Solved Friends Computer Needs a Checkup

PatL · Apr 16, 2017

This is my friends laptop. I ran what I could before it died (He forgot the power chord) Will be seeing him on Wednesday, what should the next step be?

Malnutrition · Apr 16, 2017

I'd rather all logs be copy and pasted, than attached.

ZHP Diag Scan

Download ZHP Diag to your desktop.

1. Right Click Run as Admin.
2. Click the Scanner button.

When complete please push the report button.
A notepad will open... copy and paste the report in your next reply.

PatL · Apr 16, 2017

I'll copy and paste from now on. Unfortunately ZHPDiag is broken with error line 80861 on the 3 computers including his that I've tested it on. So until they update that program and fix that error code it is unusable. What else can we try?

Malnutrition · Apr 17, 2017

Quick Diag Scan.

Download Quick Diag to your desktop.
Very Important!! -- Make sure program is on your desktop.
Disable your Antivirus/Antispyware prior to scanning.
Right Click Run as Administrator.
Select the Quick Scan.

Post the log that is generated in your next post.

Malnutrition · Apr 17, 2017

I'd also like to see a new TDSS killer log as well.

Rogue Killer Scan.

Download RogueKiller -- (Portable) -- from one of the following links and save it to your Desktop:

Link 1
Link 2

Close all other the running programs
Disable ALL Antivirus -- Antimalware -- Applications.
Right Click Rogue Killer and Run as Administrator.
Click the Start Scan button.
Allow the scan to run -- it can take ten minutes or more.
Once the scan is complete check All items for removal.
After All items are checked then press Remove Selected.
Wait until the Status box shows Deleting Finished.
Click on open report -- then open txt
Copy the content of the report and paste it here in your next reply.

Malnutrition · Apr 19, 2017

@PatL Got an update for us?

PatL · Apr 19, 2017

Yes, he's bringing the computer over for a few hours tonight. He'll be here in about 5 hours. Should we do a fixlist with the FRST & Addition we've provided?

Malnutrition · Apr 19, 2017

PatL said:
Should we do a fixlist with the FRST & Addition we've provided?

No, I'd like the logs I requested, then we will go from there.

PatL · Apr 19, 2017

Okay if Tdsskiller find the same 3 items should we remove them?

Malnutrition · Apr 19, 2017

PatL said:
Okay if Tdsskiller find the same 3 items should we remove them?

I will need the logs. We will go from there....

Here actually is a fixlist, run this prior to any of the other tools. I need to see the logs rather than blindly telling you what needs to be removed... If you remove something incorrect with Tdss killer then you may cause the machine to stop booting.

PatL · Apr 20, 2017

Fix result of Farbar Recovery Scan Tool (x64) Version:07-09-2015
Ran by Mitch (2017-04-19 16:44:28) Run:1
Running from C:\Users\Mitch\Downloads
Loaded Profiles: Mitch (Available Profiles: Mitch)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
Closeprocesses:
Emptytemp:
HKLM\...\Run: [] => [X]
Winlogon\Notify\igfxcui: igfxdev.dll [X]
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\...\Run: [swg] => C:\Program Files (x86)\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe [39408 2011-10-20] (Google Inc.)
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [8455960 2015-08-19] (Piriform Ltd)
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\...\MountPoints2: {19bfe83c-2251-11e7-9278-047d7b056e26} - F:\LaunchU3.exe -a
HKU\S-1-5-18\...\RunOnce: [SpUninstallDeleteDir] => rmdir /s /q "\SearchProtect"
GroupPolicy: Restriction - Chrome <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
Tcpip\Parameters: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{1C541FE9-C89C-4A5B-A474-C4A84D4970EA}: [DhcpNameServer] 192.168.1.254
Tcpip\..\Interfaces\{2CC683C3-C270-4C4C-B59E-95069212356D}: [DhcpNameServer] 75.75.75.75 75.75.76.76
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://start.toshiba.com
SearchScopes: HKLM -> DefaultScope {C05BB67E-6FEB-437C-A972-2B461CE3C7E3} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM -> {C05BB67E-6FEB-437C-A972-2B461CE3C7E3} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKLM-x32 -> DefaultScope {FCA4385E-748B-4959-BDE6-F80B6D1AF17E} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {C05BB67E-6FEB-437C-A972-2B461CE3C7E3} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
SearchScopes: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 -> DefaultScope {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7TSNP_enUS464
SearchScopes: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}&rlz=1I7TSNP_enUS464
SearchScopes: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 -> {2D67CCD7-10B5-4635-A31C-1E35342F1D50} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP_enUS464
SearchScopes: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 -> {C05BB67E-6FEB-437C-A972-2B461CE3C7E3} URL = hxxp://www.google.com/search?sourceid=ie9&q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&rlz=1I7TSNP
BHO: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\x64\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
BHO-x32: Adobe PDF Link Helper -> {18DF081C-E8AD-4283-A596-FA578C2EBDC3} -> C:\Program Files (x86)\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll [2010-11-15] (Adobe Systems Incorporated)
BHO-x32: DivX Plus Web Player HTML5 <video> -> {326E768D-4182-46FD-9C16-1449A49795F4} -> C:\Program Files (x86)\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll [2011-12-12] (DivX, LLC)
BHO-x32: Windows Live ID Sign-in Helper -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2011-03-28] (Microsoft Corp.)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre6\bin\jp2ssv.dll [2011-08-01] (Sun Microsystems, Inc.)
BHO-x32: TOSHIBA Media Controller Plug-in -> {F3C88694-EFFA-4d78-B409-54B7B2535B14} -> C:\Program Files (x86)\TOSHIBA\TOSHIBA Media Controller Plug-in\TOSHIBAMediaControllerIE.dll [2011-07-12] (<TOSHIBA>)
Toolbar: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 -> No Name - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - No File
Toolbar: HKU\S-1-5-21-2113883840-1160270776-2747418757-1000 -> No Name - {7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} - No File
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
CHR NewTab: Default -> "active": true,
"entry": "chrome-extension://nlgfkngkdcjlfgcfdmjoafonkkhacilj/blank.html"
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2009-07-13] (Microsoft Corporation)
C:\Program Files\Windows Defender
2012-05-10 17:14 - 2012-05-10 17:14 - 0000696 ____H () C:\Users\Mitch\AppData\Roaming\result.db
2012-08-14 13:56 - 2012-08-14 14:13 - 0000064 ____H () C:\ProgramData\-sxTowviWOjOsNR
2012-08-14 13:56 - 2012-08-14 14:13 - 0000064 ____H () C:\ProgramData\-sxTowviWOjOsNRr
2012-08-13 14:07 - 2012-08-14 14:15 - 0000368 ____H () C:\ProgramData\sxTowviWOjOsNR
Task: {11F1A33F-CBC1-4F6D-9E01-9A929078068F} - \The network connection monitor -> No File <==== ATTENTION
Task: {120D0A09-1533-4ADC-972A-E0CCF80B6C12} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-08-12] (Adobe Systems Incorporated)
Task: {12BA4396-8AB2-4C5C-956A-7785D127DA18} - \TrustedInstaller Update 2 -> No File <==== ATTENTION
Task: {12EDA16F-ED83-4401-8F29-4DA10671434B} - System32\Tasks\{A5998B0C-1130-4D39-8E84-E08EE59A83B6} => pcalua.exe -a C:\Users\Mitch\Desktop\setup.exe -d C:\Users\Mitch\Desktop
Task: {186F2FE3-7459-4B77-A9E3-823DB7182825} - System32\Tasks\{86AF29AC-088F-4FA5-BD5F-D1D6DCCFC9A1} => pcalua.exe -a "C:\Users\Mitch\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\U2MPR200\DivXInstaller.exe" -d C:\Users\Mitch\Desktop
Task: {2C844FD4-91F8-49A3-A8DD-24443574A0D4} - System32\Tasks\{E7ADFC65-B5D1-4B75-B8C0-FEDB8D304BD7} => C:\Users\Mitch\Desktop\setup.exe [2014-08-13] ()
Task: {30672C89-99F7-4B8F-811F-7634C4CDC481} - System32\Tasks\{4F18DFE4-EB52-4F89-9AAF-F121BC8FE6B9} => msiexec.exe /package "C:\Users\Mitch\Desktop\openoffice411.msi"
Task: {4DEB10BF-3DEA-4965-B44E-D621B736A8C1} - \The Bluetooth service discovery -> No File <==== ATTENTION
Task: {645C5585-1328-4ECE-8E35-D5B2AD806B53} - \AdobeFlashPlayerUpdate -> No File <==== ATTENTION
Task: {7C2F68BE-54F8-4B27-A465-C35FCC63925F} - System32\Tasks\REGSERVO => C:\Program Files\REGSERVO\REGSERVO.exe [2016-03-29] (Tuneup System Software Pvt Ltd.) <==== ATTENTION
C:\Program Files\REGSERVO
Task: {81FADE4C-3A5D-4897-8F11-EB50741E1B9B} - System32\Tasks\{31A8C737-17C1-4EAC-8C41-BFB0F2217EB6} => C:\Users\Mitch\Desktop\setup.exe [2014-08-13] ()
Task: {88EE3220-CD60-4D0B-8C6F-8D063148F0C8} - System32\Tasks\SidebarExecute => C:\Program Files (x86)\Windows Sidebar\sidebar.exe [2010-11-20] (Microsoft Corporation)
Task: {D0D4D60E-919C-4D10-8E0B-DE408F029196} - \TrustedInstaller Update -> No File <==== ATTENTION
Task: C:\windows\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\windows\Tasks\REGSERVO.job => C:\Program Files\REGSERVO\REGSERVO.exe�-t C:\Program Files\REGSERVO\REGSERVO.exe <==== ATTENTION
AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [290]
AlternateDataStreams: C:\ProgramData\TEMP

1B5B4F1 [112]
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""
FirewallRules: [{0736BB08-FE89-43DE-BA41-0E6403E6505B}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [{BCECD817-1320-463F-BA21-E50C4293C61B}] => (Allow) LPort=2869
FirewallRules: [{9BE0B886-70FD-44E2-B6DE-8A626E585D91}] => (Allow) LPort=1900
FirewallRules: [{704859E0-645A-4D1C-AB72-CD5211475087}] => (Allow) C:\Program Files (x86)\Windows Live\Messenger\msnmsgr.exe
FirewallRules: [{9A5730A8-029E-4B01-AF32-9B2FD1E73FBA}] => (Allow) C:\Program Files (x86)\Windows Live\Mesh\MOE.exe
FirewallRules: [{3DD37CC2-B822-47F3-A287-91332F4ED452}] => (Allow) LPort=10255
FirewallRules: [{2CD2691C-1F50-4EFE-9675-3ABB9B3FA039}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [{B19AC4B5-D3B7-44E5-8FDC-EDE0AB91D387}] => (Allow) C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
FirewallRules: [TCP Query User{6A6EC8B0-7882-45AB-8EAF-9185BB491734}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe] => (Allow) C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe
FirewallRules: [UDP Query User{E647A132-D769-46E8-9F21-C812B75742F4}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe] => (Allow) C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe
FirewallRules: [TCP Query User{C7DBDCA4-933F-44C4-BC93-CA7D22154FEF}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
FirewallRules: [UDP Query User{F498FE58-0685-490C-8C06-B658DC1EF348}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe] => (Block) C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe
FirewallRules: [{18CDF3EB-FF5A-4F8A-87EC-E55F07F18CEC}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [{D11205A1-18A7-4405-A7D8-C1A0D91EDB29}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
FirewallRules: [{242BE5DB-853C-4AD2-9AE4-D66C0068EE32}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
FirewallRules: [{0D402D8A-B5A5-48AF-BB01-FCEBE005984B}] => (Allow) C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
FirewallRules: [{2A760E58-2C01-44CE-9620-E6E7A78606A2}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
RemoveProxy:
CMD: netsh advfirewall reset
CMD: netsh advfirewall set allprofiles state On
CMD: ipconfig /flushdns
reboot:
end

*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui" => key removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Run\\swg => value removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value removed successfully
"HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{19bfe83c-2251-11e7-9278-047d7b056e26}" => key removed successfully
HKCR\CLSID\{19bfe83c-2251-11e7-9278-047d7b056e26} => key not found.
HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\RunOnce\\SpUninstallDeleteDir => value removed successfully
C:\windows\system32\GroupPolicy\Machine => moved successfully
C:\windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{1C541FE9-C89C-4A5B-A474-C4A84D4970EA}\\DhcpNameServer => value removed successfully
HKLM\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{2CC683C3-C270-4C4C-B59E-95069212356D}\\DhcpNameServer => value removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => key removed successfully
HKCR\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C05BB67E-6FEB-437C-A972-2B461CE3C7E3}" => key removed successfully
HKCR\CLSID\{C05BB67E-6FEB-437C-A972-2B461CE3C7E3} => key not found.
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
HKCR\Wow6432Node\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => key not found.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{C05BB67E-6FEB-437C-A972-2B461CE3C7E3}" => key removed successfully
HKCR\Wow6432Node\CLSID\{C05BB67E-6FEB-437C-A972-2B461CE3C7E3} => key not found.
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
"HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => key removed successfully
HKCR\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => key not found.
"HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2D67CCD7-10B5-4635-A31C-1E35342F1D50}" => key removed successfully
HKCR\CLSID\{2D67CCD7-10B5-4635-A31C-1E35342F1D50} => key not found.
"HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C05BB67E-6FEB-437C-A972-2B461CE3C7E3}" => key removed successfully
HKCR\CLSID\{C05BB67E-6FEB-437C-A972-2B461CE3C7E3} => key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKCR\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}" => key removed successfully
"HKCR\CLSID\{F3C88694-EFFA-4d78-B409-54B7B2535B14}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{18DF081C-E8AD-4283-A596-FA578C2EBDC3}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{326E768D-4182-46FD-9C16-1449A49795F4}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{326E768D-4182-46FD-9C16-1449A49795F4}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => key removed successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F3C88694-EFFA-4d78-B409-54B7B2535B14}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{F3C88694-EFFA-4d78-B409-54B7B2535B14}" => key removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully
HKCR\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => value removed successfully
HKCR\CLSID\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} => key not found.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
Chrome NewTab removed successfully
"entry": "chrome-extension://nlgfkngkdcjlfgcfdmjoafonkkhacilj/blank.html" => Error: No automatic fix found for this entry.
WinDefend => Unable to stop service.
WinDefend => service removed successfully
"C:\Program Files\Windows Defender" => Warning: FRST is scripted not to move this directory.
C:\Users\Mitch\AppData\Roaming\result.db => moved successfully
C:\ProgramData\-sxTowviWOjOsNR => moved successfully
C:\ProgramData\-sxTowviWOjOsNRr => moved successfully
C:\ProgramData\sxTowviWOjOsNR => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{11F1A33F-CBC1-4F6D-9E01-9A929078068F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{11F1A33F-CBC1-4F6D-9E01-9A929078068F}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The network connection monitor" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{120D0A09-1533-4ADC-972A-E0CCF80B6C12}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{120D0A09-1533-4ADC-972A-E0CCF80B6C12}" => key removed successfully
C:\windows\System32\Tasks\Adobe Flash Player Updater => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Adobe Flash Player Updater" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{12BA4396-8AB2-4C5C-956A-7785D127DA18}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12BA4396-8AB2-4C5C-956A-7785D127DA18}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TrustedInstaller Update 2" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{12EDA16F-ED83-4401-8F29-4DA10671434B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{12EDA16F-ED83-4401-8F29-4DA10671434B}" => key removed successfully
C:\windows\System32\Tasks\{A5998B0C-1130-4D39-8E84-E08EE59A83B6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{A5998B0C-1130-4D39-8E84-E08EE59A83B6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{186F2FE3-7459-4B77-A9E3-823DB7182825}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{186F2FE3-7459-4B77-A9E3-823DB7182825}" => key removed successfully
C:\windows\System32\Tasks\{86AF29AC-088F-4FA5-BD5F-D1D6DCCFC9A1} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{86AF29AC-088F-4FA5-BD5F-D1D6DCCFC9A1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2C844FD4-91F8-49A3-A8DD-24443574A0D4}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2C844FD4-91F8-49A3-A8DD-24443574A0D4}" => key removed successfully
C:\windows\System32\Tasks\{E7ADFC65-B5D1-4B75-B8C0-FEDB8D304BD7} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E7ADFC65-B5D1-4B75-B8C0-FEDB8D304BD7}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{30672C89-99F7-4B8F-811F-7634C4CDC481}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{30672C89-99F7-4B8F-811F-7634C4CDC481}" => key removed successfully
C:\windows\System32\Tasks\{4F18DFE4-EB52-4F89-9AAF-F121BC8FE6B9} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{4F18DFE4-EB52-4F89-9AAF-F121BC8FE6B9}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{4DEB10BF-3DEA-4965-B44E-D621B736A8C1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4DEB10BF-3DEA-4965-B44E-D621B736A8C1}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\The Bluetooth service discovery" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{645C5585-1328-4ECE-8E35-D5B2AD806B53}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{645C5585-1328-4ECE-8E35-D5B2AD806B53}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AdobeFlashPlayerUpdate" => key removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7C2F68BE-54F8-4B27-A465-C35FCC63925F} => key not found.
C:\windows\System32\Tasks\REGSERVO => not found.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\REGSERVO => key not found.
C:\Program Files\REGSERVO => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{81FADE4C-3A5D-4897-8F11-EB50741E1B9B}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{81FADE4C-3A5D-4897-8F11-EB50741E1B9B}" => key removed successfully
C:\windows\System32\Tasks\{31A8C737-17C1-4EAC-8C41-BFB0F2217EB6} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{31A8C737-17C1-4EAC-8C41-BFB0F2217EB6}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{88EE3220-CD60-4D0B-8C6F-8D063148F0C8}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{88EE3220-CD60-4D0B-8C6F-8D063148F0C8}" => key removed successfully
C:\windows\System32\Tasks\SidebarExecute => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\SidebarExecute" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D0D4D60E-919C-4D10-8E0B-DE408F029196}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D0D4D60E-919C-4D10-8E0B-DE408F029196}" => key removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\TrustedInstaller Update" => key removed successfully
C:\windows\Tasks\Adobe Flash Player Updater.job => moved successfully
C:\windows\Tasks\REGSERVO.job => not found.
"C:\ProgramData\TEMP" => ":373E1720 [290]" ADS not found.
"C:\ProgramData\TEMP" => "

1B5B4F1 [112]" ADS not found.
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper" => key removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\tvnserver" => key removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0736BB08-FE89-43DE-BA41-0E6403E6505B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{BCECD817-1320-463F-BA21-E50C4293C61B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9BE0B886-70FD-44E2-B6DE-8A626E585D91} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{704859E0-645A-4D1C-AB72-CD5211475087} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{9A5730A8-029E-4B01-AF32-9B2FD1E73FBA} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3DD37CC2-B822-47F3-A287-91332F4ED452} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CD2691C-1F50-4EFE-9675-3ABB9B3FA039} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B19AC4B5-D3B7-44E5-8FDC-EDE0AB91D387} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{6A6EC8B0-7882-45AB-8EAF-9185BB491734}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{E647A132-D769-46E8-9F21-C812B75742F4}C:\program files (x86)\freetorrentviewer\freetorrentviewer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\TCP Query User{C7DBDCA4-933F-44C4-BC93-CA7D22154FEF}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\UDP Query User{F498FE58-0685-490C-8C06-B658DC1EF348}C:\program files (x86)\veoh networks\veohwebplayer\veohwebplayer.exe => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{18CDF3EB-FF5A-4F8A-87EC-E55F07F18CEC} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{D11205A1-18A7-4405-A7D8-C1A0D91EDB29} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{242BE5DB-853C-4AD2-9AE4-D66C0068EE32} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0D402D8A-B5A5-48AF-BB01-FCEBE005984B} => value removed successfully
HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2A760E58-2C01-44CE-9620-E6E7A78606A2} => value removed successfully

========= RemoveProxy: =========

HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\DefaultConnectionSettings => value removed successfully
HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Internet Settings\Connections\\SavedLegacySettings => value removed successfully

========= End of RemoveProxy: =========

========= netsh advfirewall reset =========

Ok.

========= End of CMD: =========

========= netsh advfirewall set allprofiles state On =========

Ok.

========= End of CMD: =========

========= ipconfig /flushdns =========

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========= End of CMD: =========

EmptyTemp: => 26.7 MB temporary data Removed.

The system needed a reboot..

==== End of Fixlog 16:45:43 ====

PatL · Apr 20, 2017

--------------- QuickDiag | g3n-h@ckm@n | V3_02.04.17.1 ---------------

----- XP | Vista | 7 | 8 | 8.1 | 10 - 32/64 bits ----- - Start 19/04/2017 16:49:23

Updated 02/04/2017 | 14.30 (GMT) by g3n-h@ckm@n
Contact : http://www.sosvirus.net/

Time Zone : (UTC-08:00) Pacific Time (US & Canada)
[Mitch (Administrator)] - [MITCH-PC] (S-1-5-21-2113883840-1160270776-2747418757-1000)

System: Microsoft Windows 7 Home Premium - Service Pack 1 - (6.1.7601) - BuildType: Multiprocessor Free - OSLanguage: 1033 (0409)
System: AutoReboot: True - DebugFilePath: %SystemRoot%\MEMORY.DMP - KernelDumpOnly: False - OverwriteExistingDebugFile: True - WriteDebugInfo: True - WriteToSystemLog: True
Boot : Microsoft Windows 7 Home Premium |C:\windows|\Device\Harddisk0\Partition2
Boot : Normal boot
PC: Satellite L755 - TOSHIBA - IdNumber: XB319792W - UUID: 71136460-FBBA-11E0-961F-047D7B056E26
Processor : X64 - 2394 Mhz - Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
InsydeH2O Version 03.60.453.40 - en|US|iso8859-1 - INSYDE - S/N: XB319792W - 3.40 - TOSQCI - 1
CoreTemp : ? Celsius

----------| Quick

---------- | SoundDevice

Conexant SmartAudio HD - Status: OK - Manufacturer: Conexant - PNPDeviceID: HDAUDIO\FUNC_01&VEN_14F1&DEV_5069&SUBSYS_1179FC52&REV_1003\4&2152523C&0&0001
Intel(R) Display Audio - Status: OK - Manufacturer: Intel(R) Corporation - PNPDeviceID: HDAUDIO\FUNC_01&VEN_8086&DEV_2805&SUBSYS_1179FC50&REV_1000\4&2152523C&0&0301

---------- | Video

Intel(R) HD Graphics Family - Resolution: 1366x768 - Colors: 4294967296 - RefreshRate: 59 - 32 Bits Per Pixel - DeviceID: VideoController1 - Drivers: igdumd64,igd10umd64.dll,igd10umd64.dll,igdumdx32,igd10umd32,igd10umd32 - PNPDeviceID: PCI\VEN_8086&DEV_0116&SUBSYS_FC501179&REV_09\3&11583659&1&10 - AdapterCompatibility: Intel Corporation - RAM: 1885265920
Inegrated Video Chipset DeviceName: Intel(R) HD Graphics Family - DriverVersion: 8.15.10.2353 - SpecificationVersion: 1025

---------- | Codecs

c:\windows\system32\msrle32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 16384 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msvidc32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 38912 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\imaadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 22016 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msg711.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msgsm32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 29184 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msadp32.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 24064 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\msyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 25600 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\iyuv_32.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 54272 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\tsbyuv.dll - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 14848 - Manufacturer: Microsoft Corporation - Status: OK
c:\windows\system32\l3codeca.acm - ClassName: Win32_CodecFile - FSName: NTFS - FileSize: 81408 - Manufacturer: Fraunhofer Institut Integrierte Schaltungen IIS - Status: OK

---------- | CPU

---------- | Network

WAN Miniport (SSTP) - - Microsoft - Status: - PnPID : ROOT\MS_SSTPMINIPORT\0000
WAN Miniport (IKEv2) - - Microsoft - Status: - PnPID : ROOT\MS_AGILEVPNMINIPORT\0000
WAN Miniport (L2TP) - - Microsoft - Status: - PnPID : ROOT\MS_L2TPMINIPORT\0000
WAN Miniport (PPTP) - - Microsoft - Status: - PnPID : ROOT\MS_PPTPMINIPORT\0000
WAN Miniport (PPPOE) - - Microsoft - Status: - PnPID : ROOT\MS_PPPOEMINIPORT\0000
WAN Miniport (IPv6) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIPV6\0000
WAN Miniport (Network Monitor) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANBH\0000
Realtek RTL8188CE Wireless LAN 802.11n PCI-E NIC - Ethernet 802.3 - Realtek Semiconductor Corp. - Status: - PnPID : PCI\VEN_10EC&DEV_8176&SUBSYS_818110EC&REV_01\4&2EF5F2DC&0&00E5
WAN Miniport (IP) - - Microsoft - Status: - PnPID : ROOT\MS_NDISWANIP\0000
Microsoft ISATAP Adapter - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0000
RAS Async Adapter - - - Status: - PnPID :
Atheros AR8152/8158 PCI-E Fast Ethernet Controller (NDIS 6.20) - Ethernet 802.3 - Atheros - Status: - PnPID : PCI\VEN_1969&DEV_2062&SUBSYS_FC501179&REV_C1\4&2F28935&0&00E6
Teredo Tunneling Pseudo-Interface - Tunnel - Microsoft - Status: - PnPID : ROOT\*TEREDO\0000
Microsoft 6to4 Adapter - Tunnel - Microsoft - Status: - PnPID : ROOT\*6TO4MP\0000
Microsoft ISATAP Adapter #2 - Tunnel - Microsoft - Status: - PnPID : ROOT\*ISATAP\0001

---------- | Memory

RAM = Total (MB) : 4141 | Free (MB) : 2938
Pagefile = Total (MB) : 8280 | Free (MB) : 7039
Virtual = Total (MB) : 4194 | Free (MB) : 4020

Physical Memory 0 : Capacity: 2147483648 - ChannelA-DIMM0 - Posit.: 1 - Manufacturer: Micron Technology - PartNumber: 8JSF25664HZ-1G4D1 - S/N: 3756A6B0
Physical Memory 2 : Capacity: 2147483648 - ChannelB-DIMM0 - Posit.: 2 - Manufacturer: Micron Technology - PartNumber: 8JSF25664HZ-1G4D1 - S/N: 3756A6AF

---------- | SID Users

Administrator : [S-1-5-21-2113883840-1160270776-2747418757-500]
Guest : [S-1-5-21-2113883840-1160270776-2747418757-501]
HomeGroupUser$ : [S-1-5-21-2113883840-1160270776-2747418757-1002]
Mitch : [S-1-5-21-2113883840-1160270776-2747418757-1000]
Administrators : [S-1-5-32-544]
Distributed COM Users : [S-1-5-32-562]
Event Log Readers : [S-1-5-32-573]
Guests : [S-1-5-32-546]
IIS_IUSRS : [S-1-5-32-568]
Performance Log Users : [S-1-5-32-559]
Performance Monitor Users : [S-1-5-32-558]
Users : [S-1-5-32-545]
HomeUsers : [S-1-5-21-2113883840-1160270776-2747418757-1001]

---------- | SystemAccounts

Name: Everyone - SID: S-1-1-0 - SIDType: 5 - Status: OK
Name: LOCAL - SID: S-1-2-0 - SIDType: 5 - Status: OK
Name: CREATOR OWNER - SID: S-1-3-0 - SIDType: 5 - Status: OK
Name: CREATOR GROUP - SID: S-1-3-1 - SIDType: 5 - Status: OK
Name: CREATOR OWNER SERVER - SID: S-1-3-2 - SIDType: 5 - Status: OK
Name: CREATOR GROUP SERVER - SID: S-1-3-3 - SIDType: 5 - Status: OK
Name: OWNER RIGHTS - SID: S-1-3-4 - SIDType: 5 - Status: OK
Name: DIALUP - SID: S-1-5-1 - SIDType: 5 - Status: OK
Name: NETWORK - SID: S-1-5-2 - SIDType: 5 - Status: OK
Name: BATCH - SID: S-1-5-3 - SIDType: 5 - Status: OK
Name: INTERACTIVE - SID: S-1-5-4 - SIDType: 5 - Status: OK
Name: SERVICE - SID: S-1-5-6 - SIDType: 5 - Status: OK
Name: ANONYMOUS LOGON - SID: S-1-5-7 - SIDType: 5 - Status: OK
Name: PROXY - SID: S-1-5-8 - SIDType: 5 - Status: OK
Name: SYSTEM - SID: S-1-5-18 - SIDType: 5 - Status: OK
Name: ENTERPRISE DOMAIN CONTROLLERS - SID: S-1-5-9 - SIDType: 5 - Status: OK
Name: SELF - SID: S-1-5-10 - SIDType: 5 - Status: OK
Name: Authenticated Users - SID: S-1-5-11 - SIDType: 5 - Status: OK
Name: RESTRICTED - SID: S-1-5-12 - SIDType: 5 - Status: OK
Name: TERMINAL SERVER USER - SID: S-1-5-13 - SIDType: 5 - Status: OK
Name: REMOTE INTERACTIVE LOGON - SID: S-1-5-14 - SIDType: 5 - Status: OK
Name: IUSR - SID: S-1-5-17 - SIDType: 5 - Status: OK
Name: LOCAL SERVICE - SID: S-1-5-19 - SIDType: 5 - Status: OK
Name: NETWORK SERVICE - SID: S-1-5-20 - SIDType: 5 - Status: OK
Name: BUILTIN - SID: S-1-5-32 - SIDType: 3 - Status: OK

---------- | Drives

C:\ -> [Fixed] | [TI106234W0C] | Total : 449.77 Go | Free : 402.28 Go -> NTFS [ATA]
E:\ -> [Removable] | [] | Total : 1.9 Go | Free : 1.5 Go -> FAT [USB]
F:\ -> [CDROM] | [U3 System] | Total : 0.01 Go | Free : 0 Go -> CDFS [USB]

DeviceID: \\.\PHYSICALDRIVE0 - Status: OK - IDE - Fixed hard disk media - 3 Part. - PnPID : IDE\DISKTOSHIBA_MK5075GSX_______________________GT001M__\4&2838251D&0&0.0.0
DeviceID: \\.\PHYSICALDRIVE1 - Status: OK - USB - Removable Media - 1 Part. - PnPID : USBSTOR\DISK&VEN_SANDISK&PROD_U3_CRUZER_MICRO&REV_4.05\00001889E574CD5F&0

---------- | Windows updates

Last detection : 2012-08-12 21:11:03
Downloaded last ones : 2012-11-16 02:18:27
Installed last ones : 2012-11-16 03:04:58
Next search : 2017-04-19 01:49:50

Windows Is Activated

---------- | Browsers

IE : 9.0.8112.16447 (© Microsoft Corporation.)
GC : 57.0.2987.133 (Copyright 2016 Google Inc.)

Default : "C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" -- "%1"

---------- | FlashPlayer

FlashPlayer ActiveX : 18.0.0.232
FlashPlayer Plugin : 18.0.0.232

---------- | Security

AM : Malwarebytes' Anti-Malware ( 2.3.55.0) [Update : 08/09/2015 10:46:40]
FW : avast! Antivirus Disabled
WMI : OK
WU: Windows Update Service [Auto(2)] = Running
WMI: Windows Management Instrumentation [Auto(2)] = Running

---------- | Running processes

428 | [Owner : SYSTEM | Parent : 4(System) | 1.22 Mo] - (.Microsoft Corporation - Windows Session Manager.) - (6.1.7600.16385) = C:\Windows\System32\smss.exe [13/07/2009 16:19:50]
528 | [Owner : SYSTEM | Parent : 512() | 4.87 Mo] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [13/07/2009 16:19:49]
600 | [Owner : SYSTEM | Parent : 512() | 4.53 Mo] - (.Microsoft Corporation - Windows Start-Up Application.) - (6.1.7600.16385) = C:\Windows\System32\wininit.exe [13/07/2009 16:52:37]
624 | [Owner : SYSTEM | Parent : 608() | 20.11 Mo] - (.Microsoft Corporation - Client Server Runtime Process.) - (6.1.7600.16385) = C:\Windows\System32\csrss.exe [13/07/2009 16:19:49]
656 | [Owner : SYSTEM | Parent : 600(wininit.exe) | 8.78 Mo] - (.Microsoft Corporation - Services and Controller app.) - (6.1.7600.16385) = C:\Windows\System32\services.exe [13/07/2009 16:19:46]
672 | [Owner : SYSTEM | Parent : 600(wininit.exe) | 11.12 Mo] - (.Microsoft Corporation - Local Security Authority Process.) - (6.1.7601.17725) = C:\Windows\System32\lsass.exe [31/01/2012 15:40:16]
680 | [Owner : SYSTEM | Parent : 600(wininit.exe) | 4.36 Mo] - (.Microsoft Corporation - Local Session Manager Service.) - (6.1.7601.17514) = C:\Windows\System32\lsm.exe [20/11/2010 20:23:53]
784 | [Owner : SYSTEM | Parent : 656(services.exe) | 9.6 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
876 | [Owner : NETWORK SERVICE | Parent : 656(services.exe) | 7.44 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
936 | [Owner : LOCAL SERVICE | Parent : 656(services.exe) | 18.42 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
968 | [Owner : SYSTEM | Parent : 656(services.exe) | 89.41 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
1012 | [Owner : SYSTEM | Parent : 656(services.exe) | 37.3 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
384 | [Owner : LOCAL SERVICE | Parent : 936(svchost.exe) | ?????] - (.Microsoft Corporation - Windows Audio Device Graph Isolation.) - (6.1.7601.17514) = C:\Windows\System32\audiodg.exe [20/11/2010 20:24:32]
540 | [Owner : LOCAL SERVICE | Parent : 656(services.exe) | 11.31 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
892 | [Owner : NETWORK SERVICE | Parent : 656(services.exe) | 12.26 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
1076 | [Owner : SYSTEM | Parent : 608() | 7.17 Mo] - (.Microsoft Corporation - Windows Logon Application.) - (6.1.7601.17514) = C:\Windows\System32\winlogon.exe [20/11/2010 20:24:29]
1108 | [Owner : SYSTEM | Parent : 656(services.exe) | 42.52 Mo] - (.AVAST Software - avast! Service.) - (12.1.3076.0) = C:\Program Files\AVAST Software\Avast\AvastSvc.exe [19/07/2016 18:28:30]
1456 | [Owner : SYSTEM | Parent : 1012(svchost.exe) | 5.28 Mo] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [20/11/2010 20:24:27]
1488 | [Owner : SYSTEM | Parent : 656(services.exe) | 12.18 Mo] - (.Microsoft Corporation - Spooler SubSystem App.) - (6.1.7601.17514) = C:\Windows\System32\spoolsv.exe [20/11/2010 20:24:27]
1524 | [Owner : LOCAL SERVICE | Parent : 656(services.exe) | 13.9 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
1660 | [Owner : LOCAL SERVICE | Parent : 656(services.exe) | 11.41 Mo] - (.Microsoft Corporation - Host Process for Windows Services.) - (6.1.7601.17568) = C:\Windows\System32\svchost.exe [01/08/2011 00:21:59]
1700 | [Owner : SYSTEM | Parent : 656(services.exe) | 6.54 Mo] - (.Giraffic - Giraffic Video Accelerator Watchdog.) - (0.86.412.230) = C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe [13/05/2013 04:56:02]
1352 | [Owner : SYSTEM | Parent : 656(services.exe) | 4.9 Mo] - (.Microsoft Corporation - Microsoft Application Virtualization Virtual Service Agent.) - (4.6.2.22610) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe [01/10/2011 09:30:22]
1848 | [Owner : SYSTEM | Parent : 656(services.exe) | 4.31 Mo] - (.TOSHIBA Corporation - TDCSrv Application.) - (1.0.0.8) = C:\Windows\System32\TODDSrv.exe [01/08/2011 00:31:59]
2056 | [Owner : SYSTEM | Parent : 656(services.exe) | 7.18 Mo] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) - (1.0.0.5) = C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe [17/05/2011 14:34:18]
2076 | [Owner : SYSTEM | Parent : 1700(Veoh_GirafficWatchdog.exe) | 8.87 Mo] - (.Giraffic - Giraffic Video Accelerator.) - (0.86.412.230) = C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe [13/05/2013 04:55:30]
2180 | [Owner : SYSTEM | Parent : 656(services.exe) | 10.96 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE [28/03/2011 21:11:06]
2444 | [Owner : Mitch | Parent : 968(svchost.exe) | 48.48 Mo] - (.Microsoft Corporation - Desktop Window Manager.) - (6.1.7600.16385) = C:\Windows\System32\dwm.exe [13/07/2009 16:37:38]
2500 | [Owner : SYSTEM | Parent : 656(services.exe) | 16.26 Mo] - (.Copyright 2017. - ZAM.) - (2.72.0.101) = C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [08/09/2015 10:44:23]
2516 | [Owner : SYSTEM | Parent : 2180(WLIDSVC.EXE) | 3.49 Mo] - (.Microsoft Corp. - Microsoft® Windows Live ID Service Monitor.) - (7.250.4232.0) = C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE [28/03/2011 21:11:06]
2584 | [Owner : Mitch | Parent : 2436() | 62.96 Mo] - (.Microsoft Corporation - Windows Explorer.) - (6.1.7601.17567) = C:\Windows\explorer.exe [01/08/2011 00:22:16]
2884 | [Owner : SYSTEM | Parent : 656(services.exe) | 14.34 Mo] - (.Microsoft Corporation - Microsoft Application Virtualization Client Service.) - (4.6.2.22610) = C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe [01/10/2011 09:30:18]
2460 | [Owner : SYSTEM | Parent : 656(services.exe) | 7.2 Mo] - (.TOSHIBA Corporation - TOSHIBA eco Utility Service.) - (1.3.0.0) = C:\Program Files\Toshiba\TECO\TecoService.exe [24/05/2011 09:58:12]
2328 | [Owner : SYSTEM | Parent : 656(services.exe) | 10.2 Mo] - (.Microsoft Corporation - Microsoft Office Client Virtualization Service.) - (14.0.6114.5003) = C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE [04/01/2012 15:22:40]
3108 | [Owner : SYSTEM | Parent : 784(svchost.exe) | 7.09 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [20/11/2010 20:24:15]
3460 | [Owner : LOCAL SERVICE | Parent : 968(svchost.exe) | 6.33 Mo] - (.Microsoft Corporation - Windows Driver Foundation - User-mode Driver Framework Host Process.) - (6.1.7601.17514) = C:\Windows\System32\WUDFHost.exe [20/11/2010 20:23:50]
3836 | [Owner : Mitch | Parent : 2584(explorer.exe) | 12.93 Mo] - (.TOSHIBA Corporation - TOSHIBA Power Saver.) - (1.0.0.7) = C:\Program Files\Toshiba\Power Saver\TPwrMain.exe [17/05/2011 14:34:50]
3884 | [Owner : Mitch | Parent : 2584(explorer.exe) | 46.19 Mo] - (.TOSHIBA Corporation - TOSHIBA Flash Cards Main Module.) - (1.0.11.64) = C:\Program Files\Toshiba\FlashCards\TCrdMain.exe [27/04/2011 14:00:42]
4012 | [Owner : Mitch | Parent : 2584(explorer.exe) | 6.25 Mo] - (.Conexant Systems, Inc. - Conexant High Definition Audio Filter Agent.) - (1.7.32.0) = C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe [20/10/2011 10:16:13]
1840 | [Owner : Mitch | Parent : 2584(explorer.exe) | 7.57 Mo] - (.TOSHIBA Corporation - TOSHIBA eco Utility.) - (1.3.0.0) = C:\Program Files\Toshiba\TECO\Teco.exe [24/05/2011 09:57:52]
1368 | [Owner : Mitch | Parent : 2584(explorer.exe) | 6.89 Mo] - (.TOSHIBA Corporation -.) - (1.0.0.2) = C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe [01/07/2011 11:46:44]
1364 | [Owner : Mitch | Parent : 2584(explorer.exe) | 5.52 Mo] - (.TOSHIBA Corporation - Toshiba Volume Regulator.) - (1.0.0.6) = C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe [20/10/2011 11:03:32]
812 | [Owner : Mitch | Parent : 2584(explorer.exe) | 7.92 Mo] - (.TOSHIBA Corporation - Message Center.) - (1.6.0.64) = C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe [27/07/2011 15:44:14]
2808 | [Owner : Mitch | Parent : 2584(explorer.exe) | 25.83 Mo] - (.TOSHIBA Corporation - Monitor of TOSHIBA ReelTime.) - (1.7.9.0) = C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe [28/06/2011 11:29:56]
3720 | [Owner : Mitch | Parent : 1012(svchost.exe) | 6.47 Mo] - (.Microsoft Corporation - Task Scheduler Engine.) - (6.1.7601.17514) = C:\Windows\System32\taskeng.exe [20/11/2010 20:24:27]
1152 | [Owner : Mitch | Parent : 3608() | 12 Mo] - (.- DivX Update.) - (1.0.6.15) = C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe [28/07/2011 16:08:12]
264 | [Owner : Mitch | Parent : 3608() | 17.14 Mo] - (.AVAST Software - avast! Antivirus.) - (12.1.3076.11) = C:\Program Files\AVAST Software\Avast\avastui.exe [08/08/2016 16:11:02]
3520 | [Owner : SYSTEM | Parent : 656(services.exe) | 10.32 Mo] - (.Microsoft Corporation - Microsoft Windows Search Indexer.) - (7.0.7601.17610) = C:\Windows\System32\SearchIndexer.exe [01/08/2011 00:26:30]
4648 | [Owner : Mitch | Parent : 2584(explorer.exe) | 26.24 Mo] - (.SosVirus - QuickDiag.) - (2.4.17.1) = E:\quickdiag_3_02.04.17.1.exe [19/04/2017 11:00:56]
5080 | [Owner : SYSTEM | Parent : 656(services.exe) | 4.7 Mo] - (.Intel Corporation - Local Manageability Service.) - (7.0.2.1164) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe [20/10/2011 10:07:44]
5104 | [Owner : NETWORK SERVICE | Parent : 656(services.exe) | 12.59 Mo] - (.Microsoft Corporation - Microsoft Software Protection Platform Service.) - (6.1.7601.17514) = C:\Windows\System32\sppsvc.exe [20/11/2010 20:23:56]
2004 | [Owner : NETWORK SERVICE | Parent : 656(services.exe) | 25.34 Mo] - (.Microsoft Corporation - Windows Media Player Network Sharing Service.) - (12.0.7601.17514) = C:\Program Files\Windows Media Player\wmpnetwk.exe [20/11/2010 20:25:05]
2204 | [Owner : SYSTEM | Parent : 656(services.exe) | 7.24 Mo] - (.Intel Corporation - User Notification Service.) - (7.0.2.1164) = C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe [20/10/2011 10:07:46]
3312 | [Owner : NETWORK SERVICE | Parent : 784(svchost.exe) | 11.9 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\System32\wbem\WmiPrvSE.exe [20/11/2010 20:24:15]
3036 | [Owner : NETWORK SERVICE | Parent : 784(svchost.exe) | 7.12 Mo] - (.Microsoft Corporation - WMI Provider Host.) - (6.1.7601.17514) = C:\Windows\SysWOW64\wbem\WmiPrvSE.exe [20/11/2010 20:24:27]

---------- | MD5

[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [01/08/2011 00:22:16] - (.© Microsoft Corporation. - Windows Explorer.) - [2804.5 Ko] - (6.1.7601.17567) : C:\windows\Explorer.exe
[MD5.5746BD7E255DD6A8AFA06F7C42C1BA41] - [20/11/2010 20:23:55] - (.© Microsoft Corporation. - Windows Command Processor.) - [337 Ko] - (6.1.7601.17514) : C:\windows\System32\cmd.exe
[MD5.60C2862B4BF0FD9F582EF344C2B1EC72] - [13/07/2009 16:19:49] - (.© Microsoft Corporation. - Client Server Runtime Process.) - [7.5 Ko] - (6.1.7600.16385) : C:\windows\System32\csrss.exe
[MD5.A8EDB86FC2A4D6D1285E4C70384AC35A] - [13/07/2009 16:59:17] - (.© Microsoft Corporation. - COM Surrogate.) - [9.5 Ko] - (6.1.7600.16385) : C:\windows\System32\dllhost.exe
[MD5.B9B42A302325537D7B9DC52D47F33A73] - [27/12/2011 16:02:44] - (.© Microsoft Corporation. - Windows NT BASE API Client DLL.) - [1135.5 Ko] - (6.1.7601.17651) : C:\windows\System32\Kernel32.dll
[MD5.C118A82CD78818C29AB228366EBF81C3] - [31/01/2012 15:40:16] - (.© Microsoft Corporation. - Local Security Authority Process.) - [30.5 Ko] - (6.1.7601.17725) : C:\windows\System32\lsass.exe
[MD5.5C627D1B1138676C0A7AB2C2C190D123] - [20/11/2010 20:24:01] - (.© Microsoft Corporation. - Distributed COM Services.) - [500 Ko] - (6.1.7601.17514) : C:\windows\System32\rpcss.dll
[MD5.DD81D91FF3B0763C392422865C9AC12E] - [13/07/2009 16:57:20] - (.© Microsoft Corporation. - Windows host process (Rundll32).) - [44.5 Ko] - (6.1.7600.16385) : C:\windows\System32\rundll32.exe
[MD5.24ACB7E5BE595468E3B9AA488B9B4FCB] - [13/07/2009 16:19:46] - (.© Microsoft Corporation. - Services and Controller app.) - [321 Ko] - (6.1.7600.16385) : C:\windows\System32\services.exe
[MD5.6F68F63794097E54F36474ED4384B759] - [01/08/2011 00:21:59] - (.© Microsoft Corporation. - Host Process for Windows Services.) - [27 Ko] - (6.1.7601.17568) : C:\windows\System32\svchost.exe
[MD5.FE70103391A64039A921DBFFF9C7AB1B] - [20/11/2010 20:24:09] - (.© Microsoft Corporation. - Multi-User Windows USER API Client DLL.) - [984.5 Ko] - (6.1.7601.17514) : C:\windows\System32\user32.dll
[MD5.BAFE84E637BF7388C96EF48D4D3FDD53] - [20/11/2010 20:24:28] - (.© Microsoft Corporation. - Userinit Logon Application.) - [30 Ko] - (6.1.7601.17514) : C:\windows\System32\userinit.exe
[MD5.94355C28C1970635A31B3FE52EB7CEBA] - [13/07/2009 16:52:37] - (.© Microsoft Corporation. - Windows Start-Up Application.) - [126 Ko] - (6.1.7600.16385) : C:\windows\System32\Wininit.exe
[MD5.1151B1BAA6F350B1DB6598E0FEA7C457] - [20/11/2010 20:24:29] - (.© Microsoft Corporation. - Windows Logon Application.) - [381.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Winlogon.exe
[MD5.1C7857B62DE5994A75B054A9FD4C3825] - [15/02/2012 17:41:01] - (.© Microsoft Corporation. - Ancillary Function Driver for WinSock.) - [487 Ko] - (6.1.7601.17752) : C:\windows\System32\Drivers\afd.sys
[MD5.02062C0B390B7729EDC9E69C680A6F3C] - [13/07/2009 16:19:47] - (.© Microsoft Corporation. - ATAPI IDE Miniport Driver.) - [23.56 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\atapi.sys
[MD5.A34FE1E025E88798E746F484956C0720] - [20/11/2010 20:23:47] - (.© Microsoft Corporation. - ATAPI Driver Extension.) - [151.88 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\ataport.sys
[MD5.B8BD2BB284668C84865658C77574381A] - [13/07/2009 16:19:47] - (.© Microsoft Corporation. - CD-ROM File System Driver.) - [90 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\cdfs.sys
[MD5.F036CE71586E93D94DAB220D7BDF4416] - [20/11/2010 20:23:47] - (.© Microsoft Corporation. - SCSI CD-ROM Driver.) - [144 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\cdrom.sys
[MD5.9BB2EF44EAA163B29C4A4587887A0FE4] - [20/11/2010 20:24:32] - (.© Microsoft Corporation. - DFS Namespace Client Driver.) - [100 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\dfsc.sys
[MD5.97BFED39B6B79EB12CDDBFEED51F56BB] - [20/11/2010 20:23:47] - (.© Microsoft Corporation. - High Definition Audio Bus Driver.) - [119.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\hdaudbus.sys
[MD5.FA55C73D4AFFA7EE23AC4BE53B4592D3] - [13/07/2009 16:19:58] - (.© Microsoft Corporation. - i8042 Port Driver.) - [103 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\i8042prt.sys
[MD5.D469B77687E12FE43E344806740B624D] - [20/10/2011 10:11:10] - (.Copyright(C) Intel Corporation 1994-2011 - Intel Rapid Storage Technology driver - x64.) - [429.02 Ko] - (10.1.2.1004) : C:\windows\System32\Drivers\iastor.sys
[MD5.AF9B39A7E7B6CAA203B3862582E9F2D0] - [13/07/2009 17:10:03] - (.© Microsoft Corporation. - IP Network Address Translator.) - [113.5 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\ipnat.sys
[MD5.A5D9106A73DC88564C825D317CAC68AC] - [01/08/2011 00:25:13] - (.© Microsoft Corporation. - Windows NT SMB Minirdr.) - [154.5 Ko] - (6.1.7601.17605) : C:\windows\System32\Drivers\mrxsmb.sys
[MD5.79B47FD40D9A817E932F9D26FAC0A81C] - [20/11/2010 20:23:55] - (.© Microsoft Corporation. - NDIS 6.20 driver.) - [929.38 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\ndis.sys
[MD5.09594D1089C523423B32A4229263F068] - [20/11/2010 20:23:51] - (.© Microsoft Corporation. - MBT Transport driver.) - [255.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\netbt.sys
[MD5.A2F74975097F52A00745F9637451FDD8] - [01/08/2011 00:11:50] - (.© Microsoft Corporation. - NT File System Driver.) - [1620.88 Ko] - (6.1.7601.17577) : C:\windows\System32\Drivers\ntfs.sys
[MD5.0086431C29C35BE1DBC43F52CC273887] - [13/07/2009 17:00:41] - (.© Microsoft Corporation. - Parallel Port Driver.) - [95 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\parport.sys
[MD5.471815800AE33E6F1C32FB1B97C490CA] - [20/11/2010 20:24:33] - (.© Microsoft Corporation. - RAS L2TP mini-port/call-manager driver.) - [126.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\rasl2tp.sys
[MD5.548260A7B8654E024DC30BF8A7C5BAA4] - [13/07/2009 17:09:09] - (.© Microsoft Corporation. - SMB Transport driver.) - [91 Ko] - (6.1.7600.16385) : C:\windows\System32\Drivers\smb.sys
[MD5.ACB82BDA8F46C84F465C1AFA517DC4B9] - [14/05/2012 12:32:59] - (.© Microsoft Corporation. - TCP/IP Driver.) - [1873.36 Ko] - (6.1.7601.17802) : C:\windows\System32\Drivers\tcpip.sys
[MD5.DDAD5A7AB24D8B65F8D724F5C20FD806] - [20/11/2010 20:24:32] - (.© Microsoft Corporation. - TDI Translation Driver.) - [116.5 Ko] - (6.1.7601.17514) : C:\windows\System32\Drivers\tdx.sys
[MD5.DF8126BD41180351A093A3AD2FC8903B] - [01/08/2011 00:17:36] - (.© Microsoft Corporation. - Volume Shadow Copy Driver.) - [289.38 Ko] - (6.1.7601.17567) : C:\windows\System32\Drivers\volsnap.sys

---------- | Locked Applications

---------- | Explorer.exe component call (Microsoft Files Whitelisted)

(.AVAST Software.-.avast! Shell Extension.) - (12.1.3076.0) -- C:\Program Files\AVAST Software\Avast\ashShA64.dll

---------- | Svchost.exe component call (Microsoft Files Whitelisted)

---------- | ZeroAccess Check

[HKLM\Software\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] : %systemroot%\system32\wbem\wbemess.dll
[HKLM\Software\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{1108BE51-F58A-4CDA-BB99-7A0227D11D5E}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] : %SystemRoot%\system32\shell32.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] : %systemroot%\system32\wbem\fastprox.dll
[HKLM\Software\WOW6432Node\Classes\CLSID\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] : %SystemRoot%\system32\shell32.dll

---------- | Startings up

Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-19\SOFTWARE\...\Run]) - User: NT AUTHORITY\LOCAL SERVICE
Sidebar - (%ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun [HKU\S-1-5-20\SOFTWARE\...\Run]) - User: NT AUTHORITY\NETWORK SERVICE
CCleaner - ("C:\Program Files\CCleaner\CCleaner64.exe" /AUTO [HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\...\Run]) - User: Mitch-PC\Mitch
TPwrMain - (%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE [HKLM\SOFTWARE\...\Run]) - User: Public
HSON - (%ProgramFiles%\TOSHIBA\TBS\HSON.exe [HKLM\SOFTWARE\...\Run]) - User: Public
TCrdMain - (%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe [HKLM\SOFTWARE\...\Run]) - User: Public
SmartAudio - (C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t [HKLM\SOFTWARE\...\Run]) - User: Public
cAudioFilterAgent - (C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [HKLM\SOFTWARE\...\Run]) - User: Public
SynTPEnh - (%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe [HKLM\SOFTWARE\...\Run]) - User: Public
Teco - ("%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r [HKLM\SOFTWARE\...\Run]) - User: Public
TosWaitSrv - (%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe [HKLM\SOFTWARE\...\Run]) - User: Public
TosVolRegulator - (C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [HKLM\SOFTWARE\...\Run]) - User: Public
TosSENotify - (C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [HKLM\SOFTWARE\...\Run]) - User: Public
TosNC - (%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe [HKLM\SOFTWARE\...\Run]) - User: Public
TosReelTimeMonitor - (%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe [HKLM\SOFTWARE\...\Run]) - User: Public
ZAM - ("C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized [HKLM\SOFTWARE\...\Run]) - User: Public

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Command Processor]
"CompletionChar"=9
"DefaultColor"=0
"EnableExtensions"=1
"PathCompletionChar"=9

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Run]
"CCleaner"="C:\Program Files\CCleaner\CCleaner64.exe" /AUTO

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"Device"=Microsoft XPS Document Writer,winspool,Ne00:
"UserSelectedDefault"=0

[HKLM\Software\Microsoft\Command Processor]
"CompletionChar"=64
"DefaultColor"=0
"EnableExtensions"=1
"PathCompletionChar"=64

[HKLM\Software\Microsoft\Windows\CurrentVersion\Run]
"TPwrMain"=%ProgramFiles%\TOSHIBA\Power Saver\TPwrMain.EXE
"HSON"=%ProgramFiles%\TOSHIBA\TBS\HSON.exe
"TCrdMain"=%ProgramFiles%\TOSHIBA\FlashCards\TCrdMain.exe
"SmartAudio"=C:\Program Files\CONEXANT\SAII\SAIICpl.exe /t
"cAudioFilterAgent"=C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [20/10/2011 10:16:13]
"SynTPEnh"=%ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
"Teco"="%ProgramFiles%\TOSHIBA\TECO\Teco.exe" /r
"TosWaitSrv"=%ProgramFiles%\TOSHIBA\TPHM\TosWaitSrv.exe
"TosVolRegulator"=C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe [20/10/2011 11:03:32]
"TosSENotify"=C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe [09/06/2011 21:10:20]
"TosNC"=%ProgramFiles%\Toshiba\BulletinBoard\TosNcCore.exe
"TosReelTimeMonitor"=%ProgramFiles%\TOSHIBA\ReelTime\TosReelTimeMonitor.exe
"ZAM"="C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe" /minimized

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"=IconCodecService.dll
"DdeSendTimeout"=0
"DesktopHeapLogging"=1
"GDIProcessHandleQuota"=10000
"ShutdownWarningDialogTimeout"=4294967295
"USERNestedWindowLimit"=50
"USERPostMessageLimit"=10000
"USERProcessHandleQuota"=10000
""=mnmsrvc
"DeviceNotSelectedTimeout"=15
"Spooler"=yes
"TransmissionRetryTimeout"=90
"LoadAppInit_DLLs"=1
"AppInit_DLLs"=

[HKLM\Software\WOW6432Node\Microsoft\Command Processor]
"CompletionChar"=64
"DefaultColor"=0
"EnableExtensions"=1
"PathCompletionChar"=64

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run]
"TSleepSrv"=%ProgramFiles(x86)%\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
"NortonOnlineBackupReminder"="C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe" UNATTENDED
"ToshibaAppPlace"="C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe"
"DivXUpdate"="C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe" /CHECKNOW
"AvastUI.exe"="C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Windows]
"IconServiceLib"=IconCodecService.dll
"DdeSendTimeout"=0
"DesktopHeapLogging"=1
"GDIProcessHandleQuota"=10000
"ShutdownWarningDialogTimeout"=4294967295
"USERNestedWindowLimit"=50
"USERPostMessageLimit"=10000
"USERProcessHandleQuota"=10000
""=mnmsrvc
"DeviceNotSelectedTimeout"=15
"Spooler"=yes
"TransmissionRetryTimeout"=90
"LoadAppInit_DLLs"=1
"AppInit_DLLs"=

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
"WebCheck"={E6FB5E20-DE35-11CF-9C87-00AA005127ED}

---------- | Win.ini :

---------- | System.ini :

---------- | Tasks List

avast! Emergency Update
CCleanerSkipUAC
GoogleUpdateTaskMachineCore
GoogleUpdateTaskMachineUA
SafeZone scheduled Autoupdate 1463186051
{1426D1E5-5A00-4D59-985A-2107F1BEF83C}
{2FB9F27A-DE3A-4CD6-B8B6-B233E63B6955}
{65C76270-92BA-4F63-B82C-13F0D18DD623}
{A8D2B036-36FC-403B-8061-05969D1469A2}
{E210F47C-43C1-4A1F-B297-CCB4BE5B7E4D}

---------- | Startings up registry ¦ Folder

---------- | Other keys

[HKLM\System\CurrentControlSet\Control\SecurityProviders]
"SecurityProviders"=credssp.dll

[HKLM\System\CurrentControlSet\Control\Terminal Server]
"RCDependentServices"=CertPropSvc
SessionEnv
"NotificationTimeOut"=0
"SnapshotMonitors"=1
"ProductVersion"=5.1
"AllowRemoteRPC"=0
"DelayConMgrTimeout"=0
"fDenyTSConnections"=1
"StartRCM"=0
"TSAdvertise"=0
"DeleteTempDirsOnExit"=1
"fSingleSessionPerUser"=1
"PerSessionTempDir"=0
"TSUserEnabled"=0
"InstanceID"=ca4daa9c-9a14-471f-b520-1caccd3

[HKLM\System\CurrentControlSet\Control\Session Manager]
"CriticalSectionTimeout"=2592000
"GlobalFlag"=0
"HeapDeCommitFreeBlockThreshold"=0
"HeapDeCommitTotalFreeThreshold"=0
"HeapSegmentCommit"=0
"HeapSegmentReserve"=0
"ProcessorControl"=2
"ResourceTimeoutCount"=648000
"BootExecute"=autocheck autochk *
"ExcludeFromKnownDlls"=
"ObjectDirectories"=\Windows
\RPC Control
"ProtectionMode"=1
"NumberOfInitialSessions"=2

[HKLM\System\CurrentControlSet\Control]
"PreshutdownOrder"=wuauserv
gpsvc
trustedinstaller
"WaitToKillServiceTimeout"=200
"CurrentUser"=USERNAME
"BootDriverFlags"=0
"ServiceControlManagerExtension"=%systemroot%\system32\scext.dll
"SystemStartOptions"= TESTSIGNING NOEXECUTE=OPTIN
"SystemBootDevice"=multi(0)disk(0)rdisk(0)partition(2)
"FirmwareBootDevice"=multi(0)disk(0)rdisk(0)partition(1)

[HKLM\System\CurrentControlSet\Control\lsa]
"auditbaseobjects"=0
"auditbasedirectories"=0
"crashonauditfail"=0
"fullprivilegeauditing"=0x00
"Bounds"=0x0030000000200000
"LimitBlankPasswordUse"=1
"NoLmHash"=1
"Notification Packages"=scecli
"Security Packages"=kerberos
msv1_0
schannel
wdigest
tspkg
pku2u
livessp
"Authentication Packages"=msv1_0
"LsaPid"=672
"SecureBoot"=1
"ProductType"=3
"disabledomaincreds"=0
"everyoneincludesanonymous"=0
"forceguest"=0
"restrictanonymous"=0
"restrictanonymoussam"=1

---------- | .LNK with Arguments

---------- | AppCertDlls

---------- | Dnsapi.dll

C:\windows\System32\dnsapi.dll -> OK : \drivers\etc\hosts
C:\windows\SysWOW64\dnsapi.dll -> OK : \drivers\etc\hosts

---------- | Policies | Registry

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Control Panel\Desktop]
"ScreenSaveActive"=1
"ActiveWndTrackTimeout"=0
"BlockSendInputResets"=0
"CaretWidth"=1
"ClickLockTime"=1200
"CoolSwitchColumns"=7
"CoolSwitchRows"=3
"CursorBlinkRate"=530
"DockMoving"=1
"DragFromMaximize"=1
"DragFullWindows"=1
"DragHeight"=4
"DragWidth"=4
"FocusBorderHeight"=1
"FocusBorderWidth"=1
"FontSmoothing"=2
"FontSmoothingGamma"=0
"FontSmoothingOrientation"=1
"FontSmoothingType"=2
"ForegroundFlashCount"=7
"ForegroundLockTimeout"=200000
"LeftOverlapChars"=3
"MenuShowDelay"=400
"PaintDesktopVersion"=0
"Pattern"=0
"RightOverlapChars"=3
"SnapSizing"=1
"TileWallpaper"=0
"WallpaperOriginX"=0
"WallpaperOriginY"=0
"WallpaperStyle"=10
"WheelScrollChars"=3
"WheelScrollLines"=3
"WindowArrangementActive"=1
"UserPreferencesMask"=0x9E3E078012000000
"Wallpaper"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg [26/12/2011 12:57:51]
"WaitToKillAppTimeout"=200

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ExplorerStartupTraceRecorded"=1
"ShellState"=0x240000003028000000000000000000000000000001000000120000000000000022000000
"CleanShutdown"=0
"Browse For Folder Width"=318
"Browse For Folder Height"=288

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"Start_SearchFiles"=2
"ServerAdminUI"=0
"Hidden"=2
"ShowCompColor"=1
"HideFileExt"=1
"DontPrettyPath"=0
"ShowInfoTip"=1
"HideIcons"=0
"MapNetDrvBtn"=0
"WebView"=1
"Filter"=0
"SuperHidden"=0
"SeparateProcess"=0
"AutoCheckSelect"=0
"IconsOnly"=0
"ShowTypeOverlay"=1
"ListviewAlphaSelect"=1
"ListviewShadow"=1
"TaskbarAnimations"=1
"StartMenuInit"=4
"DisablePreviewDesktop"=1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableUIADesktopToggle"=0
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKLM\Software\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1
"NoComponents"=1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
"Text"=@shell32.dll,-30500
"Type"=radio
"CheckedValue"=1
"ValueName"=Hidden
"DefaultValue"=2
"HKeyRoot"=2147483649
"HelpID"=shell.hlp#51105

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer]
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}
"BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}
"IconUnderline"=2
"GlobalAssocChangedCounter"=22
"DoNotCleanTaskBar"=1
"MultipleInvokePromptMinimum"=10000

[HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0
"StartMenuFavorites"=1

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableInstallerDetection"=1
"EnableLUA"=1
"EnableSecureUIAPaths"=1
"EnableUIADesktopToggle"=0
"EnableVirtualization"=1
"PromptOnSecureDesktop"=1
"ValidateAdminCodeSignatures"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"scforceoption"=0
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"FilterAdministratorToken"=0

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\Explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Policies\ActiveDesktop]
"NoAddingComponents"=1
"NoComponents"=1

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel]
"{F02C1A0D-BE21-4350-88B0-7367FC96EF3C}"=1
"{20D04FE0-3AEA-1069-A2D8-08002B30309D}"=1
"{208D2C60-3AEA-1069-A2D7-08002B30309D}"=1
"{871C5380-42A0-1069-A2EA-08002B30309D}"=1
"{5399E694-6CE5-4D6C-8FCE-1D8870FDCBA0}"=1
"{59031a47-3f72-44a7-89c5-5595fe6b30ee}"=1
"{031E4825-7B94-4dc3-B131-E946B44C8DD5}"=1
"{B4FB3F98-C1EA-428d-A78A-D1F5659CBA93}"=1
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu]
"{871C5380-42A0-1069-A2EA-08002B30309D}.default"=0
"{9343812e-1c37-4a49-a12e-4b2d810d956b}"=1

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced\Folder\Hidden\SHOWALL]
"RegPath"=Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced
"Text"=@shell32.dll,-30500
"Type"=radio
"CheckedValue"=1
"ValueName"=Hidden
"DefaultValue"=2
"HKeyRoot"=2147483649
"HelpID"=shell.hlp#51105

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer]
"ListViewPopupControl"={8be9f5ea-e746-4e47-ad57-3fb191ca1eed}
"BrowserCFCreator"={57f8510b-a5e2-41da-a8f0-8a5ae85dfffd}
"GlobalFolderSettings"={EF8AD2D1-AE36-11D1-B2D2-006097DF8C11}
"LVPopupSearchControl"={fccf70c8-f4d7-4d8b-8c17-cd6715e37fff}
"FileOpenDialog"={DC1C5A9C-E88A-4dde-A5A1-60F82A20AEF7}
"IconUnderline"=2
"GlobalAssocChangedCounter"=92

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Advanced]
"TaskbarSizeMove"=0

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Associations]
"Application"=http://go.microsoft.com/fwlink/?LinkId=57426&Ext=%s

---------- | Winlogon

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ExcludeProfileDirs"=AppData\Local;AppData\LocalLow;$Recycle.Bin
"BuildNumber"=7601
"FirstLogon"=0
"ParseAutoexec"=1

[HKLM\Software\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"=1
"Shell"=explorer.exe
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}
"Userinit"=C:\Windows\system32\userinit.exe,
"VMApplet"=SystemPropertiesPerformance.exe /pagefile
"AutoRestartShell"=1
"Background"=0 0 0
"CachedLogonsCount"=10
"DebugServerCommand"=no
"ForceUnlockLogon"=0
"LegalNoticeCaption"=
"LegalNoticeText"=
"PasswordExpiryWarning"=5
"PowerdownAfterShutdown"=0
"ShutdownWithoutLogon"=0
"WinStationsDisabled"=0
"DisableCAD"=1
"scremoveoption"=0
"ShutdownFlags"=7
"AutoAdminLogon"=0
"DefaultUserName"=Mitch

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\Winlogon]
"ReportBootOk"=1
"Shell"=explorer.exe
"PreCreateKnownFolders"={A520A1A4-1780-4FF6-BD18-167343C5AF16}
"DefaultDomainName"=
"DefaultUserName"=
"Userinit"=userinit.exe,
"VMApplet"=SystemPropertiesPerformance.exe /pagefile

---------- | Associations

[HKLM\Software\Classes\.exe]
""=exefile
"Content Type"=application/x-msdownload

[HKLM\Software\Classes\exefile\Shell\Open\Command]
""="%1" %*
"IsolatedCommand"="%1" %*

[HKLM\Software\Classes\.com]
""=comfile

[HKLM\Software\Classes\comfile\Shell\Open\Command]
""="%1" %*

[HKLM\Software\Classes\.reg]
""=regfile

[HKLM\Software\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"

[HKLM\Software\Classes\.scr]
""=scrfile

[HKLM\Software\Classes\scrfile\Shell\Open\Command]
""="%1" /S

[HKLM\Software\Classes\.bat]
""=batfile

[HKLM\Software\Classes\batfile\Shell\Open\Command]
""="%1" %*

[HKLM\Software\Classes\.cmd]
""=cmdfile

[HKLM\Software\Classes\cmdfile\Shell\Open\Command]
""="%1" %*

[HKLM\Software\Classes\.pif]
""=piffile

[HKLM\Software\Classes\piffile\Shell\Open\Command]
""="%1" %*

[HKLM\Software\Classes\.inf]
""=inffile

[HKLM\Software\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1

[HKLM\Software\Classes\.url]
""=InternetShortcut

[HKLM\Software\Classes\.lnk]
""=lnkfile

[HKLM\Software\Classes\.hta]
"PerceivedType"=text
""=htafile
"Content Type"=application/hta

[HKLM\Software\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" %*

[HKLM\Software\Classes\InternetShortcut]
"NeverShowExt"=
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment
"EditFlags"=2
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment
"IsShortcut"=
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment

[HKLM\Software\Classes\Application.Manifest]
""=Application Manifest
"EditFlags"=65536
"BrowserFlags"=4096
"FriendlyTypeName"=@dfshim.dll,-200

[HKLM\Software\Classes\Application.Reference]
"NeverShowExt"=
""=Application Reference
"IsShortcut"=
"EditFlags"=131072
"FriendlyTypeName"=@dfshim.dll,-201

[HKLM\Software\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"=delta
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified
"ContentViewModeLayoutPatternForSearch"=alpha
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay
""=
"EditFlags"=0xD2030000
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size
"NoRecentDocs"=
"ThumbnailCutoff"=0
"TileInfo"=prop:System.Title;System.ItemTypeText

[HKLM\Software\WOW6432Node\Classes\.exe]
""=exefile
"Content Type"=application/x-msdownload

[HKLM\Software\WOW6432Node\Classes\exefile\Shell\Open\Command]
""="%1" %*
"IsolatedCommand"="%1" %*

[HKLM\Software\WOW6432Node\Classes\.com]
""=comfile

[HKLM\Software\WOW6432Node\Classes\comfile\Shell\Open\Command]
""="%1" %*

[HKLM\Software\WOW6432Node\Classes\.reg]
""=regfile

[HKLM\Software\WOW6432Node\Classes\regfile\Shell\Open\Command]
""=regedit.exe "%1"

[HKLM\Software\WOW6432Node\Classes\.scr]
""=scrfile

[HKLM\Software\WOW6432Node\Classes\scrfile\Shell\Open\Command]
""="%1" /S

[HKLM\Software\WOW6432Node\Classes\.bat]
""=batfile

[HKLM\Software\WOW6432Node\Classes\batfile\Shell\Open\Command]
""="%1" %*

[HKLM\Software\WOW6432Node\Classes\.cmd]
""=cmdfile

[HKLM\Software\WOW6432Node\Classes\cmdfile\Shell\Open\Command]
""="%1" %*

[HKLM\Software\WOW6432Node\Classes\.pif]
""=piffile

[HKLM\Software\WOW6432Node\Classes\piffile\Shell\Open\Command]
""="%1" %*

[HKLM\Software\WOW6432Node\Classes\.inf]
""=inffile

[HKLM\Software\WOW6432Node\Classes\inffile\Shell\Open\Command]
""=%SystemRoot%\system32\NOTEPAD.EXE %1

[HKLM\Software\WOW6432Node\Classes\.url]
""=InternetShortcut

[HKLM\Software\WOW6432Node\Classes\.lnk]
""=lnkfile

[HKLM\Software\WOW6432Node\Classes\.hta]
"PerceivedType"=text
""=htafile
"Content Type"=application/hta

[HKLM\Software\WOW6432Node\Classes\htafile\Shell\Open\Command]
""=C:\Windows\SysWOW64\mshta.exe "%1" %*

[HKLM\Software\WOW6432Node\Classes\InternetShortcut]
"NeverShowExt"=
"InfoTip"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment
"EditFlags"=2
"FullDetails"=prop:System.Link.TargetUrl;System.Rating;System.Link.Description;System.Link.Comment
"IsShortcut"=
"FriendlyTypeName"=@C:\Windows\System32\ieframe.dll,-10046
"PreviewDetails"=prop:System.Link.TargetUrl;System.Rating;System.History.VisitCount;System.History.DateChanged;System.Link.DateVisited;System.Link.Description;System.Link.Comment

[HKLM\Software\WOW6432Node\Classes\Application.Manifest]
""=Application Manifest
"EditFlags"=65536
"BrowserFlags"=4096
"FriendlyTypeName"=@dfshim.dll,-200

[HKLM\Software\WOW6432Node\Classes\Application.Reference]
"NeverShowExt"=
""=Application Reference
"IsShortcut"=
"EditFlags"=131072
"FriendlyTypeName"=@dfshim.dll,-201

[HKLM\Software\WOW6432Node\Classes\Folder]
"ContentViewModeLayoutPatternForBrowse"=delta
"ContentViewModeForBrowse"=prop:~System.ItemNameDisplay;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;~System.LayoutPattern.PlaceHolder;System.DateModified
"ContentViewModeLayoutPatternForSearch"=alpha
"ContentViewModeForSearch"=prop:~System.ItemNameDisplay;System.DateModified;~System.ItemFolderPathDisplay
""=
"EditFlags"=0xD2030000
"FullDetails"=prop:System.PropGroup.Description;System.ItemNameDisplay;System.ItemTypeText;System.Size
"NoRecentDocs"=
"ThumbnailCutoff"=0
"TileInfo"=prop:System.Title;System.ItemTypeText

[HKLM\Software\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[HKLM\Software\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files (x86)\Internet Explorer\iexplore.exe [12/07/2012 12:00:36]
[HKLM\Software\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command]
""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"
[HKLM\Software\Clients\StartMenuInternet\SafeZoneStable\InstallInfo]
"ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\Shell\open\Command]
""="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe"
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\Google Chrome\InstallInfo]
"ReinstallCommand"="C:\Program Files (x86)\Google\Chrome\Application\chrome.exe" --make-default-browser

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\Shell\open\Command]
""=C:\Program Files (x86)\Internet Explorer\iexplore.exe [12/07/2012 12:00:36]
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\IEXPLORE.EXE\InstallInfo]
"ReinstallCommand"="C:\Windows\System32\ie4uinit.exe" -reinstall

[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\Shell\open\Command]
""="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"
[HKLM\Software\WOW6432Node\Clients\StartMenuInternet\SafeZoneStable\InstallInfo]
"ReinstallCommand"="C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" --makedefaultbrowser

---------- | AppcompatFlags

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe"=2
"SIGN.MEDIA=1D75FBE setup.exe"=1
"SIGN.IE=0E2560 DivXInstaller.exe"=1
"C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe"=1
"C:\ProgramData\WebEx\WebEx\1124\atinst.exe"=1
"C:\Users\Mitch\Desktop\setup.exe"=1
"C:\Users\Mitch\Desktop\OpenOffice 4.1.1 (en-US) Installation Files\setup.exe"=1

[HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows NT\CurrentVersion\AppCompatFlags\Compatibility Assistant\Persisted]
"C:\Program Files\AVAST Software\SZBrowser\Launcher.exe"=32

---------- | IFEO

---------- | Mountpoints2

---------- | Windows

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"MouseSpeed"=#USR:Control Panel\Mouse
"MouseThreshold1"=#USR:Control Panel\Mouse
"MouseThreshold2"=#USR:Control Panel\Mouse
"SwapMouseButtons"=#USR:Control Panel\Mouse
"Beep"=#USR:Control Panel\Sound
"DoubleClickSpeed"=#USR:Control Panel\Mouse
"CoolSwitch"=USR:Control Panel\Desktop
"DoubleClickHeight"=#USR:Control Panel\Mouse
"DoubleClickWidth"=#USR:Control Panel\Mouse
"DragFullWindows"=USR:Control Panel\Desktop
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard
"LowPowerActive"=#USR:Control Panel\Desktop
"LowPowerTimeOut"=#USR:Control Panel\Desktop
"PowerOffActive"=#USR:Control Panel\Desktop
"PowerOffTimeOut"=#USR:Control Panel\Desktop
"ScreenSaveActive"=#USR:Control Panel\Desktop
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop
"SnapToDefaultButton"=#USR:Control Panel\Mouse
""=USR:Software\Microsoft\Windows NT\CurrentVersion\Windows
"Spooler"=#SYS:Microsoft\Windows NT\CurrentVersion\Windows
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot
"ScreenSaverActive"=USR:Control Panel\Desktop
"ScreenSaverIsSecure"=USR:Control Panel\Desktop
"SCRNSAVE.EXE"=USR:Control Panel\Desktop
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\win.ini\Windows]
"MouseSpeed"=#USR:Control Panel\Mouse
"MouseThreshold1"=#USR:Control Panel\Mouse
"MouseThreshold2"=#USR:Control Panel\Mouse
"SwapMouseButtons"=#USR:Control Panel\Mouse
"Beep"=#USR:Control Panel\Sound
"DoubleClickSpeed"=#USR:Control Panel\Mouse
"CoolSwitch"=USR:Control Panel\Desktop
"DoubleClickHeight"=#USR:Control Panel\Mouse
"DoubleClickWidth"=#USR:Control Panel\Mouse
"DragFullWindows"=USR:Control Panel\Desktop
"InitialKeyboardIndicators"=USR:Control Panel\Keyboard
"LowPowerActive"=#USR:Control Panel\Desktop
"LowPowerTimeOut"=#USR:Control Panel\Desktop
"PowerOffActive"=#USR:Control Panel\Desktop
"PowerOffTimeOut"=#USR:Control Panel\Desktop
"ScreenSaveActive"=#USR:Control Panel\Desktop
"ScreenSaveTimeOut"=#USR:Control Panel\Desktop
"SnapToDefaultButton"=#USR:Control Panel\Mouse
"TRANSMISSIONRETRYTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS
"DEFAULTSEPARATEVDM"=\\REGISTRY\\MACHINE\\SYSTEM\\CURRENTCONTROLSET\\CONTROL\\WOW
"APPINIT_DLLS"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS
"DEVICENOTSELECTEDTIMEOUT"=#SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS
"SWAPDISK"=SYS:MICROSOFT\\WINDOWS NT\\CURRENTVERSION\\WINDOWS

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\IniFileMapping\system.ini\Boot]
""=SYS:Microsoft\Windows NT\CurrentVersion\WOW\boot
"ScreenSaverActive"=USR:Control Panel\Desktop
"ScreenSaverIsSecure"=USR:Control Panel\Desktop
"SCRNSAVE.EXE"=USR:Control Panel\Desktop
"Shell"=SYS:Microsoft\Windows NT\CurrentVersion\Winlogon

[HKLM\SYSTEM\CurrentControlSet\Control\Session Manager\SubSystems]
"windows"=%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16

---------- | Security center

[HKLM\SOFTWARE\Microsoft\Security Center]
"cval"=1

[HKLM\SOFTWARE\Microsoft\Security Center\svc]
"VistaSp1"=128920218544262440
"AntiVirusOverride"=0
"AntiSpywareOverride"=0
"FirewallOverride"=0

[HKLM\SOFTWARE\Microsoft\Windows Defender]
"DisableAntiSpyware"=0
"DisableRoutinelyTakingAction"=0
"ProductStatus"=0
"InstallTime"=0xC13BA4F84A8FCC01

[HKLM\Software\WOW6432Node\Microsoft\Windows Defender]
"DisableAntiSpyware"=0
"DisableRoutinelyTakingAction"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall"=1

[HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"EnableFirewall"=1

---------- | Safeboot

[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87566282.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87566282.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AFD]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppInfo]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Base]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BFE]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Boot file system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\bowser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Browser]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CryptSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DcomLaunch]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\dfsc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dhcp]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\DnsCache]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Dot3Svc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Eaphost]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EFS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\EventLog]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\File system]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\HelpSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\IKEEXT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ipnat.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\KeyIso]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanServer]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LanmanWorkstation]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\LmHosts]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Messenger]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSDrv]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MPSSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb10]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mrxsmb20]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NativeWifiP]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NDIS Wrapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ndiscap]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Ndisuio]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBIOSGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetBT]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetDDEGroup]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Netlogon]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetMan]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\netprofm]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Network]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NetworkProvider]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NlaSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Nsi]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\nsiproxy.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\NTDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PCI Configuration]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PlugPlay]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP Filter]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PNP_TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\PolicyAgent]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Power]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Primary disk]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ProfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdbss]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdpencdd.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\rdsessmgr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcEptMapper]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\RpcSs]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sacsvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCardSvr]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SCSI Class]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\sermouse.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SharedAccess]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Streams Drivers]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SWPRV]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\System Bus Extender]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TabletInputService]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TBS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Tcpip]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TDI]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TrustedInstaller]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VaultSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\VDS]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vga.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vgasave.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vmms]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgr.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\volmgrx.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinDefend]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WinMgmt]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Wlansvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfPf]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfRd]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfSvc]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WudfUsbccidDriver]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{36FC9E60-C465-11CF-8056-444553540000}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E965-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E967-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E969-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96A-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E96F-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E972-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E973-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E974-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E975-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E977-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97B-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E97D-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{4D36E980-E325-11CE-BFC1-08002BE10318}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{50DD5230-BA8A-11D1-BF5D-0000F805F530}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{533C5B84-EC70-11D2-9505-00C04F79DEAF}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{71A27CDD-812A-11D0-BEC7-08002BE2092F}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}]

---------- | Winsock (Whitelist)

---------- | Hosts

#
#
#
#
#
127.0.0.1 localhost
::1 localhost

---------- | Ping
Ping request could not find host google.com. Please check the name and try again.

