AD0AC58C29] - [01/08/2011 00:40:14] - (.Copyright (C) 2007-2009 TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) - [27.13 Ko] - (2.0.0.3) - C:\windows\System32\Drivers\tdcmdpst.sys
[MD5.09FF7B0B1B5C3D225495CB6F5A9B39F8] - [24/06/2009 15:36:48] - (.Copyright (C) TOSHIBA Corporation 2000-2009 - tos_sps64.) - [471.08 Ko] - (4.2.0.0) - C:\windows\System32\Drivers\tos_sps64.sys
[MD5.9C7191F4B2E49BFF47A6C1144B5923FA] - [19/06/2009 19:15:22] - (.Copyright (C) 2008-2009 TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver for x64.) - [14.13 Ko] - (1.0.0.2) - C:\windows\System32\Drivers\TVALZFL.sys
[MD5.550B567F9364D8F7684C3FB3EA665A72] - [14/07/2009 15:31:18] - (.Copyright (C) 2006-2009 TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver.) - [26.21 Ko] - (2.0.0.3) - C:\windows\System32\Drivers\TVALZ_O.SYS
[MD5.E5689D93FFE4E5D66C0178761240DD54] - [13/07/2009 16:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\windows\System32\Drivers\viaide.sys
[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 13:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\windows\System32\Drivers\vsmraid.sys
[MD5.0C4540311E11664B245A263E1154CEF8] - [13/07/2009 15:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_HWAZL WDM driver.) - [286 Ko] - (7.80.2.0) - C:\windows\System32\Drivers\VSTAZL6.SYS
[MD5.18E40C245DBFAF36FD0134A7EF2DF396] - [13/07/2009 15:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_CNXT driver.) - [723.5 Ko] - (7.80.2.0) - C:\windows\System32\Drivers\VSTCNXT6.SYS
[MD5.02071D207A9858FBE3A48CBFD59C4A04] - [13/07/2009 15:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_DP driver.) - [1450.5 Ko] - (7.80.2.0) - C:\windows\System32\Drivers\VSTDPV6.SYS
[MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [08/09/2015 10:44:27] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\windows\System32\Drivers\zam64.sys
[MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [08/09/2015 10:44:10] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\windows\System32\Drivers\zamguard64.sys
---------- | Uninstall
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\ActiveTouchMeetingClient] : (WebEx.-.Cisco WebEx LLC) → C:\PROGRA~3\WebEx\atcliun.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\AddressBook] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\Branding] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\cAudioFilterAgent] : (.-.Conexant Systems) → C:\Program Files\CONEXANT\cAudioFilterAgent\SETUP64.EXE -U -IcAudioFilterAgent -SM=cAudioFilterAgent64.exe,16
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\CCleaner] : (CCleaner.-.Piriform) → “C:\Program Files\CCleaner\uninst.exe”
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\cMA3Preset] : (.-.Conexant Systems) → C:\Program Files\CONEXANT\cMA3Preset\SETUP64.EXE -U -IcMA3Preset ,16
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\CNXT_AUDIO_HDA] : (Conexant HD Audio.-.Conexant) → C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -G -ITE7Pebwa.inf
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\Connection Manager] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\DirectDrawEx] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\DXM_Runtime] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\Fontcore] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\IE40] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\IE4Data] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\IE5BAKEX] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\IEData] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}] : (.-.) → C:\Program Files\TOSHIBA\TVAP\setup.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\MaxxAudio] : (.-.Conexant Systems) → C:\Program Files\Conexant\MaxxAudio\SETUP64.EXE -U -IMaxxAudio
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\MaxxGadget] : (.-.Conexant Systems) → C:\Program Files\Conexant\MaxxGadget\SETUP64.EXE -U -IMaxxGadget ,16
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\MobileOptionPack] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\MPlayer2] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\REGSERVO_is1] : (REGSERVO.-.TuneUp System Software Pvt Ltd.) → “C:\Program Files\REGSERVO\unins000.exe”
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\SAII] : (.-.Conexant Systems) → C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\SchedulingAgent] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\SynTPDeinstKey] : (Synaptics Pointing Device Driver.-.Synaptics Incorporated) → rundll32.exe “%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll”,stan dAloneUninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall\WIC] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{027BF2A8-9B37-AE37-C35E-1D6839B09261}] : (.-.) →
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{066CFFF8-12BF-4390-A673-75F95EFF188E}] : (TOSHIBA Value Added Package.-.TOSHIBA Corporation) →
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{1C8C049A-145F-4A6E-8290-B5C245EBE39D}] : (TOSHIBA Bulletin Board.-.TOSHIBA Corporation) → MsiExec.exe /X{1C8C049A-145F-4A6E-8290-B5C245EBE39D}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{24811C12-F4A9-4D0F-8494-A7B8FE46123C}] : (TOSHIBA ReelTime.-.TOSHIBA Corporation) → MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{5DA0E02F-970B-424B-BF41-513A5018E4C0}] : (TOSHIBA Disc Creator.-.TOSHIBA Corporation) → MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{6D3C4544-EA5F-F1E0-BEFF-C5B631789FB1}] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}] : (TOSHIBA PC Health Monitor.-.TOSHIBA Corporation) → MsiExec.exe /X{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{9E063853-2003-09E8-0E26-A600FF9F51B9}] : (.-.) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}] : (TOSHIBA eco Utility.-.TOSHIBA Corporation) → MsiExec.exe /X{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}] : (TOSHIBA Hardware Setup.-.TOSHIBA) →
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{CBD6B23D-41D5-4A46-8019-6208516C9712}] : (TOSHIBA Supervisor Password.-.TOSHIBA) →
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{D4322448-B6AF-4316-B859-D8A0E84DCB38}] : (TOSHIBA HDD/SSD Alert.-.TOSHIBA Corporation) → MsiExec.exe /X{D4322448-B6AF-4316-B859-D8A0E84DCB38}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{E97273D6-1BFC-5317-EB2E-926B029C4002}] : (.-.) →
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uni nstall{F67FA545-D8E5-4209-86B1-AEE045D1003F}] : (TOSHIBA Face Recognition.-.TOSHIBA Corporation) → MsiExec.exe /X{F67FA545-D8E5-4209-86B1-AEE045D1003F}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\9-lab Removal Tool] : (9-lab Removal Tool.-.) → “C:\Program Files\9-lab\Removal Tool\uninst.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\AddressBook] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) → c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 18 ActiveX.-.Adobe Systems Incorporated) → C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_ 0_0_232_ActiveX.exe -maintain activex
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 18 NPAPI.-.Adobe Systems Incorporated) → C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_ 0_0_232_Plugin.exe -maintain plugin
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Avast] : (Avast Free Antivirus.-.AVAST Software) → C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Connection Manager] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\DirectDrawEx] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\DivX Setup] : (DivX Setup.-.DivX, LLC) → C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\ffdshow_is1] : (ffdshow [rev 2527] [2008-12-19].-.) → “C:\Program Files (x86)\ffdshow\unins000.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Fontcore] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\FreeTorrentViewer] : (FreeTorrentViewer.-.Free Torrent Viewer) → C:\Program Files (x86)\FreeTorrentViewer\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Giraffic] : (Veoh Giraffic Video Accelerator.-.Giraffic) → C:\Program Files (x86)\Giraffic\GirafficUninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) → “C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Inst aller\setup.exe” --uninstall --system-level --verbose-logging
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\HaaliMkx] : (Haali Media Splitter.-.) → “C:\Program Files (x86)\Haali\MatroskaSplitter\uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\IE40] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\IE4Data] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\IE5BAKEX] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\IEData] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\InstallShield Uninstall Information] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}] : (TOSHIBA Value Added Package.-.TOSHIBA Corporation) → C:\Program Files\TOSHIBA\TVAP\Setup.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}] : (TOSHIBA Bulletin Board.-.TOSHIBA Corporation) → “C:\Program Files (x86)\InstallShield Installation Information{1C8C049A-145F-4A6E-8290-B5C245EBE39D}\setup.exe” -runfromtemp -l0x0409 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}] : (TOSHIBA ReelTime.-.TOSHIBA Corporation) → “C:\Program Files (x86)\InstallShield Installation Information{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe” -runfromtemp -l0x0409 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}] : (TOSHIBA Web Camera Application.-.TOSHIBA Corporation) → “C:\Program Files (x86)\InstallShield Installation Information{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\setup.exe” -runfromtemp -l0x0409 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}] : (TOSHIBA Hardware Setup.-.TOSHIBA) → C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\I Driver.exe /M{C4FFA951-9678-4D51-84B4-AFD15D3C45AD} /l1033
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}] : (TOSHIBA Supervisor Password.-.TOSHIBA) → C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\I Driver.exe /M{CBD6B23D-41D5-4A46-8019-6208516C9712} /l1033
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}] : (TOSHIBA Face Recognition.-.TOSHIBA Corporation) → “C:\Program Files (x86)\InstallShield Installation Information{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe” -runfromtemp -l0x0409 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.1.8.1057.-.Malwarebytes Corporation) → “C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\MixiDJ V34 Toolbar] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\MixiDJ_V34 Toolbar] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\MobileOptionPack] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\NortonPCCheckup] : (Toshiba Laptop Checkup.-.Symantec Corporation) → C:\Program Files (x86)\NortonInstaller{170fa89a-6886-4c9e-b17b-12bccdd80788}\NortonPCCheckup\LicenseType\2.0.13.1 1\InstStub.exe /X
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\SafeZone 1.48.2066.114] : (SafeZone Stable 1.48.2066.114.-.Avast Software) → “C:\Program Files\AVAST Software\SZBrowser\Launcher.exe” /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\SchedulingAgent] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\TDC13E0_2009_0603_1515_is1] : (Uninstall Dual Mode Camera (TDC13E0).-.) → “C:\Program Files (x86)\TDC13E0\unins000.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Veoh Web Player Beta] : (Veoh Web Player.-.Veoh Networks, Inc.) → “C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\uninst.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Veoh Web Player Toolbar] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Vivitar Experience Image Manager] : (Vivitar Experience Image Manager.-.) → C:\Program Files\Vivitar Experience Image Manager\uninstaller.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\webmmf] : (WebM Media Foundation Components.-.WebM Project) → C:\Program Files (x86)\Common Files\WebM Project\webmmf\uninstall_webmmf.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WIC] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WildTangent toshiba Master Uninstall] : (WildTangent Games.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WildTangentGameProvider-toshiba-genres] : (.-.WildTangent, Inc.) → “C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - genres\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WildTangentGameProvider-toshiba-main] : (.-.WildTangent, Inc.) → “C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - main\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WildTangentGDF-toshiba-clubpenguin] : (.-.WildTangent, Inc.) → “C:\Program Files (x86)\TOSHIBA Games\Web Link - Club Penguin\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WildTangentGDF-toshiba-darkorbit] : (.-.WildTangent, Inc.) → “C:\Program Files (x86)\TOSHIBA Games\Web Link - Dark Orbit\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WildTangentGDF-toshiba-seafight] : (.-.WildTangent, Inc.) → “C:\Program Files (x86)\TOSHIBA Games\Web Link - Seafight\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WildTangentGDF-toshiba-shaiya] : (.-.WildTangent, Inc.) → “C:\Program Files (x86)\TOSHIBA Games\Web Link - Shaiya\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WildTangentGDF-toshiba-worldofwarcraft] : (.-.WildTangent, Inc.) → “C:\Program Files (x86)\TOSHIBA Games\Web Link - World of Warcraft\Uninstall.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-1bd9480c-a72e-4acf-9df8-d55787d9bcd7] : (Polar Bowler.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Polar Bowler\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-2b98a26a-9857-4cda-b8c0-eee3bb490993] : (Chuzzle Deluxe.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Chuzzle Deluxe\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-2c05a9e4-d186-474f-bd85-2496b970ba27] : (Penguins!.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Penguins!\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-449bd985-3c9d-415e-91db-c4c8da29a06b] : (Bejeweled 3.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Bejeweled 3\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-52f1d0ea-61e5-4e73-9487-ae54e69b2437] : (Virtual Villagers 5 - New Believers.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Virtual Villagers 5 - New Believers\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-54d4bc45-6230-4afa-82ed-66eaac5d1226] : (Zuma’s Revenge.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Zumas Revenge\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-64342a07-e20d-4fb5-9bd4-5c83fc3e1740] : (Tom Clancy’s Splinter Cell.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Tom Clancys Splinter Cell\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-77bd5c54-5d8d-4416-9bba-1ba4a88ce1b7] : (FATE - The Traitor Soul.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\FATE - The Traitor Soul\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-acdb0c5a-477e-4756-b925-430ed43ca90f] : (Fishdom ™ 2.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Fishdom ™ 2\uninstall\uninstaller.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\WTA-e1c833ce-2952-47e7-8161-c2ec26e43ff2] : (Plants vs. Zombies - Game of the Year.-.WildTangent) → “C:\Program Files (x86)\TOSHIBA Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Yahoo! Software Update] : (Yahoo! Software Update.-.) → C:\PROGRA~2\Yahoo!\SOFTWA~1\UNINST~1.EXE
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall\Zoola Games] : (Zoola Games.-.) → C:\Program Files (x86)\Zoola Games\uninstall.exe
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{066CFFF8-12BF-4390-A673-75F95EFF188E}] : (TOSHIBA Value Added Package.-.TOSHIBA Corporation) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{0D795777-9D60-4692-8386-F2B3F2B5E5BF}] : (Label@Once 1.0.-.Corel) → MsiExec.exe /I{0D795777-9D60-4692-8386-F2B3F2B5E5BF}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{18455581-E099-4BA8-BC6B-F34B2F06600C}] : (Google Toolbar for Internet Explorer.-.Google Inc.) → MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{1C8C049A-145F-4A6E-8290-B5C245EBE39D}] : (.-.TOSHIBA Corporation) →
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{24811C12-F4A9-4D0F-8494-A7B8FE46123C}] : (.-.TOSHIBA Corporation) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{26A24AE4-039D-4CA4-87B4-2F83216025FF}] : (Java™ 6 Update 25.-.Oracle) → MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216025FF}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App] : (Update Installer for WildTangent Games App.-.WildTangent) → “C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{3108C217-BE83-42E4-AE9E-A56A2A92E549}] : (Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver.-.Atheros Communications Inc.) → “C:\Program Files (x86)\InstallShield Installation Information{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe” -runfromtemp -l0x0009 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) → C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{4494ACC0-18AE-4342-A96A-864748ABF37C}] : (.-.) →
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Sun Microsystems, Inc.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{51C7AD07-C3F6-4635-8E8A-231306D810FE}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) → MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{59DB31A9-BCB0-4985-ACA6-F6477C7BE367}] : (Strongvault Online Backup.-.Strongvault) → MsiExec.exe /X{59DB31A9-BCB0-4985-ACA6-F6477C7BE367}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{5AF550B4-BB67-4E7E-82F1-2C4300279050}] : (TOSHIBARegistration.-.TOSHIBA) → RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files (x86)\InstallShield Installation Information{5AF550B4-BB67-4E7E-82F1-2C4300279050}\setup.exe” -l0x9 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{5B01BCB7-A5D3-476F-AF11-E515BA206591}] : (TOSHIBA Wireless LAN Indicator.-.TOSHIBA CORPORATION) → MsiExec.exe /X{5B01BCB7-A5D3-476F-AF11-E515BA206591}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{5E33D30D-D896-4D92-B033-5F45819B2937}] : (.-.Strongvault Online Backup) → MsiExec.exe /I{5E33D30D-D896-4D92-B033-5F45819B2937}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) → MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{62BBB2F0-E220-4821-A564-730807D2C34D}] : (Realtek USB 2.0 Reader Driver.-.Realtek Semiconductor Corp.) → “C:\Program Files (x86)\InstallShield Installation Information{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe” -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) → MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) → C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{654F7484-88C5-46DC-AB32-C66BCB0E2102}] : (TOSHIBA Sleep Utility.-.TOSHIBA Corporation) → C:\Program Files (x86)\InstallShield Installation Information{654F7484-88C5-46DC-AB32-C66BCB0E2102}\Setup.exe -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}] : (TOSHIBA Resolution+ Plug-in for Windows Media Player.-.TOSHIBA Corporation) → “C:\Program Files (x86)\InstallShield Installation Information{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}\setup.exe” -runfromtemp -l0x0409 -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}] : (TOSHIBA Web Camera Application.-.TOSHIBA Corporation) → MsiExec.exe /I{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba] : (WildTangent Games App (Toshiba Games).-.WildTangent) → “C:\Program Files (x86)\WildTangent Games\Touchpoints\toshiba\Uninstall.exe”
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}] : (Netwaiting.-.Conexant Systems, Inc) → MsiExec.exe /I{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{7B63B2922B174135AFC0E1377DD81EC 2}] : (.-.) →
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1] : (Zemana AntiMalware.-.Zemana Ltd.) → “C:\Program Files (x86)\Zemana AntiMalware\unins000.exe”
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{933B4015-4618-4716-A828-5289FC03165F}] : (VC80CRTRedist - 8.0.50727.6195.-.DivX, Inc) → MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}] : (TOSHIBA Application Installer.-.TOSHIBA) → RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files (x86)\InstallShield Installation Information{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}\setup.exe” -l0x9 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{9D3D8C60-A55F-4fed-B2B9-173001290E16}] : (Realtek WLAN Driver.-.REALTEK Semiconductor Corp.) → C:\Program Files (x86)\InstallShield Installation Information{9D3D8C60-A55F-4fed-B2B9-173001290E16}\Install.exe -uninst -l0x9
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}] : (Toshiba Book Place.-.K-NFB Reading Technology, Inc.) → MsiExec.exe /X{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{AC6569FA-6919-442A-8552-073BE69E247A}] : (TOSHIBA Service Station.-.TOSHIBA) → C:\Program Files (x86)\InstallShield Installation Information{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{AC76BA86-7AD7-FFFF-7B44-AA0000000001}] : (Adobe Reader X MUI.-.Adobe Systems Incorporated) → MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}] : (Adobe AIR.-.Adobe Systems Incorporated) → MsiExec.exe /I{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}] : (TOSHIBA Recovery Media Creator.-.TOSHIBA CORPORATION) → C:\Program Files (x86)\InstallShield Installation Information{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}] : (TOSHIBA Assist.-.TOSHIBA CORPORATION) → C:\Program Files (x86)\InstallShield Installation Information{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}] : (Toshiba Online Backup.-.Toshiba) → MsiExec.exe /X{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{C7A4F26F-F9B0-41B2-8659-99181108CDE3}] : (TOSHIBA Media Controller.-.TOSHIBA CORPORATION) → C:\Program Files (x86)\InstallShield Installation Information{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{DA84ECBF-4B79-47F2-B34C-95C38484C058}] : (Skype Launcher.-.TOSHIBA Corporation) → C:\Program Files (x86)\InstallShield Installation Information{DA84ECBF-4B79-47F2-B34C-95C38484C058}\setup.exe -runfromtemp -l0x0009 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{E69992ED-A7F6-406C-9280-1C156417BC49}] : (TOSHIBA Quality Application.-.TOSHIBA) → RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\ 00\Intel32\Ctor.dll,LaunchSetup “C:\Program Files (x86)\InstallShield Installation Information{E69992ED-A7F6-406C-9280-1C156417BC49}\setup.exe” -l0x9 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}] : (Toshiba App Place.-.Toshiba) → MsiExec.exe /I{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) → MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) → C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\Curren tVersion\Uninstall{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}] : (TOSHIBA Media Controller Plug-in.-.TOSHIBA CORPORATION) → MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}
---------- | Installer
[HKCR\Installer\Products\080E7FFA4791FB54390101EDA1 F1E50D] : Adobe AIR
[HKCR\Installer\Products\1098C3F63DBED074788FCA12F0 E6E520] : TOSHIBA Web Camera Application → C:\windows\Installer{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\159AFF4C876915D4484BFA1DD5 C354DA] : TOSHIBA Hardware Setup → C:\Windows\Installer{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\18555481990E8AB4CBB63FB4F2 6006C0] : Google Toolbar for Internet Explorer
[HKCR\Installer\Products\1EDCB75C9BC7D7643BABE71199 61DC1C] : Toshiba Online Backup → C:\windows\Installer{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}\Icon.ico
[HKCR\Installer\Products\21C118429A4FF0D448497A8BEF 6421C3] : TOSHIBA ReelTime → C:\Windows\Installer{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4EA42A62D9304AC4784BF23812 0652FF] : Java™ 6 Update 25
[HKCR\Installer\Products\5104B339816461748A822598CF 3061F5] : VC80CRTRedist - 8.0.50727.6195
[HKCR\Installer\Products\52744B0D6663D294EB6F85A741 DBB99D] : MSVCRT_amd64
[HKCR\Installer\Products\545AF76F5E8D9024681BEA0E54 1D00F3] : TOSHIBA Face Recognition → C:\windows\Installer{F67FA545-D8E5-4209-86B1-AEE045D1003F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\5D6775DE4B957B64FA18F5D249 7D6C04] : Cisco PEAP Module
[HKCR\Installer\Products\6116D6C8427B0184F8D20D746E 7B6DE8] : Mesh Runtime
[HKCR\Installer\Products\68AB67CA7DA7FFFFB744AA0000 000010] : Adobe Reader X MUI → C:\Windows\Installer{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
[HKCR\Installer\Products\70DA7C156F3C5364E8A8323160 8D01EF] : Cisco LEAP Module
[HKCR\Installer\Products\75FDF62FE3848C249A9CEE1EDE 2B650E] : TOSHIBA Media Controller Plug-in → C:\Windows\Installer{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\777597D006D9296438682F3B2F 5B5EFB] : Label@Once 1.0 → C:\windows\Installer{0D795777-9D60-4692-8386-F2B3F2B5E5BF}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\7810FB462D3FB89499AE61A39F EAE69C] : Cisco EAP-FAST Module
[HKCR\Installer\Products\7A26941AD7B2E654FBDC5FE4A3 884DF1] : Toshiba Book Place → C:\Windows\Installer{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\7BCB10B53D5AF674FA115E51AB 025619] : TOSHIBA Wireless LAN Indicator → C:\windows\Installer{5B01BCB7-A5D3-476F-AF11-E515BA206591}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\7BD4C90EC03660F46A13E87A32 9932FA] : D3DX10
[HKCR\Installer\Products\7E0BA6F1DDC839B4A832AAE92B EFCF4E] : Junk Mail filter update
[HKCR\Installer\Products\8442234DFA6B61348B958D0A8E D4BC83] : TOSHIBA HDD/SSD Alert → C:\Windows\Installer{D4322448-B6AF-4316-B859-D8A0E84DCB38}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\87ABC3DEF884C8E43BF3E8B34F DD4B2D] : Toshiba App Place → C:\windows\Installer{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}\Icon
[HKCR\Installer\Products\8FFFC660FB2109346A37579FE5 FF81E8] : TOSHIBA Value Added Package → C:\windows\Installer{066CFFF8-12BF-4390-A673-75F95EFF188E}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\93BAD29AC2E44034A96BCB446E B8552E] : Google Update Helper
[HKCR\Installer\Products\9F0DCED98E3D0B843A09C10FF9 453E4A] : TOSHIBA PC Health Monitor → C:\windows\Installer{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\A089CE062ADB6BC44A720BA745 894BAC] : Google Update Helper
[HKCR\Installer\Products\A6C64DD86500CEF47BA082BB61 1A1FF1] : MSVCRT
[HKCR\Installer\Products\A940C8C1F541E6A428095B2C54 BE3ED9] : TOSHIBA Bulletin Board → C:\Windows\Installer{1C8C049A-145F-4A6E-8290-B5C245EBE39D}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\B8998B47B1B24144DAD5717E9E 5BFFA0] : Netwaiting → C:\windows\Installer{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}_6FEFF9B68218417F98F549.exe
[HKCR\Installer\Products\C186FCC1302C3B94384F5AF4F0 494461] : CleanWaterAction Reminder by We-Care.com v5.0.5.1 → C:\windows\Installer{1CCF681C-C203-49B3-83F4-A54F0F944416}\icon.ico
[HKCR\Installer\Products\D03D33E5698D29D40B33F55418 B99273] : Strongvault Online Backup → C:\windows\Installer{5E33D30D-D896-4D92-B033-5F45819B2937}\SOS_APP_ICON
[HKCR\Installer\Products\D32B6DBC5D1464A40891268015 C67921] : TOSHIBA Supervisor Password → C:\Windows\Installer{CBD6B23D-41D5-4A46-8019-6208516C9712}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\DAAE5ACC4F29A7B45BEE4192C4 66BA16] : PlayReady PC Runtime x86
[HKCR\Installer\Products\E5B49F2CA1024574F8F234591E 9DD03A] : TOSHIBA eco Utility → C:\windows\Installer{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F20E0AD5B079B424FB1415A305 814E0C] : TOSHIBA Disc Creator → C:\Windows\Installer{5DA0E02F-970B-424B-BF41-513A5018E4C0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F4339ACB9C6B56F4A937CAA523 A9D440] : PlayReady PC Runtime amd64
[HKCR\Installer\Products\F60730A4A66673047777F57284 67D401] : Java Auto Updater
---------- | ADS
@C:\ProgramData\Temp:373E1720
@C:\ProgramData\Temp1B5B4F1
---------- | Drives
Disk: 0 Size=477G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
0 0 27-UNKNWN 1.5G Yes No 2,048 3,072,000
1 1 07-NTFS 461G No No 3,074,048 943,235,072
2 2 17-NTFS 15G No Yes 946,309,120 30,464,000
---------- | MBR
Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Intel Corp.
BIOS Manufacturer: INSYDE
System Manufacturer: TOSHIBA
System Product Name: Satellite L755
Logical Drives Mask: 0x0001003c
Analysis of file “C:\QuickDiag\MBR.bin”:
Windows 2008 MBR code detected
64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin
---------- | 20 LastEventLog
[HEADING=1]A new media server was not initialized because RegisterRunningDevice() encountered error ‘0x80070005’. Restart your computer, and then restart the WMPNetworkSvc service.[/HEADING]
[HEADING=1]A new media server was not initialized because RegisterRunningDevice() encountered error ‘0x80070005’. Restart your computer, and then restart the WMPNetworkSvc service.[/HEADING]
[HEADING=1]A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.[/HEADING]
----------( EOF)---------- - 3179 | 16:54:28Comment
-
RogueKiller V12.10.5.0 (x64) [Apr 18 2017] (Free) by Adlice Software
mail : Support Form | Contact • Adlice Software
Feedback : https://forum.adlice.com
Website : Free Virus Cleaner | RogueKiller AntiMalware • Adlice Software
Blog : http://www.adlice.com
Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Mitch [Administrator]
Started from : E:\RogueKillerX64.exe
Mode : Delete – Date : 04/19/2017 16:55:39 (Duration : 00:14:17)
¤¤¤ Processes : 0 ¤¤¤
¤¤¤ Registry : 3 ¤¤¤
[PUP.Tific] (X86) HKEY_LOCAL_MACHINE\Software\Tific → Deleted
[PUP.Tific] (X64) HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Tific → Deleted
[PUP.Tific] (X86) HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Tific → Deleted
¤¤¤ Tasks : 0 ¤¤¤
¤¤¤ Files : 2 ¤¤¤
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Roaming\Tific → Deleted
[PUP.Tific][File] C:\Users\Mitch\AppData\Roaming\Tific\Environment.t fc → Deleted
[PUP.Tific][File] C:\Users\Mitch\AppData\Roaming\Tific\tificps.syman tec.com.tfc → Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\config\102\Config.swf → Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\config\102 → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\config → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\content\102\Resources_en_ US.swf → Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\content\102 → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\content → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\hsplayer.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\InstallHelper.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\Norton PC Checkup.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\OemStop.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\Resource.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd.CLT2010.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd.CLT2011.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\ccL100U.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\ccL90U.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\ccL80 U.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\msvcm 80.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\msvcp 80.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\msvcr 80.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\SymCl gX.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\symNP D.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\symNP DScan.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\SymXP ep2.dll → Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\libeay32.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\Microsoft.VC 90.CRT\msvcm90.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\Microsoft.VC 90.CRT\msvcp90.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\Microsoft.VC 90.CRT\msvcr90.dll → Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\Microsoft.VC 90.CRT → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\SymNSPDetect or.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\symNSPDetect or3PP.xml.enc → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\symNSPDetect orNSP.xml.enc → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\SymNSPScanne r.exe → Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\nss\OEMScanner.e xe → Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\nss → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ScheduleWinExe.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img\offerBt nOff.png → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img\offerBt nOn.png → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img\protect ionBackground.png → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img\virusBa ckground.png → Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\Main.swf → Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102 → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCUMigration.exe → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\TestWorker.dll → Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11\version.txt → Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine\2.0.13.11 → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup\Engine → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86)\Norton PC Checkup → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Progra m Files (x86) → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C → Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460 → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_ DLM_File_147a7bd24f394e20b9cc9e3b48cf4460.tfc → Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup → Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Cache\tificps.s ymantec.com\Log.txt → Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Cache\tificps.s ymantec.com → Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Cache → Deleted
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Client.log → Deleted
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Download_tificp s.symantec.com%3A80\ts-0-1291348.vbs → Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Download_tificp s.symantec.com%3A80 → Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Download → Deleted
¤¤¤ WMI : 0 ¤¤¤
¤¤¤ Hosts File : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤
¤¤¤ Web browsers : 0 ¤¤¤
¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK5075GSX +++++
— User —
[MBR] 7b85f7a495ff369c2a090ac6f4a0369b
[BSP] a8936ce11f18d4f178bb4c27e2c2e297 : HP MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 460564 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 946309120 | Size: 14875 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 … OK
User = LL2 … OK
+++++ PhysicalDrive1: SanDisk U3 Cruzer Micro USB Device +++++
— User —
[MBR] 98cd70d1f52828b5710868d7298bc84b
[BSP] 788470fe12ec57aabe933cfdd9c84885 : Legit.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 245 | Size: 1950 MB
User = LL1 … OK
Error reading LL2 MBR! ([32] The request is not supported. )Comment
-
17:15:22.0963 0x0f60 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
17:15:23.0057 0x0f60 ================================================== ==========
17:15:23.0057 0x0f60 Current date / time: 2017/04/19 17:15:23.0057
17:15:23.0057 0x0f60 SystemInfo:
17:15:23.0057 0x0f60
17:15:23.0057 0x0f60 OS Version: 6.1.7601 ServicePack: 1.0
17:15:23.0057 0x0f60 Product type: Workstation
17:15:23.0057 0x0f60 ComputerName: MITCH-PC
17:15:23.0057 0x0f60 UserName: Mitch
17:15:23.0057 0x0f60 Windows directory: C:\windows
17:15:23.0057 0x0f60 System windows directory: C:\windows
17:15:23.0057 0x0f60 Running under WOW64
17:15:23.0057 0x0f60 Processor architecture: Intel x64
17:15:23.0057 0x0f60 Number of processors: 4
17:15:23.0057 0x0f60 Page size: 0x1000
17:15:23.0057 0x0f60 Boot type: Normal boot
17:15:23.0057 0x0f60 CodeIntegrityOptions = 0x00000003
17:15:23.0057 0x0f60 ================================================== ==========
17:15:23.0057 0x0f60 KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 7601.17835, osProperties = 0x1
17:15:23.0057 0x0f60 KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 7601.17835, osProperties = 0x1
17:15:23.0057 0x0f60 BG loaded
17:15:23.0462 0x0f60 System UUID: {4AC945B0-CE72-7664-3072-5B55CC6AF9F4}
17:15:25.0470 0x0f60 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000040
17:15:25.0470 0x0f60 Drive \Device\Harddisk1\DR1 - Size: 0x7A0D1A00 ( 1.91 Gb ), SectorSize: 0x200, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘W’
17:15:25.0470 0x0f60 ================================================== ==========
17:15:25.0470 0x0f60 \Device\Harddisk0\DR0:
17:15:25.0470 0x0f60 MBR partitions:
17:15:25.0470 0x0f60 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3838A000
17:15:25.0470 0x0f60 \Device\Harddisk1\DR1:
17:15:25.0470 0x0f60 MBR partitions:
17:15:25.0470 0x0f60 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xF5, BlocksNum 0x3CF74B
17:15:25.0470 0x0f60 ================================================== ==========
17:15:25.0564 0x0f60 C: ↔ \Device\Harddisk0\DR0\Partition1
17:15:25.0564 0x0f60 ================================================== ==========
17:15:25.0564 0x0f60 Initialize success
17:15:25.0564 0x0f60 ================================================== ==========
17:15:34.0362 0x0e88 ================================================== ==========
17:15:34.0362 0x0e88 Scan started
17:15:34.0362 0x0e88 Mode: Manual; SigCheck; TDLFS;
17:15:34.0362 0x0e88 ================================================== ==========
17:15:34.0362 0x0e88 KSN ping started
17:15:34.0394 0x0e88 KSN ping finished: false
17:15:41.0258 0x0e88 ================ Scan system memory ========================
17:15:41.0258 0x0e88 System memory - ok
17:15:41.0258 0x0e88 ================ Scan services =============================
17:15:41.0554 0x0e88 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C 1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:15:42.0365 0x0e88 1394ohci - ok
17:15:42.0412 0x0e88 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E2 1C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:15:42.0521 0x0e88 ACPI - ok
17:15:42.0552 0x0e88 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC563 20E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:15:43.0161 0x0e88 AcpiPmi - ok
17:15:43.0442 0x0e88 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A9 0FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpda teService.exe
17:15:43.0457 0x0e88 AdobeFlashPlayerUpdateSvc - ok
17:15:43.0520 0x0e88 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4 ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:15:43.0566 0x0e88 adp94xx - ok
17:15:43.0613 0x0e88 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B 46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
17:15:43.0660 0x0e88 adpahci - ok
17:15:43.0691 0x0e88 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F4 3FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:15:43.0754 0x0e88 adpu320 - ok
17:15:43.0847 0x0e88 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B 253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:15:43.0910 0x0e88 AeLookupSvc - ok
17:15:43.0972 0x0e88 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268 FCC0B163B67767 ] AFD C:\windows\system32\drivers\afd.sys
17:15:44.0097 0x0e88 AFD - ok
17:15:44.0144 0x0e88 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491 602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
17:15:44.0175 0x0e88 agp440 - ok
17:15:44.0206 0x0e88 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1 F601725B889663 ] ALG C:\windows\System32\alg.exe
17:15:44.0253 0x0e88 ALG - ok
17:15:44.0300 0x0e88 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED 0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
17:15:44.0346 0x0e88 aliide - ok
17:15:44.0378 0x0e88 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1E A1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
17:15:44.0409 0x0e88 amdide - ok
