View Full Version : Trojan horse FakeAV unable to be deleted by AVG 2011 Free Edition
Holsten87
2014-06-26, 22:31
Hello
I have run an ERUNT registry back up. I'm on Vista (pretty old laptop) and have turned off user account control as per instructions on ERUNT site.
AVG found two infected files on my last scan:
1. Object name: C:\Windows\System32\svchost.exe (888)
Detection Name: Trojan horse FakeAV.TMH.dropper
Object Type: process
SDK Type: Core
Result: DELETED
2. Object Name: c:\Windows\System32\svchost.exe (888):\memory_05a00000
Detection Name: Trojan horse FakeAV.TMH.dropper
Object Type: file
SDK Type: core
Result: INFECTED
Going through my scan logs, it appears that there has been an infection which AVG has been unable to resolve an issue that has been there since 06/06/14, which is worrying, as I didn't notice this until now (usually AVG would advise me if it is unable to heal infected files). I'm pretty sure I've run a routine Malware Bytes scan since the 06/06/14. I have not done so this time as wanted some advice before proceeding.
DDS Log:
============== Running Processes ================
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\SLsvc.exe
C:\Windows\System32\spoolsv.exe
C:\Program Files\AVG\AVG10\avgwdsvc.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
C:\Windows\system32\STacSV.exe
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
C:\Program Files\iolo\System Mechanic\iologovernor.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Windows\OEM02Mon.exe
C:\Windows\System32\hkcmd.exe
C:\Windows\System32\igfxpers.exe
C:\Windows\system32\igfxsrvc.exe
C:\Windows\WindowsMobile\wmdc.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
C:\Program Files\Dell\MediaDirect\PCMService.exe
C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
C:\Program Files\AVG\AVG10\avgtray.exe
C:\Program Files\Winamp\winampa.exe
C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\Digital Line Detect\DLG.exe
C:\Windows\System32\alg.exe
C:\Program Files\AVG\AVG10\avgnsx.exe
C:\Program Files\AVG\AVG10\avgrsx.exe
C:\Program Files\AVG\AVG10\avgchsvx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
C:\Program Files\AVG\AVG10\avgscanx.exe
C:\Program Files\AVG\AVG10\avgcsrvx.exe
C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Program Files\Winamp\winamp.exe
C:\Windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\Windows\system32\SearchProtocolHost.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\svchost.exe -k bthsvcs
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Windows\system32\svchost.exe -k WindowsMobile
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=10&cc=&mi=74965616000000000000001cbf915686&toi=16085
uWindow Title = Internet Explorer provided by Dell
uDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
mDefault_Page_URL = hxxp://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
mSearchAssistant = hxxp://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=4&cc=&mi=74965616000000000000001cbf915686&toi=16085&r=302
uURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
dURLSearchHooks: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: Adobe PDF Reader Link Helper: {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelper.dll
BHO: AVG Safe Search: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - c:\program files\avg\avg10\avgssie.dll
BHO: Search Helper: {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - c:\program files\microsoft\search enhancement pack\search helper\SearchHelper.dll
BHO: Java(tm) Plug-In SSV Helper: {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\program files\java\jre1.6.0\bin\ssv.dll
BHO: {A3BC75A2-1F87-4686-AA43-5347D756017C} - <orphaned>
BHO: {DBC80044-A445-435b-BC74-9C25C1C588A9} - <orphaned>
BHO: Windows Live Toolbar Helper: {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - c:\program files\windows live\toolbar\wltcore.dll
BHO: {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - <orphaned>
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
TB: &Windows Live Toolbar: {21FA44EF-376D-4D53-9B0F-8A89D3229068} - c:\program files\windows live\toolbar\wltcore.dll
uRun: [ehTray.exe] c:\windows\ehome\ehTray.exe
uRun: [DriverScanner] "c:\program files\uniblue\driverscanner\launcher.exe" delay 20000
uRun: [Xvid] c:\program files\xvid\CheckUpdate.exe
mRun: [SynTPEnh] c:\program files\synaptics\syntp\SynTPEnh.exe
mRun: [OEM02Mon.exe] c:\windows\OEM02Mon.exe
mRun: [IgfxTray] c:\windows\system32\igfxtray.exe
mRun: [HotKeysCmds] c:\windows\system32\hkcmd.exe
mRun: [Persistence] c:\windows\system32\igfxpers.exe
mRun: [Windows Mobile Device Center] c:\windows\windowsmobile\wmdc.exe
mRun: [DELL Webcam Manager] "c:\program files\dell\dell webcam manager\DellWMgr.exe" /s
mRun: [ISUSScheduler] "c:\program files\common files\installshield\updateservice\issch.exe" -start
mRun: [RoxWatchTray] "c:\program files\common files\roxio shared\9.0\sharedcom\RoxWatchTray9.exe"
mRun: [dscactivate] "c:\program files\dell support center\gs_agent\custom\dsca.exe"
mRun: [PCMService] "c:\program files\dell\mediadirect\PCMService.exe"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 8.0\reader\Reader_sl.exe"
mRun: [SigmatelSysTrayApp] c:\program files\sigmatel\c-major audio\wdm\sttray.exe
mRun: [AVG_TRAY] c:\program files\avg\avg10\avgtray.exe
mRun: [WinampAgent] "c:\program files\winamp\winampa.exe"
mRun: [Conime] c:\windows\system32\conime.exe
mRun: [EKStatusMonitor] c:\program files\kodak\aio\statusmonitor\EKStatusMonitor.exe
mRun: [EKIJ5000StatusMonitor] c:\windows\system32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
dRun: [msnmsgr] "c:\program files\windows live\messenger\msnmsgr.exe" /background
StartupFolder: c:\users\hollyc~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\erunta~1.lnk - c:\program files\erunt\AUTOBACK.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\digita~1.lnk - c:\program files\digital line detect\DLG.exe
uPolicies-Explorer: NoDrives = dword:0
uPolicies-Explorer: NoDriveTypeAutoRun = dword:145
mPolicies-Explorer: NoDriveAutoRun = dword:67108863
mPolicies-Explorer: NoDriveTypeAutoRun = dword:255
mPolicies-Explorer: NoDrives = dword:0
mPolicies-System: EnableLUA = dword:0
mPolicies-System: EnableUIADesktopToggle = dword:0
IE: Add to Windows &Live Favorites - http://favorites.live.com/quickadd.aspx
IE: E&xport to Microsoft Excel - c:\progra~1\micros~2\office11\EXCEL.EXE/3000
IE: Send image to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie_ctx.htm
IE: Send page to &Bluetooth Device... - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
IE: {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - {2EAF5BB0-070F-11D3-9307-00C04FAE2D4F} - c:\windows\windowsmobile\INetRepl.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503}
IE: {CCA281CA-C863-46ef-9331-5C8D4460577F} - c:\program files\widcomm\bluetooth software\btsendto_ie.htm
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} - hxxp://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} - hxxp://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
TCP: NameServer = 192.168.0.1
TCP: Interfaces\{CAB4FF05-07D8-4042-AD88-07AF59D967DB} : DHCPNameServer = 192.168.0.1
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - c:\program files\tiscali\tiscali internet\dlls\tiscalifilter.dll
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - <orphaned>
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - c:\program files\avg\avg10\avgpp.dll
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - c:\program files\skype\toolbars\internet explorer\skypeieplugin.dll
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - c:\program files\common files\skype\Skype4COM.dll
Notify: igfxcui - igfxdev.dll
LSA: Security Packages = kerberos msv1_0 schannel wdigest tspkg
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\holly chapman\appdata\roaming\mozilla\firefox\profiles\7lqvfta1.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.winamp.com/search/search?query={searchTerms}&invocationType=winamp-ff&s_qt=sb&tb_uuid=20111024195737789&tb_oid=25-10-2011&tb_mrud=15-11-2012&query=
FF - prefs.js: browser.startup.homepage - google.co.uk
FF - prefs.js: keyword.URL - hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=2&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=
FF - plugin: c:\program files\divx\divx ovs helper\npovshelper.dll
FF - plugin: c:\program files\divx\divx plus web player\npdivx32.dll
FF - plugin: c:\program files\java\jre7\bin\dtplugin\npdeployJava1.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\NPVeohTVPlugin.dll
FF - plugin: c:\program files\veoh networks\veohwebplayer\npWebPlayerVideoPluginATL.dll
FF - plugin: c:\windows\system32\macromed\flash\NPSWF32_13_0_0_214.dll
.
---- FIREFOX POLICIES ----
FF - user.js: extensions.Softonic.hpOld0 - hxxp://en-GB.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official
FF - user.js: extensions.Softonic.tlbrSrchUrl - hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=1&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=
FF - user.js: extensions.Softonic.id - 74965616000000000000001cbf915686
FF - user.js: extensions.Softonic.appId - {7ABBFE1C-E485-44AA-8F36-353751B4124D}
FF - user.js: extensions.Softonic.instlDay - 16085
FF - user.js: extensions.Softonic.vrsn - 1.8.29.3
FF - user.js: extensions.Softonic.vrsni - 1.8.29.3
FF - user.js: extensions.Softonic.vrsnTs - 1.8.29.320:41:43
FF - user.js: extensions.Softonic.prtnrId - softonic
FF - user.js: extensions.Softonic.prdct - Softonic
FF - user.js: extensions.Softonic.aflt - SD
FF - user.js: extensions.Softonic.smplGrp - none
FF - user.js: extensions.Softonic.tlbrId - 2013desingbrand
FF - user.js: extensions.Softonic.instlRef - MOY00002
FF - user.js: extensions.Softonic.dfltLng -
FF - user.js: extensions.Softonic.excTlbr - false
FF - user.js: extensions.Softonic.ffxUnstlRst - false
FF - user.js: extensions.Softonic.admin - false
FF - user.js: extensions.Softonic.autoRvrt - false
FF - user.js: extensions.Softonic.rvrt - false
FF - user.js: extensions.Softonic.hmpg - true
FF - user.js: extensions.Softonic.hmpgUrl - hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=13&cc=&mi=74965616000000000000001cbf915686&toi=16085
FF - user.js: extensions.Softonic.dfltSrch - true
FF - user.js: extensions.Softonic.srchPrvdr - Search the web (Softonic)
FF - user.js: extensions.Softonic.kw_url - hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=2&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=
FF - user.js: extensions.Softonic.dnsErr - true
FF - user.js: extensions.Softonic.newTab - true
FF - user.js: extensions.Softonic.newTabUrl - hxxp://search.softonic.com/MOY00002/tb_v1/?SearchSource=15&cc=&mi=74965616000000000000001cbf915686&toi=16085
aswMBR log:
19:42:27.827 OS Version: Windows 6.0.6001 Service Pack 1
19:42:27.827 Number of processors: 2 586 0xF0D
19:42:27.829 ComputerName: THE-BEAST UserName:
19:42:30.994 Initialize success
19:42:31.025 VM: initialized successfully
19:42:31.056 VM: Intel CPU BiosDisabled
19:42:41.812 VM: disk I/O iastor.sys
19:45:35.699 AVAST engine defs: 14062601
19:46:55.447 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-0
19:46:55.447 Disk 0 Vendor: ST916082 3.CD Size: 152627MB BusType: 3
19:46:55.619 Disk 0 MBR read successfully
19:46:55.634 Disk 0 MBR scan
19:46:55.634 Disk 0 Windows VISTA default MBR code
19:46:55.650 Disk 0 Partition 1 00 DE Dell Utility Dell 8.0 117 MB offset 63
19:46:55.681 Disk 0 Partition 2 00 07 HPFS/NTFS NTFS 10240 MB offset 241664
19:46:55.697 Disk 0 Partition 3 80 (A) 07 HPFS/NTFS NTFS 139708 MB offset 21213184
19:46:55.697 Disk 0 Partition - 00 0F Extended LBA 2560 MB offset 307335168
19:46:55.744 Disk 0 Partition 4 00 DD MSDOS5.0 2559 MB offset 307337216
19:46:55.759 Disk 0 scanning sectors +312578048
19:46:56.056 Disk 0 scanning C:\Windows\system32\drivers
19:47:09.659 Service scanning
19:47:43.496 Modules scanning
19:47:51.702 Disk 0 trace - called modules:
19:47:51.717 ntkrnlpa.exe CLASSPNP.SYS disk.sys iastor.sys hal.dll
19:47:51.717 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86355528]
19:47:51.717 3 CLASSPNP.SYS[887a6745] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-0[0x85206030]
19:47:53.683 AVAST engine scan C:\Windows
19:47:57.458 AVAST engine scan C:\Windows\system32
19:53:16.077 AVAST engine scan C:\Windows\system32\drivers
19:53:36.061 AVAST engine scan C:\Users\Holly Chapman
20:09:47.192 AVAST engine scan C:\ProgramData
20:15:42.077 Scan finished successfully
21:30:21.804 Disk 0 MBR has been saved successfully to "C:\Users\Holly Chapman\Desktop\MBR.dat"
21:30:21.804 The log file has been saved successfully to "C:\Users\Holly Chapman\Desktop\aswMBR.txt"
Lots of thanks in advance for any help x
.
Hi Holsten87,
My name is OCD. I would be more than happy to take a look at your log and help you with solving any malware problems you might have. Logs can take a while to research, so please be patient and know that I am working hard to get you a clean and functional system back in your hands. I'd be grateful if you would note the following:
I will be working on your Malware issues, this may or may not, solve other issues you have with your machine.
The fixes are specific to your problem and should only be used for the issues on this machine.
Please continue to review my answers until I tell you your machine appears to be clear. Absence of symptoms does not mean that everything is clear.
It's often worth reading through these instructions and printing them for ease of reference.
If you don't know or understand something, please don't hesitate to say or ask!! It's better to be sure and safe than sorry.
Please reply to this thread. Do not start a new topic.
Copy and Paste logs directly into the reply window. DO NOT attach the logs unless specifically instructed to do so.
IMPORTANT NOTE : Please do not delete, download or install anything unless instructed to do so.
DO NOT use any TOOLS such as Combofix or HijackThis fixes without supervision. Doing so could make your system inoperable and could require a full reinstall of your Operating System and losing all your programs and data.
Please stay with this topic until I let you know that your system appears to be "All Clear"
Important: All tools MUST be run from the Desktop.
=========================
Your initial DDS log is missing the header information, please run the following scans:
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Security Check
Download Security Check by screen317 from here (http://screen317.spywareinfoforum.org/SecurityCheck.exe) or here (http://screen317.changelog.fr/SecurityCheck.exe).
Save it to your Desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Download Farbar Recovery Scan Tool (http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/) and save to your desktop.
Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.
Right click and select "Run as Administrator" to run it. When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
The first time the tool is run, it makes also another log (Addition.txt). Please attach it to your reply
=========================
In your next post please provide the following:
checkup.txt
FRST.txt
Addition.txt
Holsten87
2014-06-27, 21:00
Hi OCD,
Thanks for getting back to me so quickly. Here is the top of the dds log should you need it:
DDS (Ver_2012-11-20.01) - NTFS_x86
Internet Explorer: 7.0.6001.18470 BrowserJavaVersion: 1.6.0
Run by Holly Chapman at 19:34:51 on 2014-06-26
.
Below are the logs you requested:
Checkup.txt:
Results of screen317's Security Check version 0.99.85
Windows Vista Service Pack 1 x86 (UAC is disabled!)
Out of date service pack!! (http://support.microsoft.com/kb/935791)
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
Malwarebytes Anti-Malware version 1.75.0.1300
HijackThis 2.0.2
AVG PC Tuneup 2011
Java 7 Update 45
Java(TM) SE Runtime Environment 6
Java version out of Date!
Adobe Flash Player 13.0.0.214 Flash Player out of Date!
Adobe Reader 8 Adobe Reader out of Date!
Mozilla Firefox 18.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 34 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
FRST.txt:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:27-06-2014
Ran by Holly Chapman (administrator) on THE-BEAST on 27-06-2014 19:50:49
Running from C:\Users\Holly Chapman\Downloads
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgnsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe
(Uniblue Systems Limited) C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
(iolo technologies, LLC) C:\Program Files\iolo\System Mechanic\ioloGovernor.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winampa.exe
(Eastman Kodak Company) C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
() C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
==================== Registry (Whitelisted) ==================
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [857648 2007-04-28] (Synaptics, Inc.)
HKLM\...\Run: [OEM02Mon.exe] => C:\Windows\OEM02Mon.exe [36864 2007-08-29] (Creative Technology Ltd.)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [648072 2007-05-31] (Microsoft Corporation)
HKLM\...\Run: [DELL Webcam Manager] => C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe [118784 2007-07-27] (Creative Technology Ltd.)
HKLM\...\Run: [ISUSScheduler] => C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe [81920 2006-10-03] (Macrovision Corporation)
HKLM\...\Run: [RoxWatchTray] => C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe [221184 2006-11-05] (Sonic Solutions)
HKLM\...\Run: [dscactivate] => C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe [16384 2007-11-15] ( )
HKLM\...\Run: [PCMService] => C:\Program Files\Dell\MediaDirect\PCMService.exe [189736 2007-11-01] (CyberLink Corp.)
HKLM\...\Run: [Adobe Reader Speed Launcher] => C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe [39792 2008-01-11] (Adobe Systems Incorporated)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-07] (IDT, Inc.)
HKLM\...\Run: [AVG_TRAY] => C:\Program Files\AVG\AVG10\avgtray.exe [2345592 2012-08-01] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [WinampAgent] => C:\Program Files\Winamp\winampa.exe [74752 2011-12-09] (Nullsoft, Inc.)
HKLM\...\Run: [Conime] => C:\Windows\system32\conime.exe [69120 2008-01-18] (Microsoft Corporation)
HKLM\...\Run: [EKStatusMonitor] => C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe [2844608 2012-10-15] (Eastman Kodak Company)
HKLM\...\Run: [EKIJ5000StatusMonitor] => C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe [2804224 2012-10-08] (Eastman Kodak Company)
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [uTorrent] => C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe [1267536 2014-06-16] (BitTorrent Inc.)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [DriverScanner] => C:\Program Files\Uniblue\DriverScanner\launcher.exe [338296 2011-05-16] (Uniblue Systems Limited)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\RunOnce: [FlashPlayerUpdate] - C:\Windows\system32\Macromed\Flash\FlashUtil32_13_0_0_214_Plugin.exe [847536 2014-05-13] (Adobe Systems Incorporated)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [RunStartupScriptSync] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideStartupScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {1e30d2f0-96c3-11dd-83db-001e4cdc4ef0} - F:\setupSNK.exe
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {bea08218-13f7-11df-a7dd-001e4cdc4ef0} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {c03f2a25-14b1-11df-bab4-001e4cdc4ef0} - wd_windows_tools\setup.exe
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {cbf9d7f6-b1bb-11dd-9902-001e4cdc4ef0} - F:\setupSNK.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
BootExecute:
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.softonic.com/MOY00002/tb_v1?SearchSource=10&cc=&mi=74965616000000000000001cbf915686&toi=16085
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - DefaultScope {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKCU - {105E99FF-8B9A-4492-B155-06194B9056D2} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - {C0197584-7E91-4454-8177-07E01E8098A6} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4d4acdad&v=6.11.25.1&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
SearchScopes: HKCU - {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKCU - {E72EEF90-4393-4B8E-9DCF-9FDFDB659A30} URL = http://internetsearchservice.com/search?q={searchTerms}
BHO: Adobe PDF Reader Link Helper - {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: AVG Safe Search - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Search Helper - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SearchHelper.dll (Microsoft Corp.)
BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: No Name - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
BHO: No Name - {DBC80044-A445-435b-BC74-9C25C1C588A9} - No File
BHO: Windows Live Toolbar Helper - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
BHO: No Name - {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} - No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - &Windows Live Toolbar - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MBAEA6744-D857-4CE3-8A2A-712EF60CAE3F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP7D9A60B4-EE90-48AB-ABC1-F7FAB62519F6
FF SearchEngineOrder.1: Search the web (Softonic)
FF Homepage: google.co.uk
FF Keyword.URL: hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=2&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @veoh.com/VeohTVPlugin - C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF Plugin: @veoh.com/VeohWebPlayer - C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF user.js: detected! => C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\searchplugins\softonic.xml
FF Extension: No Name - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2011-08-15]
FF Extension: 2YourFace - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\support@2yourface.com [2011-08-15]
FF Extension: vis - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2014-01-15]
FF Extension: Zotero Word for Windows Integration - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\zoteroWinWordIntegration@zotero.org [2014-04-30]
FF Extension: Ghostery - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\firefox@ghostery.com.xpi [2013-08-18]
FF Extension: MEGA - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\firefox@mega.co.nz.xpi [2013-12-29]
FF Extension: Zotero - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-08-12]
FF Extension: Adblock Plus - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-06]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\sotfone-tracker@sotfone.ru [2013-11-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG10\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG10\Firefox4 [2011-07-07]
FF HKLM\...\Firefox\Extensions: [crossriderapp435@crossrider.com] - C:\ProgramData\CodecCheck\firefox
FF Extension: Premiumplay Codec-C - C:\ProgramData\CodecCheck\firefox [2011-08-15]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-04]
FF HKCU\...\Firefox\Extensions: [web@veoh.com] - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder
FF Extension: Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2008-11-26]
FF HKCU\...\Firefox\Extensions: [offerboxffx@offerbox.com] - C:\Users\Holly Chapman\AppData\Roaming\OfferBox\offerboxffx@offerbox.com
FF Extension: OfferBox - C:\Users\Holly Chapman\AppData\Roaming\OfferBox\offerboxffx@offerbox.com [2010-06-28]
Chrome:
=======
CHR HomePage: hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085
CHR RestoreOnStartup: "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085"
CHR StartupUrls: "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085"
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: http://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=74965616000000000000001cbf915686&toi=16085
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2014-01-15]
CHR Extension: (AVG Safe Search) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2011-07-10]
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho [2012-03-24]
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-24]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx [2011-09-09]
CHR HKLM\...\Chrome\Extension: [jpnbdefcbnoefmmcpelplabbkfmfhlho] - C:\ProgramData\CodecCheck\chrome\codec_check.crx [2011-08-15]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
========================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395200 2012-10-19] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [779200 2012-10-15] (Eastman Kodak Company)
S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-11-05] (Sonic Solutions) [File not signed]
S2 RoxWatch9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-11-05] (Sonic Solutions) [File not signed]
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies S.A.)
S4 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [28624 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [255968 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-05] (AVG Technologies CZ, s.r.o.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-03-18] (EldoS Corporation)
R3 OXSDIDRV_x32; C:\Windows\System32\DRIVERS\OXSDIDRV_x32.sys [52656 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X32.sys [24880 2010-05-25] ()
R2 PDFsFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-03-18] (Raxco Software, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 uafilter; System32\DRIVERS\uafilter.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-06-27 19:50 - 2014-06-27 19:52 - 00024965 _____ () C:\Users\Holly Chapman\Downloads\FRST.txt
2014-06-27 19:50 - 2014-06-27 19:51 - 00000000 ____D () C:\FRST
2014-06-27 19:50 - 2014-06-27 19:50 - 01073152 _____ (Farbar) C:\Users\Holly Chapman\Downloads\FRST.exe
2014-06-27 19:47 - 2014-06-27 19:47 - 00001399 _____ () C:\Users\Holly Chapman\Desktop\checkup.txt
2014-06-27 19:42 - 2014-06-27 19:42 - 00854390 _____ () C:\Users\Holly Chapman\Downloads\SecurityCheck.exe
2014-06-26 21:30 - 2014-06-26 22:03 - 00004751 _____ () C:\Users\Holly Chapman\Desktop\aswMBR.txt
2014-06-26 21:30 - 2014-06-26 22:03 - 00000512 _____ () C:\Users\Holly Chapman\Desktop\MBR.dat
2014-06-26 19:40 - 2014-06-26 19:41 - 05185536 _____ (AVAST Software) C:\Users\Holly Chapman\Downloads\aswMBR.exe
2014-06-26 19:37 - 2014-06-26 19:37 - 00012876 _____ () C:\Users\Holly Chapman\Desktop\dds.txt
2014-06-26 19:37 - 2014-06-26 19:37 - 00004394 _____ () C:\Users\Holly Chapman\Desktop\attach.txt
2014-06-26 19:34 - 2014-06-26 19:34 - 00688992 ____R (Swearware) C:\Users\Holly Chapman\Downloads\dds.scr
2014-06-26 17:58 - 2014-06-26 17:58 - 00791393 _____ (Lars Hederer ) C:\Users\Holly Chapman\Downloads\erunt-setup(1).exe
2014-06-26 17:58 - 2014-06-26 17:58 - 00000676 _____ () C:\Users\Holly Chapman\Desktop\ERUNT.lnk
2014-06-26 17:58 - 2014-06-26 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-26 17:43 - 2014-06-26 17:43 - 00791393 _____ (Lars Hederer ) C:\Users\Holly Chapman\Downloads\erunt-setup.exe
2014-06-09 22:41 - 2014-06-09 22:41 - 00000130 _____ () C:\Users\Holly Chapman\Desktop\wine.txt
==================== One Month Modified Files and Folders =======
2014-06-27 19:52 - 2014-06-27 19:50 - 00024965 _____ () C:\Users\Holly Chapman\Downloads\FRST.txt
2014-06-27 19:51 - 2014-06-27 19:50 - 00000000 ____D () C:\FRST
2014-06-27 19:50 - 2014-06-27 19:50 - 01073152 _____ (Farbar) C:\Users\Holly Chapman\Downloads\FRST.exe
2014-06-27 19:47 - 2014-06-27 19:47 - 00001399 _____ () C:\Users\Holly Chapman\Desktop\checkup.txt
2014-06-27 19:42 - 2014-06-27 19:42 - 00854390 _____ () C:\Users\Holly Chapman\Downloads\SecurityCheck.exe
2014-06-27 19:38 - 2013-08-04 19:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\uTorrent
2014-06-27 19:38 - 2009-03-16 21:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\vlc
2014-06-27 19:28 - 2012-04-30 19:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-06-27 19:25 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-06-27 19:25 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-06-27 17:16 - 2013-01-16 18:12 - 00000000 ____D () C:\ProgramData\Kodak
2014-06-27 12:09 - 2014-04-24 15:22 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-06-27 08:05 - 2011-02-03 16:40 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-06-27 07:26 - 2011-10-24 20:57 - 00000344 _____ () C:\Windows\Tasks\DriverScanner.job
2014-06-27 07:25 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-06-26 22:04 - 2008-01-16 23:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-06-26 22:04 - 2006-11-02 14:01 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-06-26 22:03 - 2014-06-26 21:30 - 00004751 _____ () C:\Users\Holly Chapman\Desktop\aswMBR.txt
2014-06-26 22:03 - 2014-06-26 21:30 - 00000512 _____ () C:\Users\Holly Chapman\Desktop\MBR.dat
2014-06-26 19:41 - 2014-06-26 19:40 - 05185536 _____ (AVAST Software) C:\Users\Holly Chapman\Downloads\aswMBR.exe
2014-06-26 19:37 - 2014-06-26 19:37 - 00012876 _____ () C:\Users\Holly Chapman\Desktop\dds.txt
2014-06-26 19:37 - 2014-06-26 19:37 - 00004394 _____ () C:\Users\Holly Chapman\Desktop\attach.txt
2014-06-26 19:34 - 2014-06-26 19:34 - 00688992 ____R (Swearware) C:\Users\Holly Chapman\Downloads\dds.scr
2014-06-26 18:18 - 2008-01-16 23:18 - 01361194 _____ () C:\Windows\WindowsUpdate.log
2014-06-26 17:59 - 2008-07-05 18:40 - 00000000 ____D () C:\Windows\erdnt
2014-06-26 17:58 - 2014-06-26 17:58 - 00791393 _____ (Lars Hederer ) C:\Users\Holly Chapman\Downloads\erunt-setup(1).exe
2014-06-26 17:58 - 2014-06-26 17:58 - 00000676 _____ () C:\Users\Holly Chapman\Desktop\ERUNT.lnk
2014-06-26 17:58 - 2014-06-26 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-26 17:58 - 2011-01-02 20:45 - 00000000 ____D () C:\Program Files\ERUNT
2014-06-26 17:43 - 2014-06-26 17:43 - 00791393 _____ (Lars Hederer ) C:\Users\Holly Chapman\Downloads\erunt-setup.exe
2014-06-25 20:49 - 2010-12-04 12:27 - 00000490 ____H () C:\Windows\Tasks\Norton Security Scan for Holly Chapman.job
2014-06-24 17:24 - 2008-03-11 17:04 - 00006540 _____ () C:\Users\Holly Chapman\AppData\Local\d3d9caps.dat
2014-06-17 08:29 - 2008-01-16 23:54 - 00121208 _____ () C:\Windows\PFRO.log
2014-06-12 06:22 - 2012-04-26 19:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-06-11 17:30 - 2013-11-07 11:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-06-09 22:41 - 2014-06-09 22:41 - 00000130 _____ () C:\Users\Holly Chapman\Desktop\wine.txt
2014-06-08 16:29 - 2008-07-04 21:51 - 00000000 ____D () C:\ProgramData\Malwarebytes
2014-05-28 18:36 - 2008-03-12 12:48 - 00002569 _____ () C:\Users\Holly Chapman\Desktop\Microsoft Office Word 2003.lnk
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-06-27 19:33
==================== End Of Log ============================
My post is too long to post addition.txt, I will post this on my next reply.
Thanks,
Holly.
Holsten87
2014-06-27, 21:00
Addition.txt:
Additional scan result of Farbar Recovery Scan Tool (x86) Version:27-06-2014
Ran by Holly Chapman at 2014-06-27 19:52:29
Running from C:\Users\Holly Chapman\Downloads
Boot Mode: Normal
==========================================================
==================== Security Center ========================
==================== Installed Programs ======================
µTorrent (HKCU\...\uTorrent) (Version: 3.4.1.31395 - BitTorrent Inc.)
Adobe Acrobat and Reader 8.1.2 Security Update 1 (KB403742) (Version: 8.1.2 - Adobe Systems, Inc) Hidden
Adobe AIR (HKLM\...\Adobe AIR) (Version: 1.5.2.8900 - Adobe Systems Inc.)
Adobe AIR (Version: 1.5.2.8900 - Adobe Systems Inc.) Hidden
Adobe Flash Player 13 Plugin (HKLM\...\Adobe Flash Player Plugin) (Version: 13.0.0.214 - Adobe Systems Incorporated)
Adobe Flash Player ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 9.0.124.0 - Adobe Systems Incorporated)
Adobe Reader 8.1.2 (HKLM\...\{AC76BA86-7AD7-1033-7B44-A81200000003}) (Version: 8.1.2 - Adobe Systems Incorporated)
Adobe Shockwave Player 11 (HKLM\...\Adobe Shockwave Player) (Version: 11 - Adobe Systems, Inc.)
Advanced Audio FX Engine (HKLM\...\Advanced Audio FX Engine) (Version: - )
Advanced Video FX Engine (HKLM\...\Advanced Video FX Engine) (Version: - )
Advent AIO Printer (Version: 1.0.6.2 - DSGi) Hidden
Advent Essentials (Version: 1.0.0.0 - DSGi) Hidden
aioprnt (Version: 5.3.1.0 - Eastman Kodak Company) Hidden
aioscnnr (Version: 1.0.6.0 - DSGi) Hidden
aioscnnr (Version: 5.7.5.30 - Your Company Name) Hidden
aioscnnr (Version: 7.6.11.10 - Your Company Name) Hidden
AVG 2011 (HKLM\...\AVG) (Version: 10.0.1432 - AVG Technologies)
AVG 2011 (Version: 10.0.1432 - AVG Technologies) Hidden
AVG 2011 (Version: 10.0.3955 - AVG Technologies) Hidden
AVG PC Tuneup 2011 (HKLM\...\{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1) (Version: 10.0.0.24 - AVG)
Bonjour (HKLM\...\{47BF1BD6-DCAC-468F-A0AD-E5DECC2211C3}) (Version: 1.0.104 - Apple Inc.)
Broadcom Management Programs (HKLM\...\{C99C0593-3B48-41D9-B42F-6E035B320449}) (Version: 10.15.03 - Broadcom Corporation)
Browser Address Error Redirector (HKLM\...\{62230596-37E5-4618-A329-0D21F529A86F}) (Version: 1.00.0000 - Dell)
C4USelfUpdater (Version: 1.00.0000 - Your Company Name) Hidden
center (Version: 6.2.5.0 - Eastman Kodak Company) Hidden
Compatibility Pack for the 2007 Office system (HKLM\...\{90120000-0020-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Conexant HDA D330 MDC V.92 Modem (HKLM\...\CNXT_MODEM_HDAUDIO_VEN_14F1&DEV_2C06&SUBSYS_14F1000F) (Version: - )
Crossrider Web Apps (HKLM\...\Crossrider) (Version: - ) <==== ATTENTION
Dell Getting Started Guide (HKLM\...\{7DB9F1E5-9ACB-410D-A7DC-7A3D023CE045}) (Version: 1.00.0000 - Dell Inc.)
Dell Support Center (HKLM\...\{E3BFEE55-39E2-4BE0-B966-89FE583822C1}) (Version: 2.0.07311 - Dell)
Dell Touchpad (HKLM\...\SynTPDeinstKey) (Version: 9.1.18.6 - Synaptics)
Dell Webcam Center (HKLM\...\Dell Webcam Center) (Version: - )
Dell Webcam Manager (HKLM\...\Dell Webcam Manager) (Version: - )
Digital Line Detect (HKLM\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
DivX Setup (HKLM\...\DivX Setup) (Version: 2.6.1.8 - DivX, LLC)
Download Updater (AOL LLC) (HKLM\...\SoftwareUpdUtility) (Version: - ) <==== ATTENTION
ERUNT 1.1j (HKLM\...\ERUNT_is1) (Version: - Lars Hederer)
essentials (Version: 6.0.14.0 - Eastman Kodak Company) Hidden
ffdshow [rev 1975] [2008-05-26] (HKLM\...\ffdshow_is1) (Version: 1.0 - )
Google Update Helper (Version: 1.3.21.123 - Google Inc.) Hidden
Highlight Viewer (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
HijackThis 2.0.2 (HKLM\...\HijackThis) (Version: 2.0.2 - TrendMicro)
iolo technologies' System Mechanic (HKLM\...\{55FD1D5A-7AEF-4DA3-8FAF-A71B2A52FFC7}_is1) (Version: 12.5.0 - iolo technologies, LLC)
Iomega Encryption (HKLM\...\{510FD70C-0EBE-40A3-9BB9-0667EA764C7E}) (Version: 1.01.0000 - Iomega an EMC Company)
Java 7 Update 45 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F83217045FF}) (Version: 7.0.450 - Oracle)
Java Auto Updater (Version: 2.1.9.8 - Sun Microsystems, Inc.) Hidden
Java(TM) SE Runtime Environment 6 (HKLM\...\{3248F0A8-6813-11D6-A77B-00B0D0160000}) (Version: 1.6.0.0 - Sun Microsystems, Inc.)
Junk Mail filter update (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Kodak AIO Printer (Version: 7.0.3.0 - Eastman Kodak Company) Hidden
KODAK AiO Software (HKLM\...\{E0F274B7-592B-4669-8FB8-8D9825A09858}) (Version: 7.6.12.20 - Eastman Kodak Company)
Laptop Integrated Webcam Driver (1.04.01.1011) (HKLM\...\Creative OEM002) (Version: - )
Live! Cam Avatar Creator (HKLM\...\{65D0C510-D7B6-4438-9FC8-E6B91115AB0D}) (Version: 4.5.3104.1 - Creative)
Live! Cam Avatar v1.0 (HKLM\...\{1D5E29AD-39A9-4D0A-A8B6-46A6FCD8C995}) (Version: 1.0 - Creative)
Magic ISO Maker v5.5 (build 0273) (HKLM\...\Magic ISO Maker v5.5 (build 0273)) (Version: - )
Malwarebytes Anti-Malware version 1.75.0.1300 (HKLM\...\Malwarebytes' Anti-Malware_is1) (Version: 1.75.0.1300 - Malwarebytes Corporation)
Map Button (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
MediaDirect (HKLM\...\{9C6978E8-B6D0-4AB7-A7A0-D81A74FBF745}) (Version: 3.5 - Dell)
Microsoft .NET Framework 3.5 SP1 (HKLM\...\Microsoft .NET Framework 3.5 SP1) (Version: - Microsoft Corporation)
Microsoft .NET Framework 3.5 SP1 (Version: 3.5.30729 - Microsoft Corporation) Hidden
Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319 - Microsoft Corporation) Hidden
Microsoft Application Error Reporting (Version: 12.0.6012.5000 - Microsoft Corporation) Hidden
Microsoft Choice Guard (Version: 2.0.48.0 - Microsoft Corporation) Hidden
Microsoft Office PowerPoint Viewer 2007 (English) (HKLM\...\{95120000-00AF-0409-0000-0000000FF1CE}) (Version: 12.0.6425.1000 - Microsoft Corporation)
Microsoft Office Standard Edition 2003 (HKLM\...\{91120409-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Search Enhancement Pack (Version: 1.2.123.0 - Microsoft Corporation) Hidden
Microsoft Sync Framework Services Native v1.0 (x86) (HKLM\...\{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}) (Version: 1.0.1215.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053 (HKLM\...\{770657D0-A123-3C07-8E44-1C83EC895118}) (Version: 8.0.50727.4053 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148 (HKLM\...\{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570 (HKLM\...\{86CE85E6-DBAC-3FFD-B977-E4B79F83C909}) (Version: 9.0.30729.5570 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Works (HKLM\...\{6D52C408-B09A-4520-9B18-475B81D393F1}) (Version: 08.05.0818 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{F63A3748-B93D-4360-9AD4-B064481A5C7B}) (Version: 1.0.20.0 - Dell)
Mozilla Firefox 18.0 (x86 en-US) (HKLM\...\Mozilla Firefox 18.0 (x86 en-US)) (Version: 18.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
MSVCRT (Version: 14.0.1468.721 - Microsoft) Hidden
MSXML 4.0 SP2 (KB936181) (HKLM\...\{C04E32E0-0416-434D-AFB9-6969D703A9EF}) (Version: 4.20.9848.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB941833) (HKLM\...\{C523D256-313D-4866-B36A-F3DE528246EF}) (Version: 4.20.9849.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NetWaiting (HKLM\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.44 - BVRP Software, Inc)
ocr (Version: 6.2.3.50 - Eastman Kodak Company) Hidden
OfferBox (HKLM\...\{2C8574B5-6935-4FCE-860E-F4E8602378FF}) (Version: 2.00.0000 - Secure Digital Services) <==== ATTENTION
OutlookAddinSetup (HKLM\...\{9BDEF074-020E-458D-ADC5-8FF68E0C9B56}) (Version: 1.0.0 - CyberLink)
PreReq (Version: 6.0.5.2 - Eastman Kodak Company) Hidden
PreReq (Version: 6.2.4.0 - Eastman Kodak Company) Hidden
PrintProjects (HKLM\...\PrintProjects) (Version: 1.0.0.9282 - RocketLife Inc.)
QuickSet (HKLM\...\{7F0C4457-8E64-491B-8D7B-991504365D1E}) (Version: 8.0.11 - Dell Inc.)
RealPlayer (HKLM\...\RealPlayer 6.0) (Version: - RealNetworks)
RemoteComms External Disk Access (HKLM\...\{04FCD5DE-1662-4F99-BDA9-C57212113EF2}) (Version: 1.25.0003 - PLX Technology)
RICOH Media Driver ver.2.07.01.04 (HKLM\...\{2B818257-E6C7-4841-8C29-C5C9A982BCE5}) (Version: 2.07.01.04 - RICOH)
Roxio Creator Audio (HKLM\...\{83FFCFC7-88C6-41c6-8752-958A45325C82}) (Version: 3.3.0 - Roxio)
Roxio Creator BDAV Plugin (HKLM\...\{880AF49C-34F7-4285-A8AD-8F7A3D1C33DC}) (Version: 3.3.0 - Roxio)
Roxio Creator Copy (HKLM\...\{619CDD8A-14B6-43a1-AB6C-0F4EE48CE048}) (Version: 3.3.0 - Roxio)
Roxio Creator Data (HKLM\...\{0D397393-9B50-4c52-84D5-77E344289F87}) (Version: 3.3.0 - Roxio)
Roxio Creator DE (HKLM\...\{C8B0680B-CDAE-4809-9F91-387B6DE00F7C}) (Version: 3.3.0 - Roxio)
Roxio Creator Tools (HKLM\...\{0394CDC8-FABD-4ed8-B104-03393876DFDF}) (Version: 3.3.0 - Roxio)
Roxio Express Labeler (HKLM\...\{6675CA7F-E51B-4F6A-99D4-F8F0124C6EAA}) (Version: 2.1.0 - Roxio)
Roxio MyDVD DE (HKLM\...\{D639085F-4B6E-4105-9F37-A0DBB023E2FB}) (Version: 9.0.116 - Roxio, Inc.)
Roxio Update Manager (HKLM\...\{30465B6C-B53F-49A1-9EBA-A3F187AD502E}) (Version: 3.0.0 - Roxio)
SecondLifeViewer (remove only) (HKLM\...\SecondLifeViewer) (Version: - )
Skype Click to Call (HKLM\...\{B6CF2967-C81E-40C0-9815-C05774FEF120}) (Version: 6.11.13348 - Skype Technologies S.A.)
Skype™ 6.7 (HKLM\...\{4E76FF7E-AEBA-4C87-B788-CD47E5425B9D}) (Version: 6.7.102 - Skype Technologies S.A.)
Smart Menus (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Sonic Activation Module (Version: 1.0 - Sonic Solutions) Hidden
System Checkup 3.4 (HKLM\...\{4AC7B4E7-59B7-4E48-A60D-263C486FC33A}_is1) (Version: 3.4.0.47 - iolo technologies, LLC)
Tiscali Internet (HKLM\...\{58B2B6D3-E5FF-4D16-87AC-52CC5717C7C6}) (Version: 1.0.0.38 - Tiscali)
Uniblue DriverScanner (HKLM\...\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1) (Version: 4.0.1.6 - Uniblue Systems Ltd)
Uniblue RegistryBooster 2 (HKLM\...\RegistryBooster 2_is1) (Version: - Uniblue)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707) (HKLM\...\{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}.KB963707) (Version: 1 - Microsoft Corporation)
User's Guides (HKLM\...\{5CD29180-A95E-11D3-A4EB-00C04F7BDB2C}) (Version: - )
uTorrentBar Toolbar (HKLM\...\uTorrentBar Toolbar) (Version: 6.2.7.3 - uTorrentBar) <==== ATTENTION
VC80CRTRedist - 8.0.50727.6195 (Version: 1.2.0 - DivX, Inc) Hidden
Veoh Web Player Beta (HKLM\...\Veoh Web Player Beta) (Version: 1.1.2.1036 - Veoh Networks, Inc.)
VIS (HKLM\...\VIS) (Version: - ) <==== ATTENTION
VLC media player 2.1.3 (HKLM\...\VLC media player) (Version: 2.1.3 - VideoLAN)
WIDCOMM Bluetooth Software 6.0.1.3100 (HKLM\...\{A13E07E1-A423-44FB-9DEE-B24C75C1BAF2}) (Version: 6.0.1.3100 - Dell)
Widestream6 (HKLM\...\{835525BE-63BD-4EC4-9425-00CEAD4849C2}) (Version: 1.00.0000 - Secure Digital Services)
Winamp (HKLM\...\Winamp) (Version: 5.623 - Nullsoft, Inc)
Winamp Detector Plug-in (HKCU\...\Winamp Detect) (Version: 1.0.0.1 - Nullsoft, Inc)
Windows Live Call (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Communications Platform (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Essentials (HKLM\...\WinLiveSuite_Wave3) (Version: 14.0.8117.0416 - Microsoft Corporation)
Windows Live Essentials (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Favorites for Windows Live Toolbar (HKLM\...\{786C4AD1-DCBA-49A6-B0EF-B317A344BD66}) (Version: 03.01.0146 - Microsoft Corporation)
Windows Live Mail (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live Messenger (Version: 14.0.8117.0416 - Microsoft Corporation) Hidden
Windows Live OneCare safety scanner (HKLM\...\Windows Live OneCare safety scanner) (Version: - Microsoft Corporation)
Windows Live OneCare safety scanner (Version: 1.0.0.0 - Microsoft Corporation) Hidden
Windows Live Sign-in Assistant (HKLM\...\{9422C8EA-B0C6-4197-B8FC-DC797658CA00}) (Version: 5.000.818.6 - Microsoft Corporation)
Windows Live Toolbar (Version: 14.0.8117.416 - Microsoft Corporation) Hidden
Windows Live Toolbar Extension (Windows Live Toolbar) (Version: 03.01.0146 - Microsoft Corporation) Hidden
Windows Live Upload Tool (HKLM\...\{205C6BDD-7B73-42DE-8505-9A093F35A238}) (Version: 14.0.8014.1029 - Microsoft Corporation)
Windows Media Player Firefox Plugin (HKLM\...\{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}) (Version: 1.0.0.8 - Microsoft Corp)
Windows Mobile Device Center (HKLM\...\{904CCF62-818D-4675-BC76-D37EB399F917}) (Version: 6.1.6965.0 - Microsoft Corporation)
Windows Mobile Device Center Driver Update (HKLM\...\{E7044E25-3038-4A76-9064-344AC038043E}) (Version: 6.1.6965.0 - Microsoft Corporation)
WinRAR archiver (HKLM\...\WinRAR archiver) (Version: - )
WinZip 15.0 (HKLM\...\{CD95F661-A5C4-44F5-A6AA-ECDD91C240C0}) (Version: 15.0.9334 - WinZip Computing, S.L. )
Xvid Video Codec (HKLM\...\Xvid Video Codec 1.3.0) (Version: 1.3.2 - Xvid Team)
Yontoo 1.10.02 (HKLM\...\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}) (Version: 1.10.02 - Yontoo LLC) <==== ATTENTION
==================== Restore Points =========================
Could not list Restore Points. Check "winmgmt" service or repair WMI.
==================== Hosts content: ==========================
2006-11-02 11:23 - 2006-09-18 22:41 - 00000736 ____A C:\Windows\system32\Drivers\etc\hosts
::1 localhost
==================== Scheduled Tasks (whitelisted) =============
Task: {039D42C0-88DC-4634-B4B0-0A2DA364DA07} - System32\Tasks\Bristol-Eduroam-Tidyup => C:\Windows\Bristol-Eduroam-Tidy.bat [2011-09-15] ()
Task: {08421653-4B7B-4733-A076-CFCF4AD75FF4} - System32\Tasks\Norton PC Checkup Weekday Scanner => C:\Program Files\Norton PC Checkup\PC_Checkup.exe
Task: {1CC81347-6204-4B83-900C-01E02F50F067} - System32\Tasks\Microsoft\Windows\MobilePC\TMM
Task: {3BCDF251-CA5C-4045-A1FC-8FCEF9FBDC93} - System32\Tasks\Microsoft\Windows\Shell\CrawlStartPages
Task: {44980BEE-7809-44A9-AC24-D6E578A3B7DF} - System32\Tasks\Microsoft\Windows\RAC\RACAgent => C:\Windows\system32\RacAgent.exe [2008-01-18] (Microsoft Corporation)
Task: {47EE8635-952E-4AAA-BB78-D647A6C950AD} - System32\Tasks\iolo Process Governor => C:\Program Files\iolo\System Mechanic\iologovernor.exe [2013-12-03] (iolo technologies, LLC)
Task: {933E1971-2F33-43CB-A3A7-0CEDD6F0F3D0} - System32\Tasks\Microsoft\Windows\NetworkAccessProtection\NAPStatus UI
Task: {9D7DC040-72AD-4BCB-B657-FB9C98D117AB} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13] (Adobe Systems Incorporated)
Task: {A2176062-C85E-4297-B5AC-615D92C714DF} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: {AD534223-1B5D-42EF-A515-7B629F503CE1} - System32\Tasks\Norton Security Scan for Holly Chapman => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
Task: {C9A5EA02-0D05-4380-B418-912FAF380D8E} - System32\Tasks\DriverScanner => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe [2011-05-16] (Uniblue Systems Limited)
Task: {DD1A6DDB-F878-4DED-8922-33D00906F0AC} - System32\Tasks\Orb Startup => C:\Program Files\Winamp Remote\bin\OrbTray.exe
Task: {E5150B95-F9B4-4D5D-95A2-7EC1ACBA95F8} - System32\Tasks\Microsoft\Windows\Wireless\GatherWirelessInfo => C:\Windows\system32\gatherWirelessInfo.vbs [2008-01-05] ()
Task: {EA9476A4-2A03-4151-BF7B-88EA52B9624B} - System32\Tasks\Norton PC Checkup Weekend Scanner => C:\Program Files\Norton PC Checkup\PC_Checkup.exe
Task: {EBCBC9F3-BE5E-4667-9809-10E02D599870} - System32\Tasks\Microsoft\Windows Defender\MP Scheduled Signature Update => c:\program files\windows defender\MpCmdRun.exe [2008-01-18] (Microsoft Corporation)
Task: {F04DEA8D-6E91-422E-BF04-46354F6B88AB} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\DriverScanner.job => C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
Task: C:\Windows\Tasks\Norton Security Scan for Holly Chapman.job => C:\Program Files\Norton Security Scan\Engine\2.7.3.34\Nss.exe
==================== Loaded Modules (whitelisted) =============
2008-01-17 07:12 - 2007-09-26 11:47 - 00249856 _____ () C:\Windows\system32\igfxTMM.dll
2006-11-05 11:58 - 2006-11-05 11:58 - 00516096 _____ () C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
2006-11-05 11:28 - 2006-11-05 11:28 - 04587520 ____R () C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
2011-02-10 07:55 - 2011-02-10 07:55 - 01148256 _____ () C:\Program Files\AVG\AVG10\Identity Protection\agent\bin\avgidsmonitor.exe
2011-12-09 18:23 - 2012-06-05 11:53 - 00417280 _____ () C:\Program Files\Winamp\nsutil.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 00078848 _____ () C:\Program Files\Winamp\nde.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00023040 _____ () C:\Program Files\Winamp\System\albumart.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00174080 _____ () C:\Program Files\Winamp\System\auth.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00019456 _____ () C:\Program Files\Winamp\System\bmp.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00047616 _____ () C:\Program Files\Winamp\zlib.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00044544 _____ () C:\Program Files\Winamp\System\devices.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00016896 _____ () C:\Program Files\Winamp\System\dlmgr.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00014336 _____ () C:\Program Files\Winamp\System\filereader.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00019456 _____ () C:\Program Files\Winamp\System\gif.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00016384 _____ () C:\Program Files\Winamp\System\gracenote.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00623616 _____ () C:\Program Files\Winamp\System\jnetlib.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00154624 _____ () C:\Program Files\Winamp\System\jpeg.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00084480 _____ () C:\Program Files\Winamp\System\playlist.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00103936 _____ () C:\Program Files\Winamp\System\png.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00013824 _____ () C:\Program Files\Winamp\System\primo.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00021504 _____ () C:\Program Files\Winamp\System\tagz.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00035328 _____ () C:\Program Files\Winamp\System\timer.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00090112 _____ () C:\Program Files\Winamp\System\xml.w5s
2011-12-09 18:23 - 2012-06-05 11:54 - 00068608 _____ () C:\Program Files\Winamp\Plugins\in_avi.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00102400 _____ () C:\Program Files\Winamp\Plugins\in_cdda.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00072192 _____ () C:\Program Files\Winamp\Plugins\in_dshow.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00061440 _____ () C:\Program Files\Winamp\Plugins\in_flac.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00043008 _____ () C:\Program Files\Winamp\Plugins\in_flv.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00007168 _____ () C:\Program Files\Winamp\Plugins\in_linein.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00109568 _____ () C:\Program Files\Winamp\Plugins\in_midi.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00049152 _____ () C:\Program Files\Winamp\Plugins\in_mkv.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00165376 _____ () C:\Program Files\Winamp\Plugins\in_mod.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00290304 _____ () C:\Program Files\Winamp\Plugins\in_mp3.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00052736 _____ () C:\Program Files\Winamp\Plugins\in_mp4.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00075264 _____ () C:\Program Files\Winamp\Plugins\in_nsv.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00023552 _____ () C:\Program Files\Winamp\Plugins\in_swf.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00253440 _____ () C:\Program Files\Winamp\Plugins\in_vorbis.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00016896 _____ () C:\Program Files\Winamp\Plugins\in_wave.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 00253440 _____ () C:\Program Files\Winamp\libsndfile.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00313344 _____ () C:\Program Files\Winamp\Plugins\in_wm.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00022528 _____ () C:\Program Files\Winamp\Plugins\out_disk.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00052224 _____ () C:\Program Files\Winamp\Plugins\out_ds.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00018432 _____ () C:\Program Files\Winamp\Plugins\out_wave.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 01737728 _____ () C:\Program Files\Winamp\Plugins\gen_ff.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00083968 _____ () C:\Program Files\Winamp\tataki.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 00340992 _____ () C:\Program Files\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
2011-12-09 18:23 - 2012-06-05 11:53 - 00027648 _____ () C:\Program Files\Winamp\Plugins\gen_hotkeys.dll
2011-11-10 23:10 - 2012-06-05 11:54 - 00185344 _____ () C:\Program Files\Winamp\Plugins\gen_jumpex.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00318464 _____ () C:\Program Files\Winamp\Plugins\gen_ml.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00294400 _____ () C:\Program Files\Winamp\Plugins\ml_local.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00082944 _____ () C:\Program Files\Winamp\Plugins\ml_playlists.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00124928 _____ () C:\Program Files\Winamp\Plugins\ml_online.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00249856 _____ () C:\Program Files\Winamp\Plugins\ml_devices.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00200192 _____ () C:\Program Files\Winamp\Plugins\ml_disc.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00241152 _____ () C:\Program Files\Winamp\Plugins\ml_pmp.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00029184 _____ () C:\Program Files\Winamp\Plugins\pmp_activesync.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00060928 _____ () C:\Program Files\Winamp\Plugins\pmp_android.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00170496 _____ () C:\Program Files\Winamp\Plugins\pmp_ipod.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00020480 _____ () C:\Program Files\Winamp\Plugins\pmp_njb.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00118272 _____ () C:\Program Files\Winamp\Plugins\pmp_p4s.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00053760 _____ () C:\Program Files\Winamp\Plugins\pmp_usb.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00113664 _____ () C:\Program Files\Winamp\Plugins\pmp_wifi.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00028160 _____ () C:\Program Files\Winamp\Plugins\ml_bookmarks.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00052224 _____ () C:\Program Files\Winamp\Plugins\ml_history.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00028672 _____ () C:\Program Files\Winamp\Plugins\ml_autotag.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00057344 _____ () C:\Program Files\Winamp\Plugins\ml_impex.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00083456 _____ () C:\Program Files\Winamp\Plugins\ml_plg.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00033792 _____ () C:\Program Files\Winamp\Plugins\ml_rg.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00032256 _____ () C:\Program Files\Winamp\Plugins\ml_transcode.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00057344 _____ () C:\Program Files\Winamp\Plugins\gen_orgler.dll
2011-12-09 18:23 - 2012-06-05 11:54 - 00025600 _____ () C:\Program Files\Winamp\Plugins\gen_tray.dll
2011-12-09 18:23 - 2012-06-05 11:53 - 00180224 _____ () C:\Program Files\Winamp\libmp4v2.dll
2013-11-07 11:06 - 2014-06-11 17:29 - 03852912 _____ () C:\Program Files\Mozilla Firefox\mozjs.dll
==================== Alternate Data Streams (whitelisted) =========
AlternateDataStreams: C:\ProgramData\TEMP:0B4227B4
==================== Safe Mode (whitelisted) ===================
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ioloSystemService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ioloSystemService => ""="Service"
==================== EXE Association (whitelisted) =============
==================== MSCONFIG/TASK MANAGER disabled items =========
MSCONFIG\startupreg: TkBellExe => "C:\Program Files\Common Files\Real\Update_OB\realsched.exe" -osboot
MSCONFIG\startupreg: VeohPlugin => "C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe"
==================== Faulty Device Manager Devices =============
Could not list Devices. Check "winmgmt" service or repair WMI.
==================== Event log errors: =========================
Application errors:
==================
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll (992) SUS20ClientDataStore: A bad page link (error -338) has been detected in a B-Tree (ObjectId: 28, PgnoRoot: 76) of database C:\Windows\SoftwareDistribution\DataStore\DataStore.edb (76 => 20631, wuaueng.dll0).
System errors:
=============
Error: (04/02/2010 02:46:07 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:44:34 on 02/04/2010 was unexpected.
Error: (04/02/2010 02:42:58 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 14:41:19 on 02/04/2010 was unexpected.
Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state
Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state
Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state
Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state
Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state
Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state
Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state
Error: (04/02/2010 02:39:01 PM) (Source: Microsoft-Windows-Servicing) (EventID: 4375) (User: NT AUTHORITY)
Description: Windows Servicing failed to complete the process of setting package KB948610 (Update) into Install Requested(Install Requested) state
Microsoft Office Sessions:
=========================
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
Error: (06/27/2014 07:53:07 PM) (Source: ESENT) (EventID: 447) (User: )
Description: wuaueng.dll992SUS20ClientDataStore: -3382876C:\Windows\SoftwareDistribution\DataStore\DataStore.edb76206314456497
CodeIntegrity Errors:
===================================
Date: 2014-06-27 19:51:54.579
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:54.299
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:54.090
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:53.803
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:53.422
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:53.171
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:52.935
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:52.661
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\tcpip.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:32.131
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.
Date: 2014-06-27 19:51:31.889
Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume3\Windows\System32\drivers\AVGIDSEH.sys because the set of per-page image hashes could not be found on the system.
==================== Memory info ===========================
Percentage of memory in use: 71%
Total physical RAM: 2037.31 MB
Available physical RAM: 590.63 MB
Total Pagefile: 4317.89 MB
Available Pagefile: 2719.87 MB
Total Virtual: 2047.88 MB
Available Virtual: 1907.79 MB
==================== Drives ================================
Drive c: (OS) (Fixed) (Total:136.43 GB) (Free:62.63 GB) NTFS ==>[Drive with boot components (obtained from BCD)]
Drive d: (RECOVERY) (Fixed) (Total:10 GB) (Free:5.78 GB) NTFS
Drive f: (Iomega_HDD) (Fixed) (Total:930.83 GB) (Free:622.7 GB) NTFS
Drive g: (Virtual CD) (CDROM) (Total:0.08 GB) (Free:0 GB) CDFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (MBR Code: Windows 7 or Vista) (Size: 149 GB) (Disk ID: 28000000)
Partition 1: (Not Active) - (Size=118 MB) - (Type=DE)
Partition 2: (Not Active) - (Size=10 GB) - (Type=07 NTFS)
Partition 3: (Active) - (Size=136 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=3 GB) - (Type=OF Extended)
Attempted reading MBR returned 0 bytes.
Could not read MBR for disk 1.
==================== End Of Log ============================
Hi Holsten87,
Has this computer been unused for quite awhile?
=========================
Windows Vista does not have the latest Service Pack. You should update to the latest service pack before you continue.
Go here (http://www.microsoft.com/en-us/download/details.aspx?id=16468), and download SP2 for your computer.
Expand the Install Instructions, and follow those to install SP2.