---------- | @

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Internet Explorer\Main]
"Disable Script Debugger"=yes
"Anchor Underline"=yes
"Cache_Update_Frequency"=Once_Per_Session
"Display Inline Images"=yes
"Do404Search"=0x01000000
"Local Page"=C:\windows\system32\blank.htm
"Save_Session_History_On_Exit"=no
"Show_FullURL"=no
"Show_StatusBar"=yes
"Show_ToolBar"=yes
"Show_URLinStatusBar"=yes
"Show_URLToolBar"=yes
"Use_DlgBox_Colors"=yes
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"XMLHTTP"=1
"NoUpdateCheck"=1
"DisableScriptDebuggerIE"=yes
"UseClearType"=no
"Enable Browser Extensions"=yes
"Play_Background_Sounds"=yes
"Play_Animations"=yes
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"DisableFirstRunCustomize"=1
"SearchDefaultBranded"=1
"CompatibilityFlags"=0
"FullScreen"=no
"Window_Placement"=0x2C0000000200000003000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFC8000000320000001D04000082020000
"IconCache"=o3f9fvg
"Use FormSuggest"=yes
"DownloadWindowPlacement"=0x2C0000000000000000000000FFFFFFFFFFFFFFFFFFFFFFFFFFFFFFFF3B01000055000000BB03000035020000
"Use Search Asst"=no
"SSLTLSTokens"=0x010000001C000000716E5438394C4763396545736E4A76566633617A6B6E746A4B76673D000000000000000000000000
"AllowWindowReuse"=0
"Isolation"=PMIL
"Start Page"=http://www.google.com

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"IE5_UA_Backup_Flag"=5.0
"User Agent"=Mozilla/4.0 (compatible; MSIE 8.0; Win32)
"EmailName"=User@
"PrivDiscUiShown"=1
"EnableHttp1_1"=1
"WarnOnIntranet"=1
"MimeExclusionListForCache"=multipart/mixed multipart/x-mixed-replace multipart/x-byteranges
"AutoConfigProxy"=wininet.dll
"UseSchannelDirectly"=0x01000000
"WarnOnPost"=0x01000000
"UrlEncoding"=0
"SecureProtocols"=160
"PrivacyAdvanced"=0
"ZonesSecurityUpgrade"=0xC27F1CA508C4CC01
"DisableCachingOfSSLPages"=0
"WarnonZoneCrossing"=0
"CertificateRevocation"=1
"EnableNegotiate"=1
"MigrateProxy"=1
"ProxyEnable"=0
"ReceiveTimeout"=10000
"GlobalUserOffline"=0

[HKLM\Software\Microsoft\Internet Explorer\Main]
"AutoHide"=yes
"Security Risk Page"=about:SecurityRisk
"Extensions Off Page"=about:NoAdd-ons
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Default_Secondary_Page_URL"=
"Use_Async_DNS"=yes
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157
"Local Page"=C:\Windows\System32\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"Check_Associations"=yes
"TabProcGrowth"=Medium
"Print_Background"=0
"AlwaysShowMenus"=0
"StatusBarWeb"=1

[HKLM\Software\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"Home"=270
"PostNotCached"=res://ieframe.dll/repost.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"OfflineInformation"=res://ieframe.dll/offcancl.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"mosaic"=http://
"www"=http://
"home"=http://
"ftp"=ftp://
"gopher"=gopher://

[HKLM\Software\Microsoft\Windows\CurrentVersion\Internet settings]
"EnablePunycode"=1
"CodeBaseSearchPath"=CODEBASE
"WarnOnIntranet"=1
"MinorVersion"=0
"ActiveXCache"=C:\Windows\Downloaded Program Files

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\Main]
"AutoHide"=yes
"Security Risk Page"=about:SecurityRisk
"Extensions Off Page"=about:NoAdd-ons
"Default_Search_URL"=http://go.microsoft.com/fwlink/?LinkId=54896
"Default_Page_URL"=http://go.microsoft.com/fwlink/?LinkId=69157
"Anchor_Visitation_Horizon"=0x01000000
"Cache_Percent_of_Disk"=0x0A000000
"Placeholder_Width"=0x1A000000
"Placeholder_Height"=0x1A000000
"Default_Secondary_Page_URL"=
"Use_Async_DNS"=yes
"Start Page"=http://go.microsoft.com/fwlink/?LinkId=69157
"Local Page"=C:\Windows\SysWOW64\blank.htm
"Search Page"=http://go.microsoft.com/fwlink/?LinkId=54896
"Delete_Temp_Files_On_Exit"=yes
"Enable_Disk_Cache"=yes
"TabProcGrowth"=Medium
"Print_Background"=0
"AlwaysShowMenus"=0
"StatusBarWeb"=1
"Enable Browser Extensions"=yes
"Use Search Asst"=no

[HKLM\Software\WOW6432Node\Microsoft\Internet Explorer\AboutURLs]
"blank"=res://mshtml.dll/blank.htm
"NoAdd-onsInfo"=res://ieframe.dll/noaddoninfo.htm
"InPrivate"=res://ieframe.dll/inprivate.htm
"NavigationFailure"=res://ieframe.dll/navcancl.htm
"NoAdd-ons"=res://ieframe.dll/noaddon.htm
"Home"=270
"PostNotCached"=res://ieframe.dll/repost.htm
"DesktopItemNavigationFailure"=res://ieframe.dll/navcancl.htm
"NavigationCanceled"=res://ieframe.dll/navcancl.htm
"OfflineInformation"=res://ieframe.dll/offcancl.htm
"SecurityRisk"=res://ieframe.dll/securityatrisk.htm

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\DefaultPrefix]
""=http://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\URL\Prefixes]
"mosaic"=http://
"www"=http://
"home"=http://
"ftp"=ftp://

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Internet settings]
"EnablePunycode"=1
"CodeBaseSearchPath"=CODEBASE
"WarnOnIntranet"=1
"MinorVersion"=0
"ActiveXCache"=C:\Windows\Downloaded Program Files

---------- | reparsepoint

---------- | Detection of offsets

---------- | Notify

---------- | Execution FileExts

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.avi]
"DivX.AAR.backup"=Windows Media Player
"Progid"=divx_avi_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.div]
"Progid"=divx_div_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.divx]
"Progid"=divx_divx_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.mkv]
"Progid"=divx_mkv_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.qt]
"Progid"=divx_qt_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.tix]
"Progid"=divx_tix_file
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\FileExts\.vob]
"Progid"=divx_vob_file

---------- | SIOI | SEH | URLSH

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avast] - {472083B0-C522-11CF-8763-00608CC02F24} -- C:\Program Files\AVAST Software\Avast\ashShA64.dll [19/07/2016 18:28:45]
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll
[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\EnhancedStorageShell] - {D9144DCD-E998-4ECA-AB6A-DCD83CCBA16D} -- %SystemRoot%\system32\EhStorShell.dll
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\SharingPrivate] - {08244EE6-92F0-47f2-9FC9-929BAA2E7235} -- %SystemRoot%\system32\ntshrui.dll

---------- | Toolbar

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=0

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\Toolbar\WebBrowser]
"ITBar7Layout"=0x13000000000000000000000030000000100006003A00000001000000800600005E010000080000008100000000000000070000008100000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000006458B9555132E945BB301A82589AAFF173BF90CDF620EF44993DBB920303BD2E000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000000
"ITBar7Height"=0

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"Version"=1
"KnownProvidersUpgradeTime"=0x778451D408C4CC01
"DownloadRetries"=0
"ShowSearchSuggestionsInAddressGlobal"=1

[HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"Locked"=0

[HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Toolbar]
"Locked"=0

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"={0633EE93-D776-472f-A0FF-E1416B8B2E3A}

---------- | Extensions

[HKLM\SOFTWARE\WOW6432Node\Microsoft\Internet Explorer\Extensions\{219C3416-8CB2-491a-A3C7-D9FCDDC9D600}] : (@C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003) - []

---------- | SearchScopes

---------- | Browser Helper Objects

---------- | Chrome

C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo = : Google & co - http://www.youtube.com - http://www.youtube.com/ - Google & co - http://clients2.google.com/service/update2/crx
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\coobgpohoikkiipiblmjeljniedjpjpf = : Google & co - http://www.google.com/webhp?source=search_app - Google & co - [*://www.google.com/search*://www.google.com/webhp*://www.google.com/imgres] - http://clients2.google.com/service/update2/crx
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\ekdjfcdinekpfcedakhpngcnaamhiihn = : Bflix browser extension - TheBflix
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\nneajnkjbffgblleaoojgaacokifdkhm = : __MSG_extdesc__ - __MSG_extname__
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\pjkljhegncpnkpknbcohdijeoejaedia = : Google & co - https://mail.google.com/mail/ca - Google & co - [*://mail.google.com/mail/ca] - http://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\cfhdojbkjhnklbpkdaibdccddilifddb = : __MSG_description__ - short_name: __MSG_name__ - https://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\gomekmidlodglbbmalcneegieacbdmki = : Avast Browser Security and Web Reputation Plugin. - Avast Online Security - matches:[\u003Call_urls>] - https://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj = : The free Chrome companion to OpenOffice - short_name: OpenOffice for Chrome - https://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\nmmhkkegccagdldgiimedpiccmgmieda = : Google & co - Google & co - 203784468217.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\nneajnkjbffgblleaoojgaacokifdkhm = : __MSG_extdesc__ - __MSG_extname__
C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm = : Provider for discovery and services for mirroring of Chrome Media Router - Chrome Media Router - 919648714761-55j965o0km033psv3i9qls5mo3qtdrb0.apps.googleusercontent.com - https://clients2.google.com/service/update2/crx

[HKLM\Software\WOW6432Node\Google\Chrome\Extensions\nneajnkjbffgblleaoojgaacokifdkhm]

---------- | Opera

---------- | Firefox

[HKLM\Software\WOW6432Node\mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"=C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5
[HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 18.0.0.232 Plugin) : C:\windows\system32\Macromed\Flash\NPSWF64_18_0_0_232.dll
[HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@adobe.com/FlashPlayer] - (Adobe® Flash® Player 18.0.0.232 Plugin) : C:\windows\SysWOW64\Macromed\Flash\NPSWF32_18_0_0_232.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0] - (DivX Plus Web Player) : C:\Program Files (x86)\DivX\DivX Plus Web Player\npdivx32.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0] - (DivX VOD Helper Plug-in) : C:\Program Files (x86)\DivX\DivX OVS Helper\npovshelper.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@java.com/JavaPlugin] - (Oracle® Next Generation Java™ Plug-In) : C:\Program Files (x86)\Java\jre6\bin\new_plugin\npjp2.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0] - (Ag Player Plugin) : c:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/SharePoint,version=14.0] - (Microsoft SharePoint Plug-in for Firefox) : C:\PROGRA~2\MICROS~3\Office14\NPSPWRAP.DLL
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513] - (WLPG Install MIME type) : C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=3] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@tools.google.com/Google Update;version=9] - (Google Update) : C:\Program Files (x86)\Google\Update\1.3.33.3\npGoogleUpdate3.dll
[HKLM\Software\WOW6432Node\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0] - (WildTangent Games App Presence Detector Plugin) : C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll

---------- | DNS

---------- | Applications

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Classes\Applications\FreeTorrentViewer.exe] : "C:\Program Files (x86)\FreeTorrentViewer\FreeTorrentViewer.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\iexplore.exe] : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
[HKLM\SOFTWARE\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1"
[HKLM\SOFTWARE\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\ehshell.exe] : "C:\Windows\eHome\ehshell.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\iexplore.exe] : "C:\Program Files (x86)\Internet Explorer\iexplore.exe" %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\MovieMaker.exe] : "C:\Program Files (x86)\Windows Live\Photo Gallery\MovieMaker.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\notepad.exe] : %SystemRoot%\system32\NOTEPAD.EXE %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\photoviewer.dll] : %SystemRoot%\System32\rundll32.exe "%ProgramFiles%\Windows Photo Viewer\PhotoViewer.dll", ImageView_Fullscreen %1
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\SZBrowser.exe] : "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\WLXPhotoViewer.dll] : "C:\Program Files (x86)\Windows Live\Photo Gallery\WLXPhotoGallery.exe" /LaunchPhotoViewer /v "%1"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wmplayer.exe] : "%ProgramFiles(x86)%\Windows Media Player\wmplayer.exe" /Open "%L"
[HKLM\SOFTWARE\WOW6432Node\Classes\Applications\wordpad.exe] : "%ProgramFiles%\Windows NT\Accessories\WORDPAD.EXE" "%1"

---------- | SvcHost (Whitelist)

[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost]
"regsvc"=RemoteRegistry
"DcomLaunch"=Power
PlugPlay
DcomLaunch
"secsvcs"=WinDefend
"bthsvcs"=bthserv

[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost]
"DcomLaunch"=Power
PlugPlay
DcomLaunch

---------- | SvcHost - Netsvcs (Whitelist)

Term - :

---------- | Software

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\9-lab]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Adobe]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\AI_RecycleBin]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\AppDataLow]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\AVAST Software]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Blehjoqlir]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Caphyon]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Clients]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\DivX]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\DivXNetworks]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\g3n-h@ckm@n]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\GNU]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Google]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Intel]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\JavaSoft]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\KineticJump]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Macromedia]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\MCAFEE]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Mixi.DJ]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\MozillaPlugins]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\ORL]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Piriform]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Policies]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\QtProject]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\SimonTatham]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Stronghold Online Backup]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Strongvault]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Synaptics]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Sysinternals]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Tific]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\TightVNC]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Toshiba]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Trolltech]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\VB and VBA Program Settings]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Veoh]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\WebEx]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Wow6432Node]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\ZebHelpProcess Helper]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Zemana]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\ZHP]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\AppDataLow\Software\DivX]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\AppDataLow\Software\Microsoft]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\AppDataLow\Software\Yahoo]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\DWM]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\Shell]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\TabletPC]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\Windows Error Reporting]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\ATI Technologies]
[HKLM\Software\CBSTEST]
[HKLM\Software\Clients]
[HKLM\Software\Cnxt_Uiu_Parms]
[HKLM\Software\Conexant]
[HKLM\Software\CXT]
[HKLM\Software\Cyberlink]
[HKLM\Software\DivX]
[HKLM\Software\ESET]
[HKLM\Software\g3n-h@ckm@n]
[HKLM\Software\InstalledOptions]
[HKLM\Software\Intel]
[HKLM\Software\IntelVolatile]
[HKLM\Software\JL2005D]
[HKLM\Software\JL2005D_5]
[HKLM\Software\JL2005D_7]
[HKLM\Software\Macromedia]
[HKLM\Software\Microsoft]
[HKLM\Software\MozillaPlugins]
[HKLM\Software\ODBC]
[HKLM\Software\Piriform]
[HKLM\Software\Policies]
[HKLM\Software\Realtek]
[HKLM\Software\Realtek Semiconductor Corp.]
[HKLM\Software\RegisteredApplications]
[HKLM\Software\REGSERVO]
[HKLM\Software\SOFTWARE]
[HKLM\Software\Sonic]
[HKLM\Software\Synaptics]
[HKLM\Software\sysinternals]
[HKLM\Software\Toshiba]
[HKLM\Software\TOSHIBA Corporation]
[HKLM\Software\UIU]
[HKLM\Software\Waves Audio]
[HKLM\Software\Wow6432Node]
[HKLM\Software\Zemana]
[HKLM\Software\ZmnGlobalSDK]
[HKLM\Software\Microsoft\Windows\CurrentVersion]
[HKLM\Software\Microsoft\Windows\HTML Help]
[HKLM\Software\Microsoft\Windows\ITStorage]
[HKLM\Software\Microsoft\Windows\ScheduledDiagnostics]
[HKLM\Software\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\Microsoft\Windows\Tablet PC]
[HKLM\Software\Microsoft\Windows\TabletPC]
[HKLM\Software\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\Microsoft\Windows\Windows Search]
[HKLM\Software\Microsoft\Windows NT\CurrentVersion]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\AxInstSVGroup]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\defragsvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\SDRSVC]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\swprv]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]
[HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SvcHost\wercplsupport]
[HKLM\Software\WOW6432Node\Adobe]
[HKLM\Software\WOW6432Node\AdobeFlashPlayerUpdate]
[HKLM\Software\WOW6432Node\Atheros Communications Inc.]
[HKLM\Software\WOW6432Node\AVAST Software]
[HKLM\Software\WOW6432Node\DivX]
[HKLM\Software\WOW6432Node\DivXNetworks]
[HKLM\Software\WOW6432Node\Eset]
[HKLM\Software\WOW6432Node\Giraffic]
[HKLM\Software\WOW6432Node\GNU]
[HKLM\Software\WOW6432Node\Google]
[HKLM\Software\WOW6432Node\HaaliMkx]
[HKLM\Software\WOW6432Node\Hyperlync]
[HKLM\Software\WOW6432Node\InstallShield]
[HKLM\Software\WOW6432Node\Intel]
[HKLM\Software\WOW6432Node\JavaSoft]
[HKLM\Software\WOW6432Node\JL2005D]
[HKLM\Software\WOW6432Node\JL2005D_5]
[HKLM\Software\WOW6432Node\JL2005D_7]
[HKLM\Software\WOW6432Node\JL6_DECODE]
[HKLM\Software\WOW6432Node\Licenses]
[HKLM\Software\WOW6432Node\Macromedia]
[HKLM\Software\WOW6432Node\Malwarebytes' Anti-Malware]
[HKLM\Software\WOW6432Node\Microsoft]
[HKLM\Software\WOW6432Node\MimarSinan]
[HKLM\Software\WOW6432Node\Mozilla]
[HKLM\Software\WOW6432Node\MozillaPlugins]
[HKLM\Software\WOW6432Node\Norton]
[HKLM\Software\WOW6432Node\Norton PC Checkup]
[HKLM\Software\WOW6432Node\NPCCU]
[HKLM\Software\WOW6432Node\ODBC]
[HKLM\Software\WOW6432Node\PCTools]
[HKLM\Software\WOW6432Node\Piriform]
[HKLM\Software\WOW6432Node\REALTEK Semiconductor Corp.]
[HKLM\Software\WOW6432Node\SOS]
[HKLM\Software\WOW6432Node\Symantec]
[HKLM\Software\WOW6432Node\Tific]
[HKLM\Software\WOW6432Node\TightVNC]
[HKLM\Software\WOW6432Node\TOSHIBA]
[HKLM\Software\WOW6432Node\TOSHIBA CORPORATION]
[HKLM\Software\WOW6432Node\Ulead Systems]
[HKLM\Software\WOW6432Node\WildTangent]
[HKLM\Software\WOW6432Node\Clients]
[HKLM\Software\WOW6432Node\Policies]
[HKLM\Software\WOW6432Node\RegisteredApplications]
[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows\HTML Help]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ITStorage]
[HKLM\Software\WOW6432Node\Microsoft\Windows\ScriptedDiagnosticsProvider]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Error Reporting]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Windows Search]
[HKLM\Software\WOW6432Node\Microsoft\Windows\Tablet PC]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceAndNoImpersonation]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalServiceNoNetwork]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\LocalSystemNetworkRestricted]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\netsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkService]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopHyperVAgent]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\NetworkServiceRemoteDesktopPublishing]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\termsvcs]
[HKLM\Software\WOW6432Node\Microsoft\Windows NT\CurrentVersion\SvcHost\wcssvc]

---------- | Drives

E:

[18/04/2017 16:25:08] - |N| - (.© 2005-2017 Blizzard Entertainment Inc. - StarCraft Launcher.) - [3205616] - (1.0.0.2716) - E:\StarCraft-Setup.exe
[19/04/2017 11:00:56] - |N| - (.Copyright (C) 2013-2017 SosVirus Software - QuickDiag.) - [2776488] - (2.4.17.1) - E:\quickdiag_3_02.04.17.1.exe
[19/04/2017 11:00:59] - |N| - (.-.) - [26286152] - (12.10.5.0) - E:\RogueKillerX64.exe
[15/04/2017 19:57:22] - |N| - (.Malwarebytes - AdwCleaner is a free Adware/PUP removal tool..) - [4089296] - (6.0.4.5) - E:\AdwCleaner.exe
[15/04/2017 19:57:24] - |N| - (.sUBs - ComboFix NSIS Installer.) - [5659546] - (17.4.5.1) - E:\ComboFix.exe
[15/04/2017 19:57:29] - |N| - (.Â©1999-2015 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [1766912] - (15.3.2017.0) - E:\FRST.exe
[15/04/2017 19:57:31] - |N| - (.Â©1999-2015 Jonathan Bennett & AutoIt Team - Farbar Recovery Scan Tool.) - [2424832] - (15.3.2017.0) - E:\FRST64.exe
[15/04/2017 19:57:35] - |N| - (.- Junkware Removal Tool.) - [1663672] - (8.1.3.0) - E:\JRT.exe
[15/04/2017 19:57:36] - |N| - (.© BleepingComputer.com. - Terminates malware processes so that you can run your normal security programs..) - [2030536] - (2.8.4.0) - E:\rkill.exe
[15/04/2017 19:57:36] - |N| - (.© 1997-2017 AO Kaspersky Lab. - TDSS rootkit removing tool.) - [4922400] - (3.1.0.15) - E:\tdsskiller.exe
[15/04/2017 19:57:37] - |N| - (.Nicolas Coolman - ZHPCleane.) - [2760704] - (2017.4.12.64) - E:\ZHPCleaner.exe
[15/04/2017 19:57:39] - |N| - (.Nicolas Coolman - ZHPDiag.) - [2717696] - (2017.4.11.63) - E:\ZHPDiag3.exe
[15/04/2017 19:59:26] - |N| - (.Copyright (c) 2010 AVAST Software. - avast! Antirootkit.) - [5198336] - (1.0.1.2252) - E:\aswMBR.exe
[15/04/2017 19:59:50] - |N| - (.Copyright (C) 2002-2017 Mark Russinovich - Autostart program viewer.) - [716456] - (13.70.0.0) - E:\Autoruns.exe
[15/04/2017 19:59:50] - |N| - (.Copyright (C) 2002-2017 Mark Russinovich - Autostart program viewer.) - [844464] - (13.70.0.0) - E:\Autoruns64.exe
[15/04/2017 19:59:50] - |N| - (.Copyright (C) 2002-2017 Mark Russinovich - Autostart program viewer.) - [629928] - (13.70.0.0) - E:\autorunsc.exe
[15/04/2017 19:59:50] - |N| - (.Copyright (C) 2002-2017 Mark Russinovich - Autostart program viewer.) - [743088] - (13.70.0.0) - E:\autorunsc64.exe
[16/04/2017 12:41:27] - |N| - (.© Copyright 2017 - Advanced Malware Protection .) - [5774688] - (2.72.0.388) - E:\Zemana.AntiMalware.Setup.exe
[16/04/2017 12:41:31] - |N| - (.Copyright © 2015 - Destroy Windows 10 Spying Rollup Edition.) - [294400] - (1.6.722.0) - E:\DWS_Lite.exe
[16/04/2017 12:41:33] - |N| - (.2005-2017 COMODO. - COMODO Internet Security.) - [5363680] - (10.0.1.6209) - E:\cfw_installer.exe
[16/04/2017 12:41:35] - |N| - (.Copyright (c) 2014 AVAST Software - Avast Antivirus Installer.) - [298459488] - (17.4.3450.0) - E:\avast_free_antivirus_setup_offline.exe

F:

[12/02/2007 18:33:37] - |R| - (.-.) - [1110016] - (1.4.0.7) - F:\LaunchU3.exe
[12/02/2007 12:53:42] - |R| - (.-.) - [277] - (0.0.0.0) - F:\autorun.inf

---------- | C:

[09/09/2015 09:03:18] - |SHD| - [129] - C:\$RECYCLE.BIN
[08/09/2015 10:26:24] - |D| - [6280261] - C:\AdwCleaner
[01/08/2011 16:33:07] - |SHD| - [14594356] - C:\Boot
[MD5.259525CFB422E6AC8E87BC9777B1DF73] - [01/08/2011 16:33:08] - |RASH| - (.-.) - [383786] - (0.0.0.0) - C:\bootmgr
[MD5.25D84C10EB6F8103365CEBA15E4FC10C] - [01/08/2011 16:33:10] - |RASH| - (.-.) - [8192] - (0.0.0.0) - C:\BOOTSECT.BAK
[05/03/2012 17:06:38] - |D| - [7376] - C:\codec-info
[12/02/2014 17:33:25] - |D| - [0] - C:\components
[13/07/2009 22:08:56] - |SHD| - [0] - C:\Documents and Settings
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1028.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1031.txt
[MD5.99C22D4A31F4EAD4351B71D6F4E5F6A1] - [07/11/2007 09:00:40] - |A| - (.-.) - [10134] - (0.0.0.0) - C:\eula.1033.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1036.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1040.txt
[MD5.9B15A3A055CC6E67EA191A1B7885649A] - [07/11/2007 09:00:40] - |A| - (.-.) - [118] - (0.0.0.0) - C:\eula.1041.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.1042.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.2052.txt
[MD5.9147A93F43D8E58218EBCB15FDA888C9] - [07/11/2007 09:00:40] - |A| - (.-.) - [17734] - (0.0.0.0) - C:\eula.3082.txt
[MD5.EDE06CD4D95178D6A2DEF6B60BD267F4] - [08/09/2015 19:06:15] - |A| - (.-.) - [42] - (0.0.0.0) - C:\folders.log
[08/09/2015 12:07:03] - |D| - [172037122] - C:\FRST
[MD5.E7832D67AD190A920970CB5ADFC6D5D1] - [06/07/2015 00:59:04] - |A| - (.-.) - [383] - (0.0.0.0) - C:\ftconfig.ini
[MD5.0A6B586FABD072BD7382B5E24194EAC7] - [07/11/2007 09:00:40] - |A| - (.-.) - [1110] - (0.0.0.0) - C:\globdata.ini
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/10/2011 10:01:22] - |ASH| - (.-.) - [3180220416] - (0.0.0.0) - C:\hiberfil.sys
[MD5.520A6D1CBCC9CF642C625FE814C93C58] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. - External Installer.) - [562688] - (9.0.21022.8) - C:\install.exe
[MD5.0DA9AB4977F3E7BA8C65734DF42FDAB6] - [07/11/2007 09:00:40] - |A| - (.-.) - [843] - (0.0.0.0) - C:\install.ini
[MD5.4151A4D07640863783F837E588235837] - [07/11/2007 09:03:18] - |A| - (.(C) Microsoft Corporation. - UI Wrapper Resource DLL.) - [76304] - (9.0.21022.8) - C:\install.res.1028.dll
[MD5.3B8A82E04238655EAEF97E074FB29911] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. Alle Rechte vorbehalten. - Ressourcen-DLL für UI-Wrapper.) - [96272] - (9.0.21022.8) - C:\install.res.1031.dll
[MD5.9EDEB8B1C5C0A4CD3A3016B85108127D] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. - UI Wrapper Resource DLL.) - [91152] - (9.0.21022.8) - C:\install.res.1033.dll
[MD5.5B6FF470CFA7087690E61F87E81EF78A] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. Tous droits réservés. - UI Wrapper Resource DLL.) - [97296] - (9.0.21022.8) - C:\install.res.1036.dll
[MD5.6310AB8FC9E3DBEE80592FC453A34FEE] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. Tutti i diritti riservati. - DLL di risorse del wrapper dell'interfaccia utente.) - [95248] - (9.0.21022.8) - C:\install.res.1040.dll
[MD5.13ED4517152203DE4BC52ACC0255D952] - [07/11/2007 09:03:18] - |A| - (.(C) Copyright Microsoft Corporation. - UI Wrapper Resource DLL.) - [81424] - (9.0.21022.8) - C:\install.res.1041.dll
[MD5.0D4FB4095EA49C1EC89B9E8DB0B936A3] - [07/11/2007 09:03:18] - |A| - (.(C) Microsoft Corporation. - UI 래퍼 리소스 DLL.) - [79888] - (9.0.21022.8) - C:\install.res.1042.dll
[MD5.D7366B34E8AFB605C39EF56E2201FE85] - [07/11/2007 09:03:18] - |A| - (.(C) Microsoft Corporation。保留所有权利。 - 用户界面包装资源 DLL.) - [75792] - (9.0.21022.8) - C:\install.res.2052.dll
[MD5.41BB37A347121F3E5E88D85100638B79] - [07/11/2007 09:03:18] - |A| - (.© Microsoft Corporation. Reservados todos los derechos. - Archivo DLL de recursos del contenedor de la interfaz de usuario.) - [96272] - (9.0.21022.8) - C:\install.res.3082.dll
[20/10/2011 10:08:24] - |D| - [0] - C:\Intel
[26/12/2011 13:29:10] - |RHD| - [51376] - C:\MSOCache
[MD5.D41D8CD98F00B204E9800998ECF8427E] - [20/10/2011 10:01:22] - |ASH| - (.-.) - [4240293888] - (0.0.0.0) - C:\pagefile.sys
[13/07/2009 20:20:08] - |RD| - [3620391207] - C:\Program Files
[13/07/2009 20:20:08] - |RD| - [2821275980] - C:\Program Files (x86)
[13/07/2009 20:20:08] - |HD| - [5932317728] - C:\ProgramData
[19/04/2017 16:49:02] - |D| - [262056] - C:\QuickDiag
[MD5.175ACC4E1CE86A21323F958ACADC63EA] - [19/04/2017 16:49:23] - |A| - (.-.) - [109335] - (0.0.0.0) - C:\QuickDiag.txt
[MD5.DE48895209CD1788ED6A868E36810AE1] - [08/09/2015 18:56:30] - |A| - (.-.) - [3010] - (0.0.0.0) - C:\runcheck.txt
[MD5.F35AAA221EB79BB2F220BCBB354A95A0] - [16/02/2012 08:37:48] - |A| - (.-.) - [510] - (0.0.0.0) - C:\settings.ini
[07/08/2011 05:12:28] - |SHD| - [0] - C:\System Volume Information
[MD5.B0C34B7D3814F5960D5F287F1B6F99B2] - [15/04/2017 20:27:08] - |A| - (.-.) - [5156] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_15.04.2017_20.27.08_log.txt
[MD5.EE15621FF5868EEF8F5996241E0999CD] - [15/04/2017 20:29:05] - |A| - (.-.) - [662380] - (0.0.0.0) - C:\TDSSKiller.3.1.0.12_15.04.2017_20.29.05_log.txt
[13/07/2009 20:20:08] - |RD| - [12703902262] - C:\Users
[MD5.06FBA95313F26E300917C6CEA4480890] - [07/11/2007 09:00:40] - |A| - (.-.) - [5686] - (0.0.0.0) - C:\vcredist.bmp
[MD5.E10F2F6E6379E9185F71AEC1421F37B4] - [07/11/2007 09:09:22] - |A| - (.-.) - [1442522] - (0.0.0.0) - C:\VC_RED.cab
[MD5.E0951D3CB1038EB2D2B2B2F336E1AB32] - [07/11/2007 09:12:28] - |A| - (.-.) - [232960] - (0.0.0.0) - C:\VC_RED.MSI
[13/07/2009 20:20:08] - |AD| - [17821766236] - C:\Windows
[09/09/2015 08:23:11] - |D| - [129] - C:\zoek
[MD5.5D100859987E944A435D0FDE6470B9E0] - [08/09/2015 18:57:33] - |A| - (.-.) - [13972] - (0.0.0.0) - C:\zoek-results.log
[MD5.E2F9C6FEE8C7452E5C73A4451B06B93B] - [09/09/2015 08:14:02] - |A| - (.-.) - [14334] - (0.0.0.0) - C:\zoek-results2015-09-09-020615.log
[08/09/2015 18:56:12] - |D| - [0] - C:\zoek_backup

---------- | C:\windows

[13/07/2009 22:32:38] - |D| - [802] - C:\windows\addins
[13/07/2009 20:20:08] - |D| - [5866392] - C:\windows\AppCompat
[13/07/2009 20:20:08] - |D| - [10986720] - C:\windows\AppPatch
[13/07/2009 20:20:08] - |RSD| - [1354042456] - C:\windows\assembly
[MD5.7EFB1577EFBD72521E670188AA546C7D] - [19/07/2016 18:28:32] - |A| - (.Copyright (c) 2014 AVAST Software - avast! Screen Saver stub.) - [53208] - (12.1.3076.0) - C:\windows\avastSS.scr
[MD5.317CD1CE327B6520BF4EE007BCD39E61] - [20/11/2010 20:24:22] - |A| - (.© Microsoft Corporation. - Boot File Servicing Utility.) - [71168] - (6.1.7601.17514) - C:\windows\bfsvc.exe
[MD5.7FDE6771C64AC3B14FEE4997509D1735] - [01/08/2011 00:09:54] - |A| - (.-.) - [2359350] - (0.0.0.0) - C:\windows\Bluestream.bmp
[13/07/2009 20:20:09] - |D| - [29000590] - C:\windows\Boot
[MD5.5F37037B4BE454274C2ABD7F83D4D1AB] - [13/07/2009 22:38:36] - |AS| - (.-.) - [67584] - (0.0.0.0) - C:\windows\bootstat.dat
[13/07/2009 20:20:09] - |D| - [2418176] - C:\windows\Branding
[MD5.127F716BBD6C46421F08173D9BBD4724] - [01/08/2011 00:55:40] - |A| - (.-.) - [10] - (0.0.0.0) - C:\windows\csup.txt
[13/07/2009 20:20:09] - |D| - [2113488] - C:\windows\Cursors
[13/07/2009 21:45:54] - |D| - [14831063] - C:\windows\debug
[13/07/2009 22:32:38] - |D| - [3003724] - C:\windows\diagnostics
[13/07/2009 22:37:46] - |D| - [0] - C:\windows\DigitalLocker
[13/07/2009 22:32:38] - |D| - [65] - C:\windows\Downloaded Program Files
[21/11/2010 00:16:47] - |D| - [117959129] - C:\windows\ehome
[01/08/2011 00:36:57] - |D| - [106864] - C:\windows\en
[13/07/2009 22:37:46] - |D| - [110080] - C:\windows\en-US
[MD5.2A66E81AE941E54A237490FC35D387C8] - [26/01/2012 14:55:20] - |A| - (.-.) - [1945] - (0.0.0.0) - C:\windows\epplauncher.mif
[MD5.332FEAB1435662FC6C672E25BEB37BE3] - [01/08/2011 00:22:16] - |A| - (.© Microsoft Corporation. - Windows Explorer.) - [2871808] - (6.1.7601.17567) - C:\windows\explorer.exe
[13/07/2009 20:20:09] - |RSD| - [354514815] - C:\windows\Fonts
[MD5.92BB2E9AA28542C685C59EFCBAC2490B] - [13/07/2009 16:22:13] - |A| - (.© Microsoft Corporation. - BitLocker Drive Encryption Servicing Utility.) - [15360] - (6.1.7600.16385) - C:\windows\fveupdate.exe
[13/07/2009 20:20:09] - |D| - [30247011] - C:\windows\Globalization
[13/07/2009 20:20:09] - |D| - [29929539] - C:\windows\Help
[MD5.CD47548A52B02D254BF6D7F7A5F2BFD3] - [13/07/2009 17:29:53] - |A| - (.© Microsoft Corporation. - Microsoft Help and Support.) - [733696] - (6.1.7600.16385) - C:\windows\HelpPane.exe
[MD5.3D0B9EA79BF1F828324447D84AA9DCE2] - [13/07/2009 17:29:03] - |A| - (.© Microsoft Corporation. - Microsoft® HTML Help Executable.) - [16896] - (6.1.7600.16385) - C:\windows\hh.exe
[MD5.1AEB4967A760D6EC21A3270F1B004AC1] - [21/11/2010 00:17:39] - |A| - (.-.) - [48265] - (0.0.0.0) - C:\windows\HomePremium.xml
[13/07/2009 20:20:09] - |D| - [143546732] - C:\windows\IME
[13/07/2009 20:20:10] - |D| - [75787446] - C:\windows\inf
[01/08/2011 00:10:06] - |SHD| - [1471684921] - C:\windows\Installer
[13/07/2009 20:20:10] - |D| - [48371] - C:\windows\L2Schemas
[13/07/2009 20:20:10] - |D| - [0] - C:\windows\LiveKernelReports
[13/07/2009 20:20:10] - |D| - [61435958] - C:\windows\Logs
[13/07/2009 20:20:10] - |RSD| - [13327133] - C:\windows\Media
[MD5.23AF90D2355D8C83AA4567EF1763B467] - [13/07/2009 17:10:29] - |A| - (.-.) - [43131] - (0.0.0.0) - C:\windows\mib.bin
[13/07/2009 20:20:10] - |D| - [713051405] - C:\windows\Microsoft.NET
[13/07/2009 20:20:10] - |D| - [0] - C:\windows\ModemLogs
[MD5.B9FB94A8DA62711C6955825DEFB25C5A] - [13/07/2009 19:35:42] - |A| - (.-.) - [1405] - (0.0.0.0) - C:\windows\msdfmap.ini
[01/08/2011 00:11:29] - |HD| - [0] - C:\windows\msdownld.tmp
[MD5.F2C7BB8ACC97F92E987A2D4087D021B1] - [13/07/2009 16:56:36] - |A| - (.© Microsoft Corporation. - Notepad.) - [193536] - (6.1.7600.16385) - C:\windows\notepad.exe
[13/07/2009 22:32:38] - |D| - [65] - C:\windows\Offline Web Pages
[01/08/2011 16:33:22] - |D| - [1511152] - C:\windows\Panther
[01/08/2011 00:34:48] - |D| - [0] - C:\windows\PCHEALTH
[13/07/2009 22:32:38] - |D| - [62090266] - C:\windows\Performance
[13/07/2009 20:20:10] - |D| - [1117380] - C:\windows\PLA
[13/07/2009 20:20:10] - |D| - [2185740] - C:\windows\PolicyDefinitions
[01/08/2011 00:03:11] - |D| - [42683980] - C:\windows\Prefetch
[MD5.2E2C937846A0B8789E5E91739284D17A] - [13/07/2009 16:27:10] - |A| - (.© Microsoft Corporation. - Registry Editor.) - [427008] - (6.1.7600.16385) - C:\windows\regedit.exe
[13/07/2009 20:20:10] - |D| - [22588] - C:\windows\registration
[13/07/2009 20:20:10] - |D| - [4734993] - C:\windows\rescache
[13/07/2009 20:20:10] - |D| - [1677002] - C:\windows\Resources
[13/07/2009 20:20:10] - |D| - [0] - C:\windows\SchCache
[13/07/2009 20:20:10] - |D| - [55533] - C:\windows\schemas
[13/07/2009 20:20:10] - |D| - [1056768] - C:\windows\security
[13/07/2009 21:45:47] - |D| - [37000059] - C:\windows\ServiceProfiles
[13/07/2009 20:20:10] - |D| - [36378692] - C:\windows\servicing
[13/07/2009 21:45:50] - |AD| - [15702] - C:\windows\Setup
[21/11/2010 00:16:47] - |D| - [4544] - C:\windows\ShellNew
[20/10/2011 10:09:09] - |D| - [102468379] - C:\windows\SoftwareDistribution
[13/07/2009 20:20:10] - |D| - [181014046] - C:\windows\Speech
[MD5.D01628AF9F7FB3F415B357D446FBE6D9] - [20/11/2010 20:24:16] - |A| - (.© Microsoft Corporation. - Print driver host for 32bit applications.) - [67072] - (6.1.7601.17514) - C:\windows\splwow64.exe
[MD5.9060C3C745E7B2D8E1A81DD061021546] - [13/07/2009 22:28:38] - |A| - (.-.) - [48201] - (0.0.0.0) - C:\windows\Starter.xml
[13/07/2009 20:20:10] - |D| - [0] - C:\windows\system
[MD5.286A9EDB379DC3423A528B0864A0F111] - [13/07/2009 19:34:57] - |A| - (.-.) - [219] - (0.0.0.0) - C:\windows\system.ini
[13/07/2009 20:20:10] - |AD| - [3222266207] - C:\windows\System32
[13/07/2009 20:20:14] - |D| - [1193758223] - C:\windows\SysWOW64
[13/07/2009 20:20:14] - |D| - [15] - C:\windows\TAPI
[13/07/2009 20:20:14] - |D| - [32634] - C:\windows\Tasks
[13/07/2009 20:20:14] - |D| - [270614] - C:\windows\Temp
[13/07/2009 20:20:14] - |D| - [0] - C:\windows\tracing
[MD5.0BEA3F79A36B1F67B2CE0F595524C77C] - [10/06/2009 14:41:17] - |A| - (.- Twain Source Manager (Image Acquisition Interface).) - [94784] - (1.7.0.0) - C:\windows\twain.dll
[13/07/2009 22:32:38] - |D| - [1724357] - C:\windows\twain_32
[MD5.163A95975E1D8819E653AA3E961371CA] - [20/11/2010 20:25:10] - |A| - (.- Twain_32 Source Manager (Image Acquisition Interface).) - [51200] - (1.7.1.3) - C:\windows\twain_32.dll
[MD5.F36A271706EDD23C94956AFB56981184] - [13/07/2009 15:47:26] - |A| - (.- Twain_32.dll Client's 16-Bit Thunking Server.) - [49680] - (1.7.0.0) - C:\windows\twunk_16.exe
[MD5.0BD6E68F3EA0DD62CD86283D86895381] - [13/07/2009 17:14:40] - |A| - (.- Twain.dll Client's 32-Bit Thunking Server.) - [31232] - (1.7.1.0) - C:\windows\twunk_32.exe
[13/07/2009 20:20:14] - |D| - [12420] - C:\windows\Vss
[13/07/2009 20:20:14] - |D| - [50738281] - C:\windows\Web
[MD5.162904DAA5412143F5403233E77F787E] - [13/07/2009 19:34:57] - |A| - (.-.) - [403] - (0.0.0.0) - C:\windows\win.ini
[MD5.5A5CFF37F1BD0F86B9BDAAD7A9445882] - [13/07/2009 21:54:24] - |RAH| - (.-.) - [749] - (0.0.0.0) - C:\windows\WindowsShell.Manifest
[MD5.C5E3EE1CA9A5E3E23F412F06EC1AB974] - [19/04/2017 16:49:21] - |A| - (.-.) - [3825] - (0.0.0.0) - C:\windows\WindowsUpdate.log
[MD5.1D420D66250BCAAAED05724FB34008CF] - [13/07/2009 17:12:29] - |A| - (.© Microsoft Corporation. - Windows Winhlp32 Stub.) - [9728] - (6.1.7600.16385) - C:\windows\winhlp32.exe
[13/07/2009 20:20:14] - |D| - [8436793729] - C:\windows\winsxs
[MD5.4D620865394151B96C54752B743D6D12] - [13/05/2011 15:42:24] - |A| - (.© 2010 Microsoft Corporation. - Windows Live Photos Screen Saver.) - [302448] - (15.4.3538.513) - C:\windows\WLXPGSS.SCR
[MD5.DC17DD0189B0C36D863B4DD0A036C10F] - [10/06/2009 13:52:44] - |A| - (.-.) - [316640] - (0.0.0.0) - C:\windows\WMSysPr9.prx
[MD5.F8ED3B4B209E2CB49028E36CF06CA851] - [13/07/2009 16:56:28] - |A| - (.© Microsoft Corporation. - Windows Write.) - [10240] - (6.1.7600.16385) - C:\windows\write.exe
[MD5.6E3603F3AE9B89E730DF9D9331C76613] - [27/11/2015 18:13:48] - |A| - (.-.) - [216313] - (0.0.0.0) - C:\windows\ZAM.krnl.trace
[MD5.9B0A1BAF95208D25093B2E0611224F54] - [27/11/2015 18:13:43] - |A| - (.-.) - [36708] - (0.0.0.0) - C:\windows\ZAM_Guard.krnl.trace

---------- | C:\windows\System32\GroupPolicy

[10/02/2014 17:29:39] - |D| - [0] - C:\windows\System32\GroupPolicy\User

---------- | Systemroot\System

---------- | Systemroot\Installer (Microsoft Files Whitelisted)

[12/04/2017 15:51:06] - C:\windows\Installer\102958.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:39:47] - C:\windows\Installer\10c67.msi : ( - K-NFB Reading Technology, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:40:21] - C:\windows\Installer\10c6c.msi : (TOSHIBA ReelTime - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[15/11/2014 13:59:20] - C:\windows\Installer\13ada4.msi : (Google Update Helper - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:18:48] - C:\windows\Installer\18f09.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:18:53] - C:\windows\Installer\18f0e.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:18:55] - C:\windows\Installer\18f13.msi : ( - Cisco Systems, Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[13/06/2011 15:17:12] - C:\windows\Installer\18f21.msi : (Blank Project Template - TOSHIBA CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/02/2011 15:46:54] - C:\windows\Installer\18f28.msi : ( - Conexant Systems, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:22:08] - C:\windows\Installer\18f2d.msi : (TOSHIBA Web Camera Application - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:23:19] - C:\windows\Installer\18f37.msi : (TOSHIBA Face Recognition - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/06/2011 17:43:30] - C:\windows\Installer\18f3c.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[04/07/2011 23:58:24] - C:\windows\Installer\18f41.msi : (TOSHIBA PC Health Monitor - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[22/06/2011 14:31:42] - C:\windows\Installer\18f45.msi : (Toshiba Online Backup - Toshiba) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[23/09/2010 10:03:36] - C:\windows\Installer\18f4a.msi : (Toshiba App Place - Toshiba) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[20/10/2011 10:36:08] - C:\windows\Installer\18f5f.msi : (Google Toolbar for Internet Explorer - Google Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:30:14] - C:\windows\Installer\1f3b4.msi : (Java(TM) SE Runtime Environment 6.0 - Oracle) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:30:26] - C:\windows\Installer\1f3b9.msi : (Additional Font and Media Support - The J2SE Runtime Environment with European languages. This requires [Core]MB on your hard drive.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/06/2011 14:14:34] - C:\windows\Installer\1f3c3.msi : (TOSHIBA Supervisor Password - TOSHIBA) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[14/06/2011 13:59:32] - C:\windows\Installer\1f3cd.msi : (TOSHIBA Hardware Setup - TOSHIBA) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[09/06/2011 21:41:26] - C:\windows\Installer\1f3d2.msi : (Blank Project Template - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[28/06/2011 02:36:48] - C:\windows\Installer\1f3d7.msi : (Blank Project Template - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:32:13] - C:\windows\Installer\1f3dd.msi : (TOSHIBA Media Controller for IE - TOSHIBA CORPORATION) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[16/11/2010 00:03:30] - C:\windows\Installer\1f3e2.msi : (ADOBER~1.0|Adobe Reader X - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:33:16] - C:\windows\Installer\1f3e7.msi : (Adobe AIR Installer - Adobe Systems Incorporated) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[01/08/2011 00:37:38] - C:\windows\Installer\1f5ec.msi : (TOSHIBA Bulletin Board - TOSHIBA Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[04/02/2012 19:45:55] - C:\windows\Installer\262be5.msi : (iLivid Installation - Bandoo Media Inc.) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/10/2009 14:11:28] - C:\windows\Installer\36d5b.msi : (Blank Project Template - InstallShield) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[19/03/2013 16:06:23] - C:\windows\Installer\9118a6.msi : (Strongvault Online Backup - [|Brand]) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[11/03/2013 17:54:26] - C:\windows\Installer\9118ad.msi : (Strongvault Online Backup - Strongvault Online Backup) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[26/07/2011 11:36:38] - C:\windows\Installer\938618.msi : ( - DivX, Inc) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]
[27/06/2011 19:19:36] - C:\windows\Installer\f0c8.msi : (TOSHIBA Value Added Package - Macrovision Corporation) [Offsets ok ! : D0CF11E0A1B11AE10000000000000000]

---------- | %System%\*.in*

[13/07/2009 21:57:09] - [73] - C:\windows\System32\desktop.ini
[01/08/2011 00:11:09] - [72822] - C:\windows\System32\ieuinit.inf
[10/06/2009 14:01:25] - [60124] - C:\windows\System32\tcpmon.ini
[01/08/2011 00:11:10] - [72822] - C:\windows\Syswow64\ieuinit.inf
[13/07/2009 21:55:01] - [535] - C:\windows\Syswow64\mapisvc.inf
[26/12/2011 13:20:18] - [744944] - C:\windows\Syswow64\PerfStringBackup.INI

---------- | Listing no Microsoft signed files (Not necessary Malwares) | system32 | Syswow64 | General scan

[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:08] - [0 Ko] - C:\windows\AppPatch\Custom\Custom64
[MD5.69AD30E0F6F3EAA751193990F5C48F91] - |A| - [01/08/2011 00:16:03] - (.-.) - [121.76 Ko] - (0.0.0.0) - C:\windows\AppPatch\AppPatch64\sysmain.sdb
[MD5.00000000000000000000000000000000] - |D| - [13/05/2016 17:33:57] - [264.27 Ko] - C:\windows\Temp\SafeZone Installer
[MD5.00000000000000000000000000000000] - |D| - [15/04/2017 20:15:32] - [0 Ko] - C:\windows\Temp\_avast_
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [0 Ko] - C:\windows\System32\0409
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [13/07/2009 21:45:49] - (.-.) - [24.03 Ko] - (0.0.0.0) - C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |AH| - [13/07/2009 21:45:49] - (.-.) - [24.03 Ko] - (0.0.0.0) - C:\windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [4986 Ko] - C:\windows\System32\AdvancedInstallers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [201.5 Ko] - C:\windows\System32\ar-SA
[MD5.4E118AC95A15BD14B8C1E49C5B4CD79B] - |A| - [19/07/2016 18:28:50] - (.Copyright (c) 2014 AVAST Software - avast! start-up scanner.) - [381.82 Ko] - (12.1.3076.0) - C:\windows\System32\aswBoot.exe
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [173 Ko] - C:\windows\System32\bg-BG
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [2401.97 Ko] - C:\windows\System32\Boot
[MD5.7D00FF6A4315FDF4ACAFBB4EF157EA9F] - |A| - [13/07/2009 17:07:04] - (.Copyright (C) 2008 - Bthpan Context Handler.) - [91.5 Ko] - (1.0.0.1) - C:\windows\System32\BthpanContextHandler.dll
[MD5.6794D9D442E31DC5E95BDF65F37E4386] - |A| - [13/07/2009 16:56:54] - (.Copyright (C) 2006 - CardGames Resources.) - [6068.5 Ko] - (1.0.0.1) - C:\windows\System32\CardGames.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [34687.98 Ko] - C:\windows\System32\catroot
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [24355.13 Ko] - C:\windows\System32\catroot2
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [6111.42 Ko] - C:\windows\System32\CodeIntegrity
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [357 Ko] - C:\windows\System32\com
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [370033.18 Ko] - C:\windows\System32\config
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [219.5 Ko] - C:\windows\System32\cs-CZ
[MD5.AA0B1A7B4750F655936F2F82B5E84428] - |A| - [16/12/2010 17:08:00] - (.©Conexant Systems Inc. - Conexant Audio Processing Objects.) - [1512.13 Ko] - (4.80.40.0) - C:\windows\System32\CX64AP40.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [216.5 Ko] - C:\windows\System32\da-DK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [240.5 Ko] - C:\windows\System32\de-DE
[MD5.079B8AEB4A55BF8493BD1EC70285D920] - |ASH| - [13/07/2009 21:57:09] - (.-.) - [0.07 Ko] - (0.0.0.0) - C:\windows\System32\desktop.ini
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [4419.5 Ko] - C:\windows\System32\Dism
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:10] - [70516.23 Ko] - C:\windows\System32\drivers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [965199 Ko] - C:\windows\System32\DriverStore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [240.5 Ko] - C:\windows\System32\el-GR
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [1804 Ko] - C:\windows\System32\en
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [34138.31 Ko] - C:\windows\System32\en-US
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [230.5 Ko] - C:\windows\System32\es-ES
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [160.5 Ko] - C:\windows\System32\et-EE
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [218 Ko] - C:\windows\System32\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [236 Ko] - C:\windows\System32\fr-FR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\System32\FxsTmp
[MD5.2AE808CB0D9A667B0CF41EA74B3B9BAC] - |A| - [10/06/2009 13:36:24] - (.-.) - [39.6 Ko] - (0.0.0.0) - C:\windows\System32\gatherNetworkInfo.vbs
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:11] - [0 Ko] - C:\windows\System32\GroupPolicy
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [0 Ko] - C:\windows\System32\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [191.5 Ko] - C:\windows\System32\he-IL
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [168 Ko] - C:\windows\System32\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [221 Ko] - C:\windows\System32\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [5.36 Ko] - C:\windows\System32\ias
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [36.27 Ko] - C:\windows\System32\icsxml
[MD5.7A495CA1402C2F9F5D035092AD808669] - |A| - [13/07/2009 13:17:48] - (.-.) - [0.85 Ko] - (0.0.0.0) - C:\windows\System32\manage-bde.wsf
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [1981.88 Ko] - C:\windows\System32\manifeststore
[MD5.03E0955A7D8E5E74E7F6986A56A66196] - |A| - [03/10/2010 14:46:00] - (.© Waves Audio Ltd. - MaxxAudio APO.) - [333.34 Ko] - (3.2.1.1) - C:\windows\System32\MaxxAudioAPO30.dll
[MD5.00000000000000000000000000000000] - |SD| - [13/07/2009 21:45:42] - [24.77 Ko] - C:\windows\System32\Microsoft
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [3508.43 Ko] - C:\windows\System32\migration
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [37766.2 Ko] - C:\windows\System32\migwiz
[MD5.00000000000000000000000000000000] - |D| - [14/08/2012 13:58:12] - [0 Ko] - C:\windows\System32\MpEngineStore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [4148.28 Ko] - C:\windows\System32\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [11.33 Ko] - C:\windows\System32\MUI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [212 Ko] - C:\windows\System32\nb-NO
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [512 Ko] - C:\windows\System32\NDF
[MD5.CD48AD912839B9FB6CCA5D4AA9B37500] - |A| - [13/07/2009 15:01:19] - (.-.) - [21.3 Ko] - (0.0.0.0) - C:\windows\System32\NetTrace.PLA.Diagnostics.xml
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [85 Ko] - C:\windows\System32\NetworkList
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [229 Ko] - C:\windows\System32\nl-NL
[MD5.2901049544FDF863362FABA2363EB647] - |A| - [13/07/2009 13:24:21] - (.-.) - [0.82 Ko] - (0.0.0.0) - C:\windows\System32\onlinesetup.cmd
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [13469.97 Ko] - C:\windows\System32\oobe
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 13:33:35] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\windows\System32\PerfCenterCpl.ico
[MD5.284A4599C9BB58A9ADF4A7F8C498CCF0] - |A| - [08/09/2015 13:49:30] - (.-.) - [5.28 Ko] - (0.0.0.0) - C:\windows\System32\PerfStringBackup.TMP
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [224 Ko] - C:\windows\System32\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:50] - [413.88 Ko] - C:\windows\System32\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [222.5 Ko] - C:\windows\System32\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [224 Ko] - C:\windows\System32\pt-PT
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [23.75 Ko] - C:\windows\System32\ras
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [165248.8 Ko] - C:\windows\System32\Recovery
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [0.07 Ko] - C:\windows\System32\restore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [169 Ko] - C:\windows\System32\ro-RO
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:11] - [219 Ko] - C:\windows\System32\ru-RU
[MD5.5C18CD22BE4628865FCB63337A6E5EF6] - |A| - [20/11/2010 20:24:25] - (.-.) - [10.18 Ko] - (0.0.0.0) - C:\windows\System32\ScavengeSpace.xml
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [169.5 Ko] - C:\windows\System32\sk-SK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [166 Ko] - C:\windows\System32\sl-SI
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [37.8 Ko] - C:\windows\System32\slmgr
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [11586.02 Ko] - C:\windows\System32\SMI
[MD5.C74D61FCA22F36791105D7878AF73572] - |A| - [10/06/2009 14:08:17] - (.-.) - [8.09 Ko] - (0.0.0.0) - C:\windows\System32\spcinstrumentation.man
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [26875.5 Ko] - C:\windows\System32\Speech
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [26136.83 Ko] - C:\windows\System32\spool
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [1956.87 Ko] - C:\windows\System32\spp
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [30.19 Ko] - C:\windows\System32\sppui
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [170 Ko] - C:\windows\System32\sr-Latn-CS
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [216.5 Ko] - C:\windows\System32\sv-SE
[MD5.00000000000000000000000000000000] - |AD| - [13/07/2009 20:20:13] - [409.01 Ko] - C:\windows\System32\sysprep
[MD5.5EC92F0EAE3CA59F647C3CA5AA7CB053] - |A| - [20/11/2010 20:24:36] - (.-.) - [339.75 Ko] - (0.0.0.0) - C:\windows\System32\systemsf.ebd
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [304.27 Ko] - C:\windows\System32\Tasks
[MD5.47F22CAD4A16BB40153555D631546B94] - |A| - [10/06/2009 14:01:25] - (.-.) - [58.71 Ko] - (0.0.0.0) - C:\windows\System32\tcpmon.ini
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [157 Ko] - C:\windows\System32\th-TH
[MD5.F79C9E3947B904FA3200A2204F9C52BB] - |A| - [20/10/2011 10:19:14] - (.Copyright (C) 2011 TOSHIBA CORPORATION - Credential Provider Dll for TOSHIBA Wireless LAN Indicator.) - [96.99 Ko] - (1.0.12.3) - C:\windows\System32\tosWirelessLANIndicatorCP.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [212.5 Ko] - C:\windows\System32\tr-TR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:13] - [166.5 Ko] - C:\windows\System32\uk-UA
[MD5.00000000000000000000000000000000] - |D| - [28/12/2011 14:28:42] - [1754.83 Ko] - C:\windows\System32\Wat
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [45558.25 Ko] - C:\windows\System32\wbem
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:50] - [60.46 Ko] - C:\windows\System32\WCN
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [82214.23 Ko] - C:\windows\System32\wdi
[MD5.6EDD021A8B6457DDE09DE7B7FA4E8C8B] - |A| - [13/07/2009 14:54:15] - (.-.) - [0.6 Ko] - (0.0.0.0) - C:\windows\System32\WdsUnattendTemplate.xml
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\System32\wfp
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\System32\WinBioDatabase
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [73.5 Ko] - C:\windows\System32\WinBioPlugIns
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [8584.71 Ko] - C:\windows\System32\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [46460 Ko] - C:\windows\System32\winevt
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [99.06 Ko] - C:\windows\System32\winrm
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [141.5 Ko] - C:\windows\System32\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [63 Ko] - C:\windows\System32\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [141.5 Ko] - C:\windows\System32\zh-TW
[MD5.00000000000000000000000000000000] - |HD| - [21/11/2010 00:06:51] - [0 Ko] - C:\windows\SysWOW64\0409
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [2258.5 Ko] - C:\windows\SysWOW64\AdvancedInstallers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [201.5 Ko] - C:\windows\SysWOW64\ar-SA
[MD5.00000000000000000000000000000000] - |D| - [20/10/2011 10:20:21] - [87.04 Ko] - C:\windows\SysWOW64\Atheros_L1e
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [173 Ko] - C:\windows\SysWOW64\bg-BG
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\catroot
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\catroot2
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [302.5 Ko] - C:\windows\SysWOW64\com
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [9620.15 Ko] - C:\windows\SysWOW64\config
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [219.5 Ko] - C:\windows\SysWOW64\cs-CZ
[MD5.B9A550873AB27DB299AEA3D9DE5489D4] - |A| - [20/10/2011 10:05:57] - (.Copyright 2008 - CSVer.) - [52 Ko] - (9.2.0.1015) - C:\windows\SysWOW64\CSVer.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [216.5 Ko] - C:\windows\SysWOW64\da-DK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [240.5 Ko] - C:\windows\SysWOW64\de-DE
[MD5.4E14C3CCBB313666F9DC3D8DAD120C46] - |A| - [13/05/2016 17:50:43] - (.-.) - [221.2 Ko] - (0.0.0.0) - C:\windows\SysWOW64\debug.log
[MD5.C88C969B8E477E4297E4A65D66852BF3] - |A| - [01/08/2011 00:30:24] - (.Copyright © 2011 - Java(TM) Platform SE binary.) - [461.73 Ko] - (6.0.250.6) - C:\windows\SysWOW64\deployJava1.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [3386.5 Ko] - C:\windows\SysWOW64\Dism
[MD5.F42E95BFB193754E9148DB6434D2E88E] - |A| - [19/02/2010 12:27:36] - (.Copyright © 2000-2009 DivX, Inc. - DivX.) - [703.5 Ko] - (6.9.2.26) - C:\windows\SysWOW64\DivX.dll
[MD5.BF8B26F3B97219B08230E6ADD3A703F7] - |A| - [03/01/2012 17:48:42] - (.© Copyright 2000 - 2009 DivX, Inc. - DivX Control Panel.) - [345.88 Ko] - (1.2.0.11) - C:\windows\SysWOW64\DivXControlPanelApplet.cpl
[MD5.A266D3E430E9FF97E9D659E5F087EF99] - |A| - [19/02/2010 12:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [836 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx07.dll
[MD5.0DADCB1C15AB04A655F7B386FE625B35] - |A| - [19/02/2010 12:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [828 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx0a.dll
[MD5.725C556795DFC534660E784F9324515C] - |A| - [19/02/2010 12:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [836 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx0c.dll
[MD5.E1F94DFDC350BB8CE14655F5DB567149] - |A| - [19/02/2010 12:27:16] - (.Copyright ｩ 2001-2008 DivX, Inc. - DivX.) - [820 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx11.dll
[MD5.AD8E4393EAD5A8A71378BEEE95C59FDA] - |A| - [19/02/2010 12:27:16] - (.Copyright © 2001-2008 DivX, Inc. - DivX.) - [824 Ko] - (6.9.2.26) - C:\windows\SysWOW64\divx_xx16.dll
[MD5.90C7F5E71EEFE13F762CFE7B42C7157A] - |A| - [20/10/2011 16:26:22] - (.Copyright © 2005-2006 - dpl100.) - [92 Ko] - (1.3.0.25) - C:\windows\SysWOW64\dpl100.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [3472.71 Ko] - C:\windows\SysWOW64\drivers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [1.05 Ko] - C:\windows\SysWOW64\DriverStore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [240.5 Ko] - C:\windows\SysWOW64\el-GR
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [1648 Ko] - C:\windows\SysWOW64\en
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [30987.63 Ko] - C:\windows\SysWOW64\en-US
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [230.5 Ko] - C:\windows\SysWOW64\es-ES
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [160.5 Ko] - C:\windows\SysWOW64\et-EE
[MD5.093A41D0865DA5C7BE09A0F60A37B7D1] - |A| - [02/01/2012 13:46:19] - (.-.) - [56 Ko] - (0.0.0.0) - C:\windows\SysWOW64\ff_vfw.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [218 Ko] - C:\windows\SysWOW64\fi-FI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [236 Ko] - C:\windows\SysWOW64\fr-FR
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\SysWOW64\FxsTmp
[MD5.ABCB973D716F4F0DCC1E7DB99E8B03A3] - |A| - [10/02/2016 17:07:32] - (.-.) - [83.85 Ko] - (0.0.0.0) - C:\windows\SysWOW64\generic_uninstaller.log
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\GroupPolicy
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\GroupPolicyUsers
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [191.5 Ko] - C:\windows\SysWOW64\he-IL
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [168 Ko] - C:\windows\SysWOW64\hr-HR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [221 Ko] - C:\windows\SysWOW64\hu-HU
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [36.27 Ko] - C:\windows\SysWOW64\icsxml
[MD5.481F6E1CD63E09F0516B5E78B35D333E] - |A| - [04/04/2011 20:07:00] - (.-.) - [142.39 Ko] - (0.0.0.0) - C:\windows\SysWOW64\igcompkrng600.bin
[MD5.D3EEBC1763F15A8EEBB6F056D9726FF8] - |A| - [04/04/2011 20:06:58] - (.-.) - [211.79 Ko] - (0.0.0.0) - C:\windows\SysWOW64\igfcg600m.bin
[MD5.2DAE8EF56FA66F1A76A628CF7B039596] - |A| - [04/04/2011 20:06:58] - (.-.) - [940.54 Ko] - (0.0.0.0) - C:\windows\SysWOW64\igkrng600.bin
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [34095.44 Ko] - C:\windows\SysWOW64\IME
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\inetsrv
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [1160 Ko] - C:\windows\SysWOW64\InstallShield
[MD5.6B7D1357B144F6FEE941FF1B97F4C5D3] - |A| - [20/10/2011 10:18:27] - (.-.) - [440.5 Ko] - (0.0.0.0) - C:\windows\SysWOW64\ISSRemoveSP.exe
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [235 Ko] - C:\windows\SysWOW64\it-IT
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [163 Ko] - C:\windows\SysWOW64\ja-JP
[MD5.B157E305260FF2A607591F33DE41BFCA] - |A| - [01/08/2011 00:30:24] - (.Copyright © 2011 - Java(TM) Platform SE binary.) - [141.78 Ko] - (6.0.250.6) - C:\windows\SysWOW64\java.exe
[MD5.364F7A2B4B535659F3B50DE5E5C20123] - |A| - [01/08/2011 00:30:24] - (.Copyright © 2011 - Java(TM) Platform SE binary.) - [141.78 Ko] - (6.0.250.6) - C:\windows\SysWOW64\javaw.exe
[MD5.A0AC7907D47B54238CA60FC47807F119] - |A| - [01/08/2011 00:30:24] - (.Copyright © 2011 - Java(TM) Web Start Launcher.) - [153.78 Ko] - (6.0.250.6) - C:\windows\SysWOW64\javaws.exe
[MD5.C1B7AB03AC2F3C990A40BC2E18E02CF1] - |A| - [13/07/2009 19:35:50] - (.-.) - [11687.04 Ko] - (0.0.0.0) - C:\windows\SysWOW64\korwbrkr.lex
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [05/08/2016 17:07:18] - (.-.) - [0 Ko] - (0.0.0.0) - C:\windows\SysWOW64\last.dump
[MD5.D41D8CD98F00B204E9800998ECF8427E] - |A| - [20/10/2011 10:07:48] - (.-.) - [0.02 Ko] - (0.0.0.0) - C:\windows\SysWOW64\log.txt
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\SysWOW64\LogFiles
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [165 Ko] - C:\windows\SysWOW64\lt-LT
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [166 Ko] - C:\windows\SysWOW64\lv-LV
[MD5.00000000000000000000000000000000] - |D| - [01/08/2011 00:32:35] - [41496.63 Ko] - C:\windows\SysWOW64\Macromed
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [1968.26 Ko] - C:\windows\SysWOW64\manifeststore
[MD5.98071B6EE16AA76DABFF377A5DC69C86] - |A| - [13/07/2009 21:55:01] - (.-.) - [0.52 Ko] - (0.0.0.0) - C:\windows\SysWOW64\mapisvc.inf
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [3208.93 Ko] - C:\windows\SysWOW64\migration
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [32669.71 Ko] - C:\windows\SysWOW64\migwiz
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [52.28 Ko] - C:\windows\SysWOW64\Msdtc
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [11.33 Ko] - C:\windows\SysWOW64\MUI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [212 Ko] - C:\windows\SysWOW64\nb-NO
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\NDF
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [51 Ko] - C:\windows\SysWOW64\NetworkList
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [229 Ko] - C:\windows\SysWOW64\nl-NL
[MD5.1C96B3DA6ABE5E18B63C64DF75884F6A] - |A| - [13/07/2009 19:35:50] - (.-.) - [1.45 Ko] - (0.0.0.0) - C:\windows\SysWOW64\noise.kor
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [2566.05 Ko] - C:\windows\SysWOW64\oobe
[MD5.B7795BC96C1CEB86E04E8DC843E9C784] - |A| - [10/06/2009 14:17:19] - (.-.) - [113.56 Ko] - (0.0.0.0) - C:\windows\SysWOW64\PerfCenterCpl.ico
[MD5.217033BD2448E2831F4D77B001C63763] - |A| - [26/12/2011 13:20:18] - (.-.) - [727.48 Ko] - (0.0.0.0) - C:\windows\SysWOW64\PerfStringBackup.INI
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [224 Ko] - C:\windows\SysWOW64\pl-PL
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [413.88 Ko] - C:\windows\SysWOW64\Printing_Admin_Scripts
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [222.5 Ko] - C:\windows\SysWOW64\pt-BR
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [224 Ko] - C:\windows\SysWOW64\pt-PT
[MD5.CE931021E18F385F519E945A8A10548E] - |A| - [02/01/2012 13:46:19] - (.Copyright (C) Project contributors 1998-2004 - POSIX Threads for Windows32 Library.) - [58.86 Ko] - (2.8.0.0) - C:\windows\SysWOW64\pthreadGC2.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [23.75 Ko] - C:\windows\SysWOW64\ras
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [0.64 Ko] - C:\windows\SysWOW64\Recovery
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 22:32:38] - [0 Ko] - C:\windows\SysWOW64\restore
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [169 Ko] - C:\windows\SysWOW64\ro-RO
[MD5.9E53C231B0A511A48BAF102EDA4FC198] - |A| - [03/02/2011 19:56:46] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynCOM.) - [169.29 Ko] - (15.2.11.1) - C:\windows\SysWOW64\SynCOM.dll
[MD5.23FECDF8EA830C69325A4A9CC21A7F1B] - |A| - [03/02/2011 19:56:48] - (.Copyright (C) Synaptics Incorporated 1996-2011 - SynCtrl.) - [213.29 Ko] - (15.2.11.1) - C:\windows\SysWOW64\SynCtrl.dll
[MD5.01C809AEEE4C10100B35D640925A6DB3] - |A| - [03/02/2011 19:56:54] - (.Copyright (C) Synaptics Incorporated 1996-2011 - Synaptics TouchPad Interfaces.) - [105.29 Ko] - (15.2.11.1) - C:\windows\SysWOW64\SynTPCOM.dll
[MD5.179D3637464E602FADD7DF5C428BB9E4] - |A| - [03/02/2011 19:56:58] - (.-.) - [65.29 Ko] - (0.0.0.0) - C:\windows\SysWOW64\SynTPEnhPS.dll
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [977.89 Ko] - C:\windows\SysWOW64\sysprep
[MD5.00000000000000000000000000000000] - |HD| - [13/07/2009 20:20:14] - [0 Ko] - C:\windows\SysWOW64\Tasks
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [157 Ko] - C:\windows\SysWOW64\th-TH
[MD5.2BAB54632EAF98ED75D55E19C46955E4] - |A| - [20/10/2011 10:12:43] - (.Copyright © 1997-8 - THCI.) - [24 Ko] - (1.0.0.1) - C:\windows\SysWOW64\THCI.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [212.5 Ko] - C:\windows\SysWOW64\tr-TR
[MD5.2611F58AEC4BB39387162F749FE8A558] - |A| - [20/10/2011 10:12:43] - (.Copyright © 1997-8 - TSCI.) - [24 Ko] - (1.0.0.1) - C:\windows\SysWOW64\TSCI.dll
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [166.5 Ko] - C:\windows\SysWOW64\uk-UA
[MD5.15BD0F8D507546F512EE5D73C3721FA8] - |A| - [13/07/2009 19:35:41] - (.Copyright © 2000 - vfpodbc.) - [20.05 Ko] - (1.0.2.0) - C:\windows\SysWOW64\vfpodbc.dll
[MD5.00000000000000000000000000000000] - |D| - [28/12/2011 14:28:42] - [237.33 Ko] - C:\windows\SysWOW64\Wat
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [8731.34 Ko] - C:\windows\SysWOW64\wbem
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [60.46 Ko] - C:\windows\SysWOW64\WCN
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [96.48 Ko] - C:\windows\SysWOW64\wdi
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 22:32:38] - [8539.71 Ko] - C:\windows\SysWOW64\WindowsPowerShell
[MD5.00000000000000000000000000000000] - |D| - [21/11/2010 00:06:51] - [99.06 Ko] - C:\windows\SysWOW64\winrm
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [141.5 Ko] - C:\windows\SysWOW64\zh-CN
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [63 Ko] - C:\windows\SysWOW64\zh-HK
[MD5.00000000000000000000000000000000] - |D| - [13/07/2009 20:20:14] - [141.5 Ko] - C:\windows\SysWOW64\zh-TW
[MD5.E4E50E87DE25BD9FDA3DBC4030147981] - |A| - [27/04/2013 16:34:52] - (.-.) - [0.05 Ko] - (0.0.0.0) - C:\windows\SysWOW64\~stg