17:15:44.0440 0x0e88 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F 492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:15:44.0518 0x0e88 AmdK8 - ok
17:15:44.0534 0x0e88 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D6 22624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:15:44.0596 0x0e88 AmdPPM - ok
17:15:44.0643 0x0e88 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF1 9F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:15:44.0690 0x0e88 amdsata - ok
17:15:44.0736 0x0e88 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A 2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:15:44.0783 0x0e88 amdsbs - ok
17:15:44.0814 0x0e88 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E0270 4800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
17:15:44.0846 0x0e88 amdxata - ok
17:15:44.0877 0x0e88 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644E D2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
17:15:45.0126 0x0e88 AppID - ok
17:15:45.0158 0x0e88 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF9922979 4FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:15:45.0220 0x0e88 AppIDSvc - ok
17:15:45.0282 0x0e88 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D915 45566E0722FFAA ] Appinfo C:\windows\System32\appinfo.dll
17:15:45.0345 0x0e88 Appinfo - ok
17:15:45.0407 0x0e88 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78A EED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
17:15:45.0454 0x0e88 arc - ok
17:15:45.0470 0x0e88 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4 A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
17:15:45.0516 0x0e88 arcsas - ok
17:15:45.0594 0x0e88 [ A629E4799D4CD6361D1B5D573EA5C2CD, 0D62557BA9C081A3304C898FAADD596ED33271D266291917E1 CCBA6A0D52F901 ] aswHwid C:\windows\system32\drivers\aswHwid.sys
17:15:45.0657 0x0e88 aswHwid - ok
17:15:45.0704 0x0e88 [ 97F952A9050CAD88681F5F0F46B8D5A5, 5B939B906868EB4EF9E54E9769B84AA87B57EEB3883F9FC450 67A354315C9A89 ] aswKbd C:\windows\system32\drivers\aswKbd.sys
17:15:45.0750 0x0e88 aswKbd - ok
17:15:45.0782 0x0e88 [ 9C6C17C495E960E52EDE5D038EE92AE1, C056799A124C7473E871D73E3661D58B2EA01EE6F3614AEDB2 39463D0FBB9841 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
17:15:45.0860 0x0e88 aswMonFlt - ok
17:15:45.0891 0x0e88 [ 8F492911129B1B32818BF894DC0C2C73, 1F6F2019EB3B3B20636F661A4692079FCAA521C626AF6A731D 5D493B415719A7 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
17:15:45.0938 0x0e88 aswRdr - ok
17:15:45.0953 0x0e88 [ 4ABDD84A67378E866BC15DDC9916BA71, 7F67252BE1B9979507F16C8B48D6B2D103B80C4B0765ED3E49 5DE48E5250EF63 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
17:15:45.0969 0x0e88 aswRvrt - ok
17:15:46.0047 0x0e88 [ 409CDD1400B404F655EEC1B5850FD3BE, 2D8A141B18BA155632CE110343AC7A8AB790FB76781C7E7571 57D9B195CCD5BA ] aswSnx C:\windows\system32\drivers\aswSnx.sys
17:15:46.0125 0x0e88 aswSnx - ok
17:15:46.0203 0x0e88 [ CDB1BE967AFF65D8395B6DF2EA8CBCCF, B72DEDDE020AC0FA4DC382B7B1C5427B8D63E83DB34BB747DC 5008AFB9698E57 ] aswSP C:\windows\system32\drivers\aswSP.sys
17:15:46.0265 0x0e88 aswSP - ok
17:15:46.0296 0x0e88 [ F6B5E463A0BB934C26FB319EDC726F65, 8B4E94181E7C2B479F7F675C221419B42C55C74F02A0DD8FFD 9643A5A19AB944 ] aswStm C:\windows\system32\drivers\aswStm.sys
17:15:46.0312 0x0e88 aswStm - ok
17:15:46.0343 0x0e88 [ FE0EE5CA72BC0D41DCAAFCA70B78274B, 1D81CAF4EBAB4A9FE542F9C27D67617530295B889E3E2B2C72 C669BA55078364 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
17:15:46.0406 0x0e88 aswVmm - ok
17:15:46.0452 0x0e88 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D3 68E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:15:46.0530 0x0e88 AsyncMac - ok
17:15:46.0577 0x0e88 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB 4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
17:15:46.0608 0x0e88 atapi - ok
17:15:46.0702 0x0e88 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235 313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:15:46.0749 0x0e88 AudioEndpointBuilder - ok
17:15:46.0780 0x0e88 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235 313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:15:46.0811 0x0e88 AudioSrv - ok
17:15:46.0920 0x0e88 [ 8EF7C84BB20329D6DCAC09CF6B19345A, 98F2F312F273C52653DC72F8A69ACBD79F588FF1B53CC7DFA8 5C26B6F7EF620B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:15:46.0936 0x0e88 avast! Antivirus - ok
17:15:46.0983 0x0e88 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49 E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
17:15:47.0076 0x0e88 AxInstSV - ok
17:15:47.0123 0x0e88 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864 D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:15:47.0186 0x0e88 b06bdrv - ok
17:15:47.0232 0x0e88 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D 331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:15:47.0310 0x0e88 b57nd60a - ok
17:15:47.0357 0x0e88 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F 2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
17:15:47.0404 0x0e88 BDESVC - ok
17:15:47.0435 0x0e88 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F 4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
17:15:47.0513 0x0e88 Beep - ok
17:15:47.0576 0x0e88 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A 7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
17:15:47.0654 0x0e88 BFE - ok
17:15:47.0700 0x0e88 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CD DAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
17:15:47.0778 0x0e88 BITS - ok
17:15:47.0810 0x0e88 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F1 98A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:15:48.0168 0x0e88 blbdrive - ok
17:15:48.0200 0x0e88 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107 C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:15:48.0293 0x0e88 bowser - ok
17:15:48.0324 0x0e88 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17 383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:15:48.0371 0x0e88 BrFiltLo - ok
17:15:48.0387 0x0e88 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888 054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:15:48.0449 0x0e88 BrFiltUp - ok
17:15:48.0496 0x0e88 [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E 8A9DE0757EADAE ] Browser C:\windows\System32\browser.dll
17:15:48.0558 0x0e88 Browser - ok
17:15:48.0590 0x0e88 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF6 1BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:15:48.0668 0x0e88 Brserid - ok
17:15:48.0699 0x0e88 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396F B6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:15:48.0761 0x0e88 BrSerWdm - ok
17:15:48.0792 0x0e88 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46A F7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:15:48.0839 0x0e88 BrUsbMdm - ok
17:15:48.0855 0x0e88 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19 507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:15:48.0917 0x0e88 BrUsbSer - ok
17:15:48.0948 0x0e88 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C 7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:15:49.0011 0x0e88 BTHMODEM - ok
17:15:49.0073 0x0e88 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF1 4F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
17:15:49.0120 0x0e88 bthserv - ok
17:15:49.0167 0x0e88 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160 D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:15:49.0229 0x0e88 cdfs - ok
17:15:49.0260 0x0e88 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B 9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:15:49.0307 0x0e88 cdrom - ok
17:15:49.0354 0x0e88 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7E AEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
17:15:49.0416 0x0e88 CertPropSvc - ok
17:15:49.0463 0x0e88 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B 96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
17:15:49.0526 0x0e88 circlass - ok
17:15:49.0572 0x0e88 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5 C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
17:15:49.0635 0x0e88 CLFS - ok
17:15:49.0697 0x0e88 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85 D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
17:15:49.0713 0x0e88 clr_optimization_v2.0.50727_32 - ok
17:15:49.0760 0x0e88 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A 92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\ms corsvw.exe
17:15:49.0775 0x0e88 clr_optimization_v2.0.50727_64 - ok
17:15:49.0916 0x0e88 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA 522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\msco rsvw.exe
17:15:49.0962 0x0e88 clr_optimization_v4.0.30319_32 - ok
17:15:50.0040 0x0e88 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9E CE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\ms corsvw.exe
17:15:50.0056 0x0e88 clr_optimization_v4.0.30319_64 - ok
17:15:50.0072 0x0e88 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D76 8DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:15:50.0118 0x0e88 CmBatt - ok
17:15:50.0150 0x0e88 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52 592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
17:15:50.0196 0x0e88 cmdide - ok
17:15:50.0259 0x0e88 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292A B2485734402E3B ] CNG C:\windows\system32\Drivers\cng.sys
17:15:50.0321 0x0e88 CNG - ok
17:15:50.0430 0x0e88 [ 20506F12AFAD3DB588D007EA9325FBBC, 275ECBD0F668782ACE055AD5CA600A6885CFCDD4943BC52A2E A8339AF71EABAE ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
17:15:50.0524 0x0e88 CnxtHdAudService - ok
17:15:50.0571 0x0e88 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8 FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:15:50.0633 0x0e88 Compbatt - ok
17:15:50.0664 0x0e88 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E51250 5FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:15:50.0711 0x0e88 CompositeBus - ok
17:15:50.0727 0x0e88 COMSysApp - ok
17:15:50.0774 0x0e88 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69E C38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:15:50.0836 0x0e88 crcdisk - ok
17:15:50.0867 0x0e88 [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37 D5958F28CB376E ] CryptSvc C:\windows\system32\cryptsvc.dll
17:15:50.0930 0x0e88 CryptSvc - ok
17:15:51.0086 0x0e88 [ 72794D112CBAFF3BC0C29BF7350D4741, 060C207F27306A3464FBCD8B08BDC97E34923ECA349933ECB0 59848BD08F41ED ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:15:51.0117 0x0e88 cvhsvc - ok
17:15:51.0179 0x0e88 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C 4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
17:15:51.0273 0x0e88 DcomLaunch - ok
17:15:51.0320 0x0e88 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC3 9D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
17:15:51.0382 0x0e88 defragsvc - ok
17:15:51.0429 0x0e88 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751 FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:15:51.0507 0x0e88 DfsC - ok
17:15:51.0554 0x0e88 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D 52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
17:15:51.0616 0x0e88 Dhcp - ok
17:15:51.0647 0x0e88 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089A EC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
17:15:51.0725 0x0e88 discache - ok
17:15:51.0772 0x0e88 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA9 1275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
17:15:51.0819 0x0e88 Disk - ok
17:15:51.0866 0x0e88 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB34731 2D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:15:51.0897 0x0e88 Dnscache - ok
17:15:51.0944 0x0e88 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B1271639765 7C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
17:15:51.0990 0x0e88 dot3svc - ok
17:15:52.0037 0x0e88 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69 407B26402311C7 ] DPS C:\windows\system32\dps.dll
17:15:52.0100 0x0e88 DPS - ok
17:15:52.0131 0x0e88 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45B FC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:15:52.0178 0x0e88 drmkaud - ok
17:15:52.0224 0x0e88 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CA C52DEE405B08FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:15:52.0318 0x0e88 DXGKrnl - ok
17:15:52.0349 0x0e88 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5B F91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
17:15:52.0396 0x0e88 EapHost - ok
17:15:52.0973 0x0e88 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24 FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
17:15:53.0145 0x0e88 ebdrv - ok
17:15:53.0192 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF 8B1207F81B284D ] EFS C:\windows\System32\lsass.exe
17:15:53.0238 0x0e88 EFS - ok
17:15:53.0348 0x0e88 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE164647181 1F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:15:53.0394 0x0e88 ehRecvr - ok
17:15:53.0441 0x0e88 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45 C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
17:15:53.0457 0x0e88 ehSched - ok
17:15:53.0519 0x0e88 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18 FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:15:53.0550 0x0e88 elxstor - ok
17:15:53.0550 0x0e88 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D 77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
17:15:53.0613 0x0e88 ErrDev - ok
17:15:53.0675 0x0e88 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5 C7460E87317881 ] EventSystem C:\windows\system32\es.dll
17:15:53.0722 0x0e88 EventSystem - ok
17:15:53.0753 0x0e88 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA 1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
17:15:53.0816 0x0e88 exfat - ok
17:15:53.0862 0x0e88 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0 CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
17:15:53.0956 0x0e88 fastfat - ok
17:15:54.0018 0x0e88 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3 DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
17:15:54.0065 0x0e88 Fax - ok
17:15:54.0081 0x0e88 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8B D433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
17:15:54.0128 0x0e88 fdc - ok
17:15:54.0174 0x0e88 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162 AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
17:15:54.0221 0x0e88 fdPHost - ok
17:15:54.0252 0x0e88 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A3398 3E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
17:15:54.0299 0x0e88 FDResPub - ok
17:15:54.0346 0x0e88 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0 124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:15:54.0393 0x0e88 FileInfo - ok
17:15:54.0408 0x0e88 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E 12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:15:54.0471 0x0e88 Filetrace - ok
17:15:54.0502 0x0e88 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2 F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:15:54.0549 0x0e88 flpydisk - ok
17:15:54.0611 0x0e88 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C7 98099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:15:54.0642 0x0e88 FltMgr - ok
17:15:54.0736 0x0e88 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD2 7830806FA300B3 ] FontCache C:\windows\system32\FntCache.dll
17:15:54.0798 0x0e88 FontCache - ok
17:15:54.0861 0x0e88 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF6954 9009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\Pres entationFontCache.exe
17:15:54.0876 0x0e88 FontCache3.0.0.0 - ok
17:15:54.0892 0x0e88 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85E F6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:15:54.0923 0x0e88 FsDepends - ok
17:15:54.0954 0x0e88 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35 880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:15:54.0970 0x0e88 Fs_Rec - ok
17:15:55.0017 0x0e88 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79A BB032F3F95DCE5 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:15:55.0048 0x0e88 fvevol - ok
17:15:55.0079 0x0e88 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE430 0C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:15:55.0095 0x0e88 gagp30kx - ok
17:15:55.0157 0x0e88 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDB ADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:15:55.0173 0x0e88 GamesAppService - ok
17:15:55.0220 0x0e88 Giraffic - ok
17:15:55.0298 0x0e88 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC9 63E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
17:15:55.0329 0x0e88 gpsvc - ok
17:15:55.0407 0x0e88 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3 418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:15:55.0407 0x0e88 gupdate - ok
17:15:55.0422 0x0e88 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3 418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:15:55.0438 0x0e88 gupdatem - ok
17:15:55.0516 0x0e88 [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F4 1D0B49A26003E4 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:15:55.0532 0x0e88 gusvc - ok
17:15:55.0547 0x0e88 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F 88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:15:55.0610 0x0e88 hcw85cir - ok
17:15:55.0672 0x0e88 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A7703 03C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:15:55.0766 0x0e88 HdAudAddService - ok
17:15:55.0781 0x0e88 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278 479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:15:55.0890 0x0e88 HDAudBus - ok
17:15:55.0906 0x0e88 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF 7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:15:55.0968 0x0e88 HidBatt - ok
17:15:56.0000 0x0e88 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B55 4D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:15:56.0046 0x0e88 HidBth - ok
17:15:56.0078 0x0e88 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777 AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
17:15:56.0124 0x0e88 HidIr - ok
17:15:56.0171 0x0e88 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A78 91B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
17:15:56.0218 0x0e88 hidserv - ok
17:15:56.0265 0x0e88 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0 F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
17:15:56.0296 0x0e88 HidUsb - ok
17:15:56.0343 0x0e88 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC 5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
17:15:56.0405 0x0e88 hkmsvc - ok
17:15:56.0421 0x0e88 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F1 4B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:15:56.0468 0x0e88 HomeGroupListener - ok
17:15:56.0499 0x0e88 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62 031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:15:56.0546 0x0e88 HomeGroupProvider - ok
17:15:56.0577 0x0e88 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8A A3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:15:56.0608 0x0e88 HpSAMD - ok
17:15:56.0670 0x0e88 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F7309 54F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:15:56.0748 0x0e88 HTTP - ok
17:15:56.0795 0x0e88 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3 B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:15:56.0842 0x0e88 hwpolicy - ok
17:15:56.0873 0x0e88 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E549 78154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:15:56.0904 0x0e88 i8042prt - ok
17:15:56.0967 0x0e88 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829 F9B675ACF63E89 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:15:56.0998 0x0e88 iaStor - ok
17:15:57.0045 0x0e88 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956 062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:15:57.0092 0x0e88 iaStorV - ok
17:15:57.0185 0x0e88 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D3 05F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:15:57.0201 0x0e88 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:15:57.0248 0x0e88 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:15:57.0466 0x0e88 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209 AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:15:57.0528 0x0e88 idsvc - ok
17:15:58.0199 0x0e88 [ 370C2A8629B30F910F740387795DDC6F, 7D2D69F0BC12E86236014003EEA7479BD0FDE9A469459B6550 DC3AED07A02030 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:15:58.0542 0x0e88 igfx - ok
17:15:58.0636 0x0e88 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3 D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:15:58.0667 0x0e88 iirsp - ok
17:15:58.0776 0x0e88 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE 6D23797A36B406 ] IKEEXT C:\windows\System32\ikeext.dll
17:15:58.0823 0x0e88 IKEEXT - ok
17:15:58.0886 0x0e88 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2 EC7B3CFF389800 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
17:15:58.0932 0x0e88 IntcDAud - ok
17:15:58.0964 0x0e88 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECC A64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
17:15:58.0995 0x0e88 intelide - ok
17:15:59.0042 0x0e88 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B 579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:15:59.0104 0x0e88 intelppm - ok
17:15:59.0182 0x0e88 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E 3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:15:59.0229 0x0e88 IPBusEnum - ok
17:15:59.0291 0x0e88 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A8 9C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:15:59.0354 0x0e88 IpFilterDriver - ok
17:15:59.0447 0x0e88 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A2 3C4978F2974767 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:15:59.0510 0x0e88 iphlpsvc - ok
17:15:59.0525 0x0e88 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0 D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:15:59.0634 0x0e88 IPMIDRV - ok
17:15:59.0681 0x0e88 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0 BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:15:59.0775 0x0e88 IPNAT - ok
17:15:59.0868 0x0e88 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C030 89EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
17:15:59.0915 0x0e88 IRENUM - ok
17:15:59.0962 0x0e88 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF1 1AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:16:00.0009 0x0e88 isapnp - ok
17:16:00.0056 0x0e88 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D09950 8E38D409913ED3 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:16:00.0102 0x0e88 iScsiPrt - ok
17:16:00.0149 0x0e88 [ CD91D1BD200D9F39682A08E987F0DBE2, 45396B0DD37C7FAAE23F985D5F26C25E944EDA1B9A4248B5CB 16A4C4831E713B ] JLTECH0227 C:\windows\system32\Drivers\jl2005c.sys
17:16:00.0243 0x0e88 JLTECH0227 - ok
17:16:00.0290 0x0e88 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29 A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:16:00.0321 0x0e88 kbdclass - ok
17:16:00.0352 0x0e88 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9 D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:16:00.0399 0x0e88 kbdhid - ok
17:16:00.0446 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF 8B1207F81B284D ] KeyIso C:\windows\system32\lsass.exe
17:16:00.0461 0x0e88 KeyIso - ok
17:16:00.0508 0x0e88 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E332024 8B47652AEF23C8 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:16:00.0555 0x0e88 KSecDD - ok
17:16:00.0570 0x0e88 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF4773288 2E9B2BA1ED154B ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:16:00.0633 0x0e88 KSecPkg - ok
17:16:00.0711 0x0e88 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C 3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:16:00.0789 0x0e88 ksthunk - ok
17:16:00.0851 0x0e88 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737 B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
17:16:00.0929 0x0e88 KtmRm - ok
17:16:00.0992 0x0e88 [ EBED8B3FF4A823C1A6EEBEED7B29353F, 0942200EEDEDA1FF4E634CDC5182D8EDC9BC9F66E89A5DAB8D F82C3FBB2F0D59 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
17:16:01.0070 0x0e88 L1C - ok
17:16:01.0101 0x0e88 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD540 4133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
17:16:01.0148 0x0e88 LanmanServer - ok
17:16:01.0194 0x0e88 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A24 4DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:16:01.0257 0x0e88 LanmanWorkstation - ok
17:16:01.0350 0x0e88 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0 BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:16:01.0506 0x0e88 lltdio - ok
17:16:01.0553 0x0e88 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410 C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
17:16:01.0616 0x0e88 lltdsvc - ok
17:16:01.0678 0x0e88 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF986 5DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
17:16:01.0709 0x0e88 lmhosts - ok
17:16:01.0928 0x0e88 [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45 D5DDE78E9D78E2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:16:01.0943 0x0e88 LMS - ok
17:16:01.0974 0x0e88 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9 DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:16:02.0021 0x0e88 LSI_FC - ok
17:16:02.0052 0x0e88 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993 554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:16:02.0115 0x0e88 LSI_SAS - ok
17:16:02.0130 0x0e88 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDA A525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:16:02.0146 0x0e88 LSI_SAS2 - ok
17:16:02.0193 0x0e88 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C 8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:16:02.0240 0x0e88 LSI_SCSI - ok
17:16:02.0271 0x0e88 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F3 05486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
17:16:02.0364 0x0e88 luafv - ok
17:16:02.0427 0x0e88 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D53820471 4E6D5B00D92CEB ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:16:02.0474 0x0e88 MBAMProtector - ok
17:16:02.0567 0x0e88 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F60 6A16768A11DB0C ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
17:16:02.0598 0x0e88 MBAMService - ok
17:16:02.0630 0x0e88 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA621 5CE15F2C824C43 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
17:16:02.0708 0x0e88 MBAMWebAccessControl - ok
17:16:02.0739 0x0e88 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94 509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:16:02.0754 0x0e88 Mcx2Svc - ok
17:16:02.0786 0x0e88 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1 767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
17:16:02.0848 0x0e88 megasas - ok
17:16:02.0910 0x0e88 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68 F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:16:02.0942 0x0e88 MegaSR - ok
17:16:03.0020 0x0e88 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17 324474FC96B9BC ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:16:03.0051 0x0e88 MEIx64 - ok
17:16:03.0113 0x0e88 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B17200 2B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
17:16:03.0176 0x0e88 MMCSS - ok
17:16:03.0207 0x0e88 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8 D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
17:16:03.0300 0x0e88 Modem - ok
17:16:03.0332 0x0e88 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C298859 44A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:16:03.0425 0x0e88 monitor - ok
17:16:03.0472 0x0e88 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E 8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:16:03.0566 0x0e88 mouclass - ok
17:16:03.0612 0x0e88 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F 6A47A2B97FC183 ] mouhid C:\windows\system32\drivers\mouhid.sys
17:16:03.0784 0x0e88 mouhid - ok
17:16:03.0815 0x0e88 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7B FBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:16:03.0862 0x0e88 mountmgr - ok
17:16:03.0893 0x0e88 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124 E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
17:16:03.0909 0x0e88 mpio - ok
17:16:03.0924 0x0e88 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897F B684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:16:04.0096 0x0e88 mpsdrv - ok
17:16:04.0205 0x0e88 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435 CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
17:16:04.0268 0x0e88 MpsSvc - ok
17:16:04.0299 0x0e88 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0 CEBA86F1BB6D9A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:16:04.0346 0x0e88 MRxDAV - ok
17:16:04.0392 0x0e88 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE350207853 87F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:16:04.0502 0x0e88 mrxsmb - ok
17:16:04.0564 0x0e88 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD5 90580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:16:04.0658 0x0e88 mrxsmb10 - ok
17:16:04.0689 0x0e88 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B772 0888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:16:04.0798 0x0e88 mrxsmb20 - ok
17:16:04.0845 0x0e88 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A 99020EAE7B10F8 ] msahci C:\windows\system32\DRIVERS\msahci.sys
17:16:04.0860 0x0e88 msahci - ok
17:16:04.0892 0x0e88 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE 14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:16:04.0954 0x0e88 msdsm - ok
17:16:04.0970 0x0e88 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C0 1F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
17:16:05.0016 0x0e88 MSDTC - ok
17:16:05.0048 0x0e88 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA25 0A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:16:05.0110 0x0e88 Msfs - ok
17:16:05.0126 0x0e88 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FC B88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:16:05.0219 0x0e88 mshidkmdf - ok
17:16:05.0235 0x0e88 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88 311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:16:05.0266 0x0e88 msisadrv - ok
17:16:05.0328 0x0e88 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A 0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:16:05.0375 0x0e88 MSiSCSI - ok
17:16:05.0375 0x0e88 msiserver - ok
17:16:05.0422 0x0e88 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684 FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:16:05.0484 0x0e88 MSKSSRV - ok
17:16:05.0516 0x0e88 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B 15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:16:05.0562 0x0e88 MSPCLOCK - ok
17:16:05.0640 0x0e88 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E86338 8F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:16:05.0734 0x0e88 MSPQM - ok
17:16:05.0765 0x0e88 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099 C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:16:05.0796 0x0e88 MsRPC - ok
17:16:05.0843 0x0e88 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E 9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:16:05.0890 0x0e88 mssmbios - ok
17:16:05.0921 0x0e88 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64 F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:16:05.0984 0x0e88 MSTEE - ok
17:16:05.0999 0x0e88 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977 AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:16:06.0046 0x0e88 MTConfig - ok
17:16:06.0062 0x0e88 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0 B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
17:16:06.0108 0x0e88 Mup - ok
17:16:06.0171 0x0e88 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C820843 6469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
17:16:06.0233 0x0e88 napagent - ok
17:16:06.0296 0x0e88 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AE B7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:16:06.0374 0x0e88 NativeWifiP - ok
17:16:06.0452 0x0e88 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB 55FD3EB992FF2D ] NDIS C:\windows\system32\drivers\ndis.sys
17:16:06.0514 0x0e88 NDIS - ok
17:16:06.0561 0x0e88 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4 ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:16:06.0639 0x0e88 NdisCap - ok
17:16:06.0654 0x0e88 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B24 2FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:16:06.0686 0x0e88 NdisTapi - ok
17:16:06.0717 0x0e88 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD30 94F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:16:06.0795 0x0e88 Ndisuio - ok
17:16:06.0810 0x0e88 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E 252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:16:06.0873 0x0e88 NdisWan - ok
17:16:06.0904 0x0e88 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6 E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:16:06.0967 0x0e88 NDProxy - ok
17:16:06.0982 0x0e88 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243A B46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:16:07.0060 0x0e88 NetBIOS - ok
17:16:07.0091 0x0e88 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D1 2158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:16:07.0138 0x0e88 NetBT - ok
17:16:07.0154 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF 8B1207F81B284D ] Netlogon C:\windows\system32\lsass.exe
17:16:07.0169 0x0e88 Netlogon - ok
17:16:07.0216 0x0e88 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F5 3DD32A827CB936 ] Netman C:\windows\System32\netman.dll
17:16:07.0279 0x0e88 Netman - ok
17:16:07.0310 0x0e88 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D1 69C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
17:16:07.0372 0x0e88 netprofm - ok
17:16:07.0435 0x0e88 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF6 2333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:16:07.0435 0x0e88 NetTcpPortSharing - ok
17:16:07.0481 0x0e88 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AA F3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:16:07.0497 0x0e88 nfrd960 - ok
17:16:07.0528 0x0e88 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6D C1790ADF1F2AA8 ] NlaSvc C:\windows\System32\nlasvc.dll
17:16:07.0591 0x0e88 NlaSvc - ok
17:16:07.0606 0x0e88 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17A C04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
17:16:07.0637 0x0e88 Npfs - ok
17:16:07.0684 0x0e88 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F5 07518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
17:16:07.0731 0x0e88 nsi - ok
17:16:07.0762 0x0e88 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7 F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:16:07.0825 0x0e88 nsiproxy - ok
17:16:07.0949 0x0e88 [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF2 5E2A5E58B2DAF3 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:16:08.0074 0x0e88 Ntfs - ok
17:16:08.0137 0x0e88 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9 AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
17:16:08.0199 0x0e88 Null - ok
17:16:08.0230 0x0e88 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B6 80AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:16:08.0277 0x0e88 nvraid - ok
17:16:08.0308 0x0e88 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB507 0D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:16:08.0355 0x0e88 nvstor - ok
17:16:08.0386 0x0e88 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E 0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:16:08.0433 0x0e88 nv_agp - ok
17:16:08.0464 0x0e88 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B 3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:16:08.0511 0x0e88 ohci1394 - ok
17:16:08.0589 0x0e88 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A372 1FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:16:08.0605 0x0e88 ose - ok
17:16:09.0634 0x0e88 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA6 09268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EX E
17:16:09.0884 0x0e88 osppsvc - ok
17:16:09.0993 0x0e88 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6 EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:16:10.0040 0x0e88 p2pimsvc - ok
17:16:10.0087 0x0e88 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675 549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
17:16:10.0102 0x0e88 p2psvc - ok
17:16:10.0133 0x0e88 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A 989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
17:16:10.0149 0x0e88 Parport - ok
17:16:10.0196 0x0e88 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D 9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
17:16:10.0211 0x0e88 partmgr - ok
17:16:10.0227 0x0e88 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F9 3925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
17:16:10.0274 0x0e88 PcaSvc - ok
17:16:10.0305 0x0e88 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA 27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
17:16:10.0352 0x0e88 pci - ok
17:16:10.0383 0x0e88 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DE A0C01A6B863480 ] pciide C:\windows\system32\DRIVERS\pciide.sys
17:16:10.0414 0x0e88 pciide - ok
17:16:10.0445 0x0e88 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C 4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:16:10.0492 0x0e88 pcmcia - ok
17:16:10.0523 0x0e88 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3 CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
17:16:10.0570 0x0e88 pcw - ok
17:16:10.0633 0x0e88 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A 76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:16:10.0726 0x0e88 PEAUTH - ok
17:16:10.0804 0x0e88 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A 12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
17:16:10.0835 0x0e88 PerfHost - ok
17:16:10.0882 0x0e88 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE1 3F0F5137E1E7F7 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
17:16:10.0929 0x0e88 PGEffect - ok
17:16:11.0007 0x0e88 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE42250 9C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
17:16:11.0101 0x0e88 pla - ok
17:16:11.0163 0x0e88 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75F BCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:16:11.0194 0x0e88 PlugPlay - ok
17:16:11.0241 0x0e88 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D919 5F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:16:11.0272 0x0e88 PNRPAutoReg - ok
17:16:11.0303 0x0e88 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6 EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:16:11.0319 0x0e88 PNRPsvc - ok
17:16:11.0366 0x0e88 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D65 4D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:16:11.0428 0x0e88 PolicyAgent - ok
17:16:11.0459 0x0e88 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D 90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