Reboot after you are done and continue with the instructions.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) TDSSKiller
Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) - Extract it to your desktop
TDSSKiller.exe
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Press Start Scan
Only if Malicious objects are found then ensure Cure is selected
Then click Continue > Reboot now
Copy and paste the log in your next reply
A copy of the log will be saved automatically to the root of the drive (typically C:\)
=========================
In your next post please provide the following:
TDSSKiller log
Holsten87
2014-06-30, 18:13
Opps, sorry! I thought I'd replied to this. Apologies for the late reply- I've been having trouble installing the service pack and have been trying to solve the issue, but not yet successful. I've been using this laptop daily for seven years, but have never been able to install SP2. I will keep on trying, but I'll post the TDSS log in the meantime. It didn't find any threats, but here's the report:
17:07:41.0184 0x15e4 TDSS rootkit removing tool 3.0.0.39 Jun 5 2014 20:35:54
17:07:44.0702 0x15e4 ============================================================
17:07:44.0702 0x15e4 Current date / time: 2014/06/30 17:07:44.0702
17:07:44.0702 0x15e4 SystemInfo:
17:07:44.0702 0x15e4
17:07:44.0702 0x15e4 OS Version: 6.0.6001 ServicePack: 1.0
17:07:44.0702 0x15e4 Product type: Workstation
17:07:44.0702 0x15e4 ComputerName: THE-BEAST
17:07:44.0703 0x15e4 UserName: Holly Chapman
17:07:44.0703 0x15e4 Windows directory: C:\Windows
17:07:44.0703 0x15e4 System windows directory: C:\Windows
17:07:44.0703 0x15e4 Processor architecture: Intel x86
17:07:44.0703 0x15e4 Number of processors: 2
17:07:44.0703 0x15e4 Page size: 0x1000
17:07:44.0703 0x15e4 Boot type: Normal boot
17:07:44.0703 0x15e4 ============================================================
17:07:44.0957 0x15e4 KLMD registered as C:\Windows\system32\drivers\42346196.sys
17:07:45.0199 0x15e4 System UUID: {86624D06-03CC-FC3B-4764-BB75D07C2ADA}
17:07:47.0293 0x15e4 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000050
17:07:47.0312 0x15e4 Drive \Device\Harddisk1\DR2 - Size: 0xE8B51B6000 ( 930.83 Gb ), SectorSize: 0x1000, Cylinders: 0x3B55, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
17:07:47.0334 0x15e4 ============================================================
17:07:47.0334 0x15e4 \Device\Harddisk0\DR0:
17:07:47.0334 0x15e4 MBR partitions:
17:07:47.0334 0x15e4 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3B000, BlocksNum 0x1400000
17:07:47.0334 0x15e4 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143B000, BlocksNum 0x110DE000
17:07:47.0350 0x15e4 \Device\Harddisk1\DR2:
17:07:47.0351 0x15e4 MBR partitions:
17:07:47.0351 0x15e4 \Device\Harddisk1\DR2\Partition1: MBR, Type 0x7, StartLBA 0x100, BlocksNum 0xE8B4F00
17:07:47.0351 0x15e4 ============================================================
17:07:47.0387 0x15e4 C: <-> \Device\Harddisk0\DR0\Partition2
17:07:47.0422 0x15e4 D: <-> \Device\Harddisk0\DR0\Partition1
17:07:47.0461 0x15e4 F: <-> \Device\Harddisk1\DR2\Partition1
17:07:47.0462 0x15e4 ============================================================
17:07:47.0462 0x15e4 Initialize success
17:07:47.0462 0x15e4 ============================================================
17:07:51.0781 0x0b38 ============================================================
17:07:51.0781 0x0b38 Scan started
17:07:51.0781 0x0b38 Mode: Manual;
17:07:51.0781 0x0b38 ============================================================
17:07:51.0781 0x0b38 KSN ping started
17:07:52.0305 0x0b38 KSN ping finished: true
17:07:54.0194 0x0b38 ================ Scan system memory ========================
17:07:54.0195 0x0b38 System memory - ok
17:07:54.0196 0x0b38 ================ Scan services =============================
17:07:54.0469 0x0b38 [ FCB8C7210F0135E24C6580F7F649C73C, 7E5E3D0B4F4BD418E6CC551850C672E1AF347CBB2E665B6F72638786CE5079C5 ] ACPI C:\Windows\system32\drivers\acpi.sys
17:07:54.0482 0x0b38 ACPI - ok
17:07:54.0649 0x0b38 [ 09E7C37DF4A911C8A9AA8BF88ACD10AA, E881E0BBDCED58F28E0BA8DC27372EDFFFF2C57EE31CD13A032FDC9F7C831B5A ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
17:07:54.0738 0x0b38 AdobeFlashPlayerUpdateSvc - ok
17:07:54.0841 0x0b38 [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
17:07:54.0863 0x0b38 adp94xx - ok
17:07:54.0903 0x0b38 [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
17:07:54.0915 0x0b38 adpahci - ok
17:07:54.0942 0x0b38 [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
17:07:54.0958 0x0b38 adpu160m - ok
17:07:54.0969 0x0b38 [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
17:07:54.0976 0x0b38 adpu320 - ok
17:07:55.0048 0x0b38 [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
17:07:55.0057 0x0b38 AeLookupSvc - ok
17:07:55.0130 0x0b38 [ EF1142512BEC12F1C2C87735DA1755BE, 236EFD8FBA717123E0CF5A136ACEBB80A2BE1FA4B1A9A2C74728BC4EB4E787D8 ] AESTFilters C:\Windows\system32\aestsrv.exe
17:07:55.0135 0x0b38 AESTFilters - ok
17:07:55.0183 0x0b38 [ 48EB99503533C27AC6135648E5474457, 344A83008F41AAC3CDFC52EFC4F2EFF441971C58182597D2FBED315B3FC62137 ] AFD C:\Windows\system32\drivers\afd.sys
17:07:55.0234 0x0b38 AFD - ok
17:07:55.0345 0x0b38 [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440 C:\Windows\system32\drivers\agp440.sys
17:07:55.0349 0x0b38 agp440 - ok
17:07:55.0362 0x0b38 [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
17:07:55.0367 0x0b38 aic78xx - ok
17:07:55.0434 0x0b38 [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
17:07:55.0452 0x0b38 ALG - ok
17:07:55.0459 0x0b38 [ DC67A153FDB8105B25D05334B5E1D8E2, 95CD9ABE73EC1E5111F5D599FE16EB1B3A6A87B7FC54922254769032CD2BEF0E ] aliide C:\Windows\system32\drivers\aliide.sys
17:07:55.0462 0x0b38 aliide - ok
17:07:55.0473 0x0b38 [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp C:\Windows\system32\drivers\amdagp.sys
17:07:55.0477 0x0b38 amdagp - ok
17:07:55.0488 0x0b38 [ 835C4C3355088298A5EBD818FA31430F, 947E587F016AD3B2B4606334E03372F34D806ED1AFF4860E7EA2E289D70FB79E ] amdide C:\Windows\system32\drivers\amdide.sys
17:07:55.0491 0x0b38 amdide - ok
17:07:55.0537 0x0b38 [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
17:07:55.0541 0x0b38 AmdK7 - ok
17:07:55.0548 0x0b38 [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
17:07:55.0566 0x0b38 AmdK8 - ok
17:07:55.0662 0x0b38 [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
17:07:55.0669 0x0b38 Appinfo - ok
17:07:55.0719 0x0b38 [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
17:07:55.0757 0x0b38 arc - ok
17:07:55.0802 0x0b38 [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
17:07:55.0807 0x0b38 arcsas - ok
17:07:55.0859 0x0b38 [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
17:07:55.0912 0x0b38 AsyncMac - ok
17:07:55.0967 0x0b38 [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
17:07:55.0978 0x0b38 atapi - ok
17:07:56.0090 0x0b38 [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
17:07:56.0111 0x0b38 AudioEndpointBuilder - ok
17:07:56.0157 0x0b38 [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] Audiosrv C:\Windows\System32\Audiosrv.dll
17:07:56.0168 0x0b38 Audiosrv - ok
17:07:57.0151 0x0b38 [ 7A0F6A3E0E41425B9BA54616B482668A, 096BE4C9D44CD8BB63E3415DF70035C63B43B43E191C7311DCA05532C0DDF840 ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
17:07:58.0974 0x0b38 AVGIDSAgent - ok
17:07:59.0143 0x0b38 [ 1C8D965BBCAA9EE5DEFDB54743437086, 6B431CA9B20D0E066B71A8CA4430D74C0EA72FF0CB12F0D3A5F4E6A065244A37 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
17:07:59.0151 0x0b38 AVGIDSDriver - ok
17:07:59.0182 0x0b38 [ C59C9BC3F0612BD207CCDC5D8CB9CE39, FA3B991BA47E15C7EBD7D7B9BC28FF976F0EA3A49C68F954FF47BBB8D9EF1C99 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
17:07:59.0186 0x0b38 AVGIDSEH - ok
17:07:59.0229 0x0b38 [ C5559DE2EC66CEDE15A1664F6D183D8E, D326E2A290F978E1B3D77E4D9020B5CA12FBF80913D6E5D8AB7327A0D543CF24 ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
17:07:59.0238 0x0b38 AVGIDSFilter - ok
17:07:59.0288 0x0b38 [ AE5E9667FA40206796D1BD5BD0427A8A, D829BD90B22228870D0E86F3BFF9234503085605226526FBFCF11DC98397607A ] AVGIDSShim C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
17:07:59.0306 0x0b38 AVGIDSShim - ok
17:07:59.0350 0x0b38 [ 901EB73F900D8DD1E8862C40427B83AE, 6CEC9109CDA7ED3952702773785430C3AE02195EB6D3FDF889C1F9118CF50D11 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
17:07:59.0420 0x0b38 Avgldx86 - ok
17:07:59.0505 0x0b38 [ 5639DE66B37D02BD22DF4CF3155FBA60, E7F8E588DA6470DB285EB7EAA199572A84EF6660A9D6B30B1D9BBF096B4D04F1 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
17:07:59.0561 0x0b38 Avgmfx86 - ok
17:07:59.0606 0x0b38 [ D1BAF652EDA0AE70896276A1FB32C2D4, 295C26E45C79920EC93FC95891F61E76D09CDF7D18011FE93FC61346A2FA28C9 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
17:07:59.0640 0x0b38 Avgrkx86 - ok
17:07:59.0815 0x0b38 [ AAF0EBCAD95F2164CFFB544E00392498, 20ED50D2E33DFCF4B209B76E041DB1483B9A23A12591CC303F4D6C4846DEB7D5 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
17:07:59.0844 0x0b38 Avgtdix - ok
17:07:59.0967 0x0b38 [ FC2BC51120A945F7C70376495E4E7737, AA9711093972B6D7690C7662EF45DAAA9499AD36A6191382E43DAE566B64BF12 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
17:07:59.0988 0x0b38 avgwd - ok
17:08:00.0066 0x0b38 [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
17:08:00.0071 0x0b38 bcm4sbxp - ok
17:08:00.0157 0x0b38 [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
17:08:00.0164 0x0b38 Beep - ok
17:08:00.0238 0x0b38 [ 8582E233C346AEFE759833E8A30DD697, 2B0A4FB7F0C3256A5003821634DFA04BA8C3FBB46E942E8BC5D114AF8D1E5354 ] BFE C:\Windows\System32\bfe.dll
17:08:00.0296 0x0b38 BFE - ok
17:08:00.0483 0x0b38 [ 02ED7B4DBC2A3232A389106DA7515C3D, 0DFCD03CB967D1A980D56124603F353DC1D800E3A5E436EEE95C65FDE17398CF ] BITS C:\Windows\System32\qmgr.dll
17:08:00.0554 0x0b38 BITS - ok
17:08:00.0561 0x0b38 blbdrive - ok
17:08:00.0723 0x0b38 [ CFD4C3352E29A8B729536648466E8DF5, EE2699697931C054A1C82E6FC1B2EA4881C2F9FBF2B7F7E24268450703ED6F9A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
17:08:00.0777 0x0b38 Bonjour Service - ok
17:08:00.0871 0x0b38 [ 8153396D5551276227FA146900F734E6, 0AE06774162D542D9E95246B7112A40D7C463EF331B4F56C9CF8AD99A0341E38 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
17:08:00.0980 0x0b38 bowser - ok
17:08:01.0048 0x0b38 [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
17:08:01.0063 0x0b38 BrFiltLo - ok
17:08:01.0082 0x0b38 [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
17:08:01.0107 0x0b38 BrFiltUp - ok
17:08:01.0144 0x0b38 [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
17:08:01.0156 0x0b38 Browser - ok
17:08:01.0177 0x0b38 [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
17:08:01.0186 0x0b38 Brserid - ok
17:08:01.0194 0x0b38 [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
17:08:01.0203 0x0b38 BrSerWdm - ok
17:08:01.0212 0x0b38 [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
17:08:01.0221 0x0b38 BrUsbMdm - ok
17:08:01.0241 0x0b38 [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
17:08:01.0321 0x0b38 BrUsbSer - ok
17:08:01.0366 0x0b38 [ DA7B195275BDA7F8FCF79B40E0F45DDE, 1346E9221FD6A1DA27F0BC4F3CF5AFA60B3419931B32468107028BCD4232A708 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
17:08:01.0376 0x0b38 BthEnum - ok
17:08:01.0416 0x0b38 [ 5FFA6988FF9597986FF2ADA736CC90C0, 50F57047CC5CC241DDF9BB8E39E03F91074AC4C7B4CDE6C44FF279A8741384C5 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
17:08:01.0424 0x0b38 BTHMODEM - ok
17:08:01.0479 0x0b38 [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
17:08:01.0496 0x0b38 BthPan - ok
17:08:01.0625 0x0b38 [ 73D53F8E90550BA81E2CF44A0873B410, 2E73A2FCF668F1F18928A293A74370BF3D6DC0208D010D10FD5335DFA3706906 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
17:08:01.0699 0x0b38 BTHPORT - ok
17:08:01.0814 0x0b38 [ 58EE7F5E68310BC8D4E7CEBD8358C12E, 2EBA4A861E2C2AA56016DD8F5AE7C969BF515EF1B3E153F97F1E48E0983F17BB ] BthServ C:\Windows\System32\bthserv.dll
17:08:01.0833 0x0b38 BthServ - ok
17:08:01.0879 0x0b38 [ 32045A4BB143BBC5BAB1298C4E9E309A, 4009AE2D186746E076CF254FD3653AA4B07182521B772CF2825A3BBDEF4288FB ] BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
17:08:01.0884 0x0b38 BTHUSB - ok
17:08:01.0947 0x0b38 [ 4A28E7BD365377D0512B7EF8C7596D2C, C55337A59929744FD493D1155ED2EF7B0684963D364437767F1567298DCF9290 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
17:08:01.0977 0x0b38 btwaudio - ok
17:08:01.0996 0x0b38 [ 5FFDE57253D665067B0886612817EB11, 5A6FFA7900CD0CCDF5C7FACEDFD6D941EE01527BC1B873676089D8308480D31C ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
17:08:02.0002 0x0b38 btwavdt - ok
17:08:02.0032 0x0b38 [ AB07DC8B05C31A4F95FC73019BE9DB15, A0A0FBD61A63C9374BD1DD9573E2ADD482CC5039CA34E8C0FB9EA3D7762E3D02 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
17:08:02.0038 0x0b38 btwrchid - ok
17:08:02.0062 0x0b38 catchme - ok
17:08:02.0102 0x0b38 [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
17:08:02.0107 0x0b38 cdfs - ok
17:08:02.0142 0x0b38 [ 1EC25CEA0DE6AC4718BF89F9E1778B57, 019E12C30E7A395259F3906EC55AFF86949CFDBB443060208C8B91B9EB7F9FB7 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
17:08:02.0148 0x0b38 cdrom - ok
17:08:02.0198 0x0b38 [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] CertPropSvc C:\Windows\System32\certprop.dll
17:08:02.0218 0x0b38 CertPropSvc - ok
17:08:02.0287 0x0b38 [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
17:08:02.0308 0x0b38 circlass - ok
17:08:02.0344 0x0b38 [ 465745561C832B29F7C48B488AAB3842, B631C61FBF6E2641FED7C4CFC1B179D19143B04CF76DCF48A9C7582E756FFD8C ] CLFS C:\Windows\system32\CLFS.sys
17:08:02.0360 0x0b38 CLFS - ok
17:08:02.0495 0x0b38 [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
17:08:02.0543 0x0b38 clr_optimization_v2.0.50727_32 - ok
17:08:02.0749 0x0b38 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
17:08:02.0818 0x0b38 clr_optimization_v4.0.30319_32 - ok
17:08:02.0870 0x0b38 [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
17:08:02.0873 0x0b38 CmBatt - ok
17:08:02.0925 0x0b38 [ E79CBB2195E965F6E3256E2C1B23FD1C, 176819CEDE1BC16499B0E67EBDB46D7A627189D6B0DAF733B10FBE0DD3E030A2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
17:08:02.0940 0x0b38 cmdide - ok
17:08:02.0974 0x0b38 [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
17:08:02.0978 0x0b38 Compbatt - ok
17:08:02.0986 0x0b38 COMSysApp - ok
17:08:03.0020 0x0b38 [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
17:08:03.0027 0x0b38 crcdisk - ok
17:08:03.0094 0x0b38 [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
17:08:03.0114 0x0b38 Crusoe - ok
17:08:03.0140 0x0b38 [ 6DE363F9F99334514C46AEC02D3E3678, FF403B8A4D7D6B3D2F23E2711D1353CFB0C748AD7D7927CF5DFBD99CD169D826 ] CryptSvc C:\Windows\system32\cryptsvc.dll
17:08:03.0146 0x0b38 CryptSvc - ok
17:08:03.0314 0x0b38 [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] DcomLaunch C:\Windows\system32\rpcss.dll
17:08:03.0349 0x0b38 DcomLaunch - ok
17:08:03.0374 0x0b38 [ A3E9FA213F443AC77C7746119D13FEEC, 479B349BFC811D20572C09C4A2228C3880F8F3B4B4BA5F4E56600C7EF583DE7B ] DfsC C:\Windows\system32\Drivers\dfsc.sys
17:08:03.0384 0x0b38 DfsC - ok
17:08:03.0699 0x0b38 [ FA3463F25F9CC9C3BCF1E7912FEFF099, 8CFA0F1DFD975ED877B303EB55BE52B0B1EC2B20FEC36820121A0F5E046E0032 ] DFSR C:\Windows\system32\DFSR.exe
17:08:03.0914 0x0b38 DFSR - ok
17:08:04.0109 0x0b38 [ 43A988A9C10333476CB5FB667CBD629D, 7E0DD57E75A50E3671673876631A1E66A4AC16810418BEC1AC2143DFD331F389 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
17:08:04.0117 0x0b38 Dhcp - ok
17:08:04.0210 0x0b38 [ 64109E623ABD6955C8FB110B592E68B7, 964F456EF44F9AE836B8CAB438FEB18303B2548A2B7D85FEBD72F4F80127B0EE ] disk C:\Windows\system32\drivers\disk.sys
17:08:04.0251 0x0b38 disk - ok
17:08:04.0340 0x0b38 [ 4805D9A6D281C7A7DEFD9094DEC6AF7D, 473A5F1C4E795BD6B6DDB32ECB04BA8BF238AA5FBC67FC5D8D8F749464ED0AE9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
17:08:04.0381 0x0b38 Dnscache - ok
17:08:04.0408 0x0b38 [ 5AF620A08C614E24206B79E8153CF1A8, 5BB32FF3C9A5C51C2773F0ECF9647749667F4678EF3C75FEB4420EC6C805913E ] dot3svc C:\Windows\System32\dot3svc.dll
17:08:04.0415 0x0b38 dot3svc - ok
17:08:04.0522 0x0b38 [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
17:08:04.0532 0x0b38 DPS - ok
17:08:04.0646 0x0b38 [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
17:08:04.0655 0x0b38 drmkaud - ok
17:08:04.0750 0x0b38 [ 85F33880B8CFB554BD3D9CCDB486845A, 2D120F94800AEB886D4BA2A45FE2454EBB1FAC3E57BDE552737EBDE7EF8899CF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
17:08:04.0870 0x0b38 DXGKrnl - ok
17:08:05.0012 0x0b38 [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
17:08:05.0059 0x0b38 e1express - ok
17:08:05.0087 0x0b38 [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
17:08:05.0123 0x0b38 E1G60 - ok
17:08:05.0211 0x0b38 [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
17:08:05.0219 0x0b38 EapHost - ok
17:08:05.0285 0x0b38 [ DD2CD259D83D8B72C02C5F2331FF9D68, 07E758A414442FEAFE55FB28842D960971553DB16C31D5791FDD0843CBF5E2B4 ] Ecache C:\Windows\system32\drivers\ecache.sys
17:08:05.0337 0x0b38 Ecache - ok
17:08:05.0554 0x0b38 [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
17:08:05.0595 0x0b38 ehRecvr - ok
17:08:05.0672 0x0b38 [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
17:08:05.0689 0x0b38 ehSched - ok
17:08:05.0713 0x0b38 [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
17:08:05.0715 0x0b38 ehstart - ok
17:08:05.0803 0x0b38 [ DA8B28199B46B72502D5A3F75D446254, C1895040F30B3FEEDD724FCB7E27E118FA637E3AA420980D0EFB2D069C389925 ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
17:08:05.0807 0x0b38 ElRawDisk - ok
17:08:05.0859 0x0b38 [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
17:08:05.0893 0x0b38 elxstor - ok
17:08:05.0991 0x0b38 [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C, 80385AC32CE8388F06341AA4A880F68E0EB5815CCCA5CF8E799846F472DCE360 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
17:08:06.0090 0x0b38 EMDMgmt - ok
17:08:06.0161 0x0b38 [ 3CB3343D720168B575133A0A20DC2465, B356938AC3D9CE833A2C0EBFAA548CDB6B68BEDDB2CCA80222E508BD978FB26B ] EventSystem C:\Windows\system32\es.dll
17:08:06.0173 0x0b38 EventSystem - ok
17:08:06.0265 0x0b38 [ 0D858EB20589A34EFB25695ACAA6AA2D, E5C891D8971173D78194176CB38C0D62C1245C71E04DD94EC742A69C2925F843 ] exfat C:\Windows\system32\drivers\exfat.sys
17:08:06.0276 0x0b38 exfat - ok
17:08:06.0356 0x0b38 [ 3C489390C2E2064563727752AF8EAB9E, BF528F6D4718AC160C103FD89496C6B7BABED7A17A6BD4222D684AF22FE21A49 ] fastfat C:\Windows\system32\drivers\fastfat.sys
17:08:06.0380 0x0b38 fastfat - ok
17:08:06.0413 0x0b38 [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
17:08:06.0416 0x0b38 fdc - ok
17:08:06.0452 0x0b38 [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
17:08:06.0454 0x0b38 fdPHost - ok
17:08:06.0485 0x0b38 [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
17:08:06.0499 0x0b38 FDResPub - ok
17:08:06.0567 0x0b38 [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
17:08:06.0579 0x0b38 FileInfo - ok
17:08:06.0616 0x0b38 [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
17:08:06.0643 0x0b38 Filetrace - ok
17:08:06.0695 0x0b38 [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
17:08:06.0706 0x0b38 flpydisk - ok
17:08:06.0776 0x0b38 [ 05EA53AFE985443011E36DAB07343B46, E033C1C218E9B0D22B63E1B927D7BBE331B59814F26952B68BEDC914EF881E55 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
17:08:06.0805 0x0b38 FltMgr - ok
17:08:06.0939 0x0b38 [ C9BE08664611DDAF98E2331E9288B00B, C645DDAB5FD588486553DF2DD5750AF5A967FEE988F4EB29E05362E3362DF4A2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
17:08:06.0951 0x0b38 FontCache3.0.0.0 - ok
17:08:06.0998 0x0b38 [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
17:08:07.0012 0x0b38 Fs_Rec - ok
17:08:07.0060 0x0b38 [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
17:08:07.0071 0x0b38 gagp30kx - ok
17:08:07.0214 0x0b38 [ D9F1113D9401185245573350712F92FC, 7D8E96B61D7FC1FCC7D70A19DB725BCEA78FE94F3D7AFBB1202771D530A628B7 ] gpsvc C:\Windows\System32\gpsvc.dll
17:08:07.0299 0x0b38 gpsvc - ok
17:08:07.0368 0x0b38 [ C87B1EE051C0464491C1A7B03FA0BC99, 0EF498A7D37A454E8B6DB1BE3C0EADA648B51B34A2BB553171E766463E54EE90 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
17:08:07.0394 0x0b38 HDAudBus - ok
17:08:07.0449 0x0b38 [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
17:08:07.0452 0x0b38 HidBth - ok
17:08:07.0472 0x0b38 [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
17:08:07.0476 0x0b38 HidIr - ok
17:08:07.0502 0x0b38 [ 8FA640195279ACE21BEA91396A0054FC, 20541E5FA29B3FBD8824F3DF93C7D63AFEE56948F82FFDE20E9E87F5C0A3A789 ] hidserv C:\Windows\system32\hidserv.dll
17:08:07.0505 0x0b38 hidserv - ok
17:08:07.0542 0x0b38 [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
17:08:07.0545 0x0b38 HidUsb - ok
17:08:07.0571 0x0b38 [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
17:08:07.0593 0x0b38 hkmsvc - ok
17:08:07.0603 0x0b38 [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
17:08:07.0606 0x0b38 HpCISSs - ok
17:08:07.0847 0x0b38 [ E9E589C9AB799F52E18F057635A2B362, 24857D672B09C13EF290E7EA587D25270DE23740EE18E2FCF16716D9E0D0E457 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
17:08:08.0020 0x0b38 HSF_DPV - ok
17:08:08.0087 0x0b38 [ 7845D2385F4DC7DFB3CCAF0C2FA4948E, 18F01851E18CCF84A7987B739C7661C8BF272CF69F4E6BA87A69FCDBA1B8774A ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
17:08:08.0097 0x0b38 HSXHWAZL - ok
17:08:08.0265 0x0b38 [ 96E241624C71211A79C84F50A8E71CAB, EB6E679218B781F67FBFF4EB12DDE44769ACA7EA3F83A4404A073EA89C902C25 ] HTTP C:\Windows\system32\drivers\HTTP.sys
17:08:08.0299 0x0b38 HTTP - ok
17:08:08.0353 0x0b38 [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
17:08:08.0356 0x0b38 i2omp - ok
17:08:08.0489 0x0b38 [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
17:08:08.0500 0x0b38 i8042prt - ok
17:08:08.0620 0x0b38 [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] iaStor C:\Windows\system32\drivers\iastor.sys
17:08:08.0627 0x0b38 iaStor - ok
17:08:08.0691 0x0b38 [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
17:08:08.0745 0x0b38 iaStorV - ok
17:08:09.0016 0x0b38 [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
17:08:09.0021 0x0b38 IDriverT - ok
17:08:09.0277 0x0b38 [ 7B630ACAED64FEF0C3E1CF255CB56686, 9DCC6953BC6EF77C3916F8AA226CEC0662513A23AB60E9F714D53746E82FB372 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
17:08:09.0706 0x0b38 idsvc - ok
17:08:09.0890 0x0b38 [ BBACE0293B73BF8C7CB591F2D06F26FA, A28A985633DF171BCB7A2201CB239B8694CE9C89D4A6BF627F2A512B112C131A ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
17:08:10.0030 0x0b38 igfx - ok
17:08:10.0087 0x0b38 [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
17:08:10.0092 0x0b38 iirsp - ok
17:08:10.0149 0x0b38 [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC, ED795B07B38EDBB2850384EDFA04C85539D4D22A7AAB8981C83C84E2EAB5976F ] IKEEXT C:\Windows\System32\ikeext.dll
17:08:10.0166 0x0b38 IKEEXT - ok
17:08:10.0221 0x0b38 [ 0084046C084D68E494F8CF36BCF08186, 1A40542A8E7ADE1944892F11DFA85307F342965A31D5697425E0BB86874D45F5 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
17:08:10.0260 0x0b38 intelide - ok
17:08:10.0336 0x0b38 [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
17:08:10.0344 0x0b38 intelppm - ok
17:08:10.0639 0x0b38 [ 01D805FAC2510E3C963EA4727B1E2F00, EDEC59524A7BFA44929AEF87BF34A7A46D8BC3E9C0C6607138E9014636629D56 ] ioloSystemService C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
17:08:10.0739 0x0b38 ioloSystemService - ok
17:08:10.0807 0x0b38 [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
17:08:10.0811 0x0b38 IPBusEnum - ok
17:08:10.0832 0x0b38 [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
17:08:10.0836 0x0b38 IpFilterDriver - ok
17:08:10.0870 0x0b38 [ 6A35D233693EDC29A12742049BC5E37F, 77275407105492A11CDC232E72C8183F0DFD28F8B9AD2A24AAABDB246F14D38F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
17:08:10.0897 0x0b38 iphlpsvc - ok
17:08:10.0902 0x0b38 IpInIp - ok
17:08:10.0928 0x0b38 [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
17:08:10.0932 0x0b38 IPMIDRV - ok
17:08:10.0971 0x0b38 [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
17:08:10.0991 0x0b38 IPNAT - ok
17:08:11.0040 0x0b38 [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
17:08:11.0047 0x0b38 IRENUM - ok
17:08:11.0054 0x0b38 [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp C:\Windows\system32\drivers\isapnp.sys
17:08:11.0060 0x0b38 isapnp - ok
17:08:11.0147 0x0b38 [ F247EEC28317F6C739C16DE420097301, 0F4BE16BB0630DFE2256F70C94D4363B7B71F02F7F6597E7CAE28A3EFEA7BCAD ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
17:08:11.0169 0x0b38 iScsiPrt - ok
17:08:11.0175 0x0b38 [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
17:08:11.0178 0x0b38 iteatapi - ok
17:08:11.0185 0x0b38 [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
17:08:11.0188 0x0b38 iteraid - ok
17:08:11.0215 0x0b38 [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
17:08:11.0218 0x0b38 kbdclass - ok
17:08:11.0231 0x0b38 [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
17:08:11.0260 0x0b38 kbdhid - ok
17:08:11.0304 0x0b38 [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] KeyIso C:\Windows\system32\lsass.exe
17:08:11.0350 0x0b38 KeyIso - ok
17:08:11.0927 0x0b38 [ 775C6D5D60146D7DB08A01CB596D7EC6, 66D87041DD8E0CF8AFBC155AC709E9A647B765BBA56CDE07EA01468BDAD7C239 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
17:08:11.0983 0x0b38 Kodak AiO Network Discovery Service - ok
17:08:12.0161 0x0b38 [ 17AFF68AB32F8671BC46612D35351099, C782460B99EAAE84DDBEF5AEB628984984B4108A482F023CE62CE1D33A367FEB ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
17:08:12.0236 0x0b38 Kodak AiO Status Monitor Service - ok
17:08:12.0334 0x0b38 [ 7A0CF7908B6824D6A2A1D313E5AE3DCA, 903CF1169D984BBDAE114827D82D5CCC88C2BC7CAEE6BB3A299E2572B0751BB6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
17:08:12.0376 0x0b38 KSecDD - ok
17:08:12.0448 0x0b38 [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
17:08:12.0471 0x0b38 KtmRm - ok
17:08:12.0506 0x0b38 [ 1925E63C91CF1610AE41BFD539062079, C25438D19D51B76A8E4C5F3A5D41C76197321166CB37E224217993A4466EBEF9 ] LanmanServer C:\Windows\system32\srvsvc.dll
17:08:12.0514 0x0b38 LanmanServer - ok
17:08:12.0600 0x0b38 [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15, 7B1FAC42B9EA73A8C4E812F8F729EB882BDFD04D2E68FE354CFD6B8379A46D14 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
17:08:12.0612 0x0b38 LanmanWorkstation - ok
17:08:12.0682 0x0b38 [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
17:08:12.0694 0x0b38 lltdio - ok
17:08:12.0785 0x0b38 [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
17:08:12.0822 0x0b38 lltdsvc - ok
17:08:12.0904 0x0b38 [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
17:08:12.0909 0x0b38 lmhosts - ok
17:08:12.0949 0x0b38 [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
17:08:12.0954 0x0b38 LSI_FC - ok
17:08:12.0961 0x0b38 [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
17:08:12.0966 0x0b38 LSI_SAS - ok
17:08:13.0003 0x0b38 [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
17:08:13.0008 0x0b38 LSI_SCSI - ok
17:08:13.0064 0x0b38 [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
17:08:13.0086 0x0b38 luafv - ok
17:08:13.0118 0x0b38 mcdbus - ok
17:08:13.0145 0x0b38 [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
17:08:13.0150 0x0b38 Mcx2Svc - ok
17:08:13.0215 0x0b38 [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
17:08:13.0256 0x0b38 mdmxsdk - ok
17:08:13.0321 0x0b38 [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
17:08:13.0324 0x0b38 megasas - ok
17:08:13.0366 0x0b38 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
17:08:13.0370 0x0b38 MMCSS - ok
17:08:13.0382 0x0b38 [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
17:08:13.0386 0x0b38 Modem - ok
17:08:13.0439 0x0b38 [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
17:08:13.0443 0x0b38 monitor - ok
17:08:13.0475 0x0b38 [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
17:08:13.0478 0x0b38 mouclass - ok
17:08:13.0490 0x0b38 [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
17:08:13.0493 0x0b38 mouhid - ok
17:08:13.0523 0x0b38 [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
17:08:13.0535 0x0b38 MountMgr - ok
17:08:13.0654 0x0b38 [ 26EA1DAD601EE3ACAC301D66F07BA219, C9594BB15D53D4AC2156CCCD2DB65B2C20620F1F60DA85F48D1586FC10028096 ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
17:08:13.0710 0x0b38 MozillaMaintenance - ok
17:08:13.0791 0x0b38 [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
17:08:13.0796 0x0b38 mpio - ok
17:08:13.0839 0x0b38 [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
17:08:13.0869 0x0b38 mpsdrv - ok
17:08:13.0917 0x0b38 [ D1639BA315B0D79DEC49A4B0E1FB929B, 96420572029217FDD78CD286A022EB5F8BAB76EE30F75E48CD69AEE1A4846B53 ] MpsSvc C:\Windows\system32\mpssvc.dll
17:08:13.0937 0x0b38 MpsSvc - ok
17:08:13.0980 0x0b38 [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
17:08:13.0984 0x0b38 Mraid35x - ok
17:08:14.0036 0x0b38 [ AE3DE84536B6799D2267443CEC8EDBB9, 787AF9D5BC6D1A1E4A55A66D62F0DF93F45C2FB7EA5BE0BF63F1270604600B40 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
17:08:14.0061 0x0b38 MRxDAV - ok
17:08:14.0146 0x0b38 [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1, 2C5F0554D5A763D6B3F1402C9BF36C6091CBBDFFD5139AEE85D69D5B210D2047 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
17:08:14.0178 0x0b38 mrxsmb - ok
17:08:14.0299 0x0b38 [ 6B5FA5ADFACAC9DBBE0991F4566D7D55, 9BAD029A6AAF4C2292C682B9F07C57051C84F7FA4F3EBEA52C25CAEF1A41121F ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
17:08:14.0308 0x0b38 mrxsmb10 - ok
17:08:14.0367 0x0b38 [ 5C80D8159181C7ABF1B14BA703B01E0B, 414085AD3C36B8E95D1D49E2958671332DECE38739544CCB70FAB30C408E89A2 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
17:08:14.0373 0x0b38 mrxsmb20 - ok
17:08:14.0446 0x0b38 [ D420BC42A637AC3CC4F411220549C0DC, D991D19030D29D03BAFA846C095F460F2F31D19793E5582239964F66A837C562 ] msahci C:\Windows\system32\drivers\msahci.sys
17:08:14.0449 0x0b38 msahci - ok
17:08:14.0472 0x0b38 [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
17:08:14.0477 0x0b38 msdsm - ok
17:08:14.0541 0x0b38 [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
17:08:14.0554 0x0b38 MSDTC - ok
17:08:14.0595 0x0b38 [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
17:08:14.0613 0x0b38 Msfs - ok
17:08:14.0662 0x0b38 [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
17:08:14.0666 0x0b38 msisadrv - ok
17:08:14.0765 0x0b38 [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
17:08:14.0805 0x0b38 MSiSCSI - ok
17:08:14.0840 0x0b38 msiserver - ok
17:08:14.0881 0x0b38 [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
17:08:14.0908 0x0b38 MSKSSRV - ok
17:08:14.0930 0x0b38 [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
17:08:14.0933 0x0b38 MSPCLOCK - ok
17:08:14.0938 0x0b38 [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
17:08:14.0942 0x0b38 MSPQM - ok
17:08:14.0971 0x0b38 [ B5614AECB05A9340AA0FB55BF561CC63, 8D1B5E958A0F721F5A81AD649CC5759B4DECB771FC4654F4EDEB29AC7DF1BD40 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
17:08:14.0988 0x0b38 MsRPC - ok
17:08:15.0001 0x0b38 [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
17:08:15.0009 0x0b38 mssmbios - ok
17:08:15.0026 0x0b38 [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
17:08:15.0031 0x0b38 MSTEE - ok
17:08:15.0044 0x0b38 [ 6DFD1D322DE55B0B7DB7D21B90BEC49C, 95149C41CC9F269C299541A97A9E2E2CCAEE34FE2362EEECD1F813EBC6D4CDC5 ] Mup C:\Windows\system32\Drivers\mup.sys
17:08:15.0048 0x0b38 Mup - ok
17:08:15.0162 0x0b38 [ C43B25863FBD65B6D2A142AF3AE320CA, 88E147751CBECFF31CD65954BC978B86CEA74485EB60DBB25AABAB4601797A4E ] napagent C:\Windows\system32\qagentRT.dll
17:08:15.0179 0x0b38 napagent - ok
17:08:15.0271 0x0b38 [ 3C21CE48FF529BB73DADB98770B54025, B8541E3D2B120B97947AE51B28A99E2623ACAD3790BC282B1251ACBEC7684F8D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
17:08:15.0279 0x0b38 NativeWifiP - ok
17:08:15.0402 0x0b38 [ 9BDC71790FA08F0A0B5F10462B1BD0B1, 67605C7A0CB4D9F2C4D0A876651DEB92270B54D0231C35A994F9A739C6075BC0 ] NDIS C:\Windows\system32\drivers\ndis.sys
17:08:15.0449 0x0b38 NDIS - ok
17:08:15.0465 0x0b38 [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
17:08:15.0491 0x0b38 NdisTapi - ok
17:08:15.0556 0x0b38 [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
17:08:15.0560 0x0b38 Ndisuio - ok
17:08:15.0613 0x0b38 [ 3D14C3B3496F88890D431E8AA022A411, 9B31451756A35314586F93996172E1039B2CD21132CCBE772B3E61A8D9454A30 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
17:08:15.0624 0x0b38 NdisWan - ok
17:08:15.0640 0x0b38 [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
17:08:15.0645 0x0b38 NDProxy - ok
17:08:15.0662 0x0b38 [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
17:08:15.0666 0x0b38 NetBIOS - ok
17:08:15.0742 0x0b38 [ 7C5FEE5B1C5728507CD96FB4A13E7A02, EDBA08442AD6AF20463A0610FF24D5929574E5EC012495A2C219F6BA84C97F57 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
17:08:15.0772 0x0b38 netbt - ok
17:08:15.0793 0x0b38 [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] Netlogon C:\Windows\system32\lsass.exe
17:08:15.0796 0x0b38 Netlogon - ok
17:08:15.0862 0x0b38 [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
17:08:15.0873 0x0b38 Netman - ok
17:08:15.0904 0x0b38 [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
17:08:15.0938 0x0b38 netprofm - ok
17:08:16.0005 0x0b38 [ 0AD5876EF4E9EB77C8F93EB5B2FFF386, 2F23B0979CF2E8DB013D8E58501ACC9265A860FD759E8B741F8FA64F7C2F7756 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
17:08:16.0030 0x0b38 NetTcpPortSharing - ok
17:08:16.0787 0x0b38 [ 6522DD40A5F67CED020BD81B856613FB, 2242703412FA89B2D6E9A7025D0C14DFC0BFC66890D295BDA839274C313B4BAF ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
17:08:17.0451 0x0b38 NETw4v32 - ok
17:08:17.0594 0x0b38 [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
17:08:17.0599 0x0b38 nfrd960 - ok
17:08:17.0635 0x0b38 [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
17:08:17.0643 0x0b38 NlaSvc - ok
17:08:17.0693 0x0b38 [ ECB5003F484F9ED6C608D6D6C7886CBB, 45496B84B2FD156499E9F07FC82BC6F032B8F4D9DC194098CF9F5474D5642F9E ] Npfs C:\Windows\system32\drivers\Npfs.sys
17:08:17.0699 0x0b38 Npfs - ok
17:08:17.0710 0x0b38 [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
17:08:17.0713 0x0b38 nsi - ok
17:08:17.0730 0x0b38 [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
17:08:17.0733 0x0b38 nsiproxy - ok
17:08:17.0817 0x0b38 [ B4EFFE29EB4F15538FD8A9681108492D, 12AF3C19DD2DE7D92EE4C03AD07BAFD77EB8BFF2333E6FBD9CAAA0F654A35F46 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
17:08:17.0928 0x0b38 Ntfs - ok
17:08:17.0960 0x0b38 [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
17:08:17.0964 0x0b38 ntrigdigi - ok
17:08:17.0990 0x0b38 [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
17:08:17.0995 0x0b38 Null - ok
17:08:18.0002 0x0b38 [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
17:08:18.0007 0x0b38 nvraid - ok
17:08:18.0014 0x0b38 [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
17:08:18.0017 0x0b38 nvstor - ok
17:08:18.0025 0x0b38 [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
17:08:18.0031 0x0b38 nv_agp - ok
17:08:18.0036 0x0b38 NwlnkFlt - ok
17:08:18.0041 0x0b38 NwlnkFwd - ok
17:08:18.0086 0x0b38 [ 19CAC780B858822055F46C58A111723C, D91CE501328281B8FEE6943776A145FB3201645B01BA8D1545FFA93A547DE2C7 ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
17:08:18.0096 0x0b38 OEM02Dev - ok
17:08:18.0122 0x0b38 [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
17:08:18.0126 0x0b38 OEM02Vfx - ok
17:08:18.0188 0x0b38 [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
17:08:18.0192 0x0b38 ohci1394 - ok
17:08:18.0262 0x0b38 [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
17:08:18.0268 0x0b38 ose - ok
17:08:18.0365 0x0b38 [ 257190D58444732B68919C573368B64D, 12E4012A31ED2FBE34BDA9B66F686E42EB3B6C91C1B5D1D8B613249E0599026C ] OXSDIDRV_x32 C:\Windows\system32\DRIVERS\OXSDIDRV_x32.sys
17:08:18.0376 0x0b38 OXSDIDRV_x32 - ok
17:08:18.0438 0x0b38 [ 8F534A8630F6BABA92E14531F96906CD, 2685B8D2535F4BA85D7B2907537291A800D40863F2E1897489F565772574076D ] OXUDIDRV C:\Windows\system32\Drivers\OXUDIDRV_X32.sys
17:08:18.0442 0x0b38 OXUDIDRV - ok
17:08:18.0547 0x0b38 [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2pimsvc C:\Windows\system32\p2psvc.dll
17:08:18.0630 0x0b38 p2pimsvc - ok
17:08:18.0659 0x0b38 [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2psvc C:\Windows\system32\p2psvc.dll
17:08:18.0701 0x0b38 p2psvc - ok
17:08:18.0748 0x0b38 [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
17:08:18.0754 0x0b38 Parport - ok
17:08:18.0822 0x0b38 [ 3B38467E7C3DAED009DFE359E17F139F, 419BD726E511B3FEFBD8204C9E2BF6131EC05C71D15406070F834688EAFB694F ] partmgr C:\Windows\system32\drivers\partmgr.sys
17:08:18.0851 0x0b38 partmgr - ok
17:08:18.0874 0x0b38 [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
17:08:18.0896 0x0b38 Parvdm - ok
17:08:18.0915 0x0b38 [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
17:08:18.0918 0x0b38 PcaSvc - ok
17:08:18.0958 0x0b38 [ 01B94418DEB235DFF777CC80076354B4, 091C4D5954C5CA1F783748C4D7287DD160C5F3357F2CC448DC5C2935B79AC1E9 ] pci C:\Windows\system32\drivers\pci.sys
17:08:18.0979 0x0b38 pci - ok
17:08:18.0998 0x0b38 [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
17:08:19.0000 0x0b38 pciide - ok
17:08:19.0011 0x0b38 [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
17:08:19.0037 0x0b38 pcmcia - ok
17:08:19.0126 0x0b38 [ 40C611622882C3FCAFEB845C1E12A10F, A4F5790D9976D06822A656DCFDFEF76831A00089F6AC5519429142E6CBBC3EAC ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
17:08:19.0146 0x0b38 PDFsFilter - ok
17:08:19.0286 0x0b38 [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
17:08:19.0352 0x0b38 PEAUTH - ok
17:08:19.0648 0x0b38 [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
17:08:19.0831 0x0b38 pla - ok
17:08:19.0962 0x0b38 [ 78F975CB6D18265BE6F492EDB2D7BC7B, 112C6FB0A84E605B1EA87F98C8A4C210C9DB84C811029109444AB174011A158C ] PlugPlay C:\Windows\system32\umpnpmgr.dll
17:08:20.0021 0x0b38 PlugPlay - ok
17:08:20.0064 0x0b38 [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
17:08:20.0131 0x0b38 PNRPAutoReg - ok
17:08:20.0161 0x0b38 [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPsvc C:\Windows\system32\p2psvc.dll
17:08:20.0185 0x0b38 PNRPsvc - ok
17:08:20.0308 0x0b38 [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A, FAE64867CE80439735F88A9988243667BDE84486B5A768B650E55E1519C85C03 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
17:08:20.0365 0x0b38 PolicyAgent - ok
17:08:20.0444 0x0b38 [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
17:08:20.0448 0x0b38 PptpMiniport - ok
17:08:20.0481 0x0b38 [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
17:08:20.0485 0x0b38 Processor - ok
17:08:20.0526 0x0b38 [ B627E4FC8585E8843C5905D4D3587A90, 07D7BC1BF8CDD5E34155B260B914D4A9892D3CEAEACDE334D1AF2A608E1FA2D8 ] ProfSvc C:\Windows\system32\profsvc.dll
17:08:20.0533 0x0b38 ProfSvc - ok
17:08:20.0565 0x0b38 [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] ProtectedStorage C:\Windows\system32\lsass.exe
17:08:20.0568 0x0b38 ProtectedStorage - ok
17:08:20.0601 0x0b38 [ BFEF604508A0ED1EAE2A73E872555FFB, AC817FB5A6126475B4A3CA191AD49651B919FB55429B939D036BC564632E426D ] PSched C:\Windows\system32\DRIVERS\pacer.sys
17:08:20.0626 0x0b38 PSched - ok
17:08:20.0648 0x0b38 [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
17:08:20.0659 0x0b38 PxHelp20 - ok
17:08:20.0725 0x0b38 [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
17:08:20.0802 0x0b38 ql2300 - ok
17:08:20.0894 0x0b38 [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
17:08:20.0924 0x0b38 ql40xx - ok
17:08:21.0020 0x0b38 [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
17:08:21.0043 0x0b38 QWAVE - ok
17:08:21.0088 0x0b38 [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
17:08:21.0111 0x0b38 QWAVEdrv - ok
17:08:21.0370 0x0b38 [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
17:08:21.0568 0x0b38 R300 - ok
17:08:21.0691 0x0b38 [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
17:08:21.0711 0x0b38 RapiMgr - ok
17:08:21.0761 0x0b38 [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
17:08:21.0784 0x0b38 RasAcd - ok
17:08:21.0810 0x0b38 [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
17:08:21.0815 0x0b38 RasAuto - ok
17:08:21.0857 0x0b38 [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
17:08:21.0884 0x0b38 Rasl2tp - ok
17:08:21.0945 0x0b38 [ 6E7C284FC5C4EC07AD164D93810385A6, FDBF80C8DE53E56A3515353129C6912E8CAEC2B2DA9AB3A4B027CB73BDF1EC60 ] RasMan C:\Windows\System32\rasmans.dll
17:08:21.0955 0x0b38 RasMan - ok
17:08:21.0973 0x0b38 [ 3E9D9B048107B40D87B97DF2E48E0744, F7B8DAE57B9372CEB21A912379FC7670B099A9642CF2E7EA8D335ADBD4CF86A2 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
17:08:21.0977 0x0b38 RasPppoe - ok
17:08:22.0026 0x0b38 [ A7D141684E9500AC928A772ED8E6B671, C9329ECA4190EE1F4A6F186D45EA42ACF60C04CDBAFEB19973F3C2DF04A1BCEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
17:08:22.0048 0x0b38 RasSstp - ok
17:08:22.0164 0x0b38 [ 6E1C5D0457622F9EE35F683110E93D14, 9C6BE049FDA5E6CBA486EE33F01AADDD6085CC5F1F08409EC439ADE9137D3F5F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
17:08:22.0319 0x0b38 rdbss - ok
17:08:22.0345 0x0b38 [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
17:08:22.0363 0x0b38 RDPCDD - ok
17:08:22.0453 0x0b38 [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
17:08:22.0471 0x0b38 rdpdr - ok
17:08:22.0507 0x0b38 [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
17:08:22.0534 0x0b38 RDPENCDD - ok
17:08:22.0563 0x0b38 [ E1C18F4097A5ABCEC941DC4B2F99DB7E, B38AC355042F18A41F83BF088FE7EB867184C7FE37820365314419BD3810BB68 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
17:08:22.0572 0x0b38 RDPWD - ok
17:08:22.0666 0x0b38 [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
17:08:22.0671 0x0b38 RemoteAccess - ok
17:08:22.0697 0x0b38 [ CC4E32400F3C7253400CF8F3F3A0B676, D2A874BE3D365260AD7C10C30F2DE22F818CBFC12D65AADE2203B9ED02C9BEB5 ] RemoteRegistry C:\Windows\system32\regsvc.dll
17:08:22.0703 0x0b38 RemoteRegistry - ok
17:08:22.0739 0x0b38 [ 34CC78C06587718C2AD6D3AA83B1F072, 35973BBFF7C6119287B4C3C47A54C626A8623C9F18062597AD7D3ADDF0094ED8 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
17:08:22.0744 0x0b38 RFCOMM - ok
17:08:22.0785 0x0b38 [ EA885E7A56F1BE1F14C372337C42FE48, 2C6F0FCB95D4A04E9BC26765B1EB856D3D40811F8B0D090C0E8AB571FF4D1C7A ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
17:08:22.0789 0x0b38 rimmptsk - ok
17:08:22.0817 0x0b38 [ D7E09BC852684A7B1FC0F74FE090D45A, 97D6ABCDA50C4FC5BE8B5532FF013EC9AF4AA098D7EB450EB1C3A358BD8E6B2D ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
17:08:22.0821 0x0b38 rimsptsk - ok
17:08:22.0849 0x0b38 [ B0A7494A9BA7909EFAC64E05D3F160DB, 3B2C362F70C53CF12DD36C1888292FB5C9E05CB711B30B22C1FBE330C5E635BE ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
17:08:22.0854 0x0b38 rismxdp - ok
17:08:22.0920 0x0b38 [ FDEB76BED9C0A75329CA426623297158, 83B79222569FA0B77C59A41E4F6065740F48EFAD1EFEFF76F258FB995E27DCF6 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
17:08:22.0930 0x0b38 RMCAST - ok
17:08:23.0089 0x0b38 [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ]
Holsten87
2014-06-30, 18:13
RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
17:08:23.0311 0x0b38 RoxMediaDB9 - ok
17:08:23.0369 0x0b38 [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
17:08:23.0769 0x0b38 RoxWatch9 - ok
17:08:23.0801 0x0b38 [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
17:08:23.0803 0x0b38 RpcLocator - ok
17:08:23.0868 0x0b38 [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] RpcSs C:\Windows\system32\rpcss.dll
17:08:23.0884 0x0b38 RpcSs - ok
17:08:23.0943 0x0b38 [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
17:08:23.0960 0x0b38 rspndr - ok
17:08:23.0996 0x0b38 [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] SamSs C:\Windows\system32\lsass.exe
17:08:23.0999 0x0b38 SamSs - ok
17:08:24.0107 0x0b38 [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
17:08:24.0123 0x0b38 sbp2port - ok
17:08:24.0157 0x0b38 [ 11387E32642269C7E62E8B52C060B3C6, 6225FA14CBDC1D30F2E4CDC2059773DA49C67BE2C00A1DE582E8E07717F20425 ] SCardSvr C:\Windows\System32\SCardSvr.dll
17:08:24.0167 0x0b38 SCardSvr - ok
17:08:24.0265 0x0b38 [ 7B587B8A6D4A99F79D2902D0385F29BD, C29F2EE25F7B11E1821832CB7F4F8506C2AB20804D6702CC5EAF5BA1F3FCA972 ] Schedule C:\Windows\system32\schedsvc.dll
17:08:24.0293 0x0b38 Schedule - ok
17:08:24.0340 0x0b38 [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] SCPolicySvc C:\Windows\System32\certprop.dll
17:08:24.0342 0x0b38 SCPolicySvc - ok
17:08:24.0411 0x0b38 [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
17:08:24.0416 0x0b38 sdbus - ok
17:08:24.0482 0x0b38 [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
17:08:24.0491 0x0b38 SDRSVC - ok
17:08:24.0593 0x0b38 [ D358E077A0A05D9B12DA22D137EE8464, 7B6493B199DEF411596B1A6F479F57838202B102C3324333B620E212E0AE9053 ] SeaPort C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
17:08:24.0603 0x0b38 SeaPort - ok
17:08:24.0631 0x0b38 [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
17:08:24.0635 0x0b38 secdrv - ok
17:08:24.0652 0x0b38 [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
17:08:24.0655 0x0b38 seclogon - ok
17:08:24.0740 0x0b38 [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\system32\sens.dll
17:08:24.0760 0x0b38 SENS - ok
17:08:24.0792 0x0b38 [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
17:08:24.0796 0x0b38 Serenum - ok
17:08:24.0804 0x0b38 [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
17:08:24.0809 0x0b38 Serial - ok
17:08:24.0832 0x0b38 [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
17:08:24.0835 0x0b38 sermouse - ok
17:08:24.0923 0x0b38 [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
17:08:24.0957 0x0b38 SessionEnv - ok
17:08:24.0965 0x0b38 [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
17:08:24.0967 0x0b38 sffdisk - ok
17:08:24.0974 0x0b38 [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
17:08:24.0976 0x0b38 sffp_mmc - ok
17:08:24.0985 0x0b38 [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
17:08:24.0988 0x0b38 sffp_sd - ok
17:08:25.0056 0x0b38 [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
17:08:25.0060 0x0b38 sfloppy - ok
17:08:25.0105 0x0b38 [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
17:08:25.0117 0x0b38 SharedAccess - ok
17:08:25.0251 0x0b38 [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
17:08:25.0262 0x0b38 ShellHWDetection - ok
17:08:25.0300 0x0b38 [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp C:\Windows\system32\drivers\sisagp.sys
17:08:25.0325 0x0b38 sisagp - ok
17:08:25.0368 0x0b38 [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
17:08:25.0389 0x0b38 SiSRaid2 - ok
17:08:25.0398 0x0b38 [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
17:08:25.0405 0x0b38 SiSRaid4 - ok
17:08:25.0981 0x0b38 [ D0776778A9FC5E37F2E9EB21FC8A9709, 37FA45B666DE664FDA378AA755F2FC9E1DF4674651EEE451253D99C04488CCD9 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
17:08:27.0049 0x0b38 Skype C2C Service - ok
17:08:27.0379 0x0b38 [ 004179B6C039D39B71FBE3D07C5DFE79, 4B4FCD4F33D81AF6A787DD0F1DED84874961D3488A8E2B0BF1D4D1A9EFDD25BC ]
SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
17:08:27.0387 0x0b38 SkypeUpdate - ok
17:08:27.0648 0x0b38 [ 0BA91E1358AD25236863039BB2609A2E, ECB3C8E3D9C6FA77C0CF5A898FB90BB9474C6EFBE3698B56C93ECE44535EDACE ] slsvc C:\Windows\system32\SLsvc.exe
17:08:27.0902 0x0b38 slsvc - ok
17:08:28.0038 0x0b38 [ 7C6DC44CA0BFA6291629AB764200D1D4, 747CDA89C6F94F8314E5E5C425387ABDF9FF8528D82422F8FF66D96307B47B13 ] SLUINotify C:\Windows\system32\SLUINotify.dll
17:08:28.0042 0x0b38 SLUINotify - ok
17:08:28.0091 0x0b38 [ 031E6BCD53C9B2B9ACE111EAFEC347B6, B934129BD77CA6A1434C59EA82B5E93FD4089608E0E41242B6E68070A0F33FB8 ] Smb C:\Windows\system32\DRIVERS\smb.sys
17:08:28.0127 0x0b38 Smb - ok
17:08:28.0164 0x0b38 [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
17:08:28.0188 0x0b38 SNMPTRAP - ok
17:08:28.0229 0x0b38 [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
17:08:28.0233 0x0b38 spldr - ok
17:08:28.0314 0x0b38 [ 3665F79026A3F91FBCA63F2C65A09B19, A9AAE9B4006B5BC6EF4A7AB4CAB131687E4055E7C56900BBD24F78BA155C458A ] Spooler C:\Windows\System32\spoolsv.exe
17:08:28.0321 0x0b38 Spooler - ok
17:08:28.0396 0x0b38 [ 2252AEF839B1093D16761189F45AF885, D7B79E1B9CD73EDEA855DBE120ED470CC0F67D1AA44038E6051A4C5BCE361DE3 ] srv C:\Windows\system32\DRIVERS\srv.sys
17:08:28.0411 0x0b38 srv - ok
17:08:28.0432 0x0b38 [ B7FF59408034119476B00A81BB53D5D1, 365D8E719D729D56082F5A6EEB65B31EB5DB5D15A5346D05E7130F41F2F97D46 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
17:08:28.0453 0x0b38 srv2 - ok
17:08:28.0485 0x0b38 [ 2ACCC9B12AF02030F531E6CCA6F8B76E, D1BA17C7BFE02347824DEEB1B7362FD251769ECB92B14EB3C600C85AB7E04D1B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
17:08:28.0491 0x0b38 srvnet - ok
17:08:28.0520 0x0b38 [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
17:08:28.0528 0x0b38 SSDPSRV - ok
17:08:28.0582 0x0b38 [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
17:08:28.0588 0x0b38 SstpSvc - ok
17:08:28.0630 0x0b38 [ 799AA3E04879B3FED31ECEA02B1CAA9A, EECEE3F666EE3722B5655E596CF4128303AD6CA3C5B45C3501B4D1D2CEC9FD75 ] STacSV C:\Windows\system32\STacSV.exe
17:08:28.0655 0x0b38 STacSV - ok
17:08:28.0736 0x0b38 [ 5AF135B2E2097D4494B9067CE84E2665, E7517C43BB81B6AE017172BA5389F6B0FC17CF9E60AAB3453A6D80A087C86592 ] STHDA C:\Windows\system32\drivers\stwrt.sys
17:08:28.0769 0x0b38 STHDA - ok
17:08:28.0835 0x0b38 [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
17:08:28.0851 0x0b38 StillCam - ok
17:08:28.0986 0x0b38 [ 7DD08A597BC56051F320DA0BAF69E389, ACC59CF80765248705FFCE65DC9B5D072DC054F08C02FB4D16BA0E84D8BED0A4 ] stisvc C:\Windows\System32\wiaservc.dll
17:08:29.0064 0x0b38 stisvc - ok
17:08:29.0128 0x0b38 [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
17:08:29.0136 0x0b38 stllssvr - ok
17:08:29.0170 0x0b38 [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
17:08:29.0219 0x0b38 swenum - ok
17:08:29.0286 0x0b38 [ B36C7CDB86F7F7A8E884479219766950, F3EA381A84CD6950BF71A56E9ABAD5010F226C5254CB936699A38BA4C85F7367 ] swprv C:\Windows\System32\swprv.dll
17:08:29.0349 0x0b38 swprv - ok
17:08:29.0401 0x0b38 [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
17:08:29.0404 0x0b38 Symc8xx - ok
17:08:29.0421 0x0b38 [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
17:08:29.0424 0x0b38 Sym_hi - ok
17:08:29.0432 0x0b38 [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
17:08:29.0435 0x0b38 Sym_u3 - ok
17:08:29.0493 0x0b38 [ DD17B63F26430E179EF6BDEF5AC735BD, EA736CBD7001891F1823B8626964AC37952A86DEC1022EDE913259E8B1FA1D1F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
17:08:29.0544 0x0b38 SynTP - ok
17:08:29.0602 0x0b38 [ 8710A92D0024B03B5FB9540DF1F71F1D, B72A968A7966DC16A1D69A8D53012A4307EEBDC4CB8E1D9C93BFB88D996E490F ] SysMain C:\Windows\system32\sysmain.dll
17:08:29.0672 0x0b38 SysMain - ok
17:08:29.0700 0x0b38 [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
17:08:29.0707 0x0b38 TabletInputService - ok
17:08:29.0793 0x0b38 [ 680916BB09EE0F3A6ACA7C274B0D633F, 008B6EE41FA4D371258F0A656AE96B3E3F487BE5B9E0654B920013B4F1C0DFD8 ] TapiSrv C:\Windows\System32\tapisrv.dll
17:08:29.0827 0x0b38 TapiSrv - ok
17:08:29.0850 0x0b38 [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
17:08:29.0854 0x0b38 TBS - ok
17:08:29.0943 0x0b38 [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
17:08:30.0044 0x0b38 Tcpip - ok
17:08:30.0120 0x0b38 [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
17:08:30.0145 0x0b38 Tcpip6 - ok
17:08:30.0170 0x0b38 [ D4A2E4A4B011F3A883AF77315A5AE76B, 29E18087236A592638570F76691BC5C64CCA383F43EE22DF122413860E2D882C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
17:08:30.0174 0x0b38 tcpipreg - ok
17:08:30.0212 0x0b38 [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
17:08:30.0216 0x0b38 TDPIPE - ok
17:08:30.0236 0x0b38 [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
17:08:30.0326 0x0b38 TDTCP - ok
17:08:30.0373 0x0b38 [ D09276B1FAB033CE1D40DCBDF303D10F, 2CB47CB522B4E1C091DE30AF0EB4E21D321C42D2A5BA9647CBD078652680D8FF ] tdx C:\Windows\system32\DRIVERS\tdx.sys
17:08:30.0398 0x0b38 tdx - ok
17:08:30.0438 0x0b38 [ A048056F5E1A96A9BF3071B91741A5AA, CFDE51D106A6CC4A5638BCD458505F5831636D2203F7C949273BDA446AC7C5F3 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
17:08:30.0442 0x0b38 TermDD - ok
17:08:30.0524 0x0b38 [ D605031E225AACCBCEB5B76A4F1603A6, 27D78644CADBC11C3AB5E0C10F854FD43BCD43B6E91C1ED1F6D35BC501147701 ] TermService C:\Windows\System32\termsrv.dll
17:08:30.0601 0x0b38 TermService - ok
17:08:30.0626 0x0b38 [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] Themes C:\Windows\system32\shsvcs.dll
17:08:30.0637 0x0b38 Themes - ok
17:08:30.0662 0x0b38 [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
17:08:30.0665 0x0b38 THREADORDER - ok
17:08:30.0698 0x0b38 [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
17:08:30.0721 0x0b38 TrkWks - ok
17:08:30.0834 0x0b38 [ 16613A1BAD034D4ECF957AF18B7C2FF5, 75499618187ED4385984F608D134BB298A4CCB339F70B31E4A8B2CF3E3558396 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
17:08:30.0836 0x0b38 TrustedInstaller - ok
17:08:30.0865 0x0b38 [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
17:08:30.0882 0x0b38 tssecsrv - ok
17:08:30.0912 0x0b38 [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
17:08:30.0914 0x0b38 tunmp - ok
17:08:30.0947 0x0b38 [ 6042505FF6FA9AC1EF7684D0E03B6940, D09CF14A6C0C760238792DDA4ECB6FBB6CA645BB91BD62585EBD050226BDB5A7 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
17:08:30.0950 0x0b38 tunnel - ok
17:08:30.0961 0x0b38 uafilter - ok
17:08:30.0988 0x0b38 [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
17:08:31.0031 0x0b38 uagp35 - ok
17:08:31.0060 0x0b38 [ 8B5088058FA1D1CD897A2113CCFF6C58, 1616EDB66C3E2DA7B09EA4FE46A3FC7087D6201F2195D76118A93B0B065D1623 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
17:08:31.0080 0x0b38 udfs - ok
17:08:31.0114 0x0b38 [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
17:08:31.0121 0x0b38 UI0Detect - ok
17:08:31.0129 0x0b38 [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