---------- | Shell Folders

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"!Do not use this registry key"=Use the SHGetFolderPath or SHGetKnownFolderPath function instead
"AppData"=C:\Users\Mitch\AppData\Roaming [26/12/2011 12:56:44]
"Local AppData"=C:\Users\Mitch\AppData\Local [26/12/2011 12:56:44]
"My Video"=C:\Users\Mitch\Videos [26/12/2011 12:56:44]
"{1B3EA5DC-B587-4786-B4EF-BD1DC332AEAE}"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Libraries [26/12/2011 12:58:02]
"My Pictures"=C:\Users\Mitch\Pictures [26/12/2011 12:56:44]
"Desktop"=C:\Users\Mitch\Desktop [26/12/2011 12:56:44]
"History"=C:\Users\Mitch\AppData\Local\Microsoft\Windows\History [26/12/2011 12:56:44]
"NetHood"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Network Shortcuts [26/12/2011 12:56:44]
"{56784854-C6CB-462B-8169-88E350ACB882}"=C:\Users\Mitch\Contacts [26/12/2011 12:57:51]
"Cookies"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Cookies [26/12/2011 12:56:44]
"Favorites"=C:\Users\Mitch\Favorites [26/12/2011 12:56:44]
"SendTo"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\SendTo [26/12/2011 12:56:44]
"Start Menu"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu [26/12/2011 12:56:44]
"My Music"=C:\Users\Mitch\Music [26/12/2011 12:56:44]
"Programs"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs [26/12/2011 12:56:44]
"Recent"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Recent [26/12/2011 12:56:44]
"CD Burning"=C:\Users\Mitch\AppData\Local\Microsoft\Windows\Burn\Burn [26/12/2011 12:58:13]
"PrintHood"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Printer Shortcuts [26/12/2011 12:56:44]
"{7D1D3A04-DEBB-4115-95CF-2F29DA2920DA}"=C:\Users\Mitch\Searches [26/12/2011 12:58:02]
"{374DE290-123F-4565-9164-39C4925E467B}"=C:\Users\Mitch\Downloads [26/12/2011 12:56:44]
"{A520A1A4-1780-4FF6-BD18-167343C5AF16}"=C:\Users\Mitch\AppData\LocalLow [26/12/2011 12:56:45]
"Startup"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup [26/12/2011 12:58:02]
"Administrative Tools"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools [26/12/2011 12:58:02]
"Personal"=C:\Users\Mitch\Documents [26/12/2011 12:56:44]
"{BFB9D5E0-C6A9-404C-B2B2-AE6DB6AF4968}"=C:\Users\Mitch\Links [26/12/2011 12:56:44]
"Cache"=C:\Users\Mitch\AppData\Local\Microsoft\Windows\Temporary Internet Files [26/12/2011 12:56:44]
"Templates"=C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Templates [26/12/2011 12:56:44]
"{4C5C32FF-BB9D-43B0-B5B4-2D72E54EAAA4}"=C:\Users\Mitch\Saved Games [26/12/2011 12:56:44]
"Fonts"=C:\windows\Fonts [13/07/2009 20:20:09]

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"AppData"=%USERPROFILE%\AppData\Roaming
"Cache"=%USERPROFILE%\AppData\Local\Microsoft\Windows\Temporary Internet Files
"Cookies"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Cookies
"Desktop"=%USERPROFILE%\Desktop
"Favorites"=%USERPROFILE%\Favorites
"History"=%USERPROFILE%\AppData\Local\Microsoft\Windows\History
"Local AppData"=%USERPROFILE%\AppData\Local
"My Music"=%USERPROFILE%\Music
"My Pictures"=%USERPROFILE%\Pictures
"My Video"=%USERPROFILE%\Videos
"NetHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Network Shortcuts
"Personal"=%USERPROFILE%\Documents
"Programs"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
"Recent"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Recent
"SendTo"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\SendTo
"Startup"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
"Start Menu"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Start Menu
"Templates"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Templates
"{374DE290-123F-4565-9164-39C4925E467B}"=%USERPROFILE%\Downloads
"PrintHood"=%USERPROFILE%\AppData\Roaming\Microsoft\Windows\Printer Shortcuts

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop"=C:\Users\Public\Desktop [13/07/2009 20:20:08]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [13/07/2009 20:20:08]
"CommonVideo"=C:\Users\Public\Videos [13/07/2009 20:20:08]
"CommonPictures"=C:\Users\Public\Pictures [13/07/2009 20:20:08]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [13/07/2009 20:20:08]
"CommonMusic"=C:\Users\Public\Music [13/07/2009 20:20:08]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/07/2009 22:32:38]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [13/07/2009 20:20:08]
"Common Documents"=C:\Users\Public\Documents [13/07/2009 20:20:08]
"OEM Links"=C:\ProgramData\OEM Links
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [13/07/2009 20:20:08]
"Common AppData"=C:\ProgramData [13/07/2009 20:20:08]

[HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common Desktop"=%PUBLIC%\Desktop
"Common Documents"=%PUBLIC%\Documents
"CommonPictures"=%PUBLIC%\Pictures
"CommonMusic"=%PUBLIC%\Music
"CommonVideo"=%PUBLIC%\Videos
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup
"Common AppData"=%ProgramData%
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\Shell Folders]
"Common Desktop"=C:\Users\Public\Desktop [13/07/2009 20:20:08]
"Common Start Menu"=C:\ProgramData\Microsoft\Windows\Start Menu [13/07/2009 20:20:08]
"CommonVideo"=C:\Users\Public\Videos [13/07/2009 20:20:08]
"CommonPictures"=C:\Users\Public\Pictures [13/07/2009 20:20:08]
"Common Programs"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs [13/07/2009 20:20:08]
"CommonMusic"=C:\Users\Public\Music [13/07/2009 20:20:08]
"Common Administrative Tools"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools [13/07/2009 22:32:38]
"Common Startup"=C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup [13/07/2009 20:20:08]
"Common Documents"=C:\Users\Public\Documents [13/07/2009 20:20:08]
"OEM Links"=C:\ProgramData\OEM Links
"Common Templates"=C:\ProgramData\Microsoft\Windows\Templates [13/07/2009 20:20:08]
"Common AppData"=C:\ProgramData [13/07/2009 20:20:08]

[HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Explorer\User Shell Folders]
"Common Desktop"=%PUBLIC%\Desktop
"Common Documents"=%PUBLIC%\Documents
"CommonPictures"=%PUBLIC%\Pictures
"CommonMusic"=%PUBLIC%\Music
"CommonVideo"=%PUBLIC%\Videos
"{3D644C9B-1FB8-4f30-9B45-F670235F79C0}"=%PUBLIC%\Downloads
"Common Start Menu"=%ProgramData%\Microsoft\Windows\Start Menu
"Common Programs"=%ProgramData%\Microsoft\Windows\Start Menu\Programs
"Common Startup"=%ProgramData%\Microsoft\Windows\Start Menu\Programs\Startup
"Common AppData"=%ProgramData%
"Common Templates"=%ProgramData%\Microsoft\Windows\Templates

---------- | [John]

[30/10/2012 21:56:55] - |D| - [137692117] - C:\Users\John\AppData\Local
[30/10/2012 21:56:55] - |D| - [23523] - C:\Users\John\AppData\LocalLow
[30/10/2012 21:56:55] - |D| - [999663] - C:\Users\John\AppData\Roaming
[30/10/2012 21:56:55] - |SHD| - [1533511099] - C:\Users\John\AppData\Local\Application Data
[30/10/2012 21:57:25] - |A| - [57560] - C:\Users\John\AppData\Local\GDIPFONTCACHEV1.DAT
[30/10/2012 22:02:33] - |D| - [116688372] - C:\Users\John\AppData\Local\Google
[30/10/2012 21:56:55] - |SHD| - [49152] - C:\Users\John\AppData\Local\History
[30/10/2012 22:16:45] - |AH| - [782118] - C:\Users\John\AppData\Local\IconCache.db
[30/10/2012 21:56:55] - |D| - [19912641] - C:\Users\John\AppData\Local\Microsoft
[30/10/2012 21:56:55] - |HD| - [251341] - C:\Users\John\AppData\Local\Temp
[30/10/2012 21:56:55] - |SHD| - [105098] - C:\Users\John\AppData\Local\Temporary Internet Files
[30/10/2012 21:57:25] - |D| - [85] - C:\Users\John\AppData\Local\TOSHIBA
[30/10/2012 21:56:58] - |SD| - [23523] - C:\Users\John\AppData\LocalLow\Microsoft
[30/10/2012 21:57:04] - |D| - [0] - C:\Users\John\AppData\Roaming\Identities
[30/10/2012 21:56:55] - |D| - [2834] - C:\Users\John\AppData\Roaming\Macromedia
[30/10/2012 21:56:55] - |HD| - [0] - C:\Users\John\AppData\Roaming\Media Center Programs
[30/10/2012 21:56:55] - |D| - [994963] - C:\Users\John\AppData\Roaming\Microsoft
[30/10/2012 21:58:42] - |D| - [1866] - C:\Users\John\AppData\Roaming\Toshiba
[30/10/2012 21:56:55] - |D| - [0] - C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[30/10/2012 21:56:55] - |D| - [0] - C:\Users\John\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories

---------- | [Mitch]

[26/12/2011 12:56:44] - |D| - [582652008] - C:\Users\Mitch\AppData\Local
[26/12/2011 12:56:45] - |D| - [14149585] - C:\Users\Mitch\AppData\LocalLow
[26/12/2011 12:56:44] - |D| - [93623248] - C:\Users\Mitch\AppData\Roaming
[03/01/2012 14:45:28] - |HD| - [662420] - C:\Users\Mitch\AppData\Local\Adobe
[26/12/2011 12:56:45] - |SHD| - [6149263590] - C:\Users\Mitch\AppData\Local\Application Data
[01/01/2012 15:53:03] - |HD| - [0] - C:\Users\Mitch\AppData\Local\Apps
[21/07/2016 16:22:09] - |D| - [443696] - C:\Users\Mitch\AppData\Local\CEF
[28/01/2012 16:44:43] - |HD| - [0] - C:\Users\Mitch\AppData\Local\CrashDumps
[19/01/2012 16:41:54] - |HD| - [106] - C:\Users\Mitch\AppData\Local\DDMSettings
[06/02/2012 17:55:19] - |HD| - [34649854] - C:\Users\Mitch\AppData\Local\Diagnostics
[19/04/2017 16:48:18] - |A| - [57560] - C:\Users\Mitch\AppData\Local\GDIPFONTCACHEV1.DAT
[26/12/2011 12:58:38] - |HD| - [135702737] - C:\Users\Mitch\AppData\Local\Google
[26/12/2011 12:56:45] - |SHD| - [65826] - C:\Users\Mitch\AppData\Local\History
[26/12/2011 19:37:50] - |AH| - [3778060] - C:\Users\Mitch\AppData\Local\IconCache.db
[08/01/2013 17:46:39] - |D| - [12549] - C:\Users\Mitch\AppData\Local\Kjs.AppLife.Update
[26/12/2011 12:56:44] - |D| - [33306558] - C:\Users\Mitch\AppData\Local\Microsoft
[08/09/2015 12:00:02] - |D| - [4841] - C:\Users\Mitch\AppData\Local\Microsoft Games
[08/09/2015 10:44:05] - |D| - [0] - C:\Users\Mitch\AppData\Local\Programs
[26/12/2011 13:21:07] - |HD| - [630784] - C:\Users\Mitch\AppData\Local\SoftGrid Client
[26/12/2011 12:56:44] - |D| - [0] - C:\Users\Mitch\AppData\Local\Temp
[26/12/2011 12:56:45] - |SHD| - [32902] - C:\Users\Mitch\AppData\Local\Temporary Internet Files
[01/03/2012 16:06:40] - |D| - [11178124] - C:\Users\Mitch\AppData\Local\Tific
[26/12/2011 12:58:15] - |D| - [2374] - C:\Users\Mitch\AppData\Local\TOSHIBA
[09/09/2015 08:24:22] - |D| - [0] - C:\Users\Mitch\AppData\Local\VirtualStore
[02/01/2012 13:49:23] - |HD| - [481033] - C:\Users\Mitch\AppData\Local\Vivitar Experience Image Manager
[08/09/2015 10:44:09] - |D| - [361505328] - C:\Users\Mitch\AppData\Local\Zemana
[15/04/2017 20:19:39] - |D| - [235984] - C:\Users\Mitch\AppData\Local\ZHP
[03/01/2012 14:45:28] - |HD| - [72761] - C:\Users\Mitch\AppData\LocalLow\Adobe
[19/01/2012 16:41:17] - |HD| - [65536] - C:\Users\Mitch\AppData\LocalLow\boost_interprocess
[26/12/2011 12:56:52] - |SD| - [14009219] - C:\Users\Mitch\AppData\LocalLow\Microsoft
[12/01/2012 16:40:23] - |D| - [2069] - C:\Users\Mitch\AppData\LocalLow\Sun
[01/01/2012 15:03:57] - |SD| - [0] - C:\Users\Mitch\AppData\LocalLow\Temp
[12/07/2012 10:00:11] - |HD| - [0] - C:\Users\Mitch\AppData\LocalLow\WebEx
[26/01/2012 14:49:38] - |HD| - [0] - C:\Users\Mitch\AppData\LocalLow\Yahoo!
[08/09/2015 15:57:04] - |D| - [8180458] - C:\Users\Mitch\AppData\Roaming\9-lab
[26/12/2011 12:58:53] - |D| - [50066919] - C:\Users\Mitch\AppData\Roaming\Adobe
[09/09/2015 09:49:51] - |D| - [1076143] - C:\Users\Mitch\AppData\Roaming\AVAST Software
[08/01/2013 17:10:21] - |D| - [96951] - C:\Users\Mitch\AppData\Roaming\Book Place
[19/01/2012 16:39:36] - |HD| - [93184] - C:\Users\Mitch\AppData\Roaming\DivX
[06/02/2012 16:17:02] - |HD| - [25163] - C:\Users\Mitch\AppData\Roaming\FreeTorrentViewer
[26/12/2011 12:58:41] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\Google
[26/12/2011 12:57:54] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\Identities
[26/12/2011 12:56:44] - |D| - [56466] - C:\Users\Mitch\AppData\Roaming\Macromedia
[26/12/2011 12:56:44] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\Media Center Programs
[26/12/2011 12:56:44] - |SD| - [9256900] - C:\Users\Mitch\AppData\Roaming\Microsoft
[09/02/2012 17:00:52] - |HD| - [282] - C:\Users\Mitch\AppData\Roaming\Product_RM
[26/12/2011 13:21:07] - |D| - [1340739] - C:\Users\Mitch\AppData\Roaming\SoftGrid Client
[26/12/2011 14:28:25] - |HD| - [13208] - C:\Users\Mitch\AppData\Roaming\Tific
[26/12/2011 12:59:36] - |HD| - [16204260] - C:\Users\Mitch\AppData\Roaming\Toshiba
[04/02/2012 20:19:23] - |D| - [695] - C:\Users\Mitch\AppData\Roaming\vlc
[26/12/2011 12:56:55] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\WinBatch
[15/04/2017 20:19:39] - |D| - [5593752] - C:\Users\Mitch\AppData\Roaming\ZHP
[08/09/2015 11:35:29] - |D| - [1618128] - C:\Users\Mitch\AppData\Roaming\ZHP.$quar
[26/12/2011 12:58:02] - |ASH| - [174] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\desktop.ini
[26/12/2011 12:56:44] - |RD| - [26058] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs
[26/12/2011 12:56:44] - |RD| - [14660] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[26/12/2011 12:58:02] - |RD| - [174] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[26/12/2011 12:58:02] - |ASH| - [476] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\desktop.ini
[06/02/2012 16:16:54] - |D| - [2048] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeTorrentViewer
[02/01/2012 13:46:25] - |HD| - [0] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[26/12/2011 12:58:04] - |A| - [1458] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[26/12/2011 12:56:44] - |RD| - [580] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[26/12/2011 12:58:02] - |RD| - [174] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[18/01/2012 15:30:02] - |D| - [1336] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Veoh Networks, Inc
[02/01/2012 13:49:22] - |D| - [2974] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Vivitar Experience Image Manager
[08/05/2012 12:19:44] - |D| - [2178] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Zoola Games
[26/12/2011 12:58:02] - |ASH| - [174] - C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | [Public]

---------- | C:\ProgramData

[08/09/2015 15:56:57] - |D| - [59744988] - C:\ProgramData\9-lab
[01/08/2011 00:32:52] - |D| - [275704481] - C:\ProgramData\Adobe
[13/07/2009 22:08:56] - |SHD| - [68814947770] - C:\ProgramData\Application Data
[09/09/2015 09:47:10] - |D| - [224539953] - C:\ProgramData\AVAST Software
[13/07/2009 22:08:56] - |SD| - [8159] - C:\ProgramData\Desktop
[19/01/2012 16:26:47] - |D| - [5567819] - C:\ProgramData\DivX
[13/07/2009 22:08:56] - |SHD| - [278] - C:\ProgramData\Documents
[13/07/2009 22:08:56] - |SHD| - [0] - C:\ProgramData\Favorites
[18/01/2012 15:30:05] - |D| - [417032557] - C:\ProgramData\Giraffic
[20/10/2011 10:36:05] - |D| - [544630] - C:\ProgramData\Google
[08/09/2015 10:46:37] - |D| - [11082433] - C:\ProgramData\Malwarebytes
[15/04/2017 20:33:30] - |D| - [0] - C:\ProgramData\Malwarebytes' Anti-Malware (portable)
[02/07/2015 16:39:47] - |D| - [0] - C:\ProgramData\McAfee
[13/07/2009 20:20:08] - |SD| - [2297060808] - C:\ProgramData\Microsoft
[20/10/2011 10:31:34] - |D| - [78211] - C:\ProgramData\Norton
[20/10/2011 10:31:22] - |HD| - [16233035] - C:\ProgramData\NortonInstaller
[19/04/2017 16:46:51] - |RASH| - [8] - C:\ProgramData\ntuser.pol
[09/02/2012 17:00:53] - |HD| - [0] - C:\ProgramData\PC Tools
[16/05/2016 18:28:25] - |D| - [251246] - C:\ProgramData\REGSERVO64
[13/07/2009 22:08:56] - |SHD| - [266041] - C:\ProgramData\Start Menu
[01/08/2011 00:30:28] - |HD| - [119] - C:\ProgramData\Sun
[21/01/2012 16:11:09] - |AHD| - [0] - C:\ProgramData\TEMP
[13/07/2009 22:08:56] - |SHD| - [0] - C:\ProgramData\Templates
[01/08/2011 00:33:38] - |D| - [5700352] - C:\ProgramData\Toshiba
[08/01/2013 17:20:32] - |D| - [38] - C:\ProgramData\Toshiba Book Place
[26/12/2011 15:31:24] - |HD| - [0] - C:\ProgramData\VirtualizedApplications
[12/07/2012 10:00:11] - |D| - [35191005] - C:\ProgramData\WebEx
[20/10/2011 10:47:06] - |D| - [2587738222] - C:\ProgramData\WildTangent
[26/01/2012 14:49:39] - |HD| - [1503] - C:\ProgramData\Yahoo!

---------- | C:\ProgramData\Microsoft\Windows\Start Menu

[13/07/2009 22:01:14] - |A| - [1282] - C:\ProgramData\Microsoft\Windows\Start Menu\Default Programs.lnk
[13/07/2009 21:49:40] - |ASH| - [442] - C:\ProgramData\Microsoft\Windows\Start Menu\desktop.ini
[13/07/2009 20:20:08] - |RD| - [260984] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs
[01/08/2011 00:39:58] - |A| - [2067] - C:\ProgramData\Microsoft\Windows\Start Menu\Toshiba Book Place.lnk
[13/07/2009 21:49:40] - |A| - [1266] - C:\ProgramData\Microsoft\Windows\Start Menu\Windows Update.lnk

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs

[08/09/2015 15:56:58] - |D| - [963] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\9-lab Removal Tool
[13/07/2009 20:20:08] - |RD| - [43590] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Accessories
[13/07/2009 22:32:38] - |RD| - [18363] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[01/08/2011 00:32:56] - |A| - [2441] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader X.lnk
[13/05/2016 17:34:11] - |A| - [1048] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast SafeZone Browser.lnk
[09/09/2015 09:49:35] - |D| - [1951] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
[09/09/2015 09:30:45] - |D| - [933] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
[20/10/2011 10:44:01] - |D| - [997] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Corel Label@Once
[13/07/2009 21:54:23] - |ASH| - [1748] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\desktop.ini
[19/01/2012 16:39:11] - |D| - [10205] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DivX Plus
[02/01/2012 13:46:19] - |D| - [6513] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ffdshow
[13/07/2009 22:32:38] - |RD| - [59259] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Games
[20/10/2011 10:36:03] - |A| - [2206] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
[02/01/2012 13:46:25] - |D| - [6121] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Haali Media Splitter
[13/07/2009 20:20:08] - |RD| - [4370] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Maintenance
[08/09/2015 10:46:46] - |D| - [3724] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
[01/08/2011 00:05:58] - |A| - [1345] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Media Center.lnk
[01/08/2011 00:43:51] - |A| - [2435] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office 2010.lnk
[27/12/2011 16:59:01] - |D| - [14924] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Starter (English)
[01/08/2011 00:34:28] - |D| - [2278] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
[20/10/2011 10:21:47] - |D| - [1022] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Netwaiting
[20/10/2011 10:33:28] - |D| - [1664] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\NetZero
[16/05/2016 18:28:17] - |D| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REGSERVO
[13/07/2009 21:57:08] - |A| - [1330] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sidebar.lnk
[20/10/2011 10:35:24] - |D| - [1672] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
[13/07/2009 20:20:08] - |RD| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
[21/11/2010 00:16:41] - |RHD| - [0] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tablet PC
[01/08/2011 00:31:28] - |D| - [50664] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\TOSHIBA
[13/07/2009 21:57:09] - |A| - [1352] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Anytime Upgrade.lnk
[01/08/2011 00:05:50] - |A| - [1326] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows DVD Maker.lnk
[13/07/2009 21:54:59] - |A| - [1210] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Fax and Scan.lnk
[01/08/2011 00:36:18] - |RD| - [4591] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live
[01/08/2011 00:35:42] - |A| - [1469] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Mail.lnk
[01/08/2011 00:35:33] - |A| - [2497] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Messenger.lnk
[01/08/2011 00:36:11] - |A| - [1316] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Movie Maker.lnk
[01/08/2011 00:36:01] - |A| - [1385] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Live Photo Gallery.lnk
[13/07/2009 21:57:06] - |A| - [1547] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Windows Media Player.lnk
[13/07/2009 21:57:08] - |A| - [1246] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\XPS Viewer.lnk
[03/02/2017 17:52:16] - |D| - [1105] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware

---------- | C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup

[13/07/2009 21:54:23] - |ASH| - [174] - C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\desktop.ini

---------- | C:\Program Files (x86)

[01/08/2011 00:32:48] - |D| - [470378450] - C:\Program Files (x86)\Adobe
[08/09/2015 11:32:12] - |D| - [0] - C:\Program Files (x86)\Adware Removal Tool by TSA
[20/10/2011 10:18:51] - |D| - [3598306] - C:\Program Files (x86)\Cisco
[13/07/2009 20:20:08] - |D| - [463511913] - C:\Program Files (x86)\Common Files
[20/10/2011 10:21:46] - |D| - [5240840] - C:\Program Files (x86)\Conexant
[20/10/2011 10:44:01] - |D| - [25215938] - C:\Program Files (x86)\Corel
[13/07/2009 21:54:24] - |ASH| - [174] - C:\Program Files (x86)\desktop.ini
[19/01/2012 16:29:18] - |D| - [104819032] - C:\Program Files (x86)\DivX
[02/01/2012 13:46:18] - |D| - [13975902] - C:\Program Files (x86)\ffdshow
[06/02/2012 16:16:53] - |D| - [4158915] - C:\Program Files (x86)\FreeTorrentViewer
[18/01/2012 15:30:05] - |D| - [9726830] - C:\Program Files (x86)\Giraffic
[20/10/2011 10:35:35] - |D| - [545854400] - C:\Program Files (x86)\Google
[02/01/2012 13:46:24] - |D| - [2548909] - C:\Program Files (x86)\Haali
[01/08/2011 00:30:56] - |HD| - [94320865] - C:\Program Files (x86)\InstallShield Installation Information
[20/10/2011 10:05:57] - |D| - [17978039] - C:\Program Files (x86)\Intel
[13/07/2009 20:20:08] - |D| - [5726046] - C:\Program Files (x86)\Internet Explorer
[01/08/2011 00:30:20] - |D| - [90565055] - C:\Program Files (x86)\Java
[08/09/2015 10:46:37] - |D| - [55140333] - C:\Program Files (x86)\Malwarebytes Anti-Malware
[26/12/2011 13:20:10] - |D| - [13000978] - C:\Program Files (x86)\Microsoft Application Virtualization Client
[01/08/2011 00:43:50] - |D| - [6736828] - C:\Program Files (x86)\Microsoft Office
[01/08/2011 00:34:10] - |D| - [38421083] - C:\Program Files (x86)\Microsoft Silverlight
[01/08/2011 00:35:56] - |D| - [1829877] - C:\Program Files (x86)\Microsoft SQL Server Compact Edition
[28/12/2011 14:35:07] - |HD| - [15715] - C:\Program Files (x86)\Microsoft.NET
[13/07/2009 22:32:38] - |D| - [25757] - C:\Program Files (x86)\MSBuild
[02/01/2012 13:46:50] - |D| - [74014] - C:\Program Files (x86)\MTA
[20/10/2011 10:21:46] - |D| - [6143313] - C:\Program Files (x86)\Netwaiting
[20/10/2011 10:31:34] - |D| - [3586292] - C:\Program Files (x86)\Norton PC Checkup
[20/10/2011 10:31:22] - |D| - [8622003] - C:\Program Files (x86)\NortonInstaller
[01/08/2011 00:39:54] - |D| - [1749892] - C:\Program Files (x86)\PlayReady
[20/10/2011 10:20:50] - |D| - [21429910] - C:\Program Files (x86)\Realtek
[20/10/2011 10:18:27] - |D| - [6179835] - C:\Program Files (x86)\Realtek WLAN Driver
[13/07/2009 22:32:38] - |D| - [36929281] - C:\Program Files (x86)\Reference Assemblies
[02/01/2012 13:46:47] - |D| - [2777102] - C:\Program Files (x86)\TDC13E0
[01/08/2011 00:31:57] - |D| - [196326669] - C:\Program Files (x86)\TOSHIBA
[20/10/2011 10:35:24] - |HD| - [0] - C:\Program Files (x86)\TOSHIBA Corporation
[20/10/2011 10:47:06] - |D| - [283105136] - C:\Program Files (x86)\TOSHIBA Games
[20/10/2011 10:32:57] - |D| - [176048] - C:\Program Files (x86)\Toshiba Online Backup
[13/07/2009 21:57:06] - |HD| - [564154] - C:\Program Files (x86)\Uninstall Information
[18/01/2012 15:29:57] - |D| - [46172460] - C:\Program Files (x86)\Veoh Networks
[20/10/2011 10:47:07] - |D| - [9409955] - C:\Program Files (x86)\WildTangent Games
[13/07/2009 22:32:38] - |D| - [512000] - C:\Program Files (x86)\Windows Defender
[01/08/2011 00:35:00] - |D| - [170778514] - C:\Program Files (x86)\Windows Live
[13/07/2009 20:20:08] - |D| - [6115840] - C:\Program Files (x86)\Windows Mail
[13/07/2009 22:32:38] - |D| - [5008657] - C:\Program Files (x86)\Windows Media Player
[13/07/2009 20:20:08] - |D| - [12062388] - C:\Program Files (x86)\Windows NT
[13/07/2009 22:32:38] - |D| - [4394248] - C:\Program Files (x86)\Windows Photo Viewer
[13/07/2009 22:32:38] - |D| - [189952] - C:\Program Files (x86)\Windows Portable Devices
[13/07/2009 22:32:38] - |D| - [6874184] - C:\Program Files (x86)\Windows Sidebar
[26/01/2012 14:49:37] - |D| - [838761] - C:\Program Files (x86)\Yahoo!
[08/09/2015 10:44:23] - |D| - [17599713] - C:\Program Files (x86)\Zemana AntiMalware
[08/05/2012 12:19:44] - |D| - [931010] - C:\Program Files (x86)\Zoola Games

---------- | C:\Program Files

[08/09/2015 15:56:56] - |D| - [18658370] - C:\Program Files\9-lab
[09/09/2015 09:48:06] - |D| - [1046321339] - C:\Program Files\AVAST Software
[09/09/2015 09:30:42] - |D| - [18005864] - C:\Program Files\CCleaner
[13/07/2009 20:20:08] - |D| - [94321288] - C:\Program Files\Common Files
[20/10/2011 10:15:30] - |D| - [70274856] - C:\Program Files\CONEXANT
[13/07/2009 21:54:24] - |ASH| - [174] - C:\Program Files\desktop.ini
[19/01/2012 16:39:08] - |D| - [5953856] - C:\Program Files\DivX
[13/07/2009 22:32:38] - |D| - [90246164] - C:\Program Files\DVD Maker
[20/10/2011 10:36:28] - |D| - [1030824] - C:\Program Files\Google
[13/07/2009 20:20:08] - |D| - [5967646] - C:\Program Files\Internet Explorer
[13/07/2009 22:32:38] - |D| - [148875826] - C:\Program Files\Microsoft Games
[26/12/2011 13:20:10] - |D| - [1584815] - C:\Program Files\Microsoft Office
[13/07/2009 22:32:38] - |D| - [25757] - C:\Program Files\MSBuild
[01/08/2011 00:10:10] - |D| - [2178436] - C:\Program Files\PlayReady
[13/07/2009 22:32:38] - |D| - [34584745] - C:\Program Files\Reference Assemblies
[20/10/2011 10:19:31] - |D| - [37331569] - C:\Program Files\Synaptics
[01/08/2011 00:30:54] - |D| - [1933101011] - C:\Program Files\Toshiba
[13/07/2009 22:09:26] - |HD| - [0] - C:\Program Files\Uninstall Information
[02/01/2012 13:45:56] - |D| - [50332808] - C:\Program Files\Vivitar Experience Image Manager
[13/07/2009 22:32:38] - |D| - [4016640] - C:\Program Files\Windows Defender
[21/11/2010 00:17:02] - |D| - [9212536] - C:\Program Files\Windows Journal
[01/08/2011 00:34:44] - |D| - [7753535] - C:\Program Files\Windows Live
[13/07/2009 20:20:08] - |D| - [6602240] - C:\Program Files\Windows Mail
[13/07/2009 22:32:38] - |D| - [7665069] - C:\Program Files\Windows Media Player
[13/07/2009 20:20:08] - |D| - [12492468] - C:\Program Files\Windows NT
[13/07/2009 22:32:38] - |D| - [5492504] - C:\Program Files\Windows Photo Viewer
[13/07/2009 22:32:38] - |D| - [244736] - C:\Program Files\Windows Portable Devices
[13/07/2009 22:32:38] - |D| - [8116131] - C:\Program Files\Windows Sidebar

---------- | C:\Program Files (x86)\Common Files

[01/08/2011 00:32:48] - |D| - [18841090] - C:\Program Files (x86)\Common Files\Adobe
[01/08/2011 00:33:21] - |D| - [31116142] - C:\Program Files (x86)\Common Files\Adobe AIR
[03/12/2015 16:34:21] - |D| - [963111] - C:\Program Files (x86)\Common Files\AV
[26/12/2011 13:20:10] - |D| - [99136] - C:\Program Files (x86)\Common Files\DESIGNER
[19/01/2012 16:39:04] - |D| - [24726272] - C:\Program Files (x86)\Common Files\DivX Shared
[01/08/2011 00:30:49] - |D| - [5261706] - C:\Program Files (x86)\Common Files\InstallShield
[20/10/2011 10:08:53] - |D| - [14245009] - C:\Program Files (x86)\Common Files\Intel
[01/08/2011 00:30:28] - |D| - [1252295] - C:\Program Files (x86)\Common Files\Java
[13/07/2009 20:20:08] - |D| - [39193909] - C:\Program Files (x86)\Common Files\microsoft shared
[28/04/2013 16:36:45] - |D| - [651776] - C:\Program Files (x86)\Common Files\MSSoap
[21/01/2012 16:11:10] - |D| - [50303] - C:\Program Files (x86)\Common Files\PC Tools
[20/10/2011 10:07:44] - |D| - [162236] - C:\Program Files (x86)\Common Files\postureAgent
[19/01/2012 16:39:21] - |D| - [4740928] - C:\Program Files (x86)\Common Files\PX Storage Engine
[13/07/2009 20:20:08] - |D| - [2702] - C:\Program Files (x86)\Common Files\Services
[13/07/2009 20:20:08] - |D| - [41103783] - C:\Program Files (x86)\Common Files\SpeechEngines
[13/07/2009 20:20:08] - |D| - [10195955] - C:\Program Files (x86)\Common Files\System
[20/10/2011 11:02:57] - |D| - [3192600] - C:\Program Files (x86)\Common Files\Toshiba Shared
[20/10/2011 10:44:01] - |D| - [8534480] - C:\Program Files (x86)\Common Files\Ulead Systems
[02/04/2012 17:22:26] - |D| - [1123719] - C:\Program Files (x86)\Common Files\WebM Project
[01/08/2011 00:33:59] - |D| - [258054761] - C:\Program Files (x86)\Common Files\Windows Live

---------- | C:\Program Files\Common files

[03/12/2015 16:34:21] - |D| - [963111] - C:\Program Files\Common files\AV
[20/10/2011 10:08:53] - |D| - [15717214] - C:\Program Files\Common files\Intel
[13/07/2009 20:20:08] - |D| - [63583018] - C:\Program Files\Common files\Microsoft Shared
[13/07/2009 20:20:08] - |D| - [2702] - C:\Program Files\Common files\Services
[13/07/2009 20:20:08] - |D| - [608768] - C:\Program Files\Common files\SpeechEngines
[13/07/2009 20:20:08] - |D| - [12145651] - C:\Program Files\Common files\System
[20/10/2011 10:16:16] - |D| - [304472] - C:\Program Files\Common files\Waves Audio Ltd
[02/04/2012 17:22:27] - |D| - [996352] - C:\Program Files\Common files\WebM Project

---------- | Tasks

[MD5.F1A6CD5ADAAB953A6764EA364E17BFB8] - [13/07/2009 22:08:49] - |AH| - [6] - C:\windows\Tasks\SA.DAT
[MD5.F82F0CA6BD7DD454AF4A21A47E8C350C] - [13/07/2009 22:08:49] - |A| - [32628] - C:\windows\Tasks\SCHEDLGU.TXT
[MD5.00000000000000000000000000000000] - [03/12/2015 16:34:22] - |D| - [3860] - C:\windows\System32\Tasks\AVAST Software
[MD5.6A4341978BDCE505CC786FE728644E8C] - [09/09/2015 09:49:05] - |A| - [4180] - C:\windows\System32\Tasks\avast! Emergency Update : C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe
[MD5.3B3E3EB66E14C4A359AE144FCF10499F] - [09/09/2015 09:30:45] - |A| - [2790] - C:\windows\System32\Tasks\CCleanerSkipUAC : "C:\Program Files\CCleaner\CCleaner.exe"
[MD5.F485202B5B0AE1A8BDF3DAF1A70E2806] - [20/10/2011 10:35:37] - |A| - [3202] - C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.8EFFB6262442F80BEF9E763AF8E5EF21] - [20/10/2011 10:35:38] - |A| - [3330] - C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA : C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
[MD5.00000000000000000000000000000000] - [13/07/2009 20:20:13] - |D| - [266130] - C:\windows\System32\Tasks\Microsoft
[MD5.00000000000000000000000000000000] - [26/12/2011 13:20:21] - |D| - [4392] - C:\windows\System32\Tasks\OfficeSoftwareProtectionPlatform
[MD5.9F2748EEF770B6B41FB1F829AF0309C0] - [13/05/2016 17:34:12] - |A| - [3890] - C:\windows\System32\Tasks\SafeZone scheduled Autoupdate 1463186051 : C:\Program Files\AVAST Software\SZBrowser\launcher.exe
[MD5.00000000000000000000000000000000] - [13/07/2009 22:09:57] - |D| - [4478] - C:\windows\System32\Tasks\WPD
[MD5.4373602E4B403E709ED33FF9D8046399] - [17/05/2016 17:50:33] - |A| - [3032] - C:\windows\System32\Tasks\{1426D1E5-5A00-4D59-985A-2107F1BEF83C} : C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
[MD5.9516A6365318001C284BCA25D7A8F49D] - [07/02/2016 12:27:13] - |A| - [2982] - C:\windows\System32\Tasks\{2FB9F27A-DE3A-4CD6-B8B6-B233E63B6955} : C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE
[MD5.F1B09D09062AA3EE08655972D34F12EF] - [10/02/2016 16:37:55] - |A| - [3294] - C:\windows\System32\Tasks\{65C76270-92BA-4F63-B82C-13F0D18DD623} : C:\windows\system32\pcalua.exe
[MD5.9516A6365318001C284BCA25D7A8F49D] - [07/02/2016 12:27:22] - |A| - [2982] - C:\windows\System32\Tasks\{A8D2B036-36FC-403B-8061-05969D1469A2} : C:\Program Files (x86)\Microsoft Office\Options14\MSOO.EXE
[MD5.4373602E4B403E709ED33FF9D8046399] - [17/05/2016 17:50:50] - |A| - [3032] - C:\windows\System32\Tasks\{E210F47C-43C1-4A1F-B297-CCB4BE5B7E4D} : C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVH.EXE
[MD5.00000000000000000000000000000000] - [13/07/2009 20:20:14] - |HD| - [0] - C:\windows\Syswow64\Tasks\Microsoft

---------- | Firewall

[HKLM\SYSTEM\CurrentControlSet\Services\sharedaccess\Parameters\FirewallPolicy\FirewallRules]
"Netlogon-NamedPipe-In"=v2.10|Action=Allow|Active=FALSE|Dir=In|Protocol=6|LPort=445|App=System|Name=@netlogon.dll,-1003|Desc=@netlogon.dll,-1006|EmbedCtxt=@netlogon.dll,-1010|

---------- | Control\Class

[HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}] : (kphpwaqu) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{0475BB51-5A02-4EE0-B36C-29040FAD2650}] : (igfx) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{04A83FC2-2AE2-4C88-B45F-E9707B377636}] : (aswHwid) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{1264760F-A5C8-4BFE-B314-D56A7B44A362}] : (DXGKrnl) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{24A0C840-2C3D-4410-8236-8B40816C7B90}] : (aswVmm) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{25DBCE51-6C8F-4A72-8A6D-B54C2B4FC835}] : (WCEUSBS) [] -> @%SystemRoot%\System32\SysClass.Dll,-3026
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{36FC9E60-C465-11CF-8056-444553540000}] : (USB) [] -> @%SystemRoot%\System32\SysClass.Dll,-3025
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4116F60B-25B3-4662-B732-99A6111EDC0B}] : (IPMIDRV) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{43675D81-502A-4A82-9F84-B75F418C5DEA}] : (Media Center Extender) [] -> @%SystemRoot%\system32\McxDriv.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4658EE7E-F050-11D1-B6BD-00C04FA372A7}] : (PnpPrinters) [] -> @%systemroot%\system32\ntprint.dll,-1300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{48721B56-6795-11D2-B1A8-0080C72E74A2}] : (Dot4) [] -> @%SystemRoot%\system32\sysclass.dll,-3023
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{49CE6AC8-6F86-11D2-B1E5-0080C72E74A2}] : (Dot4Print) [] -> @%SystemRoot%\system32\sysclass.dll,-3024
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E965-E325-11CE-BFC1-08002BE10318}] : (CDROM) [] -> @%SystemRoot%\System32\StorProp.dll,-17001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E966-E325-11CE-BFC1-08002BE10318}] : (Computer) [] -> @%SystemRoot%\System32\SysClass.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E967-E325-11CE-BFC1-08002BE10318}] : (DiskDrive) [] -> @%SystemRoot%\System32\StorProp.dll,-17000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E968-E325-11CE-BFC1-08002BE10318}] : (Display) [] -> @DispCI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E969-E325-11CE-BFC1-08002BE10318}] : (fdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3013
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96A-E325-11CE-BFC1-08002BE10318}] : (hdc) [] -> @%SystemRoot%\System32\SysClass.Dll,-3001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96B-E325-11CE-BFC1-08002BE10318}] : (Keyboard) [] -> @%SystemRoot%\System32\SysClass.Dll,-3002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96C-E325-11CE-BFC1-08002BE10318}] : (MEDIA) [] -> @mmci.dll,-3000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}] : (Modem) [] -> @%SystemRoot%\System32\mdminst.dll,-14100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96E-E325-11CE-BFC1-08002BE10318}] : (Monitor) [] -> @Montr_CI.dll,-3100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E96F-E325-11CE-BFC1-08002BE10318}] : (Mouse) [] -> @%SystemRoot%\System32\SysClass.Dll,-3004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E970-E325-11CE-BFC1-08002BE10318}] : (MTD) [] -> @SysClass.Dll,-3021
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E971-E325-11CE-BFC1-08002BE10318}] : (MultiFunction) [] -> @%SystemRoot%\System32\SysClass.Dll,-3014
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E972-E325-11CE-BFC1-08002BE10318}] : (Net) [] -> @NetCfgx.dll,-1502
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E973-E325-11CE-BFC1-08002BE10318}] : (NetClient) [] -> @NetCfgx.dll,-1504
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E974-E325-11CE-BFC1-08002BE10318}] : (NetService) [] -> @NetCfgx.dll,-1505
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E975-E325-11CE-BFC1-08002BE10318}] : (NetTrans) [] -> @NetCfgx.dll,-1503
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E977-E325-11CE-BFC1-08002BE10318}] : (PCMCIA) [] -> @%SystemRoot%\System32\SysClass.Dll,-3010
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E978-E325-11CE-BFC1-08002BE10318}] : (Ports) [] -> @%SystemRoot%\System32\msports.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E979-E325-11CE-BFC1-08002BE10318}] : (Printer) [] -> @%systemroot%\system32\ntprint.dll,-1004
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97B-E325-11CE-BFC1-08002BE10318}] : (SCSIAdapter) [] -> @%SystemRoot%\System32\SysClass.Dll,-3005
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97D-E325-11CE-BFC1-08002BE10318}] : (System) [] -> @%SystemRoot%\System32\SysClass.Dll,-3008
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E97E-E325-11CE-BFC1-08002BE10318}] : (Unknown) [] -> @%SystemRoot%\System32\SysClass.Dll,-3009
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{4D36E980-E325-11CE-BFC1-08002BE10318}] : (FloppyDisk) [] -> @%SystemRoot%\System32\SysClass.Dll,-3015
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50127DC3-0F36-415E-A6CC-4CB3BE910B65}] : (Processor) [] -> @%SystemRoot%\system32\procinst.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50906CB8-BA12-11D1-BF5D-0000F805F530}] : (MultiPortSerial) [] -> @%SystemRoot%\system32\sysclass.dll,-3022
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5099944A-F6B9-4057-A056-8C550228544C}] : (Memory) [] -> @%SystemRoot%\System32\SysClass.Dll,-3018
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{50DD5230-BA8A-11D1-BF5D-0000F805F530}] : (SmartCardReader) [] -> @StorProp.dll,-17002
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5175D334-C371-4806-B3BA-71FD53C9258D}] : (Sensor) [] -> @%systemroot%\system32\SensorsCpl.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}] : (kphpwaqu) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{533C5B84-EC70-11D2-9505-00C04F79DEAF}] : (VolumeSnapshot) [] -> @%SystemRoot%\System32\SysClass.Dll,-3011
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{53D29EF7-377C-4D14-864B-EB3A85769359}] : (BiometricDevice) [] -> @%SystemRoot%\System32\SysClass.DLL,-3028
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{54505F9E-EE66-4F1D-A63B-B853A1759385}] : (SymNetS) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{56EBD688-B772-4181-9610-8633FCEE988D}] : (SymIRON) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{5A46010E-C74B-4CB1-A041-D22759FE9F9C}] : (Sftplay) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC1-810F-11D0-BEC7-08002BE2092F}] : (1394) [] -> @%SystemRoot%\System32\SysClass.Dll,-3016
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC5-810F-11D0-BEC7-08002BE2092F}] : (Infrared) [] -> @NetCfgx.dll,-1501
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6BDD1FC6-810F-11D0-BEC7-08002BE2092F}] : (Image) [] -> @%systemroot%\system32\sti_ci.dll,-52
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6D807884-7D21-11CF-801C-08002BE10318}] : (TapeDrive) [] -> @%SystemRoot%\System32\SysClass.Dll,-3006
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{6FAE73B7-B735-4B50-A0DA-0DC2484B1F1A}] : (igfx) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{71A27CDD-812A-11D0-BEC7-08002BE2092F}] : (Volume) [] -> @%SystemRoot%\System32\SysClass.Dll,-3007
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{72631E54-78A4-11D0-BCF7-00AA00B7B32A}] : (Battery) [] -> @%SystemRoot%\system32\batt.dll,-100
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{745A17A0-74D3-11D0-B6FE-00A0C90F57DA}] : (HIDClass) [] -> @hid.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7E0006EA-81A8-4780-B0C8-474E2DBF4D63}] : (IDSVia64) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7E9CDDE7-C6A8-4A7D-8077-1C7656D98FE5}] : (PGEffect) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{7EBEFBC0-3200-11D2-B4C2-00A0C9697D07}] : (61883) [] -> @%SystemRoot%\System32\SysClass.Dll,-3019
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}] : (kphpwaqu) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8AE85550-832C-4A9B-81BB-2A49DBEE72B4}] : (aswRvrt) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8BBD94A0-A150-11D4-A878-0040265B73EE}] : (TosSec) [] -> @oem23.inf,%CLASS_NAME%;TosSec Class
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{8ECC055D-047F-11D1-A537-0000F8753ED1}] : (LegacyDriver) [] -> @%SystemRoot%\System32\SysClass.Dll,-3003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{990A2BD7-E738-46C7-B26F-1CF8FB9F1391}] : (SmartCard) [] -> @sccls.dll,-300
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{997B5D8D-C442-4F2E-BAF3-9C8E671E9E21}] : (SideShow) [] -> @%systemroot%\system32\AuxiliaryDisplayClassInstaller.dll,-10000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{A0A588A4-C46F-4B37-B7EA-C82FE89870C6}] : (SDHost) [] -> @%SystemRoot%\System32\SysClass.Dll,-3012
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{BC103702-DD72-406F-9B28-95C868337B59}] : (Transfer Cable) [] -> @%SystemRoot%\System32\migwiz\migres.dll,-20
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C06FF265-AE09-48F0-812C-16753D7CBA83}] : (AVC) [] -> @%SystemRoot%\System32\SysClass.Dll,-3027
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C4A06E97-ED42-47B9-83E1-F12299B286A5}] : (aswRdr) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{C777C165-D422-426D-8EBF-6EAF3FB83ADF}] : (aswNdisFlt) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{CE5939AE-EBDE-11D0-B181-0000F8753EC4}] : (MediumChanger) [] -> @%SystemRoot%\System32\StorProp.dll,-17003
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D48179BE-EC20-11D1-B6B8-00C04FA372A7}] : (SBP2) [] -> @%SystemRoot%\System32\SysClass.Dll,-3017
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D61CA365-5AF4-4486-998B-9DB4734C6CA3}] : (XnaComposite) [] -> @%SystemRoot%\system32\XInput9_1_0.dll,-1000
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{D94EE5D8-D189-4994-83D2-F68D7D41B0E6}] : (SecurityDevices) [] -> @%SystemRoot%\System32\SysClass.Dll,-3020
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{DB4F6DDD-9C0E-45E4-9597-78DBBAD0F412}] : (SmartCardFilter) [] -> @sccls.dll,-301
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{E0CBF06C-CD8B-4647-BB8A-263B43F0F974}] : (Bluetooth) [] -> @%SystemRoot%\system32\bthci.dll,-4001
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{EEC5AD98-8080-425F-922A-DABF3DE3F69A}] : (WPD) [] -> @wpd_ci.dll,-101
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}] : (kphpwaqu) [] ->
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{2D64B439-6CAF-4f6b-B688-E5D0F4FAA7D7}] : (Script Detection) [@elscore.dll,-2] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{A22D52C1-DBFD-40cb-AE78-E3BA9EE1D88F}] : (Transliteration) [@elscore.dll,-5] -> elstrans.dll (Copyright (c) Microsoft Corporation.)
[HKLM\SYSTEM\CurrentControlSet\Control\Els\Services\{CF7E00B1-909B-4d95-A8F4-611F7C377702}] : (Language Detection) [@elscore.dll,-1] -> ElsLad.dll (Copyright (c) Microsoft Corporation.)

---------- | Loaded modules (whitelist)

[14/07/2009 15:31:18] - (2.0.0.3) - (TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver) - C:\windows\system32\DRIVERS\TVALZ_O.SYS
[24/06/2009 15:36:48] - (4.2.0.0) - (TOSHIBA Corporation - tos_sps64) - C:\windows\system32\DRIVERS\tos_sps64.sys
[08/09/2015 10:44:10] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\windows\System32\drivers\zamguard64.sys
[08/09/2015 10:44:27] - (0.0.0.0) - (Zemana Ltd. - ZAM) - C:\windows\System32\drivers\zam64.sys
[08/11/2010 12:44:40] - (1.0.0.36) - (Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller) - C:\windows\system32\DRIVERS\L1C62x64.sys
[03/02/2011 19:59:06] - (15.2.11.1) - (Synaptics Incorporated - Synaptics Touchpad Driver) - C:\windows\system32\DRIVERS\SynTP.sys
[01/08/2011 00:40:14] - (2.0.0.3) - (TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64.) - C:\windows\system32\DRIVERS\tdcmdpst.sys
[15/06/2009 13:58:50] - (2.1.0.0) - (TOSHIBA - Generic IO & Memory Access) - C:\windows\system32\DRIVERS\QIOMem.sys
[19/06/2009 19:15:22] - (1.0.0.2) - (TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver for x64) - C:\windows\system32\DRIVERS\TVALZFL.sys
[07/07/2011 15:02:16] - (8.51.2.0) - (Conexant Systems Inc. - 64-bit High Definition Audio Function Driver) - C:\windows\system32\drivers\CHDRT64.sys
[20/10/2011 10:22:53] - (1.0.17.64) - (TOSHIBA Corporation - TOSHIBA Universal Camera Filter Driver) - C:\windows\system32\DRIVERS\pgeffect.sys
[13/07/2009 19:36:07] - (4.3.86.0) - (Macrovision Corporation, Macrovision Europe Limited, and Macrovision Japan and Asia K.K. - Macrovision SECURITY Driver) - C:\windows\System32\Drivers\secdrv.SYS

---------- | Services | 0 : Starting up | 1 : System | 2 : Automatic | 3 : Manual | 4 : Disabled | R : Running service | S : Stopped service

R0 - [Kernel Driver] - ACPI (Microsoft ACPI Driver) -> system32\drivers\ACPI.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - amdxata () -> system32\drivers\amdxata.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswRvrt (avast! Revert) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - aswVmm (avast! VM Monitor) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - atapi (IDE Channel) -> system32\drivers\atapi.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CLFS (@%SystemRoot%\system32\clfs.sys,-100) -> System32\CLFS.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - CNG () -> System32\Drivers\cng.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Compbatt (Microsoft Composite Battery Driver) -> system32\drivers\compbatt.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Disk (Disk Driver) -> system32\drivers\disk.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FileInfo (@%SystemRoot%\system32\drivers\fileinfo.sys,-100) -> system32\drivers\fileinfo.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - FltMgr (@%SystemRoot%\system32\drivers\fltmgr.sys,-10001) -> system32\drivers\fltmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - fvevol (@%SystemRoot%\system32\drivers\fvevol.sys,-100) -> System32\DRIVERS\fvevol.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - hwpolicy (@%systemroot%\system32\drivers\hwpolicy.sys,-101) -> System32\drivers\hwpolicy.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - iaStor (Intel AHCI Controller) -> system32\DRIVERS\iaStor.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecDD () -> System32\Drivers\ksecdd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - KSecPkg () -> System32\Drivers\ksecpkg.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - mountmgr (@%SystemRoot%\system32\drivers\mountmgr.sys,-100) -> System32\drivers\mountmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msahci () -> system32\DRIVERS\msahci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - msisadrv () -> system32\drivers\msisadrv.sys - AcceptPause: False - AcceptStop: True
R0 - [File System Driver] - Mup (@%systemroot%\system32\drivers\mup.sys,-101) -> System32\Drivers\mup.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - NDIS (@%SystemRoot%\system32\drivers\ndis.sys,-200) -> system32\drivers\ndis.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - partmgr (@%SystemRoot%\system32\drivers\partmgr.sys,-100) -> System32\drivers\partmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pci (PCI Bus Driver) -> system32\drivers\pci.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pciide () -> system32\DRIVERS\pciide.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - pcw (Performance Counters for Windows Driver) -> System32\drivers\pcw.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - rdyboost (ReadyBoost) -> System32\drivers\rdyboost.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - spldr (Security Processor Loader Driver) -> (?) - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Tcpip (@%SystemRoot%\system32\tcpipcfg.dll,-50003) -> System32\drivers\tcpip.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - tos_sps64 (TOSHIBA tos_sps64 Service) -> system32\DRIVERS\tos_sps64.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - TVALZ (TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver) -> system32\DRIVERS\TVALZ_O.SYS - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - vdrvroot (Microsoft Virtual Drive Enumerator Driver) -> system32\drivers\vdrvroot.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgr (Volume Manager Driver) -> system32\drivers\volmgr.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volmgrx (@%SystemRoot%\system32\drivers\volmgrx.sys,-100) -> System32\drivers\volmgrx.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - volsnap (Storage volumes) -> system32\drivers\volsnap.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Wd (Microsoft Watchdog Timer Driver) -> system32\drivers\wd.sys - AcceptPause: False - AcceptStop: True
R0 - [Kernel Driver] - Wdf01000 (Kernel Mode Driver Frameworks service) -> system32\drivers\Wdf01000.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - AFD (@%systemroot%\system32\drivers\afd.sys,-1000) -> \SystemRoot\system32\drivers\afd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswKbd (aswKbd) -> \SystemRoot\system32\drivers\aswKbd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - aswRdr (aswRdr) -> \SystemRoot\system32\drivers\aswRdr2.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSnx (aswSnx) -> \SystemRoot\system32\drivers\aswSnx.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - aswSP (aswSP) -> \SystemRoot\system32\drivers\aswSP.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Beep (Beep) -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - blbdrive () -> system32\DRIVERS\blbdrive.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - cdrom (CD-ROM Driver) -> system32\DRIVERS\cdrom.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - DfsC (@%systemroot%\system32\drivers\dfsc.sys,-101) -> System32\Drivers\dfsc.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - discache (@%systemroot%\system32\drivers\discache.sys,-102) -> System32\drivers\discache.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Msfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - mssmbios (Microsoft System Management BIOS Driver) -> system32\DRIVERS\mssmbios.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - NetBIOS (NetBIOS Interface) -> system32\DRIVERS\netbios.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - NetBT (@%SystemRoot%\system32\drivers\netbt.sys,-2) -> System32\DRIVERS\netbt.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - Npfs () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - nsiproxy (@%SystemRoot%\system32\drivers\nsiproxy.sys,-2) -> system32\drivers\nsiproxy.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Null () -> (?) - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Psched (@%SystemRoot%\System32\drivers\pacer.sys,-101) -> system32\DRIVERS\pacer.sys - AcceptPause: False - AcceptStop: True
R1 - [File System Driver] - rdbss (@%systemroot%\system32\wkssvc.dll,-1000) -> system32\DRIVERS\rdbss.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPCDD (@%systemroot%\system32\DRIVERS\RDPCDD.sys,-100) -> System32\DRIVERS\RDPCDD.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPENCDD (@%systemroot%\system32\drivers\RDPENCDD.sys,-101) -> system32\drivers\rdpencdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - RDPREFMP (@%systemroot%\system32\drivers\RdpRefMp.sys,-101) -> system32\drivers\rdprefmp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - tdx (@%SystemRoot%\system32\tcpipcfg.dll,-50004) -> system32\DRIVERS\tdx.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - TermDD (Terminal Device Driver) -> system32\DRIVERS\termdd.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - VgaSave () -> \SystemRoot\System32\drivers\vga.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - vwififlt (Virtual WiFi Filter Driver) -> system32\DRIVERS\vwififlt.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - Wanarpv6 (@%systemroot%\system32\rascfg.dll,-32012) -> system32\DRIVERS\wanarp.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - WfpLwf (WFP Lightweight Filter) -> system32\DRIVERS\wfplwf.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ZAM (ZAM Helper Driver) -> \??\C:\windows\System32\drivers\zam64.sys - AcceptPause: False - AcceptStop: True
R1 - [Kernel Driver] - ZAM_Guard (ZAM Guard Driver) -> \??\C:\windows\System32\drivers\zamguard64.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - aswHwid (avast! HardwareID) -> \SystemRoot\system32\drivers\aswHwid.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - aswMonFlt (aswMonFlt) -> \SystemRoot\system32\drivers\aswMonFlt.sys - AcceptPause: False - AcceptStop: True
S2 - [Kernel Driver] - aswStm (aswStm) -> \SystemRoot\system32\drivers\aswStm.sys - AcceptPause: False - AcceptStop: False
R2 - [Kernel Driver] - lltdio (Link-Layer Topology Discovery Mapper I/O Driver) -> system32\DRIVERS\lltdio.sys - AcceptPause: False - AcceptStop: True
R2 - [File System Driver] - luafv (@%systemroot%\system32\drivers\luafv.sys,-100) -> \SystemRoot\system32\drivers\luafv.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - PEAUTH (PEAUTH) -> system32\drivers\peauth.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - rspndr (Link-Layer Topology Discovery Responder) -> system32\DRIVERS\rspndr.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - secdrv (Security Driver) -> (?) - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - tcpipreg (TCP/IP Registry Compatibility) -> System32\drivers\tcpipreg.sys - AcceptPause: False - AcceptStop: True
R2 - [Kernel Driver] - TVALZFL (TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Filter Driver) -> system32\DRIVERS\TVALZFL.sys - AcceptPause: False - AcceptStop: True

---------- | System files (Microsoft Files whitelisted)

[MD5.2F6B34B83843F0C5118B63AC634F5BF4] - [10/06/2009 13:36:24] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SAS/SATA Storport Driver.) - [479.58 Ko] - (1.6.6.4) - C:\windows\System32\Drivers\adp94xx.sys
[MD5.597F78224EE9224EA1A13D6350CED962] - [13/07/2009 14:59:32] - (.Copyright © 2006 Adaptec, Inc. - Adaptec Windows SATA Storport Driver.) - [331.58 Ko] - (1.6.6.1) - C:\windows\System32\Drivers\adpahci.sys
[MD5.E109549C90F62FB570B9540C4B148E54] - [13/07/2009 14:59:33] - (.Copyright © 2003 Adaptec, Inc. - Adaptec StorPort Ultra320 SCSI Driver (X64).) - [178.58 Ko] - (7.2.0.0) - C:\windows\System32\Drivers\adpu320.sys
[MD5.5812713A477A3AD7363C7438CA2EE038] - [13/07/2009 16:19:47] - (.Copyright (C) Acer Laboratories Inc. 2000 - ALi mini IDE Driver.) - [15.08 Ko] - (1.2.0.0) - C:\windows\System32\Drivers\aliide.sys
[MD5.1FF8B4431C353CE385C875F194924C0C] - [13/07/2009 16:19:49] - (.Copyright (C) AMD 2003 - AMD IDE Driver.) - [15.08 Ko] - (6.1.7600.16385) - C:\windows\System32\Drivers\amdide.sys
[MD5.D4121AE6D0C0E7E13AA221AA57EF2D49] - [01/08/2011 00:11:51] - (.Copyright © 2008-2010 AMD, Inc. - AHCI 1.2 Device Driver.) - [105.38 Ko] - (1.1.2.5) - C:\windows\System32\Drivers\amdsata.sys
[MD5.F67F933E79241ED32FF46A4F29B5120B] - [10/06/2009 13:37:35] - (.2008 Advanced Micro Devices, Inc. - AMD Technology AHCI Compatible Controller Driver for Windows - AMD64 platform.) - [189.58 Ko] - (3.6.1540.127) - C:\windows\System32\Drivers\amdsbs.sys
[MD5.540DAF1CEA6094886D72126FD7C33048] - [01/08/2011 00:11:51] - (.Copyright © 2008-2010 AMD, Inc. - Storage Filter Driver.) - [26.38 Ko] - (1.1.2.5) - C:\windows\System32\Drivers\amdxata.sys
[MD5.C484F8CEB1717C540242531DB7845C4E] - [13/07/2009 14:59:33] - (.Copyright 2007 Adaptec, Inc. - Adaptec RAID Storport Driver.) - [85.58 Ko] - (5.2.0.10384) - C:\windows\System32\Drivers\arc.sys
[MD5.019AF6924AEFE7839F61C830227FE79C] - [13/07/2009 14:59:33] - (.Copyright 2008 Adaptec, Inc. - Adaptec SAS RAID WS03 Driver.) - [95.56 Ko] - (5.2.0.16119) - C:\windows\System32\Drivers\arcsas.sys
[MD5.A629E4799D4CD6361D1B5D573EA5C2CD] - [09/09/2015 09:48:38] - (.Copyright (c) 2014 AVAST Software - avast! HWID.) - [36.77 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswHwid.sys
[MD5.97F952A9050CAD88681F5F0F46B8D5A5] - [13/05/2016 10:00:49] - (.Copyright (c) 2014 AVAST Software - avast! Keyboard Filter Driver.) - [36.27 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswKbd.sys
[MD5.9C6C17C495E960E52EDE5D038EE92AE1] - [09/09/2015 09:48:39] - (.Copyright (c) 2014 AVAST Software - avast! File System Minifilter for Windows 2003/Vista.) - [105.77 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswMonFlt.sys
[MD5.8F492911129B1B32818BF894DC0C2C73] - [09/09/2015 09:48:38] - (.Copyright (c) 2014 AVAST Software - avast! WFP Redirect Driver.) - [100.65 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswRdr2.sys
[MD5.4ABDD84A67378E866BC15DDC9916BA71] - [09/09/2015 09:48:39] - (.Copyright (c) 2014 AVAST Software - avast! Revert.) - [72.8 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswRvrt.sys
[MD5.409CDD1400B404F655EEC1B5850FD3BE] - [09/09/2015 09:48:36] - (.Copyright (c) 2014 AVAST Software - avast! Virtualization Driver.) - [1045.8 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswSnx.sys
[MD5.CDB1BE967AFF65D8395B6DF2EA8CBCCF] - [09/09/2015 09:48:39] - (.Copyright (c) 2014 AVAST Software - avast! self protection module.) - [462.49 Ko] - (12.1.3076.7) - C:\windows\System32\Drivers\aswsp.sys
[MD5.F6B5E463A0BB934C26FB319EDC726F65] - [09/09/2015 09:48:41] - (.Copyright (c) 2014 AVAST Software - Stream Filter.) - [159.09 Ko] - (12.1.3076.0) - C:\windows\System32\Drivers\aswStm.sys
[MD5.FE0EE5CA72BC0D41DCAAFCA70B78274B] - [09/09/2015 09:48:41] - (.Copyright (c) 2014 AVAST Software - avast! VM Monitor.) - [285.84 Ko] - (12.1.3076.11) - C:\windows\System32\Drivers\aswvmm.sys
[MD5.B5ACE6968304A3900EEB1EBFD9622DF2] - [10/06/2009 13:34:23] - (.Copyright 2000-2008, Broadcom Corporation. - Broadcom NetXtreme Gigabit Ethernet NDIS6.x Unified Driver..) - [264.5 Ko] - (10.100.4.0) - C:\windows\System32\Drivers\b57nd60a.sys
[MD5.F09EEE9EDC320B5E1501F749FDE686C8] - [13/07/2009 18:19:59] - (.Copyright (C) Brother Industries, Ltd. 2001-2003 - Windows ME USB Mass-Storage Bulk-Only Lower Filter Driver.) - [18 Ko] - (1.10.0.2) - C:\windows\System32\Drivers\BrFiltLo.sys
[MD5.B114D3098E9BDB8BEA8B053685831BE6] - [13/07/2009 18:20:21] - (.Copyright (C) Brother Industries, Ltd. 2001 - Windows ME USB Mass-Storage Bulk-Only Upper Filter Driver.) - [8.5 Ko] - (1.4.0.1) - C:\windows\System32\Drivers\BrFiltUp.sys
[MD5.43BEA8D483BF1870F018E2D02E06A5BD] - [13/07/2009 18:19:06] - (.Copyright (C) Brother Industries Ltd.1997-2006 - Brotehr Serial I/F Driver (WDM).) - [280 Ko] - (1.0.1.6) - C:\windows\System32\Drivers\BrSerId.sys
[MD5.A6ECA2151B08A09CACECA35C07F05B42] - [13/07/2009 18:20:11] - (.Copyright (C) Brother Industries Ltd.1997-2003 - Brother Serial driver (WDM version).) - [46 Ko] - (1.0.0.20) - C:\windows\System32\Drivers\BrSerWdm.sys
[MD5.B79968002C277E869CF38BD22CD61524] - [13/07/2009 18:20:26] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB MDM Driver.) - [14.63 Ko] - (1.0.0.12) - C:\windows\System32\Drivers\BrUsbMdm.sys
[MD5.A87528880231C54E75EA7A44943B38BF] - [13/07/2009 18:20:15] - (.Copyright(C)Brother Industries Ltd.1997-2006 - Brother USB Serial Driver.) - [14.38 Ko] - (1.0.1.3) - C:\windows\System32\Drivers\BrUsbSer.sys
[MD5.3E5B191307609F7514148C6832BB0842] - [10/06/2009 13:34:28] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II GigE VBD.) - [457.5 Ko] - (4.8.2.0) - C:\windows\System32\Drivers\bxvbda.sys
[MD5.20506F12AFAD3DB588D007EA9325FBBC] - [07/07/2011 15:02:16] - (.© Conexant Systems Inc. - 64-bit High Definition Audio Function Driver.) - [1539.63 Ko] - (8.51.2.0) - C:\windows\System32\Drivers\CHDRT64.sys
[MD5.E19D3F095812725D88F9001985B94EDD] - [13/07/2009 16:19:48] - (.Copyright (C) CMD Technology, Inc. 1999-2000 - CMD PCI IDE Bus Driver.) - [17.08 Ko] - (2.0.7.0) - C:\windows\System32\Drivers\cmdide.sys
[MD5.0E5DA5369A0FCAEA12456DD852545184] - [10/06/2009 13:36:49] - (.Copyright © 2003-2009 Emulex - Storport Miniport Driver for LightPulse HBAs.) - [518.06 Ko] - (7.2.10.211) - C:\windows\System32\Drivers\elxstor.sys
[MD5.DC5D737F51BE844D8C82C695EB17372F] - [10/06/2009 13:34:33] - (.(c) COPYRIGHT 2001-2008 Broadcom Corporation - Broadcom NetXtreme II 10 GigE VBD.) - [3209 Ko] - (4.8.13.0) - C:\windows\System32\Drivers\evbda.sys
[MD5.915E4E1E21CBFC4CB2415CD34C72800C] - [26/12/2011 12:57:17] - (.-.) - [0.01 Ko] - (0.0.0.0) - C:\windows\System32\Drivers\fbd.sys
[MD5.F2523EF6460FC42405B12248338AB2F0] - [13/07/2009 15:53:43] - (.Copyright ©2007-2009 Hauppauge Computer Works, Inc. - Hauppauge WinTV 885 Consumer IR Driver for eHome.) - [30.5 Ko] - (1.31.27127.0) - C:\windows\System32\Drivers\hcw85cir.sys
[MD5.A6518DCC42F7A6E999BB3BEA8FD87567] - [19/10/2010 16:34:26] - (.Copyright © 2006-2010, Intel Corporation. - Intel(R) Management Engine Interface.) - [55.02 Ko] - (7.0.0.1144) - C:\windows\System32\Drivers\HECIx64.sys
[MD5.39D2ABCD392F3D8A6DCE7B60AE7B8EFC] - [20/11/2010 20:23:47] - (.Copyright (c) 2004-2010 Hewlett-Packard Development Company, L.P. - Smart Array SAS/SATA Controller Media Driver.) - [76.88 Ko] - (6.12.6.64) - C:\windows\System32\Drivers\HpSAMD.sys
[MD5.D469B77687E12FE43E344806740B624D] - [20/10/2011 10:11:10] - (.Copyright(C) Intel Corporation 1994-2011 - Intel Rapid Storage Technology driver - x64.) - [429.02 Ko] - (10.1.2.1004) - C:\windows\System32\Drivers\iaStor.sys
[MD5.AAAF44DB3BD0B9D1FB6969B23ECC8366] - [01/08/2011 00:11:50] - (.Copyright(C) Intel Corporation 1994-2008 - Intel Matrix Storage Manager driver - x64.) - [400.88 Ko] - (8.6.2.1014) - C:\windows\System32\Drivers\iaStorV.sys
[MD5.370C2A8629B30F910F740387795DDC6F] - [04/04/2011 20:10:14] - (.Copyright (c) 1998-2006 Intel Corporation. - Intel Graphics Kernel Mode Driver.) - [11975.22 Ko] - (8.15.10.2353) - C:\windows\System32\Drivers\igdkmd64.sys
[MD5.5C18831C61933628F5BB0EA2675B9D21] - [13/07/2009 14:59:33] - (.Copyright © 2002-05 Intel Corp./ICP vortex GmbH - Intel/ICP Raid Storport Driver.) - [43.08 Ko] - (5.4.22.0) - C:\windows\System32\Drivers\iirsp.sys
[MD5.FC727061C0F47C8059E88E05D5C8E381] - [15/10/2010 01:28:16] - (.Intel(R) Corporation. - Intel(R) Display Audio Driver.) - [310 Ko] - (6.14.0.3074) - C:\windows\System32\Drivers\IntcDAud.sys
[MD5.CD91D1BD200D9F39682A08E987F0DBE2] - [02/01/2012 13:46:49] - (.Copyright (C) 2007 Jeilin Corporation - Universal Serial Bus Camera Driver.) - [78.98 Ko] - (6.0.6000.16386) - C:\windows\System32\Drivers\jl2005c.sys
[MD5.EBED8B3FF4A823C1A6EEBEED7B29353F] - [08/11/2010 12:44:40] - (.2001-2010 Atheros Communications, Inc. - Atheros L1c PCI-E Gigabit Ethernet Controller.) - [75.11 Ko] - (1.0.0.36) - C:\windows\System32\Drivers\L1C62x64.sys
[MD5.1A93E54EB0ECE102495A51266DCDB6A6] - [13/07/2009 14:59:34] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT FC Driver (StorPort).) - [112.06 Ko] - (1.28.3.52) - C:\windows\System32\Drivers\lsi_fc.sys
[MD5.1047184A9FDC8BDBFF857175875EE810] - [13/07/2009 14:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SAS Driver (StorPort).) - [104.06 Ko] - (1.28.3.52) - C:\windows\System32\Drivers\lsi_sas.sys
[MD5.30F5C0DE1EE8B5BC9306C1F0E4A75F93] - [13/07/2009 14:59:34] - (.Copyright © LSI Corporation 2009 - LSI SAS Gen2 Driver (StorPort).) - [64.06 Ko] - (2.0.2.71) - C:\windows\System32\Drivers\lsi_sas2.sys
[MD5.0504EACAFF0D3C8AED161C4B0D369D4A] - [13/07/2009 14:59:33] - (.Copyright © LSI Corporation 2008 - LSI Fusion-MPT SCSI Driver (StorPort).) - [113.06 Ko] - (1.28.3.67) - C:\windows\System32\Drivers\lsi_scsi.sys
[MD5.A8D28D5B3E2A528D1EF0E338E44F2820] - [08/09/2015 10:46:37] - (.© Malwarebytes Corporation. - Malwarebytes Anti-Malware.) - [25.21 Ko] - (0.1.15.0) - C:\windows\System32\Drivers\mbam.sys
[MD5.47701ECA633574E122687693B5C5D35C] - [08/09/2015 10:46:37] - (.© Malwarebytes. - Malwarebytes Chameleon Protection Driver.) - [106.71 Ko] - (1.1.21.0) - C:\windows\System32\Drivers\mbamchameleon.sys
[MD5.89DECC6E34AE28029BFC9C4EF186FC46] - [08/09/2015 10:47:01] - (.© Malwarebytes. - Malwarebytes Anti-Malware.) - [190.21 Ko] - (0.3.0.4) - C:\windows\System32\Drivers\MBAMSwissArmy.sys
[MD5.A55805F747C6EDB6A9080D7C633BD0F4] - [10/06/2009 13:37:14] - (.Copyright © LSI Corporation - MEGASAS RAID Controller Driver for Windows 7\Server 2008 R2 for x64.) - [34.56 Ko] - (4.5.1.64) - C:\windows\System32\Drivers\megasas.sys
[MD5.BAF74CE0072480C3B6B7C13B2A94D6B3] - [13/07/2009 14:59:33] - (.Copyright (C) 2007 LSI Corporation. - LSI MegaRAID Software RAID Driver.) - [278.06 Ko] - (13.5.409.2009) - C:\windows\System32\Drivers\MegaSR.sys
[MD5.AE757332EA130E94E646621CC695B52A] - [08/09/2015 10:46:37] - (.© Malwarebytes Corporation. - Malwarebytes Web Access Control.) - [62.21 Ko] - (1.0.6.0) - C:\windows\System32\Drivers\mwac.sys
[MD5.77889813BE4D166CDAB78DDBA990DA92] - [13/07/2009 14:59:33] - (.(C) Copyright IBM Corp. 1994, 2002. - IBM ServeRAID Controller Driver.) - [50.06 Ko] - (7.10.0.0) - C:\windows\System32\Drivers\nfrd960.sys
[MD5.0A92CB65770442ED0DC44834632F66AD] - [01/08/2011 00:11:50] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) RAID Driver.) - [144.88 Ko] - (10.6.0.18) - C:\windows\System32\Drivers\nvraid.sys
[MD5.DAB0E87525C10052BF65F06152F37E4A] - [01/08/2011 00:11:50] - (.Copyright(C) 2001-2010 NVIDIA Corporation - NVIDIA® nForce(TM) Sata Performance Driver.) - [162.38 Ko] - (10.6.0.18) - C:\windows\System32\Drivers\nvstor.sys
[MD5.91111CEBBDE8015E822C46120ED9537C] - [20/10/2011 10:22:53] - (.Copyright (c) TOSHIBA Corporation. - TOSHIBA Universal Camera Filter Driver.) - [37.2 Ko] - (1.0.17.64) - C:\windows\System32\Drivers\PGEffect.sys
[MD5.C8FCB4899F8B70CC34E0D9876A80963C] - [15/06/2009 13:58:50] - (.Copyright(C) 2009-2016 TOSHIBA. - Generic IO & Memory Access.) - [12.5 Ko] - (2.1.0.0) - C:\windows\System32\Drivers\QIOMem.sys
[MD5.A53A15A11EBFD21077463EE2C7AFEEF0] - [10/06/2009 13:37:36] - (.Copyright © QLogic Corporation 1996-2009 - QLogic Fibre Channel Stor Miniport Driver.) - [1489.08 Ko] - (9.1.8.6) - C:\windows\System32\Drivers\ql2300.sys
[MD5.4F6D12B51DE1AAEFF7DC58C4D75423C8] - [13/07/2009 14:59:34] - (.© QLogic Corporation. - QLogic iSCSI Storport Miniport Driver.) - [125.58 Ko] - (2.1.3.20) - C:\windows\System32\Drivers\ql40xx.sys
[MD5.80E356E8BA267DB92DCA373CB4EE11C9] - [20/10/2011 10:20:50] - (.Realtek Semiconductor Corp. - Realtek Turbo Mode Filter Driver for 39.) - [17.6 Ko] - (1.0.2.0) - C:\windows\System32\Drivers\rtcrfilt64.sys
[MD5.945AB249D12CBE044782430C6013AA1A] - [20/10/2011 10:18:27] - (.Copyright (C) 2010 Realtek Semiconductor Corporation - Realtek RTL8187B NDIS Driver.) - [439.5 Ko] - (62.1182.331.2010) - C:\windows\System32\Drivers\rtl8187B.sys
[MD5.F79E887762D9A0C3FDE5D188DCA5BB26] - [20/10/2011 10:18:27] - (.Copyright (C) 2010 Realtek Semiconductor Corporation - Realtek RTL8187S PCIE NDIS Driverr.) - [432 Ko] - (6.9110.401.2010) - C:\windows\System32\Drivers\rtl8187Se.sys
[MD5.64FDF4FE366CA42DA2B7D9D424B6E39B] - [20/10/2011 10:18:27] - (.Copyright (C) 2006 Realtek Semiconductor Corporation - Realtek RTL81892CE NDIS Driverr.) - [1083.1 Ko] - (1005.12.105.2011) - C:\windows\System32\Drivers\rtl8192ce.sys
[MD5.2882E3DE7FA60CEDC208A0D9C506C9E1] - [20/10/2011 10:18:27] - (.Copyright (C) 2006 Realtek Semiconductor Corporation - Realtek RTL81892SE NDIS Driverr.) - [1192.6 Ko] - (2019.2.1217.2010) - C:\windows\System32\Drivers\rtl8192se.sys
[MD5.689E5A7993643E216CB553930990DE23] - [20/10/2011 10:18:27] - (.Copyright (C) 2006 Realtek Semiconductor Corporation - Realtek RTL819xP NDIS Driverr.) - [612.1 Ko] - (2002.0.1222.2010) - C:\windows\System32\Drivers\rtl819xp.sys
[MD5.135A64530D7699AD48F29D73A658DD11] - [20/10/2011 10:20:50] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) - [245.1 Ko] - (6.1.7600.30127) - C:\windows\System32\Drivers\RtsUStor.sys
[MD5.E5DC911D0FEB72CAFF2BBDD6E7C3672F] - [20/10/2011 10:20:50] - (.Copyright (C) Realtek Semiconductor Corp. - Realtek USB Mass Storage Driver for 2K/XP/Vista/Win7.) - [300.1 Ko] - (6.1.7600.10008) - C:\windows\System32\Drivers\rtsuvstor.sys
[MD5.3EA8A16169C26AFBEB544E0E48421186] - [13/07/2009 19:36:07] - (.© 2006 Macrovision Corporation - Macrovision SECURITY Driver.) - [22.5 Ko] - (4.3.86.0) - C:\windows\System32\Drivers\secdrv.sys
[MD5.843CAF1E5FDE1FFD5FF768F23A51E2E1] - [10/06/2009 13:37:40] - (.Copyright (c) SiS Corp. 2000-2010 - SiS RAID Stor Miniport Driver.) - [42.56 Ko] - (5.1.1039.2600) - C:\windows\System32\Drivers\sisraid2.sys
[MD5.6A6C106D42E9FFFF8B9FCB4F754F6DA4] - [13/07/2009 14:59:33] - (.Copyright (c) SiS Corp. 2007-2013 - SiS AHCI Stor-Miniport Driver.) - [78.58 Ko] - (5.1.1039.3600) - C:\windows\System32\Drivers\sisraid4.sys
[MD5.1D8F61346A123CC5CDE7E2AABB7DFEE0] - [30/08/2016 16:15:58] - (.-.) - [43.9 Ko] - (8.0.4624.2183) - C:\windows\System32\Drivers\staport.sys
[MD5.F3817967ED533D08327DC73BC4D5542A] - [13/07/2009 14:59:33] - (.Promise Technology - Promise SuperTrak EX Series Driver for Windows.) - [24.08 Ko] - (5.0.1.1) - C:\windows\System32\Drivers\stexstor.sys
[MD5.F5B46DF59FEAA48A442AED7EEB754D4B] - [03/02/2011 19:59:06] - (.Copyright (C) Synaptics Incorporated 1996-2011 - Synaptics Touchpad Driver.) - [1380.55 Ko] - (15.2.11.1) - C:\windows\System32\Drivers\SynTP.sys
[MD5.FD542B661BD22FA69CA789AD0AC58C29] - [01/08/2011 00:40:14] - (.Copyright (C) 2007-2009 TOSHIBA Corporation. - TOSHIBA ODD Writing Driver for x64..) - [27.13 Ko] - (2.0.0.3) - C:\windows\System32\Drivers\tdcmdpst.sys
[MD5.09FF7B0B1B5C3D225495CB6F5A9B39F8] - [24/06/2009 15:36:48] - (.Copyright (C) TOSHIBA Corporation 2000-2009 - tos_sps64.) - [471.08 Ko] - (4.2.0.0) - C:\windows\System32\Drivers\tos_sps64.sys
[MD5.9C7191F4B2E49BFF47A6C1144B5923FA] - [19/06/2009 19:15:22] - (.Copyright (C) 2008-2009 TOSHIBA Corporation - TOSHIBA TVALZ Filter Driver for x64.) - [14.13 Ko] - (1.0.0.2) - C:\windows\System32\Drivers\TVALZFL.sys
[MD5.550B567F9364D8F7684C3FB3EA665A72] - [14/07/2009 15:31:18] - (.Copyright (C) 2006-2009 TOSHIBA Corporation - TOSHIBA ACPI-Based Value Added Logical and General Purpose Device Driver.) - [26.21 Ko] - (2.0.0.3) - C:\windows\System32\Drivers\TVALZ_O.SYS
[MD5.E5689D93FFE4E5D66C0178761240DD54] - [13/07/2009 16:19:50] - (.Copyright (C) VIA Technologies, Inc. 2000-2007 - VIA Generic PCI IDE Bus Driver.) - [17.08 Ko] - (6.0.6000.170) - C:\windows\System32\Drivers\viaide.sys
[MD5.5E2016EA6EBACA03C04FEAC5F330D997] - [10/06/2009 13:37:58] - (.Copyright (C) VIA Technologies 1992-2007 - VIA RAID DRIVER FOR AMD-X86-64.) - [158.08 Ko] - (6.0.6000.6210) - C:\windows\System32\Drivers\vsmraid.sys
[MD5.0C4540311E11664B245A263E1154CEF8] - [13/07/2009 15:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_HWAZL WDM driver.) - [286 Ko] - (7.80.2.0) - C:\windows\System32\Drivers\VSTAZL6.SYS
[MD5.18E40C245DBFAF36FD0134A7EF2DF396] - [13/07/2009 15:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_CNXT driver.) - [723.5 Ko] - (7.80.2.0) - C:\windows\System32\Drivers\VSTCNXT6.SYS
[MD5.02071D207A9858FBE3A48CBFD59C4A04] - [13/07/2009 15:04:21] - (.Copyright Conexant Systems, Inc. 2008 - HSF_DP driver.) - [1450.5 Ko] - (7.80.2.0) - C:\windows\System32\Drivers\VSTDPV6.SYS
[MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [08/09/2015 10:44:27] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\windows\System32\Drivers\zam64.sys
[MD5.21E13F2CB269DEFEAE5E1D09887D47BB] - [08/09/2015 10:44:10] - (.Zemana Ltd. - ZAM.) - [198.91 Ko] - (0.0.0.0) - C:\windows\System32\Drivers\zamguard64.sys