17:16:11.0522 0x0e88 Power - ok
17:16:11.0569 0x0e88 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A8 24DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:16:11.0631 0x0e88 PptpMiniport - ok
17:16:11.0662 0x0e88 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C5 21F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
17:16:11.0709 0x0e88 Processor - ok
17:16:11.0756 0x0e88 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF24783440 0F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
17:16:11.0803 0x0e88 ProfSvc - ok
17:16:11.0818 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF 8B1207F81B284D ] ProtectedStorage C:\windows\system32\lsass.exe
17:16:11.0834 0x0e88 ProtectedStorage - ok
17:16:11.0865 0x0e88 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B867 6C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:16:11.0927 0x0e88 Psched - ok
17:16:11.0974 0x0e88 [ C8FCB4899F8B70CC34E0D9876A80963C, E4CFC69C3EE1BC5C0FFF96CE034EAD8DD9727DA165A790CB57 979AA0A6CEE350 ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
17:16:12.0037 0x0e88 QIOMem - ok
17:16:12.0130 0x0e88 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA7 6D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:16:12.0208 0x0e88 ql2300 - ok
17:16:12.0255 0x0e88 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B529 6F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:16:12.0302 0x0e88 ql40xx - ok
17:16:12.0349 0x0e88 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C 5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
17:16:12.0364 0x0e88 QWAVE - ok
17:16:12.0380 0x0e88 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F 574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:16:12.0442 0x0e88 QWAVEdrv - ok
17:16:12.0473 0x0e88 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8 C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:16:12.0567 0x0e88 RasAcd - ok
17:16:12.0598 0x0e88 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA 384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:16:12.0661 0x0e88 RasAgileVpn - ok
17:16:12.0692 0x0e88 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3B C0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
17:16:12.0754 0x0e88 RasAuto - ok
17:16:12.0801 0x0e88 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177 593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:16:12.0879 0x0e88 Rasl2tp - ok
17:16:12.0973 0x0e88 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC 15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
17:16:13.0004 0x0e88 RasMan - ok
17:16:13.0035 0x0e88 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B5 8CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:16:13.0113 0x0e88 RasPppoe - ok
17:16:13.0144 0x0e88 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E6 45D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:16:13.0207 0x0e88 RasSstp - ok
17:16:13.0238 0x0e88 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD3 6CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:16:13.0316 0x0e88 rdbss - ok
17:16:13.0347 0x0e88 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B 8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:16:13.0378 0x0e88 rdpbus - ok
17:16:13.0425 0x0e88 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B67 55C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:16:13.0472 0x0e88 RDPCDD - ok
17:16:13.0503 0x0e88 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F13 9E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:16:13.0550 0x0e88 RDPENCDD - ok
17:16:13.0581 0x0e88 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E1 0A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:16:13.0612 0x0e88 RDPREFMP - ok
17:16:13.0628 0x0e88 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF9 27436DE90C04A6 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:16:13.0675 0x0e88 RDPWD - ok
17:16:13.0721 0x0e88 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E 3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:16:13.0753 0x0e88 rdyboost - ok
17:16:13.0784 0x0e88 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656 EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
17:16:13.0846 0x0e88 RemoteAccess - ok
17:16:13.0909 0x0e88 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF1 0F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:16:13.0940 0x0e88 RemoteRegistry - ok
17:16:13.0987 0x0e88 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D858 4349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:16:14.0033 0x0e88 RpcEptMapper - ok
17:16:14.0065 0x0e88 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F 95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
17:16:14.0080 0x0e88 RpcLocator - ok
17:16:14.0127 0x0e88 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C 4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
17:16:14.0158 0x0e88 RpcSs - ok
17:16:14.0189 0x0e88 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908C CA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:16:14.0252 0x0e88 rspndr - ok
17:16:14.0314 0x0e88 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4 767AFA4BCE85BB ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:16:14.0330 0x0e88 RSUSBSTOR - ok
17:16:14.0361 0x0e88 [ E5DC911D0FEB72CAFF2BBDD6E7C3672F, E50825E0413049898A81DDF2AFE24BC92E48A0E9AA7653776F 0F6EEE7D82E5D6 ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
17:16:14.0392 0x0e88 RSUSBVSTOR - ok
17:16:14.0486 0x0e88 [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB 9C038A34593B95 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
17:16:14.0533 0x0e88 RTL8192Ce - ok
17:16:14.0595 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF 8B1207F81B284D ] SamSs C:\windows\system32\lsass.exe
17:16:14.0595 0x0e88 SamSs - ok
17:16:14.0689 0x0e88 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F52 69E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:16:14.0735 0x0e88 sbp2port - ok
17:16:14.0782 0x0e88 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E 865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
17:16:14.0813 0x0e88 SCardSvr - ok
17:16:14.0829 0x0e88 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE9 4BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:16:14.0891 0x0e88 scfilter - ok
17:16:14.0954 0x0e88 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063 AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
17:16:15.0016 0x0e88 Schedule - ok
17:16:15.0063 0x0e88 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7E AEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
17:16:15.0094 0x0e88 SCPolicySvc - ok
17:16:15.0125 0x0e88 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D 51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:16:15.0172 0x0e88 SDRSVC - ok
17:16:15.0219 0x0e88 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4 E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
17:16:15.0266 0x0e88 secdrv - ok
17:16:15.0297 0x0e88 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C70608 29E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
17:16:15.0328 0x0e88 seclogon - ok
17:16:15.0344 0x0e88 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6 E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
17:16:15.0391 0x0e88 SENS - ok
17:16:15.0422 0x0e88 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D6 5E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
17:16:15.0453 0x0e88 SensrSvc - ok
17:16:15.0484 0x0e88 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360 EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
17:16:15.0547 0x0e88 Serenum - ok
17:16:15.0593 0x0e88 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E3 1DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
17:16:15.0625 0x0e88 Serial - ok
17:16:15.0671 0x0e88 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42E BBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
17:16:15.0718 0x0e88 sermouse - ok
17:16:15.0765 0x0e88 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030 147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
17:16:15.0843 0x0e88 SessionEnv - ok
17:16:15.0859 0x0e88 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132 A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:16:15.0905 0x0e88 sffdisk - ok
17:16:15.0921 0x0e88 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148 E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:16:15.0968 0x0e88 sffp_mmc - ok
17:16:15.0983 0x0e88 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008A DA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:16:16.0046 0x0e88 sffp_sd - ok
17:16:16.0093 0x0e88 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A 24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:16:16.0139 0x0e88 sfloppy - ok
17:16:16.0202 0x0e88 [ C6CC9297BD53E5229653303E556AA539, 921E21EDED244FEE15B56564B97C97785F45AB862C1012BFA0 B96B121DC90076 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:16:16.0264 0x0e88 Sftfs - ok
17:16:16.0373 0x0e88 [ 13693B6354DD6E72DC5131DA7D764B90, 447EFDA7CFB1F62EA316219D996406C8DC374097DB903F362D 6E945227D8BB2D ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:16:16.0389 0x0e88 sftlist - ok
17:16:16.0436 0x0e88 [ 390AA7BC52CEE43F6790CDEA1E776703, 0D008289E4B14EF56D5233B7C8C789A36503FBAA8896660776 557D6F08808FA7 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:16:16.0483 0x0e88 Sftplay - ok
17:16:16.0514 0x0e88 [ 617E29A0B0A2807466560D4C4E338D3E, 5E95D38DB9A6776EB4A15A952FA7949831D6F660EED8C3E79B D09D102BAC5D67 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:16:16.0545 0x0e88 Sftredir - ok
17:16:16.0576 0x0e88 [ 8F571F016FA1976F445147E9E6C8AE9B, 527AB960F2E08F598D1B953BDA4EA749831DD3C765DA278044 B8AB22365F02B5 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:16:16.0607 0x0e88 Sftvol - ok
17:16:16.0639 0x0e88 [ C3CDDD18F43D44AB713CF8C4916F7696, 38093295825AFDD08D7E32CC4EF2A6C447F6D6E3C6F7EA5554 C25E7C3F16FC92 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:16:16.0654 0x0e88 sftvsa - ok
17:16:16.0685 0x0e88 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE 24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
17:16:16.0732 0x0e88 SharedAccess - ok
17:16:16.0763 0x0e88 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE511 57E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:16:16.0826 0x0e88 ShellHWDetection - ok
17:16:16.0857 0x0e88 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE5 69DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:16:16.0873 0x0e88 SiSRaid2 - ok
17:16:16.0904 0x0e88 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4 A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:16:16.0919 0x0e88 SiSRaid4 - ok
17:16:16.0951 0x0e88 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE 10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:16:17.0029 0x0e88 Smb - ok
17:16:17.0075 0x0e88 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C02 09155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:16:17.0107 0x0e88 SNMPTRAP - ok
17:16:17.0138 0x0e88 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59E ACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
17:16:17.0185 0x0e88 spldr - ok
17:16:17.0231 0x0e88 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F87 8B7B82DB93C651 ] Spooler C:\windows\System32\spoolsv.exe
17:16:17.0263 0x0e88 Spooler - ok
17:16:17.0668 0x0e88 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C 50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
17:16:17.0887 0x0e88 sppsvc - ok
17:16:17.0933 0x0e88 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365 F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:16:17.0965 0x0e88 sppuinotify - ok
17:16:18.0011 0x0e88 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7C D1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
17:16:18.0121 0x0e88 srv - ok
17:16:18.0167 0x0e88 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE 4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:16:18.0245 0x0e88 srv2 - ok
17:16:18.0277 0x0e88 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8 630779D1D6525D ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
17:16:18.0308 0x0e88 SrvHsfHDA - ok
17:16:18.0401 0x0e88 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11 688F4252F4B89E ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
17:16:18.0511 0x0e88 SrvHsfV92 - ok
17:16:18.0682 0x0e88 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78 DE7415FCCC7DE7 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
17:16:18.0776 0x0e88 SrvHsfWinac - ok
17:16:18.0807 0x0e88 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF3 9FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:16:18.0854 0x0e88 srvnet - ok
17:16:18.0901 0x0e88 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DA A4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:16:18.0963 0x0e88 SSDPSRV - ok
17:16:18.0979 0x0e88 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F 212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
17:16:19.0010 0x0e88 SstpSvc - ok
17:16:19.0025 0x0e88 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C 21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
17:16:19.0072 0x0e88 stexstor - ok
17:16:19.0135 0x0e88 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DF E62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
17:16:19.0166 0x0e88 stisvc - ok
17:16:19.0181 0x0e88 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC952 2B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:16:19.0228 0x0e88 swenum - ok
17:16:19.0291 0x0e88 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140 F50061052AC418 ] swprv C:\windows\System32\swprv.dll
17:16:19.0353 0x0e88 swprv - ok
17:16:19.0462 0x0e88 [ F5B46DF59FEAA48A442AED7EEB754D4B, 8415FDD5E7B4D4819BB9B0937CDF254548C871045787958BCF 708096204B1714 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
17:16:19.0509 0x0e88 SynTP - ok
17:16:19.0603 0x0e88 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C3 35B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
17:16:19.0696 0x0e88 SysMain - ok
17:16:19.0727 0x0e88 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD9949 83DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
17:16:19.0774 0x0e88 TabletInputService - ok
17:16:19.0852 0x0e88 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52 455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
17:16:19.0915 0x0e88 TapiSrv - ok
17:16:19.0930 0x0e88 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5 A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
17:16:19.0961 0x0e88 TBS - ok
17:16:20.0086 0x0e88 [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E886 5C88E44CDF3E17 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:16:20.0180 0x0e88 Tcpip - ok
17:16:20.0273 0x0e88 [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E886 5C88E44CDF3E17 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:16:20.0351 0x0e88 TCPIP6 - ok
17:16:20.0383 0x0e88 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080 005F2D82467784 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:16:20.0461 0x0e88 tcpipreg - ok
17:16:20.0492 0x0e88 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A 68DCA92CC7FD8C ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
17:16:20.0523 0x0e88 tdcmdpst - ok
17:16:20.0570 0x0e88 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F 9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:16:20.0601 0x0e88 TDPIPE - ok
17:16:20.0648 0x0e88 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B2 9CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:16:20.0679 0x0e88 TDTCP - ok
17:16:20.0710 0x0e88 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719 C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:16:20.0788 0x0e88 tdx - ok
17:16:20.0804 0x0e88 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFB F2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:16:20.0819 0x0e88 TermDD - ok
17:16:20.0882 0x0e88 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC 4EB052E6EBCBCD ] TermService C:\windows\System32\termsrv.dll
17:16:20.0944 0x0e88 TermService - ok
17:16:20.0975 0x0e88 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8 CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
17:16:20.0991 0x0e88 Themes - ok
17:16:21.0022 0x0e88 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B17200 2B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
17:16:21.0053 0x0e88 THREADORDER - ok
17:16:21.0209 0x0e88 [ 71C321649B28638EE80A2EEB164C1DC8, D75D296B506DCC38A4DED82C71141388AEB60B065785DCC5BC 2F4B3B77ACEDC7 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
17:16:21.0225 0x0e88 TMachInfo - ok
17:16:21.0241 0x0e88 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E64072 19F2E866905D9B ] TODDSrv C:\Windows\system32\TODDSrv.exe
17:16:21.0256 0x0e88 TODDSrv - ok
17:16:21.0459 0x0e88 [ 1C73689B900428C7D054A41C4687F55C, 6DD3CDC09E4A62F40A81872789A5C8678C0FE23DD911C2951D FF5494B6BFC012 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
17:16:21.0475 0x0e88 TosCoSrv - ok
17:16:21.0568 0x0e88 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58, ACAD9D96CE58EDB620AC13ACA8C6F4122BA8B2AF78468A760F 21A01B43D93312 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
17:16:21.0584 0x0e88 TOSHIBA eco Utility Service - ok
17:16:21.0662 0x0e88 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8, 8D852DB100AC68A07A6E2AD21198410EAAB36E83BB8BAEA71C B698680B5DCE71 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
17:16:21.0677 0x0e88 TOSHIBA HDD SSD Alert Service - ok
17:16:21.0724 0x0e88 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9 D511A51A795027 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
17:16:21.0771 0x0e88 tos_sps64 - ok
17:16:21.0927 0x0e88 [ 098B8A408C17E125A3D9A8E1166780C8, F25F09F62713C8234CB2B6A40A4455502C8004090BFB9EE946 5546AD48369956 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
17:16:21.0943 0x0e88 TPCHSrv - ok
17:16:22.0005 0x0e88 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB 86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
17:16:22.0052 0x0e88 TrkWks - ok
17:16:22.0114 0x0e88 [ 0D5A09B08568760AE85A801FCBC0F83D, 347ACBA74FDCBEAC671521739F8A34EC0E378CAF716C31F556 16F9F843E4D0D3 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
17:16:22.0161 0x0e88 TrueSight - ok
17:16:22.0223 0x0e88 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF 321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:16:22.0270 0x0e88 TrustedInstaller - ok
17:16:22.0301 0x0e88 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB 053F4D593033AC ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:16:22.0348 0x0e88 tssecsrv - ok
17:16:22.0395 0x0e88 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C8 5BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:16:22.0457 0x0e88 TsUsbFlt - ok
17:16:22.0473 0x0e88 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B 984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:16:22.0520 0x0e88 TsUsbGD - ok
17:16:22.0567 0x0e88 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559 F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:16:22.0629 0x0e88 tunnel - ok
17:16:22.0676 0x0e88 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7 ACF6049049C933 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
17:16:22.0707 0x0e88 TVALZ - ok
17:16:22.0754 0x0e88 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F68194 3B84F3E5E6A40E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
17:16:22.0801 0x0e88 TVALZFL - ok
17:16:22.0832 0x0e88 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF1 1C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:16:22.0879 0x0e88 uagp35 - ok
17:16:22.0925 0x0e88 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A0 3E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:16:23.0019 0x0e88 udfs - ok
17:16:23.0050 0x0e88 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E 26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
17:16:23.0066 0x0e88 UI0Detect - ok
17:16:23.0081 0x0e88 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D 72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:16:23.0128 0x0e88 uliagpkx - ok
17:16:23.0175 0x0e88 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606 C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:16:23.0222 0x0e88 umbus - ok
17:16:23.0253 0x0e88 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DF B0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
17:16:23.0284 0x0e88 UmPass - ok
17:16:23.0659 0x0e88 [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC 1515A54014D02B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:16:23.0768 0x0e88 UNS - ok
17:16:23.0815 0x0e88 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609B CAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
17:16:23.0877 0x0e88 upnphost - ok
17:16:23.0908 0x0e88 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68 CCE47B1CFE5F12 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:16:23.0971 0x0e88 usbccgp - ok
17:16:24.0002 0x0e88 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E 6198EC52244F07 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:16:24.0049 0x0e88 usbcir - ok
17:16:24.0095 0x0e88 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C 36E6BB2045A3D9 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:16:24.0127 0x0e88 usbehci - ok
17:16:24.0158 0x0e88 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B21 09B05A4F462D4E ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:16:24.0236 0x0e88 usbhub - ok
17:16:24.0267 0x0e88 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F11 0F296C377077B0 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:16:24.0314 0x0e88 usbohci - ok
17:16:24.0329 0x0e88 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7 EBCA7BBAAD9F7C ] usbprint C:\windows\system32\drivers\usbprint.sys
17:16:24.0376 0x0e88 usbprint - ok
17:16:24.0407 0x0e88 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D 5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:16:24.0454 0x0e88 USBSTOR - ok
17:16:24.0470 0x0e88 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D108 95EBA48D981E25 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:16:24.0517 0x0e88 usbuhci - ok
17:16:24.0563 0x0e88 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F192 79E1B8ED7B1E44 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:16:24.0595 0x0e88 usbvideo - ok
17:16:24.0626 0x0e88 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A 0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
17:16:24.0688 0x0e88 UxSms - ok
17:16:24.0735 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF 8B1207F81B284D ] VaultSvc C:\windows\system32\lsass.exe
17:16:24.0751 0x0e88 VaultSvc - ok
17:16:24.0766 0x0e88 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E 733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:16:24.0813 0x0e88 vdrvroot - ok
17:16:24.0844 0x0e88 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368 E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
17:16:24.0907 0x0e88 vds - ok
17:16:24.0953 0x0e88 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A47367 3F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:16:24.0985 0x0e88 vga - ok
17:16:25.0016 0x0e88 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD3 8027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
17:16:25.0078 0x0e88 VgaSave - ok
17:16:25.0094 0x0e88 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD391556 3F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:16:25.0141 0x0e88 vhdmp - ok
17:16:25.0156 0x0e88 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A6869 90AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
17:16:25.0187 0x0e88 viaide - ok
17:16:25.0234 0x0e88 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B 2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:16:25.0265 0x0e88 volmgr - ok
17:16:25.0312 0x0e88 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628 B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:16:25.0328 0x0e88 volmgrx - ok
17:16:25.0359 0x0e88 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B88 9161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
17:16:25.0375 0x0e88 volsnap - ok
17:16:25.0406 0x0e88 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA 1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:16:25.0468 0x0e88 vsmraid - ok
17:16:25.0577 0x0e88 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29 D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
17:16:25.0655 0x0e88 VSS - ok
17:16:25.0718 0x0e88 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F 96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:16:25.0780 0x0e88 vwifibus - ok
17:16:25.0811 0x0e88 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21 CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:16:25.0889 0x0e88 vwififlt - ok
17:16:25.0952 0x0e88 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F2 41C9C167947962 ] W32Time C:\windows\system32\w32time.dll
17:16:25.0999 0x0e88 W32Time - ok
17:16:26.0061 0x0e88 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048 181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:16:26.0092 0x0e88 WacomPen - ok
17:16:26.0139 0x0e88 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC531 1386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:16:26.0233 0x0e88 WANARP - ok
17:16:26.0248 0x0e88 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC531 1386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:16:26.0279 0x0e88 Wanarpv6 - ok
17:16:26.0373 0x0e88 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE 5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:16:26.0420 0x0e88 WatAdminSvc - ok
17:16:26.0529 0x0e88 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A 1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
17:16:26.0623 0x0e88 wbengine - ok
17:16:26.0638 0x0e88 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA 23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:16:26.0669 0x0e88 WbioSrvc - ok
17:16:26.0701 0x0e88 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07 C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
17:16:26.0763 0x0e88 wcncsvc - ok
17:16:26.0779 0x0e88 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B 495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:16:26.0794 0x0e88 WcsPlugInService - ok
17:16:26.0825 0x0e88 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D 568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
17:16:26.0857 0x0e88 Wd - ok
17:16:26.0903 0x0e88 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F5 02DFDF4CECFCA1 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:16:26.0966 0x0e88 Wdf01000 - ok
17:16:26.0981 0x0e88 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793 A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
17:16:27.0028 0x0e88 WdiServiceHost - ok
17:16:27.0028 0x0e88 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793 A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
17:16:27.0044 0x0e88 WdiSystemHost - ok
17:16:27.0091 0x0e88 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C89 9842C300FD3026 ] WebClient C:\windows\System32\webclnt.dll
17:16:27.0137 0x0e88 WebClient - ok
17:16:27.0153 0x0e88 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90 640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
17:16:27.0215 0x0e88 Wecsvc - ok
17:16:27.0231 0x0e88 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D 80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:16:27.0262 0x0e88 wercplsupport - ok
17:16:27.0309 0x0e88 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675A FE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
17:16:27.0371 0x0e88 WerSvc - ok
17:16:27.0403 0x0e88 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D1 76129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:16:27.0434 0x0e88 WfpLwf - ok
17:16:27.0449 0x0e88 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BD AB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:16:27.0465 0x0e88 WIMMount - ok
17:16:27.0465 0x0e88 WinHttpAutoProxySvc - ok
17:16:27.0637 0x0e88 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D8 2C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:16:27.0668 0x0e88 Winmgmt - ok
17:16:27.0808 0x0e88 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B18 6E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
17:16:27.0902 0x0e88 WinRM - ok
17:16:27.0964 0x0e88 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7F BD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
17:16:28.0027 0x0e88 Wlansvc - ok
17:16:28.0073 0x0e88 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0 296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:16:28.0073 0x0e88 wlcrasvc - ok
17:16:28.0198 0x0e88 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58 C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:16:28.0245 0x0e88 wlidsvc - ok
17:16:28.0292 0x0e88 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0E FE76F95235B1D9 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
17:16:28.0339 0x0e88 WmiAcpi - ok
17:16:28.0385 0x0e88 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B 21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:16:28.0417 0x0e88 wmiApSrv - ok
17:16:28.0463 0x0e88 WMPNetworkSvc - ok
17:16:28.0495 0x0e88 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F364346782 9B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
17:16:28.0510 0x0e88 WPCSvc - ok
17:16:28.0526 0x0e88 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139 991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:16:28.0588 0x0e88 WPDBusEnum - ok
17:16:28.0604 0x0e88 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F 5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:16:28.0666 0x0e88 ws2ifsl - ok
17:16:28.0697 0x0e88 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E0 05CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
17:16:28.0744 0x0e88 wscsvc - ok
17:16:28.0744 0x0e88 WSearch - ok
17:16:28.0885 0x0e88 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3 DE3DDFC5AE0004 ] wuauserv C:\windows\system32\wuaueng.dll
17:16:28.0963 0x0e88 wuauserv - ok
17:16:28.0978 0x0e88 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2 F1F59FE1A965D9 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:16:29.0103 0x0e88 WudfPf - ok
17:16:29.0134 0x0e88 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9 DC3E3D6B17B4BF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:16:29.0197 0x0e88 WUDFRd - ok
17:16:29.0228 0x0e88 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20 CF96E5E6BD0691 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:16:29.0259 0x0e88 wudfsvc - ok
17:16:29.0275 0x0e88 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432E AEC19925BDA115 ] WwanSvc C:\windows\System32\wwansvc.dll
17:16:29.0321 0x0e88 WwanSvc - ok
17:16:29.0384 0x0e88 [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929 FD454BC57E5A91 ] ZAM C:\windows\System32\drivers\zam64.sys
17:16:29.0477 0x0e88 ZAM - ok
17:16:30.0601 0x0e88 [ C78761C2A5475EA16ADCD438CC17841F, 2EC81397DE7BEF39EA1E1758FE778A0A31C8D04B6AD76D9C09 17D95808366A70 ] ZAMSvc C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
17:16:30.0897 0x0e88 ZAMSvc - ok
17:16:30.0991 0x0e88 [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929 FD454BC57E5A91 ] ZAM_Guard C:\windows\System32\drivers\zamguard64.sys
17:16:31.0022 0x0e88 ZAM_Guard - ok
17:16:31.0022 0x0e88 ================ Scan global ===============================
17:16:31.0037 0x0e88 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618D D5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
17:16:31.0084 0x0e88 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861 C6C1329093464A ] C:\windows\system32\winsrv.dll
17:16:31.0084 0x0e88 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861 C6C1329093464A ] C:\windows\system32\winsrv.dll
17:16:31.0131 0x0e88 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309D C686C696790529 ] C:\windows\system32\sxssrv.dll
17:16:31.0178 0x0e88 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885 F668CF42C5E7E2 ] C:\windows\system32\services.exe
17:16:31.0178 0x0e88 [ Global ] - ok
17:16:31.0178 0x0e88 ================ Scan MBR ==================================
17:16:31.0240 0x0e88 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
17:16:32.0956 0x0e88 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
17:16:32.0956 0x0e88 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:16:32.0956 0x0e88 [ 06449E7C4AF0550B77E260798769AA40 ] \Device\Harddisk1\DR1
17:16:33.0065 0x0e88 \Device\Harddisk1\DR1 - ok
17:16:33.0081 0x0e88 ================ Scan VBR ==================================
17:16:33.0097 0x0e88 [ 8AC23BED265B9837B514C7AD0AE3474B ] \Device\Harddisk0\DR0\Partition1
17:16:33.0097 0x0e88 \Device\Harddisk0\DR0\Partition1 - ok
17:16:33.0097 0x0e88 [ 9EF3F0403422629F2348EB43B51E92DC ] \Device\Harddisk1\DR1\Partition1
17:16:33.0097 0x0e88 \Device\Harddisk1\DR1\Partition1 - ok
17:16:33.0097 0x0e88 ================ Scan active images ========================
17:16:33.0097 0x0e88 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1 D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
17:16:33.0097 0x0e88 C:\Windows\System32\drivers\crashdmp.sys - ok
17:16:33.0097 0x0e88 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829 F9B675ACF63E89 ] C:\Windows\System32\drivers\iaStor.sys
17:16:33.0097 0x0e88 C:\Windows\System32\drivers\iaStor.sys - ok
17:16:33.0112 0x0e88 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB 89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\dumpfve.sys - ok
17:16:33.0112 0x0e88 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B 9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\cdrom.sys - ok
17:16:33.0112 0x0e88 [ CDB1BE967AFF65D8395B6DF2EA8CBCCF, B72DEDDE020AC0FA4DC382B7B1C5427B8D63E83DB34BB747DC 5008AFB9698E57 ] C:\Windows\System32\drivers\aswsp.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\aswsp.sys - ok
17:16:33.0112 0x0e88 [ 409CDD1400B404F655EEC1B5850FD3BE, 2D8A141B18BA155632CE110343AC7A8AB790FB76781C7E7571 57D9B195CCD5BA ] C:\Windows\System32\drivers\aswSnx.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\aswSnx.sys - ok
17:16:33.0112 0x0e88 [ 97F952A9050CAD88681F5F0F46B8D5A5, 5B939B906868EB4EF9E54E9769B84AA87B57EEB3883F9FC450 67A354315C9A89 ] C:\Windows\System32\drivers\aswKbd.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\aswKbd.sys - ok
17:16:33.0128 0x0e88 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F 4130336B838024 ] C:\Windows\System32\drivers\beep.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\beep.sys - ok
17:16:33.0128 0x0e88 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9 AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\null.sys - ok
17:16:33.0128 0x0e88 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA25 0A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\msfs.sys - ok
17:16:33.0128 0x0e88 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B67 55C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\RDPCDD.sys - ok
17:16:33.0128 0x0e88 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F13 9E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:16:33.0143 0x0e88 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E1 0A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\RDPREFMP.sys - ok
17:16:33.0143 0x0e88 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD3 8027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\vga.sys - ok
17:16:33.0143 0x0e88 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94 F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\videoprt.sys - ok
17:16:33.0143 0x0e88 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2 FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\watchdog.sys - ok
17:16:33.0143 0x0e88 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268 FCC0B163B67767 ] C:\Windows\System32\drivers\afd.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\afd.sys - ok
17:16:33.0159 0x0e88 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17A C04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\npfs.sys - ok
17:16:33.0159 0x0e88 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31 B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\tdi.sys - ok
17:16:33.0159 0x0e88 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719 C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\tdx.sys - ok
17:16:33.0159 0x0e88 [ 8F492911129B1B32818BF894DC0C2C73, 1F6F2019EB3B3B20636F661A4692079FCAA521C626AF6A731D 5D493B415719A7 ] C:\Windows\System32\drivers\aswRdr2.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\aswRdr2.sys - ok
17:16:33.0159 0x0e88 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D1 2158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\netbt.sys - ok
17:16:33.0159 0x0e88 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243A B46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\netbios.sys - ok
17:16:33.0175 0x0e88 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B867 6C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\pacer.sys - ok
17:16:33.0175 0x0e88 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21 CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\vwififlt.sys - ok
17:16:33.0175 0x0e88 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D1 76129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\wfplwf.sys - ok
17:16:33.0175 0x0e88 [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929 FD454BC57E5A91 ] C:\Windows\System32\drivers\zamguard64.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\zamguard64.sys - ok
17:16:33.0175 0x0e88 [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929 FD454BC57E5A91 ] C:\Windows\System32\drivers\zam64.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\zam64.sys - ok
17:16:33.0190 0x0e88 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD3 6CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\rdbss.sys - ok
17:16:33.0190 0x0e88 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFB F2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\termdd.sys - ok
17:16:33.0190 0x0e88 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC531 1386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\wanarp.sys - ok
17:16:33.0190 0x0e88 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F1 98A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\blbdrive.sys - ok
17:16:33.0190 0x0e88 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751 FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\dfsc.sys - ok
17:16:33.0206 0x0e88 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089A EC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
17:16:33.0206 0x0e88 C:\Windows\System32\drivers\discache.sys - ok
17:16:33.0206 0x0e88 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E 9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
17:16:33.0206 0x0e88 C:\Windows\System32\drivers\mssmbios.sys - ok
17:16:33.0206 0x0e88 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7 F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
17:16:33.0206 0x0e88 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:16:33.0206 0x0e88 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559 F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
17:16:33.0206 0x0e88 C:\Windows\System32\drivers\tunnel.sys - ok
17:16:33.0206 0x0e88 [ CF95B85FF8D128385ABD411C8CA74DED, 406CF5C07F75BC976B2F82D1E1166D255C5149B9EF57C2DEA2 C8348DF231211F ] C:\Windows\System32\ntdll.dll
