would like to make a really laptop (somewhat) functional

**dwm34** · 07-24-2017, 06:12 PM

Hi - yes, when I did the between the stars instructions, I did make the text log as you described above.
One thing: just a few minutes ago, there was a change to the AutoScan screen that I described before. Now it appears that there is some progress being made, or some process coming to competion. Now, below the line that says, ‘However, scan times for badly infected machines may easily double’, there are some added lines, as follows:

Completed Stage_1
Completed Stage_2
Completed Stage_3
Completed Stage_4
Completed Stage_5
Completed Stage_6
Completed Stage_6A

(and all the way through like this, and the scan is currently moving faster, and is at Completed Stage_48)

I think I’d like to wait a few minutes and see what happens here before stopping it, if that would be feasible

**dwm34** · 07-24-2017, 06:17 PM

Ok, now ComboFix is rebooting the machine, and told me to allow it to reboot, and not for me to reboot manually. I’ll see what happens when it reboots, and if it reboots ok, I will then look to see if there is a log.

**dwm34** · 07-24-2017, 06:33 PM

what do you know, it rebooted and generated a log. Here is the Combofix log. Let me know if it is sufficient or if I have to follow through with your CFScript download also.

ComboFix 17-07-07.01 - Patricia Murphy 07/24/2017 14:02:09.2.2 - x86
Microsoft Windows XP Professional 5.1.2600.3.1252.1.1033.18.502.162 [GMT -4:00]
Running from: c:\documents and settings\Patricia Murphy\Desktop\ComboFix.exe
Command switches used :: c:\documents and settings\Patricia Murphy\Desktop\CFScript.txt
FW: Norton Internet Worm Protection Disabled {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}
.
WARNING -THIS MACHINE DOES NOT HAVE THE RECOVERY CONSOLE INSTALLED !!
.
FILE ::
“c:\documents and settings\LocalService\Local Settings\Application Data\Vosteran”
.
.
((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
c:\documents and settings\All Users\ntuser.pol
c:\documents and settings\LocalService\Local Settings\Application Data\Vosteran
c:\documents and settings\LocalService\Local Settings\Application Data\Vosteran\User Data\Default\Extensions\bcdilgmfebioicioimhbfoaclh gnbahl\1.0.1_0\background.js
c:\documents and settings\LocalService\Local Settings\Application Data\Vosteran\User Data\Default\Extensions\bcdilgmfebioicioimhbfoaclh gnbahl\1.0.1_0\content.js
c:\documents and settings\LocalService\Local Settings\Application Data\Vosteran\User Data\Default\Extensions\bcdilgmfebioicioimhbfoaclh gnbahl\1.0.1_0\icon.png
c:\documents and settings\LocalService\Local Settings\Application Data\Vosteran\User Data\Default\Extensions\bcdilgmfebioicioimhbfoaclh gnbahl\1.0.1_0\manifest.json
c:\progra~1\MAPSGA~2
c:\progra~1\MAPSGA~2\bar\1.bin\39auxstb.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39auxstb64.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39barsvc.exe
c:\progra~1\MAPSGA~2\bar\1.bin\39bprtct.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39brmon.exe
c:\progra~1\MAPSGA~2\bar\1.bin\39brmon64.exe
c:\progra~1\MAPSGA~2\bar\1.bin\39brstub.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39brstub64.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39datact.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39dlghk.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39dlghk64.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39feedmg.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39highin.exe
c:\progra~1\MAPSGA~2\bar\1.bin\39hkstub.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39htmlmu.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39httpct.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39idle.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39ieovr.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39medint.exe
c:\progra~1\MAPSGA~2\bar\1.bin\39mlbtn.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39Plugin.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39radio.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39regfft.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39reghk.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39regiet.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39script.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39skin.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39skplay.exe
c:\progra~1\MAPSGA~2\bar\1.bin\39SrchMn.exe
c:\progra~1\MAPSGA~2\bar\1.bin\39srchmr.dll
c:\progra~1\MAPSGA~2\bar\1.bin\39tpinst.dll
c:\progra~1\MAPSGA~2\bar\1.bin\APPINTEGRATOR.EXE
c:\progra~1\MAPSGA~2\bar\1.bin\AppIntegrator64.exe
c:\progra~1\MAPSGA~2\bar\1.bin\AppIntegratorStub64 .dll
c:\progra~1\MAPSGA~2\bar\1.bin\ASSISTMONITOR.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\ASSISTMONITOR64.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\assists\ie_default_ search_provider\ARBITER.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\assists\ie_default_ search_provider\ARBITER64.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\assists\ie_default_ search_provider\ASSIST.EXE
c:\progra~1\MAPSGA~2\bar\1.bin\assists\ie_default_ search_provider\CONFIG.XML
c:\progra~1\MAPSGA~2\bar\1.bin\BOOTSTRAP.JS
c:\progra~1\MAPSGA~2\bar\1.bin\CHROME.MANIFEST
c:\progra~1\MAPSGA~2\bar\1.bin\chrome\39ffxtbr.jar
c:\progra~1\MAPSGA~2\bar\1.bin\CREXT.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\CrExtP39.exe
c:\progra~1\MAPSGA~2\bar\1.bin\DPNMNGR.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\EXEMANAGER.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\FF-NativeMessagingDispatcher.dll
c:\progra~1\MAPSGA~2\bar\1.bin\Hpg64.dll
c:\progra~1\MAPSGA~2\bar\1.bin\INSTALL.RDF
c:\progra~1\MAPSGA~2\bar\1.bin\installKeys.js
c:\progra~1\MAPSGA~2\bar\1.bin\LOGO.BMP
c:\progra~1\MAPSGA~2\bar\1.bin\NP39Stub.dll
c:\progra~1\MAPSGA~2\bar\1.bin\T8EPMSUP.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\T8EXTEX.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\T8EXTPEX.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\T8HTML.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\T8RES.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\T8TICKER.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\TPIMANAGERCONSOLE.E XE
c:\progra~1\MAPSGA~2\bar\1.bin\UNIFIEDLOGGING.DLL
c:\progra~1\MAPSGA~2\bar\1.bin\VERIFY.DLL
c:\progra~1\MAPSGA~2\bar\Cache\00115F92.bmp
c:\progra~1\MAPSGA~2\bar\Cache\0011602E.cab
c:\progra~1\MAPSGA~2\bar\Cache\002C3784
c:\progra~1\MAPSGA~2\bar\Cache\002C4242.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C42EE.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C438B.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C43D9.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C4485.cab
c:\progra~1\MAPSGA~2\bar\Cache\002C4688.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C4705.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C481E.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C487C.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C48BB.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C4976.cab
c:\progra~1\MAPSGA~2\bar\Cache\002C4C26.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C4D10.cab
c:\progra~1\MAPSGA~2\bar\Cache\002C50AA.bmp
c:\progra~1\MAPSGA~2\bar\Cache\002C51E2.cab
c:\progra~1\MAPSGA~2\bar\Cache\files.ini
c:\progra~1\MAPSGA~2\bar\gen1\COMMON.T8S
c:\progra~1\MAPSGA~2\bar\History\search3
c:\progra~1\MAPSGA~2\bar\IE9Mesg\COMMON.T8S
c:\progra~1\MAPSGA~2\bar\Message\COMMON.T8S
c:\progra~1\MAPSGA~2\bar\Settings\prevcfg2.htm
c:\progra~1\MAPSGA~2\bar\Settings\s_pid.dat
c:\windows\system32\con
.
.
((((((((((((((((((((((((((((((((((((((( Drivers/Services )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
-------\Legacy_MAPSGALAXY_39SERVICE
-------\Legacy_UPDATE_ENTERDIGITAL
-------\Legacy_UTIL_ENTERDIGITAL
-------\Service_MapsGalaxy_39Service
-------\Service_Update EnterDigital
-------\Service_Util EnterDigital
.
.
((((((((((((((((((((((((( Files Created from 2017-06-24 to 2017-07-24 )))))))))))))))))))))))))))))))
.
.
2017-07-23 16:03 . 2017-07-23 16:03 62576 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates{1A1DB36B-94CF-4B2F-8880-E8E693A4562A}\offreg.1276.dll
2017-07-21 04:11 . 2017-07-21 04:11 62576 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates{1A1DB36B-94CF-4B2F-8880-E8E693A4562A}\offreg.1232.dll
2017-07-18 14:05 . 2017-07-08 03:48 10685920 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates{1A1DB36B-94CF-4B2F-8880-E8E693A4562A}\mpengine.dll
2017-07-14 04:03 . 2017-07-19 18:37 -------- d-----w- C:\FRST
2017-07-09 04:02 . 2017-07-09 04:04 -------- d-----w- c:\documents and settings\Patricia Murphy\Local Settings\Application Data{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 08:49 . 2017-07-08 08:49 -------- d-----w- c:\documents and settings\LocalService\Local Settings\Application Data\Google
2017-07-08 05:30 . 2017-07-08 05:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data\Chromium
2017-07-08 05:29 . 2017-07-08 05:29 -------- d-----w- c:\documents and settings\Patricia Murphy\Local Settings\Application Data\chromium
2017-07-08 05:28 . 2008-04-14 00:12 26624 ----a-w- c:\documents and settings\LocalService\Application Data\Microsoft\UPnP Device Host\upnphost\udhisapi.dll
2017-07-08 05:28 . 2017-07-08 05:31 -------- d-----w- c:\documents and settings\NetworkService\Local Settings\Application Data{512E6772-7586-0BCA-181E-2E223C76D2BA}
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report )))))))))))))))))))))))))))))))))))))))))))))))))) ))
.
2017-07-08 03:48 . 2013-05-04 23:11 10685920 ----a-w- c:\documents and settings\All Users\Application Data\Microsoft\Windows Defender\Definition Updates\Backup\mpengine.dll
2013-01-23 21:19 . 2014-10-16 13:23 263064 ----a-w- c:\program files\mozilla firefox\components\browsercomps.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
Note empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\Run]
“ISUSPM Startup”=“c:\program files\Common Files\InstallShield\UpdateService\isuspm.exe” [2005-06-10 249856]
“ISUSScheduler”=“c:\program files\Common Files\InstallShield\UpdateService\issch.exe” [2005-06-10 81920]
“HP Software Update”=“c:\program files\HP\HP Software Update\HPWuSchd2.exe” [2008-03-26 49152]
“hpqSRMon”=“c:\program files\HP\Digital Imaging\bin\hpqSRMon.exe” [2008-03-13 81920]
“QuickTime Task”=“c:\program files\QuickTime\qttask.exe” [2006-03-27 98304]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\Curr entVersion\RunOnce]
“WIAWizardMenu”=“c:\windows\system32\sti_ci.dll” [2008-04-14 136704]
.
[HKEY_USERS.DEFAULT\Software\Microsoft\Windows\Curr entVersion\Run]
“DWQueuedReporting”=“c:\progra~1\COMMON~1\MICROS~1 \DW\dwtrig20.exe” [2007-03-13 39264]
.
c:\documents and settings\All Users\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - c:\program files\HP\Digital Imaging\bin\hpqtra08.exe [2008-3-25 214360]
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Contro l\SafeBoot\Minimal\WinDefend]
@=“Service”
.
[HKLM~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Adobe Reader Speed Launch.lnk
backup=c:\windows\pss\Adobe Reader Speed Launch.lnkCommon Startup
.
[HKLM~\startupfolder\C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk]
path=c:\documents and settings\All Users\Start Menu\Programs\Startup\Digital Line Detect.lnk
backup=c:\windows\pss\Digital Line Detect.lnkCommon Startup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\KernelFaultCheck]
c:\windows\system32\dumprep 0 -k
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ShowLOMControl]

.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Corel Photo Downloader]
2005-08-31 17:06 106496 ----a-w- c:\program files\Corel\Corel Photo Album 6\MediaDetect.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ctfmon.exe]
2008-04-14 00:12 15360 ----a-w- c:\windows\system32\ctfmon.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ddoctorv2]
2008-04-24 17:25 202560 ----a-w- c:\program files\Comcast\Desktop Doctor\bin\sprtcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Dell QuickSet]
2005-12-06 16:45 839680 ----a-w- c:\program files\Dell\QuickSet\quickset.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DellSupport]
2007-03-15 15:09 460784 ----a-w- c:\program files\DellSupport\DSAgnt.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dla]
2004-12-06 07:05 127035 ----a-w- c:\windows\system32\dla\tfswctrl.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DVDLauncher]
2005-12-10 02:29 49152 ------w- c:\program files\CyberLink\PowerDVD\DVDLauncher.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ehTray]
2005-09-29 20:01 67584 ----a-w- c:\windows\ehome\ehtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxhkcmd]
2005-12-14 05:41 77824 ----a-w- c:\windows\system32\hkcmd.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxpers]
2005-12-14 05:45 118784 ----a-w- c:\windows\system32\igfxpers.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\igfxtray]
2005-12-14 05:44 98304 ----a-w- c:\windows\system32\igfxtray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelWireless]
2005-12-28 17:56 602182 ----a-w- c:\program files\Intel\Wireless\Bin\iFrmewrk.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\IntelZeroConfig]
2005-12-28 17:55 667718 ----a-w- c:\program files\Intel\Wireless\Bin\ZCfgSvc.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSPM Startup]
2005-06-10 16:44 249856 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\ISUSPM.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ISUSScheduler]
2005-06-10 16:44 81920 ----a-w- c:\program files\Common Files\InstallShield\UpdateService\issch.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MimBoot]
2005-09-09 01:20 8192 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mimboot.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MMTray]
2005-09-09 01:20 110592 ----a-w- c:\progra~1\MUSICM~1\MUSICM~3\mm_tray.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\ModemOnHold]
2003-09-10 08:24 20480 ------w- c:\program files\NetWaiting\netwaiting.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSMSGS]
2008-04-14 00:12 1695232 ----a-w- c:\program files\Messenger\msmsgs.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\nmapp]
2005-12-12 21:06 874064 ----a-w- c:\program files\Pure Networks\Network Magic\nmapp.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\QuickTime Task]
2006-03-27 14:35 98304 ----a-w- c:\program files\QuickTime\qttask.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RealTray]
2006-03-27 14:35 26112 ----a-w- c:\program files\Real\RealPlayer\realplay.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SigmatelSysTrayApp]
2005-11-17 03:35 397312 ----a-w- c:\windows\stsystra.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SynTPEnh]
2005-11-30 00:56 761947 ----a-w- c:\program files\Synaptics\SynTP\SynTPEnh.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
“DisableMonitoring”=dword:00000001
.
[HKLM~\services\sharedaccess\parameters\firewallpol icy\standardprofile\AuthorizedApplications\List]
“%windir%\system32\sessmgr.exe”=
.
[HKLM~\services\sharedaccess\parameters\firewallpol icy\standardprofile\GloballyOpenPorts\List]
“50000:UDP”= 50000:UDP:IHA_MessageCenter
.
R2 IHA_MessageCenter;IHA_MessageCenter;c:\program files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe [12/12/2011 12:03 PM 363128]
R2 WinDefend;Windows Defender;c:\program files\Windows Defender\MsMpEng.exe [11/3/2006 7:19 PM 13592]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12 REG_MULTI_SZ Pml Driver HPZ12 Net Driver HPZ12
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2016-09-22 17:10 1106072 ----a-w- c:\program files\Google\Chrome\Application\49.0.2623.112\Inst aller\chrmstp.exe
.
Contents of the ‘Scheduled Tasks’ folder
.
2017-07-24 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

c:\program files\Google\Update\GoogleUpdate.exe [2014-11-19 17:02]
.
2017-07-23 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
c:\program files\Google\Update\GoogleUpdate.exe [2014-11-19 17:02]
.
2017-07-24 c:\windows\Tasks\MP Scheduled Scan.job
c:\program files\Windows Defender\MpCmdRun.exe [2006-11-03 23:20]
.
.
------- Supplementary Scan -------
.
uSearchMigratedDefaultURL = hxxp://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:en-US&ie=utf8&oe=utf8
uInternet Connection Wizard,ShellNext = iexplore
uSearchURL,(Default) = hxxp://www.google.com/search?q=%s
TCP: DhcpNameServer = 192.168.1.1
DPF: vzTCPConfig - hxxp://my.verizon.com/micro/SpeedOptimizer/FiOS/vzTCPConfig.CAB
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} - hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
FF - ProfilePath - c:\documents and settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default
FF - ExtSQL: !HIDDEN! 2009-09-01 21:44; {20a82645-c095-46ed-80e3-08825760534b}; c:\windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF - ExtSQL: !HIDDEN! 2009-09-15 20:17; smartwebprinting@hp.com; c:\program files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
.
.

.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2017-07-24 14:17
Windows 5.1.2600 Service Pack 3 NTFS
.
scanning hidden processes …
.
scanning hidden autostart entries …
.
scanning hidden files …
.
scan completed successfully
hidden files: 0
.

.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}]
@Denied: (A 2) (Everyone)
@=“FlashBroker”
“LocalizedString”=“@c:\WINDOWS\system32\Macromed\F lash\FlashUtil32_15_0_0_189_ActiveX.exe,-101”
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\Elevation]
“Enabled”=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\LocalServer32]
@=“c:\WINDOWS\system32\Macromed\Flash\FlashUtil32_ 15_0_0_189_ActiveX.exe”
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID{B019E3BF-E7E5-453C-A2E4-D2C18CA0866F}\TypeLib]
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface{2998 17DA-1FAC-4CE2-8F48-A108237013BD}]
@Denied: (A 2) (Everyone)
@=“IFlashBroker6”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface{2998 17DA-1FAC-4CE2-8F48-A108237013BD}\ProxyStubClsid32]
@=“{00020424-0000-0000-C000-000000000046}”
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface{2998 17DA-1FAC-4CE2-8F48-A108237013BD}\TypeLib]
@=“{FAB3E735-69C7-453B-A446-B6823C6DF1C9}”
“Version”=“1.0”
.
[HKEY_LOCAL_MACHINE\software\Intel\Wireless\Folders \À*¬ Æ]
“Path”=“c:\WINDOWS\system32\config\systemprofile\A pplication Data\Intel\Wireless\”
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.

- - - - ‘explorer.exe’(2704)
        c:\windows\system32\WININET.dll
        c:\windows\system32\ieframe.dll
        c:\windows\system32\WPDShServiceObj.dll
        c:\windows\system32\PortableDeviceTypes.dll
        c:\windows\system32\PortableDeviceApi.dll
        .
        ------------------------ Other Running Processes ------------------------
        .
        c:\program files\Intel\Wireless\Bin\EvtEng.exe
        c:\program files\Intel\Wireless\Bin\S24EvMon.exe
        c:\program files\Intel\Wireless\Bin\WLKeeper.exe
        c:\windows\eHome\ehRecvr.exe
        c:\windows\eHome\ehSched.exe
        c:\program files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
        c:\program files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
        c:\program files\Pure Networks\Network Magic\nmsrvc.exe
        c:\program files\Intel\Wireless\Bin\RegSrvc.exe
        c:\program files\Comcast\Desktop Doctor\bin\sprtsvc.exe
        c:\windows\ehome\mcrdsvc.exe
        c:\windows\system32\dllhost.exe
        c:\windows\system32\wscntfy.exe
        c:\program files\HP\Digital Imaging\bin\hpqSTE08.exe
        c:\program files\HP\Digital Imaging\bin\hpqbam08.exe
        c:\program files\HP\Digital Imaging\bin\hpqgpc01.exe
        .

.
Completion time: 2017-07-24 14:24:12 - machine was rebooted
ComboFix-quarantined-files.txt 2017-07-24 18:24
ComboFix2.txt 2017-07-19 16:41
.
Pre-Run: 56,449,961,984 bytes free
Post-Run: 56,344,772,608 bytes free
.

- End Of File - - FC05979F38039E7F1137DB7A804A7B65
  DEA9E81F0228B68C9ADAF84C9B0CF931

**dwm34** · 07-24-2017, 07:12 PM

Here is the most recent FRST log

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-07-2017
Ran by Patricia Murphy (administrator) on PMURPHY (24-07-2017 15:08:33)
Running from C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\JGH77FOW
Loaded Profiles: Patricia Murphy (Available Profiles: Patricia Murphy & Administrator)
Platform: Microsoft Windows XP Professional Service Pack 3 (X86) Language: English (United States)
Internet Explorer Version 7 (Default browser: IE)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic...ery-scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
(Intel Corporation ) C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
(Intel(R) Corporation) C:\Program Files\Intel\Wireless\Bin\WLKEEPER.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehrecvr.exe
(Microsoft Corporation) C:\WINDOWS\ehome\ehSched.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe
(Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
(Dell Inc.) C:\Program Files\Dell\NicConfigSvc\NicConfigSvc.exe
(Pure Networks, Inc.) C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
(Intel Corporation) C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
(SupportSoft, Inc.) C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
(Microsoft Corporation) C:\WINDOWS\ehome\mcrdsvc.exe
(Microsoft Corporation) C:\WINDOWS\system32\dllhost.exe
(Microsoft Corporation) C:\WINDOWS\system32\wscntfy.exe
(InstallShield Software Corporation) C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
(Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe
(Verizon) C:\Program Files\Verizon\IHA_MessageCenter\Bin\VzDetectAgent. exe
(Farbar) C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\JGH77FOW\FRST[1].exe

==================== Registry (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM...\Run: [ISUSPM Startup] => C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe [249856 2005-06-10] (InstallShield Software Corporation)
HKLM...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2005-06-10] (InstallShield Software Corporation)
HKLM...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [49152 2008-03-25] (Hewlett-Packard)
HKLM...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [81920 2008-03-13] (Hewlett-Packard)
HKLM...\Run: [QuickTime Task] => C:\Program Files\QuickTime\qttask.exe [98304 2006-03-27] (Apple Computer, Inc.)
HKLM...\RunOnce: [WIAWizardMenu] => RUNDLL32.EXE C:\WINDOWS\system32\sti_ci.dll,WiaCreateWizardMenu
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\SCRNSAVE.EXE → C:\WINDOWS\system32\wpgldfsh.scr [4396544 2004-08-10] (Microsoft Corporation)
HKU\S-1-5-18...\Run: [DWQueuedReporting] => C:\Program Files\Common Files\Microsoft Shared\DW\DWTRIG20.EXE [39264 2007-03-13] (Microsoft Corporation)
ShellExecuteHooks: Microsoft AntiMalware ShellExecuteHook - {091EB208-39DD-417D-A5DD-7E2C2D8FB9CB} - C:\Program Files\Windows Defender\MpShHook.dll [83224 2006-11-03] (Microsoft Corporation)
Startup: C:\Documents and Settings\All Users\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2009-09-15]
ShortcutTarget: HP Digital Imaging Monitor.lnk → C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.)
GroupPolicy: Restriction - Chrome <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip..\Interfaces{D40B5A10-3DE7-4CE9-AFED-16F34991AC17}: [DhcpNameServer] 192.168.1.1
[HEADING=1]Internet Explorer:[/HEADING]
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = %SystemRoot%\system32\blank.htm
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com/ig/dell?hl=en&client=dell-inc&channel=us
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=msnhome
HKU.DEFAULT\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://go.microsoft.com/fwlink/?LinkID=617910&ResetID=131448614696875000&GUID=000 00000-0000-0000-0000-000000000000
SearchScopes: HKLM → DefaultScope {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM → {b0441a0e-a49a-4e16-afc1-74ecced1921f} URL = hxxp://search.tb.ask.com/search/GGmain.jhtml?p2=^UX^xdm025^YYA^us&si=291929_&ptb=3 BFC65E5-2DF9-4427-B27B-FE429A3901A0&ind=2014073116&n=780c511c&psa=&st=sb& searchfor={searchTerms}
SearchScopes: HKLM → {DC91FAFB-6CEA-49E5-BB74-9CEE75D09B77} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKLM → {f7bb050c-e116-44da-89c2-6f2b68c54836} URL = hxxp://Vosteran.com/results.php?f=4&q={searchTerms}&a=vst_tier1_14_47_ ch&cd=2XzuyEtN2Y1L1QzutDtDtCyD0CyDtD0AyB0D0EzyyBtC yEyBtN0D0Tzu0StCtDyDyEtN1L2XzutAtFyCtFtBtFtDtN1L1C zutCyEtBzytDyD1V1TtN1L1G1B1V1N2Y1L1Qzu2StC0FyD0E0A 0ByCtAtG0Czz0AzztG0CyCzyyBtGzy0F0BtDtGyEyD0BtB0FtB tAzz0F0EyD0F2QtN1M1F1B2Z1V1N2Y1L1Qzu2S0D0Czz0ByD0F tB0AtG0A0ByDzztGyEyE0C0EtGzzyBzzyBtGtByEtAyBtCzz0F 0B0FyE0A0E2Q&cr=444550780&ir=
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → DefaultScope {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → OldSearch URL = hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bir-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
SearchScopes: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → {F6B74647-E0BE-4F3D-96E1-9F7DCB107EF7} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: No Name → {02478D38-C3F9-4efb-9B51-7695ECA05670} → No File
BHO: HP Print Enhancer → {0347C33E-8762-4905-BF09-768834316C61} → C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2008-03-27] (Hewlett-Packard Co.)
BHO: AcroIEHlprObj Class → {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} → C:\Program Files\Adobe\Acrobat 7.0\ActiveX\AcroIEHelper.dll [2004-12-14] (Adobe Systems Incorporated)
BHO: DriveLetterAccess → {5CA3D70E-1895-11CF-8E15-001234567890} → C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
BHO: HP Smart BHO Class → {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} → C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2008-03-27] (Hewlett-Packard Co.)
Toolbar: HKU.DEFAULT → No Name - {D4027C7F-154A-4066-A1AD-4243D8127440} - No File
Toolbar: HKU.DEFAULT → No Name - {364EA597-E728-4CE4-BB4A-ED846EF47970} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → No Name - {0B53EAC3-8D69-4B9E-9B19-A37C9A5676A7} - No File
Toolbar: HKU\S-1-5-21-693440143-1380487613-1125637980-1006 → No Name - {C4069E3A-68F1-403E-B40E-20066696354B} - No File
DPF: {01113300-3E00-11D2-8470-0060089874ED} hxxps://activatemyfios.verizon.net/sdcCommon/download/FIOS/Verizon%20FiOS%20Installer.cab
DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll
DPF: {42D06124-98A2-47EC-8098-3778B58CE7D5} hxxps://actsvr.comcastonline.com/techtools/dl/Comcast%20Activation%20Controls.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {CAFEEFAC-0017-0000-0021-ABCDEFFEDCBA} hxxp://java.sun.com/products/plugin/autodl/jinstall-170-windows-i586.cab
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://download.macromedia.com/pub/shockwave/cabs/flash/swflash.cab
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\MSITSS.DLL [2000-04-19] (Microsoft Corporation)
Handler: pure-go - {4746C79A-2042-4332-8650-48966E44ABA8} - C:\Program Files\Common Files\Pure Networks Shared\puresp.dll [2005-12-12] (Pure Networks, Inc.)
[HEADING=1]FireFox:[/HEADING]
FF ProfilePath: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default [2017-07-24]
FF user.js: detected! => C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\use r.js [2017-07-24]
FF SearchEngineOrder.1: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → Ask.com
FF NewTab: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bfr-10FTI__alt__ddc_dsssyctab_bd_com
FF DefaultSearchEngine: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default → Yahoo! Search
FF Extension: (MapsGalaxy) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions\39ffxtbr@MapsGalaxy_39.com [2014-10-16] [not signed]
FF Extension: (Test Pilot) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions\testpilot@labs.mozilla.com.xpi [2014-10-16] [not signed]
FF Extension: (Microsoft .NET Framework Assistant) - C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\Ext ensions{20a82645-c095-46ed-80e3-08825760534b}.xpi [2014-10-16] [not signed]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\ask-web-search.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\askcom.xml [2014-10-16]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\search-simple.xml [2017-07-14]
FF SearchPlugin: C:\Documents and Settings\Patricia Murphy\Application Data\Mozilla\Firefox\Profiles\y3tr1glo.default\sea rchplugins\Vosteran.xml [2014-11-21]
FF HKLM...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-01] [not signed]
FF HKLM...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2 [2009-09-15] [not signed]
FF HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn2
FF Plugin: @java.com/DTPlugin,version=10.21.2 → C:\WINDOWS\system32\npDeployJava1.dll [2013-05-07] (Oracle Corporation)
FF Plugin: @MapsGalaxy_39.com/Plugin → C:\Program Files\MapsGalaxy_39\bar\1.bin\NP39Stub.dll [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 → c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @tools.google.com/Google Update;version=3 → C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 → C:\Program Files\Google\Update\1.3.33.5\npGoogleUpdate3.dll [2017-07-07] (Google Inc.)
FF Plugin: @viewpoint.com/VMP → C:\Program Files\Viewpoint\Viewpoint Experience Technology\npViewpoint.dll [2004-02-20] ()
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll [2004-12-14] (Adobe Systems Inc.)
[HEADING=1]Chrome:[/HEADING]
CHR DefaultProfile: Default
CHR HomePage: Default → hxxp://Vosteran.com/?f=1&a=vst_tier1_14_47_ch&cd=2XzuyEtN2Y1L1QzutDtDt CyD0CyDtD0AyB0D0EzyyBtCyEyBtN0D0Tzu0StCtDyDyEtN1L2 XzutAtFyCtFtBtFtDtN1L1CzutCyEtBzytDyD1V1TtN1L1G1B1 V1N2Y1L1Qzu2StC0FyD0E0A0ByCtAtG0Czz0AzztG0CyCzyyBt Gzy0F0BtDtGyEyD0BtB0FtBtAzz0F0EyD0F2QtN1M1F1B2Z1V1 N2Y1L1Qzu2S0D0Czz0ByD0FtB0AtG0A0ByDzztGyEyE0C0EtGz zyBzzyBtGtByEtAyBtCzz0F0B0FyE0A0E2Q&cr=444550780&i r=
CHR RestoreOnStartup: Default → “hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com”
CHR StartupUrls: Default → “hxxp://search.yahoo.com/?fr=hp-ddc-bd&type=pr-bcr-10FTI__alt__ddc_dsssyc_bd_com”

CHR DefaultSearchURL: Default → hxxp://search.yahoo.com/yhs/search?hspart=ddc&hsimp=yhs-ddc_bd&type=pr-bcr-10FTI__alt__ddc_dss_bd_com&p={searchTerms}
CHR DefaultSearchKeyword: Default → yahoo.com
CHR DefaultNewTabURL: Default → hxxp://search.yahoo.com/?fr=hp-ddc-bd-tab&type=pr-bcr-10FTI__alt__ddc_dsssyctab_bd_com
CHR Profile: C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default [2017-07-15]
CHR Extension: (Google Slides) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhon fmgoek [2016-09-22]
CHR Extension: (Google Docs) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfi lokake [2016-09-22]
CHR Extension: (Google Drive) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigk jlhalf [2016-09-22]
CHR Extension: (YouTube) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldk acnbeo [2016-09-22]
CHR Extension: (Google Search) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljnie djpjpf [2016-09-22]
CHR Extension: (Google Sheets) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpeb giejap [2016-09-22]
CHR Extension: (Google Docs Offline) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdl olhkhi [2017-07-08]
CHR Extension: (Chrome Web Store Payments) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccm gmieda [2017-07-08]
CHR Extension: (Gmail) - C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoe jaedia [2016-09-22]
CHR HKLM...\Chrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM...\Chrome\Extension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR HKU.DEFAULT\SOFTWARE\Google\Chrome\Extensions...\C hrome\Extension: [elmkjjfkkchohaaoljobaffjeedcoocj] - hxxps://clients2.google.com/service/update2/crx
CHR HKU\S-1-5-21-693440143-1380487613-1125637980-1006\SOFTWARE\Google\Chrome\Extensions...\Chrome\E xtension: [oilkkkefbalmbfppgjmgjoefbclebkce] - hxxps://clients2.google.com/service/update2/crx
CHR crx: C:\Program Files\Google\Chrome\Application\44.0.2403.125\defa ult_apps\search.crx [2015-07-25]