---------- | Uninstall

[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\ActiveTouchMeetingClient] : (WebEx.-.Cisco WebEx LLC) -> C:\PROGRA~3\WebEx\atcliun.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Branding] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\cAudioFilterAgent] : (.-.Conexant Systems) -> C:\Program Files\CONEXANT\cAudioFilterAgent\SETUP64.EXE -U -IcAudioFilterAgent -SM=cAudioFilterAgent64.exe,16
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CCleaner] : (CCleaner.-.Piriform) -> "C:\Program Files\CCleaner\uninst.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\cMA3Preset] : (.-.Conexant Systems) -> C:\Program Files\CONEXANT\cMA3Preset\SETUP64.EXE -U -IcMA3Preset ,16
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\CNXT_AUDIO_HDA] : (Conexant HD Audio.-.Conexant) -> C:\Program Files\CONEXANT\CNXT_AUDIO_HDA\UIU64a.exe -U -G -ITE7Pebwa.inf
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\DXM_Runtime] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}] : (.-.) -> C:\Program Files\TOSHIBA\TVAP\setup.exe
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MaxxAudio] : (.-.Conexant Systems) -> C:\Program Files\Conexant\MaxxAudio\SETUP64.EXE -U -IMaxxAudio
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MaxxGadget] : (.-.Conexant Systems) -> C:\Program Files\Conexant\MaxxGadget\SETUP64.EXE -U -IMaxxGadget ,16
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\MPlayer2] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\REGSERVO_is1] : (REGSERVO.-.TuneUp System Software Pvt Ltd.) -> "C:\Program Files\REGSERVO\unins000.exe"
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SAII] : (.-.Conexant Systems) -> C:\Program Files\Conexant\SAII\SETUP64.EXE -U -ISAII -SM=SmartAudio.EXE,1801
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\SynTPDeinstKey] : (Synaptics Pointing Device Driver.-.Synaptics Incorporated) -> rundll32.exe "%ProgramFiles%\Synaptics\SynTP\SynISDLL.dll",standAloneUninstall
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{027BF2A8-9B37-AE37-C35E-1D6839B09261}] : (.-.) ->
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{066CFFF8-12BF-4390-A673-75F95EFF188E}] : (TOSHIBA Value Added Package.-.TOSHIBA Corporation) ->
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{1C8C049A-145F-4A6E-8290-B5C245EBE39D}] : (TOSHIBA Bulletin Board.-.TOSHIBA Corporation) -> MsiExec.exe /X{1C8C049A-145F-4A6E-8290-B5C245EBE39D}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}] : (TOSHIBA ReelTime.-.TOSHIBA Corporation) -> MsiExec.exe /X{24811C12-F4A9-4D0F-8494-A7B8FE46123C}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{5DA0E02F-970B-424B-BF41-513A5018E4C0}] : (TOSHIBA Disc Creator.-.TOSHIBA Corporation) -> MsiExec.exe /X{5DA0E02F-970B-424B-BF41-513A5018E4C0}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{6D3C4544-EA5F-F1E0-BEFF-C5B631789FB1}] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}] : (TOSHIBA PC Health Monitor.-.TOSHIBA Corporation) -> MsiExec.exe /X{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{9E063853-2003-09E8-0E26-A600FF9F51B9}] : (.-.) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}] : (TOSHIBA eco Utility.-.TOSHIBA Corporation) -> MsiExec.exe /X{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}] : (TOSHIBA Hardware Setup.-.TOSHIBA) ->
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{CBD6B23D-41D5-4A46-8019-6208516C9712}] : (TOSHIBA Supervisor Password.-.TOSHIBA) ->
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{D4322448-B6AF-4316-B859-D8A0E84DCB38}] : (TOSHIBA HDD/SSD Alert.-.TOSHIBA Corporation) -> MsiExec.exe /X{D4322448-B6AF-4316-B859-D8A0E84DCB38}
[HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{E97273D6-1BFC-5317-EB2E-926B029C4002}] : (.-.) ->
##########[{Hidden}][HKLM\SOFTWARE\Microsoft\windows\CurrentVersion\Uninstall\{F67FA545-D8E5-4209-86B1-AEE045D1003F}] : (TOSHIBA Face Recognition.-.TOSHIBA Corporation) -> MsiExec.exe /X{F67FA545-D8E5-4209-86B1-AEE045D1003F}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\9-lab Removal Tool] : (9-lab Removal Tool.-.) -> "C:\Program Files\9-lab\Removal Tool\uninst.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\AddressBook] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe AIR] : (Adobe AIR.-.Adobe Systems Incorporated) -> c:\Program Files (x86)\Common Files\Adobe AIR\Versions\1.0\Resources\Adobe AIR Updater.exe -arp:uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player ActiveX] : (Adobe Flash Player 18 ActiveX.-.Adobe Systems Incorporated) -> C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_ActiveX.exe -maintain activex
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Adobe Flash Player NPAPI] : (Adobe Flash Player 18 NPAPI.-.Adobe Systems Incorporated) -> C:\windows\SysWOW64\Macromed\Flash\FlashUtil32_18_0_0_232_Plugin.exe -maintain plugin
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Avast] : (Avast Free Antivirus.-.AVAST Software) -> C:\Program Files\AVAST Software\Avast\Setup\Instup.exe /control_panel
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Connection Manager] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DirectDrawEx] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\DivX Setup] : (DivX Setup.-.DivX, LLC) -> C:\ProgramData\DivX\Setup\DivXSetup.exe /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\ffdshow_is1] : (ffdshow [rev 2527] [2008-12-19].-.) -> "C:\Program Files (x86)\ffdshow\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Fontcore] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\FreeTorrentViewer] : (FreeTorrentViewer.-.Free Torrent Viewer) -> C:\Program Files (x86)\FreeTorrentViewer\uninst.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Giraffic] : (Veoh Giraffic Video Accelerator.-.Giraffic) -> C:\Program Files (x86)\Giraffic\GirafficUninstall.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Google Chrome] : (Google Chrome.-.Google Inc.) -> "C:\Program Files (x86)\Google\Chrome\Application\57.0.2987.133\Installer\setup.exe" --uninstall --system-level --verbose-logging
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\HaaliMkx] : (Haali Media Splitter.-.) -> "C:\Program Files (x86)\Haali\MatroskaSplitter\uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE40] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE4Data] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IE5BAKEX] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\IEData] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield Uninstall Information] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{066CFFF8-12BF-4390-A673-75F95EFF188E}] : (TOSHIBA Value Added Package.-.TOSHIBA Corporation) -> C:\Program Files\TOSHIBA\TVAP\Setup.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{1C8C049A-145F-4A6E-8290-B5C245EBE39D}] : (TOSHIBA Bulletin Board.-.TOSHIBA Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{1C8C049A-145F-4A6E-8290-B5C245EBE39D}\setup.exe" -runfromtemp -l0x0409 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{24811C12-F4A9-4D0F-8494-A7B8FE46123C}] : (TOSHIBA ReelTime.-.TOSHIBA Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\setup.exe" -runfromtemp -l0x0409 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}] : (TOSHIBA Web Camera Application.-.TOSHIBA Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\setup.exe" -runfromtemp -l0x0409 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}] : (TOSHIBA Hardware Setup.-.TOSHIBA) -> C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{C4FFA951-9678-4D51-84B4-AFD15D3C45AD} /l1033
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{CBD6B23D-41D5-4A46-8019-6208516C9712}] : (TOSHIBA Supervisor Password.-.TOSHIBA) -> C:\PROGRA~2\COMMON~1\INSTAL~1\Driver\11\INTEL3~1\IDriver.exe /M{CBD6B23D-41D5-4A46-8019-6208516C9712} /l1033
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\InstallShield_{F67FA545-D8E5-4209-86B1-AEE045D1003F}] : (TOSHIBA Face Recognition.-.TOSHIBA Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\setup.exe" -runfromtemp -l0x0409 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Malwarebytes Anti-Malware_is1] : (Malwarebytes Anti-Malware version 2.1.8.1057.-.Malwarebytes Corporation) -> "C:\Program Files (x86)\Malwarebytes Anti-Malware\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MixiDJ V34 Toolbar] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MixiDJ_V34 Toolbar] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\MobileOptionPack] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\NortonPCCheckup] : (Toshiba Laptop Checkup.-.Symantec Corporation) -> C:\Program Files (x86)\NortonInstaller\{170fa89a-6886-4c9e-b17b-12bccdd80788}\NortonPCCheckup\LicenseType\2.0.13.11\InstStub.exe /X
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SafeZone 1.48.2066.114] : (SafeZone Stable 1.48.2066.114.-.Avast Software) -> "C:\Program Files\AVAST Software\SZBrowser\Launcher.exe" /uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\SchedulingAgent] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\TDC13E0_2009_0603_1515_is1] : (Uninstall Dual Mode Camera (TDC13E0).-.) -> "C:\Program Files (x86)\TDC13E0\unins000.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Veoh Web Player Beta] : (Veoh Web Player.-.Veoh Networks, Inc.) -> "C:\Program Files (x86)\Veoh Networks\VeohWebPlayer\uninst.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Veoh Web Player Toolbar] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Vivitar Experience Image Manager] : (Vivitar Experience Image Manager.-.) -> C:\Program Files\Vivitar Experience Image Manager\uninstaller.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\webmmf] : (WebM Media Foundation Components.-.WebM Project) -> C:\Program Files (x86)\Common Files\WebM Project\webmmf\uninstall_webmmf.exe
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WIC] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangent toshiba Master Uninstall] : (WildTangent Games.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-genres] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - genres\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGameProvider-toshiba-main] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\TOSHIBA Games\Game Explorer Categories - main\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-clubpenguin] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\TOSHIBA Games\Web Link - Club Penguin\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-darkorbit] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\TOSHIBA Games\Web Link - Dark Orbit\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-seafight] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\TOSHIBA Games\Web Link - Seafight\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-shaiya] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\TOSHIBA Games\Web Link - Shaiya\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WildTangentGDF-toshiba-worldofwarcraft] : (.-.WildTangent, Inc.) -> "C:\Program Files (x86)\TOSHIBA Games\Web Link - World of Warcraft\Uninstall.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-1bd9480c-a72e-4acf-9df8-d55787d9bcd7] : (Polar Bowler.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Polar Bowler\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-2b98a26a-9857-4cda-b8c0-eee3bb490993] : (Chuzzle Deluxe.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Chuzzle Deluxe\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-2c05a9e4-d186-474f-bd85-2496b970ba27] : (Penguins!.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Penguins!\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-449bd985-3c9d-415e-91db-c4c8da29a06b] : (Bejeweled 3.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Bejeweled 3\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-52f1d0ea-61e5-4e73-9487-ae54e69b2437] : (Virtual Villagers 5 - New Believers.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Virtual Villagers 5 - New Believers\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-54d4bc45-6230-4afa-82ed-66eaac5d1226] : (Zuma's Revenge.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Zumas Revenge\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-64342a07-e20d-4fb5-9bd4-5c83fc3e1740] : (Tom Clancy's Splinter Cell.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Tom Clancys Splinter Cell\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-77bd5c54-5d8d-4416-9bba-1ba4a88ce1b7] : (FATE - The Traitor Soul.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\FATE - The Traitor Soul\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-acdb0c5a-477e-4756-b925-430ed43ca90f] : (Fishdom (TM) 2.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Fishdom (TM) 2\uninstall\uninstaller.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\WTA-e1c833ce-2952-47e7-8161-c2ec26e43ff2] : (Plants vs. Zombies - Game of the Year.-.WildTangent) -> "C:\Program Files (x86)\TOSHIBA Games\Plants vs Zombies - Game of the Year\uninstall\uninstaller.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Yahoo! Software Update] : (Yahoo! Software Update.-.) -> C:\PROGRA~2\Yahoo!\SOFTWA~1\UNINST~1.EXE
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\Zoola Games] : (Zoola Games.-.) -> C:\Program Files (x86)\Zoola Games\uninstall.exe
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{066CFFF8-12BF-4390-A673-75F95EFF188E}] : (TOSHIBA Value Added Package.-.TOSHIBA Corporation) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}] : (Label@Once 1.0.-.Corel) -> MsiExec.exe /I{0D795777-9D60-4692-8386-F2B3F2B5E5BF}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{18455581-E099-4BA8-BC6B-F34B2F06600C}] : (Google Toolbar for Internet Explorer.-.Google Inc.) -> MsiExec.exe /I{18455581-E099-4BA8-BC6B-F34B2F06600C}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{1C8C049A-145F-4A6E-8290-B5C245EBE39D}] : (.-.TOSHIBA Corporation) ->
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}] : (.-.TOSHIBA Corporation) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{26A24AE4-039D-4CA4-87B4-2F83216025FF}] : (Java(TM) 6 Update 25.-.Oracle) -> MsiExec.exe /X{26A24AE4-039D-4CA4-87B4-2F83216025FF}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App] : (Update Installer for WildTangent Games App.-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\App\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3108C217-BE83-42E4-AE9E-A56A2A92E549}] : (Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver.-.Atheros Communications Inc.) -> "C:\Program Files (x86)\InstallShield Installation Information\{3108C217-BE83-42E4-AE9E-A56A2A92E549}\setup.exe" -runfromtemp -l0x0009 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}] : (Intel(R) Rapid Storage Technology.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\Uninstall\setup.exe -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4494ACC0-18AE-4342-A96A-864748ABF37C}] : (.-.) ->
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}] : (Java Auto Updater.-.Sun Microsystems, Inc.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{51C7AD07-C3F6-4635-8E8A-231306D810FE}] : (Cisco LEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{51C7AD07-C3F6-4635-8E8A-231306D810FE}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{59DB31A9-BCB0-4985-ACA6-F6477C7BE367}] : (Strongvault Online Backup.-.Strongvault) -> MsiExec.exe /X{59DB31A9-BCB0-4985-ACA6-F6477C7BE367}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5AF550B4-BB67-4E7E-82F1-2C4300279050}] : (TOSHIBARegistration.-.TOSHIBA) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{5AF550B4-BB67-4E7E-82F1-2C4300279050}\setup.exe" -l0x9 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5B01BCB7-A5D3-476F-AF11-E515BA206591}] : (TOSHIBA Wireless LAN Indicator.-.TOSHIBA CORPORATION) -> MsiExec.exe /X{5B01BCB7-A5D3-476F-AF11-E515BA206591}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{5E33D30D-D896-4D92-B033-5F45819B2937}] : (.-.Strongvault Online Backup) -> MsiExec.exe /I{5E33D30D-D896-4D92-B033-5F45819B2937}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}] : (Google Update Helper.-.Google Inc.) -> MsiExec.exe /I{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{62BBB2F0-E220-4821-A564-730807D2C34D}] : (Realtek USB 2.0 Reader Driver.-.Realtek Semiconductor Corp.) -> "C:\Program Files (x86)\InstallShield Installation Information\{62BBB2F0-E220-4821-A564-730807D2C34D}\setup.exe" -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}] : (Cisco EAP-FAST Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}] : (Intel(R) Management Engine Components.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\Uninstall\setup.exe -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{654F7484-88C5-46DC-AB32-C66BCB0E2102}] : (TOSHIBA Sleep Utility.-.TOSHIBA Corporation) -> C:\Program Files (x86)\InstallShield Installation Information\{654F7484-88C5-46DC-AB32-C66BCB0E2102}\Setup.exe -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}] : (TOSHIBA Resolution+ Plug-in for Windows Media Player.-.TOSHIBA Corporation) -> "C:\Program Files (x86)\InstallShield Installation Information\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}\setup.exe" -runfromtemp -l0x0409 -removeonly
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}] : (TOSHIBA Web Camera Application.-.TOSHIBA Corporation) -> MsiExec.exe /I{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-toshiba] : (WildTangent Games App (Toshiba Games).-.WildTangent) -> "C:\Program Files (x86)\WildTangent Games\Touchpoints\toshiba\Uninstall.exe"
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}] : (Netwaiting.-.Conexant Systems, Inc) -> MsiExec.exe /I{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{7B63B2922B174135AFC0E1377DD81EC2}] : (.-.) ->
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1] : (Zemana AntiMalware.-.Zemana Ltd.) -> "C:\Program Files (x86)\Zemana AntiMalware\unins000.exe"
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{933B4015-4618-4716-A828-5289FC03165F}] : (VC80CRTRedist - 8.0.50727.6195.-.DivX, Inc) -> MsiExec.exe /I{933B4015-4618-4716-A828-5289FC03165F}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}] : (TOSHIBA Application Installer.-.TOSHIBA) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{970472D0-F5F9-4158-A6E3-1AE49EFEF2D3}\setup.exe" -l0x9 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{9D3D8C60-A55F-4fed-B2B9-173001290E16}] : (Realtek WLAN Driver.-.REALTEK Semiconductor Corp.) -> C:\Program Files (x86)\InstallShield Installation Information\{9D3D8C60-A55F-4fed-B2B9-173001290E16}\Install.exe -uninst -l0x9
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}] : (Toshiba Book Place.-.K-NFB Reading Technology, Inc.) -> MsiExec.exe /X{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC6569FA-6919-442A-8552-073BE69E247A}] : (TOSHIBA Service Station.-.TOSHIBA) -> C:\Program Files (x86)\InstallShield Installation Information\{AC6569FA-6919-442A-8552-073BE69E247A}\setup.exe -runfromtemp -l0x0009 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}] : (Adobe Reader X MUI.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AC76BA86-7AD7-FFFF-7B44-AA0000000001}
##########[{Hidden}][HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}] : (Adobe AIR.-.Adobe Systems Incorporated) -> MsiExec.exe /I{AFF7E080-1974-45BF-9310-10DE1A1F5ED0}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}] : (TOSHIBA Recovery Media Creator.-.TOSHIBA CORPORATION) -> C:\Program Files (x86)\InstallShield Installation Information\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}\Setup.exe -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}] : (TOSHIBA Assist.-.TOSHIBA CORPORATION) -> C:\Program Files (x86)\InstallShield Installation Information\{C2A276E3-154E-44DC-AAF1-FFDD7FD30E35}\setup.exe -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}] : (Toshiba Online Backup.-.Toshiba) -> MsiExec.exe /X{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}] : (TOSHIBA Media Controller.-.TOSHIBA CORPORATION) -> C:\Program Files (x86)\InstallShield Installation Information\{C7A4F26F-F9B0-41B2-8659-99181108CDE3}\setup.exe -runfromtemp -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{DA84ECBF-4B79-47F2-B34C-95C38484C058}] : (Skype Launcher.-.TOSHIBA Corporation) -> C:\Program Files (x86)\InstallShield Installation Information\{DA84ECBF-4B79-47F2-B34C-95C38484C058}\setup.exe -runfromtemp -l0x0009 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{E69992ED-A7F6-406C-9280-1C156417BC49}] : (TOSHIBA Quality Application.-.TOSHIBA) -> RunDll32 C:\PROGRA~2\COMMON~1\INSTAL~1\PROFES~1\RunTime\10\00\Intel32\Ctor.dll,LaunchSetup "C:\Program Files (x86)\InstallShield Installation Information\{E69992ED-A7F6-406C-9280-1C156417BC49}\setup.exe" -l0x9 -removeonly
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}] : (Toshiba App Place.-.Toshiba) -> MsiExec.exe /I{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}] : (Cisco PEAP Module.-.Cisco Systems, Inc.) -> MsiExec.exe /I{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}] : (Intel(R) Processor Graphics.-.Intel Corporation) -> C:\Program Files (x86)\Intel\Intel(R) Processor Graphics\Uninstall\setup.exe -uninstall
[HKLM\SOFTWARE\WOW6432Node\Microsoft\windows\CurrentVersion\Uninstall\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}] : (TOSHIBA Media Controller Plug-in.-.TOSHIBA CORPORATION) -> MsiExec.exe /X{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}

---------- | Installer

[HKCR\Installer\Products\080E7FFA4791FB54390101EDA1F1E50D] : Adobe AIR
[HKCR\Installer\Products\1098C3F63DBED074788FCA12F0E6E520] : TOSHIBA Web Camera Application -> C:\windows\Installer\{6F3C8901-EBD3-470D-87F8-AC210F6E5E02}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\159AFF4C876915D4484BFA1DD5C354DA] : TOSHIBA Hardware Setup -> C:\Windows\Installer\{C4FFA951-9678-4D51-84B4-AFD15D3C45AD}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\18555481990E8AB4CBB63FB4F26006C0] : Google Toolbar for Internet Explorer
[HKCR\Installer\Products\1EDCB75C9BC7D7643BABE7119961DC1C] : Toshiba Online Backup -> C:\windows\Installer\{C57BCDE1-7CB9-467D-B3BA-7E119916CDC1}\Icon.ico
[HKCR\Installer\Products\21C118429A4FF0D448497A8BEF6421C3] : TOSHIBA ReelTime -> C:\Windows\Installer\{24811C12-F4A9-4D0F-8494-A7B8FE46123C}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\4EA42A62D9304AC4784BF238120652FF] : Java(TM) 6 Update 25
[HKCR\Installer\Products\5104B339816461748A822598CF3061F5] : VC80CRTRedist - 8.0.50727.6195
[HKCR\Installer\Products\52744B0D6663D294EB6F85A741DBB99D] : MSVCRT_amd64
[HKCR\Installer\Products\545AF76F5E8D9024681BEA0E541D00F3] : TOSHIBA Face Recognition -> C:\windows\Installer\{F67FA545-D8E5-4209-86B1-AEE045D1003F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\5D6775DE4B957B64FA18F5D2497D6C04] : Cisco PEAP Module
[HKCR\Installer\Products\6116D6C8427B0184F8D20D746E7B6DE8] : Mesh Runtime
[HKCR\Installer\Products\68AB67CA7DA7FFFFB744AA0000000010] : Adobe Reader X MUI -> C:\Windows\Installer\{AC76BA86-7AD7-FFFF-7B44-AA0000000001}\SC_Reader.ico
[HKCR\Installer\Products\70DA7C156F3C5364E8A83231608D01EF] : Cisco LEAP Module
[HKCR\Installer\Products\75FDF62FE3848C249A9CEE1EDE2B650E] : TOSHIBA Media Controller Plug-in -> C:\Windows\Installer\{F26FDF57-483E-42C8-A9C9-EEE1EDB256E0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\777597D006D9296438682F3B2F5B5EFB] : Label@Once 1.0 -> C:\windows\Installer\{0D795777-9D60-4692-8386-F2B3F2B5E5BF}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\7810FB462D3FB89499AE61A39FEAE69C] : Cisco EAP-FAST Module
[HKCR\Installer\Products\7A26941AD7B2E654FBDC5FE4A3884DF1] : Toshiba Book Place -> C:\Windows\Installer\{A14962A7-2B7D-456E-BFCD-F54E3A88D41F}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\7BCB10B53D5AF674FA115E51AB025619] : TOSHIBA Wireless LAN Indicator -> C:\windows\Installer\{5B01BCB7-A5D3-476F-AF11-E515BA206591}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\7BD4C90EC03660F46A13E87A329932FA] : D3DX10
[HKCR\Installer\Products\7E0BA6F1DDC839B4A832AAE92BEFCF4E] : Junk Mail filter update
[HKCR\Installer\Products\8442234DFA6B61348B958D0A8ED4BC83] : TOSHIBA HDD/SSD Alert -> C:\Windows\Installer\{D4322448-B6AF-4316-B859-D8A0E84DCB38}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\87ABC3DEF884C8E43BF3E8B34FDD4B2D] : Toshiba App Place -> C:\windows\Installer\{ED3CBA78-488F-4E8C-B33F-8E3BF4DDB4D2}\Icon
[HKCR\Installer\Products\8FFFC660FB2109346A37579FE5FF81E8] : TOSHIBA Value Added Package -> C:\windows\Installer\{066CFFF8-12BF-4390-A673-75F95EFF188E}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\93BAD29AC2E44034A96BCB446EB8552E] : Google Update Helper
[HKCR\Installer\Products\9F0DCED98E3D0B843A09C10FF9453E4A] : TOSHIBA PC Health Monitor -> C:\windows\Installer\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\A089CE062ADB6BC44A720BA745894BAC] : Google Update Helper
[HKCR\Installer\Products\A6C64DD86500CEF47BA082BB611A1FF1] : MSVCRT
[HKCR\Installer\Products\A940C8C1F541E6A428095B2C54BE3ED9] : TOSHIBA Bulletin Board -> C:\Windows\Installer\{1C8C049A-145F-4A6E-8290-B5C245EBE39D}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\B8998B47B1B24144DAD5717E9E5BFFA0] : Netwaiting -> C:\windows\Installer\{74B8998B-2B1B-4414-AD5D-17E7E9B5FF0A}\_6FEFF9B68218417F98F549.exe
[HKCR\Installer\Products\C186FCC1302C3B94384F5AF4F0494461] : CleanWaterAction Reminder by We-Care.com v5.0.5.1 -> C:\windows\Installer\{1CCF681C-C203-49B3-83F4-A54F0F944416}\icon.ico
[HKCR\Installer\Products\D03D33E5698D29D40B33F55418B99273] : Strongvault Online Backup -> C:\windows\Installer\{5E33D30D-D896-4D92-B033-5F45819B2937}\SOS_APP_ICON
[HKCR\Installer\Products\D32B6DBC5D1464A40891268015C67921] : TOSHIBA Supervisor Password -> C:\Windows\Installer\{CBD6B23D-41D5-4A46-8019-6208516C9712}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\DAAE5ACC4F29A7B45BEE4192C466BA16] : PlayReady PC Runtime x86
[HKCR\Installer\Products\E5B49F2CA1024574F8F234591E9DD03A] : TOSHIBA eco Utility -> C:\windows\Installer\{C2F94B5E-201A-4754-8F2F-4395E1D90DA3}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F20E0AD5B079B424FB1415A305814E0C] : TOSHIBA Disc Creator -> C:\Windows\Installer\{5DA0E02F-970B-424B-BF41-513A5018E4C0}\ARPPRODUCTICON.exe
[HKCR\Installer\Products\F4339ACB9C6B56F4A937CAA523A9D440] : PlayReady PC Runtime amd64
[HKCR\Installer\Products\F60730A4A66673047777F5728467D401] : Java Auto Updater

---------- | ADS

@C:\ProgramData\Temp:373E1720
@C:\ProgramData\Temp

1B5B4F1

---------- | Drives

Disk: 0 Size=477G
Pos MBRndx Type/Name Size Active Hide Start Sector Sectors
--- ------ ---------- ---- ------ ---- ------------ ------------
0 0 27-UNKNWN 1.5G Yes No 2,048 3,072,000
1 1 07-NTFS 461G No No 3,074,048 943,235,072
2 2 17-NTFS 15G No Yes 946,309,120 30,464,000

---------- | MBR

Windows Version: Windows 7 Home Premium Edition
Windows Information: Service Pack 1 (build 7601), 64-bit
Base Board Manufacturer: Intel Corp.
BIOS Manufacturer: INSYDE
System Manufacturer: TOSHIBA
System Product Name: Satellite L755
Logical Drives Mask: 0x0001003c

Analysis of file "C:\QuickDiag\MBR.bin":
Windows 2008 MBR code detected

64 bits not supported by MBR.exe, Dump : C:\QuickDiag\MBR.Bin

---------- | 20 LastEventLog

A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service.
------------

A new media server was not initialized because RegisterRunningDevice() encountered error '0x80070005'. Restart your computer, and then restart the WMPNetworkSvc service.
------------

A timeout was reached (30000 milliseconds) while waiting for the Microsoft .NET Framework NGEN v4.0.30319_X64 service to connect.
------------

----------( EOF)---------- - 3179 | 16:54:28

PatL · Apr 20, 2017

RogueKiller V12.10.5.0 (x64) [Apr 18 2017] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Website : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : Mitch [Administrator]
Started from : E:\RogueKillerX64.exe
Mode : Delete -- Date : 04/19/2017 16:55:39 (Duration : 00:14:17)

¤¤¤ Processes : 0 ¤¤¤

¤¤¤ Registry : 3 ¤¤¤
[PUP.Tific] (X86) HKEY_LOCAL_MACHINE\Software\Tific -> Deleted
[PUP.Tific] (X64) HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Tific -> Deleted
[PUP.Tific] (X86) HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Tific -> Deleted

¤¤¤ Tasks : 0 ¤¤¤

¤¤¤ Files : 2 ¤¤¤
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Roaming\Tific -> Deleted
[PUP.Tific][File] C:\Users\Mitch\AppData\Roaming\Tific\Environment.tfc -> Deleted
[PUP.Tific][File] C:\Users\Mitch\AppData\Roaming\Tific\tificps.symantec.com.tfc -> Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\config\102\Config.swf -> Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\config\102 -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\config -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\content\102\Resources_en_US.swf -> Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\content\102 -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\content -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\hsplayer.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\InstallHelper.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\Norton PC Checkup.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\OemStop.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\Resource.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\.CLT2010.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\.CLT2011.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\ccL100U.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\ccL90U.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\ccL80U.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\msvcm80.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\msvcp80.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\msvcr80.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\SymClgX.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\symNPD.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\symNPDScan.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy\SymXPep2.dll -> Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\legacy -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\libeay32.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\Microsoft.VC90.CRT\msvcm90.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\Microsoft.VC90.CRT\msvcp90.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\Microsoft.VC90.CRT\msvcr90.dll -> Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\Microsoft.VC90.CRT -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\SymNSPDetector.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\symNSPDetector3PP.xml.enc -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\symNSPDetectorNSP.xml.enc -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd\SymNSPScanner.exe -> Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\npd -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\nss\OEMScanner.exe -> Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners\nss -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\scanners -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\ScheduleWinExe.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img\offerBtnOff.png -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img\offerBtnOn.png -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img\protectionBackground.png -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img\virusBackground.png -> Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\img -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en\Main.swf -> Removed at reboot [5]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102\en -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles\102 -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\styles -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCULaunchSvc.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\SymcPCCUMigration.exe -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\TestWorker.dll -> Removed at reboot [5]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11\version.txt -> Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine\2.0.13.11 -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup\Engine -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86)\Norton PC Checkup -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C\Program Files (x86) -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460\C -> Removed at reboot [91]
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460 -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Backup\Install_DLM_File_147a7bd24f394e20b9cc9e3b48cf4460.tfc -> Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Backup -> Removed at reboot [91]
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Cache\tificps.symantec.com\Log.txt -> Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Cache\tificps.symantec.com -> Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Cache -> Deleted
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Client.log -> Deleted
[PUP.Tific][File] C:\Users\Mitch\AppData\Local\Tific\Download\_tificps.symantec.com%3A80\ts-0-1291348.vbs -> Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Download\_tificps.symantec.com%3A80 -> Deleted
[PUP.Tific][Folder] C:\Users\Mitch\AppData\Local\Tific\Download -> Deleted

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Hosts File : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Loaded) ¤¤¤

¤¤¤ Web browsers : 0 ¤¤¤

¤¤¤ MBR Check : ¤¤¤
+++++ PhysicalDrive0: TOSHIBA MK5075GSX +++++
--- User ---
[MBR] 7b85f7a495ff369c2a090ac6f4a0369b
[BSP] a8936ce11f18d4f178bb4c27e2c2e297 : HP MBR Code
Partition table:
0 - [ACTIVE] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 460564 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x17) [HIDDEN!] Offset (sectors): 946309120 | Size: 14875 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: SanDisk U3 Cruzer Micro USB Device +++++
--- User ---
[MBR] 98cd70d1f52828b5710868d7298bc84b
[BSP] 788470fe12ec57aabe933cfdd9c84885 : Legit.Unknown MBR Code
Partition table:
0 - [XXXXXX] FAT16 (0x6) [VISIBLE] Offset (sectors): 245 | Size: 1950 MB
User = LL1 ... OK
Error reading LL2 MBR! ([32] The request is not supported. )