17:16:33.0206 0x0e88 C:\Windows\System32\ntdll.dll - ok
17:16:33.0221 0x0e88 [ 1911A3356FA3F77CCC825CCBAC038C2A, 6ED135B792C81D78B33A57F0F4770DB6105C9ED3E2193629CB 3EC38BFD5B7E1B ] C:\Windows\System32\smss.exe
17:16:33.0221 0x0e88 C:\Windows\System32\smss.exe - ok
17:16:33.0221 0x0e88 [ 370C2A8629B30F910F740387795DDC6F, 7D2D69F0BC12E86236014003EEA7479BD0FDE9A469459B6550 DC3AED07A02030 ] C:\Windows\System32\drivers\igdkmd64.sys
17:16:33.0221 0x0e88 C:\Windows\System32\drivers\igdkmd64.sys - ok
17:16:33.0221 0x0e88 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F44 2E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
17:16:33.0221 0x0e88 C:\Windows\System32\autochk.exe - ok
17:16:33.0221 0x0e88 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CA C52DEE405B08FD ] C:\Windows\System32\drivers\dxgkrnl.sys
17:16:33.0221 0x0e88 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:16:33.0221 0x0e88 [ 9CD68BDDF322535C02ADC8331013D13D, B887338E0C1033C93C9F157C69D5C47B05C7B27A91C9481CA8 B72BDD514E9651 ] C:\Windows\System32\drivers\dxgmms1.sys
17:16:33.0221 0x0e88 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:16:33.0221 0x0e88 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17 324474FC96B9BC ] C:\Windows\System32\drivers\HECIx64.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\HECIx64.sys - ok
17:16:33.0237 0x0e88 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C 36E6BB2045A3D9 ] C:\Windows\System32\drivers\usbehci.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\usbehci.sys - ok
17:16:33.0237 0x0e88 [ AE259C75F9A0B057B6BF9E9695632B09, 9015A708F21FBE3B198C39A651CA857CF772016D03B5DCE35D D2ABBC71DAB10B ] C:\Windows\System32\drivers\usbport.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\usbport.sys - ok
17:16:33.0237 0x0e88 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278 479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:16:33.0237 0x0e88 [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB 9C038A34593B95 ] C:\Windows\System32\drivers\rtl8192ce.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\rtl8192ce.sys - ok
17:16:33.0237 0x0e88 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F 96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\vwifibus.sys - ok
17:16:33.0253 0x0e88 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E549 78154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\i8042prt.sys - ok
17:16:33.0253 0x0e88 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29 A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\kbdclass.sys - ok
17:16:33.0253 0x0e88 [ EBED8B3FF4A823C1A6EEBEED7B29353F, 0942200EEDEDA1FF4E634CDC5182D8EDC9BC9F66E89A5DAB8D F82C3FBB2F0D59 ] C:\Windows\System32\drivers\L1C62x64.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\L1C62x64.sys - ok
17:16:33.0253 0x0e88 [ F5B46DF59FEAA48A442AED7EEB754D4B, 8415FDD5E7B4D4819BB9B0937CDF254548C871045787958BCF 708096204B1714 ] C:\Windows\System32\drivers\SynTP.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\SynTP.sys - ok
17:16:33.0253 0x0e88 [ CCA2AB1752A61F29C3C941CD79D78CEA, 74D3B1710F2F90B3922341A9AA0B896CC5CD1AB9D32FF79F3C F3479928541CBD ] C:\Windows\System32\drivers\usbd.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\usbd.sys - ok
17:16:33.0268 0x0e88 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E 8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\mouclass.sys - ok
17:16:33.0268 0x0e88 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A 68DCA92CC7FD8C ] C:\Windows\System32\drivers\tdcmdpst.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\tdcmdpst.sys - ok
17:16:33.0268 0x0e88 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA 384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\agilevpn.sys - ok
17:16:33.0268 0x0e88 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D76 8DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\CmBatt.sys - ok
17:16:33.0268 0x0e88 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E51250 5FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:16:33.0284 0x0e88 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B 579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\intelppm.sys - ok
17:16:33.0284 0x0e88 [ C8FCB4899F8B70CC34E0D9876A80963C, E4CFC69C3EE1BC5C0FFF96CE034EAD8DD9727DA165A790CB57 979AA0A6CEE350 ] C:\Windows\System32\drivers\QIOMem.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\QIOMem.sys - ok
17:16:33.0284 0x0e88 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F68194 3B84F3E5E6A40E ] C:\Windows\System32\drivers\TVALZFL.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\TVALZFL.sys - ok
17:16:33.0284 0x0e88 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0E FE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\wmiacpi.sys - ok
17:16:33.0284 0x0e88 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B24 2FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\ndistapi.sys - ok
17:16:33.0299 0x0e88 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E 252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\ndiswan.sys - ok
17:16:33.0299 0x0e88 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177 593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\rasl2tp.sys - ok
17:16:33.0299 0x0e88 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B5 8CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\raspppoe.sys - ok
17:16:33.0299 0x0e88 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A8 24DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\raspptp.sys - ok
17:16:33.0299 0x0e88 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E6 45D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\rassstp.sys - ok
17:16:33.0299 0x0e88 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AA FF208D784E906C ] C:\Windows\System32\drivers\ks.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\ks.sys - ok
17:16:33.0315 0x0e88 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC952 2B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
17:16:33.0315 0x0e88 C:\Windows\System32\drivers\swenum.sys - ok
17:16:33.0315 0x0e88 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606 C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
17:16:33.0315 0x0e88 C:\Windows\System32\drivers\umbus.sys - ok
17:16:33.0315 0x0e88 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B21 09B05A4F462D4E ] C:\Windows\System32\drivers\usbhub.sys
17:16:33.0315 0x0e88 C:\Windows\System32\drivers\usbhub.sys - ok
17:16:33.0315 0x0e88 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF51 4F4F4B681522A0 ] C:\Windows\System32\user32.dll
17:16:33.0315 0x0e88 C:\Windows\System32\user32.dll - ok
17:16:33.0315 0x0e88 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355 A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
17:16:33.0315 0x0e88 C:\Windows\System32\ws2_32.dll - ok
17:16:33.0331 0x0e88 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A04 66DE008505B8A9 ] C:\Windows\System32\difxapi.dll
17:16:33.0331 0x0e88 C:\Windows\System32\difxapi.dll - ok
17:16:33.0331 0x0e88 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6 E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
17:16:33.0331 0x0e88 C:\Windows\System32\drivers\ndproxy.sys - ok
17:16:33.0331 0x0e88 [ 0611473C1AD9E2D991CD9482068417F7, 90AFCC2A60350ECE27E75E76459132EF0FA28EF283CE88FCED 4B82735A93ECDA ] C:\Windows\System32\rpcrt4.dll
17:16:33.0331 0x0e88 C:\Windows\System32\rpcrt4.dll - ok
17:16:33.0331 0x0e88 [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9F C15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys
17:16:33.0331 0x0e88 C:\Windows\System32\drivers\drmk.sys - ok
17:16:33.0331 0x0e88 [ 20506F12AFAD3DB588D007EA9325FBBC, 275ECBD0F668782ACE055AD5CA600A6885CFCDD4943BC52A2E A8339AF71EABAE ] C:\Windows\System32\drivers\CHDRT64.sys
17:16:33.0331 0x0e88 C:\Windows\System32\drivers\CHDRT64.sys - ok
17:16:33.0346 0x0e88 [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F 12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys
17:16:33.0346 0x0e88 C:\Windows\System32\drivers\portcls.sys - ok
17:16:33.0346 0x0e88 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C 3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
17:16:33.0346 0x0e88 C:\Windows\System32\drivers\ksthunk.sys - ok
17:16:33.0346 0x0e88 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2 EC7B3CFF389800 ] C:\Windows\System32\drivers\IntcDAud.sys
17:16:33.0346 0x0e88 C:\Windows\System32\drivers\IntcDAud.sys - ok
17:16:33.0346 0x0e88 [ 1084AA52CCC324EA54C7121FA24C2221, 6E972CF624F7C0DE8190434B3B30279A01C551713109F97B9E BB77FAC9364754 ] C:\Windows\System32\gdi32.dll
17:16:33.0346 0x0e88 C:\Windows\System32\gdi32.dll - ok
17:16:33.0346 0x0e88 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23 764E77D9AC7074 ] C:\Windows\System32\sechost.dll
17:16:33.0346 0x0e88 C:\Windows\System32\sechost.dll - ok
17:16:33.0362 0x0e88 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AA AD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
17:16:33.0362 0x0e88 C:\Windows\System32\clbcatq.dll - ok
17:16:33.0362 0x0e88 [ D202223587518B13D72D68937B7E3F70, 9DB971B866D058ADBB518DD99B87C5DB8DD1E7C9073755B989 AE7E9FB62901E8 ] C:\Windows\System32\lpk.dll
17:16:33.0362 0x0e88 C:\Windows\System32\lpk.dll - ok
17:16:33.0362 0x0e88 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF0 7E382050BC84FD ] C:\Windows\System32\psapi.dll
17:16:33.0362 0x0e88 C:\Windows\System32\psapi.dll - ok
17:16:33.0362 0x0e88 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B 450C23AE62664A ] C:\Windows\System32\setupapi.dll
17:16:33.0362 0x0e88 C:\Windows\System32\setupapi.dll - ok
17:16:33.0362 0x0e88 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016F E3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
17:16:33.0362 0x0e88 C:\Windows\System32\shlwapi.dll - ok
17:16:33.0362 0x0e88 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B9 8AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
17:16:33.0362 0x0e88 C:\Windows\System32\comdlg32.dll - ok
17:16:33.0377 0x0e88 [ A1BE6A720D02E37F72E9CD89AE9CB3CF, 80721B622AC1EEF1F534B9C8948E2226B733123B14ABE63894 D5788E4F0D6B8B ] C:\Windows\System32\imagehlp.dll
17:16:33.0377 0x0e88 C:\Windows\System32\imagehlp.dll - ok
17:16:33.0377 0x0e88 [ 6DF46D2BD74E3DA1B45F08F10D172732, 2DC945F6F2C4A82189BC7DA2FCBB7D9A0E2588A909539249E5 5BA82468E0C677 ] C:\Windows\System32\advapi32.dll
17:16:33.0377 0x0e88 C:\Windows\System32\advapi32.dll - ok
17:16:33.0377 0x0e88 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA2292 7BB94503549E44 ] C:\Windows\System32\msctf.dll
17:16:33.0377 0x0e88 C:\Windows\System32\msctf.dll - ok
17:16:33.0377 0x0e88 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68 CCE47B1CFE5F12 ] C:\Windows\System32\drivers\usbccgp.sys
17:16:33.0377 0x0e88 C:\Windows\System32\drivers\usbccgp.sys - ok
17:16:33.0377 0x0e88 [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF 3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
17:16:33.0377 0x0e88 C:\Windows\System32\oleaut32.dll - ok
17:16:33.0393 0x0e88 [ C6689007B3A749C49A5438DCF36E0CE4, 492504464293C176AD2A87F4BE9B362A5716C26F49DEEA5F6D D3BAFDF9AAAF8F ] C:\Windows\System32\shell32.dll
17:16:33.0393 0x0e88 C:\Windows\System32\shell32.dll - ok
17:16:33.0393 0x0e88 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE1 3F0F5137E1E7F7 ] C:\Windows\System32\drivers\PGEffect.sys
17:16:33.0393 0x0e88 C:\Windows\System32\drivers\PGEffect.sys - ok
17:16:33.0393 0x0e88 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F192 79E1B8ED7B1E44 ] C:\Windows\System32\drivers\usbvideo.sys
17:16:33.0393 0x0e88 C:\Windows\System32\drivers\usbvideo.sys - ok
17:16:33.0393 0x0e88 [ E8FD953D416772794408A68CC20B247D, 529ACE7EFE66FC3686946A0417DD25B0DD0C00236B547DB049 1F37A5DF5E0D22 ] C:\Windows\System32\urlmon.dll
17:16:33.0393 0x0e88 C:\Windows\System32\urlmon.dll - ok
17:16:33.0393 0x0e88 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65, 2A3EC01F3BAFE7D7D656886437F7FFECCE440C0D3F34678047 69AB4BF1FF7A99 ] C:\Windows\System32\usp10.dll
17:16:33.0393 0x0e88 C:\Windows\System32\usp10.dll - ok
17:16:33.0409 0x0e88 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E903 0F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
17:16:33.0409 0x0e88 C:\Windows\System32\normaliz.dll - ok
17:16:33.0409 0x0e88 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCA B010A63B34D24C ] C:\Windows\System32\Wldap32.dll
17:16:33.0409 0x0e88 C:\Windows\System32\Wldap32.dll - ok
17:16:33.0409 0x0e88 [ B9B42A302325537D7B9DC52D47F33A73, 0B2E367D671073EFD70641A198C340B12B1BD813263050AE16 B9C48B414775E0 ] C:\Windows\System32\kernel32.dll
17:16:33.0409 0x0e88 C:\Windows\System32\kernel32.dll - ok
17:16:33.0409 0x0e88 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406 C59D81749B6F09 ] C:\Windows\System32\nsi.dll
17:16:33.0409 0x0e88 C:\Windows\System32\nsi.dll - ok
17:16:33.0409 0x0e88 [ 5A45FA344F4AD99D903F4B20E43B89EC, B9DBA3ED0FD2927D89E6A18232840773EA01842AF47304DBE5 9FBA041472868A ] C:\Windows\System32\wininet.dll
17:16:33.0409 0x0e88 C:\Windows\System32\wininet.dll - ok
17:16:33.0409 0x0e88 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0 591A9E2C3997FA ] C:\Windows\System32\imm32.dll
17:16:33.0409 0x0e88 C:\Windows\System32\imm32.dll - ok
17:16:33.0424 0x0e88 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B 63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
17:16:33.0424 0x0e88 C:\Windows\System32\msvcrt.dll - ok
17:16:33.0424 0x0e88 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D 0217F23AF52C75 ] C:\Windows\System32\ole32.dll
17:16:33.0424 0x0e88 C:\Windows\System32\ole32.dll - ok
17:16:33.0424 0x0e88 [ 78CA24E3B51C624007C1B8A7B8D6C9AF, 7FD67EB1F74BCD76CA4A8292356E1EE54CCFDC4159D2DC31C9 E7A05896533DE4 ] C:\Windows\System32\iertutil.dll
17:16:33.0424 0x0e88 C:\Windows\System32\iertutil.dll - ok
17:16:33.0424 0x0e88 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F26 8822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
17:16:33.0424 0x0e88 C:\Windows\System32\cfgmgr32.dll - ok
17:16:33.0424 0x0e88 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F5 79F8BFA48353B1 ] C:\Windows\System32\devobj.dll
17:16:33.0424 0x0e88 C:\Windows\System32\devobj.dll - ok
17:16:33.0440 0x0e88 [ 6B5174702343BD955E174FDFEFA2A1A3, 54A2E26972ACBA6AA808CBE5EEA0FB2D5B8F560D8285C56907 8C27649311FB6A ] C:\Windows\System32\KernelBase.dll
17:16:33.0440 0x0e88 C:\Windows\System32\KernelBase.dll - ok
17:16:33.0440 0x0e88 [ 53238D99636BBA85F491C3E8FD22AB00, 4DD6F0DDC246B3362F21D0C20A398EE07797E867ACCBC8DED6 FA1ADB412E4D1A ] C:\Windows\System32\wintrust.dll
17:16:33.0440 0x0e88 C:\Windows\System32\wintrust.dll - ok
17:16:33.0440 0x0e88 [ FAF1BA660F84789CCCE747CE6F9D055A, 5660C24129894750A1F0A006FC04AA413C220B18F4FB03CB4B 849960A9E29AD4 ] C:\Windows\System32\crypt32.dll
17:16:33.0440 0x0e88 C:\Windows\System32\crypt32.dll - ok
17:16:33.0440 0x0e88 [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8 320FAE948531EB ] C:\Windows\System32\comctl32.dll
17:16:33.0440 0x0e88 C:\Windows\System32\comctl32.dll - ok
17:16:33.0440 0x0e88 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4 AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
17:16:33.0440 0x0e88 C:\Windows\System32\msasn1.dll - ok
17:16:33.0455 0x0e88 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8 A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
17:16:33.0455 0x0e88 C:\Windows\SysWOW64\normaliz.dll - ok
17:16:33.0455 0x0e88 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8 908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
17:16:33.0455 0x0e88 C:\Windows\System32\drivers\dxapi.sys - ok
17:16:33.0455 0x0e88 [ 511166D3F5D7EBA36DE48C4F5E195886, 4AE9D37AE7DE0DC1D60F613C1E21DBD6F590E3FED59F518BAF 673D6192977647 ] C:\Windows\System32\win32k.sys
17:16:33.0455 0x0e88 C:\Windows\System32\win32k.sys - ok
17:16:33.0455 0x0e88 [ 96F587CA26A6AA894BD8CACE4540CFFC, 5261F58BE6A109479896C9A38AE07BA790F1F9182E6C91B2AF 5DF1D5A5D12615 ] C:\Windows\System32\csrsrv.dll
17:16:33.0455 0x0e88 C:\Windows\System32\csrsrv.dll - ok
17:16:33.0455 0x0e88 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77 201BAB37E8C03A ] C:\Windows\System32\csrss.exe
17:16:33.0455 0x0e88 C:\Windows\System32\csrss.exe - ok
17:16:33.0471 0x0e88 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618D D5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
17:16:33.0471 0x0e88 C:\Windows\System32\basesrv.dll - ok
17:16:33.0471 0x0e88 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861 C6C1329093464A ] C:\Windows\System32\winsrv.dll
17:16:33.0471 0x0e88 C:\Windows\System32\winsrv.dll - ok
17:16:33.0471 0x0e88 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D 5711D9C19DEB96 ] C:\Windows\System32\drivers\USBSTOR.SYS
17:16:33.0471 0x0e88 C:\Windows\System32\drivers\USBSTOR.SYS - ok
17:16:33.0471 0x0e88 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C298859 44A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
17:16:33.0471 0x0e88 C:\Windows\System32\drivers\monitor.sys - ok
17:16:33.0471 0x0e88 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56D E4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
17:16:33.0471 0x0e88 C:\Windows\System32\tsddd.dll - ok
17:16:33.0487 0x0e88 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C6571 2F041A00CF5B45 ] C:\Windows\System32\profapi.dll
17:16:33.0487 0x0e88 C:\Windows\System32\profapi.dll - ok
17:16:33.0487 0x0e88 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309D C686C696790529 ] C:\Windows\System32\sxssrv.dll
17:16:33.0487 0x0e88 C:\Windows\System32\sxssrv.dll - ok
17:16:33.0487 0x0e88 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA875 26E768AF6174F0 ] C:\Windows\System32\wininit.exe
17:16:33.0487 0x0e88 C:\Windows\System32\wininit.exe - ok
17:16:33.0487 0x0e88 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84 E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
17:16:33.0487 0x0e88 C:\Windows\System32\KBDUS.DLL - ok
17:16:33.0487 0x0e88 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525 B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
17:16:33.0487 0x0e88 C:\Windows\System32\RpcRtRemote.dll - ok
17:16:33.0502 0x0e88 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA85 3BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
17:16:33.0502 0x0e88 C:\Windows\System32\WlS0WndH.dll - ok
17:16:33.0502 0x0e88 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA 66FFE27FF9777E ] C:\Windows\System32\sxs.dll
17:16:33.0502 0x0e88 C:\Windows\System32\sxs.dll - ok
17:16:33.0502 0x0e88 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE353 2EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
17:16:33.0502 0x0e88 C:\Windows\System32\cryptbase.dll - ok
17:16:33.0502 0x0e88 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923F D928C85E94D821 ] C:\Windows\System32\apphelp.dll
17:16:33.0502 0x0e88 C:\Windows\System32\apphelp.dll - ok
17:16:33.0502 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF 8B1207F81B284D ] C:\Windows\System32\lsass.exe
17:16:33.0502 0x0e88 C:\Windows\System32\lsass.exe - ok
17:16:33.0502 0x0e88 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885 F668CF42C5E7E2 ] C:\Windows\System32\services.exe
17:16:33.0502 0x0e88 C:\Windows\System32\services.exe - ok
17:16:33.0518 0x0e88 [ 66A6063D0BAAD3F7B2B9868859E0743B, EEAABD90410864E2992E1A3AB2C29D0E8EF955AD49AF72A6A8 EAA3D3AE9EE33E ] C:\Windows\System32\lsasrv.dll
17:16:33.0518 0x0e88 C:\Windows\System32\lsasrv.dll - ok
17:16:33.0518 0x0e88 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D6 24F9DB0611F0AD ] C:\Windows\System32\lsm.exe
17:16:33.0518 0x0e88 C:\Windows\System32\lsm.exe - ok
17:16:33.0518 0x0e88 [ B66BC8B20B7F33975865B1DF99783FD8, 7CB446AAA2F1232AAA0178F90CEA857015CC21A9A615601F7D BFB7130CD0858B ] C:\Windows\System32\sspicli.dll
17:16:33.0518 0x0e88 C:\Windows\System32\sspicli.dll - ok
17:16:33.0518 0x0e88 [ 3A0CE5FE781708CD6ABD55313607EC8B, D7B4137ABFED3A46304605A83C1E5012E7D1C811E5C74A9F20 E359988EFCD7A9 ] C:\Windows\System32\sspisrv.dll
17:16:33.0518 0x0e88 C:\Windows\System32\sspisrv.dll - ok
17:16:33.0518 0x0e88 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA 7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
17:16:33.0518 0x0e88 C:\Windows\System32\sysntfy.dll - ok
17:16:33.0533 0x0e88 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BF AE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
17:16:33.0533 0x0e88 C:\Windows\System32\wmsgapi.dll - ok
17:16:33.0533 0x0e88 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B83 59FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
17:16:33.0533 0x0e88 C:\Windows\System32\scesrv.dll - ok
17:16:33.0533 0x0e88 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F0 7B98921A62A299 ] C:\Windows\System32\scext.dll
17:16:33.0533 0x0e88 C:\Windows\System32\scext.dll - ok
17:16:33.0533 0x0e88 [ 0144D8D75A0B12938AEEE859E3310A46, C3FB240B62F736230BAC81DE8315C9236300474B189A599DBC 6437AB341F166B ] C:\Windows\System32\secur32.dll
17:16:33.0533 0x0e88 C:\Windows\System32\secur32.dll - ok
17:16:33.0533 0x0e88 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D 4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
17:16:33.0533 0x0e88 C:\Windows\System32\samsrv.dll - ok
17:16:33.0533 0x0e88 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678 BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
17:16:33.0533 0x0e88 C:\Windows\System32\srvcli.dll - ok
17:16:33.0549 0x0e88 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5D CB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
17:16:33.0549 0x0e88 C:\Windows\System32\cryptdll.dll - ok
17:16:33.0549 0x0e88 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD63 7114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
17:16:33.0549 0x0e88 C:\Windows\System32\wevtapi.dll - ok
17:16:33.0549 0x0e88 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D 5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
17:16:33.0549 0x0e88 C:\Windows\System32\authz.dll - ok
17:16:33.0549 0x0e88 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D2550 7352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
17:16:33.0549 0x0e88 C:\Windows\System32\cngaudit.dll - ok
17:16:33.0549 0x0e88 [ 400645085A91BF3EB0271329B95AE0BE, 4EE924E3691F575AA6617F95A4BB521083FAB6B1D74085E4F1 7EC6B116FD7629 ] C:\Windows\System32\ncrypt.dll
17:16:33.0549 0x0e88 C:\Windows\System32\ncrypt.dll - ok
17:16:33.0565 0x0e88 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B 2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
17:16:33.0565 0x0e88 C:\Windows\System32\bcrypt.dll - ok
17:16:33.0565 0x0e88 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C6 0F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
17:16:33.0565 0x0e88 C:\Windows\System32\msprivs.dll - ok
17:16:33.0565 0x0e88 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD4 4A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
17:16:33.0565 0x0e88 C:\Windows\System32\netjoin.dll - ok
17:16:33.0565 0x0e88 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149 D8B5A90648512C ] C:\Windows\System32\negoexts.dll
17:16:33.0565 0x0e88 C:\Windows\System32\negoexts.dll - ok
17:16:33.0565 0x0e88 [ 05569A79BF4693670B709144382D02D4, 3B13C569EE4FBC63C6989A7A12A50DCCC945FAB26C6E659DEB 0614640E8F40C3 ] C:\Windows\System32\cdd.dll
17:16:33.0565 0x0e88 C:\Windows\System32\cdd.dll - ok
17:16:33.0580 0x0e88 [ 16ECE8BD6734CC170B9AE74176E89A9B, CE366442B5F13E72290DFD93AE6532E7DC5F9D750CDA61E852 488702A07AAE64 ] C:\Windows\System32\kerberos.dll
17:16:33.0580 0x0e88 C:\Windows\System32\kerberos.dll - ok
17:16:33.0580 0x0e88 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6 786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
17:16:33.0580 0x0e88 C:\Windows\System32\cryptsp.dll - ok
17:16:33.0580 0x0e88 [ 1D5185A4C7E6695431AE4B55C3D7D333, 16F3906C54F1D71559836FDFCF4E83E7C9F454463D78FD577A D2D7022E0BCB51 ] C:\Windows\System32\mswsock.dll
17:16:33.0580 0x0e88 C:\Windows\System32\mswsock.dll - ok
17:16:33.0580 0x0e88 [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F9 7EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
17:16:33.0580 0x0e88 C:\Windows\System32\msv1_0.dll - ok
17:16:33.0580 0x0e88 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E633 94E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
17:16:33.0580 0x0e88 C:\Windows\System32\wship6.dll - ok
17:16:33.0596 0x0e88 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168 278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
17:16:33.0596 0x0e88 C:\Windows\System32\netlogon.dll - ok
17:16:33.0596 0x0e88 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C 235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
17:16:33.0596 0x0e88 C:\Windows\System32\dnsapi.dll - ok
17:16:33.0596 0x0e88 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB6 5D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
17:16:33.0596 0x0e88 C:\Windows\System32\logoncli.dll - ok
17:16:33.0596 0x0e88 [ 1573C45E65DE32B1BC3572634F8F1E8E, 8B3D9636470ADCEEEAA83E69033487E270AB1AE58F4D44BB4B 024B95F59C3CC9 ] C:\Windows\System32\schannel.dll
17:16:33.0596 0x0e88 C:\Windows\System32\schannel.dll - ok
17:16:33.0596 0x0e88 [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66 EEB905CA352881 ] C:\Windows\System32\wdigest.dll
17:16:33.0596 0x0e88 C:\Windows\System32\wdigest.dll - ok
17:16:33.0596 0x0e88 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF 263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
17:16:33.0596 0x0e88 C:\Windows\System32\rsaenh.dll - ok
17:16:33.0611 0x0e88 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6 A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
17:16:33.0611 0x0e88 C:\Windows\System32\pku2u.dll - ok
17:16:33.0611 0x0e88 [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067C D8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
17:16:33.0611 0x0e88 C:\Windows\System32\TSpkg.dll - ok
17:16:33.0611 0x0e88 [ 7DBA64AD70C2E2481C68D9E0F7CD7840, 52EE57E9A8D3C28336BB8E7536ECE77A9FB4BAF93B9651F9A8 97F79F873D66BE ] C:\Windows\System32\LIVESSP.DLL
17:16:33.0611 0x0e88 C:\Windows\System32\LIVESSP.DLL - ok
17:16:33.0611 0x0e88 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA 12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
17:16:33.0611 0x0e88 C:\Windows\System32\bcryptprimitives.dll - ok
17:16:33.0611 0x0e88 [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E39 6CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
17:16:33.0611 0x0e88 C:\Windows\System32\credssp.dll - ok
17:16:33.0627 0x0e88 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403 F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
17:16:33.0627 0x0e88 C:\Windows\System32\efslsaext.dll - ok
17:16:33.0627 0x0e88 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8B E46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
17:16:33.0627 0x0e88 C:\Windows\System32\scecli.dll - ok
17:16:33.0627 0x0e88 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692 158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
17:16:33.0627 0x0e88 C:\Windows\System32\ubpm.dll - ok
17:16:33.0627 0x0e88 [ 6F68F63794097E54F36474ED4384B759, 745E45B1E868C395C033C3178B423D2BE121DA0ABBF859553A DF1A7D383099B7 ] C:\Windows\System32\svchost.exe
17:16:33.0627 0x0e88 C:\Windows\System32\svchost.exe - ok
17:16:33.0627 0x0e88 [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C 6070387723D49E ] C:\Windows\System32\winsta.dll
17:16:33.0627 0x0e88 C:\Windows\System32\winsta.dll - ok
17:16:33.0643 0x0e88 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75F BCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
17:16:33.0643 0x0e88 C:\Windows\System32\umpnpmgr.dll - ok
17:16:33.0643 0x0e88 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEF DB9128206C9887 ] C:\Windows\System32\SPInf.dll
17:16:33.0643 0x0e88 C:\Windows\System32\SPInf.dll - ok
17:16:33.0643 0x0e88 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C187 22086906AD3046 ] C:\Windows\System32\devrtl.dll
17:16:33.0643 0x0e88 C:\Windows\System32\devrtl.dll - ok
17:16:33.0643 0x0e88 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A85 00FD141BC30078 ] C:\Windows\System32\gpapi.dll
17:16:33.0643 0x0e88 C:\Windows\System32\gpapi.dll - ok
17:16:33.0643 0x0e88 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA57 3D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
17:16:33.0643 0x0e88 C:\Windows\System32\userenv.dll - ok
17:16:33.0658 0x0e88 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D 90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
17:16:33.0658 0x0e88 C:\Windows\System32\umpo.dll - ok
17:16:33.0658 0x0e88 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473 A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
17:16:33.0658 0x0e88 C:\Windows\System32\pcwum.dll - ok
17:16:33.0658 0x0e88 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB65 96CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
17:16:33.0658 0x0e88 C:\Windows\System32\powrprof.dll - ok
17:16:33.0658 0x0e88 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F3 05486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
17:16:33.0658 0x0e88 C:\Windows\System32\drivers\luafv.sys - ok
17:16:33.0658 0x0e88 [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24 D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
17:16:33.0658 0x0e88 C:\Windows\System32\winlogon.exe - ok
17:16:33.0658 0x0e88 [ 9C6C17C495E960E52EDE5D038EE92AE1, C056799A124C7473E871D73E3661D58B2EA01EE6F3614AEDB2 39463D0FBB9841 ] C:\Windows\System32\drivers\aswMonFlt.sys
17:16:33.0658 0x0e88 C:\Windows\System32\drivers\aswMonFlt.sys - ok
17:16:33.0674 0x0e88 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D53820471 4E6D5B00D92CEB ] C:\Windows\System32\drivers\mbam.sys
17:16:33.0674 0x0e88 C:\Windows\System32\drivers\mbam.sys - ok
17:16:33.0674 0x0e88 [ 8F571F016FA1976F445147E9E6C8AE9B, 527AB960F2E08F598D1B953BDA4EA749831DD3C765DA278044 B8AB22365F02B5 ] C:\Windows\System32\drivers\Sftvollh.sys
17:16:33.0674 0x0e88 C:\Windows\System32\drivers\Sftvollh.sys - ok
17:16:33.0674 0x0e88 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2 F1F59FE1A965D9 ] C:\Windows\System32\drivers\WUDFPf.sys
17:16:33.0674 0x0e88 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:16:33.0674 0x0e88 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D858 4349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
17:16:33.0674 0x0e88 C:\Windows\System32\RpcEpMap.dll - ok
17:16:33.0674 0x0e88 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C 4D6400B354B401 ] C:\Windows\System32\rpcss.dll
17:16:33.0674 0x0e88 C:\Windows\System32\rpcss.dll - ok
17:16:33.0689 0x0e88 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E 307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
17:16:33.0689 0x0e88 C:\Windows\System32\WSHTCPIP.DLL - ok
17:16:33.0689 0x0e88 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B1 98143D461ABE39 ] C:\Windows\System32\wshqos.dll
17:16:33.0689 0x0e88 C:\Windows\System32\wshqos.dll - ok
17:16:33.0689 0x0e88 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11 EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
17:16:33.0689 0x0e88 C:\Windows\System32\FirewallAPI.dll - ok
17:16:33.0689 0x0e88 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C72 85A2C11C9A0F93 ] C:\Windows\System32\version.dll
17:16:33.0689 0x0e88 C:\Windows\System32\version.dll - ok
17:16:33.0689 0x0e88 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF 0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
17:16:33.0689 0x0e88 C:\Windows\System32\wevtsvc.dll - ok
17:16:33.0705 0x0e88 [ 0BEE002C68E28CE6DA161DCF1376D7D7, 1D4EE0B9CE22D139478008D5591B8C9F027C235CBA601F95A9 6547CF98159D4B ] C:\Windows\System32\authui.dll
17:16:33.0705 0x0e88 C:\Windows\System32\authui.dll - ok
17:16:33.0705 0x0e88 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A6 3204C773B95893 ] C:\Windows\System32\LogonUI.exe
17:16:33.0705 0x0e88 C:\Windows\System32\LogonUI.exe - ok
17:16:33.0705 0x0e88 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986D F6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
17:16:33.0705 0x0e88 C:\Windows\System32\adtschema.dll - ok
17:16:33.0705 0x0e88 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235 313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
17:16:33.0705 0x0e88 C:\Windows\System32\audiosrv.dll - ok
17:16:33.0705 0x0e88 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801 C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
17:16:33.0705 0x0e88 C:\Windows\System32\cryptui.dll - ok
17:16:33.0721 0x0e88 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D 3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
17:16:33.0721 0x0e88 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
17:16:33.0721 0x0e88 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914 B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
17:16:33.0721 0x0e88 C:\Windows\System32\avrt.dll - ok
17:16:33.0721 0x0e88 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B17200 2B1561EC7E265A ] C:\Windows\System32\mmcss.dll
17:16:33.0721 0x0e88 C:\Windows\System32\mmcss.dll - ok
17:16:33.0721 0x0e88 [ 80E69670BDA10F32A941BA7358E33012, AFEC6DB90B06381074B23DC91BEF34E7EA4C87F4B6D836F6BF 6BB05CDDBF7605 ] C:\Windows\System32\WUDFPlatform.dll
17:16:33.0721 0x0e88 C:\Windows\System32\WUDFPlatform.dll - ok
17:16:33.0721 0x0e88 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F 50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
17:16:33.0721 0x0e88 C:\Windows\System32\MMDevAPI.dll - ok
17:16:33.0721 0x0e88 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E6405 7B636F27D15765 ] C:\Windows\System32\propsys.dll
17:16:33.0721 0x0e88 C:\Windows\System32\propsys.dll - ok
17:16:33.0736 0x0e88 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9 B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39 6087175ac9ac\comctl32.dll
17:16:33.0736 0x0e88 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa39 6087175ac9ac\comctl32.dll - ok
17:16:33.0736 0x0e88 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF 9466838A2328C7 ] C:\Windows\System32\samlib.dll
17:16:33.0736 0x0e88 C:\Windows\System32\samlib.dll - ok
17:16:33.0736 0x0e88 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BF E6B34A2146E730 ] C:\Windows\System32\shacct.dll
17:16:33.0736 0x0e88 C:\Windows\System32\shacct.dll - ok
17:16:33.0736 0x0e88 [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C850 55ABAB2483264B ] C:\Windows\System32\audiodg.exe
17:16:33.0736 0x0e88 C:\Windows\System32\audiodg.exe - ok
17:16:33.0736 0x0e88 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828 122442FE5D376C ] C:\Windows\System32\uxtheme.dll
17:16:33.0752 0x0e88 C:\Windows\System32\uxtheme.dll - ok
17:16:33.0752 0x0e88 [ 179E8401224D557ECFF3695F2016EA5B, E2E54F1D5F8573CA036D837B045371A4E0BDAF6DB2CD3FFFF9 5C4064296E3A2D ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_ 6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7 765\GdiPlus.dll
17:16:33.0752 0x0e88 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_ 6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7 765\GdiPlus.dll - ok
17:16:33.0752 0x0e88 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC9 63E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
17:16:33.0752 0x0e88 C:\Windows\System32\gpsvc.dll - ok
17:16:33.0752 0x0e88 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137D AD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
17:16:33.0752 0x0e88 C:\Windows\System32\ntmarta.dll - ok
17:16:33.0752 0x0e88 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA056613038 36B6860D63749D ] C:\Windows\System32\dui70.dll
17:16:33.0752 0x0e88 C:\Windows\System32\dui70.dll - ok
17:16:33.0752 0x0e88 [ 2DF36F15B2BC1571A6A542A3C2107920, A918F1EE95269DF973421AF2F5713DEEAF15EF0F77BAA7E8C5 15FFB69896FB7A ] C:\Windows\System32\nlaapi.dll
17:16:33.0752 0x0e88 C:\Windows\System32\nlaapi.dll - ok
17:16:33.0767 0x0e88 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF24783440 0F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
17:16:33.0767 0x0e88 C:\Windows\System32\profsvc.dll - ok
17:16:33.0767 0x0e88 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC 1A9E6D85469093 ] C:\Windows\System32\atl.dll
17:16:33.0767 0x0e88 C:\Windows\System32\atl.dll - ok
17:16:33.0767 0x0e88 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8 CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
17:16:33.0767 0x0e88 C:\Windows\System32\themeservice.dll - ok
17:16:33.0767 0x0e88 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B 5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
17:16:33.0767 0x0e88 C:\Windows\System32\dsrole.dll - ok
17:16:33.0767 0x0e88 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC 017800692694D5 ] C:\Windows\System32\slc.dll
17:16:33.0767 0x0e88 C:\Windows\System32\slc.dll - ok
17:16:33.0767 0x0e88 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5 871473D3E2E2CF ] C:\Windows\System32\duser.dll
17:16:33.0767 0x0e88 C:\Windows\System32\duser.dll - ok
17:16:33.0783 0x0e88 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5 C7460E87317881 ] C:\Windows\System32\es.dll
17:16:33.0783 0x0e88 C:\Windows\System32\es.dll - ok
17:16:33.0783 0x0e88 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F347 8302A3F5F73431 ] C:\Windows\System32\winmm.dll
17:16:33.0783 0x0e88 C:\Windows\System32\winmm.dll - ok
17:16:33.0783 0x0e88 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF9 6CAE519BFE280F ] C:\Windows\System32\comres.dll
17:16:33.0783 0x0e88 C:\Windows\System32\comres.dll - ok
17:16:33.0783 0x0e88 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6 E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
17:16:33.0783 0x0e88 C:\Windows\System32\Sens.dll - ok
17:16:33.0783 0x0e88 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A 0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
17:16:33.0783 0x0e88 C:\Windows\System32\uxsms.dll - ok
17:16:33.0799 0x0e88 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663 EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
17:16:33.0799 0x0e88 C:\Windows\System32\wtsapi32.dll - ok
17:16:33.0799 0x0e88 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20 CF96E5E6BD0691 ] C:\Windows\System32\WUDFSvc.dll
17:16:33.0799 0x0e88 C:\Windows\System32\WUDFSvc.dll - ok
17:16:33.0799 0x0e88 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2AC BF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
17:16:33.0799 0x0e88 C:\Windows\System32\SndVolSSO.dll - ok
17:16:33.0799 0x0e88 [ F6B5E463A0BB934C26FB319EDC726F65, 8B4E94181E7C2B479F7F675C221419B42C55C74F02A0DD8FFD 9643A5A19AB944 ] C:\Windows\System32\drivers\aswStm.sys
17:16:33.0799 0x0e88 C:\Windows\System32\drivers\aswStm.sys - ok
17:16:33.0799 0x0e88 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0 BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
17:16:33.0799 0x0e88 C:\Windows\System32\drivers\lltdio.sys - ok
17:16:33.0814 0x0e88 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AE B7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
17:16:33.0814 0x0e88 C:\Windows\System32\drivers\nwifi.sys - ok
17:16:33.0814 0x0e88 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD30 94F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
17:16:33.0814 0x0e88 C:\Windows\System32\drivers\ndisuio.sys - ok
17:16:33.0814 0x0e88 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908C CA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
17:16:33.0814 0x0e88 C:\Windows\System32\drivers\rspndr.sys - ok
17:16:33.0814 0x0e88 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6 EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
17:16:33.0814 0x0e88 C:\Windows\System32\hid.dll - ok
17:16:33.0814 0x0e88 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0 BB610191E35220 ] C:\Windows\System32\wdmaud.drv