17:08:31.0133 0x0b38 uliagpkx - ok
17:08:31.0180 0x0b38 [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
17:08:31.0191 0x0b38 uliahci - ok
17:08:31.0200 0x0b38 [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
17:08:31.0206 0x0b38 UlSata - ok
17:08:31.0216 0x0b38 [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
17:08:31.0223 0x0b38 ulsata2 - ok
17:08:31.0316 0x0b38 [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
17:08:31.0367 0x0b38 umbus - ok
17:08:31.0418 0x0b38 [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
17:08:31.0441 0x0b38 upnphost - ok
17:08:31.0455 0x0b38 USBAAPL - ok
17:08:31.0517 0x0b38 [ 292A25BB75A568AE2C67169BA2C6365A, EE8B50DD446ECDEBC8B27D015FA9DE18F918ABBA8CF277B799D71CC9D79842FC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
17:08:31.0522 0x0b38 usbaudio - ok
17:08:31.0557 0x0b38 [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
17:08:31.0572 0x0b38 usbccgp - ok
17:08:31.0589 0x0b38 [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
17:08:31.0595 0x0b38 usbcir - ok
17:08:31.0639 0x0b38 [ CEBE90821810E76320155BEBA722FCF9, AD27B032520BE2A45690DD1AFDDA632B934AB7F815CD313B19CD692790C761D8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
17:08:31.0643 0x0b38 usbehci - ok
17:08:31.0685 0x0b38 [ CC6B28E4CE39951357963119CE47B143, 0BC653B51A33709AADD8B5A2B8102DBCB3C1EE14BDDF4C58813FDCA43FF7C1B2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
17:08:31.0695 0x0b38 usbhub - ok
17:08:31.0701 0x0b38 [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
17:08:31.0705 0x0b38 usbohci - ok
17:08:31.0724 0x0b38 [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
17:08:31.0728 0x0b38 usbprint - ok
17:08:31.0767 0x0b38 [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
17:08:31.0771 0x0b38 usbscan - ok
17:08:31.0797 0x0b38 [ 87BA6B83C5D19B69160968D07D6E2982, 9E039DF4BBE53CA22A0ACE486B9867F99FFFE086CCAF6A83BD78770E4631F3F8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
17:08:31.0817 0x0b38 USBSTOR - ok
17:08:31.0840 0x0b38 [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
17:08:31.0844 0x0b38 usbuhci - ok
17:08:31.0877 0x0b38 [ 032A0ACC3909AE7215D524E29D536797, 51E36ED5953C0880BE508837181925A0F677842E8A5BA98099700E6ED691A783 ] UxSms C:\Windows\System32\uxsms.dll
17:08:31.0883 0x0b38 UxSms - ok
17:08:31.0907 0x0b38 [ B13BC395B9D6116628F5AF47E0802AC4, 36E023A07E56588A8C26EF95E4F99303659E4783E0D9E8AEF193CA77A7AF91BA ] vds C:\Windows\System32\vds.exe
17:08:31.0933 0x0b38 vds - ok
17:08:31.0968 0x0b38 [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
17:08:31.0980 0x0b38 vga - ok
17:08:32.0017 0x0b38 [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
17:08:32.0020 0x0b38 VgaSave - ok
17:08:32.0028 0x0b38 [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp C:\Windows\system32\drivers\viaagp.sys
17:08:32.0032 0x0b38 viaagp - ok
17:08:32.0038 0x0b38 [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
17:08:32.0042 0x0b38 ViaC7 - ok
17:08:32.0048 0x0b38 [ F3B4762EB85A2AFF4999401F14C3262B, 462B3A61AE82307292C8C75041514789AD2D1E3CF31A8A35E39A19989FD394C3 ] viaide C:\Windows\system32\drivers\viaide.sys
17:08:32.0053 0x0b38 viaide - ok
17:08:32.0069 0x0b38 [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
17:08:32.0074 0x0b38 volmgr - ok
17:08:32.0096 0x0b38 [ 98F5FFE6316BD74E9E2C97206C190196, CA9FA0EE5515D26F9406FF95F728E7F2CC29A8B7C97BC69FC2E95BBC60A2D261 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
17:08:32.0112 0x0b38 volmgrx - ok
17:08:32.0176 0x0b38 [ D8B4A53DD2769F226B3EB374374987C9, 49314B3E53FBF40A60E272C5B3B79FD1EFABFE1215DA5B030571B4DDF5592896 ] volsnap C:\Windows\system32\drivers\volsnap.sys
17:08:32.0187 0x0b38 volsnap - ok
17:08:32.0234 0x0b38 [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
17:08:32.0240 0x0b38 vsmraid - ok
17:08:32.0331 0x0b38 [ D5FB73D19C46ADE183F968E13F186B23, D35432BE4FF462FCEA958CF646D5572B6D78058BC2F1F324C9F50A0B14B02259 ] VSS C:\Windows\system32\vssvc.exe
17:08:32.0574 0x0b38 VSS - ok
17:08:32.0684 0x0b38 [ 1CF9206966A8458CDA9A8B20DF8AB7D3, 405D5FE96DA7ED03D4124EF6C692F80E88E5982B90DF46E353E94FFF576A5570 ] W32Time C:\Windows\system32\w32time.dll
17:08:32.0726 0x0b38 W32Time - ok
17:08:32.0747 0x0b38 [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
17:08:32.0751 0x0b38 WacomPen - ok
17:08:32.0791 0x0b38 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
17:08:32.0796 0x0b38 Wanarp - ok
17:08:32.0802 0x0b38 [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
17:08:32.0804 0x0b38 Wanarpv6 - ok
17:08:32.0859 0x0b38 [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
17:08:32.0887 0x0b38 WcesComm - ok
17:08:32.0959 0x0b38 [ F3A5C2E1A6533192B070D06ECF6BE796, CBA11D9E60A04A0B82C6934A53EA859513CD476FF047DD3D59727B10CE7DB2DA ] wcncsvc C:\Windows\System32\wcncsvc.dll
17:08:32.0993 0x0b38 wcncsvc - ok
17:08:33.0028 0x0b38 [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
17:08:33.0032 0x0b38 WcsPlugInService - ok
17:08:33.0070 0x0b38 [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
17:08:33.0073 0x0b38 Wd - ok
17:08:33.0127 0x0b38 [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
17:08:33.0168 0x0b38 Wdf01000 - ok
17:08:33.0201 0x0b38 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
17:08:33.0207 0x0b38 WdiServiceHost - ok
17:08:33.0213 0x0b38 [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
17:08:33.0218 0x0b38 WdiSystemHost - ok
17:08:33.0283 0x0b38 [ CF9A5F41789B642DB967021DE06A2713, A541F9D87CBDE2A4E48C5D5363736EF603B2701741D3044232474F179884AD7B ] WebClient C:\Windows\System32\webclnt.dll
17:08:33.0338 0x0b38 WebClient - ok
17:08:33.0356 0x0b38 [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
17:08:33.0381 0x0b38 Wecsvc - ok
17:08:33.0415 0x0b38 [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
17:08:33.0431 0x0b38 wercplsupport - ok
17:08:33.0465 0x0b38 [ FD1965AAA112C6818A30AB02742D0461, 6779D836934412907390DC85FA2A8C3BB1CC31FD4151830275B773FD13CFFBC2 ] WerSvc C:\Windows\System32\WerSvc.dll
17:08:33.0484 0x0b38 WerSvc - ok
17:08:33.0562 0x0b38 [ 4DACA8F07537D4D7E3534BB99294AA26, 8418B5A83D945FF1827C5B19A57BE7FFE1FD523C6795B0ACE88E4A906C82BA2C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
17:08:33.0619 0x0b38 winachsf - ok
17:08:33.0688 0x0b38 [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] WinDefend C:\Program Files\Windows Defender\mpsvc.dll
17:08:33.0700 0x0b38 WinDefend - ok
17:08:33.0707 0x0b38 WinHttpAutoProxySvc - ok
17:08:33.0791 0x0b38 [ 00B79A7C984678F24CF052E5BEB3A2F5, 4D8E4394C926D2B1C71613D309F2D62A663B0ADB73A036F5E9E7D1AFF605CA2A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
17:08:33.0798 0x0b38 Winmgmt - ok
17:08:33.0927 0x0b38 [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
17:08:34.0231 0x0b38 WinRM - ok
17:08:34.0292 0x0b38 [ 275F4346E569DF56CFB95243BD6F6FF0, 9C85246BF99119DBD6E0B5D38F96B8BC00F3C87618D17BC0E0A063A0D9A03440 ] Wlansvc C:\Windows\System32\wlansvc.dll
17:08:34.0330 0x0b38 Wlansvc - ok
17:08:34.0447 0x0b38 [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
17:08:34.0450 0x0b38 WmiAcpi - ok
17:08:34.0485 0x0b38 [ ABA4CF9F856D9A3A25F4DDD7690A6E9D, 07C1DAF3DA3CDA84FBE4C7576372115FCAAAAFC332F252C03625E53C7F3C6EE5 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
17:08:34.0491 0x0b38 wmiApSrv - ok
17:08:34.0867 0x0b38 [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
17:08:34.0956 0x0b38 WMPNetworkSvc - ok
17:08:35.0017 0x0b38 [ 5D94CD167751294962BA238D82DD1BB8, 62C7A31706F1C33A2C1C68006191AEE85A98885D23EC582EF2F88AAF604AC9A7 ] WPCSvc C:\Windows\System32\wpcsvc.dll
17:08:35.0031 0x0b38 WPCSvc - ok
17:08:35.0053 0x0b38 [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
17:08:35.0060 0x0b38 WPDBusEnum - ok
17:08:35.0206 0x0b38 [ 0CEC23084B51B8288099EB710224E955, E1AAB1E08E1745313D0A149A645AA878148D2DBE5CCC23C4ECCFC5003945C22B ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
17:08:35.0210 0x0b38 WpdUsb - ok
17:08:35.0341 0x0b38 [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
17:08:35.0392 0x0b38 WPFFontCache_v0400 - ok
17:08:35.0461 0x0b38 [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
17:08:35.0496 0x0b38 ws2ifsl - ok
17:08:35.0533 0x0b38 [ 683DD16B590372F2C9661D277F35E49C, 29D86389D95256EEF37BA01D403494385015D926E851A39EC7948FF6EF4E8481 ] wscsvc C:\Windows\system32\wscsvc.dll
17:08:35.0552 0x0b38 wscsvc - ok
17:08:35.0557 0x0b38 WSearch - ok
17:08:36.0029 0x0b38 [ 6298277B73C77FA99106B271A7525163, 9E076697F025167B57D8D66ED0862B184D70324E058BFA36E42D0C6728720B31 ] wuauserv C:\Windows\system32\wuaueng.dll
17:08:36.0420 0x0b38 wuauserv - ok
17:08:36.0772 0x0b38 [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
17:08:36.0778 0x0b38 WUDFRd - ok
17:08:36.0800 0x0b38 [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
17:08:36.0805 0x0b38 wudfsvc - ok
17:08:36.0838 0x0b38 [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8, 3660379AADB6DB56E54D9C680929CD3882CDE4E6A8BB888FC892110D6B50C627 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
17:08:36.0841 0x0b38 XAudio - ok
17:08:36.0871 0x0b38 [ 28DC5D626E036A75A572556F0A6EB1F6, 9AE635C08B87AD85A552ADE0AF8BA10DC258E0DEFE133A2A74EFCD43B7A38A98 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
17:08:36.0933 0x0b38 XAudioService - ok
17:08:36.0945 0x0b38 ================ Scan global ===============================
17:08:37.0018 0x0b38 [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
17:08:37.0146 0x0b38 [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
17:08:37.0241 0x0b38 [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
17:08:37.0373 0x0b38 [ 2B336AB6286D6C81FA02CBAB914E3C6C, C5ADF6D5BFC00375BA6D0E5D96F36D36ADFBF66325A48358C6317E387FB220EC ] C:\Windows\system32\services.exe
17:08:37.0422 0x0b38 [ Global ] - ok
17:08:37.0428 0x0b38 ================ Scan MBR ==================================
17:08:37.0463 0x0b38 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
17:08:39.0906 0x0b38 \Device\Harddisk0\DR0 - ok
17:08:39.0956 0x0b38 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk1\DR2
17:08:39.0991 0x0b38 \Device\Harddisk1\DR2 - ok
17:08:39.0993 0x0b38 ================ Scan VBR ==================================
17:08:40.0032 0x0b38 [ 2FF9357D589AE84717398A93BCC56E8B ] \Device\Harddisk0\DR0\Partition1
17:08:40.0058 0x0b38 \Device\Harddisk0\DR0\Partition1 - ok
17:08:40.0084 0x0b38 [ 8BF3C2DFC2C0DF9255A43749D01A0678 ] \Device\Harddisk0\DR0\Partition2
17:08:40.0241 0x0b38 \Device\Harddisk0\DR0\Partition2 - ok
17:08:40.0248 0x0b38 [ 1FE9AD2C9FAF0B103E9111E53D3B150B ] \Device\Harddisk1\DR2\Partition1
17:08:40.0251 0x0b38 \Device\Harddisk1\DR2\Partition1 - ok
17:08:40.0252 0x0b38 ================ Scan generic autorun ======================
17:08:40.0560 0x0b38 [ D8B83790F45403B83D24FC63310E3BC7, 627245DC56B55EC3851DC6BA594175841EA38D67C27A53B020C9C97859257AA4 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
17:08:40.0659 0x0b38 SynTPEnh - ok
17:08:40.0834 0x0b38 [ 23242FD6C7D4C61807E84FD3A79248C4, 6E53D0815B4552A05A0EC28871E5E9F0D14815FB52FCDD612C96050B7093493C ] C:\Windows\OEM02Mon.exe
17:08:40.0857 0x0b38 OEM02Mon.exe - ok
17:08:40.0898 0x0b38 [ FF850C34ECDD73EB989D3B0CAA36229E, E7F54E33E0CE20BD14F098476A1D34BD8E0D651974FAD984F2A5AA9AF8CAA405 ] C:\Windows\system32\igfxtray.exe
17:08:40.0932 0x0b38 IgfxTray - ok
17:08:40.0987 0x0b38 [ E23BF454E2B9049B3093033E0735E39C, 2701E102CB3E1590284542A04F8C4BC27830662F038E1E09F3E2911FA03878B6 ] C:\Windows\system32\hkcmd.exe
17:08:40.0996 0x0b38 HotKeysCmds - ok
17:08:41.0098 0x0b38 [ 27BD1461ED8E7F84BFBA1A34F51F5CCF, 8C51769C922989EF28B6C42C6C0FFCFE6F3BD5131118CBBD0D8F68C610EEB174 ] C:\Windows\system32\igfxpers.exe
17:08:41.0153 0x0b38 Persistence - ok
17:08:41.0222 0x0b38 [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ] C:\Windows\WindowsMobile\wmdc.exe
17:08:41.0315 0x0b38 Windows Mobile Device Center - ok
17:08:41.0455 0x0b38 [ DAC9B43BBFA0359E252DDB0CB91DEA6D, 2A109ABECF757567735C439663ED618B49EF7749ABEE6AEF8A100B2028C31A38 ] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
17:08:41.0506 0x0b38 DELL Webcam Manager - ok
17:08:41.0603 0x0b38 [ FF3BF05021BFECC92DB81B8257EEB026, E09DF383DCFF34B8B9491AF258220117A1CDFBA544F90A70E954BF54E4A0521D ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
17:08:41.0648 0x0b38 ISUSScheduler - ok
17:08:41.0686 0x0b38 [ 1AAD451CCBECE62987591B35AE8037A8, 5B94F0493CDC62B275A27BE4948A82EAC9D7EB6610CBE4362E018B87759692E5 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
17:08:41.0811 0x0b38 RoxWatchTray - ok
17:08:41.0924 0x0b38 [ 267B3A856E9F4DB1CABD4E6DB71E07D2, E384B0204375A8E9DCAFB3FD6E72442F3E9418812637F4EFA2653F946EBE8E26 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
17:08:41.0962 0x0b38 dscactivate - ok
17:08:42.0027 0x0b38 [ B6687CA43A44F0D8732A22191028912F, 0B6B43143D3B750880884D7E561359467B786A3788BD6FBA105EC24B14A52F79 ] C:\Program Files\Dell\MediaDirect\PCMService.exe
17:08:42.0048 0x0b38 PCMService - ok
17:08:42.0215 0x0b38 [ 8B9145D229D4E89D15ACB820D4A3A90F, F3831D9AE752B6AFBD3380E0BC849E4B051D6E06A88C1F61293A6DE4F66794E1 ] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
17:08:42.0269 0x0b38 Adobe Reader Speed Launcher - ok
17:08:42.0550 0x0b38 [ 485A4912B2D639694F836451A2B30435, B913073813BD933D882AC9ABC5CE84F96D3238622FFA97BDE8EDED629454F778 ] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
17:08:42.0832 0x0b38 SigmatelSysTrayApp - ok
17:08:44.0279 0x0b38 [ 06105D08927E3498B3D380CBF0688E78, 76CEBECFBEC01C75A94E0A3E04B5AEDB5ECA0C19EBCDC8F30009B09678510D73 ] C:\Program Files\AVG\AVG10\avgtray.exe
17:08:45.0507 0x0b38 AVG_TRAY - ok
17:08:45.0727 0x0b38 [ 5944DC25A337F489679388E3308DD6AC, 0CC6F129B67DAE67DE0278AA68AFA6597EACA1521E19099109DEFCB0D386FCA1 ] C:\Program Files\Winamp\winampa.exe
17:08:45.0847 0x0b38 WinampAgent - ok
17:08:46.0080 0x0b38 [ F96EBC5A624349D81DCC7600A3C5DC43, 7812184AFC24F7A245D3D140EB0C1A4A23E73B34BC0A8C1556715368086F0376 ] C:\Windows\system32\conime.exe
17:08:46.0175 0x0b38 Conime - ok
17:08:47.0409 0x0b38 [ 5C59E612AA95F10DBD29F6249EA379D3, CC1B5D70960C49DAEBD0BBFA908A1F6D823FCF5030AEBEEA646A04DAC338579B ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
17:08:49.0042 0x0b38 EKStatusMonitor - ok
17:08:49.0958 0x0b38 [ BB3B08157FA22769B7ED9D2C44081D5A, 0653EA6D992A9FA09BB1756F6671C8FD9D518C60471B0F6420A7FC1DA2D3B6FA ] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
17:08:51.0375 0x0b38 EKIJ5000StatusMonitor - ok
17:08:51.0643 0x0b38 [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:08:51.0707 0x0b38 Sidebar - ok
17:08:51.0714 0x0b38 WindowsWelcomeCenter - ok
17:08:51.0903 0x0b38 [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\Sidebar.exe
17:08:51.0942 0x0b38 Sidebar - ok
17:08:51.0949 0x0b38 WindowsWelcomeCenter - ok
17:08:52.0089 0x0b38 [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
17:08:52.0094 0x0b38 ehTray.exe - ok
17:08:52.0862 0x0b38 [ FD1AAB63DA3A91A04F34E64CF047309E, 2E17BC863C57BA02180F5DEE8D5D93D096DC9D868AF5402EF842E16B89794377 ] C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe
17:08:53.0426 0x0b38 uTorrent - ok
17:08:53.0625 0x0b38 [ 98D7C3F58884D89D1F16F4F77BCD00EE, 0C97B2D85205D0F573B2D0C3E61C9EB42B43786252F0B86761FAD1F361EDEFED ] C:\Program Files\Uniblue\DriverScanner\launcher.exe
17:08:53.0803 0x0b38 DriverScanner - ok
17:08:53.0912 0x0b38 [ 6D9E1356A9C1B5F36698FAFF9205E34A, A7E37C2C0F1F35F5434144D5F1D282858D6B3CE995BE6612BA22FB7E83793F77 ] C:\Program Files\Xvid\CheckUpdate.exe
17:08:53.0914 0x0b38 Xvid - ok
17:08:53.0915 0x0b38 Waiting for KSN requests completion. In queue: 8
17:08:55.0112 0x0b38 Win FW state via NFP2: enabled
17:08:55.0286 0x0b38 ============================================================
17:08:55.0286 0x0b38 Scan finished
17:08:55.0286 0x0b38 ============================================================
17:08:55.0298 0x0804 Detected object count: 0
17:08:55.0298 0x0804 Actual detected object count: 0
Hi Holsten87,
What error message, if any do you get when trying to install SP2?
Holsten87
2014-07-03, 00:54
I get: Installer encountered an error: 0x80080005
Server execution failed.
Hi Holsten87,
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Farbar Service Scanner
Please download Farbar Service Scanner (http://www.bleepingcomputer.com/download/farbar-service-scanner/dl/62/) and save it to your desktop.
Right click and select "Run as Administrator"
Make sure the following options are checked:
Internet Services
Windows Firewall
System Restore
Security Center
Windows Update
Windows Defender
Press "Scan".
It will create a log (FSS.txt) in the same directory the tool is run.
Please copy and paste the log to your reply.
=========================
In your next post please provide the following:
FSS.txt
Holsten87
2014-07-03, 20:38
Hi OCD,
Here is the Farbar Service Scanner log:
Farbar Service Scanner Version: 10-06-2014
Ran by Holly Chapman (administrator) on 03-07-2014 at 19:37:20
Running from "C:\Users\Holly Chapman\Downloads"
Windows Vista (TM) Home Premium Service Pack 1 (X86)
Boot Mode: Normal
****************************************************************
Internet Services:
============
Connection Status:
==============
Localhost is accessible.
LAN connected.
Google IP is accessible.
Google.com is accessible.
Yahoo.com is accessible.
Windows Firewall:
=============
Firewall Disabled Policy:
==================
System Restore:
============
System Restore Disabled Policy:
========================
Security Center:
============
Windows Update:
============
wuauserv Service is not running. Checking service configuration:
The start type of wuauserv service is OK.
The ImagePath of wuauserv service is OK.
The ServiceDll of wuauserv service is OK.
Windows Autoupdate Disabled Policy:
============================
Windows Defender:
==============
Other Services:
==============
File Check:
========
C:\Windows\system32\nsisvc.dll => File is digitally signed
C:\Windows\system32\Drivers\nsiproxy.sys => File is digitally signed
C:\Windows\system32\dhcpcsvc.dll => File is digitally signed
C:\Windows\system32\Drivers\afd.sys => File is digitally signed
C:\Windows\system32\Drivers\tdx.sys => File is digitally signed
C:\Windows\system32\Drivers\tcpip.sys => File is digitally signed
C:\Windows\system32\dnsrslvr.dll => File is digitally signed
C:\Windows\system32\mpssvc.dll => File is digitally signed
C:\Windows\system32\bfe.dll => File is digitally signed
C:\Windows\system32\Drivers\mpsdrv.sys => File is digitally signed
C:\Windows\system32\SDRSVC.dll => File is digitally signed
C:\Windows\system32\vssvc.exe => File is digitally signed
C:\Windows\system32\wscsvc.dll => File is digitally signed
C:\Windows\system32\wbem\WMIsvc.dll => File is digitally signed
C:\Windows\system32\wuaueng.dll => File is digitally signed
C:\Windows\system32\qmgr.dll => File is digitally signed
C:\Windows\system32\es.dll => File is digitally signed
C:\Windows\system32\cryptsvc.dll => File is digitally signed
C:\Program Files\Windows Defender\MpSvc.dll => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
**** End of log ****
Hi Holsten87,
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Tweaking.com - Windows Repair
Disable your Anti-Virus software BEFORE running this tool.
Tutorials: here (http://forums.whatthetech.com/index.php?showtopic=96260&hl=disable+anti+virus+programs).
=========================
Download Tweaking.com Windows Repair from here (http://www.bleepingcomputer.com/download/windows-repair-all-in-one/) or here (http://www.tweaking.com/files/setups/tweaking.com_windows_repair_aio_setup.exe) and save it to your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Once the program opens you will be at the Welcome tab.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/WindowsRepairTool-1_zps275b3c77.png (http://s1269.photobucket.com/user/OCD-WTT/media/WindowsRepairTool-1_zps275b3c77.png.html)
=========================
Step 4: Create a System Restore Point & Create a Registry Back-up
http://i1269.photobucket.com/albums/jj590/OCD-WTT/WindowsRepairTool-4RestorePointandbackupRegistry_zpsc376724b.png (http://s1269.photobucket.com/user/OCD-WTT/media/WindowsRepairTool-4RestorePointandbackupRegistry_zpsc376724b.png.html)
Create a Restore Point:
Select the Create button to create a new restore point
Wait, confirmation will be displayed below the Restore button
=========================
Back-up the Registry:
Select the Back-up button,Tweaking.com Registry Back-up window will open and begin the back-up
It will close automatically. (that's normal)
=========================
Step 5: Start Repairs
http://i1269.photobucket.com/albums/jj590/OCD-WTT/WindowsRepairTool-5StartRepairs_zps68e28fd4.png (http://s1269.photobucket.com/user/OCD-WTT/media/WindowsRepairTool-5StartRepairs_zps68e28fd4.png.html)
Select the Start button to continue, the window below will open.
Repair Window settings
http://i1269.photobucket.com/albums/jj590/OCD-WTT/WindowsRepairTool-6StartRepairsMenu_zpsd1db996c.png (http://s1269.photobucket.com/user/OCD-WTT/media/WindowsRepairTool-6StartRepairsMenu_zpsd1db996c.png.html)
In the Repair Options window, place a check mark next to the following items: (not select all)
Reset Registry Permissions
Reset File Permissions
Repair WMI
Repair Windows Firewall
Repair Internet Explorer
Repair Hosts File
Remove Policies Set By Infections
Repair Winsock & DNS Cache
Repair Windows Updates
Repair MSI (Windows Installer)
Restore Important Windows Services
Set Windows Services To Default Startup
=========================
Locate the Restart/Shutdown System when Finished, select the box, then choose Restart System
Click the Start button, a DOS window will/may appear during the repair process.
Acknowledge the System reboot when finished
=========================
Log files can be located by going to the Settings tab in the Windows Repair program and clicking the Open Log Folder button
The default location for the logs is : C:\Program Files (x86)\Tweaking.com\Windows Repair (All in One)\Logs\
=========================
In your next post please provide the following:
Windows Repair Log (default location listed above)
Holsten87
2014-07-06, 13:51
Hi OCD,
I've run the repair. When I disabled AVG I only had the option to disable it for up to 15mins, and so had to re-disable during the repair process twice. Hopefully this didn't cause any problems. Please see the repair log below:
System Variables
--------------------------------------------------------------------------------
OS: Windows Vista (TM) Home Premium
OS Architecture: 32-bit
OS Version: 6.0.6001
OS Service Pack: Service Pack 1
Computer Name: THE-BEAST
Windows Drive: C:\
Windows Path: C:\Windows
Current Profile: C:\Users\Holly Chapman
Current Profile SID: S-1-5-21-1025113376-2626304966-3518894149-1000
Current Profile Classes: S-1-5-21-1025113376-2626304966-3518894149-1000_Classes
Profiles Location: C:\Users
Profiles Location 2: C:\Windows\ServiceProfiles
Local Settings AppData: C:\Users\Holly Chapman\AppData\Local
--------------------------------------------------------------------------------
System Information
--------------------------------------------------------------------------------
System Up Time: 0 Days 01:36:50
Process Count: 66
Commit Total: 1.46 GB
Commit Limit: 4.22 GB
Commit Peak: 1.83 GB
Handle Count: 18980
Kernel Total: 184.18 MB
Kernel Paged: 92.34 MB
Kernel Non Paged: 91.84 MB
System Cache: 994.71 MB
Thread Count: 803
--------------------------------------------------------------------------------
Memory Before Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 1.99 GB
Memory Used: 1.22 GB(61.1954%)
Memory Avail.: 790.57 MB
--------------------------------------------------------------------------------
Cleaning Memory Before Starting Repairs...
Memory After Cleaning with CleanMem
--------------------------------------------------------------------------------
Memory Total: 1.99 GB
Memory Used: 960.92 MB(47.166%)
Memory Avail.: 1.05 GB
--------------------------------------------------------------------------------
Starting Repairs...
Start (06/07/2014 10:41:18)
01 - Reset Registry Permissions 01/03
HKEY_CURRENT_USER & Sub Keys
Start (06/07/2014 10:41:23)
Running Repair Under Current User Account
Done (06/07/2014 10:41:57)
01 - Reset Registry Permissions 02/03
HKEY_LOCAL_MACHINE & Sub Keys
Start (06/07/2014 10:41:57)
Running Repair Under System Account
Done (06/07/2014 10:51:30)
01 - Reset Registry Permissions 03/03
HKEY_CLASSES_ROOT & Sub Keys
Start (06/07/2014 10:51:30)
Running Repair Under System Account
Done (06/07/2014 10:53:52)
02 - Reset File Permissions: C:
C: & Sub Folders
Start (06/07/2014 10:53:52)
Running Repair Under System Account
Done (06/07/2014 11:01:49)
02 - Reset File Permissions: D:
D: & Sub Folders
Start (06/07/2014 11:01:49)
Running Repair Under System Account
Done (06/07/2014 11:02:15)
02 - Reset File Permissions: All Profiles
C:\Users & Sub Folders
Start (06/07/2014 11:02:15)
Running Repair Under System Account
Done (06/07/2014 11:05:32)
02 - Reset File Permissions: Current Profile
C:\Users\Holly Chapman & Sub Folders
Start (06/07/2014 11:05:32)
Running Repair Under System Account
Done (06/07/2014 11:08:38)
02 - Reset File Permissions: Cleanup
Repairing Restricted Folders Permissions To Avoid Infinite Loops
Start (06/07/2014 11:08:38)
Running Repair Under System Account
Processing ACL of: <\\?\C:\Documents and Settings>
SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Application Data>
SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Desktop>
SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Documents>
SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Favorites>
SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Start Menu>
SetACL finished successfully.
Processing ACL of: <\\?\C:\ProgramData\Templates>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Application Data>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Desktop>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Documents>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Favorites>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Start Menu>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\All Users\Templates>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default User>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Application Data>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Cookies>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Local Settings>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\My Documents>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\NetHood>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\PrintHood>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Recent>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\SendTo>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Start Menu>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Templates>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Application Data>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\History>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\AppData\Local\Temporary Internet Files>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Music>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Pictures>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Default\Documents\My Videos>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Music>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Pictures>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Public\Documents\My Videos>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Administrator\Application Data>
Reading the SD from <\\?\C:\Users\Administrator\Application Data> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\Cookies>
Reading the SD from <\\?\C:\Users\Administrator\Cookies> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\Local Settings>
Reading the SD from <\\?\C:\Users\Administrator\Local Settings> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\My Documents>
Reading the SD from <\\?\C:\Users\Administrator\My Documents> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\NetHood>
Reading the SD from <\\?\C:\Users\Administrator\NetHood> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\PrintHood>
Reading the SD from <\\?\C:\Users\Administrator\PrintHood> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\Recent>
Reading the SD from <\\?\C:\Users\Administrator\Recent> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\SendTo>
Reading the SD from <\\?\C:\Users\Administrator\SendTo> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\Start Menu>
Reading the SD from <\\?\C:\Users\Administrator\Start Menu> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\Templates>
Reading the SD from <\\?\C:\Users\Administrator\Templates> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\Application Data>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\Application Data> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\History>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\History> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\AppData\Local\Temporary Internet Files>
Reading the SD from <\\?\C:\Users\Administrator\AppData\Local\Temporary Internet Files> failed with: The system cannot find the file specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the file specified.
Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Music>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Music> failed with: The system cannot find the path specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.
Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Pictures>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Pictures> failed with: The system cannot find the path specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.
Processing ACL of: <\\?\C:\Users\Administrator\Documents\My Videos>
Reading the SD from <\\?\C:\Users\Administrator\Documents\My Videos> failed with: The system cannot find the path specified.
SetACL finished with error(s):
SetACL error message: The call to GetNamedSecurityInfo () failed
Operating system error message: The system cannot find the path specified.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Application Data>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Cookies>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Local Settings>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\My Documents>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\NetHood>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\PrintHood>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Recent>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\SendTo>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Start Menu>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Templates>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\AppData\Local\Application Data>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\AppData\Local\History>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\AppData\Local\Temporary Internet Files>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Documents\My Music>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Documents\My Pictures>
SetACL finished successfully.
Processing ACL of: <\\?\C:\Users\Holly Chapman\Documents\My Videos>
SetACL finished successfully.
Done (06/07/2014 11:08:42)
05 - Repair WMI
Start (06/07/2014 11:08:42)
Starting Security Center So We Can Export The Security Info.
Exporting Antivirus Info...
No Antivirus Products Reported.
Exporting AntiSpyware Info...
No AntiSpyware Products Reported.
Exporting 3rd Party Firewall Info...
No Firewall Products Reported.
Running Repair Under Current User Account
Done (06/07/2014 11:10:30)
06 - Repair Windows Firewall
Start (06/07/2014 11:10:30)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:11:10)
07 - Repair Internet Explorer
Start (06/07/2014 11:11:10)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:11:59)
09 - Repair Hosts File
Start (06/07/2014 11:11:59)
Running Repair Under System Account
Done (06/07/2014 11:12:01)
10 - Remove Policies Set By Infections
Start (06/07/2014 11:12:01)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:12:06)
14 - Remove Temp Files
Start (06/07/2014 11:12:06)
Running Repair Under System Account
Done (06/07/2014 11:12:17)
17 - Repair Windows Updates
Start (06/07/2014 11:12:17)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:13:22)
21 - Repair MSI (Windows Installer)
Start (06/07/2014 11:13:22)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:13:35)
26 - Restore Important Windows Services
Start (06/07/2014 11:13:35)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:13:44)
27 - Set Windows Services To Default Startup
Start (06/07/2014 11:13:44)
Running Repair Under Current User Account
Running Repair Under System Account
Done (06/07/2014 11:13:49)
Cleaning up empty logs...
All Selected Repairs Done.
Done (06/07/2014 11:13:49)
Total Repair Time: 00:32:32
...YOU MUST RESTART YOUR SYSTEM...
Running Repair Under Current User Account
Hi Holsten87,
Thanks for the log. Now, referring back to my instructions from post # 5 (http://forums.spybot.info/showthread.php?70728-Trojan-horse-FakeAV-unable-to-be-deleted-by-AVG-2011-Free-Edition&p=454432&viewfull=1#post454432) see if you can update to SP2.
Reply with the results.
Holsten87
2014-07-06, 22:11
Hi OCD,
I'm still having trouble with the SP2 update, this time I'm getting error message:
Class not registered
REGDB_E_CLASSNOTREG(0x80040154)
Hi Holsten87,
Obviously, getting this corrected is getting a bit frustrating. Let's move onto getting the computer clean, then refocus on the update issue.
Your system is severely fragmented, let's try running the defrag utility.
Total Fragmentation on Drive C: 34 % Defragment your hard drive soon!
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Disk Defragmenter for Vista
Open Disk Defragmenter by clicking the Start button, > All Programs, > Accessories, > System Tools and then clicking Disk Defragmenter..
If you are prompted for an administrator password or confirmation, type the password or provide confirmation.
Click Defragment Now.
Disk Defragmenter might take from several minutes to a few hours to finish, depending on the size and degree of fragmentation of your hard disk. You can still use your computer during the defragmentation process.
Tutorial: http://windows.microsoft.com/en-US/windows-vista/improve-performance-by-defragmenting-your-hard-disk
=========================
Reply with results.
Hi Holsten87,
Just checking in to see if you still need help?
Holsten87
2014-07-10, 18:23
Hi OCD,
Sorry for the late reply, I was away for the last three days. Just doing the defrag now (it's taking a little while but I guess that is to be expected considering the state of my harddrive). I will post the results asap.
Hi Holsten87,
Any success getting the computer defragged?
Holsten87
2014-07-13, 21:15
Hi OCD,
Unfortunately not. I had it on all day yesterday and it didn't completed the defrag process. My PC seems to be very slow starting up now however. Should I keep trying? Is it ok to keep stopping and starting the degrag process?
Hi Holsten87,
With the degree of fragmentation it might prove a bit difficult. Let's try this third party defrag tool and see if it works any better.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Auslogics Disk Defrag Free
Download here (http://www.auslogics.com/en/downloads/disk-defrag/disk-defrag-setup.exe)
Install and run
Post back after you have completed
=========================
Holsten87
2014-07-15, 18:50
Hi OCD,
Thank you for you patience thus far. This defrag worked and got the fragmentation down to 35%.
Hi Holsten87,
With the degree of fragmentation you will probably need to run the Auslogics program multiple times to bring that number down. Be sure to reboot after each run.
Please run it two (2) more times and make note of the percent of fragmentation after each run. Report back with the results.
Holsten87
2014-07-17, 22:32
Hi OCD,
First run: 30%
Second run: 28%
Results:
118 297371 / 298219 7.35 MB OK C:\Windows\Prefetch\ReadyBoot\Trace8.fx
3 2928 / 2934 22.41 KB OK C:\ProgramData\AVG10\log\avgns.log
3 177392 / 177712 384.00 KB OK C:\Windows\System32\LogFiles\Scm\SCM.EVM
2 33739 / 33776 146.83 KB OK C:\Windows\SoftwareDistribution\ReportingEvents.log
2 39038 / 39134 384.00 KB OK C:\ProgramData\AVG10\scanlogs
4 93751 / 93841 359.14 KB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\jetpack\firefox@ghostery.com\simple-storage\store.json
11 33776 / 33826 198.43 KB OK C:\Users\Holly Chapman\AppData\Roaming\ioloGovernor\logs\iologvr.log
2 101565 / 101657 365.09 KB OK C:\ProgramData\AVG10\log\fixcfg.log
9 624160 / 628384 16.50 MB OK C:\Windows\System32\WDI\LogFiles\BootCKCL.etl
7 6249 / 6256 28.00 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows
3 130321 / 130508 744.37 KB OK C:\ProgramData\AVG10\log\avgtdi.log
16 176825 / 177065 912.58 KB OK C:\ProgramData\AVG10\log\avgsched.log
2 186775 / 187026 0.98 MB OK C:\ProgramData\AVG10\log\avgwd.log.2
2 190988 / 191351 1.41 MB OK C:\ProgramData\Kodak\Inkjet Logging\Kodak Statistics Log.html
4 224855 / 225199 1.33 MB OK C:\Windows\WindowsUpdate.log
2 349807 / 351121 5.13 MB OK C:\Windows\Logs\CBS\CBS.log
48 131092 / 131303 5.08 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08c471b6\Microsoft Windows Search Filter Host_1.kdmp
2 377311 / 379021 5.68 MB OK C:\ProgramData\AVG10\log\IDP\log\avgtray_idp_Holly Chapman.log
2 1809 / 1811 4.24 KB OK C:\Users\Holly Chapman\AppData\Local\Last.fm\Client\WinampPlugin.log
4 615175 / 617207 7.94 MB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\zotero\zotero.sqlite
3 628384 / 631531 12.29 MB OK C:\Windows\inf\setupapi.app.log
3 37311 / 37343 99.27 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl0.gthr
2 14176 / 14199 90.87 KB OK C:\ProgramData\AVG10\log\avgsrm.log
2 301297 / 302305 3.94 MB OK C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{4dfcdfe0-8ba5-4067-8293-e1dc42af8491}\ksnapshot.etl
15 1224487 / 1265471 160.09 MB free space not found C:\Windows\System32\drivers\AVG\incavi.avm
4 1474064 / 1531787 225.48 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E13.Arrival.Departure.720p.WEB-DL.x264.AAC.mp4
3 1555839 / 1609307 208.86 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E04.House.Call.720p.WEB-DL.x264.AAC.mp4
5 4789 / 4794 20.00 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
3 2253108 / 2301564 189.28 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E09.On.the.Carpet.720p.WEB-DL.x264.AAC.mp4
2 2348926 / 2411567 244.69 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E01.White.Elephant.720p.WEB-DL.x264.AAC.mp4
2 2416418 / 2469997 209.29 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E02.A.Kiss.While.Dying.720p.WEB-DL.x264.AAC.mp4
4 2735604 / 2810150 291.19 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E05.Southbound.and.Down.720p.WEB-DL.x264.AAC.mp4
3 2906883 / 2960055 207.70 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E07.Smugglers.Blues.720p.WEB-DL.x264.AAC.mp4
2 2943074 / 3022114 308.75 MB free space not found C:\Users\Holly Chapman\Videos\Veoh\WatchNow\3222f701637b46ac6fc8c3f04dd523983b2b7826
2 2988089 / 3036392 188.68 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E03.A.Debt.of.Honor.720p.WEB-DL.x264.AAC.mp4
2 1811 / 1813 8.00 KB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\safebrowsing
12 631531 / 634535 11.73 MB OK C:\ProgramData\AVG10\Chjw\5074966d74965616\avgcchmf.dat
46 149365 / 149554 3.80 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08c471b6\Microsoft Windows Search Protocol Host_0.hdmp
27 5174230 / 5461103 1.09 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140213\152834.avi
4 5349588 / 5419819 274.34 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E08.The.Rules.of.Extraction.720p.WEB-DL.x264.AAC.mp4
86 7832101 / 8428497 2.28 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20121118\203401.avi
43 124615 / 124796 3.69 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0890c8ad\Microsoft Windows Search Protocol Host_0.hdmp
4 9396818 / 9452556 217.72 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E12.Filibuster.720p.WEB-DL.x264.AAC.mp4
6 106872 / 106973 403.59 KB OK C:\Users\Holly Chapman\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
3 10266052 / 10320841 214.02 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E06.Baby.Shower.720p.WEB-DL.x264.AAC.mp4
6 391555 / 392944 5.42 MB OK C:\ProgramData\AVG10\Chjw\5074966d74965616\avgcchff.dat
4 11898030 / 11954455 220.41 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E10.Palace.Intrigue.Part.1.720p.WEB-DL.x264.AAC.mp4
4 12041404 / 12099014 225.04 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E11.Palace.Intrigue.Part.2.720p.WEB-DL.x264.AAC.mp4
57 196904 / 197180 5.67 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0890c8ad\Microsoft Windows Search Filter Host_1.kdmp
16 14707108 / 14780262 285.75 MB free space not found C:\Windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
13 15752723 / 15914994 633.87 MB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20120212\204239.avi
19 15952723 / 16196266 951.34 MB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140323\125335.avi
2 751437 / 757301 22.91 MB OK C:\Windows\System32\config\SM Registry Backup\04-07-2013 11.52.14\SYSTEM
10 17021298 / 17209392 734.74 MB free space not found C:\Users\Holly Chapman\Videos\vzqtaxqevvew.avi
74 18220600 / 18851427 2.41 GB unmovable file C:\System Volume Information\{087f93e5-0abe-11e4-bc19-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
12 18923476 / 19006836 325.63 MB unmovable file C:\System Volume Information\{a001cdbc-0c38-11e4-876b-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
30 18960776 / 19286859 1.24 GB unmovable file C:\System Volume Information\{0937db07-0b75-11e4-9518-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2 156240 / 156432 256.00 KB OK C:\Users\Holly Chapman\ntuser.dat.LOG1
71 20635904 / 21387416 2.87 GB unmovable file C:\System Volume Information\{a001cdd0-0c38-11e4-876b-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
125 21082428 / 22388025 4.98 GB unmovable file C:\System Volume Information\{c39349d9-0d06-11e4-83bd-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
3 138196 / 138333 545.54 KB OK C:\ProgramData\AVG10\log\commonpriv.log
4 189355 / 189597 965.78 KB OK C:\ProgramData\AVG10\log\avgui.log
2 270007 / 270666 2.57 MB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\adblockplus\elemhide.css
4 329613 / 330481 3.39 MB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\startupCache\startupCache.4.little
2 85945 / 86009 249.75 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl2.gthr
7 21687972 / 21769373 317.97 MB free space not found C:\Users\Holly Chapman\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\110203172053574.rsc
4 21779281 / 21840211 238.01 MB free space not found C:\Windows\SoftwareDistribution\DataStore\DataStore.edb
63 22022124 / 22546817 2.00 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140113\150716.avi
39 22340840 / 22701270 1.37 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20130530\201340.avi
43 22943026 / 23044717 397.23 MB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140119\185408.avi
46 23469669 / 23767039 1.13 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140213\152446.avi
57 24372619 / 24859493 1.86 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20120212\202922.avi
54 25384685 / 25934671 2.10 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20121118\201650.avi
4 26232042 / 26273010 160.03 MB free space not found C:\ProgramData\AVG10\update\backup\incavi.avm
2 757301 / 766009 34.02 MB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
7 29101559 / 29183054 318.34 MB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140113\152804.avi
2 171384 / 171573 754.45 KB OK C:\ProgramData\AVG10\log\avgchjw.log
3 142538 / 142673 538.53 KB OK C:\ProgramData\AVG10\log\vault.log
9 109301 / 109415 450.82 KB OK C:\ProgramData\AVG10\log\avgcore.log
6 221070 / 221321 0.98 MB OK C:\ProgramData\AVG10\log\avgwd.log.1
2 92685 / 92749 254.05 KB OK C:\ProgramData\AVG10\log\avgwdsvc.log
3 194090 / 194298 781.31 KB OK C:\ProgramData\AVG10\log\avgwd.log
2 198061 / 198259 785.59 KB OK C:\ProgramData\Kodak\Inkjet Logging\Automation Log.html
3 178917 / 179109 767.17 KB OK C:\ProgramData\AVG10\log\avgchjwsrv.log
7 149583 / 149759 688.46 KB OK C:\ProgramData\AVG10\log\avgrs.log
2 351121 / 352433 4.06 MB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.ci
4 149121 / 149249 453.23 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl3.gthr
4 212996 / 213204 780.49 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl4.gthr
Hi Holsten87,
OK, that's what I needed to see. You have quite a few .avi files on your list. When you download large movie files they inevitably get some degree of fragmentation during the process. What I have done is highlighted some of the larger files. If you can either delete them if they are no longer needed or move them to an external hard drive that would help. If we can reduce some of these larger files and then re-run the defrag tool maybe we can get that number down significantly.
I have gone through and color coded some of the entries that should be addressed.
Green - not very large, but still should delete or more if possible
Red - these should definitely be addressed
Purple - these are system restore information that in not movable, but when we are done we can remove some of the old restore points which should correct this.
Hi OCD,
First run: 30%
Second run: 28%
Results:
118 297371 / 298219 7.35 MB OK C:\Windows\Prefetch\ReadyBoot\Trace8.fx
3 2928 / 2934 22.41 KB OK C:\ProgramData\AVG10\log\avgns.log
3 177392 / 177712 384.00 KB OK C:\Windows\System32\LogFiles\Scm\SCM.EVM
2 33739 / 33776 146.83 KB OK C:\Windows\SoftwareDistribution\ReportingEvents.log
2 39038 / 39134 384.00 KB OK C:\ProgramData\AVG10\scanlogs
4 93751 / 93841 359.14 KB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\jetpack\firefox@ghostery.com\simple-storage\store.json
11 33776 / 33826 198.43 KB OK C:\Users\Holly Chapman\AppData\Roaming\ioloGovernor\logs\iologvr.log
2 101565 / 101657 365.09 KB OK C:\ProgramData\AVG10\log\fixcfg.log
9 624160 / 628384 16.50 MB OK C:\Windows\System32\WDI\LogFiles\BootCKCL.etl
7 6249 / 6256 28.00 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows
3 130321 / 130508 744.37 KB OK C:\ProgramData\AVG10\log\avgtdi.log
16 176825 / 177065 912.58 KB OK C:\ProgramData\AVG10\log\avgsched.log
2 186775 / 187026 0.98 MB OK C:\ProgramData\AVG10\log\avgwd.log.2
2 190988 / 191351 1.41 MB OK C:\ProgramData\Kodak\Inkjet Logging\Kodak Statistics Log.html
4 224855 / 225199 1.33 MB OK C:\Windows\WindowsUpdate.log
2 349807 / 351121 5.13 MB OK C:\Windows\Logs\CBS\CBS.log
48 131092 / 131303 5.08 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08c471b6\Microsoft Windows Search Filter Host_1.kdmp
2 377311 / 379021 5.68 MB OK C:\ProgramData\AVG10\log\IDP\log\avgtray_idp_Holly Chapman.log
2 1809 / 1811 4.24 KB OK C:\Users\Holly Chapman\AppData\Local\Last.fm\Client\WinampPlugin.log
4 615175 / 617207 7.94 MB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\zotero\zotero.sqlite
3 628384 / 631531 12.29 MB OK C:\Windows\inf\setupapi.app.log
3 37311 / 37343 99.27 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl0.gthr
2 14176 / 14199 90.87 KB OK C:\ProgramData\AVG10\log\avgsrm.log
2 301297 / 302305 3.94 MB OK C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{4dfcdfe0-8ba5-4067-8293-e1dc42af8491}\ksnapshot.etl
15 1224487 / 1265471 160.09 MB free space not found C:\Windows\System32\drivers\AVG\incavi.avm
4 1474064 / 1531787 225.48 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E13.Arrival.Departure.720p.WEB-DL.x264.AAC.mp4
3 1555839 / 1609307 208.86 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E04.House.Call.720p.WEB-DL.x264.AAC.mp4
5 4789 / 4794 20.00 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
3 2253108 / 2301564 189.28 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E09.On.the.Carpet.720p.WEB-DL.x264.AAC.mp4
2 2348926 / 2411567 244.69 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E01.White.Elephant.720p.WEB-DL.x264.AAC.mp4
2 2416418 / 2469997 209.29 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E02.A.Kiss.While.Dying.720p.WEB-DL.x264.AAC.mp4
4 2735604 / 2810150 291.19 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E05.Southbound.and.Down.720p.WEB-DL.x264.AAC.mp4
3 2906883 / 2960055 207.70 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E07.Smugglers.Blues.720p.WEB-DL.x264.AAC.mp4
2 2943074 / 3022114 308.75 MB free space not found C:\Users\Holly Chapman\Videos\Veoh\WatchNow\3222f701637b46ac6fc8c3f04dd523983b2b7826
2 2988089 / 3036392 188.68 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E03.A.Debt.of.Honor.720p.WEB-DL.x264.AAC.mp4
2 1811 / 1813 8.00 KB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\safebrowsing
12 631531 / 634535 11.73 MB OK C:\ProgramData\AVG10\Chjw\5074966d74965616\avgcchmf.dat
46 149365 / 149554 3.80 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report08c471b6\Microsoft Windows Search Protocol Host_0.hdmp
27 5174230 / 5461103 1.09 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140213\152834.avi
4 5349588 / 5419819 274.34 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E08.The.Rules.of.Extraction.720p.WEB-DL.x264.AAC.mp4
86 7832101 / 8428497 2.28 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20121118\203401.avi
43 124615 / 124796 3.69 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0890c8ad\Microsoft Windows Search Protocol Host_0.hdmp
4 9396818 / 9452556 217.72 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E12.Filibuster.720p.WEB-DL.x264.AAC.mp4
6 106872 / 106973 403.59 KB OK C:\Users\Holly Chapman\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
3 10266052 / 10320841 214.02 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E06.Baby.Shower.720p.WEB-DL.x264.AAC.mp4
6 391555 / 392944 5.42 MB OK C:\ProgramData\AVG10\Chjw\5074966d74965616\avgcchff.dat
4 11898030 / 11954455 220.41 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E10.Palace.Intrigue.Part.1.720p.WEB-DL.x264.AAC.mp4
4 12041404 / 12099014 225.04 MB free space not found C:\Users\Holly Chapman\Desktop\Archer.2009.S05E01-13.720p.WEB-DL.x264.AAC\Archer.2009.S05E11.Palace.Intrigue.Part.2.720p.WEB-DL.x264.AAC.mp4
57 196904 / 197180 5.67 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report0890c8ad\Microsoft Windows Search Filter Host_1.kdmp
16 14707108 / 14780262 285.75 MB free space not found C:\Windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
13 15752723 / 15914994 633.87 MB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20120212\204239.avi
19 15952723 / 16196266 951.34 MB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140323\125335.avi
2 751437 / 757301 22.91 MB OK C:\Windows\System32\config\SM Registry Backup\04-07-2013 11.52.14\SYSTEM
10 17021298 / 17209392 734.74 MB free space not found C:\Users\Holly Chapman\Videos\vzqtaxqevvew.avi
74 18220600 / 18851427 2.41 GB unmovable file C:\System Volume Information\{087f93e5-0abe-11e4-bc19-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
12 18923476 / 19006836 325.63 MB unmovable file C:\System Volume Information\{a001cdbc-0c38-11e4-876b-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
30 18960776 / 19286859 1.24 GB unmovable file C:\System Volume Information\{0937db07-0b75-11e4-9518-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2 156240 / 156432 256.00 KB OK C:\Users\Holly Chapman\ntuser.dat.LOG1
71 20635904 / 21387416 2.87 GB unmovable file C:\System Volume Information\{a001cdd0-0c38-11e4-876b-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
125 21082428 / 22388025 4.98 GB unmovable file C:\System Volume Information\{c39349d9-0d06-11e4-83bd-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
3 138196 / 138333 545.54 KB OK C:\ProgramData\AVG10\log\commonpriv.log
4 189355 / 189597 965.78 KB OK C:\ProgramData\AVG10\log\avgui.log
2 270007 / 270666 2.57 MB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\adblockplus\elemhide.css
4 329613 / 330481 3.39 MB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\startupCache\startupCache.4.little
2 85945 / 86009 249.75 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl2.gthr
7 21687972 / 21769373 317.97 MB free space not found C:\Users\Holly Chapman\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\110203172053574.rsc
4 21779281 / 21840211 238.01 MB free space not found C:\Windows\SoftwareDistribution\DataStore\DataStore.edb
63 22022124 / 22546817 2.00 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140113\150716.avi
39 22340840 / 22701270 1.37 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20130530\201340.avi
43 22943026 / 23044717 397.23 MB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140119\185408.avi
46 23469669 / 23767039 1.13 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140213\152446.avi
57 24372619 / 24859493 1.86 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20120212\202922.avi
54 25384685 / 25934671 2.10 GB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20121118\201650.avi
4 26232042 / 26273010 160.03 MB free space not found C:\ProgramData\AVG10\update\backup\incavi.avm
2 757301 / 766009 34.02 MB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
7 29101559 / 29183054 318.34 MB free space not found C:\Users\Holly Chapman\Documents\Dell Webcam Center\Video Recording\20140113\152804.avi
2 171384 / 171573 754.45 KB OK C:\ProgramData\AVG10\log\avgchjw.log
3 142538 / 142673 538.53 KB OK C:\ProgramData\AVG10\log\vault.log
9 109301 / 109415 450.82 KB OK C:\ProgramData\AVG10\log\avgcore.log
6 221070 / 221321 0.98 MB OK C:\ProgramData\AVG10\log\avgwd.log.1
2 92685 / 92749 254.05 KB OK C:\ProgramData\AVG10\log\avgwdsvc.log
3 194090 / 194298 781.31 KB OK C:\ProgramData\AVG10\log\avgwd.log
2 198061 / 198259 785.59 KB OK C:\ProgramData\Kodak\Inkjet Logging\Automation Log.html
3 178917 / 179109 767.17 KB OK C:\ProgramData\AVG10\log\avgchjwsrv.log
7 149583 / 149759 688.46 KB OK C:\ProgramData\AVG10\log\avgrs.log
2 351121 / 352433 4.06 MB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\0001001C.ci
4 149121 / 149249 453.23 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl3.gthr
4 212996 / 213204 780.49 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl4.gthr
Make some adjustments, then reboot. Next run the defrag tool again and see what the new percent is.