PatL · Apr 20, 2017

17:15:22.0963 0x0f60 TDSS rootkit removing tool 3.1.0.15 Apr 18 2017 11:34:02
17:15:23.0057 0x0f60 ============================================================
17:15:23.0057 0x0f60 Current date / time: 2017/04/19 17:15:23.0057
17:15:23.0057 0x0f60 SystemInfo:
17:15:23.0057 0x0f60
17:15:23.0057 0x0f60 OS Version: 6.1.7601 ServicePack: 1.0
17:15:23.0057 0x0f60 Product type: Workstation
17:15:23.0057 0x0f60 ComputerName: MITCH-PC
17:15:23.0057 0x0f60 UserName: Mitch
17:15:23.0057 0x0f60 Windows directory: C:\windows
17:15:23.0057 0x0f60 System windows directory: C:\windows
17:15:23.0057 0x0f60 Running under WOW64
17:15:23.0057 0x0f60 Processor architecture: Intel x64
17:15:23.0057 0x0f60 Number of processors: 4
17:15:23.0057 0x0f60 Page size: 0x1000
17:15:23.0057 0x0f60 Boot type: Normal boot
17:15:23.0057 0x0f60 CodeIntegrityOptions = 0x00000003
17:15:23.0057 0x0f60 ============================================================
17:15:23.0057 0x0f60 KLMD ARK init status: drvProperties = 0xFFFF00, osBuild = 7601.17835, osProperties = 0x1
17:15:23.0057 0x0f60 KLMD BG init status: drvProperties = 0xFFFF00, osBuild = 7601.17835, osProperties = 0x1
17:15:23.0057 0x0f60 BG loaded
17:15:23.0462 0x0f60 System UUID: {4AC945B0-CE72-7664-3072-5B55CC6AF9F4}
17:15:25.0470 0x0f60 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 ( 465.76 Gb ), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
17:15:25.0470 0x0f60 Drive \Device\Harddisk1\DR1 - Size: 0x7A0D1A00 ( 1.91 Gb ), SectorSize: 0x200, Cylinders: 0xF8, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:15:25.0470 0x0f60 ============================================================
17:15:25.0470 0x0f60 \Device\Harddisk0\DR0:
17:15:25.0470 0x0f60 MBR partitions:
17:15:25.0470 0x0f60 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x2EE800, BlocksNum 0x3838A000
17:15:25.0470 0x0f60 \Device\Harddisk1\DR1:
17:15:25.0470 0x0f60 MBR partitions:
17:15:25.0470 0x0f60 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x6, StartLBA 0xF5, BlocksNum 0x3CF74B
17:15:25.0470 0x0f60 ============================================================
17:15:25.0564 0x0f60 C: <-> \Device\Harddisk0\DR0\Partition1
17:15:25.0564 0x0f60 ============================================================
17:15:25.0564 0x0f60 Initialize success
17:15:25.0564 0x0f60 ============================================================
17:15:34.0362 0x0e88 ============================================================
17:15:34.0362 0x0e88 Scan started
17:15:34.0362 0x0e88 Mode: Manual; SigCheck; TDLFS;
17:15:34.0362 0x0e88 ============================================================
17:15:34.0362 0x0e88 KSN ping started
17:15:34.0394 0x0e88 KSN ping finished: false
17:15:41.0258 0x0e88 ================ Scan system memory ========================
17:15:41.0258 0x0e88 System memory - ok
17:15:41.0258 0x0e88 ================ Scan services =============================
17:15:41.0554 0x0e88 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\windows\system32\drivers\1394ohci.sys
17:15:42.0365 0x0e88 1394ohci - ok
17:15:42.0412 0x0e88 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\windows\system32\drivers\ACPI.sys
17:15:42.0521 0x0e88 ACPI - ok
17:15:42.0552 0x0e88 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\windows\system32\drivers\acpipmi.sys
17:15:43.0161 0x0e88 AcpiPmi - ok
17:15:43.0442 0x0e88 [ 368290D0A612D62DA6F3D798B1BB8FE7, D573BF8543F37BC51B88A2473EDFD28AFBCCC446E8CADD54A90FA48D8739D222 ] AdobeFlashPlayerUpdateSvc C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
17:15:43.0457 0x0e88 AdobeFlashPlayerUpdateSvc - ok
17:15:43.0520 0x0e88 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\windows\system32\drivers\adp94xx.sys
17:15:43.0566 0x0e88 adp94xx - ok
17:15:43.0613 0x0e88 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\windows\system32\drivers\adpahci.sys
17:15:43.0660 0x0e88 adpahci - ok
17:15:43.0691 0x0e88 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\windows\system32\drivers\adpu320.sys
17:15:43.0754 0x0e88 adpu320 - ok
17:15:43.0847 0x0e88 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\windows\System32\aelupsvc.dll
17:15:43.0910 0x0e88 AeLookupSvc - ok
17:15:43.0972 0x0e88 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] AFD C:\windows\system32\drivers\afd.sys
17:15:44.0097 0x0e88 AFD - ok
17:15:44.0144 0x0e88 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\windows\system32\drivers\agp440.sys
17:15:44.0175 0x0e88 agp440 - ok
17:15:44.0206 0x0e88 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\windows\System32\alg.exe
17:15:44.0253 0x0e88 ALG - ok
17:15:44.0300 0x0e88 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\windows\system32\drivers\aliide.sys
17:15:44.0346 0x0e88 aliide - ok
17:15:44.0378 0x0e88 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\windows\system32\drivers\amdide.sys
17:15:44.0409 0x0e88 amdide - ok
17:15:44.0440 0x0e88 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\windows\system32\drivers\amdk8.sys
17:15:44.0518 0x0e88 AmdK8 - ok
17:15:44.0534 0x0e88 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\windows\system32\drivers\amdppm.sys
17:15:44.0596 0x0e88 AmdPPM - ok
17:15:44.0643 0x0e88 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\windows\system32\drivers\amdsata.sys
17:15:44.0690 0x0e88 amdsata - ok
17:15:44.0736 0x0e88 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\windows\system32\drivers\amdsbs.sys
17:15:44.0783 0x0e88 amdsbs - ok
17:15:44.0814 0x0e88 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\windows\system32\drivers\amdxata.sys
17:15:44.0846 0x0e88 amdxata - ok
17:15:44.0877 0x0e88 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\windows\system32\drivers\appid.sys
17:15:45.0126 0x0e88 AppID - ok
17:15:45.0158 0x0e88 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\windows\System32\appidsvc.dll
17:15:45.0220 0x0e88 AppIDSvc - ok
17:15:45.0282 0x0e88 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] Appinfo C:\windows\System32\appinfo.dll
17:15:45.0345 0x0e88 Appinfo - ok
17:15:45.0407 0x0e88 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\windows\system32\drivers\arc.sys
17:15:45.0454 0x0e88 arc - ok
17:15:45.0470 0x0e88 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\windows\system32\drivers\arcsas.sys
17:15:45.0516 0x0e88 arcsas - ok
17:15:45.0594 0x0e88 [ A629E4799D4CD6361D1B5D573EA5C2CD, 0D62557BA9C081A3304C898FAADD596ED33271D266291917E1CCBA6A0D52F901 ] aswHwid C:\windows\system32\drivers\aswHwid.sys
17:15:45.0657 0x0e88 aswHwid - ok
17:15:45.0704 0x0e88 [ 97F952A9050CAD88681F5F0F46B8D5A5, 5B939B906868EB4EF9E54E9769B84AA87B57EEB3883F9FC45067A354315C9A89 ] aswKbd C:\windows\system32\drivers\aswKbd.sys
17:15:45.0750 0x0e88 aswKbd - ok
17:15:45.0782 0x0e88 [ 9C6C17C495E960E52EDE5D038EE92AE1, C056799A124C7473E871D73E3661D58B2EA01EE6F3614AEDB239463D0FBB9841 ] aswMonFlt C:\windows\system32\drivers\aswMonFlt.sys
17:15:45.0860 0x0e88 aswMonFlt - ok
17:15:45.0891 0x0e88 [ 8F492911129B1B32818BF894DC0C2C73, 1F6F2019EB3B3B20636F661A4692079FCAA521C626AF6A731D5D493B415719A7 ] aswRdr C:\windows\system32\drivers\aswRdr2.sys
17:15:45.0938 0x0e88 aswRdr - ok
17:15:45.0953 0x0e88 [ 4ABDD84A67378E866BC15DDC9916BA71, 7F67252BE1B9979507F16C8B48D6B2D103B80C4B0765ED3E495DE48E5250EF63 ] aswRvrt C:\windows\system32\drivers\aswRvrt.sys
17:15:45.0969 0x0e88 aswRvrt - ok
17:15:46.0047 0x0e88 [ 409CDD1400B404F655EEC1B5850FD3BE, 2D8A141B18BA155632CE110343AC7A8AB790FB76781C7E757157D9B195CCD5BA ] aswSnx C:\windows\system32\drivers\aswSnx.sys
17:15:46.0125 0x0e88 aswSnx - ok
17:15:46.0203 0x0e88 [ CDB1BE967AFF65D8395B6DF2EA8CBCCF, B72DEDDE020AC0FA4DC382B7B1C5427B8D63E83DB34BB747DC5008AFB9698E57 ] aswSP C:\windows\system32\drivers\aswSP.sys
17:15:46.0265 0x0e88 aswSP - ok
17:15:46.0296 0x0e88 [ F6B5E463A0BB934C26FB319EDC726F65, 8B4E94181E7C2B479F7F675C221419B42C55C74F02A0DD8FFD9643A5A19AB944 ] aswStm C:\windows\system32\drivers\aswStm.sys
17:15:46.0312 0x0e88 aswStm - ok
17:15:46.0343 0x0e88 [ FE0EE5CA72BC0D41DCAAFCA70B78274B, 1D81CAF4EBAB4A9FE542F9C27D67617530295B889E3E2B2C72C669BA55078364 ] aswVmm C:\windows\system32\drivers\aswVmm.sys
17:15:46.0406 0x0e88 aswVmm - ok
17:15:46.0452 0x0e88 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\windows\system32\DRIVERS\asyncmac.sys
17:15:46.0530 0x0e88 AsyncMac - ok
17:15:46.0577 0x0e88 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\windows\system32\drivers\atapi.sys
17:15:46.0608 0x0e88 atapi - ok
17:15:46.0702 0x0e88 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\windows\System32\Audiosrv.dll
17:15:46.0749 0x0e88 AudioEndpointBuilder - ok
17:15:46.0780 0x0e88 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\windows\System32\Audiosrv.dll
17:15:46.0811 0x0e88 AudioSrv - ok
17:15:46.0920 0x0e88 [ 8EF7C84BB20329D6DCAC09CF6B19345A, 98F2F312F273C52653DC72F8A69ACBD79F588FF1B53CC7DFA85C26B6F7EF620B ] avast! Antivirus C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:15:46.0936 0x0e88 avast! Antivirus - ok
17:15:46.0983 0x0e88 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\windows\System32\AxInstSV.dll
17:15:47.0076 0x0e88 AxInstSV - ok
17:15:47.0123 0x0e88 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\windows\system32\drivers\bxvbda.sys
17:15:47.0186 0x0e88 b06bdrv - ok
17:15:47.0232 0x0e88 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\windows\system32\DRIVERS\b57nd60a.sys
17:15:47.0310 0x0e88 b57nd60a - ok
17:15:47.0357 0x0e88 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\windows\System32\bdesvc.dll
17:15:47.0404 0x0e88 BDESVC - ok
17:15:47.0435 0x0e88 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\windows\system32\drivers\Beep.sys
17:15:47.0513 0x0e88 Beep - ok
17:15:47.0576 0x0e88 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\windows\System32\bfe.dll
17:15:47.0654 0x0e88 BFE - ok
17:15:47.0700 0x0e88 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\windows\System32\qmgr.dll
17:15:47.0778 0x0e88 BITS - ok
17:15:47.0810 0x0e88 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\windows\system32\DRIVERS\blbdrive.sys
17:15:48.0168 0x0e88 blbdrive - ok
17:15:48.0200 0x0e88 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\windows\system32\DRIVERS\bowser.sys
17:15:48.0293 0x0e88 bowser - ok
17:15:48.0324 0x0e88 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\windows\system32\drivers\BrFiltLo.sys
17:15:48.0371 0x0e88 BrFiltLo - ok
17:15:48.0387 0x0e88 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\windows\system32\drivers\BrFiltUp.sys
17:15:48.0449 0x0e88 BrFiltUp - ok
17:15:48.0496 0x0e88 [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] Browser C:\windows\System32\browser.dll
17:15:48.0558 0x0e88 Browser - ok
17:15:48.0590 0x0e88 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\windows\System32\Drivers\Brserid.sys
17:15:48.0668 0x0e88 Brserid - ok
17:15:48.0699 0x0e88 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\windows\System32\Drivers\BrSerWdm.sys
17:15:48.0761 0x0e88 BrSerWdm - ok
17:15:48.0792 0x0e88 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\windows\System32\Drivers\BrUsbMdm.sys
17:15:48.0839 0x0e88 BrUsbMdm - ok
17:15:48.0855 0x0e88 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\windows\System32\Drivers\BrUsbSer.sys
17:15:48.0917 0x0e88 BrUsbSer - ok
17:15:48.0948 0x0e88 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\windows\system32\drivers\bthmodem.sys
17:15:49.0011 0x0e88 BTHMODEM - ok
17:15:49.0073 0x0e88 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\windows\system32\bthserv.dll
17:15:49.0120 0x0e88 bthserv - ok
17:15:49.0167 0x0e88 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\windows\system32\DRIVERS\cdfs.sys
17:15:49.0229 0x0e88 cdfs - ok
17:15:49.0260 0x0e88 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\windows\system32\DRIVERS\cdrom.sys
17:15:49.0307 0x0e88 cdrom - ok
17:15:49.0354 0x0e88 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\windows\System32\certprop.dll
17:15:49.0416 0x0e88 CertPropSvc - ok
17:15:49.0463 0x0e88 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\windows\system32\drivers\circlass.sys
17:15:49.0526 0x0e88 circlass - ok
17:15:49.0572 0x0e88 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\windows\system32\CLFS.sys
17:15:49.0635 0x0e88 CLFS - ok
17:15:49.0697 0x0e88 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:15:49.0713 0x0e88 clr_optimization_v2.0.50727_32 - ok
17:15:49.0760 0x0e88 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
17:15:49.0775 0x0e88 clr_optimization_v2.0.50727_64 - ok
17:15:49.0916 0x0e88 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:15:49.0962 0x0e88 clr_optimization_v4.0.30319_32 - ok
17:15:50.0040 0x0e88 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
17:15:50.0056 0x0e88 clr_optimization_v4.0.30319_64 - ok
17:15:50.0072 0x0e88 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\windows\system32\DRIVERS\CmBatt.sys
17:15:50.0118 0x0e88 CmBatt - ok
17:15:50.0150 0x0e88 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\windows\system32\drivers\cmdide.sys
17:15:50.0196 0x0e88 cmdide - ok
17:15:50.0259 0x0e88 [ 9AC4F97C2D3E93367E2148EA940CD2CD, 530E089E5CF868AECDB2B5548EBE76E0CA98FC74A72897292AB2485734402E3B ] CNG C:\windows\system32\Drivers\cng.sys
17:15:50.0321 0x0e88 CNG - ok
17:15:50.0430 0x0e88 [ 20506F12AFAD3DB588D007EA9325FBBC, 275ECBD0F668782ACE055AD5CA600A6885CFCDD4943BC52A2EA8339AF71EABAE ] CnxtHdAudService C:\windows\system32\drivers\CHDRT64.sys
17:15:50.0524 0x0e88 CnxtHdAudService - ok
17:15:50.0571 0x0e88 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\windows\system32\drivers\compbatt.sys
17:15:50.0633 0x0e88 Compbatt - ok
17:15:50.0664 0x0e88 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\windows\system32\DRIVERS\CompositeBus.sys
17:15:50.0711 0x0e88 CompositeBus - ok
17:15:50.0727 0x0e88 COMSysApp - ok
17:15:50.0774 0x0e88 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\windows\system32\drivers\crcdisk.sys
17:15:50.0836 0x0e88 crcdisk - ok
17:15:50.0867 0x0e88 [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] CryptSvc C:\windows\system32\cryptsvc.dll
17:15:50.0930 0x0e88 CryptSvc - ok
17:15:51.0086 0x0e88 [ 72794D112CBAFF3BC0C29BF7350D4741, 060C207F27306A3464FBCD8B08BDC97E34923ECA349933ECB059848BD08F41ED ] cvhsvc C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
17:15:51.0117 0x0e88 cvhsvc - ok
17:15:51.0179 0x0e88 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\windows\system32\rpcss.dll
17:15:51.0273 0x0e88 DcomLaunch - ok
17:15:51.0320 0x0e88 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\windows\System32\defragsvc.dll
17:15:51.0382 0x0e88 defragsvc - ok
17:15:51.0429 0x0e88 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\windows\system32\Drivers\dfsc.sys
17:15:51.0507 0x0e88 DfsC - ok
17:15:51.0554 0x0e88 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\windows\system32\dhcpcore.dll
17:15:51.0616 0x0e88 Dhcp - ok
17:15:51.0647 0x0e88 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\windows\system32\drivers\discache.sys
17:15:51.0725 0x0e88 discache - ok
17:15:51.0772 0x0e88 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\windows\system32\drivers\disk.sys
17:15:51.0819 0x0e88 Disk - ok
17:15:51.0866 0x0e88 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\windows\System32\dnsrslvr.dll
17:15:51.0897 0x0e88 Dnscache - ok
17:15:51.0944 0x0e88 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\windows\System32\dot3svc.dll
17:15:51.0990 0x0e88 dot3svc - ok
17:15:52.0037 0x0e88 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\windows\system32\dps.dll
17:15:52.0100 0x0e88 DPS - ok
17:15:52.0131 0x0e88 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\windows\system32\drivers\drmkaud.sys
17:15:52.0178 0x0e88 drmkaud - ok
17:15:52.0224 0x0e88 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] DXGKrnl C:\windows\System32\drivers\dxgkrnl.sys
17:15:52.0318 0x0e88 DXGKrnl - ok
17:15:52.0349 0x0e88 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\windows\System32\eapsvc.dll
17:15:52.0396 0x0e88 EapHost - ok
17:15:52.0973 0x0e88 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\windows\system32\drivers\evbda.sys
17:15:53.0145 0x0e88 ebdrv - ok
17:15:53.0192 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] EFS C:\windows\System32\lsass.exe
17:15:53.0238 0x0e88 EFS - ok
17:15:53.0348 0x0e88 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\windows\ehome\ehRecvr.exe
17:15:53.0394 0x0e88 ehRecvr - ok
17:15:53.0441 0x0e88 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\windows\ehome\ehsched.exe
17:15:53.0457 0x0e88 ehSched - ok
17:15:53.0519 0x0e88 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\windows\system32\drivers\elxstor.sys
17:15:53.0550 0x0e88 elxstor - ok
17:15:53.0550 0x0e88 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\windows\system32\drivers\errdev.sys
17:15:53.0613 0x0e88 ErrDev - ok
17:15:53.0675 0x0e88 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\windows\system32\es.dll
17:15:53.0722 0x0e88 EventSystem - ok
17:15:53.0753 0x0e88 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\windows\system32\drivers\exfat.sys
17:15:53.0816 0x0e88 exfat - ok
17:15:53.0862 0x0e88 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\windows\system32\drivers\fastfat.sys
17:15:53.0956 0x0e88 fastfat - ok
17:15:54.0018 0x0e88 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\windows\system32\fxssvc.exe
17:15:54.0065 0x0e88 Fax - ok
17:15:54.0081 0x0e88 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\windows\system32\drivers\fdc.sys
17:15:54.0128 0x0e88 fdc - ok
17:15:54.0174 0x0e88 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\windows\system32\fdPHost.dll
17:15:54.0221 0x0e88 fdPHost - ok
17:15:54.0252 0x0e88 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\windows\system32\fdrespub.dll
17:15:54.0299 0x0e88 FDResPub - ok
17:15:54.0346 0x0e88 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\windows\system32\drivers\fileinfo.sys
17:15:54.0393 0x0e88 FileInfo - ok
17:15:54.0408 0x0e88 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\windows\system32\drivers\filetrace.sys
17:15:54.0471 0x0e88 Filetrace - ok
17:15:54.0502 0x0e88 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\windows\system32\drivers\flpydisk.sys
17:15:54.0549 0x0e88 flpydisk - ok
17:15:54.0611 0x0e88 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\windows\system32\drivers\fltmgr.sys
17:15:54.0642 0x0e88 FltMgr - ok
17:15:54.0736 0x0e88 [ 5C4CB4086FB83115B153E47ADD961A0C, 0C3AB7D04BEB3A8FDE00B0C86E6FE064B1CEBB3E4DE1A29CD27830806FA300B3 ] FontCache C:\windows\system32\FntCache.dll
17:15:54.0798 0x0e88 FontCache - ok
17:15:54.0861 0x0e88 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
17:15:54.0876 0x0e88 FontCache3.0.0.0 - ok
17:15:54.0892 0x0e88 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\windows\system32\drivers\FsDepends.sys
17:15:54.0923 0x0e88 FsDepends - ok
17:15:54.0954 0x0e88 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\windows\system32\drivers\Fs_Rec.sys
17:15:54.0970 0x0e88 Fs_Rec - ok
17:15:55.0017 0x0e88 [ 1F7B25B858FA27015169FE95E54108ED, 72DD12E924AA7273B3E4BDD2A2C581DECE304C8EF3D44EA79ABB032F3F95DCE5 ] fvevol C:\windows\system32\DRIVERS\fvevol.sys
17:15:55.0048 0x0e88 fvevol - ok
17:15:55.0079 0x0e88 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\windows\system32\drivers\gagp30kx.sys
17:15:55.0095 0x0e88 gagp30kx - ok
17:15:55.0157 0x0e88 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
17:15:55.0173 0x0e88 GamesAppService - ok
17:15:55.0220 0x0e88 Giraffic - ok
17:15:55.0298 0x0e88 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\windows\System32\gpsvc.dll
17:15:55.0329 0x0e88 gpsvc - ok
17:15:55.0407 0x0e88 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:15:55.0407 0x0e88 gupdate - ok
17:15:55.0422 0x0e88 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:15:55.0438 0x0e88 gupdatem - ok
17:15:55.0516 0x0e88 [ CC839E8D766CC31A7710C9F38CF3E375, 327D57F18B4A2D1CB06C5682D3364097ECD3CF40C2719AA1F41D0B49A26003E4 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
17:15:55.0532 0x0e88 gusvc - ok
17:15:55.0547 0x0e88 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\windows\system32\drivers\hcw85cir.sys
17:15:55.0610 0x0e88 hcw85cir - ok
17:15:55.0672 0x0e88 [ 975761C778E33CD22498059B91E7373A, 8304E15FBE6876BE57263A03621365DA8C88005EAC532A770303C06799D915D9 ] HdAudAddService C:\windows\system32\drivers\HdAudio.sys
17:15:55.0766 0x0e88 HdAudAddService - ok
17:15:55.0781 0x0e88 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\windows\system32\DRIVERS\HDAudBus.sys
17:15:55.0890 0x0e88 HDAudBus - ok
17:15:55.0906 0x0e88 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\windows\system32\drivers\HidBatt.sys
17:15:55.0968 0x0e88 HidBatt - ok
17:15:56.0000 0x0e88 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\windows\system32\drivers\hidbth.sys
17:15:56.0046 0x0e88 HidBth - ok
17:15:56.0078 0x0e88 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\windows\system32\drivers\hidir.sys
17:15:56.0124 0x0e88 HidIr - ok
17:15:56.0171 0x0e88 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\windows\system32\hidserv.dll
17:15:56.0218 0x0e88 hidserv - ok
17:15:56.0265 0x0e88 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\windows\system32\drivers\hidusb.sys
17:15:56.0296 0x0e88 HidUsb - ok
17:15:56.0343 0x0e88 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\windows\system32\kmsvc.dll
17:15:56.0405 0x0e88 hkmsvc - ok
17:15:56.0421 0x0e88 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\windows\system32\ListSvc.dll
17:15:56.0468 0x0e88 HomeGroupListener - ok
17:15:56.0499 0x0e88 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\windows\system32\provsvc.dll
17:15:56.0546 0x0e88 HomeGroupProvider - ok
17:15:56.0577 0x0e88 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\windows\system32\drivers\HpSAMD.sys
17:15:56.0608 0x0e88 HpSAMD - ok
17:15:56.0670 0x0e88 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\windows\system32\drivers\HTTP.sys
17:15:56.0748 0x0e88 HTTP - ok
17:15:56.0795 0x0e88 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\windows\system32\drivers\hwpolicy.sys
17:15:56.0842 0x0e88 hwpolicy - ok
17:15:56.0873 0x0e88 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\windows\system32\DRIVERS\i8042prt.sys
17:15:56.0904 0x0e88 i8042prt - ok
17:15:56.0967 0x0e88 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] iaStor C:\windows\system32\DRIVERS\iaStor.sys
17:15:56.0998 0x0e88 iaStor - ok
17:15:57.0045 0x0e88 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\windows\system32\drivers\iaStorV.sys
17:15:57.0092 0x0e88 iaStorV - ok
17:15:57.0185 0x0e88 [ 1CF03C69B49ACB70C722DF92755C0C8C, C227850C133F29BB9DED91A26A22AE077FD69629CEF35B67D305F016C4BDAA81 ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
17:15:57.0201 0x0e88 IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
17:15:57.0248 0x0e88 IDriverT ( UnsignedFile.Multi.Generic ) - warning
17:15:57.0466 0x0e88 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
17:15:57.0528 0x0e88 idsvc - ok
17:15:58.0199 0x0e88 [ 370C2A8629B30F910F740387795DDC6F, 7D2D69F0BC12E86236014003EEA7479BD0FDE9A469459B6550DC3AED07A02030 ] igfx C:\windows\system32\DRIVERS\igdkmd64.sys
17:15:58.0542 0x0e88 igfx - ok
17:15:58.0636 0x0e88 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\windows\system32\drivers\iirsp.sys
17:15:58.0667 0x0e88 iirsp - ok
17:15:58.0776 0x0e88 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] IKEEXT C:\windows\System32\ikeext.dll
17:15:58.0823 0x0e88 IKEEXT - ok
17:15:58.0886 0x0e88 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\windows\system32\DRIVERS\IntcDAud.sys
17:15:58.0932 0x0e88 IntcDAud - ok
17:15:58.0964 0x0e88 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\windows\system32\drivers\intelide.sys
17:15:58.0995 0x0e88 intelide - ok
17:15:59.0042 0x0e88 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\windows\system32\DRIVERS\intelppm.sys
17:15:59.0104 0x0e88 intelppm - ok
17:15:59.0182 0x0e88 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\windows\system32\ipbusenum.dll
17:15:59.0229 0x0e88 IPBusEnum - ok
17:15:59.0291 0x0e88 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\windows\system32\DRIVERS\ipfltdrv.sys
17:15:59.0354 0x0e88 IpFilterDriver - ok
17:15:59.0447 0x0e88 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] iphlpsvc C:\windows\System32\iphlpsvc.dll
17:15:59.0510 0x0e88 iphlpsvc - ok
17:15:59.0525 0x0e88 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\windows\system32\drivers\IPMIDrv.sys
17:15:59.0634 0x0e88 IPMIDRV - ok
17:15:59.0681 0x0e88 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\windows\system32\drivers\ipnat.sys
17:15:59.0775 0x0e88 IPNAT - ok
17:15:59.0868 0x0e88 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\windows\system32\drivers\irenum.sys
17:15:59.0915 0x0e88 IRENUM - ok
17:15:59.0962 0x0e88 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\windows\system32\drivers\isapnp.sys
17:16:00.0009 0x0e88 isapnp - ok
17:16:00.0056 0x0e88 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\windows\system32\drivers\msiscsi.sys
17:16:00.0102 0x0e88 iScsiPrt - ok
17:16:00.0149 0x0e88 [ CD91D1BD200D9F39682A08E987F0DBE2, 45396B0DD37C7FAAE23F985D5F26C25E944EDA1B9A4248B5CB16A4C4831E713B ] JLTECH0227 C:\windows\system32\Drivers\jl2005c.sys
17:16:00.0243 0x0e88 JLTECH0227 - ok
17:16:00.0290 0x0e88 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\windows\system32\DRIVERS\kbdclass.sys
17:16:00.0321 0x0e88 kbdclass - ok
17:16:00.0352 0x0e88 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\windows\system32\drivers\kbdhid.sys
17:16:00.0399 0x0e88 kbdhid - ok
17:16:00.0446 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] KeyIso C:\windows\system32\lsass.exe
17:16:00.0461 0x0e88 KeyIso - ok
17:16:00.0508 0x0e88 [ 97A7070AEA4C058B6418519E869A63B4, 15345C2D6CA159BD498002974A0BD21CAB611124D85E3320248B47652AEF23C8 ] KSecDD C:\windows\system32\Drivers\ksecdd.sys
17:16:00.0555 0x0e88 KSecDD - ok
17:16:00.0570 0x0e88 [ 26C43A7C2862447EC59DEDA188D1DA07, 5363BF87E650FE2010ACA9417D6920FF4ED752256FF47732882E9B2BA1ED154B ] KSecPkg C:\windows\system32\Drivers\ksecpkg.sys
17:16:00.0633 0x0e88 KSecPkg - ok
17:16:00.0711 0x0e88 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\windows\system32\drivers\ksthunk.sys
17:16:00.0789 0x0e88 ksthunk - ok
17:16:00.0851 0x0e88 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\windows\system32\msdtckrm.dll
17:16:00.0929 0x0e88 KtmRm - ok
17:16:00.0992 0x0e88 [ EBED8B3FF4A823C1A6EEBEED7B29353F, 0942200EEDEDA1FF4E634CDC5182D8EDC9BC9F66E89A5DAB8DF82C3FBB2F0D59 ] L1C C:\windows\system32\DRIVERS\L1C62x64.sys
17:16:01.0070 0x0e88 L1C - ok
17:16:01.0101 0x0e88 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\windows\system32\srvsvc.dll
17:16:01.0148 0x0e88 LanmanServer - ok
17:16:01.0194 0x0e88 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\windows\System32\wkssvc.dll
17:16:01.0257 0x0e88 LanmanWorkstation - ok
17:16:01.0350 0x0e88 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\windows\system32\DRIVERS\lltdio.sys
17:16:01.0506 0x0e88 lltdio - ok
17:16:01.0553 0x0e88 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\windows\System32\lltdsvc.dll
17:16:01.0616 0x0e88 lltdsvc - ok
17:16:01.0678 0x0e88 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\windows\System32\lmhsvc.dll
17:16:01.0709 0x0e88 lmhosts - ok
17:16:01.0928 0x0e88 [ 2ED1786B7542CDA261029F6B526EDF44, C6131B65B045EF5B4F62CF6CF089DF0921BA6A8EFC83BCBA45D5DDE78E9D78E2 ] LMS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
17:16:01.0943 0x0e88 LMS - ok
17:16:01.0974 0x0e88 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\windows\system32\drivers\lsi_fc.sys
17:16:02.0021 0x0e88 LSI_FC - ok
17:16:02.0052 0x0e88 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\windows\system32\drivers\lsi_sas.sys
17:16:02.0115 0x0e88 LSI_SAS - ok
17:16:02.0130 0x0e88 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\windows\system32\drivers\lsi_sas2.sys
17:16:02.0146 0x0e88 LSI_SAS2 - ok
17:16:02.0193 0x0e88 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\windows\system32\drivers\lsi_scsi.sys
17:16:02.0240 0x0e88 LSI_SCSI - ok
17:16:02.0271 0x0e88 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\windows\system32\drivers\luafv.sys
17:16:02.0364 0x0e88 luafv - ok
17:16:02.0427 0x0e88 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] MBAMProtector C:\windows\system32\drivers\mbam.sys
17:16:02.0474 0x0e88 MBAMProtector - ok
17:16:02.0567 0x0e88 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] MBAMService C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
17:16:02.0598 0x0e88 MBAMService - ok
17:16:02.0630 0x0e88 [ AE757332EA130E94E646621CC695B52A, E688CF34A4206F32B5C7301119D8459C3456FC178FA1DAA6215CE15F2C824C43 ] MBAMWebAccessControl C:\windows\system32\drivers\mwac.sys
17:16:02.0708 0x0e88 MBAMWebAccessControl - ok
17:16:02.0739 0x0e88 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\windows\system32\Mcx2Svc.dll
17:16:02.0754 0x0e88 Mcx2Svc - ok
17:16:02.0786 0x0e88 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\windows\system32\drivers\megasas.sys
17:16:02.0848 0x0e88 megasas - ok
17:16:02.0910 0x0e88 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\windows\system32\drivers\MegaSR.sys
17:16:02.0942 0x0e88 MegaSR - ok
17:16:03.0020 0x0e88 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\windows\system32\DRIVERS\HECIx64.sys
17:16:03.0051 0x0e88 MEIx64 - ok
17:16:03.0113 0x0e88 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\windows\system32\mmcss.dll
17:16:03.0176 0x0e88 MMCSS - ok
17:16:03.0207 0x0e88 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\windows\system32\drivers\modem.sys
17:16:03.0300 0x0e88 Modem - ok
17:16:03.0332 0x0e88 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\windows\system32\DRIVERS\monitor.sys
17:16:03.0425 0x0e88 monitor - ok
17:16:03.0472 0x0e88 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\windows\system32\DRIVERS\mouclass.sys
17:16:03.0566 0x0e88 mouclass - ok
17:16:03.0612 0x0e88 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\windows\system32\drivers\mouhid.sys
17:16:03.0784 0x0e88 mouhid - ok
17:16:03.0815 0x0e88 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\windows\system32\drivers\mountmgr.sys
17:16:03.0862 0x0e88 mountmgr - ok
17:16:03.0893 0x0e88 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\windows\system32\drivers\mpio.sys
17:16:03.0909 0x0e88 mpio - ok
17:16:03.0924 0x0e88 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\windows\system32\drivers\mpsdrv.sys
17:16:04.0096 0x0e88 mpsdrv - ok
17:16:04.0205 0x0e88 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\windows\system32\mpssvc.dll
17:16:04.0268 0x0e88 MpsSvc - ok
17:16:04.0299 0x0e88 [ DC722758B8261E1ABAFD31A3C0A66380, 88BBE073E2CCD1DAB4656DDC53D5161E8A91D035ADAC1465D0CEBA86F1BB6D9A ] MRxDAV C:\windows\system32\drivers\mrxdav.sys
17:16:04.0346 0x0e88 MRxDAV - ok
17:16:04.0392 0x0e88 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\windows\system32\DRIVERS\mrxsmb.sys
17:16:04.0502 0x0e88 mrxsmb - ok
17:16:04.0564 0x0e88 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\windows\system32\DRIVERS\mrxsmb10.sys
17:16:04.0658 0x0e88 mrxsmb10 - ok
17:16:04.0689 0x0e88 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\windows\system32\DRIVERS\mrxsmb20.sys
17:16:04.0798 0x0e88 mrxsmb20 - ok
17:16:04.0845 0x0e88 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\windows\system32\DRIVERS\msahci.sys
17:16:04.0860 0x0e88 msahci - ok
17:16:04.0892 0x0e88 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\windows\system32\drivers\msdsm.sys
17:16:04.0954 0x0e88 msdsm - ok
17:16:04.0970 0x0e88 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\windows\System32\msdtc.exe
17:16:05.0016 0x0e88 MSDTC - ok
17:16:05.0048 0x0e88 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\windows\system32\drivers\Msfs.sys
17:16:05.0110 0x0e88 Msfs - ok
17:16:05.0126 0x0e88 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\windows\System32\drivers\mshidkmdf.sys
17:16:05.0219 0x0e88 mshidkmdf - ok
17:16:05.0235 0x0e88 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\windows\system32\drivers\msisadrv.sys
17:16:05.0266 0x0e88 msisadrv - ok
17:16:05.0328 0x0e88 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\windows\system32\iscsiexe.dll
17:16:05.0375 0x0e88 MSiSCSI - ok
17:16:05.0375 0x0e88 msiserver - ok
17:16:05.0422 0x0e88 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\windows\system32\drivers\MSKSSRV.sys
17:16:05.0484 0x0e88 MSKSSRV - ok
17:16:05.0516 0x0e88 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\windows\system32\drivers\MSPCLOCK.sys
17:16:05.0562 0x0e88 MSPCLOCK - ok
17:16:05.0640 0x0e88 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\windows\system32\drivers\MSPQM.sys
17:16:05.0734 0x0e88 MSPQM - ok
17:16:05.0765 0x0e88 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\windows\system32\drivers\MsRPC.sys
17:16:05.0796 0x0e88 MsRPC - ok
17:16:05.0843 0x0e88 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\windows\system32\DRIVERS\mssmbios.sys
17:16:05.0890 0x0e88 mssmbios - ok
17:16:05.0921 0x0e88 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\windows\system32\drivers\MSTEE.sys
17:16:05.0984 0x0e88 MSTEE - ok
17:16:05.0999 0x0e88 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\windows\system32\drivers\MTConfig.sys
17:16:06.0046 0x0e88 MTConfig - ok
17:16:06.0062 0x0e88 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\windows\system32\Drivers\mup.sys
17:16:06.0108 0x0e88 Mup - ok
17:16:06.0171 0x0e88 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\windows\system32\qagentRT.dll
17:16:06.0233 0x0e88 napagent - ok
17:16:06.0296 0x0e88 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\windows\system32\DRIVERS\nwifi.sys
17:16:06.0374 0x0e88 NativeWifiP - ok
17:16:06.0452 0x0e88 [ 79B47FD40D9A817E932F9D26FAC0A81C, 53E260B8BFC50BA45FA73BFCF4E58C233890D0EAA9DEFDCCBB55FD3EB992FF2D ] NDIS C:\windows\system32\drivers\ndis.sys
17:16:06.0514 0x0e88 NDIS - ok
17:16:06.0561 0x0e88 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\windows\system32\DRIVERS\ndiscap.sys
17:16:06.0639 0x0e88 NdisCap - ok
17:16:06.0654 0x0e88 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\windows\system32\DRIVERS\ndistapi.sys
17:16:06.0686 0x0e88 NdisTapi - ok
17:16:06.0717 0x0e88 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\windows\system32\DRIVERS\ndisuio.sys
17:16:06.0795 0x0e88 Ndisuio - ok
17:16:06.0810 0x0e88 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\windows\system32\DRIVERS\ndiswan.sys
17:16:06.0873 0x0e88 NdisWan - ok
17:16:06.0904 0x0e88 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\windows\system32\drivers\NDProxy.sys
17:16:06.0967 0x0e88 NDProxy - ok
17:16:06.0982 0x0e88 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\windows\system32\DRIVERS\netbios.sys
17:16:07.0060 0x0e88 NetBIOS - ok
17:16:07.0091 0x0e88 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\windows\system32\DRIVERS\netbt.sys
17:16:07.0138 0x0e88 NetBT - ok
17:16:07.0154 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] Netlogon C:\windows\system32\lsass.exe
17:16:07.0169 0x0e88 Netlogon - ok
17:16:07.0216 0x0e88 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\windows\System32\netman.dll
17:16:07.0279 0x0e88 Netman - ok
17:16:07.0310 0x0e88 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\windows\System32\netprofm.dll
17:16:07.0372 0x0e88 netprofm - ok
17:16:07.0435 0x0e88 [ 3E5A36127E201DDF663176B66828FAFE, 5A08BA9EFB1A72DF1DD839BA5FA2B8994012BA62A515588FF62333B33B60045B ] NetTcpPortSharing C:\windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:16:07.0435 0x0e88 NetTcpPortSharing - ok
17:16:07.0481 0x0e88 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\windows\system32\drivers\nfrd960.sys
17:16:07.0497 0x0e88 nfrd960 - ok
17:16:07.0528 0x0e88 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] NlaSvc C:\windows\System32\nlasvc.dll
17:16:07.0591 0x0e88 NlaSvc - ok
17:16:07.0606 0x0e88 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\windows\system32\drivers\Npfs.sys
17:16:07.0637 0x0e88 Npfs - ok
17:16:07.0684 0x0e88 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\windows\system32\nsisvc.dll
17:16:07.0731 0x0e88 nsi - ok
17:16:07.0762 0x0e88 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\windows\system32\drivers\nsiproxy.sys
17:16:07.0825 0x0e88 nsiproxy - ok
17:16:07.0949 0x0e88 [ A2F74975097F52A00745F9637451FDD8, C681DDBD3382C477C2A030E828B5CFB529CB57C7847BD9AFF25E2A5E58B2DAF3 ] Ntfs C:\windows\system32\drivers\Ntfs.sys
17:16:08.0074 0x0e88 Ntfs - ok
17:16:08.0137 0x0e88 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\windows\system32\drivers\Null.sys
17:16:08.0199 0x0e88 Null - ok
17:16:08.0230 0x0e88 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\windows\system32\drivers\nvraid.sys
17:16:08.0277 0x0e88 nvraid - ok
17:16:08.0308 0x0e88 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\windows\system32\drivers\nvstor.sys
17:16:08.0355 0x0e88 nvstor - ok
17:16:08.0386 0x0e88 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\windows\system32\drivers\nv_agp.sys
17:16:08.0433 0x0e88 nv_agp - ok
17:16:08.0464 0x0e88 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\windows\system32\drivers\ohci1394.sys
17:16:08.0511 0x0e88 ohci1394 - ok
17:16:08.0589 0x0e88 [ 9D10F99A6712E28F8ACD5641E3A7EA6B, 70964A0ED9011EA94044E15FA77EDD9CF535CC79ED8E03A3721FF007E69595CC ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:16:08.0605 0x0e88 ose - ok
17:16:09.0634 0x0e88 [ 61BFFB5F57AD12F83AB64B7181829B34, 1DD0DD35E4158F95765EE6639F217DF03A0A19E624E020DBA609268C08A13846 ] osppsvc C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
17:16:09.0884 0x0e88 osppsvc - ok
17:16:09.0993 0x0e88 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\windows\system32\pnrpsvc.dll
17:16:10.0040 0x0e88 p2pimsvc - ok
17:16:10.0087 0x0e88 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\windows\system32\p2psvc.dll
17:16:10.0102 0x0e88 p2psvc - ok
17:16:10.0133 0x0e88 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\windows\system32\drivers\parport.sys
17:16:10.0149 0x0e88 Parport - ok
17:16:10.0196 0x0e88 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\windows\system32\drivers\partmgr.sys
17:16:10.0211 0x0e88 partmgr - ok
17:16:10.0227 0x0e88 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\windows\System32\pcasvc.dll
17:16:10.0274 0x0e88 PcaSvc - ok
17:16:10.0305 0x0e88 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\windows\system32\drivers\pci.sys
17:16:10.0352 0x0e88 pci - ok
17:16:10.0383 0x0e88 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\windows\system32\DRIVERS\pciide.sys
17:16:10.0414 0x0e88 pciide - ok
17:16:10.0445 0x0e88 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\windows\system32\drivers\pcmcia.sys
17:16:10.0492 0x0e88 pcmcia - ok
17:16:10.0523 0x0e88 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\windows\system32\drivers\pcw.sys
17:16:10.0570 0x0e88 pcw - ok
17:16:10.0633 0x0e88 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\windows\system32\drivers\peauth.sys
17:16:10.0726 0x0e88 PEAUTH - ok
17:16:10.0804 0x0e88 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\windows\SysWow64\perfhost.exe
17:16:10.0835 0x0e88 PerfHost - ok
17:16:10.0882 0x0e88 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] PGEffect C:\windows\system32\DRIVERS\pgeffect.sys
17:16:10.0929 0x0e88 PGEffect - ok
17:16:11.0007 0x0e88 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\windows\system32\pla.dll
17:16:11.0101 0x0e88 pla - ok
17:16:11.0163 0x0e88 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\windows\system32\umpnpmgr.dll
17:16:11.0194 0x0e88 PlugPlay - ok
17:16:11.0241 0x0e88 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\windows\system32\pnrpauto.dll
17:16:11.0272 0x0e88 PNRPAutoReg - ok
17:16:11.0303 0x0e88 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\windows\system32\pnrpsvc.dll
17:16:11.0319 0x0e88 PNRPsvc - ok
17:16:11.0366 0x0e88 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\windows\System32\ipsecsvc.dll
17:16:11.0428 0x0e88 PolicyAgent - ok
17:16:11.0459 0x0e88 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] Power C:\windows\system32\umpo.dll
17:16:11.0522 0x0e88 Power - ok
17:16:11.0569 0x0e88 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\windows\system32\DRIVERS\raspptp.sys
17:16:11.0631 0x0e88 PptpMiniport - ok
17:16:11.0662 0x0e88 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\windows\system32\drivers\processr.sys
17:16:11.0709 0x0e88 Processor - ok
17:16:11.0756 0x0e88 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\windows\system32\profsvc.dll
17:16:11.0803 0x0e88 ProfSvc - ok
17:16:11.0818 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] ProtectedStorage C:\windows\system32\lsass.exe
17:16:11.0834 0x0e88 ProtectedStorage - ok
17:16:11.0865 0x0e88 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\windows\system32\DRIVERS\pacer.sys
17:16:11.0927 0x0e88 Psched - ok
17:16:11.0974 0x0e88 [ C8FCB4899F8B70CC34E0D9876A80963C, E4CFC69C3EE1BC5C0FFF96CE034EAD8DD9727DA165A790CB57979AA0A6CEE350 ] QIOMem C:\windows\system32\DRIVERS\QIOMem.sys
17:16:12.0037 0x0e88 QIOMem - ok
17:16:12.0130 0x0e88 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\windows\system32\drivers\ql2300.sys
17:16:12.0208 0x0e88 ql2300 - ok
17:16:12.0255 0x0e88 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\windows\system32\drivers\ql40xx.sys
17:16:12.0302 0x0e88 ql40xx - ok
17:16:12.0349 0x0e88 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\windows\system32\qwave.dll
17:16:12.0364 0x0e88 QWAVE - ok
17:16:12.0380 0x0e88 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\windows\system32\drivers\qwavedrv.sys
17:16:12.0442 0x0e88 QWAVEdrv - ok
17:16:12.0473 0x0e88 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\windows\system32\DRIVERS\rasacd.sys
17:16:12.0567 0x0e88 RasAcd - ok
17:16:12.0598 0x0e88 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\windows\system32\DRIVERS\AgileVpn.sys
17:16:12.0661 0x0e88 RasAgileVpn - ok
17:16:12.0692 0x0e88 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\windows\System32\rasauto.dll
17:16:12.0754 0x0e88 RasAuto - ok
17:16:12.0801 0x0e88 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\windows\system32\DRIVERS\rasl2tp.sys
17:16:12.0879 0x0e88 Rasl2tp - ok
17:16:12.0973 0x0e88 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\windows\System32\rasmans.dll
17:16:13.0004 0x0e88 RasMan - ok
17:16:13.0035 0x0e88 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\windows\system32\DRIVERS\raspppoe.sys
17:16:13.0113 0x0e88 RasPppoe - ok
17:16:13.0144 0x0e88 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\windows\system32\DRIVERS\rassstp.sys
17:16:13.0207 0x0e88 RasSstp - ok
17:16:13.0238 0x0e88 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\windows\system32\DRIVERS\rdbss.sys
17:16:13.0316 0x0e88 rdbss - ok
17:16:13.0347 0x0e88 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\windows\system32\drivers\rdpbus.sys
17:16:13.0378 0x0e88 rdpbus - ok
17:16:13.0425 0x0e88 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\windows\system32\DRIVERS\RDPCDD.sys
17:16:13.0472 0x0e88 RDPCDD - ok
17:16:13.0503 0x0e88 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\windows\system32\drivers\rdpencdd.sys
17:16:13.0550 0x0e88 RDPENCDD - ok
17:16:13.0581 0x0e88 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\windows\system32\drivers\rdprefmp.sys
17:16:13.0612 0x0e88 RDPREFMP - ok
17:16:13.0628 0x0e88 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\windows\system32\drivers\RDPWD.sys
17:16:13.0675 0x0e88 RDPWD - ok
17:16:13.0721 0x0e88 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\windows\system32\drivers\rdyboost.sys
17:16:13.0753 0x0e88 rdyboost - ok
17:16:13.0784 0x0e88 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\windows\System32\mprdim.dll
17:16:13.0846 0x0e88 RemoteAccess - ok
17:16:13.0909 0x0e88 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\windows\system32\regsvc.dll
17:16:13.0940 0x0e88 RemoteRegistry - ok
17:16:13.0987 0x0e88 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\windows\System32\RpcEpMap.dll
17:16:14.0033 0x0e88 RpcEptMapper - ok
17:16:14.0065 0x0e88 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\windows\system32\locator.exe
17:16:14.0080 0x0e88 RpcLocator - ok
17:16:14.0127 0x0e88 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\windows\system32\rpcss.dll
17:16:14.0158 0x0e88 RpcSs - ok
17:16:14.0189 0x0e88 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\windows\system32\DRIVERS\rspndr.sys
17:16:14.0252 0x0e88 rspndr - ok
17:16:14.0314 0x0e88 [ 135A64530D7699AD48F29D73A658DD11, 35838AE8ACFD9047C68DD0C8910557A82998E5CD778D5B98D4767AFA4BCE85BB ] RSUSBSTOR C:\windows\system32\Drivers\RtsUStor.sys
17:16:14.0330 0x0e88 RSUSBSTOR - ok
17:16:14.0361 0x0e88 [ E5DC911D0FEB72CAFF2BBDD6E7C3672F, E50825E0413049898A81DDF2AFE24BC92E48A0E9AA7653776F0F6EEE7D82E5D6 ] RSUSBVSTOR C:\windows\system32\Drivers\RTSUVSTOR.sys
17:16:14.0392 0x0e88 RSUSBVSTOR - ok
17:16:14.0486 0x0e88 [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] RTL8192Ce C:\windows\system32\DRIVERS\rtl8192Ce.sys
17:16:14.0533 0x0e88 RTL8192Ce - ok
17:16:14.0595 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] SamSs C:\windows\system32\lsass.exe
17:16:14.0595 0x0e88 SamSs - ok
17:16:14.0689 0x0e88 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\windows\system32\drivers\sbp2port.sys
17:16:14.0735 0x0e88 sbp2port - ok
17:16:14.0782 0x0e88 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\windows\System32\SCardSvr.dll
17:16:14.0813 0x0e88 SCardSvr - ok
17:16:14.0829 0x0e88 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\windows\system32\DRIVERS\scfilter.sys
17:16:14.0891 0x0e88 scfilter - ok
17:16:14.0954 0x0e88 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\windows\system32\schedsvc.dll
17:16:15.0016 0x0e88 Schedule - ok
17:16:15.0063 0x0e88 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\windows\System32\certprop.dll
17:16:15.0094 0x0e88 SCPolicySvc - ok
17:16:15.0125 0x0e88 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\windows\System32\SDRSVC.dll
17:16:15.0172 0x0e88 SDRSVC - ok
17:16:15.0219 0x0e88 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\windows\system32\drivers\secdrv.sys
17:16:15.0266 0x0e88 secdrv - ok
17:16:15.0297 0x0e88 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\windows\system32\seclogon.dll
17:16:15.0328 0x0e88 seclogon - ok
17:16:15.0344 0x0e88 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\windows\System32\sens.dll
17:16:15.0391 0x0e88 SENS - ok
17:16:15.0422 0x0e88 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\windows\system32\sensrsvc.dll
17:16:15.0453 0x0e88 SensrSvc - ok
17:16:15.0484 0x0e88 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\windows\system32\drivers\serenum.sys
17:16:15.0547 0x0e88 Serenum - ok
17:16:15.0593 0x0e88 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\windows\system32\drivers\serial.sys
17:16:15.0625 0x0e88 Serial - ok
17:16:15.0671 0x0e88 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\windows\system32\drivers\sermouse.sys
17:16:15.0718 0x0e88 sermouse - ok
17:16:15.0765 0x0e88 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\windows\system32\sessenv.dll
17:16:15.0843 0x0e88 SessionEnv - ok
17:16:15.0859 0x0e88 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\windows\system32\drivers\sffdisk.sys
17:16:15.0905 0x0e88 sffdisk - ok
17:16:15.0921 0x0e88 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\windows\system32\drivers\sffp_mmc.sys
17:16:15.0968 0x0e88 sffp_mmc - ok
17:16:15.0983 0x0e88 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\windows\system32\drivers\sffp_sd.sys
17:16:16.0046 0x0e88 sffp_sd - ok
17:16:16.0093 0x0e88 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\windows\system32\drivers\sfloppy.sys
17:16:16.0139 0x0e88 sfloppy - ok
17:16:16.0202 0x0e88 [ C6CC9297BD53E5229653303E556AA539, 921E21EDED244FEE15B56564B97C97785F45AB862C1012BFA0B96B121DC90076 ] Sftfs C:\windows\system32\DRIVERS\Sftfslh.sys
17:16:16.0264 0x0e88 Sftfs - ok
17:16:16.0373 0x0e88 [ 13693B6354DD6E72DC5131DA7D764B90, 447EFDA7CFB1F62EA316219D996406C8DC374097DB903F362D6E945227D8BB2D ] sftlist C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:16:16.0389 0x0e88 sftlist - ok
17:16:16.0436 0x0e88 [ 390AA7BC52CEE43F6790CDEA1E776703, 0D008289E4B14EF56D5233B7C8C789A36503FBAA8896660776557D6F08808FA7 ] Sftplay C:\windows\system32\DRIVERS\Sftplaylh.sys
17:16:16.0483 0x0e88 Sftplay - ok
17:16:16.0514 0x0e88 [ 617E29A0B0A2807466560D4C4E338D3E, 5E95D38DB9A6776EB4A15A952FA7949831D6F660EED8C3E79BD09D102BAC5D67 ] Sftredir C:\windows\system32\DRIVERS\Sftredirlh.sys
17:16:16.0545 0x0e88 Sftredir - ok
17:16:16.0576 0x0e88 [ 8F571F016FA1976F445147E9E6C8AE9B, 527AB960F2E08F598D1B953BDA4EA749831DD3C765DA278044B8AB22365F02B5 ] Sftvol C:\windows\system32\DRIVERS\Sftvollh.sys
17:16:16.0607 0x0e88 Sftvol - ok
17:16:16.0639 0x0e88 [ C3CDDD18F43D44AB713CF8C4916F7696, 38093295825AFDD08D7E32CC4EF2A6C447F6D6E3C6F7EA5554C25E7C3F16FC92 ] sftvsa C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:16:16.0654 0x0e88 sftvsa - ok
17:16:16.0685 0x0e88 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\windows\System32\ipnathlp.dll
17:16:16.0732 0x0e88 SharedAccess - ok
17:16:16.0763 0x0e88 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\windows\System32\shsvcs.dll
17:16:16.0826 0x0e88 ShellHWDetection - ok
17:16:16.0857 0x0e88 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\windows\system32\drivers\SiSRaid2.sys
17:16:16.0873 0x0e88 SiSRaid2 - ok
17:16:16.0904 0x0e88 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\windows\system32\drivers\sisraid4.sys
17:16:16.0919 0x0e88 SiSRaid4 - ok
17:16:16.0951 0x0e88 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\windows\system32\DRIVERS\smb.sys
17:16:17.0029 0x0e88 Smb - ok
17:16:17.0075 0x0e88 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\windows\System32\snmptrap.exe
17:16:17.0107 0x0e88 SNMPTRAP - ok
17:16:17.0138 0x0e88 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\windows\system32\drivers\spldr.sys
17:16:17.0185 0x0e88 spldr - ok
17:16:17.0231 0x0e88 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] Spooler C:\windows\System32\spoolsv.exe
17:16:17.0263 0x0e88 Spooler - ok
17:16:17.0668 0x0e88 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\windows\system32\sppsvc.exe
17:16:17.0887 0x0e88 sppsvc - ok
17:16:17.0933 0x0e88 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\windows\system32\sppuinotify.dll
17:16:17.0965 0x0e88 sppuinotify - ok
17:16:18.0011 0x0e88 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\windows\system32\DRIVERS\srv.sys
17:16:18.0121 0x0e88 srv - ok
17:16:18.0167 0x0e88 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\windows\system32\DRIVERS\srv2.sys
17:16:18.0245 0x0e88 srv2 - ok
17:16:18.0277 0x0e88 [ 0C4540311E11664B245A263E1154CEF8, 63376322BFFAFF2F166AF3FDD3F1A346C21FAE21F406F659F8630779D1D6525D ] SrvHsfHDA C:\windows\system32\DRIVERS\VSTAZL6.SYS
17:16:18.0308 0x0e88 SrvHsfHDA - ok
17:16:18.0401 0x0e88 [ 02071D207A9858FBE3A48CBFD59C4A04, FEA4DEBAEC3465E0C7C1E8B721805922F6BBCB96A60A193B11688F4252F4B89E ] SrvHsfV92 C:\windows\system32\DRIVERS\VSTDPV6.SYS
17:16:18.0511 0x0e88 SrvHsfV92 - ok
17:16:18.0682 0x0e88 [ 18E40C245DBFAF36FD0134A7EF2DF396, 0138A68958112101A5D3BD94114F320CE80B0C9A93E009AC78DE7415FCCC7DE7 ] SrvHsfWinac C:\windows\system32\DRIVERS\VSTCNXT6.SYS
17:16:18.0776 0x0e88 SrvHsfWinac - ok
17:16:18.0807 0x0e88 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\windows\system32\DRIVERS\srvnet.sys
17:16:18.0854 0x0e88 srvnet - ok
17:16:18.0901 0x0e88 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\windows\System32\ssdpsrv.dll
17:16:18.0963 0x0e88 SSDPSRV - ok
17:16:18.0979 0x0e88 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\windows\system32\sstpsvc.dll
17:16:19.0010 0x0e88 SstpSvc - ok
17:16:19.0025 0x0e88 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\windows\system32\drivers\stexstor.sys
17:16:19.0072 0x0e88 stexstor - ok
17:16:19.0135 0x0e88 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\windows\System32\wiaservc.dll
17:16:19.0166 0x0e88 stisvc - ok
17:16:19.0181 0x0e88 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\windows\system32\DRIVERS\swenum.sys
17:16:19.0228 0x0e88 swenum - ok
17:16:19.0291 0x0e88 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\windows\System32\swprv.dll
17:16:19.0353 0x0e88 swprv - ok
17:16:19.0462 0x0e88 [ F5B46DF59FEAA48A442AED7EEB754D4B, 8415FDD5E7B4D4819BB9B0937CDF254548C871045787958BCF708096204B1714 ] SynTP C:\windows\system32\DRIVERS\SynTP.sys
17:16:19.0509 0x0e88 SynTP - ok
17:16:19.0603 0x0e88 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\windows\system32\sysmain.dll
17:16:19.0696 0x0e88 SysMain - ok
17:16:19.0727 0x0e88 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\windows\System32\TabSvc.dll
17:16:19.0774 0x0e88 TabletInputService - ok
17:16:19.0852 0x0e88 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\windows\System32\tapisrv.dll
17:16:19.0915 0x0e88 TapiSrv - ok
17:16:19.0930 0x0e88 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\windows\System32\tbssvc.dll
17:16:19.0961 0x0e88 TBS - ok
17:16:20.0086 0x0e88 [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] Tcpip C:\windows\system32\drivers\tcpip.sys
17:16:20.0180 0x0e88 Tcpip - ok
17:16:20.0273 0x0e88 [ ACB82BDA8F46C84F465C1AFA517DC4B9, DE785AC33A0D63699E5E3E85E4C33694A15FBC9B93D432E8865C88E44CDF3E17 ] TCPIP6 C:\windows\system32\DRIVERS\tcpip.sys
17:16:20.0351 0x0e88 TCPIP6 - ok
17:16:20.0383 0x0e88 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] tcpipreg C:\windows\system32\drivers\tcpipreg.sys
17:16:20.0461 0x0e88 tcpipreg - ok
17:16:20.0492 0x0e88 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] tdcmdpst C:\windows\system32\DRIVERS\tdcmdpst.sys
17:16:20.0523 0x0e88 tdcmdpst - ok
17:16:20.0570 0x0e88 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\windows\system32\drivers\tdpipe.sys
17:16:20.0601 0x0e88 TDPIPE - ok
17:16:20.0648 0x0e88 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\windows\system32\drivers\tdtcp.sys
17:16:20.0679 0x0e88 TDTCP - ok
17:16:20.0710 0x0e88 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\windows\system32\DRIVERS\tdx.sys
17:16:20.0788 0x0e88 tdx - ok
17:16:20.0804 0x0e88 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\windows\system32\DRIVERS\termdd.sys
17:16:20.0819 0x0e88 TermDD - ok
17:16:20.0882 0x0e88 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\windows\System32\termsrv.dll
17:16:20.0944 0x0e88 TermService - ok
17:16:20.0975 0x0e88 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\windows\system32\themeservice.dll
17:16:20.0991 0x0e88 Themes - ok
17:16:21.0022 0x0e88 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\windows\system32\mmcss.dll
17:16:21.0053 0x0e88 THREADORDER - ok
17:16:21.0209 0x0e88 [ 71C321649B28638EE80A2EEB164C1DC8, D75D296B506DCC38A4DED82C71141388AEB60B065785DCC5BC2F4B3B77ACEDC7 ] TMachInfo C:\Program Files (x86)\TOSHIBA\TOSHIBA Service Station\TMachInfo.exe
17:16:21.0225 0x0e88 TMachInfo - ok
17:16:21.0241 0x0e88 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] TODDSrv C:\Windows\system32\TODDSrv.exe
17:16:21.0256 0x0e88 TODDSrv - ok
17:16:21.0459 0x0e88 [ 1C73689B900428C7D054A41C4687F55C, 6DD3CDC09E4A62F40A81872789A5C8678C0FE23DD911C2951DFF5494B6BFC012 ] TosCoSrv C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
17:16:21.0475 0x0e88 TosCoSrv - ok
17:16:21.0568 0x0e88 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58, ACAD9D96CE58EDB620AC13ACA8C6F4122BA8B2AF78468A760F21A01B43D93312 ] TOSHIBA eco Utility Service C:\Program Files\TOSHIBA\TECO\TecoService.exe
17:16:21.0584 0x0e88 TOSHIBA eco Utility Service - ok
17:16:21.0662 0x0e88 [ 29D0886CF250FCEF1BF9E65AB8D2C0C8, 8D852DB100AC68A07A6E2AD21198410EAAB36E83BB8BAEA71CB698680B5DCE71 ] TOSHIBA HDD SSD Alert Service C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosSmartSrv.exe
17:16:21.0677 0x0e88 TOSHIBA HDD SSD Alert Service - ok
17:16:21.0724 0x0e88 [ 09FF7B0B1B5C3D225495CB6F5A9B39F8, 0D2CC72B7E02B92C9A1D6B76300B75A39427046903326642B9D511A51A795027 ] tos_sps64 C:\windows\system32\DRIVERS\tos_sps64.sys
17:16:21.0771 0x0e88 tos_sps64 - ok
17:16:21.0927 0x0e88 [ 098B8A408C17E125A3D9A8E1166780C8, F25F09F62713C8234CB2B6A40A4455502C8004090BFB9EE9465546AD48369956 ] TPCHSrv C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
17:16:21.0943 0x0e88 TPCHSrv - ok
17:16:22.0005 0x0e88 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\windows\System32\trkwks.dll
17:16:22.0052 0x0e88 TrkWks - ok
17:16:22.0114 0x0e88 [ 0D5A09B08568760AE85A801FCBC0F83D, 347ACBA74FDCBEAC671521739F8A34EC0E378CAF716C31F55616F9F843E4D0D3 ] TrueSight C:\Windows\System32\drivers\TrueSight.sys
17:16:22.0161 0x0e88 TrueSight - ok
17:16:22.0223 0x0e88 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\windows\servicing\TrustedInstaller.exe
17:16:22.0270 0x0e88 TrustedInstaller - ok
17:16:22.0301 0x0e88 [ CE18B2CDFC837C99E5FAE9CA6CBA5D30, CA302C2ED6A6BF4670BAAA4F5C14C0238CF0C80316856AA0DB053F4D593033AC ] tssecsrv C:\windows\system32\DRIVERS\tssecsrv.sys
17:16:22.0348 0x0e88 tssecsrv - ok
17:16:22.0395 0x0e88 [ D11C783E3EF9A3C52C0EBE83CC5000E9, A136C355D4C8945729163D15801364A614E23217B15F9313C85BA45BB71A74EB ] TsUsbFlt C:\windows\system32\drivers\tsusbflt.sys
17:16:22.0457 0x0e88 TsUsbFlt - ok
17:16:22.0473 0x0e88 [ 9CC2CCAE8A84820EAECB886D477CBCB8, 50D8AA2D7477A6618A0C31BB4D1C4887B457865FB1105E2E7B984EEFA337B804 ] TsUsbGD C:\windows\system32\drivers\TsUsbGD.sys
17:16:22.0520 0x0e88 TsUsbGD - ok
17:16:22.0567 0x0e88 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\windows\system32\DRIVERS\tunnel.sys
17:16:22.0629 0x0e88 tunnel - ok
17:16:22.0676 0x0e88 [ 550B567F9364D8F7684C3FB3EA665A72, A214BBBBAB9F0DD525FA5A818CEB8E9294B4A96676317255D7ACF6049049C933 ] TVALZ C:\windows\system32\DRIVERS\TVALZ_O.SYS
17:16:22.0707 0x0e88 TVALZ - ok
17:16:22.0754 0x0e88 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] TVALZFL C:\windows\system32\DRIVERS\TVALZFL.sys
17:16:22.0801 0x0e88 TVALZFL - ok
17:16:22.0832 0x0e88 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\windows\system32\drivers\uagp35.sys
17:16:22.0879 0x0e88 uagp35 - ok
17:16:22.0925 0x0e88 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\windows\system32\DRIVERS\udfs.sys
17:16:23.0019 0x0e88 udfs - ok
17:16:23.0050 0x0e88 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\windows\system32\UI0Detect.exe
17:16:23.0066 0x0e88 UI0Detect - ok
17:16:23.0081 0x0e88 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\windows\system32\drivers\uliagpkx.sys
17:16:23.0128 0x0e88 uliagpkx - ok
17:16:23.0175 0x0e88 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\windows\system32\DRIVERS\umbus.sys
17:16:23.0222 0x0e88 umbus - ok
17:16:23.0253 0x0e88 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\windows\system32\drivers\umpass.sys
17:16:23.0284 0x0e88 UmPass - ok
17:16:23.0659 0x0e88 [ 7E5E1603D0FF2D240AE70295C5C3FEFC, 1E5F8E415ACE3C6DFBE636473DBE051329174F2A085516B6FC1515A54014D02B ] UNS C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
17:16:23.0768 0x0e88 UNS - ok
17:16:23.0815 0x0e88 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\windows\System32\upnphost.dll
17:16:23.0877 0x0e88 upnphost - ok
17:16:23.0908 0x0e88 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] usbccgp C:\windows\system32\DRIVERS\usbccgp.sys
17:16:23.0971 0x0e88 usbccgp - ok
17:16:24.0002 0x0e88 [ AF0892A803FDDA7492F595368E3B68E7, F263346DEB4D742EB436CF578F187AC8521D84CED52E98475E6198EC52244F07 ] usbcir C:\windows\system32\drivers\usbcir.sys
17:16:24.0049 0x0e88 usbcir - ok
17:16:24.0095 0x0e88 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] usbehci C:\windows\system32\DRIVERS\usbehci.sys
17:16:24.0127 0x0e88 usbehci - ok
17:16:24.0158 0x0e88 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] usbhub C:\windows\system32\DRIVERS\usbhub.sys
17:16:24.0236 0x0e88 usbhub - ok
17:16:24.0267 0x0e88 [ 9840FC418B4CBD632D3D0A667A725C31, 776D86A032DCA2842EF7AADB35473193CA80547223EFAA7F110F296C377077B0 ] usbohci C:\windows\system32\drivers\usbohci.sys
17:16:24.0314 0x0e88 usbohci - ok
17:16:24.0329 0x0e88 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\windows\system32\drivers\usbprint.sys
17:16:24.0376 0x0e88 usbprint - ok
17:16:24.0407 0x0e88 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\windows\system32\DRIVERS\USBSTOR.SYS
17:16:24.0454 0x0e88 USBSTOR - ok
17:16:24.0470 0x0e88 [ 62069A34518BCF9C1FD9E74B3F6DB7CD, C58E21424718729324B285BEE1C96551540FCC3FD650B2D10895EBA48D981E25 ] usbuhci C:\windows\system32\drivers\usbuhci.sys
17:16:24.0517 0x0e88 usbuhci - ok
17:16:24.0563 0x0e88 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] usbvideo C:\windows\system32\Drivers\usbvideo.sys
17:16:24.0595 0x0e88 usbvideo - ok
17:16:24.0626 0x0e88 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\windows\System32\uxsms.dll
17:16:24.0688 0x0e88 UxSms - ok
17:16:24.0735 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] VaultSvc C:\windows\system32\lsass.exe
17:16:24.0751 0x0e88 VaultSvc - ok
17:16:24.0766 0x0e88 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\windows\system32\drivers\vdrvroot.sys
17:16:24.0813 0x0e88 vdrvroot - ok
17:16:24.0844 0x0e88 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\windows\System32\vds.exe
17:16:24.0907 0x0e88 vds - ok
17:16:24.0953 0x0e88 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\windows\system32\DRIVERS\vgapnp.sys
17:16:24.0985 0x0e88 vga - ok
17:16:25.0016 0x0e88 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\windows\System32\drivers\vga.sys
17:16:25.0078 0x0e88 VgaSave - ok
17:16:25.0094 0x0e88 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\windows\system32\drivers\vhdmp.sys
17:16:25.0141 0x0e88 vhdmp - ok
17:16:25.0156 0x0e88 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\windows\system32\drivers\viaide.sys
17:16:25.0187 0x0e88 viaide - ok
17:16:25.0234 0x0e88 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\windows\system32\drivers\volmgr.sys
17:16:25.0265 0x0e88 volmgr - ok
17:16:25.0312 0x0e88 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\windows\system32\drivers\volmgrx.sys
17:16:25.0328 0x0e88 volmgrx - ok
17:16:25.0359 0x0e88 [ DF8126BD41180351A093A3AD2FC8903B, AEFF4AA89CDDAAAD43CDE17C6B6EB2A397A0AC1651CBD51B889161EC2BC6527A ] volsnap C:\windows\system32\drivers\volsnap.sys
17:16:25.0375 0x0e88 volsnap - ok
17:16:25.0406 0x0e88 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\windows\system32\drivers\vsmraid.sys
17:16:25.0468 0x0e88 vsmraid - ok
17:16:25.0577 0x0e88 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\windows\system32\vssvc.exe
17:16:25.0655 0x0e88 VSS - ok
17:16:25.0718 0x0e88 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\windows\system32\DRIVERS\vwifibus.sys
17:16:25.0780 0x0e88 vwifibus - ok
17:16:25.0811 0x0e88 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] vwififlt C:\windows\system32\DRIVERS\vwififlt.sys
17:16:25.0889 0x0e88 vwififlt - ok
17:16:25.0952 0x0e88 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\windows\system32\w32time.dll
17:16:25.0999 0x0e88 W32Time - ok
17:16:26.0061 0x0e88 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\windows\system32\drivers\wacompen.sys
17:16:26.0092 0x0e88 WacomPen - ok
17:16:26.0139 0x0e88 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\windows\system32\DRIVERS\wanarp.sys
17:16:26.0233 0x0e88 WANARP - ok
17:16:26.0248 0x0e88 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\windows\system32\DRIVERS\wanarp.sys
17:16:26.0279 0x0e88 Wanarpv6 - ok
17:16:26.0373 0x0e88 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\windows\system32\Wat\WatAdminSvc.exe
17:16:26.0420 0x0e88 WatAdminSvc - ok
17:16:26.0529 0x0e88 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\windows\system32\wbengine.exe
17:16:26.0623 0x0e88 wbengine - ok
17:16:26.0638 0x0e88 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\windows\System32\wbiosrvc.dll
17:16:26.0669 0x0e88 WbioSrvc - ok
17:16:26.0701 0x0e88 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\windows\System32\wcncsvc.dll
17:16:26.0763 0x0e88 wcncsvc - ok
17:16:26.0779 0x0e88 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\windows\System32\WcsPlugInService.dll
17:16:26.0794 0x0e88 WcsPlugInService - ok
17:16:26.0825 0x0e88 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\windows\system32\drivers\wd.sys
17:16:26.0857 0x0e88 Wd - ok
17:16:26.0903 0x0e88 [ 441BD2D7B4F98134C3A4F9FA570FD250, FF20815273014C5A27C2B75E2C70FE674809293627056199F502DFDF4CECFCA1 ] Wdf01000 C:\windows\system32\drivers\Wdf01000.sys
17:16:26.0966 0x0e88 Wdf01000 - ok
17:16:26.0981 0x0e88 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\windows\system32\wdi.dll
17:16:27.0028 0x0e88 WdiServiceHost - ok
17:16:27.0028 0x0e88 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\windows\system32\wdi.dll
17:16:27.0044 0x0e88 WdiSystemHost - ok
17:16:27.0091 0x0e88 [ 3DB6D04E1C64272F8B14EB8BC4616280, 9138642B1C19F895D4ECFD930160C80FBF15813CE63BBF4C899842C300FD3026 ] WebClient C:\windows\System32\webclnt.dll
17:16:27.0137 0x0e88 WebClient - ok
17:16:27.0153 0x0e88 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\windows\system32\wecsvc.dll
17:16:27.0215 0x0e88 Wecsvc - ok
17:16:27.0231 0x0e88 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\windows\System32\wercplsupport.dll
17:16:27.0262 0x0e88 wercplsupport - ok
17:16:27.0309 0x0e88 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\windows\System32\WerSvc.dll
17:16:27.0371 0x0e88 WerSvc - ok
17:16:27.0403 0x0e88 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\windows\system32\DRIVERS\wfplwf.sys
17:16:27.0434 0x0e88 WfpLwf - ok
17:16:27.0449 0x0e88 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\windows\system32\drivers\wimmount.sys
17:16:27.0465 0x0e88 WIMMount - ok
17:16:27.0465 0x0e88 WinHttpAutoProxySvc - ok
17:16:27.0637 0x0e88 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\windows\system32\wbem\WMIsvc.dll
17:16:27.0668 0x0e88 Winmgmt - ok
17:16:27.0808 0x0e88 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\windows\system32\WsmSvc.dll
17:16:27.0902 0x0e88 WinRM - ok
17:16:27.0964 0x0e88 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\windows\System32\wlansvc.dll
17:16:28.0027 0x0e88 Wlansvc - ok
17:16:28.0073 0x0e88 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe
17:16:28.0073 0x0e88 wlcrasvc - ok
17:16:28.0198 0x0e88 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:16:28.0245 0x0e88 wlidsvc - ok
17:16:28.0292 0x0e88 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\windows\system32\DRIVERS\wmiacpi.sys
17:16:28.0339 0x0e88 WmiAcpi - ok
17:16:28.0385 0x0e88 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\windows\system32\wbem\WmiApSrv.exe
17:16:28.0417 0x0e88 wmiApSrv - ok
17:16:28.0463 0x0e88 WMPNetworkSvc - ok
17:16:28.0495 0x0e88 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\windows\System32\wpcsvc.dll
17:16:28.0510 0x0e88 WPCSvc - ok
17:16:28.0526 0x0e88 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\windows\system32\wpdbusenum.dll
17:16:28.0588 0x0e88 WPDBusEnum - ok
17:16:28.0604 0x0e88 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\windows\system32\drivers\ws2ifsl.sys
17:16:28.0666 0x0e88 ws2ifsl - ok
17:16:28.0697 0x0e88 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\windows\System32\wscsvc.dll
17:16:28.0744 0x0e88 wscsvc - ok
17:16:28.0744 0x0e88 WSearch - ok
17:16:28.0885 0x0e88 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\windows\system32\wuaueng.dll
17:16:28.0963 0x0e88 wuauserv - ok
17:16:28.0978 0x0e88 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] WudfPf C:\windows\system32\drivers\WudfPf.sys
17:16:29.0103 0x0e88 WudfPf - ok
17:16:29.0134 0x0e88 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] WUDFRd C:\windows\system32\DRIVERS\WUDFRd.sys
17:16:29.0197 0x0e88 WUDFRd - ok
17:16:29.0228 0x0e88 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] wudfsvc C:\windows\System32\WUDFSvc.dll
17:16:29.0259 0x0e88 wudfsvc - ok
17:16:29.0275 0x0e88 [ 9A3452B3C2A46C073166C5CF49FAD1AE, D6F95F51D8E37BA4CF403965EC08CCFEEA9EEFDBFC7752432EAEC19925BDA115 ] WwanSvc C:\windows\System32\wwansvc.dll
17:16:29.0321 0x0e88 WwanSvc - ok
17:16:29.0384 0x0e88 [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929FD454BC57E5A91 ] ZAM C:\windows\System32\drivers\zam64.sys
17:16:29.0477 0x0e88 ZAM - ok
17:16:30.0601 0x0e88 [ C78761C2A5475EA16ADCD438CC17841F, 2EC81397DE7BEF39EA1E1758FE778A0A31C8D04B6AD76D9C0917D95808366A70 ] ZAMSvc C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
17:16:30.0897 0x0e88 ZAMSvc - ok
17:16:30.0991 0x0e88 [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929FD454BC57E5A91 ] ZAM_Guard C:\windows\System32\drivers\zamguard64.sys
17:16:31.0022 0x0e88 ZAM_Guard - ok
17:16:31.0022 0x0e88 ================ Scan global ===============================
17:16:31.0037 0x0e88 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\windows\system32\basesrv.dll
17:16:31.0084 0x0e88 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\windows\system32\winsrv.dll
17:16:31.0084 0x0e88 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\windows\system32\winsrv.dll
17:16:31.0131 0x0e88 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\windows\system32\sxssrv.dll
17:16:31.0178 0x0e88 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\windows\system32\services.exe
17:16:31.0178 0x0e88 [ Global ] - ok
17:16:31.0178 0x0e88 ================ Scan MBR ==================================
17:16:31.0240 0x0e88 [ 5B5E648D12FCADC244C1EC30318E1EB9 ] \Device\Harddisk0\DR0
17:16:32.0956 0x0e88 \Device\Harddisk0\DR0 - detected TDSS File System ( 1 )
17:16:32.0956 0x0e88 \Device\Harddisk0\DR0 ( TDSS File System ) - warning
17:16:32.0956 0x0e88 [ 06449E7C4AF0550B77E260798769AA40 ] \Device\Harddisk1\DR1
17:16:33.0065 0x0e88 \Device\Harddisk1\DR1 - ok
17:16:33.0081 0x0e88 ================ Scan VBR ==================================
17:16:33.0097 0x0e88 [ 8AC23BED265B9837B514C7AD0AE3474B ] \Device\Harddisk0\DR0\Partition1
17:16:33.0097 0x0e88 \Device\Harddisk0\DR0\Partition1 - ok
17:16:33.0097 0x0e88 [ 9EF3F0403422629F2348EB43B51E92DC ] \Device\Harddisk1\DR1\Partition1
17:16:33.0097 0x0e88 \Device\Harddisk1\DR1\Partition1 - ok
17:16:33.0097 0x0e88 ================ Scan active images ========================
17:16:33.0097 0x0e88 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys
17:16:33.0097 0x0e88 C:\Windows\System32\drivers\crashdmp.sys - ok
17:16:33.0097 0x0e88 [ D469B77687E12FE43E344806740B624D, DFDD486FD040813BF4E5DDB504CF9E0BFBF6D4E540DDDA4829F9B675ACF63E89 ] C:\Windows\System32\drivers\iaStor.sys
17:16:33.0097 0x0e88 C:\Windows\System32\drivers\iaStor.sys - ok
17:16:33.0112 0x0e88 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\dumpfve.sys - ok
17:16:33.0112 0x0e88 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\cdrom.sys - ok
17:16:33.0112 0x0e88 [ CDB1BE967AFF65D8395B6DF2EA8CBCCF, B72DEDDE020AC0FA4DC382B7B1C5427B8D63E83DB34BB747DC5008AFB9698E57 ] C:\Windows\System32\drivers\aswsp.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\aswsp.sys - ok
17:16:33.0112 0x0e88 [ 409CDD1400B404F655EEC1B5850FD3BE, 2D8A141B18BA155632CE110343AC7A8AB790FB76781C7E757157D9B195CCD5BA ] C:\Windows\System32\drivers\aswSnx.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\aswSnx.sys - ok
17:16:33.0112 0x0e88 [ 97F952A9050CAD88681F5F0F46B8D5A5, 5B939B906868EB4EF9E54E9769B84AA87B57EEB3883F9FC45067A354315C9A89 ] C:\Windows\System32\drivers\aswKbd.sys
17:16:33.0112 0x0e88 C:\Windows\System32\drivers\aswKbd.sys - ok
17:16:33.0128 0x0e88 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\beep.sys - ok
17:16:33.0128 0x0e88 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\null.sys - ok
17:16:33.0128 0x0e88 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\msfs.sys - ok
17:16:33.0128 0x0e88 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\RDPCDD.sys - ok
17:16:33.0128 0x0e88 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys
17:16:33.0128 0x0e88 C:\Windows\System32\drivers\RDPENCDD.sys - ok
17:16:33.0143 0x0e88 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\RDPREFMP.sys - ok
17:16:33.0143 0x0e88 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\vga.sys - ok
17:16:33.0143 0x0e88 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\videoprt.sys - ok
17:16:33.0143 0x0e88 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\watchdog.sys - ok
17:16:33.0143 0x0e88 [ 1C7857B62DE5994A75B054A9FD4C3825, 83F963D7E636532B1AD30B1E727EC429317CA540F6EB3BB268FCC0B163B67767 ] C:\Windows\System32\drivers\afd.sys
17:16:33.0143 0x0e88 C:\Windows\System32\drivers\afd.sys - ok
17:16:33.0159 0x0e88 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\npfs.sys - ok
17:16:33.0159 0x0e88 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\tdi.sys - ok
17:16:33.0159 0x0e88 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\tdx.sys - ok
17:16:33.0159 0x0e88 [ 8F492911129B1B32818BF894DC0C2C73, 1F6F2019EB3B3B20636F661A4692079FCAA521C626AF6A731D5D493B415719A7 ] C:\Windows\System32\drivers\aswRdr2.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\aswRdr2.sys - ok
17:16:33.0159 0x0e88 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\netbt.sys - ok
17:16:33.0159 0x0e88 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys
17:16:33.0159 0x0e88 C:\Windows\System32\drivers\netbios.sys - ok
17:16:33.0175 0x0e88 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\pacer.sys - ok
17:16:33.0175 0x0e88 [ 6A3D66263414FF0D6FA754C646612F3F, 30F6BA594B0D3B94113064015A16D97811CD989DF1715CCE21CEAB9894C1B4FB ] C:\Windows\System32\drivers\vwififlt.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\vwififlt.sys - ok
17:16:33.0175 0x0e88 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\wfplwf.sys - ok
17:16:33.0175 0x0e88 [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929FD454BC57E5A91 ] C:\Windows\System32\drivers\zamguard64.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\zamguard64.sys - ok
17:16:33.0175 0x0e88 [ 21E13F2CB269DEFEAE5E1D09887D47BB, 543991CA8D1C65113DFF039B85AE3F9A87F503DAEC30F46929FD454BC57E5A91 ] C:\Windows\System32\drivers\zam64.sys
17:16:33.0175 0x0e88 C:\Windows\System32\drivers\zam64.sys - ok
17:16:33.0190 0x0e88 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\rdbss.sys - ok
17:16:33.0190 0x0e88 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\termdd.sys - ok
17:16:33.0190 0x0e88 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\wanarp.sys - ok
17:16:33.0190 0x0e88 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\blbdrive.sys - ok
17:16:33.0190 0x0e88 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys
17:16:33.0190 0x0e88 C:\Windows\System32\drivers\dfsc.sys - ok
17:16:33.0206 0x0e88 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys
17:16:33.0206 0x0e88 C:\Windows\System32\drivers\discache.sys - ok
17:16:33.0206 0x0e88 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys
17:16:33.0206 0x0e88 C:\Windows\System32\drivers\mssmbios.sys - ok
17:16:33.0206 0x0e88 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys
17:16:33.0206 0x0e88 C:\Windows\System32\drivers\nsiproxy.sys - ok
17:16:33.0206 0x0e88 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys
17:16:33.0206 0x0e88 C:\Windows\System32\drivers\tunnel.sys - ok
17:16:33.0206 0x0e88 [ CF95B85FF8D128385ABD411C8CA74DED, 406CF5C07F75BC976B2F82D1E1166D255C5149B9EF57C2DEA2C8348DF231211F ] C:\Windows\System32\ntdll.dll
17:16:33.0206 0x0e88 C:\Windows\System32\ntdll.dll - ok
17:16:33.0221 0x0e88 [ 1911A3356FA3F77CCC825CCBAC038C2A, 6ED135B792C81D78B33A57F0F4770DB6105C9ED3E2193629CB3EC38BFD5B7E1B ] C:\Windows\System32\smss.exe
17:16:33.0221 0x0e88 C:\Windows\System32\smss.exe - ok
17:16:33.0221 0x0e88 [ 370C2A8629B30F910F740387795DDC6F, 7D2D69F0BC12E86236014003EEA7479BD0FDE9A469459B6550DC3AED07A02030 ] C:\Windows\System32\drivers\igdkmd64.sys
17:16:33.0221 0x0e88 C:\Windows\System32\drivers\igdkmd64.sys - ok
17:16:33.0221 0x0e88 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe
17:16:33.0221 0x0e88 C:\Windows\System32\autochk.exe - ok
17:16:33.0221 0x0e88 [ F5BEE30450E18E6B83A5012C100616FD, 44D0577D159FC2BDF4EAD1DC2C7FD14925D075225EF97608CAC52DEE405B08FD ] C:\Windows\System32\drivers\dxgkrnl.sys
17:16:33.0221 0x0e88 C:\Windows\System32\drivers\dxgkrnl.sys - ok
17:16:33.0221 0x0e88 [ 9CD68BDDF322535C02ADC8331013D13D, B887338E0C1033C93C9F157C69D5C47B05C7B27A91C9481CA8B72BDD514E9651 ] C:\Windows\System32\drivers\dxgmms1.sys
17:16:33.0221 0x0e88 C:\Windows\System32\drivers\dxgmms1.sys - ok
17:16:33.0221 0x0e88 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] C:\Windows\System32\drivers\HECIx64.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\HECIx64.sys - ok
17:16:33.0237 0x0e88 [ C025055FE7B87701EB042095DF1A2D7B, D7B34B6C2C5BD3C8141895AC21BB637EA5E3C4F7A85EEF4C4C36E6BB2045A3D9 ] C:\Windows\System32\drivers\usbehci.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\usbehci.sys - ok
17:16:33.0237 0x0e88 [ AE259C75F9A0B057B6BF9E9695632B09, 9015A708F21FBE3B198C39A651CA857CF772016D03B5DCE35DD2ABBC71DAB10B ] C:\Windows\System32\drivers\usbport.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\usbport.sys - ok
17:16:33.0237 0x0e88 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\hdaudbus.sys - ok
17:16:33.0237 0x0e88 [ 64FDF4FE366CA42DA2B7D9D424B6E39B, FC3844152E29B703373788F24862CDD307837AA53D21F978FB9C038A34593B95 ] C:\Windows\System32\drivers\rtl8192ce.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\rtl8192ce.sys - ok
17:16:33.0237 0x0e88 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] C:\Windows\System32\drivers\vwifibus.sys
17:16:33.0237 0x0e88 C:\Windows\System32\drivers\vwifibus.sys - ok
17:16:33.0253 0x0e88 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] C:\Windows\System32\drivers\i8042prt.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\i8042prt.sys - ok
17:16:33.0253 0x0e88 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\kbdclass.sys - ok
17:16:33.0253 0x0e88 [ EBED8B3FF4A823C1A6EEBEED7B29353F, 0942200EEDEDA1FF4E634CDC5182D8EDC9BC9F66E89A5DAB8DF82C3FBB2F0D59 ] C:\Windows\System32\drivers\L1C62x64.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\L1C62x64.sys - ok
17:16:33.0253 0x0e88 [ F5B46DF59FEAA48A442AED7EEB754D4B, 8415FDD5E7B4D4819BB9B0937CDF254548C871045787958BCF708096204B1714 ] C:\Windows\System32\drivers\SynTP.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\SynTP.sys - ok
17:16:33.0253 0x0e88 [ CCA2AB1752A61F29C3C941CD79D78CEA, 74D3B1710F2F90B3922341A9AA0B896CC5CD1AB9D32FF79F3CF3479928541CBD ] C:\Windows\System32\drivers\usbd.sys
17:16:33.0253 0x0e88 C:\Windows\System32\drivers\usbd.sys - ok
17:16:33.0268 0x0e88 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\mouclass.sys - ok
17:16:33.0268 0x0e88 [ FD542B661BD22FA69CA789AD0AC58C29, 75FFAF1834B1E22DF37608ED451F161052FF1FE3C681B4E20A68DCA92CC7FD8C ] C:\Windows\System32\drivers\tdcmdpst.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\tdcmdpst.sys - ok
17:16:33.0268 0x0e88 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\agilevpn.sys - ok
17:16:33.0268 0x0e88 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] C:\Windows\System32\drivers\CmBatt.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\CmBatt.sys - ok
17:16:33.0268 0x0e88 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys
17:16:33.0268 0x0e88 C:\Windows\System32\drivers\CompositeBus.sys - ok
17:16:33.0284 0x0e88 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\intelppm.sys - ok
17:16:33.0284 0x0e88 [ C8FCB4899F8B70CC34E0D9876A80963C, E4CFC69C3EE1BC5C0FFF96CE034EAD8DD9727DA165A790CB57979AA0A6CEE350 ] C:\Windows\System32\drivers\QIOMem.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\QIOMem.sys - ok
17:16:33.0284 0x0e88 [ 9C7191F4B2E49BFF47A6C1144B5923FA, DF4E663499946F4E68B7528CA399574D1EB69797FF81F681943B84F3E5E6A40E ] C:\Windows\System32\drivers\TVALZFL.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\TVALZFL.sys - ok
17:16:33.0284 0x0e88 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] C:\Windows\System32\drivers\wmiacpi.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\wmiacpi.sys - ok
17:16:33.0284 0x0e88 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys
17:16:33.0284 0x0e88 C:\Windows\System32\drivers\ndistapi.sys - ok
17:16:33.0299 0x0e88 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\ndiswan.sys - ok
17:16:33.0299 0x0e88 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\rasl2tp.sys - ok
17:16:33.0299 0x0e88 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\raspppoe.sys - ok
17:16:33.0299 0x0e88 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\raspptp.sys - ok
17:16:33.0299 0x0e88 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\rassstp.sys - ok
17:16:33.0299 0x0e88 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys
17:16:33.0299 0x0e88 C:\Windows\System32\drivers\ks.sys - ok
17:16:33.0315 0x0e88 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys
17:16:33.0315 0x0e88 C:\Windows\System32\drivers\swenum.sys - ok
17:16:33.0315 0x0e88 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys
17:16:33.0315 0x0e88 C:\Windows\System32\drivers\umbus.sys - ok
17:16:33.0315 0x0e88 [ 287C6C9410B111B68B52CA298F7B8C24, 98900C08FE662A00DF8B37837B2BEBF9ACB7989C387AF36B2109B05A4F462D4E ] C:\Windows\System32\drivers\usbhub.sys
17:16:33.0315 0x0e88 C:\Windows\System32\drivers\usbhub.sys - ok
17:16:33.0315 0x0e88 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll
17:16:33.0315 0x0e88 C:\Windows\System32\user32.dll - ok
17:16:33.0315 0x0e88 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll
17:16:33.0315 0x0e88 C:\Windows\System32\ws2_32.dll - ok
17:16:33.0331 0x0e88 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll
17:16:33.0331 0x0e88 C:\Windows\System32\difxapi.dll - ok
17:16:33.0331 0x0e88 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys
17:16:33.0331 0x0e88 C:\Windows\System32\drivers\ndproxy.sys - ok
17:16:33.0331 0x0e88 [ 0611473C1AD9E2D991CD9482068417F7, 90AFCC2A60350ECE27E75E76459132EF0FA28EF283CE88FCED4B82735A93ECDA ] C:\Windows\System32\rpcrt4.dll
17:16:33.0331 0x0e88 C:\Windows\System32\rpcrt4.dll - ok
17:16:33.0331 0x0e88 [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9FC15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys
17:16:33.0331 0x0e88 C:\Windows\System32\drivers\drmk.sys - ok
17:16:33.0331 0x0e88 [ 20506F12AFAD3DB588D007EA9325FBBC, 275ECBD0F668782ACE055AD5CA600A6885CFCDD4943BC52A2EA8339AF71EABAE ] C:\Windows\System32\drivers\CHDRT64.sys
17:16:33.0331 0x0e88 C:\Windows\System32\drivers\CHDRT64.sys - ok
17:16:33.0346 0x0e88 [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys
17:16:33.0346 0x0e88 C:\Windows\System32\drivers\portcls.sys - ok
17:16:33.0346 0x0e88 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys
17:16:33.0346 0x0e88 C:\Windows\System32\drivers\ksthunk.sys - ok
17:16:33.0346 0x0e88 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] C:\Windows\System32\drivers\IntcDAud.sys
17:16:33.0346 0x0e88 C:\Windows\System32\drivers\IntcDAud.sys - ok
17:16:33.0346 0x0e88 [ 1084AA52CCC324EA54C7121FA24C2221, 6E972CF624F7C0DE8190434B3B30279A01C551713109F97B9EBB77FAC9364754 ] C:\Windows\System32\gdi32.dll
17:16:33.0346 0x0e88 C:\Windows\System32\gdi32.dll - ok
17:16:33.0346 0x0e88 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll
17:16:33.0346 0x0e88 C:\Windows\System32\sechost.dll - ok
17:16:33.0362 0x0e88 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll
17:16:33.0362 0x0e88 C:\Windows\System32\clbcatq.dll - ok
17:16:33.0362 0x0e88 [ D202223587518B13D72D68937B7E3F70, 9DB971B866D058ADBB518DD99B87C5DB8DD1E7C9073755B989AE7E9FB62901E8 ] C:\Windows\System32\lpk.dll
17:16:33.0362 0x0e88 C:\Windows\System32\lpk.dll - ok
17:16:33.0362 0x0e88 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll
17:16:33.0362 0x0e88 C:\Windows\System32\psapi.dll - ok
17:16:33.0362 0x0e88 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll
17:16:33.0362 0x0e88 C:\Windows\System32\setupapi.dll - ok
17:16:33.0362 0x0e88 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll
17:16:33.0362 0x0e88 C:\Windows\System32\shlwapi.dll - ok
17:16:33.0362 0x0e88 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll
17:16:33.0362 0x0e88 C:\Windows\System32\comdlg32.dll - ok
17:16:33.0377 0x0e88 [ A1BE6A720D02E37F72E9CD89AE9CB3CF, 80721B622AC1EEF1F534B9C8948E2226B733123B14ABE63894D5788E4F0D6B8B ] C:\Windows\System32\imagehlp.dll
17:16:33.0377 0x0e88 C:\Windows\System32\imagehlp.dll - ok
17:16:33.0377 0x0e88 [ 6DF46D2BD74E3DA1B45F08F10D172732, 2DC945F6F2C4A82189BC7DA2FCBB7D9A0E2588A909539249E55BA82468E0C677 ] C:\Windows\System32\advapi32.dll
17:16:33.0377 0x0e88 C:\Windows\System32\advapi32.dll - ok
17:16:33.0377 0x0e88 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll
17:16:33.0377 0x0e88 C:\Windows\System32\msctf.dll - ok
17:16:33.0377 0x0e88 [ 6F1A3157A1C89435352CEB543CDB359C, 325B46220779C5FE3B6F19FF794474837FAB9675D9C98ACB68CCE47B1CFE5F12 ] C:\Windows\System32\drivers\usbccgp.sys
17:16:33.0377 0x0e88 C:\Windows\System32\drivers\usbccgp.sys - ok
17:16:33.0377 0x0e88 [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll
17:16:33.0377 0x0e88 C:\Windows\System32\oleaut32.dll - ok
17:16:33.0393 0x0e88 [ C6689007B3A749C49A5438DCF36E0CE4, 492504464293C176AD2A87F4BE9B362A5716C26F49DEEA5F6DD3BAFDF9AAAF8F ] C:\Windows\System32\shell32.dll
17:16:33.0393 0x0e88 C:\Windows\System32\shell32.dll - ok
17:16:33.0393 0x0e88 [ 91111CEBBDE8015E822C46120ED9537C, 255B85FEF663C2E0652CECF3F9B67B12B576F924A34415DEE13F0F5137E1E7F7 ] C:\Windows\System32\drivers\PGEffect.sys
17:16:33.0393 0x0e88 C:\Windows\System32\drivers\PGEffect.sys - ok
17:16:33.0393 0x0e88 [ 454800C2BC7F3927CE030141EE4F4C50, 10901E62DAA70657C499AD590DECCCA6E46FDDF4A193B2F19279E1B8ED7B1E44 ] C:\Windows\System32\drivers\usbvideo.sys
17:16:33.0393 0x0e88 C:\Windows\System32\drivers\usbvideo.sys - ok
17:16:33.0393 0x0e88 [ E8FD953D416772794408A68CC20B247D, 529ACE7EFE66FC3686946A0417DD25B0DD0C00236B547DB0491F37A5DF5E0D22 ] C:\Windows\System32\urlmon.dll
17:16:33.0393 0x0e88 C:\Windows\System32\urlmon.dll - ok
17:16:33.0393 0x0e88 [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65, 2A3EC01F3BAFE7D7D656886437F7FFECCE440C0D3F3467804769AB4BF1FF7A99 ] C:\Windows\System32\usp10.dll
17:16:33.0393 0x0e88 C:\Windows\System32\usp10.dll - ok
17:16:33.0409 0x0e88 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll
17:16:33.0409 0x0e88 C:\Windows\System32\normaliz.dll - ok
17:16:33.0409 0x0e88 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll
17:16:33.0409 0x0e88 C:\Windows\System32\Wldap32.dll - ok
17:16:33.0409 0x0e88 [ B9B42A302325537D7B9DC52D47F33A73, 0B2E367D671073EFD70641A198C340B12B1BD813263050AE16B9C48B414775E0 ] C:\Windows\System32\kernel32.dll
17:16:33.0409 0x0e88 C:\Windows\System32\kernel32.dll - ok
17:16:33.0409 0x0e88 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll
17:16:33.0409 0x0e88 C:\Windows\System32\nsi.dll - ok
17:16:33.0409 0x0e88 [ 5A45FA344F4AD99D903F4B20E43B89EC, B9DBA3ED0FD2927D89E6A18232840773EA01842AF47304DBE59FBA041472868A ] C:\Windows\System32\wininet.dll
17:16:33.0409 0x0e88 C:\Windows\System32\wininet.dll - ok
17:16:33.0409 0x0e88 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll
17:16:33.0409 0x0e88 C:\Windows\System32\imm32.dll - ok
17:16:33.0424 0x0e88 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll
17:16:33.0424 0x0e88 C:\Windows\System32\msvcrt.dll - ok
17:16:33.0424 0x0e88 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll
17:16:33.0424 0x0e88 C:\Windows\System32\ole32.dll - ok
17:16:33.0424 0x0e88 [ 78CA24E3B51C624007C1B8A7B8D6C9AF, 7FD67EB1F74BCD76CA4A8292356E1EE54CCFDC4159D2DC31C9E7A05896533DE4 ] C:\Windows\System32\iertutil.dll
17:16:33.0424 0x0e88 C:\Windows\System32\iertutil.dll - ok