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DSBrokerService; C:\Program Files\DellSupport\brkrsvc.exe [76848 2007-03-07] ()
R2 EvtEng; C:\Program Files\Intel\Wireless\Bin\EvtEng.exe [114753 2005-12-28] (Intel Corporation) [File not signed]
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [217088 2008-03-25] (Hewlett-Packard Co.) [File not signed]
R2 IHA_MessageCenter; C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe [363128 2014-08-13] (Verizon) [File not signed]
R2 McrdSvc; C:\WINDOWS\ehome\mcrdsvc.exe [99328 2005-08-05] (Microsoft Corporation)
S3 MHN; C:\WINDOWS\System32\mhn.dll [85504 2004-08-10] (Microsoft Corporation) [File not signed]
R2 Net Driver HPZ12; C:\WINDOWS\system32\HPZinw12.dll [43520 2008-02-28] (Hewlett-Packard) [File not signed]
R2 NICCONFIGSVC; C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe [380928 2005-12-06] (Dell Inc.) [File not signed]
S3 nmraapache; C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe [12800 2005-11-17] (Pure Networks, Inc.) [File not signed]
R2 nmservice; C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe [190032 2005-12-12] (Pure Networks, Inc.)
R2 Pml Driver HPZ12; C:\WINDOWS\system32\HPZipm12.dll [53248 2008-02-28] (Hewlett-Packard) [File not signed]
R2 RegSrvc; C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe [217164 2005-12-28] (Intel Corporation) [File not signed]
R2 S24EventMonitor; C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe [540745 2005-12-28] (Intel Corporation ) [File not signed]
R2 sprtsvc_ddoctorv2; C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe [202560 2008-04-24] (SupportSoft, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [13592 2006-11-03] (Microsoft Corporation)
R2 WLANKEEPER; C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe [262217 2005-12-28] (Intel(R) Corporation) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 abp480n5; C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS [23552 2001-08-17] (Microsoft Corporation)
R2 AegisP; C:\WINDOWS\System32\DRIVERS\AegisP.sys [21275 2006-03-27] (Meetinghouse Data Communications) [File not signed]
R1 APPDRV; C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS [16128 2005-08-12] (Dell Inc) [File not signed]
R2 ASCTRM; C:\WINDOWS\system32\Drivers\ASCTRM.sys [8552 2006-03-27] (Windows (R) 2000 DDK provider) [File not signed]
R0 drvmcdb; C:\WINDOWS\System32\drivers\drvmcdb.sys [87488 2004-12-01] (Sonic Solutions) [File not signed]
R2 drvnddm; C:\WINDOWS\System32\drivers\drvnddm.sys [40480 2004-11-23] (Sonic Solutions) [File not signed]
S3 DSproct; C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys [4736 2006-10-05] (Gteko Ltd.) [File not signed]
S3 HPZid412; C:\WINDOWS\System32\DRIVERS\HPZid412.sys [49920 2008-01-24] (HP)
S3 HPZipr12; C:\WINDOWS\System32\DRIVERS\HPZipr12.sys [16496 2008-01-24] (HP)
S3 HPZius12; C:\WINDOWS\System32\DRIVERS\HPZius12.sys [21568 2008-01-24] (HP)
R3 HSFHWAZL; C:\WINDOWS\System32\DRIVERS\HSFHWAZL.sys [201600 2005-07-22] (Conexant Systems, Inc.)
R3 HSF_DPV; C:\WINDOWS\System32\DRIVERS\HSF_DPV.sys [1035008 2005-07-22] (Conexant Systems, Inc.)
S3 MHNDRV; C:\WINDOWS\System32\DRIVERS\mhndrv.sys [11008 2004-08-10] (Microsoft Corporation) [File not signed]
S3 MREMP50; C:\Program Files\Common Files\Motive\MREMP50.sys [21248 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 MRESP50; C:\Program Files\Common Files\Motive\MRESP50.sys [20096 2010-03-17] (Printing Communications Assoc., Inc. (PCAUSA)) [File not signed]
S3 NuidFltr; C:\WINDOWS\System32\DRIVERS\NuidFltr.sys [14736 2009-05-09] (Microsoft Corporation)
R1 omci; C:\WINDOWS\System32\DRIVERS\omci.sys [17153 2004-02-13] (Dell Inc) [File not signed]
R0 PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [20640 2005-04-25] (Sonic Solutions) [File not signed]
R2 s24trans; C:\WINDOWS\System32\DRIVERS\s24trans.sys [13568 2005-12-28] (Intel Corporation) [File not signed]
R1 sscdbhk5; C:\WINDOWS\System32\drivers\sscdbhk5.sys [5627 2004-07-14] (Sonic Solutions) [File not signed]
R1 ssrtln; C:\WINDOWS\System32\drivers\ssrtln.sys [23545 2004-07-14] (Sonic Solutions) [File not signed]
R3 STHDA; C:\WINDOWS\System32\drivers\sthda.sys [1047816 2005-11-16] (SigmaTel, Inc.)
R2 tfsnboio; C:\WINDOWS\System32\dla\tfsnboio.sys [25883 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsncofs; C:\WINDOWS\System32\dla\tfsncofs.sys [34843 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndrct; C:\WINDOWS\System32\dla\tfsndrct.sys [4123 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsndres; C:\WINDOWS\System32\dla\tfsndres.sys [2239 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnifs; C:\WINDOWS\System32\dla\tfsnifs.sys [86586 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnopio; C:\WINDOWS\System32\dla\tfsnopio.sys [15227 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnpool; C:\WINDOWS\System32\dla\tfsnpool.sys [6363 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudf; C:\WINDOWS\System32\dla\tfsnudf.sys [98714 2004-12-06] (Sonic Solutions) [File not signed]
R2 tfsnudfa; C:\WINDOWS\System32\dla\tfsnudfa.sys [100603 2004-12-06] (Sonic Solutions) [File not signed]
R3 w39n51; C:\WINDOWS\System32\DRIVERS\w39n51.sys [1428096 2005-12-04] (Intel® Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

NETSVC: MHN → C:\Windows\System32\mhn.dll (Microsoft Corporation)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-24 14:24 - 2017-07-24 15:09 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\temp
2017-07-24 14:24 - 2017-07-24 14:37 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\temp
2017-07-24 14:24 - 2017-07-24 14:24 - 00020012 _____ C:\ComboFix.txt
2017-07-24 14:24 - 2017-07-24 14:24 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\temp
2017-07-24 14:24 - 2017-07-24 14:24 - 00000000 ____D C:\Documents and Settings\Administrator\Local Settings\temp
2017-07-19 01:00 - 2011-06-26 02:45 - 00256000 _____ C:\WINDOWS\PEV.exe
2017-07-19 01:00 - 2010-11-07 13:20 - 00208896 _____ C:\WINDOWS\MBR.exe
2017-07-19 01:00 - 2009-04-20 00:56 - 00060416 _____ (NirSoft) C:\WINDOWS\NIRCMD.exe
2017-07-19 01:00 - 2000-08-30 20:00 - 00518144 _____ (SteelWerX) C:\WINDOWS\SWREG.exe
2017-07-19 01:00 - 2000-08-30 20:00 - 00406528 _____ (SteelWerX) C:\WINDOWS\SWSC.exe
2017-07-19 01:00 - 2000-08-30 20:00 - 00212480 _____ (SteelWerX) C:\WINDOWS\SWXCACLS.exe
2017-07-19 01:00 - 2000-08-30 20:00 - 00098816 _____ C:\WINDOWS\sed.exe
2017-07-19 01:00 - 2000-08-30 20:00 - 00080412 _____ C:\WINDOWS\grep.exe
2017-07-19 01:00 - 2000-08-30 20:00 - 00068096 _____ C:\WINDOWS\zip.exe
2017-07-19 00:58 - 2017-07-24 14:24 - 00000000 ____D C:\Qoobox
2017-07-19 00:57 - 2017-07-24 14:15 - 00000000 ____D C:\WINDOWS\erdnt
2017-07-19 00:54 - 2017-07-19 00:55 - 05659794 ____R (Swearware) C:\Documents and Settings\Patricia Murphy\Desktop\ComboFix.exe
2017-07-18 10:08 - 2017-07-18 10:08 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Desktop\FRST-OlderVersion
2017-07-17 17:24 - 2017-07-18 10:19 - 00061108 _____ C:\Documents and Settings\Patricia Murphy\My Documents\Shortcut.txt
2017-07-15 01:13 - 2017-07-15 01:13 - 00031832 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Addition.txt
2017-07-15 00:30 - 2017-07-18 10:08 - 01780736 _____ (Farbar) C:\Documents and Settings\Patricia Murphy\Desktop\FRST.exe
2017-07-15 00:30 - 2017-07-15 00:33 - 00004257 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Fixlog.txt
2017-07-14 20:51 - 2017-07-14 20:51 - 00007310 _____ C:\Documents and Settings\Patricia Murphy\Desktop\System Idle Process.txt
2017-07-14 19:05 - 2017-07-14 19:05 - 02724512 _____ (Sysinternals - www.sysinternals.com) C:\Documents and Settings\Patricia Murphy\Desktop\procexp.exe
2017-07-14 00:03 - 2017-07-24 15:08 - 00000000 ____D C:\FRST
2017-07-09 00:02 - 2017-07-09 00:04 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 04:49 - 2017-07-08 04:49 - 00000000 ____D C:\Documents and Settings\LocalService\Local Settings\Application Data\Google
2017-07-08 01:30 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data\Chromium
2017-07-08 01:29 - 2017-07-08 01:29 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\chromium
2017-07-08 01:28 - 2017-07-09 00:03 - 00001519 _____ C:\Documents and Settings\All Users\Start Menu\Programs\HowToRemove.html.lnk
2017-07-08 01:28 - 2017-07-08 01:31 - 00000000 ____D C:\Documents and Settings\NetworkService\Local Settings\Application Data{512E6772-7586-0BCA-181E-2E223C76D2BA}
2017-07-08 01:28 - 2017-07-08 01:28 - 00000782 _____ C:\Documents and Settings\Patricia Murphy\Desktop\Windows Media Player.lnk

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-07-24 14:58 - 2014-11-19 18:39 - 00000886 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2017-07-24 14:24 - 2005-08-16 06:49 - 00000000 __SHD C:\Documents and Settings\NetworkService
2017-07-24 14:20 - 2013-05-04 19:07 - 00000330 ____H C:\WINDOWS\Tasks\MP Scheduled Scan.job
2017-07-24 14:18 - 2005-08-16 06:28 - 00000000 ____D C:\Documents and Settings\All Users
2017-07-24 14:18 - 2005-08-16 06:18 - 00000227 _____ C:\WINDOWS\system.ini
2017-07-24 14:17 - 2014-11-19 18:39 - 00000882 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2017-07-24 14:17 - 2006-03-27 10:27 - 00004608 _____ C:\WINDOWS\ModemLog_Conexant HDA D110 MDC V.92 Modem.txt
2017-07-24 14:17 - 2005-08-16 06:49 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2017-07-24 14:17 - 2005-08-16 06:38 - 00000000 ____D C:\WINDOWS\Registration
2017-07-24 14:17 - 2005-08-16 06:18 - 00002206 _____ C:\WINDOWS\system32\wpa.dbl
2017-07-24 14:16 - 2006-04-13 21:36 - 00000178 ___SH C:\Documents and Settings\Patricia Murphy\ntuser.ini
2017-07-24 14:16 - 2006-03-27 16:00 - 07602176 _____ C:\WINDOWS\system32\config\SYSTEM.bak
2017-07-24 14:16 - 2005-08-16 00:27 - 34865152 _____ C:\WINDOWS\system32\config\SOFTWARE.bak
2017-07-24 14:16 - 2005-08-16 00:27 - 00524288 _____ C:\WINDOWS\system32\config\DEFAULT.bak
2017-07-24 14:16 - 2005-08-16 00:27 - 00262144 _____ C:\WINDOWS\system32\config\SECURITY.bak
2017-07-24 14:16 - 2005-08-16 00:27 - 00024576 _____ C:\WINDOWS\system32\config\SAM.bak
2017-07-23 21:18 - 2005-08-16 06:49 - 00032558 _____ C:\WINDOWS\SchedLgU.Txt
2017-07-23 21:06 - 2006-04-14 11:34 - 00000000 __SHD C:\WINDOWS\CSC
2017-07-19 13:07 - 2005-08-16 06:33 - 00524888 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2017-07-19 13:01 - 2014-05-21 18:02 - 00392944 _____ C:\Documents and Settings\LocalService\Local Settings\Application Data\FontCache3.0.0.0.dat
2017-07-19 12:41 - 2005-08-16 06:28 - 00000000 ___HD C:\Documents and Settings\Default User
2017-07-19 12:32 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy
2017-07-19 04:42 - 2009-09-15 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Application Data\HP
2017-07-18 10:24 - 2006-04-13 21:36 - 00000807 _____ C:\Documents and Settings\Patricia Murphy\Start Menu\Programs\Internet Explorer.lnk
2017-07-18 10:24 - 2005-08-16 06:50 - 00000807 _____ C:\Documents and Settings\Administrator\Start Menu\Programs\Internet Explorer.lnk
2017-07-16 04:40 - 2007-11-23 13:51 - 00113152 _____ C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2017-07-14 23:50 - 2014-11-20 11:07 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\Vosteran
2017-07-14 23:46 - 2006-03-27 10:21 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\Java Web Start
2017-07-14 23:39 - 2009-09-15 20:14 - 00000000 ____D C:\Documents and Settings\All Users\Start Menu\Programs\HP
2017-07-14 23:39 - 2009-09-15 20:08 - 00000000 ____D C:\Program Files\HP
2017-07-14 23:32 - 2005-08-16 06:18 - 00000740 _____ C:\WINDOWS\win.ini
2017-07-13 18:06 - 2005-08-16 06:22 - 00000000 ___HD C:\WINDOWS\inf
2017-07-13 16:08 - 2006-04-13 21:36 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\ApplicationHistory
2017-07-09 03:03 - 2005-08-16 06:22 - 00000000 _RSHD C:\WINDOWS\system32\dllcache
2017-07-09 00:29 - 2009-09-15 20:19 - 00000000 ____D C:\Program Files\Yahoo!
2017-07-09 00:02 - 2015-02-18 12:24 - 00000281 _____ C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2017-07-08 14:02 - 2009-11-12 16:26 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\My Documents\My PSP Files
2017-07-08 14:02 - 2007-11-23 13:48 - 00006580 ___SH C:\WINDOWS\system32\KGyGaAvL.sys
2017-07-08 01:28 - 2006-04-13 21:36 - 00000788 _____ C:\Documents and Settings\Patricia Murphy\Start Menu\Programs\Windows Media Player.lnk
2017-07-08 00:02 - 2014-11-21 13:02 - 00000347 _____ C:\Documents and Settings\NetworkService\Application Data\WB.CFG
2017-07-07 23:54 - 2009-09-15 21:51 - 00000000 ____D C:\Documents and Settings\Patricia Murphy\Application Data\HPAppData

==================== Files in the root of some directories =======

2008-01-10 12:16 - 2007-08-10 19:17 - 0007982 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastSecurity.ico
2008-01-10 12:16 - 2007-05-17 18:43 - 0015086 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\ComcastWebmail.ico
2015-02-18 12:24 - 2017-07-09 00:02 - 0000281 _____ () C:\Documents and Settings\Patricia Murphy\Application Data\WB.CFG
2007-11-23 13:51 - 2017-07-16 04:40 - 0113152 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-02-18 12:24 - 2015-02-18 12:24 - 0234679 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi1.dat
2015-02-18 12:24 - 2015-02-18 12:24 - 0161916 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\dsi2.dat
2006-04-13 21:36 - 2006-05-13 17:00 - 0000138 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data\fusioncache.dat
2010-10-20 17:31 - 2010-12-02 16:02 - 0001940 _____ () C:\Documents and Settings\Patricia Murphy\Local Settings\Application Data{96C87F53-AC72-4604-A9CC-186A49F17F3C}.ini
2009-09-15 20:04 - 2009-09-15 20:29 - 0001150 _____ () C:\Documents and Settings\All Users\Application Data\hpzinstall.log
2006-03-27 10:28 - 2006-03-27 10:28 - 0000004 ____H () C:\Documents and Settings\All Users\Application Data\QSLLPSVCShare

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

==================== End of FRST.txt ============================

**dwm34** · 07-24-2017, 07:15 PM

Here is the most recent Addition.txt
[HEADING=1]Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-07-2017
Ran by Patricia Murphy (24-07-2017 15:10:03)
Running from C:\Documents and Settings\Patricia Murphy\Local Settings\Temporary Internet Files\Content.IE5\JGH77FOW
Microsoft Windows XP Professional Service Pack 3 (X86) (2006-04-14 01:36:21)
Boot Mode: Normal[/HEADING]
==================== Accounts: =============================

Administrator (S-1-5-21-693440143-1380487613-1125637980-500 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Administrator
Guest (S-1-5-21-693440143-1380487613-1125637980-501 - Limited - Enabled)
HelpAssistant (S-1-5-21-693440143-1380487613-1125637980-1005 - Limited - Disabled)
Patricia Murphy (S-1-5-21-693440143-1380487613-1125637980-1006 - Administrator - Enabled) => %SystemDrive%\Documents and Settings\Patricia Murphy
SUPPORT_388945a0 (S-1-5-21-693440143-1380487613-1125637980-1002 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

FW: Norton Internet Worm Protection (Disabled) {990F9400-4CEE-43EA-A83A-D013ADD8EA6E}

==================== Installed Programs ======================

(Only the adware programs with “Hidden” flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM...{F7B0E599-C114-4493-BC4D-D8FC7CBBABBB}) (Version: 2.1.4 - Hewlett-Packard) Hidden
7zip Packages (HKU\S-1-5-21-693440143-1380487613-1125637980-1006...\7zip Packages) (Version: - ) <==== ATTENTION
Adobe Flash Player 15 ActiveX (HKLM...\Adobe Flash Player ActiveX) (Version: 15.0.0.189 - Adobe Systems Incorporated)
Adobe Reader 7.0 (HKLM...{AC76BA86-7AD7-1033-7B44-A70000000000}) (Version: 7.0.0 - Adobe Systems Incorporated)
Bicycle® Bridge (HKLM...\Bicycle® Bridge) (Version: - )
Blackhawk Striker 2 (HKLM...\C0A0AA4D-C79B-48CA-8843-2B02B626C9E6) (Version: 09/20/2005 11:54 AM - WildTangent)
Blasterball 2 (HKLM...\D1A6F3FD-7B40-443F-8767-BADB25A0D222) (Version: 09/20/2005 11:55 AM - WildTangent)
Broadcom Management Programs (HKLM...{26E1BFB0-E87E-4696-9F89-B467F01F81E5}) (Version: 8.65.05 - Broadcom Corporation)
BufferChm (HKLM...{BF08AB1C-3357-4f20-A200-8EBB8EF27C59}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Cards_Calendar_OrderGift_DoMorePlugout (HKLM...{E535C94A-B87F-4182-BEA8-1E9322078D3E}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Chromium (HKLM...{887960B9-D8F9-B139-6979-C1B9B9F91239}) (Version: - )
Conexant HDA D110 MDC V.92 Modem (HKLM...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2BFA&SUBS YS_14F100C3) (Version: - )
Copy (HKLM...{E133E97F-5186-4503-BEC8-752EB9E8EBD7}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Corel Paint Shop Pro X (HKLM...{1A15507A-8551-4626-915D-3D5FA095CC1B}) (Version: 10.0 - Corel Inc)
Corel Photo Album 6 (HKLM...{8A9B8148-DDD7-448F-BD6C-358386D32354}) (Version: 6.00 - Corel, Inc.)
Critical Update for Windows Media Player 11 (KB959772) (HKLM...\KB959772_WM11) (Version: - Microsoft Corporation)
Dell Digital Jukebox Driver (HKLM...\Dell Digital Jukebox Driver) (Version: - )
Dell Game Console (HKLM...\Dell Game Console) (Version: - WildTangent)
Dell System Restore (HKLM...{74F7662C-B1DB-489E-A8AC-07A06B24978B}) (Version: 2.00.0000 - Dell Inc.)
DellSupport (HKLM...{7EFA5E6F-74F7-4AFB-8AEA-AA790BD3A76D}) (Version: 6.0.3062 - Dell)
Desktop Doctor (HKLM...{D87149B3-7A1D-4548-9CBF-032B791E5908}) (Version: 2.5.5 - Comcast)
Destination Component (HKLM...{EF9E56EE-0243-4BAD-88F4-5E7508AA7D96}) (Version: 110.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM...{EF1ADA5A-0B1A-4662-8C55-7475A61D8B65}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
DeviceManagementQFolder (HKLM...{AB5D51AE-EBC3-438D-872C-705C7C2084B0}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
Digital Content Portal (HKLM...{6D5FCA42-1486-4E32-AFE8-1B7E2AA59D33}) (Version: 1.00.0000 - Dell)
Digital Line Detect (HKLM...{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.15 - BVRP Software, Inc)
DJ_AIO_03_F4200_ProductContext (HKLM...{6365C963-4B72-43F8-8392-2A5441EC2A86}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software (HKLM...{60D4F9F1-B828-4048-A5AB-9AA2FD0C4751}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
DJ_AIO_03_F4200_Software_Min (HKLM...{BE8A9C2C-8E41-445B-A746-BEB0B1F992F8}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
Driver Support (HKLM...{597FB4A5-DD86-4316-A410-7E8074CC2CCE}) (Version: 9.1.4.44 - PC Drivers Headquarters, LP) <==== ATTENTION
EducateU (HKLM...{A683A2C0-821C-486F-858C-FA634DB5E864}) (Version: 1.00.0000 - Dell)
eSupportQFolder (HKLM...{66E6CE0C-5A1E-430C-B40A-0C90FF1804A8}) (Version: 1.00.0000 - Hewlett-Packard) Hidden
F4200 (HKLM...{B61A79BE-E94C-42C0-921D-8B7E5217069C}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
F4200_Help (HKLM...{F8A5531E-FEB4-4F7C-AF51-342E40FA7A0D}) (Version: 110.0.206.000 - Hewlett-Packard) Hidden
GemMaster Mystic (HKLM...\12133444-BF36-4d4e-B7FB-A3424C645DE4) (Version: - )
Get High Speed Internet! (HKLM...{7A3F0566-5E05-4919-9C98-456F6B5CF831}) (Version: 1.00.0000 - Dell)
Google Chrome (HKLM...\Google Chrome) (Version: 49.0.2623.112 - Google Inc.)
Google Update Helper (HKLM...{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.5 - Google Inc.) Hidden
Google Update Helper (HKLM...{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
GPBaseService (HKLM...{D16B4BE6-8B10-422f-8034-96D1CA9483B5}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
High Definition Audio Driver Package - KB835221 (HKLM...\KB835221WXP) (Version: 20040219.000000 - Microsoft Corporation)
Hoyle Card Games 2005 (HKLM...{B44AA698-B221-4B3B-8CA5-E65EF6A5AF26}) (Version: 1.2.0.0 - Encore, Inc.)
HP Deskjet F4200 All-In-One Driver Software 11.0 Rel .3 (HKLM...{C3B6AEB1-390C-4792-8677-CD87F8B2C959}) (Version: 11.0 - HP)
HP Imaging Device Functions 11.0 (HKLM...\HP Imaging Device Functions) (Version: 11.0 - HP)
HP Photosmart Essential 3.0 (HKLM...\HP Photosmart Essential) (Version: 3.0 - HP)
HP Smart Web Printing (HKLM...\HP Smart Web Printing) (Version: 4.0 - HP)
HP Solution Center 11.0 (HKLM...\HP Solution Center & Imaging Support Tools) (Version: 11.0 - HP)
HPProductAssistant (HKLM...{27197499-7680-4208-8FD8-5439CDB0FDC1}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM...{2AFEAA03-2DFE-4519-A629-EDAB6541ABE9}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
IHA_MessageCenter (HKLM...{53C49C8D-DFB2-42B9-A7EF-0F9CA386CC13}) (Version: 1.8.17 - Verizon)
Intel(R) Graphics Media Accelerator Driver (HKLM...{8A708DD8-A5E6-11D4-A706-000629E95E20}) (Version: 6.14.10.4446 - )
Intel(R) PROSet/Wireless Software (HKLM...\ProInst) (Version: 10.1.0.3 - Intel Corporation)
Internal Network Card Power Management (HKLM...{1F528948-0E80-4C96-B455-DE4167CB1DF7}) (Version: 1.7.2 - )
Learn2 Player (Uninstall Only) (HKLM...\StreetPlugin) (Version: - )
MapsGalaxy Internet Explorer Toolbar (HKLM...\MapsGalaxy_39bar Uninstall Internet Explorer) (Version: - Mindspark Interactive Network) <==== ATTENTION
mCore (HKLM...{E81667C6-2856-46D6-ABEA-6A2F42166779}) (Version: 5.45.0000 - Intel Corporation) Hidden
mDrWiFi (HKLM...{F6090A17-0967-4A8A-B3C3-422A1B514D49}) (Version: 5.45.0000 - Intel Corporation) Hidden
mHlpDell (HKLM...{49D687E5-6784-431B-A0A2-2F23B8CC5A1B}) (Version: 5.45.0000 - Intel) Hidden
Microsoft .NET Framework 1.0 Hotfix (KB2572066) (HKLM...\KB2572066) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2604042) (HKLM...\KB2604042) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB2656378) (HKLM...\KB2656378) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB953295) (HKLM...\KB953295) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Hotfix (KB979904) (HKLM...\KB979904) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2698035) (HKLM...\KB2698035) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2742607) (HKLM...\KB2742607) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2833951) (HKLM...\KB2833951) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.0 Security Update (KB2904878) (HKLM...\KB2904878) (Version: - Microsoft Corporation)
Microsoft .NET Framework 1.1 (HKLM...\Microsoft .NET Framework 1.1 (1033)) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2698023) (HKLM...\M2698023) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB2833941) (HKLM...\M2833941) (Version: - )
Microsoft .NET Framework 1.1 Security Update (KB979906) (HKLM...\M979906) (Version: - )
Microsoft .NET Framework 2.0 Service Pack 2 (HKLM...{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}) (Version: 2.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.0 Service Pack 2 (HKLM...{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}) (Version: 3.2.30729 - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (HKLM...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft Base Smart Card Cryptographic Service Provider Package (HKLM...\KB909520) (Version: - Microsoft Corporation)
Microsoft Compression Client Pack 1.0 for Windows XP (HKLM...\MSCompPackV1) (Version: 1 - Microsoft Corporation)
Microsoft Office Basic Edition 2003 (HKLM...{91130409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.7969.0 - Microsoft Corporation)
Microsoft Plus! Digital Media Edition Installer (HKLM...{6E45BA47-383C-4C1E-8ED0-0D4845C293D7}) (Version: 1.1.0.3514 - Microsoft Corporation)
Microsoft Plus! Photo Story 2 LE (HKLM...{0EB5D9B7-8E6C-4A9E-B74F-16B7EE89A67B}) (Version: 1.1.0.3463 - Microsoft Corporation)
Microsoft User-Mode Driver Framework Feature Pack 1.0 (HKLM...\Wudf01000) (Version: - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM...{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
mIWA (HKLM...{3E9D596A-61D4-4239-BD19-2DB984D2A16F}) (Version: 5.45.0000 - Intel Corporation) Hidden
mLogView (HKLM...{0E2B0B41-7E08-4F9F-B21F-41C4133F43B7}) (Version: 5.45.0000 - Intel Corporation) Hidden
mMHouse (HKLM...{F0BFC7EF-9CF8-44EE-91B0-158884CD87C5}) (Version: 5.45.0000 - Intel Corporation) Hidden
Modem Helper (HKLM...{7F142D56-3326-11D5-B229-002078017FBF}) (Version: 3.01 - BVRP Software)
Mozilla Firefox 19.0 (x86 en-US) (HKLM...\Mozilla Firefox 19.0 (x86 en-US)) (Version: 19.0 - Mozilla)
Mozilla Maintenance Service (HKLM...\MozillaMaintenanceService) (Version: 19.0 - Mozilla)
mPfMgr (HKLM...{8B928BA1-EDEC-4227-A2DA-DD83026C36F5}) (Version: 5.45.0000 - Intel Corporation) Hidden
mPfWiz (HKLM...{90B0D222-8C21-4B35-9262-53B042F18AF9}) (Version: 5.45.0000 - Intel Corporation) Hidden
mProSafe (HKLM...{23FB368F-1399-4EAC-817C-4B83ECBE3D83}) (Version: 9.00.0000 - Intel) Hidden
MSN (HKLM...\MSNINST) (Version: - )
mSSO (HKLM...{06BE8AFD-A8E2-4B63-BAE7-287016D16ACB}) (Version: 5.45.0000 - Intel Corporation) Hidden
MSXML 4.0 SP2 (KB927978) (HKLM...{37477865-A3F1-4772-AD43-AAFC6BCFF99F}) (Version: 4.20.9841.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB936181) (HKLM...{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM...{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM...{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
MSXML 6.0 Parser (KB933579) (HKLM...{0A869A65-8C94-4F7C-A5C7-972D3C8CED9E}) (Version: 6.10.1200.0 - Microsoft Corporation)
Musicmatch for Windows Media Player (HKLM...{E93E5EF6-D361-481E-849D-F16EF5C78EBC}) (Version: 0.00.000 - )
Musicmatch® Jukebox (HKLM...{85D3CC30-8859-481A-9654-FD9B74310BEF}) (Version: 10.10.0097 - )
mWlsSafe (HKLM...{FCA651F3-5BDA-4DDA-9E4A-5D87D6914CC4}) (Version: 9.00.0000 - Intel) Hidden
mWMI (HKLM...{63DB9CCD-2B56-4217-9A3D-507AC78320CA}) (Version: 5.45.0000 - Intel Corporation) Hidden
mXML (HKLM...{9CC89556-3578-48DD-8408-04E66EBEF401}) (Version: 5.45.0000 - Intel Corporation) Hidden
mZConfig (HKLM...{94658027-9F16-4509-BBD7-A59FE57C3023}) (Version: 5.45.0000 - Intel Corporation) Hidden
NetWaiting (HKLM...{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.23 - BVRP Software, Inc)
PowerDVD 5.7 (HKLM...{6811CAA0-BF12-11D4-9EA1-0050BAE317E1}) (Version: - )
PSSWCORE (HKLM...{09633A5E-3089-41A8-9FF1-382171423C5D}) (Version: 2.03.0000 - Hewlett-Packard) Hidden
Pure Networks Network Magic (HKLM...\Network Magic) (Version: 2.0.5346.1 - Pure Networks)
QuickSet (HKLM...{C5074CC4-0E26-4716-A307-960272A90040}) (Version: 7.0.9 - )
QuickTime (HKLM...\QuickTime) (Version: - )
RealPlayer Basic (HKLM...\RealPlayer 6.0) (Version: - )
Scan (HKLM...{C89B5E3A-690F-4CEE-909A-BF869E198B0A}) (Version: 11.0.0.0 - Hewlett-Packard) Hidden
Search Assist (HKLM...{DF6A589A-7A1A-430C-9FF2-A0BDB42669DC}) (Version: 1.00.0000 - Dell)
Shop for HP Supplies (HKLM...\Shop for HP Supplies) (Version: 11.0 - HP)
SmartWebPrinting (HKLM...{CC0E1AE3-091D-4969-B151-7AC142062C28}) (Version: 110.0.182.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM...{593A6CAF-E114-4e31-884F-74FF349E8E36}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Sonic DLA (HKLM...{1206EF92-2E83-4859-ACCB-2048C3CB7DA6}) (Version: 4.95 - Sonic Solutions)
Sonic Encoders (HKLM...{9941F0AA-B903-4AF4-A055-83A9815CC011}) (Version: 1.00 - Sonic Solutions)
Sonic RecordNow Audio (HKLM...{AB708C9B-97C8-4AC9-899B-DBF226AC9382}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Copy (HKLM...{B12665F4-4E93-4AB4-B7FC-37053B524629}) (Version: 2.0.0 - Sonic Solutions)
Sonic RecordNow Data (HKLM...{075473F5-846A-448B-BCB3-104AA1760205}) (Version: 2.0.0 - Sonic Solutions)
Sonic Update Manager (HKLM...{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Sonic Solutions)
Status (HKLM...{0289B35E-DC07-4c7a-9710-BBD686EA4B7D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Synaptics Pointing Device Driver (HKLM...\SynTPDeinstKey) (Version: 8.2.4.3 - Synaptics)
Toolbox (HKLM...{E96B0085-6659-486b-A221-5042A042728D}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
TrayApp (HKLM...{9C2D4047-0E40-499a-AC7A-C4B9BB12FE03}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
Update Rollup 2 for Windows XP Media Center Edition 2005 (HKLM...\KB900325) (Version: - Microsoft Corporation)
URL Assistant (HKLM...{3EE33958-7381-4E7B-A4F3-6E43098E9E9C}) (Version: - )
VideoToolkit01 (HKLM...{22F761D1-8063-4170-ADF7-2D2F47834CA9}) (Version: 110.0.171.000 - Hewlett-Packard) Hidden
Viewpoint Media Player (HKLM...\ViewpointMediaPlayer) (Version: - )
Vz In Home Agent (HKLM...{CC4C261A-B915-4F23-BD23-7E1AE5713B4E}) (Version: 5.0207 - Verizon)
Vz In-Home Agent (HKLM...\VzInHomeAgent) (Version: 9.0.76.0 - Verizon)
WebFldrs XP (HKLM...{350C97B0-3D7C-4EE8-BAA9-00BCB3D54227}) (Version: 9.50.7523 - Microsoft Corporation) Hidden
WebReg (HKLM...{AA2E8A46-B45E-4aea-8A23-88AB57D04523}) (Version: 110.0.180.000 - Hewlett-Packard) Hidden
WildTangent Web Driver (HKLM...\WildTangent CDA) (Version: - )
Windows Defender (HKLM...{A06275F4-324B-4E85-95E6-87B2CD729401}) (Version: 1.1.1593.21 - Microsoft Corporation)
Windows Genuine Advantage Notifications (KB905474) (HKLM...\WgaNotify) (Version: 1.7.0018.5 - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM...\KB892130) (Version: - Microsoft Corporation)
Windows Genuine Advantage Validation Tool (KB892130) (HKLM...\WGA) (Version: 1.7.0069.2 - Microsoft Corporation)
Windows Imaging Component (HKLM...\WIC) (Version: 3.0.0.0 - Microsoft Corporation)
Windows Installer 3.1 (KB893803) (HKLM...\KB893803v2) (Version: - Microsoft Corporation)
Windows Internet Explorer 7 (HKLM...\ie7) (Version: 20070813.185237 - Microsoft Corporation)
Windows Media Format 11 runtime (HKLM...\Windows Media Format Runtime) (Version: - )
Windows Media Player 10 Hotfix [See EmeraldQFE2 for more information] (HKLM...\EmeraldQFE2) (Version: - Microsoft Corporation)
Windows Media Player 11 (HKLM...\Windows Media Player) (Version: - )
Windows XP Media Center Edition 2005 KB2502898 (HKLM...\KB2502898) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2619340 (HKLM...\KB2619340) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB2628259 (HKLM...\KB2628259) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB908246 (HKLM...\KB908246) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB925766 (HKLM...\KB925766) (Version: - Microsoft Corporation)
Windows XP Media Center Edition 2005 KB973768 (HKLM...\KB973768) (Version: - Microsoft Corporation)
Windows XP Service Pack 3 (HKLM...\Windows XP Service Pack) (Version: 20080414.031525 - Microsoft Corporation)
XML Paper Specification Shared Components Pack 1.0 (HKLM...\XpsEPSC) (Version: - Microsoft Corporation) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers02: [DriveLetterAccess] → {5CA3D70E-1895-11CF-8E15-001234567890} => C:\WINDOWS\system32\dla\tfswshx.dll [2004-12-06] (Sonic Solutions)
ContextMenuHandlers05: [igfxcui] → {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2005-12-14] (Intel Corporation)