Holsten87
2014-07-20, 14:27
Hi OCD,
Deleting/moving the files you suggested and running this defrag has to got the percentage way down. However, one of the files I deleted has caused problems with AVG (might just reinstall it rather than try fixing it). Here's the report:
Disk Size 136.43 GB
Free Space Size 83.05 GB
Clusters 35765246
Sectors per cluster 8
Bytes per sector 512
Defragmentation started 20/07/2014 12:49:09
Defragmentation completed 20/07/2014 12:59:24
Elapsed time 00:10:15
Total Files 135990
Total Directories 26801
Fragmented Files 122
Defragmented Files 122
Skipped Files 0
Fragmentation Before 2.29% ||
Fragmentation After 0.00%
Disk Defragmentation Details
Fragments Clusters Size Result File Name
2 1683 / 1685 8.00 KB OK C:\Users\Holly Chapman\AppData\Local\Temp
5 9190 / 9202 47.36 KB OK C:\ProgramData\AVG10\log\avgns.log
3 106459 / 106603 576.00 KB OK C:\Windows\System32\LogFiles\Scm\SCM.EVM.1
10 11356 / 11368 48.00 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles
100 226992 / 227705 6.25 MB OK C:\Windows\Prefetch\ReadyBoot\Trace9.fx
4 35794 / 35884 359.14 KB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\jetpack\firefox@ghostery.com\simple-storage\store.json
2 2338 / 2340 8.00 KB OK C:\Windows\erdnt\AutoBackup
3 9734 / 9744 39.34 KB OK C:\ProgramData\AVG10\IDS\config\md5Cache.dat
3 187329 / 187649 352.00 KB OK C:\Windows\System32\LogFiles\Scm\SCM.EVM
2 2400 / 2402 8.00 KB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\safebrowsing
2 17341 / 17365 93.62 KB OK C:\Windows\System32\catroot2\dberr.txt
3 93751 / 93887 544.00 KB OK C:\Windows\System32\LogFiles\Scm\SCM.EVM.5
2 2958 / 2962 12.11 KB OK C:\ProgramData\Auslogics\DiskDefrag\4.x\Reports\Disk_Defrag_Report.xslt
2 23836 / 23863 104.37 KB OK C:\ProgramData\AVG10\Cfg\mail.cfg
8 526044 / 528988 11.50 MB OK C:\Windows\System32\WDI\LogFiles\BootCKCL.etl
75 138196 / 138370 692.84 KB OK C:\Users\Holly Chapman\AppData\Roaming\ioloGovernor\logs\iologvr.log
2 26175 / 26213 151.65 KB OK C:\ProgramData\AVG10\Cfg\update.cfg
3 101657 / 101743 342.56 KB OK C:\ProgramData\AVG10\log\avgldr.log
2 2404 / 2406 7.04 KB OK C:\Users\Holly Chapman\AppData\Local\Last.fm\Client\WinampPlugin.log
57 200988 / 201431 3.53 MB OK C:\Windows\Prefetch\ReadyBoot\Trace10.fx
3 106872 / 106966 374.55 KB OK C:\ProgramData\AVG10\log\fixcfg.log
25 176792 / 177030 948.76 KB OK C:\ProgramData\AVG10\log\avgcore.log
3 171384 / 171573 755.91 KB OK C:\ProgramData\AVG10\log\avgtdi.log
12 185337 / 185585 0.97 MB OK C:\ProgramData\AVG10\log\avgrs.log
2 187649 / 187860 842.84 KB OK C:\ProgramData\AVG10\log\history.xml
4 189355 / 189606 0.98 MB OK C:\ProgramData\AVG10\log\avgchjwsrv.log.1
3 189884 / 190082 788.30 KB OK C:\ProgramData\Kodak\Inkjet Logging\Installer Log.log
3 224856 / 225222 1.43 MB OK C:\ProgramData\Kodak\Inkjet Logging\Kodak Statistics Log.html
22 145438 / 145582 1.36 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10802635\windowsupdate.log
20 112325 / 112415 1.25 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report137383cf\WER7BF3.tmp.mdmp
51 204519 / 204764 3.13 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10534bde\pending.xml.bad
2 349807 / 351520 5.69 MB OK C:\ProgramData\AVG10\log\IDP\log\avgtray_idp_Holly Chapman.log
21 119375 / 119468 1.25 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1057e2a1\WERD4BD.tmp.mdmp
7 7286 / 7293 28.00 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows
51 212964 / 213209 3.13 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10802635\pending.xml.bad
6 33739 / 33768 384.00 KB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report137383cf\SCM.EVM
6 37279 / 37308 384.00 KB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1057e2a1\SCM.EVM
19 113411 / 113500 1.25 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1486c66a\WERC236.tmp.mdmp
4 621988 / 624020 7.94 MB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\zotero\zotero.sqlite
2 624020 / 627168 12.30 MB OK C:\Windows\inf\setupapi.app.log
839 674136 / 677682 52.42 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10802635\cbs.persist.log
19 128563 / 128653 1.25 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10534bde\WER497E.tmp.mdmp
463 631531 / 634082 32.74 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1486c66a\WER5531.tmp.hdmp
51 216931 / 217176 3.13 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report13cf5984\pending.xml.bad
462 648586 / 651193 32.76 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report137383cf\WERDA19.tmp.hdmp
51 217187 / 217432 3.13 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1486c66a\pending.xml.bad
2 142538 / 142664 500.40 KB OK C:\ProgramData\AVG10\log\avgsrmac.log
91 227705 / 228084 5.66 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report137383cf\CBS.log
23 153024 / 153174 1.40 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report13cf5984\windowsupdate.log
6 30561 / 30587 352.00 KB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1486c66a\SCM.EVM
6 37312 / 37338 352.00 KB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10534bde\SCM.EVM
79 241088 / 241675 4.90 MB OK C:\Windows\Prefetch\ReadyBoot\Trace1.fx
2 2501 / 2503 8.00 KB OK C:\Users\Holly Chapman\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\B0LXA3TX
12 692825 / 695830 11.74 MB OK C:\ProgramData\AVG10\Chjw\5074966d74965616\avgcchmf.dat
6 391555 / 392943 5.42 MB OK C:\ProgramData\AVG10\Chjw\5074966d74965616\avgcchff.dat
2 225725 / 225982 1.00 MB OK C:\Windows\System32\winevt\Logs\Microsoft-Windows-Resource-Exhaustion-Resolver%4Operational.evtx
839 702792 / 706338 52.42 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1057e2a1\Cbs.persist.log
2 92685 / 92754 274.34 KB OK C:\ProgramData\AVG10\log\avgscan.log
164 261556 / 262243 10.20 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report13cf5984\CBS.log
2 146408 / 146545 544.43 KB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\cookies.sqlite-wal
2 329616 / 330509 3.49 MB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\Cache\3\B2\57D1Cd01
2 37338 / 37364 103.27 KB OK C:\ProgramData\AVG10\log\avguidraw.log
570 728650 / 731809 39.58 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10534bde\WERD799.tmp.hdmp
839 733600 / 737146 52.42 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1486c66a\Cbs.persist.log
91 230816 / 231196 5.67 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1057e2a1\CBS.log
164 271921 / 272607 10.20 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1486c66a\CBS.log
823 745364 / 748305 55.01 MB OK C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-28A6ACA8B6AC978A0F0B17A16728B0F0A47D632A.bin.VE0
164 281696 / 282383 10.20 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10534bde\CBS.log
593 766020 / 769355 40.88 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1057e2a1\WERAE19.tmp.hdmp
525 710435 / 712867 32.80 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10802635\setupapi.dev.log
91 245249 / 245630 5.68 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10802635\CBS.log
25 149121 / 149261 1.84 MB OK C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-28A6ACA8B6AC978A0F0B17A16728B0F0A47D632A.bin.VF
839 812019 / 815565 52.42 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report137383cf\Cbs.persist.log
51 225333 / 225578 3.13 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report1057e2a1\pending.xml.bad
51 226715 / 226960 3.13 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report137383cf\pending.xml.bad
525 748305 / 750737 32.80 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report13cf5984\setupapi.dev.log
118 270007 / 270659 7.50 MB OK C:\ProgramData\Microsoft\Windows Defender\Scans\mpcache-28A6ACA8B6AC978A0F0B17A16728B0F0A47D632A.bin.VE1
23 2942794 / 3020642 304.09 MB OK C:\Windows\winsxs\ManifestCache\6.0.6002.18005_001c11ba_blobs.bin
22 815565 / 819245 14.33 MB OK C:\Windows\Logs\CBS\CBS.log
12 94673 / 94747 293.42 KB OK C:\ProgramData\AVG10\log\avgchjw.log
22 239432 / 239683 0.98 MB OK C:\ProgramData\AVG10\log\avgwd.log.1
2 286785 / 287444 2.57 MB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\adblockplus\elemhide.css
3 98373 / 98438 256.22 KB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\places.sqlite-wal
74 18220600 / 18851427 2.41 GB unmovable file C:\System Volume Information\{087f93e5-0abe-11e4-bc19-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
213 18368924 / 19700126 5.08 GB unmovable file C:\System Volume Information\{56886fa6-0fe9-11e4-b0a3-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
12 18923476 / 19006836 325.63 MB unmovable file C:\System Volume Information\{a001cdbc-0c38-11e4-876b-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
30 18960776 / 19286859 1.24 GB unmovable file C:\System Volume Information\{0937db07-0b75-11e4-9518-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
31 20385680 / 20518980 520.70 MB unmovable file C:\System Volume Information\{4b64b180-0e9a-11e4-9bb9-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
71 20635904 / 21387416 2.87 GB unmovable file C:\System Volume Information\{a001cdd0-0c38-11e4-876b-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
2 4680 / 4684 15.21 KB OK C:\ProgramData\AVG10\log\avgcfgex.log
117 21082428 / 22303824 4.66 GB unmovable file C:\System Volume Information\{c39349d9-0d06-11e4-83bd-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
3 156304 / 156457 609.30 KB OK C:\ProgramData\AVG10\log\avglng.log
19 245701 / 245952 0.98 MB OK C:\ProgramData\AVG10\log\avgchjw.log.1
7 17543717 / 17625118 317.97 MB OK C:\Users\Holly Chapman\AppData\Roaming\AVG\Rescue\PC Tuneup 2011\110203172053574.rsc
4 32301912 / 32362842 238.01 MB OK C:\Windows\SoftwareDistribution\DataStore\DataStore.edb
32 22123824 / 22239264 450.94 MB unmovable file C:\System Volume Information\{4b64b18d-0e9a-11e4-9bb9-001d09bb19f9}{3808876b-c176-4e48-b7ae-04046e6cc752}
40 165789 / 165953 647.08 KB OK C:\ProgramData\AVG10\log\avgsched.log
2 7103 / 7108 17.14 KB OK C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\localstore.rdf
5 163698 / 163839 561.88 KB OK C:\ProgramData\AVG10\log\vault.log
4 226090 / 226316 894.14 KB OK C:\ProgramData\Kodak\Inkjet Logging\Automation Log.html
3 246520 / 246826 1.19 MB OK C:\ProgramData\AVG10\log\avgcsl.log
11 249519 / 249770 0.98 MB OK C:\ProgramData\AVG10\log\avgwd.log.2
2 37962 / 37997 136.00 KB OK C:\Windows\Logs\DPX\setuperr.log
2 965104 / 982004 66.02 MB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Windows.edb
8 819245 / 821565 9.04 MB OK C:\ProgramData\AVG10\log\avgupd.log
2 250588 / 250839 0.98 MB OK C:\ProgramData\AVG10\log\avgwd.log.3
839 821565 / 825111 52.42 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report13cf5984\cbs.persist.log
3 38586 / 38626 156.68 KB OK C:\Windows\SoftwareDistribution\ReportingEvents.log
13 38655 / 38684 114.64 KB OK C:\ProgramData\AVG10\log\avgui.log
3 99203 / 99275 287.18 KB OK C:\ProgramData\AVG10\log\avgwdsvc.log
2 351520 / 352496 3.81 MB OK C:\Windows\System32\WDI\{a7a5847a-7511-4e4e-90b1-45ad2a002f51}\{d3e18a52-0f3e-4c13-bc6f-a16bcc83fe95}\ksnapshot.etl
6 46182 / 46233 202.54 KB OK C:\ProgramData\AVG10\log\avgchjwsrv.log
839 826824 / 830370 52.42 MB OK C:\ProgramData\Microsoft\Windows\WER\ReportQueue\Report10534bde\Cbs.persist.log
4 250839 / 251170 1.29 MB OK C:\ProgramData\Kodak\Inkjet Logging\Software Updater Log.log
3 255056 / 255422 1.42 MB OK C:\Windows\WindowsUpdate.log
3 251973 / 252224 0.98 MB OK C:\ProgramData\AVG10\log\avgui.log.1
6 38851 / 38887 143.13 KB OK C:\ProgramData\AVG10\log\avgsrm.log
23 832273 / 834689 9.39 MB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\Indexer\CiFiles\00010002.ci
2 84662 / 84712 199.10 KB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\safebrowsing\goog-badbinurl-shavar.sbstore
3 100043 / 100120 304.80 KB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\safebrowsing\goog-malware-shavar.sbstore
3 262243 / 262544 1.17 MB OK C:\Users\Holly Chapman\AppData\Local\Mozilla\Firefox\Profiles\7lqvfta1.default\safebrowsing\goog-phish-shavar.sbstore
5 270986 / 271395 1.60 MB OK C:\Users\Holly Chapman\AppData\Roaming\Winamp\winamp.m3u8
16 198061 / 198255 773.62 KB OK C:\ProgramData\AVG10\log\avgcfg.log
3 16925 / 16941 55.99 KB OK C:\ProgramData\AVG10\log\avgwd.log
3 133976 / 134077 403.59 KB OK C:\Users\Holly Chapman\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
5 136753 / 136849 351.79 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl8.gthr
8 178736 / 178912 674.29 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Crwl9.gthr
3 387875 / 389160 4.92 MB OK C:\ProgramData\AVG10\update\download\u10iavi7386kv.bin.partial
2 8926 / 8932 22.93 KB OK C:\ProgramData\Auslogics\DiskDefrag\4.x\Reports\Disk_Defrag_Report.xml
5 272744 / 273090 363.14 KB OK C:\ProgramData\Microsoft\Search\Data\Applications\Windows\Projects\SystemIndex\SystemIndex.Ntfy2.gthr
Holsten87
2014-07-20, 14:42
Fixed the AVG issue by updating- seems to be in full working order again.
Hi Holsten87,
Go here and download Vista SP2 >> http://www.microsoft.com/en-us/download/details.aspx?id=16468
Reboot when you have finished downloading and have SP2 installed.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Security Check
Re-run Security Check by screen317.
Right click SecurityCheck.exe, select "Run as Administrator" and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================
In your next post please provide the following:
checkup.txt
FRST.txt
Holsten87
2014-07-20, 18:02
Hi OCD,
The SP2 installation is still no successful. The error message is:
Class not registered. Error: REGDB_E_CLASSNOTREG(0x80040154)
Should I go ahead with the other installations you suggested anyway?
Hi Holsten87,
Should I go ahead with the other installations you suggested anyway?
Not yet. It is important that we try and get the SP2 update installed before we proceed.
First we will need to perform a "Clean Boot". Go here http://support.microsoft.com/kb/929135 for step by step instructions on how to do this.
Scroll down the page until you see an option similar to the image below - How to Perform a Clean Boot, click the "+" to expand the menu.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/VistaHowtoPerformaCleanBoot_zpsf28f5250.gif (http://s1269.photobucket.com/user/OCD-WTT/media/VistaHowtoPerformaCleanBoot_zpsf28f5250.gif.html)
Read the Notes, then locate the Windows 7 and Windows Vista option and click the "+" to expand the menu.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/VistaandWindows7menu_zps0baff58c.gif (http://s1269.photobucket.com/user/OCD-WTT/media/VistaandWindows7menu_zps0baff58c.gif.html)
Next follow the instructions as outlined in steps 1 through 5. Then locate the "+" next to What is next when I have a clean boot environment.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/VistaWhattodowithaCleanBoot_zps8d5686ed.gif (http://s1269.photobucket.com/user/OCD-WTT/media/VistaWhattodowithaCleanBoot_zps8d5686ed.gif.html)
Now attempt to install the Windows Vista SP2 your previously downloaded. After you have installed SP2 locate the "+" next to "How to reset the computer to start normally after clean boot troubleshooting"
http://i1269.photobucket.com/albums/jj590/OCD-WTT/VistaStartNormallyAfterCleanBoot_zpse7f1063e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/VistaStartNormallyAfterCleanBoot_zpse7f1063e.gif.html)
If you were able to get SP2, then complete the steps outlined in my previous post. If you weren't able to install SP2 let me know.
Holsten87
2014-07-22, 19:10
Hi OCD,
This didn't work unfortunately- came up with the same error message as before.
Hi Holsten87,
OK, please run these scans and we'll continue with the malware removal.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Security Check
Re-run Security Check by screen317.
Right click SecurityCheck.exe, select "Run as Administrator" and follow the onscreen instructions inside of the black box. A Notepad document should open automatically called checkup.txt; please post the contents of that document.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================
In your next post please provide the following:
checkup.txt
FRST.txt
Holsten87
2014-07-23, 23:21
Hi OCD,
Here's the Security check:
Results of screen317's Security Check version 0.99.86
Windows Vista Service Pack 1 x86 (UAC is disabled!)
Out of date service pack!! (http://support.microsoft.com/kb/935791)
Internet Explorer 7 Out of date!
``````````````Antivirus/Firewall Check:``````````````
Windows Firewall Enabled!
WMI entry may not exist for antivirus; attempting automatic update.
`````````Anti-malware/Other Utilities Check:`````````
Out of date HijackThis installed!
HijackThis 2.0.2
AVG PC Tuneup 2011
Java 7 Update 45
Java(TM) SE Runtime Environment 6
Java version out of Date!
Adobe Flash Player 14.0.0.145
Adobe Reader 8 Adobe Reader out of Date!
Mozilla Firefox 18.0 Firefox out of Date!
````````Process Check: objlist.exe by Laurent````````
`````````````````System Health check`````````````````
Total Fragmentation on Drive C: 5 % Defragment your hard drive soon! (Do NOT defrag if SSD!)
````````````````````End of Log``````````````````````
And here's the Farbar scan:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:23-07-2014 01
Ran by Holly Chapman (administrator) on THE-BEAST on 23-07-2014 22:16:17
Running from C:\Users\Holly Chapman\Downloads
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgnsx.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgchsvx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgrsx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe
(Uniblue Systems Limited) C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(iolo technologies, LLC) C:\Program Files\iolo\System Mechanic\ioloGovernor.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Spigot, Inc.) C:\Users\Holly Chapman\AppData\Roaming\Search Protection\SearchProtection.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
() C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Nullsoft, Inc.) C:\Program Files\Winamp\winamp.exe
==================== Registry (Whitelisted) ==================
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [DriverScanner] => C:\Program Files\Uniblue\DriverScanner\launcher.exe [338296 2011-05-16] (Uniblue Systems Limited)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [VeohPlugin] => C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe [3558136 2009-02-24] (Veoh Networks)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [uTorrent] => C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe [1329744 2014-07-21] (BitTorrent Inc.)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [SearchProtection] => C:\Users\Holly Chapman\AppData\Roaming\Search Protection\SearchProtection.EXE [873832 2014-07-17] (Spigot, Inc.)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [RunStartupScriptSync] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideStartupScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {1e30d2f0-96c3-11dd-83db-001e4cdc4ef0} - F:\setupSNK.exe
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {bea08218-13f7-11df-a7dd-001e4cdc4ef0} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {c03f2a25-14b1-11df-bab4-001e4cdc4ef0} - wd_windows_tools\setup.exe
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {cbf9d7f6-b1bb-11dd-9902-001e4cdc4ef0} - F:\setupSNK.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
BootExecute:
==================== Internet (Whitelisted) ====================
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://uk.search.yahoo.com/?type=282369&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - DefaultScope {FD36FFE4-BFE5-485E-8954-BF293DDC790E} URL = https://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
SearchScopes: HKCU - {105E99FF-8B9A-4492-B155-06194B9056D2} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - {C0197584-7E91-4454-8177-07E01E8098A6} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4d4acdad&v=6.11.25.1&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
SearchScopes: HKCU - {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKCU - {E72EEF90-4393-4B8E-9DCF-9FDFDB659A30} URL = http://internetsearchservice.com/search?q={searchTerms}
SearchScopes: HKCU - {FD36FFE4-BFE5-485E-8954-BF293DDC790E} URL = https://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: AVG Safe Search -> {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} -> C:\Program Files\AVG\AVG10\avgssie.dll (AVG Technologies CZ, s.r.o.)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} -> No File
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO: No Name -> {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - No File
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MBAEA6744-D857-4CE3-8A2A-712EF60CAE3F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP7D9A60B4-EE90-48AB-ABC1-F7FAB62519F6
FF SearchEngineOrder.1: Search the web (Softonic)
FF Homepage: google.co.uk
FF Keyword.URL: https://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=282369&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @veoh.com/VeohTVPlugin - C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF Plugin: @veoh.com/VeohWebPlayer - C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF user.js: detected! => C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\user.js
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnu.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npdnupdater2.dll (AOL LLC)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\searchplugins\softonic.xml
FF SearchPlugin: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\searchplugins\yahoo_ff.xml
FF Extension: No Name - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2011-08-15]
FF Extension: No Name - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-07-21]
FF Extension: 2YourFace - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\support@2yourface.com [2011-08-15]
FF Extension: vis - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM [2014-01-15]
FF Extension: Zotero Word for Windows Integration - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\zoteroWinWordIntegration@zotero.org [2014-04-30]
FF Extension: Ghostery - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\firefox@ghostery.com.xpi [2013-08-18]
FF Extension: MEGA - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\firefox@mega.co.nz.xpi [2013-12-29]
FF Extension: Zotero - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-08-12]
FF Extension: Adblock Plus - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-06]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\sotfone-tracker@sotfone.ru [2013-11-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG10\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG10\Firefox4 [2011-07-07]
FF HKLM\...\Firefox\Extensions: [crossriderapp435@crossrider.com] - C:\ProgramData\CodecCheck\firefox
FF Extension: Premiumplay Codec-C - C:\ProgramData\CodecCheck\firefox [2011-08-15]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-04]
FF HKCU\...\Firefox\Extensions: [web@veoh.com] - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder
FF Extension: Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2008-11-26]
FF HKCU\...\Firefox\Extensions: [offerboxffx@offerbox.com] - C:\Users\Holly Chapman\AppData\Roaming\OfferBox\offerboxffx@offerbox.com
FF Extension: OfferBox - C:\Users\Holly Chapman\AppData\Roaming\OfferBox\offerboxffx@offerbox.com [2010-06-28]
Chrome:
=======
CHR HomePage: hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085
CHR RestoreOnStartup: "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085"
CHR StartupUrls: "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=48&cc=&mi=74965616000000000000001cbf915686&toi=16085"
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: http://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=74965616000000000000001cbf915686&toi=16085
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab [2014-01-15]
CHR Extension: (AVG Safe Search) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2011-07-10]
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho [2012-03-24]
CHR Extension: (No Name) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-24]
CHR HKLM\...\Chrome\Extension: [jmfkcklnlgedgbglfkkgedjfmejoahla] - C:\Program Files\AVG\AVG10\Chrome\safesearch.crx [2011-09-09]
CHR HKLM\...\Chrome\Extension: [jpnbdefcbnoefmmcpelplabbkfmfhlho] - C:\ProgramData\CodecCheck\chrome\codec_check.crx [2011-08-15]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
========================== Services (Whitelisted) =================
R2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395200 2012-10-19] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [779200 2012-10-15] (Eastman Kodak Company)
S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-11-05] (Sonic Solutions) [File not signed]
S2 RoxWatch9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-11-05] (Sonic Solutions) [File not signed]
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies S.A.)
S4 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [28624 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [255968 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-05] (AVG Technologies CZ, s.r.o.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-03-18] (EldoS Corporation)
R3 OXSDIDRV_x32; C:\Windows\System32\DRIVERS\OXSDIDRV_x32.sys [52656 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X32.sys [24880 2010-05-25] ()
R2 PDFsFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-03-18] (Raxco Software, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 uafilter; System32\DRIVERS\uafilter.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
==================== NetSvcs (Whitelisted) ===================
==================== One Month Created Files and Folders ========
2014-07-23 22:16 - 2014-07-23 22:16 - 00023551 _____ () C:\Users\Holly Chapman\Downloads\FRST.txt
2014-07-23 22:14 - 2014-07-23 22:14 - 01082368 _____ (Farbar) C:\Users\Holly Chapman\Downloads\FRST.exe
2014-07-22 21:17 - 2014-07-22 21:17 - 00854390 _____ () C:\Users\Holly Chapman\Downloads\SecurityCheck.exe
2014-07-22 17:39 - 2014-07-22 18:00 - 00000000 ____D () C:\Windows\pss
2014-07-21 18:14 - 2014-07-21 18:14 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\Search Protection
2014-07-20 16:32 - 2014-07-20 16:38 - 365230920 _____ (Microsoft Corporation) C:\Users\Holly Chapman\Downloads\Windows6.0-KB948465-X86.exe
2014-07-15 17:21 - 2014-07-15 17:21 - 00000000 ____D () C:\ProgramData\Auslogics
2014-07-15 17:20 - 2014-07-15 17:20 - 00000924 _____ () C:\Users\Holly Chapman\Desktop\Auslogics DiskDefrag.lnk
2014-07-15 17:20 - 2014-07-15 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-15 17:20 - 2014-07-15 17:20 - 00000000 ____D () C:\Program Files\Auslogics
2014-07-06 10:38 - 2014-07-06 10:38 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-THE-BEAST--(32-bit).dat
2014-07-06 10:36 - 2014-07-06 10:36 - 00000000 ____D () C:\RegBackup
2014-07-06 10:34 - 2014-07-12 13:15 - 00001914 _____ () C:\Users\Holly Chapman\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-07-06 10:34 - 2014-07-06 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-06 10:33 - 2014-07-06 10:33 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-06-28 20:39 - 2014-06-28 20:43 - 00000000 ____D () C:\b8b2c6ec9b2f9a90d7
2014-06-27 19:50 - 2014-07-23 22:17 - 00000000 ____D () C:\FRST
2014-06-26 17:58 - 2014-06-26 17:58 - 00000676 _____ () C:\Users\Holly Chapman\Desktop\ERUNT.lnk
2014-06-26 17:58 - 2014-06-26 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
==================== One Month Modified Files and Folders =======
2014-07-23 22:19 - 2014-07-23 22:16 - 00023551 _____ () C:\Users\Holly Chapman\Downloads\FRST.txt
2014-07-23 22:17 - 2014-06-27 19:50 - 00000000 ____D () C:\FRST
2014-07-23 22:14 - 2014-07-23 22:14 - 01082368 _____ (Farbar) C:\Users\Holly Chapman\Downloads\FRST.exe
2014-07-23 21:39 - 2008-01-16 23:18 - 01712956 _____ () C:\Windows\WindowsUpdate.log
2014-07-23 21:38 - 2013-08-04 19:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\uTorrent
2014-07-23 21:36 - 2011-10-24 20:57 - 00000344 _____ () C:\Windows\Tasks\DriverScanner.job
2014-07-23 21:35 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-23 21:35 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-23 21:34 - 2013-01-16 18:12 - 00000000 ____D () C:\ProgramData\Kodak
2014-07-23 21:33 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-23 21:33 - 2006-11-02 13:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-07-23 18:17 - 2008-01-16 23:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-23 18:17 - 2006-11-02 14:01 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-23 17:28 - 2012-04-30 19:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-23 16:58 - 2012-04-26 19:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-23 16:58 - 2008-01-16 23:54 - 00142876 _____ () C:\Windows\PFRO.log
2014-07-22 22:36 - 2013-11-07 11:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-22 21:17 - 2014-07-22 21:17 - 00854390 _____ () C:\Users\Holly Chapman\Downloads\SecurityCheck.exe
2014-07-22 18:00 - 2014-07-22 17:39 - 00000000 ____D () C:\Windows\pss
2014-07-22 17:11 - 2011-02-03 16:40 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-07-21 18:14 - 2014-07-21 18:14 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\Search Protection
2014-07-21 18:13 - 2013-09-05 14:21 - 00000788 _____ () C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-07-20 20:58 - 2009-03-16 21:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\vlc
2014-07-20 17:53 - 2010-12-04 12:27 - 00000490 ____H () C:\Windows\Tasks\Norton Security Scan for Holly Chapman.job
2014-07-20 16:38 - 2014-07-20 16:32 - 365230920 _____ (Microsoft Corporation) C:\Users\Holly Chapman\Downloads\Windows6.0-KB948465-X86.exe
2014-07-20 16:33 - 2013-10-26 18:06 - 00000000 ____D () C:\Users\Holly Chapman\Desktop\Philosophy
2014-07-15 17:21 - 2014-07-15 17:21 - 00000000 ____D () C:\ProgramData\Auslogics
2014-07-15 17:20 - 2014-07-15 17:20 - 00000924 _____ () C:\Users\Holly Chapman\Desktop\Auslogics DiskDefrag.lnk
2014-07-15 17:20 - 2014-07-15 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-15 17:20 - 2014-07-15 17:20 - 00000000 ____D () C:\Program Files\Auslogics
2014-07-14 19:52 - 2014-04-24 15:22 - 00000000 ____D () C:\Program Files\MyPC Backup
2014-07-12 14:09 - 2011-01-07 14:02 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-12 13:15 - 2014-07-06 10:34 - 00001914 _____ () C:\Users\Holly Chapman\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-07-10 16:31 - 2012-04-30 19:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-10 16:31 - 2011-12-13 19:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-10 16:05 - 2008-01-21 12:40 - 00000000 ____D () C:\Program Files\Windows Live
2014-07-07 19:31 - 2006-11-02 11:23 - 00000240 _____ () C:\Windows\win.ini
2014-07-07 19:28 - 2013-02-18 21:07 - 00000000 ___RD () C:\Program Files\Skype
2014-07-07 19:28 - 2013-02-18 21:07 - 00000000 ____D () C:\ProgramData\Skype
2014-07-07 19:23 - 2006-11-02 13:42 - 00000000 ____D () C:\Windows\WindowsMobile
2014-07-06 18:59 - 2011-06-29 19:30 - 00000000 ____D () C:\a29765fcbd92a1918a2ed2
2014-07-06 12:44 - 2008-01-21 12:32 - 00085416 _____ () C:\Users\Holly Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-06 11:17 - 2006-11-02 13:47 - 00332584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-06 11:08 - 2006-11-02 11:33 - 00707392 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-06 10:38 - 2014-07-06 10:38 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-THE-BEAST--(32-bit).dat
2014-07-06 10:36 - 2014-07-06 10:36 - 00000000 ____D () C:\RegBackup
2014-07-06 10:34 - 2014-07-06 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-06 10:33 - 2014-07-06 10:33 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-06-28 20:43 - 2014-06-28 20:39 - 00000000 ____D () C:\b8b2c6ec9b2f9a90d7
2014-06-26 17:59 - 2008-07-05 18:40 - 00000000 ____D () C:\Windows\erdnt
2014-06-26 17:58 - 2014-06-26 17:58 - 00000676 _____ () C:\Users\Holly Chapman\Desktop\ERUNT.lnk
2014-06-26 17:58 - 2014-06-26 17:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ERUNT
2014-06-26 17:58 - 2011-01-02 20:45 - 00000000 ____D () C:\Program Files\ERUNT
2014-06-24 17:24 - 2008-03-11 17:04 - 00006540 _____ () C:\Users\Holly Chapman\AppData\Local\d3d9caps.dat
==================== Bamital & volsnap Check =================
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-23 21:38
==================== End Of Log ============================
Hi Holsten87,
You have a possible Rootkit infection on your computer. Please read through the instructions to familiarize yourself with the steps before you start. If you are more comfortable you can print them out for reference as you work though the steps.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) TDSSKiller
Please download TDSSKiller.zip (http://support.kaspersky.com/downloads/utils/tdsskiller.zip) - Extract it to your desktop
TDSSKiller.exe
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
After program loads, click on Change parameters.
Put a check-mark beside Loaded modules.
http://img802.imageshack.us/img802/859/2012081514h0118.png
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
http://img.photobucket.com/albums/v257/MrChalee/clip.jpg
Press Start Scan
http://img202.imageshack.us/img202/1699/19695967.jpg
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue
http://img716.imageshack.us/img716/7638/67776163.jpg
Any entries like this: \Device\Harddisk0\DR0 ( TDSS File System ) - please choose Skip.
If in doubt about an entry....please ask or choose Skip
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
IMPORTANT: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
Copy and paste the log in your next reply
A copy of the log will be saved automatically to the root of the drive (typically C:\) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt.
=========================
In your next post please provide the following:
TDSSKiller log
Holsten87
2014-07-24, 20:17
Hi OCD,
No threats were detected. Here's the report:
19:05:42.0554 0x0a40 TDSS rootkit removing tool 3.0.0.40 Jul 10 2014 12:37:58
19:05:44.0567 0x0a40 ============================================================
19:05:44.0567 0x0a40 Current date / time: 2014/07/24 19:05:44.0567
19:05:44.0567 0x0a40 SystemInfo:
19:05:44.0567 0x0a40
19:05:44.0567 0x0a40 OS Version: 6.0.6001 ServicePack: 1.0
19:05:44.0567 0x0a40 Product type: Workstation
19:05:44.0567 0x0a40 ComputerName: THE-BEAST
19:05:44.0567 0x0a40 UserName: Holly Chapman
19:05:44.0567 0x0a40 Windows directory: C:\Windows
19:05:44.0567 0x0a40 System windows directory: C:\Windows
19:05:44.0567 0x0a40 Processor architecture: Intel x86
19:05:44.0567 0x0a40 Number of processors: 2
19:05:44.0567 0x0a40 Page size: 0x1000
19:05:44.0567 0x0a40 Boot type: Normal boot
19:05:44.0567 0x0a40 ============================================================
19:05:44.0567 0x0a40 BG loaded
19:05:45.0409 0x0a40 System UUID: {86624D06-03CC-FC3B-4764-BB75D07C2ADA}
19:05:49.0701 0x0a40 Drive \Device\Harddisk0\DR0 - Size: 0x25433D6000 ( 149.05 Gb ), SectorSize: 0x200, Cylinders: 0x4C01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
19:05:49.0701 0x0a40 ============================================================
19:05:49.0701 0x0a40 \Device\Harddisk0\DR0:
19:05:49.0747 0x0a40 MBR partitions:
19:05:49.0747 0x0a40 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x3B000, BlocksNum 0x1400000
19:05:49.0747 0x0a40 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x143B000, BlocksNum 0x110DE000
19:05:49.0810 0x0a40 ============================================================
19:05:50.0216 0x0a40 C: <-> \Device\Harddisk0\DR0\Partition2
19:05:50.0450 0x0a40 D: <-> \Device\Harddisk0\DR0\Partition1
19:05:50.0450 0x0a40 ============================================================
19:05:50.0450 0x0a40 Initialize success
19:05:50.0450 0x0a40 ============================================================
19:12:24.0451 0x0fcc ============================================================
19:12:24.0451 0x0fcc Scan started
19:12:24.0451 0x0fcc Mode: Manual; SigCheck; TDLFS;
19:12:24.0451 0x0fcc ============================================================
19:12:24.0451 0x0fcc KSN ping started
19:12:24.0622 0x0fcc KSN ping finished: true
19:12:25.0980 0x0fcc ================ Scan system memory ========================
19:12:25.0980 0x0fcc System memory - ok
19:12:25.0980 0x0fcc ================ Scan services =============================
19:12:26.0963 0x0fcc [ FCB8C7210F0135E24C6580F7F649C73C, 7E5E3D0B4F4BD418E6CC551850C672E1AF347CBB2E665B6F72638786CE5079C5 ] ACPI C:\Windows\system32\drivers\acpi.sys
19:12:27.0197 0x0fcc ACPI - ok
19:12:27.0369 0x0fcc [ A6B6AB9502B63F43A9A56AE6AFB22078, DD1F0BA3D8F3333F52A71EAE3719A001F6EF844D647FFABF0E4C56C6C764ACA7 ] AdobeFlashPlayerUpdateSvc C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
19:12:27.0416 0x0fcc AdobeFlashPlayerUpdateSvc - ok
19:12:27.0650 0x0fcc [ 2EDC5BBAC6C651ECE337BDE8ED97C9FB, 0342700760874683A6DF4F149DACACEF0569D40C45FC5958C67100B3C5D9BBBC ] adp94xx C:\Windows\system32\drivers\adp94xx.sys
19:12:27.0728 0x0fcc adp94xx - ok
19:12:27.0759 0x0fcc [ B84088CA3CDCA97DA44A984C6CE1CCAD, 87009809FB101BF51483FA32318CBCD209386582880C82417BE4FFAD1B04C8C1 ] adpahci C:\Windows\system32\drivers\adpahci.sys
19:12:27.0790 0x0fcc adpahci - ok
19:12:27.0790 0x0fcc [ 7880C67BCCC27C86FD05AA2AFB5EA469, C8B06E203EEA6EAD19651F212432005ABADFF21E2AA5699E34040527394F2677 ] adpu160m C:\Windows\system32\drivers\adpu160m.sys
19:12:27.0806 0x0fcc adpu160m - ok
19:12:27.0899 0x0fcc [ 9AE713F8E30EFC2ABCCD84904333DF4D, B0C7801AC6E0811C38F0474703F34283914C8873D851F59EE232834F7C0D8087 ] adpu320 C:\Windows\system32\drivers\adpu320.sys
19:12:27.0962 0x0fcc adpu320 - ok
19:12:28.0040 0x0fcc [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
19:12:28.0102 0x0fcc AeLookupSvc - ok
19:12:28.0149 0x0fcc [ EF1142512BEC12F1C2C87735DA1755BE, 236EFD8FBA717123E0CF5A136ACEBB80A2BE1FA4B1A9A2C74728BC4EB4E787D8 ] AESTFilters C:\Windows\system32\aestsrv.exe
19:12:28.0258 0x0fcc AESTFilters - ok
19:12:28.0305 0x0fcc [ 48EB99503533C27AC6135648E5474457, 344A83008F41AAC3CDFC52EFC4F2EFF441971C58182597D2FBED315B3FC62137 ] AFD C:\Windows\system32\drivers\afd.sys
19:12:28.0367 0x0fcc AFD - ok
19:12:28.0446 0x0fcc [ 8B10CE1C1F9F1D47E4DEB1A547A00CD4, 2E89838BD068314F4BE59753486E5D666FE2A3DD0A616E00EED4E0F83DB87401 ] agp440 C:\Windows\system32\drivers\agp440.sys
19:12:28.0446 0x0fcc agp440 - ok
19:12:28.0508 0x0fcc [ AE1FDF7BF7BB6C6A70F67699D880592A, B831BF156FC49287A19FC149383D437B1034EA6F42CE9D761EB90ABD0F8D96B1 ] aic78xx C:\Windows\system32\drivers\djsvs.sys
19:12:28.0555 0x0fcc aic78xx - ok
19:12:28.0602 0x0fcc [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] ALG C:\Windows\System32\alg.exe
19:12:28.0648 0x0fcc ALG - ok
19:12:28.0648 0x0fcc [ DC67A153FDB8105B25D05334B5E1D8E2, 95CD9ABE73EC1E5111F5D599FE16EB1B3A6A87B7FC54922254769032CD2BEF0E ] aliide C:\Windows\system32\drivers\aliide.sys
19:12:28.0664 0x0fcc aliide - ok
19:12:28.0680 0x0fcc [ 848F27E5B27C1C253F6CEFDC1A5D8F21, 0FE955D82CE68A1FC5DCA33626179005B90803821005A370EB36352817433089 ] amdagp C:\Windows\system32\drivers\amdagp.sys
19:12:28.0680 0x0fcc amdagp - ok
19:12:28.0695 0x0fcc [ 835C4C3355088298A5EBD818FA31430F, 947E587F016AD3B2B4606334E03372F34D806ED1AFF4860E7EA2E289D70FB79E ] amdide C:\Windows\system32\drivers\amdide.sys
19:12:28.0711 0x0fcc amdide - ok
19:12:28.0726 0x0fcc [ DC487885BCEF9F28EECE6FAC0E5DDFC5, 24A62F6E628AD46273BC226F7BC3453A9C7B76F81ABB9FB801EBEFADB2AB7C9B ] AmdK7 C:\Windows\system32\drivers\amdk7.sys
19:12:28.0929 0x0fcc AmdK7 - ok
19:12:28.0945 0x0fcc [ 0CA0071DA4315B00FC1328CA86B425DA, 4F816FA2197166A83A266084F9D5ED68876D0521D378F90F1314DD53C6FB8814 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys
19:12:29.0023 0x0fcc AmdK8 - ok
19:12:29.0070 0x0fcc [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] Appinfo C:\Windows\System32\appinfo.dll
19:12:29.0117 0x0fcc Appinfo - ok
19:12:29.0148 0x0fcc [ 5F673180268BB1FDB69C99B6619FE379, C4307A861163F96648109046A6C7D53AB1C9B10D0B841DD1A7D147D22F462649 ] arc C:\Windows\system32\drivers\arc.sys
19:12:29.0163 0x0fcc arc - ok
19:12:29.0210 0x0fcc [ 957F7540B5E7F602E44648C7DE5A1C05, F03C7708A6C9D2579ECE5A7413AFA068E1067D7191EC653A78BA4FEDE76CFBD8 ] arcsas C:\Windows\system32\drivers\arcsas.sys
19:12:29.0257 0x0fcc arcsas - ok
19:12:29.0319 0x0fcc [ 53B202ABEE6455406254444303E87BE1, 4C91CA8DD345FEDD74A6AF2C07580717703F979B7DE2532B1D00B9F6896DDE70 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
19:12:29.0366 0x0fcc AsyncMac - ok
19:12:29.0397 0x0fcc [ 2D9C903DC76A66813D350A562DE40ED9, 82609F01A08C6842E4C17C077BB641C1429C0E6657964B7F2D114035E1BDCBF3 ] atapi C:\Windows\system32\drivers\atapi.sys
19:12:29.0413 0x0fcc atapi - ok
19:12:29.0475 0x0fcc [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
19:12:29.0538 0x0fcc AudioEndpointBuilder - ok
19:12:29.0553 0x0fcc [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] Audiosrv C:\Windows\System32\Audiosrv.dll
19:12:29.0585 0x0fcc Audiosrv - ok
19:12:31.0957 0x0fcc [ 7A0F6A3E0E41425B9BA54616B482668A, 096BE4C9D44CD8BB63E3415DF70035C63B43B43E191C7311DCA05532C0DDF840 ] AVGIDSAgent C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
19:12:32.0471 0x0fcc AVGIDSAgent - ok
19:12:32.0549 0x0fcc [ 1C8D965BBCAA9EE5DEFDB54743437086, 6B431CA9B20D0E066B71A8CA4430D74C0EA72FF0CB12F0D3A5F4E6A065244A37 ] AVGIDSDriver C:\Windows\system32\DRIVERS\AVGIDSDriver.Sys
19:12:32.0815 0x0fcc AVGIDSDriver - ok
19:12:32.0877 0x0fcc [ C59C9BC3F0612BD207CCDC5D8CB9CE39, FA3B991BA47E15C7EBD7D7B9BC28FF976F0EA3A49C68F954FF47BBB8D9EF1C99 ] AVGIDSEH C:\Windows\system32\DRIVERS\AVGIDSEH.Sys
19:12:32.0908 0x0fcc AVGIDSEH - ok
19:12:32.0955 0x0fcc [ C5559DE2EC66CEDE15A1664F6D183D8E, D326E2A290F978E1B3D77E4D9020B5CA12FBF80913D6E5D8AB7327A0D543CF24 ] AVGIDSFilter C:\Windows\system32\DRIVERS\AVGIDSFilter.Sys
19:12:32.0986 0x0fcc AVGIDSFilter - ok
19:12:33.0049 0x0fcc [ AE5E9667FA40206796D1BD5BD0427A8A, D829BD90B22228870D0E86F3BFF9234503085605226526FBFCF11DC98397607A ] AVGIDSShim C:\Windows\system32\DRIVERS\AVGIDSShim.Sys
19:12:33.0080 0x0fcc AVGIDSShim - ok
19:12:33.0158 0x0fcc [ 901EB73F900D8DD1E8862C40427B83AE, 6CEC9109CDA7ED3952702773785430C3AE02195EB6D3FDF889C1F9118CF50D11 ] Avgldx86 C:\Windows\system32\DRIVERS\avgldx86.sys
19:12:33.0174 0x0fcc Avgldx86 - ok
19:12:33.0236 0x0fcc [ 5639DE66B37D02BD22DF4CF3155FBA60, E7F8E588DA6470DB285EB7EAA199572A84EF6660A9D6B30B1D9BBF096B4D04F1 ] Avgmfx86 C:\Windows\system32\DRIVERS\avgmfx86.sys
19:12:33.0252 0x0fcc Avgmfx86 - ok
19:12:33.0299 0x0fcc [ D1BAF652EDA0AE70896276A1FB32C2D4, 295C26E45C79920EC93FC95891F61E76D09CDF7D18011FE93FC61346A2FA28C9 ] Avgrkx86 C:\Windows\system32\DRIVERS\avgrkx86.sys
19:12:33.0314 0x0fcc Avgrkx86 - ok
19:12:33.0470 0x0fcc [ AAF0EBCAD95F2164CFFB544E00392498, 20ED50D2E33DFCF4B209B76E041DB1483B9A23A12591CC303F4D6C4846DEB7D5 ] Avgtdix C:\Windows\system32\DRIVERS\avgtdix.sys
19:12:33.0486 0x0fcc Avgtdix - ok
19:12:33.0657 0x0fcc [ FC2BC51120A945F7C70376495E4E7737, AA9711093972B6D7690C7662EF45DAAA9499AD36A6191382E43DAE566B64BF12 ] avgwd C:\Program Files\AVG\AVG10\avgwdsvc.exe
19:12:33.0704 0x0fcc avgwd - ok
19:12:33.0907 0x0fcc [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] BBSvc C:\Program Files\Microsoft\BingBar\BBSvc.EXE
19:12:33.0938 0x0fcc BBSvc - ok
19:12:33.0985 0x0fcc [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] BBUpdate C:\Program Files\Microsoft\BingBar\SeaPort.EXE
19:12:34.0001 0x0fcc BBUpdate - ok
19:12:34.0048 0x0fcc [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] bcm4sbxp C:\Windows\system32\DRIVERS\bcm4sbxp.sys
19:12:34.0079 0x0fcc bcm4sbxp - ok
19:12:34.0126 0x0fcc [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] Beep C:\Windows\system32\drivers\Beep.sys
19:12:34.0172 0x0fcc Beep - ok
19:12:34.0219 0x0fcc [ 8582E233C346AEFE759833E8A30DD697, 2B0A4FB7F0C3256A5003821634DFA04BA8C3FBB46E942E8BC5D114AF8D1E5354 ] BFE C:\Windows\System32\bfe.dll
19:12:34.0282 0x0fcc BFE - ok
19:12:34.0360 0x0fcc [ 02ED7B4DBC2A3232A389106DA7515C3D, 0DFCD03CB967D1A980D56124603F353DC1D800E3A5E436EEE95C65FDE17398CF ] BITS C:\Windows\System32\qmgr.dll
19:12:34.0453 0x0fcc BITS - ok
19:12:34.0453 0x0fcc blbdrive - ok
19:12:34.0562 0x0fcc [ CFD4C3352E29A8B729536648466E8DF5, EE2699697931C054A1C82E6FC1B2EA4881C2F9FBF2B7F7E24268450703ED6F9A ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
19:12:34.0594 0x0fcc Bonjour Service - detected UnsignedFile.Multi.Generic ( 1 )