17:16:33.0814 0x0e88 C:\Windows\System32\wdmaud.drv - ok
17:16:33.0814 0x0e88 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31 F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
17:16:33.0814 0x0e88 C:\Windows\System32\ksuser.dll - ok
17:16:33.0830 0x0e88 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B17 1E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
17:16:33.0830 0x0e88 C:\Windows\System32\IPHLPAPI.DLL - ok
17:16:33.0830 0x0e88 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF986 5DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
17:16:33.0830 0x0e88 C:\Windows\System32\lmhsvc.dll - ok
17:16:33.0830 0x0e88 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F5 07518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
17:16:33.0830 0x0e88 C:\Windows\System32\nsisvc.dll - ok
17:16:33.0830 0x0e88 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D 52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
17:16:33.0830 0x0e88 C:\Windows\System32\dhcpcore.dll - ok
17:16:33.0830 0x0e88 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47 EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
17:16:33.0830 0x0e88 C:\Windows\System32\nrpsrv.dll - ok
17:16:33.0845 0x0e88 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F 36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
17:16:33.0845 0x0e88 C:\Windows\System32\winnsi.dll - ok
17:16:33.0845 0x0e88 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB34731 2D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
17:16:33.0845 0x0e88 C:\Windows\System32\dnsrslvr.dll - ok
17:16:33.0845 0x0e88 [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E 2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
17:16:33.0845 0x0e88 C:\Windows\System32\eapphost.dll - ok
17:16:33.0845 0x0e88 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5B F91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
17:16:33.0845 0x0e88 C:\Windows\System32\eapsvc.dll - ok
17:16:33.0845 0x0e88 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749 C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
17:16:33.0845 0x0e88 C:\Windows\System32\keyiso.dll - ok
17:16:33.0861 0x0e88 [ 71C7B65B6557B75B99907E76956AE4B8, 38AD0E96D6AD36C0643761D5F5DB7A2802E059008C0984ABF6 1F4D8703DE4B3B ] C:\Windows\System32\dhcpcore6.dll
17:16:33.0861 0x0e88 C:\Windows\System32\dhcpcore6.dll - ok
17:16:33.0861 0x0e88 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B45 42A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
17:16:33.0861 0x0e88 C:\Windows\System32\dwmapi.dll - ok
17:16:33.0861 0x0e88 [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FD B8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL
17:16:33.0861 0x0e88 C:\Windows\System32\FWPUCLNT.DLL - ok
17:16:33.0861 0x0e88 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D95094 0A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
17:16:33.0861 0x0e88 C:\Windows\System32\xmllite.dll - ok
17:16:33.0861 0x0e88 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54 DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
17:16:33.0861 0x0e88 C:\Windows\System32\umb.dll - ok
17:16:33.0861 0x0e88 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7F BD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
17:16:33.0861 0x0e88 C:\Windows\System32\wlansvc.dll - ok
17:16:33.0877 0x0e88 [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D 3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
17:16:33.0877 0x0e88 C:\Windows\System32\AudioSes.dll - ok
17:16:33.0877 0x0e88 [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC34 77F356C45A9C54 ] C:\Windows\System32\msacm32.drv
17:16:33.0877 0x0e88 C:\Windows\System32\msacm32.drv - ok
17:16:33.0877 0x0e88 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E6010 2D6C9004514D60 ] C:\Windows\System32\msacm32.dll
17:16:33.0877 0x0e88 C:\Windows\System32\msacm32.dll - ok
17:16:33.0877 0x0e88 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081 A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
17:16:33.0877 0x0e88 C:\Windows\System32\dhcpcsvc.dll - ok
17:16:33.0877 0x0e88 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5 E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
17:16:33.0877 0x0e88 C:\Windows\System32\dnsext.dll - ok
17:16:33.0892 0x0e88 [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81F E564D91F15F976 ] C:\Windows\System32\midimap.dll
17:16:33.0892 0x0e88 C:\Windows\System32\midimap.dll - ok
17:16:33.0892 0x0e88 [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF 034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
17:16:33.0892 0x0e88 C:\Windows\System32\AudioEng.dll - ok
17:16:33.0892 0x0e88 [ 4CBCC37856EA2039C27A2FB661DDA0E5, 74CBFAB3092A9564BDDFCB84DB3E3F8BCFD1492938ADF18742 3D3355D73D21C6 ] C:\Windows\System32\dhcpcsvc6.dll
17:16:33.0892 0x0e88 C:\Windows\System32\dhcpcsvc6.dll - ok
17:16:33.0892 0x0e88 [ 26B73A85855681500BCC25C7CD9FF5B1, 94D134A6AF53AD629A4505B8B0EA37F61BB43AF4DB71874E7E 87853163A9282A ] C:\Windows\System32\WindowsCodecs.dll
17:16:33.0892 0x0e88 C:\Windows\System32\WindowsCodecs.dll - ok
17:16:33.0892 0x0e88 [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03 E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
17:16:33.0892 0x0e88 C:\Windows\System32\wlanmsm.dll - ok
17:16:33.0908 0x0e88 [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89 BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
17:16:33.0908 0x0e88 C:\Windows\System32\AUDIOKSE.dll - ok
17:16:33.0908 0x0e88 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F 8A43C64C08A762 ] C:\Windows\System32\onex.dll
17:16:33.0908 0x0e88 C:\Windows\System32\onex.dll - ok
17:16:33.0908 0x0e88 [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878 D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
17:16:33.0908 0x0e88 C:\Windows\System32\wlansec.dll - ok
17:16:33.0908 0x0e88 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F 7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
17:16:33.0908 0x0e88 C:\Windows\System32\eappcfg.dll - ok
17:16:33.0908 0x0e88 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE 5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
17:16:33.0908 0x0e88 C:\Windows\System32\eappprxy.dll - ok
17:16:33.0908 0x0e88 [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B 4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
17:16:33.0908 0x0e88 C:\Windows\System32\l2gpstore.dll - ok
17:16:33.0923 0x0e88 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AE A40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
17:16:33.0923 0x0e88 C:\Windows\System32\wlgpclnt.dll - ok
17:16:33.0923 0x0e88 [ AA0B1A7B4750F655936F2F82B5E84428, 443A3822D3BD776922402353C7E8C1257DB2A3D8EE33526593 4C52BB5820A972 ] C:\Windows\System32\CX64AP40.dll
17:16:33.0923 0x0e88 C:\Windows\System32\CX64AP40.dll - ok
17:16:33.0923 0x0e88 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF 64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
17:16:33.0923 0x0e88 C:\Windows\System32\VaultCredProvider.dll - ok
17:16:33.0923 0x0e88 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A2 8511A72F57FC66 ] C:\Windows\System32\winbrand.dll
17:16:33.0923 0x0e88 C:\Windows\System32\winbrand.dll - ok
17:16:33.0923 0x0e88 [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD 91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
17:16:33.0923 0x0e88 C:\Windows\System32\WinSCard.dll - ok
17:16:33.0939 0x0e88 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747 045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
17:16:33.0939 0x0e88 C:\Windows\System32\wlanutil.dll - ok
17:16:33.0939 0x0e88 [ CA2985996BB49924B677113DF95CFEA7, 91F63863B1B597AE421CD2C3D8A3E00578B17876E5F5B828D2 5C2C9B349ECCCD ] C:\Windows\System32\SmartcardCredentialProvider.dl l
17:16:33.0939 0x0e88 C:\Windows\System32\SmartcardCredentialProvider.dl l - ok
17:16:33.0939 0x0e88 [ 4FFDE68C4B7C9993FA551E7E36DDB34D, CA362D5AAE3B1DC8F5BBF5507B5F4126E7AE21EC524ACC7174 51830C5A59FB48 ] C:\Windows\System32\msxml6.dll
17:16:33.0939 0x0e88 C:\Windows\System32\msxml6.dll - ok
17:16:33.0939 0x0e88 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2 DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
17:16:33.0939 0x0e88 C:\Windows\System32\BioCredProv.dll - ok
17:16:33.0939 0x0e88 [ CC0AB40F02D2C2A12209715A3C1B07B8, 90EB303A4E151340DB382248361FEFC5346C31394791DF8366 3086C8219C2B20 ] C:\Windows\System32\credui.dll
17:16:33.0939 0x0e88 C:\Windows\System32\credui.dll - ok
17:16:33.0939 0x0e88 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A14 7DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
17:16:33.0939 0x0e88 C:\Windows\System32\winbio.dll - ok
17:16:33.0955 0x0e88 [ 764908FE1FA96F93C95B1B67A0FCED29, 26EF25AB307903C5E806A8CC3B750A491049E5D1225CEDDFCE 64DD51AA6F592B ] C:\Windows\System32\netapi32.dll
17:16:33.0955 0x0e88 C:\Windows\System32\netapi32.dll - ok
17:16:33.0955 0x0e88 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD27 3BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
17:16:33.0955 0x0e88 C:\Windows\System32\vaultcli.dll - ok
17:16:33.0955 0x0e88 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE5 5EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
17:16:33.0955 0x0e88 C:\Windows\System32\netutils.dll - ok
17:16:33.0955 0x0e88 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B 3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
17:16:33.0955 0x0e88 C:\Windows\System32\wkscli.dll - ok
17:16:33.0955 0x0e88 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8 D122F523B96AC0 ] C:\Windows\System32\samcli.dll
17:16:33.0955 0x0e88 C:\Windows\System32\samcli.dll - ok
17:16:33.0970 0x0e88 [ F79C9E3947B904FA3200A2204F9C52BB, 5D7274BF4AB25CB4E52D5FC6B5DF129BFBAEF028457ACF0762 4F6D00F67E1237 ] C:\Windows\System32\tosWirelessLANIndicatorCP.dll
17:16:33.0970 0x0e88 C:\Windows\System32\tosWirelessLANIndicatorCP.dll - ok
17:16:33.0970 0x0e88 [ AED6D63CFA5A3EF7021AF9C457FEE994, B4BFA27F677295B00A1DF9A7E14DB4B75CAC2DD41B898D4E9A 378ECCCE3699F0 ] C:\Windows\System32\msvcr100.dll
17:16:33.0970 0x0e88 C:\Windows\System32\msvcr100.dll - ok
17:16:33.0970 0x0e88 [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395 CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
17:16:33.0970 0x0e88 C:\Windows\System32\WMALFXGFXDSP.dll - ok
17:16:33.0970 0x0e88 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F 8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
17:16:33.0970 0x0e88 C:\Windows\System32\netcfgx.dll - ok
17:16:33.0970 0x0e88 [ 08D8C5E32648D6E7976F0458545EA600, C042DDBCB278E1EB47AD7F02F81B3A233A41A335BDA4E9690F 84208DDF7ACED7 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll
17:16:33.0970 0x0e88 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll - ok
17:16:33.0986 0x0e88 [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656A E83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
17:16:33.0986 0x0e88 C:\Windows\System32\mfplat.dll - ok
17:16:33.0986 0x0e88 [ 03E0955A7D8E5E74E7F6986A56A66196, 53471761EC1F22F3FC6E60770A60338F538DFD2CC74B081AD3 78F43B62BD80A5 ] C:\Windows\System32\MaxxAudioAPO30.dll
17:16:33.0986 0x0e88 C:\Windows\System32\MaxxAudioAPO30.dll - ok
17:16:33.0986 0x0e88 [ 8EF7C84BB20329D6DCAC09CF6B19345A, 98F2F312F273C52653DC72F8A69ACBD79F588FF1B53CC7DFA8 5C26B6F7EF620B ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:16:33.0986 0x0e88 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
17:16:33.0986 0x0e88 [ D037BEA6039248D4DE0C5F361F19970D, 652E0AB01F21C3CBDBA496C88D175EC16E644E2BCB0526E705 81B67EA5E681CE ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll
17:16:33.0986 0x0e88 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll - ok
17:16:33.0986 0x0e88 [ E73B0F1819602CB6EF176FB78D76A47B, 54B000D3CAFE32AA7541437F6AA0950EE0A23624ECB6B3D078 55E5C0F1F9E77D ] C:\Windows\SysWOW64\ntdll.dll
17:16:33.0986 0x0e88 C:\Windows\SysWOW64\ntdll.dll - ok
17:16:34.0001 0x0e88 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7, 10860A572AF26ABFBDC035BCC5205F1EE1D53C7DBF66CA99D9 C97D2003BC58D2 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b 9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msv cp80.dll
17:16:34.0001 0x0e88 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b 9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msv cp80.dll - ok
17:16:34.0001 0x0e88 [ B1E3772FFA96AC5AEE89BF202AF8E348, 064DB26C5C9F7369BA2671DE30DFAF595DC2726B4104B81D14 2571DEE0F50CA6 ] C:\Windows\System32\wow64.dll
17:16:34.0001 0x0e88 C:\Windows\System32\wow64.dll - ok
17:16:34.0001 0x0e88 [ FC5A43FA257F546F8F2B96B5529857E1, 6B3AA2F2F4796F3C5D8B95DBD6392C4CADCB270B2A5B80631B 9F54D0FAED0708 ] C:\Windows\System32\wow64win.dll
17:16:34.0001 0x0e88 C:\Windows\System32\wow64win.dll - ok
17:16:34.0001 0x0e88 [ AA0D2571A4348838B8DD49FD0043826A, 6D445B0214AA5733483ADAC2FB0D16E9D073698C2A458A4019 BA8DC2BC96ED00 ] C:\Windows\System32\wow64cpu.dll
17:16:34.0001 0x0e88 C:\Windows\System32\wow64cpu.dll - ok
17:16:34.0001 0x0e88 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB, 128098D77578E37EEB744485E593196D67120B4054983A31AC D577AE58842479 ] C:\Windows\SysWOW64\kernel32.dll
17:16:34.0001 0x0e88 C:\Windows\SysWOW64\kernel32.dll - ok
17:16:34.0017 0x0e88 [ 06A754FE28A06F780A099703CFCAAA22, FCADF16C88EEC651258149616202CC29D649FE8CBBBA481BEA 9A67C2ED82844B ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b 9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msv cr80.dll
17:16:34.0017 0x0e88 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b 9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msv cr80.dll - ok
17:16:34.0017 0x0e88 [ 9AE75388EE2C110216B8319584E8AC34, 6F5E79903FF4B6A17E42949E4D09CE25DB944062317CAA5346 FC9F39CBAE575F ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll
17:16:34.0017 0x0e88 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll - ok
17:16:34.0017 0x0e88 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1, D3ED2B763653C19B9E436BD6694D20794A9CCC3F9E9A49E4CE E7A978219AC66D ] C:\Windows\SysWOW64\KernelBase.dll
17:16:34.0017 0x0e88 C:\Windows\SysWOW64\KernelBase.dll - ok
17:16:34.0017 0x0e88 [ 2A9238A326763122424E07EF320D5D3A, 8654CABFC1DCEA16C57BFD93C776E7EA33072F288B79CEE8FA CECF69173EA4FE ] C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll
17:16:34.0017 0x0e88 C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll - ok
17:16:34.0017 0x0e88 [ 91175B7E997CFAC64F271A15B4217BC7, 64F01CFD0FB239407D8D59AAA529E8AC4CAC59472A6D924C0F 7DF41DED53A5B1 ] C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll
17:16:34.0017 0x0e88 C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll - ok
17:16:34.0033 0x0e88 [ 2116A5E99C64757EA71EE0F14DC6482C, 2FD31262ED876A70D8BC433BDD5AAFB88CAD1561D722BF034D BD99EE31FDA2CC ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
17:16:34.0033 0x0e88 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
17:16:34.0033 0x0e88 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96C AC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
17:16:34.0033 0x0e88 C:\Windows\SysWOW64\user32.dll - ok
17:16:34.0033 0x0e88 [ 9C5BF3E0541B8A2F85DF1D642E495EE4, 081C1BF855CA1D1C40751890AAF827C2DFC977FF4F7F8A5F6D 25397356B3F49C ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll
17:16:34.0033 0x0e88 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll - ok
17:16:34.0033 0x0e88 [ D6D3AD7BF1D6F6CE9547613ED5E170A2, EA3BD7FEC193A8CFE1D5736301ACADC476FB6AAC5475A45776 D0A638E9845445 ] C:\Windows\SysWOW64\gdi32.dll
17:16:34.0033 0x0e88 C:\Windows\SysWOW64\gdi32.dll - ok
17:16:34.0033 0x0e88 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040 719099717744D5 ] C:\Windows\System32\certCredProvider.dll
17:16:34.0033 0x0e88 C:\Windows\System32\certCredProvider.dll - ok
17:16:34.0033 0x0e88 [ 032229246107C5C7211E6D1498B52D3D, 8B492A0621BA88EBF3ABFC072C9023B2162C59AA6E9C61DA6D 4762DB6C6C7B4A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
17:16:34.0033 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
17:16:34.0048 0x0e88 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A73 25B53104797CBC ] C:\Windows\System32\UXInit.dll
17:16:34.0048 0x0e88 C:\Windows\System32\UXInit.dll - ok
17:16:34.0048 0x0e88 [ 384721EF4024890092625E20CADFAF85, 32FB012437C271CA4408EC60E6858485C2F9489107BBDB7011 F728A0D2A26D2C ] C:\Windows\SysWOW64\lpk.dll
17:16:34.0048 0x0e88 C:\Windows\SysWOW64\lpk.dll - ok
17:16:34.0048 0x0e88 [ 804AAAFEBB3AD5F49334DD906BCB1DE5, EB5DA86810D405555C84F4D452A604665250AB5D01714E0FBE CF81CC8E791AC5 ] C:\Windows\SysWOW64\usp10.dll
17:16:34.0048 0x0e88 C:\Windows\SysWOW64\usp10.dll - ok
17:16:34.0048 0x0e88 [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539A E7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
17:16:34.0048 0x0e88 C:\Windows\System32\wbem\wbemprox.dll - ok
17:16:34.0048 0x0e88 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED 91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
17:16:34.0048 0x0e88 C:\Windows\SysWOW64\msvcrt.dll - ok
17:16:34.0064 0x0e88 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B 6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
17:16:34.0064 0x0e88 C:\Windows\System32\rasplap.dll - ok
17:16:34.0064 0x0e88 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC26 95507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
17:16:34.0064 0x0e88 C:\Windows\System32\rasapi32.dll - ok
17:16:34.0064 0x0e88 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB332891 4ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
17:16:34.0064 0x0e88 C:\Windows\System32\rasman.dll - ok
17:16:34.0064 0x0e88 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BC F9066763A45D9D ] C:\Windows\System32\rtutils.dll
17:16:34.0064 0x0e88 C:\Windows\System32\rtutils.dll - ok
17:16:34.0064 0x0e88 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C7 98099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
17:16:34.0064 0x0e88 C:\Windows\System32\drivers\fltMgr.sys - ok
17:16:34.0079 0x0e88 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180E BCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
17:16:34.0079 0x0e88 C:\Windows\System32\PSHED.DLL - ok
17:16:34.0079 0x0e88 [ 11338E0557B07BC32CDB980B6EDB35AA, E0B012FDDF40D280068C33BBC41CBF14E88E49FD237D61C455 C6E69772ECFDAF ] C:\Windows\System32\ci.dll
17:16:34.0079 0x0e88 C:\Windows\System32\ci.dll - ok
17:16:34.0079 0x0e88 [ 95E2376B3323F062EB562B8586D0F14A, BD3FA8750123D00AA0967FBA44372C46EA002681DA9C9B77A4 F9261553E26017 ] C:\Windows\SysWOW64\advapi32.dll
17:16:34.0079 0x0e88 C:\Windows\SysWOW64\advapi32.dll - ok
17:16:34.0079 0x0e88 [ C5AD8083CF94201F1F8084ECC696A8B7, 9F9A23DC2587E88C1BF671E9E147F134242002288E22E1C578 81F3ED721F4296 ] C:\Windows\SysWOW64\rpcrt4.dll
17:16:34.0079 0x0e88 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:16:34.0079 0x0e88 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF 72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
17:16:34.0079 0x0e88 C:\Windows\SysWOW64\sechost.dll - ok
17:16:34.0079 0x0e88 [ EDA7AD21DF8945528F01F0A86D69E524, 8FF2CC12AF30F1DC367ABD19FA9CB0F42EC6EE820F6E755BEF CEFE952C22E2F6 ] C:\Windows\SysWOW64\sspicli.dll
17:16:34.0079 0x0e88 C:\Windows\SysWOW64\sspicli.dll - ok
17:16:34.0095 0x0e88 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E98 57F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
17:16:34.0095 0x0e88 C:\Windows\SysWOW64\cryptbase.dll - ok
17:16:34.0095 0x0e88 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5 F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
17:16:34.0095 0x0e88 C:\Windows\SysWOW64\ole32.dll - ok
17:16:34.0095 0x0e88 [ E1E264808A1D1FD2DA98BFFE1BC06BF7, 0AE239FD409662476CBD19CB44C13B29F7412DF73178AE4492 BA04CECD56AB64 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
17:16:34.0095 0x0e88 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
17:16:34.0095 0x0e88 [ B7EBC19A5B23D0D32FF014E30BE26061, 5695560A50ED9746696C0D647E55D77459F5981907C177D086 DF36656A978B19 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\vcruntime1 40.dll
17:16:34.0095 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\vcruntime1 40.dll - ok
17:16:34.0095 0x0e88 [ EC0AA3C4FF18459BFB1B82DE937D23D9, 4ED288D500B857EA3D54C5DE6667B118CD9C0F357D7C244566 57D42C01CA5AB7 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-runtime-l1-1-0.dll
17:16:34.0095 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-runtime-l1-1-0.dll - ok
17:16:34.0111 0x0e88 [ BFF9FF54D28A3023A6EEDF99DE29A80E, CAC19A17A6C508CF5956C189833D19EB42F56498B71AB48F0E 831D41E5E1B55C ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\ucrtbase.d ll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\ucrtbase.d ll - ok
17:16:34.0111 0x0e88 [ 33BD41C9FD1B8E26F8720B53B9CA501D, 6FC8834A47120855FF4C4B22C65F95C882F2D14521BFE7364E 364E23F90C1401 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-timezone-l1-1-0.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-timezone-l1-1-0.dll - ok
17:16:34.0111 0x0e88 [ DD9DB5BF928376A33E240BF95A5146DE, E2D92B763360E67FE86405406EFE91CB50ABD63C90A2248A47 1C7C282D302B4D ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-file-l2-1-0.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-file-l2-1-0.dll - ok
17:16:34.0111 0x0e88 [ EFA0BBA55EC4DE4057B7B42E90C21FDD, 5C1B03755BBA813B3A003E817FCC55926382B6987432B2B59C 03D2A384813016 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-file-l1-2-0.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-file-l1-2-0.dll - ok
17:16:34.0111 0x0e88 [ 74D98BE08D4A7B340FFC853B77925718, AE26C0715060A2E5518871EB693C11C5EBFFA3AE25BADBE82C 3562DF8E6587BB ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-localization-l1-2-0.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-localization-l1-2-0.dll - ok
17:16:34.0126 0x0e88 [ F828F2A3AC49EDAC87946559DB2384B4, EC712BDBBAE51875BD277CDFC45CCC8BA25A6020A96AB2731E DF4070E9FA1323 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-processthreads-l1-1-1.dll
17:16:34.0126 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-processthreads-l1-1-1.dll - ok
17:16:34.0126 0x0e88 [ 79C6C9048ACC2052959812DA2C20EEC3, F9A388AA8221D477A51C19A292E5BFEE1F1DFCE46D5FA87E9E A0C6EA3E6BE0CD ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-synch-l1-2-0.dll
17:16:34.0126 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-synch-l1-2-0.dll - ok
17:16:34.0126 0x0e88 [ 1144CB3D8FEF162BB166964EC1FDF053, 998B12349839F19F696982E7D9B92A5EA7AF4003713C68E832 03626FF28D88F3 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-string-l1-1-0.dll
17:16:34.0126 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-string-l1-1-0.dll - ok
17:16:34.0126 0x0e88 [ 1174F628380F76BD2E5EB994311AE44E, A2232AE8144057DA28983CE7D47181AAEA37C21D0F2932B259 FCC068E89C365A ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-heap-l1-1-0.dll
17:16:34.0126 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-heap-l1-1-0.dll - ok
17:16:34.0142 0x0e88 [ DB0EB179C661B8344A54657D74A65B2C, EAC8835D36D17A836506F79085AD10765F3E2C65E093B4BC32 11C8451FB46982 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-stdio-l1-1-0.dll
17:16:34.0142 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-stdio-l1-1-0.dll - ok
17:16:34.0142 0x0e88 [ 6D419083DD1B8452553EB410EA041AEC, E0E52FF33378FC2A1DC2B9D6862D7E4092134691AD06E60004 9BDF5D93B25A07 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-convert-l1-1-0.dll
17:16:34.0142 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-convert-l1-1-0.dll - ok
17:16:34.0142 0x0e88 [ 951110BD181B4961BB51AAF30939EEF8, C80EDDEDE28368B9582707F8EAC2D16BFD071A71930BD50D67 125DB293AC9FFF ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
17:16:34.0142 0x0e88 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
17:16:34.0142 0x0e88 [ A84A8A708751E2CB1F2BB117E9B7F390, F656F0F98CF2510F4E0FE5D5666643028A6B8BAC50BF553C0A 464456C0E82934 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\msvcp140.d ll
17:16:34.0142 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\msvcp140.d ll - ok
17:16:34.0142 0x0e88 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E 95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
17:16:34.0142 0x0e88 C:\Windows\System32\wbemcomn.dll - ok
17:16:34.0157 0x0e88 [ 09B011350B65FAECBE45CE5CEE01E2DB, 7D4778631D45245EEC2313B86E437E8884652896062F841790 AAAFE1EA0E38D4 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-locale-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-locale-l1-1-0.dll - ok
17:16:34.0157 0x0e88 [ 12A705FE511BE63C516A05A86C3AD8AA, AABD2854EF538165756CC8ABF30FB0CBDA78D750A947EC4C41 FCB218FAFC91DC ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-math-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-math-l1-1-0.dll - ok
17:16:34.0157 0x0e88 [ F0B0503CE5E1F054E10C30C722AA740F, 871F3F68C95A3E44A7F2824AD74CE7DDCDCB6FDB297650E5FF CE02F5EF63BB9D ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-multibyte-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-multibyte-l1-1-0.dll - ok
17:16:34.0157 0x0e88 [ 55BB6F17B7605177A81CFCAD9903CA2D, BB630FB36EA731271BE646A7660D05274A63EBF3CB66F1B31F F81E23C6247378 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-time-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-time-l1-1-0.dll - ok
17:16:34.0157 0x0e88 [ 38FAF01FB981E08EF8D5883DED56445B, 24E4980830A1CD2CAF8EAC119FAFA89A4ACDB6D06ED4813F18 1ADBE782D4D9CE ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-filesystem-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-filesystem-l1-1-0.dll - ok
17:16:34.0173 0x0e88 [ 4C6833272D37ADD07A6B24C8AC1DD355, 95A6CED27526C21FC9911CE6389C298BBD1C4B1B6324DAF7DC CB69EFCFD481D3 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-environment-l1-1-0.dll
17:16:34.0173 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-environment-l1-1-0.dll - ok
17:16:34.0173 0x0e88 [ 57218001BDC41A78C2085800F53CCD5E, A0A4CE7CDFCF76B237001D481A81BD3E49EDEC64202FBB62C4 1114FB6CAA6806 ] C:\Program Files\AVAST Software\Avast\log.dll
17:16:34.0173 0x0e88 C:\Program Files\AVAST Software\Avast\log.dll - ok
17:16:34.0173 0x0e88 [ E13BBE799504E9691F6BA38DEB9FA939, ACEB693AA242F3B470CE184DAAC751A953DD681F21AE660917 9E2C963DA052A9 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-utility-l1-1-0.dll
17:16:34.0173 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-utility-l1-1-0.dll - ok
17:16:34.0173 0x0e88 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522 040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
17:16:34.0173 0x0e88 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
17:16:34.0173 0x0e88 [ DC52DB637B27E2004237B4FAC7CAEF69, F17A993A2EE5C33BF6AAEABB51A12CBBC8CD76803FB5C44C27 7027E094DC5667 ] C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosIndicator.exe
17:16:34.0173 0x0e88 C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosIndicator.exe - ok
17:16:34.0189 0x0e88 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F87 3586B7FF4D59CF ] C:\Windows\System32\imageres.dll
17:16:34.0189 0x0e88 C:\Windows\System32\imageres.dll - ok
17:16:34.0189 0x0e88 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB6 7F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
17:16:34.0189 0x0e88 C:\Windows\SysWOW64\shlwapi.dll - ok
17:16:34.0189 0x0e88 [ 805210C42535771C115364140F7927E0, 31EDF7EFBAE58BCCE5DB45B154A67A4B0F455729A10B5C9E70 9305542CB02127 ] C:\Program Files\AVAST Software\Avast\ashbase.dll
17:16:34.0189 0x0e88 C:\Program Files\AVAST Software\Avast\ashbase.dll - ok
17:16:34.0189 0x0e88 [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E2 58C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
17:16:34.0189 0x0e88 C:\Windows\SysWOW64\mscoree.dll - ok
17:16:34.0189 0x0e88 [ F5DF6846F30E9F54EA60CCAEB3FB2055, 07B71E3AA36F90D3D6B60D56F51A524AC769DFD1233BADB76B 65874C7BCC5083 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco reei.dll
17:16:34.0189 0x0e88 C:\Windows\Microsoft.NET\Framework\v4.0.30319\msco reei.dll - ok
17:16:34.0204 0x0e88 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D254 0BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\imm32.dll - ok
17:16:34.0204 0x0e88 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7 BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\msctf.dll - ok
17:16:34.0204 0x0e88 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E77 4B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\ws2_32.dll - ok
17:16:34.0204 0x0e88 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD90 2752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\wsock32.dll - ok
17:16:34.0204 0x0e88 [ 1295338CFE6F249823EF9BC8D4368A84, DC59B56249F273F8B100A31CE760CFBB3130F2DAFDDF55361C FF23DC7CD73E03 ] C:\Windows\SysWOW64\crypt32.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\crypt32.dll - ok
17:16:34.0220 0x0e88 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF 52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
17:16:34.0220 0x0e88 C:\Windows\SysWOW64\nsi.dll - ok
17:16:34.0220 0x0e88 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF39348694 6DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
17:16:34.0220 0x0e88 C:\Windows\SysWOW64\psapi.dll - ok
17:16:34.0220 0x0e88 [ A7D79E9F660340AB20CD73F12910985F, FE2BEB8584D7F4757C21B40646C32CB1704FA2E22149269FC9 521E49506CA0EB ] C:\Windows\SysWOW64\wintrust.dll
17:16:34.0220 0x0e88 C:\Windows\SysWOW64\wintrust.dll - ok
17:16:34.0220 0x0e88 [ 4552F8F61A7975C2359D19673483604D, 781026AA232CAF96C13A1F231B92CC10B701FAB4C00A91D3A9 32F146FBFD51BC ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rwks.dll
17:16:34.0220 0x0e88 C:\Windows\Microsoft.NET\Framework\v2.0.50727\msco rwks.dll - ok
17:16:34.0220 0x0e88 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5 D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a 1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr 80.dll
17:16:34.0220 0x0e88 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a 1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr 80.dll - ok
17:16:34.0235 0x0e88 [ 29E9794708DF51DB5DC89FB2E903A0F6, 28EC3277102623A3562805E714A658197B9D04518EDF5DE028 C0CF00BFC8EC5E ] C:\Windows\SysWOW64\shell32.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\shell32.dll - ok
17:16:34.0235 0x0e88 [ 4691CF792835B106F326ABEAB6D72FA9, B1FD0D4FF282F69491F926CB8A3E881D41D1A0B2D740B78DCD 646E012A019D4D ] C:\Program Files\AVAST Software\Avast\CommChannel.dll
17:16:34.0235 0x0e88 C:\Program Files\AVAST Software\Avast\CommChannel.dll - ok
17:16:34.0235 0x0e88 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA51 3C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\msasn1.dll - ok
17:16:34.0235 0x0e88 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8C CF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\winhttp.dll - ok
17:16:34.0235 0x0e88 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC 4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\webio.dll - ok
17:16:34.0235 0x0e88 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE1 98ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\dnsapi.dll - ok
17:16:34.0251 0x0e88 [ F1DF7A6EC90DF8576F48155F117DB3EA, 94383C0F31A44E2713FD32A7BF9222EC937BB5F08771997AFE 0727F8BE27AAAF ] C:\Program Files\AVAST Software\Avast\avastIP.dll
17:16:34.0251 0x0e88 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
17:16:34.0251 0x0e88 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5 DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:16:34.0251 0x0e88 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:16:34.0251 0x0e88 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0 D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
17:16:34.0251 0x0e88 C:\Windows\SysWOW64\winnsi.dll - ok
17:16:34.0251 0x0e88 [ B1E4F9B0A1954765571EED3793AF201E, 04CCC15ECD2E795724E80113C7858B9E7F4F6E07845C19E50C 05901F86F14435 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
17:16:34.0251 0x0e88 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
17:16:34.0251 0x0e88 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0 FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
17:16:34.0251 0x0e88 C:\Windows\SysWOW64\setupapi.dll - ok
17:16:34.0267 0x0e88 [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F 7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:16:34.0267 0x0e88 [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24F D89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\oleaut32.dll - ok
17:16:34.0267 0x0e88 [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212 FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\devobj.dll - ok
17:16:34.0267 0x0e88 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71 A255C49325C082 ] C:\Windows\SysWOW64\version.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\version.dll - ok
17:16:34.0267 0x0e88 [ 8E87270C4704CF2951E1E7820D6C8A2B, 9018F87B323FD25D7E366F4F0F5C9796BFE54663367CE878F6 2B0973AFC9C3C8 ] C:\Windows\SysWOW64\wininet.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\wininet.dll - ok
17:16:34.0282 0x0e88 [ C516284DE6DB833E77CC0E5217CDC6AA, E2ACA3FA0F4352AE90C25541577FF8DAB826754F5024B9F25E B5419EBEA58F14 ] C:\Windows\SysWOW64\iertutil.dll
17:16:34.0282 0x0e88 C:\Windows\SysWOW64\iertutil.dll - ok
17:16:34.0282 0x0e88 [ 1408CF9B0DD2AAA80D8E7087C8A2E3BC, 7431A104AF720AA2E731A80ECAAC1E0048D3EE392FEECFF532 1B1018AF521647 ] C:\Windows\SysWOW64\urlmon.dll
17:16:34.0282 0x0e88 C:\Windows\SysWOW64\urlmon.dll - ok
17:16:34.0282 0x0e88 [ 5C5E3AFD499E5146FEF1DA5EF8A23205, 9A26FFAFFB26FA6549C6DA75F76238A903CA723F9DAD356FBA 8D91067FE312FD ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
17:16:34.0282 0x0e88 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
17:16:34.0282 0x0e88 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C 3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
17:16:34.0282 0x0e88 C:\Windows\SysWOW64\profapi.dll - ok
17:16:34.0282 0x0e88 [ C2335D714EFAFFFB4C7A3C164F2024B1, 36322B07FAD05A396642F3A349B48080076C23CFB4E95BABE2 84F6F7CBE5209D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\msc orlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni .dll
17:16:34.0282 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\msc orlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni .dll - ok
17:16:34.0298 0x0e88 [ DDA80A34B13954E47E599F2F72F68E74, 45591518008A410623B6D9BD5639A4D1A5687697D74DE2A09E 5BAB722574B571 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
17:16:34.0298 0x0e88 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
17:16:34.0298 0x0e88 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4 CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
17:16:34.0298 0x0e88 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:16:34.0298 0x0e88 [ B6C99FCE5C4FF4823D86F24A81526CAE, CD3D0F64BEB39ACA1A8EC1BF1550D85B3E5173C33791623C47 7ECAB3D05B5FDB ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
17:16:34.0298 0x0e88 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
17:16:34.0298 0x0e88 [ BCD8EAF0F0BE5A705966780FEB94FC14, 712E53E88455890938A2EFF1338D4DC54E5B3B3B9E05D6525C 0AB7F8DD7BBD00 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
17:16:34.0298 0x0e88 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
17:16:34.0298 0x0e88 [ 9B433CFD5C619F2AE1132BFC0258F56C, 1F34B382FEDC5D4748CAEA64F12D596FC665107F4292D3AA0E 4315A3D8F5D8CE ] C:\Program Files\AVAST Software\Avast\libeay32.dll
17:16:34.0298 0x0e88 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
17:16:34.0298 0x0e88 [ 169E83A575465D4AB1E727808FF89855, 27E06BF23B048D17389158BE48DB187E8A1C682172FF5ABB04 C8A333C744B637 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-conio-l1-1-0.dll
17:16:34.0298 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193e bbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-conio-l1-1-0.dll - ok
17:16:34.0313 0x0e88 [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B 8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\cryptsp.dll - ok
17:16:34.0313 0x0e88 [ 8CE1A6D16B9077E91E192499EB611C5F, 68BB66B40383F7CA04F314FECC12A346914139A64F72CAE791 B882B6CB8DC314 ] C:\Windows\SysWOW64\netapi32.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\netapi32.dll - ok
17:16:34.0313 0x0e88 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C69 6D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\netutils.dll - ok
17:16:34.0313 0x0e88 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E3 3C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\srvcli.dll - ok
17:16:34.0313 0x0e88 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2 869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\wkscli.dll - ok
17:16:34.0329 0x0e88 [ AC80DD9EE6FC380758A382D883FD868A, C0C93E4A5353E35C0D519C56D10F328BB8862E177FF9151860 671D4D1E475411 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
17:16:34.0329 0x0e88 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
17:16:34.0329 0x0e88 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE511 57E0F138257923 ] C:\Windows\System32\shsvcs.dll
17:16:34.0329 0x0e88 C:\Windows\System32\shsvcs.dll - ok
17:16:34.0329 0x0e88 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE 25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
17:16:34.0329 0x0e88 C:\Windows\SysWOW64\rsaenh.dll - ok
17:16:34.0329 0x0e88 [ D142DA59ED3800A12386123848F28A51, A877DF21602CD30A1F26EE8194BC95F20E23B5A540453884B3 6BCDC0F393E8DD ] C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
17:16:34.0329 0x0e88 C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll - ok
17:16:34.0329 0x0e88 [ 03334C77BDF15ACD094E4CE2A6457838, FA46758CEF9D834A08794101F2B766ED3603A3F1E0E1D1FB53 221B32D067A5BD ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
17:16:34.0329 0x0e88 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
17:16:34.0345 0x0e88 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0 CE5F629B328B29 ] C:\Windows\System32\drivers\fastfat.sys
17:16:34.0345 0x0e88 C:\Windows\System32\drivers\fastfat.sys - ok
17:16:34.0345 0x0e88 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200 E76609D32772EA ] C:\Windows\System32\fveapi.dll
17:16:34.0345 0x0e88 C:\Windows\System32\fveapi.dll - ok
17:16:34.0345 0x0e88 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA 05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
17:16:34.0345 0x0e88 C:\Windows\System32\fvecerts.dll - ok
17:16:34.0345 0x0e88 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658 F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
17:16:34.0345 0x0e88 C:\Windows\System32\tbs.dll - ok
17:16:34.0345 0x0e88 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160 D7C7DC6E717D65 ] C:\Windows\System32\drivers\cdfs.sys
17:16:34.0345 0x0e88 C:\Windows\System32\drivers\cdfs.sys - ok
17:16:34.0345 0x0e88 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D56 64908D8269113D ] C:\Windows\System32\wiarpc.dll
17:16:34.0345 0x0e88 C:\Windows\System32\wiarpc.dll - ok
17:16:34.0360 0x0e88 [ 90F14FB9AD3D094167D2DA235538C6E1, 0924518141E7425A26FC0C981FB7A69F4CD7469B173D5B3A09 2808526E89633D ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
17:16:34.0360 0x0e88 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
17:16:34.0360 0x0e88 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5 B922393B23E67B ] C:\Windows\System32\actxprxy.dll
17:16:34.0360 0x0e88 C:\Windows\System32\actxprxy.dll - ok
17:16:34.0360 0x0e88 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C 7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
17:16:34.0360 0x0e88 C:\Windows\SysWOW64\userenv.dll - ok
17:16:34.0360 0x0e88 [ 76DD41C0EEBBA165DC70D8716B243FAF, D3E2F4275B7E42DD89D6CCB9958E87BDED03A358EFF3AA8A94 695B7B54075D19 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
17:16:34.0360 0x0e88 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