17:16:33.0424 0x0e88 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll
17:16:33.0424 0x0e88 C:\Windows\System32\cfgmgr32.dll - ok
17:16:33.0424 0x0e88 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll
17:16:33.0424 0x0e88 C:\Windows\System32\devobj.dll - ok
17:16:33.0440 0x0e88 [ 6B5174702343BD955E174FDFEFA2A1A3, 54A2E26972ACBA6AA808CBE5EEA0FB2D5B8F560D8285C569078C27649311FB6A ] C:\Windows\System32\KernelBase.dll
17:16:33.0440 0x0e88 C:\Windows\System32\KernelBase.dll - ok
17:16:33.0440 0x0e88 [ 53238D99636BBA85F491C3E8FD22AB00, 4DD6F0DDC246B3362F21D0C20A398EE07797E867ACCBC8DED6FA1ADB412E4D1A ] C:\Windows\System32\wintrust.dll
17:16:33.0440 0x0e88 C:\Windows\System32\wintrust.dll - ok
17:16:33.0440 0x0e88 [ FAF1BA660F84789CCCE747CE6F9D055A, 5660C24129894750A1F0A006FC04AA413C220B18F4FB03CB4B849960A9E29AD4 ] C:\Windows\System32\crypt32.dll
17:16:33.0440 0x0e88 C:\Windows\System32\crypt32.dll - ok
17:16:33.0440 0x0e88 [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8320FAE948531EB ] C:\Windows\System32\comctl32.dll
17:16:33.0440 0x0e88 C:\Windows\System32\comctl32.dll - ok
17:16:33.0440 0x0e88 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll
17:16:33.0440 0x0e88 C:\Windows\System32\msasn1.dll - ok
17:16:33.0455 0x0e88 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll
17:16:33.0455 0x0e88 C:\Windows\SysWOW64\normaliz.dll - ok
17:16:33.0455 0x0e88 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys
17:16:33.0455 0x0e88 C:\Windows\System32\drivers\dxapi.sys - ok
17:16:33.0455 0x0e88 [ 511166D3F5D7EBA36DE48C4F5E195886, 4AE9D37AE7DE0DC1D60F613C1E21DBD6F590E3FED59F518BAF673D6192977647 ] C:\Windows\System32\win32k.sys
17:16:33.0455 0x0e88 C:\Windows\System32\win32k.sys - ok
17:16:33.0455 0x0e88 [ 96F587CA26A6AA894BD8CACE4540CFFC, 5261F58BE6A109479896C9A38AE07BA790F1F9182E6C91B2AF5DF1D5A5D12615 ] C:\Windows\System32\csrsrv.dll
17:16:33.0455 0x0e88 C:\Windows\System32\csrsrv.dll - ok
17:16:33.0455 0x0e88 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe
17:16:33.0455 0x0e88 C:\Windows\System32\csrss.exe - ok
17:16:33.0471 0x0e88 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll
17:16:33.0471 0x0e88 C:\Windows\System32\basesrv.dll - ok
17:16:33.0471 0x0e88 [ EB6A48CC998E1090E44E8E7F1009A640, 94001F8AEB2A398E7C267C90183ABED2AFA6FC4C219027C861C6C1329093464A ] C:\Windows\System32\winsrv.dll
17:16:33.0471 0x0e88 C:\Windows\System32\winsrv.dll - ok
17:16:33.0471 0x0e88 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] C:\Windows\System32\drivers\USBSTOR.SYS
17:16:33.0471 0x0e88 C:\Windows\System32\drivers\USBSTOR.SYS - ok
17:16:33.0471 0x0e88 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys
17:16:33.0471 0x0e88 C:\Windows\System32\drivers\monitor.sys - ok
17:16:33.0471 0x0e88 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll
17:16:33.0471 0x0e88 C:\Windows\System32\tsddd.dll - ok
17:16:33.0487 0x0e88 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll
17:16:33.0487 0x0e88 C:\Windows\System32\profapi.dll - ok
17:16:33.0487 0x0e88 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll
17:16:33.0487 0x0e88 C:\Windows\System32\sxssrv.dll - ok
17:16:33.0487 0x0e88 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe
17:16:33.0487 0x0e88 C:\Windows\System32\wininit.exe - ok
17:16:33.0487 0x0e88 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL
17:16:33.0487 0x0e88 C:\Windows\System32\KBDUS.DLL - ok
17:16:33.0487 0x0e88 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll
17:16:33.0487 0x0e88 C:\Windows\System32\RpcRtRemote.dll - ok
17:16:33.0502 0x0e88 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll
17:16:33.0502 0x0e88 C:\Windows\System32\WlS0WndH.dll - ok
17:16:33.0502 0x0e88 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll
17:16:33.0502 0x0e88 C:\Windows\System32\sxs.dll - ok
17:16:33.0502 0x0e88 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll
17:16:33.0502 0x0e88 C:\Windows\System32\cryptbase.dll - ok
17:16:33.0502 0x0e88 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll
17:16:33.0502 0x0e88 C:\Windows\System32\apphelp.dll - ok
17:16:33.0502 0x0e88 [ C118A82CD78818C29AB228366EBF81C3, 00820F3065871DCBA52A27C7F73BA470C4F2CB26EFB7F76FEF8B1207F81B284D ] C:\Windows\System32\lsass.exe
17:16:33.0502 0x0e88 C:\Windows\System32\lsass.exe - ok
17:16:33.0502 0x0e88 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe
17:16:33.0502 0x0e88 C:\Windows\System32\services.exe - ok
17:16:33.0518 0x0e88 [ 66A6063D0BAAD3F7B2B9868859E0743B, EEAABD90410864E2992E1A3AB2C29D0E8EF955AD49AF72A6A8EAA3D3AE9EE33E ] C:\Windows\System32\lsasrv.dll
17:16:33.0518 0x0e88 C:\Windows\System32\lsasrv.dll - ok
17:16:33.0518 0x0e88 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe
17:16:33.0518 0x0e88 C:\Windows\System32\lsm.exe - ok
17:16:33.0518 0x0e88 [ B66BC8B20B7F33975865B1DF99783FD8, 7CB446AAA2F1232AAA0178F90CEA857015CC21A9A615601F7DBFB7130CD0858B ] C:\Windows\System32\sspicli.dll
17:16:33.0518 0x0e88 C:\Windows\System32\sspicli.dll - ok
17:16:33.0518 0x0e88 [ 3A0CE5FE781708CD6ABD55313607EC8B, D7B4137ABFED3A46304605A83C1E5012E7D1C811E5C74A9F20E359988EFCD7A9 ] C:\Windows\System32\sspisrv.dll
17:16:33.0518 0x0e88 C:\Windows\System32\sspisrv.dll - ok
17:16:33.0518 0x0e88 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll
17:16:33.0518 0x0e88 C:\Windows\System32\sysntfy.dll - ok
17:16:33.0533 0x0e88 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll
17:16:33.0533 0x0e88 C:\Windows\System32\wmsgapi.dll - ok
17:16:33.0533 0x0e88 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll
17:16:33.0533 0x0e88 C:\Windows\System32\scesrv.dll - ok
17:16:33.0533 0x0e88 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll
17:16:33.0533 0x0e88 C:\Windows\System32\scext.dll - ok
17:16:33.0533 0x0e88 [ 0144D8D75A0B12938AEEE859E3310A46, C3FB240B62F736230BAC81DE8315C9236300474B189A599DBC6437AB341F166B ] C:\Windows\System32\secur32.dll
17:16:33.0533 0x0e88 C:\Windows\System32\secur32.dll - ok
17:16:33.0533 0x0e88 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll
17:16:33.0533 0x0e88 C:\Windows\System32\samsrv.dll - ok
17:16:33.0533 0x0e88 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll
17:16:33.0533 0x0e88 C:\Windows\System32\srvcli.dll - ok
17:16:33.0549 0x0e88 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll
17:16:33.0549 0x0e88 C:\Windows\System32\cryptdll.dll - ok
17:16:33.0549 0x0e88 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll
17:16:33.0549 0x0e88 C:\Windows\System32\wevtapi.dll - ok
17:16:33.0549 0x0e88 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll
17:16:33.0549 0x0e88 C:\Windows\System32\authz.dll - ok
17:16:33.0549 0x0e88 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll
17:16:33.0549 0x0e88 C:\Windows\System32\cngaudit.dll - ok
17:16:33.0549 0x0e88 [ 400645085A91BF3EB0271329B95AE0BE, 4EE924E3691F575AA6617F95A4BB521083FAB6B1D74085E4F17EC6B116FD7629 ] C:\Windows\System32\ncrypt.dll
17:16:33.0549 0x0e88 C:\Windows\System32\ncrypt.dll - ok
17:16:33.0565 0x0e88 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll
17:16:33.0565 0x0e88 C:\Windows\System32\bcrypt.dll - ok
17:16:33.0565 0x0e88 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll
17:16:33.0565 0x0e88 C:\Windows\System32\msprivs.dll - ok
17:16:33.0565 0x0e88 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll
17:16:33.0565 0x0e88 C:\Windows\System32\netjoin.dll - ok
17:16:33.0565 0x0e88 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll
17:16:33.0565 0x0e88 C:\Windows\System32\negoexts.dll - ok
17:16:33.0565 0x0e88 [ 05569A79BF4693670B709144382D02D4, 3B13C569EE4FBC63C6989A7A12A50DCCC945FAB26C6E659DEB0614640E8F40C3 ] C:\Windows\System32\cdd.dll
17:16:33.0565 0x0e88 C:\Windows\System32\cdd.dll - ok
17:16:33.0580 0x0e88 [ 16ECE8BD6734CC170B9AE74176E89A9B, CE366442B5F13E72290DFD93AE6532E7DC5F9D750CDA61E852488702A07AAE64 ] C:\Windows\System32\kerberos.dll
17:16:33.0580 0x0e88 C:\Windows\System32\kerberos.dll - ok
17:16:33.0580 0x0e88 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll
17:16:33.0580 0x0e88 C:\Windows\System32\cryptsp.dll - ok
17:16:33.0580 0x0e88 [ 1D5185A4C7E6695431AE4B55C3D7D333, 16F3906C54F1D71559836FDFCF4E83E7C9F454463D78FD577AD2D7022E0BCB51 ] C:\Windows\System32\mswsock.dll
17:16:33.0580 0x0e88 C:\Windows\System32\mswsock.dll - ok
17:16:33.0580 0x0e88 [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll
17:16:33.0580 0x0e88 C:\Windows\System32\msv1_0.dll - ok
17:16:33.0580 0x0e88 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll
17:16:33.0580 0x0e88 C:\Windows\System32\wship6.dll - ok
17:16:33.0596 0x0e88 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll
17:16:33.0596 0x0e88 C:\Windows\System32\netlogon.dll - ok
17:16:33.0596 0x0e88 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll
17:16:33.0596 0x0e88 C:\Windows\System32\dnsapi.dll - ok
17:16:33.0596 0x0e88 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll
17:16:33.0596 0x0e88 C:\Windows\System32\logoncli.dll - ok
17:16:33.0596 0x0e88 [ 1573C45E65DE32B1BC3572634F8F1E8E, 8B3D9636470ADCEEEAA83E69033487E270AB1AE58F4D44BB4B024B95F59C3CC9 ] C:\Windows\System32\schannel.dll
17:16:33.0596 0x0e88 C:\Windows\System32\schannel.dll - ok
17:16:33.0596 0x0e88 [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll
17:16:33.0596 0x0e88 C:\Windows\System32\wdigest.dll - ok
17:16:33.0596 0x0e88 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll
17:16:33.0596 0x0e88 C:\Windows\System32\rsaenh.dll - ok
17:16:33.0611 0x0e88 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll
17:16:33.0611 0x0e88 C:\Windows\System32\pku2u.dll - ok
17:16:33.0611 0x0e88 [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll
17:16:33.0611 0x0e88 C:\Windows\System32\TSpkg.dll - ok
17:16:33.0611 0x0e88 [ 7DBA64AD70C2E2481C68D9E0F7CD7840, 52EE57E9A8D3C28336BB8E7536ECE77A9FB4BAF93B9651F9A897F79F873D66BE ] C:\Windows\System32\LIVESSP.DLL
17:16:33.0611 0x0e88 C:\Windows\System32\LIVESSP.DLL - ok
17:16:33.0611 0x0e88 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll
17:16:33.0611 0x0e88 C:\Windows\System32\bcryptprimitives.dll - ok
17:16:33.0611 0x0e88 [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll
17:16:33.0611 0x0e88 C:\Windows\System32\credssp.dll - ok
17:16:33.0627 0x0e88 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll
17:16:33.0627 0x0e88 C:\Windows\System32\efslsaext.dll - ok
17:16:33.0627 0x0e88 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll
17:16:33.0627 0x0e88 C:\Windows\System32\scecli.dll - ok
17:16:33.0627 0x0e88 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll
17:16:33.0627 0x0e88 C:\Windows\System32\ubpm.dll - ok
17:16:33.0627 0x0e88 [ 6F68F63794097E54F36474ED4384B759, 745E45B1E868C395C033C3178B423D2BE121DA0ABBF859553ADF1A7D383099B7 ] C:\Windows\System32\svchost.exe
17:16:33.0627 0x0e88 C:\Windows\System32\svchost.exe - ok
17:16:33.0627 0x0e88 [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll
17:16:33.0627 0x0e88 C:\Windows\System32\winsta.dll - ok
17:16:33.0643 0x0e88 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll
17:16:33.0643 0x0e88 C:\Windows\System32\umpnpmgr.dll - ok
17:16:33.0643 0x0e88 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll
17:16:33.0643 0x0e88 C:\Windows\System32\SPInf.dll - ok
17:16:33.0643 0x0e88 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll
17:16:33.0643 0x0e88 C:\Windows\System32\devrtl.dll - ok
17:16:33.0643 0x0e88 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll
17:16:33.0643 0x0e88 C:\Windows\System32\gpapi.dll - ok
17:16:33.0643 0x0e88 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll
17:16:33.0643 0x0e88 C:\Windows\System32\userenv.dll - ok
17:16:33.0658 0x0e88 [ 6BA9D927DDED70BD1A9CADED45F8B184, 66203CE70A5EDE053929A940F38924C6792239CCCE10DD2C1D90D5B4D6748B55 ] C:\Windows\System32\umpo.dll
17:16:33.0658 0x0e88 C:\Windows\System32\umpo.dll - ok
17:16:33.0658 0x0e88 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll
17:16:33.0658 0x0e88 C:\Windows\System32\pcwum.dll - ok
17:16:33.0658 0x0e88 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll
17:16:33.0658 0x0e88 C:\Windows\System32\powrprof.dll - ok
17:16:33.0658 0x0e88 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] C:\Windows\System32\drivers\luafv.sys
17:16:33.0658 0x0e88 C:\Windows\System32\drivers\luafv.sys - ok
17:16:33.0658 0x0e88 [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe
17:16:33.0658 0x0e88 C:\Windows\System32\winlogon.exe - ok
17:16:33.0658 0x0e88 [ 9C6C17C495E960E52EDE5D038EE92AE1, C056799A124C7473E871D73E3661D58B2EA01EE6F3614AEDB239463D0FBB9841 ] C:\Windows\System32\drivers\aswMonFlt.sys
17:16:33.0658 0x0e88 C:\Windows\System32\drivers\aswMonFlt.sys - ok
17:16:33.0674 0x0e88 [ A8D28D5B3E2A528D1EF0E338E44F2820, 40D1EFDD253BC0A0D984A5AD8A2721C3E83B15F14D538204714E6D5B00D92CEB ] C:\Windows\System32\drivers\mbam.sys
17:16:33.0674 0x0e88 C:\Windows\System32\drivers\mbam.sys - ok
17:16:33.0674 0x0e88 [ 8F571F016FA1976F445147E9E6C8AE9B, 527AB960F2E08F598D1B953BDA4EA749831DD3C765DA278044B8AB22365F02B5 ] C:\Windows\System32\drivers\Sftvollh.sys
17:16:33.0674 0x0e88 C:\Windows\System32\drivers\Sftvollh.sys - ok
17:16:33.0674 0x0e88 [ D3381DC54C34D79B22CEE0D65BA91B7C, 70DC4ADCA4C0C28BB133287511E329D1B6B9B97F96CDE5B1D2F1F59FE1A965D9 ] C:\Windows\System32\drivers\WUDFPf.sys
17:16:33.0674 0x0e88 C:\Windows\System32\drivers\WUDFPf.sys - ok
17:16:33.0674 0x0e88 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll
17:16:33.0674 0x0e88 C:\Windows\System32\RpcEpMap.dll - ok
17:16:33.0674 0x0e88 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll
17:16:33.0674 0x0e88 C:\Windows\System32\rpcss.dll - ok
17:16:33.0689 0x0e88 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL
17:16:33.0689 0x0e88 C:\Windows\System32\WSHTCPIP.DLL - ok
17:16:33.0689 0x0e88 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll
17:16:33.0689 0x0e88 C:\Windows\System32\wshqos.dll - ok
17:16:33.0689 0x0e88 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll
17:16:33.0689 0x0e88 C:\Windows\System32\FirewallAPI.dll - ok
17:16:33.0689 0x0e88 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll
17:16:33.0689 0x0e88 C:\Windows\System32\version.dll - ok
17:16:33.0689 0x0e88 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll
17:16:33.0689 0x0e88 C:\Windows\System32\wevtsvc.dll - ok
17:16:33.0705 0x0e88 [ 0BEE002C68E28CE6DA161DCF1376D7D7, 1D4EE0B9CE22D139478008D5591B8C9F027C235CBA601F95A96547CF98159D4B ] C:\Windows\System32\authui.dll
17:16:33.0705 0x0e88 C:\Windows\System32\authui.dll - ok
17:16:33.0705 0x0e88 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe
17:16:33.0705 0x0e88 C:\Windows\System32\LogonUI.exe - ok
17:16:33.0705 0x0e88 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll
17:16:33.0705 0x0e88 C:\Windows\System32\adtschema.dll - ok
17:16:33.0705 0x0e88 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll
17:16:33.0705 0x0e88 C:\Windows\System32\audiosrv.dll - ok
17:16:33.0705 0x0e88 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll
17:16:33.0705 0x0e88 C:\Windows\System32\cryptui.dll - ok
17:16:33.0721 0x0e88 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll
17:16:33.0721 0x0e88 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok
17:16:33.0721 0x0e88 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll
17:16:33.0721 0x0e88 C:\Windows\System32\avrt.dll - ok
17:16:33.0721 0x0e88 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll
17:16:33.0721 0x0e88 C:\Windows\System32\mmcss.dll - ok
17:16:33.0721 0x0e88 [ 80E69670BDA10F32A941BA7358E33012, AFEC6DB90B06381074B23DC91BEF34E7EA4C87F4B6D836F6BF6BB05CDDBF7605 ] C:\Windows\System32\WUDFPlatform.dll
17:16:33.0721 0x0e88 C:\Windows\System32\WUDFPlatform.dll - ok
17:16:33.0721 0x0e88 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll
17:16:33.0721 0x0e88 C:\Windows\System32\MMDevAPI.dll - ok
17:16:33.0721 0x0e88 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll
17:16:33.0721 0x0e88 C:\Windows\System32\propsys.dll - ok
17:16:33.0736 0x0e88 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
17:16:33.0736 0x0e88 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
17:16:33.0736 0x0e88 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll
17:16:33.0736 0x0e88 C:\Windows\System32\samlib.dll - ok
17:16:33.0736 0x0e88 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll
17:16:33.0736 0x0e88 C:\Windows\System32\shacct.dll - ok
17:16:33.0736 0x0e88 [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe
17:16:33.0736 0x0e88 C:\Windows\System32\audiodg.exe - ok
17:16:33.0736 0x0e88 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll
17:16:33.0752 0x0e88 C:\Windows\System32\uxtheme.dll - ok
17:16:33.0752 0x0e88 [ 179E8401224D557ECFF3695F2016EA5B, E2E54F1D5F8573CA036D837B045371A4E0BDAF6DB2CD3FFFF95C4064296E3A2D ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
17:16:33.0752 0x0e88 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
17:16:33.0752 0x0e88 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll
17:16:33.0752 0x0e88 C:\Windows\System32\gpsvc.dll - ok
17:16:33.0752 0x0e88 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll
17:16:33.0752 0x0e88 C:\Windows\System32\ntmarta.dll - ok
17:16:33.0752 0x0e88 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll
17:16:33.0752 0x0e88 C:\Windows\System32\dui70.dll - ok
17:16:33.0752 0x0e88 [ 2DF36F15B2BC1571A6A542A3C2107920, A918F1EE95269DF973421AF2F5713DEEAF15EF0F77BAA7E8C515FFB69896FB7A ] C:\Windows\System32\nlaapi.dll
17:16:33.0752 0x0e88 C:\Windows\System32\nlaapi.dll - ok
17:16:33.0767 0x0e88 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll
17:16:33.0767 0x0e88 C:\Windows\System32\profsvc.dll - ok
17:16:33.0767 0x0e88 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll
17:16:33.0767 0x0e88 C:\Windows\System32\atl.dll - ok
17:16:33.0767 0x0e88 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll
17:16:33.0767 0x0e88 C:\Windows\System32\themeservice.dll - ok
17:16:33.0767 0x0e88 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll
17:16:33.0767 0x0e88 C:\Windows\System32\dsrole.dll - ok
17:16:33.0767 0x0e88 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll
17:16:33.0767 0x0e88 C:\Windows\System32\slc.dll - ok
17:16:33.0767 0x0e88 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll
17:16:33.0767 0x0e88 C:\Windows\System32\duser.dll - ok
17:16:33.0783 0x0e88 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll
17:16:33.0783 0x0e88 C:\Windows\System32\es.dll - ok
17:16:33.0783 0x0e88 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll
17:16:33.0783 0x0e88 C:\Windows\System32\winmm.dll - ok
17:16:33.0783 0x0e88 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll
17:16:33.0783 0x0e88 C:\Windows\System32\comres.dll - ok
17:16:33.0783 0x0e88 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll
17:16:33.0783 0x0e88 C:\Windows\System32\Sens.dll - ok
17:16:33.0783 0x0e88 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll
17:16:33.0783 0x0e88 C:\Windows\System32\uxsms.dll - ok
17:16:33.0799 0x0e88 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll
17:16:33.0799 0x0e88 C:\Windows\System32\wtsapi32.dll - ok
17:16:33.0799 0x0e88 [ 7A95C95B6C4CF292D689106BCAE49543, 9029F489E1E817CE12839B8C6656E46190497D445DC3F43C20CF96E5E6BD0691 ] C:\Windows\System32\WUDFSvc.dll
17:16:33.0799 0x0e88 C:\Windows\System32\WUDFSvc.dll - ok
17:16:33.0799 0x0e88 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll
17:16:33.0799 0x0e88 C:\Windows\System32\SndVolSSO.dll - ok
17:16:33.0799 0x0e88 [ F6B5E463A0BB934C26FB319EDC726F65, 8B4E94181E7C2B479F7F675C221419B42C55C74F02A0DD8FFD9643A5A19AB944 ] C:\Windows\System32\drivers\aswStm.sys
17:16:33.0799 0x0e88 C:\Windows\System32\drivers\aswStm.sys - ok
17:16:33.0799 0x0e88 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys
17:16:33.0799 0x0e88 C:\Windows\System32\drivers\lltdio.sys - ok
17:16:33.0814 0x0e88 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] C:\Windows\System32\drivers\nwifi.sys
17:16:33.0814 0x0e88 C:\Windows\System32\drivers\nwifi.sys - ok
17:16:33.0814 0x0e88 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] C:\Windows\System32\drivers\ndisuio.sys
17:16:33.0814 0x0e88 C:\Windows\System32\drivers\ndisuio.sys - ok
17:16:33.0814 0x0e88 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys
17:16:33.0814 0x0e88 C:\Windows\System32\drivers\rspndr.sys - ok
17:16:33.0814 0x0e88 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll
17:16:33.0814 0x0e88 C:\Windows\System32\hid.dll - ok
17:16:33.0814 0x0e88 [ 1473768973453DE50DC738C2955FC4DD, 14BC5DA2442CB726ACC1F277DDBECCF5D61E3A0A3E083A55A0BB610191E35220 ] C:\Windows\System32\wdmaud.drv
17:16:33.0814 0x0e88 C:\Windows\System32\wdmaud.drv - ok
17:16:33.0814 0x0e88 [ 8560FFFC8EB3A806DCD4F82252CFC8C6, CC27BC092369A89D6147B16568FEDEB68B584D5738CD686C31F7FAE22ED17B3B ] C:\Windows\System32\ksuser.dll
17:16:33.0814 0x0e88 C:\Windows\System32\ksuser.dll - ok
17:16:33.0830 0x0e88 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL
17:16:33.0830 0x0e88 C:\Windows\System32\IPHLPAPI.DLL - ok
17:16:33.0830 0x0e88 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll
17:16:33.0830 0x0e88 C:\Windows\System32\lmhsvc.dll - ok
17:16:33.0830 0x0e88 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll
17:16:33.0830 0x0e88 C:\Windows\System32\nsisvc.dll - ok
17:16:33.0830 0x0e88 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll
17:16:33.0830 0x0e88 C:\Windows\System32\dhcpcore.dll - ok
17:16:33.0830 0x0e88 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll
17:16:33.0830 0x0e88 C:\Windows\System32\nrpsrv.dll - ok
17:16:33.0845 0x0e88 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll
17:16:33.0845 0x0e88 C:\Windows\System32\winnsi.dll - ok
17:16:33.0845 0x0e88 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll
17:16:33.0845 0x0e88 C:\Windows\System32\dnsrslvr.dll - ok
17:16:33.0845 0x0e88 [ 87356377F31DA5F20A833811CD59499C, 4FEC1FD3AC4E4E34DCBC0109B248952604F438C84B1604EB9E2359FA721E23C4 ] C:\Windows\System32\eapphost.dll
17:16:33.0845 0x0e88 C:\Windows\System32\eapphost.dll - ok
17:16:33.0845 0x0e88 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] C:\Windows\System32\eapsvc.dll
17:16:33.0845 0x0e88 C:\Windows\System32\eapsvc.dll - ok
17:16:33.0845 0x0e88 [ F9EC845C5EECF20E9A67F9F805F2EF1F, C3DBA8CF93DBF50954B1BF6D7EF3F6F5DD1A56DC62B7EB2749C54D9B65D9BB43 ] C:\Windows\System32\keyiso.dll
17:16:33.0845 0x0e88 C:\Windows\System32\keyiso.dll - ok
17:16:33.0861 0x0e88 [ 71C7B65B6557B75B99907E76956AE4B8, 38AD0E96D6AD36C0643761D5F5DB7A2802E059008C0984ABF61F4D8703DE4B3B ] C:\Windows\System32\dhcpcore6.dll
17:16:33.0861 0x0e88 C:\Windows\System32\dhcpcore6.dll - ok
17:16:33.0861 0x0e88 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll
17:16:33.0861 0x0e88 C:\Windows\System32\dwmapi.dll - ok
17:16:33.0861 0x0e88 [ 0040C486584A8E582C861CFB57AB5387, 5EE17B55CB702D14AE75B19226DE21CD2498BDA6C6EF5872FDB8A718F401FED1 ] C:\Windows\System32\FWPUCLNT.DLL
17:16:33.0861 0x0e88 C:\Windows\System32\FWPUCLNT.DLL - ok
17:16:33.0861 0x0e88 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll
17:16:33.0861 0x0e88 C:\Windows\System32\xmllite.dll - ok
17:16:33.0861 0x0e88 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll
17:16:33.0861 0x0e88 C:\Windows\System32\umb.dll - ok
17:16:33.0861 0x0e88 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] C:\Windows\System32\wlansvc.dll
17:16:33.0861 0x0e88 C:\Windows\System32\wlansvc.dll - ok
17:16:33.0877 0x0e88 [ DC220AE6F64819099F7EBD6F137E32E7, B8FE13B859FA83500DD95637FA6D4A5B8392C2A363E41D014D3B5374F636E1DE ] C:\Windows\System32\AudioSes.dll
17:16:33.0877 0x0e88 C:\Windows\System32\AudioSes.dll - ok
17:16:33.0877 0x0e88 [ 1B7C3A37362C7B2890168C5FC61C8D9B, 03727930E5BB5F9D91BAB901FC9A2E3B795D68E2AEE6A2CC3477F356C45A9C54 ] C:\Windows\System32\msacm32.drv
17:16:33.0877 0x0e88 C:\Windows\System32\msacm32.drv - ok
17:16:33.0877 0x0e88 [ 10AC5CE9F78DC281A1BBD9B8CC587B8A, 72288C0A88916D3C3828DBD948DBDB0928F26106319F8E60102D6C9004514D60 ] C:\Windows\System32\msacm32.dll
17:16:33.0877 0x0e88 C:\Windows\System32\msacm32.dll - ok
17:16:33.0877 0x0e88 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll
17:16:33.0877 0x0e88 C:\Windows\System32\dhcpcsvc.dll - ok
17:16:33.0877 0x0e88 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll
17:16:33.0877 0x0e88 C:\Windows\System32\dnsext.dll - ok
17:16:33.0892 0x0e88 [ CA2A0750ED830678997695FF61B04C30, E84860CD97AA3C4565ABB2D5D406A5C42B1AD2D8BA1B8CF81FE564D91F15F976 ] C:\Windows\System32\midimap.dll
17:16:33.0892 0x0e88 C:\Windows\System32\midimap.dll - ok
17:16:33.0892 0x0e88 [ 5EDBB34736DD7AC1A73CF8792A835E10, 15E87C449AAF2095273341DD9355D8DF2690340D1DEFAF0DFF034F1CDF4316F8 ] C:\Windows\System32\AudioEng.dll
17:16:33.0892 0x0e88 C:\Windows\System32\AudioEng.dll - ok
17:16:33.0892 0x0e88 [ 4CBCC37856EA2039C27A2FB661DDA0E5, 74CBFAB3092A9564BDDFCB84DB3E3F8BCFD1492938ADF187423D3355D73D21C6 ] C:\Windows\System32\dhcpcsvc6.dll
17:16:33.0892 0x0e88 C:\Windows\System32\dhcpcsvc6.dll - ok
17:16:33.0892 0x0e88 [ 26B73A85855681500BCC25C7CD9FF5B1, 94D134A6AF53AD629A4505B8B0EA37F61BB43AF4DB71874E7E87853163A9282A ] C:\Windows\System32\WindowsCodecs.dll
17:16:33.0892 0x0e88 C:\Windows\System32\WindowsCodecs.dll - ok
17:16:33.0892 0x0e88 [ A648C4A06DE367065B24056D067B4460, 2412487D65A833DDD9AB17D039515CC08DA22D006259EC4B03E42475FAFFD2AD ] C:\Windows\System32\wlanmsm.dll
17:16:33.0892 0x0e88 C:\Windows\System32\wlanmsm.dll - ok
17:16:33.0908 0x0e88 [ C1395286B822E306B4FE1568A8A77813, 0642B6C793BE0EED5E7D1D2533FC5A01417C50040FC60A8E89BD97CE4A119388 ] C:\Windows\System32\AUDIOKSE.dll
17:16:33.0908 0x0e88 C:\Windows\System32\AUDIOKSE.dll - ok
17:16:33.0908 0x0e88 [ 73FCB7919DEE80EE556F2E498594EBAE, D0F7A0AD3BC33263E9C2CF9787DD326436F9E0C9F5031D769F8A43C64C08A762 ] C:\Windows\System32\onex.dll
17:16:33.0908 0x0e88 C:\Windows\System32\onex.dll - ok
17:16:33.0908 0x0e88 [ 06A1386B6E3A0CBC368665C1840906F4, C10BCA5092A0B3F9435CE4D65C7449528C89F5C5243B410878D2EBF516DA2FB2 ] C:\Windows\System32\wlansec.dll
17:16:33.0908 0x0e88 C:\Windows\System32\wlansec.dll - ok
17:16:33.0908 0x0e88 [ 0D753307D274F3688BD21C377B616700, 5DD08E77A11F2561FB96BA212FDDFE21D4394C69C34C3EB88F7F5CD068EE55BF ] C:\Windows\System32\eappcfg.dll
17:16:33.0908 0x0e88 C:\Windows\System32\eappcfg.dll - ok
17:16:33.0908 0x0e88 [ 65522E77A1360DBC8D199DA3BF5EFFE4, E9D748070FA478A3D37F15049F998D340885C0DC5FCE03BFCE5D521C9EBA7350 ] C:\Windows\System32\eappprxy.dll
17:16:33.0908 0x0e88 C:\Windows\System32\eappprxy.dll - ok
17:16:33.0908 0x0e88 [ 97E43F324BE1503CB2FFB058534688DA, 50C781DF38D0D38C9A5420AB1FFF8672DC13FD1ED8E9F5432B4BA3077A7435D5 ] C:\Windows\System32\l2gpstore.dll
17:16:33.0908 0x0e88 C:\Windows\System32\l2gpstore.dll - ok
17:16:33.0923 0x0e88 [ 730BF204A595D5B6D7DC57A247CC741C, 264C6901F4A49B738BBD04BCA1783DEE892885BADE9085B0AEA40BAE7CC0A218 ] C:\Windows\System32\wlgpclnt.dll
17:16:33.0923 0x0e88 C:\Windows\System32\wlgpclnt.dll - ok
17:16:33.0923 0x0e88 [ AA0B1A7B4750F655936F2F82B5E84428, 443A3822D3BD776922402353C7E8C1257DB2A3D8EE335265934C52BB5820A972 ] C:\Windows\System32\CX64AP40.dll
17:16:33.0923 0x0e88 C:\Windows\System32\CX64AP40.dll - ok
17:16:33.0923 0x0e88 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll
17:16:33.0923 0x0e88 C:\Windows\System32\VaultCredProvider.dll - ok
17:16:33.0923 0x0e88 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll
17:16:33.0923 0x0e88 C:\Windows\System32\winbrand.dll - ok
17:16:33.0923 0x0e88 [ 7D5645EE0EA77D539828433D9B95F5EB, EEF81E9B2205FC456DB6095AD0AEAB38BB131D3BCD090EA6CD91D5568ACAFB7F ] C:\Windows\System32\WinSCard.dll
17:16:33.0923 0x0e88 C:\Windows\System32\WinSCard.dll - ok
17:16:33.0939 0x0e88 [ 7F1B4C6FF3B85F9ADF74055187B8A22C, CC95DA5662638AACBE9643DCB236464C2C2095A8D5CDC8A747045870BE9D0E7D ] C:\Windows\System32\wlanutil.dll
17:16:33.0939 0x0e88 C:\Windows\System32\wlanutil.dll - ok
17:16:33.0939 0x0e88 [ CA2985996BB49924B677113DF95CFEA7, 91F63863B1B597AE421CD2C3D8A3E00578B17876E5F5B828D25C2C9B349ECCCD ] C:\Windows\System32\SmartcardCredentialProvider.dll
17:16:33.0939 0x0e88 C:\Windows\System32\SmartcardCredentialProvider.dll - ok
17:16:33.0939 0x0e88 [ 4FFDE68C4B7C9993FA551E7E36DDB34D, CA362D5AAE3B1DC8F5BBF5507B5F4126E7AE21EC524ACC717451830C5A59FB48 ] C:\Windows\System32\msxml6.dll
17:16:33.0939 0x0e88 C:\Windows\System32\msxml6.dll - ok
17:16:33.0939 0x0e88 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll
17:16:33.0939 0x0e88 C:\Windows\System32\BioCredProv.dll - ok
17:16:33.0939 0x0e88 [ CC0AB40F02D2C2A12209715A3C1B07B8, 90EB303A4E151340DB382248361FEFC5346C31394791DF83663086C8219C2B20 ] C:\Windows\System32\credui.dll
17:16:33.0939 0x0e88 C:\Windows\System32\credui.dll - ok
17:16:33.0939 0x0e88 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll
17:16:33.0939 0x0e88 C:\Windows\System32\winbio.dll - ok
17:16:33.0955 0x0e88 [ 764908FE1FA96F93C95B1B67A0FCED29, 26EF25AB307903C5E806A8CC3B750A491049E5D1225CEDDFCE64DD51AA6F592B ] C:\Windows\System32\netapi32.dll
17:16:33.0955 0x0e88 C:\Windows\System32\netapi32.dll - ok
17:16:33.0955 0x0e88 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll
17:16:33.0955 0x0e88 C:\Windows\System32\vaultcli.dll - ok
17:16:33.0955 0x0e88 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll
17:16:33.0955 0x0e88 C:\Windows\System32\netutils.dll - ok
17:16:33.0955 0x0e88 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll
17:16:33.0955 0x0e88 C:\Windows\System32\wkscli.dll - ok
17:16:33.0955 0x0e88 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll
17:16:33.0955 0x0e88 C:\Windows\System32\samcli.dll - ok
17:16:33.0970 0x0e88 [ F79C9E3947B904FA3200A2204F9C52BB, 5D7274BF4AB25CB4E52D5FC6B5DF129BFBAEF028457ACF07624F6D00F67E1237 ] C:\Windows\System32\tosWirelessLANIndicatorCP.dll
17:16:33.0970 0x0e88 C:\Windows\System32\tosWirelessLANIndicatorCP.dll - ok
17:16:33.0970 0x0e88 [ AED6D63CFA5A3EF7021AF9C457FEE994, B4BFA27F677295B00A1DF9A7E14DB4B75CAC2DD41B898D4E9A378ECCCE3699F0 ] C:\Windows\System32\msvcr100.dll
17:16:33.0970 0x0e88 C:\Windows\System32\msvcr100.dll - ok
17:16:33.0970 0x0e88 [ 6F3C559B82F2912354BE5B098744CC8C, EB64E5C02C81588921A65194E1256E80699A1317E7D9A57395CD38C2639C8B08 ] C:\Windows\System32\WMALFXGFXDSP.dll
17:16:33.0970 0x0e88 C:\Windows\System32\WMALFXGFXDSP.dll - ok
17:16:33.0970 0x0e88 [ 03706015DB44368375AEBE6339490E66, 02EB28B5156E320C1EBABC03D37E94EB770A721B99E1DD276F8DC2A50D76C381 ] C:\Windows\System32\netcfgx.dll
17:16:33.0970 0x0e88 C:\Windows\System32\netcfgx.dll - ok
17:16:33.0970 0x0e88 [ 08D8C5E32648D6E7976F0458545EA600, C042DDBCB278E1EB47AD7F02F81B3A233A41A335BDA4E9690F84208DDF7ACED7 ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll
17:16:33.0970 0x0e88 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCP.dll - ok
17:16:33.0986 0x0e88 [ 54B5DCD55B223BC5DF50B82E1E9E86B1, 025294DD69A421FE4EACAA463F8CB797610D8F3A7A3C61656AE83D0CEE07A9BF ] C:\Windows\System32\mfplat.dll
17:16:33.0986 0x0e88 C:\Windows\System32\mfplat.dll - ok
17:16:33.0986 0x0e88 [ 03E0955A7D8E5E74E7F6986A56A66196, 53471761EC1F22F3FC6E60770A60338F538DFD2CC74B081AD378F43B62BD80A5 ] C:\Windows\System32\MaxxAudioAPO30.dll
17:16:33.0986 0x0e88 C:\Windows\System32\MaxxAudioAPO30.dll - ok
17:16:33.0986 0x0e88 [ 8EF7C84BB20329D6DCAC09CF6B19345A, 98F2F312F273C52653DC72F8A69ACBD79F588FF1B53CC7DFA85C26B6F7EF620B ] C:\Program Files\AVAST Software\Avast\AvastSvc.exe
17:16:33.0986 0x0e88 C:\Program Files\AVAST Software\Avast\AvastSvc.exe - ok
17:16:33.0986 0x0e88 [ D037BEA6039248D4DE0C5F361F19970D, 652E0AB01F21C3CBDBA496C88D175EC16E644E2BCB0526E70581B67EA5E681CE ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll
17:16:33.0986 0x0e88 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVHelper.dll - ok
17:16:33.0986 0x0e88 [ E73B0F1819602CB6EF176FB78D76A47B, 54B000D3CAFE32AA7541437F6AA0950EE0A23624ECB6B3D07855E5C0F1F9E77D ] C:\Windows\SysWOW64\ntdll.dll
17:16:33.0986 0x0e88 C:\Windows\SysWOW64\ntdll.dll - ok
17:16:34.0001 0x0e88 [ 7AE92C896AF9ABFBDB18C1D055B6EBA7, 10860A572AF26ABFBDC035BCC5205F1EE1D53C7DBF66CA99D9C97D2003BC58D2 ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll
17:16:34.0001 0x0e88 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcp80.dll - ok
17:16:34.0001 0x0e88 [ B1E3772FFA96AC5AEE89BF202AF8E348, 064DB26C5C9F7369BA2671DE30DFAF595DC2726B4104B81D142571DEE0F50CA6 ] C:\Windows\System32\wow64.dll
17:16:34.0001 0x0e88 C:\Windows\System32\wow64.dll - ok
17:16:34.0001 0x0e88 [ FC5A43FA257F546F8F2B96B5529857E1, 6B3AA2F2F4796F3C5D8B95DBD6392C4CADCB270B2A5B80631B9F54D0FAED0708 ] C:\Windows\System32\wow64win.dll
17:16:34.0001 0x0e88 C:\Windows\System32\wow64win.dll - ok
17:16:34.0001 0x0e88 [ AA0D2571A4348838B8DD49FD0043826A, 6D445B0214AA5733483ADAC2FB0D16E9D073698C2A458A4019BA8DC2BC96ED00 ] C:\Windows\System32\wow64cpu.dll
17:16:34.0001 0x0e88 C:\Windows\System32\wow64cpu.dll - ok
17:16:34.0001 0x0e88 [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB, 128098D77578E37EEB744485E593196D67120B4054983A31ACD577AE58842479 ] C:\Windows\SysWOW64\kernel32.dll
17:16:34.0001 0x0e88 C:\Windows\SysWOW64\kernel32.dll - ok
17:16:34.0017 0x0e88 [ 06A754FE28A06F780A099703CFCAAA22, FCADF16C88EEC651258149616202CC29D649FE8CBBBA481BEA9A67C2ED82844B ] C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll
17:16:34.0017 0x0e88 C:\Windows\winsxs\amd64_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.4940_none_88df89932faf0bf6\msvcr80.dll - ok
17:16:34.0017 0x0e88 [ 9AE75388EE2C110216B8319584E8AC34, 6F5E79903FF4B6A17E42949E4D09CE25DB944062317CAA5346FC9F39CBAE575F ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll
17:16:34.0017 0x0e88 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVCtrl.dll - ok
17:16:34.0017 0x0e88 [ 5C2D21C9B6B6175B89BC5D7E3CB979E1, D3ED2B763653C19B9E436BD6694D20794A9CCC3F9E9A49E4CEE7A978219AC66D ] C:\Windows\SysWOW64\KernelBase.dll
17:16:34.0017 0x0e88 C:\Windows\SysWOW64\KernelBase.dll - ok
17:16:34.0017 0x0e88 [ 2A9238A326763122424E07EF320D5D3A, 8654CABFC1DCEA16C57BFD93C776E7EA33072F288B79CEE8FACECF69173EA4FE ] C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll
17:16:34.0017 0x0e88 C:\Program Files\Toshiba\SmartFaceV\FaceRec.dll - ok
17:16:34.0017 0x0e88 [ 91175B7E997CFAC64F271A15B4217BC7, 64F01CFD0FB239407D8D59AAA529E8AC4CAC59472A6D924C0F7DF41DED53A5B1 ] C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll
17:16:34.0017 0x0e88 C:\Program Files\Toshiba\SmartFaceV\FaceHI.dll - ok
17:16:34.0033 0x0e88 [ 2116A5E99C64757EA71EE0F14DC6482C, 2FD31262ED876A70D8BC433BDD5AAFB88CAD1561D722BF034DBD99EE31FDA2CC ] C:\Program Files\AVAST Software\Avast\aswCmnBS.dll
17:16:34.0033 0x0e88 C:\Program Files\AVAST Software\Avast\aswCmnBS.dll - ok
17:16:34.0033 0x0e88 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll
17:16:34.0033 0x0e88 C:\Windows\SysWOW64\user32.dll - ok
17:16:34.0033 0x0e88 [ 9C5BF3E0541B8A2F85DF1D642E495EE4, 081C1BF855CA1D1C40751890AAF827C2DFC977FF4F7F8A5F6D25397356B3F49C ] C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll
17:16:34.0033 0x0e88 C:\Program Files\Toshiba\SmartFaceV\SmartFaceVLogOn.dll - ok
17:16:34.0033 0x0e88 [ D6D3AD7BF1D6F6CE9547613ED5E170A2, EA3BD7FEC193A8CFE1D5736301ACADC476FB6AAC5475A45776D0A638E9845445 ] C:\Windows\SysWOW64\gdi32.dll
17:16:34.0033 0x0e88 C:\Windows\SysWOW64\gdi32.dll - ok
17:16:34.0033 0x0e88 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll
17:16:34.0033 0x0e88 C:\Windows\System32\certCredProvider.dll - ok
17:16:34.0033 0x0e88 [ 032229246107C5C7211E6D1498B52D3D, 8B492A0621BA88EBF3ABFC072C9023B2162C59AA6E9C61DA6D4762DB6C6C7B4A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
17:16:34.0033 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
17:16:34.0048 0x0e88 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll
17:16:34.0048 0x0e88 C:\Windows\System32\UXInit.dll - ok
17:16:34.0048 0x0e88 [ 384721EF4024890092625E20CADFAF85, 32FB012437C271CA4408EC60E6858485C2F9489107BBDB7011F728A0D2A26D2C ] C:\Windows\SysWOW64\lpk.dll
17:16:34.0048 0x0e88 C:\Windows\SysWOW64\lpk.dll - ok
17:16:34.0048 0x0e88 [ 804AAAFEBB3AD5F49334DD906BCB1DE5, EB5DA86810D405555C84F4D452A604665250AB5D01714E0FBECF81CC8E791AC5 ] C:\Windows\SysWOW64\usp10.dll
17:16:34.0048 0x0e88 C:\Windows\SysWOW64\usp10.dll - ok
17:16:34.0048 0x0e88 [ 666A60F6F5E719856FF6254E0966EFF7, 58C072E7E215991E19C1CA062C476081982F7B9F039714539AE7FEB4981C200F ] C:\Windows\System32\wbem\wbemprox.dll
17:16:34.0048 0x0e88 C:\Windows\System32\wbem\wbemprox.dll - ok
17:16:34.0048 0x0e88 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll
17:16:34.0048 0x0e88 C:\Windows\SysWOW64\msvcrt.dll - ok
17:16:34.0064 0x0e88 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll
17:16:34.0064 0x0e88 C:\Windows\System32\rasplap.dll - ok
17:16:34.0064 0x0e88 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll
17:16:34.0064 0x0e88 C:\Windows\System32\rasapi32.dll - ok
17:16:34.0064 0x0e88 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll
17:16:34.0064 0x0e88 C:\Windows\System32\rasman.dll - ok
17:16:34.0064 0x0e88 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll
17:16:34.0064 0x0e88 C:\Windows\System32\rtutils.dll - ok
17:16:34.0064 0x0e88 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys
17:16:34.0064 0x0e88 C:\Windows\System32\drivers\fltMgr.sys - ok
17:16:34.0079 0x0e88 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL
17:16:34.0079 0x0e88 C:\Windows\System32\PSHED.DLL - ok
17:16:34.0079 0x0e88 [ 11338E0557B07BC32CDB980B6EDB35AA, E0B012FDDF40D280068C33BBC41CBF14E88E49FD237D61C455C6E69772ECFDAF ] C:\Windows\System32\ci.dll
17:16:34.0079 0x0e88 C:\Windows\System32\ci.dll - ok
17:16:34.0079 0x0e88 [ 95E2376B3323F062EB562B8586D0F14A, BD3FA8750123D00AA0967FBA44372C46EA002681DA9C9B77A4F9261553E26017 ] C:\Windows\SysWOW64\advapi32.dll
17:16:34.0079 0x0e88 C:\Windows\SysWOW64\advapi32.dll - ok
17:16:34.0079 0x0e88 [ C5AD8083CF94201F1F8084ECC696A8B7, 9F9A23DC2587E88C1BF671E9E147F134242002288E22E1C57881F3ED721F4296 ] C:\Windows\SysWOW64\rpcrt4.dll
17:16:34.0079 0x0e88 C:\Windows\SysWOW64\rpcrt4.dll - ok
17:16:34.0079 0x0e88 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll
17:16:34.0079 0x0e88 C:\Windows\SysWOW64\sechost.dll - ok
17:16:34.0079 0x0e88 [ EDA7AD21DF8945528F01F0A86D69E524, 8FF2CC12AF30F1DC367ABD19FA9CB0F42EC6EE820F6E755BEFCEFE952C22E2F6 ] C:\Windows\SysWOW64\sspicli.dll
17:16:34.0079 0x0e88 C:\Windows\SysWOW64\sspicli.dll - ok
17:16:34.0095 0x0e88 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll
17:16:34.0095 0x0e88 C:\Windows\SysWOW64\cryptbase.dll - ok
17:16:34.0095 0x0e88 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll
17:16:34.0095 0x0e88 C:\Windows\SysWOW64\ole32.dll - ok
17:16:34.0095 0x0e88 [ E1E264808A1D1FD2DA98BFFE1BC06BF7, 0AE239FD409662476CBD19CB44C13B29F7412DF73178AE4492BA04CECD56AB64 ] C:\Program Files\AVAST Software\Avast\aswCmnIS.dll
17:16:34.0095 0x0e88 C:\Program Files\AVAST Software\Avast\aswCmnIS.dll - ok
17:16:34.0095 0x0e88 [ B7EBC19A5B23D0D32FF014E30BE26061, 5695560A50ED9746696C0D647E55D77459F5981907C177D086DF36656A978B19 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\vcruntime140.dll
17:16:34.0095 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\vcruntime140.dll - ok
17:16:34.0095 0x0e88 [ EC0AA3C4FF18459BFB1B82DE937D23D9, 4ED288D500B857EA3D54C5DE6667B118CD9C0F357D7C24456657D42C01CA5AB7 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-runtime-l1-1-0.dll
17:16:34.0095 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-runtime-l1-1-0.dll - ok
17:16:34.0111 0x0e88 [ BFF9FF54D28A3023A6EEDF99DE29A80E, CAC19A17A6C508CF5956C189833D19EB42F56498B71AB48F0E831D41E5E1B55C ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\ucrtbase.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\ucrtbase.dll - ok
17:16:34.0111 0x0e88 [ 33BD41C9FD1B8E26F8720B53B9CA501D, 6FC8834A47120855FF4C4B22C65F95C882F2D14521BFE7364E364E23F90C1401 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-timezone-l1-1-0.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-timezone-l1-1-0.dll - ok
17:16:34.0111 0x0e88 [ DD9DB5BF928376A33E240BF95A5146DE, E2D92B763360E67FE86405406EFE91CB50ABD63C90A2248A471C7C282D302B4D ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-file-l2-1-0.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-file-l2-1-0.dll - ok
17:16:34.0111 0x0e88 [ EFA0BBA55EC4DE4057B7B42E90C21FDD, 5C1B03755BBA813B3A003E817FCC55926382B6987432B2B59C03D2A384813016 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-file-l1-2-0.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-file-l1-2-0.dll - ok
17:16:34.0111 0x0e88 [ 74D98BE08D4A7B340FFC853B77925718, AE26C0715060A2E5518871EB693C11C5EBFFA3AE25BADBE82C3562DF8E6587BB ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-localization-l1-2-0.dll
17:16:34.0111 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-localization-l1-2-0.dll - ok
17:16:34.0126 0x0e88 [ F828F2A3AC49EDAC87946559DB2384B4, EC712BDBBAE51875BD277CDFC45CCC8BA25A6020A96AB2731EDF4070E9FA1323 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-processthreads-l1-1-1.dll
17:16:34.0126 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-processthreads-l1-1-1.dll - ok
17:16:34.0126 0x0e88 [ 79C6C9048ACC2052959812DA2C20EEC3, F9A388AA8221D477A51C19A292E5BFEE1F1DFCE46D5FA87E9EA0C6EA3E6BE0CD ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-synch-l1-2-0.dll
17:16:34.0126 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-core-synch-l1-2-0.dll - ok
17:16:34.0126 0x0e88 [ 1144CB3D8FEF162BB166964EC1FDF053, 998B12349839F19F696982E7D9B92A5EA7AF4003713C68E83203626FF28D88F3 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-string-l1-1-0.dll
17:16:34.0126 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-string-l1-1-0.dll - ok
17:16:34.0126 0x0e88 [ 1174F628380F76BD2E5EB994311AE44E, A2232AE8144057DA28983CE7D47181AAEA37C21D0F2932B259FCC068E89C365A ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-heap-l1-1-0.dll
17:16:34.0126 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-heap-l1-1-0.dll - ok
17:16:34.0142 0x0e88 [ DB0EB179C661B8344A54657D74A65B2C, EAC8835D36D17A836506F79085AD10765F3E2C65E093B4BC3211C8451FB46982 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-stdio-l1-1-0.dll
17:16:34.0142 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-stdio-l1-1-0.dll - ok
17:16:34.0142 0x0e88 [ 6D419083DD1B8452553EB410EA041AEC, E0E52FF33378FC2A1DC2B9D6862D7E4092134691AD06E600049BDF5D93B25A07 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-convert-l1-1-0.dll
17:16:34.0142 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-convert-l1-1-0.dll - ok
17:16:34.0142 0x0e88 [ 951110BD181B4961BB51AAF30939EEF8, C80EDDEDE28368B9582707F8EAC2D16BFD071A71930BD50D67125DB293AC9FFF ] C:\Program Files\AVAST Software\Avast\aswCmnOS.dll
17:16:34.0142 0x0e88 C:\Program Files\AVAST Software\Avast\aswCmnOS.dll - ok
17:16:34.0142 0x0e88 [ A84A8A708751E2CB1F2BB117E9B7F390, F656F0F98CF2510F4E0FE5D5666643028A6B8BAC50BF553C0A464456C0E82934 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\msvcp140.dll
17:16:34.0142 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\msvcp140.dll - ok
17:16:34.0142 0x0e88 [ 7DB5AA22A8A8E5C2D335F44853C1F6DE, A734A20357026C42950394682A52CBC3AF956D09F1949E1B4E95467E999BC428 ] C:\Windows\System32\wbemcomn.dll
17:16:34.0142 0x0e88 C:\Windows\System32\wbemcomn.dll - ok
17:16:34.0157 0x0e88 [ 09B011350B65FAECBE45CE5CEE01E2DB, 7D4778631D45245EEC2313B86E437E8884652896062F841790AAAFE1EA0E38D4 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-locale-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-locale-l1-1-0.dll - ok
17:16:34.0157 0x0e88 [ 12A705FE511BE63C516A05A86C3AD8AA, AABD2854EF538165756CC8ABF30FB0CBDA78D750A947EC4C41FCB218FAFC91DC ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-math-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-math-l1-1-0.dll - ok
17:16:34.0157 0x0e88 [ F0B0503CE5E1F054E10C30C722AA740F, 871F3F68C95A3E44A7F2824AD74CE7DDCDCB6FDB297650E5FFCE02F5EF63BB9D ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-multibyte-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-multibyte-l1-1-0.dll - ok
17:16:34.0157 0x0e88 [ 55BB6F17B7605177A81CFCAD9903CA2D, BB630FB36EA731271BE646A7660D05274A63EBF3CB66F1B31FF81E23C6247378 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-time-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-time-l1-1-0.dll - ok
17:16:34.0157 0x0e88 [ 38FAF01FB981E08EF8D5883DED56445B, 24E4980830A1CD2CAF8EAC119FAFA89A4ACDB6D06ED4813F181ADBE782D4D9CE ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-filesystem-l1-1-0.dll
17:16:34.0157 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-filesystem-l1-1-0.dll - ok
17:16:34.0173 0x0e88 [ 4C6833272D37ADD07A6B24C8AC1DD355, 95A6CED27526C21FC9911CE6389C298BBD1C4B1B6324DAF7DCCB69EFCFD481D3 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-environment-l1-1-0.dll
17:16:34.0173 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-environment-l1-1-0.dll - ok
17:16:34.0173 0x0e88 [ 57218001BDC41A78C2085800F53CCD5E, A0A4CE7CDFCF76B237001D481A81BD3E49EDEC64202FBB62C41114FB6CAA6806 ] C:\Program Files\AVAST Software\Avast\log.dll
17:16:34.0173 0x0e88 C:\Program Files\AVAST Software\Avast\log.dll - ok
17:16:34.0173 0x0e88 [ E13BBE799504E9691F6BA38DEB9FA939, ACEB693AA242F3B470CE184DAAC751A953DD681F21AE6609179E2C963DA052A9 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-utility-l1-1-0.dll
17:16:34.0173 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-utility-l1-1-0.dll - ok
17:16:34.0173 0x0e88 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll
17:16:34.0173 0x0e88 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok
17:16:34.0173 0x0e88 [ DC52DB637B27E2004237B4FAC7CAEF69, F17A993A2EE5C33BF6AAEABB51A12CBBC8CD76803FB5C44C277027E094DC5667 ] C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosIndicator.exe
17:16:34.0173 0x0e88 C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosIndicator.exe - ok
17:16:34.0189 0x0e88 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll
17:16:34.0189 0x0e88 C:\Windows\System32\imageres.dll - ok
17:16:34.0189 0x0e88 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll
17:16:34.0189 0x0e88 C:\Windows\SysWOW64\shlwapi.dll - ok
17:16:34.0189 0x0e88 [ 805210C42535771C115364140F7927E0, 31EDF7EFBAE58BCCE5DB45B154A67A4B0F455729A10B5C9E709305542CB02127 ] C:\Program Files\AVAST Software\Avast\ashbase.dll
17:16:34.0189 0x0e88 C:\Program Files\AVAST Software\Avast\ashbase.dll - ok
17:16:34.0189 0x0e88 [ D83947A58613E9091B4C9CC0F1546A8D, C71DF6E18E2099FC462717B8658D39C607A62C7E7A1E5CD0E258C17434535AD0 ] C:\Windows\SysWOW64\mscoree.dll
17:16:34.0189 0x0e88 C:\Windows\SysWOW64\mscoree.dll - ok
17:16:34.0189 0x0e88 [ F5DF6846F30E9F54EA60CCAEB3FB2055, 07B71E3AA36F90D3D6B60D56F51A524AC769DFD1233BADB76B65874C7BCC5083 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
17:16:34.0189 0x0e88 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
17:16:34.0204 0x0e88 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\imm32.dll - ok
17:16:34.0204 0x0e88 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\msctf.dll - ok
17:16:34.0204 0x0e88 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\ws2_32.dll - ok
17:16:34.0204 0x0e88 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\wsock32.dll - ok
17:16:34.0204 0x0e88 [ 1295338CFE6F249823EF9BC8D4368A84, DC59B56249F273F8B100A31CE760CFBB3130F2DAFDDF55361CFF23DC7CD73E03 ] C:\Windows\SysWOW64\crypt32.dll
17:16:34.0204 0x0e88 C:\Windows\SysWOW64\crypt32.dll - ok
17:16:34.0220 0x0e88 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll
17:16:34.0220 0x0e88 C:\Windows\SysWOW64\nsi.dll - ok
17:16:34.0220 0x0e88 [ A543AC1F7138376D778D630A35FCBC4C, 2D824C66A97FC8C39DAFA397CC47495B712D175EEF393486946DA8936BDD466A ] C:\Windows\SysWOW64\psapi.dll
17:16:34.0220 0x0e88 C:\Windows\SysWOW64\psapi.dll - ok
17:16:34.0220 0x0e88 [ A7D79E9F660340AB20CD73F12910985F, FE2BEB8584D7F4757C21B40646C32CB1704FA2E22149269FC9521E49506CA0EB ] C:\Windows\SysWOW64\wintrust.dll
17:16:34.0220 0x0e88 C:\Windows\SysWOW64\wintrust.dll - ok
17:16:34.0220 0x0e88 [ 4552F8F61A7975C2359D19673483604D, 781026AA232CAF96C13A1F231B92CC10B701FAB4C00A91D3A932F146FBFD51BC ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
17:16:34.0220 0x0e88 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
17:16:34.0220 0x0e88 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
17:16:34.0220 0x0e88 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
17:16:34.0235 0x0e88 [ 29E9794708DF51DB5DC89FB2E903A0F6, 28EC3277102623A3562805E714A658197B9D04518EDF5DE028C0CF00BFC8EC5E ] C:\Windows\SysWOW64\shell32.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\shell32.dll - ok
17:16:34.0235 0x0e88 [ 4691CF792835B106F326ABEAB6D72FA9, B1FD0D4FF282F69491F926CB8A3E881D41D1A0B2D740B78DCD646E012A019D4D ] C:\Program Files\AVAST Software\Avast\CommChannel.dll
17:16:34.0235 0x0e88 C:\Program Files\AVAST Software\Avast\CommChannel.dll - ok
17:16:34.0235 0x0e88 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\msasn1.dll - ok
17:16:34.0235 0x0e88 [ CA9F7888B524D8100B977C81F44C3234, 57F3353F89724147D8AC8B69B12C1303DF26978309776F5F8CCF074526A915D3 ] C:\Windows\SysWOW64\winhttp.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\winhttp.dll - ok
17:16:34.0235 0x0e88 [ FB19FC5951A88F3C523E35C2C98D23C0, FF0DB8BF0C68DA0D09272E8181D2B5409C8850BB2F31AEA3AC4CD14C5A420A59 ] C:\Windows\SysWOW64\webio.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\webio.dll - ok
17:16:34.0235 0x0e88 [ B40420876B9288E0A1C8CCA8A84E5DC9, 0D3C73B45BC708D7B1E26DFB6D4F64031A998548FEA0FB5CE198ED716F7DC9A0 ] C:\Windows\SysWOW64\dnsapi.dll
17:16:34.0235 0x0e88 C:\Windows\SysWOW64\dnsapi.dll - ok
17:16:34.0251 0x0e88 [ F1DF7A6EC90DF8576F48155F117DB3EA, 94383C0F31A44E2713FD32A7BF9222EC937BB5F08771997AFE0727F8BE27AAAF ] C:\Program Files\AVAST Software\Avast\avastIP.dll
17:16:34.0251 0x0e88 C:\Program Files\AVAST Software\Avast\avastIP.dll - ok
17:16:34.0251 0x0e88 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
17:16:34.0251 0x0e88 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
17:16:34.0251 0x0e88 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll
17:16:34.0251 0x0e88 C:\Windows\SysWOW64\winnsi.dll - ok
17:16:34.0251 0x0e88 [ B1E4F9B0A1954765571EED3793AF201E, 04CCC15ECD2E795724E80113C7858B9E7F4F6E07845C19E50C05901F86F14435 ] C:\Program Files\AVAST Software\Avast\aswEngLdr.dll
17:16:34.0251 0x0e88 C:\Program Files\AVAST Software\Avast\aswEngLdr.dll - ok
17:16:34.0251 0x0e88 [ 10FB16B50AFFDA6D44588F3C445DC273, 6CDA17DA9B44D11E69F7C6682FA633EA75731623BB21B429A0FE2086ED4495A7 ] C:\Windows\SysWOW64\setupapi.dll
17:16:34.0251 0x0e88 C:\Windows\SysWOW64\setupapi.dll - ok
17:16:34.0267 0x0e88 [ F436E847FA799ECD75AD8C313673F450, 3C8BF3F0C08C7FA8DE5CD9C60AD9D00B742E84EB1FEBEEBA0F7159844BAAA471 ] C:\Windows\SysWOW64\cfgmgr32.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\cfgmgr32.dll - ok
17:16:34.0267 0x0e88 [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\oleaut32.dll - ok
17:16:34.0267 0x0e88 [ 2EEFF4502F5E13B1BED4A04CCAD64C08, 209FF1B6D46D1AC99518FCF54F2F726143B2DBF2C5FDA90212FBEF7526F7CBF5 ] C:\Windows\SysWOW64\devobj.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\devobj.dll - ok
17:16:34.0267 0x0e88 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\version.dll - ok
17:16:34.0267 0x0e88 [ 8E87270C4704CF2951E1E7820D6C8A2B, 9018F87B323FD25D7E366F4F0F5C9796BFE54663367CE878F62B0973AFC9C3C8 ] C:\Windows\SysWOW64\wininet.dll
17:16:34.0267 0x0e88 C:\Windows\SysWOW64\wininet.dll - ok
17:16:34.0282 0x0e88 [ C516284DE6DB833E77CC0E5217CDC6AA, E2ACA3FA0F4352AE90C25541577FF8DAB826754F5024B9F25EB5419EBEA58F14 ] C:\Windows\SysWOW64\iertutil.dll
17:16:34.0282 0x0e88 C:\Windows\SysWOW64\iertutil.dll - ok
17:16:34.0282 0x0e88 [ 1408CF9B0DD2AAA80D8E7087C8A2E3BC, 7431A104AF720AA2E731A80ECAAC1E0048D3EE392FEECFF5321B1018AF521647 ] C:\Windows\SysWOW64\urlmon.dll
17:16:34.0282 0x0e88 C:\Windows\SysWOW64\urlmon.dll - ok
17:16:34.0282 0x0e88 [ 5C5E3AFD499E5146FEF1DA5EF8A23205, 9A26FFAFFB26FA6549C6DA75F76238A903CA723F9DAD356FBA8D91067FE312FD ] C:\Program Files\AVAST Software\Avast\dbghelp.dll
17:16:34.0282 0x0e88 C:\Program Files\AVAST Software\Avast\dbghelp.dll - ok
17:16:34.0282 0x0e88 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll
17:16:34.0282 0x0e88 C:\Windows\SysWOW64\profapi.dll - ok
17:16:34.0282 0x0e88 [ C2335D714EFAFFFB4C7A3C164F2024B1, 36322B07FAD05A396642F3A349B48080076C23CFB4E95BABE284F6F7CBE5209D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll
17:16:34.0282 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\acfc1391e45fedd2a359778ea57d914c\mscorlib.ni.dll - ok
17:16:34.0298 0x0e88 [ DDA80A34B13954E47E599F2F72F68E74, 45591518008A410623B6D9BD5639A4D1A5687697D74DE2A09E5BAB722574B571 ] C:\Program Files\AVAST Software\Avast\aswProperty.dll
17:16:34.0298 0x0e88 C:\Program Files\AVAST Software\Avast\aswProperty.dll - ok
17:16:34.0298 0x0e88 [ 6A6B2EE4565A178035BE2A4FF6F2C968, E2E231F1C2E2CE19583483ACC53318651FA7CA2DE46BCB89B4CBF97CA0525122 ] C:\Windows\SysWOW64\wtsapi32.dll
17:16:34.0298 0x0e88 C:\Windows\SysWOW64\wtsapi32.dll - ok
17:16:34.0298 0x0e88 [ B6C99FCE5C4FF4823D86F24A81526CAE, CD3D0F64BEB39ACA1A8EC1BF1550D85B3E5173C33791623C477ECAB3D05B5FDB ] C:\Program Files\AVAST Software\Avast\1033\Base.dll
17:16:34.0298 0x0e88 C:\Program Files\AVAST Software\Avast\1033\Base.dll - ok
17:16:34.0298 0x0e88 [ BCD8EAF0F0BE5A705966780FEB94FC14, 712E53E88455890938A2EFF1338D4DC54E5B3B3B9E05D6525C0AB7F8DD7BBD00 ] C:\Program Files\AVAST Software\Avast\ssleay32.dll
17:16:34.0298 0x0e88 C:\Program Files\AVAST Software\Avast\ssleay32.dll - ok
17:16:34.0298 0x0e88 [ 9B433CFD5C619F2AE1132BFC0258F56C, 1F34B382FEDC5D4748CAEA64F12D596FC665107F4292D3AA0E4315A3D8F5D8CE ] C:\Program Files\AVAST Software\Avast\libeay32.dll
17:16:34.0298 0x0e88 C:\Program Files\AVAST Software\Avast\libeay32.dll - ok
17:16:34.0298 0x0e88 [ 169E83A575465D4AB1E727808FF89855, 27E06BF23B048D17389158BE48DB187E8A1C682172FF5ABB04C8A333C744B637 ] C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-conio-l1-1-0.dll
17:16:34.0298 0x0e88 C:\Windows\winsxs\x86_avast.vc140.crt_fcc99ee6193ebbca_14.0.23918.0_none_9b756b1a36307bc0\api-ms-win-crt-conio-l1-1-0.dll - ok
17:16:34.0313 0x0e88 [ 7321F18D1F820612ED0E9F2D4B578A7E, 612BD7DE1DFBD100BD6ACB37A38565D88C39842D990D296B9B8E1FB75C3A94E7 ] C:\Windows\SysWOW64\cryptsp.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\cryptsp.dll - ok
17:16:34.0313 0x0e88 [ 8CE1A6D16B9077E91E192499EB611C5F, 68BB66B40383F7CA04F314FECC12A346914139A64F72CAE791B882B6CB8DC314 ] C:\Windows\SysWOW64\netapi32.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\netapi32.dll - ok
17:16:34.0313 0x0e88 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\netutils.dll - ok
17:16:34.0313 0x0e88 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\srvcli.dll - ok
17:16:34.0313 0x0e88 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll
17:16:34.0313 0x0e88 C:\Windows\SysWOW64\wkscli.dll - ok
17:16:34.0329 0x0e88 [ AC80DD9EE6FC380758A382D883FD868A, C0C93E4A5353E35C0D519C56D10F328BB8862E177FF9151860671D4D1E475411 ] C:\Program Files\AVAST Software\Avast\ashServ.dll
17:16:34.0329 0x0e88 C:\Program Files\AVAST Software\Avast\ashServ.dll - ok
17:16:34.0329 0x0e88 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll
17:16:34.0329 0x0e88 C:\Windows\System32\shsvcs.dll - ok
17:16:34.0329 0x0e88 [ ED8EC63F7522DF4852147C84EC62C36A, 75633011CD28DCBD4834211A9D415F17DE15BFCD80FB9FF6CE25CBBD4E9899AF ] C:\Windows\SysWOW64\rsaenh.dll
17:16:34.0329 0x0e88 C:\Windows\SysWOW64\rsaenh.dll - ok
17:16:34.0329 0x0e88 [ D142DA59ED3800A12386123848F28A51, A877DF21602CD30A1F26EE8194BC95F20E23B5A540453884B36BCDC0F393E8DD ] C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
17:16:34.0329 0x0e88 C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll - ok
17:16:34.0329 0x0e88 [ 03334C77BDF15ACD094E4CE2A6457838, FA46758CEF9D834A08794101F2B766ED3603A3F1E0E1D1FB53221B32D067A5BD ] C:\Program Files\AVAST Software\Avast\Aavm4h.dll
17:16:34.0329 0x0e88 C:\Program Files\AVAST Software\Avast\Aavm4h.dll - ok
17:16:34.0345 0x0e88 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] C:\Windows\System32\drivers\fastfat.sys
17:16:34.0345 0x0e88 C:\Windows\System32\drivers\fastfat.sys - ok
17:16:34.0345 0x0e88 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll
17:16:34.0345 0x0e88 C:\Windows\System32\fveapi.dll - ok
17:16:34.0345 0x0e88 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll
17:16:34.0345 0x0e88 C:\Windows\System32\fvecerts.dll - ok
17:16:34.0345 0x0e88 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll
17:16:34.0345 0x0e88 C:\Windows\System32\tbs.dll - ok
17:16:34.0345 0x0e88 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] C:\Windows\System32\drivers\cdfs.sys
17:16:34.0345 0x0e88 C:\Windows\System32\drivers\cdfs.sys - ok
17:16:34.0345 0x0e88 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll
17:16:34.0345 0x0e88 C:\Windows\System32\wiarpc.dll - ok
17:16:34.0360 0x0e88 [ 90F14FB9AD3D094167D2DA235538C6E1, 0924518141E7425A26FC0C981FB7A69F4CD7469B173D5B3A092808526E89633D ] C:\Program Files\AVAST Software\Avast\AavmRpch.dll
17:16:34.0360 0x0e88 C:\Program Files\AVAST Software\Avast\AavmRpch.dll - ok
17:16:34.0360 0x0e88 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll
17:16:34.0360 0x0e88 C:\Windows\System32\actxprxy.dll - ok
17:16:34.0360 0x0e88 [ D15618A0FF8DBC2C5BF3726BACC75A0B, ADD81EA1D208907D67802F0E96EC0327BA89021F870BA22B9C7E3A19013A6AE7 ] C:\Windows\SysWOW64\userenv.dll
17:16:34.0360 0x0e88 C:\Windows\SysWOW64\userenv.dll - ok
17:16:34.0360 0x0e88 [ 76DD41C0EEBBA165DC70D8716B243FAF, D3E2F4275B7E42DD89D6CCB9958E87BDED03A358EFF3AA8A94695B7B54075D19 ] C:\Program Files\AVAST Software\Avast\ashTask.dll
17:16:34.0360 0x0e88 C:\Program Files\AVAST Software\Avast\ashTask.dll - ok
17:16:34.0360 0x0e88 [ 51642F4281155298282A05C3DB6A7238, 33D5FD5ABCF2E4BE01360F7628E6C74FD051FA83647691CE28CD13FF9A76C5CA ] C:\Program Files\AVAST Software\Avast\aswAux.dll
17:16:34.0360 0x0e88 C:\Program Files\AVAST Software\Avast\aswAux.dll - ok
17:16:34.0376 0x0e88 [ B2ED8ECD5371B5E28E724894C18E1CBB, C1EFB13F9EA57EE7F8C1526EA278AEA18D0766A00D4E8ADFAA1E7B61473E235D ] C:\Program Files\AVAST Software\Avast\aswLog.dll
17:16:34.0376 0x0e88 C:\Program Files\AVAST Software\Avast\aswLog.dll - ok
17:16:34.0376 0x0e88 [ F4AC4469BE8734716222AE60F928EDFB, 16F55BDF1B2F00A4DFC4F3AAF5D40EC506D249170B368CFE69020068E1758CA9 ] C:\Program Files\AVAST Software\Avast\aswSqLt.dll
17:16:34.0376 0x0e88 C:\Program Files\AVAST Software\Avast\aswSqLt.dll - ok
17:16:34.0376 0x0e88 [ 9A2CBBDB6D3A0D000E7F98CEF3FE7AAC, 96980FD5D33DB372933727563CC9ABB7C0BDDA9EE3B7933FF5042A0632ABD356 ] C:\Program Files\AVAST Software\Avast\ashTaskEx.dll
17:16:34.0376 0x0e88 C:\Program Files\AVAST Software\Avast\ashTaskEx.dll - ok
17:16:34.0376 0x0e88 [ 0FBC5BEC87E89074FB0EC620924BB380, DF16CEDBC6E46A8C8755EEA75FC0B53DCFB25F1429C5BD5D4069DBE485FB062B ] C:\Program Files\AVAST Software\Avast\aswStrm.dll
17:16:34.0376 0x0e88 C:\Program Files\AVAST Software\Avast\aswStrm.dll - ok
17:16:34.0376 0x0e88 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll
17:16:34.0376 0x0e88 C:\Windows\System32\schedsvc.dll - ok
17:16:34.0391 0x0e88 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll
17:16:34.0391 0x0e88 C:\Windows\SysWOW64\RpcRtRemote.dll - ok
17:16:34.0391 0x0e88 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll
17:16:34.0391 0x0e88 C:\Windows\System32\ktmw32.dll - ok
17:16:34.0391 0x0e88 [ D2BC4553B099DBDB5CB6BB4B8B731251, 78A4734E266C766C1D57970CF0307092BD0B02C069DAE468EEE5D6C404609F81 ] C:\Program Files\AVAST Software\Avast\event_manager.dll
17:16:34.0391 0x0e88 C:\Program Files\AVAST Software\Avast\event_manager.dll - ok
17:16:34.0391 0x0e88 [ A8CDF3768604FF95B54669E20053D569, 2DB85B86C839341F2A879A6D25F787D17EE665D425C1BAC3E1F82BAC61F89F94 ] C:\Windows\SysWOW64\wscapi.dll
17:16:34.0391 0x0e88 C:\Windows\SysWOW64\wscapi.dll - ok
17:16:34.0391 0x0e88 [ 8258362DDB18B644A82D8B5061AD9426, 87CA586B2B1B0089BFF6A259A0743D184AE383B3B12C4BC5986D72ADFFBE9EDA ] C:\Windows\SysWOW64\wscisvif.dll
17:16:34.0391 0x0e88 C:\Windows\SysWOW64\wscisvif.dll - ok
17:16:34.0407 0x0e88 [ 317454337F9279341FF0EFEBC1E5A664, 9A6D0E53BB874105FAF3632E901A0D7FDF1411F214E3671E3AA5595BA3017A57 ] C:\Program Files\AVAST Software\Avast\event_manager_burger.dll
17:16:34.0407 0x0e88 C:\Program Files\AVAST Software\Avast\event_manager_burger.dll - ok
17:16:34.0407 0x0e88 [ 14F9C67EB950F86D465FD051C3355B34, 234BD5E0D4791B9CEE2F4113DCEA66621BFE4CA52BFAA0B93DB8D6FBA4405615 ] C:\Program Files\AVAST Software\Avast\burger_client.dll
17:16:34.0407 0x0e88 C:\Program Files\AVAST Software\Avast\burger_client.dll - ok
17:16:34.0407 0x0e88 [ 2166C7A753159F54D70BABF2BAC6CB47, 4DB831875075AC128F990A6657126A2D0FAF48E93C6C2F3C306CCBD90AB567C4 ] C:\Program Files\AVAST Software\Avast\gamification.dll
17:16:34.0407 0x0e88 C:\Program Files\AVAST Software\Avast\gamification.dll - ok
17:16:34.0407 0x0e88 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll
17:16:34.0407 0x0e88 C:\Windows\System32\taskcomp.dll - ok
17:16:34.0407 0x0e88 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys
17:16:34.0407 0x0e88 C:\Windows\System32\drivers\http.sys - ok
17:16:34.0423 0x0e88 [ D162ECD90FA8B9BF1358033C207678D3, 60C82FD5E26B1118FBDF7C287B8BBC45D0ACB3E2E24E5CE4A1EDB8186805C61E ] C:\Program Files\AVAST Software\Avast\event_manager_ga.dll
17:16:34.0423 0x0e88 C:\Program Files\AVAST Software\Avast\event_manager_ga.dll - ok
17:16:34.0423 0x0e88 [ B96C17B5DC1424D56EEA3A99E97428CD, AF0A85066A7983878DC1C663811CE61C6CA1912DC956184F878B7B82DB93C651 ] C:\Windows\System32\spoolsv.exe
17:16:34.0423 0x0e88 C:\Windows\System32\spoolsv.exe - ok
17:16:34.0423 0x0e88 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe
17:16:34.0423 0x0e88 C:\Windows\System32\taskeng.exe - ok
17:16:34.0423 0x0e88 [ F93674263F6B07C77956E966953242D9, 0BEE8864DB2925A2B3B7CD76FCF9A4CA3757F4E4670BB2C3A3105D5A591740CB ] C:\Windows\SysWOW64\secur32.dll
17:16:34.0423 0x0e88 C:\Windows\SysWOW64\secur32.dll - ok
17:16:34.0423 0x0e88 [ B92553A8B970F10A543F1C2584C2B323, 63585EFC2C80880569E7238FE1A5BFDD09E011869923B1D0EFD0312C46EBE654 ] C:\Program Files\AVAST Software\Avast\lim.dll
17:16:34.0423 0x0e88 C:\Program Files\AVAST Software\Avast\lim.dll - ok
17:16:34.0438 0x0e88 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL
17:16:34.0438 0x0e88 C:\Windows\System32\BFE.DLL - ok
17:16:34.0438 0x0e88 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys
17:16:34.0438 0x0e88 C:\Windows\System32\drivers\bowser.sys - ok
17:16:34.0438 0x0e88 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys
17:16:34.0438 0x0e88 C:\Windows\System32\drivers\mpsdrv.sys - ok
17:16:34.0438 0x0e88 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys
17:16:34.0438 0x0e88 C:\Windows\System32\drivers\mrxsmb.sys - ok
17:16:34.0438 0x0e88 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys
17:16:34.0438 0x0e88 C:\Windows\System32\drivers\mrxsmb10.sys - ok
17:16:34.0438 0x0e88 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll
17:16:34.0454 0x0e88 C:\Windows\System32\MPSSVC.dll - ok
17:16:34.0454 0x0e88 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
17:16:34.0454 0x0e88 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
17:16:34.0454 0x0e88 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys
17:16:34.0454 0x0e88 C:\Windows\System32\drivers\mrxsmb20.sys - ok
17:16:34.0454 0x0e88 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll
17:16:34.0454 0x0e88 C:\Windows\System32\wkssvc.dll - ok
17:16:34.0454 0x0e88 [ 4F5414602E2544A4554D95517948B705, 50121AD32ACF73F541DF3B655020F7B610B3E7B5E8C7B39D37D5958F28CB376E ] C:\Windows\System32\cryptsvc.dll
17:16:34.0454 0x0e88 C:\Windows\System32\cryptsvc.dll - ok
17:16:34.0454 0x0e88 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] C:\Windows\System32\dps.dll
17:16:34.0454 0x0e88 C:\Windows\System32\dps.dll - ok
17:16:34.0469 0x0e88 [ A629E4799D4CD6361D1B5D573EA5C2CD, 0D62557BA9C081A3304C898FAADD596ED33271D266291917E1CCBA6A0D52F901 ] C:\Windows\System32\drivers\aswHwid.sys
17:16:34.0469 0x0e88 C:\Windows\System32\drivers\aswHwid.sys - ok
17:16:34.0469 0x0e88 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll
17:16:34.0469 0x0e88 C:\Windows\System32\wfapigp.dll - ok
17:16:34.0469 0x0e88 [ 1D817D77C8EB600AB311AAC8E68B5A1A, A590C06EA3D8E5B7DC936887DE6BD6FABED2C03ADA69A6318E3ABC23A33827AC ] C:\Windows\System32\cryptnet.dll
17:16:34.0469 0x0e88 C:\Windows\System32\cryptnet.dll - ok
17:16:34.0469 0x0e88 [ 0E2F58F6E698EDCB9E58FAD0CBCD0567, 426FB40A065FEF61980C803EF72D0D326C623340C3AE99CA8AFFDEFB81E8D49D ] C:\Windows\System32\vssapi.dll
17:16:34.0469 0x0e88 C:\Windows\System32\vssapi.dll - ok
17:16:34.0469 0x0e88 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll
17:16:34.0469 0x0e88 C:\Windows\System32\taskschd.dll - ok
17:16:34.0485 0x0e88 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll
17:16:34.0485 0x0e88 C:\Windows\System32\mscms.dll - ok
17:16:34.0485 0x0e88 [ 287923557447D7E4BDD7E65B1F0F5428, 14D85A0F036F28D77AA9723C3D7E8C4DA9BDFF8A1AD9BEA6FE5756DBF5D00F08 ] C:\Windows\System32\vsstrace.dll
17:16:34.0485 0x0e88 C:\Windows\System32\vsstrace.dll - ok
17:16:34.0485 0x0e88 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll
17:16:34.0485 0x0e88 C:\Windows\System32\pcasvc.dll - ok
17:16:34.0485 0x0e88 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe
17:16:34.0485 0x0e88 C:\Windows\System32\snmptrap.exe - ok
17:16:34.0485 0x0e88 [ 1B9100ACCFC9FD8B1D991F4BB80EC401, 9A6EEC7A052C02FBA6FC6B675BA5C5FBD0C6CE796AAB2F534150E6D170E1D568 ] C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe
17:16:34.0485 0x0e88 C:\Program Files (x86)\Giraffic\Veoh_GirafficWatchdog.exe - ok
17:16:34.0501 0x0e88 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] C:\Windows\System32\FDResPub.dll
17:16:34.0501 0x0e88 C:\Windows\System32\FDResPub.dll - ok
17:16:34.0501 0x0e88 [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll
17:16:34.0501 0x0e88 C:\Windows\System32\WSDApi.dll - ok
17:16:34.0501 0x0e88 [ 10EAB90C1AE8271B5FE5A8930987EE5C, 53E72964AA75526B161F859A509CB046809AE47C65DC998F0E49AC8AED9066EA ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll
17:16:34.0501 0x0e88 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok
17:16:34.0501 0x0e88 [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll
17:16:34.0501 0x0e88 C:\Windows\System32\webservices.dll - ok
17:16:34.0501 0x0e88 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll
17:16:34.0501 0x0e88 C:\Windows\System32\sstpsvc.dll - ok
17:16:34.0516 0x0e88 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll
17:16:34.0516 0x0e88 C:\Windows\System32\fundisc.dll - ok
17:16:34.0516 0x0e88 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll
17:16:34.0516 0x0e88 C:\Windows\System32\provsvc.dll - ok
17:16:34.0516 0x0e88 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll
17:16:34.0516 0x0e88 C:\Windows\SysWOW64\dbghelp.dll - ok
17:16:34.0516 0x0e88 [ 58F4493BF748A3A89689997B7BD00E95, EC5DEEC73E357C7C87B001275C4E635011A9CF39419F2B86E2C2B8D7E388C551 ] C:\Windows\System32\winhttp.dll
17:16:34.0516 0x0e88 C:\Windows\System32\winhttp.dll - ok
17:16:34.0516 0x0e88 [ 603EBD34E216C5654A2D774EAC98D278, ACE0171BB780DB2C1B1A8BF6FA8CF51C529D7E09141FA504C7199AF764FD9A36 ] C:\Windows\System32\webio.dll
17:16:34.0516 0x0e88 C:\Windows\System32\webio.dll - ok
17:16:34.0516 0x0e88 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll
17:16:34.0516 0x0e88 C:\Windows\SysWOW64\Wldap32.dll - ok
17:16:34.0532 0x0e88 [ 83C982A395D00BAFF6515FB38424EA76, 0E1B66F84A483D47550347D4A9426B95A066DB5104C4284F606A16768A11DB0C ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe
17:16:34.0532 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe - ok
17:16:34.0532 0x0e88 [ FCD84C381E0140AF901E58D48882D26B, 76955FFC230C801E8ED890E32076075F04CD6E5EC79E594FDE6D23797A36B406 ] C:\Windows\System32\IKEEXT.DLL
17:16:34.0532 0x0e88 C:\Windows\System32\IKEEXT.DLL - ok
17:16:34.0532 0x0e88 [ BCEA9AB347E53BC03B2E36BE0B8BA0EF, 868DEFB78767E91694E83F931725257DF3FF79A4BFED3B914D27F3493EB7A8D0 ] C:\Windows\System32\httpapi.dll
17:16:34.0532 0x0e88 C:\Windows\System32\httpapi.dll - ok
17:16:34.0532 0x0e88 [ 8999B8631C7FD9F7F9EC3CAFD953BA24, 4E96D3EACCB1EF7DC429CAF433C2D4A0A129333B9AB10A05C32CA33C67DC26FA ] C:\Windows\SysWOW64\mswsock.dll
17:16:34.0532 0x0e88 C:\Windows\SysWOW64\mswsock.dll - ok
17:16:34.0532 0x0e88 [ 0B7E85364CB878E2AD531DB7B601A9E5, F5AD3018427F1CD68450EE5CB55AA9572546322580E0FB1E7888702A291C2380 ] C:\Windows\SysWOW64\NapiNSP.dll
17:16:34.0532 0x0e88 C:\Windows\SysWOW64\NapiNSP.dll - ok
17:16:34.0547 0x0e88 [ 104A1070E90F1C530328E69B49718841, C5EBDD404F92E185467C390CC30DB4BD7BE0193536DD5708277662D4B0EA38D1 ] C:\Windows\SysWOW64\nlaapi.dll
17:16:34.0547 0x0e88 C:\Windows\SysWOW64\nlaapi.dll - ok
17:16:34.0547 0x0e88 [ 5CF640EDDB1E40A5AB1BB743BCDEC610, 0313AA3F713C9F5B84DBB0B4DE78A96B173E9F7B4CF61C10FDC7DAE952DB04E5 ] C:\Windows\SysWOW64\pnrpnsp.dll
17:16:34.0547 0x0e88 C:\Windows\SysWOW64\pnrpnsp.dll - ok
17:16:34.0547 0x0e88 [ 12B79422A23814429CDA9E734C58F78F, 88D8EBB4815896921ED88BC46E8C37844FB8C62CD05F507BFCF9825EBC9607DE ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
17:16:34.0547 0x0e88 C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
17:16:34.0547 0x0e88 [ 5DF5D8CFD9B9573FA3B2C89D9061A240, 990EA273B640DF2D7E800C0CFF18550259C605A4951CD82CD9F1E7B6FF0C9533 ] C:\Windows\SysWOW64\winrnr.dll
17:16:34.0547 0x0e88 C:\Windows\SysWOW64\winrnr.dll - ok
17:16:34.0547 0x0e88 [ ED6EE83D61EBC683C2CD8E899EA6FEBE, F82592908D038C44D9F2E5C5B7BC663A2D370FC565F40420E1138A9E55F0E7EB ] C:\Windows\SysWOW64\rasadhlp.dll
17:16:34.0547 0x0e88 C:\Windows\SysWOW64\rasadhlp.dll - ok
17:16:34.0563 0x0e88 [ EE5C8E27C37B79CB54A2FCEEED2DC262, 0A5E200FD65A491756B951A4A0ED39B88B7B313E97C2BBF3C91AC4C290772BB7 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
17:16:34.0563 0x0e88 C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
17:16:34.0563 0x0e88 [ 77B5035BC6EDF4D1B6265391AECEE4C0, FE69B715F04446BD42AF1B672E6AC54E954CFE0C847BFD2056CB11CF017B1844 ] C:\Windows\System32\vpnikeapi.dll
17:16:34.0563 0x0e88 C:\Windows\System32\vpnikeapi.dll - ok
17:16:34.0563 0x0e88 [ B3273340603058E7E89964ABEEA0AA4B, 5AB86C45636CBB3A1F5B6E45D0E2371AACF66C8D990456AAA9F7FBFF58F4D673 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll
17:16:34.0563 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamsrv.dll - ok
17:16:34.0563 0x0e88 [ A8FCEB6261751B709A84CE4A3726439F, E3A6D61A625DD9FCC53D8037287666F2F02D74100BAA4A14D9E81B50622ED838 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\Qt5Core.dll
17:16:34.0563 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\Qt5Core.dll - ok
17:16:34.0563 0x0e88 [ 650F2286252C8854AC5846940D181D3A, 636B3050F412041415326D91C36407A952AF7E04024B2BB885177D23095555C7 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcp100.dll
17:16:34.0563 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcp100.dll - ok
17:16:34.0579 0x0e88 [ B9A8CBCFCD3EC9D2EA4740AF347BF108, 97FA304E3880BC863D999F441AE47CB8ADF00D2DEC2A52ACD8FBD02CC096786A ] C:\Windows\SysWOW64\mpr.dll
17:16:34.0579 0x0e88 C:\Windows\SysWOW64\mpr.dll - ok
17:16:34.0579 0x0e88 [ 005F96C221719C03671C0262A4A93521, 2B2B71887F1889BB7E716477A7E1778707AC22E7FA0876BAE3F0BC4EFF3EDEDE ] C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcr100.dll
17:16:34.0579 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\msvcr100.dll - ok
17:16:34.0579 0x0e88 [ 51B5BEA5015B2E37C4F4D496441F8369, 8D2C0C7CB9F3C9687354BE1F2928D38FB5D99E85073D444A68091DB865B454E7 ] C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll
17:16:34.0579 0x0e88 C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamcore.dll - ok
17:16:34.0579 0x0e88 [ B2DB6ABA2E292235749B80A9C3DFA867, 92BCB678E2D0A7A9C15A74B41846D8723B96E37181407C0E8A56C7105659AAF3 ] C:\Windows\SysWOW64\imagehlp.dll
17:16:34.0579 0x0e88 C:\Windows\SysWOW64\imagehlp.dll - ok
17:16:34.0579 0x0e88 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll
17:16:34.0579 0x0e88 C:\Windows\SysWOW64\cscapi.dll - ok
17:16:34.0579 0x0e88 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] C:\Windows\System32\drivers\PEAuth.sys
17:16:34.0579 0x0e88 C:\Windows\System32\drivers\PEAuth.sys - ok
17:16:34.0594 0x0e88 [ 1EE99A89CC788ADA662441D1E9830529, 6B4FDD74BB81E12BD4B25A3E8AECB0FA77FA0075D454DD1D6DC1790ADF1F2AA8 ] C:\Windows\System32\nlasvc.dll
17:16:34.0594 0x0e88 C:\Windows\System32\nlasvc.dll - ok
17:16:34.0594 0x0e88 [ 1727B2A2F379A32B864C096FA794AADC, 87B77A5DF95F3A1C5ED6DEF820C7E384BEFCBAA2FE1BB4781AC6F777A081E5CC ] C:\Windows\System32\aepic.dll
17:16:34.0594 0x0e88 C:\Windows\System32\aepic.dll - ok
17:16:34.0594 0x0e88 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] C:\Windows\System32\drivers\secdrv.sys
17:16:34.0594 0x0e88 C:\Windows\System32\drivers\secdrv.sys - ok
17:16:34.0594 0x0e88 [ 4A435F95B940E93A88FEC144BD409789, 12775F6F54AD9BCBCD4F91F371D8911772CA7B14316DAFFDC28B971D1FDCC182 ] C:\Windows\System32\ncsi.dll
17:16:34.0594 0x0e88 C:\Windows\System32\ncsi.dll - ok
17:16:34.0594 0x0e88 [ C6CC9297BD53E5229653303E556AA539, 921E21EDED244FEE15B56564B97C97785F45AB862C1012BFA0B96B121DC90076 ] C:\Windows\System32\drivers\Sftfslh.sys
17:16:34.0594 0x0e88 C:\Windows\System32\drivers\Sftfslh.sys - ok
17:16:34.0610 0x0e88 [ C6DCD1D11ED6827F05C00773C3E7053C, EA23BE261C9C04F44215D254D7A80FD0AEE84C6F192D0FEE49A7CF74ED3CB1A6 ] C:\Windows\System32\sfc.dll
17:16:34.0610 0x0e88 C:\Windows\System32\sfc.dll - ok
17:16:34.0610 0x0e88 [ 895C9AB0A855547445C4181195230757, 89BDA385D8CCB75C3D7B1BDFA567AC441A931F4E499C0835FEE9D010343FABB6 ] C:\Windows\System32\sfc_os.dll
17:16:34.0610 0x0e88 C:\Windows\System32\sfc_os.dll - ok
17:16:34.0610 0x0e88 [ 2BBF3FDB70B8965DFA0258CBAB41ECCE, 4EFA41765E46E90C6CBDB0DC1E0CD375D7AB3307C477171EBAA6A16AC32E5211 ] C:\Windows\System32\ssdpapi.dll
17:16:34.0610 0x0e88 C:\Windows\System32\ssdpapi.dll - ok
17:16:34.0610 0x0e88 [ 390AA7BC52CEE43F6790CDEA1E776703, 0D008289E4B14EF56D5233B7C8C789A36503FBAA8896660776557D6F08808FA7 ] C:\Windows\System32\drivers\Sftplaylh.sys
17:16:34.0610 0x0e88 C:\Windows\System32\drivers\Sftplaylh.sys - ok
17:16:34.0610 0x0e88 [ C3CDDD18F43D44AB713CF8C4916F7696, 38093295825AFDD08D7E32CC4EF2A6C447F6D6E3C6F7EA5554C25E7C3F16FC92 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
17:16:34.0610 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe - ok
17:16:34.0625 0x0e88 [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
17:16:34.0625 0x0e88 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
17:16:34.0625 0x0e88 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
17:16:34.0625 0x0e88 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
17:16:34.0625 0x0e88 [ BDAC1AA64495D0F7E1FF810EBBF1F018, 7920E2381307574C5C4562CF1FF8F79F91204102051FCD708FA4E6A941422084 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll
17:16:34.0625 0x0e88 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_ec83dffa859149af\comctl32.dll - ok
17:16:34.0625 0x0e88 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll
17:16:34.0625 0x0e88 C:\Windows\System32\TSChannel.dll - ok
17:16:34.0625 0x0e88 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll
17:16:34.0625 0x0e88 C:\Windows\SysWOW64\apphelp.dll - ok
17:16:34.0641 0x0e88 [ 283E10FD63971145CC1E750FFA46180E, 171325C52CE4EC615CC8567F042F74473AAE98186FCF29CDCEC87D1353AB3455 ] C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe
17:16:34.0641 0x0e88 C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe - ok
17:16:34.0641 0x0e88 [ BF45D1E087B701D5215EBE57E2EDCA47, 8A2207875FC4DA02CDFAA6EC7FF36A7AC3DDFFA9C42E00288E834175219A64B3 ] C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe
17:16:34.0641 0x0e88 C:\Program Files (x86)\Giraffic\Veoh_Giraffic.exe - ok
17:16:34.0641 0x0e88 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] C:\Windows\System32\drivers\srvnet.sys
17:16:34.0641 0x0e88 C:\Windows\System32\drivers\srvnet.sys - ok
17:16:34.0641 0x0e88 [ 4E5FE39C1076D115EC8BFCFE14D75B80, F1D02BCA6F664DCDD0CCDE269D31787C7553CD38C7208A8DD8B80B9EA09FEB1C ] C:\Windows\SysWOW64\credssp.dll
17:16:34.0641 0x0e88 C:\Windows\SysWOW64\credssp.dll - ok
17:16:34.0641 0x0e88 [ DF687E3D8836BFB04FCC0615BF15A519, 7C5B1E72673B4299DFC21E869F0FBB28198CA54DF4F4AF7080005F2D82467784 ] C:\Windows\System32\drivers\tcpipreg.sys
17:16:34.0641 0x0e88 C:\Windows\System32\drivers\tcpipreg.sys - ok
17:16:34.0657 0x0e88 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] C:\Windows\System32\sysmain.dll
17:16:34.0657 0x0e88 C:\Windows\System32\sysmain.dll - ok
17:16:34.0657 0x0e88 [ 8E2C799D3476EAC32C3BA0DF7CE6AF19, CFE8A69E3F2A42C3BA2B38EC9233076D0AD32C441500E6407219F2E866905D9B ] C:\Windows\System32\TODDSrv.exe
17:16:34.0657 0x0e88 C:\Windows\System32\TODDSrv.exe - ok
17:16:34.0657 0x0e88 [ 1C73689B900428C7D054A41C4687F55C, 6DD3CDC09E4A62F40A81872789A5C8678C0FE23DD911C2951DFF5494B6BFC012 ] C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe
17:16:34.0657 0x0e88 C:\Program Files\Toshiba\Power Saver\TosCoSrv.exe - ok
17:16:34.0657 0x0e88 [ 210FCACAF902B2CD47CF9FD17D846146, 3F77AC721E084864C5966FF5337A90185F62203DC19C685328675500D629CB87 ] C:\Windows\System32\aeevts.dll
17:16:34.0657 0x0e88 C:\Windows\System32\aeevts.dll - ok
17:16:34.0657 0x0e88 [ FF5688D309347F2720911D8796912834, 3B0D73C50D40A6F42629B7750F99F656BF5C1C50237D5F98B6C0F2CE5E2DA359 ] C:\Windows\SysWOW64\clbcatq.dll
17:16:34.0657 0x0e88 C:\Windows\SysWOW64\clbcatq.dll - ok
17:16:34.0672 0x0e88 [ 73E8667A19FEEDD856DF2695E9E511D4, 68D66C36D1F293D10ADCC6A33C870F989A29743537592CF172F02E794BEAFD1C ] C:\Windows\SysWOW64\wship6.dll
17:16:34.0672 0x0e88 C:\Windows\SysWOW64\wship6.dll - ok
17:16:34.0672 0x0e88 [ D1103CFC8D7EA09ED22536EC301603F9, F49A2BA93B076019A5FC687B0814242C77766370ECD34926AF6F3BF758F21F5E ] C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll
17:16:34.0672 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrFunc.dll - ok
17:16:34.0672 0x0e88 [ 3EAE925DCD7D2704982BBCA4DC7EAE7E, CB6EB39DE8D0D72931ABC8D627C96C7FCAFB454E3C6153A553372808DC0F234C ] C:\Program Files\Toshiba\Power Saver\TPwrReg.dll
17:16:34.0672 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrReg.dll - ok
17:16:34.0672 0x0e88 [ DF5246F51E8557E20D40B3641CAE57B7, 997FE1AFF8E3D8F16BC4ED6E90AC37C8DEA270A6227341F7B0061D72FFFCF937 ] C:\Program Files\Toshiba\Power Saver\TtosFunc.dll
17:16:34.0672 0x0e88 C:\Program Files\Toshiba\Power Saver\TtosFunc.dll - ok
17:16:34.0672 0x0e88 [ 544EFF88AC6C85DF5A4D6F18DFE08CFC, D688381F42062FD5D868E7770857C5951C41BA20A1B6E6F60B5D9536C02CD293 ] C:\Windows\SysWOW64\taskschd.dll
17:16:34.0672 0x0e88 C:\Windows\SysWOW64\taskschd.dll - ok
17:16:34.0688 0x0e88 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv
17:16:34.0688 0x0e88 C:\Windows\System32\winspool.drv - ok
17:16:34.0688 0x0e88 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] C:\Windows\System32\trkwks.dll
17:16:34.0688 0x0e88 C:\Windows\System32\trkwks.dll - ok
17:16:34.0688 0x0e88 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
17:16:34.0688 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE - ok
17:16:34.0688 0x0e88 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] C:\Windows\System32\wbem\WMIsvc.dll
17:16:34.0688 0x0e88 C:\Windows\System32\wbem\WMIsvc.dll - ok
17:16:34.0688 0x0e88 [ 0255C22D99602534F15CBB8D9B6F152F, 43CD89D6CA56E0B633142F7C86DA9E072EE0723B5EBC4CE8CCBCA58C396ECF54 ] C:\Windows\System32\wbem\WinMgmtR.dll
17:16:34.0688 0x0e88 C:\Windows\System32\wbem\WinMgmtR.dll - ok
17:16:34.0703 0x0e88 [ 0C52762C606BCF6A377D5E4688191A6B, C58C9A73AD07E3B93AB186D0D47C5F1CB7197771DBEE40646C3B801645BB388F ] C:\Windows\System32\wbem\WmiDcPrv.dll
17:16:34.0703 0x0e88 C:\Windows\System32\wbem\WmiDcPrv.dll - ok
17:16:34.0703 0x0e88 [ EDF2A5E96BEC469DA3F64E9BDD386111, 63C91BBDFA2E087293B010A4E45625FBD1BFCAF655BFADE2F8B1C36CF804B118 ] C:\Windows\SysWOW64\xmllite.dll
17:16:34.0703 0x0e88 C:\Windows\SysWOW64\xmllite.dll - ok
17:16:34.0703 0x0e88 [ 5EB55F661DEBF156E126160BCD4D89F8, 948D1F627AA55D55FB3B558BA61B8366C5481A6041820631F24408F75EA5D2CC ] C:\Windows\System32\wbem\wbemcore.dll
17:16:34.0703 0x0e88 C:\Windows\System32\wbem\wbemcore.dll - ok
17:16:34.0703 0x0e88 [ A3F5E8EC1316C3E2562B82694A251C9E, F3DC6AA6A9D3B5BBC730668FC52C1D4BB5D515D404578BDDD3D4869A7ED58822 ] C:\Windows\System32\wbem\fastprox.dll
17:16:34.0703 0x0e88 C:\Windows\System32\wbem\fastprox.dll - ok
17:16:34.0703 0x0e88 [ 807B6562009E5858C93E1C0F435C0382, 7E523EC452BEDBDA6164B28F43B6210E07F32EC5A8663609B59FD75B8529BABB ] C:\Windows\SysWOW64\netbios.dll
17:16:34.0703 0x0e88 C:\Windows\SysWOW64\netbios.dll - ok
17:16:34.0719 0x0e88 [ EE26D130808D16C0E417BBBED0451B34, 4886DCE4FAEF146A40BABD492A8000A2022FEA542A6135A9BAFD4CD09297B4E5 ] C:\Windows\System32\ntdsapi.dll
17:16:34.0719 0x0e88 C:\Windows\System32\ntdsapi.dll - ok
17:16:34.0719 0x0e88 [ 087D8668C71634A3A3761135ABF16EEE, B7348A63299CFF4FFBF375E645A4850AE0F108D48D13AB25434CFAE7CF3D61FD ] C:\Windows\System32\wbem\esscli.dll
17:16:34.0719 0x0e88 C:\Windows\System32\wbem\esscli.dll - ok
17:16:34.0719 0x0e88 [ 704314FD398C81D5F342CAA5DF7B7F21, CDA660E1E8AAE0789780B6B9604B138E67B2BDD1404A5E4C2354B35879D43085 ] C:\Windows\SysWOW64\wbemcomn.dll
17:16:34.0719 0x0e88 C:\Windows\SysWOW64\wbemcomn.dll - ok
17:16:34.0719 0x0e88 [ C5B0324DB461559ADD070E632A6919FA, AB09CACB5B7DD372B27921A5E01220552A611CECA27EF87961001FA467FDED45 ] C:\Windows\SysWOW64\wbem\wbemprox.dll
17:16:34.0719 0x0e88 C:\Windows\SysWOW64\wbem\wbemprox.dll - ok
17:16:34.0719 0x0e88 [ 718B6F51AB7F6FE2988A36868F9AD3AB, 76141B4E94C2766E2C34CEF523092948771A7893212EFADBE88D2171B85FF012 ] C:\Windows\System32\wbem\wbemsvc.dll
17:16:34.0719 0x0e88 C:\Windows\System32\wbem\wbemsvc.dll - ok
17:16:34.0735 0x0e88 [ 0143DB80DACFB7C2B5B7009ED9063353, 252885CF7C1BAB89B86908373546E5F5D674BEF7AACBDDCF321AD877CB9150A9 ] C:\Windows\System32\wbem\wmiutils.dll
17:16:34.0735 0x0e88 C:\Windows\System32\wbem\wmiutils.dll - ok
17:16:34.0735 0x0e88 [ 776AE0564F8B1C282E331FD95A1BDC5F, 601CFCA3922FFEA46A54AD323845A76A12FC6AF9FF64E9B0AE294FBB1AFCF4CB ] C:\Windows\SysWOW64\wbem\wbemsvc.dll
17:16:34.0735 0x0e88 C:\Windows\SysWOW64\wbem\wbemsvc.dll - ok
17:16:34.0735 0x0e88 [ 0AB34456654C283DAA13B8D2BA21439B, 4B70FC5195DE39564E951C8542020BA3D4257E3D4488F69825F67A6099CB7549 ] C:\Windows\System32\wbem\repdrvfs.dll
17:16:34.0735 0x0e88 C:\Windows\System32\wbem\repdrvfs.dll - ok
17:16:34.0735 0x0e88 [ CFC7D8289D2B5F3CF8D16E2DB7F93D4A, 61B4D669C692775EF361445293163E84FAD8636AC49C8047BE806DB4E4093291 ] C:\Windows\SysWOW64\wbem\fastprox.dll
17:16:34.0735 0x0e88 C:\Windows\SysWOW64\wbem\fastprox.dll - ok
17:16:34.0735 0x0e88 [ B837D1528CE2E3CB79F09496BC08DDC6, ACD54CE61CFE94F23DC283537AD8FFBEB3D6041BD30317B60BA7A10FCB240A27 ] C:\Windows\System32\SensApi.dll
17:16:34.0735 0x0e88 C:\Windows\System32\SensApi.dll - ok
17:16:34.0750 0x0e88 [ 93812FDC01AA864195816CD814445F95, E5CB2576DA2905177AFD342DBE63E17CF626F93F430DEBC55155C18C60166BEE ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL
17:16:34.0750 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\SQMAPI.DLL - ok
17:16:34.0750 0x0e88 [ 9689A9C7F7C2A1A423CDA2C3B43FFF65, 914AD22D98975578BC14D821F72E8DFCE24F2092F9C299D24EBBAF5408FE8B8B ] C:\Windows\System32\wer.dll
17:16:34.0750 0x0e88 C:\Windows\System32\wer.dll - ok
17:16:34.0750 0x0e88 [ E3E811471DE781900FF21C1FD84E941E, 2A47FF52D1D6480AAD1919382E783EA184BF926311F8C7E466FEBE9F6FB88FD6 ] C:\Windows\SysWOW64\ntdsapi.dll
17:16:34.0750 0x0e88 C:\Windows\SysWOW64\ntdsapi.dll - ok
17:16:34.0750 0x0e88 [ C78761C2A5475EA16ADCD438CC17841F, 2EC81397DE7BEF39EA1E1758FE778A0A31C8D04B6AD76D9C0917D95808366A70 ] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
17:16:34.0750 0x0e88 C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe - ok
17:16:34.0750 0x0e88 [ 8A188C747E3F1A8BBABEA5BFCBDA09F6, CCA982136EB5F317389F1224C32AF46051080E8A98B3261489ECD380AE14D2B3 ] C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll
17:16:34.0750 0x0e88 C:\ProgramData\Microsoft\IdentityCRL\production\ppcrlconfig600.dll - ok
17:16:34.0766 0x0e88 [ 0B2D65FDDE31069299AA6330F359FF9C, BCD10102D583048447155B5E5C563F92110DE2614FB5B3032CEFE37ED0A14B54 ] C:\Windows\System32\msxml3.dll
17:16:34.0766 0x0e88 C:\Windows\System32\msxml3.dll - ok
17:16:34.0766 0x0e88 [ C6B11F84B5AF59DD5B797A69A47C3736, 77B7E9C2CECCF29FF39B51DEAAE18132E0FBD2C333DD419AB5B594651A92AFFD ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswEngin.dll
17:16:34.0766 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswEngin.dll - ok
17:16:34.0766 0x0e88 [ 08DFDBD2FD4EA951DC46B1C7661ED35A, D926530C659DDAF80770663F46F1EFD94FFB4AAB475C4E3367CB531AF4A734E1 ] C:\Windows\SysWOW64\powrprof.dll
17:16:34.0766 0x0e88 C:\Windows\SysWOW64\powrprof.dll - ok
17:16:34.0766 0x0e88 [ DDD0357A92FA843EFF8915ED17253D6C, 0C78B1D41F0A7821186ADF653504F2BFF067CB512CB0E932047C301378BBADB6 ] C:\Windows\System32\wbem\WmiPrvSD.dll
17:16:34.0766 0x0e88 C:\Windows\System32\wbem\WmiPrvSD.dll - ok
17:16:34.0766 0x0e88 [ 392DD992343AD7A53AD1791A4AC05C6A, 2C72FF0A3E4A3CF9E954D59DA162C47B0C73BE38306DB98D7159DF22A2C9EF8A ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnIS.dll
17:16:34.0766 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnIS.dll - ok
17:16:34.0781 0x0e88 [ 9F30D0686CF2403A735B85D0A72FE712, D595CAD952B9AB9498B035A8325C0F10560BA67C8192532689C74B7F5AB99C5F ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnOS.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnOS.dll - ok
17:16:34.0781 0x0e88 [ 2500700B5A9957821B06DD7CA8FF8CDA, 975EF58475C13BC83E6718CD262B2F65750923E529F5864BD4440BA92A81571B ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnBS.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswCmnBS.dll - ok
17:16:34.0781 0x0e88 [ 73F9C84DDA74BD5C9A6B9817166BBC1A, 437FE267DC34FB25658B88DD322351C710E6A566A49080E1CED90D02719FEDAA ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswRep.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswRep.dll - ok
17:16:34.0781 0x0e88 [ CA465E066130081BB5F6B73D585E1147, 1BC87FC69100E2A5342079671777E0BD8979B480AD9B6AF783102EEE36DF9F8D ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswScan.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswScan.dll - ok
17:16:34.0781 0x0e88 [ E6A9D5762372FA802DA429C1757B84C3, A91AC2706D368294679F49D25F3D278203A991A8A4C583D3B26FAC87602E0BF1 ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswFiDb.dll
17:16:34.0781 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswFiDb.dll - ok
17:16:34.0797 0x0e88 [ DA13A9B1C81C2DE7A815D5910509EE9E, 7221D6BF6D70CC672A04F55196DEEF3F579C5C19FF79B071CFBDFEC0A39C539E ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswCleanerDLL.dll
17:16:34.0797 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswCleanerDLL.dll - ok
17:16:34.0797 0x0e88 [ D41FEBD098234F02485A4EA98D4730A4, 462DC8168C444F35B43BA3B8F7D77734665D84F1C6D25CAD7391C0145961628F ] C:\Windows\System32\ncobjapi.dll
17:16:34.0797 0x0e88 C:\Windows\System32\ncobjapi.dll - ok
17:16:34.0797 0x0e88 [ 2A46FFE841EC43001D5A293A54DB34DE, 8ED96FA434B48B0C1772195ED477536960C84CAFCE9A9A43543DFFA85483B00D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE
17:16:34.0797 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVCM.EXE - ok
17:16:34.0797 0x0e88 [ 6F40D6FB05E0C1E5402812B426971AF0, E41F138F0F2DB057F8DBB1587237C6FA8A2059B3D64EC894D1DC492A18DBBDED ] C:\Windows\System32\wbem\wbemess.dll
17:16:34.0797 0x0e88 C:\Windows\System32\wbem\wbemess.dll - ok
17:16:34.0797 0x0e88 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe
17:16:34.0797 0x0e88 C:\Windows\System32\dllhost.exe - ok
17:16:34.0813 0x0e88 [ 14DFDEAF4E589ED3F1FF187A86B9408C, 86D383D5B90A86556521C62C50F7BE0306FCD24FD86A8A37E8320FAE948531EB ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
17:16:34.0813 0x0e88 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
17:16:34.0813 0x0e88 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll
17:16:34.0813 0x0e88 C:\Windows\System32\IDStore.dll - ok
17:16:34.0813 0x0e88 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll
17:16:34.0813 0x0e88 C:\Windows\System32\mpr.dll - ok
17:16:34.0813 0x0e88 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe
17:16:34.0813 0x0e88 C:\Windows\System32\userinit.exe - ok
17:16:34.0813 0x0e88 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe
17:16:34.0813 0x0e88 C:\Windows\System32\dwm.exe - ok
17:16:34.0828 0x0e88 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll
17:16:34.0828 0x0e88 C:\Windows\System32\dwmcore.dll - ok
17:16:34.0828 0x0e88 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll
17:16:34.0828 0x0e88 C:\Windows\System32\dwmredir.dll - ok
17:16:34.0828 0x0e88 [ E1374D37477322D4956604711008C69D, 52350DBA14343DBAB3019FF67A7F8ED8A53D1085C1A3F1B4AE9110F7407F4256 ] C:\Windows\System32\d3d10_1.dll
17:16:34.0828 0x0e88 C:\Windows\System32\d3d10_1.dll - ok
17:16:34.0828 0x0e88 [ 426BA4E737A7988FD1202AF2F2B2F4A6, 3E84B1EF044C157B7B228AE86A4466BC7E24B2D85F07636D0119041E3D630A2F ] C:\Windows\System32\d3d10_1core.dll
17:16:34.0828 0x0e88 C:\Windows\System32\d3d10_1core.dll - ok
17:16:34.0828 0x0e88 [ F404E59DB6A0F122AB26BF4F3E2FD0FA, 47F30401D86006821475F911A3D5E9B23571F6A8B4A9942891298E33D070D5D5 ] C:\Windows\System32\dxgi.dll
17:16:34.0828 0x0e88 C:\Windows\System32\dxgi.dll - ok
17:16:34.0828 0x0e88 [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe
17:16:34.0828 0x0e88 C:\Windows\explorer.exe - ok
17:16:34.0844 0x0e88 [ F5138EEC090C296CF6FB6C6C19BE1D9E, 378942AF1511755F2BBB580916C7F1710D57EBE3FB132229AF638F8B4126885B ] C:\Windows\System32\igd10umd64.dll
17:16:34.0844 0x0e88 C:\Windows\System32\igd10umd64.dll - ok
17:16:34.0844 0x0e88 [ 49E5753D923F1AC63B22D3DCB0B47E00, 14CEC0BF5F625FF839A8D79B4A6B7C4AC0CBB705FD197C6B7FF8617C6C3E34FE ] C:\Windows\System32\uDWM.dll
17:16:34.0844 0x0e88 C:\Windows\System32\uDWM.dll - ok
17:16:34.0844 0x0e88 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll
17:16:34.0844 0x0e88 C:\Windows\SysWOW64\uxtheme.dll - ok
17:16:34.0844 0x0e88 [ 26A68554F95A344B62E5771AF598E0E8, DF6448B78AD471A216E2D38DCF248CD7416A2A3A1C580680B9D4ACC44E9046E2 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll
17:16:34.0844 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\System\ce9ff6baf9053ed2ed673d948179195c\System.ni.dll - ok
17:16:34.0844 0x0e88 [ DD7423ABBE2913E70D50E9318AD57EE4, 74BC123808F3FA60ADDC51C1383F8250608D3DBA3A8DC175B3418A1CF0BC53E9 ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
17:16:34.0844 0x0e88 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok
17:16:34.0859 0x0e88 [ AFB5B500AD69E24ED1BC15D1161641EF, C8EE01224FA8020DAE6F9BCE2FD88EDC2441164393ED6E68DAA1EA0B8190276F ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL
17:16:34.0859 0x0e88 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok
17:16:34.0859 0x0e88 [ 659127E6E134013FD6CFFCAFBECEFA70, D82F56B823B7281B11A82E2F54FFE3811BB14C2456EA93036C9B18E65DF02007 ] C:\Program Files\AVAST Software\Avast\defs\17041812\algo.dll
17:16:34.0859 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\algo.dll - ok
17:16:34.0859 0x0e88 [ 89B89AE23491F5D4E338499A3D568269, 8E8230EA733075EB8700E92F07DAB29CC5729D67CEEF75197BC91515EE4C0A8F ] C:\Windows\System32\localspl.dll
17:16:34.0859 0x0e88 C:\Windows\System32\localspl.dll - ok
17:16:34.0859 0x0e88 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll
17:16:34.0859 0x0e88 C:\Windows\System32\rasadhlp.dll - ok
17:16:34.0859 0x0e88 [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll
17:16:34.0859 0x0e88 C:\Windows\System32\spoolss.dll - ok
17:16:34.0875 0x0e88 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll
17:16:34.0875 0x0e88 C:\Windows\SysWOW64\ntmarta.dll - ok
17:16:34.0875 0x0e88 [ 839F96DBAAFD3353E0B248A5E0BD2A51, 11DA5AD3EA5FF4766C12B99FB520B3CBE08581ECAF1A2FD1DC5AC835CA78FAC2 ] C:\Windows\SysWOW64\rasapi32.dll
17:16:34.0875 0x0e88 C:\Windows\SysWOW64\rasapi32.dll - ok
17:16:34.0875 0x0e88 [ F11A57E91FDAECFB41A5CB21EB1EBC8E, 904DA963F2274ADF521660E3131DAC781E59C6FAEB393E57802A3B5638C09283 ] C:\Windows\System32\dssenh.dll
17:16:34.0875 0x0e88 C:\Windows\System32\dssenh.dll - ok
17:16:34.0875 0x0e88 [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll
17:16:34.0875 0x0e88 C:\Windows\System32\FXSMON.dll - ok
17:16:34.0875 0x0e88 [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll
17:16:34.0875 0x0e88 C:\Windows\System32\PrintIsolationProxy.dll - ok
17:16:34.0891 0x0e88 [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll
17:16:34.0891 0x0e88 C:\Windows\System32\tcpmon.dll - ok
17:16:34.0891 0x0e88 [ FFA7172354B9256DBB2CDD75F16F33FE, 85B2F014C67C2E52540F17D561793C6633C9E98F12639CCD3854EB1EC34DD035 ] C:\Windows\SysWOW64\rasman.dll
17:16:34.0891 0x0e88 C:\Windows\SysWOW64\rasman.dll - ok
17:16:34.0891 0x0e88 [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159, ACE7F85685EB92FC3AB4215122B0469E32F23B196C49F08CDA7791D3122C45DC ] C:\Windows\SysWOW64\rtutils.dll
17:16:34.0891 0x0e88 C:\Windows\SysWOW64\rtutils.dll - ok
17:16:34.0891 0x0e88 [ 6F8E3B7B70E1BBA871212940C1FBDF60, 3F9D4EE64E4210340C6FEE0DE81BFE3C613DDBE608EC09D63817D24CE24BFC5E ] C:\Windows\SysWOW64\SensApi.dll
17:16:34.0891 0x0e88 C:\Windows\SysWOW64\SensApi.dll - ok
17:16:34.0891 0x0e88 [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll
17:16:34.0891 0x0e88 C:\Windows\System32\snmpapi.dll - ok
17:16:34.0891 0x0e88 [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll
17:16:34.0891 0x0e88 C:\Windows\System32\wsnmp32.dll - ok
17:16:34.0906 0x0e88 [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll
17:16:34.0906 0x0e88 C:\Windows\System32\usbmon.dll - ok
17:16:34.0906 0x0e88 [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll
17:16:34.0906 0x0e88 C:\Windows\System32\WSDMon.dll - ok
17:16:34.0906 0x0e88 [ 9A85ABCE0FDD1AF8E79E731EB0B679F3, 2A610BEB16610FE2F2E9A50477A62A05481E8A5843A814955A0EDFF45D0304B3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
17:16:34.0906 0x0e88 C:\Windows\SysWOW64\dhcpcsvc.dll - ok
17:16:34.0906 0x0e88 [ 29CA5974FAB0E8AE4AA7814FE05CF832, ADE54D406AAB7C364851AAD278A569426C9ADD4F7FB543BB08428CED963BF541 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
17:16:34.0906 0x0e88 C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
17:16:34.0906 0x0e88 [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll
17:16:34.0906 0x0e88 C:\Windows\System32\fdPnp.dll - ok
17:16:34.0922 0x0e88 [ 1D626FE2E13C1CE49CA0136CFF214E93, 4F02DD92045CF244979FFD074B2BDE6925A909227A474C60DCABE4384D916218 ] C:\Windows\System32\spool\prtprocs\x64\winprint.dll
17:16:34.0922 0x0e88 C:\Windows\System32\spool\prtprocs\x64\winprint.dll - ok
17:16:34.0922 0x0e88 [ 2AC11BE0F5D9A01433732AAB8BA21774, 523B2D6516CB4BC86F2D9C7129D0F2C976F2EC93A1382E3FA043B0B54E7B7F09 ] C:\Windows\System32\win32spl.dll
17:16:34.0922 0x0e88 C:\Windows\System32\win32spl.dll - ok
17:16:34.0922 0x0e88 [ 507D5567A0A4EE86C4B0CE2CE1777025, 408770B00CED498BF7782054F17A5CB361CF65429B0C816403D70E416E0EEF23 ] C:\Windows\System32\inetpp.dll
17:16:34.0922 0x0e88 C:\Windows\System32\inetpp.dll - ok
17:16:34.0922 0x0e88 [ AA2D8BB9C6F0963A4FB7C3D596CEC0E2, AC64F9897A0910F0386F39D961C67D7FEB9F782243D4369B80377A3F5C29744E ] C:\Program Files\AVAST Software\Avast\aswSecDns.dll
17:16:34.0922 0x0e88 C:\Program Files\AVAST Software\Avast\aswSecDns.dll - ok
17:16:34.0922 0x0e88 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll
17:16:34.0922 0x0e88 C:\Windows\System32\cscapi.dll - ok
17:16:34.0937 0x0e88 [ 1EBE9524683C7C4EED8B8BC93FB6FBCC, 78AF098E270EDE62466557091F14B2D37BDAB488F02E7CC769251FD17C02BA4A ] C:\Windows\SysWOW64\fltLib.dll
17:16:34.0937 0x0e88 C:\Windows\SysWOW64\fltLib.dll - ok
17:16:34.0937 0x0e88 [ 418E881201583A3039D81F43E39E6C78, C96AAC161E09BE12815A4E931E65F66DB1A456C03253EF1111AE66F44B1515FF ] C:\Windows\SysWOW64\winsta.dll
17:16:34.0937 0x0e88 C:\Windows\SysWOW64\winsta.dll - ok
17:16:34.0937 0x0e88 [ 46F12E67EF52F2FF1E8722621E1752D3, 6D1FA5D14DD5DEDE0480C9792FC334F4E0B2D20BD81A24EB145A141FB55E9BCD ] C:\Program Files\AVAST Software\Avast\AhResMai.dll
17:16:34.0937 0x0e88 C:\Program Files\AVAST Software\Avast\AhResMai.dll - ok
17:16:34.0937 0x0e88 [ 9E4B0E7472B4CEBA9E17F440B8CB0AB8, B1A9B2EF000917214C0198958CBD239D1D91B1720EC40DF041262A34D302AD74 ] C:\Windows\SysWOW64\winspool.drv
17:16:34.0937 0x0e88 C:\Windows\SysWOW64\winspool.drv - ok
17:16:34.0937 0x0e88 [ 06B565DDB92457D4F359B526654EC527, 40FAC8DC19D3101E36884831C7D03185A1A5ADD40DE7DE7E8431FF1A3A88B84D ] C:\Program Files\AVAST Software\Avast\AhResStd.dll
17:16:34.0937 0x0e88 C:\Program Files\AVAST Software\Avast\AhResStd.dll - ok
17:16:34.0953 0x0e88 [ 2D4A4C8537BBA2E157EDB58E0582F23C, 581386F9E9B379E6B674C02429F2EFD318E2B541CDC3687ABB917C975ECCBE31 ] C:\Program Files\AVAST Software\Avast\AhResWS.dll
17:16:34.0953 0x0e88 C:\Program Files\AVAST Software\Avast\AhResWS.dll - ok
17:16:34.0953 0x0e88 [ D1DE1EAFDE97BE41CF6585027FF3E732, 76F17D4DF440D6734DC8157092D94EB18C2A73A0A49BEEA289E7B3EDE30E86A2 ] C:\Windows\SysWOW64\comdlg32.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\comdlg32.dll - ok
17:16:34.0953 0x0e88 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\winmm.dll - ok
17:16:34.0953 0x0e88 [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9, E18D66455D00A6D2A2D7CC0833C233FE8A6DD910B59D6B5B5F82EF91450858DF ] C:\Windows\SysWOW64\sfc.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\sfc.dll - ok
17:16:34.0953 0x0e88 [ 84799328D87B3091A3BDD251E1AD31F9, F85521215924388830DBB13580688DB70B46AF4C7D82D549D09086438F8D237B ] C:\Windows\SysWOW64\sfc_os.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\sfc_os.dll - ok
17:16:34.0953 0x0e88 [ 1E8D06AAE74FED674C1156B3FEA911C2, C1999BA9E436F9E0B9302DC82DF8B214E66372899FD4C0C60C56EE5340BADB9F ] C:\Windows\SysWOW64\Faultrep.dll
17:16:34.0953 0x0e88 C:\Windows\SysWOW64\Faultrep.dll - ok
17:16:34.0969 0x0e88 [ 703FFD301AB900B047337C5D40FD6F96, C09909B89183B89BA87CAC8C5BEBD0E995C5CB08CC9B9D1E88352103EE958857 ] C:\Windows\SysWOW64\olepro32.dll
17:16:34.0969 0x0e88 C:\Windows\SysWOW64\olepro32.dll - ok
17:16:34.0969 0x0e88 [ 12C45E3CB6D65F73209549E2D02ECA7A, 9DFD9C58B90257C34D52B7156C1D2566BE32EE7BD4699DDE164A5F190EC4D44A ] C:\Windows\SysWOW64\propsys.dll
17:16:34.0969 0x0e88 C:\Windows\SysWOW64\propsys.dll - ok
17:16:34.0969 0x0e88 [ A34A587FFFD45FA649FBA6D03784D257, C9A2BCD4E2A5EB6E320092A3AFD5737ECDCDA0B83EE42314A23C4978F2974767 ] C:\Windows\System32\iphlpsvc.dll
17:16:34.0969 0x0e88 C:\Windows\System32\iphlpsvc.dll - ok
17:16:34.0969 0x0e88 [ 4F6E72B34ED3DC53DCC5E8708E60B61F, CB79F4EBCE11ECCFA167498F329F95D545F8D4E5CCE4006B2A03B595733AEBC2 ] C:\Windows\SysWOW64\security.dll
17:16:34.0969 0x0e88 C:\Windows\SysWOW64\security.dll - ok
17:16:34.0969 0x0e88 [ AA376FE53D239EC404AD28AA14F33564, D65673BD31C4727861B79497B80EE461B48EBFBEEF8FA002C0CDEA966B7EC71D ] C:\Windows\SysWOW64\srclient.dll
17:16:34.0969 0x0e88 C:\Windows\SysWOW64\srclient.dll - ok
17:16:34.0984 0x0e88 [ 13693B6354DD6E72DC5131DA7D764B90, 447EFDA7CFB1F62EA316219D996406C8DC374097DB903F362D6E945227D8BB2D ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
17:16:34.0984 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe - ok
17:16:34.0984 0x0e88 [ 971A36C4827AD1AE2A54E6407478921A, 22FC1DD7476F6A9E8C6272D982F2F10600AE97D2157C8531EA2F4C7874E6D24D ] C:\Windows\SysWOW64\spp.dll
17:16:34.0984 0x0e88 C:\Windows\SysWOW64\spp.dll - ok
17:16:34.0984 0x0e88 [ 6177E1A8F215576A56D437B48A00848B, B38B4550B67A053EEB3F863986440A6BCD85DF8B1A138F2845A4ABA0C6F06069 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll
17:16:34.0984 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftsync.dll - ok
17:16:34.0984 0x0e88 [ 295E1F2BC1AFDAFD98FF426BCE524BA9, 642DFF6C6AAF54D6A4B6A192FD016068FED63312CB8E3C283638A5D044B85538 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll
17:16:34.0984 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftuser.dll - ok
17:16:34.0984 0x0e88 [ 27B9E163740A226B65E4B9E186117911, 17411C6A6C1E699BC4B0C04D782FD9AA09CF577DBA41E743F7588904D489CB9F ] C:\Windows\System32\sqmapi.dll
17:16:34.0984 0x0e88 C:\Windows\System32\sqmapi.dll - ok
17:16:35.0000 0x0e88 [ 13337A3FB17F2242487FD45488ED0485, C174F8652118876494336AB88A65D594E0E6CCBAB20CC6BA08E6B253855A01CA ] C:\Windows\SysWOW64\vssapi.dll
17:16:35.0000 0x0e88 C:\Windows\SysWOW64\vssapi.dll - ok
17:16:35.0000 0x0e88 [ A733CC986EB51F8FBF598B981DC19FBA, BDDCF486C6E0CC96DE744587A22125A1EADB134581ED2E876D183E8EDA7B7F9C ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll
17:16:35.0000 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcore.dll - ok
17:16:35.0000 0x0e88 [ 7B38D7916A7CD058C16A0A6CA5077901, 3F6DD990E2DA5D3BD6D65A72CBFB0FE79EB30B118A8AD71B6C9BB5581A622DCE ] C:\Windows\System32\wdscore.dll
17:16:35.0000 0x0e88 C:\Windows\System32\wdscore.dll - ok
17:16:35.0000 0x0e88 [ FEB91B4DA0D540865260A33838654FA3, 8636B008BA329D3E6CC235D08BA4C914EFF45DBFCB9297C893CCDA8D907BA946 ] C:\Windows\System32\nci.dll
17:16:35.0000 0x0e88 C:\Windows\System32\nci.dll - ok
17:16:35.0000 0x0e88 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll
17:16:35.0000 0x0e88 C:\Windows\System32\netprofm.dll - ok
17:16:35.0015 0x0e88 [ F10E5311E5093FA3C00FF88C54C32FCA, B557F5B00D77F030850D9AAC0FFEFC4C2A759EC4081C8459C9DEAE51BAAACC65 ] C:\Windows\SysWOW64\atl.dll
17:16:35.0015 0x0e88 C:\Windows\SysWOW64\atl.dll - ok
17:16:35.0015 0x0e88 [ B940289C83121046BD6A60ACC6028593, EBD1C2C0A8EBB201924536AB5C6E032C12B9E081A153CC079748E1D6D625F0DF ] C:\Windows\SysWOW64\vsstrace.dll
17:16:35.0015 0x0e88 C:\Windows\SysWOW64\vsstrace.dll - ok
17:16:35.0015 0x0e88 [ 659DAA73109D1EFC4DFD46E9CB6CEDC6, 906EB04D7798EA9FA7BC9CAB624DF5A5C550F356C08B0AEACBE8FD60EF5B41F4 ] C:\Program Files\AVAST Software\Avast\AhResWS2.dll
17:16:35.0015 0x0e88 C:\Program Files\AVAST Software\Avast\AhResWS2.dll - ok
17:16:35.0015 0x0e88 [ 3B367397320C26DBA890B260F80D1B1B, 50BBE71B4380B5E86E197AF86F5C08266DD6B12344BA4ABDEA604B8C774C4147 ] C:\Windows\System32\hnetcfg.dll
17:16:35.0015 0x0e88 C:\Windows\System32\hnetcfg.dll - ok
17:16:35.0015 0x0e88 [ 09AC643215862B0BC3AC8F57BB96AFD6, 8839319B26C0598AE9627B948ED3A23DF68CF3B780098D9304B09D1324C5B014 ] C:\Program Files\AVAST Software\Avast\custody.dll
17:16:35.0015 0x0e88 C:\Program Files\AVAST Software\Avast\custody.dll - ok
17:16:35.0031 0x0e88 [ 79AFFC7FEEA9CD2FEFEA5EF3B631A02C, 78889511D6F471009674CC958F8BB77B4A79C952634B18E8AFF4A75AA6A60E87 ] C:\Windows\System32\ndiscapCfg.dll
17:16:35.0031 0x0e88 C:\Windows\System32\ndiscapCfg.dll - ok
17:16:35.0031 0x0e88 [ 3D6AF45673C4B31CDECD7F80AF09D443, 7D711D138C107816155AFA5E5FDC6892734074BEFF604B5904177B5D9ACE4670 ] C:\Windows\System32\rascfg.dll
17:16:35.0031 0x0e88 C:\Windows\System32\rascfg.dll - ok
17:16:35.0031 0x0e88 [ FB8482D42FAD4D52F3006E7EA0435CBC, 17F60C7EBD90872B9BE82828595AFAD88057376D3EA99D1780B5D11851B79ABE ] C:\Program Files\AVAST Software\Avast\pam.dll
17:16:35.0031 0x0e88 C:\Program Files\AVAST Software\Avast\pam.dll - ok
17:16:35.0031 0x0e88 [ 2DF29664ED261F0FC448E58F338F0671, 4EFE79C383D0AF126FC4EE668D822563F8F037B1E61D73747A35FE11AAFDB8CE ] C:\Windows\System32\mprapi.dll
17:16:35.0031 0x0e88 C:\Windows\System32\mprapi.dll - ok
17:16:35.0031 0x0e88 [ 1CF21800E337F4039AAD4C94B4280EE4, EF434CEF6E62A202B85E8EC7916EB998E20B10675437CDE90084CDA938C0AA3F ] C:\Windows\System32\mprmsg.dll
17:16:35.0031 0x0e88 C:\Windows\System32\mprmsg.dll - ok
17:16:35.0031 0x0e88 [ 55DE45B116711881C852D2841E4C84DD, 18E5021530BB44042C85087BAE4FEDA633E01CDCBA09C90A5941B74C75133A35 ] C:\Windows\System32\tcpipcfg.dll
17:16:35.0031 0x0e88 C:\Windows\System32\tcpipcfg.dll - ok
17:16:35.0047 0x0e88 [ 2EB8800497876168297C2384C0D65A77, 3F29BC16AD9C37EDBAC08E4B75A15E3BBA2DFAEF002312FD83C78AD651BF2E0E ] C:\Program Files\AVAST Software\Avast\ashMaiSv.dll
17:16:35.0047 0x0e88 C:\Program Files\AVAST Software\Avast\ashMaiSv.dll - ok
17:16:35.0047 0x0e88 [ 18AA12A2870D8B3E1FF8511994013AEC, FDA7D2317BA4920C560DB45CC85DF83D6F0A4DA84F7CC2832DFBE91C7F486732 ] C:\Program Files\AVAST Software\Avast\defs\17041812\exts.dll
17:16:35.0047 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\exts.dll - ok
17:16:35.0047 0x0e88 [ 089C9FBC57EEA8C04785C6C3C3DF3BCF, 804B6F0298E63B062B81D09C8CDE38E84371C9324969B08F056D00804395735F ] C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll
17:16:35.0047 0x0e88 C:\Program Files\AVAST Software\Avast\aswStreamFilter.dll - ok
17:16:35.0047 0x0e88 [ 14107C10946921603BBF5637B249DB84, DB45F5ED8907E68F99A2DDAE377A2A98955792FD5FEDD61A390EFEE164B25F7A ] C:\Program Files\AVAST Software\Avast\aswDnsCache.dll
17:16:35.0047 0x0e88 C:\Program Files\AVAST Software\Avast\aswDnsCache.dll - ok
17:16:35.0047 0x0e88 [ B010CF886420EE29C2C276646721D255, CBCD032D679ADE3A9942A1D116648D6A9ECC71F66F8630629E724E5EE23F9F73 ] C:\Windows\SysWOW64\wlanapi.dll
17:16:35.0047 0x0e88 C:\Windows\SysWOW64\wlanapi.dll - ok
17:16:35.0062 0x0e88 [ 1D6A771D1D702AE07919DB52C889A249, E5F3378AC40AEE6114EEAF3BF11DC1059466891CAE353E80C08622A60485C954 ] C:\Windows\SysWOW64\wlanutil.dll
17:16:35.0062 0x0e88 C:\Windows\SysWOW64\wlanutil.dll - ok
17:16:35.0062 0x0e88 [ 03A03A453F1AAAE0C73AAAF895321C7A, BB46C581347EDA9CAF287E24163A593F07BD723E1C250ADD8E5C46BB349B668C ] C:\Windows\SysWOW64\FWPUCLNT.DLL
17:16:35.0062 0x0e88 C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
17:16:35.0062 0x0e88 [ BEA34F901FDACDE1433CE1984B6791B2, 0E6CF3534C61D595ACD1EF0733D1F76E6C970832962F3338DE6B557507224194 ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswAR.dll
17:16:35.0062 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswAR.dll - ok
17:16:35.0062 0x0e88 [ F0CC72AAC41DC3723358FB4DF3E37545, 8678B0801F6FF6530AC223AC2A4C8B93110655B573E047FB7F18CE4ADA53F274 ] C:\Program Files\AVAST Software\Avast\defs\17041812\aswRawFS.dll
17:16:35.0062 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\aswRawFS.dll - ok
17:16:35.0062 0x0e88 [ 32BFCF1CA719F2A3A31C721BD5F90303, EFCA0A6AF7BD987F6636B40C5249B8F03CD127EF39E55E75A811E2C3B1F9FF57 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll
17:16:35.0062 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftpsr.dll - ok
17:16:35.0078 0x0e88 [ 40EE4E67311F4019CCA2120D88C60576, 05B81FC09774FA60007E45CC77E4C8A02A61639EAA58AA2989F048A294437688 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll
17:16:35.0078 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftfsi_wow64.dll - ok
17:16:35.0078 0x0e88 [ 09AB81CEE443569D9A3CC151DDF70444, E466612F6FBC12C463EE85DD74A303D7D4956A9A592B9D6AF91DF56CFEFFE28E ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll
17:16:35.0078 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftcomp.dll - ok
17:16:35.0078 0x0e88 [ 8EA53101FF2B15BDFF934B62A8FB326D, E28536A4AC6764C2480EF047AF2312AE2600819899C3E33B486CFE19F25AC464 ] C:\Windows\SysWOW64\logoncli.dll
17:16:35.0078 0x0e88 C:\Windows\SysWOW64\logoncli.dll - ok
17:16:35.0078 0x0e88 [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll
17:16:35.0078 0x0e88 C:\Windows\SysWOW64\msi.dll - ok
17:16:35.0078 0x0e88 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] C:\Windows\System32\drivers\srv2.sys
17:16:35.0078 0x0e88 C:\Windows\System32\drivers\srv2.sys - ok
17:16:35.0093 0x0e88 [ 617E29A0B0A2807466560D4C4E338D3E, 5E95D38DB9A6776EB4A15A952FA7949831D6F660EED8C3E79BD09D102BAC5D67 ] C:\Windows\System32\drivers\Sftredirlh.sys
17:16:35.0093 0x0e88 C:\Windows\System32\drivers\Sftredirlh.sys - ok
17:16:35.0093 0x0e88 [ 3D3CBD1847F980FB03343A63671E7886, 6FCC7D869106DFF85B251C1593E2DA2C165D71F854ED32360FC7DB16327AF663 ] C:\Windows\SysWOW64\schannel.dll
17:16:35.0093 0x0e88 C:\Windows\SysWOW64\schannel.dll - ok
17:16:35.0093 0x0e88 [ D9A9702E43A5859896F34898D5FD3FEC, 3248B6E72665193357BB0E6326B760F248923D375C02C8CD6BC24EEF26AEAC4E ] C:\Windows\SysWOW64\msxml6.dll
17:16:35.0093 0x0e88 C:\Windows\SysWOW64\msxml6.dll - ok
17:16:35.0093 0x0e88 [ EB6369B1FCBB45AAC60040BD3CCFBA64, E12C1E7A9EE40DE98180875383250999787B385458EB38180479F8EE91E83A77 ] C:\Program Files (x86)\Google\Update\1.3.33.3\goopdate.dll
17:16:35.0093 0x0e88 C:\Program Files (x86)\Google\Update\1.3.33.3\goopdate.dll - ok
17:16:35.0093 0x0e88 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll
17:16:35.0093 0x0e88 C:\Windows\SysWOW64\msimg32.dll - ok
17:16:35.0109 0x0e88 [ FEEB4E9E1B1B6D543D53AD6C75E34838, 2C7B47E4452BFE253638BF02D615E514B3DF86020123CFA0FD52CF4E2DB4A09E ] C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe
17:16:35.0109 0x0e88 C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler.exe - ok
17:16:35.0109 0x0e88 [ 591FE0A6CEB19BF886CEB1331F591940, 929CC5BC782FEF82804D2D253D3EB59F09BE744E0EF2A9263E8EECC36E16F2CE ] C:\Windows\SysWOW64\ncrypt.dll
17:16:35.0109 0x0e88 C:\Windows\SysWOW64\ncrypt.dll - ok
17:16:35.0109 0x0e88 [ CE71B9119A258EDD0A05B37D7B0F92E3, D9310C5BBFE089B8C81E259C462EC1E6D7A7A87FA59FC1F174ED5C58D409AE7A ] C:\Windows\SysWOW64\bcrypt.dll
17:16:35.0109 0x0e88 C:\Windows\SysWOW64\bcrypt.dll - ok
17:16:35.0109 0x0e88 [ B99AE052439A204F3C0377FEEFF76573, DE176626608BE0ED42F36586ED7F1D3B28592FF82E00516E8C60A01B9243908C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\tosIndicator\2b1b71df5141ab83ead4e95c8c23d56b\tosIndicator.ni.exe
17:16:35.0109 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\tosIndicator\2b1b71df5141ab83ead4e95c8c23d56b\tosIndicator.ni.exe - ok
17:16:35.0109 0x0e88 [ E8449FE262D7406BCB2AC2A45C53EC5F, 6C118C9FB26404D1943824CF3990F36E12986547FFACB7CC0DF975A913065D78 ] C:\Windows\SysWOW64\bcryptprimitives.dll
17:16:35.0109 0x0e88 C:\Windows\SysWOW64\bcryptprimitives.dll - ok
17:16:35.0125 0x0e88 [ 63AAFCF3EA5DBB17123E0BAE9AFE4D58, ACAD9D96CE58EDB620AC13ACA8C6F4122BA8B2AF78468A760F21A01B43D93312 ] C:\Program Files\Toshiba\TECO\TecoService.exe
17:16:35.0125 0x0e88 C:\Program Files\Toshiba\TECO\TecoService.exe - ok
17:16:35.0125 0x0e88 [ 1097F3035BAF46CED8B332B3564C5108, C69781683CA963A1335780DABBBC60E2C3CEF0888738D3425D358D12E8D0AF58 ] C:\Windows\SysWOW64\gpapi.dll
17:16:35.0125 0x0e88 C:\Windows\SysWOW64\gpapi.dll - ok
17:16:35.0125 0x0e88 [ 6316957BB3431DFB06BFFA98C0F1926E, 3DB6BF2DAB524BCB9DA516004F516169808645847C6C82A082FD4973931B9F8B ] C:\Windows\SysWOW64\cryptnet.dll
17:16:35.0125 0x0e88 C:\Windows\SysWOW64\cryptnet.dll - ok
17:16:35.0125 0x0e88 [ 6B8F9054C79BC15C07CE04C0CE242D63, 34C010D2B9A54A4EE290F768A55A41A06298F973FBFE97CBCA993AEA49A54DDC ] C:\Program Files (x86)\Java\jre6\bin\keytool.exe
17:16:35.0125 0x0e88 C:\Program Files (x86)\Java\jre6\bin\keytool.exe - ok
17:16:35.0125 0x0e88 [ 448BF22538F1DFCB3412AE2B1CF123A9, 35D652AE19A93FE1DCF920AEDDF6470E2C8EEE8FF409E5735A329727E464E268 ] C:\Windows\System32\conhost.exe
17:16:35.0125 0x0e88 C:\Windows\System32\conhost.exe - ok
17:16:35.0140 0x0e88 [ 01D585C95A0E752EFFB11EA899B0E387, 09EE8F7BA39206EEFAE61665EE85D048E5E9813BC5401B7FD6E88948632C5625 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll
17:16:35.0140 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\WindowsBase\46fce56db7685a586d3eeb7c373e3c1c\WindowsBase.ni.dll - ok
17:16:35.0140 0x0e88 [ F41E07868DD2314A2A0D1CCB58F38179, 98AEE7F01CC4815407F48FBEEE0EA7D2068DA534DD034B563CEC2747A51A5223 ] C:\Program Files (x86)\Java\jre6\bin\jli.dll
17:16:35.0140 0x0e88 C:\Program Files (x86)\Java\jre6\bin\jli.dll - ok
17:16:35.0140 0x0e88 [ F9C8015C85E7A8CC5513A3AD1CA0ABDC, 1DFFE0B9DEF19C4FC79B979C0A2235820CCFAF929D54E078D307F7F262172EBF ] C:\Program Files\Toshiba\TECO\TecoHci.dll
17:16:35.0140 0x0e88 C:\Program Files\Toshiba\TECO\TecoHci.dll - ok
17:16:35.0140 0x0e88 [ 777F34146CD4126A2B8D6F2342F57536, 5714BE7D04E70E47801BA67778E63D0B8512E3BC4D0FD70D85E1D2D97180DFEC ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll
17:16:35.0140 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationCore\14a87218ea49639f38097e278b98a3da\PresentationCore.ni.dll - ok
17:16:35.0140 0x0e88 [ C92C6145D2C44C4259C22228B24411F2, 49B195C55FA1D14BA0BCAE2DC856E442EA55E8B76407151DEB07AE037FBEA21E ] C:\Program Files\Toshiba\TECO\TecoPower.dll
17:16:35.0140 0x0e88 C:\Program Files\Toshiba\TECO\TecoPower.dll - ok
17:16:35.0156 0x0e88 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\msvcr71.dll - ok
17:16:35.0156 0x0e88 [ B83B58F64C99BBEF45A81E0D79A34F80, 16EF4FE99DD5A313AED4EA2598E42F4B2FEB2942E300DCD6584F4DF29F1A808F ] C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\client\jvm.dll - ok
17:16:35.0156 0x0e88 [ CFBC060707870F82DCF03F4F5ACC7C6A, 0411830B5EFB008EFC47A04FC969ED76DB3F6FFB2B870A54D0B29C7BFE606A7A ] C:\Program Files (x86)\Java\jre6\bin\verify.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\verify.dll - ok
17:16:35.0156 0x0e88 [ 807ECF18B7D9B02FE449D5B795CDB2DA, 330AF2CEF53C0F099139BD19A6E482DB721671EE6B7B047237944E4C70DE31CA ] C:\Program Files (x86)\Java\jre6\bin\java.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\java.dll - ok
17:16:35.0156 0x0e88 [ 3752C305040C1FF74075CEA84E1C8DF9, 853A3A07A09063E85EBB80812EFE80B0614919C79830B77C43750CC30BA4A8D2 ] C:\Program Files (x86)\Java\jre6\bin\zip.dll
17:16:35.0156 0x0e88 C:\Program Files (x86)\Java\jre6\bin\zip.dll - ok
17:16:35.0171 0x0e88 [ 02E185944CFA58DAD47D409E5655FB28, BAF6C5951D1A43137069192B0971342FFB75BFE5E6291D331B32CD061E0D6CBA ] C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll
17:16:35.0171 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\PresentationFramewo#\e717a230496832656b05b515eb9f3bc5\PresentationFramework.ni.dll - ok
17:16:35.0171 0x0e88 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll
17:16:35.0171 0x0e88 C:\Windows\System32\ExplorerFrame.dll - ok
17:16:35.0171 0x0e88 [ AEDDFD540E3E6BECDB14C30D1F12B78A, A4A5C793A99D9F6CBBF27EA91E7A52AD8C4CFBA3D202406B077E1EE0F39D2681 ] C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll
17:16:35.0171 0x0e88 C:\Windows\assembly\GAC_32\PresentationCore\3.0.0.0__31bf3856ad364e35\PresentationCore.dll - ok
17:16:35.0171 0x0e88 [ C432CDE6BCEC310430ADA1E435B935F5, 8479073393F1095568783C3FD775D8369DC108D8490E67FD080D34B43E1EA5CB ] C:\Program Files\AVAST Software\Avast\ashShA64.dll
17:16:35.0171 0x0e88 C:\Program Files\AVAST Software\Avast\ashShA64.dll - ok
17:16:35.0171 0x0e88 [ 5EB6E9C8BE1ACC5830780E0F9A846255, AC5EDC6DBC9CA204584E35878E18F6524DE002CE3D90657C37599790A5DDD1F1 ] C:\Windows\System32\msi.dll
17:16:35.0171 0x0e88 C:\Windows\System32\msi.dll - ok
17:16:35.0187 0x0e88 [ DDFBFD8959F32AC0CF3947F36BAC3081, 39A6876E19400E62457EC27FFD5D223EE98098737923714CBE6DCA725926A0C6 ] C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll
17:16:35.0187 0x0e88 C:\Windows\Microsoft.NET\Framework\v3.0\WPF\wpfgfx_v0300.dll - ok
17:16:35.0187 0x0e88 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll
17:16:35.0187 0x0e88 C:\Windows\System32\EhStorShell.dll - ok
17:16:35.0187 0x0e88 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll
17:16:35.0187 0x0e88 C:\Windows\System32\ntshrui.dll - ok
17:16:35.0187 0x0e88 [ A0617B5753E31126AD29C03154F4F329, 3BC10C0A54D1D60B0C670D901944D3F115E2EBB406C989409145E7151AA55EFE ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
17:16:35.0187 0x0e88 C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
17:16:35.0187 0x0e88 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll
17:16:35.0187 0x0e88 C:\Windows\System32\IconCodecService.dll - ok
17:16:35.0203 0x0e88 [ 39C5F32747B3414D1BB216FDB1DEFC58, 6FAE64CB9748304090113903A5AE9E7154BE16BA2EEA7AB3EF04AB9D79B81380 ] C:\Windows\SysWOW64\dwmapi.dll
17:16:35.0203 0x0e88 C:\Windows\SysWOW64\dwmapi.dll - ok
17:16:35.0203 0x0e88 [ 619A67C9F617B7E69315BB28ECD5E1DF, F34F231D117CCDFEBB9CB35C8D6FDFA7051DA27FDC1204FCCFF361FC0B13A0FF ] C:\Windows\System32\wbem\WmiPrvSE.exe
17:16:35.0203 0x0e88 C:\Windows\System32\wbem\WmiPrvSE.exe - ok
17:16:35.0203 0x0e88 [ 72794D112CBAFF3BC0C29BF7350D4741, 060C207F27306A3464FBCD8B08BDC97E34923ECA349933ECB059848BD08F41ED ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE
17:16:35.0203 0x0e88 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSVC.EXE - ok
17:16:35.0203 0x0e88 [ 07AD88DF9EF73215458867EFC1BFFE9E, 8C659B6F31111C09448B68889623886658C96467E7E5C95C1714E18AD3924463 ] C:\Windows\System32\wbem\wmiprov.dll
17:16:35.0203 0x0e88 C:\Windows\System32\wbem\wmiprov.dll - ok
17:16:35.0203 0x0e88 [ C797D1677BA81306AFBB9FA8A9A8F483, D71AE9308BCF6F57E8E1412F3703DFBDE341BC91C141F1372404A978C8C12BE1 ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL
17:16:35.0203 0x0e88 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\CVHSHARED.DLL - ok
17:16:35.0218 0x0e88 [ 108C2CFA5527458C096A699929ECBD80, FEF6737C71D7BF7A926C87E69D93D789EDB8C65EFB9422A1C21328AF54ED69AB ] C:\Windows\SysWOW64\credui.dll
17:16:35.0218 0x0e88 C:\Windows\SysWOW64\credui.dll - ok
17:16:35.0218 0x0e88 [ 8E01332CC4B68BC6B5B7EFFE374442AA, A4AD1D2FD3EC2F26949DBBC388F9FFF3713AD7EB4E9220AF817EBB5223E467C6 ] C:\Windows\SysWOW64\oleacc.dll
17:16:35.0218 0x0e88 C:\Windows\SysWOW64\oleacc.dll - ok
17:16:35.0218 0x0e88 [ 7717F84F483002815490033BF069DABD, 7BE935D49AFE60589A722D3C5A1A7D319E59215DBF9A1CBB7912938C2F0840DF ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
17:16:35.0218 0x0e88 C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
17:16:35.0218 0x0e88 [ 565A30B70BE8A9B171839003F2D69683, 808BFBF2A0EC54417A254FDA0B22472CEA4A50F4C0952A6AB0ADF1119BD2543E ] C:\Windows\SysWOW64\hlink.dll
17:16:35.0218 0x0e88 C:\Windows\SysWOW64\hlink.dll - ok
17:16:35.0218 0x0e88 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] C:\Windows\System32\drivers\srv.sys
17:16:35.0218 0x0e88 C:\Windows\System32\drivers\srv.sys - ok
17:16:35.0218 0x0e88 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] C:\Windows\System32\srvsvc.dll
17:16:35.0234 0x0e88 C:\Windows\System32\srvsvc.dll - ok
17:16:35.0234 0x0e88 [ 74AF1FFCAFD60DA88A386AE161F56438, FFDAC2829D384EEF04E4B756E25971C03B446A96A0CBE879801FB796AA79E7CA ] C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll
17:16:35.0234 0x0e88 C:\Program Files (x86)\Common Files\microsoft shared\Virtualization Handler\en-us\CVHIntl.dll - ok
17:16:35.0234 0x0e88 [ 8EF0D5C41EC907751B8429162B1239ED, 9CC25F1F93FACA6F6CE23F78EB58590C39A2E3C8A3ACDF400E8A9DE0757EADAE ] C:\Windows\System32\browser.dll
17:16:35.0234 0x0e88 C:\Windows\System32\browser.dll - ok
17:16:35.0234 0x0e88 [ CFEFA40DDE34659BE5211966EAD86437, AC0A3AD8AA47012C40785013E2273FC571F416BC9C9FFDA418FE72B3123C1FB0 ] C:\Windows\System32\netmsg.dll
17:16:35.0234 0x0e88 C:\Windows\System32\netmsg.dll - ok
17:16:35.0234 0x0e88 [ B08E3476F0874DBAD672D0AC4FB2580B, 655F36620649733E0B4E3520900579C4445D5C768A06DC7CB9DC22CAD154D973 ] C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll
17:16:35.0234 0x0e88 C:\Program Files (x86)\Microsoft Application Virtualization Client\sftintf.dll - ok
17:16:35.0234 0x0e88 [ 81749E073AC5857B044A686B406E5244, 3884EE705CA34235B29942FEDA8FEA654A21139B8C2A1D5E009C7D07D6E6ADF1 ] C:\Windows\System32\clusapi.dll
17:16:35.0234 0x0e88 C:\Windows\System32\clusapi.dll - ok
17:16:35.0249 0x0e88 [ FF80CAD87555E8E4D2CFD7B9058343F8, 07653773FBEC1996408B8507B08E0E1E812830063F932F897F4B39EE63DDCDC4 ] C:\Windows\System32\sscore.dll
17:16:35.0249 0x0e88 C:\Windows\System32\sscore.dll - ok
17:16:35.0249 0x0e88 [ 344FCC9850C3A8A3B4D3C65151AF8E4C, C38853454E153B1AB4AEAE1AAFB7CB4B2E6234208CF24C09F3B2AFE25E271C5C ] C:\Windows\System32\resutils.dll
17:16:35.0249 0x0e88 C:\Windows\System32\resutils.dll - ok
17:16:35.0249 0x0e88 [ 4C1E16B9A53102C8D6FBA587CBCB95DE, F982ABB2353E45E3E09B30EA99EFDC2A905AD75B43CDB0A34DB33D91AADDAB17 ] C:\Windows\SysWOW64\msv1_0.dll
17:16:35.0249 0x0e88 C:\Windows\SysWOW64\msv1_0.dll - ok
17:16:35.0249 0x0e88 [ 1128637CAD49A8E3C8B5FA5D0A061525, 6B80E50D8296F9E2C978CC6BC002B964ACFD8F4BCF623F4770513792845B5278 ] C:\Windows\SysWOW64\cryptdll.dll
17:16:35.0249 0x0e88 C:\Windows\SysWOW64\cryptdll.dll - ok
17:16:35.0249 0x0e88 [ 1CDEA9188899E76D4FFD54C9D512CCDB, B73B0AA397B8E673B4169E246D121ABCE2E888F6C8013AC4FFFA9A6539BB5FB0 ] C:\Windows\SysWOW64\msxml3.dll
17:16:35.0249 0x0e88 C:\Windows\SysWOW64\msxml3.dll - ok
17:16:35.0265 0x0e88 [ 3977D4A871CA0D4F2ED1E7DB46829731, 2AF1C3225994769C3FD25CD7E9603964B035576F25B0B6D91545566E0722FFAA ] C:\Windows\System32\appinfo.dll
17:16:35.0265 0x0e88 C:\Windows\System32\appinfo.dll - ok
17:16:35.0265 0x0e88 [ A7A8CA53D9C9FD90C07AB0EB38E5316B, B98722E76601A98F038F40703C4B8BD21B5EC3B65DC1B07B7C367C06448F8A0E ] C:\Windows\System32\dbghelp.dll
17:16:35.0265 0x0e88 C:\Windows\System32\dbghelp.dll - ok
17:16:35.0265 0x0e88 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] C:\Windows\System32\wpdbusenum.dll
17:16:35.0265 0x0e88 C:\Windows\System32\wpdbusenum.dll - ok
17:16:35.0265 0x0e88 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll
17:16:35.0265 0x0e88 C:\Windows\System32\wscsvc.dll - ok
17:16:35.0265 0x0e88 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] C:\Windows\System32\wdi.dll
17:16:35.0265 0x0e88 C:\Windows\System32\wdi.dll - ok
17:16:35.0281 0x0e88 [ F7073C962C4FB7C415565DDE109DE49F, 781E7088DCEFBC34A808C3E7DA41A56112B3F23ABE9F54B5EF4D5CD9CD016B1D ] C:\Windows\System32\npmproxy.dll
17:16:35.0281 0x0e88 C:\Windows\System32\npmproxy.dll - ok
17:16:35.0281 0x0e88 [ 4449D23E8F197862F1B16F1E6C89C36C, 93AF52BF8E870C0381F027D3BB8F6829E449242074472F1593EB8172D7EB6559 ] C:\Windows\System32\diagperf.dll
17:16:35.0281 0x0e88 C:\Windows\System32\diagperf.dll - ok
17:16:35.0281 0x0e88 [ E64D9EC8018C55873B40FDEE9DBEF5B3, 2DB11E7C631A9887CB75AFEAD2C79EC65F82C51F5F073CEFC8CDDF664EFF29C1 ] C:\Windows\System32\PortableDeviceApi.dll
17:16:35.0281 0x0e88 C:\Windows\System32\PortableDeviceApi.dll - ok
17:16:35.0281 0x0e88 [ BF4AC709BE5BF64F331F5D67773A0C82, 96E5A2A12D386B8A7976FEC76FD350E6A3EEBDF5763F4BBF4AB18880E9F269E0 ] C:\Windows\System32\perftrack.dll
17:16:35.0281 0x0e88 C:\Windows\System32\perftrack.dll - ok
17:16:35.0281 0x0e88 [ 92E0508D924512F63FFEEFE498CBD11F, 1158011E4A1298DEC79133B40888AA87B06F5B64BA2AB461B58C22F5F9211D0C ] C:\Windows\System32\p2pcollab.dll
17:16:35.0281 0x0e88 C:\Windows\System32\p2pcollab.dll - ok
17:16:35.0296 0x0e88 [ 220159496484D34009DE71CA1A68E0D4, 94BD3DEB4E84F95D80BE5775E5A612EFF181ECB212FB668674C67AD19194DE69 ] C:\Windows\System32\wbem\NCProv.dll
17:16:35.0296 0x0e88 C:\Windows\System32\wbem\NCProv.dll - ok
17:16:35.0296 0x0e88 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] C:\Windows\System32\QAGENTRT.DLL
17:16:35.0296 0x0e88 C:\Windows\System32\QAGENTRT.DLL - ok
17:16:35.0296 0x0e88 [ AFA79C343F9D1555F7E5D5FA70BB2A14, 440EF3ADC1F5C7A5ED3E872C8D8DFA61B039454C3CA67F8A51CA8BDCFDC4BA4A ] C:\Windows\System32\PortableDeviceConnectApi.dll
17:16:35.0296 0x0e88 C:\Windows\System32\PortableDeviceConnectApi.dll - ok
17:16:35.0296 0x0e88 [ CF8D590BE3373029D57AF80914190682, FB9641777E90A58C063FBE95F081DC6D2F4770827DE19108A9DC3E3D6B17B4BF ] C:\Windows\System32\drivers\WUDFRd.sys
17:16:35.0296 0x0e88 C:\Windows\System32\drivers\WUDFRd.sys - ok
17:16:35.0296 0x0e88 [ 506A83A3BEEE9FCA09F0170DE9FC7D1B, 2DFBD792B68F3EBEF0843183CAE5D52B6FA04163808AFACF6C0D738455898C36 ] C:\Windows\System32\fveui.dll
17:16:35.0296 0x0e88 C:\Windows\System32\fveui.dll - ok
17:16:35.0296 0x0e88 [ E1B22739C933BE33F53DB58C5393ADD3, 26EE0DD091D2E00DECC774DC1EEDFFDE69AF74B0C769CCBE091AFC32C66E4207 ] C:\Windows\System32\Apphlpdm.dll
17:16:35.0296 0x0e88 C:\Windows\System32\Apphlpdm.dll - ok
17:16:35.0312 0x0e88 [ 9719E3D834F5C8C43F56A93DFA497023, 4D78D4BD4835C0A237821967156C19DF4B90384A6BCB1F48CEAF35D003A0099A ] C:\Windows\System32\pnpts.dll
17:16:35.0312 0x0e88 C:\Windows\System32\pnpts.dll - ok
17:16:35.0312 0x0e88 [ 46863C4CC5B68EB09EA2D5EEF0F1193A, 9B5593E1F484AC8F96F89A5995FB1FE9C51CB2F0F545607F6850751191150CFE ] C:\Windows\System32\radardt.dll
17:16:35.0312 0x0e88 C:\Windows\System32\radardt.dll - ok
17:16:35.0312 0x0e88 [ E811F8510B133E70CF6E509FB809824F, 82541F2B15748250462B67B6C77530D4F7C45A1482237EC49B28F9FA5A414108 ] C:\Windows\System32\wdiasqmmodule.dll
17:16:35.0312 0x0e88 C:\Windows\System32\wdiasqmmodule.dll - ok
17:16:35.0312 0x0e88 [ C47F35CC6FA4F1BDBEF8F87AC1A46537, 82EC7041317666D5370690BD2176CF00F5957036C29429319F45045BFFAE9EC2 ] C:\Windows\System32\wuapi.dll
17:16:35.0312 0x0e88 C:\Windows\System32\wuapi.dll - ok
17:16:35.0312 0x0e88 [ FA43D418BC945D27D0625B697B8442B5, 035DE0FEA440D2E3AD255EE84B388DDA538E778877033FDB54B8A61BB0AADE56 ] C:\Windows\System32\cabinet.dll
17:16:35.0312 0x0e88 C:\Windows\System32\cabinet.dll - ok
17:16:35.0327 0x0e88 [ E746ED90132C6B6313CE9179F56BD31D, CCE0367148E54AA1413C52CCE752CC75EA9E3A8232ECFC263C62A634B8CAEF5F ] C:\Windows\System32\wups.dll
17:16:35.0327 0x0e88 C:\Windows\System32\wups.dll - ok
17:16:35.0327 0x0e88 [ 7DF186D86CF8C571A12AAB788C777F84, A2C1064BFDEF2A85CB12A11E55728BCC09933C115C278403F07B27DB2C36C710 ] C:\Windows\SysWOW64\wscproxystub.dll
17:16:35.0327 0x0e88 C:\Windows\SysWOW64\wscproxystub.dll - ok
17:16:35.0327 0x0e88 [ D0FF1CA89D013B94768A289023958F6B, DB15E374E26E351561C5A6DCC5822AFB7CFF2C373761266520193E89DFAC6855 ] C:\Windows\System32\WUDFHost.exe
17:16:35.0327 0x0e88 C:\Windows\System32\WUDFHost.exe - ok
17:16:35.0327 0x0e88 [ 70300CB4D361A58E8F91C0C36E956D1F, B8B9EC3DC2CE8B4AB54A9C648A9825EC3CF9C85CD3BE34D2865129F8F559951A ] C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe
17:16:35.0327 0x0e88 C:\Program Files (x86)\Google\Update\1.3.33.3\GoogleCrashHandler64.exe - ok
17:16:35.0327 0x0e88 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe
17:16:35.0327 0x0e88 C:\Windows\System32\runonce.exe - ok
17:16:35.0343 0x0e88 [ D44741F65A1D71F65814A12CF6E2400A, C6721F830675ADC7E7FDE2B5E822E56F6A063146F5066F1E25EBFE86F0A87136 ] C:\Windows\SysWOW64\runonce.exe
17:16:35.0343 0x0e88 C:\Windows\SysWOW64\runonce.exe - ok
17:16:35.0343 0x0e88 [ AD7B9C14083B52BC532FBA5948342B98, 17F746D82695FA9B35493B41859D39D786D32B23A9D2E00F4011DEC7A02402AE ] C:\Windows\SysWOW64\cmd.exe
17:16:35.0343 0x0e88 C:\Windows\SysWOW64\cmd.exe - ok
17:16:35.0343 0x0e88 [ 326C7F76A29897A892AA7726E91C1C67, 64305346B06EC14976130B0B80F14B4D5AB63E5B2A6A7B872EC9CE2BF8FADCD2 ] C:\Windows\SysWOW64\winbrand.dll
17:16:35.0343 0x0e88 C:\Windows\SysWOW64\winbrand.dll - ok
17:16:35.0343 0x0e88 [ 8DCDD0B5939043A1EC98C6F168A56B16, 3359E65AE19A3D66E3ADFDB4C890ED5D33DAD961FAF4E050A369192B2ED09910 ] C:\Windows\SysWOW64\ieframe.dll
17:16:35.0343 0x0e88 C:\Windows\SysWOW64\ieframe.dll - ok
17:16:35.0343 0x0e88 [ 1950B1C38AED4154BA79F77E36494D8A, 3F79FA4C971FBB73FECA64F5F0C6BCB9F04D7E9A49A95584E97D80B97CCE326C ] C:\Windows\System32\WUDFx.dll
17:16:35.0343 0x0e88 C:\Windows\System32\WUDFx.dll - ok
17:16:35.0359 0x0e88 [ 91D6F0AB79AA36FFB932157865206F35, 5C20EA92737A4409DF4601D6D256DBC7A8D0AE4C31A32F20054E873473B27781 ] C:\Windows\System32\drivers\UMDF\WpdFs.dll
17:16:35.0359 0x0e88 C:\Windows\System32\drivers\UMDF\WpdFs.dll - ok
17:16:35.0359 0x0e88 [ 9864D52F15AD32094A636C6B5281D9E7, 2DBECE721AA11509F6D5005C5FB965EB0DF28729D0B6C524BB35603C1243BA42 ] C:\Windows\System32\WMVCORE.DLL
17:16:35.0359 0x0e88 C:\Windows\System32\WMVCORE.DLL - ok
17:16:35.0359 0x0e88 [ AACC48FE239F0DF126DA2F28930A5B83, D55E7D9AA79B1875E9074CFFBBCD484024902566B49806A8639B5C04847DFF89 ] C:\Windows\System32\WMASF.DLL
17:16:35.0359 0x0e88 C:\Windows\System32\WMASF.DLL - ok
17:16:35.0359 0x0e88 [ 389CA818132C1D7DCF0C791E8D9035DE, 5E54799F92CC604FABEF2F97AFD97F9CAD70D01BCDBC41FAC408D60821927C12 ] C:\Windows\System32\PortableDeviceClassExtension.dll
17:16:35.0359 0x0e88 C:\Windows\System32\PortableDeviceClassExtension.dll - ok
17:16:35.0359 0x0e88 [ 4F3CD1C59EA71401E155C432BCECE180, 6D4118A627CAE509E43D0CC0062EECAA0990C955BB15AE24834460551B2F51A2 ] C:\Windows\System32\PortableDeviceTypes.dll
17:16:35.0359 0x0e88 C:\Windows\System32\PortableDeviceTypes.dll - ok
17:16:35.0359 0x0e88 [ BE247AE996A9FDE007A27B51413A6C79, A4280BE9BDCB51E50A0E302F59ACDF866EFAC8035D766172D06C15019CC57476 ] C:\Windows\SysWOW64\shdocvw.dll
17:16:35.0359 0x0e88 C:\Windows\SysWOW64\shdocvw.dll - ok
17:16:35.0374 0x0e88 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] C:\Windows\System32\aelupsvc.dll
17:16:35.0374 0x0e88 C:\Windows\System32\aelupsvc.dll - ok
17:16:35.0374 0x0e88 [ 510FB616264FE12BC3B4561AF35CCBC7, 1D410CA508264C971B2E9D2A9EC6E87DC09597EF3A3C383E86A009E5A1DA9CF8 ] C:\Users\Mitch\AppData\Local\Temp\{563D512D-3925-420E-A185-5FE22537A215}\{4EBEB473-DEF2-407B-80B3-FEFA20205E53}.exe
17:16:35.0374 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{563D512D-3925-420E-A185-5FE22537A215}\{4EBEB473-DEF2-407B-80B3-FEFA20205E53}.exe - ok
17:16:35.0374 0x0e88 [ 162D247E995EAEBF3EF4289069E1111C, 19E858E9902E2D570FFD24AE2CB4165273F5BAB1FF7B04758B11AB5CD41FD752 ] C:\Windows\SysWOW64\devrtl.dll
17:16:35.0374 0x0e88 C:\Windows\SysWOW64\devrtl.dll - ok
17:16:35.0374 0x0e88 [ B519848DFA30AE2B306576B51321D102, CFD8BCB7645F2200819224BEB9F10BB226D30FE27B3BB31A35A2889FA301EFF2 ] C:\Windows\System32\ie4uinit.exe
17:16:35.0374 0x0e88 C:\Windows\System32\ie4uinit.exe - ok
17:16:35.0374 0x0e88 [ FB10715E4099AF9FA389C71873245226, 6A4CB43880B822A0C4714D6E52EB3EB2CE1E69C3AA9CA65EAAD6B131AE43F274 ] C:\Windows\System32\timedate.cpl
17:16:35.0374 0x0e88 C:\Windows\System32\timedate.cpl - ok
17:16:35.0390 0x0e88 [ C4F40F6CACD796A8E16671D0E9A2F319, 44853C645915D910ED0CC6D38F68B6C222528EC5FCBE990E238010F41204E682 ] C:\Windows\System32\shdocvw.dll
17:16:35.0390 0x0e88 C:\Windows\System32\shdocvw.dll - ok
17:16:35.0390 0x0e88 [ A0A65D306A5490D2EB8E7DE66898ECFD, CE5DA408F4EDD5E81CE0925867F03C9A35172CF1571FE4C4C052E45AB69822BB ] C:\Windows\System32\linkinfo.dll
17:16:35.0390 0x0e88 C:\Windows\System32\linkinfo.dll - ok
17:16:35.0390 0x0e88 [ 661CEEDE98A2E0E5CDD7DE239EB38353, 3F8A23FD9CC3516A9366235662942B942A64A4264F35BFFD339D1B054AD1080E ] C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll
17:16:35.0390 0x0e88 C:\Program Files (x86)\Windows Live\Messenger\msgslang.dll - ok
17:16:35.0390 0x0e88 [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86, E15ED4FEFC3010C213694331DDFDC03767682325C898D773AB243E2DC8B08461 ] C:\Windows\System32\msftedit.dll
17:16:35.0390 0x0e88 C:\Windows\System32\msftedit.dll - ok
17:16:35.0390 0x0e88 [ 3504B34CD2DE00BA3CC1A195F1B739BD, C08B5AD0C59FF393658CB08130A138CDBC16C1BF2672611CD2C5C93ED40EBA21 ] C:\Windows\System32\gameux.dll
17:16:35.0390 0x0e88 C:\Windows\System32\gameux.dll - ok
17:16:35.0405 0x0e88 [ 7FCAB194F01E3403C300EB034E480B36, 907EBC0ACF0FD4A047DBD20A5FE71F36142162CA5A7A1A6498D5DB5B2AFC70DB ] C:\Windows\System32\msls31.dll
17:16:35.0405 0x0e88 C:\Windows\System32\msls31.dll - ok
17:16:35.0405 0x0e88 [ 7DBA84667DC18877AEF693E3543DFAD7, 499306CE72EB8B873C547C600FD1093B7A79122D656407E69879041690AE588F ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
17:16:35.0405 0x0e88 C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
17:16:35.0405 0x0e88 [ 69754747274B76E7FAF287239333D7E6, A0BAEC1E56E4B1A17C0D41B317526AF5BB11E7E488C7016067A6229346A23B16 ] C:\Windows\System32\msiltcfg.dll
17:16:35.0405 0x0e88 C:\Windows\System32\msiltcfg.dll - ok
17:16:35.0405 0x0e88 [ 4C2C4640BF23AAFCF90519E0F34436CE, 8ACCDA77C2DC5BE2DAED05134310122AFECC872A8D118612E55DD229BFE4D844 ] C:\Windows\System32\DeviceCenter.dll
17:16:35.0405 0x0e88 C:\Windows\System32\DeviceCenter.dll - ok
17:16:35.0405 0x0e88 [ C5BCAB2B9BD316DDFD53D4CB5E1C438D, 551F502F0C61FC892032E7CBCF53660F01C3DF18D6510C631248FC00EA5BC817 ] C:\Program Files\Toshiba\Power Saver\TPwrMain.exe
17:16:35.0405 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrMain.exe - ok
17:16:35.0421 0x0e88 [ 24F4B480F335A6C724AF352253C5D98B, 011413B236CAD7B78CE0A0EEC3E3085D48C7576A3205D025BA6EBFDF590538E4 ] C:\Windows\System32\thumbcache.dll
17:16:35.0421 0x0e88 C:\Windows\System32\thumbcache.dll - ok
17:16:35.0421 0x0e88 [ DFD8F75F0E27D522AB8424AD71719C8B, 68C9B90EFA71D7CAC2DA632D2C388E1416E26275CF3FA980E39D4858F8FF77F9 ] C:\Program Files\Toshiba\TBS\HSON.exe
17:16:35.0421 0x0e88 C:\Program Files\Toshiba\TBS\HSON.exe - ok
17:16:35.0421 0x0e88 [ 405F4D32D2185F1F1BD753D8EEAFFB3A, CAC42C3E09C43BE96592B670D70821386014DB22D8239A9CFB9E33E54FB5C3D5 ] C:\Windows\System32\networkexplorer.dll
17:16:35.0421 0x0e88 C:\Windows\System32\networkexplorer.dll - ok
17:16:35.0421 0x0e88 [ A6C039BAAC52F266AB393D0D62236583, A26613FCBA264CDC3D727FB562DCC80A3A6795452285B26F233F7D62DFB11388 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.exe
17:16:35.0421 0x0e88 C:\Program Files\Toshiba\FlashCards\TCrdMain.exe - ok
17:16:35.0421 0x0e88 [ D70D6B42933C1174FE961F0BCA3573A3, CB00C6D7AB50C5C3B9AA989314344A3B4003F63946BE38E0AA55AE68337FD768 ] C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll
17:16:35.0421 0x0e88 C:\Program Files\Toshiba\FlashCards\TCrdEvnt.dll - ok
17:16:35.0437 0x0e88 [ 76849AB697E63D85CC35DD2F8AEA1C6B, 9258E14C5DEB1C79D5CE3027126D7D1E481C8081376A538690214508CED3B423 ] C:\Program Files\Toshiba\FlashCards\TCrdMain.dll
17:16:35.0437 0x0e88 C:\Program Files\Toshiba\FlashCards\TCrdMain.dll - ok
17:16:35.0437 0x0e88 [ 6B640D9B1C114DDB8A534A9101DCEF29, 2993E6282D8DC6CD431D7B79C9C7EB3AF9AB3BBDD8F90C85142D14DC2575BB99 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
17:16:35.0437 0x0e88 C:\Program Files\CONEXANT\SAII\SAIICpl.exe - ok
17:16:35.0437 0x0e88 [ 8D8839FDB43DE6F35D4A26294B8B9549, 536C38B0D78A170180495098AAE6187DA428C8338E971F264B083808C8949EBF ] C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe
17:16:35.0437 0x0e88 C:\Program Files\CONEXANT\cAudioFilterAgent\cAudioFilterAgent64.exe - ok
17:16:35.0437 0x0e88 [ 0F042176F243D71C552E9D07D2FCB141, 89BA83E18F3158D83A0D2B430DBE11A8ACCC0CF9D64E9AF832CD9E080ADD263E ] C:\Program Files\Toshiba\FlashCards\BlackPng.dll
17:16:35.0437 0x0e88 C:\Program Files\Toshiba\FlashCards\BlackPng.dll - ok
17:16:35.0437 0x0e88 [ A61BA3762126CC714E78207847F36BF2, FADE37415303EF563708DE24CA8CF50CEC7CA26A95AF74D2BAEE07446E7A2320 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
17:16:35.0437 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
17:16:35.0452 0x0e88 [ EF9C5CD482AC0C29C5EC885CBB94469A, AD79B6A8F0E7E297F40904450B4F2DAB032EC2BDF95BAE492CA857E66824BE50 ] C:\Program Files\Toshiba\TECO\Teco.exe
17:16:35.0452 0x0e88 C:\Program Files\Toshiba\TECO\Teco.exe - ok
17:16:35.0452 0x0e88 [ E027A6E99EF709AFD195FD6329224C47, B31B85BF369DC36363B0E527AE3B8E95B33699D17D09C6313C43E7373A3E6874 ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{3DF8BB37-3698-4516-9129-901DAFEFAD87}.tmp
17:16:35.0452 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{3DF8BB37-3698-4516-9129-901DAFEFAD87}.tmp - ok
17:16:35.0452 0x0e88 [ 38B24645FA9F9BDCCC35AF4B9AE7F37E, F6183A0ECC4658EBA78039A40977D09794B5031E278ADB0315DC3A701790E324 ] C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe
17:16:35.0452 0x0e88 C:\Program Files\Toshiba\TPHM\TosWaitSrv.exe - ok
17:16:35.0452 0x0e88 [ AB67816718E5C65CC326BE56AC0B9E73, D6F19026CB87C9BB5521D668B13347B68F297FCE34C5F1BFE530574B16ADB2D5 ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{2C7D5CC9-76E2-411F-8A87-9D0979990D1F}.tmp
17:16:35.0452 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{2C7D5CC9-76E2-411F-8A87-9D0979990D1F}.tmp - ok
17:16:35.0452 0x0e88 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe
17:16:35.0452 0x0e88 C:\Program Files\Toshiba\TosVolRegulator\TosVolRegulator.exe - ok
17:16:35.0468 0x0e88 [ 099B3847531EAF7BA63B5BB504CE8461, 70271E4D3174F98A90BE9658F72F38A2FFD906BDC1D26E8AE418B147D4134EC1 ] C:\Program Files\Toshiba\TECO\MUIHelp.dll
17:16:35.0468 0x0e88 C:\Program Files\Toshiba\TECO\MUIHelp.dll - ok
17:16:35.0468 0x0e88 [ 9C96B167C21F6DCCF68E96853B0A8F93, 5BC0C953CFB64B045632678E941CFD706AF18AC19D1A1AA98650A55E4DE95EC7 ] C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll
17:16:35.0468 0x0e88 C:\Program Files\Toshiba\FlashCards\FnPRTSC.dll - ok
17:16:35.0468 0x0e88 [ A190DA6546501CB4146BBCC0B6A3F48B, 5AE0BF71E770C2959FE2022C43E4C6F43E361089A3431AA3180EBF4EC0465CAC ] C:\Windows\System32\msiexec.exe
17:16:35.0468 0x0e88 C:\Windows\System32\msiexec.exe - ok
17:16:35.0468 0x0e88 [ 321FF1DF7F4CEF3FA690419110BEE55A, 41243293C9876D8B94F83B28C98F1797CD217140153DDEE631C2EEB8E102C6A0 ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{F4BDB0CC-8359-4F7A-A8D8-F499BDF4B39E}.tmp
17:16:35.0468 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{F4BDB0CC-8359-4F7A-A8D8-F499BDF4B39E}.tmp - ok
17:16:35.0483 0x0e88 [ E126445756DFE53F9788911BBD7BFF16, 4C29B89AB13BA93E0F23AF70FE1AA98A822C9E56BCE042B8F31C77596F11C20A ] C:\Program Files\Toshiba\FlashCards\FnSticky.dll
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\FlashCards\FnSticky.dll - ok
17:16:35.0483 0x0e88 [ 426350B428CD70D037A3326EB9E5EDFD, B7B1A20D1D75661533CF983EA0C6E520B928AF6FCCDA70C488FC8FC566B5AF7F ] C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\TOSHIBA HDD SSD Alert\TosWaitSrv.exe - ok
17:16:35.0483 0x0e88 [ 47AFBB582DC348AF02B2EDDAF7243A6E, 3AD33D0A9EC96C7DD21A01EB8F9531A26337C367DF333CEE6F615835E05A42A7 ] C:\Program Files\Toshiba\Power Saver\TFunctab.dll
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\Power Saver\TFunctab.dll - ok
17:16:35.0483 0x0e88 [ E542A10321E884C2C50290AC67E82DAE, DF9222EDD17982AC9905465790161FDD489DCDEC97B258B8A08AF78AE1AE5CA1 ] C:\Program Files\Toshiba\Power Saver\TOddPwr.dll
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\Power Saver\TOddPwr.dll - ok
17:16:35.0483 0x0e88 [ A709D7F4DCC91CF0945F784F7D233B89, 164FC39AFEB247762AC0B73979852605BAA13B1A2E4B6E41708165AC1B76B127 ] C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe
17:16:35.0483 0x0e88 C:\Program Files\Toshiba\BulletinBoard\TosNcCore.exe - ok
17:16:35.0499 0x0e88 [ 60FB378B6D1C80DC69DD80F8E05D4346, 59D73D2EC2BFD4C96A62C861618ACDCF5FA6850BA4F7CEB4B7AA01D3D6C79B4B ] C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll
17:16:35.0499 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrSrv.dll - ok
17:16:35.0499 0x0e88 [ DC6DB08D85337C9675F94B01043279AE, B09E491113F9E95F4EE00BB51BB21D4967BAC333C0DCD030A10AEA9B9E52032B ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{E5F8E3D1-1D17-4C67-AA17-43FA6167E99A}.tmp
17:16:35.0499 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{E5F8E3D1-1D17-4C67-AA17-43FA6167E99A}.tmp - ok
17:16:35.0499 0x0e88 [ 1AC9B56AC7E043AC2874D61CBCED5F49, B613057794CD61EC1B037C96124D46E53D91E9B24244FED7D03249524288C201 ] C:\Program Files\Toshiba\FlashCards\Hotkey\Mute.dll
17:16:35.0499 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\Mute.dll - ok
17:16:35.0499 0x0e88 [ 1DCD0B1345720349220CE79316A56751, 4852E00F297A1D7419EECF2DF8476BE7BAD38558B8A5666343F1C47923B9FD1B ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll
17:16:35.0499 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnZ.dll - ok
17:16:35.0499 0x0e88 [ EF49D309C27814AB86D9AB567DD9DC86, A58CAE9CC641E1DD59D9826AEE1D1079D40CA4E6985029D54ABBE9FB28EE7930 ] C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe
17:16:35.0499 0x0e88 C:\Program Files\Toshiba\ReelTime\TosReelTimeMonitor.exe - ok
17:16:35.0499 0x0e88 [ C74D46C1F542F5FEB9B7E1A8EC04986D, FA83733A81BA8D96EDFD15C1914D5A6056D73C61540C8747E9AE1343DA47A63D ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{6A92AD5A-966E-4955-9183-89EFB1C44D4C}.tmp
17:16:35.0515 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{6A92AD5A-966E-4955-9183-89EFB1C44D4C}.tmp - ok
17:16:35.0515 0x0e88 [ 1C937AA6A3E2E5F5F650686437AE2854, 3983FD93D85380C0B658B2564CADDC114BA5F6736A61D922C3A4CDCA0EB2B17B ] C:\Program Files\Toshiba\FlashCards\SmoothView.dll
17:16:35.0515 0x0e88 C:\Program Files\Toshiba\FlashCards\SmoothView.dll - ok
17:16:35.0515 0x0e88 [ 0287C9E40BC751BF94A90FEA39B4CAE6, 9D95E9EF1B0365A92F86BE353E24643A97026B55E9585B4E089FE4350E0AC77C ] C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll
17:16:35.0515 0x0e88 C:\Program Files\Toshiba\BulletinBoard\TosNcUi.dll - ok
17:16:35.0515 0x0e88 [ D233C7FEAE3FAA25F93A9E6B46815ADC, 5330682AE9C08E5F2E30C5E256B91028389BBBDDAA8C38950DF76616FCA854FF ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll
17:16:35.0515 0x0e88 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcr90.dll - ok
17:16:35.0515 0x0e88 [ 241AF87821FDA0F5792037B779F49BE0, B3F4FDA27430ACC6D6BC1C3CBD518B9CAE5BA0F22AB8917578A7F16270F94C8B ] C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll
17:16:35.0515 0x0e88 C:\Windows\winsxs\amd64_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_08e61857a83bc251\msvcp90.dll - ok
17:16:35.0515 0x0e88 [ FC3001B4B9DF50B61F3CCA615759EFE7, 9AAE3665AD2893E7DB41965D430A7230B826AC4580603F20102E21C19C15535F ] C:\Windows\System32\PhotoMetadataHandler.dll
17:16:35.0515 0x0e88 C:\Windows\System32\PhotoMetadataHandler.dll - ok
17:16:35.0530 0x0e88 [ 263E9A047D17CD50BAA9D3C02910D18D, F526648358AD121001D2776E0ACC333EC4AC168CA07B40A3D3C06C5CE6A361C3 ] C:\Windows\System32\oledlg.dll
17:16:35.0530 0x0e88 C:\Windows\System32\oledlg.dll - ok
17:16:35.0530 0x0e88 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] C:\Windows\System32\wersvc.dll
17:16:35.0530 0x0e88 C:\Windows\System32\wersvc.dll - ok
17:16:35.0530 0x0e88 [ F152755F131ADFE452D534F4E9383590, 6E0C52D409203F070B90350EF7405EE38185270E9579F4570DDA53DC65A4653E ] C:\Windows\System32\Faultrep.dll
17:16:35.0530 0x0e88 C:\Windows\System32\Faultrep.dll - ok
17:16:35.0530 0x0e88 [ EFE8A50B9AE0205D399E94E89E244E65, 089D61EE41E7A1EBE7FBE8B44C1C79430408F40A385CEF75ACFFD74602C2C039 ] C:\Program Files\Toshiba\Power Saver\TCooling.dll
17:16:35.0530 0x0e88 C:\Program Files\Toshiba\Power Saver\TCooling.dll - ok
17:16:35.0530 0x0e88 [ B3F4982BD2542AB40AFA6D6E695E5E06, CE80AD486FD195171F9713C987BDDAD72CD491075EA77FA5CE60B617154D864E ] C:\Program Files\Toshiba\Power Saver\TPwrBrightness.dll
17:16:35.0530 0x0e88 C:\Program Files\Toshiba\Power Saver\TPwrBrightness.dll - ok
17:16:35.0546 0x0e88 [ F164E175B6092D3BA0DC7056487717BC, 46DCDD16AF5D0017E693C1D3398989546C2DB6FACADA702BB11D0F1CB4B1D3F9 ] C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll
17:16:35.0546 0x0e88 C:\Program Files\Toshiba\Power Saver\T1394Pwr.dll - ok
17:16:35.0546 0x0e88 [ E436C2E89416F31699F2A3CA79DDC095, 30EAF25A388AEED586C3393F887BF50A6D0D2107539DE5DF957804A715FF3635 ] C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll
17:16:35.0546 0x0e88 C:\Program Files\Toshiba\Power Saver\TKBLEDPwr.dll - ok
17:16:35.0546 0x0e88 [ C4CA3DBBCEC3136D37DA20B50291E63A, F0DF7A77081DDC47129CFFABABDE5D8D5707EC3B5436C6E4ACD48241E708DE1C ] C:\Program Files\Toshiba\Power Saver\TSDPwr.dll
17:16:35.0546 0x0e88 C:\Program Files\Toshiba\Power Saver\TSDPwr.dll - ok
17:16:35.0546 0x0e88 [ 8BDC8ECF5EC879F5F8686B86510BADA0, D5136C002723DC8937ED580383C96A6A7876D7B3EE672C4A00AB67CEEC5CE6B5 ] C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosKillIndicator.exe
17:16:35.0546 0x0e88 C:\Program Files (x86)\TOSHIBA\Wireless LAN Indicator\tosKillIndicator.exe - ok
17:16:35.0546 0x0e88 [ DF987E7AA36D53411B1087B246739326, 6FC55179CE8F005842BCDE248A0E34FBE5FEA1DE848F1D99639A6733832ED07D ] C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll
17:16:35.0546 0x0e88 C:\Program Files\Toshiba\Power Saver\TPCIePwr.dll - ok
17:16:35.0561 0x0e88 [ 76F123E491B26DAAD5DFBC20FC5996DB, B56D333B7236B978FBC559E437E7C5A06B321A7E9D452D539346DBBFC617E931 ] C:\Program Files\Toshiba\Power Saver\TScreen.dll
17:16:35.0561 0x0e88 C:\Program Files\Toshiba\Power Saver\TScreen.dll - ok
17:16:35.0561 0x0e88 [ 11615D80DC10ABB83D2A9002B70A4E36, 554352B737D78D53C8935D7D603A5FE5343496C63296625193598BC93B46E889 ] C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll
17:16:35.0561 0x0e88 C:\Program Files\Toshiba\FlashCards\TWarnMsg\TWarnMsg.dll - ok
17:16:35.0561 0x0e88 [ 8784236EED5079493DA9FC95B28B89F8, E59C349B964F585C27F63FBF7C1B5D7C6CF8CC958BD35100A36D57542DC13972 ] C:\Windows\System32\WerFault.exe
17:16:35.0561 0x0e88 C:\Windows\System32\WerFault.exe - ok
17:16:35.0561 0x0e88 [ 990EA3103E06D68CE0E755A9C3D70107, 39AC7F6D2A348BA50C3FBF50E23EAFEDAE232F0FA2F82937F18934E2D7C53CB7 ] C:\Windows\System32\dbgeng.dll
17:16:35.0561 0x0e88 C:\Windows\System32\dbgeng.dll - ok
17:16:35.0561 0x0e88 [ 517ECD823EB9A03368294C6C33A695D0, 7BA4EF2C5E9D15A4EE8ACC169CA233010DF8D1BC7088665E06C9E71BBA0CD40C ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{1B490759-0CD1-4898-827C-6D891250F6CB}.tmp
17:16:35.0561 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{1B490759-0CD1-4898-827C-6D891250F6CB}.tmp - ok
17:16:35.0577 0x0e88 [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll
17:16:35.0577 0x0e88 C:\Windows\System32\esent.dll - ok
17:16:35.0577 0x0e88 [ C54BFDEC7B8B3F6FB7FF4A39AD596471, 7A88F1664EA6F0C5685BE31557B369FDA4BFE8F640BE3CB6A24C58C40568E125 ] C:\Program Files\Toshiba\TBS\TBSMain.dll
17:16:35.0577 0x0e88 C:\Program Files\Toshiba\TBS\TBSMain.dll - ok
17:16:35.0577 0x0e88 [ 3428F170E1953B4C4EA10A5F58B55908, B554E04021472C3C2BBDED2B4BBB4F6648932356F8DA409A2A7F6AC02E54B306 ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{9F29B980-2F27-4AF0-9ACE-062EDB15D8B8}.tmp
17:16:35.0577 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{9F29B980-2F27-4AF0-9ACE-062EDB15D8B8}.tmp - ok
17:16:35.0577 0x0e88 [ AD8D1187F527B828BA43173D22C618D0, C717BB05B932F8966EF67D3F1BF2D2CD9E5D7DFE23888BD0616CBCD61723068F ] C:\Windows\assembly\NativeImages_v2.0.50727_32\tosKillIndicator\39d738530f43252de81a64dd0a386823\tosKillIndicator.ni.exe
17:16:35.0577 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_32\tosKillIndicator\39d738530f43252de81a64dd0a386823\tosKillIndicator.ni.exe - ok
17:16:35.0577 0x0e88 [ 06DEF9378C701E638B707B33B1E8151C, AB7DD7E2A44D8DAE488177C22F5E08A7136E1E9E53EC301F2B90A28739F96B2F ] C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe
17:16:35.0577 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\TCrdKBB.exe - ok
17:16:35.0593 0x0e88 [ 96D681B7DE0BA6BFA1DC55915003CD05, 26CDA6A9A67F20A494F0EF3577D14F5DDA1F0D4428891DBD271A757833285939 ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{24EDE635-DFB0-400F-96F1-107CE645A895}.tmp
17:16:35.0593 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{24EDE635-DFB0-400F-96F1-107CE645A895}.tmp - ok
17:16:35.0593 0x0e88 [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
17:16:35.0593 0x0e88 C:\Program Files\CCleaner\CCleaner64.exe - ok
17:16:35.0593 0x0e88 [ 85D8D497E3CFCD66607DAD332378DE8B, FEB2FF9315B41A7D13C9F3EB4CFDD612C951CA02330BC5A9129881E148769C7F ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{72CA3732-77AB-4C86-91CF-57BE8CC68663}.tmp
17:16:35.0593 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{72CA3732-77AB-4C86-91CF-57BE8CC68663}.tmp - ok
17:16:35.0593 0x0e88 [ CD0DAF878147B723108C428370FF0355, A5C3D8A516FD0A15DAAB442DA424E996112C355239B985413EAA4DC1FAB76303 ] C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{9A4A3A54-A2C5-4307-86CA-4D1E63C33CC5}.tmp
17:16:35.0593 0x0e88 C:\Users\Mitch\AppData\Local\Temp\{947CC29C-1BE1-4D37-998F-965D39A68150}\{9A4A3A54-A2C5-4307-86CA-4D1E63C33CC5}.tmp - ok
17:16:35.0608 0x0e88 [ 0819EF7DB96DAB8AC3DACE567ED1B99E, 1489E5BC7F6E7E25665F0ED681A74DC65ADAC331895416F1980BD9D22E79B897 ] C:\Windows\System32\werui.dll
17:16:35.0608 0x0e88 C:\Windows\System32\werui.dll - ok
17:16:35.0608 0x0e88 [ BB752714D14CB1F13969D721F1A3A60F, 32B95C75704BE37B349E0493AA8D2FCDAE8007275124646125650456D3A1563F ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
17:16:35.0608 0x0e88 C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe - ok
17:16:35.0608 0x0e88 [ E424B3EF666B184CEE0B6871AAA8C9F6, D182D9B3A813C75F88CA16A9C236AB6167DF5861D155B5DC016B90918C4BD579 ] C:\Windows\System32\msimg32.dll
17:16:35.0608 0x0e88 C:\Windows\System32\msimg32.dll - ok
17:16:35.0608 0x0e88 [ 02F4246866BF35BF2244E5CF72E25895, AA08D3E65CCF6F4F79D169575C9B4FE8BA078246BFB30C380939A4A3B6092074 ] C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe
17:16:35.0608 0x0e88 C:\Program Files (x86)\TOSHIBA\Toshiba Online Backup\Activation\TobuActivation.exe - ok
17:16:35.0608 0x0e88 [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2ADF7FD0DC8EEF66 ] C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe
17:16:35.0608 0x0e88 C:\Program Files (x86)\TOSHIBA\Toshiba App Place\ToshibaAppPlace.exe - ok
17:16:35.0624 0x0e88 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44, A3967758E30609D29A4856F373DD2C971B341F914825D720387ACFD7499EDC3D ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
17:16:35.0624 0x0e88 C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe - ok
17:16:35.0624 0x0e88 [ 102CF6879887BBE846A00C459E6D4ABC, A4C51C79CF95D5C79DCEFB02946A09A987FEAF83CE2EE1BA7677EBA90869AC80 ] C:\Windows\SysWOW64\riched20.dll
17:16:35.0624 0x0e88 C:\Windows\SysWOW64\riched20.dll - ok
17:16:35.0624 0x0e88 [ E2A17BCC08D92F42E08AF6BA2F93ABA7, 5FC9D47BF4B1094BECC0C0DDCD5CD4318DD3E4495D982F8785331616D5B82599 ] C:\Windows\SysWOW64\ExplorerFrame.dll
17:16:35.0624 0x0e88 C:\Windows\SysWOW64\ExplorerFrame.dll - ok
17:16:35.0624 0x0e88 [ 6E1F8165C365D35C8E3C045AF0CDD481, B861360D0A014265A0BEB4CC2FE31EA05AE95120E8B07820C13A044D64C00E2B ] C:\Windows\SysWOW64\duser.dll
17:16:35.0624 0x0e88 C:\Windows\SysWOW64\duser.dll - ok
17:16:35.0624 0x0e88 [ EE06B85BC69F18826302348A2AD089E0, 417205797CC9F6C986A863A61179784D9ADCAF1961EF8A4D9042D73C5A86509A ] C:\Windows\SysWOW64\dui70.dll
17:16:35.0624 0x0e88 C:\Windows\SysWOW64\dui70.dll - ok
17:16:35.0624 0x0e88 [ EDF4DEC1041EEAF78A0B1E16C1BB4CC4, 72AB0E5499505AC25F4CACAB0C7581979100FAB552A253BB08DCD4643888702F ] C:\Windows\System32\fthsvc.dll
17:16:35.0624 0x0e88 C:\Windows\System32\fthsvc.dll - ok
17:16:35.0639 0x0e88 [ 3819AD4329303EAC88480CA16A650735, FBE665BEE15A334851AF4BF9969C8BC21B3F0254CAA5E21E67D7843D4171E675 ] C:\Windows\System32\UIAnimation.dll
17:16:35.0639 0x0e88 C:\Windows\System32\UIAnimation.dll - ok
17:16:35.0639 0x0e88 [ 88B0BCC23660D466879099F26CCB8CA5, 825EBF5C7A723650145C695A4DD89027E928B3611D89BF19AAE47687ABA0E5CA ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll
17:16:35.0639 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF1.dll - ok
17:16:35.0639 0x0e88 [ 6E6DBEB083B26E55A87BCDCF1354F45E, FBDFBE1F35A7FB8CE89D4A0A2F93B6435E294E3961033EC44943A6570E62E9EE ] C:\Program Files\Toshiba\Power Saver\TFunc2.dll
17:16:35.0639 0x0e88 C:\Program Files\Toshiba\Power Saver\TFunc2.dll - ok
17:16:35.0639 0x0e88 [ E6BC081DDE7391AD0A044C0796A86D08, A8273EC82761B975F3F6E8E0EFF6824FCFCCB4E270E9CF8446D0B3FE2307E047 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll
17:16:35.0639 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF3.dll - ok
17:16:35.0655 0x0e88 [ EDE3D67AE2951D330AA6A4EB7FEF7739, B58CE8164247DE3393F44E117890B57DDC6BBEC3F311A236CDA1C0D254E9BA74 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll
17:16:35.0655 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF4.dll - ok
17:16:35.0655 0x0e88 [ D908CF40BEFA099EA92129BB485CFBA9, 92BA566D52DEC85027380EE8D230D884C94F75FC3E4D7437AE93705280E10DBF ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF5.dll
17:16:35.0655 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF5.dll - ok
17:16:35.0655 0x0e88 [ CACB1FB9B211A8BEF470A78FC573AEBA, 73E33DB451065BAD16FF30F351D7814193D10F3DD8B806777069ABA510F046F5 ] C:\Program Files\Toshiba\FlashCards\Hotkey\Brightness.dll
17:16:35.0655 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\Brightness.dll - ok
17:16:35.0655 0x0e88 [ 43AA2EFD14590DE58A545BF3B28ED09F, 6EC547E8BB034109AC20CD3B67E3A82676018804D6E9589F27459F8A4356E28E ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll
17:16:35.0655 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF8Dll.dll - ok
17:16:35.0655 0x0e88 [ 357BE883C5236BFC7341CB9E82308908, 4DDB697FD9B7C516CF99D73C8799EA35BB97E2431216CD7C1045F17B06109FBF ] C:\Windows\System32\wlanapi.dll
17:16:35.0655 0x0e88 C:\Windows\System32\wlanapi.dll - ok
17:16:35.0671 0x0e88 [ E625ABBE3ED37D3160151DFD33AE6B91, 94EEE8C8A32182EB02D658403FBE8A9CCE0361D8582E0A574D47899CFBE7C5A2 ] C:\Program Files\Toshiba\FlashCards\Hotkey\TouchPad.dll
17:16:35.0671 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\TouchPad.dll - ok
17:16:35.0671 0x0e88 [ 66935625C1758EFEFFAF8CF0E020A6F9, BF9F3CCBFD7477E0535737D76BC1E6D6CDBB91D3F7CDE8D3220AC7F388605529 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll
17:16:35.0671 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF10.dll - ok
17:16:35.0671 0x0e88 [ 4C671C688884F18152441DC16AA629F6, 19158CE47E09ADB0265A983E9FBC11C1A2532377B22512B15829CFB148FA8441 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll
17:16:35.0671 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnF11.dll - ok
17:16:35.0671 0x0e88 [ 13BC9BF69A7A03ED92BFDF36E9B4C508, 149CE3DBB6808495246E838C98AA21644CD1B2C13E6AB5C0C534C49946088BB3 ] C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll
17:16:35.0671 0x0e88 C:\Program Files\Toshiba\FlashCards\Hotkey\FnSpace.dll - ok
17:16:35.0686 0x0e88 [ 70050353213574B62CA9EC28F65F2F3E, 3EBC0ABFC9ABFE4508E21A032A28D12B73CB91DE1FD830069FF902336A271E68 ] C:\Program Files\AVAST Software\Avast\avastui.exe
17:16:35.0686 0x0e88 C:\Program Files\AVAST Software\Avast\avastui.exe - ok
17:16:35.0686 0x0e88 [ 7A6986DD659B96398A11AF5173892715, FB7818952B9015F433418E7DC656A2C20CD682056AB981A55C1722020142D578 ] C:\Windows\SysWOW64\cabinet.dll
17:16:35.0686 0x0e88 C:\Windows\SysWOW64\cabinet.dll - ok
17:16:35.0686 0x0e88 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
17:16:35.0686 0x0e88 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
17:16:35.0702 0x0e88 [ 28CA821606669BB9215CE010767720FA, C8A1F0D6704F8F37CF8AADDFAD511FF27E56E8BCFFD4AC948DFA0329DB1F3A1E ] C:\Windows\SysWOW64\cryptui.dll
17:16:35.0702 0x0e88 C:\Windows\SysWOW64\cryptui.dll - ok
17:16:35.0702 0x0e88 [ EB4CDF2ECA64FBACAFBAD2B04B1B2862, 64C8450EF5EA81997E35FD8D4A1624729A749D74A5B511B5B9AC00E2AEFEF94B ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll
17:16:35.0702 0x0e88 C:\Program Files (x86)\DivX\DivX Update\DivXUpdateCheck.dll - ok
17:16:35.0702 0x0e88 [ 512AB725AFE15EE0B5CBE6B993844593, 4488A67FA3FE417411A8BA8C9F8846ABA4EEB7346F71824DA4D36845D10DE058 ] C:\Program Files\AVAST Software\Avast\aswUtil.dll
17:16:35.0702 0x0e88 C:\Program Files\AVAST Software\Avast\aswUtil.dll - ok
17:16:35.0702 0x0e88 [ 7C45460CDB951C4EA5C7EA7C6AA261E1, 5F7E9DB8AF5FEBBBD379E08137D5F4BB0F4822C0771F5630A81C6ACF27B7211C ] C:\Windows\winsxs\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.23918.0_none_a0556d0c3304aaf3\mfc140u.dll
17:16:35.0702 0x0e88 C:\Windows\winsxs\x86_avast.vc140.mfc_fcc99ee6193ebbca_14.0.23918.0_none_a0556d0c3304aaf3\mfc140u.dll - ok
17:16:35.0717 0x0e88 [ 022E2AD8EBCFCC8547B18BB61651BE27, 79ADA95CC7542C7CC7AA07F6264F262E4C9111986B899534DC492BE9ABEFA4A1 ] C:\Program Files\AVAST Software\Avast\HTMLayout.dll
17:16:35.0717 0x0e88 C:\Program Files\AVAST Software\Avast\HTMLayout.dll - ok
17:16:35.0717 0x0e88 [ F832EEEA97CDDA1AF577E721F652A0D1, EBBB7CA199BA4DF231123922BD310D43DE0104C6185B70FE0281B938D5336F2E ] C:\Windows\System32\batmeter.dll
17:16:35.0717 0x0e88 C:\Windows\System32\batmeter.dll - ok
17:16:35.0717 0x0e88 [ C3761661C17C2248A9379A8FB89E3DE1, CE3477FA2B4058EB80739E0161FE957545F13CF86D313F6422732901D35F75F2 ] C:\Windows\System32\stobject.dll
17:16:35.0717 0x0e88 C:\Windows\System32\stobject.dll - ok
17:16:35.0717 0x0e88 [ E0B340996A41C9A75DFA3B99BBA9C500, D029AD8ABBD2267B1E44DF5172B93C3F832B4C21F930F5512C24E800F5CE4F8B ] C:\Windows\System32\SearchIndexer.exe
17:16:35.0717 0x0e88 C:\Windows\System32\SearchIndexer.exe - ok
17:16:35.0717 0x0e88 [ 7245B4C192D20107B4A3E887AED3F76E, D07B9D349E11F6E081040C5F4810CEE4DA7228D15318CADF4E85AEA58AEFBDCF ] C:\Program Files\CCleaner\CCleaner.exe
17:16:35.0717 0x0e88 C:\Program Files\CCleaner\CCleaner.exe - ok
17:16:35.0733 0x0e88 [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122, E7EA375A3BDE8FC764CB09524344370B9EE25F98AD6C83E6F37A569EB8D277D6 ] C:\Windows\System32\prnfldr.dll
17:16:35.0733 0x0e88 C:\Windows\System32\prnfldr.dll - ok
17:16:35.0733 0x0e88 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll
17:16:35.0733 0x0e88 C:\Windows\SysWOW64\samcli.dll - ok
17:16:35.0733 0x0e88 [ CFC7CBBDD35A6906514C2A69648E0028, FE3514CC1170E5B7FB4C04D4FE70D7B002F428679D155D5D1021B44D531E20EC ] C:\Program Files\Synaptics\SynTP\InstNT.exe
17:16:35.0733 0x0e88 C:\Program Files\Synaptics\SynTP\InstNT.exe - ok
17:16:35.0733 0x0e88 [ 53E85DD329EB3FEAF776E6E84C68CF23, FC1EB41383EE0FEEC1797BB590156DA414542C4201D8384FD0D990CE42264EE0 ] C:\Program Files\Synaptics\SynTP\SynToshiba.exe
17:16:35.0733 0x0e88 C:\Program Files\Synaptics\SynTP\SynToshiba.exe - ok
17:16:35.0733 0x0e88 [ 42A9CB6906D9A8BEDC83B57163E62924, E18522D3137653140757829EFBFCE624A5BAA5842E2BBA10B9E5AB6C84BE49E1 ] C:\Windows\System32\DXP.dll
17:16:35.0733 0x0e88 C:\Windows\System32\DXP.dll - ok
17:16:35.0749 0x0e88 [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891, 0A82A475301202791A7C10F978F952EAB7DB146A702D4EA67E24E2C98BC19638 ] C:\Windows\System32\Syncreg.dll
17:16:35.0749 0x0e88 C:\Windows\System32\Syncreg.dll - ok
17:16:35.0749 0x0e88 [ C836175870E00ACC546066632E15BD10, 4347F3319C26DA1C38F395C74DBD67AF886149C8F29EDE765DD96C8480A3054A ] C:\Windows\ehome\ehSSO.dll
17:16:35.0749 0x0e88 C:\Windows\ehome\ehSSO.dll - ok
17:16:35.0749 0x0e88 [ A42F2C1EB3B66C54FB3C7B79D30C1A6D, A63836DB3B01835DC1311526A95198D6EBCCB1DC9DDAFBC38EC36C128CDB98B9 ] C:\Windows\System32\netshell.dll
17:16:35.0749 0x0e88 C:\Windows\System32\netshell.dll - ok
17:16:35.0749 0x0e88 [ E7368F0A8D19445EAF5C5D0DBB8B8DAB, CF9082360E32A7C3E13A67AC2C6192F4A76870D43DA9FF2936993A637F712761 ] C:\Windows\System32\AltTab.dll
17:16:35.0749 0x0e88 C:\Windows\System32\AltTab.dll - ok
17:16:35.0749 0x0e88 [ C8FDF0FA9E97E2FAAF3F814716AAA881, DD24A1CAB44D943B0E1A795A347AD25D9305FC7F012A2566A6A14BD47221831F ] C:\Windows\System32\WPDShServiceObj.dll
17:16:35.0749 0x0e88 C:\Windows\System32\WPDShServiceObj.dll - ok
17:16:35.0764 0x0e88 [ 10F815BE90A66AAFC6C713D1BD626064, 01139FC04BC53594296F6A0E16B8D20B940F64BC8119FE7705C03C4947958F39 ] C:\Windows\System32\pnidui.dll
17:16:35.0764 0x0e88 C:\Windows\System32\pnidui.dll - ok
17:16:35.0764 0x0e88 [ B9F0A4020AA98B7A20287BF7FE99A1FD, 21138F161EEEA46198890C7A2D073F2C82829E15676131BDAD9F237EDC7477CD ] C:\Windows\System32\QUTIL.DLL
17:16:35.0764 0x0e88 C:\Windows\System32\QUTIL.DLL - ok
17:16:35.0764 0x0e88 [ F4B5750AEF97CC2213981343A816DFB3, F2BE89A2AE5A5C3E8CCADAC55053E7587F3A6B176D1946992B87EAEF296141CD ] C:\Program Files\Synaptics\SynTP\SynTPCOM.dll
17:16:35.0764 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPCOM.dll - ok
17:16:35.0764 0x0e88 [ 8569E35D00F45972E506502EEE622BA4, 01FE851C03DB88C8373099C279F995A559D962B08932E193032FA3EAD522FB01 ] C:\Windows\System32\srchadmin.dll
17:16:35.0764 0x0e88 C:\Windows\System32\srchadmin.dll - ok
17:16:35.0764 0x0e88 [ DE325A3D3FB29A8DF9886BF85E411A95, 03C48BCC0CC1A4D441252F6FED9CD6D5D5A89C18C9E53A5CE2AB652264D73BAC ] C:\Program Files\Synaptics\SynTP\SynTPCpl.dll
17:16:35.0764 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPCpl.dll - ok
17:16:35.0764 0x0e88 [ E1DC9324D520687B816E33C77EE5D8BC, 7B47BCCFF251DE4BFF8DD174503C035DBE639E504AC7065BD9F56A9FFC64D4F7 ] C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll
17:16:35.0764 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPEnhPS.dll - ok
17:16:35.0780 0x0e88 [ E2B41D6676B915FBC39517BD3C969CB9, CEF4B3012F397D2F1B44979D5043A5F86E1271DC3413AC6327806AFC6CE1BEDA ] C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
17:16:35.0780 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPHelper.exe - ok
17:16:35.0780 0x0e88 [ 5C3F9DBA818CD93379D1A0F215270374, 6A4D96AC83989D47D80332E41E627F2607A3B2167E1A5D8E21361136C4424633 ] C:\Windows\SysWOW64\esent.dll
17:16:35.0780 0x0e88 C:\Windows\SysWOW64\esent.dll - ok
17:16:35.0780 0x0e88 [ 92DBF0A4C9239169010FC6E07859C82E, 00FB2CF4420F0FFEF519AFE732A708CF249640121E2A891CAA164313ABD7F804 ] C:\Windows\System32\ActionCenter.dll
17:16:35.0780 0x0e88 C:\Windows\System32\ActionCenter.dll - ok
17:16:35.0780 0x0e88 [ D534F0C1E8B79AD05100BC6A17522AF8, 68AECBD209C4948053B6A2326B08E90762B5CE238046218FBB25C33B85A1F310 ] C:\Windows\SysWOW64\idndl.dll
17:16:35.0780 0x0e88 C:\Windows\SysWOW64\idndl.dll - ok
17:16:35.0780 0x0e88 [ 6EF5F3F18413C367195F06E503AB86A6, 6F8B87FB4D67F9E76A51EF759B58A95D903C4AAC9C789A65A3FA1FC4F253D978 ] C:\Windows\SysWOW64\d3d9.dll
17:16:35.0780 0x0e88 C:\Windows\SysWOW64\d3d9.dll - ok
17:16:35.0795 0x0e88 [ 77B1471A490B53B24EFE136F09F76550, A650C3A244306F8E605BDA8E74BFE438356BA4403B0CB61E980D3183E3F0A7C7 ] C:\Windows\SysWOW64\d3d8thk.dll
17:16:35.0795 0x0e88 C:\Windows\SysWOW64\d3d8thk.dll - ok
17:16:35.0795 0x0e88 [ 2B7DB3E2C6DC1BC4D3682838BDB1304C, 2335DCB2915B44E51CB5E4F578B5D81741C8A8F828BA28033D4926BE0E8314F6 ] C:\Windows\SysWOW64\igdumdx32.dll
17:16:35.0795 0x0e88 C:\Windows\SysWOW64\igdumdx32.dll - ok
17:16:35.0795 0x0e88 [ 933421733C2C4BE8CB161D18E9652E69, 9C0766C6DBD69265EEC7528B92FB1A14298A30D41B7F9E978AE4F5E2CFC45494 ] C:\Windows\SysWOW64\igdumd32.dll
17:16:35.0795 0x0e88 C:\Windows\SysWOW64\igdumd32.dll - ok
17:16:35.0795 0x0e88 [ 919001D2BB17DF06CA3F8AC16AD039F6, 5169ACFBE9E9D4C4012773ECDD28231C952675EF0C272A40F226E7B5D671B18B ] C:\Windows\SysWOW64\sxs.dll
17:16:35.0795 0x0e88 C:\Windows\SysWOW64\sxs.dll - ok
17:16:35.0795 0x0e88 [ A08C010D859F8EB42BDD7E1D55B8CA27, F86EAFBF7AA41D8425156C07398EDC3BD42F1690BD3E15D27AEF2EDA86549F15 ] C:\Windows\System32\mscoree.dll
17:16:35.0795 0x0e88 C:\Windows\System32\mscoree.dll - ok
17:16:35.0811 0x0e88 [ 6820A9E91AFF7CB3A510360D8CCD9BDD, C9F73878D7179137CE0FA07C57DF11E70C0D5F20639E420A4C335FF3068EC0A9 ] C:\Windows\SysWOW64\mshtml.dll
17:16:35.0811 0x0e88 C:\Windows\SysWOW64\mshtml.dll - ok
17:16:35.0811 0x0e88 [ AA794B099F776B37ACCDEAD00E0FBFC9, CB6DA7F6A8BB09BBCFCB37E96FBA44F989DD7485535801CB9B6BD7F5A9C838E0 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll
17:16:35.0811 0x0e88 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscoreei.dll - ok
17:16:35.0811 0x0e88 [ A05C0003E8D7CEA359A439690554F8BB, 53283C41E2427D1168A869B4C72F7BF59DEC3B74D29DC02BBC6AB210F0F03237 ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll
17:16:35.0811 0x0e88 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorwks.dll - ok
17:16:35.0811 0x0e88 [ 8EE6BDE1D572677AA35707C52C585F75, 588A08C0FC3881186CD673F749E46A154F58BE39CA7AE8A2E1F25539B2299752 ] C:\Windows\SysWOW64\mlang.dll
17:16:35.0811 0x0e88 C:\Windows\SysWOW64\mlang.dll - ok
17:16:35.0811 0x0e88 [ 6B177910B98A6FE49589F7202DA69856, 3CBC02E75262CBF034166763D8BEB4210FDD5637D1171BE253EF87E21651F6D5 ] C:\Program Files\Synaptics\SynTP\SynTPRes.dll
17:16:35.0811 0x0e88 C:\Program Files\Synaptics\SynTP\SynTPRes.dll - ok
17:16:35.0811 0x0e88 [ C746F3BF98E92FB137B5BD2B8B5925BD, 67A8990F3D491D149E65C90042909259793C65E671DC953FDA1F7590FAC23D9E ] C:\Windows\System32\FXSST.dll
17:16:35.0811 0x0e88 C:\Windows\System32\FXSST.dll - ok
17:16:35.0827 0x0e88 [ 650CAEA856943E29F25A25D31E004B18, DCA63D2AF4C6F14B27EA006F200E58A5C13AC940A51947A40F668908A446CC4E ] C:\Windows\System32\FXSAPI.dll
17:16:35.0827 0x0e88 C:\Windows\System32\FXSAPI.dll - ok
17:16:35.0827 0x0e88 [ C8E8B8239FCF17BEA10E751BE5854631, CB869195E78AB613CEF50AE3B247F0E4E42F233A7AAF5B2BFC5ADEA2C45C5F8D ] C:\Windows\System32\FXSRESM.dll
17:16:35.0827 0x0e88 C:\Windows\System32\FXSRESM.dll - ok
17:16:35.0827 0x0e88 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] C:\Windows\System32\FXSSVC.exe
17:16:35.0827 0x0e88 C:\Windows\System32\FXSSVC.exe - ok
17:16:35.0827 0x0e88 [ 589DF683A6C81424A6CECE52ABF98A50, 8CE0D07B2FC1F1BF8C07434FAFCDC63FDD3B75007C3B2EED130DB69D2D16E90A ] C:\Windows\System32\tquery.dll
17:16:35.0827 0x0e88 C:\Windows\System32\tquery.dll - ok
17:16:35.0827 0x0e88 [ 26D652191B51854E66084DDAEE69EC65, 224337AB69B83B9175B4B1B6180A9ED2C2AB5D71CCA682694C15C9A2BE00ABD8 ] C:\Windows\System32\verifier.dll
17:16:35.0827 0x0e88 C:\Windows\System32\verifier.dll - ok
17:16:35.0842 0x0e88 [ 7568CC720ACE4D03B84AF97817E745EF, 7155144CB0B260B969C398A36BC277C97BEADB5DB137D19A4F7E5AF61C3E24D4 ] C:\Windows\System32\mssrch.dll
17:16:35.0842 0x0e88 C:\Windows\System32\mssrch.dll - ok
17:16:35.0842 0x0e88 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] C:\Windows\System32\netman.dll
17:16:35.0842 0x0e88 C:\Windows\System32\netman.dll - ok
17:16:35.0842 0x0e88 [ 3121A79D13A61562BE9CC902CD46B542, 00A5833A48338A4A9A5530844924AF4F1FAB618DA46D7EBBC6E2165C32ED376C ] C:\Windows\System32\msidle.dll
17:16:35.0842 0x0e88 C:\Windows\System32\msidle.dll - ok
17:16:35.0842 0x0e88 [ 58A0CDABEA255616827B1C22C9994466, 4FE1140AA8D3995579DE8CDF4ECAD1978804D05351EABB4079A63B303EF1B451 ] C:\Windows\System32\NapiNSP.dll
17:16:35.0842 0x0e88 C:\Windows\System32\NapiNSP.dll - ok
17:16:35.0842 0x0e88 [ ACE1BB07E0377E37A2C514CD2EC119B1, A9AFA4774DFA875496764D6E541A6333A3ACD3C5D2BBEF753C2D80BA83B4AC15 ] C:\Windows\System32\mssprxy.dll
17:16:35.0842 0x0e88 C:\Windows\System32\mssprxy.dll - ok
17:16:35.0858 0x0e88 [ 1CBF15FDB0310345A68972EB5C5B948F, E1EDCE6216B24037B243AC68CEEBD510646B2EFD70BC118E68303F9ED85D1973 ] C:\Windows\SysWOW64\mssprxy.dll
17:16:35.0858 0x0e88 C:\Windows\SysWOW64\mssprxy.dll - ok
17:16:35.0858 0x0e88 [ 613C8CE10A5FDE582BA5FA64C4D56AAA, 30507B6BA79E1A271B07BBA58B4FF463678BE0960266A1D5E88031E932D768B6 ] C:\Windows\System32\pnrpnsp.dll
17:16:35.0858 0x0e88 C:\Windows\System32\pnrpnsp.dll - ok
17:16:35.0858 0x0e88 [ 2E2072EB48238FCA8FBB7A9F5FABAC45, AC70B9FC24847EEC2E18008F2894DCDAC19A9C90D5D88729326E493CA524F5C3 ] C:\Windows\System32\winrnr.dll
17:16:35.0858 0x0e88 C:\Windows\System32\winrnr.dll - ok
17:16:35.0858 0x0e88 [ C9FB9038B15036CA28CF0B4BE2BED9BD, 0F56384E798B3F725FFEFC6E31A980DA31F620DB847F601273EF19E8CE74A226 ] C:\Windows\System32\en-US\tquery.dll.mui
17:16:35.0858 0x0e88 C:\Windows\System32\en-US\tquery.dll.mui - ok
17:16:35.0858 0x0e88 [ D2155709E336C3BC15729EB87FEC6064, 682A84C0F2D892E7A6CEE4E5937B4799E352AAE3B71E7037F2A343373467443C ] C:\Windows\System32\rasdlg.dll
17:16:35.0858 0x0e88 C:\Windows\System32\rasdlg.dll - ok
17:16:35.0873 0x0e88 [ F9AFD12BB4B1CFA5FCC0A5B37C604FD2, E8ACB693B1A78FAEF292111BE3F9B10BA95C76833C06C931A08EAAAE39A21334 ] C:\Windows\System32\dot3api.dll
17:16:35.0873 0x0e88 C:\Windows\System32\dot3api.dll - ok
17:16:35.0873 0x0e88 [ E4FCA0F99A41E460C84016DEFD31E6EF, 8EB14AF2025EADC7C86280E8417D8F286E8271B4F88B31696E33DFD72B3A0EF2 ] C:\Windows\System32\wlanhlp.dll
17:16:35.0873 0x0e88 C:\Windows\System32\wlanhlp.dll - ok
17:16:35.0873 0x0e88 [ 5DA219F57A9076FB6FBD3C9C3713A672, 274FE616625B336D81841FDC752C8053D4CD6926565B899760D298D145CBA1A3 ] C:\Windows\System32\WWanAPI.dll
17:16:35.0873 0x0e88 C:\Windows\System32\WWanAPI.dll - ok
17:16:35.0873 0x0e88 [ 62C7AACC746C9723468A8F2169ED3E85, 40E901F3EAFE52DF11D6BC4EF0E79F666EBDACE0B3C090CAD2358076E893EA47 ] C:\Windows\System32\wwapi.dll
17:16:35.0873 0x0e88 C:\Windows\System32\wwapi.dll - ok
17:16:35.0873 0x0e88 [ 6B851E682A36453E1B1EE297FFB6E2AB, A641D3FD9463C4788B45B8B5584EA4489C1F63A71B4B595AE85FF3482CD5EDA6 ] C:\Windows\System32\QAGENT.DLL
17:16:35.0873 0x0e88 C:\Windows\System32\QAGENT.DLL - ok
17:16:35.0873 0x0e88 [ F7A256EC899C72B4ECDD2C02CB592EFD, 9C1AA9322E83CABB94AEA4375EAEB0C44700E1F33B8BE98649BA1DF4DDFAD326 ] C:\Windows\System32\bthprops.cpl
17:16:35.0873 0x0e88 C:\Windows\System32\bthprops.cpl - ok
17:16:35.0889 0x0e88 [ D9E21CBF9E6A87847AFFD39EA3FA28EE, B2AE0BBF907D4108DE3485E6059DF8D10C39707CD508A55A2D9627A66D01AE78 ] C:\Windows\System32\SearchProtocolHost.exe
17:16:35.0889 0x0e88 C:\Windows\System32\SearchProtocolHost.exe - ok
17:16:35.0889 0x0e88 [ FC3A5E13D26C131E6BB39094D9ACD1F6, 249EA59C69925AE3019F0D0F4910B7FE8C886A6DE06C39D6FFBAC370FF2520C0 ] C:\Windows\System32\ieframe.dll
17:16:35.0889 0x0e88 C:\Windows\System32\ieframe.dll - ok
17:16:35.0889 0x0e88 [ D2A5B2B09F2AF5ED13BF494508B09788, 3FA04E84EC5A575E7804E44BA3BF1C4143E53C4ACF6C823CD029711529B0BE2C ] C:\Windows\System32\msshooks.dll
17:16:35.0889 0x0e88 C:\Windows\System32\msshooks.dll - ok
17:16:35.0889 0x0e88 [ 49A3AD5CE578CD77F445F3D244AEAB2D, 1D200547C6277C4A878A9ADD94045F7ACCC583609985C592AAE9B9B9CA7B812A ] C:\Windows\System32\SearchFilterHost.exe
17:16:35.0889 0x0e88 C:\Windows\System32\SearchFilterHost.exe - ok
17:16:35.0889 0x0e88 [ 48041BAEB60CE5F34F13CC2A1361E49C, AF82355A4C0D872F1F45261381C23C1510C2C77DD5F040B706FD7A3D63D4BAA4 ] C:\Windows\System32\mssph.dll
17:16:35.0889 0x0e88 C:\Windows\System32\mssph.dll - ok
17:16:35.0905 0x0e88 [ 8F4BB0CFECED925D440ABC2481278360, 0A87E7E1B38300E211F2ECA10BFB9831CF79B128DEB9D7AB0AA6A715197FF2DD ] C:\Windows\System32\mapi32.dll
17:16:35.0905 0x0e88 C:\Windows\System32\mapi32.dll - ok
17:16:35.0905 0x0e88 [ FF2B106909EED48C536DA04742C0324A, 7FEE709C0E37747412C3420EC2622F23F1CD87473D0A5890F2752E8F0B76D3E0 ] C:\Windows\System32\Query.dll
17:16:35.0905 0x0e88 C:\Windows\System32\Query.dll - ok
17:16:35.0905 0x0e88 [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll
17:16:35.0905 0x0e88 C:\Windows\System32\oleacc.dll - ok
17:16:35.0905 0x0e88 [ 8494E126F0B10180F3293AF861CE1F7A, 538B1F30423DB2398E611BC46C80150C090698E633BABF7362F7060DBF0C3064 ] C:\Windows\System32\mlang.dll
17:16:35.0905 0x0e88 C:\Windows\System32\mlang.dll - ok
17:16:35.0905 0x0e88 [ D7CEAEDD5F75D2C8A2E80887D7C114CE, 44D7D7BBF8643D4168A3B0369AB88C83A156943FB6295FAF8E131C55F080ED19 ] C:\Windows\System32\webcheck.dll
17:16:35.0905 0x0e88 C:\Windows\System32\webcheck.dll - ok
17:16:35.0920 0x0e88 [ 101797BA603D227946B4B5109867EB19, EBF2B48D1A4FE148F455EA32023ABC0D479215D48C7CE76E765F199CD3C80AF8 ] C:\Windows\System32\SyncCenter.dll
17:16:35.0920 0x0e88 C:\Windows\System32\SyncCenter.dll - ok
17:16:35.0920 0x0e88 [ 76CDA84DCB30EBDEF0D86051A72E0C0F, 07A91447463F50C83CCEA3662EECF2B4BECB6988D29EE5E4485DCE3E00E8F44A ] C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll
17:16:35.0920 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_64\mscorlib\f73f0a9c9a83dcd3ff428be509a7992f\mscorlib.ni.dll - ok
17:16:35.0920 0x0e88 [ 8130391F82D52D36C0441F714136957F, 1FD4FEE7CAF63E450F27729E07EA2A2F09288629FD872DBB6E8710B16D8DBD5D ] C:\Windows\System32\imapi2.dll
17:16:35.0920 0x0e88 C:\Windows\System32\imapi2.dll - ok
17:16:35.0920 0x0e88 [ 6A5C1A8AC0B572679361026D0E900420, B5E693B48B462E97738A3D4E58B60846159649EB15F4D11074B4BC107CC88562 ] C:\Windows\System32\hgcpl.dll
17:16:35.0920 0x0e88 C:\Windows\System32\hgcpl.dll - ok
17:16:35.0920 0x0e88 [ 3ABB7ADB9CCBCD24D6C55201A3842A94, C7B53EE59D3B51D256210E263E34178508CEA79AA0F187B9914473149CA725FB ] C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll
17:16:35.0920 0x0e88 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorjit.dll - ok
17:16:35.0936 0x0e88 [ BA48FCD5653B8A62F39AAF2663EC5D10, 5CAC91361C5327FE00CF5780410EDA9DF629B99729EA31BA9BC17B49FC3B34DE ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll
17:16:35.0936 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_64\System\c40ec0f4cd203c880298f94c0427dd54\System.ni.dll - ok
17:16:35.0936 0x0e88 [ 040CAD6E6600BCEF7A91AE9885C4158F, 41E1AC22E988D165137426D6F5E69A22D154AF919AE7BDE88B56BE86FDA0B51E ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll
17:16:35.0936 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Drawing\222eb8aa336953a6b0216db2b0c4770d\System.Drawing.ni.dll - ok
17:16:35.0936 0x0e88 [ 1E8D1091011E1C51B44A94DE5EE89A6A, 268D5AAF3861CE3FD65CD0F1FB180E70CB6AD2AF6DB121379756D89E72C17AAC ] C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll
17:16:35.0936 0x0e88 C:\Windows\assembly\NativeImages_v2.0.50727_64\System.Windows.Forms\dc5bb74eefdbf954cdfb70dd534d5564\System.Windows.Forms.ni.dll - ok
17:16:35.0936 0x0e88 [ C0AF0059A0A4FC50C8260FB05919E8D2, BBA9D65B982DFAA3B1AA464BC84E6AB8402DB9F22A45F4E931CE1B952D726639 ] C:\Program Files\AVAST Software\Avast\defs\17041812\SWCUEngine.dll
17:16:35.0936 0x0e88 C:\Program Files\AVAST Software\Avast\defs\17041812\SWCUEngine.dll - ok
17:16:35.0951 0x0e88 [ B29280AA00BC34FEECDC0426B11B9DAC, 9FE8CD345D00F74EDD1ADFF073835AC611F4045927C21AFCCD6D85E171880F17 ] C:\Windows\SysWOW64\RstrtMgr.dll
17:16:35.0951 0x0e88 C:\Windows\SysWOW64\RstrtMgr.dll - ok
17:16:35.0951 0x0e88 ================ Scan generic autorun ======================
17:16:35.0951 0x0e88 TPwrMain - ok
17:16:35.0951 0x0e88 HSON - ok
17:16:35.0951 0x0e88 TCrdMain - ok
17:16:36.0014 0x0e88 [ 6B640D9B1C114DDB8A534A9101DCEF29, 2993E6282D8DC6CD431D7B79C9C7EB3AF9AB3BBDD8F90C85142D14DC2575BB99 ] C:\Program Files\CONEXANT\SAII\SAIICpl.exe
17:16:36.0029 0x0e88 SmartAudio - ok
17:16:36.0139 0x0e88 [ 8D8839FDB43DE6F35D4A26294B8B9549, 536C38B0D78A170180495098AAE6187DA428C8338E971F264B083808C8949EBF ] C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe
17:16:36.0154 0x0e88 cAudioFilterAgent - ok
17:16:36.0154 0x0e88 SynTPEnh - ok
17:16:36.0513 0x0e88 Teco - ok
17:16:36.0513 0x0e88 TosWaitSrv - ok
17:16:36.0622 0x0e88 [ F82483A80D49ACCA81193A294FB233CD, 7EEA9E7F62A92AD98569B1A4F4809D91D7ED671821A738EB75BC6E469DB44494 ] C:\Program Files\TOSHIBA\TosVolRegulator\TosVolRegulator.exe
17:16:36.0638 0x0e88 TosVolRegulator - ok
17:16:36.0731 0x0e88 [ 426350B428CD70D037A3326EB9E5EDFD, B7B1A20D1D75661533CF983EA0C6E520B928AF6FCCDA70C488FC8FC566B5AF7F ] C:\Program Files\TOSHIBA\TOSHIBA HDD SSD Alert\TosWaitSrv.exe
17:16:36.0747 0x0e88 TosSENotify - ok
17:16:36.0747 0x0e88 TosNC - ok
17:16:36.0763 0x0e88 TosReelTimeMonitor - ok
17:16:37.0777 0x0e88 [ C78761C2A5475EA16ADCD438CC17841F, 2EC81397DE7BEF39EA1E1758FE778A0A31C8D04B6AD76D9C0917D95808366A70 ] C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
17:16:38.0089 0x0e88 ZAM - ok
17:16:38.0198 0x0e88 [ BB752714D14CB1F13969D721F1A3A60F, 32B95C75704BE37B349E0493AA8D2FCDAE8007275124646125650456D3A1563F ] C:\Program Files (x86)\TOSHIBA\TOSHIBA Sleep Utility\TSleepSrv.exe
17:16:38.0213 0x0e88 TSleepSrv - ok
17:16:38.0463 0x0e88 [ 02F4246866BF35BF2244E5CF72E25895, AA08D3E65CCF6F4F79D169575C9B4FE8BA078246BFB30C380939A4A3B6092074 ] C:\Program Files (x86)\Toshiba\Toshiba Online Backup\Activation\TOBuActivation.exe
17:16:38.0541 0x0e88 NortonOnlineBackupReminder - ok
17:16:38.0603 0x0e88 [ 2D7816ACDA1CC85C873CBC19A4121D58, 3F3E41EBEF81DB8C2A84A8E75D1E4852046A10A5DCB8CCCC2ADF7FD0DC8EEF66 ] C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
17:16:38.0650 0x0e88 ToshibaAppPlace - detected UnsignedFile.Multi.Generic ( 1 )
17:16:38.0650 0x0e88 ToshibaAppPlace ( UnsignedFile.Multi.Generic ) - warning
17:16:38.0650 0x0e88 Force sending object to P2P due to detect: C:\Program Files (x86)\Toshiba\Toshiba App Place\ToshibaAppPlace.exe
17:16:38.0650 0x0e88 Object send P2P result: false
17:16:38.0759 0x0e88 [ 4EB0C6C3EF4D8885CF2B5D0062F31E44, A3967758E30609D29A4856F373DD2C971B341F914825D720387ACFD7499EDC3D ] C:\Program Files (x86)\DivX\DivX Update\DivXUpdate.exe
17:16:38.0791 0x0e88 DivXUpdate - ok
17:16:39.0305 0x0e88 [ 70050353213574B62CA9EC28F65F2F3E, 3EBC0ABFC9ABFE4508E21A032A28D12B73CB91DE1FD830069FF902336A271E68 ] C:\Program Files\AVAST Software\Avast\AvastUI.exe
17:16:39.0539 0x0e88 AvastUI.exe - ok
17:16:39.0649 0x0e88 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:16:39.0695 0x0e88 Sidebar - ok
17:16:39.0727 0x0e88 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:16:39.0789 0x0e88 mctadmin - ok
17:16:39.0820 0x0e88 [ DCCA4B04AF87E52EF9EAA2190E06CBAC, 8858CFD159BB32AE9FCCA1A79EA83C876D481A286E914071D48F42FCA5B343D8 ] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe
17:16:39.0851 0x0e88 Sidebar - ok
17:16:39.0851 0x0e88 [ 0FA760BF380B08D0B67B5507CD8B32AA, 0F73A7F64C4FDAB98CD3A865CC54B3A7195761530FCB115B725CC5A9FB738739 ] C:\Windows\System32\mctadmin.exe
17:16:39.0883 0x0e88 mctadmin - ok
17:16:40.0382 0x0e88 [ FB5B78A3DE88FD3B725DA574497BC225, 0096C3ED0E29153E6A9E84C121B79A170FEDFE521AEA1BC602BC536E1795E5F3 ] C:\Program Files\CCleaner\CCleaner64.exe
17:16:40.0569 0x0e88 CCleaner - ok
17:16:40.0631 0x0e88 AV detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 12.1.3076.0 ), 0x41000 ( enabled : updated )
17:16:40.0631 0x0e88 FW detected via SS2: avast! Antivirus, C:\Program Files\AVAST Software\Avast\VisthAux.exe ( 12.1.3076.0 ), 0x40010 ( disabled )
17:16:40.0663 0x0e88 Win FW state via NFP2: enabled ( trusted )
17:16:40.0663 0x0e88 ============================================================
17:16:40.0663 0x0e88 Scan finished
17:16:40.0663 0x0e88 ============================================================
17:16:40.0678 0x0e54 Detected object count: 3
17:16:40.0678 0x0e54 Actual detected object count: 3
17:16:46.0466 0x0e54 IDriverT ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:46.0466 0x0e54 IDriverT ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:46.0466 0x0e54 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:16:46.0466 0x0e54 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip
17:16:46.0466 0x0e54 ToshibaAppPlace ( UnsignedFile.Multi.Generic ) - skipped by user
17:16:46.0466 0x0e54 ToshibaAppPlace ( UnsignedFile.Multi.Generic ) - User select action: Skip
17:16:54.0281 0x0ed0 Deinitialize success