19:12:34.0890 0x0fcc Detect skipped due to KSN trusted
19:12:34.0890 0x0fcc Bonjour Service - ok
19:12:34.0937 0x0fcc [ 8153396D5551276227FA146900F734E6, 0AE06774162D542D9E95246B7112A40D7C463EF331B4F56C9CF8AD99A0341E38 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
19:12:34.0984 0x0fcc bowser - ok
19:12:35.0046 0x0fcc [ 9F9ACC7F7CCDE8A15C282D3F88B43309, A9131334BD9CF8FD60BA9D54AA054E2DF2BE1219FB650DF1464F2787BDEAE98F ] BrFiltLo C:\Windows\system32\drivers\brfiltlo.sys
19:12:35.0062 0x0fcc BrFiltLo - ok
19:12:35.0077 0x0fcc [ 56801AD62213A41F6497F96DEE83755A, 0DEB8318FB47DF6473C171C795C735E26A73FA12232876C6856549EA16F33361 ] BrFiltUp C:\Windows\system32\drivers\brfiltup.sys
19:12:35.0124 0x0fcc BrFiltUp - ok
19:12:35.0155 0x0fcc [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] Browser C:\Windows\System32\browser.dll
19:12:35.0218 0x0fcc Browser - ok
19:12:35.0218 0x0fcc [ B304E75CFF293029EDDF094246747113, CB6B219B186C3511A0DE3CDE7F7B8966A9E32D808A952CA8C5B42B3A3A17BFB0 ] Brserid C:\Windows\system32\drivers\brserid.sys
19:12:35.0280 0x0fcc Brserid - ok
19:12:35.0280 0x0fcc [ 203F0B1E73ADADBBB7B7B1FABD901F6B, 782FA7B26940FE479C49C9BAA2EB582CDAAAD607013E9BCFC85E6FBBB7D49A6D ] BrSerWdm C:\Windows\system32\drivers\brserwdm.sys
19:12:35.0374 0x0fcc BrSerWdm - ok
19:12:35.0374 0x0fcc [ BD456606156BA17E60A04E18016AE54B, DFBDC9DA6A3EA40BACFF204BC6C55C2C122B5885D2CBF6D45054DE43EE15EC4D ] BrUsbMdm C:\Windows\system32\drivers\brusbmdm.sys
19:12:35.0421 0x0fcc BrUsbMdm - ok
19:12:35.0436 0x0fcc [ AF72ED54503F717A43268B3CC5FAEC2E, 4A638669B0C30B1BDED242A8BF2015A37749570FF4D67D190BACC8D7E0C44468 ] BrUsbSer C:\Windows\system32\drivers\brusbser.sys
19:12:35.0468 0x0fcc BrUsbSer - ok
19:12:35.0514 0x0fcc [ DA7B195275BDA7F8FCF79B40E0F45DDE, 1346E9221FD6A1DA27F0BC4F3CF5AFA60B3419931B32468107028BCD4232A708 ] BthEnum C:\Windows\system32\DRIVERS\BthEnum.sys
19:12:35.0561 0x0fcc BthEnum - ok
19:12:35.0592 0x0fcc [ 5FFA6988FF9597986FF2ADA736CC90C0, 50F57047CC5CC241DDF9BB8E39E03F91074AC4C7B4CDE6C44FF279A8741384C5 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
19:12:35.0624 0x0fcc BTHMODEM - ok
19:12:35.0639 0x0fcc [ 5904EFA25F829BF84EA6FB045134A1D8, 66E4160CC404744576BA6E9DD606B533F42B3D4A3E2FDD457DAA016CC72A81CC ] BthPan C:\Windows\system32\DRIVERS\bthpan.sys
19:12:35.0670 0x0fcc BthPan - ok
19:12:35.0717 0x0fcc [ 73D53F8E90550BA81E2CF44A0873B410, 2E73A2FCF668F1F18928A293A74370BF3D6DC0208D010D10FD5335DFA3706906 ] BTHPORT C:\Windows\system32\Drivers\BTHport.sys
19:12:35.0748 0x0fcc BTHPORT - ok
19:12:35.0795 0x0fcc [ 58EE7F5E68310BC8D4E7CEBD8358C12E, 2EBA4A861E2C2AA56016DD8F5AE7C969BF515EF1B3E153F97F1E48E0983F17BB ] BthServ C:\Windows\System32\bthserv.dll
19:12:35.0826 0x0fcc BthServ - ok
19:12:35.0889 0x0fcc [ 32045A4BB143BBC5BAB1298C4E9E309A, 4009AE2D186746E076CF254FD3653AA4B07182521B772CF2825A3BBDEF4288FB ]
Holsten87
2014-07-24, 20:19
BTHUSB C:\Windows\system32\Drivers\BTHUSB.sys
19:12:35.0904 0x0fcc BTHUSB - ok
19:12:35.0982 0x0fcc [ 4A28E7BD365377D0512B7EF8C7596D2C, C55337A59929744FD493D1155ED2EF7B0684963D364437767F1567298DCF9290 ] btwaudio C:\Windows\system32\drivers\btwaudio.sys
19:12:36.0014 0x0fcc btwaudio - ok
19:12:36.0061 0x0fcc [ 5FFDE57253D665067B0886612817EB11, 5A6FFA7900CD0CCDF5C7FACEDFD6D941EE01527BC1B873676089D8308480D31C ] btwavdt C:\Windows\system32\drivers\btwavdt.sys
19:12:36.0076 0x0fcc btwavdt - ok
19:12:36.0123 0x0fcc [ AB07DC8B05C31A4F95FC73019BE9DB15, A0A0FBD61A63C9374BD1DD9573E2ADD482CC5039CA34E8C0FB9EA3D7762E3D02 ] btwrchid C:\Windows\system32\DRIVERS\btwrchid.sys
19:12:36.0123 0x0fcc btwrchid - ok
19:12:36.0154 0x0fcc catchme - ok
19:12:36.0185 0x0fcc [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
19:12:36.0232 0x0fcc cdfs - ok
19:12:36.0248 0x0fcc [ 1EC25CEA0DE6AC4718BF89F9E1778B57, 019E12C30E7A395259F3906EC55AFF86949CFDBB443060208C8B91B9EB7F9FB7 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
19:12:36.0279 0x0fcc cdrom - ok
19:12:36.0326 0x0fcc [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] CertPropSvc C:\Windows\System32\certprop.dll
19:12:36.0357 0x0fcc CertPropSvc - ok
19:12:36.0419 0x0fcc [ DA8E0AFC7BAA226C538EF53AC2F90897, 2BBB9966671A3B8325D215DBC29FBD7D912C13ADC562A0D4521D1FF9A6F445C0 ] circlass C:\Windows\system32\drivers\circlass.sys
19:12:36.0482 0x0fcc circlass - ok
19:12:36.0513 0x0fcc [ 465745561C832B29F7C48B488AAB3842, B631C61FBF6E2641FED7C4CFC1B179D19143B04CF76DCF48A9C7582E756FFD8C ] CLFS C:\Windows\system32\CLFS.sys
19:12:36.0560 0x0fcc CLFS - ok
19:12:36.0685 0x0fcc [ D87ACAED61E417BBA546CED5E7E36D9C, 14AC6034A5BC0FB2A1AFDAD42BEF4DE641556E54AD30D0C46765660A4BE55462 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
19:12:36.0700 0x0fcc clr_optimization_v2.0.50727_32 - ok
19:12:36.0950 0x0fcc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:12:36.0966 0x0fcc clr_optimization_v4.0.30319_32 - ok
19:12:36.0997 0x0fcc [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
19:12:37.0044 0x0fcc CmBatt - ok
19:12:37.0075 0x0fcc [ E79CBB2195E965F6E3256E2C1B23FD1C, 176819CEDE1BC16499B0E67EBDB46D7A627189D6B0DAF733B10FBE0DD3E030A2 ] cmdide C:\Windows\system32\drivers\cmdide.sys
19:12:37.0090 0x0fcc cmdide - ok
19:12:37.0153 0x0fcc [ 6AFEF0B60FA25DE07C0968983EE4F60A, E4037EF9EDE57A1039AB814EBCE9A8B12C9A084E7FAC6296212ACF2394DD37B6 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
19:12:37.0184 0x0fcc Compbatt - ok
19:12:37.0184 0x0fcc COMSysApp - ok
19:12:37.0215 0x0fcc [ 2A213AE086BBEC5E937553C7D9A2B22C, 1F91ACC0426E0ED1717555B282F65629EF15021375B24A63C29C89ADE916EE2A ] crcdisk C:\Windows\system32\drivers\crcdisk.sys
19:12:37.0231 0x0fcc crcdisk - ok
19:12:37.0231 0x0fcc [ 22A7F883508176489F559EE745B5BF5D, D6341E3FBC8A46D2D1F0477FA60EC4828B585D35B14609CD02868FD04ECD14DB ] Crusoe C:\Windows\system32\drivers\crusoe.sys
19:12:37.0293 0x0fcc Crusoe - ok
19:12:37.0324 0x0fcc [ 6DE363F9F99334514C46AEC02D3E3678, FF403B8A4D7D6B3D2F23E2711D1353CFB0C748AD7D7927CF5DFBD99CD169D826 ] CryptSvc C:\Windows\system32\cryptsvc.dll
19:12:37.0371 0x0fcc CryptSvc - ok
19:12:37.0449 0x0fcc [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] DcomLaunch C:\Windows\system32\rpcss.dll
19:12:37.0559 0x0fcc DcomLaunch - ok
19:12:37.0574 0x0fcc [ A3E9FA213F443AC77C7746119D13FEEC, 479B349BFC811D20572C09C4A2228C3880F8F3B4B4BA5F4E56600C7EF583DE7B ] DfsC C:\Windows\system32\Drivers\dfsc.sys
19:12:37.0621 0x0fcc DfsC - ok
19:12:37.0995 0x0fcc [ FA3463F25F9CC9C3BCF1E7912FEFF099, 8CFA0F1DFD975ED877B303EB55BE52B0B1EC2B20FEC36820121A0F5E046E0032 ] DFSR C:\Windows\system32\DFSR.exe
19:12:38.0276 0x0fcc DFSR - ok
19:12:38.0354 0x0fcc [ 43A988A9C10333476CB5FB667CBD629D, 7E0DD57E75A50E3671673876631A1E66A4AC16810418BEC1AC2143DFD331F389 ] Dhcp C:\Windows\System32\dhcpcsvc.dll
19:12:38.0386 0x0fcc Dhcp - ok
19:12:38.0448 0x0fcc [ 64109E623ABD6955C8FB110B592E68B7, 964F456EF44F9AE836B8CAB438FEB18303B2548A2B7D85FEBD72F4F80127B0EE ] disk C:\Windows\system32\drivers\disk.sys
19:12:38.0479 0x0fcc disk - ok
19:12:38.0542 0x0fcc [ 4805D9A6D281C7A7DEFD9094DEC6AF7D, 473A5F1C4E795BD6B6DDB32ECB04BA8BF238AA5FBC67FC5D8D8F749464ED0AE9 ] Dnscache C:\Windows\System32\dnsrslvr.dll
19:12:38.0620 0x0fcc Dnscache - ok
19:12:38.0666 0x0fcc [ 5AF620A08C614E24206B79E8153CF1A8, 5BB32FF3C9A5C51C2773F0ECF9647749667F4678EF3C75FEB4420EC6C805913E ] dot3svc C:\Windows\System32\dot3svc.dll
19:12:38.0698 0x0fcc dot3svc - ok
19:12:38.0744 0x0fcc [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] DPS C:\Windows\system32\dps.dll
19:12:38.0791 0x0fcc DPS - ok
19:12:38.0838 0x0fcc [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
19:12:38.0869 0x0fcc drmkaud - ok
19:12:38.0932 0x0fcc [ 85F33880B8CFB554BD3D9CCDB486845A, 2D120F94800AEB886D4BA2A45FE2454EBB1FAC3E57BDE552737EBDE7EF8899CF ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
19:12:38.0994 0x0fcc DXGKrnl - ok
19:12:39.0057 0x0fcc [ 7505290504C8E2D172FA378CC0497BCC, 8DD69E1B27EC13E62529C87B6B796675681E6329C825E64EEC9134B15C08161C ] e1express C:\Windows\system32\DRIVERS\e1e6032.sys
19:12:39.0135 0x0fcc e1express - ok
19:12:39.0135 0x0fcc [ F88FB26547FD2CE6D0A5AF2985892C48, F02E06E16830F5D3FAF61991F5A91E54BB3461F58AFE3BFB7A9066CD302B879F ] E1G60 C:\Windows\system32\DRIVERS\E1G60I32.sys
19:12:39.0213 0x0fcc E1G60 - ok
19:12:39.0259 0x0fcc [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] EapHost C:\Windows\System32\eapsvc.dll
19:12:39.0275 0x0fcc EapHost - ok
19:12:39.0337 0x0fcc [ DD2CD259D83D8B72C02C5F2331FF9D68, 07E758A414442FEAFE55FB28842D960971553DB16C31D5791FDD0843CBF5E2B4 ] Ecache C:\Windows\system32\drivers\ecache.sys
19:12:39.0353 0x0fcc Ecache - ok
19:12:39.0415 0x0fcc [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] ehRecvr C:\Windows\ehome\ehRecvr.exe
19:12:39.0447 0x0fcc ehRecvr - ok
19:12:39.0478 0x0fcc [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] ehSched C:\Windows\ehome\ehsched.exe
19:12:39.0509 0x0fcc ehSched - ok
19:12:39.0525 0x0fcc [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] ehstart C:\Windows\ehome\ehstart.dll
19:12:39.0540 0x0fcc ehstart - ok
19:12:39.0634 0x0fcc [ DA8B28199B46B72502D5A3F75D446254, C1895040F30B3FEEDD724FCB7E27E118FA637E3AA420980D0EFB2D069C389925 ] ElRawDisk C:\Windows\system32\drivers\ElRawDsk.sys
19:12:39.0634 0x0fcc ElRawDisk - ok
19:12:39.0712 0x0fcc [ E8F3F21A71720C84BCF423B80028359F, 63114E6120F634224A0E83A5047B37C7D6F26CF99FE3C01CFC0AB8B1763BB084 ] elxstor C:\Windows\system32\drivers\elxstor.sys
19:12:39.0728 0x0fcc elxstor - ok
19:12:39.0806 0x0fcc [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C, 80385AC32CE8388F06341AA4A880F68E0EB5815CCCA5CF8E799846F472DCE360 ] EMDMgmt C:\Windows\system32\emdmgmt.dll
19:12:39.0899 0x0fcc EMDMgmt - ok
19:12:40.0024 0x0fcc [ 3CB3343D720168B575133A0A20DC2465, B356938AC3D9CE833A2C0EBFAA548CDB6B68BEDDB2CCA80222E508BD978FB26B ] EventSystem C:\Windows\system32\es.dll
19:12:40.0086 0x0fcc EventSystem - ok
19:12:40.0133 0x0fcc [ 0D858EB20589A34EFB25695ACAA6AA2D, E5C891D8971173D78194176CB38C0D62C1245C71E04DD94EC742A69C2925F843 ] exfat C:\Windows\system32\drivers\exfat.sys
19:12:40.0180 0x0fcc exfat - ok
19:12:40.0196 0x0fcc [ 3C489390C2E2064563727752AF8EAB9E, BF528F6D4718AC160C103FD89496C6B7BABED7A17A6BD4222D684AF22FE21A49 ] fastfat C:\Windows\system32\drivers\fastfat.sys
19:12:40.0243 0x0fcc fastfat - ok
19:12:40.0289 0x0fcc [ 63BDADA84951B9C03E641800E176898A, AD3EA20CAD0E0C438422D5D39AEA9E0AAD9E1DC866A696AE503C76F5FAC4BE6E ] fdc C:\Windows\system32\DRIVERS\fdc.sys
19:12:40.0352 0x0fcc fdc - ok
19:12:40.0399 0x0fcc [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] fdPHost C:\Windows\system32\fdPHost.dll
19:12:40.0461 0x0fcc fdPHost - ok
19:12:40.0492 0x0fcc [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] FDResPub C:\Windows\system32\fdrespub.dll
19:12:40.0555 0x0fcc FDResPub - ok
19:12:40.0570 0x0fcc [ A8C0139A884861E3AAE9CFE73B208A9F, 3B021D148A2989AAA46AE58E5FED8A2DCA25E9212C2FA7F922880EF5A077E49B ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
19:12:40.0570 0x0fcc FileInfo - ok
19:12:40.0601 0x0fcc [ 0AE429A696AECBC5970E3CF2C62635AE, 1ECC315C099D17835788B68F0DE00EC98DC5AEE8F329D739E0DB90A898F22244 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
19:12:40.0664 0x0fcc Filetrace - ok
19:12:40.0711 0x0fcc [ 6603957EFF5EC62D25075EA8AC27DE68, B52D112301A6BFBD60959D7D2502AB2E1EB6BB7F5DCED46899F1F006C7F1E887 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
19:12:40.0804 0x0fcc flpydisk - ok
19:12:40.0804 0x0fcc [ 05EA53AFE985443011E36DAB07343B46, E033C1C218E9B0D22B63E1B927D7BBE331B59814F26952B68BEDC914EF881E55 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
19:12:40.0835 0x0fcc FltMgr - ok
19:12:40.0898 0x0fcc [ C9BE08664611DDAF98E2331E9288B00B, C645DDAB5FD588486553DF2DD5750AF5A967FEE988F4EB29E05362E3362DF4A2 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework\v3.0\WPF\PresentationFontCache.exe
19:12:40.0929 0x0fcc FontCache3.0.0.0 - ok
19:12:40.0960 0x0fcc [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
19:12:41.0007 0x0fcc Fs_Rec - ok
19:12:41.0054 0x0fcc [ 4E1CD0A45C50A8882616CAE5BF82F3C5, 1B909AF150F7119A5685999451A85012F4A92F15F38390A281EA507E2D247BAE ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys
19:12:41.0085 0x0fcc gagp30kx - ok
19:12:41.0132 0x0fcc [ D9F1113D9401185245573350712F92FC, 7D8E96B61D7FC1FCC7D70A19DB725BCEA78FE94F3D7AFBB1202771D530A628B7 ] gpsvc C:\Windows\System32\gpsvc.dll
19:12:41.0226 0x0fcc gpsvc - ok
19:12:41.0257 0x0fcc [ C87B1EE051C0464491C1A7B03FA0BC99, 0EF498A7D37A454E8B6DB1BE3C0EADA648B51B34A2BB553171E766463E54EE90 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys
19:12:41.0288 0x0fcc HDAudBus - ok
19:12:41.0335 0x0fcc [ 1338520E78D90154ED6BE8F84DE5FCEB, 8531F1C5856983EBDA4C2B70162645ECE72FFFBA9FE7A28BCEDDF2169B7ECF9D ] HidBth C:\Windows\system32\drivers\hidbth.sys
19:12:41.0428 0x0fcc HidBth - ok
19:12:41.0491 0x0fcc [ FF3160C3A2445128C5A6D9B076DA519E, DC1A70C80CD55F33B3AD5A21E86AF7C3086D8CC2DC6148C058E74A871E0BAD4A ] HidIr C:\Windows\system32\drivers\hidir.sys
19:12:41.0553 0x0fcc HidIr - ok
19:12:41.0616 0x0fcc [ 8FA640195279ACE21BEA91396A0054FC, 20541E5FA29B3FBD8824F3DF93C7D63AFEE56948F82FFDE20E9E87F5C0A3A789 ] hidserv C:\Windows\system32\hidserv.dll
19:12:41.0663 0x0fcc hidserv - ok
19:12:41.0678 0x0fcc [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
19:12:41.0725 0x0fcc HidUsb - ok
19:12:41.0741 0x0fcc [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] hkmsvc C:\Windows\system32\kmsvc.dll
19:12:41.0787 0x0fcc hkmsvc - ok
19:12:41.0834 0x0fcc [ DF353B401001246853763C4B7AAA6F50, 05C043493BDD99DEFBB0F5C3D8C475B06C2BF5629565ACF6F3B754002519B836 ] HpCISSs C:\Windows\system32\drivers\hpcisss.sys
19:12:41.0850 0x0fcc HpCISSs - ok
19:12:41.0943 0x0fcc [ E9E589C9AB799F52E18F057635A2B362, 24857D672B09C13EF290E7EA587D25270DE23740EE18E2FCF16716D9E0D0E457 ] HSF_DPV C:\Windows\system32\DRIVERS\HSX_DPV.sys
19:12:42.0037 0x0fcc HSF_DPV - ok
19:12:42.0068 0x0fcc [ 7845D2385F4DC7DFB3CCAF0C2FA4948E, 18F01851E18CCF84A7987B739C7661C8BF272CF69F4E6BA87A69FCDBA1B8774A ] HSXHWAZL C:\Windows\system32\DRIVERS\HSXHWAZL.sys
19:12:42.0084 0x0fcc HSXHWAZL - ok
19:12:42.0209 0x0fcc [ 96E241624C71211A79C84F50A8E71CAB, EB6E679218B781F67FBFF4EB12DDE44769ACA7EA3F83A4404A073EA89C902C25 ] HTTP C:\Windows\system32\drivers\HTTP.sys
19:12:42.0302 0x0fcc HTTP - ok
19:12:42.0349 0x0fcc [ 324C2152FF2C61ABAE92D09F3CCA4D63, 2D09964C8003277F7DB1FFAA0DAEF15B205F3C4100FF601950BC9E544DC0B91F ] i2omp C:\Windows\system32\drivers\i2omp.sys
19:12:42.0380 0x0fcc i2omp - ok
19:12:42.0427 0x0fcc [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] i8042prt C:\Windows\system32\DRIVERS\i8042prt.sys
19:12:42.0474 0x0fcc i8042prt - ok
19:12:42.0521 0x0fcc [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] iaStor C:\Windows\system32\drivers\iastor.sys
19:12:42.0536 0x0fcc iaStor - ok
19:12:42.0599 0x0fcc [ C957BF4B5D80B46C5017BF0101E6C906, 6B9186335E50E7E0DBAF574A224E524EC526B57AA02F509E4A8D0F905C9CE880 ] iaStorV C:\Windows\system32\drivers\iastorv.sys
19:12:42.0614 0x0fcc iaStorV - ok
19:12:42.0724 0x0fcc [ 6F95324909B502E2651442C1548AB12F, FF1B104990FE186C6100ED229A45345FF695323AC778688EC11AA8F5A87B141E ] IDriverT C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe
19:12:42.0739 0x0fcc IDriverT - detected UnsignedFile.Multi.Generic ( 1 )
19:12:42.0958 0x0fcc Detect skipped due to KSN trusted
19:12:42.0958 0x0fcc IDriverT - ok
19:12:43.0223 0x0fcc [ 7B630ACAED64FEF0C3E1CF255CB56686, 9DCC6953BC6EF77C3916F8AA226CEC0662513A23AB60E9F714D53746E82FB372 ] idsvc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe
19:12:43.0301 0x0fcc idsvc - ok
19:12:43.0566 0x0fcc [ BBACE0293B73BF8C7CB591F2D06F26FA, A28A985633DF171BCB7A2201CB239B8694CE9C89D4A6BF627F2A512B112C131A ] igfx C:\Windows\system32\DRIVERS\igdkmd32.sys
19:12:43.0676 0x0fcc igfx - ok
19:12:43.0754 0x0fcc [ 2D077BF86E843F901D8DB709C95B49A5, 78FF558A881F307858F5C7C74A748B8B2562AF3CAC7EA8639945609001D790CE ] iirsp C:\Windows\system32\drivers\iirsp.sys
19:12:43.0785 0x0fcc iirsp - ok
19:12:43.0863 0x0fcc [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC, ED795B07B38EDBB2850384EDFA04C85539D4D22A7AAB8981C83C84E2EAB5976F ] IKEEXT C:\Windows\System32\ikeext.dll
19:12:43.0941 0x0fcc IKEEXT - ok
19:12:43.0972 0x0fcc [ 0084046C084D68E494F8CF36BCF08186, 1A40542A8E7ADE1944892F11DFA85307F342965A31D5697425E0BB86874D45F5 ] intelide C:\Windows\system32\DRIVERS\intelide.sys
19:12:43.0988 0x0fcc intelide - ok
19:12:44.0019 0x0fcc [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
19:12:44.0050 0x0fcc intelppm - ok
19:12:44.0300 0x0fcc [ 01D805FAC2510E3C963EA4727B1E2F00, EDEC59524A7BFA44929AEF87BF34A7A46D8BC3E9C0C6607138E9014636629D56 ] ioloSystemService C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
19:12:44.0378 0x0fcc ioloSystemService - ok
19:12:44.0456 0x0fcc [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] IPBusEnum C:\Windows\system32\ipbusenum.dll
19:12:44.0503 0x0fcc IPBusEnum - ok
19:12:44.0534 0x0fcc [ 62C265C38769B864CB25B4BCF62DF6C3, CAF6BCE967104233E216464E4729B0275C3BD426D812F404AB0EE83A7F2063D8 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
19:12:44.0565 0x0fcc IpFilterDriver - ok
19:12:44.0627 0x0fcc [ 6A35D233693EDC29A12742049BC5E37F, 77275407105492A11CDC232E72C8183F0DFD28F8B9AD2A24AAABDB246F14D38F ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
19:12:44.0705 0x0fcc iphlpsvc - ok
19:12:44.0705 0x0fcc IpInIp - ok
19:12:44.0768 0x0fcc [ 40F34F8ABA2A015D780E4B09138B6C17, 22F86888C6B4F76836E863A90730D8F0DBD518305D87A399A159387E79E9D2F7 ] IPMIDRV C:\Windows\system32\drivers\ipmidrv.sys
19:12:44.0846 0x0fcc IPMIDRV - ok
19:12:44.0877 0x0fcc [ 8793643A67B42CEC66490B2A0CF92D68, 8B1ED1314E4C6623824DD6B9C15A0F7F996F4D243BF0B305421251BE40850907 ] IPNAT C:\Windows\system32\DRIVERS\ipnat.sys
19:12:44.0924 0x0fcc IPNAT - ok
19:12:44.0939 0x0fcc [ 109C0DFB82C3632FBD11949B73AEEAC9, 73B01426100256B7110DF0B74483AF1B62FC209612EEC29A7BF6DC31A7FBEFB6 ] IRENUM C:\Windows\system32\drivers\irenum.sys
19:12:44.0971 0x0fcc IRENUM - ok
19:12:44.0971 0x0fcc [ 2F8ECE2699E7E2070545E9B0960A8ED2, 40214A9220C6EC232C245939E4F40A9FF6D30497E180EDC809B87938A922E52D ] isapnp C:\Windows\system32\drivers\isapnp.sys
19:12:44.0986 0x0fcc isapnp - ok
19:12:45.0033 0x0fcc [ F247EEC28317F6C739C16DE420097301, 0F4BE16BB0630DFE2256F70C94D4363B7B71F02F7F6597E7CAE28A3EFEA7BCAD ] iScsiPrt C:\Windows\system32\DRIVERS\msiscsi.sys
19:12:45.0049 0x0fcc iScsiPrt - ok
19:12:45.0049 0x0fcc [ BCED60D16156E428F8DF8CF27B0DF150, 4934E9AB8A8A548548F0C63517F2BF4DE84B05E5C9C7C2AA6C1517B8F9C340D4 ] iteatapi C:\Windows\system32\drivers\iteatapi.sys
19:12:45.0064 0x0fcc iteatapi - ok
19:12:45.0096 0x0fcc [ 06FA654504A498C30ADCA8BEC4E87E7E, 651BC35A0A3D504573BBAB40DE81929BB18C9FC0CD7944FEAE0E99CD7658EA88 ] iteraid C:\Windows\system32\drivers\iteraid.sys
19:12:45.0111 0x0fcc iteraid - ok
19:12:45.0142 0x0fcc [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
19:12:45.0158 0x0fcc kbdclass - ok
19:12:45.0174 0x0fcc [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
19:12:45.0220 0x0fcc kbdhid - ok
19:12:45.0252 0x0fcc [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] KeyIso C:\Windows\system32\lsass.exe
19:12:45.0298 0x0fcc KeyIso - ok
19:12:45.0704 0x0fcc [ 775C6D5D60146D7DB08A01CB596D7EC6, 66D87041DD8E0CF8AFBC155AC709E9A647B765BBA56CDE07EA01468BDAD7C239 ] Kodak AiO Network Discovery Service C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
19:12:45.0735 0x0fcc Kodak AiO Network Discovery Service - ok
19:12:45.0860 0x0fcc [ 17AFF68AB32F8671BC46612D35351099, C782460B99EAAE84DDBEF5AEB628984984B4108A482F023CE62CE1D33A367FEB ] Kodak AiO Status Monitor Service C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:12:45.0954 0x0fcc Kodak AiO Status Monitor Service - ok
19:12:46.0001 0x0fcc [ 7A0CF7908B6824D6A2A1D313E5AE3DCA, 903CF1169D984BBDAE114827D82D5CCC88C2BC7CAEE6BB3A299E2572B0751BB6 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
19:12:46.0032 0x0fcc KSecDD - ok
19:12:46.0094 0x0fcc [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] KtmRm C:\Windows\system32\msdtckrm.dll
19:12:46.0172 0x0fcc KtmRm - ok
19:12:46.0219 0x0fcc [ 1925E63C91CF1610AE41BFD539062079, C25438D19D51B76A8E4C5F3A5D41C76197321166CB37E224217993A4466EBEF9 ] LanmanServer C:\Windows\system32\srvsvc.dll
19:12:46.0266 0x0fcc LanmanServer - ok
19:12:46.0328 0x0fcc [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15, 7B1FAC42B9EA73A8C4E812F8F729EB882BDFD04D2E68FE354CFD6B8379A46D14 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
19:12:46.0375 0x0fcc LanmanWorkstation - ok
19:12:46.0406 0x0fcc [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
19:12:46.0453 0x0fcc lltdio - ok
19:12:46.0500 0x0fcc [ 2D5A428872F1442631D0959A34ABFF63, E532C6ECFFB936EFF744CA57BDC6394C89E797B6B0822D04F1F3F35D9BDDD4F0 ] lltdsvc C:\Windows\System32\lltdsvc.dll
19:12:46.0531 0x0fcc lltdsvc - ok
19:12:46.0578 0x0fcc [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] lmhosts C:\Windows\System32\lmhsvc.dll
19:12:46.0625 0x0fcc lmhosts - ok
19:12:46.0687 0x0fcc [ A2262FB9F28935E862B4DB46438C80D2, 792684A68726BC007ACABB584682FDF4F059AE60888FB5B47ED68A97EA0BB5E6 ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys
19:12:46.0734 0x0fcc LSI_FC - ok
19:12:46.0765 0x0fcc [ 30D73327D390F72A62F32C103DAF1D6D, 7BB5BFB0DCF33AF9907539B52DF7BA1943C1E75A17715B58DBC702ACA6D406EA ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys
19:12:46.0796 0x0fcc LSI_SAS - ok
19:12:46.0828 0x0fcc [ E1E36FEFD45849A95F1AB81DE0159FE3, DA02B23A881D156A02D3874B41E6D042F84AD558B434280A6A6AC6B619668647 ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys
19:12:46.0843 0x0fcc LSI_SCSI - ok
19:12:46.0890 0x0fcc [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] luafv C:\Windows\system32\drivers\luafv.sys
19:12:46.0921 0x0fcc luafv - ok
19:12:46.0952 0x0fcc mcdbus - ok
19:12:46.0984 0x0fcc [ AEF9BABB8A506BC4CE0451A64AADED46, D5608A703EA7E97F11ED4D029B4B820440B0C9317DB7D7DC0152253CD723DC07 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
19:12:46.0999 0x0fcc Mcx2Svc - ok
19:12:47.0030 0x0fcc [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] mdmxsdk C:\Windows\system32\DRIVERS\mdmxsdk.sys
19:12:47.0062 0x0fcc mdmxsdk - ok
19:12:47.0093 0x0fcc [ D153B14FC6598EAE8422A2037553ADCE, D5408B07B6EBA0146A605F11106497DC3DF8EC72E0DCC44BE1366A2A58ABE478 ] megasas C:\Windows\system32\drivers\megasas.sys
19:12:47.0108 0x0fcc megasas - ok
19:12:47.0155 0x0fcc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] MMCSS C:\Windows\system32\mmcss.dll
19:12:47.0202 0x0fcc MMCSS - ok
19:12:47.0218 0x0fcc [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] Modem C:\Windows\system32\drivers\modem.sys
19:12:47.0249 0x0fcc Modem - ok
19:12:47.0296 0x0fcc [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] monitor C:\Windows\system32\DRIVERS\monitor.sys
19:12:47.0327 0x0fcc monitor - ok
19:12:47.0358 0x0fcc [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
19:12:47.0358 0x0fcc mouclass - ok
19:12:47.0389 0x0fcc [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
19:12:47.0421 0x0fcc mouhid - ok
19:12:47.0467 0x0fcc [ BDAFC88AA6B92F7842416EA6A48E1600, 2CA8A7BB260016D6B7953980A94C45A3C5D41F7DC7E73EEFB1C18EA144749503 ] MountMgr C:\Windows\system32\drivers\mountmgr.sys
19:12:47.0483 0x0fcc MountMgr - ok
19:12:47.0592 0x0fcc [ 4E9D8041D352A33332FD6F59A3A78B03, D4E6229B07EF9866993EEE4F6223DC7F1FF1108273FE14A3DC74E65C181DE56A ] MozillaMaintenance C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
19:12:47.0608 0x0fcc MozillaMaintenance - ok
19:12:47.0686 0x0fcc [ 583A41F26278D9E0EA548163D6139397, 1F09D2FEEE1A8D4F1D9E53596158154099FD436A408F7E72E40F50778A3838A1 ] mpio C:\Windows\system32\drivers\mpio.sys
19:12:47.0686 0x0fcc mpio - ok
19:12:47.0748 0x0fcc [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
19:12:47.0779 0x0fcc mpsdrv - ok
19:12:47.0811 0x0fcc [ D1639BA315B0D79DEC49A4B0E1FB929B, 96420572029217FDD78CD286A022EB5F8BAB76EE30F75E48CD69AEE1A4846B53 ] MpsSvc C:\Windows\system32\mpssvc.dll
19:12:47.0904 0x0fcc MpsSvc - ok
19:12:47.0920 0x0fcc [ 4FBBB70D30FD20EC51F80061703B001E, 72907A0CA5CFF82F40C02A65CD8EFD51D7CFC33BE67DE572D1ACF4FD3B248F0A ] Mraid35x C:\Windows\system32\drivers\mraid35x.sys
19:12:47.0936 0x0fcc Mraid35x - ok
19:12:47.0967 0x0fcc [ AE3DE84536B6799D2267443CEC8EDBB9, 787AF9D5BC6D1A1E4A55A66D62F0DF93F45C2FB7EA5BE0BF63F1270604600B40 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
19:12:48.0014 0x0fcc MRxDAV - ok
19:12:48.0076 0x0fcc [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1, 2C5F0554D5A763D6B3F1402C9BF36C6091CBBDFFD5139AEE85D69D5B210D2047 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
19:12:48.0123 0x0fcc mrxsmb - ok
19:12:48.0170 0x0fcc [ 6B5FA5ADFACAC9DBBE0991F4566D7D55, 9BAD029A6AAF4C2292C682B9F07C57051C84F7FA4F3EBEA52C25CAEF1A41121F ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
19:12:48.0232 0x0fcc mrxsmb10 - ok
19:12:48.0263 0x0fcc [ 5C80D8159181C7ABF1B14BA703B01E0B, 414085AD3C36B8E95D1D49E2958671332DECE38739544CCB70FAB30C408E89A2 ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
19:12:48.0294 0x0fcc mrxsmb20 - ok
19:12:48.0326 0x0fcc [ D420BC42A637AC3CC4F411220549C0DC, D991D19030D29D03BAFA846C095F460F2F31D19793E5582239964F66A837C562 ] msahci C:\Windows\system32\drivers\msahci.sys
19:12:48.0341 0x0fcc msahci - ok
19:12:48.0341 0x0fcc [ 3FC82A2AE4CC149165A94699183D3028, 8575BE62A209672A5D8C68D75BBBB4FF06220CA73A939B0793442DAD2272598C ] msdsm C:\Windows\system32\drivers\msdsm.sys
19:12:48.0372 0x0fcc msdsm - ok
19:12:48.0435 0x0fcc [ FD7520CC3A80C5FC8C48852BB24C6DED, C3F3D7A07FAB9AF38A2A00BF0DF6EEE18CA8FE26277BEC9D8ADB793F2CD5EC1F ] MSDTC C:\Windows\System32\msdtc.exe
19:12:48.0497 0x0fcc MSDTC - ok
19:12:48.0544 0x0fcc [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] Msfs C:\Windows\system32\drivers\Msfs.sys
19:12:48.0575 0x0fcc Msfs - ok
19:12:48.0591 0x0fcc [ 0F400E306F385C56317357D6DEA56F62, C48FA8193787359902D20D869F5F602CD66D3C5D061A58DDB72F51EED433C4BC ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
19:12:48.0591 0x0fcc msisadrv - ok
19:12:48.0638 0x0fcc [ 85466C0757A23D9A9AECDC0755203CB2, 79141B8DF9D7470466872AF03A85C3D3976512BFDBDB8B92A22225DC8EFD70A6 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
19:12:48.0700 0x0fcc MSiSCSI - ok
19:12:48.0716 0x0fcc msiserver - ok
19:12:48.0731 0x0fcc [ D8C63D34D9C9E56C059E24EC7185CC07, D0CBFB8D57E6D908679DC0488ED659CA35B92626DEA890873E165F051A1AD2AE ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
19:12:48.0794 0x0fcc MSKSSRV - ok
19:12:48.0841 0x0fcc [ 1D373C90D62DDB641D50E55B9E78D65E, 1D4897A96EA54D6FAC7916D69B4E88CAE1397C38CC8FAE08554772808476357B ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
19:12:48.0887 0x0fcc MSPCLOCK - ok
19:12:48.0919 0x0fcc [ B572DA05BF4E098D4BBA3A4734FB505B, B7923F204CEADD0F62C2FE4B7CF8C56DAB70F88093B15C5692D0E61490CF4BAA ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
19:12:48.0965 0x0fcc MSPQM - ok
19:12:48.0997 0x0fcc [ B5614AECB05A9340AA0FB55BF561CC63, 8D1B5E958A0F721F5A81AD649CC5759B4DECB771FC4654F4EDEB29AC7DF1BD40 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
19:12:49.0028 0x0fcc MsRPC - ok
19:12:49.0043 0x0fcc [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys
19:12:49.0059 0x0fcc mssmbios - ok
19:12:49.0090 0x0fcc [ 7199C1EEC1E4993CAF96B8C0A26BD58A, DD02DF8ED7AF5BB88BD2A91F38CE4C52432CB8044BDCBC41C320CD22B10B8A3B ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
19:12:49.0137 0x0fcc MSTEE - ok
19:12:49.0153 0x0fcc [ 6DFD1D322DE55B0B7DB7D21B90BEC49C, 95149C41CC9F269C299541A97A9E2E2CCAEE34FE2362EEECD1F813EBC6D4CDC5 ] Mup C:\Windows\system32\Drivers\mup.sys
19:12:49.0168 0x0fcc Mup - ok
19:12:49.0246 0x0fcc [ C43B25863FBD65B6D2A142AF3AE320CA, 88E147751CBECFF31CD65954BC978B86CEA74485EB60DBB25AABAB4601797A4E ] napagent C:\Windows\system32\qagentRT.dll
19:12:49.0293 0x0fcc napagent - ok
19:12:49.0356 0x0fcc [ 3C21CE48FF529BB73DADB98770B54025, B8541E3D2B120B97947AE51B28A99E2623ACAD3790BC282B1251ACBEC7684F8D ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
19:12:49.0371 0x0fcc NativeWifiP - ok
19:12:49.0465 0x0fcc [ 9BDC71790FA08F0A0B5F10462B1BD0B1, 67605C7A0CB4D9F2C4D0A876651DEB92270B54D0231C35A994F9A739C6075BC0 ] NDIS C:\Windows\system32\drivers\ndis.sys
19:12:49.0527 0x0fcc NDIS - ok
19:12:49.0558 0x0fcc [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
19:12:49.0605 0x0fcc NdisTapi - ok
19:12:49.0621 0x0fcc [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
19:12:49.0652 0x0fcc Ndisuio - ok
19:12:49.0683 0x0fcc [ 3D14C3B3496F88890D431E8AA022A411, 9B31451756A35314586F93996172E1039B2CD21132CCBE772B3E61A8D9454A30 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
19:12:49.0714 0x0fcc NdisWan - ok
19:12:49.0746 0x0fcc [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
19:12:49.0777 0x0fcc NDProxy - ok
19:12:49.0824 0x0fcc [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
19:12:49.0855 0x0fcc NetBIOS - ok
19:12:49.0933 0x0fcc [ 7C5FEE5B1C5728507CD96FB4A13E7A02, EDBA08442AD6AF20463A0610FF24D5929574E5EC012495A2C219F6BA84C97F57 ] netbt C:\Windows\system32\DRIVERS\netbt.sys
19:12:49.0980 0x0fcc netbt - ok
19:12:49.0995 0x0fcc [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] Netlogon C:\Windows\system32\lsass.exe
19:12:50.0011 0x0fcc Netlogon - ok
19:12:50.0042 0x0fcc [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] Netman C:\Windows\System32\netman.dll
19:12:50.0105 0x0fcc Netman - ok
19:12:50.0136 0x0fcc [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] netprofm C:\Windows\System32\netprofm.dll
19:12:50.0167 0x0fcc netprofm - ok
19:12:50.0214 0x0fcc [ 0AD5876EF4E9EB77C8F93EB5B2FFF386, 2F23B0979CF2E8DB013D8E58501ACC9265A860FD759E8B741F8FA64F7C2F7756 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe
19:12:50.0245 0x0fcc NetTcpPortSharing - ok
19:12:50.0401 0x0fcc [ 6522DD40A5F67CED020BD81B856613FB, 2242703412FA89B2D6E9A7025D0C14DFC0BFC66890D295BDA839274C313B4BAF ] NETw4v32 C:\Windows\system32\DRIVERS\NETw4v32.sys
19:12:50.0604 0x0fcc NETw4v32 - ok
19:12:50.0666 0x0fcc [ 2E7FB731D4790A1BC6270ACCEFACB36E, EE9A00B694E8A3A5842CDC56C7BA1364317AC8134E046A0059661D057094B1A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys
19:12:50.0698 0x0fcc nfrd960 - ok
19:12:50.0729 0x0fcc [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] NlaSvc C:\Windows\System32\nlasvc.dll
19:12:50.0776 0x0fcc NlaSvc - ok
19:12:50.0822 0x0fcc [ ECB5003F484F9ED6C608D6D6C7886CBB, 45496B84B2FD156499E9F07FC82BC6F032B8F4D9DC194098CF9F5474D5642F9E ] Npfs C:\Windows\system32\drivers\Npfs.sys
19:12:50.0854 0x0fcc Npfs - ok
19:12:50.0885 0x0fcc [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] nsi C:\Windows\system32\nsisvc.dll
19:12:50.0916 0x0fcc nsi - ok
19:12:50.0963 0x0fcc [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
19:12:51.0041 0x0fcc nsiproxy - ok
19:12:51.0119 0x0fcc [ B4EFFE29EB4F15538FD8A9681108492D, 12AF3C19DD2DE7D92EE4C03AD07BAFD77EB8BFF2333E6FBD9CAAA0F654A35F46 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
19:12:51.0228 0x0fcc Ntfs - ok
19:12:51.0275 0x0fcc [ E875C093AEC0C978A90F30C9E0DFBB72, D3A480CD7EF374EFBC1BB831B33B81534774DDDBB0FB338BEE1D444949FD8DE7 ] ntrigdigi C:\Windows\system32\drivers\ntrigdigi.sys
19:12:51.0337 0x0fcc ntrigdigi - ok
19:12:51.0415 0x0fcc [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] Null C:\Windows\system32\drivers\Null.sys
19:12:51.0447 0x0fcc Null - ok
19:12:51.0462 0x0fcc [ E69E946F80C1C31C53003BFBF50CBB7C, A0A4BC57822B2CBC75602A969E28DCEDE04B41CC084E1EF1532B1BCDAEAA43BB ] nvraid C:\Windows\system32\drivers\nvraid.sys
19:12:51.0478 0x0fcc nvraid - ok
19:12:51.0509 0x0fcc [ 9E0BA19A28C498A6D323D065DB76DFFC, EA9E33ED2820ED39932FAE114A9CF1D87780ED6605D0260A6F22F920B48F34E9 ] nvstor C:\Windows\system32\drivers\nvstor.sys
19:12:51.0540 0x0fcc nvstor - ok
19:12:51.0540 0x0fcc [ 055081FD5076401C1EE1BCAB08D81911, E6621F2D24E7E2544AFD249660F2D1026B94698CA841E79B3F1199ACB2203995 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
19:12:51.0556 0x0fcc nv_agp - ok
19:12:51.0571 0x0fcc NwlnkFlt - ok
19:12:51.0571 0x0fcc NwlnkFwd - ok
19:12:51.0618 0x0fcc [ 19CAC780B858822055F46C58A111723C, D91CE501328281B8FEE6943776A145FB3201645B01BA8D1545FFA93A547DE2C7 ] OEM02Dev C:\Windows\system32\DRIVERS\OEM02Dev.sys
19:12:51.0665 0x0fcc OEM02Dev - ok
19:12:51.0712 0x0fcc [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] OEM02Vfx C:\Windows\system32\DRIVERS\OEM02Vfx.sys
19:12:51.0727 0x0fcc OEM02Vfx - ok
19:12:51.0759 0x0fcc [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] ohci1394 C:\Windows\system32\DRIVERS\ohci1394.sys
19:12:51.0821 0x0fcc ohci1394 - ok
19:12:51.0883 0x0fcc [ 7A56CF3E3F12E8AF599963B16F50FB6A, 882C82BAE96D263138D4C0D6C425458B770B7B9C8E9C1D28AC918BF6BE94A5C2 ] ose C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE
19:12:51.0915 0x0fcc ose - ok
19:12:51.0977 0x0fcc [ 257190D58444732B68919C573368B64D, 12E4012A31ED2FBE34BDA9B66F686E42EB3B6C91C1B5D1D8B613249E0599026C ] OXSDIDRV_x32 C:\Windows\system32\DRIVERS\OXSDIDRV_x32.sys
19:12:51.0977 0x0fcc OXSDIDRV_x32 - ok
19:12:52.0024 0x0fcc [ 8F534A8630F6BABA92E14531F96906CD, 2685B8D2535F4BA85D7B2907537291A800D40863F2E1897489F565772574076D ] OXUDIDRV C:\Windows\system32\Drivers\OXUDIDRV_X32.sys
19:12:52.0040 0x0fcc OXUDIDRV - ok
19:12:52.0102 0x0fcc [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2pimsvc C:\Windows\system32\p2psvc.dll
19:12:52.0211 0x0fcc p2pimsvc - ok
19:12:52.0274 0x0fcc [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] p2psvc C:\Windows\system32\p2psvc.dll
19:12:52.0320 0x0fcc p2psvc - ok
19:12:52.0367 0x0fcc [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] Parport C:\Windows\system32\drivers\parport.sys
19:12:52.0430 0x0fcc Parport - ok
19:12:52.0461 0x0fcc [ 3B38467E7C3DAED009DFE359E17F139F, 419BD726E511B3FEFBD8204C9E2BF6131EC05C71D15406070F834688EAFB694F ] partmgr C:\Windows\system32\drivers\partmgr.sys
19:12:52.0492 0x0fcc partmgr - ok
19:12:52.0523 0x0fcc [ 4F9A6A8A31413180D0FCB279AD5D8112, DCE48BC6E3447403521BB9FBF727E629DEE45B69B8AE8CFEE1A67FECAE3CB9D3 ] Parvdm C:\Windows\system32\drivers\parvdm.sys
19:12:52.0586 0x0fcc Parvdm - ok
19:12:52.0617 0x0fcc [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] PcaSvc C:\Windows\System32\pcasvc.dll
19:12:52.0648 0x0fcc PcaSvc - ok
19:12:52.0711 0x0fcc [ 01B94418DEB235DFF777CC80076354B4, 091C4D5954C5CA1F783748C4D7287DD160C5F3357F2CC448DC5C2935B79AC1E9 ] pci C:\Windows\system32\drivers\pci.sys
19:12:52.0742 0x0fcc pci - ok
19:12:52.0757 0x0fcc [ FC175F5DDAB666D7F4D17449A547626F, 7D6108213D1AD3F97A3B83E491BCCC7D6F5BC72C32A182BDDE8736851A26C8D2 ] pciide C:\Windows\system32\drivers\pciide.sys
19:12:52.0773 0x0fcc pciide - ok
19:12:52.0867 0x0fcc [ E6F3FB1B86AA519E7698AD05E58B04E5, 2C4B45DDD3B980C9DAA6F039CAEFCD6E84A4D5BB43AFBA73C0C42B5556C1303C ] pcmcia C:\Windows\system32\drivers\pcmcia.sys
19:12:52.0929 0x0fcc pcmcia - ok
19:12:53.0007 0x0fcc [ 40C611622882C3FCAFEB845C1E12A10F, A4F5790D9976D06822A656DCFDFEF76831A00089F6AC5519429142E6CBBC3EAC ] PDFsFilter C:\Windows\system32\DRIVERS\PDFsFilter.sys
19:12:53.0023 0x0fcc PDFsFilter - ok
19:12:53.0147 0x0fcc [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] PEAUTH C:\Windows\system32\drivers\peauth.sys
19:12:53.0288 0x0fcc PEAUTH - ok
19:12:53.0553 0x0fcc [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] pla C:\Windows\system32\pla.dll
19:12:53.0725 0x0fcc pla - ok
19:12:53.0756 0x0fcc [ 78F975CB6D18265BE6F492EDB2D7BC7B, 112C6FB0A84E605B1EA87F98C8A4C210C9DB84C811029109444AB174011A158C ] PlugPlay C:\Windows\system32\umpnpmgr.dll
19:12:53.0818 0x0fcc PlugPlay - ok
19:12:53.0865 0x0fcc [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPAutoReg C:\Windows\system32\p2psvc.dll
19:12:53.0912 0x0fcc PNRPAutoReg - ok
19:12:54.0021 0x0fcc [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] PNRPsvc C:\Windows\system32\p2psvc.dll
19:12:54.0099 0x0fcc PNRPsvc - ok
19:12:54.0162 0x0fcc [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A, FAE64867CE80439735F88A9988243667BDE84486B5A768B650E55E1519C85C03 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
19:12:54.0240 0x0fcc PolicyAgent - ok
19:12:54.0271 0x0fcc [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
19:12:54.0333 0x0fcc PptpMiniport - ok
19:12:54.0380 0x0fcc [ 0E3CEF5D28B40CF273281D620C50700A, 8ADA99B4563AE2129B95136295EE92A94102B035EBBC83D4C8587ECE8B0DEE60 ] Processor C:\Windows\system32\drivers\processr.sys
19:12:54.0489 0x0fcc Processor - ok
19:12:54.0521 0x0fcc [ B627E4FC8585E8843C5905D4D3587A90, 07D7BC1BF8CDD5E34155B260B914D4A9892D3CEAEACDE334D1AF2A608E1FA2D8 ] ProfSvc C:\Windows\system32\profsvc.dll
19:12:54.0567 0x0fcc ProfSvc - ok
19:12:54.0567 0x0fcc [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] ProtectedStorage C:\Windows\system32\lsass.exe
19:12:54.0583 0x0fcc ProtectedStorage - ok
19:12:54.0645 0x0fcc [ BFEF604508A0ED1EAE2A73E872555FFB, AC817FB5A6126475B4A3CA191AD49651B919FB55429B939D036BC564632E426D ] PSched C:\Windows\system32\DRIVERS\pacer.sys
19:12:54.0677 0x0fcc PSched - ok
19:12:54.0723 0x0fcc [ E42E3433DBB4CFFE8FDD91EAB29AEA8E, 20ABD8372B242FD356AC143E7EB56F93CFEA4988ED1B0C4434CB64C387D7F66C ] PxHelp20 C:\Windows\system32\Drivers\PxHelp20.sys
19:12:54.0755 0x0fcc PxHelp20 - ok
19:12:54.0833 0x0fcc [ CCDAC889326317792480C0A67156A1EC, 3D3B561B6D4E12DE442C98993C929765F002AF5CFB5A00EFACE6ABE957F7E8AF ] ql2300 C:\Windows\system32\drivers\ql2300.sys
19:12:54.0942 0x0fcc ql2300 - ok
19:12:54.0989 0x0fcc [ 81A7E5C076E59995D54BC1ED3A16E60B, A2988F065F93C41B3B389BFF3BB3FD69F768C2AF249C2356F315CC92E5C9E128 ] ql40xx C:\Windows\system32\drivers\ql40xx.sys
19:12:55.0004 0x0fcc ql40xx - ok
19:12:55.0051 0x0fcc [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] QWAVE C:\Windows\system32\qwave.dll
19:12:55.0098 0x0fcc QWAVE - ok
19:12:55.0160 0x0fcc [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
19:12:55.0192 0x0fcc QWAVEdrv - ok
19:12:55.0831 0x0fcc [ E642B131FB74CAF4BB8A014F31113142, 18A81B27FB2DA556AC51DBA8956203A6E821D75B2B09F11049250E732318F573 ] R300 C:\Windows\system32\DRIVERS\atikmdag.sys
19:12:56.0065 0x0fcc R300 - ok
19:12:56.0253 0x0fcc [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] RapiMgr C:\Windows\WindowsMobile\rapimgr.dll
19:12:56.0284 0x0fcc RapiMgr - ok
19:12:56.0331 0x0fcc [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
19:12:56.0362 0x0fcc RasAcd - ok
19:12:56.0393 0x0fcc [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] RasAuto C:\Windows\System32\rasauto.dll
19:12:56.0487 0x0fcc RasAuto - ok
19:12:56.0518 0x0fcc [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
19:12:56.0534 0x0fcc Rasl2tp - ok
19:12:56.0565 0x0fcc [ 6E7C284FC5C4EC07AD164D93810385A6, FDBF80C8DE53E56A3515353129C6912E8CAEC2B2DA9AB3A4B027CB73BDF1EC60 ] RasMan C:\Windows\System32\rasmans.dll
19:12:56.0612 0x0fcc RasMan - ok
19:12:56.0627 0x0fcc [ 3E9D9B048107B40D87B97DF2E48E0744, F7B8DAE57B9372CEB21A912379FC7670B099A9642CF2E7EA8D335ADBD4CF86A2 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
19:12:56.0674 0x0fcc RasPppoe - ok
19:12:56.0705 0x0fcc [ A7D141684E9500AC928A772ED8E6B671, C9329ECA4190EE1F4A6F186D45EA42ACF60C04CDBAFEB19973F3C2DF04A1BCEE ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
19:12:56.0736 0x0fcc RasSstp - ok
19:12:56.0768 0x0fcc [ 6E1C5D0457622F9EE35F683110E93D14, 9C6BE049FDA5E6CBA486EE33F01AADDD6085CC5F1F08409EC439ADE9137D3F5F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
19:12:56.0799 0x0fcc rdbss - ok
19:12:56.0830 0x0fcc [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
19:12:56.0861 0x0fcc RDPCDD - ok
19:12:56.0986 0x0fcc [ 0245418224CFA77BF4B41C2FE0622258, 532A8ABB476A1723FDD25A12EA07C97F2588F24D0AE6F86C0105112A9AECCDB9 ] rdpdr C:\Windows\system32\drivers\rdpdr.sys
19:12:57.0111 0x0fcc rdpdr - ok
19:12:57.0142 0x0fcc [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
19:12:57.0173 0x0fcc RDPENCDD - ok
19:12:57.0205 0x0fcc [ E1C18F4097A5ABCEC941DC4B2F99DB7E, B38AC355042F18A41F83BF088FE7EB867184C7FE37820365314419BD3810BB68 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
19:12:57.0236 0x0fcc RDPWD - ok
19:12:57.0283 0x0fcc [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] RemoteAccess C:\Windows\System32\mprdim.dll
19:12:57.0314 0x0fcc RemoteAccess - ok
19:12:57.0345 0x0fcc [ CC4E32400F3C7253400CF8F3F3A0B676, D2A874BE3D365260AD7C10C30F2DE22F818CBFC12D65AADE2203B9ED02C9BEB5 ] RemoteRegistry C:\Windows\system32\regsvc.dll
19:12:57.0376 0x0fcc RemoteRegistry - ok
19:12:57.0423 0x0fcc [ 34CC78C06587718C2AD6D3AA83B1F072, 35973BBFF7C6119287B4C3C47A54C626A8623C9F18062597AD7D3ADDF0094ED8 ] RFCOMM C:\Windows\system32\DRIVERS\rfcomm.sys
19:12:57.0470 0x0fcc RFCOMM - ok
19:12:57.0517 0x0fcc [ EA885E7A56F1BE1F14C372337C42FE48, 2C6F0FCB95D4A04E9BC26765B1EB856D3D40811F8B0D090C0E8AB571FF4D1C7A ] rimmptsk C:\Windows\system32\DRIVERS\rimmptsk.sys
19:12:57.0548 0x0fcc rimmptsk - ok
19:12:57.0610 0x0fcc [ D7E09BC852684A7B1FC0F74FE090D45A, 97D6ABCDA50C4FC5BE8B5532FF013EC9AF4AA098D7EB450EB1C3A358BD8E6B2D ] rimsptsk C:\Windows\system32\DRIVERS\rimsptsk.sys
19:12:57.0626 0x0fcc rimsptsk - ok
19:12:57.0704 0x0fcc [ B0A7494A9BA7909EFAC64E05D3F160DB, 3B2C362F70C53CF12DD36C1888292FB5C9E05CB711B30B22C1FBE330C5E635BE ] rismxdp C:\Windows\system32\DRIVERS\rixdptsk.sys
19:12:57.0720 0x0fcc rismxdp - ok
19:12:57.0782 0x0fcc [ FDEB76BED9C0A75329CA426623297158, 83B79222569FA0B77C59A41E4F6065740F48EFAD1EFEFF76F258FB995E27DCF6 ] RMCAST C:\Windows\system32\DRIVERS\RMCAST.sys
19:12:57.0813 0x0fcc RMCAST - ok
19:12:58.0016 0x0fcc [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ] RoxMediaDB9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
19:12:58.0110 0x0fcc RoxMediaDB9 - detected UnsignedFile.Multi.Generic ( 1 )
19:12:58.0328 0x0fcc Detect skipped due to KSN trusted
19:12:58.0328 0x0fcc RoxMediaDB9 - ok
19:12:58.0375 0x0fcc [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] RoxWatch9 C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
19:12:58.0469 0x0fcc RoxWatch9 - detected UnsignedFile.Multi.Generic ( 1 )
19:12:58.0687 0x0fcc Detect skipped due to KSN trusted
19:12:58.0687 0x0fcc RoxWatch9 - ok
19:12:58.0718 0x0fcc [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] RpcLocator C:\Windows\system32\locator.exe
19:12:58.0765 0x0fcc RpcLocator - ok
19:12:58.0796 0x0fcc [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] RpcSs C:\Windows\system32\rpcss.dll
19:12:58.0827 0x0fcc RpcSs - ok
19:12:58.0859 0x0fcc [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
19:12:58.0890 0x0fcc rspndr - ok
19:12:58.0937 0x0fcc [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] SamSs C:\Windows\system32\lsass.exe
19:12:58.0952 0x0fcc SamSs - ok
19:12:58.0999 0x0fcc [ 3CE8F073A557E172B330109436984E30, CEC281C6076FAA1E34372CF419C6308E73811316606B8D0D9055B7D8952BDC88 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
19:12:59.0015 0x0fcc sbp2port - ok
19:12:59.0046 0x0fcc [ 11387E32642269C7E62E8B52C060B3C6, 6225FA14CBDC1D30F2E4CDC2059773DA49C67BE2C00A1DE582E8E07717F20425 ] SCardSvr C:\Windows\System32\SCardSvr.dll
19:12:59.0093 0x0fcc SCardSvr - ok
19:12:59.0171 0x0fcc [ 7B587B8A6D4A99F79D2902D0385F29BD, C29F2EE25F7B11E1821832CB7F4F8506C2AB20804D6702CC5EAF5BA1F3FCA972 ] Schedule C:\Windows\system32\schedsvc.dll
19:12:59.0264 0x0fcc Schedule - ok
19:12:59.0296 0x0fcc [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] SCPolicySvc C:\Windows\System32\certprop.dll
19:12:59.0327 0x0fcc SCPolicySvc - ok
19:12:59.0358 0x0fcc [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] sdbus C:\Windows\system32\DRIVERS\sdbus.sys
19:12:59.0389 0x0fcc sdbus - ok
19:12:59.0420 0x0fcc [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] SDRSVC C:\Windows\System32\SDRSVC.dll
19:12:59.0452 0x0fcc SDRSVC - ok
19:12:59.0483 0x0fcc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] secdrv C:\Windows\system32\drivers\secdrv.sys
19:12:59.0530 0x0fcc secdrv - ok
19:12:59.0545 0x0fcc [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] seclogon C:\Windows\system32\seclogon.dll
19:12:59.0561 0x0fcc seclogon - ok
19:12:59.0592 0x0fcc [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] SENS C:\Windows\system32\sens.dll
19:12:59.0639 0x0fcc SENS - ok
19:12:59.0670 0x0fcc [ 68E44E331D46F0FB38F0863A84CD1A31, 0778D85B6869CE2610820DC9724360538BFE832426E898AEBC34E53D2AB4322B ] Serenum C:\Windows\system32\drivers\serenum.sys
19:12:59.0717 0x0fcc Serenum - ok
19:12:59.0733 0x0fcc [ C70D69A918B178D3C3B06339B40C2E1B, 40BEEECA4C797A3355F4B01C57C2763C33028F27826315062320789A496D0810 ] Serial C:\Windows\system32\drivers\serial.sys
19:12:59.0795 0x0fcc Serial - ok
19:12:59.0811 0x0fcc [ 8AF3D28A879BF75DB53A0EE7A4289624, C870BEBB969DCD9170E64584D1CD329A193D9FC812A45EF3574891110CA68B45 ] sermouse C:\Windows\system32\drivers\sermouse.sys