==================== Scheduled Tasks=============================

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\MP Scheduled Scan.job => C:\Program Files\Windows Defender\MpCmdRun.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Email.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://webmail.verizon.net
ShortcutWithArgument: C:\Documents and Settings\Patricia Murphy\Desktop\Laptop Items\Dell Download Center.lnk → C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation) → hxxp://www.dell.com/download/

==================== Loaded Modules (Whitelisted) ==============

2005-12-28 14:11 - 2005-12-28 14:11 - 00876544 _____ () C:\Program Files\Intel\Wireless\Bin\LIBEAY32.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00053322 _____ () C:\Program Files\Intel\Wireless\Bin\IntStngs.dll
2005-12-28 14:11 - 2005-12-28 14:11 - 00208965 _____ () C:\Program Files\Intel\Wireless\Bin\IWMSPROV.DLL
2005-08-16 06:18 - 2011-02-04 18:48 - 00291840 _____ () C:\WINDOWS\system32\sbe.dll
2005-08-16 06:18 - 2013-01-02 02:49 - 01292288 _____ () C:\WINDOWS\system32\quartz.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00059904 _____ () C:\WINDOWS\system32\devenum.dll
2005-08-16 06:18 - 2008-04-13 20:11 - 00014336 _____ () C:\WINDOWS\system32\msdmo.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The “AlternateShell” value will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2005-08-16 06:18 - 2017-07-24 14:17 - 00000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-693440143-1380487613-1125637980-1006\Control Panel\Desktop\Wallpaper → C:\WINDOWS\Web\Wallpaper\Bliss.bmp
DNS Servers: 192.168.1.1
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Adobe Reader Speed Launch.lnk => C:\WINDOWS\pss\Adobe Reader Speed Launch.lnkCommon Startup
MSCONFIG\startupfolder: C:^Documents and Settings^All Users^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\WINDOWS\pss\Digital Line Detect.lnkCommon Startup
MSCONFIG\startupreg: Corel Photo Downloader => C:\Program Files\Corel\Corel Photo Album 6\MediaDetect.exe
MSCONFIG\startupreg: ctfmon.exe => C:\WINDOWS\system32\ctfmon.exe
MSCONFIG\startupreg: ddoctorv2 => “C:\Program Files\Comcast\Desktop Doctor\bin\sprtcmd.exe” /P ddoctorv2
MSCONFIG\startupreg: Dell QuickSet => C:\Program Files\Dell\QuickSet\quickset.exe
MSCONFIG\startupreg: DellSupport => “C:\Program Files\DellSupport\DSAgnt.exe” /startup
MSCONFIG\startupreg: dla => C:\WINDOWS\system32\dla\tfswctrl.exe
MSCONFIG\startupreg: DVDLauncher => “C:\Program Files\CyberLink\PowerDVD\DVDLauncher.exe”
MSCONFIG\startupreg: ehTray => C:\WINDOWS\ehome\ehtray.exe
MSCONFIG\startupreg: igfxhkcmd => C:\WINDOWS\system32\hkcmd.exe
MSCONFIG\startupreg: igfxpers => C:\WINDOWS\system32\igfxpers.exe
MSCONFIG\startupreg: igfxtray => C:\WINDOWS\system32\igfxtray.exe
MSCONFIG\startupreg: IntelWireless => “C:\Program Files\Intel\Wireless\Bin\ifrmewrk.exe” /tf Intel PROSet/Wireless
MSCONFIG\startupreg: IntelZeroConfig => “C:\Program Files\Intel\Wireless\bin\ZCfgSvc.exe”
MSCONFIG\startupreg: ISUSPM Startup => “C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe” -startup
MSCONFIG\startupreg: ISUSScheduler => “C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe” -start
MSCONFIG\startupreg: KernelFaultCheck => %systemroot%\system32\dumprep 0 -k
MSCONFIG\startupreg: MimBoot => C:\PROGRA~1\MUSICM~1\MUSICM~3\mimboot.exe
MSCONFIG\startupreg: MMTray => C:\PROGRA~1\MUSICM~1\MUSICM~3\mm_tray.exe
MSCONFIG\startupreg: ModemOnHold => C:\Program Files\NetWaiting\netWaiting.exe
MSCONFIG\startupreg: MSMSGS => “C:\Program Files\Messenger\msmsgs.exe” /background
MSCONFIG\startupreg: nmapp => “C:\Program Files\Pure Networks\Network Magic\nmapp.exe” -autorun -nosplash
MSCONFIG\startupreg: QuickTime Task => “C:\Program Files\QuickTime\qttask.exe” -atboottime
MSCONFIG\startupreg: RealTray => C:\Program Files\Real\RealPlayer\RealPlay.exe SYSTEMBOOTHIDEPLAYER
MSCONFIG\startupreg: ShowLOMControl =>
MSCONFIG\startupreg: SigmatelSysTrayApp => stsystra.exe
MSCONFIG\startupreg: SynTPEnh => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

DomainProfile\GloballyOpenPorts: [139:TCP] => Enabled:@xpsp2res.dll,-22004
DomainProfile\GloballyOpenPorts: [445:TCP] => Enabled:@xpsp2res.dll,-22005
DomainProfile\GloballyOpenPorts: [137:UDP] => Enabled:@xpsp2res.dll,-22001
DomainProfile\GloballyOpenPorts: [138:UDP] => Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [139:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22004
StandardProfile\GloballyOpenPorts: [445:TCP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22005
StandardProfile\GloballyOpenPorts: [137:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22001
StandardProfile\GloballyOpenPorts: [138:UDP] => :LocalSubNet:Enabled:@xpsp2res.dll,-22002
StandardProfile\GloballyOpenPorts: [50000:UDP] => Enabled:IHA_MessageCenter

==================== Restore Points =========================

07-07-2017 23:44:56 Software Distribution Service 3.0
09-07-2017 03:00:26 Software Distribution Service 3.0
13-07-2017 00:19:38 System Checkpoint
13-07-2017 19:59:18 Software Distribution Service 3.0
14-07-2017 21:57:05 System Checkpoint
14-07-2017 23:39:09 Removed HP Update
14-07-2017 23:46:38 Removed Java 2 Runtime Environment, SE v1.4.2_03
14-07-2017 23:47:39 Removed Java 7 Update 21
14-07-2017 23:54:27 Removed NetZeroInstallers
16-07-2017 02:35:54 System Checkpoint
18-07-2017 10:05:04 Software Distribution Service 3.0
18-07-2017 10:24:25 Windows Defender Checkpoint
19-07-2017 13:31:33 System Checkpoint
21-07-2017 00:03:01 System Checkpoint
22-07-2017 23:40:17 System Checkpoint

==================== Faulty Device Manager Devices =============

==================== Event log errors: =========================
[HEADING=1]Application errors:[/HEADING]
Error: (07/24/2017 12:32:05 PM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
Description: Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

Error: (07/24/2017 02:38:28 AM) (Source: Userenv) (EventID: 1090) (User: NT AUTHORITY)
Description: Windows couldn’t log the RSoP (Resultant Set of Policies) session status. An attempt to connect to WMI failed. No more RSoP logging will be done for this application of policy.

Error: (07/23/2017 11:31:58 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, faulting module VzDetectAgent.exe, version 2.0.2.20, fault address 0x0010d992.
Processing media-specific event for [VzDetectAgent.exe!ws!]

Error: (07/23/2017 05:34:31 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application VzDetectAgent.exe, version 2.0.2.20, faulting module VzDetectAgent.exe, version 2.0.2.20, fault address 0x00001b5b.
Processing media-specific event for [VzDetectAgent.exe!ws!]

Error: (07/19/2017 08:00:04 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application grep.3xe, version 0.0.0.0, faulting module grep.3xe, version 0.0.0.0, fault address 0x00009216.
Processing media-specific event for [grep.3xe!ws!]

Error: (07/19/2017 04:47:02 AM) (Source: PerfNet) (EventID: 2006) (User: )
Description: Unable to read Server Queue performance data from the Server service.
No Server Queue performance data will be returned in this sample.
Error code returned is in data DWORD 0, IOSB.Status is DWORD 1 and
the IOSB.Information is DWORD 2.

Error: (07/19/2017 04:47:02 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Unable to read performance data from the Server service.
No Server performance data will be returned in this sample.
Error code returned is in data DWORD 0, IOSB.Status is DWORD 1 and
the IOSB.Information is DWORD 2.

Error: (07/19/2017 04:47:00 AM) (Source: PerfNet) (EventID: 2006) (User: )
Description: Unable to read Server Queue performance data from the Server service.
No Server Queue performance data will be returned in this sample.
Error code returned is in data DWORD 0, IOSB.Status is DWORD 1 and
the IOSB.Information is DWORD 2.

Error: (07/19/2017 04:47:00 AM) (Source: PerfNet) (EventID: 2005) (User: )
Description: Unable to read performance data from the Server service.
No Server performance data will be returned in this sample.
Error code returned is in data DWORD 0, IOSB.Status is DWORD 1 and
the IOSB.Information is DWORD 2.

Error: (07/14/2017 12:05:21 AM) (Source: crypt32) (EventID: 11) (User: )
Description: Failed extract of third-party root list from auto update cab at: < http://www.download.windowsupdate.co...uthrootstl.cab > with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
[HEADING=1]System errors:[/HEADING]
Error: (07/23/2017 10:49:09 PM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/23/2017 10:46:55 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/23/2017 10:45:48 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/23/2017 10:45:36 PM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/23/2017 10:45:30 PM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/23/2017 10:44:51 PM) (Source: 0) (EventID: 9) (User: )
Description: Event-ID 9

Error: (07/23/2017 10:44:35 PM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/23/2017 10:44:13 PM) (Source: 0) (EventID: 11) (User: )
Description: Event-ID 11

Error: (07/23/2017 09:06:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Util EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

Error: (07/23/2017 09:06:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Update EnterDigital service failed to start due to the following error:
The system cannot find the path specified.

==================== Memory info ===========================

Processor: Genuine Intel(R) CPU T2300 @ 1.66GHz
Percentage of memory in use: 65%
Total physical RAM: 502.37 MB
Available physical RAM: 175.54 MB
Total Virtual: 1226.61 MB
Available Virtual: 781.13 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:68.44 GB) (Free:52.5 GB) NTFS ==>[drive with boot components (Windows XP)]

==================== MBR & Partition Table ==================

================================================== ======
Disk: 0 (Size: 73.1 GB) (Disk ID: E686F016)
Partition 1: (Not Active) - (Size=39 MB) - (Type=DE)
Partition 2: (Active) - (Size=68.4 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=4.6 GB) - (Type=DB)

==================== End of Addition.txt ============================

**rkinner** · 07-24-2017, 10:08 PM

Looks better. No Zero Access warnings. Let’s run
TDSSKiller to make sure:

Free recovery tools

http://support.kaspersky.com/viruses/utility#TDSSKiller

Download tools developed by Kaspersky for detecting and removing file-encrypting ransomware, rootkits and other malware.

Use the EXE download. Save it to your desktop then run it.
Double click on TDSSKiller.exe to start the program.

If TDSSKiller alerts you that the system needs to reboot, please consent.

Run TDSSKiller again but this time:
before you hit the Scan hit Change Parameters and check the two items under Additional Options. OK then Scan.
In this mode it is prone to false positives so do not change the SKIP option to DELETE unless it says TDSS.
When done, a log file should be created on your C: drive named “TDSSKiller.txt” please copy and paste the contents in your next reply.

Then let’s look to see what is still broken:

Start, Run, eventvwr.msc, OK to bring up the Event Viewer. Right click on System and Clear All Events, No (we don’t want to save the old log), OK. Repeat for Application.
Reboot.

Please download the Event Viewer Tool by Vino Rosso

http://images.malwareremoval.com/vino/VEW.exe

and save it to your Desktop:
Double-click VEW.exe
Under ‘Select log to query’, select:

System

Under ‘Select type to list’, select:

Error
Warning

Then use the ‘Number of events’ as follows:

Click the radio button for ‘Number of events’
Type 20 in the 1 to 20 box
Then click the Run button.
Notepad will open with the output log.

Please post the Output log in your next reply then repeat but select Application. (Each time you run VEW it overwrites the log so copy the first one to a Reply or rename it before running it a second time.)

**dwm34** · 07-26-2017, 04:41 AM

Hi - ok thanks. Here is the TDSSkiller.txt log:

00:31:08.0313 0x0fbc TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
00:31:31.0753 0x0fbc ================================================== ==========
00:31:31.0753 0x0fbc Current date / time: 2017/07/26 00:31:31.0753
00:31:31.0753 0x0fbc SystemInfo:
00:31:31.0753 0x0fbc
00:31:31.0753 0x0fbc OS Version: 5.1.2600 ServicePack: 3.0
00:31:31.0753 0x0fbc Product type: Workstation
00:31:31.0753 0x0fbc ComputerName: PMURPHY
00:31:31.0753 0x0fbc UserName: Patricia Murphy
00:31:31.0753 0x0fbc Windows directory: C:\WINDOWS
00:31:31.0753 0x0fbc System windows directory: C:\WINDOWS
00:31:31.0753 0x0fbc Processor architecture: Intel x86
00:31:31.0753 0x0fbc Number of processors: 2
00:31:31.0753 0x0fbc Page size: 0x1000
00:31:31.0753 0x0fbc Boot type: Normal boot
00:31:31.0753 0x0fbc ================================================== ==========
00:31:34.0878 0x0fbc KLMD registered as C:\WINDOWS\system32\drivers\37857466.sys
00:31:34.0878 0x0fbc KLMD ARK init status: drvProperties = 0xFFF00, osBuild = 2600.6419, osProperties = 0x0
00:31:35.0222 0x0fbc System UUID: {2E75C928-3D46-4119-C7D9-9C1CD799817E}
00:31:36.0379 0x0fbc Drive \Device\Harddisk0\DR0 - Size: 0x1248119400 ( 73.13 Gb ), SectorSize: 0x200, Cylinders: 0x254A, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type ‘K0’, Flags 0x00000054
00:31:36.0410 0x0fbc ================================================== ==========
00:31:36.0410 0x0fbc \Device\Harddisk0\DR0:
00:31:36.0410 0x0fbc MBR partitions:
00:31:36.0410 0x0fbc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x139C5, BlocksNum 0x88E0366
00:31:36.0410 0x0fbc ================================================== ==========
00:31:36.0457 0x0fbc C: ↔ \Device\Harddisk0\DR0\Partition1
00:31:36.0457 0x0fbc ================================================== ==========
00:31:36.0457 0x0fbc Initialize success
00:31:36.0457 0x0fbc ================================================== ==========
00:31:40.0254 0x02a4 ================================================== ==========
00:31:40.0254 0x02a4 Scan started
00:31:40.0254 0x02a4 Mode: Manual;
00:31:40.0254 0x02a4 ================================================== ==========
00:31:40.0254 0x02a4 KSN ping started
00:31:40.0410 0x02a4 KSN ping finished: true
00:31:42.0364 0x02a4 ================ Scan system memory ========================
00:31:46.0302 0x02a4 System memory - ok
00:31:46.0302 0x02a4 ================ Scan services =============================
00:31:46.0458 0x02a4 Abiosdsk - ok
00:31:46.0505 0x02a4 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E 3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
00:31:46.0505 0x02a4 abp480n5 - ok
00:31:46.0708 0x02a4 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE8039 14C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:31:46.0724 0x02a4 ACPI - ok
00:31:46.0770 0x02a4 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3 F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:31:46.0770 0x02a4 ACPIEC - ok
00:31:46.0802 0x02a4 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173 E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
00:31:46.0802 0x02a4 adpu160m - ok
00:31:46.0833 0x02a4 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D 880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:31:46.0833 0x02a4 aec - ok
00:31:46.0880 0x02a4 [ 12DAFD934641DCF61E446313BC261EC2, 1731C21DE26B8898531CFF37EFDD362D4B854CE2441C98EC80 84BE03EBB19DB1 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
00:31:46.0880 0x02a4 AegisP - ok
00:31:46.0942 0x02a4 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C1 3FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:31:46.0942 0x02a4 AFD - ok
00:31:46.0989 0x02a4 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D 0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
00:31:46.0989 0x02a4 agp440 - ok
00:31:47.0005 0x02a4 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0 F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
00:31:47.0005 0x02a4 agpCPQ - ok
00:31:47.0020 0x02a4 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED 6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
00:31:47.0020 0x02a4 Aha154x - ok
00:31:47.0036 0x02a4 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B 46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
00:31:47.0036 0x02a4 aic78u2 - ok
00:31:47.0052 0x02a4 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2 FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
00:31:47.0052 0x02a4 aic78xx - ok
00:31:47.0099 0x02a4 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C44 1A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:31:47.0099 0x02a4 Alerter - ok
00:31:47.0114 0x02a4 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC5522 0C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
00:31:47.0114 0x02a4 ALG - ok
00:31:47.0130 0x02a4 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D 26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
00:31:47.0130 0x02a4 AliIde - ok
00:31:47.0161 0x02a4 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C072 8CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
00:31:47.0161 0x02a4 alim1541 - ok
00:31:47.0177 0x02a4 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81 256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
00:31:47.0177 0x02a4 amdagp - ok
00:31:47.0192 0x02a4 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE065 86F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
00:31:47.0208 0x02a4 amsint - ok
00:31:47.0255 0x02a4 [ EC94E05B76D033B74394E7B2175103CF, 4F0993951B72478D87AD15A6FC33D3D18FEFAF2A08698CFC63 BBD1EDB784B0FE ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
00:31:47.0255 0x02a4 APPDRV - ok
00:31:47.0302 0x02a4 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB 4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:31:47.0317 0x02a4 AppMgmt - ok
00:31:47.0349 0x02a4 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970 CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:31:47.0349 0x02a4 Arp1394 - ok
00:31:47.0380 0x02a4 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF 269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
00:31:47.0380 0x02a4 asc - ok
00:31:47.0395 0x02a4 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2 755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
00:31:47.0411 0x02a4 asc3350p - ok
00:31:47.0411 0x02a4 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE04 0E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
00:31:47.0427 0x02a4 asc3550 - ok
00:31:47.0458 0x02a4 [ D880831279ED91F9A4190A2DB9539EA9, EAF7D48E026C99EE9C4BC838A3004966517F948051B39DA5B5 072F6DE81165AB ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
00:31:47.0458 0x02a4 ASCTRM - ok
00:31:47.0583 0x02a4 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195 C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe
00:31:47.0645 0x02a4 aspnet_state - ok
00:31:47.0692 0x02a4 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B0 4778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:31:47.0692 0x02a4 AsyncMac - ok
00:31:47.0755 0x02a4 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0 F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:31:47.0755 0x02a4 atapi - ok
00:31:47.0771 0x02a4 Atdisk - ok
00:31:47.0817 0x02a4 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9 A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:31:47.0817 0x02a4 Atmarpc - ok
00:31:47.0896 0x02a4 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7 EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:31:47.0896 0x02a4 AudioSrv - ok
00:31:47.0942 0x02a4 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB35466 51CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:31:47.0942 0x02a4 audstub - ok
00:31:47.0989 0x02a4 [ C768C8A463D32C219CE291645A0621A4, 04878E954E36731445F216017E4FB89686461D6FFD1815803E FBC9DAFAD4CD1E ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
00:31:47.0989 0x02a4 bcm4sbxp - ok
00:31:48.0036 0x02a4 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC111 1D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:31:48.0036 0x02a4 Beep - ok
00:31:48.0114 0x02a4 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F2 99CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
00:31:48.0177 0x02a4 BITS - ok
00:31:48.0239 0x02a4 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241 F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
00:31:48.0255 0x02a4 Browser - ok
00:31:48.0255 0x02a4 catchme - ok
00:31:48.0271 0x02a4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C 78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
00:31:48.0271 0x02a4 cbidf - ok
00:31:48.0286 0x02a4 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C 78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:31:48.0286 0x02a4 cbidf2k - ok
00:31:48.0286 0x02a4 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A6 8BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
00:31:48.0286 0x02a4 cd20xrnt - ok
00:31:48.0302 0x02a4 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E 7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:31:48.0302 0x02a4 Cdaudio - ok
00:31:48.0317 0x02a4 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B 391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:31:48.0317 0x02a4 Cdfs - ok
00:31:48.0333 0x02a4 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286 AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:31:48.0333 0x02a4 Cdrom - ok
00:31:48.0349 0x02a4 Changer - ok
00:31:48.0364 0x02a4 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7 AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:31:48.0364 0x02a4 CiSvc - ok
00:31:48.0380 0x02a4 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA86 28CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:31:48.0380 0x02a4 ClipSrv - ok
00:31:48.0427 0x02a4 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C467 65660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
00:31:48.0489 0x02a4 clr_optimization_v2.0.50727_32 - ok
00:31:48.0505 0x02a4 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730 285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:31:48.0505 0x02a4 CmBatt - ok
00:31:48.0536 0x02a4 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA 748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
00:31:48.0536 0x02a4 CmdIde - ok
00:31:48.0552 0x02a4 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882 F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:31:48.0552 0x02a4 Compbatt - ok
00:31:48.0552 0x02a4 COMSysApp - ok
00:31:48.0567 0x02a4 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA 830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
00:31:48.0567 0x02a4 Cpqarray - ok
00:31:48.0646 0x02a4 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F21 0FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:31:48.0646 0x02a4 CryptSvc - ok
00:31:48.0693 0x02a4 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9 F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
00:31:48.0708 0x02a4 dac2w2k - ok
00:31:48.0724 0x02a4 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CA D0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
00:31:48.0724 0x02a4 dac960nt - ok
00:31:48.0849 0x02a4 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006 CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:31:48.0864 0x02a4 DcomLaunch - ok
00:31:48.0943 0x02a4 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111D EAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:31:48.0943 0x02a4 Dhcp - ok
00:31:48.0958 0x02a4 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F 7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:31:48.0958 0x02a4 Disk - ok
00:31:48.0958 0x02a4 dmadmin - ok
00:31:49.0036 0x02a4 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B571 4AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:31:49.0083 0x02a4 dmboot - ok
00:31:49.0099 0x02a4 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C5 7AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:31:49.0099 0x02a4 dmio - ok
00:31:49.0130 0x02a4 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC9 50CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:31:49.0146 0x02a4 dmload - ok
00:31:49.0161 0x02a4 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F70 4709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
00:31:49.0161 0x02a4 dmserver - ok
00:31:49.0193 0x02a4 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84 313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:31:49.0193 0x02a4 DMusic - ok
00:31:49.0255 0x02a4 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D 09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:31:49.0255 0x02a4 Dnscache - ok
00:31:49.0333 0x02a4 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D49 28DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:31:49.0333 0x02a4 Dot3svc - ok
00:31:49.0364 0x02a4 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C78 7606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
00:31:49.0364 0x02a4 dpti2o - ok
00:31:49.0396 0x02a4 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692 ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:31:49.0396 0x02a4 drmkaud - ok
00:31:49.0458 0x02a4 [ E814854E6B246CCF498874839AB64D77, D7BD17AD9709DA8305FF58710EE5EAA14BA5857F4B64C1CBDD 21751625BFF2A3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
00:31:49.0458 0x02a4 drvmcdb - ok
00:31:49.0474 0x02a4 [ EE83A4EBAE70BC93CF14879D062F548B, CCA423C19BC8A6807EE29DA7FA9F545FDF2D0AAA8D4556E13B 864ED6F6683827 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
00:31:49.0474 0x02a4 drvnddm - ok
00:31:49.0614 0x02a4 [ FE80901578E7E3DA70299A5AEB2B7FBD, E68E8BAAA37AE26318BE8C084CFDD9040E97714C75EAA64B97 20AB41FB1C9EF5 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
00:31:49.0614 0x02a4 DSBrokerService - ok
00:31:49.0693 0x02a4 [ 413F2D5F9D802688242C23B38F767ECB, 6D5B6B8FC6E8E45555C444D3E881D3E44DE4C6F2602ADBB4D0 E8E9F834089827 ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
00:31:49.0693 0x02a4 DSproct - ok
00:31:49.0740 0x02a4 [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18 DB46F49859D1C7 ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
00:31:49.0740 0x02a4 dsunidrv - ok
00:31:49.0802 0x02a4 [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262A D754E5CE457C59 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
00:31:49.0802 0x02a4 E100B - ok
00:31:49.0833 0x02a4 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B14 3A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:31:49.0833 0x02a4 EapHost - ok
00:31:49.0990 0x02a4 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9, F3CA10753B7D76C87A71A0FEDB5EACE77E2E10E8DD44BEE7C6 6BCE17BD3EFD71 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
00:31:49.0990 0x02a4 ehRecvr - ok
00:31:50.0021 0x02a4 [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE2654 4F90B78689EEF9 ] ehSched C:\WINDOWS\eHome\ehSched.exe
00:31:50.0036 0x02a4 ehSched - ok
00:31:50.0068 0x02a4 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D5 79D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:31:50.0068 0x02a4 ERSvc - ok
00:31:50.0115 0x02a4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F 6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
00:31:50.0146 0x02a4 Eventlog - ok
00:31:50.0208 0x02a4 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6 ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
00:31:50.0224 0x02a4 EventSystem - ok
00:31:50.0302 0x02a4 [ ED9C755312F29D55B8C815EEC7115635, FF4DDB10EC7878856641EDFAFA82259FF18F641A10F46E324E EA9361B6D71B4C ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
00:31:50.0302 0x02a4 EvtEng - ok
00:31:50.0365 0x02a4 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AA BFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:31:50.0380 0x02a4 Fastfat - ok
00:31:50.0443 0x02a4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE4 10D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:31:50.0443 0x02a4 FastUserSwitchingCompatibility - ok
00:31:50.0490 0x02a4 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B 60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe
00:31:50.0490 0x02a4 Fax - ok
00:31:50.0552 0x02a4 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E 4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
00:31:50.0552 0x02a4 Fdc - ok
00:31:50.0568 0x02a4 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA253142 7A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:31:50.0583 0x02a4 Fips - ok
00:31:50.0599 0x02a4 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C 0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:31:50.0615 0x02a4 Flpydisk - ok
00:31:50.0693 0x02a4 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B704 1957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:31:50.0693 0x02a4 FltMgr - ok
00:31:50.0896 0x02a4 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C12 0BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe
00:31:50.0896 0x02a4 FontCache3.0.0.0 - ok
00:31:50.0943 0x02a4 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70 660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:31:50.0943 0x02a4 Fs_Rec - ok
00:31:50.0990 0x02a4 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B76 39668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:31:50.0990 0x02a4 Ftdisk - ok
00:31:51.0021 0x02a4 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA 11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:31:51.0021 0x02a4 Gpc - ok
00:31:51.0208 0x02a4 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B 99A296EFEE5737 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:31:51.0208 0x02a4 gupdate - ok
00:31:51.0224 0x02a4 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B 99A296EFEE5737 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:31:51.0224 0x02a4 gupdatem - ok
00:31:51.0255 0x02a4 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F3 8D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:31:51.0271 0x02a4 HDAudBus - ok
00:31:51.0365 0x02a4 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8A DEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:31:51.0365 0x02a4 helpsvc - ok
00:31:51.0427 0x02a4 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB536 44211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:31:51.0427 0x02a4 HidServ - ok
00:31:51.0474 0x02a4 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EE AA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:31:51.0474 0x02a4 HidUsb - ok
00:31:51.0552 0x02a4 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B 7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:31:51.0552 0x02a4 hkmsvc - ok
00:31:51.0583 0x02a4 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB 9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
00:31:51.0583 0x02a4 hpn - ok
00:31:51.0818 0x02a4 [ ED377B3C83FDEA8D906109A085D219BA, 9D55E19A219D40F4866EDBD33CB0B20CEB03F66423417EE4DB C4EC123E552557 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
00:31:51.0834 0x02a4 hpqcxs08 - ok
00:31:51.0880 0x02a4 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794 BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
00:31:51.0880 0x02a4 HPZid412 - ok
00:31:51.0896 0x02a4 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A 7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
00:31:51.0896 0x02a4 HPZipr12 - ok
00:31:51.0912 0x02a4 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E 512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
00:31:51.0912 0x02a4 HPZius12 - ok
00:31:51.0974 0x02a4 [ 1C8CAA80E91FB71864E9426F9EED048D, 2D5AC07A984235E5E01604A64740D1E96F16F0CB09F2D6331C F4B5871C6FABBA ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
00:31:51.0974 0x02a4 HSFHWAZL - ok
00:31:52.0052 0x02a4 [ 698204D9C2832E53633E53A30A53FC3D, AD16E9BDB4CAD80C00AD163A9EBB9D734A06AA4B45AF3B72EE 73EA908D4645C4 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
00:31:52.0099 0x02a4 HSF_DPV - ok
00:31:52.0146 0x02a4 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89 CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:31:52.0146 0x02a4 HTTP - ok
00:31:52.0193 0x02a4 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A573239 0EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:31:52.0193 0x02a4 HTTPFilter - ok
00:31:52.0255 0x02a4 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F7537743483 0536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
00:31:52.0255 0x02a4 i2omgmt - ok
00:31:52.0302 0x02a4 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467 144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
00:31:52.0302 0x02a4 i2omp - ok
00:31:52.0318 0x02a4 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5 B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:31:52.0334 0x02a4 i8042prt - ok
00:31:52.0427 0x02a4 [ CC449157474D5E43DAEA7E20F52C635A, 5C65259E32096949F1E7E449E7F6058408AD28B6276564BD47 7A700E048977DE ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
00:31:52.0490 0x02a4 ialm - ok
00:31:52.0693 0x02a4 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207 BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:31:52.0740 0x02a4 idsvc - ok
00:31:52.0943 0x02a4 [ 922EFF369684B31BE2BCF0663ECF8560, 97B484EF0BAB546C0E27CB8A3CBB21B946824EFB4CACA98237 DC09110FB5642A ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe
00:31:52.0959 0x02a4 IHA_MessageCenter - ok
00:31:52.0990 0x02a4 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D1 8F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:31:52.0990 0x02a4 Imapi - ok
00:31:53.0052 0x02a4 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E8 4AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
00:31:53.0052 0x02a4 ImapiService - ok
00:31:53.0084 0x02a4 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342 FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
00:31:53.0084 0x02a4 ini910u - ok
00:31:53.0115 0x02a4 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7A B488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
00:31:53.0115 0x02a4 IntelIde - ok
00:31:53.0162 0x02a4 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000 F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:31:53.0162 0x02a4 intelppm - ok
00:31:53.0193 0x02a4 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C 18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:31:53.0209 0x02a4 Ip6Fw - ok
00:31:53.0256 0x02a4 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213 CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:31:53.0256 0x02a4 IpFilterDriver - ok
00:31:53.0271 0x02a4 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F 60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:31:53.0271 0x02a4 IpInIp - ok
00:31:53.0318 0x02a4 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5D B629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:31:53.0318 0x02a4 IpNat - ok
00:31:53.0334 0x02a4 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9 E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:31:53.0349 0x02a4 IPSec - ok
00:31:53.0365 0x02a4 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228 AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:31:53.0365 0x02a4 IRENUM - ok
00:31:53.0396 0x02a4 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B 3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:31:53.0396 0x02a4 isapnp - ok
00:31:53.0412 0x02a4 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE2031 0602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:31:53.0412 0x02a4 Kbdclass - ok
00:31:53.0443 0x02a4 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B3 8CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:31:53.0443 0x02a4 kmixer - ok
00:31:53.0474 0x02a4 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131 FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:31:53.0490 0x02a4 KSecDD - ok
00:31:53.0521 0x02a4 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F7 9D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:31:53.0537 0x02a4 lanmanserver - ok
00:31:53.0584 0x02a4 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E7 4D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:31:53.0599 0x02a4 lanmanworkstation - ok
00:31:53.0599 0x02a4 lbrtfdc - ok
00:31:53.0646 0x02a4 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF 062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:31:53.0646 0x02a4 LmHosts - ok
00:31:53.0709 0x02a4 [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A6739476 9E9C0044529B6C ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
00:31:53.0709 0x02a4 McrdSvc - ok
00:31:53.0802 0x02a4 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1 FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
00:31:53.0818 0x02a4 MDM - ok
00:31:53.0834 0x02a4 [ 3C318B9CD391371BED62126581EE9961, 1254273DE950EF8D5922F26D67B55C9D9082F45CDE168E3DAB 20A2E53208DC3A ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:31:53.0834 0x02a4 mdmxsdk - ok
00:31:53.0896 0x02a4 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793 E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:31:53.0896 0x02a4 Messenger - ok
00:31:53.0959 0x02a4 [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8 BC27932EBF890B ] MHN C:\WINDOWS\System32\mhn.dll
00:31:53.0959 0x02a4 MHN - ok
00:31:53.0959 0x02a4 [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F4 9A397C361585C6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
00:31:53.0959 0x02a4 MHNDRV - ok
00:31:53.0990 0x02a4 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A3 8C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:31:53.0990 0x02a4 mnmdd - ok
00:31:54.0037 0x02a4 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608 EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:31:54.0037 0x02a4 mnmsrvc - ok
00:31:54.0068 0x02a4 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F676 8AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:31:54.0068 0x02a4 Modem - ok
00:31:54.0084 0x02a4 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E0478295 7690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:31:54.0084 0x02a4 Mouclass - ok
00:31:54.0131 0x02a4 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B1 5190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:31:54.0146 0x02a4 mouhid - ok
00:31:54.0178 0x02a4 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422 561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:31:54.0178 0x02a4 MountMgr - ok
00:31:54.0303 0x02a4 [ 0E984C9D23342F33B7B855BE79FBA358, 3943F4D3F1063A555F537D666A81F7D85BB0226D8662CA7DAB 4D60BC56061F04 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:31:54.0303 0x02a4 MozillaMaintenance - ok
00:31:54.0334 0x02a4 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F7090 5ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
00:31:54.0349 0x02a4 mraid35x - ok
00:31:54.0412 0x02a4 [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B 2C5FC7B6FDBA05 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
00:31:54.0412 0x02a4 MREMP50 - ok
00:31:54.0412 0x02a4 MREMP50a64 - ok
00:31:54.0412 0x02a4 MREMPR5 - ok
00:31:54.0428 0x02a4 MRENDIS5 - ok
00:31:54.0459 0x02a4 [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECA CD43F14F88106B ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
00:31:54.0459 0x02a4 MRESP50 - ok
00:31:54.0459 0x02a4 MRESP50a64 - ok
00:31:54.0474 0x02a4 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE5 2554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:31:54.0474 0x02a4 MRxDAV - ok
00:31:54.0553 0x02a4 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6 CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:31:54.0584 0x02a4 MRxSmb - ok
00:31:54.0615 0x02a4 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F61630 1B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:31:54.0631 0x02a4 MSDTC - ok
00:31:54.0631 0x02a4 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD 3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:31:54.0631 0x02a4 Msfs - ok
00:31:54.0646 0x02a4 MSIServer - ok
00:31:54.0740 0x02a4 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE 675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:31:54.0756 0x02a4 MSKSSRV - ok
00:31:54.0771 0x02a4 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE8 3DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:31:54.0771 0x02a4 MSPCLOCK - ok
00:31:54.0787 0x02a4 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243 EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:31:54.0787 0x02a4 MSPQM - ok
00:31:54.0818 0x02a4 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A 5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:31:54.0818 0x02a4 mssmbios - ok
00:31:54.0849 0x02a4 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E 0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:31:54.0849 0x02a4 Mup - ok
00:31:54.0959 0x02a4 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F67 85DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:31:54.0959 0x02a4 napagent - ok
00:31:54.0990 0x02a4 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5F E2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:31:55.0006 0x02a4 NDIS - ok
00:31:55.0006 0x02a4 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59 A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:31:55.0021 0x02a4 NdisTapi - ok
00:31:55.0021 0x02a4 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA 4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:31:55.0021 0x02a4 Ndisuio - ok
00:31:55.0037 0x02a4 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F963 3EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:31:55.0053 0x02a4 NdisWan - ok
00:31:55.0100 0x02a4 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC0 06652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:31:55.0100 0x02a4 NDProxy - ok
00:31:55.0146 0x02a4 [ 949941E4DE88DF1FAF49A4B3CFFB756F, 982136CC33D46FE251955498AA67A17EF33CB3B86E87489B4B 787240202839CF ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
00:31:55.0146 0x02a4 Net Driver HPZ12 - ok
00:31:55.0162 0x02a4 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C 1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:31:55.0162 0x02a4 NetBIOS - ok
00:31:55.0193 0x02a4 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F43 58837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:31:55.0193 0x02a4 NetBT - ok
00:31:55.0256 0x02a4 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9 CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
00:31:55.0271 0x02a4 NetDDE - ok
00:31:55.0271 0x02a4 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9 CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:31:55.0287 0x02a4 NetDDEdsdm - ok
00:31:55.0334 0x02a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:31:55.0334 0x02a4 Netlogon - ok
00:31:55.0365 0x02a4 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C13602 7A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
00:31:55.0381 0x02a4 Netman - ok
00:31:55.0412 0x02a4 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2 C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:31:55.0428 0x02a4 NetTcpPortSharing - ok
00:31:55.0459 0x02a4 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0 BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:31:55.0459 0x02a4 NIC1394 - ok
00:31:55.0600 0x02a4 [ 24D29A87A141B5CCDF34260D4890BE89, 283EE7937931184E6FBECFD9BD00F4145E8D1C090E8854DA57 D8A2282D6B6A10 ] NICCONFIGSVC C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
00:31:55.0615 0x02a4 NICCONFIGSVC - ok
00:31:55.0678 0x02a4 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8 602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
00:31:55.0693 0x02a4 Nla - ok
00:31:55.0850 0x02a4 [ 13350DDD0976CEB5F125396C7BFB05B4, C5B109C8680CBAC60E45EC95C7C257BF3D2E7C2A2CF8B301BB 54443C9A8F5DA1 ] nmraapache C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
00:31:55.0850 0x02a4 nmraapache - ok
00:31:55.0912 0x02a4 [ 0413A99F3A728D245DFD1DF443E9CFC1, 4C943D0C9207513A6C46A739A58B1D8AC074DD665BA21AF6F0 CE6BE7AF1FEB0F ] nmservice C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
00:31:55.0912 0x02a4 nmservice - ok
00:31:55.0975 0x02a4 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130 D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:31:55.0975 0x02a4 Npfs - ok
00:31:56.0022 0x02a4 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66C F6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:31:56.0053 0x02a4 Ntfs - ok
00:31:56.0068 0x02a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:31:56.0068 0x02a4 NtLmSsp - ok
00:31:56.0147 0x02a4 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84 F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:31:56.0162 0x02a4 NtmsSvc - ok
00:31:56.0193 0x02a4 [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B63 9D6A5371F381CC ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
00:31:56.0193 0x02a4 NuidFltr - ok
00:31:56.0272 0x02a4 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7 AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
00:31:56.0272 0x02a4 Null - ok
00:31:56.0428 0x02a4 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954 286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:31:56.0522 0x02a4 nv - ok
00:31:56.0568 0x02a4 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8 ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:31:56.0568 0x02a4 NwlnkFlt - ok
00:31:56.0584 0x02a4 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09 A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:31:56.0584 0x02a4 NwlnkFwd - ok
00:31:56.0662 0x02a4 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0 F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:31:56.0678 0x02a4 ohci1394 - ok
00:31:56.0756 0x02a4 [ B17228142CEC9B3C222239FD935A37CA, 862498084CBF4579FCC12807F30BACDAAC16115CC6DB56274B 7C49796B62A5CC ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
00:31:56.0756 0x02a4 omci - ok
00:31:56.0834 0x02a4 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC 918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:31:56.0834 0x02a4 ose - ok