17:16:34.0360 0x0e88 [ 51642F4281155298282A05C3DB6A7238, 33D5FD5ABCF2E4BE01360F7628E6C74FD051FA83647691CE28 CD13FF9A76C5CA ] C:\Program Files\AVAST Software\Avast\aswAux.dll
17:16:34.0360 0x0e88 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
17:16:34.0376 0x0e88 [ B2ED8ECD5371B5E28E724894C18E1CBB, C1EFB13F9EA57EE7F8C1526EA278AEA18D0766A00D4E8ADFAA 1E7B61473E235D ] C:\Program Files\AVAST Software\Avast\aswLog.dll
17:16:34.0376 0x0e88 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
17:16:34.0376 0x0e88 [ F4AC4469BE8734716222AE60F928EDFB, 16F55BDF1B2F00A4DFC4F3AAF5D40EC506D249170B368CFE69 020068E1758CA9 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
17:16:34.0376 0x0e88 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
17:16:34.0376 0x0e88 [ 9A2CBBDB6D3A0D000E7F98CEF3FE7AAC, 96980FD5D33DB372933727563CC9ABB7C0BDDA9EE3B7933FF5 042A0632ABD356 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
17:16:34.0376 0x0e88 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
17:16:34.0376 0x0e88 [ 0FBC5BEC87E89074FB0EC620924BB380, DF16CEDBC6E46A8C8755EEA75FC0B53DCFB25F1429C5BD5D40 69DBE485FB062B ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
17:16:34.0376 0x0e88 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
17:16:34.0376 0x0e88 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063 AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
17:16:34.0376 0x0e88 C:\Windows\System32\schedsvc.dll - ok
17:16:34.0391 0x0e88 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC 83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
17:16:34.0391 0x0e88 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
17:16:34.0391 0x0e88 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D 746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
17:16:34.0391 0x0e88 C:\Windows\System32\ktmw32.dll - ok
17:16:34.0391 0x0e88 [ D2BC4553B099DBDB5CB6BB4B8B731251, 78A4734E266C766C1D57970CF0307092BD0B02C069DAE468EE E5D6C404609F81 ] C:\Program Files\AVAST Software\Avast\event_manager.dll
17:16:34.0391 0x0e88 C:\Program Files\AVAST Software\Avast\event_manager.dll - ok
17:16:34.0391 0x0e88 [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1 F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
17:16:34.0391 0x0e88 C:\Windows\SysWOW64\wscapi.dll - ok
17:16:34.0391 0x0e88 [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC598 6D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
17:16:34.0391 0x0e88 C:\Windows\SysWOW64\wscisvif.dll - ok
17:16:34.0407 0x0e88 [ 317454337F9279341FF0EFEBC1E5A664, 9A6D0E53BB874105FAF3632E901A0D7FDF1411F214E3671E3A A5595BA3017A57 ] C:\Program Files\AVAST Software\Avast\event_manager_burger.dll
17:16:34.0407 0x0e88 C:\Program Files\AVAST Software\Avast\event_manager_burger.dll - ok
17:16:34.0407 0x0e88 [ 14F9C67EB950F86D465FD051C3355B34, 234BD5E0D4791B9CEE2F4113DCEA66621BFE4CA52BFAA0B93D B8D6FBA4405615 ] C:\Program Files\AVAST Software\Avast\burger_client.dll
17:16:34.0407 0x0e88 C:\Program Files\AVAST Software\Avast\burger_client.dll - ok
17:16:34.0407 0x0e88 [ 2166C7A753159F54D70BABF2BAC6CB47, 4DB831875075AC128F990A6657126A2D0FAF48E93C6C2F3C30 6CCBD90AB567C4 ] C:\Program Files\AVAST Software\Avast\gamification.dll
17:16:34.0407 0x0e88 C:\Program Files\AVAST Software\Avast\gamification.dll - ok
17:16:34.0407 0x0e88 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C19 78E434CE264D80 ] C:\Windows\System32\taskcomp.dll
17:16:34.0407 0x0e88 C:\Windows\System32\taskcomp.dll - ok
17:16:34.0407 0x0e88 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F7309 54F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
17:16:34.0407 0x0e88 C:\Windows\System32\drivers\http.sys - ok
17:16:34.0423 0x0e88 [ D162ECD90FA8B9BF1358033C207678D3, 60C82FD5E26B1118FBDF7C287B8BBC45D0ACB3E2E24E5CE4A1 EDB8186805C61E ] C:\Program Files\AVAST Software\Avast\event_manager_ga.dll
17:16:34.0423 0x0e88 C:\Program Files\AVAST Software\Avast\event_manager_ga.dll - ok
17:16:34.0423 0x0e88 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F87 8B7B82DB93C651 ] C:\Windows\System32\spoolsv.exe
17:16:34.0423 0x0e88 C:\Windows\System32\spoolsv.exe - ok
17:16:34.0423 0x0e88 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8 B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
17:16:34.0423 0x0e88 C:\Windows\System32\taskeng.exe - ok
17:16:34.0423 0x0e88 [ F93674263F6B07C77956E966953242D9, 0BEE8864DB2925A2B3B7CD76FCF9A4CA3757F4E4670BB2C3A3 105D5A591740CB ] C:\Windows\SysWOW64\secur32.dll
17:16:34.0423 0x0e88 C:\Windows\SysWOW64\secur32.dll - ok
17:16:34.0423 0x0e88 [ B92553A8B970F10A543F1C2584C2B323, 63585EFC2C80880569E7238FE1A5BFDD09E011869923B1D0EF D0312C46EBE654 ] C:\Program Files\AVAST Software\Avast\lim.dll
17:16:34.0423 0x0e88 C:\Program Files\AVAST Software\Avast\lim.dll - ok
17:16:34.0438 0x0e88 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A 7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
17:16:34.0438 0x0e88 C:\Windows\System32\BFE.DLL - ok
17:16:34.0438 0x0e88 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107 C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
17:16:34.0438 0x0e88 C:\Windows\System32\drivers\bowser.sys - ok
17:16:34.0438 0x0e88 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897F B684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
17:16:34.0438 0x0e88 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:16:34.0438 0x0e88 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE350207853 87F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
17:16:34.0438 0x0e88 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:16:34.0438 0x0e88 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD5 90580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
17:16:34.0438 0x0e88 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:16:34.0438 0x0e88 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435 CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
17:16:34.0454 0x0e88 C:\Windows\System32\MPSSVC.dll - ok
17:16:34.0454 0x0e88 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B676795 2DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6 975e2bd6f2b2\comctl32.dll
17:16:34.0454 0x0e88 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6 975e2bd6f2b2\comctl32.dll - ok
17:16:34.0454 0x0e88 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B772 0888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
17:16:34.0454 0x0e88 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:16:34.0454 0x0e88 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A24 4DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
17:16:34.0454 0x0e88 C:\Windows\System32\wkssvc.dll - ok
17:16:34.0454 0x0e88 [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37 D5958F28CB376E ] C:\Windows\System32\cryptsvc.dll
17:16:34.0454 0x0e88 C:\Windows\System32\cryptsvc.dll - ok
17:16:34.0454 0x0e88 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69 407B26402311C7 ] C:\Windows\System32\dps.dll
17:16:34.0454 0x0e88 C:\Windows\System32\dps.dll - ok
17:16:34.0469 0x0e88 [ A629E4799D4CD6361D1B5D573EA5C2CD, 0D62557BA9C081A3304C898FAADD596ED33271D266291917E1 CCBA6A0D52F901 ] C:\Windows\System32\drivers\aswHwid.sys
17:16:34.0469 0x0e88 C:\Windows\System32\drivers\aswHwid.sys - ok
17:16:34.0469 0x0e88 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD8056 50B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
17:16:34.0469 0x0e88 C:\Windows\System32\wfapigp.dll - ok
17:16:34.0469 0x0e88 [ 1D817D77C8EB600AB311AAC8E68B5A1A, A590C06EA3D8E5B7DC936887DE6BD6FABED2C03ADA69A6318E 3ABC23A33827AC ] C:\Windows\System32\cryptnet.dll
17:16:34.0469 0x0e88 C:\Windows\System32\cryptnet.dll - ok
17:16:34.0469 0x0e88 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8A FFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
17:16:34.0469 0x0e88 C:\Windows\System32\vssapi.dll - ok
17:16:34.0469 0x0e88 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD 93876363D4B857 ] C:\Windows\System32\taskschd.dll
17:16:34.0469 0x0e88 C:\Windows\System32\taskschd.dll - ok
17:16:34.0485 0x0e88 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A44 37067BD4BC4448 ] C:\Windows\System32\mscms.dll
17:16:34.0485 0x0e88 C:\Windows\System32\mscms.dll - ok
17:16:34.0485 0x0e88 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE 5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
17:16:34.0485 0x0e88 C:\Windows\System32\vsstrace.dll - ok
17:16:34.0485 0x0e88 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F9 3925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
17:16:34.0485 0x0e88 C:\Windows\System32\pcasvc.dll - ok
17:16:34.0485 0x0e88 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C02 09155BFB76C630 ] C:\Windows\System32\snmptrap.exe
17:16:34.0485 0x0e88 C:\Windows\System32\snmptrap.exe - ok
17:16:34.0485 0x0e88 [ 1B9100ACCFC9FD8B1D991F4BB80EC401, 9A6EEC7A052C02FBA6FC6B675BA5C5FBD0C6CE796AAB2F5341 50E6D170E1D568 ] C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
17:16:34.0485 0x0e88 C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe - ok
17:16:34.0501 0x0e88 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A3398 3E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
17:16:34.0501 0x0e88 C:\Windows\System32\FDResPub.dll - ok
17:16:34.0501 0x0e88 [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B14 97F1613917CCDE ] C:\Windows\System32\WSDApi.dll
17:16:34.0501 0x0e88 C:\Windows\System32\WSDApi.dll - ok
17:16:34.0501 0x0e88 [ 10EAB90C1AE8271B5FE5A8930987EE5C, 53E72964AA75526B161F859A509CB046809AE47C65DC998F0E 49AC8AED9066EA ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
17:16:34.0501 0x0e88 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
17:16:34.0501 0x0e88 [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090 BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
17:16:34.0501 0x0e88 C:\Windows\System32\webservices.dll - ok
17:16:34.0501 0x0e88 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F 212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
17:16:34.0501 0x0e88 C:\Windows\System32\sstpsvc.dll - ok
17:16:34.0516 0x0e88 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4 021101EE424F74 ] C:\Windows\System32\fundisc.dll
17:16:34.0516 0x0e88 C:\Windows\System32\fundisc.dll - ok
17:16:34.0516 0x0e88 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62 031CB007CFC208 ] C:\Windows\System32\provsvc.dll
17:16:34.0516 0x0e88 C:\Windows\System32\provsvc.dll - ok
17:16:34.0516 0x0e88 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079D CCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
17:16:34.0516 0x0e88 C:\Windows\SysWOW64\dbghelp.dll - ok
17:16:34.0516 0x0e88 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2 C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
17:16:34.0516 0x0e88 C:\Windows\System32\winhttp.dll - ok
17:16:34.0516 0x0e88 [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7 199AF764FD9A36 ] C:\Windows\System32\webio.dll
17:16:34.0516 0x0e88 C:\Windows\System32\webio.dll - ok
17:16:34.0516 0x0e88 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76 ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
17:16:34.0516 0x0e88 C:\Windows\SysWOW64\Wldap32.dll - ok
17:16:34.0532 0x0e88 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F60 6A16768A11DB0C ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
17:16:34.0532 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe - ok
17:16:34.0532 0x0e88 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE 6D23797A36B406 ] C:\Windows\System32\IKEEXT.DLL
17:16:34.0532 0x0e88 C:\Windows\System32\IKEEXT.DLL - ok
17:16:34.0532 0x0e88 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D 27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
17:16:34.0532 0x0e88 C:\Windows\System32\httpapi.dll - ok
17:16:34.0532 0x0e88 [ 8999B8631C7FD9F7F9EC3CAFD953BA24, 4E96D3EACCB1EF7DC429CAF433C2D4A0A129333B9AB10A05C3 2CA33C67DC26FA ] C:\Windows\SysWOW64\mswsock.dll
17:16:34.0532 0x0e88 C:\Windows\SysWOW64\mswsock.dll - ok
17:16:34.0532 0x0e88 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E78 88702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
17:16:34.0532 0x0e88 C:\Windows\SysWOW64\NapiNSP.dll - ok
17:16:34.0547 0x0e88 [ 104A1070E90F1C530328E69B49718841, C5EBDD404F92E185467C390CC30DB4BD7BE0193536DD570827 7662D4B0EA38D1 ] C:\Windows\SysWOW64\nlaapi.dll
17:16:34.0547 0x0e88 C:\Windows\SysWOW64\nlaapi.dll - ok
17:16:34.0547 0x0e88 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FD C7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
17:16:34.0547 0x0e88 C:\Windows\SysWOW64\pnrpnsp.dll - ok
17:16:34.0547 0x0e88 [ 12B79422A23814429CDA9E734C58F78F, 88D8EBB4815896921ED88BC46E8C37844FB8C62CD05F507BFC F9825EBC9607DE ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
17:16:34.0547 0x0e88 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
17:16:34.0547 0x0e88 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9 F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
17:16:34.0547 0x0e88 C:\Windows\SysWOW64\winrnr.dll - ok
17:16:34.0547 0x0e88 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1 138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
17:16:34.0547 0x0e88 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:16:34.0563 0x0e88 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C9 1AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
17:16:34.0563 0x0e88 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
17:16:34.0563 0x0e88 [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056 CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
17:16:34.0563 0x0e88 C:\Windows\System32\vpnikeapi.dll - ok
17:16:34.0563 0x0e88 [ B3273340603058E7E89964ABEEA0AA4B, 5AB86C45636CBB3A1F5B6E45D0E2371AACF66C8D990456AAA9 F7FBFF58F4D673 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll
17:16:34.0563 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll - ok
17:16:34.0563 0x0e88 [ A8FCEB6261751B709A84CE4A3726439F, E3A6D61A625DD9FCC53D8037287666F2F02D74100BAA4A14D9 E81B50622ED838 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\Qt5Core.dll
17:16:34.0563 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\Qt5Core.dll - ok
17:16:34.0563 0x0e88 [ 650F2286252C8854AC5846940D181D3A, 636B3050F412041415326D91C36407A952AF7E04024B2BB885 177D23095555C7 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcp100.dll
17:16:34.0563 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcp100.dll - ok
17:16:34.0579 0x0e88 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8 FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
17:16:34.0579 0x0e88 C:\Windows\SysWOW64\mpr.dll - ok
17:16:34.0579 0x0e88 [ 005F96C221719C03671C0262A4A93521, 2B2B71887F1889BB7E716477A7E1778707AC22E7FA0876BAE3 F0BC4EFF3EDEDE ] C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcr100.dll
17:16:34.0579 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcr100.dll - ok
17:16:34.0579 0x0e88 [ 51B5BEA5015B2E37C4F4D496441F8369, 8D2C0C7CB9F3C9687354BE1F2928D38FB5D99E85073D444A68 091DB865B454E7 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll
17:16:34.0579 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll - ok
17:16:34.0579 0x0e88 [ B2DB6ABA2E292235749B80A9C3DFA867, 92BCB678E2D0A7A9C15A74B41846D8723B96E37181407C0E8A 56C7105659AAF3 ] C:\Windows\SysWOW64\imagehlp.dll
17:16:34.0579 0x0e88 C:\Windows\SysWOW64\imagehlp.dll - ok
17:16:34.0579 0x0e88 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F738 6FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
17:16:34.0579 0x0e88 C:\Windows\SysWOW64\cscapi.dll - ok
17:16:34.0579 0x0e88 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A 76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
17:16:34.0579 0x0e88 C:\Windows\System32\drivers\PEAuth.sys - ok
17:16:34.0594 0x0e88 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6D C1790ADF1F2AA8 ] C:\Windows\System32\nlasvc.dll
17:16:34.0594 0x0e88 C:\Windows\System32\nlasvc.dll - ok
17:16:34.0594 0x0e88 [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781A C6F777A081E5CC ] C:\Windows\System32\aepic.dll
17:16:34.0594 0x0e88 C:\Windows\System32\aepic.dll - ok
17:16:34.0594 0x0e88 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4 E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
17:16:34.0594 0x0e88 C:\Windows\System32\drivers\secdrv.sys - ok
17:16:34.0594 0x0e88 [ 4A435F95B940E93A88FEC144BD409789, 12775F6F54AD9BCBCD4F91F371D8911772CA7B14316DAFFDC2 8B971D1FDCC182 ] C:\Windows\System32\ncsi.dll
17:16:34.0594 0x0e88 C:\Windows\System32\ncsi.dll - ok
17:16:34.0594 0x0e88 [ C6CC9297BD53E5229653303E556AA539, 921E21EDED244FEE15B56564B97C97785F45AB862C1012BFA0 B96B121DC90076 ] C:\Windows\System32\drivers\Sftfslh.sys
17:16:34.0594 0x0e88 C:\Windows\System32\drivers\Sftfslh.sys - ok
17:16:34.0610 0x0e88 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49 A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
17:16:34.0610 0x0e88 C:\Windows\System32\sfc.dll - ok
17:16:34.0610 0x0e88 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FE E9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
17:16:34.0610 0x0e88 C:\Windows\System32\sfc_os.dll - ok
17:16:34.0610 0x0e88 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBA A6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
17:16:34.0610 0x0e88 C:\Windows\System32\ssdpapi.dll - ok
17:16:34.0610 0x0e88 [ 390AA7BC52CEE43F6790CDEA1E776703, 0D008289E4B14EF56D5233B7C8C789A36503FBAA8896660776 557D6F08808FA7 ] C:\Windows\System32\drivers\Sftplaylh.sys
17:16:34.0610 0x0e88 C:\Windows\System32\drivers\Sftplaylh.sys - ok
17:16:34.0610 0x0e88 [ C3CDDD18F43D44AB713CF8C4916F7696, 38093295825AFDD08D7E32CC4EF2A6C447F6D6E3C6F7EA5554 C25E7C3F16FC92 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:16:34.0610 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
17:16:34.0625 0x0e88 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F 5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a 1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp 90.dll
17:16:34.0625 0x0e88 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a 1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp 90.dll - ok
17:16:34.0625 0x0e88 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891 D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a 1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr 90.dll
17:16:34.0625 0x0e88 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a 1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr 90.dll - ok
17:16:34.0625 0x0e88 [ BDAC1AA64495D0F7E1FF810EBBF1F018, 7920E2381307574C5C4562CF1FF8F79F91204102051FCD708F A4E6A941422084 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec8 3dffa859149af\comctl32.dll
17:16:34.0625 0x0e88 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec8 3dffa859149af\comctl32.dll - ok
17:16:34.0625 0x0e88 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8E C5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
17:16:34.0625 0x0e88 C:\Windows\System32\TSChannel.dll - ok
17:16:34.0625 0x0e88 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F4 0A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
17:16:34.0625 0x0e88 C:\Windows\SysWOW64\apphelp.dll - ok
17:16:34.0641 0x0e88 [ 283E10FD63971145CC1E750FFA46180E, 171325C52CE4EC615CC8567F042F74473AAE98186FCF29CDCE C87D1353AB3455 ] C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
17:16:34.0641 0x0e88 C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe - ok
17:16:34.0641 0x0e88 [ BF45D1E087B701D5215EBE57E2EDCA47, 8A2207875FC4DA02CDFAA6EC7FF36A7AC3DDFFA9C42E00288E 834175219A64B3 ] C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
17:16:34.0641 0x0e88 C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe - ok
17:16:34.0641 0x0e88 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF3 9FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
17:16:34.0641 0x0e88 C:\Windows\System32\drivers\srvnet.sys - ok
17:16:34.0641 0x0e88 [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8 B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
17:16:34.0641 0x0e88 C:\Windows\SysWOW64\credssp.dll - ok
17:16:34.0641 0x0e88 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080 005F2D82467784 ] C:\Windows\System32\drivers\tcpipreg.sys
17:16:34.0641 0x0e88 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:16:34.0657 0x0e88 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C3 35B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
17:16:34.0657 0x0e88 C:\Windows\System32\sysmain.dll - ok
17:16:34.0657 0x0e88 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E64072 19F2E866905D9B ] C:\Windows\System32\TODDSrv.exe
17:16:34.0657 0x0e88 C:\Windows\System32\TODDSrv.exe - ok
17:16:34.0657 0x0e88 [ 1C73689B900428C7D054A41C4687F55C, 6DD3CDC09E4A62F40A81872789A5C8678C0FE23DD911C2951D FF5494B6BFC012 ] C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
17:16:34.0657 0x0e88 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe - ok
17:16:34.0657 0x0e88 [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328 675500D629CB87 ] C:\Windows\System32\aeevts.dll
17:16:34.0657 0x0e88 C:\Windows\System32\aeevts.dll - ok
17:16:34.0657 0x0e88 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6 C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
17:16:34.0657 0x0e88 C:\Windows\SysWOW64\clbcatq.dll - ok
17:16:34.0672 0x0e88 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172 F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
17:16:34.0672 0x0e88 C:\Windows\SysWOW64\wship6.dll - ok
17:16:34.0672 0x0e88 [ D1103CFC8D7EA09ED22536EC301603F9, F49A2BA93B076019A5FC687B0814242C77766370ECD34926AF 6F3BF758F21F5E ] C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll
17:16:34.0672 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll - ok
17:16:34.0672 0x0e88 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E, CB6EB39DE8D0D72931ABC8D627C96C7FCAFB454E3C6153A553 372808DC0F234C ] C:\Program Files\Toshiba\Power Saver\TPwrReg.dll
17:16:34.0672 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrReg.dll - ok
17:16:34.0672 0x0e88 [ DF5246F51E8557E20D40B3641CAE57B7, 997FE1AFF8E3D8F16BC4ED6E90AC37C8DEA270A6227341F7B0 061D72FFFCF937 ] C:\Program Files\Toshiba\Power Saver\TtosFunc.dll
17:16:34.0672 0x0e88 C:\Program Files\Toshiba\Power Saver\TtosFunc.dll - ok
17:16:34.0672 0x0e88 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B 5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
17:16:34.0672 0x0e88 C:\Windows\SysWOW64\taskschd.dll - ok
17:16:34.0688 0x0e88 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC9 3906E76B707C4D ] C:\Windows\System32\winspool.drv
17:16:34.0688 0x0e88 C:\Windows\System32\winspool.drv - ok
17:16:34.0688 0x0e88 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB 86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
17:16:34.0688 0x0e88 C:\Windows\System32\trkwks.dll - ok
17:16:34.0688 0x0e88 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58 C1B61C422BF0B9 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:16:34.0688 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
17:16:34.0688 0x0e88 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D8 2C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
17:16:34.0688 0x0e88 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:16:34.0688 0x0e88 [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CC BCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
17:16:34.0688 0x0e88 C:\Windows\System32\wbem\WinMgmtR.dll - ok
17:16:34.0703 0x0e88 [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C 3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
17:16:34.0703 0x0e88 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
17:16:34.0703 0x0e88 [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8 B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
17:16:34.0703 0x0e88 C:\Windows\SysWOW64\xmllite.dll - ok
17:16:34.0703 0x0e88 [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F2 4408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
17:16:34.0703 0x0e88 C:\Windows\System32\wbem\wbemcore.dll - ok
17:16:34.0703 0x0e88 [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3 D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
17:16:34.0703 0x0e88 C:\Windows\System32\wbem\fastprox.dll - ok
17:16:34.0703 0x0e88 [ 807B6562009E5858C93E1C0F435C0382, 7E523EC452BEDBDA6164B28F43B6210E07F32EC5A8663609B5 9FD75B8529BABB ] C:\Windows\SysWOW64\netbios.dll
17:16:34.0703 0x0e88 C:\Windows\SysWOW64\netbios.dll - ok
17:16:34.0719 0x0e88 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BA FD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
17:16:34.0719 0x0e88 C:\Windows\System32\ntdsapi.dll - ok
17:16:34.0719 0x0e88 [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB2543 4CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
17:16:34.0719 0x0e88 C:\Windows\System32\wbem\esscli.dll - ok
17:16:34.0719 0x0e88 [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C23 54B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
17:16:34.0719 0x0e88 C:\Windows\SysWOW64\wbemcomn.dll - ok
17:16:34.0719 0x0e88 [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961 001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
17:16:34.0719 0x0e88 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
17:16:34.0719 0x0e88 [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE8 8D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
17:16:34.0719 0x0e88 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:16:34.0735 0x0e88 [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF32 1AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
17:16:34.0735 0x0e88 C:\Windows\System32\wbem\wmiutils.dll - ok
17:16:34.0735 0x0e88 [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE 294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
17:16:34.0735 0x0e88 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
17:16:34.0735 0x0e88 [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825 F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
17:16:34.0735 0x0e88 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:16:34.0735 0x0e88 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE 806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
17:16:34.0735 0x0e88 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
17:16:34.0735 0x0e88 [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60B A7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
17:16:34.0735 0x0e88 C:\Windows\System32\SensApi.dll - ok
17:16:34.0750 0x0e88 [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC551 55C18C60166BEE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
17:16:34.0750 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
17:16:34.0750 0x0e88 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24E BBAF5408FE8B8B ] C:\Windows\System32\wer.dll
17:16:34.0750 0x0e88 C:\Windows\System32\wer.dll - ok
17:16:34.0750 0x0e88 [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466 FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
17:16:34.0750 0x0e88 C:\Windows\SysWOW64\ntdsapi.dll - ok
17:16:34.0750 0x0e88 [ C78761C2A5475EA16ADCD438CC17841F, 2EC81397DE7BEF39EA1E1758FE778A0A31C8D04B6AD76D9C09 17D95808366A70 ] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
17:16:34.0750 0x0e88 C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe - ok
17:16:34.0750 0x0e88 [ 8A188C747E3F1A8BBABEA5BFCBDA09F6, CCA982136EB5F317389F1224C32AF46051080E8A98B3261489 ECD380AE14D2B3 ] C:\ProgramData\Microsoft\IdentityCRL\production\pp crlconfig600.dll
17:16:34.0750 0x0e88 C:\ProgramData\Microsoft\IdentityCRL\production\pp crlconfig600.dll - ok
17:16:34.0766 0x0e88 [ 0B2D65FDDE31069299AA6330F359FF9C, BCD10102D583048447155B5E5C563F92110DE2614FB5B3032C EFE37ED0A14B54 ] C:\Windows\System32\msxml3.dll
17:16:34.0766 0x0e88 C:\Windows\System32\msxml3.dll - ok
17:16:34.0766 0x0e88 [ C6B11F84B5AF59DD5B797A69A47C3736, 77B7E9C2CECCF29FF39B51DEAAE18132E0FBD2C333DD419AB5 B594651A92AFFD ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswEngin.dll
17:16:34.0766 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswEngin.dll - ok
17:16:34.0766 0x0e88 [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367 CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
17:16:34.0766 0x0e88 C:\Windows\SysWOW64\powrprof.dll - ok
17:16:34.0766 0x0e88 [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E93204 7C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:16:34.0766 0x0e88 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:16:34.0766 0x0e88 [ 392DD992343AD7A53AD1791A4AC05C6A, 2C72FF0A3E4A3CF9E954D59DA162C47B0C73BE38306DB98D71 59DF22A2C9EF8A ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnIS.dll
17:16:34.0766 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnIS.dll - ok
17:16:34.0781 0x0e88 [ 9F30D0686CF2403A735B85D0A72FE712, D595CAD952B9AB9498B035A8325C0F10560BA67C8192532689 C74B7F5AB99C5F ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnOS.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnOS.dll - ok
17:16:34.0781 0x0e88 [ 2500700B5A9957821B06DD7CA8FF8CDA, 975EF58475C13BC83E6718CD262B2F65750923E529F5864BD4 440BA92A81571B ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnBS.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnBS.dll - ok
17:16:34.0781 0x0e88 [ 73F9C84DDA74BD5C9A6B9817166BBC1A, 437FE267DC34FB25658B88DD322351C710E6A566A49080E1CE D90D02719FEDAA ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswRep.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswRep.dll - ok
17:16:34.0781 0x0e88 [ CA465E066130081BB5F6B73D585E1147, 1BC87FC69100E2A5342079671777E0BD8979B480AD9B6AF783 102EEE36DF9F8D ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswScan.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswScan.dll - ok
17:16:34.0781 0x0e88 [ E6A9D5762372FA802DA429C1757B84C3, A91AC2706D368294679F49D25F3D278203A991A8A4C583D3B2 6FAC87602E0BF1 ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswFiDb.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswFiDb.dll - ok
17:16:34.0797 0x0e88 [ DA13A9B1C81C2DE7A815D5910509EE9E, 7221D6BF6D70CC672A04F55196DEEF3F579C5C19FF79B071CF BDFEC0A39C539E ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswCleanerDLL.dll
17:16:34.0797 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswCleanerDLL.dll - ok
17:16:34.0797 0x0e88 [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD73 91C0145961628F ] C:\Windows\System32\ncobjapi.dll
17:16:34.0797 0x0e88 C:\Windows\System32\ncobjapi.dll - ok
17:16:34.0797 0x0e88 [ 2A46FFE841EC43001D5A293A54DB34DE, 8ED96FA434B48B0C1772195ED477536960C84CAFCE9A9A4354 3DFFA85483B00D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
17:16:34.0797 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
17:16:34.0797 0x0e88 [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1 DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
17:16:34.0797 0x0e88 C:\Windows\System32\wbem\wbemess.dll - ok
17:16:34.0797 0x0e88 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31 CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
17:16:34.0797 0x0e88 C:\Windows\System32\dllhost.exe - ok
17:16:34.0813 0x0e88 [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8 320FAE948531EB ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d 6a923711520a9\comctl32.dll
17:16:34.0813 0x0e88 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d 6a923711520a9\comctl32.dll - ok
17:16:34.0813 0x0e88 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E5695066 1B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
17:16:34.0813 0x0e88 C:\Windows\System32\IDStore.dll - ok
17:16:34.0813 0x0e88 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D56 2BE43726153951 ] C:\Windows\System32\mpr.dll
17:16:34.0813 0x0e88 C:\Windows\System32\mpr.dll - ok
17:16:34.0813 0x0e88 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F 764E11E1382CF9 ] C:\Windows\System32\userinit.exe
17:16:34.0813 0x0e88 C:\Windows\System32\userinit.exe - ok
17:16:34.0813 0x0e88 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E9 7F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
17:16:34.0813 0x0e88 C:\Windows\System32\dwm.exe - ok
17:16:34.0828 0x0e88 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E 19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
17:16:34.0828 0x0e88 C:\Windows\System32\dwmcore.dll - ok
17:16:34.0828 0x0e88 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA4 9692AA05F40527 ] C:\Windows\System32\dwmredir.dll
17:16:34.0828 0x0e88 C:\Windows\System32\dwmredir.dll - ok
17:16:34.0828 0x0e88 [ E1374D37477322D4956604711008C69D, 52350DBA14343DBAB3019FF67A7F8ED8A53D1085C1A3F1B4AE 9110F7407F4256 ] C:\Windows\System32\d3d10_1.dll
17:16:34.0828 0x0e88 C:\Windows\System32\d3d10_1.dll - ok
17:16:34.0828 0x0e88 [ 426BA4E737A7988FD1202AF2F2B2F4A6, 3E84B1EF044C157B7B228AE86A4466BC7E24B2D85F07636D01 19041E3D630A2F ] C:\Windows\System32\d3d10_1core.dll
17:16:34.0828 0x0e88 C:\Windows\System32\d3d10_1core.dll - ok
17:16:34.0828 0x0e88 [ F404E59DB6A0F122AB26BF4F3E2FD0FA, 47F30401D86006821475F911A3D5E9B23571F6A8B4A9942891 298E33D070D5D5 ] C:\Windows\System32\dxgi.dll
17:16:34.0828 0x0e88 C:\Windows\System32\dxgi.dll - ok
17:16:34.0828 0x0e88 [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9 DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
17:16:34.0828 0x0e88 C:\Windows\explorer.exe - ok
17:16:34.0844 0x0e88 [ F5138EEC090C296CF6FB6C6C19BE1D9E, 378942AF1511755F2BBB580916C7F1710D57EBE3FB132229AF 638F8B4126885B ] C:\Windows\System32\igd10umd64.dll
17:16:34.0844 0x0e88 C:\Windows\System32\igd10umd64.dll - ok
17:16:34.0844 0x0e88 [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7F F8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
17:16:34.0844 0x0e88 C:\Windows\System32\uDWM.dll - ok
17:16:34.0844 0x0e88 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476 CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
17:16:34.0844 0x0e88 C:\Windows\SysWOW64\uxtheme.dll - ok
17:16:34.0844 0x0e88 [ 26A68554F95A344B62E5771AF598E0E8, DF6448B78AD471A216E2D38DCF248CD7416A2A3A1C580680B9 D4ACC44E9046E2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
17:16:34.0844 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\Sys tem\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok
17:16:34.0844 0x0e88 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3 418A1CF0BC53E9 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:16:34.0844 0x0e88 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
17:16:34.0859 0x0e88 [ AFB5B500AD69E24ED1BC15D1161641EF, C8EE01224FA8020DAE6F9BCE2FD88EDC2441164393ED6E68DA A1EA0B8190276F ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
17:16:34.0859 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
17:16:34.0859 0x0e88 [ 659127E6E134013FD6CFFCAFBECEFA70, D82F56B823B7281B11A82E2F54FFE3811BB14C2456EA93036C 9B18E65DF02007 ] C:\Program Files\AVAST Software\Avast\defs\17041812\algo.dll
17:16:34.0859 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\algo.dll - ok
17:16:34.0859 0x0e88 [ 89B89AE23491F5D4E338499A3D568269, 8E8230EA733075EB8700E92F07DAB29CC5729D67CEEF75197B C91515EE4C0A8F ] C:\Windows\System32\localspl.dll
17:16:34.0859 0x0e88 C:\Windows\System32\localspl.dll - ok
17:16:34.0859 0x0e88 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBC C86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
17:16:34.0859 0x0e88 C:\Windows\System32\rasadhlp.dll - ok
17:16:34.0859 0x0e88 [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987 E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
17:16:34.0859 0x0e88 C:\Windows\System32\spoolss.dll - ok
17:16:34.0875 0x0e88 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D 5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
17:16:34.0875 0x0e88 C:\Windows\SysWOW64\ntmarta.dll - ok
17:16:34.0875 0x0e88 [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC 5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
17:16:34.0875 0x0e88 C:\Windows\SysWOW64\rasapi32.dll - ok
17:16:34.0875 0x0e88 [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E5780 2A3B5638C09283 ] C:\Windows\System32\dssenh.dll
17:16:34.0875 0x0e88 C:\Windows\System32\dssenh.dll - ok
17:16:34.0875 0x0e88 [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D 0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
17:16:34.0875 0x0e88 C:\Windows\System32\FXSMON.dll - ok
17:16:34.0875 0x0e88 [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F 3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
17:16:34.0875 0x0e88 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:16:34.0891 0x0e88 [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7 E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
17:16:34.0891 0x0e88 C:\Windows\System32\tcpmon.dll - ok
17:16:34.0891 0x0e88 [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD38 54EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
17:16:34.0891 0x0e88 C:\Windows\SysWOW64\rasman.dll - ok
17:16:34.0891 0x0e88 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA 7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
17:16:34.0891 0x0e88 C:\Windows\SysWOW64\rtutils.dll - ok
17:16:34.0891 0x0e88 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D638 17D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
17:16:34.0891 0x0e88 C:\Windows\SysWOW64\SensApi.dll - ok
17:16:34.0891 0x0e88 [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA 4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
17:16:34.0891 0x0e88 C:\Windows\System32\snmpapi.dll - ok
17:16:34.0891 0x0e88 [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C1 3E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
17:16:34.0891 0x0e88 C:\Windows\System32\wsnmp32.dll - ok
17:16:34.0906 0x0e88 [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D 85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
17:16:34.0906 0x0e88 C:\Windows\System32\usbmon.dll - ok
17:16:34.0906 0x0e88 [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE 1E376052176BAB ] C:\Windows\System32\WSDMon.dll
17:16:34.0906 0x0e88 C:\Windows\System32\WSDMon.dll - ok
17:16:34.0906 0x0e88 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A 0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:16:34.0906 0x0e88 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:16:34.0906 0x0e88 [ 29CA5974FAB0E8AE4AA7814FE05CF832, ADE54D406AAB7C364851AAD278A569426C9ADD4F7FB543BB08 428CED963BF541 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:16:34.0906 0x0e88 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:16:34.0906 0x0e88 [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638 F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
17:16:34.0906 0x0e88 C:\Windows\System32\fdPnp.dll - ok
17:16:34.0922 0x0e88 [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DC ABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dl l
17:16:34.0922 0x0e88 C:\Windows\System32\spool\prtprocs\x64\winprint.dl l - ok
17:16:34.0922 0x0e88 [ 2AC11BE0F5D9A01433732AAB8BA21774, 523B2D6516CB4BC86F2D9C7129D0F2C976F2EC93A1382E3FA0 43B0B54E7B7F09 ] C:\Windows\System32\win32spl.dll
17:16:34.0922 0x0e88 C:\Windows\System32\win32spl.dll - ok
17:16:34.0922 0x0e88 [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403 D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
17:16:34.0922 0x0e88 C:\Windows\System32\inetpp.dll - ok
17:16:34.0922 0x0e88 [ AA2D8BB9C6F0963A4FB7C3D596CEC0E2, AC64F9897A0910F0386F39D961C67D7FEB9F782243D4369B80 377A3F5C29744E ] C:\Program Files\AVAST Software\Avast\aswSecDns.dll
17:16:34.0922 0x0e88 C:\Program Files\AVAST Software\Avast\aswSecDns.dll - ok
17:16:34.0922 0x0e88 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9 054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
17:16:34.0922 0x0e88 C:\Windows\System32\cscapi.dll - ok