19:12:59.0842 0x0fcc sermouse - ok
19:12:59.0873 0x0fcc [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] SessionEnv C:\Windows\system32\sessenv.dll
19:12:59.0904 0x0fcc SessionEnv - ok
19:12:59.0935 0x0fcc [ 51CF56AA8BCC241F134B420B8F850406, 41DA7438039C791C35BDA5BD255D2CCFA85E5250325FAE4D5A4182AD819E71F1 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
19:12:59.0967 0x0fcc sffdisk - ok
19:12:59.0967 0x0fcc [ 96DED8B20C734AC41641CE275250E55D, E88317D0B31A98917AD30AD9F8CF6B59C1141FFBF7A150D8675A29B95FF150F3 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
19:12:59.0998 0x0fcc sffp_mmc - ok
19:13:00.0013 0x0fcc [ 8B08CAB1267B2C377883FC9E56981F90, 4444AC438E805129103FAA48F22D0D6893AC5BD8FCA2A6D4DA51EBD8C75B7529 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
19:13:00.0029 0x0fcc sffp_sd - ok
19:13:00.0045 0x0fcc [ 46ED8E91793B2E6F848015445A0AC188, 34A97304F23EA153422848F6F1CAF8ADF0944EA781E12F027B6DEAF751A04B5D ] sfloppy C:\Windows\system32\drivers\sfloppy.sys
19:13:00.0091 0x0fcc sfloppy - ok
19:13:00.0138 0x0fcc [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] SharedAccess C:\Windows\System32\ipnathlp.dll
19:13:00.0201 0x0fcc SharedAccess - ok
19:13:00.0232 0x0fcc [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] ShellHWDetection C:\Windows\System32\shsvcs.dll
19:13:00.0294 0x0fcc ShellHWDetection - ok
19:13:00.0326 0x0fcc [ 08072B2FB92477FC813271A84B3A8698, A97ABDEB5E37F7B50DD6168FAAD524BE82418FC7818BB667C10951408FB6EB70 ] sisagp C:\Windows\system32\drivers\sisagp.sys
19:13:00.0341 0x0fcc sisagp - ok
19:13:00.0357 0x0fcc [ CEDD6F4E7D84E9F98B34B3FE988373AA, E102977E6FAC30B5ABEEC0B412A9F2A10C5C42F4D9C3AD69296BF9E1E88B6141 ] SiSRaid2 C:\Windows\system32\drivers\sisraid2.sys
19:13:00.0372 0x0fcc SiSRaid2 - ok
19:13:00.0388 0x0fcc [ DF843C528C4F69D12CE41CE462E973A7, A2BEC74FCB8D8B6B9D8DD4746C013DFDF1DD662AEFE9B88CA495E5B83B4A76F9 ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys
19:13:00.0388 0x0fcc SiSRaid4 - ok
19:13:00.0731 0x0fcc [ D0776778A9FC5E37F2E9EB21FC8A9709, 37FA45B666DE664FDA378AA755F2FC9E1DF4674651EEE451253D99C04488CCD9 ] Skype C2C Service C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe
19:13:01.0059 0x0fcc Skype C2C Service - ok
19:13:01.0199 0x0fcc [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] SkypeUpdate C:\Program Files\Skype\Updater\Updater.exe
19:13:01.0231 0x0fcc SkypeUpdate - ok
19:13:01.0387 0x0fcc [ 0BA91E1358AD25236863039BB2609A2E, ECB3C8E3D9C6FA77C0CF5A898FB90BB9474C6EFBE3698B56C93ECE44535EDACE ] slsvc C:\Windows\system32\SLsvc.exe
19:13:01.0683 0x0fcc slsvc - ok
19:13:01.0761 0x0fcc [ 7C6DC44CA0BFA6291629AB764200D1D4, 747CDA89C6F94F8314E5E5C425387ABDF9FF8528D82422F8FF66D96307B47B13 ] SLUINotify C:\Windows\system32\SLUINotify.dll
19:13:01.0808 0x0fcc SLUINotify - ok
19:13:01.0839 0x0fcc [ 031E6BCD53C9B2B9ACE111EAFEC347B6, B934129BD77CA6A1434C59EA82B5E93FD4089608E0E41242B6E68070A0F33FB8 ] Smb C:\Windows\system32\DRIVERS\smb.sys
19:13:01.0870 0x0fcc Smb - ok
19:13:01.0917 0x0fcc [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] SNMPTRAP C:\Windows\System32\snmptrap.exe
19:13:01.0948 0x0fcc SNMPTRAP - ok
19:13:01.0995 0x0fcc [ 7AEBDEEF071FE28B0EEF2CDD69102BFF, E03BEE733F4C2A5F39946D4955679A290E22758DFCE4222EE69ABF64FC54EDF7 ] spldr C:\Windows\system32\drivers\spldr.sys
19:13:01.0995 0x0fcc spldr - ok
19:13:02.0058 0x0fcc [ 3665F79026A3F91FBCA63F2C65A09B19, A9AAE9B4006B5BC6EF4A7AB4CAB131687E4055E7C56900BBD24F78BA155C458A ] Spooler C:\Windows\System32\spoolsv.exe
19:13:02.0120 0x0fcc Spooler - ok
19:13:02.0182 0x0fcc [ 2252AEF839B1093D16761189F45AF885, D7B79E1B9CD73EDEA855DBE120ED470CC0F67D1AA44038E6051A4C5BCE361DE3 ] srv C:\Windows\system32\DRIVERS\srv.sys
19:13:02.0198 0x0fcc srv - ok
19:13:02.0245 0x0fcc [ B7FF59408034119476B00A81BB53D5D1, 365D8E719D729D56082F5A6EEB65B31EB5DB5D15A5346D05E7130F41F2F97D46 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
19:13:02.0260 0x0fcc srv2 - ok
19:13:02.0307 0x0fcc [ 2ACCC9B12AF02030F531E6CCA6F8B76E, D1BA17C7BFE02347824DEEB1B7362FD251769ECB92B14EB3C600C85AB7E04D1B ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
19:13:02.0338 0x0fcc srvnet - ok
19:13:02.0385 0x0fcc [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
19:13:02.0432 0x0fcc SSDPSRV - ok
19:13:02.0495 0x0fcc [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] SstpSvc C:\Windows\system32\sstpsvc.dll
19:13:02.0557 0x0fcc SstpSvc - ok
19:13:02.0588 0x0fcc [ 799AA3E04879B3FED31ECEA02B1CAA9A, EECEE3F666EE3722B5655E596CF4128303AD6CA3C5B45C3501B4D1D2CEC9FD75 ] STacSV C:\Windows\system32\STacSV.exe
19:13:02.0619 0x0fcc STacSV - ok
19:13:02.0635 0x0fcc [ 5AF135B2E2097D4494B9067CE84E2665, E7517C43BB81B6AE017172BA5389F6B0FC17CF9E60AAB3453A6D80A087C86592 ] STHDA C:\Windows\system32\drivers\stwrt.sys
19:13:02.0666 0x0fcc STHDA - ok
19:13:02.0713 0x0fcc [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] StillCam C:\Windows\system32\DRIVERS\serscan.sys
19:13:02.0744 0x0fcc StillCam - ok
19:13:02.0807 0x0fcc [ 7DD08A597BC56051F320DA0BAF69E389, ACC59CF80765248705FFCE65DC9B5D072DC054F08C02FB4D16BA0E84D8BED0A4 ] stisvc C:\Windows\System32\wiaservc.dll
19:13:02.0853 0x0fcc stisvc - ok
19:13:02.0916 0x0fcc [ 51778FD315C9882F1CBD932743E62A72, 5127292970ABC2966723CC5535DD547C77AAC132AAA849BCBD90D0F00EDD08C0 ] stllssvr C:\Program Files\Common Files\SureThing Shared\stllssvr.exe
19:13:02.0931 0x0fcc stllssvr - detected UnsignedFile.Multi.Generic ( 1 )
19:13:03.0134 0x0fcc Detect skipped due to KSN trusted
19:13:03.0134 0x0fcc stllssvr - ok
19:13:03.0166 0x0fcc [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] swenum C:\Windows\system32\DRIVERS\swenum.sys
19:13:03.0197 0x0fcc swenum - ok
19:13:03.0259 0x0fcc [ B36C7CDB86F7F7A8E884479219766950, F3EA381A84CD6950BF71A56E9ABAD5010F226C5254CB936699A38BA4C85F7367 ] swprv C:\Windows\System32\swprv.dll
19:13:03.0306 0x0fcc swprv - ok
19:13:03.0337 0x0fcc [ 192AA3AC01DF071B541094F251DEED10, 5C6EB56D1C39F3717EB754A1B37C8A618BA4F2107F64048E985D71FA04D1AD05 ] Symc8xx C:\Windows\system32\drivers\symc8xx.sys
19:13:03.0353 0x0fcc Symc8xx - ok
19:13:03.0384 0x0fcc [ 8C8EB8C76736EBAF3B13B633B2E64125, A6C4845DDED81CCF4947612A4D6E42035136025BCD80812D2FF396927CAADEC5 ] Sym_hi C:\Windows\system32\drivers\sym_hi.sys
19:13:03.0400 0x0fcc Sym_hi - ok
19:13:03.0400 0x0fcc [ 8072AF52B5FD103BBBA387A1E49F62CB, D336A7D008D145619E79043EBF5D0D455086BA1FEF89612BC2EA11CC363D82B0 ] Sym_u3 C:\Windows\system32\drivers\sym_u3.sys
19:13:03.0415 0x0fcc Sym_u3 - ok
19:13:03.0478 0x0fcc [ DD17B63F26430E179EF6BDEF5AC735BD, EA736CBD7001891F1823B8626964AC37952A86DEC1022EDE913259E8B1FA1D1F ] SynTP C:\Windows\system32\DRIVERS\SynTP.sys
19:13:03.0493 0x0fcc SynTP - ok
19:13:03.0556 0x0fcc [ 8710A92D0024B03B5FB9540DF1F71F1D, B72A968A7966DC16A1D69A8D53012A4307EEBDC4CB8E1D9C93BFB88D996E490F ] SysMain C:\Windows\system32\sysmain.dll
19:13:03.0618 0x0fcc SysMain - ok
19:13:03.0665 0x0fcc [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] TabletInputService C:\Windows\System32\TabSvc.dll
19:13:03.0680 0x0fcc TabletInputService - ok
19:13:03.0727 0x0fcc [ 680916BB09EE0F3A6ACA7C274B0D633F, 008B6EE41FA4D371258F0A656AE96B3E3F487BE5B9E0654B920013B4F1C0DFD8 ] TapiSrv C:\Windows\System32\tapisrv.dll
19:13:03.0758 0x0fcc TapiSrv - ok
19:13:03.0805 0x0fcc [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] TBS C:\Windows\System32\tbssvc.dll
19:13:03.0837 0x0fcc TBS - ok
19:13:03.0899 0x0fcc [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip C:\Windows\system32\drivers\tcpip.sys
19:13:03.0961 0x0fcc Tcpip - ok
19:13:04.0039 0x0fcc [ 782568AB6A43160A159B6215B70BCCE9, 11FDD484743985D2F41098C191926BFE8010D4E432CA20CCEB6219B514F9838A ] Tcpip6 C:\Windows\system32\DRIVERS\tcpip.sys
19:13:04.0086 0x0fcc Tcpip6 - ok
19:13:04.0133 0x0fcc [ D4A2E4A4B011F3A883AF77315A5AE76B, 29E18087236A592638570F76691BC5C64CCA383F43EE22DF122413860E2D882C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
19:13:04.0195 0x0fcc tcpipreg - ok
19:13:04.0258 0x0fcc [ 5DCF5E267BE67A1AE926F2DF77FBCC56, E00C0A03AEE579B51B39930A72F39F4EFFE7CDA37187B0AE90F4E001AD15473B ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
19:13:04.0305 0x0fcc TDPIPE - ok
19:13:04.0336 0x0fcc [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
19:13:04.0383 0x0fcc TDTCP - ok
19:13:04.0414 0x0fcc [ D09276B1FAB033CE1D40DCBDF303D10F, 2CB47CB522B4E1C091DE30AF0EB4E21D321C42D2A5BA9647CBD078652680D8FF ] tdx C:\Windows\system32\DRIVERS\tdx.sys
19:13:04.0445 0x0fcc tdx - ok
19:13:04.0461 0x0fcc [ A048056F5E1A96A9BF3071B91741A5AA, CFDE51D106A6CC4A5638BCD458505F5831636D2203F7C949273BDA446AC7C5F3 ] TermDD C:\Windows\system32\DRIVERS\termdd.sys
19:13:04.0476 0x0fcc TermDD - ok
19:13:04.0523 0x0fcc [ D605031E225AACCBCEB5B76A4F1603A6, 27D78644CADBC11C3AB5E0C10F854FD43BCD43B6E91C1ED1F6D35BC501147701 ] TermService C:\Windows\System32\termsrv.dll
19:13:04.0586 0x0fcc TermService - ok
19:13:04.0632 0x0fcc [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] Themes C:\Windows\system32\shsvcs.dll
19:13:04.0648 0x0fcc Themes - ok
19:13:04.0664 0x0fcc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] THREADORDER C:\Windows\system32\mmcss.dll
19:13:04.0695 0x0fcc THREADORDER - ok
19:13:04.0742 0x0fcc [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] TrkWks C:\Windows\System32\trkwks.dll
19:13:04.0788 0x0fcc TrkWks - ok
19:13:04.0835 0x0fcc [ 16613A1BAD034D4ECF957AF18B7C2FF5, 75499618187ED4385984F608D134BB298A4CCB339F70B31E4A8B2CF3E3558396 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
19:13:04.0851 0x0fcc TrustedInstaller - ok
19:13:04.0882 0x0fcc [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
19:13:04.0913 0x0fcc tssecsrv - ok
19:13:04.0944 0x0fcc [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] tunmp C:\Windows\system32\DRIVERS\tunmp.sys
19:13:04.0976 0x0fcc tunmp - ok
19:13:05.0022 0x0fcc [ 6042505FF6FA9AC1EF7684D0E03B6940, D09CF14A6C0C760238792DDA4ECB6FBB6CA645BB91BD62585EBD050226BDB5A7 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
19:13:05.0038 0x0fcc tunnel - ok
19:13:05.0085 0x0fcc uafilter - ok
19:13:05.0100 0x0fcc [ C3ADE15414120033A36C0F293D4A4121, 74A002C4B5EBD94E33EDEACB6639AF44ED72A8DDE3083C6DE71C1EE937EF1A9C ] uagp35 C:\Windows\system32\drivers\uagp35.sys
19:13:05.0116 0x0fcc uagp35 - ok
19:13:05.0147 0x0fcc [ 8B5088058FA1D1CD897A2113CCFF6C58, 1616EDB66C3E2DA7B09EA4FE46A3FC7087D6201F2195D76118A93B0B065D1623 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
19:13:05.0194 0x0fcc udfs - ok
19:13:05.0225 0x0fcc [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
19:13:05.0272 0x0fcc UI0Detect - ok
19:13:05.0288 0x0fcc [ 6D72EF05921ABDF59FC45C7EBFE7E8DD, 9102CB4B5E8B858B61DE1508C6A00D75584741891899966258E510173DBF7BB9 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
19:13:05.0288 0x0fcc uliagpkx - ok
19:13:05.0319 0x0fcc [ 3CD4EA35A6221B85DCC25DAA46313F8D, 100A7E12B8EA395F70A00874328E87B930CE88FF442F3576FE88B105A22E04C5 ] uliahci C:\Windows\system32\drivers\uliahci.sys
19:13:05.0335 0x0fcc uliahci - ok
19:13:05.0350 0x0fcc [ 8514D0E5CD0534467C5FC61BE94A569F, A6EFB967044F88335469DB3351587E31CEC659BB6A7D8ED45C68329232C31BB9 ] UlSata C:\Windows\system32\drivers\ulsata.sys
19:13:05.0366 0x0fcc UlSata - ok
19:13:05.0381 0x0fcc [ 38C3C6E62B157A6BC46594FADA45C62B, 44F87DC955CB4E35E0EB4C8B4E931472B33D97FE000C22370A06AD5EDCEFD0BA ] ulsata2 C:\Windows\system32\drivers\ulsata2.sys
19:13:05.0397 0x0fcc ulsata2 - ok
19:13:05.0444 0x0fcc [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] umbus C:\Windows\system32\DRIVERS\umbus.sys
19:13:05.0475 0x0fcc umbus - ok
19:13:05.0506 0x0fcc [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] upnphost C:\Windows\System32\upnphost.dll
19:13:05.0553 0x0fcc upnphost - ok
19:13:05.0553 0x0fcc USBAAPL - ok
19:13:05.0584 0x0fcc [ 292A25BB75A568AE2C67169BA2C6365A, EE8B50DD446ECDEBC8B27D015FA9DE18F918ABBA8CF277B799D71CC9D79842FC ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
19:13:05.0662 0x0fcc usbaudio - ok
19:13:05.0678 0x0fcc [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
19:13:05.0709 0x0fcc usbccgp - ok
19:13:05.0740 0x0fcc [ E9476E6C486E76BC4898074768FB7131, D14B8F69A511DC1F990A9C123C18689AFE59659BA8130D248D8D03E9BD2143B6 ] usbcir C:\Windows\system32\drivers\usbcir.sys
19:13:05.0787 0x0fcc usbcir - ok
19:13:05.0834 0x0fcc [ CEBE90821810E76320155BEBA722FCF9, AD27B032520BE2A45690DD1AFDDA632B934AB7F815CD313B19CD692790C761D8 ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
19:13:05.0865 0x0fcc usbehci - ok
19:13:05.0896 0x0fcc [ CC6B28E4CE39951357963119CE47B143, 0BC653B51A33709AADD8B5A2B8102DBCB3C1EE14BDDF4C58813FDCA43FF7C1B2 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
19:13:05.0943 0x0fcc usbhub - ok
19:13:05.0943 0x0fcc [ 38DBC7DD6CC5A72011F187425384388B, 456CFCD190035C3033709C8DC0F6DC4352BBF751D57C0C52DD04F8C301FEBACD ] usbohci C:\Windows\system32\drivers\usbohci.sys
19:13:05.0990 0x0fcc usbohci - ok
19:13:06.0021 0x0fcc [ E75C4B5269091D15A2E7DC0B6D35F2F5, B0A4141B69B66276890836DE98EB8BC790D35CE59FA503060593E8CC12AA106B ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
19:13:06.0052 0x0fcc usbprint - ok
19:13:06.0099 0x0fcc [ A508C9BD8724980512136B039BBA65E9, B39B72471C468AC997AEC528599EDC98A031F5A7EB91C4F9471402D48D2D4E3E ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
19:13:06.0115 0x0fcc usbscan - ok
19:13:06.0193 0x0fcc [ 87BA6B83C5D19B69160968D07D6E2982, 9E039DF4BBE53CA22A0ACE486B9867F99FFFE086CCAF6A83BD78770E4631F3F8 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
19:13:06.0224 0x0fcc USBSTOR - ok
19:13:06.0271 0x0fcc [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] usbuhci C:\Windows\system32\DRIVERS\usbuhci.sys
19:13:06.0302 0x0fcc usbuhci - ok
19:13:06.0349 0x0fcc [ 032A0ACC3909AE7215D524E29D536797, 51E36ED5953C0880BE508837181925A0F677842E8A5BA98099700E6ED691A783 ] UxSms C:\Windows\System32\uxsms.dll
19:13:06.0380 0x0fcc UxSms - ok
19:13:06.0427 0x0fcc [ B13BC395B9D6116628F5AF47E0802AC4, 36E023A07E56588A8C26EF95E4F99303659E4783E0D9E8AEF193CA77A7AF91BA ] vds C:\Windows\System32\vds.exe
19:13:06.0583 0x0fcc vds - ok
19:13:06.0630 0x0fcc [ 7D92BE0028ECDEDEC74617009084B5EF, D0749CE6FA3415BA4364299F8D6D53F133E8D2F44C6F1057996243415A540A53 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
19:13:06.0677 0x0fcc vga - ok
19:13:06.0739 0x0fcc [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] VgaSave C:\Windows\System32\drivers\vga.sys
19:13:06.0801 0x0fcc VgaSave - ok
19:13:06.0864 0x0fcc [ D5929A28BDFF4367A12CAF06AF901971, DE2A60A9EE1ABACEE6221E4AD5D4AA4CBA12FED448EB36CA3B7A9A5F09A8DC8C ] viaagp C:\Windows\system32\drivers\viaagp.sys
19:13:06.0879 0x0fcc viaagp - ok
19:13:06.0895 0x0fcc [ 56A4DE5F02F2E88182B0981119B4DD98, 36FC94BCFD41907838DBCB02E6EA24065FDED4224239CD19E90D14433BE9108B ] ViaC7 C:\Windows\system32\drivers\viac7.sys
19:13:06.0942 0x0fcc ViaC7 - ok
19:13:06.0942 0x0fcc [ F3B4762EB85A2AFF4999401F14C3262B, 462B3A61AE82307292C8C75041514789AD2D1E3CF31A8A35E39A19989FD394C3 ] viaide C:\Windows\system32\drivers\viaide.sys
19:13:06.0989 0x0fcc viaide - ok
19:13:07.0020 0x0fcc [ 69503668AC66C77C6CD7AF86FBDF8C43, 2CE407674A58313737073F02B9A617460BBA84B36C3A16D98AE5ED45279F5006 ] volmgr C:\Windows\system32\drivers\volmgr.sys
19:13:07.0035 0x0fcc volmgr - ok
19:13:07.0067 0x0fcc [ 98F5FFE6316BD74E9E2C97206C190196, CA9FA0EE5515D26F9406FF95F728E7F2CC29A8B7C97BC69FC2E95BBC60A2D261 ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
19:13:07.0082 0x0fcc volmgrx - ok
19:13:07.0160 0x0fcc [ D8B4A53DD2769F226B3EB374374987C9, 49314B3E53FBF40A60E272C5B3B79FD1EFABFE1215DA5B030571B4DDF5592896 ] volsnap C:\Windows\system32\drivers\volsnap.sys
19:13:07.0176 0x0fcc volsnap - ok
19:13:07.0238 0x0fcc [ D984439746D42B30FC65A4C3546C6829, B134A9890638C2B4964A9C30812A2828A3E0CC641690CBF22D9FCE65EE3C2385 ] vsmraid C:\Windows\system32\drivers\vsmraid.sys
19:13:07.0301 0x0fcc vsmraid - ok
19:13:07.0535 0x0fcc [ D5FB73D19C46ADE183F968E13F186B23, D35432BE4FF462FCEA958CF646D5572B6D78058BC2F1F324C9F50A0B14B02259 ] VSS C:\Windows\system32\vssvc.exe
19:13:07.0675 0x0fcc VSS - ok
19:13:07.0753 0x0fcc [ 1CF9206966A8458CDA9A8B20DF8AB7D3, 405D5FE96DA7ED03D4124EF6C692F80E88E5982B90DF46E353E94FFF576A5570 ] W32Time C:\Windows\system32\w32time.dll
19:13:07.0831 0x0fcc W32Time - ok
19:13:07.0862 0x0fcc [ 48DFEE8F1AF7C8235D4E626F0C4FE031, A41D05BC0DA3C476C32E0A4DAF015DF7BADF28A03CE236D5596885FF1772F148 ] WacomPen C:\Windows\system32\drivers\wacompen.sys
19:13:07.0941 0x0fcc WacomPen - ok
19:13:08.0003 0x0fcc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarp C:\Windows\system32\DRIVERS\wanarp.sys
19:13:08.0034 0x0fcc Wanarp - ok
19:13:08.0034 0x0fcc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
19:13:08.0065 0x0fcc Wanarpv6 - ok
19:13:08.0159 0x0fcc [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] WcesComm C:\Windows\WindowsMobile\wcescomm.dll
19:13:08.0190 0x0fcc WcesComm - ok
19:13:08.0346 0x0fcc [ F3A5C2E1A6533192B070D06ECF6BE796, CBA11D9E60A04A0B82C6934A53EA859513CD476FF047DD3D59727B10CE7DB2DA ] wcncsvc C:\Windows\System32\wcncsvc.dll
19:13:08.0440 0x0fcc wcncsvc - ok
19:13:08.0471 0x0fcc [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
19:13:08.0518 0x0fcc WcsPlugInService - ok
19:13:08.0565 0x0fcc [ AFC5AD65B991C1E205CF25CFDBF7A6F4, 544173AE85A11B99B9221DB30B6803DAEB3EB7FCA57FE62F0D13EF70B9C69A89 ] Wd C:\Windows\system32\drivers\wd.sys
19:13:08.0580 0x0fcc Wd - ok
19:13:08.0768 0x0fcc [ B6F0A7AD6D4BD325FBCD8BAC96CD8D96, 6A6EFFDB538DE1E201058A00F3E056F1256E92EED943FBFBCE28E54BE751E33D ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
19:13:08.0861 0x0fcc Wdf01000 - ok
19:13:08.0877 0x0fcc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiServiceHost C:\Windows\system32\wdi.dll
19:13:08.0924 0x0fcc WdiServiceHost - ok
19:13:08.0924 0x0fcc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] WdiSystemHost C:\Windows\system32\wdi.dll
19:13:08.0955 0x0fcc WdiSystemHost - ok
19:13:09.0064 0x0fcc [ CF9A5F41789B642DB967021DE06A2713, A541F9D87CBDE2A4E48C5D5363736EF603B2701741D3044232474F179884AD7B ] WebClient C:\Windows\System32\webclnt.dll
19:13:09.0111 0x0fcc WebClient - ok
19:13:09.0126 0x0fcc [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] Wecsvc C:\Windows\system32\wecsvc.dll
19:13:09.0158 0x0fcc Wecsvc - ok
19:13:09.0173 0x0fcc [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] wercplsupport C:\Windows\System32\wercplsupport.dll
19:13:09.0204 0x0fcc wercplsupport - ok
19:13:09.0251 0x0fcc [ FD1965AAA112C6818A30AB02742D0461, 6779D836934412907390DC85FA2A8C3BB1CC31FD4151830275B773FD13CFFBC2 ] WerSvc C:\Windows\System32\WerSvc.dll
19:13:09.0298 0x0fcc WerSvc - ok
19:13:09.0361 0x0fcc [ 4DACA8F07537D4D7E3534BB99294AA26, 8418B5A83D945FF1827C5B19A57BE7FFE1FD523C6795B0ACE88E4A906C82BA2C ] winachsf C:\Windows\system32\DRIVERS\HSX_CNXT.sys
19:13:09.0423 0x0fcc winachsf - ok
19:13:09.0595 0x0fcc [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ]
Holsten87
2014-07-24, 20:21
WinDefend C:\Program Files\Windows Defender\mpsvc.dll
19:13:09.0641 0x0fcc WinDefend - ok
19:13:09.0657 0x0fcc WinHttpAutoProxySvc - ok
19:13:09.0938 0x0fcc [ 00B79A7C984678F24CF052E5BEB3A2F5, 4D8E4394C926D2B1C71613D309F2D62A663B0ADB73A036F5E9E7D1AFF605CA2A ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
19:13:10.0016 0x0fcc Winmgmt - ok
19:13:10.0437 0x0fcc [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] WinRM C:\Windows\system32\WsmSvc.dll
19:13:10.0562 0x0fcc WinRM - ok
19:13:10.0734 0x0fcc [ 275F4346E569DF56CFB95243BD6F6FF0, 9C85246BF99119DBD6E0B5D38F96B8BC00F3C87618D17BC0E0A063A0D9A03440 ] Wlansvc C:\Windows\System32\wlansvc.dll
19:13:10.0890 0x0fcc Wlansvc - ok
19:13:10.0921 0x0fcc [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] WmiAcpi C:\Windows\system32\DRIVERS\wmiacpi.sys
19:13:10.0952 0x0fcc WmiAcpi - ok
19:13:11.0061 0x0fcc [ ABA4CF9F856D9A3A25F4DDD7690A6E9D, 07C1DAF3DA3CDA84FBE4C7576372115FCAAAAFC332F252C03625E53C7F3C6EE5 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
19:13:11.0093 0x0fcc wmiApSrv - ok
19:13:11.0483 0x0fcc [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ] WMPNetworkSvc C:\Program Files\Windows Media Player\wmpnetwk.exe
19:13:11.0623 0x0fcc WMPNetworkSvc - ok
19:13:11.0670 0x0fcc [ 5D94CD167751294962BA238D82DD1BB8, 62C7A31706F1C33A2C1C68006191AEE85A98885D23EC582EF2F88AAF604AC9A7 ] WPCSvc C:\Windows\System32\wpcsvc.dll
19:13:11.0748 0x0fcc WPCSvc - ok
19:13:11.0764 0x0fcc [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
19:13:11.0795 0x0fcc WPDBusEnum - ok
19:13:11.0873 0x0fcc [ 0CEC23084B51B8288099EB710224E955, E1AAB1E08E1745313D0A149A645AA878148D2DBE5CCC23C4ECCFC5003945C22B ] WpdUsb C:\Windows\system32\DRIVERS\wpdusb.sys
19:13:11.0920 0x0fcc WpdUsb - ok
19:13:12.0201 0x0fcc [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] WPFFontCache_v0400 C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:13:12.0263 0x0fcc WPFFontCache_v0400 - ok
19:13:12.0310 0x0fcc [ E3A3CB253C0EC2494D4A61F5E43A389C, 10BA8B102E31B961819E524FCA5FA817B588EC77FB26B4E176D0A5CFF11EDF79 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
19:13:12.0341 0x0fcc ws2ifsl - ok
19:13:12.0372 0x0fcc [ 683DD16B590372F2C9661D277F35E49C, 29D86389D95256EEF37BA01D403494385015D926E851A39EC7948FF6EF4E8481 ] wscsvc C:\Windows\System32\wscsvc.dll
19:13:12.0388 0x0fcc wscsvc - ok
19:13:12.0388 0x0fcc WSearch - ok
19:13:13.0059 0x0fcc [ 6298277B73C77FA99106B271A7525163, 9E076697F025167B57D8D66ED0862B184D70324E058BFA36E42D0C6728720B31 ] wuauserv C:\Windows\system32\wuaueng.dll
19:13:13.0152 0x0fcc wuauserv - ok
19:13:13.0246 0x0fcc [ AC13CB789D93412106B0FB6C7EB2BCB6, 8F5B0BD0CBBAB182A400F8994D4727BC0C978D749B6429A2D41B412AE97428B6 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
19:13:13.0308 0x0fcc WUDFRd - ok
19:13:13.0324 0x0fcc [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
19:13:13.0371 0x0fcc wudfsvc - ok
19:13:13.0402 0x0fcc [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8, 3660379AADB6DB56E54D9C680929CD3882CDE4E6A8BB888FC892110D6B50C627 ] XAudio C:\Windows\system32\DRIVERS\xaudio.sys
19:13:13.0418 0x0fcc XAudio - ok
19:13:13.0449 0x0fcc [ 28DC5D626E036A75A572556F0A6EB1F6, 9AE635C08B87AD85A552ADE0AF8BA10DC258E0DEFE133A2A74EFCD43B7A38A98 ] XAudioService C:\Windows\system32\DRIVERS\xaudio.exe
19:13:13.0527 0x0fcc XAudioService - ok
19:13:13.0543 0x0fcc ================ Scan global ===============================
19:13:13.0574 0x0fcc [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\system32\basesrv.dll
19:13:13.0667 0x0fcc [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
19:13:13.0792 0x0fcc [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\system32\winsrv.dll
19:13:13.0964 0x0fcc [ 2B336AB6286D6C81FA02CBAB914E3C6C, C5ADF6D5BFC00375BA6D0E5D96F36D36ADFBF66325A48358C6317E387FB220EC ] C:\Windows\system32\services.exe
19:13:14.0042 0x0fcc [ Global ] - ok
19:13:14.0042 0x0fcc ================ Scan MBR ==================================
19:13:14.0073 0x0fcc [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
19:13:16.0180 0x0fcc \Device\Harddisk0\DR0 - ok
19:13:16.0180 0x0fcc ================ Scan VBR ==================================
19:13:16.0211 0x0fcc [ 2FF9357D589AE84717398A93BCC56E8B ] \Device\Harddisk0\DR0\Partition1
19:13:16.0289 0x0fcc \Device\Harddisk0\DR0\Partition1 - ok
19:13:16.0305 0x0fcc [ 8BF3C2DFC2C0DF9255A43749D01A0678 ] \Device\Harddisk0\DR0\Partition2
19:13:16.0429 0x0fcc \Device\Harddisk0\DR0\Partition2 - ok
19:13:16.0429 0x0fcc ================ Scan active images ========================
19:13:16.0429 0x0fcc [ E9ACAE97F17C99CB735A1E08859BF806, 32AE5551269B40082928228388D32EA71EFB2B60FB5396610B06ECCE8914E59C ] C:\Windows\System32\drivers\crashdmp.sys
19:13:16.0429 0x0fcc C:\Windows\System32\drivers\crashdmp.sys - ok
19:13:16.0429 0x0fcc [ FD7F9D74C2B35DBDA400804A3F5ED5D8, 93BAEE15428E9B3FF2D5F7EE156697EA8C24E176C3A8E56D1B1AFF4E541867E4 ] C:\Windows\System32\drivers\iaStor.sys
19:13:16.0429 0x0fcc C:\Windows\System32\drivers\iaStor.sys - ok
19:13:16.0445 0x0fcc [ 224191001E78C89DFA78924C3EA595FF, E4EC9CAAEEEAEB30E13F4A8023AF687F29514667380DDFD638BBFFF1D5FC2563 ] C:\Windows\System32\drivers\intelppm.sys
19:13:16.0445 0x0fcc C:\Windows\System32\drivers\intelppm.sys - ok
19:13:16.0445 0x0fcc [ CAECC0120AC49E3D2F758B9169872D38, 80DB15ADF5F4FF78D0C7D5081B6C0E8F1E5125872B60D23C19DA8E62C9DAC9A8 ] C:\Windows\System32\drivers\TUNMP.SYS
19:13:16.0445 0x0fcc C:\Windows\System32\drivers\TUNMP.SYS - ok
19:13:16.0445 0x0fcc [ BBACE0293B73BF8C7CB591F2D06F26FA, A28A985633DF171BCB7A2201CB239B8694CE9C89D4A6BF627F2A512B112C131A ] C:\Windows\System32\drivers\igdkmd32.sys
19:13:16.0445 0x0fcc C:\Windows\System32\drivers\igdkmd32.sys - ok
19:13:16.0461 0x0fcc [ 85F33880B8CFB554BD3D9CCDB486845A, 2D120F94800AEB886D4BA2A45FE2454EBB1FAC3E57BDE552737EBDE7EF8899CF ] C:\Windows\System32\drivers\dxgkrnl.sys
19:13:16.0461 0x0fcc C:\Windows\System32\drivers\dxgkrnl.sys - ok
19:13:16.0461 0x0fcc [ 6C8B7DF75ECF4A7DD668BEC58E268329, A30E78E34E00AF43D791B4A5C1ECFC56F2C662057C37CB1A1D4CA0BF220647C6 ] C:\Windows\System32\drivers\watchdog.sys
19:13:16.0461 0x0fcc C:\Windows\System32\drivers\watchdog.sys - ok
19:13:16.0461 0x0fcc [ 65AD9C60DBFA2F0EA582E691CBA03F0C, 30C37A3D1992CC8A3AB3E19374ED692AF4AFA5A97081F700EE788640CE2D8A6B ] C:\Windows\System32\drivers\usbport.sys
19:13:16.0461 0x0fcc C:\Windows\System32\drivers\usbport.sys - ok
19:13:16.0476 0x0fcc [ CEBE90821810E76320155BEBA722FCF9, AD27B032520BE2A45690DD1AFDDA632B934AB7F815CD313B19CD692790C761D8 ] C:\Windows\System32\drivers\usbehci.sys
19:13:16.0476 0x0fcc C:\Windows\System32\drivers\usbehci.sys - ok
19:13:16.0476 0x0fcc [ 814D653EFC4D48BE3B04A307ECEFF56F, D73D62F51AEFE2F8F2B938B20107C246F2AC2F62ED49112DBD092A5D2E4024B3 ] C:\Windows\System32\drivers\usbuhci.sys
19:13:16.0476 0x0fcc C:\Windows\System32\drivers\usbuhci.sys - ok
19:13:16.0476 0x0fcc [ C87B1EE051C0464491C1A7B03FA0BC99, 0EF498A7D37A454E8B6DB1BE3C0EADA648B51B34A2BB553171E766463E54EE90 ] C:\Windows\System32\drivers\hdaudbus.sys
19:13:16.0476 0x0fcc C:\Windows\System32\drivers\hdaudbus.sys - ok
19:13:16.0492 0x0fcc [ 6522DD40A5F67CED020BD81B856613FB, 2242703412FA89B2D6E9A7025D0C14DFC0BFC66890D295BDA839274C313B4BAF ] C:\Windows\System32\drivers\NETw4v32.sys
19:13:16.0492 0x0fcc C:\Windows\System32\drivers\NETw4v32.sys - ok
19:13:16.0492 0x0fcc [ CD4646067CC7DCBA1907FA0ACF7E3966, 705DF801ACB8719213E95D6214E6C30F7A217663305DBB718F7ECD40F0084340 ] C:\Windows\System32\drivers\bcm4sbxp.sys
19:13:16.0492 0x0fcc C:\Windows\System32\drivers\bcm4sbxp.sys - ok
19:13:16.0507 0x0fcc [ 0349BE02F329F4F48F1D48097FD65974, 228A8620AF8B25223BC4D5F0ACDD60FBFBBDFB0BD63BD78029BE79FB7550095F ] C:\Windows\System32\drivers\1394bus.sys
19:13:16.0507 0x0fcc C:\Windows\System32\drivers\1394bus.sys - ok
19:13:16.0507 0x0fcc [ 790E27C3DB53410B40FF9EF2FD10A1D9, FD06F2702B8F7E04ECF1B6E88602F14301E7AE7FC44AD114282E580FAD530A9C ] C:\Windows\System32\drivers\ohci1394.sys
19:13:16.0507 0x0fcc C:\Windows\System32\drivers\ohci1394.sys - ok
19:13:16.0507 0x0fcc [ 126EA89BCC413EE45E3004FB0764888F, 367BE2B56113177AE867E00D019C707C6449E0FC4A642101B11036A0534D6901 ] C:\Windows\System32\drivers\sdbus.sys
19:13:16.0507 0x0fcc C:\Windows\System32\drivers\sdbus.sys - ok
19:13:16.0523 0x0fcc [ EA885E7A56F1BE1F14C372337C42FE48, 2C6F0FCB95D4A04E9BC26765B1EB856D3D40811F8B0D090C0E8AB571FF4D1C7A ]
C:\Windows\System32\drivers\rimmptsk.sys
19:13:16.0523 0x0fcc C:\Windows\System32\drivers\rimmptsk.sys - ok
19:13:16.0523 0x0fcc [ D7E09BC852684A7B1FC0F74FE090D45A, 97D6ABCDA50C4FC5BE8B5532FF013EC9AF4AA098D7EB450EB1C3A358BD8E6B2D ] C:\Windows\System32\drivers\rimsptsk.sys
19:13:16.0523 0x0fcc C:\Windows\System32\drivers\rimsptsk.sys - ok
19:13:16.0523 0x0fcc [ 22D56C8184586B7A1F6FA60BE5F5A2BD, D96A2962848C1F59B143BFEC22EC48BD1C5A75D0EBCFD7FB965E66B85FF7D8CA ] C:\Windows\System32\drivers\i8042prt.sys
19:13:16.0523 0x0fcc C:\Windows\System32\drivers\i8042prt.sys - ok
19:13:16.0539 0x0fcc [ B0A7494A9BA7909EFAC64E05D3F160DB, 3B2C362F70C53CF12DD36C1888292FB5C9E05CB711B30B22C1FBE330C5E635BE ] C:\Windows\System32\drivers\rixdptsk.sys
19:13:16.0539 0x0fcc C:\Windows\System32\drivers\rixdptsk.sys - ok
19:13:16.0539 0x0fcc [ DD17B63F26430E179EF6BDEF5AC735BD, EA736CBD7001891F1823B8626964AC37952A86DEC1022EDE913259E8B1FA1D1F ] C:\Windows\System32\drivers\SynTP.sys
19:13:16.0539 0x0fcc C:\Windows\System32\drivers\SynTP.sys - ok
19:13:16.0539 0x0fcc [ 790FDAC6D0C762DF9047C3C625A6FF6C, 21BE97010340E1377AD94D27A307D0A0F74B53FB4688012DE807F7D4B859F204 ] C:\Windows\System32\drivers\usbd.sys
19:13:16.0539 0x0fcc C:\Windows\System32\drivers\usbd.sys - ok
19:13:16.0554 0x0fcc [ 37605E0A8CF00CBBA538E753E4344C6E, B9A9FFDCE45B0830E277CF322C28ACB49372C16144B0F676B283BE5DAE9A7F30 ] C:\Windows\System32\drivers\kbdclass.sys
19:13:16.0554 0x0fcc C:\Windows\System32\drivers\kbdclass.sys - ok
19:13:16.0554 0x0fcc [ 5BF6A1326A335C5298477754A506D263, CC7F58E5955A448F6CE28D6D8EB98C7479E11F931B5C733CFE71A29B2E95923D ] C:\Windows\System32\drivers\mouclass.sys
19:13:16.0554 0x0fcc C:\Windows\System32\drivers\mouclass.sys - ok
19:13:16.0554 0x0fcc [ 1EC25CEA0DE6AC4718BF89F9E1778B57, 019E12C30E7A395259F3906EC55AFF86949CFDBB443060208C8B91B9EB7F9FB7 ] C:\Windows\System32\drivers\cdrom.sys
19:13:16.0554 0x0fcc C:\Windows\System32\drivers\cdrom.sys - ok
19:13:16.0570 0x0fcc [ 99AFC3795B58CC478FBBBCDC658FCB56, 0D1B27C42A058C5D56A0157B5ECA9A054254F6B9C8015D0321021A7EFCE10CE2 ] C:\Windows\System32\drivers\CmBatt.sys
19:13:16.0570 0x0fcc C:\Windows\System32\drivers\CmBatt.sys - ok
19:13:16.0570 0x0fcc [ EF70B3D22B4BFFDA6EA851ECB063EFAA, 1666572F8F988805C3A2E949FA6B060B35B72DBB115B86F4CFC710FB6A86C3E3 ] C:\Windows\System32\drivers\serscan.sys
19:13:16.0570 0x0fcc C:\Windows\System32\drivers\serscan.sys - ok
19:13:16.0585 0x0fcc [ 2E7255D172DF0B8283CDFB7B433B864E, 60C786CF0EA4A29B309B9457F0496D5A0AF1F093FC2C5D88078865814B7DBBA3 ] C:\Windows\System32\drivers\wmiacpi.sys
19:13:16.0585 0x0fcc C:\Windows\System32\drivers\wmiacpi.sys - ok
19:13:16.0585 0x0fcc [ 39AD2C7B9C05C1CCD12480890DBA4EB5, 38C9CE4845682A2A833FF8E383B322AA0A6D8A499BF40692E10FB5F1D522759E ] C:\Windows\System32\drivers\Storport.sys
19:13:16.0585 0x0fcc C:\Windows\System32\drivers\Storport.sys - ok
19:13:16.0585 0x0fcc [ F247EEC28317F6C739C16DE420097301, 0F4BE16BB0630DFE2256F70C94D4363B7B71F02F7F6597E7CAE28A3EFEA7BCAD ] C:\Windows\System32\drivers\msiscsi.sys
19:13:16.0585 0x0fcc C:\Windows\System32\drivers\msiscsi.sys - ok
19:13:16.0601 0x0fcc [ 77937EFF009AC696B90E09F671F9D0A4, EF51316C44529E17B2C09EA06D55B4EF7BCC8B6EB8FEC02DE64005F99AA32C95 ] C:\Windows\System32\drivers\tdi.sys
19:13:16.0601 0x0fcc C:\Windows\System32\drivers\tdi.sys - ok
19:13:16.0601 0x0fcc [ 0E186E90404980569FB449BA7519AE61, DE41791D9D3074007D6DD1D3933E7A2A13E3789D0AD4F029105B58279622FC1B ] C:\Windows\System32\drivers\ndistapi.sys
19:13:16.0601 0x0fcc C:\Windows\System32\drivers\ndistapi.sys - ok
19:13:16.0601 0x0fcc [ A214ADBAF4CB47DD2728859EF31F26B0, A24F37F55E2C018B1B4FA2C568A01AAAAEA1220833ED24A93378386174A70A32 ] C:\Windows\System32\drivers\rasl2tp.sys
19:13:16.0601 0x0fcc C:\Windows\System32\drivers\rasl2tp.sys - ok
19:13:16.0617 0x0fcc [ 3D14C3B3496F88890D431E8AA022A411, 9B31451756A35314586F93996172E1039B2CD21132CCBE772B3E61A8D9454A30 ] C:\Windows\System32\drivers\ndiswan.sys
19:13:16.0617 0x0fcc C:\Windows\System32\drivers\ndiswan.sys - ok
19:13:16.0617 0x0fcc [ 3E9D9B048107B40D87B97DF2E48E0744, F7B8DAE57B9372CEB21A912379FC7670B099A9642CF2E7EA8D335ADBD4CF86A2 ] C:\Windows\System32\drivers\raspppoe.sys
19:13:16.0617 0x0fcc C:\Windows\System32\drivers\raspppoe.sys - ok
19:13:16.0617 0x0fcc [ ECFFFAEC0C1ECD8DBC77F39070EA1DB1, 6E4B188A4BFDBBCA51347BCCE2873F2D0F858398851B9B5129CB9F36A02E4354 ] C:\Windows\System32\drivers\raspptp.sys
19:13:16.0617 0x0fcc C:\Windows\System32\drivers\raspptp.sys - ok
19:13:16.0632 0x0fcc [ A7D141684E9500AC928A772ED8E6B671, C9329ECA4190EE1F4A6F186D45EA42ACF60C04CDBAFEB19973F3C2DF04A1BCEE ] C:\Windows\System32\drivers\rassstp.sys
19:13:16.0632 0x0fcc C:\Windows\System32\drivers\rassstp.sys - ok
19:13:16.0632 0x0fcc [ A048056F5E1A96A9BF3071B91741A5AA, CFDE51D106A6CC4A5638BCD458505F5831636D2203F7C949273BDA446AC7C5F3 ] C:\Windows\System32\drivers\termdd.sys
19:13:16.0632 0x0fcc C:\Windows\System32\drivers\termdd.sys - ok
19:13:16.0632 0x0fcc [ 47CB1CBB1D80517D7909D0860128E860, 69FA9F36509507D6D2FD6858023D2668F9458798F160B6DB7AB290A468F04DB8 ] C:\Windows\System32\drivers\ks.sys
19:13:16.0632 0x0fcc C:\Windows\System32\drivers\ks.sys - ok
19:13:16.0648 0x0fcc [ 7BA58ECF0C0A9A69D44B3DCA62BECF56, 23CC47FA2D6E183D69DB0D3D3F3081A830D94A58FBC0A9A295B3A56C51E9486A ] C:\Windows\System32\drivers\swenum.sys
19:13:16.0648 0x0fcc C:\Windows\System32\drivers\swenum.sys - ok
19:13:16.0648 0x0fcc [ E384487CB84BE41D09711C30CA79646C, 520391DEE14D4D6C1EA99C7D31DD95D56B44D54CA3CD8E5C9855E9C0A04F026C ] C:\Windows\System32\drivers\mssmbios.sys
19:13:16.0648 0x0fcc C:\Windows\System32\drivers\mssmbios.sys - ok
19:13:16.0663 0x0fcc [ 32CFF9F809AE9AED85464492BF3E32D2, 91AAA47AEF17F373276B01AC8FA823592A0C854541A7A9A3B78F2350DB964EBC ] C:\Windows\System32\drivers\umbus.sys
19:13:16.0663 0x0fcc C:\Windows\System32\drivers\umbus.sys - ok
19:13:16.0663 0x0fcc [ CC6B28E4CE39951357963119CE47B143, 0BC653B51A33709AADD8B5A2B8102DBCB3C1EE14BDDF4C58813FDCA43FF7C1B2 ] C:\Windows\System32\drivers\usbhub.sys
19:13:16.0663 0x0fcc C:\Windows\System32\drivers\usbhub.sys - ok
19:13:16.0663 0x0fcc [ 71DAB552B41936358F3B541AE5997FB3, 30A8B3E33CBF04FC047254E404C0321F9028F2640036AA8AC1EA0A5E64551684 ] C:\Windows\System32\drivers\ndproxy.sys
19:13:16.0663 0x0fcc C:\Windows\System32\drivers\ndproxy.sys - ok
19:13:16.0679 0x0fcc [ 7BE5A3C671A2CB56E94403BFC2020A0D, 35D24D2898C63B0D8EC2EE0AD9DB05BE1E6640B13AABBEF290B9A34F85647E79 ] C:\Windows\System32\drivers\drmk.sys
19:13:16.0679 0x0fcc C:\Windows\System32\drivers\drmk.sys - ok
19:13:16.0679 0x0fcc [ 75DAD0E7F4CD3CB9455A76123AC16BF3, 9B1C2889FF691D31C6F454BD6A9D345A3F824099017B67B720546800EA07E8FA ] C:\Windows\System32\drivers\portcls.sys
19:13:16.0679 0x0fcc C:\Windows\System32\drivers\portcls.sys - ok
19:13:16.0679 0x0fcc [ 5AF135B2E2097D4494B9067CE84E2665, E7517C43BB81B6AE017172BA5389F6B0FC17CF9E60AAB3453A6D80A087C86592 ] C:\Windows\System32\drivers\stwrt.sys
19:13:16.0695 0x0fcc C:\Windows\System32\drivers\stwrt.sys - ok
19:13:16.0695 0x0fcc [ 7845D2385F4DC7DFB3CCAF0C2FA4948E, 18F01851E18CCF84A7987B739C7661C8BF272CF69F4E6BA87A69FCDBA1B8774A ] C:\Windows\System32\drivers\HSXHWAZL.sys
19:13:16.0695 0x0fcc C:\Windows\System32\drivers\HSXHWAZL.sys - ok
19:13:16.0695 0x0fcc [ E9E589C9AB799F52E18F057635A2B362, 24857D672B09C13EF290E7EA587D25270DE23740EE18E2FCF16716D9E0D0E457 ] C:\Windows\System32\drivers\HSX_DPV.sys
19:13:16.0695 0x0fcc C:\Windows\System32\drivers\HSX_DPV.sys - ok
19:13:16.0710 0x0fcc [ 4DACA8F07537D4D7E3534BB99294AA26, 8418B5A83D945FF1827C5B19A57BE7FFE1FD523C6795B0ACE88E4A906C82BA2C ] C:\Windows\System32\drivers\HSX_CNXT.sys
19:13:16.0710 0x0fcc C:\Windows\System32\drivers\HSX_CNXT.sys - ok
19:13:16.0710 0x0fcc [ E13B5EA0F51BA5B1512EC671393D09BA, 5B380D1B435D809CA201FD5ED075D42F3C6BA1A4EEDBC4040F7E3329F05A334A ] C:\Windows\System32\drivers\modem.sys
19:13:16.0710 0x0fcc C:\Windows\System32\drivers\modem.sys - ok
19:13:16.0710 0x0fcc [ CAF811AE4C147FFCD5B51750C7F09142, BD670CF88D8F932AD1C6BA91FB68A7204BC473657C6A057C92AFB84D164D393C ] C:\Windows\System32\drivers\usbccgp.sys
19:13:16.0710 0x0fcc C:\Windows\System32\drivers\usbccgp.sys - ok
19:13:16.0726 0x0fcc [ 19CAC780B858822055F46C58A111723C, D91CE501328281B8FEE6943776A145FB3201645B01BA8D1545FFA93A547DE2C7 ] C:\Windows\System32\drivers\OEM02Dev.sys
19:13:16.0726 0x0fcc C:\Windows\System32\drivers\OEM02Dev.sys - ok
19:13:16.0726 0x0fcc [ 86326062A90494BDD79CE383511D7D69, 43D5682CA8ECB4BA7CC1A5C4C2BF966EE4802E8C3AA84CDEB634CA3C410DAB89 ] C:\Windows\System32\drivers\OEM02Vfx.sys
19:13:16.0726 0x0fcc C:\Windows\System32\drivers\OEM02Vfx.sys - ok
19:13:16.0726 0x0fcc [ 5639DE66B37D02BD22DF4CF3155FBA60, E7F8E588DA6470DB285EB7EAA199572A84EF6660A9D6B30B1D9BBF096B4D04F1 ] C:\Windows\System32\drivers\avgmfx86.sys
19:13:16.0726 0x0fcc C:\Windows\System32\drivers\avgmfx86.sys - ok
19:13:16.0741 0x0fcc [ 65EA8B77B5851854F0C55C43FA51A198, 150BE6C195094DBEAC4FD73CC1C31FF59B77A73944574E244D280EE2DE69DC2F ] C:\Windows\System32\drivers\fs_rec.sys
19:13:16.0741 0x0fcc C:\Windows\System32\drivers\fs_rec.sys - ok
19:13:16.0741 0x0fcc [ C5DBBCDA07D780BDA9B685DF333BB41E, 3652893DFF05469A273C3073D8D0A9D6D6BBDEC7855FEA8EAB768F95BA674108 ] C:\Windows\System32\drivers\null.sys
19:13:16.0741 0x0fcc C:\Windows\System32\drivers\null.sys - ok
19:13:16.0741 0x0fcc [ 67E506B75BD5326A3EC7B70BD014DFB6, 3B07243970CAB4E93A858BEA6E31F56AD0157C42D624F3FEB469E68EEEF65669 ] C:\Windows\System32\drivers\beep.sys
19:13:16.0741 0x0fcc C:\Windows\System32\drivers\beep.sys - ok
19:13:16.0757 0x0fcc [ 175444D3A01CA45D0E1C5DC5F48DF7CD, D8F335309C2BBF2FF354BAB69096CB65E2911A2194B8278E2684FF25464BBD86 ] C:\Windows\System32\drivers\hidparse.sys
19:13:16.0757 0x0fcc C:\Windows\System32\drivers\hidparse.sys - ok
19:13:16.0757 0x0fcc [ 18247836959BA67E3511B62846B9C2E0, 9623FF990A1C11A707C358CC9FDD4306C2992A8C766A50DAFC9534A283AA011D ] C:\Windows\System32\drivers\kbdhid.sys
19:13:16.0757 0x0fcc C:\Windows\System32\drivers\kbdhid.sys - ok
19:13:16.0757 0x0fcc [ 2E93AC0A1D8C79D019DB6C51F036636C, 8B6F3B4EE90691A22788915AD0F99D8EE617750430A34E7CEB9AB4FB4E581755 ] C:\Windows\System32\drivers\vga.sys
19:13:16.0757 0x0fcc C:\Windows\System32\drivers\vga.sys - ok
19:13:16.0773 0x0fcc [ C048D2C33D27441A0CDCAAE2651EB03D, CD7F755400EF36C9EC689480AC425B8A8395F649B2843DE762997524C9B381DF ] C:\Windows\System32\drivers\videoprt.sys
19:13:16.0773 0x0fcc C:\Windows\System32\drivers\videoprt.sys - ok
19:13:16.0773 0x0fcc [ 89E59BE9A564262A3FB6C4F4F1CD9899, 6F948FB0E73495CA60B7B19E758268495EC8A084C475EC59AD7940AA619570BB ] C:\Windows\System32\drivers\RDPCDD.sys
19:13:16.0773 0x0fcc C:\Windows\System32\drivers\RDPCDD.sys - ok
19:13:16.0773 0x0fcc [ 9D91FE5286F748862ECFFA05F8A0710C, 33F37F1B207151A5564BF051BBF16F35D8C5A0F426CCA078A51F125BF09E487B ] C:\Windows\System32\drivers\RDPENCDD.sys
19:13:16.0773 0x0fcc C:\Windows\System32\drivers\RDPENCDD.sys - ok
19:13:16.0788 0x0fcc [ A9927F4A46B816C92F461ACB90CF8515, 753284F726F9B4D3E7322C75532244CA43714F00717C2019391FB36DEE0738C0 ] C:\Windows\System32\drivers\msfs.sys
19:13:16.0788 0x0fcc C:\Windows\System32\drivers\msfs.sys - ok
19:13:16.0788 0x0fcc [ ECB5003F484F9ED6C608D6D6C7886CBB, 45496B84B2FD156499E9F07FC82BC6F032B8F4D9DC194098CF9F5474D5642F9E ] C:\Windows\System32\drivers\npfs.sys
19:13:16.0788 0x0fcc C:\Windows\System32\drivers\npfs.sys - ok
19:13:16.0788 0x0fcc [ 147D7F9C556D259924351FEB0DE606C3, E41EBA5F3098C6CF2BE4C0060A5F4BF161C3677D983B7A0D70ACC12FC3CFEFD7 ] C:\Windows\System32\drivers\rasacd.sys
19:13:16.0788 0x0fcc C:\Windows\System32\drivers\rasacd.sys - ok
19:13:16.0804 0x0fcc [ D09276B1FAB033CE1D40DCBDF303D10F, 2CB47CB522B4E1C091DE30AF0EB4E21D321C42D2A5BA9647CBD078652680D8FF ] C:\Windows\System32\drivers\tdx.sys
19:13:16.0804 0x0fcc C:\Windows\System32\drivers\tdx.sys - ok
19:13:16.0804 0x0fcc [ 04F49DDD00A26C6CA984A9B480FDAA33, 24F5BE8766124D78F8C02BE8FB12DA9CD300F4B418782820454060E517648142 ] C:\Windows\System32\drivers\hidclass.sys
19:13:16.0804 0x0fcc C:\Windows\System32\drivers\hidclass.sys - ok
19:13:16.0804 0x0fcc [ 854CA287AB7FAF949617A788306D967E, 8C0BC3727C07634FAD35C7184C72B6D48D428F35E612257A833F00CACF4AAB5D ] C:\Windows\System32\drivers\hidusb.sys
19:13:16.0804 0x0fcc C:\Windows\System32\drivers\hidusb.sys - ok
19:13:16.0819 0x0fcc [ 93B8D4869E12CFBE663915502900876F, 7464DE60FAAD8793D855F1F86C3C865B3A3EE41C19A3E926D1BE4426E67F5EC2 ] C:\Windows\System32\drivers\mouhid.sys
19:13:16.0819 0x0fcc C:\Windows\System32\drivers\mouhid.sys - ok
19:13:16.0819 0x0fcc [ AAF0EBCAD95F2164CFFB544E00392498, 20ED50D2E33DFCF4B209B76E041DB1483B9A23A12591CC303F4D6C4846DEB7D5 ] C:\Windows\System32\drivers\avgtdix.sys
19:13:16.0819 0x0fcc C:\Windows\System32\drivers\avgtdix.sys - ok
19:13:16.0835 0x0fcc [ 7C5FEE5B1C5728507CD96FB4A13E7A02, EDBA08442AD6AF20463A0610FF24D5929574E5EC012495A2C219F6BA84C97F57 ] C:\Windows\System32\drivers\netbt.sys
19:13:16.0835 0x0fcc C:\Windows\System32\drivers\netbt.sys - ok
19:13:16.0835 0x0fcc [ 031E6BCD53C9B2B9ACE111EAFEC347B6, B934129BD77CA6A1434C59EA82B5E93FD4089608E0E41242B6E68070A0F33FB8 ] C:\Windows\System32\drivers\smb.sys
19:13:16.0835 0x0fcc C:\Windows\System32\drivers\smb.sys - ok
19:13:16.0835 0x0fcc [ 48EB99503533C27AC6135648E5474457, 344A83008F41AAC3CDFC52EFC4F2EFF441971C58182597D2FBED315B3FC62137 ] C:\Windows\System32\drivers\afd.sys
19:13:16.0835 0x0fcc C:\Windows\System32\drivers\afd.sys - ok
19:13:16.0851 0x0fcc [ BFEF604508A0ED1EAE2A73E872555FFB, AC817FB5A6126475B4A3CA191AD49651B919FB55429B939D036BC564632E426D ] C:\Windows\System32\drivers\pacer.sys
19:13:16.0851 0x0fcc C:\Windows\System32\drivers\pacer.sys - ok
19:13:16.0851 0x0fcc [ BCD093A5A6777CF626434568DC7DBA78, 2A283DD93230361204EA0897864EAF0224CB8C02E025AE2E4237B07A598B3EBD ] C:\Windows\System32\drivers\netbios.sys
19:13:16.0851 0x0fcc C:\Windows\System32\drivers\netbios.sys - ok
19:13:16.0851 0x0fcc [ 55201897378CCA7AF8B5EFD874374A26, 350ADDCEFAA33E301027CFEA8DDE703F6FBD6E53624598CB2E7B671B9E48F7CC ] C:\Windows\System32\drivers\wanarp.sys
19:13:16.0851 0x0fcc C:\Windows\System32\drivers\wanarp.sys - ok
19:13:16.0866 0x0fcc [ 6E1C5D0457622F9EE35F683110E93D14, 9C6BE049FDA5E6CBA486EE33F01AADDD6085CC5F1F08409EC439ADE9137D3F5F ] C:\Windows\System32\drivers\rdbss.sys
19:13:16.0866 0x0fcc C:\Windows\System32\drivers\rdbss.sys - ok
19:13:16.0866 0x0fcc [ DA8B28199B46B72502D5A3F75D446254, C1895040F30B3FEEDD724FCB7E27E118FA637E3AA420980D0EFB2D069C389925 ] C:\Windows\System32\drivers\ElRawDsk.sys
19:13:16.0866 0x0fcc C:\Windows\System32\drivers\ElRawDsk.sys - ok
19:13:16.0882 0x0fcc [ 609773E344A97410CE4EBF74A8914FCF, 90B9CBD2B62854DD503DE4A910CB987D402368EB99882FE20FFB6DEACD70F2BD ] C:\Windows\System32\drivers\nsiproxy.sys
19:13:16.0882 0x0fcc C:\Windows\System32\drivers\nsiproxy.sys - ok
19:13:16.0882 0x0fcc [ A3E9FA213F443AC77C7746119D13FEEC, 479B349BFC811D20572C09C4A2228C3880F8F3B4B4BA5F4E56600C7EF583DE7B ] C:\Windows\System32\drivers\dfsc.sys
19:13:16.0882 0x0fcc C:\Windows\System32\drivers\dfsc.sys - ok
19:13:16.0882 0x0fcc [ 901EB73F900D8DD1E8862C40427B83AE, 6CEC9109CDA7ED3952702773785430C3AE02195EB6D3FDF889C1F9118CF50D11 ] C:\Windows\System32\drivers\avgldx86.sys
19:13:16.0882 0x0fcc C:\Windows\System32\drivers\avgldx86.sys - ok
19:13:16.0897 0x0fcc [ 89D0E06D6165C98E47065722CE703FAD, D96CC0BDA2FF6404DABF5EA61769943F0FA22A23EFB7F5417CE5A87D5720C9AF ] C:\Windows\System32\ntdll.dll
19:13:16.0897 0x0fcc C:\Windows\System32\ntdll.dll - ok
19:13:16.0897 0x0fcc [ 6701DDAF68BEDE6BBEEA9D514D73A35B, A5B163A43AB91012D47F36926140562D06C46AA9659F748BA160501A526B9A89 ] C:\Windows\System32\smss.exe
19:13:16.0897 0x0fcc C:\Windows\System32\smss.exe - ok
19:13:16.0897 0x0fcc [ BEB98BBFBBEEB3BA76FEA3EBCF32F952, 8361A1D148952DF591C04EC3D2824DD07B0CDBE86F78B13492E9F0EEBEAF6027 ] C:\Windows\System32\urlmon.dll
19:13:16.0897 0x0fcc C:\Windows\System32\urlmon.dll - ok
19:13:16.0913 0x0fcc [ 030981927E732FD4013910B3B06BD45B, 2B1A8AF92721FBA932C3BA56D86349162AC60B23E27F309C471DED6228285211 ] C:\Windows\System32\msctf.dll
19:13:16.0913 0x0fcc C:\Windows\System32\msctf.dll - ok
19:13:16.0913 0x0fcc [ 9DE05CE950E4BC8820464F137029B358, 66B27DB9BF69785AE452673FD08B605FBFBFE12409897585FB7F6F81D2002483 ] C:\Windows\System32\rpcrt4.dll
19:13:16.0913 0x0fcc C:\Windows\System32\rpcrt4.dll - ok
19:13:16.0913 0x0fcc [ FA6BD25A5A65A6FF5BE4385098E3BDEF, C14DD769F6F8C8D7E84AEC58FB75A6194B587BFD099B25EC1F6C929BAEA00653 ] C:\Windows\System32\oleaut32.dll
19:13:16.0913 0x0fcc C:\Windows\System32\oleaut32.dll - ok
19:13:16.0929 0x0fcc [ C44A1766E93E506EE2102A305799E1A1, AB7880E3482352DECAE3A4AC5B3A7BF0CF0D67CF61DB1272452427995A1FCB14 ] C:\Windows\System32\advapi32.dll
19:13:16.0929 0x0fcc C:\Windows\System32\advapi32.dll - ok
19:13:16.0929 0x0fcc [ A64AEBC6C78B4CFD7F41A7277879DF8F, 2283E1D5D5ACF66B6C71A7755577F0A03DB5FC213E5D7DB067C9B7B6E805C202 ] C:\Windows\System32\nsi.dll
19:13:16.0929 0x0fcc C:\Windows\System32\nsi.dll - ok
19:13:16.0929 0x0fcc [ C394079EB162E812D682C73FA96AF6E4, 639F482DBC82E1E8E7254A5F6FF0F60661EA4BE44D86CA13238913DABFA522F8 ] C:\Windows\System32\clbcatq.dll
19:13:16.0929 0x0fcc C:\Windows\System32\clbcatq.dll - ok
19:13:16.0944 0x0fcc [ 766DC8261DB0AC993B301DC29BD475DD, CEA47AD654D9AF7CD35B568F9CD2AD213E00BEE3467B2092B65D1084D0CDA63B ] C:\Windows\System32\gdi32.dll
19:13:16.0944 0x0fcc C:\Windows\System32\gdi32.dll - ok