00:31:56.0881 0x02a4 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB 47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:31:56.0881 0x02a4 Parport - ok
00:31:56.0881 0x02a4 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80A E828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:31:56.0897 0x02a4 PartMgr - ok
00:31:56.0912 0x02a4 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD 110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:31:56.0928 0x02a4 ParVdm - ok
00:31:56.0928 0x02a4 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B 22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:31:56.0928 0x02a4 PCI - ok
00:31:56.0944 0x02a4 PCIDump - ok
00:31:56.0944 0x02a4 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020 198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:31:56.0944 0x02a4 PCIIde - ok
00:31:56.0990 0x02a4 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FC FEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:31:57.0006 0x02a4 Pcmcia - ok
00:31:57.0006 0x02a4 PDCOMP - ok
00:31:57.0006 0x02a4 PDFRAME - ok
00:31:57.0022 0x02a4 PDRELI - ok
00:31:57.0022 0x02a4 PDRFRAME - ok
00:31:57.0037 0x02a4 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E 4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
00:31:57.0037 0x02a4 perc2 - ok
00:31:57.0053 0x02a4 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC 429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
00:31:57.0053 0x02a4 perc2hib - ok
00:31:57.0084 0x02a4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F 6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
00:31:57.0084 0x02a4 PlugPlay - ok
00:31:57.0131 0x02a4 [ 2F4CA141A609CAF5C98F6E4760EF1B9B, 42002F65B7EAAAC695D0C45B6132962A61A13FB50F334883C4 C7C1A3E348EAD4 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
00:31:57.0147 0x02a4 Pml Driver HPZ12 - ok
00:31:57.0147 0x02a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:31:57.0162 0x02a4 PolicyAgent - ok
00:31:57.0178 0x02a4 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5B E413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:31:57.0178 0x02a4 PptpMiniport - ok
00:31:57.0178 0x02a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:31:57.0178 0x02a4 ProtectedStorage - ok
00:31:57.0209 0x02a4 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A1 4BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:31:57.0209 0x02a4 PSched - ok
00:31:57.0272 0x02a4 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6 063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:31:57.0272 0x02a4 Ptilink - ok
00:31:57.0303 0x02a4 [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9E AB818A46FB8C18 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:31:57.0303 0x02a4 PxHelp20 - ok
00:31:57.0319 0x02a4 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD18 8E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
00:31:57.0334 0x02a4 ql1080 - ok
00:31:57.0334 0x02a4 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F2 6FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
00:31:57.0334 0x02a4 Ql10wnt - ok
00:31:57.0350 0x02a4 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB 859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
00:31:57.0350 0x02a4 ql12160 - ok
00:31:57.0381 0x02a4 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6D BAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
00:31:57.0381 0x02a4 ql1240 - ok
00:31:57.0397 0x02a4 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C31 6A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
00:31:57.0412 0x02a4 ql1280 - ok
00:31:57.0428 0x02a4 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6 265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:31:57.0428 0x02a4 RasAcd - ok
00:31:57.0475 0x02a4 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F318 62656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:31:57.0475 0x02a4 RasAuto - ok
00:31:57.0506 0x02a4 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9 051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:31:57.0506 0x02a4 Rasl2tp - ok
00:31:57.0569 0x02a4 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7 585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:31:57.0569 0x02a4 RasMan - ok
00:31:57.0584 0x02a4 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D 6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:31:57.0584 0x02a4 RasPppoe - ok
00:31:57.0662 0x02a4 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E 52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:31:57.0662 0x02a4 Raspti - ok
00:31:57.0709 0x02a4 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264C D8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:31:57.0709 0x02a4 Rdbss - ok
00:31:57.0756 0x02a4 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986 E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:31:57.0772 0x02a4 RDPCDD - ok
00:31:57.0787 0x02a4 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129 BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:31:57.0803 0x02a4 rdpdr - ok
00:31:57.0865 0x02a4 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE5070138 1D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:31:57.0865 0x02a4 RDPWD - ok
00:31:57.0912 0x02a4 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944 333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:31:57.0928 0x02a4 RDSessMgr - ok
00:31:57.0944 0x02a4 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CA E8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:31:57.0944 0x02a4 redbook - ok
00:31:57.0975 0x02a4 [ 6F81C8A63FB824EB8A2401AB45795553, 15A583037E609A62CCC8B9C5CCC0D8F6F0B114EECD9C5FD953 A1822F32A1C7B6 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
00:31:57.0991 0x02a4 RegSrvc - ok
00:31:58.0037 0x02a4 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F6 89A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:31:58.0037 0x02a4 RemoteAccess - ok
00:31:58.0053 0x02a4 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6 E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:31:58.0069 0x02a4 RemoteRegistry - ok
00:31:58.0084 0x02a4 [ 24ED7AF20651F9FA1F249482E7C1F165, 6F7BD68CBA0CACDCB6B43A401887A190FD825B4EE1974D0727 1224CB225A8DC2 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
00:31:58.0084 0x02a4 rimmptsk - ok
00:31:58.0116 0x02a4 [ 1BDBA2D2D402415A78A4BA766DFE0F7B, 894EB6956B8F28DE96B846AC87E4FDD9614240871D6A326CEF B7F99184BC3E79 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
00:31:58.0116 0x02a4 rimsptsk - ok
00:31:58.0162 0x02a4 [ F774ECD11A064F0DEBB2D4395418153C, 053CBC85E40C6D8D1FC2968A2B7FD43445E6B0FDEED5905A90 5F953A236052C9 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
00:31:58.0178 0x02a4 rismxdp - ok
00:31:58.0209 0x02a4 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC34 3561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
00:31:58.0209 0x02a4 RpcLocator - ok
00:31:58.0287 0x02a4 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006 CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:31:58.0303 0x02a4 RpcSs - ok
00:31:58.0366 0x02a4 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7 AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:31:58.0366 0x02a4 RSVP - ok
00:31:58.0459 0x02a4 [ B792F2C647B1FC3E4987DE582EE00FE3, 761D7F5C591A103B844183A2EDA32925742441C3F27EF4ABDA 9AD85ED4A5FDD2 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
00:31:58.0475 0x02a4 S24EventMonitor - ok
00:31:58.0506 0x02a4 [ 2E4E912CE95F5EF4D4A5079F6CE367FC, 7B8E0BC81737A4B9A6DC5ECB1B66D78652DD346B0F09719F42 25B4FE56568D69 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
00:31:58.0506 0x02a4 s24trans - ok
00:31:58.0522 0x02a4 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
00:31:58.0522 0x02a4 SamSs - ok
00:31:58.0537 0x02a4 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F 45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:31:58.0553 0x02a4 SCardSvr - ok
00:31:58.0600 0x02a4 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E 6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:31:58.0616 0x02a4 Schedule - ok
00:31:58.0694 0x02a4 [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0 D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
00:31:58.0694 0x02a4 sdbus - ok
00:31:58.0741 0x02a4 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CD D67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:31:58.0741 0x02a4 Secdrv - ok
00:31:58.0803 0x02a4 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35 D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:31:58.0803 0x02a4 seclogon - ok
00:31:58.0866 0x02a4 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E 29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
00:31:58.0866 0x02a4 SENS - ok
00:31:58.0944 0x02a4 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E 5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:31:58.0944 0x02a4 serenum - ok
00:31:58.0959 0x02a4 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1 D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:31:58.0975 0x02a4 Serial - ok
00:31:58.0991 0x02a4 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C87860 4C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:31:58.0991 0x02a4 Sfloppy - ok
00:31:59.0053 0x02a4 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E5 1F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:31:59.0069 0x02a4 SharedAccess - ok
00:31:59.0084 0x02a4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE4 10D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:31:59.0100 0x02a4 ShellHWDetection - ok
00:31:59.0100 0x02a4 Simbad - ok
00:31:59.0131 0x02a4 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C8931 48EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
00:31:59.0131 0x02a4 sisagp - ok
00:31:59.0163 0x02a4 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B14 77C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
00:31:59.0178 0x02a4 Sparrow - ok
00:31:59.0194 0x02a4 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C 3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:31:59.0194 0x02a4 splitter - ok
00:31:59.0272 0x02a4 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE021 3DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:31:59.0272 0x02a4 Spooler - ok
00:31:59.0397 0x02a4 [ C3716EC0D36AD924B6888D794563E647, 15D9796FA6AB380C8BF01CCAB5136CEE7E698BD9573B64FB82 641A8C2375FEAE ] sprtsvc_ddoctorv2 C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
00:31:59.0397 0x02a4 sprtsvc_ddoctorv2 - ok
00:31:59.0428 0x02a4 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2 CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:31:59.0428 0x02a4 sr - ok
00:31:59.0491 0x02a4 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB5813 9CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
00:31:59.0506 0x02a4 srservice - ok
00:31:59.0569 0x02a4 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A7 02CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:31:59.0584 0x02a4 Srv - ok
00:31:59.0616 0x02a4 [ D7968049BE0ADBB6A57CEE3960320911, 6FB6D7BE384324211DAEDCCD80BA983E32183D08DF6C5B5B54 53773DCC0F4D5B ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
00:31:59.0616 0x02a4 sscdbhk5 - ok
00:31:59.0631 0x02a4 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C185 58A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:31:59.0631 0x02a4 SSDPSRV - ok
00:31:59.0631 0x02a4 SSHRMD - ok
00:31:59.0647 0x02a4 SSIDRV - ok
00:31:59.0647 0x02a4 [ C3FFD65ABFB6441E7606CF74F1155273, EFA481D5075A9C0490CEBA5F8223BE322EB3811465F41A1FB3 386E30E8C81714 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
00:31:59.0647 0x02a4 ssrtln - ok
00:31:59.0819 0x02a4 [ 2A2DC39623ADEF8AB3703AB9FAC4B440, A7D66F8364363085EA8BC54AB41E0C1E509A7A88753D6E6707 FACF0265DF2A75 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
00:31:59.0881 0x02a4 STHDA - ok
00:31:59.0944 0x02a4 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246 FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:31:59.0959 0x02a4 stisvc - ok
00:31:59.0991 0x02a4 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A633 4E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:31:59.0991 0x02a4 swenum - ok
00:32:00.0053 0x02a4 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42 C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:32:00.0053 0x02a4 swmidi - ok
00:32:00.0053 0x02a4 SwPrv - ok
00:32:00.0100 0x02a4 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410 BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
00:32:00.0100 0x02a4 symc810 - ok
00:32:00.0116 0x02a4 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F 9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
00:32:00.0116 0x02a4 symc8xx - ok
00:32:00.0147 0x02a4 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E 815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
00:32:00.0147 0x02a4 sym_hi - ok
00:32:00.0163 0x02a4 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF982 67C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
00:32:00.0163 0x02a4 sym_u3 - ok
00:32:00.0225 0x02a4 [ 35D5B3632E0BCEBE27B391157DE05996, 9B0C4E1F0201FCB27A1CF600C6B7B8A288596ECDA10A980F24 FB58B775746222 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
00:32:00.0241 0x02a4 SynTP - ok
00:32:00.0303 0x02a4 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8D CD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:32:00.0303 0x02a4 sysaudio - ok
00:32:00.0350 0x02a4 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57 DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:32:00.0366 0x02a4 SysmonLog - ok
00:32:00.0397 0x02a4 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802 794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:32:00.0413 0x02a4 TapiSrv - ok
00:32:00.0491 0x02a4 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C 7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:32:00.0506 0x02a4 Tcpip - ok
00:32:00.0538 0x02a4 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D 99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:32:00.0538 0x02a4 TDPIPE - ok
00:32:00.0569 0x02a4 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E 38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:32:00.0569 0x02a4 TDTCP - ok
00:32:00.0600 0x02a4 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D9 9DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:32:00.0600 0x02a4 TermDD - ok
00:32:00.0663 0x02a4 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A 248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
00:32:00.0678 0x02a4 TermService - ok
00:32:00.0788 0x02a4 [ 30698355067D07DA5F9EB81132C9FDD6, 80457F8DBB089FFF23ED220924F5C872D896707F4B31E9C77D AB78421B9B2F6D ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
00:32:00.0788 0x02a4 tfsnboio - ok
00:32:00.0803 0x02a4 [ FB9D825BB4A2ABDF24600F7505050E2B, A7A11366525C4DEAD588822F4C57C7ED5D6F3578F2DB2124BF 0441133B3169B9 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
00:32:00.0803 0x02a4 tfsncofs - ok
00:32:00.0819 0x02a4 [ CAFD8CCA11AA1E8B6D2EA1BA8F70EC33, AA5BDE527B67A14654D930252894FEDB8976EAE1F33C2BC0E7 747D2B4EB93C4E ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
00:32:00.0819 0x02a4 tfsndrct - ok
00:32:00.0835 0x02a4 [ 8DB1E78FBF7C426D8EC3D8F1A33D6485, FF437EFD667EFE00729188B18C7E17E8C15D06A2C1F58A0F79 E22DFADCECF969 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
00:32:00.0835 0x02a4 tfsndres - ok
00:32:00.0850 0x02a4 [ B92F67A71CC8176F331B8AA8D9F555AD, F59E8464E44E08C18C3C7D32408D7661923F30FDD35390082D C7F2C02DCC40A3 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
00:32:00.0850 0x02a4 tfsnifs - ok
00:32:00.0866 0x02a4 [ 85985FAA9A71E2358FCC2EDEFC2A3C5C, 9ADD1077C3B34E0EFA85EC4762822330D85F43EB4557C9ED01 5D8D1575E52885 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
00:32:00.0866 0x02a4 tfsnopio - ok
00:32:00.0881 0x02a4 [ BBA22094F0F7C210567EFDAF11F64495, C55D3F3628C73FFA776C9B61BA735CB24DEE9F80F6E74A2F9B D70CFFB863BA57 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
00:32:00.0881 0x02a4 tfsnpool - ok
00:32:00.0881 0x02a4 [ 81340BEF80B9811E98CE64611E67E3FF, CD6679A4D1A7932CD64F1F6AACF09CEC2D8E7DD001F812CC49 756D8F582D907A ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
00:32:00.0897 0x02a4 tfsnudf - ok
00:32:00.0913 0x02a4 [ C035FD116224CCC8325F384776B6A8BB, CB97AD56288F916DE2AF5B1EC9D04AF3A1C2A2FA0A738282DA 3763036DD18F12 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
00:32:00.0928 0x02a4 tfsnudfa - ok
00:32:00.0944 0x02a4 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE4 10D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
00:32:00.0960 0x02a4 Themes - ok
00:32:01.0006 0x02a4 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A6 87BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:32:01.0006 0x02a4 TlntSvr - ok
00:32:01.0038 0x02a4 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9 F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
00:32:01.0038 0x02a4 TosIde - ok
00:32:01.0085 0x02a4 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F4651687 8F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:32:01.0085 0x02a4 TrkWks - ok
00:32:01.0116 0x02a4 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE 5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:32:01.0116 0x02a4 Udfs - ok
00:32:01.0163 0x02a4 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FA F1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
00:32:01.0163 0x02a4 ultra - ok
00:32:01.0241 0x02a4 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D2 4193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:32:01.0257 0x02a4 Update - ok
00:32:01.0303 0x02a4 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946 DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
00:32:01.0319 0x02a4 upnphost - ok
00:32:01.0335 0x02a4 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F 94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
00:32:01.0350 0x02a4 UPS - ok
00:32:01.0397 0x02a4 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5 A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:32:01.0397 0x02a4 usbccgp - ok
00:32:01.0413 0x02a4 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01 C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:32:01.0428 0x02a4 usbehci - ok
00:32:01.0460 0x02a4 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DB F78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:32:01.0460 0x02a4 usbhub - ok
00:32:01.0507 0x02a4 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C 3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:32:01.0507 0x02a4 usbprint - ok
00:32:01.0538 0x02a4 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76 F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:32:01.0538 0x02a4 usbscan - ok
00:32:01.0585 0x02a4 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C59 47DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:32:01.0585 0x02a4 USBSTOR - ok
00:32:01.0663 0x02a4 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A 6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:32:01.0663 0x02a4 usbuhci - ok
00:32:01.0678 0x02a4 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769 BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:32:01.0678 0x02a4 VgaSave - ok
00:32:01.0741 0x02a4 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495 F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
00:32:01.0741 0x02a4 viaagp - ok
00:32:01.0788 0x02a4 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2 BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
00:32:01.0788 0x02a4 ViaIde - ok
00:32:01.0835 0x02a4 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E4 9BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:32:01.0835 0x02a4 VolSnap - ok
00:32:01.0897 0x02a4 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7 B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
00:32:01.0913 0x02a4 VSS - ok
00:32:01.0944 0x02a4 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618F A0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
00:32:01.0960 0x02a4 w32time - ok
00:32:02.0085 0x02a4 [ B1F126E7E28877106D60E6FF3998D033, 1F59798DF18994AA720522CC5FBA5B79F9BD167DBBC2B9D670 F796E1DFD10C0C ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
00:32:02.0147 0x02a4 w39n51 - ok
00:32:02.0210 0x02a4 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5 CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:32:02.0210 0x02a4 Wanarp - ok
00:32:02.0225 0x02a4 wanatw - ok
00:32:02.0350 0x02a4 [ FD47474BD21794508AF449D9D91AF6E6, 2AD586390824F673B5DC5D86FC2423ED9252413D221E1C7EC3 A760782DB6436A ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:32:02.0382 0x02a4 Wdf01000 - ok
00:32:02.0382 0x02a4 WDICA - ok
00:32:02.0413 0x02a4 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD 3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:32:02.0413 0x02a4 wdmaud - ok
00:32:02.0460 0x02a4 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B 40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
00:32:02.0475 0x02a4 WebClient - ok
00:32:02.0569 0x02a4 [ 74CF3F2E4E40C4A2E18D39D6300A5C24, D688190C5C5F3B31AA0CB7843C480EECFE98FB3AD4FB897B59 93B14CECE8BBB2 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
00:32:02.0600 0x02a4 winachsf - ok
00:32:02.0772 0x02a4 [ F45DD1E1365D857DD08BC23563370D0E, D95AEBB2095579D716C62152C8B805E119812FD2E40F14F9A5 BA2EFDE133303B ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
00:32:02.0772 0x02a4 WinDefend - ok
00:32:02.0882 0x02a4 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B3 67A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:32:02.0882 0x02a4 winmgmt - ok
00:32:02.0960 0x02a4 [ AFB5A2A79BB01699A269C316D8B9BEF1, 20FCEE3EC71472A4180BEA6D148EAE37FD5C6FAB853AA417F9 61348837478667 ] WLANKEEPER C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
00:32:02.0975 0x02a4 WLANKEEPER - ok
00:32:03.0022 0x02a4 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16 F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:32:03.0022 0x02a4 WmdmPmSN - ok
00:32:03.0116 0x02a4 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0 B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:32:03.0147 0x02a4 Wmi - ok
00:32:03.0194 0x02a4 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7E F5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:32:03.0210 0x02a4 WmiApSrv - ok
00:32:03.0366 0x02a4 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E 09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
00:32:03.0397 0x02a4 WMPNetworkSvc - ok
00:32:03.0429 0x02a4 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44 D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:32:03.0429 0x02a4 WS2IFSL - ok
00:32:03.0491 0x02a4 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D44 76F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:32:03.0491 0x02a4 wscsvc - ok
00:32:03.0507 0x02a4 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E 27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:32:03.0507 0x02a4 wuauserv - ok
00:32:03.0554 0x02a4 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B6295 4038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:32:03.0569 0x02a4 WudfPf - ok
00:32:03.0616 0x02a4 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE6 0E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:32:03.0616 0x02a4 WudfRd - ok
00:32:03.0710 0x02a4 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F 69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:32:03.0741 0x02a4 WudfSvc - ok
00:32:04.0007 0x02a4 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8A AEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:32:04.0148 0x02a4 WZCSVC - ok
00:32:04.0241 0x02a4 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B520 1D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:32:04.0304 0x02a4 xmlprov - ok
00:32:04.0319 0x02a4 ================ Scan global ===============================
00:32:04.0882 0x02a4 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA9 91DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:32:05.0241 0x02a4 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE 076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:32:05.0335 0x02a4 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE 076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:32:05.0413 0x02a4 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F 6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:32:05.0523 0x02a4 [ Global ] - ok
00:32:05.0523 0x02a4 ================ Scan MBR ==================================
00:32:05.0913 0x02a4 [ DEA9E81F0228B68C9ADAF84C9B0CF931 ] \Device\Harddisk0\DR0
00:32:06.0429 0x02a4 \Device\Harddisk0\DR0 - ok
00:32:06.0429 0x02a4 ================ Scan VBR ==================================
00:32:06.0460 0x02a4 [ C17840DB80D692FDC7A66F9C24437E14 ] \Device\Harddisk0\DR0\Partition1
00:32:06.0460 0x02a4 \Device\Harddisk0\DR0\Partition1 - ok
00:32:06.0460 0x02a4 ================ Scan generic autorun ======================
00:32:06.0554 0x02a4 [ 9E109B03018763FDCB075CE74547BE22, 7321873E646F24B63B7C88B6BC9F4BE5D4DAB60284A9C2E9F0 EB895A9E90231B ] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
00:32:06.0570 0x02a4 ISUSPM Startup - ok
00:32:06.0632 0x02a4 [ 583B7D111304BE63D7D9CB65482D2187, BD9618C9EFED73BC0EB1029502FE0AE0AECD8B0ABA506797C7 8327E71FF0FC0F ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
00:32:06.0648 0x02a4 ISUSScheduler - ok
00:32:06.0757 0x02a4 [ 062F3DB9AFA9C3CE0DA52F28595C0C6D, E1709230623C645418AC949D782F2A2B932315DA73AF29D15F A69F47F62F3749 ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
00:32:06.0804 0x02a4 HP Software Update - ok
00:32:06.0835 0x02a4 [ 0D9F0763B213DF519012DF96F02E9633, 80EF4B16FFEC8DBE01E0C9BC7F3649DAF39B2A80CBD58C2D5B 285E1313D6F764 ] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
00:32:06.0835 0x02a4 hpqSRMon - ok
00:32:06.0945 0x02a4 [ C341CCFBE98BC7DF6E0B856BB9FC265A, 7EA0A5407591EC8D97A9658DBEB7CB57550E143C526C3502E7 3F12FEF46F778C ] C:\Program Files\QuickTime\qttask.exe
00:32:06.0945 0x02a4 QuickTime Task - ok
00:32:06.0960 0x02a4 WIAWizardMenu - ok
00:32:07.0023 0x02a4 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E56 72B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
00:32:07.0023 0x02a4 ctfmon.exe - ok
00:32:07.0195 0x02a4 [ D9009C0433DD64FEBA944189174E6212, DE90C5457A9A3F2A157B6D48171F85F67DC0E82C90FA2FA347 AA2014155CFF8A ] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_ 0_0_189_ActiveX.exe
00:32:07.0257 0x02a4 FlashPlayerUpdate - ok
00:32:07.0304 0x02a4 [ 676B1D0BFA5EF8005395AB43F33DE1F1, 86A26EEB50051DC9D90017212B4200BE2301546404F652D4C0 B0578B7CE75759 ] C:\Program Files\NetWaiting\netWaiting.exe
00:32:07.0304 0x02a4 ModemOnHold - ok
00:32:07.0429 0x02a4 [ B75FDBF14073D72C50624CC8338DD534, 953C7E16B56597ABCCD805A379769B0FD76298669DDE6E1172 C728F410371CE8 ] C:\Program Files\DellSupport\DSAgnt.exe
00:32:07.0460 0x02a4 DellSupport - ok
00:32:07.0460 0x02a4 Waiting for KSN requests completion. In queue: 301
00:32:09.0320 0x02a4 FW detected via SS1: Norton Internet Worm Protection, 2006, disabled
00:32:09.0351 0x02a4 Win FW state via NFM: enabled
00:32:09.0586 0x02a4 ================================================== ==========
00:32:09.0586 0x02a4 Scan finished
00:32:09.0586 0x02a4 ================================================== ==========
00:32:09.0586 0x0440 Detected object count: 0
00:32:09.0586 0x0440 Actual detected object count: 0
00:33:59.0802 0x0d20 ================================================== ==========
00:33:59.0802 0x0d20 Scan started
00:33:59.0802 0x0d20 Mode: Manual; SigCheck; TDLFS;
00:33:59.0802 0x0d20 ================================================== ==========
00:33:59.0802 0x0d20 KSN ping started
00:33:59.0880 0x0d20 KSN ping finished: true
00:34:00.0927 0x0d20 ================ Scan system memory ========================
00:34:02.0474 0x0d20 System memory - ok
00:34:02.0474 0x0d20 ================ Scan services =============================
00:34:02.0662 0x0d20 Abiosdsk - ok
00:34:02.0709 0x0d20 [ 6ABB91494FE6C59089B9336452AB2EA3, FA28396820E44F991891042E051A4414485B54D456F252E03E 3FFE1B4B4CF843 ] abp480n5 C:\WINDOWS\system32\DRIVERS\ABP480N5.SYS
00:34:04.0568 0x0d20 abp480n5 - ok
00:34:04.0647 0x0d20 [ 8FD99680A539792A30E97944FDAECF17, 594F8E0C3695400B0C09A797AF6BDFAC6F750ECD67D0EE8039 14C572B1DCC43C ] ACPI C:\WINDOWS\system32\DRIVERS\ACPI.sys
00:34:05.0147 0x0d20 ACPI - ok
00:34:05.0193 0x0d20 [ 9859C0F6936E723E4892D7141B1327D5, 5E8F6A2FC4DF2E5E92A1D66ECC2810E08B42B64E9CD0DF4AD3 F78EA8558B90AF ] ACPIEC C:\WINDOWS\system32\drivers\ACPIEC.sys
00:34:05.0350 0x0d20 ACPIEC - ok
00:34:05.0397 0x0d20 [ 9A11864873DA202C996558B2106B0BBC, 4C68F1DBD1541291DD0FAB78DB42B25FA051CD9F55ED869173 E3219CD31500C4 ] adpu160m C:\WINDOWS\system32\DRIVERS\adpu160m.sys
00:34:05.0584 0x0d20 adpu160m - ok
00:34:05.0678 0x0d20 [ 8BED39E3C35D6A489438B8141717A557, 1B5796E56B0927360CE0759641B1151828BC0A9E45620D2B2D 880491F5CE33D0 ] aec C:\WINDOWS\system32\drivers\aec.sys
00:34:05.0834 0x0d20 aec - ok
00:34:05.0865 0x0d20 [ 12DAFD934641DCF61E446313BC261EC2, 1731C21DE26B8898531CFF37EFDD362D4B854CE2441C98EC80 84BE03EBB19DB1 ] AegisP C:\WINDOWS\system32\DRIVERS\AegisP.sys
00:34:05.0865 0x0d20 AegisP - detected UnsignedFile.Multi.Generic ( 1 )
00:34:05.0865 0x0d20 Detect skipped due to KSN trusted
00:34:05.0865 0x0d20 AegisP - ok
00:34:05.0928 0x0d20 [ 1E44BC1E83D8FD2305F8D452DB109CF9, CF5EC07E0B589FA2A4701C6CFD69E893FC3ABF274AD57AE3C1 3FFE49063B02C8 ] AFD C:\WINDOWS\System32\drivers\afd.sys
00:34:06.0006 0x0d20 AFD - ok
00:34:06.0037 0x0d20 [ 08FD04AA961BDC77FB983F328334E3D7, A784EC8A9EDB579262366B5A9AB177DB7BEC0A421BDE85431D 0AD4959D5AF5E7 ] agp440 C:\WINDOWS\system32\DRIVERS\agp440.sys
00:34:06.0194 0x0d20 agp440 - ok
00:34:06.0209 0x0d20 [ 03A7E0922ACFE1B07D5DB2EEB0773063, 93EEA872A5642C95FF19C81F8EFFB9B52742A14DBF138784F0 F713AD18C413ED ] agpCPQ C:\WINDOWS\system32\DRIVERS\agpCPQ.sys
00:34:06.0365 0x0d20 agpCPQ - ok
00:34:06.0381 0x0d20 [ C23EA9B5F46C7F7910DB3EAB648FF013, 92C84E9AF278A3B55D56C4F8E6C10E3EF1F7B336A44A018AED 6DC51A46671F0B ] Aha154x C:\WINDOWS\system32\DRIVERS\aha154x.sys
00:34:06.0459 0x0d20 Aha154x - ok
00:34:06.0459 0x0d20 [ 19DD0FB48B0C18892F70E2E7D61A1529, 95BA1568E8E08314508CA0E1F95555891E70399AEC312C793B 46A841F56FFDCF ] aic78u2 C:\WINDOWS\system32\DRIVERS\aic78u2.sys
00:34:06.0631 0x0d20 aic78u2 - ok
00:34:06.0631 0x0d20 [ B7FE594A7468AA0132DEB03FB8E34326, BF0DC2B8C474DB151589BA9968264413521DDD9E7316B752B2 FA40C24200FBE0 ] aic78xx C:\WINDOWS\system32\DRIVERS\aic78xx.sys
00:34:06.0803 0x0d20 aic78xx - ok
00:34:06.0834 0x0d20 [ A9A3DAA780CA6C9671A19D52456705B4, 67C959144B57AE0BBF1D82DBED197F32CDB06FECD883A80C44 1A0202FE83FAB4 ] Alerter C:\WINDOWS\system32\alrsvc.dll
00:34:06.0991 0x0d20 Alerter - ok
00:34:07.0022 0x0d20 [ 8C515081584A38AA007909CD02020B3D, A5E13CA10F702928E0DE84C74D0EA8ACCB117FD76FBABC5522 0C75C4FFD596DC ] ALG C:\WINDOWS\System32\alg.exe
00:34:07.0100 0x0d20 ALG - ok
00:34:07.0116 0x0d20 [ 1140AB9938809700B46BB88E46D72A96, 369379ECC5941ACE984A7F31EAABB66A2E693EDBADA639B86D 26FD681D45608E ] AliIde C:\WINDOWS\system32\DRIVERS\aliide.sys
00:34:07.0256 0x0d20 AliIde - ok
00:34:07.0303 0x0d20 [ CB08AED0DE2DD889A8A820CD8082D83C, B1A9D493390AEDF6EFF8BCAA3B33EC31758452AB497C34C072 8CDDA1D8DCBF2A ] alim1541 C:\WINDOWS\system32\DRIVERS\alim1541.sys
00:34:07.0428 0x0d20 alim1541 - ok
00:34:07.0459 0x0d20 [ 95B4FB835E28AA1336CEEB07FD5B9398, 36CD3B14EF78B01FB653B78187FAA63C4DD5F4137AC3B91D81 256A350EEDCBC1 ] amdagp C:\WINDOWS\system32\DRIVERS\amdagp.sys
00:34:07.0600 0x0d20 amdagp - ok
00:34:07.0663 0x0d20 [ 79F5ADD8D24BD6893F2903A3E2F3FAD6, 9B179F0B6A559639D3AE3975CEBF2718294BE5743517BEE065 86F0D258164C81 ] amsint C:\WINDOWS\system32\DRIVERS\amsint.sys
00:34:07.0725 0x0d20 amsint - ok
00:34:07.0756 0x0d20 [ EC94E05B76D033B74394E7B2175103CF, 4F0993951B72478D87AD15A6FC33D3D18FEFAF2A08698CFC63 BBD1EDB784B0FE ] APPDRV C:\WINDOWS\SYSTEM32\DRIVERS\APPDRV.SYS
00:34:07.0772 0x0d20 APPDRV - detected UnsignedFile.Multi.Generic ( 1 )
00:34:07.0772 0x0d20 Detect skipped due to KSN trusted
00:34:07.0772 0x0d20 APPDRV - ok
00:34:07.0819 0x0d20 [ D8849F77C0B66226335A59D26CB4EDC6, 4990031453204C57E36E850252A39B05D6ECDAB9E71A8136FB 4900F17E59C9CA ] AppMgmt C:\WINDOWS\System32\appmgmts.dll
00:34:07.0897 0x0d20 AppMgmt - ok
00:34:07.0913 0x0d20 [ B5B8A80875C1DEDEDA8B02765642C32F, AD0C71D73B1B8225351FBF4FFB43001A32B4DAE69504C59970 CD2428BB33D4EF ] Arp1394 C:\WINDOWS\system32\DRIVERS\arp1394.sys
00:34:08.0053 0x0d20 Arp1394 - ok
00:34:08.0084 0x0d20 [ 62D318E9A0C8FC9B780008E724283707, 1A69806AB2BDECCEB5EB23A80700B3F98983D5D67F78839CBF 269087FA460757 ] asc C:\WINDOWS\system32\DRIVERS\asc.sys
00:34:08.0209 0x0d20 asc - ok
00:34:08.0256 0x0d20 [ 69EB0CC7714B32896CCBFD5EDCBEA447, 1CB506B5F71F84EFD26961010681D0A79AA7B266573378E3D2 755125DF5D6BB6 ] asc3350p C:\WINDOWS\system32\DRIVERS\asc3350p.sys
00:34:08.0334 0x0d20 asc3350p - ok
00:34:08.0350 0x0d20 [ 5D8DE112AA0254B907861E9E9C31D597, 557C93E82A71131D226267151C84B197503831A16263DDFE04 0E996B605CA9E8 ] asc3550 C:\WINDOWS\system32\DRIVERS\asc3550.sys
00:34:08.0491 0x0d20 asc3550 - ok
00:34:08.0553 0x0d20 [ D880831279ED91F9A4190A2DB9539EA9, EAF7D48E026C99EE9C4BC838A3004966517F948051B39DA5B5 072F6DE81165AB ] ASCTRM C:\WINDOWS\system32\drivers\ASCTRM.sys
00:34:08.0553 0x0d20 ASCTRM - detected UnsignedFile.Multi.Generic ( 1 )
00:34:08.0553 0x0d20 Detect skipped due to KSN trusted
00:34:08.0553 0x0d20 ASCTRM - ok
00:34:08.0710 0x0d20 [ 0E5E4957549056E2BF2C49F4F6B601AD, F7F19FDC906B719A3516D30A9B4A2262C8CC5B36B94E3D4195 C345EC4610FF2B ] aspnet_state C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspn et_state.exe
00:34:08.0725 0x0d20 aspnet_state - ok
00:34:08.0756 0x0d20 [ B153AFFAC761E7F5FCFA822B9C4E97BC, 7E60F572A6B3C6219E3C86225AA37243AFFD74337DB7F108B0 4778042E5CC959 ] AsyncMac C:\WINDOWS\system32\DRIVERS\asyncmac.sys
00:34:08.0928 0x0d20 AsyncMac - ok
00:34:08.0960 0x0d20 [ 9F3A2F5AA6875C72BF062C712CFA2674, B4DF1D2C56A593C6B54DE57395E3B51D288F547842893B32B0 F59228A0CF70B9 ] atapi C:\WINDOWS\system32\DRIVERS\atapi.sys
00:34:09.0116 0x0d20 atapi - ok
00:34:09.0116 0x0d20 Atdisk - ok