17:16:34.0937 0x0e88 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769 251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
17:16:34.0937 0x0e88 C:\Windows\SysWOW64\fltLib.dll - ok
17:16:34.0937 0x0e88 [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111 AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
17:16:34.0937 0x0e88 C:\Windows\SysWOW64\winsta.dll - ok
17:16:34.0937 0x0e88 [ 46F12E67EF52F2FF1E8722621E1752D3, 6D1FA5D14DD5DEDE0480C9792FC334F4E0B2D20BD81A24EB14 5A141FB55E9BCD ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
17:16:34.0937 0x0e88 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
17:16:34.0937 0x0e88 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041 262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
17:16:34.0937 0x0e88 C:\Windows\SysWOW64\winspool.drv - ok
17:16:34.0937 0x0e88 [ 06B565DDB92457D4F359B526654EC527, 40FAC8DC19D3101E36884831C7D03185A1A5ADD40DE7DE7E84 31FF1A3A88B84D ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
17:16:34.0937 0x0e88 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
17:16:34.0953 0x0e88 [ 2D4A4C8537BBA2E157EDB58E0582F23C, 581386F9E9B379E6B674C02429F2EFD318E2B541CDC3687ABB 917C975ECCBE31 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
17:16:34.0953 0x0e88 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
17:16:34.0953 0x0e88 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289 E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\comdlg32.dll - ok
17:16:34.0953 0x0e88 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB2 2DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\winmm.dll - ok
17:16:34.0953 0x0e88 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F 82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\sfc.dll - ok
17:16:34.0953 0x0e88 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D0 9086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\sfc_os.dll - ok
17:16:34.0953 0x0e88 [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C 56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\Faultrep.dll - ok
17:16:34.0969 0x0e88 [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88 352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
17:16:34.0969 0x0e88 C:\Windows\SysWOW64\olepro32.dll - ok
17:16:34.0969 0x0e88 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE16 4A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
17:16:34.0969 0x0e88 C:\Windows\SysWOW64\propsys.dll - ok
17:16:34.0969 0x0e88 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A2 3C4978F2974767 ] C:\Windows\System32\iphlpsvc.dll
17:16:34.0969 0x0e88 C:\Windows\System32\iphlpsvc.dll - ok
17:16:34.0969 0x0e88 [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A 03B595733AEBC2 ] C:\Windows\SysWOW64\security.dll
17:16:34.0969 0x0e88 C:\Windows\SysWOW64\security.dll - ok
17:16:34.0969 0x0e88 [ AA376FE53D239EC404AD28AA14F33564, D65673BD31C4727861B79497B80EE461B48EBFBEEF8FA002C0 CDEA966B7EC71D ] C:\Windows\SysWOW64\srclient.dll
17:16:34.0969 0x0e88 C:\Windows\SysWOW64\srclient.dll - ok
17:16:34.0984 0x0e88 [ 13693B6354DD6E72DC5131DA7D764B90, 447EFDA7CFB1F62EA316219D996406C8DC374097DB903F362D 6E945227D8BB2D ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:16:34.0984 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
17:16:34.0984 0x0e88 [ 971A36C4827AD1AE2A54E6407478921A, 22FC1DD7476F6A9E8C6272D982F2F10600AE97D2157C8531EA 2F4C7874E6D24D ] C:\Windows\SysWOW64\spp.dll
17:16:34.0984 0x0e88 C:\Windows\SysWOW64\spp.dll - ok
17:16:34.0984 0x0e88 [ 6177E1A8F215576A56D437B48A00848B, B38B4550B67A053EEB3F863986440A6BCD85DF8B1A138F2845 A4ABA0C6F06069 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
17:16:34.0984 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
17:16:34.0984 0x0e88 [ 295E1F2BC1AFDAFD98FF426BCE524BA9, 642DFF6C6AAF54D6A4B6A192FD016068FED63312CB8E3C2836 38A5D044B85538 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
17:16:34.0984 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
17:16:34.0984 0x0e88 [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7 588904D489CB9F ] C:\Windows\System32\sqmapi.dll
17:16:34.0984 0x0e88 C:\Windows\System32\sqmapi.dll - ok
17:16:35.0000 0x0e88 [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08 E6B253855A01CA ] C:\Windows\SysWOW64\vssapi.dll
17:16:35.0000 0x0e88 C:\Windows\SysWOW64\vssapi.dll - ok
17:16:35.0000 0x0e88 [ A733CC986EB51F8FBF598B981DC19FBA, BDDCF486C6E0CC96DE744587A22125A1EADB134581ED2E876D 183E8EDA7B7F9C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
17:16:35.0000 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
17:16:35.0000 0x0e88 [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C 9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
17:16:35.0000 0x0e88 C:\Windows\System32\wdscore.dll - ok
17:16:35.0000 0x0e88 [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893 CCDA8D907BA946 ] C:\Windows\System32\nci.dll
17:16:35.0000 0x0e88 C:\Windows\System32\nci.dll - ok
17:16:35.0000 0x0e88 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D1 69C869DE8813B9 ] C:\Windows\System32\netprofm.dll
17:16:35.0000 0x0e88 C:\Windows\System32\netprofm.dll - ok
17:16:35.0015 0x0e88 [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9 DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
17:16:35.0015 0x0e88 C:\Windows\SysWOW64\atl.dll - ok
17:16:35.0015 0x0e88 [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC0797 48E1D6D625F0DF ] C:\Windows\SysWOW64\vsstrace.dll
17:16:35.0015 0x0e88 C:\Windows\SysWOW64\vsstrace.dll - ok
17:16:35.0015 0x0e88 [ 659DAA73109D1EFC4DFD46E9CB6CEDC6, 906EB04D7798EA9FA7BC9CAB624DF5A5C550F356C08B0AEACB E8FD60EF5B41F4 ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
17:16:35.0015 0x0e88 C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
17:16:35.0015 0x0e88 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA 604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
17:16:35.0015 0x0e88 C:\Windows\System32\hnetcfg.dll - ok
17:16:35.0015 0x0e88 [ 09AC643215862B0BC3AC8F57BB96AFD6, 8839319B26C0598AE9627B948ED3A23DF68CF3B780098D9304 B09D1324C5B014 ] C:\Program Files\AVAST Software\Avast\custody.dll
17:16:35.0015 0x0e88 C:\Program Files\AVAST Software\Avast\custody.dll - ok
17:16:35.0031 0x0e88 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AF F4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
17:16:35.0031 0x0e88 C:\Windows\System32\ndiscapCfg.dll - ok
17:16:35.0031 0x0e88 [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904 177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
17:16:35.0031 0x0e88 C:\Windows\System32\rascfg.dll - ok
17:16:35.0031 0x0e88 [ FB8482D42FAD4D52F3006E7EA0435CBC, 17F60C7EBD90872B9BE82828595AFAD88057376D3EA99D1780 B5D11851B79ABE ] C:\Program Files\AVAST Software\Avast\pam.dll
17:16:35.0031 0x0e88 C:\Program Files\AVAST Software\Avast\pam.dll - ok
17:16:35.0031 0x0e88 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A 35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
17:16:35.0031 0x0e88 C:\Windows\System32\mprapi.dll - ok
17:16:35.0031 0x0e88 [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE900 84CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
17:16:35.0031 0x0e88 C:\Windows\System32\mprmsg.dll - ok
17:16:35.0031 0x0e88 [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A59 41B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
17:16:35.0031 0x0e88 C:\Windows\System32\tcpipcfg.dll - ok
17:16:35.0047 0x0e88 [ 2EB8800497876168297C2384C0D65A77, 3F29BC16AD9C37EDBAC08E4B75A15E3BBA2DFAEF002312FD83 C78AD651BF2E0E ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
17:16:35.0047 0x0e88 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
17:16:35.0047 0x0e88 [ 18AA12A2870D8B3E1FF8511994013AEC, FDA7D2317BA4920C560DB45CC85DF83D6F0A4DA84F7CC2832D FBE91C7F486732 ] C:\Program Files\AVAST Software\Avast\defs\17041812\exts.dll
17:16:35.0047 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\exts.dll - ok
17:16:35.0047 0x0e88 [ 089C9FBC57EEA8C04785C6C3C3DF3BCF, 804B6F0298E63B062B81D09C8CDE38E84371C9324969B08F05 6D00804395735F ] C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll
17:16:35.0047 0x0e88 C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll - ok
17:16:35.0047 0x0e88 [ 14107C10946921603BBF5637B249DB84, DB45F5ED8907E68F99A2DDAE377A2A98955792FD5FEDD61A39 0EFEE164B25F7A ] C:\Program Files\AVAST Software\Avast\aswDnsCache.dll
17:16:35.0047 0x0e88 C:\Program Files\AVAST Software\Avast\aswDnsCache.dll - ok
17:16:35.0047 0x0e88 [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E 724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
17:16:35.0047 0x0e88 C:\Windows\SysWOW64\wlanapi.dll - ok
17:16:35.0062 0x0e88 [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C0 8622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
17:16:35.0062 0x0e88 C:\Windows\SysWOW64\wlanutil.dll - ok
17:16:35.0062 0x0e88 [ 03A03A453F1AAAE0C73AAAF895321C7A, BB46C581347EDA9CAF287E24163A593F07BD723E1C250ADD8E 5C46BB349B668C ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:16:35.0062 0x0e88 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:16:35.0062 0x0e88 [ BEA34F901FDACDE1433CE1984B6791B2, 0E6CF3534C61D595ACD1EF0733D1F76E6C970832962F3338DE 6B557507224194 ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswAR.dll
17:16:35.0062 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswAR.dll - ok
17:16:35.0062 0x0e88 [ F0CC72AAC41DC3723358FB4DF3E37545, 8678B0801F6FF6530AC223AC2A4C8B93110655B573E047FB7F 18CE4ADA53F274 ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswRawFS.dll
17:16:35.0062 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswRawFS.dll - ok
17:16:35.0062 0x0e88 [ 32BFCF1CA719F2A3A31C721BD5F90303, EFCA0A6AF7BD987F6636B40C5249B8F03CD127EF39E55E75A8 11E2C3B1F9FF57 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
17:16:35.0062 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
17:16:35.0078 0x0e88 [ 40EE4E67311F4019CCA2120D88C60576, 05B81FC09774FA60007E45CC77E4C8A02A61639EAA58AA2989 F048A294437688 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
17:16:35.0078 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
17:16:35.0078 0x0e88 [ 09AB81CEE443569D9A3CC151DDF70444, E466612F6FBC12C463EE85DD74A303D7D4956A9A592B9D6AF9 1DF56CFEFFE28E ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
17:16:35.0078 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
17:16:35.0078 0x0e88 [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B48 6CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
17:16:35.0078 0x0e88 C:\Windows\SysWOW64\logoncli.dll - ok
17:16:35.0078 0x0e88 [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C 965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
17:16:35.0078 0x0e88 C:\Windows\SysWOW64\msi.dll - ok
17:16:35.0078 0x0e88 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE 4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
17:16:35.0078 0x0e88 C:\Windows\System32\drivers\srv2.sys - ok
17:16:35.0093 0x0e88 [ 617E29A0B0A2807466560D4C4E338D3E, 5E95D38DB9A6776EB4A15A952FA7949831D6F660EED8C3E79B D09D102BAC5D67 ] C:\Windows\System32\drivers\Sftredirlh.sys
17:16:35.0093 0x0e88 C:\Windows\System32\drivers\Sftredirlh.sys - ok
17:16:35.0093 0x0e88 [ 3D3CBD1847F980FB03343A63671E7886, 6FCC7D869106DFF85B251C1593E2DA2C165D71F854ED32360F C7DB16327AF663 ] C:\Windows\SysWOW64\schannel.dll
17:16:35.0093 0x0e88 C:\Windows\SysWOW64\schannel.dll - ok
17:16:35.0093 0x0e88 [ D9A9702E43A5859896F34898D5FD3FEC, 3248B6E72665193357BB0E6326B760F248923D375C02C8CD6B C24EEF26AEAC4E ] C:\Windows\SysWOW64\msxml6.dll
17:16:35.0093 0x0e88 C:\Windows\SysWOW64\msxml6.dll - ok
17:16:35.0093 0x0e88 [ EB6369B1FCBB45AAC60040BD3CCFBA64, E12C1E7A9EE40DE98180875383250999787B385458EB381804 79F8EE91E83A77 ] C:\Program Files (x86)\Google\Update\1.3.33.3\goopdate.dll
17:16:35.0093 0x0e88 C:\Program Files (x86)\Google\Update\1.3.33.3\goopdate.dll - ok
17:16:35.0093 0x0e88 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF373 3D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
17:16:35.0093 0x0e88 C:\Windows\SysWOW64\msimg32.dll - ok
17:16:35.0109 0x0e88 [ FEEB4E9E1B1B6D543D53AD6C75E34838, 2C7B47E4452BFE253638BF02D615E514B3DF86020123CFA0FD 52CF4E2DB4A09E ] C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.ex e
17:16:35.0109 0x0e88 C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.ex e - ok
17:16:35.0109 0x0e88 [ 591FE0A6CEB19BF886CEB1331F591940, 929CC5BC782FEF82804D2D253D3EB59F09BE744E0EF2A9263E 8EECC36E16F2CE ] C:\Windows\SysWOW64\ncrypt.dll
17:16:35.0109 0x0e88 C:\Windows\SysWOW64\ncrypt.dll - ok
17:16:35.0109 0x0e88 [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174 ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
17:16:35.0109 0x0e88 C:\Windows\SysWOW64\bcrypt.dll - ok
17:16:35.0109 0x0e88 [ B99AE052439A204F3C0377FEEFF76573, DE176626608BE0ED42F36586ED7F1D3B28592FF82E00516E8C 60A01B9243908C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\tos Indicator\2b1b71df5141ab83ead4e95c8c23d56b\tosIndi cator.ni.exe
17:16:35.0109 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\tos Indicator\2b1b71df5141ab83ead4e95c8c23d56b\tosIndi cator.ni.exe - ok
17:16:35.0109 0x0e88 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0D F975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:16:35.0109 0x0e88 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:16:35.0125 0x0e88 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58, ACAD9D96CE58EDB620AC13ACA8C6F4122BA8B2AF78468A760F 21A01B43D93312 ] C:\Program Files\Toshiba\TECO\TecoService.exe
17:16:35.0125 0x0e88 C:\Program Files\Toshiba\TECO\TecoService.exe - ok
17:16:35.0125 0x0e88 [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D 358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
17:16:35.0125 0x0e88 C:\Windows\SysWOW64\gpapi.dll - ok
17:16:35.0125 0x0e88 [ 6316957BB3431DFB06BFFA98C0F1926E, 3DB6BF2DAB524BCB9DA516004F516169808645847C6C82A082 FD4973931B9F8B ] C:\Windows\SysWOW64\cryptnet.dll
17:16:35.0125 0x0e88 C:\Windows\SysWOW64\cryptnet.dll - ok
17:16:35.0125 0x0e88 [ 6B8F9054C79BC15C07CE04C0CE242D63, 34C010D2B9A54A4EE290F768A55A41A06298F973FBFE97CBCA 993AEA49A54DDC ] C:\Program Files (x86)\Java\jre6\bin\keytool.exe
17:16:35.0125 0x0e88 C:\Program Files (x86)\Java\jre6\bin\keytool.exe - ok
17:16:35.0125 0x0e88 [ 448BF22538F1DFCB3412AE2B1CF123A9, 35D652AE19A93FE1DCF920AEDDF6470E2C8EEE8FF409E5735A 329727E464E268 ] C:\Windows\System32\conhost.exe
17:16:35.0125 0x0e88 C:\Windows\System32\conhost.exe - ok
17:16:35.0140 0x0e88 [ 01D585C95A0E752EFFB11EA899B0E387, 09EE8F7BA39206EEFAE61665EE85D048E5E9813BC5401B7FD6 E88948632C5625 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Win dowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsB ase.ni.dll
17:16:35.0140 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\Win dowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsB ase.ni.dll - ok
17:16:35.0140 0x0e88 [ F41E07868DD2314A2A0D1CCB58F38179, 98AEE7F01CC4815407F48FBEEE0EA7D2068DA534DD034B563C EC2747A51A5223 ] C:\Program Files (x86)\Java\jre6\bin\jli.dll
17:16:35.0140 0x0e88 C:\Program Files (x86)\Java\jre6\bin\jli.dll - ok
17:16:35.0140 0x0e88 [ F9C8015C85E7A8CC5513A3AD1CA0ABDC, 1DFFE0B9DEF19C4FC79B979C0A2235820CCFAF929D54E078D3 07F7F262172EBF ] C:\Program Files\Toshiba\TECO\TecoHci.dll
17:16:35.0140 0x0e88 C:\Program Files\Toshiba\TECO\TecoHci.dll - ok
17:16:35.0140 0x0e88 [ 777F34146CD4126A2B8D6F2342F57536, 5714BE7D04E70E47801BA67778E63D0B8512E3BC4D0FD70D85 E1D2D97180DFEC ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Pre sentationCore\14a87218ea49639f38097e278b98a3da\Pre sentationCore.ni.dll
17:16:35.0140 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\Pre sentationCore\14a87218ea49639f38097e278b98a3da\Pre sentationCore.ni.dll - ok
17:16:35.0140 0x0e88 [ C92C6145D2C44C4259C22228B24411F2, 49B195C55FA1D14BA0BCAE2DC856E442EA55E8B76407151DEB 07AE037FBEA21E ] C:\Program Files\Toshiba\TECO\TecoPower.dll
17:16:35.0140 0x0e88 C:\Program Files\Toshiba\TECO\TecoPower.dll - ok
17:16:35.0156 0x0e88 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879E DFEF5F1A24FEFE ] C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll - ok
17:16:35.0156 0x0e88 [ B83B58F64C99BBEF45A81E0D79A34F80, 16EF4FE99DD5A313AED4EA2598E42F4B2FEB2942E300DCD658 4F4DF29F1A808F ] C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll - ok
17:16:35.0156 0x0e88 [ CFBC060707870F82DCF03F4F5ACC7C6A, 0411830B5EFB008EFC47A04FC969ED76DB3F6FFB2B870A54D0 B29C7BFE606A7A ] C:\Program Files (x86)\Java\jre6\bin\verify.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\verify.dll - ok
17:16:35.0156 0x0e88 [ 807ECF18B7D9B02FE449D5B795CDB2DA, 330AF2CEF53C0F099139BD19A6E482DB721671EE6B7B047237 944E4C70DE31CA ] C:\Program Files (x86)\Java\jre6\bin\java.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\java.dll - ok
17:16:35.0156 0x0e88 [ 3752C305040C1FF74075CEA84E1C8DF9, 853A3A07A09063E85EBB80812EFE80B0614919C79830B77C43 750CC30BA4A8D2 ] C:\Program Files (x86)\Java\jre6\bin\zip.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\zip.dll - ok
17:16:35.0171 0x0e88 [ 02E185944CFA58DAD47D409E5655FB28, BAF6C5951D1A43137069192B0971342FFB75BFE5E6291D331B 32CD061E0D6CBA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\e717a230496832656b05b515eb9f3bc5 \PresentationFramework.ni.dll
17:16:35.0171 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\Pre sentationFramewo#\e717a230496832656b05b515eb9f3bc5 \PresentationFramework.ni.dll - ok
17:16:35.0171 0x0e88 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0 FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
17:16:35.0171 0x0e88 C:\Windows\System32\ExplorerFrame.dll - ok
17:16:35.0171 0x0e88 [ AEDDFD540E3E6BECDB14C30D1F12B78A, A4A5C793A99D9F6CBBF27EA91E7A52AD8C4CFBA3D202406B07 7E1EE0F39D2681 ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0. 0__31bf3856ad364e35\PresentationCore.dll
17:16:35.0171 0x0e88 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0. 0__31bf3856ad364e35\PresentationCore.dll - ok
17:16:35.0171 0x0e88 [ C432CDE6BCEC310430ADA1E435B935F5, 8479073393F1095568783C3FD775D8369DC108D8490E67FD08 0D34B43E1EA5CB ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
17:16:35.0171 0x0e88 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
17:16:35.0171 0x0e88 [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37 599790A5DDD1F1 ] C:\Windows\System32\msi.dll
17:16:35.0171 0x0e88 C:\Windows\System32\msi.dll - ok
17:16:35.0187 0x0e88 [ DDFBFD8959F32AC0CF3947F36BAC3081, 39A6876E19400E62457EC27FFD5D223EE98098737923714CBE 6DCA725926A0C6 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx _v0300.dll
17:16:35.0187 0x0e88 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx _v0300.dll - ok
17:16:35.0187 0x0e88 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6B B3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
17:16:35.0187 0x0e88 C:\Windows\System32\EhStorShell.dll - ok
17:16:35.0187 0x0e88 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D 6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
17:16:35.0187 0x0e88 C:\Windows\System32\ntshrui.dll - ok
17:16:35.0187 0x0e88 [ A0617B5753E31126AD29C03154F4F329, 3BC10C0A54D1D60B0C670D901944D3F115E2EBB406C9894091 45E7151AA55EFE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Cult ure.dll
17:16:35.0187 0x0e88 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Cult ure.dll - ok
17:16:35.0187 0x0e88 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8 594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
17:16:35.0187 0x0e88 C:\Windows\System32\IconCodecService.dll - ok
17:16:35.0203 0x0e88 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF 04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
17:16:35.0203 0x0e88 C:\Windows\SysWOW64\dwmapi.dll - ok
17:16:35.0203 0x0e88 [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCF F361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:16:35.0203 0x0e88 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:16:35.0203 0x0e88 [ 72794D112CBAFF3BC0C29BF7350D4741, 060C207F27306A3464FBCD8B08BDC97E34923ECA349933ECB0 59848BD08F41ED ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
17:16:35.0203 0x0e88 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
17:16:35.0203 0x0e88 [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C17 14E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
17:16:35.0203 0x0e88 C:\Windows\System32\wbem\wmiprov.dll - ok
17:16:35.0203 0x0e88 [ C797D1677BA81306AFBB9FA8A9A8F483, D71AE9308BCF6F57E8E1412F3703DFBDE341BC91C141F13724 04A978C8C12BE1 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
17:16:35.0203 0x0e88 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
17:16:35.0218 0x0e88 [ 108C2CFA5527458C096A699929ECBD80, FEF6737C71D7BF7A926C87E69D93D789EDB8C65EFB9422A1C2 1328AF54ED69AB ] C:\Windows\SysWOW64\credui.dll
17:16:35.0218 0x0e88 C:\Windows\SysWOW64\credui.dll - ok
17:16:35.0218 0x0e88 [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF81 7EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
17:16:35.0218 0x0e88 C:\Windows\SysWOW64\oleacc.dll - ok
17:16:35.0218 0x0e88 [ 7717F84F483002815490033BF069DABD, 7BE935D49AFE60589A722D3C5A1A7D319E59215DBF9A1CBB79 12938C2F0840DF ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.1.7601.17825_none_72d273598668a06 b\GdiPlus.dll
17:16:35.0218 0x0e88 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_65 95b64144ccf1df_1.1.7601.17825_none_72d273598668a06 b\GdiPlus.dll - ok
17:16:35.0218 0x0e88 [ 565A30B70BE8A9B171839003F2D69683, 808BFBF2A0EC54417A254FDA0B22472CEA4A50F4C0952A6AB0 ADF1119BD2543E ] C:\Windows\SysWOW64\hlink.dll
17:16:35.0218 0x0e88 C:\Windows\SysWOW64\hlink.dll - ok
17:16:35.0218 0x0e88 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7C D1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
17:16:35.0218 0x0e88 C:\Windows\System32\drivers\srv.sys - ok
17:16:35.0218 0x0e88 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD540 4133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
17:16:35.0234 0x0e88 C:\Windows\System32\srvsvc.dll - ok
17:16:35.0234 0x0e88 [ 74AF1FFCAFD60DA88A386AE161F56438, FFDAC2829D384EEF04E4B756E25971C03B446A96A0CBE87980 1FB796AA79E7CA ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
17:16:35.0234 0x0e88 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
17:16:35.0234 0x0e88 [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E 8A9DE0757EADAE ] C:\Windows\System32\browser.dll
17:16:35.0234 0x0e88 C:\Windows\System32\browser.dll - ok
17:16:35.0234 0x0e88 [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418 FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
17:16:35.0234 0x0e88 C:\Windows\System32\netmsg.dll - ok
17:16:35.0234 0x0e88 [ B08E3476F0874DBAD672D0AC4FB2580B, 655F36620649733E0B4E3520900579C4445D5C768A06DC7CB9 DC22CAD154D973 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
17:16:35.0234 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
17:16:35.0234 0x0e88 [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E00 9C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
17:16:35.0234 0x0e88 C:\Windows\System32\clusapi.dll - ok
17:16:35.0249 0x0e88 [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F 4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
17:16:35.0249 0x0e88 C:\Windows\System32\sscore.dll - ok
17:16:35.0249 0x0e88 [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3 B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
17:16:35.0249 0x0e88 C:\Windows\System32\resutils.dll - ok
17:16:35.0249 0x0e88 [ 4C1E16B9A53102C8D6FBA587CBCB95DE, F982ABB2353E45E3E09B30EA99EFDC2A905AD75B43CDB0A34D B33D91AADDAB17 ] C:\Windows\SysWOW64\msv1_0.dll
17:16:35.0249 0x0e88 C:\Windows\SysWOW64\msv1_0.dll - ok
17:16:35.0249 0x0e88 [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770 513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
17:16:35.0249 0x0e88 C:\Windows\SysWOW64\cryptdll.dll - ok
17:16:35.0249 0x0e88 [ 1CDEA9188899E76D4FFD54C9D512CCDB, B73B0AA397B8E673B4169E246D121ABCE2E888F6C8013AC4FF FA9A6539BB5FB0 ] C:\Windows\SysWOW64\msxml3.dll
17:16:35.0249 0x0e88 C:\Windows\SysWOW64\msxml3.dll - ok
17:16:35.0265 0x0e88 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D915 45566E0722FFAA ] C:\Windows\System32\appinfo.dll
17:16:35.0265 0x0e88 C:\Windows\System32\appinfo.dll - ok
17:16:35.0265 0x0e88 [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C 367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
17:16:35.0265 0x0e88 C:\Windows\System32\dbghelp.dll - ok
17:16:35.0265 0x0e88 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139 991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
17:16:35.0265 0x0e88 C:\Windows\System32\wpdbusenum.dll - ok
17:16:35.0265 0x0e88 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E0 05CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
17:16:35.0265 0x0e88 C:\Windows\System32\wscsvc.dll - ok
17:16:35.0265 0x0e88 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793 A3E219EB961209 ] C:\Windows\System32\wdi.dll
17:16:35.0265 0x0e88 C:\Windows\System32\wdi.dll - ok
17:16:35.0281 0x0e88 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF 4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
17:16:35.0281 0x0e88 C:\Windows\System32\npmproxy.dll - ok
17:16:35.0281 0x0e88 [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593 EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
17:16:35.0281 0x0e88 C:\Windows\System32\diagperf.dll - ok
17:16:35.0281 0x0e88 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8 CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
17:16:35.0281 0x0e88 C:\Windows\System32\PortableDeviceApi.dll - ok
17:16:35.0281 0x0e88 [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4A B18880E9F269E0 ] C:\Windows\System32\perftrack.dll
17:16:35.0281 0x0e88 C:\Windows\System32\perftrack.dll - ok
17:16:35.0281 0x0e88 [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B5 8C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
17:16:35.0281 0x0e88 C:\Windows\System32\p2pcollab.dll - ok
17:16:35.0296 0x0e88 [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674 C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
17:16:35.0296 0x0e88 C:\Windows\System32\wbem\NCProv.dll - ok
17:16:35.0296 0x0e88 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C820843 6469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
17:16:35.0296 0x0e88 C:\Windows\System32\QAGENTRT.DLL - ok
17:16:35.0296 0x0e88 [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51 CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:16:35.0296 0x0e88 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:16:35.0296 0x0e88 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9 DC3E3D6B17B4BF ] C:\Windows\System32\drivers\WUDFRd.sys
17:16:35.0296 0x0e88 C:\Windows\System32\drivers\WUDFRd.sys - ok
17:16:35.0296 0x0e88 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C 0D738455898C36 ] C:\Windows\System32\fveui.dll
17:16:35.0296 0x0e88 C:\Windows\System32\fveui.dll - ok
17:16:35.0296 0x0e88 [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE09 1AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
17:16:35.0296 0x0e88 C:\Windows\System32\Apphlpdm.dll - ok
17:16:35.0312 0x0e88 [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CE AF35D003A0099A ] C:\Windows\System32\pnpts.dll
17:16:35.0312 0x0e88 C:\Windows\System32\pnpts.dll - ok
17:16:35.0312 0x0e88 [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F68 50751191150CFE ] C:\Windows\System32\radardt.dll
17:16:35.0312 0x0e88 C:\Windows\System32\radardt.dll - ok
17:16:35.0312 0x0e88 [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B 28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
17:16:35.0312 0x0e88 C:\Windows\System32\wdiasqmmodule.dll - ok
17:16:35.0312 0x0e88 [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F 45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
17:16:35.0312 0x0e88 C:\Windows\System32\wuapi.dll - ok
17:16:35.0312 0x0e88 [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54 B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
17:16:35.0312 0x0e88 C:\Windows\System32\cabinet.dll - ok
17:16:35.0327 0x0e88 [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C 62A634B8CAEF5F ] C:\Windows\System32\wups.dll
17:16:35.0327 0x0e88 C:\Windows\System32\wups.dll - ok
17:16:35.0327 0x0e88 [ 7DF186D86CF8C571A12AAB788C777F84, A2C1064BFDEF2A85CB12A11E55728BCC09933C115C278403F0 7B27DB2C36C710 ] C:\Windows\SysWOW64\wscproxystub.dll
17:16:35.0327 0x0e88 C:\Windows\SysWOW64\wscproxystub.dll - ok
17:16:35.0327 0x0e88 [ D0FF1CA89D013B94768A289023958F6B, DB15E374E26E351561C5A6DCC5822AFB7CFF2C373761266520 193E89DFAC6855 ] C:\Windows\System32\WUDFHost.exe
17:16:35.0327 0x0e88 C:\Windows\System32\WUDFHost.exe - ok
17:16:35.0327 0x0e88 [ 70300CB4D361A58E8F91C0C36E956D1F, B8B9EC3DC2CE8B4AB54A9C648A9825EC3CF9C85CD3BE34D286 5129F8F559951A ] C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64. exe
17:16:35.0327 0x0e88 C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64. exe - ok
17:16:35.0327 0x0e88 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C5613074385030 31D30C944B6A6E ] C:\Windows\System32\runonce.exe
17:16:35.0327 0x0e88 C:\Windows\System32\runonce.exe - ok
17:16:35.0343 0x0e88 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25 EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
17:16:35.0343 0x0e88 C:\Windows\SysWOW64\runonce.exe - ok
17:16:35.0343 0x0e88 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F40 11DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
17:16:35.0343 0x0e88 C:\Windows\SysWOW64\cmd.exe - ok
17:16:35.0343 0x0e88 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872E C9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
17:16:35.0343 0x0e88 C:\Windows\SysWOW64\winbrand.dll - ok
17:16:35.0343 0x0e88 [ 8DCDD0B5939043A1EC98C6F168A56B16, 3359E65AE19A3D66E3ADFDB4C890ED5D33DAD961FAF4E050A3 69192B2ED09910 ] C:\Windows\SysWOW64\ieframe.dll
17:16:35.0343 0x0e88 C:\Windows\SysWOW64\ieframe.dll - ok
17:16:35.0343 0x0e88 [ 1950B1C38AED4154BA79F77E36494D8A, 3F79FA4C971FBB73FECA64F5F0C6BCB9F04D7E9A49A95584E9 7D80B97CCE326C ] C:\Windows\System32\WUDFx.dll
17:16:35.0343 0x0e88 C:\Windows\System32\WUDFx.dll - ok
17:16:35.0359 0x0e88 [ 91D6F0AB79AA36FFB932157865206F35, 5C20EA92737A4409DF4601D6D256DBC7A8D0AE4C31A32F2005 4E873473B27781 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
17:16:35.0359 0x0e88 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
17:16:35.0359 0x0e88 [ 9864D52F15AD32094A636C6B5281D9E7, 2DBECE721AA11509F6D5005C5FB965EB0DF28729D0B6C524BB 35603C1243BA42 ] C:\Windows\System32\WMVCORE.DLL
17:16:35.0359 0x0e88 C:\Windows\System32\WMVCORE.DLL - ok
17:16:35.0359 0x0e88 [ AACC48FE239F0DF126DA2F28930A5B83, D55E7D9AA79B1875E9074CFFBBCD484024902566B49806A863 9B5C04847DFF89 ] C:\Windows\System32\WMASF.DLL
17:16:35.0359 0x0e88 C:\Windows\System32\WMASF.DLL - ok
17:16:35.0359 0x0e88 [ 389CA818132C1D7DCF0C791E8D9035DE, 5E54799F92CC604FABEF2F97AFD97F9CAD70D01BCDBC41FAC4 08D60821927C12 ] C:\Windows\System32\PortableDeviceClassExtension.d ll
17:16:35.0359 0x0e88 C:\Windows\System32\PortableDeviceClassExtension.d ll - ok
17:16:35.0359 0x0e88 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE2483 4460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
17:16:35.0359 0x0e88 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:16:35.0359 0x0e88 [ BE247AE996A9FDE007A27B51413A6C79, A4280BE9BDCB51E50A0E302F59ACDF866EFAC8035D766172D0 6C15019CC57476 ] C:\Windows\SysWOW64\shdocvw.dll
17:16:35.0359 0x0e88 C:\Windows\SysWOW64\shdocvw.dll - ok
17:16:35.0374 0x0e88 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B 253C7329949156 ] C:\Windows\System32\aelupsvc.dll
17:16:35.0374 0x0e88 C:\Windows\System32\aelupsvc.dll - ok
17:16:35.0374 0x0e88 [ 510FB616264FE12BC3B4561AF35CCBC7, 1D410CA508264C971B2E9D2A9EC6E87DC09597EF3A3C383E86 A009E5A1DA9CF8 ] C:\Users\Mitch\AppData\Local\Temp{563D512D-3925-420E-A185-5FE22537A215}{4EBEB473-DEF2-407B-80B3-FEFA20205E53}.exe
17:16:35.0374 0x0e88 C:\Users\Mitch\AppData\Local\Temp{563D512D-3925-420E-A185-5FE22537A215}{4EBEB473-DEF2-407B-80B3-FEFA20205E53}.exe - ok
17:16:35.0374 0x0e88 [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B 11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
17:16:35.0374 0x0e88 C:\Windows\SysWOW64\devrtl.dll - ok
17:16:35.0374 0x0e88 [ B519848DFA30AE2B306576B51321D102, CFD8BCB7645F2200819224BEB9F10BB226D30FE27B3BB31A35 A2889FA301EFF2 ] C:\Windows\System32\ie4uinit.exe
17:16:35.0374 0x0e88 C:\Windows\System32\ie4uinit.exe - ok
17:16:35.0374 0x0e88 [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAA D6B131AE43F274 ] C:\Windows\System32\timedate.cpl
17:16:35.0374 0x0e88 C:\Windows\System32\timedate.cpl - ok
17:16:35.0390 0x0e88 [ C4F40F6CACD796A8E16671D0E9A2F319, 44853C645915D910ED0CC6D38F68B6C222528EC5FCBE990E23 8010F41204E682 ] C:\Windows\System32\shdocvw.dll
17:16:35.0390 0x0e88 C:\Windows\System32\shdocvw.dll - ok
17:16:35.0390 0x0e88 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C0 52E45AB69822BB ] C:\Windows\System32\linkinfo.dll
17:16:35.0390 0x0e88 C:\Windows\System32\linkinfo.dll - ok
17:16:35.0390 0x0e88 [ 661CEEDE98A2E0E5CDD7DE239EB38353, 3F8A23FD9CC3516A9366235662942B942A64A4264F35BFFD33 9D1B054AD1080E ] C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll
17:16:35.0390 0x0e88 C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll - ok
17:16:35.0390 0x0e88 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB 243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
17:16:35.0390 0x0e88 C:\Windows\System32\msftedit.dll - ok
17:16:35.0390 0x0e88 [ 3504B34CD2DE00BA3CC1A195F1B739BD, C08B5AD0C59FF393658CB08130A138CDBC16C1BF2672611CD2 C5C93ED40EBA21 ] C:\Windows\System32\gameux.dll
17:16:35.0390 0x0e88 C:\Windows\System32\gameux.dll - ok
17:16:35.0405 0x0e88 [ 7FCAB194F01E3403C300EB034E480B36, 907EBC0ACF0FD4A047DBD20A5FE71F36142162CA5A7A1A6498 D5DB5B2AFC70DB ] C:\Windows\System32\msls31.dll
17:16:35.0405 0x0e88 C:\Windows\System32\msls31.dll - ok
17:16:35.0405 0x0e88 [ 7DBA84667DC18877AEF693E3543DFAD7, 499306CE72EB8B873C547C600FD1093B7A79122D656407E698 79041690AE588F ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
17:16:35.0405 0x0e88 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
17:16:35.0405 0x0e88 [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067 A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
17:16:35.0405 0x0e88 C:\Windows\System32\msiltcfg.dll - ok
17:16:35.0405 0x0e88 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E5 5DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
17:16:35.0405 0x0e88 C:\Windows\System32\DeviceCenter.dll - ok
17:16:35.0405 0x0e88 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D, 551F502F0C61FC892032E7CBCF53660F01C3DF18D6510C6312 48FC00EA5BC817 ] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
17:16:35.0405 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrMain.exe - ok
17:16:35.0421 0x0e88 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA 6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
17:16:35.0421 0x0e88 C:\Windows\System32\thumbcache.dll - ok
17:16:35.0421 0x0e88 [ DFD8F75F0E27D522AB8424AD71719C8B, 68C9B90EFA71D7CAC2DA632D2C388E1416E26275CF3FA980E3 9D4858F8FF77F9 ] C:\Program Files\Toshiba\TBS\HSON.exe
17:16:35.0421 0x0e88 C:\Program Files\Toshiba\TBS\HSON.exe - ok
17:16:35.0421 0x0e88 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB 9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
17:16:35.0421 0x0e88 C:\Windows\System32\networkexplorer.dll - ok
17:16:35.0421 0x0e88 [ A6C039BAAC52F266AB393D0D62236583, A26613FCBA264CDC3D727FB562DCC80A3A6795452285B26F23 3F7D62DFB11388 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
17:16:35.0421 0x0e88 C:\Program Files\Toshiba\FlashCards\TCrdMain.exe - ok
17:16:35.0421 0x0e88 [ D70D6B42933C1174FE961F0BCA3573A3, CB00C6D7AB50C5C3B9AA989314344A3B4003F63946BE38E0AA 55AE68337FD768 ] C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll
17:16:35.0421 0x0e88 C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll - ok
17:16:35.0437 0x0e88 [ 76849AB697E63D85CC35DD2F8AEA1C6B, 9258E14C5DEB1C79D5CE3027126D7D1E481C8081376A538690 214508CED3B423 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.dll
17:16:35.0437 0x0e88 C:\Program Files\Toshiba\FlashCards\TCrdMain.dll - ok
17:16:35.0437 0x0e88 [ 6B640D9B1C114DDB8A534A9101DCEF29, 2993E6282D8DC6CD431D7B79C9C7EB3AF9AB3BBDD8F90C8514 2D14DC2575BB99 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
17:16:35.0437 0x0e88 C:\Program Files\CONEXANT\SAII\SAIICpl.exe - ok
17:16:35.0437 0x0e88 [ 8D8839FDB43DE6F35D4A26294B8B9549, 536C38B0D78A170180495098AAE6187DA428C8338E971F264B 083808C8949EBF ] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent 64.exe
17:16:35.0437 0x0e88 C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent 64.exe - ok
17:16:35.0437 0x0e88 [ 0F042176F243D71C552E9D07D2FCB141, 89BA83E18F3158D83A0D2B430DBE11A8ACCC0CF9D64E9AF832 CD9E080ADD263E ] C:\Program Files\Toshiba\FlashCards\BlackPng.dll
17:16:35.0437 0x0e88 C:\Program Files\Toshiba\FlashCards\BlackPng.dll - ok
17:16:35.0437 0x0e88 [ A61BA3762126CC714E78207847F36BF2, FADE37415303EF563708DE24CA8CF50CEC7CA26A95AF74D2BA EE07446E7A2320 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
17:16:35.0437 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
17:16:35.0452 0x0e88 [ EF9C5CD482AC0C29C5EC885CBB94469A, AD79B6A8F0E7E297F40904450B4F2DAB032EC2BDF95BAE492C A857E66824BE50 ] C:\Program Files\Toshiba\TECO\Teco.exe
17:16:35.0452 0x0e88 C:\Program Files\Toshiba\TECO\Teco.exe - ok
17:16:35.0452 0x0e88 [ E027A6E99EF709AFD195FD6329224C47, B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C 43E7373A3E6874 ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{3DF8BB37-3698-4516-9129-901DAFEFAD87}.tmp
17:16:35.0452 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{3DF8BB37-3698-4516-9129-901DAFEFAD87}.tmp - ok
17:16:35.0452 0x0e88 [ 38B24645FA9F9BDCCC35AF4B9AE7F37E, F6183A0ECC4658EBA78039A40977D09794B5031E278ADB0315 DC3A701790E324 ] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe
17:16:35.0452 0x0e88 C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe - ok
17:16:35.0452 0x0e88 [ AB67816718E5C65CC326BE56AC0B9E73, D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE5 30574B16ADB2D5 ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{2C7D5CC9-76E2-411F-8A87-9D0979990D1F}.tmp
17:16:35.0452 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{2C7D5CC9-76E2-411F-8A87-9D0979990D1F}.tmp - ok
17:16:35.0452 0x0e88 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75 BC6E469DB44494 ] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe
17:16:35.0452 0x0e88 C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe - ok
17:16:35.0468 0x0e88 [ 099B3847531EAF7BA63B5BB504CE8461, 70271E4D3174F98A90BE9658F72F38A2FFD906BDC1D26E8AE4 18B147D4134EC1 ] C:\Program Files\Toshiba\TECO\MUIHelp.dll
17:16:35.0468 0x0e88 C:\Program Files\Toshiba\TECO\MUIHelp.dll - ok
17:16:35.0468 0x0e88 [ 9C96B167C21F6DCCF68E96853B0A8F93, 5BC0C953CFB64B045632678E941CFD706AF18AC19D1A1AA986 50A55E4DE95EC7 ] C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll
17:16:35.0468 0x0e88 C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll - ok
17:16:35.0468 0x0e88 [ A190DA6546501CB4146BBCC0B6A3F48B, 5AE0BF71E770C2959FE2022C43E4C6F43E361089A3431AA318 0EBF4EC0465CAC ] C:\Windows\System32\msiexec.exe
17:16:35.0468 0x0e88 C:\Windows\System32\msiexec.exe - ok
17:16:35.0468 0x0e88 [ 321FF1DF7F4CEF3FA690419110BEE55A, 41243293C9876D8B94F83B28C98F1797CD217140153DDEE631 C2EEB8E102C6A0 ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{F4BDB0CC-8359-4F7A-A8D8-F499BDF4B39E}.tmp
17:16:35.0468 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{F4BDB0CC-8359-4F7A-A8D8-F499BDF4B39E}.tmp - ok