19:13:16.0944 0x0fcc [ AA406846DD60E3A4536DBAAB4037B685, D79AC72EF7E51CFB6052647CD63B75B09DC2D392647379EF0B97BA0148EA696B ] C:\Windows\System32\ole32.dll
19:13:16.0944 0x0fcc C:\Windows\System32\ole32.dll - ok
19:13:16.0960 0x0fcc [ 44338CAB70F1DB264D2F3F9F86A5D281, 25A923BEB7DB8CC2753DDF647C9196DA259D93B02E904C9E7963B7948D3EFAB5 ] C:\Windows\System32\shlwapi.dll
19:13:16.0960 0x0fcc C:\Windows\System32\shlwapi.dll - ok
19:13:16.0960 0x0fcc [ 74320103EFFAA27DD8C5AC54BB00B98B, 2950BCE9FA047837430ED146D2E32FC1A97A49C600FFBFFBE3F718F2CEFA3409 ] C:\Windows\System32\iertutil.dll
19:13:16.0960 0x0fcc C:\Windows\System32\iertutil.dll - ok
19:13:16.0960 0x0fcc [ 8C55A6333DAFAB88E44C040C55179274, 95A6C555A8BD9725CD85BE53E081C023270FBB1317515432D5C81993E35F0BCE ] C:\Windows\System32\imagehlp.dll
19:13:16.0960 0x0fcc C:\Windows\System32\imagehlp.dll - ok
19:13:16.0976 0x0fcc [ EC17194A193CD8E90D27CFB93DFA9A2E, E874FA4459CD7539F5A69D79CFED9CFD0C07354E1AE9AD05A414E64D586536D1 ] C:\Windows\System32\imm32.dll
19:13:16.0976 0x0fcc C:\Windows\System32\imm32.dll - ok
19:13:16.0976 0x0fcc [ 306835D4E74E49A5D10F0FCA0B422EB1, 12256B27FD7A7A5BE580108C443D96FB6EC9BAF8C1A76BD8155CF045356A92A2 ] C:\Windows\System32\kernel32.dll
19:13:16.0976 0x0fcc C:\Windows\System32\kernel32.dll - ok
19:13:16.0976 0x0fcc [ F12FBAF1DA549CBB79E6D89AD3A57ED0, 4A206489509ECAF8477FA8C3A56AFC0B13239AB1F7A5F26B5A37375EF8423B14 ] C:\Windows\System32\wininet.dll
19:13:16.0976 0x0fcc C:\Windows\System32\wininet.dll - ok
19:13:16.0991 0x0fcc [ 44638B7584A362E7B50B1EDD859FACAD, EEFE8DBA001BF14AC0A08B7856BD2B835521284FF85E3C345DC3D9785B16D869 ] C:\Windows\System32\Wldap32.dll
19:13:16.0991 0x0fcc C:\Windows\System32\Wldap32.dll - ok
19:13:16.0991 0x0fcc [ B974D9F06DC7D1908E825DC201681269, 7D949455AA3DCF063A0CA185E3E7D22D12E221E27E5051D611E3DAAC6D5D9501 ] C:\Windows\System32\user32.dll
19:13:16.0991 0x0fcc C:\Windows\System32\user32.dll - ok
19:13:16.0991 0x0fcc [ D71266E0E06421E81CA85F2346B7EE9E, 83EBA68F9DC9840A0DE58848B24DBB72A1E304B502C0BAA82D0D8301FEB6102F ] C:\Windows\System32\comdlg32.dll
19:13:16.0991 0x0fcc C:\Windows\System32\comdlg32.dll - ok
19:13:17.0007 0x0fcc [ DD496299B7351E16E602FC4299345A33, 4E62F100AB86617A1B72009DDB517475BF9CC1FDE43774068B2CC9F0130B4051 ] C:\Windows\System32\lpk.dll
19:13:17.0007 0x0fcc C:\Windows\System32\lpk.dll - ok
19:13:17.0007 0x0fcc [ EC6F86F7718ABE932926DEED0B871D46, F35953316128A6EE0CADE43414D09C31F229838C9256C4DB0A52ACD38CE0AB55 ] C:\Windows\System32\setupapi.dll
19:13:17.0007 0x0fcc C:\Windows\System32\setupapi.dll - ok
19:13:17.0007 0x0fcc [ A23E4692716C25E5AEA300ED74E73A1C, FE4CA23BE03963E716B3B1F77C8DB78DE5232F30F684FD11C98E428D365F97B9 ] C:\Windows\System32\usp10.dll
19:13:17.0007 0x0fcc C:\Windows\System32\usp10.dll - ok
19:13:17.0022 0x0fcc [ 6F29236AB5926100972924BD29D9D225, E8B517FC36F25C4AE07021473B0BCDCDDD4B6E3FE004E6B0AD449C030267674C ] C:\Windows\System32\normaliz.dll
19:13:17.0022 0x0fcc C:\Windows\System32\normaliz.dll - ok
19:13:17.0022 0x0fcc [ 048B65EC931A39A5F42016BE04775274, 5F48C6769E28555B2EA5DE31E360220346348EE3A2AD1AF4216564225FA97579 ] C:\Windows\System32\shell32.dll
19:13:17.0022 0x0fcc C:\Windows\System32\shell32.dll - ok
19:13:17.0022 0x0fcc [ 04CBEAA089B6A752B3EB660BEE8C4964, 27E33CB1E70DEE6D630D93D701A344B3268D1B50C644A0D5DE4DEBBF471D02E4 ] C:\Windows\System32\msvcrt.dll
19:13:17.0022 0x0fcc C:\Windows\System32\msvcrt.dll - ok
19:13:17.0038 0x0fcc [ B304D47D5744BA20FCB99FB8B2C07B0B, 16AAD9264CAB5B5489E2CF8F118132EA46FE9066B4C4320C0259BE88EBD111C8 ] C:\Windows\System32\ws2_32.dll
19:13:17.0038 0x0fcc C:\Windows\System32\ws2_32.dll - ok
19:13:17.0038 0x0fcc [ 457366B876CEAB9E92DDF976B8520CB6, AE4A74E11A681905E7BC19A15733C2606AC6C2A9A6CEBBF60BEC7493EC6DB633 ] C:\Windows\System32\comctl32.dll
19:13:17.0038 0x0fcc C:\Windows\System32\comctl32.dll - ok
19:13:17.0038 0x0fcc [ 93A1732F7F997E36A5C3893539E2FF02, 40B6F7A67F90E5D9948385418BD22BBD29DE86A151B35D1001081A61CA5FC612 ] C:\Windows\System32\psapi.dll
19:13:17.0038 0x0fcc C:\Windows\System32\psapi.dll - ok
19:13:17.0054 0x0fcc [ EAAAFEF04FBB45665C9576E525D45A12, 3472378C4E150B158B1C4E16760E278B0564BA10563D2CB181EFD17091056D87 ] C:\Windows\System32\drivers\dxapi.sys
19:13:17.0054 0x0fcc C:\Windows\System32\drivers\dxapi.sys - ok
19:13:17.0054 0x0fcc [ 1AB81DE60826E31BCA3644C34C35006D, C4357AEF2C259A53BB519EA39BC9E3866FFC127C18459666702A5095D4CE08D1 ] C:\Windows\System32\win32k.sys
19:13:17.0054 0x0fcc C:\Windows\System32\win32k.sys - ok
19:13:17.0054 0x0fcc [ A8838BAFFC18781990CF7D7BB9678715, CDE8CE7BBA8466669586188AF4914BADBCF046EAA9D8074424295120956A1D46 ] C:\Windows\System32\csrsrv.dll
19:13:17.0054 0x0fcc C:\Windows\System32\csrsrv.dll - ok
19:13:17.0069 0x0fcc [ ABCA209EBA02CB59233614DB83B4F50D, CF48E43B33B14234F5004F9F3BF0D973B17A501108F39FB42CF9548FD2124960 ] C:\Windows\System32\csrss.exe
19:13:17.0069 0x0fcc C:\Windows\System32\csrss.exe - ok
19:13:17.0069 0x0fcc [ F31EEBC1A1C81FD04005489CC3DCDFE7, 098C35ACFCCE1686C5A6DB6057001CBF8B06A863A0802CB2E9D793F4795F8CEE ] C:\Windows\System32\basesrv.dll
19:13:17.0069 0x0fcc C:\Windows\System32\basesrv.dll - ok
19:13:17.0069 0x0fcc [ F42F8855CB5C22E203C6672B124F17FD, 3A1BBCC916A02CFB5621FD32B336DDACCFBFB4E418B7FA48653DF2FA1CF563A5 ] C:\Windows\System32\winsrv.dll
19:13:17.0069 0x0fcc C:\Windows\System32\winsrv.dll - ok
19:13:17.0085 0x0fcc [ 0A9BB33B56E294F686ABB7C1E4E2D8A8, 1E8031D51E074FDFB53E98E26DABF313B901C028D01196BFD402EED5D0A89595 ] C:\Windows\System32\drivers\monitor.sys
19:13:17.0085 0x0fcc C:\Windows\System32\drivers\monitor.sys - ok
19:13:17.0085 0x0fcc [ CC21507D246861671A0BF97E75CE1B00, C36089B27D80F4FFD208A807310413DE3DCC7850F14D1B56F97670CC10F5566D ] C:\Windows\System32\tsddd.dll
19:13:17.0085 0x0fcc C:\Windows\System32\tsddd.dll - ok
19:13:17.0085 0x0fcc [ 5CF121E62E74480E0F07D384FF7EB5B1, 9C452DE1C81CF48E35D66B9B6BC2700EC66C7E9277491E2ECEE7E1D3AFF7F2DA ] C:\Windows\System32\secur32.dll
19:13:17.0085 0x0fcc C:\Windows\System32\secur32.dll - ok
19:13:17.0100 0x0fcc [ DB5E62FABC9407756F35F5EFBB3E15E5, E58B900165FDEC433F5A33D7701C3D326FB459052404CB40910117439A35C9F0 ] C:\Windows\System32\userenv.dll
19:13:17.0100 0x0fcc C:\Windows\System32\userenv.dll - ok
19:13:17.0100 0x0fcc [ 101BA3EA053480BB5D957EF37C06B5ED, 9A02771DA9C226552A1766C2DD0295ECA8B5B80AAE13076FFCE6A806FA5C21B8 ] C:\Windows\System32\wininit.exe
19:13:17.0100 0x0fcc C:\Windows\System32\wininit.exe - ok
19:13:17.0100 0x0fcc [ C2383A7FA2608D384ACAE1CDDE19A9F2, 3660398BDA5B10722521BCB96C23358F61EDFA83CBF7E193B242DEEEABFD3369 ] C:\Windows\System32\KBDUK.DLL
19:13:17.0100 0x0fcc C:\Windows\System32\KBDUK.DLL - ok
19:13:17.0116 0x0fcc [ 53E09730CB6190F6FF7633B8B5B914EC, 3F131187A01D9338D26B01385109DDEF20F3058A55115379EDB3AA34468435BB ] C:\Windows\System32\apphelp.dll
19:13:17.0116 0x0fcc C:\Windows\System32\apphelp.dll - ok
19:13:17.0116 0x0fcc [ 92283D9E33EC5F41ECC0B430B7459241, 9BE390D924438950025842667924819E6EB1E821893C9EFE5E06AB30CBD037BF ] C:\Windows\System32\WlS0WndH.dll
19:13:17.0116 0x0fcc C:\Windows\System32\WlS0WndH.dll - ok
19:13:17.0132 0x0fcc [ 2B336AB6286D6C81FA02CBAB914E3C6C, C5ADF6D5BFC00375BA6D0E5D96F36D36ADFBF66325A48358C6317E387FB220EC ] C:\Windows\System32\services.exe
19:13:17.0132 0x0fcc C:\Windows\System32\services.exe - ok
19:13:17.0132 0x0fcc [ BE6FAC6F0745C67DAE7522C96406D083, 5FBDE0193F6C6752C8BAB88D945F536D1259B3290073FE73E97FD4D9603D9AD6 ] C:\Windows\System32\sxs.dll
19:13:17.0132 0x0fcc C:\Windows\System32\sxs.dll - ok
19:13:17.0132 0x0fcc [ 99D8D5AF1826A4CB454B865223540449, BB79DBD0B387C0AD54C21DC55DB72A0BE4074A1F86387AE468416CE0B5B1025C ] C:\Windows\System32\cdd.dll
19:13:17.0132 0x0fcc C:\Windows\System32\cdd.dll - ok
19:13:17.0147 0x0fcc [ A911ECAC81F94ADEAFBE8E3F7873EDB0, 5FC9667F306E16722A46FABCA8FB9C8E7AC24768B9D8415B03F45567F90B8438 ] C:\Windows\System32\lsass.exe
19:13:17.0147 0x0fcc C:\Windows\System32\lsass.exe - ok
19:13:17.0147 0x0fcc [ DABF301FCC92C3E6D068B16C1949ECD7, 82A9F37BFBAE31E5B3ACF052D63A189C77995DFC7365655B9F2756738F8F7F80 ] C:\Windows\System32\lsasrv.dll
19:13:17.0147 0x0fcc C:\Windows\System32\lsasrv.dll - ok
19:13:17.0147 0x0fcc [ 4774AD6C447E02E954BD9A793614EBEC, 7BA75A26DA67FD10BB3E0A2404A7319F8D8938B0330BA0978A9E21EBC8CD9BA4 ] C:\Windows\System32\lsm.exe
19:13:17.0147 0x0fcc C:\Windows\System32\lsm.exe - ok
19:13:17.0163 0x0fcc [ EA5D4BFB6A9F6A659C3DDCE419D8217C, 6DDB5F1AE429EB9265B662C4A56A1A796481998EC6EBA089684E72D824F72367 ] C:\Windows\System32\scesrv.dll
19:13:17.0163 0x0fcc C:\Windows\System32\scesrv.dll - ok
19:13:17.0163 0x0fcc [ 71F5A7104FDF16C0AC5283A6CE666553, 481D688B87CC4155FB98AEB816B5F331F2EC8A1B409B01BA270A67660CE9564A ] C:\Windows\System32\sysntfy.dll
19:13:17.0163 0x0fcc C:\Windows\System32\sysntfy.dll - ok
19:13:17.0163 0x0fcc [ F0321DA5203F1E71917F3B7A13DC4912, 2F40733CBDD6491DAA3182AFDB3CA9FBAE5C3EE15CD9FCFF20E2D74E98CA374F ] C:\Windows\System32\wmsgapi.dll
19:13:17.0163 0x0fcc C:\Windows\System32\wmsgapi.dll - ok
19:13:17.0178 0x0fcc [ 669388DB959F5B07AAAA43C796C7AA05, DB95775C5503393E35FF3FA74070FC8DEE7BFCA5FF9C1315C759496169E63847 ] C:\Windows\System32\authz.dll
19:13:17.0178 0x0fcc C:\Windows\System32\authz.dll - ok
19:13:17.0178 0x0fcc [ F1011BD3AAD22375F34CF48CACD483C1, DBC464EA05FF613148D8C4376A81B3AD39F1D10B30473510EE1FC35CA4547926 ]
C:\Windows\System32\netapi32.dll
19:13:17.0178 0x0fcc C:\Windows\System32\netapi32.dll - ok
19:13:17.0178 0x0fcc [ 2FA16465F64DB54B1F7F511395EB4FD7, 9BC7865CC2EC9CE08E2848F8E8FB9E73715858A31243CB280C317578DDD97EDA ] C:\Windows\System32\ncobjapi.dll
19:13:17.0178 0x0fcc C:\Windows\System32\ncobjapi.dll - ok
19:13:17.0194 0x0fcc [ 9D1FDA9E086BA64E3C93C9DE32461BCF, 200FD0BFC811EC8993AF9FC78F58823ECC717063F438B627FBCDD6BD7790CAA8 ] C:\Windows\System32\aelupsvc.dll
19:13:17.0194 0x0fcc C:\Windows\System32\aelupsvc.dll - ok
19:13:17.0194 0x0fcc [ A1545B731579895D8CC44FC0481C1192, 6B0EE833BA39C142D625A03586CCD8F6C9C3136C603CE5DF5BAC1AA3423E3E7F ] C:\Windows\System32\alg.exe
19:13:17.0194 0x0fcc C:\Windows\System32\alg.exe - ok
19:13:17.0194 0x0fcc [ 1EACFF296A418F23B38BBC02E337F38B, 26FFBB6C7A9015C521099ADFF55023336D916F6415C3F61A544687114E46B2BD ] C:\Windows\System32\samsrv.dll
19:13:17.0194 0x0fcc C:\Windows\System32\samsrv.dll - ok
19:13:17.0210 0x0fcc [ 459B48188494490707DCA8BAA91AA185, E108A46F446A273BF118A73D4790FC85D49D6CE8ECC581AAEB942A1558D21327 ] C:\Windows\System32\cryptdll.dll
19:13:17.0210 0x0fcc C:\Windows\System32\cryptdll.dll - ok
19:13:17.0210 0x0fcc [ 5665120753FCE7123C4DEACE241EE715, 48F0031FFB188D64D29042022FB619E87D99843EF8B2B4E6FA6E7B6173FED876 ] C:\Windows\System32\dnsapi.dll
19:13:17.0210 0x0fcc C:\Windows\System32\dnsapi.dll - ok
19:13:17.0210 0x0fcc [ D4D86075510C02F887528207D8E0D713, E1D4F21F59B3A6208342A9B8C27B39C29B7551E984C1D3B05959F98A2A4B9969 ] C:\Windows\System32\crypt32.dll
19:13:17.0210 0x0fcc C:\Windows\System32\crypt32.dll - ok
19:13:17.0225 0x0fcc [ 4FB37EC51BDB2A6543F1F712555B9579, CA2EFBD583A4D6D35D4F80AF8B9425B212E81AA8FDA805D01642DA2A3C46BC84 ] C:\Windows\System32\feclient.dll
19:13:17.0225 0x0fcc C:\Windows\System32\feclient.dll - ok
19:13:17.0225 0x0fcc [ C047F0EEB03D8513B90A6EA70416DC18, 85437B35B6FCE33E717E2AF2E054D47C5D8995891E16A4C2DC7FEA7DB8B8CB0F ] C:\Windows\System32\mpr.dll
19:13:17.0225 0x0fcc C:\Windows\System32\mpr.dll - ok
19:13:17.0225 0x0fcc [ BA577783E8B4E2F49ED859E01C77F47B, DEB10D6E3D83BA8C1759A49765A02D200DE23A38BB45A1C7BFBB1CDD6D58104D ] C:\Windows\System32\msasn1.dll
19:13:17.0225 0x0fcc C:\Windows\System32\msasn1.dll - ok
19:13:17.0241 0x0fcc [ 7F0F1D4B0D847696F8E309423D227DCE, 4460A2E8B27EB74E951DF328DABFC6C905DD1538D2F2BEE59B2FDA05482CE9F7 ] C:\Windows\System32\ntdsapi.dll
19:13:17.0241 0x0fcc C:\Windows\System32\ntdsapi.dll - ok
19:13:17.0241 0x0fcc [ 599826174ECA68388BD413C665753BF7, B0132DF8A835B463AD057F1B3477C31A7A419B0507E1D89305F001BDD9962042 ] C:\Windows\System32\samlib.dll
19:13:17.0241 0x0fcc C:\Windows\System32\samlib.dll - ok
19:13:17.0241 0x0fcc [ C6D704C7F0434DC791AAC37CAC4B6E14, 35CF7D1895F97637E0C678A39F3049B871BCA9526D379C7793ED33B87D2EAC4C ] C:\Windows\System32\appinfo.dll
19:13:17.0241 0x0fcc C:\Windows\System32\appinfo.dll - ok
19:13:17.0256 0x0fcc [ 42076E29AAFA0830A2C5D4E310F58DD1, 13BB794C09BB602AECF53DB8147677159DC154E994FFEAE89C0298BD65FA9C7B ] C:\Windows\System32\audiosrv.dll
19:13:17.0256 0x0fcc C:\Windows\System32\audiosrv.dll - ok
19:13:17.0256 0x0fcc [ 8582E233C346AEFE759833E8A30DD697, 2B0A4FB7F0C3256A5003821634DFA04BA8C3FBB46E942E8BC5D114AF8D1E5354 ] C:\Windows\System32\BFE.DLL
19:13:17.0256 0x0fcc C:\Windows\System32\BFE.DLL - ok
19:13:17.0256 0x0fcc [ 02ED7B4DBC2A3232A389106DA7515C3D, 0DFCD03CB967D1A980D56124603F353DC1D800E3A5E436EEE95C65FDE17398CF ] C:\Windows\System32\qmgr.dll
19:13:17.0256 0x0fcc C:\Windows\System32\qmgr.dll - ok
19:13:17.0272 0x0fcc [ C0D487FD64092792B47E80A0FF27E5C6, 9FFDE97F66BF2ECE90F5998F6B3CC1990D16FE426AB7BA620752F2963D328A10 ] C:\Windows\System32\SLC.dll
19:13:17.0272 0x0fcc C:\Windows\System32\SLC.dll - ok
19:13:17.0272 0x0fcc [ E83DD205830F7FAEDA91E8E8D5C15ECC, 995893836E14915B6DD7A96CBAD48D0DD9A1DC356933CD9E146BA996EAD823D4 ] C:\Windows\System32\wevtapi.dll
19:13:17.0272 0x0fcc C:\Windows\System32\wevtapi.dll - ok
19:13:17.0272 0x0fcc [ 43A988A9C10333476CB5FB667CBD629D, 7E0DD57E75A50E3671673876631A1E66A4AC16810418BEC1AC2143DFD331F389 ] C:\Windows\System32\dhcpcsvc.dll
19:13:17.0272 0x0fcc C:\Windows\System32\dhcpcsvc.dll - ok
19:13:17.0288 0x0fcc [ 3E7978C513204CAA21E455D0F31F7F61, A6DFADAB1EFD997E76131DAE1450426A04056DA013C91E00DBEF6303CFB9BAD2 ] C:\Windows\System32\IPHLPAPI.DLL
19:13:17.0288 0x0fcc C:\Windows\System32\IPHLPAPI.DLL - ok
19:13:17.0288 0x0fcc [ EEBC4C814729C50E7D21EF70CF3E2B4A, A67212B441E1B9EBDCB4049C290D1AAA0909E5426D7D7CDE8CCC7BED27656A49 ] C:\Windows\System32\dhcpcsvc6.dll
19:13:17.0288 0x0fcc C:\Windows\System32\dhcpcsvc6.dll - ok
19:13:17.0288 0x0fcc [ 6B09105742C75DF80CEF21700F20F55A, D781C5F22BEBB5C51B7792EBB4421C170F2CC5FE28E9245E9D6B9D22E33423AB ] C:\Windows\System32\winnsi.dll
19:13:17.0288 0x0fcc C:\Windows\System32\winnsi.dll - ok
19:13:17.0303 0x0fcc [ C2610B6BDBEFC053BBDAB4F1B965CB24, EC983E197C7DA467EFC98C42B43E34B1B437405F6B51678DAB9F7F3400EA62FE ] C:\Windows\System32\winlogon.exe
19:13:17.0303 0x0fcc C:\Windows\System32\winlogon.exe - ok
19:13:17.0303 0x0fcc [ 7F15B4953378C8B5161D65C26D5FED4D, 70C80736225273D083F071E625CC47E5C889E8D7426D8D3461F87D41286F06D0 ] C:\Windows\System32\cngaudit.dll
19:13:17.0303 0x0fcc C:\Windows\System32\cngaudit.dll - ok
19:13:17.0319 0x0fcc [ 5D0B2FF2BAA623FC833C06916CB3428E, 1EB39C1D85D892E23E31660A3F91B66A1742F8B4F8C7C747577236ADFB5CA30D ] C:\Windows\System32\ncrypt.dll
19:13:17.0319 0x0fcc C:\Windows\System32\ncrypt.dll - ok
19:13:17.0319 0x0fcc [ 4AAFC7461633848AA87A363B2CBEC522, F2A452B5B71293011EED8CD5ABFA8D0B0761A92D4579CF9D98B1D2DC06D16791 ] C:\Windows\System32\winsta.dll
19:13:17.0319 0x0fcc C:\Windows\System32\winsta.dll - ok
19:13:17.0334 0x0fcc [ F7FFB0F018DDC0A120A1133437C37AB0, 71B0A96FF681F067AEF42DDBCCFA7141AFE23B39D7FD47E443D16843DB8355CB ] C:\Windows\System32\bcrypt.dll
19:13:17.0334 0x0fcc C:\Windows\System32\bcrypt.dll - ok
19:13:17.0334 0x0fcc [ A3629A0C4226F9E9C72FAAEEBC3AD33C, FB4D2738B64AADA52B95A6CF7ED4CDBFE4DD4BEBCAF1AE9CE64317F97DB38DDF ] C:\Windows\System32\browser.dll
19:13:17.0334 0x0fcc C:\Windows\System32\browser.dll - ok
19:13:17.0334 0x0fcc [ 58EE7F5E68310BC8D4E7CEBD8358C12E, 2EBA4A861E2C2AA56016DD8F5AE7C969BF515EF1B3E153F97F1E48E0983F17BB ] C:\Windows\System32\bthserv.dll
19:13:17.0334 0x0fcc C:\Windows\System32\bthserv.dll - ok
19:13:17.0350 0x0fcc [ 87C2D0377B23E2D8A41093C2F5FB1A5B, 94725CD764318461A1163FCD1B507B92490C5F52CB5089E6C7245FD91F2D1D05 ] C:\Windows\System32\certprop.dll
19:13:17.0350 0x0fcc C:\Windows\System32\certprop.dll - ok
19:13:17.0350 0x0fcc [ 4211249955AF9133E2E357CC92B54DFD, 5868F1B809783723C45D3A60DC6B2A21C216E9329D131B282A5851E38603DF55 ] C:\Windows\System32\comres.dll
19:13:17.0350 0x0fcc C:\Windows\System32\comres.dll - ok
19:13:17.0350 0x0fcc [ 26F139DDEC6407508071930D3D07337E, 90EF02DCA67C68AFBEB8E2BE2E1BD6E400F2A386C3CE8AF5573E9F89B7636688 ] C:\Windows\System32\credssp.dll
19:13:17.0350 0x0fcc C:\Windows\System32\credssp.dll - ok
19:13:17.0366 0x0fcc [ ABE9EEA1EABEA0711610A637A7B1C25D, 973F8BE8E411E1037DFC3FE3F979412450D268E4D34C0F38F3F015D2E00CD8AC ] C:\Windows\System32\msprivs.dll
19:13:17.0366 0x0fcc C:\Windows\System32\msprivs.dll - ok
19:13:17.0366 0x0fcc [ 7D80A6E1FE4F3B40E5992EE8964A00F4, 85A68E027A7C484851F4DA94700756D13EA9F7CB8D5B88B2C07690548D77B965 ] C:\Windows\System32\kerberos.dll
19:13:17.0366 0x0fcc C:\Windows\System32\kerberos.dll - ok
19:13:17.0381 0x0fcc [ 22CFAEB9172F5F198048401485CD0571, 94E0B8590268BD21B035297F5B0C01A4E8958A1DB39A5AA654EA1805BD30CEC2 ] C:\Windows\System32\WSHTCPIP.DLL
19:13:17.0381 0x0fcc C:\Windows\System32\WSHTCPIP.DLL - ok
19:13:17.0381 0x0fcc [ 6DE363F9F99334514C46AEC02D3E3678, FF403B8A4D7D6B3D2F23E2711D1353CFB0C748AD7D7927CF5DFBD99CD169D826 ] C:\Windows\System32\cryptsvc.dll
19:13:17.0381 0x0fcc C:\Windows\System32\cryptsvc.dll - ok
19:13:17.0381 0x0fcc [ 74F380C8EC8813626C670D46E8A714D1, 25E20A08048DB18CB1B1071B6FF916561A809561F587E26306FB75A8AA173FE3 ] C:\Windows\System32\dfsrres.dll
19:13:17.0381 0x0fcc C:\Windows\System32\dfsrres.dll - ok
19:13:17.0397 0x0fcc [ 5AF620A08C614E24206B79E8153CF1A8, 5BB32FF3C9A5C51C2773F0ECF9647749667F4678EF3C75FEB4420EC6C805913E ] C:\Windows\System32\dot3svc.dll
19:13:17.0397 0x0fcc C:\Windows\System32\dot3svc.dll - ok
19:13:17.0397 0x0fcc [ 08D6D1692B62C9EE4062E1FA04D8FE2F, 0DDB6D64524CDED04DE6521FC834BC4507ECF4C51C9F9BC407B510222E4F0343 ] C:\Windows\System32\oleres.dll
19:13:17.0397 0x0fcc C:\Windows\System32\oleres.dll - ok
19:13:17.0397 0x0fcc [ 9E80FF0752E365F97FD2D1D68C2AFDA1, 07924F0966A05A992130D29BBF634214D0DFE4081851ED18B1E334437DD008D0 ] C:\Windows\System32\wship6.dll
19:13:17.0397 0x0fcc C:\Windows\System32\wship6.dll - ok
19:13:17.0412 0x0fcc [ 05C3B38DB95BA5585817A4F898EE5581, 227357221F00BA91D7907966FF251F6834D69ABD630174A56F9A6C98723C1625 ] C:\Windows\System32\wshqos.dll
19:13:17.0412 0x0fcc C:\Windows\System32\wshqos.dll - ok
19:13:17.0412 0x0fcc [ FC62A635063B762E1C3C60EA77279378, 9C7ADE37C9F2F9CC5A79D75260736C3791C7A73FB84BE6B7E575CA31A4B99667 ] C:\Windows\System32\NapiNSP.dll
19:13:17.0412 0x0fcc C:\Windows\System32\NapiNSP.dll - ok
19:13:17.0412 0x0fcc [ 2997B15415F9BBE05B5A4C1C85E0C6A2, 5455536515FE740E18E090329FDCC40288724372AD18ACDB2CB4BB9D85CF681E ] C:\Windows\System32\nlasvc.dll
19:13:17.0412 0x0fcc C:\Windows\System32\nlasvc.dll - ok
19:13:17.0428 0x0fcc [ A622E888F8AA2F6B49E9BC466F0E5DEF, 3DED7F22A29AD2F8C927DFA0FD87FDE5ED0BDCAC7260BD9F71D8EA34328C772A ] C:\Windows\System32\dps.dll
19:13:17.0428 0x0fcc C:\Windows\System32\dps.dll - ok
19:13:17.0428 0x0fcc [ 89FD0595EEA4E505CABEFCF7008F2612, 13FA0B9453ACF67CEAE09B5AA4F7C3C84912F0990BFBE63035AC332B83CBC8E6 ] C:\Windows\System32\mswsock.dll
19:13:17.0428 0x0fcc C:\Windows\System32\mswsock.dll - ok
19:13:17.0444 0x0fcc [ 690D41DF1D555F96D4898A0F54EBA065, 3A8C9304D49657765DF0FCCEAE2A529982025D8677CCA5930824921F77B8F404 ] C:\Windows\System32\pnrpnsp.dll
19:13:17.0444 0x0fcc C:\Windows\System32\pnrpnsp.dll - ok
19:13:17.0444 0x0fcc [ 9BE3744D295A7701EB425332014F0797, 1A139EE9232581E466591C5EBEF41E4BF1F82D99C1959F1C68C879B240E9F46D ] C:\Windows\ehome\ehrecvr.exe
19:13:17.0444 0x0fcc C:\Windows\ehome\ehrecvr.exe - ok
19:13:17.0444 0x0fcc [ C0B95E40D85CD807D614E264248A45B9, 30421DAF1722A225222268CB8BA4FE60CB76C6FD0C9157B0F53FC1368F806A4E ] C:\Windows\System32\eapsvc.dll
19:13:17.0444 0x0fcc C:\Windows\System32\eapsvc.dll - ok
19:13:17.0459 0x0fcc [ FE1178E1D65E230721A1F9ADBEBD84CB, E0EA8D302A4B0173ABF1774F11DCEA1F864439C83481EDA2D6B977CC62B8FAEA ] C:\Windows\System32\msv1_0.dll
19:13:17.0459 0x0fcc C:\Windows\System32\msv1_0.dll - ok
19:13:17.0459 0x0fcc [ A8EFC0B6E75B789F7FD3BA5025D4E37F, E5558D79DF661EDE14D7C400510DC5B4FAAF23C6C3D0B102D61C1B94BE384B64 ] C:\Windows\System32\netlogon.dll
19:13:17.0459 0x0fcc C:\Windows\System32\netlogon.dll - ok
19:13:17.0459 0x0fcc [ AD1870C8E5D6DD340C829E6074BF3C3F, 064D07106A1BBE80294F1913354832F2B67D22274BB4D36C81D2D83C96FE0B88 ] C:\Windows\ehome\ehsched.exe
19:13:17.0459 0x0fcc C:\Windows\ehome\ehsched.exe - ok
19:13:17.0475 0x0fcc [ C27C4EE8926E74AA72EFCAB24C5242C3, F1EBF78CCE9BA76AFD0478BC66B67CA44DEAF3C380369BFCE91BD8F678C8608A ] C:\Windows\ehome\ehstart.dll
19:13:17.0475 0x0fcc C:\Windows\ehome\ehstart.dll - ok
19:13:17.0475 0x0fcc [ 70B1A86DF0C8EAD17D2BC332EDAE2C7C, 80385AC32CE8388F06341AA4A880F68E0EB5815CCCA5CF8E799846F472DCE360 ] C:\Windows\System32\emdmgmt.dll
19:13:17.0475 0x0fcc C:\Windows\System32\emdmgmt.dll - ok
19:13:17.0475 0x0fcc [ 72910BC4A218C49EA8E43D1FAEC403A5, AAC5026C440BA588D532703A582386EC33B2BCAE2D7A6EF7798498FDDF6F617A ] C:\Windows\System32\winbrand.dll
19:13:17.0475 0x0fcc C:\Windows\System32\winbrand.dll - ok
19:13:17.0490 0x0fcc [ 3ABDB4BEAE7CF1187109756D5F3A9BC0, C74F065D48BCF1E1EA046884E893BAE3B02F4F76A384D44CD3553A9FFCEB7C91 ] C:\Windows\System32\wevtsvc.dll
19:13:17.0490 0x0fcc C:\Windows\System32\wevtsvc.dll - ok
19:13:17.0490 0x0fcc [ 6629B5F0E98151F4AFDD87567EA32BA3, 8CC02D5E0639CDF74B2F85DB56D6199E1858F1A58465ED1D8B25C968E986132C ] C:\Windows\System32\fdPHost.dll
19:13:17.0490 0x0fcc C:\Windows\System32\fdPHost.dll - ok
19:13:17.0490 0x0fcc [ 6528EE11EFA77F8C8B1C6EAD401F907F, 20CAADFCE9021AB51E757A478687E3984E6637806E9CFAD747ED7D92413BE86C ] C:\Windows\System32\schannel.dll
19:13:17.0490 0x0fcc C:\Windows\System32\schannel.dll - ok
19:13:17.0506 0x0fcc [ 89ED56DCE8E47AF40892778A5BD31FD2, 924360875796C3DDDDA8097FDF53F6846B227F7413766F00AEDD981EFD691BF9 ] C:\Windows\System32\FDResPub.dll
19:13:17.0506 0x0fcc C:\Windows\System32\FDResPub.dll - ok
19:13:17.0506 0x0fcc [ 302964DCAC79D618CC7B72C778DA9FD2, 7F2980AA49592B308E5D4C1A311AE837F65E9FB35761734A936626E81F0A7F10 ] C:\Windows\System32\PresentationHost.exe
19:13:17.0506 0x0fcc C:\Windows\System32\PresentationHost.exe - ok
19:13:17.0506 0x0fcc [ 29EC7259E8196D9F90A3D59B3D546FAF, AAB04337EA82C444D6C2698DBFA8A2AABB00FE5002B618DC78F38DD805F3986A ] C:\Windows\System32\wdigest.dll
19:13:17.0506 0x0fcc C:\Windows\System32\wdigest.dll - ok
19:13:17.0522 0x0fcc [ 5178D99B1CBD1C9D310904417E2C5A11, FEE095C528775C6930E6581B20EA1DF7AAB535F107F9B6D415D354511D308667 ] C:\Windows\System32\rsaenh.dll
19:13:17.0522 0x0fcc C:\Windows\System32\rsaenh.dll - ok
19:13:17.0522 0x0fcc [ EC366A76243A6755146F802F7D60E4B6, 977022FAC89D8E6D6E463BD1811521327D297C775B99F55155FD6ECE5991E405 ] C:\Windows\System32\gpapi.dll
19:13:17.0522 0x0fcc C:\Windows\System32\gpapi.dll - ok
19:13:17.0522 0x0fcc [ 8FA640195279ACE21BEA91396A0054FC, 20541E5FA29B3FBD8824F3DF93C7D63AFEE56948F82FFDE20E9E87F5C0A3A789 ] C:\Windows\System32\hidserv.dll
19:13:17.0522 0x0fcc C:\Windows\System32\hidserv.dll - ok
19:13:17.0537 0x0fcc [ F8873D15018F411588BEC02C1725BADA, 7E90B1D820733C80B438287D89FC3D4219B2C97BD878EB5BA2DBFF64BBF3938A ] C:\Windows\System32\TSpkg.dll
19:13:17.0537 0x0fcc C:\Windows\System32\TSpkg.dll - ok
19:13:17.0537 0x0fcc [ D8AD255B37DA92434C26E4876DB7D418, C901EADDD93FC90C8F29F4B6DE808F8E4F486C877FC0AA27DA4ACDE17E28899D ] C:\Windows\System32\KMSVC.DLL
19:13:17.0537 0x0fcc C:\Windows\System32\KMSVC.DLL - ok
19:13:17.0537 0x0fcc [ 58236642134BC28334F3209F0130F7A0, 7134559C3E04B9240BBBD8C7629099507642CABE9C978378DFCCE62179D5808C ] C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll
19:13:17.0537 0x0fcc C:\Windows\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\ServiceModelInstallRC.dll - ok
19:13:17.0553 0x0fcc [ A3BC480A2BF8AA8E4DABD2D5DCE0AFAC, ED795B07B38EDBB2850384EDFA04C85539D4D22A7AAB8981C83C84E2EAB5976F ] C:\Windows\System32\IKEEXT.DLL
19:13:17.0553 0x0fcc C:\Windows\System32\IKEEXT.DLL - ok
19:13:17.0553 0x0fcc [ 9AC218C6E6105477484C6FDBE7D409A4, FF30D09CD2A0F5BBEC309E953370F194B6F26BF4227E627B594AAA48B0F5D3C2 ] C:\Windows\System32\IPBusEnum.dll
19:13:17.0553 0x0fcc C:\Windows\System32\IPBusEnum.dll - ok
19:13:17.0553 0x0fcc [ 3464DAE0E801F5A81A23C571D86F30B2, A5C0256618215A96BC8CB68357E5278DBF01C3E2CFFDC77EB4A703F1342687D2 ] C:\Windows\System32\rascfg.dll
19:13:17.0553 0x0fcc C:\Windows\System32\rascfg.dll - ok
19:13:17.0568 0x0fcc [ 6A35D233693EDC29A12742049BC5E37F, 77275407105492A11CDC232E72C8183F0DFD28F8B9AD2A24AAABDB246F14D38F ] C:\Windows\System32\iphlpsvc.dll
19:13:17.0568 0x0fcc C:\Windows\System32\iphlpsvc.dll - ok
19:13:17.0568 0x0fcc [ 74C2F29CC612B2B34231BEBD824D2FB2, 0C0888AB3B2D8C8F17CA57A503C61F867C8F12A6E6F645DEFE7A2C299AA59AD8 ] C:\Windows\System32\keyiso.dll
19:13:17.0568 0x0fcc C:\Windows\System32\keyiso.dll - ok
19:13:17.0584 0x0fcc [ 1925E63C91CF1610AE41BFD539062079, C25438D19D51B76A8E4C5F3A5D41C76197321166CB37E224217993A4466EBEF9 ] C:\Windows\System32\srvsvc.dll
19:13:17.0584 0x0fcc C:\Windows\System32\srvsvc.dll - ok
19:13:17.0584 0x0fcc [ 2AE2E1628C5D3F1C0A46A67C9FA1DF15, 7B1FAC42B9EA73A8C4E812F8F729EB882BDFD04D2E68FE354CFD6B8379A46D14 ] C:\Windows\System32\wkssvc.dll
19:13:17.0584 0x0fcc C:\Windows\System32\wkssvc.dll - ok
19:13:17.0584 0x0fcc [ A82A49A97777FF320D04D833ECB68F27, 1B9F96FF9C8B786EAF154C2305E823EE0BB83BFDB63682E25A8401CBDAA374A5 ] C:\Windows\ehome\ehres.dll
19:13:17.0584 0x0fcc C:\Windows\ehome\ehres.dll - ok
19:13:17.0600 0x0fcc [ FA0593D936C9B95FB6FAA32AD1595D49, E7DEC36E708D62D6E95649F3F82DD1CB3E4A77934ABC86FD44FE1F37826901B0 ] C:\Windows\System32\lltdres.dll
19:13:17.0600 0x0fcc C:\Windows\System32\lltdres.dll - ok
19:13:17.0600 0x0fcc [ 35D40113E4A5B961B6CE5C5857702518, 453097AEF46ED48107395D9A1696AAC259FD6CEA8A655D38C5E246FDDAB81664 ] C:\Windows\System32\lmhsvc.dll
19:13:17.0600 0x0fcc C:\Windows\System32\lmhsvc.dll - ok
19:13:17.0615 0x0fcc [ 95F1EB99B81CFD6F581C85F0A0AA9B2B, 65EE7016E6235880C4443119BF32CF12D4A9A9CA3810B974B575AD31D380A7FB ] C:\Windows\System32\FirewallAPI.dll
19:13:17.0615 0x0fcc C:\Windows\System32\FirewallAPI.dll - ok
19:13:17.0615 0x0fcc [ 1076FFCFFAAE8385FD62DFCB25AC4708, 8C5C106FCB018E019DEBA8E1A6AA170CD7A93293F27994F724EBC486238DA0AA ] C:\Windows\System32\mmcss.dll
19:13:17.0615 0x0fcc C:\Windows\System32\mmcss.dll - ok
19:13:17.0615 0x0fcc [ EA822412BBBA9B7D2B1A3748AD50EFB8, 10BA6E240FEC5BB1A0A7C0D75E0495D99FD48D68CA69C0985DD921658835225C ] C:\Windows\System32\iscsidsc.dll
19:13:17.0615 0x0fcc C:\Windows\System32\iscsidsc.dll - ok
19:13:17.0631 0x0fcc [ 200C81D5EB703CEF14C5A11D12E22396, CECCF8C2C85C01BE636529425164CF224927E760A07BF461F5E1ABDE1220F357 ] C:\Windows\System32\msimsg.dll
19:13:17.0631 0x0fcc C:\Windows\System32\msimsg.dll - ok
19:13:17.0631 0x0fcc [ C43B25863FBD65B6D2A142AF3AE320CA, 88E147751CBECFF31CD65954BC978B86CEA74485EB60DBB25AABAB4601797A4E ] C:\Windows\System32\QAGENTRT.DLL
19:13:17.0631 0x0fcc C:\Windows\System32\QAGENTRT.DLL - ok
19:13:17.0631 0x0fcc [ C8052711DAECC48B982434C5116CA401, 417DEB86D157DD3F0B4678410FE27FDD3E8FA04AB03AF398F6C02BF207070B35 ] C:\Windows\System32\netman.dll
19:13:17.0631 0x0fcc C:\Windows\System32\netman.dll - ok
19:13:17.0647 0x0fcc [ ED640F4CE585058119B824CC76591D9C, B8FA63CEE5105DD034084F34D0FDB223EAC1228888EDBD9EB48BF1B64F720C0E ] C:\Windows\System32\netprof.dll
19:13:17.0647 0x0fcc C:\Windows\System32\netprof.dll - ok
19:13:17.0647 0x0fcc [ 8BB86F0C7EEA2BDED6FE095D0B4CA9BD, 15CA178518EB3D457AA4C109D97A8490821590842AE4E9841703B5A55870C8F6 ] C:\Windows\System32\nsisvc.dll
19:13:17.0647 0x0fcc C:\Windows\System32\nsisvc.dll - ok
19:13:17.0647 0x0fcc [ 5DE1A3972FD3112C75EB17BDCF454169, A3187A9ED867B3B1225A8C3CFB048360C1B92DA823C1B6FF5EF2C17F6BFB6602 ] C:\Windows\System32\p2psvc.dll
19:13:17.0647 0x0fcc C:\Windows\System32\p2psvc.dll - ok
19:13:17.0662 0x0fcc [ C6276AD11F4BB49B58AA1ED88537F14A, 409E956AF994640DF8D062E5E41F87A6EE7EEE0335C191B582722A49322357CE ] C:\Windows\System32\pcasvc.dll
19:13:17.0662 0x0fcc C:\Windows\System32\pcasvc.dll - ok
19:13:17.0662 0x0fcc [ B1689DF169143F57053F795390C99DB3, 887B8C76B34CABC68067C0F27CC4EEF02457A53634C96FE5B0FE9B99453BDBEF ] C:\Windows\System32\pla.dll
19:13:17.0662 0x0fcc C:\Windows\System32\pla.dll - ok
19:13:17.0678 0x0fcc [ 78F975CB6D18265BE6F492EDB2D7BC7B, 112C6FB0A84E605B1EA87F98C8A4C210C9DB84C811029109444AB174011A158C ] C:\Windows\System32\umpnpmgr.dll
19:13:17.0678 0x0fcc C:\Windows\System32\umpnpmgr.dll - ok
19:13:17.0678 0x0fcc [ 64B28D672B5B6A01E87B0C3096B1E047, D4E5875A25E0EBEFD4AE38A3BA508CF99DD7278E7D4E1C95C7E1B8E42F381A10 ] C:\Windows\System32\polstore.dll
19:13:17.0678 0x0fcc C:\Windows\System32\polstore.dll - ok
19:13:17.0678 0x0fcc [ B627E4FC8585E8843C5905D4D3587A90, 07D7BC1BF8CDD5E34155B260B914D4A9892D3CEAEACDE334D1AF2A608E1FA2D8 ] C:\Windows\System32\profsvc.dll
19:13:17.0678 0x0fcc C:\Windows\System32\profsvc.dll - ok
19:13:17.0693 0x0fcc [ 08F9134A2215B7ED985409A4DF60AC60, BAFFCA0BA71A11FE63AB8411D8951E9AE087E31E04E9D226CCB21E82B79F2DCE ] C:\Windows\System32\psbase.dll
19:13:17.0693 0x0fcc C:\Windows\System32\psbase.dll - ok
19:13:17.0693 0x0fcc [ E9ECAE663F47E6CB43962D18AB18890F, F1A05320CAED9E745AA36A6DA9B64C48AAEDE888B42B249840CEB31448F7F432 ] C:\Windows\System32\qwave.dll
19:13:17.0693 0x0fcc C:\Windows\System32\qwave.dll - ok
19:13:17.0693 0x0fcc [ 9F5E0E1926014D17486901C88ECA2DB7, 67CDFB99AB546DCEEF20507EAC07DD52FFB51BFDFE9416ABEDDC1201B60D720E ] C:\Windows\System32\drivers\qwavedrv.sys
19:13:17.0693 0x0fcc C:\Windows\System32\drivers\qwavedrv.sys - ok
19:13:17.0709 0x0fcc [ 8F97D374AD1857E1EED85A79F29A1D3D, 4B2D1DBB60C0890E3CB497F534D8DE74952AF8774579B62B0F4ED14912CA583C ] C:\Windows\WindowsMobile\rapimgr.dll
19:13:17.0709 0x0fcc C:\Windows\WindowsMobile\rapimgr.dll - ok
19:13:17.0709 0x0fcc [ F6A452EB4CEADBB51C9E0EE6B3ECEF0F, 6A410ABCCD2211EFF511CDBF22E4152B57D2996336EBE711DFF71904AF232DB2 ] C:\Windows\System32\rasauto.dll
19:13:17.0709 0x0fcc C:\Windows\System32\rasauto.dll - ok
19:13:17.0709 0x0fcc [ 6E7C284FC5C4EC07AD164D93810385A6, FDBF80C8DE53E56A3515353129C6912E8CAEC2B2DA9AB3A4B027CB73BDF1EC60 ] C:\Windows\System32\rasmans.dll
19:13:17.0709 0x0fcc C:\Windows\System32\rasmans.dll - ok
19:13:17.0725 0x0fcc [ 6F1A32E7B7B30F004D9A20AFADB14944, AA9D874A14CA4779E76701D2B02F4CCA92CD5917435FB4CACA149FCB2D1D4C4C ] C:\Windows\System32\sstpsvc.dll
19:13:17.0725 0x0fcc C:\Windows\System32\sstpsvc.dll - ok
19:13:17.0725 0x0fcc [ BCDD6B4804D06B1F7EBF29E53A57ECE9, 8A961CCD0A0265E03D9952C733B593B02B5CF64E308D6B420276D2D6B20F86FC ] C:\Windows\System32\mprdim.dll
19:13:17.0725 0x0fcc C:\Windows\System32\mprdim.dll - ok
19:13:17.0740 0x0fcc [ CC4E32400F3C7253400CF8F3F3A0B676, D2A874BE3D365260AD7C10C30F2DE22F818CBFC12D65AADE2203B9ED02C9BEB5 ] C:\Windows\System32\regsvc.dll
19:13:17.0740 0x0fcc C:\Windows\System32\regsvc.dll - ok
19:13:17.0740 0x0fcc [ 5123F83CBC4349D065534EEB6BBDC42B, 92A3F38EA924D83D601BB93E3750F9DBC2DD963FB7ACF2A0E776297E21815225 ] C:\Windows\System32\Locator.exe
19:13:17.0740 0x0fcc C:\Windows\System32\Locator.exe - ok
19:13:17.0740 0x0fcc [ 11387E32642269C7E62E8B52C060B3C6, 6225FA14CBDC1D30F2E4CDC2059773DA49C67BE2C00A1DE582E8E07717F20425 ] C:\Windows\System32\SCardSvr.dll
19:13:17.0740 0x0fcc C:\Windows\System32\SCardSvr.dll - ok
19:13:17.0756 0x0fcc [ 7B587B8A6D4A99F79D2902D0385F29BD, C29F2EE25F7B11E1821832CB7F4F8506C2AB20804D6702CC5EAF5BA1F3FCA972 ] C:\Windows\System32\schedsvc.dll
19:13:17.0756 0x0fcc C:\Windows\System32\schedsvc.dll - ok
19:13:17.0756 0x0fcc [ 716313D9F6B0529D03F726D5AAF6F191, 44FE994A11631C1D99C73026340BACE39973C65A1281D87A61B481C9B5FAB251 ] C:\Windows\System32\sdrsvc.dll
19:13:17.0756 0x0fcc C:\Windows\System32\sdrsvc.dll - ok
19:13:17.0771 0x0fcc [ FD5199D4D8A521005E4B5EE7FE00FA9B, 0FB7A1D300C72B1ADC423CC57343C17853E5F8ACFE3EA2C42FAC2FF72E502FBE ] C:\Windows\System32\seclogon.dll
19:13:17.0771 0x0fcc C:\Windows\System32\seclogon.dll - ok
19:13:17.0771 0x0fcc [ A9BBAB5759771E523F55563D6CBE140F, 415BF6F6A1E4C5F98DABF9C2EEAF8CA49730693046E5F94C7655683717EDAD75 ] C:\Windows\System32\Sens.dll
19:13:17.0771 0x0fcc C:\Windows\System32\Sens.dll - ok
19:13:17.0771 0x0fcc [ E1499BD0FF76B1B2FBBF1AF339D91165, 9A8F0403467E75880D3070C4D862489A75134383BAF8E7C45F8C5E7DFB0605A5 ] C:\Windows\System32\ipnathlp.dll
19:13:17.0771 0x0fcc C:\Windows\System32\ipnathlp.dll - ok
19:13:17.0787 0x0fcc [ D2193326F729B163125610DBF3E17D57, 82C894E24E2C139C884246A693AD37BBF0A4E9375B7F7A288EF1DB22F89434B9 ] C:\Windows\System32\SessEnv.dll
19:13:17.0787 0x0fcc C:\Windows\System32\SessEnv.dll - ok
19:13:17.0787 0x0fcc [ 1E3FDB80E40A3CE645F229DFBDFB7694, C58D04CB86E314FC768F2729AC77A7097AFA9C80A35D8AB72690B7005E83D1D6 ] C:\Windows\System32\shsvcs.dll
19:13:17.0787 0x0fcc C:\Windows\System32\shsvcs.dll - ok
19:13:17.0787 0x0fcc [ 0BA91E1358AD25236863039BB2609A2E, ECB3C8E3D9C6FA77C0CF5A898FB90BB9474C6EFBE3698B56C93ECE44535EDACE ] C:\Windows\System32\SLsvc.exe
19:13:17.0787 0x0fcc C:\Windows\System32\SLsvc.exe - ok
19:13:17.0803 0x0fcc [ 7C6DC44CA0BFA6291629AB764200D1D4, 747CDA89C6F94F8314E5E5C425387ABDF9FF8528D82422F8FF66D96307B47B13 ] C:\Windows\System32\SLUINotify.dll
19:13:17.0803 0x0fcc C:\Windows\System32\SLUINotify.dll - ok
19:13:17.0803 0x0fcc [ 2E4E9353D829636120CFDE95D60881BA, 4205310692393A70B7D0D3CAD5A6978B43E813FC5A2B36A06266F9C500751246 ] C:\Windows\System32\tcpipcfg.dll
19:13:17.0803 0x0fcc C:\Windows\System32\tcpipcfg.dll - ok
19:13:17.0803 0x0fcc [ 2A146A055B4401C16EE62D18B8E2A032, D0930FFA53951C92F56E1ECB41374F4C0AA01ECBF99F474513A21EAD579CFE47 ] C:\Windows\System32\snmptrap.exe
19:13:17.0803 0x0fcc C:\Windows\System32\snmptrap.exe - ok
19:13:17.0818 0x0fcc [ 3665F79026A3F91FBCA63F2C65A09B19, A9AAE9B4006B5BC6EF4A7AB4CAB131687E4055E7C56900BBD24F78BA155C458A ] C:\Windows\System32\spoolsv.exe
19:13:17.0818 0x0fcc C:\Windows\System32\spoolsv.exe - ok
19:13:17.0818 0x0fcc [ 03D50B37234967433A5EA5BA72BC0B62, 7B61D6A4BF5D446A9473D058BC207FB6DA7C2FEFB8083F3B66CAC8907DBD8327 ] C:\Windows\System32\ssdpsrv.dll
19:13:17.0818 0x0fcc C:\Windows\System32\ssdpsrv.dll - ok
19:13:17.0818 0x0fcc [ 7DD08A597BC56051F320DA0BAF69E389, ACC59CF80765248705FFCE65DC9B5D072DC054F08C02FB4D16BA0E84D8BED0A4 ] C:\Windows\System32\wiaservc.dll
19:13:17.0818 0x0fcc C:\Windows\System32\wiaservc.dll - ok
19:13:17.0834 0x0fcc [ 8710A92D0024B03B5FB9540DF1F71F1D, B72A968A7966DC16A1D69A8D53012A4307EEBDC4CB8E1D9C93BFB88D996E490F ] C:\Windows\System32\sysmain.dll
19:13:17.0834 0x0fcc C:\Windows\System32\sysmain.dll - ok
19:13:17.0834 0x0fcc [ 2DCA225EAE15F42C0933E998EE0231C3, 67C7913E41854DFA3043426B7D59AA1FBBB9DE01A6E6904E40A696A7C61A5F98 ] C:\Windows\System32\TabSvc.dll
19:13:17.0834 0x0fcc C:\Windows\System32\TabSvc.dll - ok
19:13:17.0834 0x0fcc [ 680916BB09EE0F3A6ACA7C274B0D633F, 008B6EE41FA4D371258F0A656AE96B3E3F487BE5B9E0654B920013B4F1C0DFD8 ] C:\Windows\System32\tapisrv.dll
19:13:17.0834 0x0fcc C:\Windows\System32\tapisrv.dll - ok
19:13:17.0849 0x0fcc [ CB05822CD9CC6C688168E113C603DBE7, 9DB8945BDC702BB13E9DE477F2D3CCA4CE0E9E8CE9B54CE1A25375F2A2C93F0E ] C:\Windows\System32\tbssvc.dll
19:13:17.0849 0x0fcc C:\Windows\System32\tbssvc.dll - ok
19:13:17.0849 0x0fcc [ D605031E225AACCBCEB5B76A4F1603A6, 27D78644CADBC11C3AB5E0C10F854FD43BCD43B6E91C1ED1F6D35BC501147701 ] C:\Windows\System32\termsrv.dll
19:13:17.0849 0x0fcc C:\Windows\System32\termsrv.dll - ok
19:13:17.0865 0x0fcc [ 16613A1BAD034D4ECF957AF18B7C2FF5, 75499618187ED4385984F608D134BB298A4CCB339F70B31E4A8B2CF3E3558396 ] C:\Windows\servicing\TrustedInstaller.exe
19:13:17.0865 0x0fcc C:\Windows\servicing\TrustedInstaller.exe - ok
19:13:17.0865 0x0fcc [ EC74E77D0EB004BD3A809B5F8FB8C2CE, 1E4BBC58D0E35D79C764CF1BA73602C5E29A5A2393D40332801D533E445C6667 ] C:\Windows\System32\trkwks.dll
19:13:17.0865 0x0fcc C:\Windows\System32\trkwks.dll - ok
19:13:17.0865 0x0fcc [ ECEF404F62863755951E09C802C94AD5, 5D92062B3E371F196774EBFE840C78501E55A244DB2A49703C7AC0141C7DABF1 ] C:\Windows\System32\UI0Detect.exe
19:13:17.0865 0x0fcc C:\Windows\System32\UI0Detect.exe - ok
19:13:17.0881 0x0fcc [ 68308183F4AE0BE7BF8ECD07CB297999, 4444233CA3C42BEE50ED47553D4AE5A7C12D8F288D2FA4B2DAE1D9B9FEC1A72D ] C:\Windows\System32\upnphost.dll
19:13:17.0881 0x0fcc C:\Windows\System32\upnphost.dll - ok
19:13:17.0881 0x0fcc [ 59903071D7ACE6A02093C47E9E38AF97, 1EBDCF3C50A1BA8608E6FD41964419CBBB6B898439184FAED3DF7F7D5C209D2E ] C:\Windows\System32\dwm.exe
19:13:17.0881 0x0fcc C:\Windows\System32\dwm.exe - ok
19:13:17.0881 0x0fcc [ B13BC395B9D6116628F5AF47E0802AC4, 36E023A07E56588A8C26EF95E4F99303659E4783E0D9E8AEF193CA77A7AF91BA ] C:\Windows\System32\vds.exe
19:13:17.0881 0x0fcc C:\Windows\System32\vds.exe - ok
19:13:17.0896 0x0fcc [ D5FB73D19C46ADE183F968E13F186B23, D35432BE4FF462FCEA958CF646D5572B6D78058BC2F1F324C9F50A0B14B02259 ] C:\Windows\System32\VSSVC.exe
19:13:17.0896 0x0fcc C:\Windows\System32\VSSVC.exe - ok
19:13:17.0896 0x0fcc [ 1CF9206966A8458CDA9A8B20DF8AB7D3, 405D5FE96DA7ED03D4124EF6C692F80E88E5982B90DF46E353E94FFF576A5570 ] C:\Windows\System32\w32time.dll
19:13:17.0896 0x0fcc C:\Windows\System32\w32time.dll - ok
19:13:17.0896 0x0fcc [ 59E19BD13C3BDB857646B9E436BA27F7, CC84C607E15F5F29D93510387D5486BAF320BDAF79026A0BECE0D242F7B1DF3E ] C:\Windows\WindowsMobile\wcescomm.dll
19:13:17.0896 0x0fcc C:\Windows\WindowsMobile\wcescomm.dll - ok
19:13:17.0912 0x0fcc [ F3A5C2E1A6533192B070D06ECF6BE796, CBA11D9E60A04A0B82C6934A53EA859513CD476FF047DD3D59727B10CE7DB2DA ] C:\Windows\System32\wcncsvc.dll
19:13:17.0912 0x0fcc C:\Windows\System32\wcncsvc.dll - ok
19:13:17.0912 0x0fcc [ 11BCB7AFCDD7AADACB5746F544D3A9C7, 0370E20FD12ED713F94E5CD76F068F7A7A5E7F42416DD2A8A41249020DA7DA31 ] C:\Windows\System32\WcsPlugInService.dll
19:13:17.0912 0x0fcc C:\Windows\System32\WcsPlugInService.dll - ok
19:13:17.0912 0x0fcc [ ABFC76B48BB6C96E3338D8943C5D93B5, B5B22D445724D58641A53276063A4AA2A98F07B93865C86E94661EB31BD63511 ] C:\Windows\System32\wdi.dll
19:13:17.0912 0x0fcc C:\Windows\System32\wdi.dll - ok
19:13:17.0927 0x0fcc [ CF9A5F41789B642DB967021DE06A2713, A541F9D87CBDE2A4E48C5D5363736EF603B2701741D3044232474F179884AD7B ] C:\Windows\System32\WebClnt.dll
19:13:17.0927 0x0fcc C:\Windows\System32\WebClnt.dll - ok
19:13:17.0927 0x0fcc [ AE3736E7E8892241C23E4EBBB7453B60, 0F998116CC07CD719CB237EAE53BB16B2EDD6973828B9C1055EB981AEA0453D1 ] C:\Windows\System32\wecsvc.dll
19:13:17.0927 0x0fcc C:\Windows\System32\wecsvc.dll - ok
19:13:17.0943 0x0fcc [ 670FF720071ED741206D69BD995EA453, 4B96F5E3545F69AE9EBC75DC4AB27B87306D656EE526AE39E7EC7E2B6F83F7FD ] C:\Windows\System32\wercplsupport.dll
19:13:17.0943 0x0fcc C:\Windows\System32\wercplsupport.dll - ok
19:13:17.0943 0x0fcc [ FD1965AAA112C6818A30AB02742D0461, 6779D836934412907390DC85FA2A8C3BB1CC31FD4151830275B773FD13CFFBC2 ] C:\Windows\System32\wersvc.dll
19:13:17.0943 0x0fcc C:\Windows\System32\wersvc.dll - ok
19:13:17.0943 0x0fcc [ 62DB790A860CDFC4278D2F03CC5675D8, FE5CA54BC7E89ED539BED3C578ADC745E42F3B5623A84FE52AF593CA24895F39 ] C:\Program Files\Windows Defender\MsMpRes.dll
19:13:17.0943 0x0fcc C:\Program Files\Windows Defender\MsMpRes.dll - ok
19:13:17.0959 0x0fcc [ CE412DEE2B485C11BA1802A64473E9BA, 6CDC0222F81A300FCA5C68101EDAA7CC54AE93F29FBF78DB6BBC033BC6D565EC ] C:\Windows\System32\winhttp.dll
19:13:17.0959 0x0fcc C:\Windows\System32\winhttp.dll - ok
19:13:17.0959 0x0fcc [ 00B79A7C984678F24CF052E5BEB3A2F5, 4D8E4394C926D2B1C71613D309F2D62A663B0ADB73A036F5E9E7D1AFF605CA2A ] C:\Windows\System32\wbem\WMIsvc.dll
19:13:17.0959 0x0fcc C:\Windows\System32\wbem\WMIsvc.dll - ok
19:13:17.0959 0x0fcc [ 7CFE68BDC065E55AA5E8421607037511, C2CE76D52AD4E31FC4216E94457DC16ABF65A5F3E883F0BD97AD387FB7574533 ] C:\Windows\System32\WsmSvc.dll
19:13:17.0959 0x0fcc C:\Windows\System32\WsmSvc.dll - ok
19:13:17.0974 0x0fcc [ 275F4346E569DF56CFB95243BD6F6FF0, 9C85246BF99119DBD6E0B5D38F96B8BC00F3C87618D17BC0E0A063A0D9A03440 ] C:\Windows\System32\wlansvc.dll
19:13:17.0974 0x0fcc C:\Windows\System32\wlansvc.dll - ok
19:13:17.0974 0x0fcc [ ABA4CF9F856D9A3A25F4DDD7690A6E9D, 07C1DAF3DA3CDA84FBE4C7576372115FCAAAAFC332F252C03625E53C7F3C6EE5 ] C:\Windows\System32\wbem\WmiApSrv.exe
19:13:17.0974 0x0fcc C:\Windows\System32\wbem\WmiApSrv.exe - ok
19:13:17.0974 0x0fcc [ 3978704576A121A9204F8CC49A301A9B, 936CC13B90A183613BDA4081556C96D48CA415B5F65D61E18CB5F2E51EEBE59F ]
Holsten87
2014-07-24, 20:21
C:\Program Files\Windows Media Player\wmpnetwk.exe
19:13:17.0974 0x0fcc C:\Program Files\Windows Media Player\wmpnetwk.exe - ok
19:13:17.0990 0x0fcc [ 5D94CD167751294962BA238D82DD1BB8, 62C7A31706F1C33A2C1C68006191AEE85A98885D23EC582EF2F88AAF604AC9A7 ] C:\Windows\System32\wpcsvc.dll
19:13:17.0990 0x0fcc C:\Windows\System32\wpcsvc.dll - ok
19:13:17.0990 0x0fcc [ DCF3E3EDF5109EE8BC02FE6E1F045795, 4B8E14B1CFB095982D34DAEC336114F5039D7793080FB787DC95A63B6B945DD0 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe
19:13:17.0990 0x0fcc C:\Windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe - ok
19:13:18.0005 0x0fcc [ 396D406292B0CD26E3504FFE82784702, 5F9015BB515AC13D4DFE8F4B532352CF2C5B61DEFD3D0D61BCD82C781D36E7AF ] C:\Windows\System32\wpdbusenum.dll
19:13:18.0005 0x0fcc C:\Windows\System32\wpdbusenum.dll - ok
19:13:18.0005 0x0fcc [ 683DD16B590372F2C9661D277F35E49C, 29D86389D95256EEF37BA01D403494385015D926E851A39EC7948FF6EF4E8481 ] C:\Windows\System32\wscsvc.dll
19:13:18.0005 0x0fcc C:\Windows\System32\wscsvc.dll - ok
19:13:18.0005 0x0fcc [ 7778BDFA3F6F6FBA0E75B9594098F737, 50992333A9D31CF69C13573C24455422791199BD7C63C3FC7C3F0E4CC1BC6FA4 ] C:\Windows\System32\SearchIndexer.exe
19:13:18.0005 0x0fcc C:\Windows\System32\SearchIndexer.exe - ok
19:13:18.0021 0x0fcc [ 575A4190D989F64732119E4114045A4F, 373C344B106AFDB1E6125A21DFE28CA6CFC77FA87FE904656A4F209DB2ED69C7 ] C:\Windows\System32\WUDFSvc.dll
19:13:18.0021 0x0fcc C:\Windows\System32\WUDFSvc.dll - ok
19:13:18.0021 0x0fcc [ 28B84EB538F7E8A0FE8B9299D591E0B9, 24FC74F5513B8EA5DF15D2D54DE70A2539850F548B8B2D0EDFE684605624D9DC ] C:\Windows\System32\scecli.dll
19:13:18.0021 0x0fcc C:\Windows\System32\scecli.dll - ok
19:13:18.0021 0x0fcc [ 6B9E1AC6EB04767DACE3B24C089A86D0, EC6A56FC4D137692550DA5C82A07AB74AAE8CAC8192A7FDFFCA3BB5DD583615B ] C:\Windows\System32\ntmarta.dll
19:13:18.0021 0x0fcc C:\Windows\System32\ntmarta.dll - ok
19:13:18.0037 0x0fcc [ 3794B461C45882E06856F282EEF025AF, D4F79D7BC639FE86AC68961E6273836B9D7AF491773FD054395B33D317017BEB ] C:\Windows\System32\svchost.exe
19:13:18.0037 0x0fcc C:\Windows\System32\svchost.exe - ok
19:13:18.0037 0x0fcc [ 51832219A52C3535BF4771C375E63F9B, 6F074FF7CA12F812A5FD3A7A66CA250343DA0092698A6D858FFBF03C4E0B0CAB ] C:\Windows\System32\powrprof.dll
19:13:18.0037 0x0fcc C:\Windows\System32\powrprof.dll - ok
19:13:18.0037 0x0fcc [ 8F5C7426567798E62A3B3614965D62CC, 659810257D942C5F4168E1247868CDA990F2324AC9ACAA9A6211F64B7AC9EC6E ] C:\Windows\System32\drivers\luafv.sys
19:13:18.0037 0x0fcc C:\Windows\System32\drivers\luafv.sys - ok
19:13:18.0052 0x0fcc [ 40C611622882C3FCAFEB845C1E12A10F, A4F5790D9976D06822A656DCFDFEF76831A00089F6AC5519429142E6CBBC3EAC ] C:\Windows\System32\drivers\PDFsFilter.sys
19:13:18.0052 0x0fcc C:\Windows\System32\drivers\PDFsFilter.sys - ok
19:13:18.0052 0x0fcc [ 301AE00E12408650BADDC04DBC832830, 405A392B83942A17F1EB78943C3A3046B5451EA8CB0082A53571CCC0609275A2 ] C:\Windows\System32\rpcss.dll
19:13:18.0052 0x0fcc C:\Windows\System32\rpcss.dll - ok
19:13:18.0068 0x0fcc [ 187D588F7A1A45DE48B8540401A90850, 35886444D70268DB0915EE28944169A1EF72F64C665C126E05E801DEB877DAEE ] C:\Windows\System32\version.dll
19:13:18.0068 0x0fcc C:\Windows\System32\version.dll - ok
19:13:18.0068 0x0fcc [ 4575AA12561C5648483403541D0D7F2B, 2DBB7904285F16E879E1662C4CC4DFAA420D5EB24DDFC4BAC0B7616F5F44649A ] C:\Program Files\Windows Defender\MpSvc.dll
19:13:18.0068 0x0fcc C:\Program Files\Windows Defender\MpSvc.dll - ok
19:13:18.0068 0x0fcc [ 6E012DA20D59C3991751CA6E8C71EB06, 2B52D7416DA00E487CAB59B78626F74E7AB4B9C8B190CB3E77B38C97511469D9 ] C:\Windows\System32\wintrust.dll
19:13:18.0068 0x0fcc C:\Windows\System32\wintrust.dll - ok
19:13:18.0083 0x0fcc [ 1BD363738B672A394EBE3B8A78EAB9D3, 68D405EE3AE5A013E631892D6F4AAA8C654C2BCE30D749E9DAA3C49823006BA9 ] C:\Program Files\Windows Defender\MpClient.dll
19:13:18.0083 0x0fcc C:\Program Files\Windows Defender\MpClient.dll - ok
19:13:18.0083 0x0fcc [ 62D577288B48998FC6667BF22DC5B690, 2AE9E184BA655EB56488A3DEFF1C7C37B1C99EEB821E961390FCE2EFCE6D7CBF ] C:\Windows\System32\LogonUI.exe
19:13:18.0083 0x0fcc C:\Windows\System32\LogonUI.exe - ok
19:13:18.0083 0x0fcc [ A9BF9F54B6FAC7C1839AA6C93C5664C5, 0F9E91E7372D920A55DA4BFC6250796AE7FC893CD32E50DF5E5F3FDA45D78930 ] C:\Windows\System32\authui.dll
19:13:18.0083 0x0fcc C:\Windows\System32\authui.dll - ok
19:13:18.0099 0x0fcc [ D702B4E30B31BFCAB7BD4E5965C1A5DC, 13744EC3E10520D1CA1BE2C981674B29E041AF054D230470EA819C2FE16A1EED ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll
19:13:18.0099 0x0fcc C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.6001.18523_none_5cdd65e20837faf2\comctl32.dll - ok