00:34:09.0147 0x0d20 [ 9916C1225104BA14794209CFA8012159, 5D6F05F715C52A16D05CAE15C3DFE77A139A7F27F7AE710EC9 A10F9EE05115A1 ] Atmarpc C:\WINDOWS\system32\DRIVERS\atmarpc.sys
00:34:09.0272 0x0d20 Atmarpc - ok
00:34:09.0319 0x0d20 [ DEF7A7882BEC100FE0B2CE2549188F9D, 462C95B63D0A1058291A2DC8CBFCB13D7D74CCD1CA43B613A7 EB43D49E3276F8 ] AudioSrv C:\WINDOWS\System32\audiosrv.dll
00:34:09.0475 0x0d20 AudioSrv - ok
00:34:09.0506 0x0d20 [ D9F724AA26C010A217C97606B160ED68, 329B5118F2409731D06FDAE85B6ADD64A048292801BCB35466 51CEB303111695 ] audstub C:\WINDOWS\system32\DRIVERS\audstub.sys
00:34:09.0647 0x0d20 audstub - ok
00:34:09.0694 0x0d20 [ C768C8A463D32C219CE291645A0621A4, 04878E954E36731445F216017E4FB89686461D6FFD1815803E FBC9DAFAD4CD1E ] bcm4sbxp C:\WINDOWS\system32\DRIVERS\bcm4sbxp.sys
00:34:09.0757 0x0d20 bcm4sbxp - ok
00:34:09.0803 0x0d20 [ DA1F27D85E0D1525F6621372E7B685E9, 5A81A46A3BDD19DAFC6C87D277267A5D44F3A1B5302F2CC111 1D84B7BAD5610D ] Beep C:\WINDOWS\system32\drivers\Beep.sys
00:34:09.0944 0x0d20 Beep - ok
00:34:10.0007 0x0d20 [ 574738F61FCA2935F5265DC4E5691314, 3C7CCF064397186C3A3863DD2370AB6414A61B330097DCA4F2 99CA7BBAA3D1B4 ] BITS C:\WINDOWS\system32\qmgr.dll
00:34:10.0163 0x0d20 BITS - ok
00:34:10.0210 0x0d20 [ CFD4E51402DA9838B5A04AE680AF54A0, 5378F42B195B5832B00A05AD64E00473A45FFB86AC25C57241 F26EA82B149FE1 ] Browser C:\WINDOWS\System32\browser.dll
00:34:10.0303 0x0d20 Browser - ok
00:34:10.0319 0x0d20 catchme - ok
00:34:10.0335 0x0d20 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C 78A6A10CBB3EBE ] cbidf C:\WINDOWS\system32\DRIVERS\cbidf2k.sys
00:34:10.0475 0x0d20 cbidf - ok
00:34:10.0491 0x0d20 [ 90A673FC8E12A79AFBED2576F6A7AAF9, BDE7858A3457DB979FEDD8577FA6321BF72848E4A7BF9F173C 78A6A10CBB3EBE ] cbidf2k C:\WINDOWS\system32\drivers\cbidf2k.sys
00:34:10.0600 0x0d20 cbidf2k - ok
00:34:10.0616 0x0d20 [ F3EC03299634490E97BBCE94CD2954C7, CDC85ADA27E0D501581CE6F28D7E1941E90411FA8E8F2C43A6 8BAA8CB78E85DD ] cd20xrnt C:\WINDOWS\system32\DRIVERS\cd20xrnt.sys
00:34:10.0710 0x0d20 cd20xrnt - ok
00:34:10.0725 0x0d20 [ C1B486A7658353D33A10CC15211A873B, AA4DD9E7AAE5AAB1146B360B17001F975D2F29A1281CF7B13E 7136480410F347 ] Cdaudio C:\WINDOWS\system32\drivers\Cdaudio.sys
00:34:10.0897 0x0d20 Cdaudio - ok
00:34:10.0960 0x0d20 [ C885B02847F5D2FD45A24E219ED93B32, B26B2F8E3A831E2B65EB0C5195B0645CD50E22615CE79C9B0B 391CD563B121DB ] Cdfs C:\WINDOWS\system32\drivers\Cdfs.sys
00:34:11.0132 0x0d20 Cdfs - ok
00:34:11.0179 0x0d20 [ 1F4260CC5B42272D71F79E570A27A4FE, B51C2A3ED3C309953D0EA45869C8E464C10F2533DADE9E0286 AF674979098D1D ] Cdrom C:\WINDOWS\system32\DRIVERS\cdrom.sys
00:34:11.0319 0x0d20 Cdrom - ok
00:34:11.0335 0x0d20 Changer - ok
00:34:11.0366 0x0d20 [ 1CFE720EB8D93A7158A4EBC3AB178BDE, 65D2A9D9A88F38D4AF323134C151BA0F4B3CD0F6A134AF86E7 AC9D07319F1726 ] CiSvc C:\WINDOWS\system32\cisvc.exe
00:34:11.0522 0x0d20 CiSvc - ok
00:34:11.0538 0x0d20 [ 34CBE729F38138217F9C80212A2A0C82, A9FD7A758D12E0818A11BEEF1CE772FEFA8373E92EF6C0DA86 28CD4572CC9A43 ] ClipSrv C:\WINDOWS\system32\clipsrv.exe
00:34:11.0710 0x0d20 ClipSrv - ok
00:34:11.0757 0x0d20 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C467 65660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\msco rsvw.exe
00:34:11.0772 0x0d20 clr_optimization_v2.0.50727_32 - ok
00:34:11.0819 0x0d20 [ 0F6C187D38D98F8DF904589A5F94D411, DB987093446216CEE913AC27503BF7E23E5A62DF169B355730 285DAB64F6ED28 ] CmBatt C:\WINDOWS\system32\DRIVERS\CmBatt.sys
00:34:11.0944 0x0d20 CmBatt - ok
00:34:11.0991 0x0d20 [ E5DCB56C533014ECBC556A8357C929D5, B2915C0C07EDBA59C5D02680804C4C2DE099D73DE0D0DD0CDA 748F34F11057E0 ] CmdIde C:\WINDOWS\system32\DRIVERS\cmdide.sys
00:34:12.0101 0x0d20 CmdIde - ok
00:34:12.0116 0x0d20 [ 6E4C9F21F0FAE8940661144F41B13203, 731202A0DD021FCF9287FEA631212603AAAC23F9E7F76B2882 F913B18A971F1C ] Compbatt C:\WINDOWS\system32\DRIVERS\compbatt.sys
00:34:12.0257 0x0d20 Compbatt - ok
00:34:12.0257 0x0d20 COMSysApp - ok
00:34:12.0272 0x0d20 [ 3EE529119EED34CD212A215E8C40D4B6, A6B71F3D4EE7358CA85F010E6271A6B72226D25DF30ED331DA 830639ED3E9903 ] Cpqarray C:\WINDOWS\system32\DRIVERS\cpqarray.sys
00:34:12.0397 0x0d20 Cpqarray - ok
00:34:12.0444 0x0d20 [ 3D4E199942E29207970E04315D02AD3B, 0825960894CF9C86CC8775BDD2A262948A09CA495AA7FE9F21 0FAF49E7086383 ] CryptSvc C:\WINDOWS\System32\cryptsvc.dll
00:34:12.0569 0x0d20 CryptSvc - ok
00:34:12.0648 0x0d20 [ E550E7418984B65A78299D248F0A7F36, 52F6BD1027E91F9A90AFAB82C7F2A0314B7E55262F5293D5F9 F8F12135EDD88C ] dac2w2k C:\WINDOWS\system32\DRIVERS\dac2w2k.sys
00:34:12.0804 0x0d20 dac2w2k - ok
00:34:12.0804 0x0d20 [ 683789CAA3864EB46125AE86FF677D34, B725D026E069AD253192E21245260CBA44EF3C72781616A2CA D0BF0E2D86D510 ] dac960nt C:\WINDOWS\system32\DRIVERS\dac960nt.sys
00:34:12.0960 0x0d20 dac960nt - ok
00:34:13.0023 0x0d20 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006 CE8CF30E826CFD ] DcomLaunch C:\WINDOWS\system32\rpcss.dll
00:34:13.0179 0x0d20 DcomLaunch - ok
00:34:13.0210 0x0d20 [ 5E38D7684A49CACFB752B046357E0589, F192AD4190BCFB6939A5CBC91648FE63168AF79A5E227A111D EAD6A92E42AB8D ] Dhcp C:\WINDOWS\System32\dhcpcsvc.dll
00:34:13.0382 0x0d20 Dhcp - ok
00:34:13.0444 0x0d20 [ 044452051F3E02E7963599FC8F4F3E25, 584BDDB074618BE76454CF90E74829CFF588B5B5FAEB793E2F 7AAD26352DD689 ] Disk C:\WINDOWS\system32\DRIVERS\disk.sys
00:34:13.0616 0x0d20 Disk - ok
00:34:13.0632 0x0d20 dmadmin - ok
00:34:13.0757 0x0d20 [ D992FE1274BDE0F84AD826ACAE022A41, C82BD6561A14F2932A761F5883A787B99031250EE5E9B7B571 4AA045545C9B99 ] dmboot C:\WINDOWS\system32\drivers\dmboot.sys
00:34:14.0054 0x0d20 dmboot - ok
00:34:14.0085 0x0d20 [ 7C824CF7BBDE77D95C08005717A95F6F, A73CB323B7A6410C3D3F258BF204E716ADF8C84C9E4F6562C5 7AB73DAED8CCDE ] dmio C:\WINDOWS\system32\drivers\dmio.sys
00:34:14.0241 0x0d20 dmio - ok
00:34:14.0304 0x0d20 [ E9317282A63CA4D188C0DF5E09C6AC5F, D41E002F555FE9015EF620975255F58BB79198CA1FF0E09EC9 50CB450FF77CF7 ] dmload C:\WINDOWS\system32\drivers\dmload.sys
00:34:14.0413 0x0d20 dmload - ok
00:34:14.0460 0x0d20 [ 57EDEC2E5F59F0335E92F35184BC8631, 61F6F0DC2D1A6C61D5EF0D5CC4BE0FFC217F1E61FDA3EA9F70 4709293656600F ] dmserver C:\WINDOWS\System32\dmserver.dll
00:34:14.0601 0x0d20 dmserver - ok
00:34:14.0632 0x0d20 [ 8A208DFCF89792A484E76C40E5F50B45, 4E40E2EB38C6254E7CAA488200E89EE7DEBBBA773890BC6A84 313CC68178D54F ] DMusic C:\WINDOWS\system32\drivers\DMusic.sys
00:34:14.0788 0x0d20 DMusic - ok
00:34:14.0820 0x0d20 [ 5F7E24FA9EAB896051FFB87F840730D2, 356EEFDCD54DECAD0170B34B993E4BF80DD039E2B2922D7A8D 09B84031E9FC7A ] Dnscache C:\WINDOWS\System32\dnsrslvr.dll
00:34:14.0976 0x0d20 Dnscache - ok
00:34:15.0038 0x0d20 [ 0F0F6E687E5E15579EF4DA8DD6945814, 5C32D88119EB1465B2D719BEE2E05888D1A73454B5E33F2D49 28DA710F8BFBA3 ] Dot3svc C:\WINDOWS\System32\dot3svc.dll
00:34:15.0163 0x0d20 Dot3svc - ok
00:34:15.0210 0x0d20 [ 40F3B93B4E5B0126F2F5C0A7A5E22660, 8AFFF28903037F5E36BB5352F2B236A217558FCC0146B23C78 7606C3F21243DB ] dpti2o C:\WINDOWS\system32\DRIVERS\dpti2o.sys
00:34:15.0335 0x0d20 dpti2o - ok
00:34:15.0367 0x0d20 [ 8F5FCFF8E8848AFAC920905FBD9D33C8, C8C6FB97AB0871C8C88A2201525A5CF10D5131CB6980D32692 ED7A8F58399AD5 ] drmkaud C:\WINDOWS\system32\drivers\drmkaud.sys
00:34:15.0570 0x0d20 drmkaud - ok
00:34:15.0695 0x0d20 [ E814854E6B246CCF498874839AB64D77, D7BD17AD9709DA8305FF58710EE5EAA14BA5857F4B64C1CBDD 21751625BFF2A3 ] drvmcdb C:\WINDOWS\system32\drivers\drvmcdb.sys
00:34:15.0710 0x0d20 drvmcdb - detected UnsignedFile.Multi.Generic ( 1 )
00:34:15.0710 0x0d20 Detect skipped due to KSN trusted
00:34:15.0710 0x0d20 drvmcdb - ok
00:34:15.0710 0x0d20 [ EE83A4EBAE70BC93CF14879D062F548B, CCA423C19BC8A6807EE29DA7FA9F545FDF2D0AAA8D4556E13B 864ED6F6683827 ] drvnddm C:\WINDOWS\system32\drivers\drvnddm.sys
00:34:15.0726 0x0d20 drvnddm - detected UnsignedFile.Multi.Generic ( 1 )
00:34:15.0726 0x0d20 Detect skipped due to KSN trusted
00:34:15.0726 0x0d20 drvnddm - ok
00:34:15.0835 0x0d20 [ FE80901578E7E3DA70299A5AEB2B7FBD, E68E8BAAA37AE26318BE8C084CFDD9040E97714C75EAA64B97 20AB41FB1C9EF5 ] DSBrokerService C:\Program Files\DellSupport\brkrsvc.exe
00:34:15.0851 0x0d20 DSBrokerService - ok
00:34:15.0898 0x0d20 [ 413F2D5F9D802688242C23B38F767ECB, 6D5B6B8FC6E8E45555C444D3E881D3E44DE4C6F2602ADBB4D0 E8E9F834089827 ] DSproct C:\Program Files\DellSupport\GTAction\triggers\DSproct.sys
00:34:15.0914 0x0d20 DSproct - detected UnsignedFile.Multi.Generic ( 1 )
00:34:15.0914 0x0d20 Detect skipped due to KSN trusted
00:34:15.0914 0x0d20 DSproct - ok
00:34:15.0945 0x0d20 [ DFEABB7CFFFADEA4A912AB95BDC3177A, 9A93956CF826F419ACB2B3CA8809917E345ACFD43B102EAB18 DB46F49859D1C7 ] dsunidrv C:\WINDOWS\system32\DRIVERS\dsunidrv.sys
00:34:15.0976 0x0d20 dsunidrv - ok
00:34:16.0007 0x0d20 [ 3FCA03CBCA11269F973B70FA483C88EF, 0995989B9EBE5CE1C5489139849FB2AD69DE9749650BBC262A D754E5CE457C59 ] E100B C:\WINDOWS\system32\DRIVERS\e100b325.sys
00:34:16.0179 0x0d20 E100B - ok
00:34:16.0242 0x0d20 [ 2187855A7703ADEF0CEF9EE4285182CC, 8233CC11F637866C0074043835A785EA2B616739B6B1181B14 3A253CF2508CFD ] EapHost C:\WINDOWS\System32\eapsvc.dll
00:34:16.0492 0x0d20 EapHost - ok
00:34:16.0632 0x0d20 [ 5D1347AA5AE6E2F77D7F4F8372D95AC9, F3CA10753B7D76C87A71A0FEDB5EACE77E2E10E8DD44BEE7C6 6BCE17BD3EFD71 ] ehRecvr C:\WINDOWS\eHome\ehRecvr.exe
00:34:16.0882 0x0d20 ehRecvr - ok
00:34:16.0945 0x0d20 [ A53243709439AC2A4C216B817F8D7411, AF4624EEA9B165DE873B7D104D1EA3BE9A14BBC5B4CABE2654 4F90B78689EEF9 ] ehSched C:\WINDOWS\eHome\ehSched.exe
00:34:17.0054 0x0d20 ehSched - ok
00:34:17.0101 0x0d20 [ BC93B4A066477954555966D77FEC9ECB, 27F5B780175EF46DA102EE33F7F33559C8B40C077EEA4405D5 79D9507F4B1C23 ] ERSvc C:\WINDOWS\System32\ersvc.dll
00:34:17.0273 0x0d20 ERSvc - ok
00:34:17.0320 0x0d20 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F 6486DB580E92A4 ] Eventlog C:\WINDOWS\system32\services.exe
00:34:17.0351 0x0d20 Eventlog - ok
00:34:17.0414 0x0d20 [ D4991D98F2DB73C60D042F1AEF79EFAE, 58AF949EAEBF4FF3E3314DFB66CE4198BF65F0836B68CD27A6 ED319742CCCCD2 ] EventSystem C:\WINDOWS\system32\es.dll
00:34:17.0492 0x0d20 EventSystem - ok
00:34:17.0570 0x0d20 [ ED9C755312F29D55B8C815EEC7115635, FF4DDB10EC7878856641EDFAFA82259FF18F641A10F46E324E EA9361B6D71B4C ] EvtEng C:\Program Files\Intel\Wireless\Bin\EvtEng.exe
00:34:17.0586 0x0d20 EvtEng - detected UnsignedFile.Multi.Generic ( 1 )
00:34:17.0586 0x0d20 Detect skipped due to KSN trusted
00:34:17.0586 0x0d20 EvtEng - ok
00:34:17.0695 0x0d20 [ 38D332A6D56AF32635675F132548343E, E6909DB836AF679B4F4D62C7396D6C82769CC7ABB8C919C2AA BFE934FCE268F6 ] Fastfat C:\WINDOWS\system32\drivers\Fastfat.sys
00:34:17.0836 0x0d20 Fastfat - ok
00:34:17.0898 0x0d20 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE4 10D404E344444B ] FastUserSwitchingCompatibility C:\WINDOWS\System32\shsvcs.dll
00:34:18.0008 0x0d20 FastUserSwitchingCompatibility - ok
00:34:18.0117 0x0d20 [ E97D6A8684466DF94FF3BC24FB787A07, 89E5A6889E3C5AB9AD3E80FFC16DD608278F3ADC282048B40B 60196336A5CBEB ] Fax C:\WINDOWS\system32\fxssvc.exe
00:34:18.0351 0x0d20 Fax - ok
00:34:18.0367 0x0d20 [ 92CDD60B6730B9F50F6A1A0C1F8CDC81, 8307A532AB4D05CBBCE206DC2759497708BF5AAA880BD00F0E 4F281D8578A1F5 ] Fdc C:\WINDOWS\system32\DRIVERS\fdc.sys
00:34:18.0523 0x0d20 Fdc - ok
00:34:18.0539 0x0d20 [ D45926117EB9FA946A6AF572FBE1CAA3, 4C94EF009D778BE0BDF8F812F026B96F91F641BE30AA253142 7A5E63DBD280DA ] Fips C:\WINDOWS\system32\drivers\Fips.sys
00:34:18.0679 0x0d20 Fips - ok
00:34:18.0711 0x0d20 [ 9D27E7B80BFCDF1CDD9B555862D5E7F0, 69C271AD5BCEBFD8AE5A769BDD7EC51256DA3A8ADAD5D12E5C 0D13F4E82D8805 ] Flpydisk C:\WINDOWS\system32\DRIVERS\flpydisk.sys
00:34:18.0836 0x0d20 Flpydisk - ok
00:34:18.0898 0x0d20 [ B2CF4B0786F8212CB92ED2B50C6DB6B0, 280F5CF8A90F7BEDE73ADD0DD0F8952088133A7CA9A3D3B704 1957E33B36845D ] FltMgr C:\WINDOWS\system32\drivers\fltmgr.sys
00:34:19.0070 0x0d20 FltMgr - ok
00:34:19.0180 0x0d20 [ 8BA7C024070F2B7FDD98ED8A4BA41789, 47585006F86B2C6016EC54250A416794792D1E4024FF229C12 0BC25B684AF66A ] FontCache3.0.0.0 c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\Presen tationFontCache.exe
00:34:19.0195 0x0d20 FontCache3.0.0.0 - ok
00:34:19.0211 0x0d20 [ 3E1E2BD4F39B0E2B7DC4F4D2BCC2779A, EC635E071201A766845D48973772CBE0958942B4162F3F5F70 660D114CC877E0 ] Fs_Rec C:\WINDOWS\system32\drivers\Fs_Rec.sys
00:34:19.0351 0x0d20 Fs_Rec - ok
00:34:19.0383 0x0d20 [ 6AC26732762483366C3969C9E4D2259D, FF2C9A23CC17F380093F0BEA955B1925794271C2FEA16B9B76 39668E6999BAE3 ] Ftdisk C:\WINDOWS\system32\DRIVERS\ftdisk.sys
00:34:19.0523 0x0d20 Ftdisk - ok
00:34:19.0570 0x0d20 [ 0A02C63C8B144BD8C86B103DEE7C86A2, 7A3235DD3E1995DD72B212FAEB3ECA2A974434DE9BF6D269EA 11BA65A80E7E50 ] Gpc C:\WINDOWS\system32\DRIVERS\msgpc.sys
00:34:19.0695 0x0d20 Gpc - ok
00:34:19.0883 0x0d20 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B 99A296EFEE5737 ] gupdate C:\Program Files\Google\Update\GoogleUpdate.exe
00:34:19.0898 0x0d20 gupdate - ok
00:34:19.0914 0x0d20 [ A8FD9222E4D72596BB37DA8BE95C0BA4, 52FC3AA9F704300041E486E57FE863218E4CDF4C8EEE05CA6B 99A296EFEE5737 ] gupdatem C:\Program Files\Google\Update\GoogleUpdate.exe
00:34:19.0930 0x0d20 gupdatem - ok
00:34:19.0961 0x0d20 [ 573C7D0A32852B48F3058CFD8026F511, BC384BBA394AFDCDA1A9ABC858C692AA84A1F0A31AF3DDF7F3 8D120C027927FB ] HDAudBus C:\WINDOWS\system32\DRIVERS\HDAudBus.sys
00:34:20.0102 0x0d20 HDAudBus - ok
00:34:20.0195 0x0d20 [ 4FCCA060DFE0C51A09DD5C3843888BCD, D82417706B517F2610DDF7C86BE03A72EFA9A2A389DF5C8F8A DEAB8144E2C80A ] helpsvc C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll
00:34:20.0383 0x0d20 helpsvc - ok
00:34:20.0477 0x0d20 [ DEB04DA35CC871B6D309B77E1443C796, F66A15C9528D661940F1F4CA453B3E95036D68C74C3B8AB536 44211DBD3D2F32 ] HidServ C:\WINDOWS\System32\hidserv.dll
00:34:20.0633 0x0d20 HidServ - ok
00:34:20.0695 0x0d20 [ CCF82C5EC8A7326C3066DE870C06DAF1, 93395FA4C26B2E82DC8B7025ED3BCF583885E5D8C5F60CD6EE AA6335D6A126EC ] HidUsb C:\WINDOWS\system32\DRIVERS\hidusb.sys
00:34:20.0820 0x0d20 HidUsb - ok
00:34:20.0867 0x0d20 [ 8878BD685E490239777BFE51320B88E9, C5C3ECF6B049B6736E35B39518A8F830B45C45A88FFE8E3A6B 7922AD946597E2 ] hkmsvc C:\WINDOWS\System32\kmsvc.dll
00:34:21.0024 0x0d20 hkmsvc - ok
00:34:21.0070 0x0d20 [ B028377DEA0546A5FCFBA928A8AEFAE0, FD7B34A6036AD443014B16394A5F051A298CEE4276D50525FB 9F15A0D2684C8B ] hpn C:\WINDOWS\system32\DRIVERS\hpn.sys
00:34:21.0227 0x0d20 hpn - ok
00:34:21.0414 0x0d20 [ ED377B3C83FDEA8D906109A085D219BA, 9D55E19A219D40F4866EDBD33CB0B20CEB03F66423417EE4DB C4EC123E552557 ] hpqcxs08 C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll
00:34:21.0445 0x0d20 hpqcxs08 - detected UnsignedFile.Multi.Generic ( 1 )
00:34:21.0445 0x0d20 Detect skipped due to KSN trusted
00:34:21.0445 0x0d20 hpqcxs08 - ok
00:34:21.0477 0x0d20 [ D03D10F7DED688FECF50F8FBF1EA9B8A, C19A733571BA831E24EE45EDB730FFFDBA22638F138A32A794 BEAB8D8B71D8DD ] HPZid412 C:\WINDOWS\system32\DRIVERS\HPZid412.sys
00:34:21.0586 0x0d20 HPZid412 - ok
00:34:21.0602 0x0d20 [ 89F41658929393487B6B7D13C8528CE3, 5D06A11225A83F3F33417148BE53654080C88BFA876FEB486A 7E43410AC99F23 ] HPZipr12 C:\WINDOWS\system32\DRIVERS\HPZipr12.sys
00:34:21.0664 0x0d20 HPZipr12 - ok
00:34:21.0680 0x0d20 [ ABCB05CCDBF03000354B9553820E39F8, 6361B5A57CDE23AC5E987ACECF3BEE7AD51134C6E5BF4F833E 512C9BC4B86877 ] HPZius12 C:\WINDOWS\system32\DRIVERS\HPZius12.sys
00:34:21.0727 0x0d20 HPZius12 - ok
00:34:21.0789 0x0d20 [ 1C8CAA80E91FB71864E9426F9EED048D, 2D5AC07A984235E5E01604A64740D1E96F16F0CB09F2D6331C F4B5871C6FABBA ] HSFHWAZL C:\WINDOWS\system32\DRIVERS\HSFHWAZL.sys
00:34:21.0852 0x0d20 HSFHWAZL - ok
00:34:21.0977 0x0d20 [ 698204D9C2832E53633E53A30A53FC3D, AD16E9BDB4CAD80C00AD163A9EBB9D734A06AA4B45AF3B72EE 73EA908D4645C4 ] HSF_DPV C:\WINDOWS\system32\DRIVERS\HSF_DPV.sys
00:34:22.0102 0x0d20 HSF_DPV - ok
00:34:22.0180 0x0d20 [ F80A415EF82CD06FFAF0D971528EAD38, 524D9E9201572929522F6805011783711B7C0F76308B924C89 CF75F4B7A1FDF3 ] HTTP C:\WINDOWS\system32\Drivers\HTTP.sys
00:34:22.0336 0x0d20 HTTP - ok
00:34:22.0367 0x0d20 [ 6100A808600F44D999CEBDEF8841C7A3, 61A75118C327812C60622010985A2E80E79B6FD9030A573239 0EE5426E4AF6C9 ] HTTPFilter C:\WINDOWS\System32\w3ssl.dll
00:34:22.0571 0x0d20 HTTPFilter - ok
00:34:22.0633 0x0d20 [ 9368670BD426EBEA5E8B18A62416EC28, 0ED865F8FB79F0B6309521925280E8640DB5CA6F7537743483 0536899734B6EE ] i2omgmt C:\WINDOWS\system32\drivers\i2omgmt.sys
00:34:22.0742 0x0d20 i2omgmt - ok
00:34:22.0867 0x0d20 [ F10863BF1CCC290BABD1A09188AE49E0, BC038EAE6C8A76D56A5AD27035DC0369D6E766711E9FAA7467 144370851F1615 ] i2omp C:\WINDOWS\system32\DRIVERS\i2omp.sys
00:34:23.0008 0x0d20 i2omp - ok
00:34:23.0024 0x0d20 [ 4A0B06AA8943C1E332520F7440C0AA30, DB2452390CCFE67E0C5FEB4FD42CA24ABE2DDD40D0B22DD5F5 B8F70416863918 ] i8042prt C:\WINDOWS\system32\DRIVERS\i8042prt.sys
00:34:23.0164 0x0d20 i8042prt - ok
00:34:23.0305 0x0d20 [ CC449157474D5E43DAEA7E20F52C635A, 5C65259E32096949F1E7E449E7F6058408AD28B6276564BD47 7A700E048977DE ] ialm C:\WINDOWS\system32\DRIVERS\ialmnt5.sys
00:34:23.0493 0x0d20 ialm - ok
00:34:23.0649 0x0d20 [ C01AC32DC5C03076CFB852CB5DA5229C, A4D7749220B5BC965D96A267F1E02FE8284A230BA249109207 BD4B9EA8DFAC96 ] idsvc C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
00:34:23.0727 0x0d20 idsvc - ok
00:34:23.0883 0x0d20 [ 922EFF369684B31BE2BCF0663ECF8560, 97B484EF0BAB546C0E27CB8A3CBB21B946824EFB4CACA98237 DC09110FB5642A ] IHA_MessageCenter C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMes sageCenter.exe
00:34:23.0961 0x0d20 IHA_MessageCenter - detected UnsignedFile.Multi.Generic ( 1 )
00:34:23.0961 0x0d20 Detect skipped due to KSN trusted
00:34:23.0961 0x0d20 IHA_MessageCenter - ok
00:34:24.0008 0x0d20 [ 083A052659F5310DD8B6A6CB05EDCF8E, 48D39B03FFB6FAA1529B774443BA12618AE3982D9F65A7B9D1 8F2269F78B31F4 ] Imapi C:\WINDOWS\system32\DRIVERS\imapi.sys
00:34:24.0196 0x0d20 Imapi - ok
00:34:24.0290 0x0d20 [ 30DEAF54A9755BB8546168CFE8A6B5E1, 3936228CD3125C763ABFCB93E86E4B43838202BCC0913A28E8 4AC0263B43EE0D ] ImapiService C:\WINDOWS\system32\imapi.exe
00:34:24.0446 0x0d20 ImapiService - ok
00:34:24.0461 0x0d20 [ 4A40E045FAEE58631FD8D91AFC620719, 7A2FD81BD483821B3DA01B1CD7215423EDD719CBE3862C0342 FF7D21A17AF437 ] ini910u C:\WINDOWS\system32\DRIVERS\ini910u.sys
00:34:24.0602 0x0d20 ini910u - ok
00:34:24.0665 0x0d20 [ B5466A9250342A7AA0CD1FBA13420678, 87E735C4E8924A883AB692D387A83BCBFAE6E165688336AE7A B488F7CA8D339E ] IntelIde C:\WINDOWS\system32\DRIVERS\intelide.sys
00:34:24.0821 0x0d20 IntelIde - ok
00:34:24.0852 0x0d20 [ 8C953733D8F36EB2133F5BB58808B66B, 555868F246D73652E998B0B1296476E42FCEDED30D646CC000 F31ECE4EBC25E6 ] intelppm C:\WINDOWS\system32\DRIVERS\intelppm.sys
00:34:24.0962 0x0d20 intelppm - ok
00:34:24.0993 0x0d20 [ 3BB22519A194418D5FEC05D800A19AD0, F6662F440950596DC1382DD1DB5D7891CCEA30A6062BEA942C 18445B5F0D8B16 ] Ip6Fw C:\WINDOWS\system32\drivers\ip6fw.sys
00:34:25.0118 0x0d20 Ip6Fw - ok
00:34:25.0149 0x0d20 [ 731F22BA402EE4B62748ADAF6363C182, 5C3BEBD008A5BE4DC2F92076FF41A10DDC01E10EC7E6552213 CFA11970811848 ] IpFilterDriver C:\WINDOWS\system32\DRIVERS\ipfltdrv.sys
00:34:25.0274 0x0d20 IpFilterDriver - ok
00:34:25.0321 0x0d20 [ B87AB476DCF76E72010632B5550955F5, E6E74D3A86A7917A8BAED44F8E97CCD2EB171E4E4B27E9907F 60D1523FAF319A ] IpInIp C:\WINDOWS\system32\DRIVERS\ipinip.sys
00:34:25.0430 0x0d20 IpInIp - ok
00:34:25.0462 0x0d20 [ CC748EA12C6EFFDE940EE98098BF96BB, AF523E21C25D9A1715EFEA573E4F52AF5D4FC9F28A2D613F5D B629C186C439E0 ] IpNat C:\WINDOWS\system32\DRIVERS\ipnat.sys
00:34:25.0618 0x0d20 IpNat - ok
00:34:25.0665 0x0d20 [ 23C74D75E36E7158768DD63D92789A91, 394D296F38E7D8EFD91A6EEC301D9CE6AF910E35EB9819F1A9 E3363863AEDFDC ] IPSec C:\WINDOWS\system32\DRIVERS\ipsec.sys
00:34:25.0821 0x0d20 IPSec - ok
00:34:25.0837 0x0d20 [ C93C9FF7B04D772627A3646D89F7BF89, 805FA48E7A46D4F10240BF880A2468F53DEA36E83004399228 AB70DB7D20544A ] IRENUM C:\WINDOWS\system32\DRIVERS\irenum.sys
00:34:25.0899 0x0d20 IRENUM - ok
00:34:25.0930 0x0d20 [ 05A299EC56E52649B1CF2FC52D20F2D7, 2654619DB3E6D6C385B63AB02F87D4241C4F0250CC31383D1B 3586917166C2DC ] isapnp C:\WINDOWS\system32\DRIVERS\isapnp.sys
00:34:26.0055 0x0d20 isapnp - ok
00:34:26.0087 0x0d20 [ 463C1EC80CD17420A542B7F36A36F128, E3B11BA26AFEAFB50B0FC168EA07F6049DA6B88BCDDEEE2031 0602D7FC27A3A7 ] Kbdclass C:\WINDOWS\system32\DRIVERS\kbdclass.sys
00:34:26.0227 0x0d20 Kbdclass - ok
00:34:26.0259 0x0d20 [ 692BCF44383D056AED41B045A323D378, 1A99DEE83FFAF64E73067FC049C0A4CE07D94E4AE31EFA17B3 8CEFA9E41D67DC ] kmixer C:\WINDOWS\system32\drivers\kmixer.sys
00:34:26.0430 0x0d20 kmixer - ok
00:34:26.0446 0x0d20 [ B467646C54CC746128904E1654C750C1, 3BD71BE3663EA23463D236D8A2A2E42DFA10C502BDB4B6E131 FAF0FBA748219E ] KSecDD C:\WINDOWS\system32\drivers\KSecDD.sys
00:34:26.0587 0x0d20 KSecDD - ok
00:34:26.0634 0x0d20 [ 3A7C3CBE5D96B8AE96CE81F0B22FB527, 0044F03132596A494448CCE5F3D6ECC12617BB4CF6BAE348F7 9D4DC40ACD6EE0 ] lanmanserver C:\WINDOWS\System32\srvsvc.dll
00:34:26.0774 0x0d20 lanmanserver - ok
00:34:26.0821 0x0d20 [ A8888A5327621856C0CEC4E385F69309, B08B63300D824E35E31EEEA2C4C086DFA2C2A964CEDAE512E7 4D3D88AADAA2C1 ] lanmanworkstation C:\WINDOWS\System32\wkssvc.dll
00:34:26.0899 0x0d20 lanmanworkstation - ok
00:34:26.0915 0x0d20 lbrtfdc - ok
00:34:26.0962 0x0d20 [ A7DB739AE99A796D91580147E919CC59, EDF4E039BA277B0E6D66FEB0B28096E67D682C09DFC18ECECF 062D9DCFB75ACF ] LmHosts C:\WINDOWS\System32\lmhsvc.dll
00:34:27.0118 0x0d20 LmHosts - ok
00:34:27.0165 0x0d20 [ DF0A511F38F16016BF658FCA0090CB87, 6D2F6360A4E1D369607F2F394B4A8C6EE8EEE9FA46A6739476 9E9C0044529B6C ] McrdSvc C:\WINDOWS\ehome\mcrdsvc.exe
00:34:27.0196 0x0d20 McrdSvc - ok
00:34:27.0337 0x0d20 [ 11F714F85530A2BD134074DC30E99FCA, BDB5FD3B2DF4ADD19B31965B3E789768B59E872B3EA85912B1 FFB32B2AF9D5D8 ] MDM C:\Program Files\Common Files\Microsoft Shared\VS7DEBUG\MDM.EXE
00:34:27.0368 0x0d20 MDM - ok
00:34:27.0368 0x0d20 [ 3C318B9CD391371BED62126581EE9961, 1254273DE950EF8D5922F26D67B55C9D9082F45CDE168E3DAB 20A2E53208DC3A ] mdmxsdk C:\WINDOWS\system32\DRIVERS\mdmxsdk.sys
00:34:27.0399 0x0d20 mdmxsdk - ok
00:34:27.0431 0x0d20 [ 986B1FF5814366D71E0AC5755C88F2D3, E6AF051174531C24B38E73987755D366ABEC595476C6D17793 E8DCCC73F55340 ] Messenger C:\WINDOWS\System32\msgsvc.dll
00:34:27.0571 0x0d20 Messenger - ok
00:34:27.0602 0x0d20 [ B7521F69C0A9B29D356157229376FB21, A77C89BDC181038DD0F9A8AC0F7164B10EF9C54B0C57D8BAB8 BC27932EBF890B ] MHN C:\WINDOWS\System32\mhn.dll
00:34:27.0649 0x0d20 MHN - detected UnsignedFile.Multi.Generic ( 1 )
00:34:27.0649 0x0d20 Detect skipped due to KSN trusted
00:34:27.0649 0x0d20 MHN - ok
00:34:27.0665 0x0d20 [ 7F2F1D2815A6449D346FCCCBC569FBD6, 1C5A321CE95CE4D9AA2CB5A00E9B7E711521A6BBB25D36F7F4 9A397C361585C6 ] MHNDRV C:\WINDOWS\system32\DRIVERS\mhndrv.sys
00:34:27.0681 0x0d20 MHNDRV - detected UnsignedFile.Multi.Generic ( 1 )
00:34:27.0681 0x0d20 Detect skipped due to KSN trusted
00:34:27.0681 0x0d20 MHNDRV - ok
00:34:27.0727 0x0d20 [ 4AE068242760A1FB6E1A44BF4E16AFA6, 1FB771162B96AAF787AC24867B818DF8511F0780BB094FA9A3 8C11D8DBFE68BC ] mnmdd C:\WINDOWS\system32\drivers\mnmdd.sys
00:34:27.0868 0x0d20 mnmdd - ok
00:34:27.0915 0x0d20 [ D18F1F0C101D06A1C1ADF26EED16FCDD, BA0837C7780BD8262E143E2935AFA63BE59C3C39EF56CB8608 EED0F50AF070D4 ] mnmsrvc C:\WINDOWS\system32\mnmsrvc.exe
00:34:28.0040 0x0d20 mnmsrvc - ok
00:34:28.0087 0x0d20 [ DFCBAD3CEC1C5F964962AE10E0BCC8E1, B342CC9EC3729AB1AB4B5E2E99F890C1E0CA649162DE91F676 8AB857B719E97B ] Modem C:\WINDOWS\system32\drivers\Modem.sys
00:34:28.0212 0x0d20 Modem - ok
00:34:28.0228 0x0d20 [ 35C9E97194C8CFB8430125F8DBC34D04, 0C0FCE6B0A23FB0ECB92E1663E1C72D2DD5B177D82E0478295 7690B69530DB39 ] Mouclass C:\WINDOWS\system32\DRIVERS\mouclass.sys
00:34:28.0368 0x0d20 Mouclass - ok
00:34:28.0415 0x0d20 [ B1C303E17FB9D46E87A98E4BA6769685, 161A45488522055D0F0474ABEDA04DDD0B5DAC2411AF9154B1 5190BBD66E7153 ] mouhid C:\WINDOWS\system32\DRIVERS\mouhid.sys
00:34:28.0524 0x0d20 mouhid - ok
00:34:28.0540 0x0d20 [ A80B9A0BAD1B73637DBCBBA7DF72D3FD, 2A5E15ED2C24C6C65EF2F7E1FD93374774076C9D8D451E4422 561F4D269C012F ] MountMgr C:\WINDOWS\system32\drivers\MountMgr.sys
00:34:28.0665 0x0d20 MountMgr - ok
00:34:28.0728 0x0d20 [ 0E984C9D23342F33B7B855BE79FBA358, 3943F4D3F1063A555F537D666A81F7D85BB0226D8662CA7DAB 4D60BC56061F04 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
00:34:28.0806 0x0d20 MozillaMaintenance - ok
00:34:28.0837 0x0d20 [ 3F4BB95E5A44F3BE34824E8E7CAF0737, 9A4F9E63AA55B779AF3563C66C8E40D9C42FF3BB5F533F7090 5ADC7A44EA7DAD ] mraid35x C:\WINDOWS\system32\DRIVERS\mraid35x.sys
00:34:28.0978 0x0d20 mraid35x - ok
00:34:29.0040 0x0d20 [ 9BD4DCB5412921864A7AACDEDFBD1923, 46DEE9B9414D26203B62F0D6CAEBF37A3CEFD118556129547B 2C5FC7B6FDBA05 ] MREMP50 C:\PROGRA~1\COMMON~1\Motive\MREMP50.SYS
00:34:29.0056 0x0d20 MREMP50 - detected UnsignedFile.Multi.Generic ( 1 )
00:34:29.0056 0x0d20 Detect skipped due to KSN trusted
00:34:29.0056 0x0d20 MREMP50 - ok
00:34:29.0056 0x0d20 MREMP50a64 - ok
00:34:29.0071 0x0d20 MREMPR5 - ok
00:34:29.0071 0x0d20 MRENDIS5 - ok
00:34:29.0087 0x0d20 [ 07C02C892E8E1A72D6BF35004F0E9C5E, 09ECD59AADF08E2AA0C1BAF5D3D7CBB0948153E531E1F82ECA CD43F14F88106B ] MRESP50 C:\PROGRA~1\COMMON~1\Motive\MRESP50.SYS
00:34:29.0103 0x0d20 MRESP50 - detected UnsignedFile.Multi.Generic ( 1 )
00:34:29.0103 0x0d20 Detect skipped due to KSN trusted
00:34:29.0103 0x0d20 MRESP50 - ok
00:34:29.0118 0x0d20 MRESP50a64 - ok
00:34:29.0134 0x0d20 [ 11D42BB6206F33FBB3BA0288D3EF81BD, 76ABCFB62C5AC549F58C231F72A99882CDEB74928104B77FE5 2554765C2B1A22 ] MRxDAV C:\WINDOWS\system32\DRIVERS\mrxdav.sys
00:34:29.0259 0x0d20 MRxDAV - ok
00:34:29.0321 0x0d20 [ 7D304A5EB4344EBEEAB53A2FE3FFB9F0, DB9B186F7076D7B94F45041AF7B77C1AD2CAB504D683B459C6 CB1C22840ED170 ] MRxSmb C:\WINDOWS\system32\DRIVERS\mrxsmb.sys
00:34:29.0493 0x0d20 MRxSmb - ok
00:34:29.0525 0x0d20 [ A137F1470499A205ABBB9AAFB3B6F2B1, FB4951727543030D9E6ED74149C3FAACE2CA9DA8C1B5F61630 1B30B858C724E8 ] MSDTC C:\WINDOWS\system32\msdtc.exe
00:34:29.0650 0x0d20 MSDTC - ok
00:34:29.0665 0x0d20 [ C941EA2454BA8350021D774DAF0F1027, C940E978C7B66A713A0FDAB54B5F995DF59D089AFCD96221DD 3222948CD49BBD ] Msfs C:\WINDOWS\system32\drivers\Msfs.sys
00:34:29.0775 0x0d20 Msfs - ok
00:34:29.0775 0x0d20 MSIServer - ok
00:34:29.0806 0x0d20 [ D1575E71568F4D9E14CA56B7B0453BF1, 4ABE0E24786C0D39FA2B885447E56204CA6942FB175E534DCE 675D7BCF0B176A ] MSKSSRV C:\WINDOWS\system32\drivers\MSKSSRV.sys
00:34:30.0009 0x0d20 MSKSSRV - ok
00:34:30.0025 0x0d20 [ 325BB26842FC7CCC1FCCE2C457317F3E, C07BE560513B1FB91D756494F0BA4AEEB2E1998DE0E1C21EE8 3DB1183B0CEE91 ] MSPCLOCK C:\WINDOWS\system32\drivers\MSPCLOCK.sys
00:34:30.0134 0x0d20 MSPCLOCK - ok
00:34:30.0228 0x0d20 [ BAD59648BA099DA4A17680B39730CB3D, 9AD4C7C94C186C8815D0BC75DCAFB962158DA6935A244BA243 EDDDEB33F9816C ] MSPQM C:\WINDOWS\system32\drivers\MSPQM.sys
00:34:30.0368 0x0d20 MSPQM - ok
00:34:30.0400 0x0d20 [ AF5F4F3F14A8EA2C26DE30F7A1E17136, AC93A1E4ABB0D038B772E429015567E44CC2EDB66C54DBE23A 5F98176FAC1520 ] mssmbios C:\WINDOWS\system32\DRIVERS\mssmbios.sys
00:34:30.0540 0x0d20 mssmbios - ok
00:34:30.0634 0x0d20 [ DE6A75F5C270E756C5508D94B6CF68F5, FCC972DDC36C2C44D836913F10004C2C33B11C54DEFFF0C63E 0FDF901D2F9261 ] Mup C:\WINDOWS\system32\drivers\Mup.sys
00:34:30.0728 0x0d20 Mup - ok
00:34:30.0822 0x0d20 [ 0102140028FAD045756796E1C685D695, 5335B8278418CA200E2772124F0602C3E15A5CAF2D5CC59F67 85DFAABF339B09 ] napagent C:\WINDOWS\System32\qagentrt.dll
00:34:31.0040 0x0d20 napagent - ok
00:34:31.0072 0x0d20 [ 1DF7F42665C94B825322FAE71721130D, FE0DCB728471465B39A42A7511F4133021FBA5DF88F88BCB5F E2FF34CFD713F9 ] NDIS C:\WINDOWS\system32\drivers\NDIS.sys
00:34:31.0212 0x0d20 NDIS - ok
00:34:31.0259 0x0d20 [ 0109C4F3850DFBAB279542515386AE22, 4F6DB1E499AC853FD36FD603FBB6D3AC9BDCEB298C7FE1FB59 A9236CB46729B2 ] NdisTapi C:\WINDOWS\system32\DRIVERS\ndistapi.sys
00:34:31.0337 0x0d20 NdisTapi - ok
00:34:31.0353 0x0d20 [ F927A4434C5028758A842943EF1A3849, B1AA3AF150C05307461774925901789456B0CCCD03A5E71ADA 4AB58455962BEE ] Ndisuio C:\WINDOWS\system32\DRIVERS\ndisuio.sys
00:34:31.0494 0x0d20 Ndisuio - ok
00:34:31.0525 0x0d20 [ EDC1531A49C80614B2CFDA43CA8659AB, 494042F790F33721328B4451E79842E21919681CC421A4F963 3EC4D383E06097 ] NdisWan C:\WINDOWS\system32\DRIVERS\ndiswan.sys
00:34:31.0650 0x0d20 NdisWan - ok
00:34:31.0697 0x0d20 [ 2F597BB467E05B1FE3830EABD821B8E0, 141497F5A49D47CCE3C9289644F4BD838DCB238F6D8E847FC0 06652E21FE02AC ] NDProxy C:\WINDOWS\system32\drivers\NDProxy.sys
00:34:31.0759 0x0d20 NDProxy - ok
00:34:31.0806 0x0d20 [ 949941E4DE88DF1FAF49A4B3CFFB756F, 982136CC33D46FE251955498AA67A17EF33CB3B86E87489B4B 787240202839CF ] Net Driver HPZ12 C:\WINDOWS\system32\HPZinw12.dll
00:34:31.0822 0x0d20 Net Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
00:34:31.0822 0x0d20 Detect skipped due to KSN trusted
00:34:31.0822 0x0d20 Net Driver HPZ12 - ok
00:34:31.0869 0x0d20 [ 5D81CF9A2F1A3A756B66CF684911CDF0, 7989C36607CAEA17AFA2C1C9904145CA0714A54B9F712D9D4C 1AB140D0B2CC0C ] NetBIOS C:\WINDOWS\system32\DRIVERS\netbios.sys
00:34:32.0025 0x0d20 NetBIOS - ok
00:34:32.0056 0x0d20 [ 74B2B2F5BEA5E9A3DC021D685551BD3D, 7932B71F98B4122BE88F576BF6D745A757AE378A48924B7F43 58837B75640A82 ] NetBT C:\WINDOWS\system32\DRIVERS\netbt.sys
00:34:32.0212 0x0d20 NetBT - ok
00:34:32.0244 0x0d20 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9 CDE99F1C6B0F4C ] NetDDE C:\WINDOWS\system32\netdde.exe
00:34:32.0416 0x0d20 NetDDE - ok
00:34:32.0431 0x0d20 [ B857BA82860D7FF85AE29B095645563B, 86FF0E4CDD9C394E8BABD93A4D57E73FF9A779261717DEC6E9 CDE99F1C6B0F4C ] NetDDEdsdm C:\WINDOWS\system32\netdde.exe
00:34:32.0541 0x0d20 NetDDEdsdm - ok
00:34:32.0619 0x0d20 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] Netlogon C:\WINDOWS\system32\lsass.exe
00:34:32.0744 0x0d20 Netlogon - ok
00:34:32.0791 0x0d20 [ 13E67B55B3ABD7BF3FE7AAE5A0F9A9DE, 4E0A67B3CC897E80D4B342FFE8B7B4CC4F6CA2EF2D34C13602 7A098B2E1C6166 ] Netman C:\WINDOWS\System32\netman.dll
00:34:32.0931 0x0d20 Netman - ok
00:34:32.0994 0x0d20 [ D34612C5D02D026535B3095D620626AE, 1BBCCCBF49EB8807240A77DCB43C25C21682073CC5356594E2 C4F53EF36BF657 ] NetTcpPortSharing C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
00:34:33.0009 0x0d20 NetTcpPortSharing - ok
00:34:33.0041 0x0d20 [ E9E47CFB2D461FA0FC75B7A74C6383EA, 544136F5BFD4DC23D45E90F12FA48B82FD9EAEA9EAF3E0F5F0 BD27E23D672C3E ] NIC1394 C:\WINDOWS\system32\DRIVERS\nic1394.sys
00:34:33.0181 0x0d20 NIC1394 - ok
00:34:33.0306 0x0d20 [ 24D29A87A141B5CCDF34260D4890BE89, 283EE7937931184E6FBECFD9BD00F4145E8D1C090E8854DA57 D8A2282D6B6A10 ] NICCONFIGSVC C:\Program Files\Dell\NICCONFIGSVC\NICCONFIGSVC.exe
00:34:33.0384 0x0d20 NICCONFIGSVC - detected UnsignedFile.Multi.Generic ( 1 )
00:34:33.0384 0x0d20 Detect skipped due to KSN trusted
00:34:33.0384 0x0d20 NICCONFIGSVC - ok
00:34:33.0431 0x0d20 [ 943337D786A56729263071623BBB9DE5, B631B47C869FE4ACF46E4AA272435D9A9CA536E3349E3FFBB8 602636FEE7AFD4 ] Nla C:\WINDOWS\System32\mswsock.dll
00:34:33.0463 0x0d20 Nla - ok
00:34:33.0603 0x0d20 [ 13350DDD0976CEB5F125396C7BFB05B4, C5B109C8680CBAC60E45EC95C7C257BF3D2E7C2A2CF8B301BB 54443C9A8F5DA1 ] nmraapache C:\Program Files\Pure Networks\Network Magic\WebServer\bin\nmraapache.exe
00:34:33.0619 0x0d20 nmraapache - detected UnsignedFile.Multi.Generic ( 1 )
00:34:33.0619 0x0d20 Detect skipped due to KSN trusted
00:34:33.0619 0x0d20 nmraapache - ok
00:34:33.0728 0x0d20 [ 0413A99F3A728D245DFD1DF443E9CFC1, 4C943D0C9207513A6C46A739A58B1D8AC074DD665BA21AF6F0 CE6BE7AF1FEB0F ] nmservice C:\Program Files\Pure Networks\Network Magic\nmsrvc.exe
00:34:33.0759 0x0d20 nmservice - ok
00:34:33.0822 0x0d20 [ 3182D64AE053D6FB034F44B6DEF8034A, 4ADFC76965BA2A5F488E71789A4E4EA702A74AF42725F72130 D1CA919406CF19 ] Npfs C:\WINDOWS\system32\drivers\Npfs.sys
00:34:34.0009 0x0d20 Npfs - ok
00:34:34.0072 0x0d20 [ 78A08DD6A8D65E697C18E1DB01C5CDCA, E0E6F3ED05068E32F1D5C2D2B38CDEF4536B8656DB6756C66C F6B40B60C8F3DA ] Ntfs C:\WINDOWS\system32\drivers\Ntfs.sys
00:34:34.0275 0x0d20 Ntfs - ok
00:34:34.0291 0x0d20 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] NtLmSsp C:\WINDOWS\system32\lsass.exe
00:34:34.0416 0x0d20 NtLmSsp - ok
00:34:34.0494 0x0d20 [ 156F64A3345BD23C600655FB4D10BC08, 9611BE411586E068D9297D77102DB3BE48AA67F1BAD6F61A84 F83FC3043FA9CD ] NtmsSvc C:\WINDOWS\system32\ntmssvc.dll
00:34:34.0635 0x0d20 NtmsSvc - ok
00:34:34.0697 0x0d20 [ CF7E041663119E09D2E118521ADA9300, 0BDDEDA787CCBE34D515945717AF972143A3684F6D37F87B63 9D6A5371F381CC ] NuidFltr C:\WINDOWS\system32\DRIVERS\NuidFltr.sys
00:34:34.0713 0x0d20 NuidFltr - ok
00:34:34.0744 0x0d20 [ 73C1E1F395918BC2C6DD67AF7591A3AD, B21133A75253EC15E2DFF66D3B480AB1A7E1A2360476C810E7 AA55D0F0EB08D4 ] Null C:\WINDOWS\system32\drivers\Null.sys
00:34:34.0885 0x0d20 Null - ok
00:34:35.0041 0x0d20 [ 2B298519EDBFCF451D43E0F1E8F1006D, 67F3F2001F4C8DABD253D60AB3222793635532DC51AD977954 286F8A246F5592 ] nv C:\WINDOWS\system32\DRIVERS\nv4_mini.sys
00:34:35.0322 0x0d20 nv - ok
00:34:35.0369 0x0d20 [ B305F3FAD35083837EF46A0BBCE2FC57, 9D0E0E666D652D0FC9EAB97280A5D67AAF61D6B21929DF7CF8 ED72A367720464 ] NwlnkFlt C:\WINDOWS\system32\DRIVERS\nwlnkflt.sys
00:34:35.0494 0x0d20 NwlnkFlt - ok
00:34:35.0525 0x0d20 [ C99B3415198D1AAB7227F2C88FD664B9, DD8DA4B5E804F134AB9233859544C025062902DFC3E8FB8A09 A67337A4E73F55 ] NwlnkFwd C:\WINDOWS\system32\DRIVERS\nwlnkfwd.sys
00:34:35.0650 0x0d20 NwlnkFwd - ok
00:34:35.0697 0x0d20 [ CA33832DF41AFB202EE7AEB05145922F, 9DD0089C2E13C7F81214C3B5A4A61276292052F9BBFEA7FCD0 F6AA27815D5F95 ] ohci1394 C:\WINDOWS\system32\DRIVERS\ohci1394.sys
00:34:35.0838 0x0d20 ohci1394 - ok
00:34:35.0869 0x0d20 [ B17228142CEC9B3C222239FD935A37CA, 862498084CBF4579FCC12807F30BACDAAC16115CC6DB56274B 7C49796B62A5CC ] omci C:\WINDOWS\system32\DRIVERS\omci.sys
00:34:35.0869 0x0d20 omci - detected UnsignedFile.Multi.Generic ( 1 )
00:34:35.0869 0x0d20 Detect skipped due to KSN trusted
00:34:35.0869 0x0d20 omci - ok
00:34:35.0916 0x0d20 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC 918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
00:34:35.0932 0x0d20 ose - ok
00:34:35.0963 0x0d20 [ 5575FAF8F97CE5E713D108C2A58D7C7C, 96D4595D19A78CCBE8B325A08780AC077AE5CC99642ACD72FB 47AEAE8D344D3B ] Parport C:\WINDOWS\system32\DRIVERS\parport.sys
00:34:36.0088 0x0d20 Parport - ok
00:34:36.0103 0x0d20 [ BEB3BA25197665D82EC7065B724171C6, 7E71C13BA30CD95CEE8A9CC85E6F48A01F30EDEAADEE69D80A E828BF97E5A5CA ] PartMgr C:\WINDOWS\system32\drivers\PartMgr.sys
00:34:36.0213 0x0d20 PartMgr - ok