17:16:35.0483 0x0e88 [ E126445756DFE53F9788911BBD7BFF16, 4C29B89AB13BA93E0F23AF70FE1AA98A822C9E56BCE042B8F3 1C77596F11C20A ] C:\Program Files\Toshiba\FlashCards\FnSticky.dll
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\FlashCards\FnSticky.dll - ok
17:16:35.0483 0x0e88 [ 426350B428CD70D037A3326EB9E5EDFD, B7B1A20D1D75661533CF983EA0C6E520B928AF6FCCDA70C488 FC8FC566B5AF7F ] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
17:16:35.0483 0x0e88 [ 47AFBB582DC348AF02B2EDDAF7243A6E, 3AD33D0A9EC96C7DD21A01EB8F9531A26337C367DF333CEE6F 615835E05A42A7 ] C:\Program Files\Toshiba\Power Saver\TFunctab.dll
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\Power Saver\TFunctab.dll - ok
17:16:35.0483 0x0e88 [ E542A10321E884C2C50290AC67E82DAE, DF9222EDD17982AC9905465790161FDD489DCDEC97B258B8A0 8AF78AE1AE5CA1 ] C:\Program Files\Toshiba\Power Saver\TOddPwr.dll
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\Power Saver\TOddPwr.dll - ok
17:16:35.0483 0x0e88 [ A709D7F4DCC91CF0945F784F7D233B89, 164FC39AFEB247762AC0B73979852605BAA13B1A2E4B6E4170 8165AC1B76B127 ] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe - ok
17:16:35.0499 0x0e88 [ 60FB378B6D1C80DC69DD80F8E05D4346, 59D73D2EC2BFD4C96A62C861618ACDCF5FA6850BA4F7CEB4B7 AA01D3D6C79B4B ] C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll
17:16:35.0499 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll - ok
17:16:35.0499 0x0e88 [ DC6DB08D85337C9675F94B01043279AE, B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A1 0AEA9B9E52032B ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{E5F8E3D1-1D17-4C67-AA17-43FA6167E99A}.tmp
17:16:35.0499 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{E5F8E3D1-1D17-4C67-AA17-43FA6167E99A}.tmp - ok
17:16:35.0499 0x0e88 [ 1AC9B56AC7E043AC2874D61CBCED5F49, B613057794CD61EC1B037C96124D46E53D91E9B24244FED7D0 3249524288C201 ] C:\Program Files\Toshiba\FlashCards\Hotkey\Mute.dll
17:16:35.0499 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\Mute.dll - ok
17:16:35.0499 0x0e88 [ 1DCD0B1345720349220CE79316A56751, 4852E00F297A1D7419EECF2DF8476BE7BAD38558B8A5666343 F1C47923B9FD1B ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll
17:16:35.0499 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll - ok
17:16:35.0499 0x0e88 [ EF49D309C27814AB86D9AB567DD9DC86, A58CAE9CC641E1DD59D9826AEE1D1079D40CA4E6985029D54A BBE9FB28EE7930 ] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
17:16:35.0499 0x0e88 C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe - ok
17:16:35.0499 0x0e88 [ C74D46C1F542F5FEB9B7E1A8EC04986D, FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9 AE1343DA47A63D ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{6A92AD5A-966E-4955-9183-89EFB1C44D4C}.tmp
17:16:35.0515 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{6A92AD5A-966E-4955-9183-89EFB1C44D4C}.tmp - ok
17:16:35.0515 0x0e88 [ 1C937AA6A3E2E5F5F650686437AE2854, 3983FD93D85380C0B658B2564CADDC114BA5F6736A61D922C3 A4CDCA0EB2B17B ] C:\Program Files\Toshiba\FlashCards\SmoothView.dll
17:16:35.0515 0x0e88 C:\Program Files\Toshiba\FlashCards\SmoothView.dll - ok
17:16:35.0515 0x0e88 [ 0287C9E40BC751BF94A90FEA39B4CAE6, 9D95E9EF1B0365A92F86BE353E24643A97026B55E9585B4E08 9FE4350E0AC77C ] C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll
17:16:35.0515 0x0e88 C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll - ok
17:16:35.0515 0x0e88 [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950D F76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b 9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msv cr90.dll
17:16:35.0515 0x0e88 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b 9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msv cr90.dll - ok
17:16:35.0515 0x0e88 [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578 A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b 9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msv cp90.dll
17:16:35.0515 0x0e88 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b 9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msv cp90.dll - ok
17:16:35.0515 0x0e88 [ FC3001B4B9DF50B61F3CCA615759EFE7, 9AAE3665AD2893E7DB41965D430A7230B826AC4580603F2010 2E21C19C15535F ] C:\Windows\System32\PhotoMetadataHandler.dll
17:16:35.0515 0x0e88 C:\Windows\System32\PhotoMetadataHandler.dll - ok
17:16:35.0530 0x0e88 [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3 C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
17:16:35.0530 0x0e88 C:\Windows\System32\oledlg.dll - ok
17:16:35.0530 0x0e88 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675A FE40F80E8F4979 ] C:\Windows\System32\wersvc.dll
17:16:35.0530 0x0e88 C:\Windows\System32\wersvc.dll - ok
17:16:35.0530 0x0e88 [ F152755F131ADFE452D534F4E9383590, 6E0C52D409203F070B90350EF7405EE38185270E9579F4570D DA53DC65A4653E ] C:\Windows\System32\Faultrep.dll
17:16:35.0530 0x0e88 C:\Windows\System32\Faultrep.dll - ok
17:16:35.0530 0x0e88 [ EFE8A50B9AE0205D399E94E89E244E65, 089D61EE41E7A1EBE7FBE8B44C1C79430408F40A385CEF75AC FFD74602C2C039 ] C:\Program Files\Toshiba\Power Saver\TCooling.dll
17:16:35.0530 0x0e88 C:\Program Files\Toshiba\Power Saver\TCooling.dll - ok
17:16:35.0530 0x0e88 [ B3F4982BD2542AB40AFA6D6E695E5E06, CE80AD486FD195171F9713C987BDDAD72CD491075EA77FA5CE 60B617154D864E ] C:\Program Files\Toshiba\Power Saver\TPwrBrightness.dll
17:16:35.0530 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrBrightness.dll - ok
17:16:35.0546 0x0e88 [ F164E175B6092D3BA0DC7056487717BC, 46DCDD16AF5D0017E693C1D3398989546C2DB6FACADA702BB1 1D0F1CB4B1D3F9 ] C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll
17:16:35.0546 0x0e88 C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll - ok
17:16:35.0546 0x0e88 [ E436C2E89416F31699F2A3CA79DDC095, 30EAF25A388AEED586C3393F887BF50A6D0D2107539DE5DF95 7804A715FF3635 ] C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll
17:16:35.0546 0x0e88 C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll - ok
17:16:35.0546 0x0e88 [ C4CA3DBBCEC3136D37DA20B50291E63A, F0DF7A77081DDC47129CFFABABDE5D8D5707EC3B5436C6E4AC D48241E708DE1C ] C:\Program Files\Toshiba\Power Saver\TSDPwr.dll
17:16:35.0546 0x0e88 C:\Program Files\Toshiba\Power Saver\TSDPwr.dll - ok
17:16:35.0546 0x0e88 [ 8BDC8ECF5EC879F5F8686B86510BADA0, D5136C002723DC8937ED580383C96A6A7876D7B3EE672C4A00 AB67CEEC5CE6B5 ] C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosKillIndicator.exe
17:16:35.0546 0x0e88 C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosKillIndicator.exe - ok
17:16:35.0546 0x0e88 [ DF987E7AA36D53411B1087B246739326, 6FC55179CE8F005842BCDE248A0E34FBE5FEA1DE848F1D9963 9A6733832ED07D ] C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll
17:16:35.0546 0x0e88 C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll - ok
17:16:35.0561 0x0e88 [ 76F123E491B26DAAD5DFBC20FC5996DB, B56D333B7236B978FBC559E437E7C5A06B321A7E9D452D5393 46DBBFC617E931 ] C:\Program Files\Toshiba\Power Saver\TScreen.dll
17:16:35.0561 0x0e88 C:\Program Files\Toshiba\Power Saver\TScreen.dll - ok
17:16:35.0561 0x0e88 [ 11615D80DC10ABB83D2A9002B70A4E36, 554352B737D78D53C8935D7D603A5FE5343496C63296625193 598BC93B46E889 ] C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
17:16:35.0561 0x0e88 C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll - ok
17:16:35.0561 0x0e88 [ 8784236EED5079493DA9FC95B28B89F8, E59C349B964F585C27F63FBF7C1B5D7C6CF8CC958BD35100A3 6D57542DC13972 ] C:\Windows\System32\WerFault.exe
17:16:35.0561 0x0e88 C:\Windows\System32\WerFault.exe - ok
17:16:35.0561 0x0e88 [ 990EA3103E06D68CE0E755A9C3D70107, 39AC7F6D2A348BA50C3FBF50E23EAFEDAE232F0FA2F82937F1 8934E2D7C53CB7 ] C:\Windows\System32\dbgeng.dll
17:16:35.0561 0x0e88 C:\Windows\System32\dbgeng.dll - ok
17:16:35.0561 0x0e88 [ 517ECD823EB9A03368294C6C33A695D0, 7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06 C9E71BBA0CD40C ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{1B490759-0CD1-4898-827C-6D891250F6CB}.tmp
17:16:35.0561 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{1B490759-0CD1-4898-827C-6D891250F6CB}.tmp - ok
17:16:35.0577 0x0e88 [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EB B11751F38DD6D4 ] C:\Windows\System32\esent.dll
17:16:35.0577 0x0e88 C:\Windows\System32\esent.dll - ok
17:16:35.0577 0x0e88 [ C54BFDEC7B8B3F6FB7FF4A39AD596471, 7A88F1664EA6F0C5685BE31557B369FDA4BFE8F640BE3CB6A2 4C58C40568E125 ] C:\Program Files\Toshiba\TBS\TBSMain.dll
17:16:35.0577 0x0e88 C:\Program Files\Toshiba\TBS\TBSMain.dll - ok
17:16:35.0577 0x0e88 [ 3428F170E1953B4C4EA10A5F58B55908, B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A 7F6AC02E54B306 ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{9F29B980-2F27-4AF0-9ACE-062EDB15D8B8}.tmp
17:16:35.0577 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{9F29B980-2F27-4AF0-9ACE-062EDB15D8B8}.tmp - ok
17:16:35.0577 0x0e88 [ AD8D1187F527B828BA43173D22C618D0, C717BB05B932F8966EF67D3F1BF2D2CD9E5D7DFE23888BD061 6CBCD61723068F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\tos KillIndicator\39d738530f43252de81a64dd0a386823\tos KillIndicator.ni.exe
17:16:35.0577 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\tos KillIndicator\39d738530f43252de81a64dd0a386823\tos KillIndicator.ni.exe - ok
17:16:35.0577 0x0e88 [ 06DEF9378C701E638B707B33B1E8151C, AB7DD7E2A44D8DAE488177C22F5E08A7136E1E9E53EC301F2B 90A28739F96B2F ] C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe
17:16:35.0577 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe - ok
17:16:35.0593 0x0e88 [ 96D681B7DE0BA6BFA1DC55915003CD05, 26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD27 1A757833285939 ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{24EDE635-DFB0-400F-96F1-107CE645A895}.tmp
17:16:35.0593 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{24EDE635-DFB0-400F-96F1-107CE645A895}.tmp - ok
17:16:35.0593 0x0e88 [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602 BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
17:16:35.0593 0x0e88 C:\Program Files\CCleaner\CCleaner64.exe - ok
17:16:35.0593 0x0e88 [ 85D8D497E3CFCD66607DAD332378DE8B, FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A912 9881E148769C7F ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{72CA3732-77AB-4C86-91CF-57BE8CC68663}.tmp
17:16:35.0593 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{72CA3732-77AB-4C86-91CF-57BE8CC68663}.tmp - ok
17:16:35.0593 0x0e88 [ CD0DAF878147B723108C428370FF0355, A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413E AA4DC1FAB76303 ] C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{9A4A3A54-A2C5-4307-86CA-4D1E63C33CC5}.tmp
17:16:35.0593 0x0e88 C:\Users\Mitch\AppData\Local\Temp{947CC29C-1BE1-4D37-998F-965D39A68150}{9A4A3A54-A2C5-4307-86CA-4D1E63C33CC5}.tmp - ok
17:16:35.0608 0x0e88 [ 0819EF7DB96DAB8AC3DACE567ED1B99E, 1489E5BC7F6E7E25665F0ED681A74DC65ADAC331895416F198 0BD9D22E79B897 ] C:\Windows\System32\werui.dll
17:16:35.0608 0x0e88 C:\Windows\System32\werui.dll - ok
17:16:35.0608 0x0e88 [ BB752714D14CB1F13969D721F1A3A60F, 32B95C75704BE37B349E0493AA8D2FCDAE8007275124646125 650456D3A1563F ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
17:16:35.0608 0x0e88 C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe - ok
17:16:35.0608 0x0e88 [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC01 6B90918C4BD579 ] C:\Windows\System32\msimg32.dll
17:16:35.0608 0x0e88 C:\Windows\System32\msimg32.dll - ok
17:16:35.0608 0x0e88 [ 02F4246866BF35BF2244E5CF72E25895, AA08D3E65CCF6F4F79D169575C9B4FE8BA078246BFB30C3809 39A4A3B6092074 ] C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe
17:16:35.0608 0x0e88 C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe - ok
17:16:35.0608 0x0e88 [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2A DF7FD0DC8EEF66 ] C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe
17:16:35.0608 0x0e88 C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe - ok
17:16:35.0624 0x0e88 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44, A3967758E30609D29A4856F373DD2C971B341F914825D72038 7ACFD7499EDC3D ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
17:16:35.0624 0x0e88 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - ok
17:16:35.0624 0x0e88 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA76 77EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
17:16:35.0624 0x0e88 C:\Windows\SysWOW64\riched20.dll - ok
17:16:35.0624 0x0e88 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785 331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:16:35.0624 0x0e88 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:16:35.0624 0x0e88 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C1 3A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
17:16:35.0624 0x0e88 C:\Windows\SysWOW64\duser.dll - ok
17:16:35.0624 0x0e88 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D90 42D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
17:16:35.0624 0x0e88 C:\Windows\SysWOW64\dui70.dll - ok
17:16:35.0624 0x0e88 [ EDF4DEC1041EEAF78A0B1E16C1BB4CC4, 72AB0E5499505AC25F4CACAB0C7581979100FAB552A253BB08 DCD4643888702F ] C:\Windows\System32\fthsvc.dll
17:16:35.0624 0x0e88 C:\Windows\System32\fthsvc.dll - ok
17:16:35.0639 0x0e88 [ 3819AD4329303EAC88480CA16A650735, FBE665BEE15A334851AF4BF9969C8BC21B3F0254CAA5E21E67 D7843D4171E675 ] C:\Windows\System32\UIAnimation.dll
17:16:35.0639 0x0e88 C:\Windows\System32\UIAnimation.dll - ok
17:16:35.0639 0x0e88 [ 88B0BCC23660D466879099F26CCB8CA5, 825EBF5C7A723650145C695A4DD89027E928B3611D89BF19AA E47687ABA0E5CA ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll
17:16:35.0639 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll - ok
17:16:35.0639 0x0e88 [ 6E6DBEB083B26E55A87BCDCF1354F45E, FBDFBE1F35A7FB8CE89D4A0A2F93B6435E294E3961033EC449 43A6570E62E9EE ] C:\Program Files\Toshiba\Power Saver\TFunc2.dll
17:16:35.0639 0x0e88 C:\Program Files\Toshiba\Power Saver\TFunc2.dll - ok
17:16:35.0639 0x0e88 [ E6BC081DDE7391AD0A044C0796A86D08, A8273EC82761B975F3F6E8E0EFF6824FCFCCB4E270E9CF8446 D0B3FE2307E047 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll
17:16:35.0639 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll - ok
17:16:35.0655 0x0e88 [ EDE3D67AE2951D330AA6A4EB7FEF7739, B58CE8164247DE3393F44E117890B57DDC6BBEC3F311A236CD A1C0D254E9BA74 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll
17:16:35.0655 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll - ok
17:16:35.0655 0x0e88 [ D908CF40BEFA099EA92129BB485CFBA9, 92BA566D52DEC85027380EE8D230D884C94F75FC3E4D7437AE 93705280E10DBF ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF5.dll
17:16:35.0655 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF5.dll - ok
17:16:35.0655 0x0e88 [ CACB1FB9B211A8BEF470A78FC573AEBA, 73E33DB451065BAD16FF30F351D7814193D10F3DD8B8067770 69ABA510F046F5 ] C:\Program Files\Toshiba\FlashCards\Hotkey\Brightness.dll
17:16:35.0655 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\Brightness.dll - ok
17:16:35.0655 0x0e88 [ 43AA2EFD14590DE58A545BF3B28ED09F, 6EC547E8BB034109AC20CD3B67E3A82676018804D6E9589F27 459F8A4356E28E ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll
17:16:35.0655 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll - ok
17:16:35.0655 0x0e88 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C10 45F17B06109FBF ] C:\Windows\System32\wlanapi.dll
17:16:35.0655 0x0e88 C:\Windows\System32\wlanapi.dll - ok
17:16:35.0671 0x0e88 [ E625ABBE3ED37D3160151DFD33AE6B91, 94EEE8C8A32182EB02D658403FBE8A9CCE0361D8582E0A574D 47899CFBE7C5A2 ] C:\Program Files\Toshiba\FlashCards\Hotkey\TouchPad.dll
17:16:35.0671 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\TouchPad.dll - ok
17:16:35.0671 0x0e88 [ 66935625C1758EFEFFAF8CF0E020A6F9, BF9F3CCBFD7477E0535737D76BC1E6D6CDBB91D3F7CDE8D322 0AC7F388605529 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll
17:16:35.0671 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll - ok
17:16:35.0671 0x0e88 [ 4C671C688884F18152441DC16AA629F6, 19158CE47E09ADB0265A983E9FBC11C1A2532377B22512B158 29CFB148FA8441 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll
17:16:35.0671 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll - ok
17:16:35.0671 0x0e88 [ 13BC9BF69A7A03ED92BFDF36E9B4C508, 149CE3DBB6808495246E838C98AA21644CD1B2C13E6AB5C0C5 34C49946088BB3 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll
17:16:35.0671 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll - ok
17:16:35.0686 0x0e88 [ 70050353213574B62CA9EC28F65F2F3E, 3EBC0ABFC9ABFE4508E21A032A28D12B73CB91DE1FD830069F F902336A271E68 ] C:\Program Files\AVAST Software\Avast\avastui.exe
17:16:35.0686 0x0e88 C:\Program Files\AVAST Software\Avast\avastui.exe - ok
17:16:35.0686 0x0e88 [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C 1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
17:16:35.0686 0x0e88 C:\Windows\SysWOW64\cabinet.dll - ok
17:16:35.0686 0x0e88 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593 197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a 1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp 80.dll
17:16:35.0686 0x0e88 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a 1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp 80.dll - ok
17:16:35.0702 0x0e88 [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948D FA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
17:16:35.0702 0x0e88 C:\Windows\SysWOW64\cryptui.dll - ok
17:16:35.0702 0x0e88 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862, 64C8450EF5EA81997E35FD8D4A1624729A749D74A5B511B5B9 AC00E2AEFEF94B ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
17:16:35.0702 0x0e88 C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll - ok
17:16:35.0702 0x0e88 [ 512AB725AFE15EE0B5CBE6B993844593, 4488A67FA3FE417411A8BA8C9F8846ABA4EEB7346F71824DA4 D36845D10DE058 ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
17:16:35.0702 0x0e88 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
17:16:35.0702 0x0e88 [ 7C45460CDB951C4EA5C7EA7C6AA261E1, 5F7E9DB8AF5FEBBBD379E08137D5F4BB0F4822C0771F5630A8 1C6ACF27B7211C ] C:\Windows\winsxs\x86_avast.vc140.mfc_fcc99ee6193e bbca_14.0.23918.0_none_a0556d0c3304aaf3\mfc140u.dl l
17:16:35.0702 0x0e88 C:\Windows\winsxs\x86_avast.vc140.mfc_fcc99ee6193e bbca_14.0.23918.0_none_a0556d0c3304aaf3\mfc140u.dl l - ok
17:16:35.0717 0x0e88 [ 022E2AD8EBCFCC8547B18BB61651BE27, 79ADA95CC7542C7CC7AA07F6264F262E4C9111986B899534DC 492BE9ABEFA4A1 ] C:\Program Files\AVAST Software\Avast\HTMLayout.dll
17:16:35.0717 0x0e88 C:\Program Files\AVAST Software\Avast\HTMLayout.dll - ok
17:16:35.0717 0x0e88 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE02 81B938D5336F2E ] C:\Windows\System32\batmeter.dll
17:16:35.0717 0x0e88 C:\Windows\System32\batmeter.dll - ok
17:16:35.0717 0x0e88 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422 732901D35F75F2 ] C:\Windows\System32\stobject.dll
17:16:35.0717 0x0e88 C:\Windows\System32\stobject.dll - ok
17:16:35.0717 0x0e88 [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C 24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
17:16:35.0717 0x0e88 C:\Windows\System32\SearchIndexer.exe - ok
17:16:35.0717 0x0e88 [ 7245B4C192D20107B4A3E887AED3F76E, D07B9D349E11F6E081040C5F4810CEE4DA7228D15318CADF4E 85AEA58AEFBDCF ] C:\Program Files\CCleaner\CCleaner.exe
17:16:35.0717 0x0e88 C:\Program Files\CCleaner\CCleaner.exe - ok
17:16:35.0733 0x0e88 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F3 7A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
17:16:35.0733 0x0e88 C:\Windows\System32\prnfldr.dll - ok
17:16:35.0733 0x0e88 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D 85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
17:16:35.0733 0x0e88 C:\Windows\SysWOW64\samcli.dll - ok
17:16:35.0733 0x0e88 [ CFC7CBBDD35A6906514C2A69648E0028, FE3514CC1170E5B7FB4C04D4FE70D7B002F428679D155D5D10 21B44D531E20EC ] C:\Program Files\Synaptics\SynTP\InstNT.exe
17:16:35.0733 0x0e88 C:\Program Files\Synaptics\SynTP\InstNT.exe - ok
17:16:35.0733 0x0e88 [ 53E85DD329EB3FEAF776E6E84C68CF23, FC1EB41383EE0FEEC1797BB590156DA414542C4201D8384FD0 D990CE42264EE0 ] C:\Program Files\Synaptics\SynTP\SynToshiba.exe
17:16:35.0733 0x0e88 C:\Program Files\Synaptics\SynTP\SynToshiba.exe - ok
17:16:35.0733 0x0e88 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9 E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
17:16:35.0733 0x0e88 C:\Windows\System32\DXP.dll - ok
17:16:35.0749 0x0e88 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E 24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
17:16:35.0749 0x0e88 C:\Windows\System32\Syncreg.dll - ok
17:16:35.0749 0x0e88 [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765D D96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
17:16:35.0749 0x0e88 C:\Windows\ehome\ehSSO.dll - ok
17:16:35.0749 0x0e88 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38E C36C128CDB98B9 ] C:\Windows\System32\netshell.dll
17:16:35.0749 0x0e88 C:\Windows\System32\netshell.dll - ok
17:16:35.0749 0x0e88 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936 993A637F712761 ] C:\Windows\System32\AltTab.dll
17:16:35.0749 0x0e88 C:\Windows\System32\AltTab.dll - ok
17:16:35.0749 0x0e88 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6 A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
17:16:35.0749 0x0e88 C:\Windows\System32\WPDShServiceObj.dll - ok
17:16:35.0764 0x0e88 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705 C03C4947958F39 ] C:\Windows\System32\pnidui.dll
17:16:35.0764 0x0e88 C:\Windows\System32\pnidui.dll - ok
17:16:35.0764 0x0e88 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD 9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
17:16:35.0764 0x0e88 C:\Windows\System32\QUTIL.DLL - ok
17:16:35.0764 0x0e88 [ F4B5750AEF97CC2213981343A816DFB3, F2BE89A2AE5A5C3E8CCADAC55053E7587F3A6B176D1946992B 87EAEF296141CD ] C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
17:16:35.0764 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPCOM.dll - ok
17:16:35.0764 0x0e88 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E19303 2FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
17:16:35.0764 0x0e88 C:\Windows\System32\srchadmin.dll - ok
17:16:35.0764 0x0e88 [ DE325A3D3FB29A8DF9886BF85E411A95, 03C48BCC0CC1A4D441252F6FED9CD6D5D5A89C18C9E53A5CE2 AB652264D73BAC ] C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
17:16:35.0764 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPCpl.dll - ok
17:16:35.0764 0x0e88 [ E1DC9324D520687B816E33C77EE5D8BC, 7B47BCCFF251DE4BFF8DD174503C035DBE639E504AC7065BD9 F56A9FFC64D4F7 ] C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
17:16:35.0764 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll - ok
17:16:35.0780 0x0e88 [ E2B41D6676B915FBC39517BD3C969CB9, CEF4B3012F397D2F1B44979D5043A5F86E1271DC3413AC6327 806AFC6CE1BEDA ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
17:16:35.0780 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
17:16:35.0780 0x0e88 [ 5C3F9DBA818CD93379D1A0F215270374, 6A4D96AC83989D47D80332E41E627F2607A3B2167E1A5D8E21 361136C4424633 ] C:\Windows\SysWOW64\esent.dll
17:16:35.0780 0x0e88 C:\Windows\SysWOW64\esent.dll - ok
17:16:35.0780 0x0e88 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA 164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
17:16:35.0780 0x0e88 C:\Windows\System32\ActionCenter.dll - ok
17:16:35.0780 0x0e88 [ D534F0C1E8B79AD05100BC6A17522AF8, 68AECBD209C4948053B6A2326B08E90762B5CE238046218FBB 25C33B85A1F310 ] C:\Windows\SysWOW64\idndl.dll
17:16:35.0780 0x0e88 C:\Windows\SysWOW64\idndl.dll - ok
17:16:35.0780 0x0e88 [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3 FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
17:16:35.0780 0x0e88 C:\Windows\SysWOW64\d3d9.dll - ok
17:16:35.0795 0x0e88 [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E98 0D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
17:16:35.0795 0x0e88 C:\Windows\SysWOW64\d3d8thk.dll - ok
17:16:35.0795 0x0e88 [ 2B7DB3E2C6DC1BC4D3682838BDB1304C, 2335DCB2915B44E51CB5E4F578B5D81741C8A8F828BA28033D 4926BE0E8314F6 ] C:\Windows\SysWOW64\igdumdx32.dll
17:16:35.0795 0x0e88 C:\Windows\SysWOW64\igdumdx32.dll - ok
17:16:35.0795 0x0e88 [ 933421733C2C4BE8CB161D18E9652E69, 9C0766C6DBD69265EEC7528B92FB1A14298A30D41B7F9E978A E4F5E2CFC45494 ] C:\Windows\SysWOW64\igdumd32.dll
17:16:35.0795 0x0e88 C:\Windows\SysWOW64\igdumd32.dll - ok
17:16:35.0795 0x0e88 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F2 26E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
17:16:35.0795 0x0e88 C:\Windows\SysWOW64\sxs.dll - ok
17:16:35.0795 0x0e88 [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27A EF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
17:16:35.0795 0x0e88 C:\Windows\System32\mscoree.dll - ok
17:16:35.0811 0x0e88 [ 6820A9E91AFF7CB3A510360D8CCD9BDD, C9F73878D7179137CE0FA07C57DF11E70C0D5F20639E420A4C 335FF3068EC0A9 ] C:\Windows\SysWOW64\mshtml.dll
17:16:35.0811 0x0e88 C:\Windows\SysWOW64\mshtml.dll - ok
17:16:35.0811 0x0e88 [ AA794B099F776B37ACCDEAD00E0FBFC9, CB6DA7F6A8BB09BBCFCB37E96FBA44F989DD7485535801CB9B 6BD7F5A9C838E0 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms coreei.dll
17:16:35.0811 0x0e88 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ms coreei.dll - ok
17:16:35.0811 0x0e88 [ A05C0003E8D7CEA359A439690554F8BB, 53283C41E2427D1168A869B4C72F7BF59DEC3B74D29DC02BBC 6AB210F0F03237 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corwks.dll
17:16:35.0811 0x0e88 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corwks.dll - ok
17:16:35.0811 0x0e88 [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1 F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
17:16:35.0811 0x0e88 C:\Windows\SysWOW64\mlang.dll - ok
17:16:35.0811 0x0e88 [ 6B177910B98A6FE49589F7202DA69856, 3CBC02E75262CBF034166763D8BEB4210FDD5637D1171BE253 EF87E21651F6D5 ] C:\Program Files\Synaptics\SynTP\SynTPRes.dll
17:16:35.0811 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPRes.dll - ok
17:16:35.0811 0x0e88 [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA 1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
17:16:35.0811 0x0e88 C:\Windows\System32\FXSST.dll - ok
17:16:35.0827 0x0e88 [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F 668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
17:16:35.0827 0x0e88 C:\Windows\System32\FXSAPI.dll - ok
17:16:35.0827 0x0e88 [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC 5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
17:16:35.0827 0x0e88 C:\Windows\System32\FXSRESM.dll - ok
17:16:35.0827 0x0e88 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3 DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
17:16:35.0827 0x0e88 C:\Windows\System32\FXSSVC.exe - ok
17:16:35.0827 0x0e88 [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED13 0DB69D2D16E90A ] C:\Windows\System32\tquery.dll
17:16:35.0827 0x0e88 C:\Windows\System32\tquery.dll - ok
17:16:35.0827 0x0e88 [ 26D652191B51854E66084DDAEE69EC65, 224337AB69B83B9175B4B1B6180A9ED2C2AB5D71CCA682694C 15C9A2BE00ABD8 ] C:\Windows\System32\verifier.dll
17:16:35.0827 0x0e88 C:\Windows\System32\verifier.dll - ok
17:16:35.0842 0x0e88 [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F 7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
17:16:35.0842 0x0e88 C:\Windows\System32\mssrch.dll - ok
17:16:35.0842 0x0e88 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F5 3DD32A827CB936 ] C:\Windows\System32\netman.dll
17:16:35.0842 0x0e88 C:\Windows\System32\netman.dll - ok
17:16:35.0842 0x0e88 [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6 E2165C32ED376C ] C:\Windows\System32\msidle.dll
17:16:35.0842 0x0e88 C:\Windows\System32\msidle.dll - ok
17:16:35.0842 0x0e88 [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079 A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
17:16:35.0842 0x0e88 C:\Windows\System32\NapiNSP.dll - ok
17:16:35.0842 0x0e88 [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C 2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
17:16:35.0842 0x0e88 C:\Windows\System32\mssprxy.dll - ok
17:16:35.0858 0x0e88 [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68 303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
17:16:35.0858 0x0e88 C:\Windows\SysWOW64\mssprxy.dll - ok
17:16:35.0858 0x0e88 [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E8 8031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
17:16:35.0858 0x0e88 C:\Windows\System32\pnrpnsp.dll - ok
17:16:35.0858 0x0e88 [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D8872932 6E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
17:16:35.0858 0x0e88 C:\Windows\System32\winrnr.dll - ok
17:16:35.0858 0x0e88 [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273 EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
17:16:35.0858 0x0e88 C:\Windows\System32\en-US\tquery.dll.mui - ok
17:16:35.0858 0x0e88 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2 A343373467443C ] C:\Windows\System32\rasdlg.dll
17:16:35.0858 0x0e88 C:\Windows\System32\rasdlg.dll - ok
17:16:35.0873 0x0e88 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A0 8EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
17:16:35.0873 0x0e88 C:\Windows\System32\dot3api.dll - ok
17:16:35.0873 0x0e88 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E 33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
17:16:35.0873 0x0e88 C:\Windows\System32\wlanhlp.dll - ok
17:16:35.0873 0x0e88 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760 D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
17:16:35.0873 0x0e88 C:\Windows\System32\WWanAPI.dll - ok
17:16:35.0873 0x0e88 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2 358076E893EA47 ] C:\Windows\System32\wwapi.dll
17:16:35.0873 0x0e88 C:\Windows\System32\wwapi.dll - ok
17:16:35.0873 0x0e88 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE8 5FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
17:16:35.0873 0x0e88 C:\Windows\System32\QAGENT.DLL - ok
17:16:35.0873 0x0e88 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649 BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
17:16:35.0873 0x0e88 C:\Windows\System32\bthprops.cpl - ok
17:16:35.0889 0x0e88 [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D 9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
17:16:35.0889 0x0e88 C:\Windows\System32\SearchProtocolHost.exe - ok
17:16:35.0889 0x0e88 [ FC3A5E13D26C131E6BB39094D9ACD1F6, 249EA59C69925AE3019F0D0F4910B7FE8C886A6DE06C39D6FF BAC370FF2520C0 ] C:\Windows\System32\ieframe.dll
17:16:35.0889 0x0e88 C:\Windows\System32\ieframe.dll - ok
17:16:35.0889 0x0e88 [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD0 29711529B0BE2C ] C:\Windows\System32\msshooks.dll
17:16:35.0889 0x0e88 C:\Windows\System32\msshooks.dll - ok
17:16:35.0889 0x0e88 [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AA E9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
17:16:35.0889 0x0e88 C:\Windows\System32\SearchFilterHost.exe - ok
17:16:35.0889 0x0e88 [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706 FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
17:16:35.0889 0x0e88 C:\Windows\System32\mssph.dll - ok
17:16:35.0905 0x0e88 [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0A A6A715197FF2DD ] C:\Windows\System32\mapi32.dll
17:16:35.0905 0x0e88 C:\Windows\System32\mapi32.dll - ok
17:16:35.0905 0x0e88 [ FF2B106909EED48C536DA04742C0324A, 7FEE709C0E37747412C3420EC2622F23F1CD87473D0A5890F2 752E8F0B76D3E0 ] C:\Windows\System32\Query.dll
17:16:35.0905 0x0e88 C:\Windows\System32\Query.dll - ok
17:16:35.0905 0x0e88 [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A 30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
17:16:35.0905 0x0e88 C:\Windows\System32\oleacc.dll - ok
17:16:35.0905 0x0e88 [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362 F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
17:16:35.0905 0x0e88 C:\Windows\System32\mlang.dll - ok
17:16:35.0905 0x0e88 [ D7CEAEDD5F75D2C8A2E80887D7C114CE, 44D7D7BBF8643D4168A3B0369AB88C83A156943FB6295FAF8E 131C55F080ED19 ] C:\Windows\System32\webcheck.dll
17:16:35.0905 0x0e88 C:\Windows\System32\webcheck.dll - ok
17:16:35.0920 0x0e88 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E76 5F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
17:16:35.0920 0x0e88 C:\Windows\System32\SyncCenter.dll - ok
17:16:35.0920 0x0e88 [ 76CDA84DCB30EBDEF0D86051A72E0C0F, 07A91447463F50C83CCEA3662EECF2B4BECB6988D29EE5E448 5DCE3E00E8F44A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\msc orlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni .dll
17:16:35.0920 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_64\msc orlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni .dll - ok
17:16:35.0920 0x0e88 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E 8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
17:16:35.0920 0x0e88 C:\Windows\System32\imapi2.dll - ok
17:16:35.0920 0x0e88 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074 B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
17:16:35.0920 0x0e88 C:\Windows\System32\hgcpl.dll - ok
17:16:35.0920 0x0e88 [ 3ABB7ADB9CCBCD24D6C55201A3842A94, C7B53EE59D3B51D256210E263E34178508CEA79AA0F187B991 4473149CA725FB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corjit.dll
17:16:35.0920 0x0e88 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\ms corjit.dll - ok
17:16:35.0936 0x0e88 [ BA48FCD5653B8A62F39AAF2663EC5D10, 5CAC91361C5327FE00CF5780410EDA9DF629B99729EA31BA9B C17B49FC3B34DE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Sys tem\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
17:16:35.0936 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_64\Sys tem\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
17:16:35.0936 0x0e88 [ 040CAD6E6600BCEF7A91AE9885C4158F, 41E1AC22E988D165137426D6F5E69A22D154AF919AE7BDE88B 56BE86FDA0B51E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Sys tem.Drawing\222eb8aa336953a6b0216db2b0c4770d\Syste m.Drawing.ni.dll
17:16:35.0936 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_64\Sys tem.Drawing\222eb8aa336953a6b0216db2b0c4770d\Syste m.Drawing.ni.dll - ok
17:16:35.0936 0x0e88 [ 1E8D1091011E1C51B44A94DE5EE89A6A, 268D5AAF3861CE3FD65CD0F1FB180E70CB6AD2AF6DB1213797 56D89E72C17AAC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\Sys tem.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564 \System.Windows.Forms.ni.dll
17:16:35.0936 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_64\Sys tem.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564 \System.Windows.Forms.ni.dll - ok
17:16:35.0936 0x0e88 [ C0AF0059A0A4FC50C8260FB05919E8D2, BBA9D65B982DFAA3B1AA464BC84E6AB8402DB9F22A45F4E931 CE1B952D726639 ] C:\Program Files\AVAST Software\Avast\defs\17041812\SWCUEngine.dll
17:16:35.0936 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\SWCUEngine.dll - ok
17:16:35.0951 0x0e88 [ B29280AA00BC34FEECDC0426B11B9DAC, 9FE8CD345D00F74EDD1ADFF073835AC611F4045927C21AFCCD 6D85E171880F17 ] C:\Windows\SysWOW64\RstrtMgr.dll
17:16:35.0951 0x0e88 C:\Windows\SysWOW64\RstrtMgr.dll - ok
17:16:35.0951 0x0e88 ================ Scan generic autorun ======================
17:16:35.0951 0x0e88 TPwrMain - ok
17:16:35.0951 0x0e88 HSON - ok
17:16:35.0951 0x0e88 TCrdMain - ok
17:16:36.0014 0x0e88 [ 6B640D9B1C114DDB8A534A9101DCEF29, 2993E6282D8DC6CD431D7B79C9C7EB3AF9AB3BBDD8F90C8514 2D14DC2575BB99 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
17:16:36.0029 0x0e88 SmartAudio - ok
17:16:36.0139 0x0e88 [ 8D8839FDB43DE6F35D4A26294B8B9549, 536C38B0D78A170180495098AAE6187DA428C8338E971F264B 083808C8949EBF ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent 64.exe
17:16:36.0154 0x0e88 cAudioFilterAgent - ok
17:16:36.0154 0x0e88 SynTPEnh - ok
17:16:36.0513 0x0e88 Teco - ok
17:16:36.0513 0x0e88 TosWaitSrv - ok
17:16:36.0622 0x0e88 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75 BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
17:16:36.0638 0x0e88 TosVolRegulator - ok
17:16:36.0731 0x0e88 [ 426350B428CD70D037A3326EB9E5EDFD, B7B1A20D1D75661533CF983EA0C6E520B928AF6FCCDA70C488 FC8FC566B5AF7F ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
17:16:36.0747 0x0e88 TosSENotify - ok
17:16:36.0747 0x0e88 TosNC - ok
17:16:36.0763 0x0e88 TosReelTimeMonitor - ok
17:16:37.0777 0x0e88 [ C78761C2A5475EA16ADCD438CC17841F, 2EC81397DE7BEF39EA1E1758FE778A0A31C8D04B6AD76D9C09 17D95808366A70 ] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
17:16:38.0089 0x0e88 ZAM - ok
17:16:38.0198 0x0e88 [ BB752714D14CB1F13969D721F1A3A60F, 32B95C75704BE37B349E0493AA8D2FCDAE8007275124646125 650456D3A1563F ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
17:16:38.0213 0x0e88 TSleepSrv - ok
17:16:38.0463 0x0e88 [ 02F4246866BF35BF2244E5CF72E25895, AA08D3E65CCF6F4F79D169575C9B4FE8BA078246BFB30C3809 39A4A3B6092074 ] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe
17:16:38.0541 0x0e88 NortonOnlineBackupReminder - ok
17:16:38.0603 0x0e88 [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2A DF7FD0DC8EEF66 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
17:16:38.0650 0x0e88 ToshibaAppPlace - detected UnsignedFile.Multi.Generic ( 1 )
17:16:38.0650 0x0e88 ToshibaAppPlace ( UnsignedFile.Multi.Generic ) - warning
17:16:38.0650 0x0e88 Force sending object to P2P due to detect: C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
17:16:38.0650 0x0e88 Object send P2P result: false
17:16:38.0759 0x0e88 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44, A3967758E30609D29A4856F373DD2C971B341F914825D72038 7ACFD7499EDC3D ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
17:16:38.0791 0x0e88 DivXUpdate - ok
17:16:39.0305 0x0e88 [ 70050353213574B62CA9EC28F65F2F3E, 3EBC0ABFC9ABFE4508E21A032A28D12B73CB91DE1FD830069F F902336A271E68 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:16:39.0539 0x0e88 AvastUI.exe - ok
17:16:39.0649 0x0e88 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D4 8F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:16:39.0695 0x0e88 Sidebar - ok
17:16:39.0727 0x0e88 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B72 5CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:16:39.0789 0x0e88 mctadmin - ok
17:16:39.0820 0x0e88 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D4 8F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:16:39.0851 0x0e88 Sidebar - ok
17:16:39.0851 0x0e88 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B72 5CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:16:39.0883 0x0e88 mctadmin - ok
17:16:40.0382 0x0e88 [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602 BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
17:16:40.0569 0x0e88 CCleaner - ok
17:16:40.0631 0x0e88 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 12.1.3076.0 ), 0x41000 ( enabled : updated )
17:16:40.0631 0x0e88 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 12.1.3076.0 ), 0x40010 ( disabled )
17:16:40.0663 0x0e88 Win FW state via NFP2: enabled ( trusted )
17:16:40.0663 0x0e88 ================================================== ==========
17:16:40.0663 0x0e88 Scan finished
17:16:40.0663 0x0e88 ================================================== ==========
17:16:40.0678 0x0e54 Detected object count: 3
17:16:40.0678 0x0e54 Actual detected object count: 3
17:16:46.0466 0x0e54 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:46.0466 0x0e54 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:46.0466 0x0e54 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:16:46.0466 0x0e54 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:16:46.0466 0x0e54 ToshibaAppPlace ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:46.0466 0x0e54 ToshibaAppPlace ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:54.0281 0x0ed0 Deinitialize successComment
-
What now?Comment
Comment