PatL · Apr 20, 2017

What now?

PatL · Apr 20, 2017

Forgot to post this the other day:

# AdwCleaner v6.045 - Logfile created 15/04/2017 at 20:14:27
# Updated on 28/03/2017 by Malwarebytes
# Database : 2017-03-28.2 [Local]
# Operating System : Windows 7 Home Premium Service Pack 1 (X64)
# Username : Mitch - MITCH-PC
# Running from : C:\Users\Mitch\Desktop\AdwCleaner.exe
# Mode: Clean
# Support : https://www.malwarebytes.com/support

***** [ Services ] *****

***** [ Folders ] *****

[-] Folder deleted: C:\Users\Mitch\AppData\LocalLow\Veoh_Web_Player
[-] Folder deleted: C:\Program Files (x86)\Veoh_Web_Player

***** [ Files ] *****

[-] File deleted: C:\Program Files (x86)\Yahoo!\Common\unyt.exe

***** [ DLL ] *****

***** [ WMI ] *****

***** [ Shortcuts ] *****

***** [ Scheduled Tasks ] *****

[-] Task deleted: RegSERVO

***** [ Registry ] *****

[-] Key deleted: HKLM\SOFTWARE\Classes\Applications\iLividSetupV1 (1).exe
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[-] Key deleted: HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.Protector.1
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib
[#] Key deleted on reboot: [x64] HKLM\SOFTWARE\Classes\protector_dll.ProtectorLib.1
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{1CAE874F-F5C7-4BCC-BA46-9AD26DF35B93}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{39DCCEAF-C749-4390-9953-527CF916935C}
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\{EFC0651C-B6D7-49CD-A6E0-B1CE9AB5FE46}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F56ACA29-1C99-40F1-AC64-2E44C4F6BC71}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{12D3E096-0FDF-42CC-8F44-04944F9C1648}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{22389F39-2CF4-47C4-B8B2-273BB16BF70C}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{23E3CEB3-D63A-433E-A5D0-4DB1C501B915}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{26A3152F-CF87-4C5B-8093-4D4B9EC084EB}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{29E3319C-4B3C-479F-8692-BDD2CA30BEDD}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{367BD1CD-74A3-451F-B1A4-6A2DE4129A2D}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{49F018EE-F362-4B5B-8EC8-BCF9246ABF21}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{63B73044-FC1A-4FE1-991B-FDBD4CDAA868}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{7207E52B-821E-4C05-A8D6-2965B2BE77CF}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{863FCF5D-DC39-4DA9-AF32-CB0025990EEE}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B09E015A-4D4E-4F8D-A436-95E19140947D}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{B1E712C4-03AA-495F-B0F5-0F057E126E2A}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{D13DC65C-C77B-4986-9078-DEA3D34C71BB}
[-] Key deleted: HKLM\SOFTWARE\Classes\Interface\{F9A10D86-182A-4946-869B-70C3D109D14D}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{003028C2-EA1C-4676-A316-B5CB50917002}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{0548C79F-7B8C-455D-B228-97D35371BB62}
[-] Key deleted: HKLM\SOFTWARE\Classes\TypeLib\{61A2027D-B837-4080-A925-6E30E10DEF32}
[-] Key deleted: HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Veoh_Web_Player
[-] Key deleted: HKLM\SOFTWARE\Veoh_Web_Player
[#] Key deleted on reboot: [x64] HKCU\Software\Microsoft\Internet Explorer\InternetRegistry\REGISTRY\USER\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Veoh_Web_Player
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\yt.DLL
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\ytbbroker.EXE
[-] Key deleted: HKLM\SOFTWARE\Classes\AppID\YTSingleInstance.DLL

***** [ Web browsers ] *****

[-] [C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: aol.com
[-] [C:\Users\Mitch\AppData\Local\Google\Chrome\User Data\Default\Web data] [Search Provider] Deleted: ask.com

*************************

:: "Tracing" keys deleted
:: Winsock settings cleared

*************************

C:\AdwCleaner\AdwCleaner[C0].txt - [4282 Bytes] - [15/04/2017 20:14:27]
C:\AdwCleaner\AdwCleaner[S0].txt - [4256 Bytes] - [15/04/2017 20:13:59]

########## EOF - C:\AdwCleaner\AdwCleaner[C0].txt - [4428 Bytes] ##########

Malnutrition · Apr 20, 2017

Zoek Scan

Disable your antivirus prior to this scan.
Download Zoek
Save the file to your desktop.
Right click Zoek.exe and run as administrator. (Xp Users double click)
Copy the items in red below, and paste them into Zoek.

createsrpoint;
ipconfig /flushdns;b
emptyfolderscheck;delete
emptyclsid;
emptyalltemp;
netsh winsock reset all;b
autoclean;

Now hit the run script button.
The log will appear after a reboot, also you can find it on the C: drive.
Post the log in your next reply.

Malnutrition · Apr 20, 2017

Re Run TDSS killer and select Cure or Delete for this....

17:16:46.0466 0x0e54 \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
17:16:46.0466 0x0e54 \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

Malnutrition · Apr 20, 2017

Quick Diag Fix.

First please create a restore point!
Right click on Quick Diag Run as Admin.
Copy the content of the code box below to your clipboard.
Click on the S within the User Interface of the program.
Then click on Script.
Allow completion.
Post the log created in your next reply.

Code:

Key::
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\87566282.sys]
[HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\87566282.sys]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\Classes\Applications\FreeTorrentViewer.exe]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Blehjoqlir]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\MCAFEE]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Strongvault]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Tific]
[HKU\S-1-5-21-2113883840-1160270776-2747418757-1000\SOFTWARE\AppDataLow\Software\Yahoo]
[HKLM\Software\REGSERVO]
[HKLM\Software\WOW6432Node\AdobeFlashPlayerUpdate]
[HKLM\Software\WOW6432Node\Tific]
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{03F52937-1FD6-44FB-82C6-FE988F1B1D61}]
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{522119B9-1B9A-498A-AC52-148B533EFD50}]
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{87C077B2-3D3B-4156-938A-EA51B451D6C6}]
[HKLM\SYSTEM\CurrentControlSet\Control\Class\{FB58BE68-EA9E-4803-847F-2CE814E7B159}]


File::
C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
C:\Program Files (x86)\FreeTorrentViewer
C:\windows\Installer\262be5.msi'
C:\windows\Installer\9118a6.msi
C:\windows\Installer\938618.msi
C:\windows\System32\gatherNetworkInfo.vbs
C:\Users\Mitch\AppData\Local\Tific
C:\Users\Mitch\AppData\LocalLow\Yahoo!
C:\Users\Mitch\AppData\Roaming\FreeTorrentViewer
C:\Users\Mitch\AppData\Roaming\Tific
C:\Users\Mitch\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeTorrentViewer
C:\ProgramData\McAfee
C:\ProgramData\REGSERVO64
C:\ProgramData\Yahoo!
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\REGSERVO
C:\Program Files (x86)\FreeTorrentViewer
C:\Program Files (x86)\Yahoo!
C:\ProgramData\Temp:373E1720
C:\ProgramData\Temp:D1B5B4F1

ADS::
C:\ProgramData\Temp

Clean::
yes

PatL · Apr 20, 2017

Zoek didn't complete it froze. I restarted and continued with your other instructions.

Zoek.exe v5.0.0.1 Updated 27-09-2015
Tool run by Mitch on Wed 04/19/2017 at 19:53:51.74.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x64
Running in: Safe Mode MINIMAL No Internet Access Detected
Launched: C:\Users\Mitch\Desktop\zoek.exe [Scan all users] [Script inserted]

==== Older Logs ======================

C:\zoek-results2015-09-09-020615.log 14334 bytes
C:\zoek-results2015-09-09-152311.log 13972 bytes

==== Empty Folders Check ======================

C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) deleted successfully
C:\Users\Mitch\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{18DF081C-E8AD-4283-A596-FA578C2EBDC3} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{DBC80044-A445-435B-BC74-9C25C1C588A9} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F3C88694-EFFA-4D78-B409-54B7B2535B14} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F3C88694-EFFA-4D78-B409-54B7B2535B14} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully
HKEY_USERS\S-1-5-21-2113883840-1160270776-2747418757-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{326E768D-4182-46FD-9C16-1449A49795F4} deleted successfully

==== Deleting CLSID Registry Values ======================

==== Deleting Services ======================

==== Batch Command(s) Run By Tool======================

==== Deleting Files \ Folders ======================

C:\PROGRA~3\Malwarebytes' Anti-Malware (portable) not found
"C:\windows\Installer\2dfb0c.msi" not found
C:\PROGRA~2\Uninstall Information\ib_uninst_455 deleted
C:\PROGRA~2\Yahoo! deleted
C:\install.exe deleted
C:\PROGRA~3\Yahoo! deleted
C:\Users\Mitch\AppData\LocalLow\Yahoo! deleted
C:\components deleted
C:\windows\SysNative\GroupPolicy\User deleted

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{23fcfd51-4958-4f00-80a3-ae97e717ed8b}"="C:\Program Files (x86)\DivX\DivX Plus Web Player\firefox\DivXHTML5" [08/14/2012 02:42 PM]

==== Chromium Look ======================

Google Chrome Version: 46.0.2490.86

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
nneajnkjbffgblleaoojgaacokifdkhm - C:\Program Files (x86)\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx[12/12/2011 06:13 AM]

TheBflix - John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
TheBflix - John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
TheBflix - John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
TheBflix - John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
TheBflix - John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
TheBflix - John\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
TheBflix - John\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
TheBflix - John\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
TheBflix - John\AppData\Local\Google\Chrome\User Data\Default\Extensions\ekdjfcdinekpfcedakhpngcnaamhiihn
Avast Online Security - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
OpenOffice for Chrome - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj
Chrome Media Router - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
OpenOffice for Chrome - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj
Chrome Media Router - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
OpenOffice for Chrome - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj
Chrome Media Router - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
OpenOffice for Chrome - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj
Chrome Media Router - Mitch\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - Mitch\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
OpenOffice for Chrome - Mitch\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj
Chrome Media Router - Mitch\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - Mitch\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
OpenOffice for Chrome - Mitch\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj
Chrome Media Router - Mitch\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - Mitch\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
OpenOffice for Chrome - Mitch\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj
Chrome Media Router - Mitch\AppData\Local\Application Data\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm
Avast Online Security - Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki
OpenOffice for Chrome - Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\nlgfkngkdcjlfgcfdmjoafonkkhacilj
Chrome Media Router - Mitch\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Chromium Startpages ======================

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Application Data\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

C:\Users\John\AppData\Local\Google\Chrome\User Data\Default\Preferences
"homepage": "http://start.toshiba.com",
"homepage": "http://start.toshiba.com",
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]
"urls_to_restore_on_startup": [ "http://start.toshiba.com" ]

PatL

Attachments

Malnutrition

Malnurished Mod

PatL

Malnutrition

Malnurished Mod

Malnutrition

Malnurished Mod

Malnutrition

Malnurished Mod

PatL

Malnutrition

Malnurished Mod

PatL

Malnutrition

Malnurished Mod

Attachments

PatL

PatL

PatL

PatL

PatL

PatL

Malnutrition

Malnurished Mod

Malnutrition

Malnurished Mod

Malnutrition

Malnurished Mod

PatL

Search

Search

Solved Friends Computer Needs a Checkup