00:34:36.0244 0x0d20 [ 70E98B3FD8E963A6A46A2E6247E0BEA1, 6771313EC41B3B5BFD398F60706E40BE71617046880CC352DD 110B001AFC22A1 ] ParVdm C:\WINDOWS\system32\drivers\ParVdm.sys
00:34:36.0400 0x0d20 ParVdm - ok
00:34:36.0416 0x0d20 [ A219903CCF74233761D92BEF471A07B1, D4E6C360A1D2FCA4D17C991B834D68BF20F5111DD06B1FAB8B 22984804CEC269 ] PCI C:\WINDOWS\system32\DRIVERS\pci.sys
00:34:36.0557 0x0d20 PCI - ok
00:34:36.0557 0x0d20 PCIDump - ok
00:34:36.0572 0x0d20 [ CCF5F451BB1A5A2A522A76E670000FF0, D63F7E5A39653EC9CCE94B7D84B2D3EBD4F54533BD65701020 198724042C9257 ] PCIIde C:\WINDOWS\system32\DRIVERS\pciide.sys
00:34:36.0682 0x0d20 PCIIde - ok
00:34:36.0713 0x0d20 [ 9E89EF60E9EE05E3F2EEF2DA7397F1C1, 0BA3DB21DC7C641C181E2635B5C9B73965FDCDCD3EBBBE48FC FEC1C8C987F617 ] Pcmcia C:\WINDOWS\system32\drivers\Pcmcia.sys
00:34:36.0854 0x0d20 Pcmcia - ok
00:34:36.0869 0x0d20 PDCOMP - ok
00:34:36.0869 0x0d20 PDFRAME - ok
00:34:36.0885 0x0d20 PDRELI - ok
00:34:36.0885 0x0d20 PDRFRAME - ok
00:34:36.0916 0x0d20 [ 6C14B9C19BA84F73D3A86DBA11133101, 2CFB7E027E43C1B3890985DFD7987B23E4E3CC003E3FD2583E 4A8AC1F8A13B26 ] perc2 C:\WINDOWS\system32\DRIVERS\perc2.sys
00:34:37.0041 0x0d20 perc2 - ok
00:34:37.0072 0x0d20 [ F50F7C27F131AFE7BEBA13E14A3B9416, C0498EA65B908C07A734324ED70DB27F434FAAA815DD02F1BC 429A3AB6C663D5 ] perc2hib C:\WINDOWS\system32\DRIVERS\perc2hib.sys
00:34:37.0213 0x0d20 perc2hib - ok
00:34:37.0244 0x0d20 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F 6486DB580E92A4 ] PlugPlay C:\WINDOWS\system32\services.exe
00:34:37.0275 0x0d20 PlugPlay - ok
00:34:37.0322 0x0d20 [ 2F4CA141A609CAF5C98F6E4760EF1B9B, 42002F65B7EAAAC695D0C45B6132962A61A13FB50F334883C4 C7C1A3E348EAD4 ] Pml Driver HPZ12 C:\WINDOWS\system32\HPZipm12.dll
00:34:37.0338 0x0d20 Pml Driver HPZ12 - detected UnsignedFile.Multi.Generic ( 1 )
00:34:37.0354 0x0d20 Detect skipped due to KSN trusted
00:34:37.0354 0x0d20 Pml Driver HPZ12 - ok
00:34:37.0369 0x0d20 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] PolicyAgent C:\WINDOWS\system32\lsass.exe
00:34:37.0479 0x0d20 PolicyAgent - ok
00:34:37.0541 0x0d20 [ EFEEC01B1D3CF84F16DDD24D9D9D8F99, C5F0C8C66A3AF7E7BB04CEDE4AC5306F8387AB384A2107DC5B E413AAE968EFF1 ] PptpMiniport C:\WINDOWS\system32\DRIVERS\raspptp.sys
00:34:37.0666 0x0d20 PptpMiniport - ok
00:34:37.0682 0x0d20 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] ProtectedStorage C:\WINDOWS\system32\lsass.exe
00:34:37.0791 0x0d20 ProtectedStorage - ok
00:34:37.0822 0x0d20 [ 09298EC810B07E5D582CB3A3F9255424, 35473A1BE25AC289474090EB0806AC6B3035DC33D1F3DF97A1 4BF1E361AC6AC3 ] PSched C:\WINDOWS\system32\DRIVERS\psched.sys
00:34:37.0947 0x0d20 PSched - ok
00:34:37.0994 0x0d20 [ 80D317BD1C3DBC5D4FE7B1678C60CADD, DA76804B55D0CAB3DDD01EFC06673764AE4860693375C658B6 063FB14AF7F12C ] Ptilink C:\WINDOWS\system32\DRIVERS\ptilink.sys
00:34:38.0135 0x0d20 Ptilink - ok
00:34:38.0244 0x0d20 [ 86724469CD077901706854974CD13C3E, 23C6B45928E43AC2893033DFC4265C2C87B3D185CB20553B9E AB818A46FB8C18 ] PxHelp20 C:\WINDOWS\system32\Drivers\PxHelp20.sys
00:34:38.0291 0x0d20 PxHelp20 - detected UnsignedFile.Multi.Generic ( 1 )
00:34:38.0291 0x0d20 Detect skipped due to KSN trusted
00:34:38.0291 0x0d20 PxHelp20 - ok
00:34:38.0323 0x0d20 [ 0A63FB54039EB5662433CABA3B26DBA7, A1FB923EB2D08D89D24E8AD7042BBED7CB1DBDA9A5B77BDD18 8E9913BADAB0EF ] ql1080 C:\WINDOWS\system32\DRIVERS\ql1080.sys
00:34:38.0448 0x0d20 ql1080 - ok
00:34:38.0448 0x0d20 [ 6503449E1D43A0FF0201AD5CB1B8C706, F1EFC2DE5998615CB182D7984366631FE956AE1ECA9AC777F2 6FCA2E6F2E05A6 ] Ql10wnt C:\WINDOWS\system32\DRIVERS\ql10wnt.sys
00:34:38.0588 0x0d20 Ql10wnt - ok
00:34:38.0619 0x0d20 [ 156ED0EF20C15114CA097A34A30D8A01, 7490B90D4C88B7A9BADB9473D4033535F054C797ABF6D542CB 859DA5C9B2586A ] ql12160 C:\WINDOWS\system32\DRIVERS\ql12160.sys
00:34:38.0760 0x0d20 ql12160 - ok
00:34:38.0807 0x0d20 [ 70F016BEBDE6D29E864C1230A07CC5E6, 895BC2C888F6566086FC1399F499A401D447E57333BC9F9C6D BAFE0F117603D6 ] ql1240 C:\WINDOWS\system32\DRIVERS\ql1240.sys
00:34:38.0932 0x0d20 ql1240 - ok
00:34:38.0963 0x0d20 [ 907F0AEEA6BC451011611E732BD31FCF, F9E7023BD1042963110D0A613054D094437868B20779F23C31 6A38E4781A6152 ] ql1280 C:\WINDOWS\system32\DRIVERS\ql1280.sys
00:34:39.0088 0x0d20 ql1280 - ok
00:34:39.0119 0x0d20 [ FE0D99D6F31E4FAD8159F690D68DED9C, 998685622ABE631984B7E4DBF91AB3594B1F574378D75EB9F6 265F4650470692 ] RasAcd C:\WINDOWS\system32\DRIVERS\rasacd.sys
00:34:39.0244 0x0d20 RasAcd - ok
00:34:39.0291 0x0d20 [ AD188BE7BDF94E8DF4CA0A55C00A5073, C7D76CB579FAEBCCC2873499441BACDD6BD6668ACF5ED7F318 62656E96E2B20C ] RasAuto C:\WINDOWS\System32\rasauto.dll
00:34:39.0432 0x0d20 RasAuto - ok
00:34:39.0463 0x0d20 [ 11B4A627BC9614B885C4969BFA5FF8A6, EAE0A412A2B0F68919C32A96B3A08CC1A06585E4998819F5C9 051745F63FF5AD ] Rasl2tp C:\WINDOWS\system32\DRIVERS\rasl2tp.sys
00:34:39.0588 0x0d20 Rasl2tp - ok
00:34:39.0635 0x0d20 [ 76A9A3CBEADD68CC57CDA5E1D7448235, 4AFD048C5D2306AB8DE46F3AA60AC0213333DDA3B09A9E91F7 585DB6EB978EC8 ] RasMan C:\WINDOWS\System32\rasmans.dll
00:34:39.0791 0x0d20 RasMan - ok
00:34:39.0807 0x0d20 [ 5BC962F2654137C9909C3D4603587DEE, A5CE5653D0105240F5E86CFAAB89E7917D42D939E2F27A5A7D 6979289CA651B8 ] RasPppoe C:\WINDOWS\system32\DRIVERS\raspppoe.sys
00:34:39.0932 0x0d20 RasPppoe - ok
00:34:39.0963 0x0d20 [ FDBB1D60066FCFBB7452FD8F9829B242, 10A2DACF944BD000032EBA8C095CB3D879CC55B28C377ADF6E 52E508E47444DB ] Raspti C:\WINDOWS\system32\DRIVERS\raspti.sys
00:34:40.0088 0x0d20 Raspti - ok
00:34:40.0135 0x0d20 [ 7AD224AD1A1437FE28D89CF22B17780A, 6645235CA27D671954E3557FA37082881C3D7D47492C71264C D8CB8D108EC801 ] Rdbss C:\WINDOWS\system32\DRIVERS\rdbss.sys
00:34:40.0276 0x0d20 Rdbss - ok
00:34:40.0307 0x0d20 [ 4912D5B403614CE99C28420F75353332, 975341ECD660209987B5E5171B8315E032439E408CBE8A5986 E67AF767F373BB ] RDPCDD C:\WINDOWS\system32\DRIVERS\RDPCDD.sys
00:34:40.0448 0x0d20 RDPCDD - ok
00:34:40.0495 0x0d20 [ 15CABD0F7C00C47C70124907916AF3F1, 66B5C978B7FB6359AD8BAC9F568FE9D469E358FEAB07B1F129 BA9E85F1DF723E ] rdpdr C:\WINDOWS\system32\DRIVERS\rdpdr.sys
00:34:40.0651 0x0d20 rdpdr - ok
00:34:40.0713 0x0d20 [ 43AF5212BD8FB5BA6EED9754358BD8F7, AF330F61CECA4AFA359CEABC5EB3227E6B56A9A2DCE5070138 1D665122D7356D ] RDPWD C:\WINDOWS\system32\drivers\RDPWD.sys
00:34:40.0776 0x0d20 RDPWD - ok
00:34:40.0823 0x0d20 [ 3C37BF86641BDA977C3BF8A840F3B7FA, AB9A6E54DBA3F4561CD4837372BECCE0D73943D02E3288F944 333039375AC08C ] RDSessMgr C:\WINDOWS\system32\sessmgr.exe
00:34:40.0963 0x0d20 RDSessMgr - ok
00:34:40.0979 0x0d20 [ F828DD7E1419B6653894A8F97A0094C5, E6150E1F598BA4CFEDB8FF075BC0D576518C331B864388F1CA E8812EFF106ECF ] redbook C:\WINDOWS\system32\DRIVERS\redbook.sys
00:34:41.0120 0x0d20 redbook - ok
00:34:41.0229 0x0d20 [ 6F81C8A63FB824EB8A2401AB45795553, 15A583037E609A62CCC8B9C5CCC0D8F6F0B114EECD9C5FD953 A1822F32A1C7B6 ] RegSrvc C:\Program Files\Intel\Wireless\Bin\RegSrvc.exe
00:34:41.0245 0x0d20 RegSrvc - detected UnsignedFile.Multi.Generic ( 1 )
00:34:41.0245 0x0d20 Detect skipped due to KSN trusted
00:34:41.0245 0x0d20 RegSrvc - ok
00:34:41.0323 0x0d20 [ 7E699FF5F59B5D9DE5390E3C34C67CF5, 3FCF0442D80AB181FED4303E570378736AA1F8718C0B8B70F6 89A1E45200FFE4 ] RemoteAccess C:\WINDOWS\System32\mprdim.dll
00:34:41.0464 0x0d20 RemoteAccess - ok
00:34:41.0495 0x0d20 [ 5B19B557B0C188210A56A6B699D90B8F, 0FA880B81AE615206FD1738B83428AAA491D54B24168339DE6 E87FDE8C6C14B0 ] RemoteRegistry C:\WINDOWS\system32\regsvc.dll
00:34:41.0620 0x0d20 RemoteRegistry - ok
00:34:41.0698 0x0d20 [ 24ED7AF20651F9FA1F249482E7C1F165, 6F7BD68CBA0CACDCB6B43A401887A190FD825B4EE1974D0727 1224CB225A8DC2 ] rimmptsk C:\WINDOWS\system32\DRIVERS\rimmptsk.sys
00:34:41.0745 0x0d20 rimmptsk - ok
00:34:41.0792 0x0d20 [ 1BDBA2D2D402415A78A4BA766DFE0F7B, 894EB6956B8F28DE96B846AC87E4FDD9614240871D6A326CEF B7F99184BC3E79 ] rimsptsk C:\WINDOWS\system32\DRIVERS\rimsptsk.sys
00:34:41.0839 0x0d20 rimsptsk - ok
00:34:41.0885 0x0d20 [ F774ECD11A064F0DEBB2D4395418153C, 053CBC85E40C6D8D1FC2968A2B7FD43445E6B0FDEED5905A90 5F953A236052C9 ] rismxdp C:\WINDOWS\system32\DRIVERS\rixdptsk.sys
00:34:41.0932 0x0d20 rismxdp - ok
00:34:41.0964 0x0d20 [ AAED593F84AFA419BBAE8572AF87CF6A, CC0FFC5A69394C8830DC66320DA01A820BBF41AD7E57D0FC34 3561DC5EF9A360 ] RpcLocator C:\WINDOWS\system32\locator.exe
00:34:42.0120 0x0d20 RpcLocator - ok
00:34:42.0182 0x0d20 [ 6B27A5C03DFB94B4245739065431322C, 6AEAC16AB4E0DFD25123AAF4D4181FEE1B919B7B2793117006 CE8CF30E826CFD ] RpcSs C:\WINDOWS\System32\rpcss.dll
00:34:42.0245 0x0d20 RpcSs - ok
00:34:42.0307 0x0d20 [ 471B3F9741D762ABE75E9DEEA4787E47, D9ADE42965EC22AEB4B2AD21D429C3C8232A60AA9853DEFDA7 AED86A13FE8623 ] RSVP C:\WINDOWS\system32\rsvp.exe
00:34:42.0448 0x0d20 RSVP - ok
00:34:42.0526 0x0d20 [ B792F2C647B1FC3E4987DE582EE00FE3, 761D7F5C591A103B844183A2EDA32925742441C3F27EF4ABDA 9AD85ED4A5FDD2 ] S24EventMonitor C:\Program Files\Intel\Wireless\Bin\S24EvMon.exe
00:34:42.0620 0x0d20 S24EventMonitor - detected UnsignedFile.Multi.Generic ( 1 )
00:34:42.0620 0x0d20 Detect skipped due to KSN trusted
00:34:42.0620 0x0d20 S24EventMonitor - ok
00:34:42.0651 0x0d20 [ 2E4E912CE95F5EF4D4A5079F6CE367FC, 7B8E0BC81737A4B9A6DC5ECB1B66D78652DD346B0F09719F42 25B4FE56568D69 ] s24trans C:\WINDOWS\system32\DRIVERS\s24trans.sys
00:34:42.0745 0x0d20 s24trans - detected UnsignedFile.Multi.Generic ( 1 )
00:34:42.0745 0x0d20 Detect skipped due to KSN trusted
00:34:42.0745 0x0d20 s24trans - ok
00:34:42.0761 0x0d20 [ BF2466B3E18E970D8A976FB95FC1CA85, F7794B5D12DC5D820A162850F4388E2AA80426AD07CB221799 CF941C682AB501 ] SamSs C:\WINDOWS\system32\lsass.exe
00:34:42.0870 0x0d20 SamSs - ok
00:34:42.0901 0x0d20 [ 86D007E7A654B9A71D1D7D856B104353, 7B1DE53D637A5FC9619D5D07C48927AFEC89D959207F6F2E2F 45DD054EEA04C7 ] SCardSvr C:\WINDOWS\System32\SCardSvr.exe
00:34:43.0042 0x0d20 SCardSvr - ok
00:34:43.0120 0x0d20 [ 0A9A7365A1CA4319AA7C1D6CD8E4EAFA, 0B582F47BD70732BAC48B8B86E5D06CE7F299A20E8177F3F2E 6F28217C3FB605 ] Schedule C:\WINDOWS\system32\schedsvc.dll
00:34:43.0261 0x0d20 Schedule - ok
00:34:43.0323 0x0d20 [ 8D04819A3CE51B9EB47E5689B44D43C4, B0588AF967A7611F05BC8A8AD0C945DBB7BF995D7DA5C28FD0 D007E33BF1F502 ] sdbus C:\WINDOWS\system32\DRIVERS\sdbus.sys
00:34:43.0464 0x0d20 sdbus - ok
00:34:43.0495 0x0d20 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CD D67FF20D479952 ] Secdrv C:\WINDOWS\system32\DRIVERS\secdrv.sys
00:34:43.0573 0x0d20 Secdrv - ok
00:34:43.0589 0x0d20 [ CBE612E2BB6A10E3563336191EDA1250, C331797DC3569F0E715766561DE2562F60B924378842246C35 D2B1CF867E9D96 ] seclogon C:\WINDOWS\System32\seclogon.dll
00:34:43.0714 0x0d20 seclogon - ok
00:34:43.0745 0x0d20 [ 7FDD5D0684ECA8C1F68B4D99D124DCD0, 7105B026F966A992430F86C3698ABE15EC73E4772F1A3E362E 29FD5247A5DCA6 ] SENS C:\WINDOWS\system32\sens.dll
00:34:43.0901 0x0d20 SENS - ok
00:34:43.0948 0x0d20 [ 0F29512CCD6BEAD730039FB4BD2C85CE, 4F98AE390D1B14A755700DD6CEFB9CF921F0404AF2145D2D7E 5F52394F87C6A5 ] serenum C:\WINDOWS\system32\DRIVERS\serenum.sys
00:34:44.0104 0x0d20 serenum - ok
00:34:44.0136 0x0d20 [ CCA207A8896D4C6A0C9CE29A4AE411A7, 5999B39242283CD803319AADCA171CCCC6E2A40FB2FAFA51B1 D29F3FF2DD8D6C ] Serial C:\WINDOWS\system32\DRIVERS\serial.sys
00:34:44.0292 0x0d20 Serial - ok
00:34:44.0339 0x0d20 [ 8E6B8C671615D126FDC553D1E2DE5562, CEEC0067514555D5CA489F50E3D7562FCA8DB8E952C3C87860 4C9277FC77959F ] Sfloppy C:\WINDOWS\system32\drivers\Sfloppy.sys
00:34:44.0464 0x0d20 Sfloppy - ok
00:34:44.0526 0x0d20 [ 83F41D0D89645D7235C051AB1D9523AC, B681F33EEAA511D6A2DCB9FBAA407B739184C9FF6067C6B7E5 1F1FC37E9D4DD7 ] SharedAccess C:\WINDOWS\System32\ipnathlp.dll
00:34:44.0698 0x0d20 SharedAccess - ok
00:34:44.0745 0x0d20 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE4 10D404E344444B ] ShellHWDetection C:\WINDOWS\System32\shsvcs.dll
00:34:44.0808 0x0d20 ShellHWDetection - ok
00:34:44.0808 0x0d20 Simbad - ok
00:34:44.0855 0x0d20 [ 6B33D0EBD30DB32E27D1D78FE946A754, CDA3D082D370B079C06D943DA124D76BAF0C5DB264FB0C8931 48EF6322D2FABE ] sisagp C:\WINDOWS\system32\DRIVERS\sisagp.sys
00:34:44.0964 0x0d20 sisagp - ok
00:34:44.0995 0x0d20 [ 83C0F71F86D3BDAF915685F3D568B20E, 10B24723914A5A9E27A592FD58DAE2207B6E49F13A17CD2B14 77C51D2D609D2E ] Sparrow C:\WINDOWS\system32\DRIVERS\sparrow.sys
00:34:45.0089 0x0d20 Sparrow - ok
00:34:45.0120 0x0d20 [ AB8B92451ECB048A4D1DE7C3FFCB4A9F, DD17733CBB370FCA08F0296704D7CBEACA3C8F76D0ABE4761C 3B1FFDF7481D9E ] splitter C:\WINDOWS\system32\drivers\splitter.sys
00:34:45.0308 0x0d20 splitter - ok
00:34:45.0355 0x0d20 [ 60784F891563FB1B767F70117FC2428F, E0B07F08E60FFBAD36C2E58180F4B2A16DCA47716044CBE021 3DF7B74D742F1F ] Spooler C:\WINDOWS\system32\spoolsv.exe
00:34:45.0464 0x0d20 Spooler - ok
00:34:45.0573 0x0d20 [ C3716EC0D36AD924B6888D794563E647, 15D9796FA6AB380C8BF01CCAB5136CEE7E698BD9573B64FB82 641A8C2375FEAE ] sprtsvc_ddoctorv2 C:\Program Files\Comcast\Desktop Doctor\bin\sprtsvc.exe
00:34:45.0589 0x0d20 sprtsvc_ddoctorv2 - ok
00:34:45.0683 0x0d20 [ 76BB022C2FB6902FD5BDD4F78FC13A5D, 6031CB2344D7277FC703480EB43CF856A0F8F818EA98FF26A2 CA532336CD2DFA ] sr C:\WINDOWS\system32\DRIVERS\sr.sys
00:34:45.0761 0x0d20 sr - ok
00:34:45.0823 0x0d20 [ 3805DF0AC4296A34BA4BF93B346CC378, B57A14F1B7B0997E619DDD62B73157AA2399A9852166FB5813 9CBB358A88F6F3 ] srservice C:\WINDOWS\system32\srsvc.dll
00:34:45.0933 0x0d20 srservice - ok
00:34:46.0011 0x0d20 [ 47DDFC2F003F7F9F0592C6874962A2E7, 17C643BD4EB09B5666FE41817DC785BE04A6E491CE79E8E5A7 02CDBD98E1BDD7 ] Srv C:\WINDOWS\system32\DRIVERS\srv.sys
00:34:46.0136 0x0d20 Srv - ok
00:34:46.0167 0x0d20 [ D7968049BE0ADBB6A57CEE3960320911, 6FB6D7BE384324211DAEDCCD80BA983E32183D08DF6C5B5B54 53773DCC0F4D5B ] sscdbhk5 C:\WINDOWS\system32\drivers\sscdbhk5.sys
00:34:46.0183 0x0d20 sscdbhk5 - detected UnsignedFile.Multi.Generic ( 1 )
00:34:46.0183 0x0d20 Detect skipped due to KSN trusted
00:34:46.0183 0x0d20 sscdbhk5 - ok
00:34:46.0198 0x0d20 [ 0A5679B3714EDAB99E357057EE88FCA6, 01E1A101FFF48402C77E385A78FEF27876E04533B60EB1C185 58A737E57E5FA8 ] SSDPSRV C:\WINDOWS\System32\ssdpsrv.dll
00:34:46.0308 0x0d20 SSDPSRV - ok
00:34:46.0323 0x0d20 SSHRMD - ok
00:34:46.0323 0x0d20 SSIDRV - ok
00:34:46.0339 0x0d20 [ C3FFD65ABFB6441E7606CF74F1155273, EFA481D5075A9C0490CEBA5F8223BE322EB3811465F41A1FB3 386E30E8C81714 ] ssrtln C:\WINDOWS\system32\drivers\ssrtln.sys
00:34:46.0355 0x0d20 ssrtln - detected UnsignedFile.Multi.Generic ( 1 )
00:34:46.0355 0x0d20 Detect skipped due to KSN trusted
00:34:46.0355 0x0d20 ssrtln - ok
00:34:46.0480 0x0d20 [ 2A2DC39623ADEF8AB3703AB9FAC4B440, A7D66F8364363085EA8BC54AB41E0C1E509A7A88753D6E6707 FACF0265DF2A75 ] STHDA C:\WINDOWS\system32\drivers\sthda.sys
00:34:46.0636 0x0d20 STHDA - ok
00:34:46.0761 0x0d20 [ 8BAD69CBAC032D4BBACFCE0306174C30, 2AA0DA710FCBFF38FE8DA91EE02E7A4503269347E61F8D3246 FCA3384BBA2305 ] stisvc C:\WINDOWS\system32\wiaservc.dll
00:34:46.0964 0x0d20 stisvc - ok
00:34:47.0011 0x0d20 [ 3941D127AEF12E93ADDF6FE6EE027E0F, EA1F0E32E1C5E90FA4AAC421DEBBE086512340758D3217A633 4E886BCE638B51 ] swenum C:\WINDOWS\system32\DRIVERS\swenum.sys
00:34:47.0183 0x0d20 swenum - ok
00:34:47.0245 0x0d20 [ 8CE882BCC6CF8A62F2B2323D95CB3D01, B408550A581F3DA222355964AFA4E976AD8471F0AA37573C42 C4948AE5A23A3B ] swmidi C:\WINDOWS\system32\drivers\swmidi.sys
00:34:47.0355 0x0d20 swmidi - ok
00:34:47.0370 0x0d20 SwPrv - ok
00:34:47.0402 0x0d20 [ 1FF3217614018630D0A6758630FC698C, 78A3075BBFF5D7ADEAC1527E65ACA8527BFC509DF124D44410 BB46C4D96C96BB ] symc810 C:\WINDOWS\system32\DRIVERS\symc810.sys
00:34:47.0511 0x0d20 symc810 - ok
00:34:47.0527 0x0d20 [ 070E001D95CF725186EF8B20335F933C, B98B29FB01741AF3B4BB02C76A4D117EA04FE4CC4F8CDB491F 9216931704A6D8 ] symc8xx C:\WINDOWS\system32\DRIVERS\symc8xx.sys
00:34:47.0683 0x0d20 symc8xx - ok
00:34:47.0714 0x0d20 [ 80AC1C4ABBE2DF3B738BF15517A51F2C, CCF82D09C63F4FA98BCBEF3A1DC8C02D4269B78256D0B6213E 815D9BBE174432 ] sym_hi C:\WINDOWS\system32\DRIVERS\sym_hi.sys
00:34:47.0839 0x0d20 sym_hi - ok
00:34:47.0855 0x0d20 [ BF4FAB949A382A8E105F46EBB4937058, FE7C114A19D50E37463CDD3605C26105A779EEA79CB92BF982 67C7BE809D853B ] sym_u3 C:\WINDOWS\system32\DRIVERS\sym_u3.sys
00:34:47.0980 0x0d20 sym_u3 - ok
00:34:48.0042 0x0d20 [ 35D5B3632E0BCEBE27B391157DE05996, 9B0C4E1F0201FCB27A1CF600C6B7B8A288596ECDA10A980F24 FB58B775746222 ] SynTP C:\WINDOWS\system32\DRIVERS\SynTP.sys
00:34:48.0089 0x0d20 SynTP - ok
00:34:48.0136 0x0d20 [ 8B83F3ED0F1688B4958F77CD6D2BF290, 546D3602183702B4F53E84413CFA2C933D64C8540378E54A8D CD148F3F36A2DA ] sysaudio C:\WINDOWS\system32\drivers\sysaudio.sys
00:34:48.0277 0x0d20 sysaudio - ok
00:34:48.0308 0x0d20 [ C7ABBC59B43274B1109DF6B24D617051, 4384CA0AA6CE9B603CF7DB775A3C721E46715D5B120B94FB57 DEADAADE18535B ] SysmonLog C:\WINDOWS\system32\smlogsvc.exe
00:34:48.0449 0x0d20 SysmonLog - ok
00:34:48.0511 0x0d20 [ 3CB78C17BB664637787C9A1C98F79C38, F35C31F6B7F366CB949D1044B357C76DEC9170441C5E559802 794F62B72FD255 ] TapiSrv C:\WINDOWS\System32\tapisrv.dll
00:34:48.0652 0x0d20 TapiSrv - ok
00:34:48.0714 0x0d20 [ 9AEFA14BD6B182D61E3119FA5F436D3D, EA29E49434585409272E7901AF89771FE9D6E911A7DC44AB3C 7020CFF8A44552 ] Tcpip C:\WINDOWS\system32\DRIVERS\tcpip.sys
00:34:48.0793 0x0d20 Tcpip - ok
00:34:48.0824 0x0d20 [ 6471A66807F5E104E4885F5B67349397, F35CBFFB8BB235CCE30EF94A5273333900DD49FD506BF9D55D 99A320B8A53A5A ] TDPIPE C:\WINDOWS\system32\drivers\TDPIPE.sys
00:34:48.0964 0x0d20 TDPIPE - ok
00:34:48.0980 0x0d20 [ C56B6D0402371CF3700EB322EF3AAF61, 7743FA4C734BCE38EFB1CA69BC17364D8421E2CD172F856F7E 38E7AE1EE93F2F ] TDTCP C:\WINDOWS\system32\drivers\TDTCP.sys
00:34:49.0121 0x0d20 TDTCP - ok
00:34:49.0136 0x0d20 [ 88155247177638048422893737429D9E, B6D4E8691917946332C2208D01F8C8281978C1AD1E9951C5D9 9DF0D49AC34B3B ] TermDD C:\WINDOWS\system32\DRIVERS\termdd.sys
00:34:49.0261 0x0d20 TermDD - ok
00:34:49.0324 0x0d20 [ FF3477C03BE7201C294C35F684B3479F, D6246521539BA4ACD022D26983182F5E323D2EF1EA7C54265A 248C43A1CE5202 ] TermService C:\WINDOWS\System32\termsrv.dll
00:34:49.0464 0x0d20 TermService - ok
00:34:49.0511 0x0d20 [ 30698355067D07DA5F9EB81132C9FDD6, 80457F8DBB089FFF23ED220924F5C872D896707F4B31E9C77D AB78421B9B2F6D ] tfsnboio C:\WINDOWS\system32\dla\tfsnboio.sys
00:34:49.0527 0x0d20 tfsnboio - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0527 0x0d20 Detect skipped due to KSN trusted
00:34:49.0527 0x0d20 tfsnboio - ok
00:34:49.0543 0x0d20 [ FB9D825BB4A2ABDF24600F7505050E2B, A7A11366525C4DEAD588822F4C57C7ED5D6F3578F2DB2124BF 0441133B3169B9 ] tfsncofs C:\WINDOWS\system32\dla\tfsncofs.sys
00:34:49.0543 0x0d20 tfsncofs - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0543 0x0d20 Detect skipped due to KSN trusted
00:34:49.0543 0x0d20 tfsncofs - ok
00:34:49.0558 0x0d20 [ CAFD8CCA11AA1E8B6D2EA1BA8F70EC33, AA5BDE527B67A14654D930252894FEDB8976EAE1F33C2BC0E7 747D2B4EB93C4E ] tfsndrct C:\WINDOWS\system32\dla\tfsndrct.sys
00:34:49.0574 0x0d20 tfsndrct - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0574 0x0d20 Detect skipped due to KSN trusted
00:34:49.0574 0x0d20 tfsndrct - ok
00:34:49.0589 0x0d20 [ 8DB1E78FBF7C426D8EC3D8F1A33D6485, FF437EFD667EFE00729188B18C7E17E8C15D06A2C1F58A0F79 E22DFADCECF969 ] tfsndres C:\WINDOWS\system32\dla\tfsndres.sys
00:34:49.0605 0x0d20 tfsndres - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0605 0x0d20 Detect skipped due to KSN trusted
00:34:49.0605 0x0d20 tfsndres - ok
00:34:49.0621 0x0d20 [ B92F67A71CC8176F331B8AA8D9F555AD, F59E8464E44E08C18C3C7D32408D7661923F30FDD35390082D C7F2C02DCC40A3 ] tfsnifs C:\WINDOWS\system32\dla\tfsnifs.sys
00:34:49.0668 0x0d20 tfsnifs - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0668 0x0d20 Detect skipped due to KSN trusted
00:34:49.0668 0x0d20 tfsnifs - ok
00:34:49.0715 0x0d20 [ 85985FAA9A71E2358FCC2EDEFC2A3C5C, 9ADD1077C3B34E0EFA85EC4762822330D85F43EB4557C9ED01 5D8D1575E52885 ] tfsnopio C:\WINDOWS\system32\dla\tfsnopio.sys
00:34:49.0715 0x0d20 tfsnopio - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0715 0x0d20 Detect skipped due to KSN trusted
00:34:49.0715 0x0d20 tfsnopio - ok
00:34:49.0730 0x0d20 [ BBA22094F0F7C210567EFDAF11F64495, C55D3F3628C73FFA776C9B61BA735CB24DEE9F80F6E74A2F9B D70CFFB863BA57 ] tfsnpool C:\WINDOWS\system32\dla\tfsnpool.sys
00:34:49.0761 0x0d20 tfsnpool - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0761 0x0d20 Detect skipped due to KSN trusted
00:34:49.0761 0x0d20 tfsnpool - ok
00:34:49.0777 0x0d20 [ 81340BEF80B9811E98CE64611E67E3FF, CD6679A4D1A7932CD64F1F6AACF09CEC2D8E7DD001F812CC49 756D8F582D907A ] tfsnudf C:\WINDOWS\system32\dla\tfsnudf.sys
00:34:49.0777 0x0d20 tfsnudf - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0777 0x0d20 Detect skipped due to KSN trusted
00:34:49.0777 0x0d20 tfsnudf - ok
00:34:49.0824 0x0d20 [ C035FD116224CCC8325F384776B6A8BB, CB97AD56288F916DE2AF5B1EC9D04AF3A1C2A2FA0A738282DA 3763036DD18F12 ] tfsnudfa C:\WINDOWS\system32\dla\tfsnudfa.sys
00:34:49.0824 0x0d20 tfsnudfa - detected UnsignedFile.Multi.Generic ( 1 )
00:34:49.0824 0x0d20 Detect skipped due to KSN trusted
00:34:49.0824 0x0d20 tfsnudfa - ok
00:34:49.0918 0x0d20 [ 99BC0B50F511924348BE19C7C7313BBF, A1006C687BD352F700B140DC741515A0CDD9E1352C0FBD1EE4 10D404E344444B ] Themes C:\WINDOWS\System32\shsvcs.dll
00:34:49.0933 0x0d20 Themes - ok
00:34:49.0980 0x0d20 [ DB7205804759FF62C34E3EFD8A4CC76A, 13A4248F528CE98ACA66898E56822E4FC49B11F491FF1F61A6 87BA601BF0A802 ] TlntSvr C:\WINDOWS\system32\tlntsvr.exe
00:34:50.0043 0x0d20 TlntSvr - ok
00:34:50.0074 0x0d20 [ F2790F6AF01321B172AA62F8E1E187D9, 5644B5EFA0065C0CC9DB28E5520AAD2F4B3BCE48337F165BF9 F166ECC164630C ] TosIde C:\WINDOWS\system32\DRIVERS\toside.sys
00:34:50.0246 0x0d20 TosIde - ok
00:34:50.0308 0x0d20 [ 55BCA12F7F523D35CA3CB833C725F54E, 849FB1AE31B143B14B298BBC0D91230693D41DEB95F4651687 8F53A7F4186C38 ] TrkWks C:\WINDOWS\system32\trkwks.dll
00:34:50.0433 0x0d20 TrkWks - ok
00:34:50.0480 0x0d20 [ 5787B80C2E3C5E2F56C2A233D91FA2C9, 3774905CF77954DFCECDA5BCC7CDE3D0ED72712BFAAD85ADAE 5246306447E46C ] Udfs C:\WINDOWS\system32\drivers\Udfs.sys
00:34:50.0590 0x0d20 Udfs - ok
00:34:50.0636 0x0d20 [ 1B698A51CD528D8DA4FFAED66DFC51B9, FC3F12D25EE0E99AFE056502FCCFC052854699C21B99D559FA F1244F206DFB4F ] ultra C:\WINDOWS\system32\DRIVERS\ultra.sys
00:34:50.0746 0x0d20 ultra - ok
00:34:50.0840 0x0d20 [ 402DDC88356B1BAC0EE3DD1580C76A31, 32A686595710336A6BFD54C03F552AE39439611662F84EF5D2 4193AE5665C6F3 ] Update C:\WINDOWS\system32\DRIVERS\update.sys
00:34:50.0996 0x0d20 Update - ok
00:34:51.0043 0x0d20 [ 1EBAFEB9A3FBDC41B8D9C7F0F687AD91, 7746916DB48E3F5B243B63C066596AD9037A494BF1AD935946 DD04AC85D983DF ] upnphost C:\WINDOWS\System32\upnphost.dll
00:34:51.0121 0x0d20 upnphost - ok
00:34:51.0152 0x0d20 [ 05365FB38FCA1E98F7A566AAAF5D1815, 16843048CEEC3DAA3B953A12FF1EE339E86783A08F2A56DA7F 94AD9F9717D77D ] UPS C:\WINDOWS\System32\ups.exe
00:34:51.0293 0x0d20 UPS - ok
00:34:51.0340 0x0d20 [ 1B611611C28D2DF25BC057D79C6F13FC, B0D86F63E44B40413BBAE6402CC088046CFAE082D41BBC2ED5 A916293356B846 ] usbccgp C:\WINDOWS\system32\DRIVERS\usbccgp.sys
00:34:51.0418 0x0d20 usbccgp - ok
00:34:51.0449 0x0d20 [ 4BAC8DF07F1D8434FC640E677A62204E, 76C1351AF6752224BF59DEEE0F8665FE699F3DFD679F5BCD01 C7D9383E6402A4 ] usbehci C:\WINDOWS\system32\DRIVERS\usbehci.sys
00:34:51.0465 0x0d20 usbehci - ok
00:34:51.0527 0x0d20 [ 1AB3CDDE553B6E064D2E754EFE20285C, A99C4528C4227B1E96847614745AAFACD3C5F1BDFE435214DB F78740FFB300FE ] usbhub C:\WINDOWS\system32\DRIVERS\usbhub.sys
00:34:51.0637 0x0d20 usbhub - ok
00:34:51.0715 0x0d20 [ A717C8721046828520C9EDF31288FC00, 1530BBE832EDBB0974AD89D723A03FF7A0094B368992D73C2C 3E62A181DF1E0A ] usbprint C:\WINDOWS\system32\DRIVERS\usbprint.sys
00:34:51.0840 0x0d20 usbprint - ok
00:34:51.0887 0x0d20 [ F8EDE2B6928970DCE3D5614C27D9E7F6, 6E5EBBC8B70C1D593634DAF0C190DEADFDA18C3CBC8F552A76 F156F3869EF05B ] usbscan C:\WINDOWS\system32\DRIVERS\usbscan.sys
00:34:51.0934 0x0d20 usbscan - ok
00:34:51.0965 0x0d20 [ A32426D9B14A089EAA1D922E0C5801A9, ED1DC52EE45F8EAD3AEC4B1F817BB25634141CF48295494C59 47DCE6CF7A9817 ] USBSTOR C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS
00:34:52.0105 0x0d20 USBSTOR - ok
00:34:52.0137 0x0d20 [ 26496F9DEE2D787FC3E61AD54821FFE6, 8BE7FF647470B9A951CBB478FAF83D657A15CC78037F42348A 6B738F21D523DA ] usbuhci C:\WINDOWS\system32\DRIVERS\usbuhci.sys
00:34:52.0277 0x0d20 usbuhci - ok
00:34:52.0293 0x0d20 [ 0D3A8FAFCEACD8B7625CD549757A7DF1, B9CFDEFCD66AA139F3DC2F967B184669532922563AD5A71769 BABDC4370D065E ] VgaSave C:\WINDOWS\System32\drivers\vga.sys
00:34:52.0434 0x0d20 VgaSave - ok
00:34:52.0480 0x0d20 [ 754292CE5848B3738281B4F3607EAEF4, B0DCC9E9F8F78671FF878B493264C3B1DD2ED4A7167E3F5495 F66ABF5FACB86C ] viaagp C:\WINDOWS\system32\DRIVERS\viaagp.sys
00:34:52.0605 0x0d20 viaagp - ok
00:34:52.0637 0x0d20 [ 3B3EFCDA263B8AC14FDF9CBDD0791B2E, FC7FFD53FCC0F81587EFF26A43C141D25C43DBC68311520CE2 BCDD739CA58CA9 ] ViaIde C:\WINDOWS\system32\DRIVERS\viaide.sys
00:34:52.0809 0x0d20 ViaIde - ok
00:34:52.0840 0x0d20 [ 4C8FCB5CC53AAB716D810740FE59D025, 010EAC43DBED700B73E4FC908FAAF9F6A0168EBBD5D86751E4 9BC33AAA18BFA4 ] VolSnap C:\WINDOWS\system32\drivers\VolSnap.sys
00:34:52.0965 0x0d20 VolSnap - ok
00:34:53.0012 0x0d20 [ 7A9DB3A67C333BF0BD42E42B8596854B, D31A9A3B1AAAB373EDD73B674102395212FCB616F829E938B7 B2B7BE7D4752C5 ] VSS C:\WINDOWS\System32\vssvc.exe
00:34:53.0090 0x0d20 VSS - ok
00:34:53.0121 0x0d20 [ 54AF4B1D5459500EF0937F6D33B1914F, FA1876888BCB9C72A92369DBED4FF1A8666784523FB41E618F A0919490FCDDB9 ] w32time C:\WINDOWS\system32\w32time.dll
00:34:53.0246 0x0d20 w32time - ok
00:34:53.0371 0x0d20 [ B1F126E7E28877106D60E6FF3998D033, 1F59798DF18994AA720522CC5FBA5B79F9BD167DBBC2B9D670 F796E1DFD10C0C ] w39n51 C:\WINDOWS\system32\DRIVERS\w39n51.sys
00:34:53.0543 0x0d20 w39n51 - ok
00:34:53.0590 0x0d20 [ E20B95BAEDB550F32DD489265C1DA1F6, 5589B2067E6C9FBA290D8C5EADDC198EBAF39C50C3CD7D2BC5 CDA7CBFBC445E5 ] Wanarp C:\WINDOWS\system32\DRIVERS\wanarp.sys
00:34:53.0731 0x0d20 Wanarp - ok
00:34:53.0746 0x0d20 wanatw - ok
00:34:53.0824 0x0d20 [ FD47474BD21794508AF449D9D91AF6E6, 2AD586390824F673B5DC5D86FC2423ED9252413D221E1C7EC3 A760782DB6436A ] Wdf01000 C:\WINDOWS\system32\DRIVERS\Wdf01000.sys
00:34:53.0871 0x0d20 Wdf01000 - ok
00:34:53.0871 0x0d20 WDICA - ok
00:34:53.0918 0x0d20 [ 6768ACF64B18196494413695F0C3A00F, 3A8F8586F1D997D19A8478345338D2AECD785AEABDB61531DD 3F92003D3230A5 ] wdmaud C:\WINDOWS\system32\drivers\wdmaud.sys
00:34:54.0121 0x0d20 wdmaud - ok
00:34:54.0168 0x0d20 [ 77A354E28153AD2D5E120A5A8687BC06, 8B2D37A4443501C0A8E70BC2079BE27F0A36FD07B561E6F68B 40A72EABBC2DFE ] WebClient C:\WINDOWS\System32\webclnt.dll
00:34:54.0293 0x0d20 WebClient - ok
00:34:54.0403 0x0d20 [ 74CF3F2E4E40C4A2E18D39D6300A5C24, D688190C5C5F3B31AA0CB7843C480EECFE98FB3AD4FB897B59 93B14CECE8BBB2 ] winachsf C:\WINDOWS\system32\DRIVERS\HSF_CNXT.sys
00:34:54.0512 0x0d20 winachsf - ok
00:34:54.0590 0x0d20 [ F45DD1E1365D857DD08BC23563370D0E, D95AEBB2095579D716C62152C8B805E119812FD2E40F14F9A5 BA2EFDE133303B ] WinDefend C:\Program Files\Windows Defender\MsMpEng.exe
00:34:54.0621 0x0d20 WinDefend - ok
00:34:54.0778 0x0d20 [ 2D0E4ED081963804CCC196A0929275B5, E1D75C7D7233D81DFDE13160B0C80138DF8B35230D04FB79B3 67A52FACF69BF8 ] winmgmt C:\WINDOWS\system32\wbem\WMIsvc.dll
00:34:54.0934 0x0d20 winmgmt - ok
00:34:55.0012 0x0d20 [ AFB5A2A79BB01699A269C316D8B9BEF1, 20FCEE3EC71472A4180BEA6D148EAE37FD5C6FAB853AA417F9 61348837478667 ] WLANKEEPER C:\Program Files\Intel\Wireless\Bin\WLKeeper.exe
00:34:55.0028 0x0d20 WLANKEEPER - detected UnsignedFile.Multi.Generic ( 1 )
00:34:55.0028 0x0d20 Detect skipped due to KSN trusted
00:34:55.0028 0x0d20 WLANKEEPER - ok
00:34:55.0075 0x0d20 [ C51B4A5C05A5475708E3C81C7765B71D, F776D2680BD3407307B7072626F78460361FC5BC38623C9E16 F394D300AB25DE ] WmdmPmSN C:\WINDOWS\system32\MsPMSNSv.dll
00:34:55.0137 0x0d20 WmdmPmSN - ok
00:34:55.0231 0x0d20 [ E76F8807070ED04E7408A86D6D3A6137, BFCF5361B7335760A7AE4B6958DE516A27AC60AA09135A46F0 B49F588FAFE3A0 ] Wmi C:\WINDOWS\System32\advapi32.dll
00:34:55.0340 0x0d20 Wmi - ok
00:34:55.0387 0x0d20 [ E0673F1106E62A68D2257E376079F821, 12992F18C9653050B10DC61D12988067933FCFDF02123D3A7E F5DE607A785DDC ] WmiApSrv C:\WINDOWS\system32\wbem\wmiapsrv.exe
00:34:55.0590 0x0d20 WmiApSrv - ok
00:34:55.0731 0x0d20 [ F74E3D9A7FA9556C3BBB14D4E5E63D3B, C71FAAC752F6D58BF8556661252DBF8C5DDD090CAE002A2C7E 09C9A014526066 ] WMPNetworkSvc C:\Program Files\Windows Media Player\WMPNetwk.exe
00:34:55.0840 0x0d20 WMPNetworkSvc - ok
00:34:55.0872 0x0d20 [ 6ABE6E225ADB5A751622A9CC3BC19CE8, 4061C5D0F051DFF1730E2A3BFC1CCA97B29602FC50F10F6B44 D93B0D28F42024 ] WS2IFSL C:\WINDOWS\System32\drivers\ws2ifsl.sys
00:34:55.0997 0x0d20 WS2IFSL - ok
00:34:56.0059 0x0d20 [ 7C278E6408D1DCE642230C0585A854D5, DA46079A04F6E8E3441E4AE454AEAC02B3E935DE29CE7F6D44 76F57867FCC12A ] wscsvc C:\WINDOWS\system32\wscsvc.dll
00:34:56.0184 0x0d20 wscsvc - ok
00:34:56.0215 0x0d20 [ 35321FB577CDC98CE3EB3A3EB9E4610A, C9A6F5CF282D8FCB3CDFCC4B306013480E78E1B664E1A60A4E 27B161F9FFD4CD ] wuauserv C:\WINDOWS\system32\wuauserv.dll
00:34:56.0372 0x0d20 wuauserv - ok
00:34:56.0418 0x0d20 [ F15FEAFFFBB3644CCC80C5DA584E6311, 79B3E9AF35976CE49921E9BEA3BA3B4A8AF762FD3F284B6295 4038B5FFB32471 ] WudfPf C:\WINDOWS\system32\DRIVERS\WudfPf.sys
00:34:56.0497 0x0d20 WudfPf - ok
00:34:56.0559 0x0d20 [ 28B524262BCE6DE1F7EF9F510BA3985B, AEFF02B899801A63CBB262757C3D4369E38BFF0690BD085DE6 0E873DFBE3C3F4 ] WudfRd C:\WINDOWS\system32\DRIVERS\wudfrd.sys
00:34:56.0590 0x0d20 WudfRd - ok
00:34:56.0637 0x0d20 [ 05231C04253C5BC30B26CBAAE680ED89, 5C03C2D7E0B573646D32F4093E2FF2C3BA391C39F5BA37D67F 69D38E357FCC3D ] WudfSvc C:\WINDOWS\System32\WUDFSvc.dll
00:34:56.0700 0x0d20 WudfSvc - ok
00:34:56.0809 0x0d20 [ 81DC3F549F44B1C1FFF022DEC9ECF30B, 3D14BFEA539F9CEB16555BD56C5E3C7C8F6692FC62C2789F8A AEA1C042E63940 ] WZCSVC C:\WINDOWS\System32\wzcsvc.dll
00:34:57.0137 0x0d20 WZCSVC - ok
00:34:57.0215 0x0d20 [ 295D21F14C335B53CB8154E5B1F892B9, 9418477C2E3EA93E93D931A4EDD4500DA568FAD6040204B520 1D1080203B0BBC ] xmlprov C:\WINDOWS\System32\xmlprov.dll
00:34:57.0356 0x0d20 xmlprov - ok
00:34:57.0356 0x0d20 ================ Scan global ===============================
00:34:57.0419 0x0d20 [ 42F1F4C0AFB08410E5F02D4B13EBB623, 924C30587C51C0D1E1F47991969AF492A644552E15F2480EA9 91DCB74A3E68D5 ] C:\WINDOWS\system32\basesrv.dll
00:34:57.0544 0x0d20 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE 076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:34:57.0590 0x0d20 [ 69AE2B2E6968C316536E5B10B9702E63, D9C5DA7A20DDE69D91E72400C3F06F3CB099DEF42EA6C53FCE 076258A0C22391 ] C:\WINDOWS\system32\winsrv.dll
00:34:57.0637 0x0d20 [ 65DF52F5B8B6E9BBD183505225C37315, 59C606977DB40A3443DFF0BE2A4C761824881B22C9FDB3D23F 6486DB580E92A4 ] C:\WINDOWS\system32\services.exe
00:34:57.0653 0x0d20 [ Global ] - ok
00:34:57.0653 0x0d20 ================ Scan MBR ==================================
00:34:57.0684 0x0d20 [ DEA9E81F0228B68C9ADAF84C9B0CF931 ] \Device\Harddisk0\DR0
00:34:59.0184 0x0d20 \Device\Harddisk0\DR0 - ok
00:34:59.0184 0x0d20 ================ Scan VBR ==================================
00:34:59.0200 0x0d20 [ C17840DB80D692FDC7A66F9C24437E14 ] \Device\Harddisk0\DR0\Partition1
00:34:59.0200 0x0d20 \Device\Harddisk0\DR0\Partition1 - ok
00:34:59.0200 0x0d20 ================ Scan generic autorun ======================
00:34:59.0356 0x0d20 [ 9E109B03018763FDCB075CE74547BE22, 7321873E646F24B63B7C88B6BC9F4BE5D4DAB60284A9C2E9F0 EB895A9E90231B ] C:\Program Files\Common Files\InstallShield\UpdateService\isuspm.exe
00:34:59.0372 0x0d20 ISUSPM Startup - detected UnsignedFile.Multi.Generic ( 1 )
00:34:59.0372 0x0d20 Detect skipped due to KSN trusted
00:34:59.0372 0x0d20 ISUSPM Startup - ok
00:34:59.0419 0x0d20 [ 583B7D111304BE63D7D9CB65482D2187, BD9618C9EFED73BC0EB1029502FE0AE0AECD8B0ABA506797C7 8327E71FF0FC0F ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
00:34:59.0450 0x0d20 ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
00:34:59.0450 0x0d20 Detect skipped due to KSN trusted
00:34:59.0450 0x0d20 ISUSScheduler - ok
00:34:59.0481 0x0d20 [ 062F3DB9AFA9C3CE0DA52F28595C0C6D, E1709230623C645418AC949D782F2A2B932315DA73AF29D15F A69F47F62F3749 ] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
00:34:59.0513 0x0d20 HP Software Update - detected UnsignedFile.Multi.Generic ( 1 )
00:34:59.0513 0x0d20 Detect skipped due to KSN trusted
00:34:59.0513 0x0d20 HP Software Update - ok
00:34:59.0528 0x0d20 [ 0D9F0763B213DF519012DF96F02E9633, 80EF4B16FFEC8DBE01E0C9BC7F3649DAF39B2A80CBD58C2D5B 285E1313D6F764 ] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
00:34:59.0559 0x0d20 hpqSRMon - detected UnsignedFile.Multi.Generic ( 1 )
00:34:59.0559 0x0d20 Detect skipped due to KSN trusted
00:34:59.0559 0x0d20 hpqSRMon - ok
00:34:59.0606 0x0d20 [ C341CCFBE98BC7DF6E0B856BB9FC265A, 7EA0A5407591EC8D97A9658DBEB7CB57550E143C526C3502E7 3F12FEF46F778C ] C:\Program Files\QuickTime\qttask.exe
00:34:59.0622 0x0d20 QuickTime Task - detected UnsignedFile.Multi.Generic ( 1 )
00:34:59.0622 0x0d20 Detect skipped due to KSN trusted
00:34:59.0622 0x0d20 QuickTime Task - ok
00:34:59.0638 0x0d20 WIAWizardMenu - ok
00:34:59.0716 0x0d20 [ 5F1D5F88303D4A4DBC8E5F97BA967CC3, 5FB24FC7916A6E6B3BE7D84CB1684215B266CD1495575C2E56 72B8447932E5B1 ] C:\WINDOWS\system32\ctfmon.exe
00:34:59.0872 0x0d20 ctfmon.exe - ok
00:35:00.0013 0x0d20 [ D9009C0433DD64FEBA944189174E6212, DE90C5457A9A3F2A157B6D48171F85F67DC0E82C90FA2FA347 AA2014155CFF8A ] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_15_ 0_0_189_ActiveX.exe
00:35:00.0075 0x0d20 FlashPlayerUpdate - ok
00:35:00.0138 0x0d20 [ 676B1D0BFA5EF8005395AB43F33DE1F1, 86A26EEB50051DC9D90017212B4200BE2301546404F652D4C0 B0578B7CE75759 ] C:\Program Files\NetWaiting\netWaiting.exe
00:35:00.0138 0x0d20 ModemOnHold - detected UnsignedFile.Multi.Generic ( 1 )
00:35:00.0138 0x0d20 Detect skipped due to KSN trusted
00:35:00.0138 0x0d20 ModemOnHold - ok
00:35:00.0263 0x0d20 [ B75FDBF14073D72C50624CC8338DD534, 953C7E16B56597ABCCD805A379769B0FD76298669DDE6E1172 C728F410371CE8 ] C:\Program Files\DellSupport\DSAgnt.exe
00:35:00.0294 0x0d20 DellSupport - ok
00:35:00.0310 0x0d20 FW detected via SS1: Norton Internet Worm Protection, 2006, disabled
00:35:00.0310 0x0d20 Win FW state via NFM: enabled
00:35:00.0528 0x0d20 ================================================== ==========
00:35:00.0528 0x0d20 Scan finished
00:35:00.0528 0x0d20 ================================================== ==========
00:35:00.0528 0x0ac0 Detected object count: 0
00:35:00.0528 0x0ac0 Actual detected object count: 0

**rkinner** · 07-26-2017, 09:47 PM

That looks good. Nothing found so I think ZA is gone. Just do the VEW stuff so we can see what needs fixing.

**dwm34** · 07-27-2017, 04:24 AM

Ok - good - here is the first VEW log - quite short

Vino’s Event Viewer v01c run on Windows XP in English
Report run at 27/07/2017 12:23:43 AM

Note: All dates below are in the format dd/mm/yyyy

Code:

'System' Log - error Type

Code:

'System' Log - warning Type

**dwm34** · 07-27-2017, 04:33 AM

Hi - ok, here is the second VEW log - many thanks

Vino’s Event Viewer v01c run on Windows XP in English
Report run at 27/07/2017 12:31:50 AM

Note: All dates below are in the format dd/mm/yyyy

Code:

'Application' Log - error Type

Code:

'Application' Log - warning Type

Log: ‘Application’ Date/Time: 26/07/2017 11:57:21 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user PMURPHY\Patricia Murphy registry while an application or service was still using the registry during log off. The memory used by the user’s registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

**rkinner** · 07-27-2017, 11:26 AM

Log: ‘Application’ Date/Time: 26/07/2017 11:57:21 PM
Type: warning Category: 0
Event: 1517 Source: Userenv
Windows saved user PMURPHY\Patricia Murphy registry while an application or service was still using the registry during log off. The memory used by the user’s registry has not been freed. The registry will be unloaded when it is no longer in use. This is often caused by services running as a user account, try configuring the services to run in either the LocalService or NetworkService account.

Download UPHClean. To download and install UPHClean, visit Download Microsoft User Profile Hive Cleanup Service - MajorGeeks
As soon as you have saved the UPHClean installer (UPHClean-Setup.msi), double-click the installer to begin the installation.
In the User Profile Hive Cleanup Service installation wizard, click Next.
In the License Agreement page, read the license agreement, select I Agree, and then click Next.
In the Select Installation Folder page, click Next.
In the Confirm Installation page, click Next.
When UPHClean is installed, click Close.

Code:

Note UPHClean runs as a service in Windows and will start automatically every time that Windows starts.
To confirm that UPHClean is installed and running, click Start, and then click Run.
In Open box, type the following text, and then click OK:

services.msc
In Services, in the Name column, locate User Profile Hive Cleanup. In the Status column, confirm that the User Profile Hive Cleanup service is Started.

That should clear up the only error.

XP does not defragment the disk automatically so it is best to manually do it every month or two. This speeds up access to the hard drive and makes it run faster:
Start, Run,
defrag c: /f
Enter
This will take a while depending on the size of the drive and how full it is. Do not attempt to use the PC until it finishes.

Now let’s look at what is running and see if anything is slowing down the PC.
Get Process Explorer

http://live.sysinternals.com/procexp.exe

Save it to your desktop then run it

View, Select Column, check Verified Signer, OK
Options, Verify Image Signatures

Click twice on the CPU column header to sort things by CPU usage with the big hitters at the top.

Wait a full minute then:

File, Save As, Save. Note the file name. Open the file on your desktop and copy and paste the text to a reply.

Let’s also get Speccy:
Get the free version of Speccy:
Download Speccy 1.33.0.75 for Windows - Filehippo.com (Look in the upper right for the Download Latest Version button - Do NOT press the large Start Download button on the upper left!)
Download, Save and Install it. Tell it you do not need CCLEANER if it asks. Run Speccy. When it finishes (the little icon in the bottom left will stop moving),
File, Save as Text File, (to your desktop) note the name it gives. OK. Open the file in notepad and delete the line that gives the serial number of your Operating System.
(It will be near the top, 10-20 lines down.) Save the file. Attach the file to your next post. (Upload a File)

**dwm34** · 07-29-2017, 05:51 AM

Hi - ok, thanks for this, and I will be back to you on this in a day or so

**Malnutrition** · 08-03-2017, 07:30 AM

@dwm34 How about an update for @rkinner

**dwm34** · 08-04-2017, 02:54 AM

Hi - quite sorry about the extended delay in responding. Here is the pasted text that has to do with the CPU usage:

Process CPU Private Bytes Working Set PID Description Company Name Verified Signer
MsMpEng.exe 50.00 58,208 K 52,780 K 1252 Service Executable Microsoft Corporation (Verified) Microsoft Corporation
System Idle Process 48.44 0 K 28 K 0
procexp.exe 0.78 17,888 K 9,004 K 2708 Sysinternals Process Explorer Sysinternals - www.sysinternals.com (Verified) Microsoft Corporation
Interrupts 0.78 0 K 0 K n/a Hardware Interrupts and DPCs
wuauclt.exe 6,700 K 8,124 K 2764 Windows Update Microsoft Corporation
wscntfy.exe 564 K 320 K 2724 Windows Security Center Notification App Microsoft Corporation (Verified) Microsoft Windows Component Publisher
wmiprvse.exe 2,020 K 2,760 K 3744 WMI Microsoft Corporation (Verified) Microsoft Windows Component Publisher
WLKEEPER.exe 3,084 K 804 K 1508 WLANKEEPER Intel(R) Corporation (No signature was present in the subject) Intel(R) Corporation
winlogon.exe 6,796 K 1,868 K 884 Windows NT Logon Application Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
VzDetectAgent.exe 2,412 K 3,392 K 2308 VzDetectAgent Verizon (The certificate is not valid for the requested usage) Verizon
Verizon_IHAMessageCenter.exe 32,228 K 5,888 K 672 IHA_MessageCenter Verizon (The certificate is not valid for the requested usage) Verizon
uphclean.exe 588 K 976 K 3156 User Profile Hive Cleanup Service Windows (R) Codename Longhorn DDK provider (No signature was present in the subject) Windows (R) Codename Longhorn DDK provider
System 0 K 64 K 4
svchost.exe 21,092 K 20,400 K 1300 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2,104 K 1,468 K 1196 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 3,276 K 1,676 K 1124 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 1,928 K 1,680 K 1648 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,116 K 128 K 1740 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 1,228 K 172 K 256 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 10,760 K 536 K 340 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 1,044 K 276 K 700 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 1,040 K 272 K 1916 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
svchost.exe 1,480 K 240 K 2456 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2,424 K 360 K 2516 Generic Host Process for Win32 Services Microsoft Corporation (Verified) Microsoft Windows Component Publisher
svchost.exe 2,092 K 1,284 K 4060 Generic Host Process for Win32 Services Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
sprtsvc.exe 5,204 K 856 K 2324 SupportSoft Agent Service SupportSoft, Inc. (Verified) Comcast
spoolsv.exe 3,896 K 1,152 K 144 Spooler SubSystem App Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
smss.exe 172 K 100 K 812 Windows NT Session Manager Microsoft Corporation (Verified) Microsoft Windows Component Publisher
services.exe 1,872 K 1,584 K 928 Services and Controller app Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
S24EvMon.exe 2,856 K 1,000 K 1456 Wireless Management Service Intel Corporation (No signature was present in the subject) Intel Corporation
RegSrvc.exe 884 K 404 K 2156 Intel(R) PROSet/Wireless Registry Service Intel Corporation (No signature was present in the subject) Intel Corporation
nmsrvc.exe 7,240 K 2,688 K 1696 Network Magic Service Pure Networks, Inc. (Verified) PURE NETWORKS
NicConfigSvc.exe 3,432 K 796 K 1064 Internal Network Card Power Management Service Dell Inc. (No signature was present in the subject) Dell Inc.
msiexec.exe 2,584 K 1,968 K 1152 Windows® installer Microsoft Corporation (Verified) Microsoft Windows Component Publisher
MpCmdRun.exe 3,340 K 5,280 K 2688 Windows Defender Command Line Utility Microsoft Corporation
MDM.EXE 1,008 K 780 K 1968 Machine Debug Manager Microsoft Corporation (Verified) Microsoft Corporation
mcrdsvc.exe 852 K 452 K 3112 MCRD Device Service Microsoft Corporation (Verified) Microsoft Windows Publisher
lsass.exe 4,016 K 1,240 K 940 LSA Shell (Export Version) Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
issch.exe 344 K 364 K 1800 InstallShield Update Service Scheduler InstallShield Software Corporation (No signature was present in the subject) InstallShield Software Corporation
hpwuSchd2.exe 612 K 340 K 1856 hpwuSchd Application Hewlett-Packard (No signature was present in the subject) Hewlett-Packard
hpqtra08.exe 5,644 K 3,004 K 1316 HP Digital Imaging Monitor Hewlett-Packard Co. (Verified) Hewlett Packard
hpqste08.exe 4,076 K 1,948 K 3484 HP CUE Status Root Hewlett-Packard Co. (No signature was present in the subject) Hewlett-Packard Co.
hpqgpc01.exe 2,676 K 624 K 3700 GPCore COM object Hewlett-Packard (No signature was present in the subject) Hewlett-Packard
hpqbam08.exe 952 K 636 K 3560 HP CUE Alert Popup Window Objects Hewlett-Packard Co. (No signature was present in the subject) Hewlett-Packard Co.
firefox.exe 208,364 K 180,008 K 3188 Firefox Mozilla Corporation (Verified) Mozilla Corporation
explorer.exe 14,684 K 8,604 K 1828 Windows Explorer Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
EvtEng.exe 4,164 K 716 K 1364 Intel(R) PROSet/Wireless Event Log Intel Corporation (No signature was present in the subject) Intel Corporation
ehSched.exe 776 K 312 K 408 Media Center Scheduler Service Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
ehrecvr.exe 2,504 K 548 K 360 Media Center Receiver Service Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
dllhost.exe 2,296 K 960 K 3896 COM Surrogate Microsoft Corporation (Verified) Microsoft Windows Component Publisher
ctfmon.exe 968 K 1,476 K 1992 CTF Loader Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
csrss.exe 1,848 K 2,316 K 860 Client Server Runtime Process Microsoft Corporation (No signature was present in the subject) Microsoft Corporation
alg.exe 1,200 K 388 K 2712 Application Layer Gateway Service Microsoft Corporation (Verified) Microsoft Windows Component Publisher

**dwm34** · 08-04-2017, 03:22 AM

Hi - many thanks again or your help- I have the Speccy file, but could not upload it. When I tried to upload it as a txt file (PMURPHY.txt), I got a message back which said “The uploaded file does not have an allowed extension.” Maybe I did something wrong with saving it to a kind of file that could not be uploaded? Should I try something else"

would like to make a really laptop (somewhat) functional

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment

Comment