19:13:18.0099 0x0fcc [ 2EC53B5A351C4D443896DBAD117F7E82, E158AD22F1905B41D7975E3725D7A870FB192D7258C4330DF06CD4AC02A7CFE4 ] C:\Windows\System32\msimg32.dll
19:13:18.0099 0x0fcc C:\Windows\System32\msimg32.dll - ok
19:13:18.0099 0x0fcc [ 7269A928BC18DAFBDDCFFB96B6E987F1, 7372FA440B4602717BE7877229783E01A9DA17621D8E94F4BFE102621EA3F42B ] C:\Windows\System32\slwga.dll
19:13:18.0099 0x0fcc C:\Windows\System32\slwga.dll - ok
19:13:18.0115 0x0fcc [ 999D69DEB576C2C424294DF025891CC6, ED634C9829E87F4D016446F2E2F44B542A263F166F69EF5759BBE964A457ECBE ] C:\Windows\System32\uxtheme.dll
19:13:18.0115 0x0fcc C:\Windows\System32\uxtheme.dll - ok
19:13:18.0115 0x0fcc [ F42483814FC39170B3982A184EC5AAA2, DD8A1E7C6714DF07742EFDF6CA5AB93CDC547F56EB8C1066C56A68E83A818DD2 ] C:\Windows\System32\wtsapi32.dll
19:13:18.0115 0x0fcc C:\Windows\System32\wtsapi32.dll - ok
19:13:18.0115 0x0fcc [ 81E199BFE82C106D38F989674D0DEC1F, 8089B2397861580A765E473E2837948E9AC34DD274C134AA1C70D46A877573F7 ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\GdiPlus.dll
19:13:18.0115 0x0fcc C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.0.6001.18551_none_9e7a1850c9c1b3dc\GdiPlus.dll - ok
19:13:18.0130 0x0fcc [ 5CAAE5333EF36DB4A8D294418AB37E80, 0FAC92CDED62CEFDD44B3DC714FC3A453FEAAF44653F3AB75FB5A093A1DA71E9 ] C:\Windows\System32\p2pcollab.dll
19:13:18.0130 0x0fcc C:\Windows\System32\p2pcollab.dll - ok
19:13:18.0130 0x0fcc [ 3040D9DF36AE94DB309726400582E02F, AE987EBF047FCB4F34AABD0A7EBDA69FCECAC15834B26E13F43F5C024BF34021 ] C:\Windows\System32\MMDevAPI.dll
19:13:18.0130 0x0fcc C:\Windows\System32\MMDevAPI.dll - ok
19:13:18.0146 0x0fcc [ 05EA53AFE985443011E36DAB07343B46, E033C1C218E9B0D22B63E1B927D7BBE331B59814F26952B68BEDC914EF881E55 ] C:\Windows\System32\drivers\fltMgr.sys
19:13:18.0146 0x0fcc C:\Windows\System32\drivers\fltMgr.sys - ok
19:13:18.0146 0x0fcc [ C9244BCAC83B259B920BBEE18A97BFE1, 9EA58407433F86BAAC3B4A6C334FB3BC59032FF4EB50EFA7CD639AA56D96E908 ] C:\Windows\System32\avrt.dll
19:13:18.0146 0x0fcc C:\Windows\System32\avrt.dll - ok
19:13:18.0146 0x0fcc [ A99871BA522CB2539AE275AC18CACC8F, CBE1F5B357AAE3EA03E8E0AE2E1A1DE4EDF8F35AD056DCF1DC4E413284C86FC3 ] C:\Windows\System32\cabinet.dll
19:13:18.0146 0x0fcc C:\Windows\System32\cabinet.dll - ok
19:13:18.0161 0x0fcc [ 97FEF831AB90BEE128C9AF390E243F80, A7F4118603E2D5DDDB117EF7C058684EA5B37690EFAB2BEBA570EEF9C36281BE ] C:\Windows\System32\drivers\drmkaud.sys
19:13:18.0161 0x0fcc C:\Windows\System32\drivers\drmkaud.sys - ok
19:13:18.0161 0x0fcc [ 9B70EC8230DBC6BE9C0A54FCCA7BE841, 765E783911474474C2982DD406210BF014C6AEA850D5DBBAE34803D55A69A486 ] C:\Windows\System32\adtschema.dll
19:13:18.0161 0x0fcc C:\Windows\System32\adtschema.dll - ok
19:13:18.0161 0x0fcc [ 9A8AF2D13E5B50C1AD446E9B97B69F6E, 3E7AA5C0CF2D729121E6E1691F7B52F0A4AB160813121D3B06D88568BFADF16B ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5013B4AC-6F28-4D85-A4BC-6F49EA1E5DFE}\mpengine.dll
19:13:18.0161 0x0fcc C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5013B4AC-6F28-4D85-A4BC-6F49EA1E5DFE}\mpengine.dll - ok
19:13:18.0177 0x0fcc [ 2A3BD8FF5430F454E146974D6BE5C784, DF21F90E0FC03F8895AA6A286B8C6019E2B425CFE5D8C693C3791439730CCF1E ] C:\Windows\System32\audiodg.exe
19:13:18.0177 0x0fcc C:\Windows\System32\audiodg.exe - ok
19:13:18.0177 0x0fcc [ D9F1113D9401185245573350712F92FC, 7D8E96B61D7FC1FCC7D70A19DB725BCEA78FE94F3D7AFBB1202771D530A628B7 ] C:\Windows\System32\gpsvc.dll
19:13:18.0177 0x0fcc C:\Windows\System32\gpsvc.dll - ok
19:13:18.0177 0x0fcc [ 75EB73E64F5B4655D9797D20F26DE320, 4AA94D039AC5BD7D39766C4E2A4F7DFCDD46782D3B2483677D722949A7B790FC ] C:\Windows\System32\duser.dll
19:13:18.0177 0x0fcc C:\Windows\System32\duser.dll - ok
19:13:18.0193 0x0fcc [ 479C0A2246C14F51171DD6B4333EA3A2, E0C0DA53376B408F5B384979249602CC1115E5531B8EE39F5FCF448AE8626B4F ] C:\Windows\System32\PSHED.DLL
19:13:18.0193 0x0fcc C:\Windows\System32\PSHED.DLL - ok
19:13:18.0193 0x0fcc [ 84ABB260A81130D39126EF79F2624E15, EF6A3ABFDF377825AA17A208CDB49D257B026D7973C1A8E86B796EDBD0B222DB ] C:\Windows\System32\xmllite.dll
19:13:18.0193 0x0fcc C:\Windows\System32\xmllite.dll - ok
19:13:18.0193 0x0fcc [ D1A84F7D4CAFCFE2A32149FF418056E5, 1BF29E5E1C541F36DEDCD0DDCCCA0F35D19E94D2655055EE2477439940BAAFF1 ] C:\Windows\System32\nlaapi.dll
19:13:18.0193 0x0fcc C:\Windows\System32\nlaapi.dll - ok
19:13:18.0208 0x0fcc [ F713E67C329CE82FF1E1EBB497887427, 9EB5FF218DB170E93A72DB56D1ED5D3C8A85D143391502357A6455629D26EAE3 ] C:\Windows\System32\drivers\spsys.sys
19:13:18.0208 0x0fcc C:\Windows\System32\drivers\spsys.sys - ok
19:13:18.0208 0x0fcc [ 35979494DABAF115F5FFA960830817DF, 76F5162B05B685703E2C54449A2C7D2F0C0339C0F6C1D0B636E0E40862D62D98 ] C:\Windows\System32\atl.dll
19:13:18.0208 0x0fcc C:\Windows\System32\atl.dll - ok
19:13:18.0208 0x0fcc [ DB689551B8BD6009308F30675F11AB2F, 4D6FC6281257979F1F3DF500062DD7676CC9A9F58DAD173686235B3FEAA4A892 ] C:\Windows\System32\SmartcardCredentialProvider.dll
19:13:18.0208 0x0fcc C:\Windows\System32\SmartcardCredentialProvider.dll - ok
19:13:18.0224 0x0fcc [ 3CB3343D720168B575133A0A20DC2465, B356938AC3D9CE833A2C0EBFAA548CDB6B68BEDDB2CCA80222E508BD978FB26B ] C:\Windows\System32\es.dll
19:13:18.0224 0x0fcc C:\Windows\System32\es.dll - ok
19:13:18.0224 0x0fcc [ 89D74683C859B7982056D15938BACA3E, 57914A49A65A8FD7C7706BE78FB0F87B4C7EEB352836E28086078D07B79848AF ] C:\Windows\System32\propsys.dll
19:13:18.0224 0x0fcc C:\Windows\System32\propsys.dll - ok
19:13:18.0224 0x0fcc [ AE73F26BF8FD9A080646BE897194DC8A, 956DA244E25E201C68899D6162EBC249DE54F6F8A96D0412C0E2ED933778E1C7 ] C:\Windows\System32\rasplap.dll
19:13:18.0224 0x0fcc C:\Windows\System32\rasplap.dll - ok
19:13:18.0239 0x0fcc [ F9A9BFEBE2AEBA9071FA5CE5B426B4E6, D17580034B3F4F4D9091410810D66BE65F3E398E9B20C278C30446CA9D99790B ] C:\Windows\System32\rasapi32.dll
19:13:18.0239 0x0fcc C:\Windows\System32\rasapi32.dll - ok
19:13:18.0239 0x0fcc [ 8269CC01940A202BBB9FDF26705DBD67, 70DAB5CBEB5B2855784A9F6E3A52FD36C6FE18415FB01176481F85AEF5B3E67B ] C:\Windows\System32\hid.dll
19:13:18.0239 0x0fcc C:\Windows\System32\hid.dll - ok
19:13:18.0239 0x0fcc [ 032A0ACC3909AE7215D524E29D536797, 51E36ED5953C0880BE508837181925A0F677842E8A5BA98099700E6ED691A783 ] C:\Windows\System32\uxsms.dll
19:13:18.0239 0x0fcc C:\Windows\System32\uxsms.dll - ok
19:13:18.0255 0x0fcc [ D1C5883087A0C3F1344D9D55A44901F6, 608D67357AFDDD538D2C12C93EB0793ECA4EB3AF2BAB779E881C41F50E4AB911 ] C:\Windows\System32\drivers\lltdio.sys
19:13:18.0255 0x0fcc C:\Windows\System32\drivers\lltdio.sys - ok
19:13:18.0255 0x0fcc [ FDEB76BED9C0A75329CA426623297158, 83B79222569FA0B77C59A41E4F6065740F48EFAD1EFEFF76F258FB995E27DCF6 ] C:\Windows\System32\drivers\rmcast.sys
19:13:18.0255 0x0fcc C:\Windows\System32\drivers\rmcast.sys - ok
19:13:18.0255 0x0fcc [ D6973AA34C4D5D76C0430B181C3CD389, 7C303F3D6BFF8B82E39998135B444837091AB1F9EB8F28D013E5EF45DB237EFC ] C:\Windows\System32\drivers\ndisuio.sys
19:13:18.0255 0x0fcc C:\Windows\System32\drivers\ndisuio.sys - ok
19:13:18.0271 0x0fcc [ 3C21CE48FF529BB73DADB98770B54025, B8541E3D2B120B97947AE51B28A99E2623ACAD3790BC282B1251ACBEC7684F8D ] C:\Windows\System32\drivers\nwifi.sys
19:13:18.0271 0x0fcc C:\Windows\System32\drivers\nwifi.sys - ok
19:13:18.0271 0x0fcc [ 9C508F4074A39E8B4B31D27198146FAD, 84913471E5A6C297B1EDABE45EF3FE7D2C4410EF04370F615109FD9E2690FFDB ] C:\Windows\System32\drivers\rspndr.sys
19:13:18.0271 0x0fcc C:\Windows\System32\drivers\rspndr.sys - ok
19:13:18.0286 0x0fcc [ 4805D9A6D281C7A7DEFD9094DEC6AF7D, 473A5F1C4E795BD6B6DDB32ECB04BA8BF238AA5FBC67FC5D8D8F749464ED0AE9 ] C:\Windows\System32\dnsrslvr.dll
19:13:18.0286 0x0fcc C:\Windows\System32\dnsrslvr.dll - ok
19:13:18.0286 0x0fcc [ 0AF64A7B89F34A51FCF25E1F360CCA39, 4F1DC0B375C119F5A3051527D6F7FC8135C96D280B00AC26B4635EBBCC6091C3 ] C:\Windows\System32\eapphost.dll
19:13:18.0286 0x0fcc C:\Windows\System32\eapphost.dll - ok
19:13:18.0286 0x0fcc [ 3A1DDA77F331D107BA40DB06E4D666E9, 544A63148756AD0E993DD79F0656E73E23386BF0DA54394000044FD0972C838D ] C:\Windows\System32\rasman.dll
19:13:18.0286 0x0fcc C:\Windows\System32\rasman.dll - ok
19:13:18.0302 0x0fcc [ 70F08ECE7A30A639D3F0C8C433685C7D, E7B852E949D0DB9C3D63C4F49DECF9C93781142EAC6F6D66C9FC8E0027E904F4 ] C:\Windows\System32\tapi32.dll
19:13:18.0302 0x0fcc C:\Windows\System32\tapi32.dll - ok
19:13:18.0302 0x0fcc [ 1C0E2529FED8862F08BE8B562CFC3C5C, A6FE7915389DF4CCC9E047F9026A15A1035C497A99E072A126EF3D62AAD43F19 ] C:\Windows\System32\rastls.dll
19:13:18.0302 0x0fcc C:\Windows\System32\rastls.dll - ok
19:13:18.0302 0x0fcc [ 5DEE866BB87A161C33B273408CCEDA93, 61E386BB27F7BE6C1A58CC1BFE476E9D6CEEFB28743398EC56F62CBF1C873460 ] C:\Windows\System32\rtutils.dll
19:13:18.0302 0x0fcc C:\Windows\System32\rtutils.dll - ok
19:13:18.0317 0x0fcc [ EEFE4228157CE404F4A69DA90F288ECA, 643985612E7B5F8FC30213442259C67E7572EABB0E25F42FA5EBFF1499885D5E ] C:\Windows\System32\winmm.dll
19:13:18.0317 0x0fcc C:\Windows\System32\winmm.dll - ok
19:13:18.0317 0x0fcc [ 97CA916976B4EAED3FD35C238F42BCD9, 8DC3072F0ED44932C53FF5AD5D174C10F7F35530ADC28ECD3B022D809A082494 ] C:\Windows\System32\oleacc.dll
19:13:18.0317 0x0fcc C:\Windows\System32\oleacc.dll - ok
19:13:18.0333 0x0fcc [ 5EAAD3F8B0AFE4C5C1777DE18262FBD3, 29AC8917410E398049CE0F282ACE85BEA7C0AAA8212034A1D2F2BC87D27A0AFB ] C:\Windows\System32\raschap.dll
19:13:18.0333 0x0fcc C:\Windows\System32\raschap.dll - ok
19:13:18.0333 0x0fcc [ 6F12098823894C744F45D632CB45BD18, D0FBB99C59103D430634BB5B0895BC46582D74281E32D4F256D6EFEC746B4A8C ] C:\Windows\System32\WinSCard.dll
19:13:18.0333 0x0fcc C:\Windows\System32\WinSCard.dll - ok
19:13:18.0333 0x0fcc [ 12A1DF1B84FB45A00D47B2CDE2CEEBBA, 66CE19049421B34597E201843577E8299462D9338B87461FDEC477D54C04DD36 ] C:\Windows\System32\shgina.dll
19:13:18.0333 0x0fcc C:\Windows\System32\shgina.dll - ok
19:13:18.0333 0x0fcc [ 70932D6C3D59B416CBD2BE5A3B3D4BE6, E2590A9E0343B5FE5CB68AFFB33D3DD5320002A5228B6316FC71468BABD19DC8 ] C:\Windows\System32\shacct.dll
19:13:18.0333 0x0fcc C:\Windows\System32\shacct.dll - ok
19:13:18.0349 0x0fcc [ E45051C374F845EDF3DB02A35BA13193, A42F9E45F7B6733AE4FB9A10E8CEB30508CAE94AC0CFC4CDF352AC2D153A0957 ] C:\Windows\System32\umb.dll
19:13:18.0349 0x0fcc C:\Windows\System32\umb.dll - ok
19:13:18.0349 0x0fcc [ ABE9DEC1E78226F70F5A6D18F701AFF2, BE6C38755EC77531EA4E97089A62ED6186F041B6D82ECA1E614906F1E99DCBBB ] C:\Windows\System32\wlanmsm.dll
19:13:18.0349 0x0fcc C:\Windows\System32\wlanmsm.dll - ok
19:13:18.0349 0x0fcc [ 2938E3B155C2647137A1910F534E66BE, C5F6DE140E0ED6B7E42C9C9A91B5D18FF7183C101C9F92C86D42B853DF82525C ] C:\Windows\System32\wlansec.dll
19:13:18.0349 0x0fcc C:\Windows\System32\wlansec.dll - ok
19:13:18.0364 0x0fcc [ 919CC2A0476D5A6A4C935D4B88E29912, E9884E7565BAA72CEF0B805908B1B78C759074E9402CB5CC563A2F73B875DCBA ] C:\Windows\System32\ksuser.dll
19:13:18.0364 0x0fcc C:\Windows\System32\ksuser.dll - ok
19:13:18.0364 0x0fcc [ 1F232B3F8F93563015E01197B37EFA79, 36385CDC662A24AC2837EF38E74EC96CE77C21AFED7ACCA9BB03E3CF6F7FD83F ] C:\Windows\System32\onex.dll
19:13:18.0364 0x0fcc C:\Windows\System32\onex.dll - ok
19:13:18.0364 0x0fcc [ 8A833F7BB5F15283E398EB82D7188C76, FC13971F36C103BA5A839978C5B03D6184EAFB14C7DF8E7310BEE862A95D92E0 ] C:\Windows\System32\wdmaud.drv
19:13:18.0364 0x0fcc C:\Windows\System32\wdmaud.drv - ok
19:13:18.0380 0x0fcc [ 154E3891ED6D5520EDA5D87B4EC3F7C2, 1E13957891C4570BE5D1646AF4142CFCEB5AD4FC83DCE4C980240FB8EA537A24 ] C:\Windows\System32\AudioSes.dll
19:13:18.0380 0x0fcc C:\Windows\System32\AudioSes.dll - ok
19:13:18.0380 0x0fcc [ DA39B480239FEB2CC0F4BE7B185B63DB, F36826ECDE279E9597B8F43D65288A524E434C64FCB719FB6584303A0D3D4727 ] C:\Windows\System32\wbem\wbemprox.dll
19:13:18.0380 0x0fcc C:\Windows\System32\wbem\wbemprox.dll - ok
19:13:18.0396 0x0fcc [ DB7F4AB85298F3FE522C5512B8B0F56D, A659963B55DBF26657920B718E6598F0B64975B292BA9AB5FCFB4485B5CF9DDF ] C:\Windows\System32\AudioEng.dll
19:13:18.0396 0x0fcc C:\Windows\System32\AudioEng.dll - ok
19:13:18.0396 0x0fcc [ 74B8C2EA72D43727142D12397D5A49F9, 37E8858211D7BF9DE90CBD22863B18A939C43BA64CAD06229E994A417BD46B0D ] C:\Windows\System32\wbemcomn.dll
19:13:18.0396 0x0fcc C:\Windows\System32\wbemcomn.dll - ok
19:13:18.0396 0x0fcc [ A5A3089763FE03C88C20B7C26CE15DD3, 9E1F113F3EC3335CDCD56A913F0AA68846028D1FAEDA60BFC6F5291885778C59 ] C:\Windows\System32\WindowsCodecs.dll
19:13:18.0396 0x0fcc C:\Windows\System32\WindowsCodecs.dll - ok
19:13:18.0411 0x0fcc [ D7F1F6C72276A15579D5761098018891, 515E9532CD53C42C48A0216B34B13C0EB390D02A3BA260F44B2328D5C47656FD ] C:\Windows\System32\midimap.dll
19:13:18.0411 0x0fcc C:\Windows\System32\midimap.dll - ok
19:13:18.0411 0x0fcc [ BDBB449425991154135E5ED1559927E6, C89AE8DD76EC8F669B5FFA9F8CBB4531743D3E1D8975B416EF2CB5AB35DB4EF2 ] C:\Windows\System32\msacm32.dll
19:13:18.0411 0x0fcc C:\Windows\System32\msacm32.dll - ok
19:13:18.0411 0x0fcc [ C4220533841020EDE4429A4358B3E253, 94844DFB692B7C8C788F0583606AC1778E238BE6E063A6EDD98D11A70AF03842 ] C:\Windows\System32\msacm32.drv
19:13:18.0411 0x0fcc C:\Windows\System32\msacm32.drv - ok
19:13:18.0427 0x0fcc [ 7AB5D82A29B778911445653058886D24, CA1DDF82F3D44E30B0569141D114D4289EC6332DE75782362F6E871B091CF4A4 ] C:\Windows\System32\eappcfg.dll
19:13:18.0427 0x0fcc C:\Windows\System32\eappcfg.dll - ok
19:13:18.0427 0x0fcc [ 9D9FFC923FADBB575E0452EA0BBB15BD, 700A292EFEC71EDF2EF7F20D147F6E23E0FAA5BAF1D930CB96C40FC70D206D35 ] C:\Windows\System32\eappprxy.dll
19:13:18.0427 0x0fcc C:\Windows\System32\eappprxy.dll - ok
19:13:18.0427 0x0fcc [ 19FFAD68A02AF1BF0BC336EE26CD6767, C3E6E79A1E6681CE988591F3CADB3F08E37ACAB2D8478A250D9D6881F6C716A6 ] C:\Windows\System32\l2gpstore.dll
19:13:18.0427 0x0fcc C:\Windows\System32\l2gpstore.dll - ok
19:13:18.0442 0x0fcc [ EB2170D0DDF3B2A92506AE16BC524B0B, 95E296024DC16657BA36DB72E7AB774C68A6F8029B2ACB18460FC50E44AE5DA9 ] C:\Windows\System32\wlanutil.dll
19:13:18.0442 0x0fcc C:\Windows\System32\wlanutil.dll - ok
19:13:18.0442 0x0fcc [ 0636D4FE43C198C289F37BE4083204D0, D15C62AFFB10E6F9346B3BC3813C8533FCE5654D9D8DD62A7F6FF40FF3C9442E ] C:\Windows\System32\wlgpclnt.dll
19:13:18.0442 0x0fcc C:\Windows\System32\wlgpclnt.dll - ok
19:13:18.0442 0x0fcc [ FAED2BB920F8C729693A517394C87DD0, AB21DA291E8EC8E3D26623CDF79BD48F5EDB7B2948159E356816977F336E9244 ] C:\Windows\System32\msxml6.dll
19:13:18.0442 0x0fcc C:\Windows\System32\msxml6.dll - ok
19:13:18.0458 0x0fcc [ 296937202E4D930AAE98085B99D744D8, 65F569B7291307FD2B0F782888F18E23027A8F986CFB7B719CA53E93FA3B1367 ] C:\Windows\System32\AUDIOKSE.dll
19:13:18.0458 0x0fcc C:\Windows\System32\AUDIOKSE.dll - ok
19:13:18.0458 0x0fcc [ F41F71CDDD9370178EB1A57CF201BCBE, EE9F5748F7C197FA800C9A26B3901EEBE065619F5B11A9AF643C913EA85397B8 ] C:\Windows\System32\stapo.dll
19:13:18.0458 0x0fcc C:\Windows\System32\stapo.dll - ok
19:13:18.0458 0x0fcc [ AB4BC1F10FF8273D4B54DAC4DE4B7AA4, 5E5AB00590782186D47094B62AF72519ECC6E49A095C558831C4687ACFF1E1EA ] C:\Windows\System32\aestaren.dll
19:13:18.0458 0x0fcc C:\Windows\System32\aestaren.dll - ok
19:13:18.0474 0x0fcc [ 5EF35DBD3B14B1E595712C92949C349E, 31E0CBD869E5EF771687F5578DE88F80136AD469D0F7E36137004DCDA245F2E5 ] C:\Windows\System32\ctapo32.dll
19:13:18.0474 0x0fcc C:\Windows\System32\ctapo32.dll - ok
19:13:18.0474 0x0fcc [ E402A6E79D1E4DBFEBA8B364C67A3158, BEF944F1CC3946BD70C67988505E3CD56758DE65B53509581FDCEAE0DF2DB4B8 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll
19:13:18.0474 0x0fcc C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_5.82.6001.18523_none_886c608850a2f36f\comctl32.dll - ok
19:13:18.0474 0x0fcc [ CA0B849566776A17F35F0339BE17DFD9, 527FFE08A427703F3620DB7C44E096A7F9D0C88AD1FD8F0623815B7E7D78687A ] C:\Windows\System32\ktmw32.dll
19:13:18.0474 0x0fcc C:\Windows\System32\ktmw32.dll - ok
19:13:18.0489 0x0fcc [ 0727200F10320A6BA7E59433094FBBA7, 3BE379042BCE3AFD1314FD651C6A140E80793F01E2985CF52D0C577EC9BAD1DB ] C:\Windows\System32\WMALFXGFXDSP.dll
19:13:18.0489 0x0fcc C:\Windows\System32\WMALFXGFXDSP.dll - ok
19:13:18.0489 0x0fcc [ 73FE2E5FA55088A241AA2732F5D387D6, EB8822FD08C0C85441BBE86FE55349BFE2D8297A042249B2934B44121D132CCB ] C:\Windows\System32\wiarpc.dll
19:13:18.0489 0x0fcc C:\Windows\System32\wiarpc.dll - ok
19:13:18.0489 0x0fcc [ E3923280E0D6E8A98925BA36E835CC73, 7DC4ED8BD7AD2603A61D4BB9EE9026A0B9F764983585D668A94645D1735E4D89 ] C:\Windows\System32\taskcomp.dll
19:13:18.0489 0x0fcc C:\Windows\System32\taskcomp.dll - ok
19:13:18.0505 0x0fcc [ 96E241624C71211A79C84F50A8E71CAB, EB6E679218B781F67FBFF4EB12DDE44769ACA7EA3F83A4404A073EA89C902C25 ] C:\Windows\System32\drivers\http.sys
19:13:18.0505 0x0fcc C:\Windows\System32\drivers\http.sys - ok
19:13:18.0505 0x0fcc [ 2ACCC9B12AF02030F531E6CCA6F8B76E, D1BA17C7BFE02347824DEEB1B7362FD251769ECB92B14EB3C600C85AB7E04D1B ] C:\Windows\System32\drivers\srvnet.sys
19:13:18.0505 0x0fcc C:\Windows\System32\drivers\srvnet.sys - ok
19:13:18.0505 0x0fcc [ 76D54175BDE317E4F251028AFA117309, 8F2C956EB96BE6DF04526180214EB416D9B7DEDF26A996F96B77C3BEDDDB5988 ] C:\Windows\System32\spoolss.dll
19:13:18.0505 0x0fcc C:\Windows\System32\spoolss.dll - ok
19:13:18.0520 0x0fcc [ 6BC5FCEF351E4CB5A269C1E84B5A06DA, A5CAB1752E7AB7A37E1F8B943FBBDF6FACAFC228FF6D0321E61D2501D2653BB7 ] C:\Windows\System32\netcfgx.dll
19:13:18.0520 0x0fcc C:\Windows\System32\netcfgx.dll - ok
19:13:18.0520 0x0fcc [ 20B7CE241E4AF5356D5A69ACF37B0038, 3F94DF8A305BC2E3A023BD163B0398C05588F059BF0977D58B3E25831732A9C6 ] C:\Windows\System32\FWPUCLNT.DLL
19:13:18.0520 0x0fcc C:\Windows\System32\FWPUCLNT.DLL - ok
19:13:18.0536 0x0fcc [ 8153396D5551276227FA146900F734E6, 0AE06774162D542D9E95246B7112A40D7C463EF331B4F56C9CF8AD99A0341E38 ] C:\Windows\System32\drivers\bowser.sys
19:13:18.0536 0x0fcc C:\Windows\System32\drivers\bowser.sys - ok
19:13:18.0536 0x0fcc [ 22241FEBA9B2DEFA669C8CB0A8DD7D2E, 62055C0DCEB69873B8961AB17DBD002F44319A44CB05EC3A61421A0C6D4736CD ] C:\Windows\System32\drivers\mpsdrv.sys
19:13:18.0536 0x0fcc C:\Windows\System32\drivers\mpsdrv.sys - ok
19:13:18.0536 0x0fcc [ D1639BA315B0D79DEC49A4B0E1FB929B, 96420572029217FDD78CD286A022EB5F8BAB76EE30F75E48CD69AEE1A4846B53 ] C:\Windows\System32\MPSSVC.dll
19:13:18.0536 0x0fcc C:\Windows\System32\MPSSVC.dll - ok
19:13:18.0552 0x0fcc [ AE3DE84536B6799D2267443CEC8EDBB9, 787AF9D5BC6D1A1E4A55A66D62F0DF93F45C2FB7EA5BE0BF63F1270604600B40 ] C:\Windows\System32\drivers\mrxdav.sys
19:13:18.0552 0x0fcc C:\Windows\System32\drivers\mrxdav.sys - ok
19:13:18.0552 0x0fcc [ 5734A0F2BE7E495F7D3ED6EFD4B9F5A1, 2C5F0554D5A763D6B3F1402C9BF36C6091CBBDFFD5139AEE85D69D5B210D2047 ] C:\Windows\System32\drivers\mrxsmb.sys
19:13:18.0552 0x0fcc C:\Windows\System32\drivers\mrxsmb.sys - ok
19:13:18.0552 0x0fcc [ 6B5FA5ADFACAC9DBBE0991F4566D7D55, 9BAD029A6AAF4C2292C682B9F07C57051C84F7FA4F3EBEA52C25CAEF1A41121F ] C:\Windows\System32\drivers\mrxsmb10.sys
19:13:18.0552 0x0fcc C:\Windows\System32\drivers\mrxsmb10.sys - ok
19:13:18.0567 0x0fcc [ 5C80D8159181C7ABF1B14BA703B01E0B, 414085AD3C36B8E95D1D49E2958671332DECE38739544CCB70FAB30C408E89A2 ] C:\Windows\System32\drivers\mrxsmb20.sys
19:13:18.0567 0x0fcc C:\Windows\System32\drivers\mrxsmb20.sys - ok
19:13:18.0567 0x0fcc [ B7FF59408034119476B00A81BB53D5D1, 365D8E719D729D56082F5A6EEB65B31EB5DB5D15A5346D05E7130F41F2F97D46 ] C:\Windows\System32\drivers\srv2.sys
19:13:18.0567 0x0fcc C:\Windows\System32\drivers\srv2.sys - ok
19:13:18.0567 0x0fcc [ 2252AEF839B1093D16761189F45AF885, D7B79E1B9CD73EDEA855DBE120ED470CC0F67D1AA44038E6051A4C5BCE361DE3 ] C:\Windows\System32\drivers\srv.sys
19:13:18.0567 0x0fcc C:\Windows\System32\drivers\srv.sys - ok
19:13:18.0583 0x0fcc [ D333058925CE305E39DE8D5AD2B52A46, 29E40E6DCAB4F3559B34A848AEDA34B5D436C9167565856451028DE25A529EDF ] C:\Windows\System32\clusapi.dll
19:13:18.0583 0x0fcc C:\Windows\System32\clusapi.dll - ok
19:13:18.0583 0x0fcc [ A324D72A06C110152E7607745F39BFA1, 7E33A108B090840FC98953358216A1D84C122D965E37B37335B0EF6152CA9FC0 ] C:\Windows\System32\netmsg.dll
19:13:18.0583 0x0fcc C:\Windows\System32\netmsg.dll - ok
19:13:18.0583 0x0fcc [ 452341E471D2D961229DFE0842957272, 43C3DEEFCD27F10DCFF81D8637EBDE5050ADC3E530A5DCC459D1CFF80BFD0067 ] C:\Windows\System32\sscore.dll
19:13:18.0583 0x0fcc C:\Windows\System32\sscore.dll - ok
19:13:18.0598 0x0fcc [ 0745D6EAD386710110817FBEC03F5161, FF725C5361087985973BA21DF9BD37B96377CB3305B8BBA99DD3368D440CEAD1 ] C:\Windows\System32\wfapigp.dll
19:13:18.0598 0x0fcc C:\Windows\System32\wfapigp.dll - ok
19:13:18.0598 0x0fcc [ 6468C3FF6D0C7874FA8C619AF3E23B22, 2A8A01D5164453544A9DD1B850C24B82EFE6ACAABED56084B8A0388AC383802B ] C:\Windows\System32\activeds.dll
19:13:18.0598 0x0fcc C:\Windows\System32\activeds.dll - ok
19:13:18.0598 0x0fcc [ E20BEFE3A8DE4754EBA8C6F4E5CA3E2F, 8FE006FFF5029616B022F5A7C61911FECB47213EAAD0ABCCEB5EF53D871D5577 ] C:\Windows\System32\mscms.dll
19:13:18.0598 0x0fcc C:\Windows\System32\mscms.dll - ok
19:13:18.0614 0x0fcc [ E0761B16F3F6F7083C7EDA3EF59F13BA, B93FD9B2BE5432CEA4EB093A87625A026AE731A1C2459938D408F4E59DD22B2E ] C:\Windows\System32\adsldpc.dll
19:13:18.0614 0x0fcc C:\Windows\System32\adsldpc.dll - ok
19:13:18.0614 0x0fcc [ 6D92D25519EE321870998F265E86C954, F4D6FE9EAD06FF8EFF843BE326E3E9900C4E1AD3173AACAB07FA34BC79DBFA4B ] C:\Windows\System32\mfplat.dll
19:13:18.0614 0x0fcc C:\Windows\System32\mfplat.dll - ok
19:13:18.0614 0x0fcc [ 129A64901AAF7205F753090A779A4321, 32AC6DE4EC70BB988CC512116FBC0D29DB1E7649B12FDB7650701E67611C3DF1 ] C:\Windows\System32\credui.dll
19:13:18.0614 0x0fcc C:\Windows\System32\credui.dll - ok
19:13:18.0630 0x0fcc [ B9F3FF52B84FD9E3CAFB29B8EE385E5B, 3944E3C0FCD8E927A8A6470D8A603C96D298695AE62831DBE6DA656C5D74EC05 ] C:\Windows\System32\resutils.dll
19:13:18.0630 0x0fcc C:\Windows\System32\resutils.dll - ok
19:13:18.0630 0x0fcc [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ]
C:\Windows\WindowsMobile\wmdcBase.exe
19:13:18.0630 0x0fcc C:\Windows\WindowsMobile\wmdcBase.exe - ok
19:13:18.0630 0x0fcc [ 0ADCB465690814A60D5688A37C1587C1, 841DBD980331380CC858803A907E9F00EFD73F201C35C980E7DADD95B57382A4 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5013B4AC-6F28-4D85-A4BC-6F49EA1E5DFE}\mpasbase.vdm
19:13:18.0630 0x0fcc C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5013B4AC-6F28-4D85-A4BC-6F49EA1E5DFE}\mpasbase.vdm - ok
19:13:18.0645 0x0fcc [ 0FA9B5055484649D63C303FE404E5F4D, ABF357001A5E7B21621560E74FA538E2D899C5111A6AAC784B5B12D9D819C6CD ] C:\Windows\System32\drivers\parport.sys
19:13:18.0645 0x0fcc C:\Windows\System32\drivers\parport.sys - ok
19:13:18.0645 0x0fcc [ AE5E9667FA40206796D1BD5BD0427A8A, D829BD90B22228870D0E86F3BFF9234503085605226526FBFCF11DC98397607A ] C:\Windows\System32\drivers\AVGIDSShim.sys
19:13:18.0645 0x0fcc C:\Windows\System32\drivers\AVGIDSShim.sys - ok
19:13:18.0645 0x0fcc [ FC2BC51120A945F7C70376495E4E7737, AA9711093972B6D7690C7662EF45DAAA9499AD36A6191382E43DAE566B64BF12 ] C:\Program Files\AVG\AVG10\avgwdsvc.exe
19:13:18.0645 0x0fcc C:\Program Files\AVG\AVG10\avgwdsvc.exe - ok
19:13:18.0661 0x0fcc [ 9832173829A2C72E11992B6427C83659, 2B24DC4C7FF8363115EA5860D334ADDBD5B3F9B2BFEE65D5B2FF58FB9E22D923 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5013B4AC-6F28-4D85-A4BC-6F49EA1E5DFE}\mpasdlta.vdm
19:13:18.0661 0x0fcc C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{5013B4AC-6F28-4D85-A4BC-6F49EA1E5DFE}\mpasdlta.vdm - ok
19:13:18.0661 0x0fcc [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
19:13:18.0661 0x0fcc C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
19:13:18.0661 0x0fcc [ 1311171CF8F6D2954441EF2A42693035, 516FFF8E8DCEE409EF525276EAEB62DB67BA63448D9ED4B53F412F70A587799C ] C:\Windows\System32\WsmRes.dll
19:13:18.0661 0x0fcc C:\Windows\System32\WsmRes.dll - ok
19:13:18.0676 0x0fcc [ 3FA61EF87E49FFACE4ED58C4F1A98EB1, B4B210F654C9977D8925AA3B7C12073A925AAEA40031ECF4A74C518A3C60DC86 ] C:\Program Files\AVG\AVG10\avglogx.dll
19:13:18.0676 0x0fcc C:\Program Files\AVG\AVG10\avglogx.dll - ok
19:13:18.0676 0x0fcc [ 01A24B415926BB5F772DBE12459D97DE, 1FA2EEF283025D788051E6145DAEF26CB481F87F641156FC4D89B8DEE4B244A5 ] C:\Program Files\Microsoft\BingBar\BBSvc.EXE
19:13:18.0676 0x0fcc C:\Program Files\Microsoft\BingBar\BBSvc.EXE - ok
19:13:18.0676 0x0fcc [ E230F3776F373F4C5E788794B53101E4, 5E1B28C8A0EC67F1EC720AC7800021288A69B4E13C5DF3603EC4FCCDBE42DAFA ] C:\Windows\System32\plasrv.exe
19:13:18.0676 0x0fcc C:\Windows\System32\plasrv.exe - ok
19:13:18.0692 0x0fcc [ B19180F7C2363AF7E8C3C901D7A92FE1, 4232C5BABCE1D7657C936D6BA5D52BEBA7440C96E6C83ED06B41A299EF73732A ] C:\Windows\System32\msi.dll
19:13:18.0692 0x0fcc C:\Windows\System32\msi.dll - ok
19:13:18.0692 0x0fcc [ EC760B0B76A4353DE49D66520EB2141F, ADBF30D100D3837C35695B1ABE3E7EB03FD6B9200B9C1C337325D9E0A3A3ACE4 ] C:\Windows\System32\SensApi.dll
19:13:18.0692 0x0fcc C:\Windows\System32\SensApi.dll - ok
19:13:18.0708 0x0fcc [ 785DE7ABDA13309D6065305542829E76, 78F49A5349B66042836615EF99B4EB70FA708369D315D105513C04F33070D297 ] C:\Program Files\Microsoft\BingBar\SeaPort.EXE
19:13:18.0708 0x0fcc C:\Program Files\Microsoft\BingBar\SeaPort.EXE - ok
19:13:18.0708 0x0fcc [ CFD4C3352E29A8B729536648466E8DF5, EE2699697931C054A1C82E6FC1B2EA4881C2F9FBF2B7F7E24268450703ED6F9A ] C:\Program Files\Bonjour\mDNSResponder.exe
19:13:18.0708 0x0fcc C:\Program Files\Bonjour\mDNSResponder.exe - ok
19:13:18.0708 0x0fcc [ CE62652689462E14ED8C5D87FA34A28B, 84F727466D321128D791F53C7EA48328D808DA5F3AF95C8AF24F74DAC2262BD4 ] C:\Program Files\AVG\AVG10\avgwd.dll
19:13:18.0708 0x0fcc C:\Program Files\AVG\AVG10\avgwd.dll - ok
19:13:18.0723 0x0fcc [ 7D1F2AFE12BAFC4C18C5A0E3C6866E38, 29EB7EA1EFDF6048E6E2A82ED88C4F74777C88CCB6ED01818EE2CF3EB379EA11 ] C:\Program Files\Windows Defender\MpRtPlug.dll
19:13:18.0723 0x0fcc C:\Program Files\Windows Defender\MpRtPlug.dll - ok
19:13:18.0723 0x0fcc [ 00DE6E95C16103D25411789156C4928C, 76C148D86FF81D4462ACC434CD78B52FCBF02A0132E8752A319A56853A07C647 ] C:\Windows\System32\vssapi.dll
19:13:18.0723 0x0fcc C:\Windows\System32\vssapi.dll - ok
19:13:18.0723 0x0fcc [ C282D25118D0F0605CDA33A9173E1296, 25FD75C6C429D30B95CFFC5157AECDCA71554BEF2BE9673B35B751CB4BC0EF0A ] C:\Windows\System32\Faultrep.dll
19:13:18.0723 0x0fcc C:\Windows\System32\Faultrep.dll - ok
19:13:18.0739 0x0fcc [ 54138A36D9680FEFD036DB1187CE2DBB, CEE44E781510C7DE30AB140C5F04CE52A9F9588CEB1D75131582B828CFD7888D ] C:\Windows\ehome\ehtrace.dll
19:13:18.0739 0x0fcc C:\Windows\ehome\ehtrace.dll - ok
19:13:18.0739 0x0fcc [ F315E8A8517EBFA13ECD16011FB0A03B, 26EFF21279B719FD9C58D558B2057C94AD571FF334B6E66A0E63D39345A33394 ] C:\Windows\System32\taskschd.dll
19:13:18.0739 0x0fcc C:\Windows\System32\taskschd.dll - ok
19:13:18.0739 0x0fcc [ 86B89709BDFC7A59D566590CC30CDBB1, D462611AA108D46166CCE71430F9500B9EAEDD1B52F2144BEA34E689C9B41315 ] C:\Windows\System32\shdocvw.dll
19:13:18.0739 0x0fcc C:\Windows\System32\shdocvw.dll - ok
19:13:18.0754 0x0fcc [ DC3AE9F1554DCD97F90983DDBDACD83D, 9D3B4E273FDDA77B5B8A258525FA44616C184E58CE1312B47512AAAD5915E073 ] C:\Windows\System32\vsstrace.dll
19:13:18.0754 0x0fcc C:\Windows\System32\vsstrace.dll - ok
19:13:18.0754 0x0fcc [ 01D805FAC2510E3C963EA4727B1E2F00, EDEC59524A7BFA44929AEF87BF34A7A46D8BC3E9C0C6607138E9014636629D56 ] C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
19:13:18.0754 0x0fcc C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe - ok
19:13:18.0754 0x0fcc [ D7F8D560FF816126F4DB520D1BDC3281, 5BF26F75D759A6F2D5490B214BF2DA0307665E649959FDC07F9D619A733F0FE6 ] C:\Windows\System32\WSDApi.dll
19:13:18.0754 0x0fcc C:\Windows\System32\WSDApi.dll - ok
19:13:18.0770 0x0fcc [ C99A99CDF3F073F9BCA69B77D60B37FB, A49DD20118B1E9A1929DE6ADDCA79ED5E2076392000793CC2B68ECD7CE3E2C05 ] C:\Windows\System32\wdscore.dll
19:13:18.0770 0x0fcc C:\Windows\System32\wdscore.dll - ok
19:13:18.0770 0x0fcc [ E582816A4855914DEFFC212E12B3B744, B59C692FE8D19A2D9615D12C6026854C3467B25B3630183D766A32A9584C3115 ] C:\Windows\System32\wsock32.dll
19:13:18.0770 0x0fcc C:\Windows\System32\wsock32.dll - ok
19:13:18.0770 0x0fcc [ 8ACD8E3EA303DA48DB223F4759CFB254, 05CE69169B30FAE60A0129735DCD45C1A7AD93BFEC163D8047427425E50230EB ] C:\Windows\System32\diagperf.dll
19:13:18.0786 0x0fcc C:\Windows\System32\diagperf.dll - ok
19:13:18.0786 0x0fcc [ A1AE533904205E4FAC30107D15A489D3, 89D22E5F59E06A6A21EFB6B6AD80E8EDBC484F2E03B8BE055B529EE976AB7D91 ] C:\Windows\System32\httpapi.dll
19:13:18.0786 0x0fcc C:\Windows\System32\httpapi.dll - ok
19:13:18.0786 0x0fcc [ D547391C463E4B329B597A3BC07EA29D, C5A5F6D6998AAC50F660117B5E4C46E1F24D05E8C4F51CB632FD2F7F966CC7C4 ] C:\Windows\System32\fundisc.dll
19:13:18.0786 0x0fcc C:\Windows\System32\fundisc.dll - ok
19:13:18.0786 0x0fcc [ AE70AE6F0760793D4893C3735EEC7292, CF3CCD61B4F2C2586C613FE577427C1274E7D6124353333BCC9F8FC1EB10EC68 ] C:\Windows\System32\olepro32.dll
19:13:18.0801 0x0fcc C:\Windows\System32\olepro32.dll - ok
19:13:18.0801 0x0fcc [ 0A990AFB9F2726323D61C8ECB8B70B17, 27BC7CBFFB211DE930C7FA97DCDCA783CC74987EDB5FC17D33C422E93BA91242 ] C:\Windows\System32\security.dll
19:13:18.0801 0x0fcc C:\Windows\System32\security.dll - ok
19:13:18.0801 0x0fcc [ 693DCDFFD4760CBA41D8D22D34E6911B, 83550F1CA99C2178FB8BAF7839A00E08A2E6E9BB1E72C8583734D5F265683217 ] C:\Windows\System32\cscapi.dll
19:13:18.0801 0x0fcc C:\Windows\System32\cscapi.dll - ok
19:13:18.0817 0x0fcc [ 12A4E29C7F0C1B1E89541830FD0E52F1, 8AD867E28D2340C5048C71AFC5E746A82D7B355E6C0815673349F1DC4BD33E98 ] C:\Windows\System32\msxml3.dll
19:13:18.0817 0x0fcc C:\Windows\System32\msxml3.dll - ok
19:13:18.0817 0x0fcc [ 775C6D5D60146D7DB08A01CB596D7EC6, 66D87041DD8E0CF8AFBC155AC709E9A647B765BBA56CDE07EA01468BDAD7C239 ] C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
19:13:18.0817 0x0fcc C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe - ok
19:13:18.0817 0x0fcc [ F5D7969538B129BEB58F4A77B5999212, 4B2EC396BCA244BB9F4AC3BDA9E765AAA3C06FCCAD3EFA16A4BBBF474E36FE6E ] C:\Windows\System32\winspool.drv
19:13:18.0817 0x0fcc C:\Windows\System32\winspool.drv - ok
19:13:18.0832 0x0fcc [ 32E1227CCA0036B7768D08DB04B0412A, AC7BD75D78CDCCD1F9BB79D5540B964F944F4D9A7D524CC834C9C741F1F3C369 ] C:\Program Files\iolo\Common\Lib\fbembed.dll
19:13:18.0832 0x0fcc C:\Program Files\iolo\Common\Lib\fbembed.dll - ok
19:13:18.0832 0x0fcc [ EDDEC321B128328BC370A5447F7F8D69, DE8C0AC77C83750F22033C37090930D635DBC3350F183CB0EC6D880A76798409 ] C:\Program Files\Bonjour\mdnsNSP.dll
19:13:18.0832 0x0fcc C:\Program Files\Bonjour\mdnsNSP.dll - ok
19:13:18.0832 0x0fcc [ FF78B8E67EDCE9FEED651D7858D77A04, F6F2DD93DF423CFD3A257E6D72050782D9840A31363BE5FE9B91579D460259FF ] C:\Windows\System32\winrnr.dll
19:13:18.0832 0x0fcc C:\Windows\System32\winrnr.dll - ok
19:13:18.0848 0x0fcc [ 4431834E287DE5AE715D964215014048, 8704BCE54F76D3EF1A41ED9E640D1F910B6DF84D1FB6579550C3BC0FDC7AAAD1 ] C:\Windows\System32\wshbth.dll
19:13:18.0848 0x0fcc C:\Windows\System32\wshbth.dll - ok
19:13:18.0848 0x0fcc [ A7D525E5C0D91C8C1D84C6BCD25AD77D, BD3D51E302587E33901E5995367B6227743D2385F1420E12C712A62063150318 ] C:\Windows\System32\rasadhlp.dll
19:13:18.0848 0x0fcc C:\Windows\System32\rasadhlp.dll - ok
19:13:18.0848 0x0fcc [ 17AFF68AB32F8671BC46612D35351099, C782460B99EAAE84DDBEF5AEB628984984B4108A482F023CE62CE1D33A367FEB ] C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
19:13:18.0848 0x0fcc C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe - ok
19:13:18.0864 0x0fcc [ ADC90EBBE2823C23A0406ACD3D6E9312, 81134759A39C0191C72D6C0DEF72200FC9C117DB1FD56DC7465E5045F41AFE52 ] C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL
19:13:18.0864 0x0fcc C:\Program Files\Common Files\microsoft shared\OFFICE11\MSOXMLMF.DLL - ok
19:13:18.0864 0x0fcc [ 6C94F54E3EC097702A8CE8F46D687959, 593409E72264394547011934BD6FDD3203A4E90B1F9C089F1678478ADD07D3A4 ] C:\Windows\System32\msvcp60.dll
19:13:18.0864 0x0fcc C:\Windows\System32\msvcp60.dll - ok
19:13:18.0864 0x0fcc [ C6E6F5ED8CAAEACB04A8E43F539DF300, 9F0DB8732EEDB825F9FCBE0F31605AA87AB2BEBDAD314180F916CBE62DDF3455 ] C:\Program Files\AVG\AVG10\avgcfgx.dll
19:13:18.0864 0x0fcc C:\Program Files\AVG\AVG10\avgcfgx.dll - ok
19:13:18.0879 0x0fcc [ 0CEA2D0D3FA284B85ED5B68365114F76, E6FF0EC98FDC3F628438B613C356C237E68686E3B5B17A58A60C16F4B9A2B968 ] C:\Windows\System32\drivers\mdmxsdk.sys
19:13:18.0879 0x0fcc C:\Windows\System32\drivers\mdmxsdk.sys - ok
19:13:18.0879 0x0fcc [ 8078F8F8F7A79E2E6B494523A828C585, BB399993166853F0C01B7508649ECD7E7473238267BA8333D0441128FE656347 ] C:\Windows\System32\msdtckrm.dll
19:13:18.0879 0x0fcc C:\Windows\System32\msdtckrm.dll - ok
19:13:18.0879 0x0fcc [ 8A38B5E8493A9D103083B8620AC5F3A1, E63EE1CF4DE179089F016B6D4598733B0536FE293B0E470D68368606E6ACEA24 ] C:\Windows\System32\tdh.dll
19:13:18.0879 0x0fcc C:\Windows\System32\tdh.dll - ok
19:13:18.0895 0x0fcc [ 6349F6ED9C623B44B52EA3C63C831A92, 9EAA3ABD396870123107D6E1B758F56FDA378BD28B28DB8415AA470D24294F92 ] C:\Windows\System32\drivers\PEAuth.sys
19:13:18.0895 0x0fcc C:\Windows\System32\drivers\PEAuth.sys - ok
19:13:18.0895 0x0fcc [ F4D9ED6BD74AD7CC0BEC83C43A1CB76B, 18F167DEC8464AC42B9C7C2C69638D812C1C2CF867DBF3E833F4B880C26BD1D2 ] C:\Windows\System32\ncsi.dll
19:13:18.0895 0x0fcc C:\Windows\System32\ncsi.dll - ok
19:13:18.0895 0x0fcc [ 1A09CB187440993FA5E24DE1EEB7B916, DE0ABF6A3D7AD303A10E2E114EAA0E8F064EF5298270FC9548028010DBE4FFAC ] C:\Windows\System32\cfgmgr32.dll
19:13:18.0895 0x0fcc C:\Windows\System32\cfgmgr32.dll - ok
19:13:18.0910 0x0fcc [ AB2B1DE1C8F31EFCE2384B14B3DC4260, 5E67354010A19726810C172775C39C9A9AD3AAE1EB09CF2C552473D75ABD01BD ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe
19:13:18.0910 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe - ok
19:13:18.0910 0x0fcc [ 47B8F37AA18B74D8C2E1BC1A7A2C8F8A, FAE64867CE80439735F88A9988243667BDE84486B5A768B650E55E1519C85C03 ] C:\Windows\System32\IPSECSVC.DLL
19:13:18.0910 0x0fcc C:\Windows\System32\IPSECSVC.DLL - ok
19:13:18.0910 0x0fcc [ 01BCD91CC2B0EFDA4890F547010750BD, 34B99B58AC2CEC8EF089C9B82D3ADEAD721B32B5F884399E8A9D2252B8AB5C02 ] C:\Windows\System32\ssdpapi.dll
19:13:18.0910 0x0fcc C:\Windows\System32\ssdpapi.dll - ok
19:13:18.0926 0x0fcc [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\Windows\System32\msvcp71.dll
19:13:18.0926 0x0fcc C:\Windows\System32\msvcp71.dll - ok
19:13:18.0926 0x0fcc [ A1779DC7C088582D68ACB963A562636F, D1FD2B978F7D4FDCF350861B2377B4F51A7B6962F2DAA4C36BBEA142BD09A6A8 ] C:\Windows\System32\localspl.dll
19:13:18.0926 0x0fcc C:\Windows\System32\localspl.dll - ok
19:13:18.0926 0x0fcc [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Windows\System32\msvcr71.dll
19:13:18.0926 0x0fcc C:\Windows\System32\msvcr71.dll - ok
19:13:18.0942 0x0fcc [ 6B146CD17160355F5F7DADAEF9ED1266, 29FCA37CE755B96103643A230795B935F70752170EFF2F38917758F4B6757AAD ] C:\Windows\System32\sbe.dll
19:13:18.0942 0x0fcc C:\Windows\System32\sbe.dll - ok
19:13:18.0942 0x0fcc [ 988963E9E07787E1D8F99DC1F452213D, DA549366A0529A9B6378889599D3FFA57201F598C27C7527BBA36046C3F09D23 ] C:\Windows\System32\FwRemoteSvr.dll
19:13:18.0942 0x0fcc C:\Windows\System32\FwRemoteSvr.dll - ok
19:13:18.0942 0x0fcc [ F297A62208FEE458552EB7FBD2444012, 1DA6D40D0DE4CB0C8FB44A195672C4C23C2190575E88066B9826B100DA64AF02 ] C:\Windows\System32\wscapi.dll
19:13:18.0942 0x0fcc C:\Windows\System32\wscapi.dll - ok
19:13:18.0957 0x0fcc [ F4E1AA5D59C849A4AB47E895DC76B9C8, 0C93E63372D619393D9DDD3EFCA2317A6652276A9FDE0530CD2A06135EE6B46D ] C:\Windows\System32\sfc.dll
19:13:18.0957 0x0fcc C:\Windows\System32\sfc.dll - ok
19:13:18.0957 0x0fcc [ B8B496E2C715283072A42DE6958D2134, 51D1F99BF4CEE1823AF67C73220520DDE0F779B3ACCFAF04421A1E427D657CD0 ] C:\Windows\System32\EKIJ5000MON.dll
19:13:18.0957 0x0fcc C:\Windows\System32\EKIJ5000MON.dll - ok
19:13:18.0957 0x0fcc [ F6C66188DEF298E2C3827AF6FB2C0637, AA674591F76D56B35154BF97E9C5B7E15F50DCC4AD356E87160347BD73DF8431 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll
19:13:18.0957 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\CPSCommonTools9.dll - ok
19:13:18.0973 0x0fcc [ 79848F91EA1F50ADDDE05C12A847C321, CC6C972AA77B78A84A36F7742DBC3BE95E10F0E3ACDD2EEF174BFE68927BA1BB ] C:\Windows\System32\MSVidCtl.dll
19:13:18.0973 0x0fcc C:\Windows\System32\MSVidCtl.dll - ok
19:13:18.0973 0x0fcc [ 3C03DB6F66C9792C9B6E30473E847CA2, CB150C6959BF7E52F7D775C78C682049BDB9E8CB53931167DD58FB7082202A89 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll
19:13:18.0973 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\ROXIPP41.dll - ok
19:13:18.0973 0x0fcc [ 81219B79A12E8934498C084D7697E33D, 41F9AB9933267BEED4B01CAC9CD14A8A9DBBD8B1FCE77C6575486AFC374EE7D6 ] C:\Program Files\iolo\Common\Lib\Res_55FD1D5A7AEF4DA38FAFA71B2A52FFC7.dll
19:13:18.0973 0x0fcc C:\Program Files\iolo\Common\Lib\Res_55FD1D5A7AEF4DA38FAFA71B2A52FFC7.dll - ok
19:13:18.0988 0x0fcc [ 322FD75A97DBA67FC8F97A9957F857F1, 52CC0FBBE9769C0C751F886E0ED58ED263FB9175F323C603E7BAB876AE60D196 ] C:\Windows\System32\mdimon.dll
19:13:18.0988 0x0fcc C:\Windows\System32\mdimon.dll - ok
19:13:18.0988 0x0fcc [ F9290D67C4B4B9B31CD3FC8BE73A4C9B, 3DE4C23F9292B118919B3F4E6DD814AEE957B5EA375E9D535F674086B5CCCA41 ] C:\Windows\System32\tcpmon.dll
19:13:18.0988 0x0fcc C:\Windows\System32\tcpmon.dll - ok
19:13:18.0988 0x0fcc [ 6D7FEA5353AE646167E91152F1D9BE89, C931270B8860E0733F30F26577CE941BADEAFBE43659FACF82C1E5EDD68675AB ] C:\Program Files\AVG\AVG10\avgcslx.dll
19:13:19.0004 0x0fcc C:\Program Files\AVG\AVG10\avgcslx.dll - ok
19:13:19.0004 0x0fcc [ D9558C9F6D5242BCB1070C2867C44F13, EBF88B0ACFCC2E18CEC05EEA6FEE69F72C310FB4BAA6685976CFECB7FFF1B183 ] C:\Program Files\iolo\Common\Lib\Corvus.dll
19:13:19.0004 0x0fcc C:\Program Files\iolo\Common\Lib\Corvus.dll - ok
19:13:19.0004 0x0fcc [ AF24A9DF84637BF9858EC6FB88EBA7B2, 0F77BA28FACD1E0BD8C9C8AB7F89EBCF095C6A9D1522FA7158E848ACE3446B4C ] C:\Windows\System32\snmpapi.dll
19:13:19.0004 0x0fcc C:\Windows\System32\snmpapi.dll - ok
19:13:19.0020 0x0fcc [ 5F7A2596C96FF7A5C0C4715893B841ED, 581838E6E574E7A1BFB3F9FB14365E92EFCA265D5819F72327DCF2D317E3E70D ] C:\Program Files\iolo\Common\Lib\WWSDK.dll
19:13:19.0020 0x0fcc C:\Program Files\iolo\Common\Lib\WWSDK.dll - ok
19:13:19.0020 0x0fcc [ A9542FF2E9A82CF100E5729EC79068F0, DE0E39246536BD63CC5DFF8CE9E379121126573AB284BAD3782E5B217239F858 ] C:\Windows\System32\fltLib.dll
19:13:19.0020 0x0fcc C:\Windows\System32\fltLib.dll - ok
19:13:19.0020 0x0fcc [ 1367EF1C1BA82E4A559FEDA1F0D8383C, 2C438D7ADF85D2184E61B37666BD81713BF7F40AB1606E8AB29F3ED184EEF945 ] C:\Windows\System32\wsnmp32.dll
19:13:19.0020 0x0fcc C:\Windows\System32\wsnmp32.dll - ok
19:13:19.0035 0x0fcc [ 5091452DC719281CF1DD69367E13B494, 565345BA7155D82503445AF74DFC3D34BC58B230DD5AEF32A0DDF41C200576C9 ] C:\Windows\System32\tcpmib.dll
19:13:19.0035 0x0fcc C:\Windows\System32\tcpmib.dll - ok
19:13:19.0035 0x0fcc [ B4F5DE3DAD8E6B97272F45DB97674878, 31136700BE3EDACBD1FC6E795F607950A5ECD8129898C57D74B3CE6573DD250E ] C:\Windows\System32\mgmtapi.dll
19:13:19.0035 0x0fcc C:\Windows\System32\mgmtapi.dll - ok
19:13:19.0035 0x0fcc [ 0BF0BB276F17B6AD61A8694D2551EC28, 4A2843F02DC6A83BDB3A6602FCAEA50D8C11AD32E5B4B070095C59D6B35AF51D ] C:\Windows\System32\usbmon.dll
19:13:19.0035 0x0fcc C:\Windows\System32\usbmon.dll - ok
19:13:19.0051 0x0fcc [ 47C4359FA1E1460F16CEBD1A2BCA73BE, 9F25D79BC2E36B339CB36E3841CCCC689A0E5F302ADF32D852A097833763F210 ] C:\Windows\System32\WSDMon.dll
19:13:19.0051 0x0fcc C:\Windows\System32\WSDMon.dll - ok
19:13:19.0051 0x0fcc [ 4ABA36D894C447E45FDD24CD6BE741A5, 108D844021C77E342E4BFD738670FE6AA654438F80F13BA111D87BD278D30EC2 ] C:\Windows\System32\spool\prtprocs\w32x86\EKIJ5000PPR.dll
19:13:19.0051 0x0fcc C:\Windows\System32\spool\prtprocs\w32x86\EKIJ5000PPR.dll - ok
19:13:19.0051 0x0fcc [ 7BEDF1C8A7A2ABB84B044134AAA0D1BB, BBCD199231B7EADE41B59C1EE6225117B915077708A57A680637065F71D4DCFC ] C:\Windows\System32\quartz.dll
19:13:19.0051 0x0fcc C:\Windows\System32\quartz.dll - ok
19:13:19.0067 0x0fcc [ EA8647A21BCB56C5F15712D4B7407501, E6479992B84BD336E672B0A724A3C9FB90AC28CEFD186FCC628006061C9927C0 ] C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll
19:13:19.0067 0x0fcc C:\Windows\System32\spool\prtprocs\w32x86\mdippr.dll - ok
19:13:19.0067 0x0fcc [ 85487B9E047F85D64D4758F6A46A1FD0, D1E8B6920013FC760BF9F4078C111FE79A04BC55EE8EDEB4423F338DE3E8ECD4 ] C:\Windows\System32\ntprint.dll
19:13:19.0067 0x0fcc C:\Windows\System32\ntprint.dll - ok
19:13:19.0067 0x0fcc [ CDE0805636000414E22EB36FBAB61EEE, AA8BC666E21421E8BEC90D0E29A7028286FB8BC07E0DDFCCE2E3DE97D2E595DE ] C:\Windows\System32\inetpp.dll
19:13:19.0067 0x0fcc C:\Windows\System32\inetpp.dll - ok
19:13:19.0082 0x0fcc [ CE6C23A092A1871C13A30488788E3081, 4366C9CF18631FC3DE6573ED74B956E0840F2119F9671AE805B47D3AA461224F ] C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL
19:13:19.0082 0x0fcc C:\Windows\System32\spool\drivers\w32x86\3\UNIDRV.DLL - ok
19:13:19.0082 0x0fcc [ 128DD9AF8640DBCC711940903C8B554F, 46E9715F3CD09F32FBEAA5379991E9E7DACCBD2407C2D061FDA3A04F05108133 ] C:\Windows\System32\mscoree.dll
19:13:19.0082 0x0fcc C:\Windows\System32\mscoree.dll - ok
19:13:19.0098 0x0fcc [ 6950BBCEB21F9C3CB3B52E90960109C3, FDBD7877D3817E4D9A58924BFEE9BEDFCB84D3817404E9AF57F7581252846E99 ] C:\Windows\System32\devenum.dll
19:13:19.0098 0x0fcc C:\Windows\System32\devenum.dll - ok
19:13:19.0098 0x0fcc [ EFD278F8129EE12F1D4AE0250494B791, DD8DA066EBFE938334BEBCDF70340F79C8FFB5AF328FE5DF2472AE6C7987FE1F ] C:\Windows\System32\dxva2.dll
19:13:19.0098 0x0fcc C:\Windows\System32\dxva2.dll - ok
19:13:19.0098 0x0fcc [ B8AEFF80ABD57E6ABC6A46EAC7F4515F, E0387BFB1CA6875D697FB7B95868BF70F4353E336F830446E543453BDA2544C0 ] C:\Windows\System32\msdmo.dll
19:13:19.0098 0x0fcc C:\Windows\System32\msdmo.dll - ok
19:13:19.0113 0x0fcc [ 39D78C0A52A365FB0221BB37A754C9E1, 041E0D7A8948614145CE9A83087F9B4FEEC44003A822C9ED4A5780E365F68171 ] C:\Program Files\AVG\AVG10\avgclitx.dll
19:13:19.0113 0x0fcc C:\Program Files\AVG\AVG10\avgclitx.dll - ok
19:13:19.0113 0x0fcc [ EAFB5897AC9CD84890171AC38862320F, B6DDBA8DFD97A6D5D24BC78D6BECD36C6D8DEED1D27BB741444D06CD0A044FBD ] C:\Windows\System32\taskeng.exe
19:13:19.0113 0x0fcc C:\Windows\System32\taskeng.exe - ok
19:13:19.0113 0x0fcc [ 3B1AEFEFF02479F5A5D772494AFA5DFF, 36E5628E7A38035576FC5AAA58C8D43CBF744B496A6BE72297C56FF2B74CDFF3 ] C:\Windows\ehome\ehprivjob.exe
19:13:19.0113 0x0fcc C:\Windows\ehome\ehprivjob.exe - ok
19:13:19.0129 0x0fcc [ B11FDCA4410D6252964EF97F9A47DE74, 085EDBF22392265B35F0D8A73B1B5DFC0D1CEB4C3493F11361BF4CF6C2223FC5 ] C:\Windows\System32\TSChannel.dll
19:13:19.0129 0x0fcc C:\Windows\System32\TSChannel.dll - ok
19:13:19.0129 0x0fcc [ C3B67925D8778BA5AB5DFA4C9A5301F4, 33C11476AA721AFE5D4D2A58C29D8EAB4E7E06068029A17320D4510C0B607786 ] C:\Windows\System32\SLCExt.dll
19:13:19.0129 0x0fcc C:\Windows\System32\SLCExt.dll - ok
19:13:19.0129 0x0fcc [ C05605F34B72E17F99175B335491E190, 5DA3EFD45447CD898F46EB5C3A56EE9445535A2792ED2843DBF55F2619ED44C9 ] C:\Windows\System32\wmdrmsdk.dll
19:13:19.0129 0x0fcc C:\Windows\System32\wmdrmsdk.dll - ok
19:13:19.0145 0x0fcc [ D6CEFC0FBAF34DC1B91E1B224592A5FE, 458EC13AB53C4BCF21EE0A40A32C65AFB08AB66289B8B017C606CF0ED56FDD36 ] C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll
19:13:19.0145 0x0fcc C:\Windows\System32\spool\drivers\w32x86\3\unidrvui.dll - ok
19:13:19.0145 0x0fcc [ 44B9C62C32CDA7A62BCFE65DDF4D92C4, 6722FC4CAB0F6E7DD10BC77E1FF68E8863B3585F73E3A792AB0863BD02C2C0E6 ] C:\Windows\System32\msdri.dll
19:13:19.0145 0x0fcc C:\Windows\System32\msdri.dll - ok
19:13:19.0145 0x0fcc [ 83BA5E873164A3711B44052F58C8FE9F, 7271ADE7A615E6F33375D23DACC32A8A652AF18CAAF8439F018E32E32E222F5A ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll
19:13:19.0145 0x0fcc C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscoreei.dll - ok
19:13:19.0160 0x0fcc [ 3192ED5E2FFDF5B630541B9643AE1AA3, 5F2A25A3B49E312D39CFD5C3D9E058AC3807016A09458F991894FABEFE029A56 ] C:\Windows\System32\upnp.dll
19:13:19.0160 0x0fcc C:\Windows\System32\upnp.dll - ok
19:13:19.0160 0x0fcc [ 1ADCA2B26975898A4F2466D6CF9A5F80, 421E16AE9BEA04DB9AB4A89A5D7C3E84B04E73B460A5FA77E167D8213FAD3B16 ] C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe
19:13:19.0160 0x0fcc C:\Program Files\Kodak\AiO\Center\AiOHomeCenter.exe - ok
19:13:19.0160 0x0fcc [ BB5A40F6C0049586B3BD2A7B4D640EB9, CBAA3E6E219D0A5292A31874317ABBD4223F3EEF59DE576B56B23A45FDE48A6E ] C:\Program Files\AVG\AVG10\avgcorex.dll
19:13:19.0160 0x0fcc C:\Program Files\AVG\AVG10\avgcorex.dll - ok
19:13:19.0176 0x0fcc [ 3C489390C2E2064563727752AF8EAB9E, BF528F6D4718AC160C103FD89496C6B7BABED7A17A6BD4222D684AF22FE21A49 ] C:\Windows\System32\drivers\fastfat.sys
19:13:19.0176 0x0fcc C:\Windows\System32\drivers\fastfat.sys - ok
19:13:19.0176 0x0fcc [ 5FCE5B36991DBAA99DA9E9C62D8E60AC, AFC1A3A7687D7D859A4C73B705ED0B568E44F6A00A0C4DD18415AE82902004D1 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll
19:13:19.0176 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\LeResourceLoader.dll - ok
19:13:19.0176 0x0fcc [ 1BAC818025403333C11817DAFBCEE283, 077257A112E6CB2EC88EADADC155A75DAE3AF25F52FB2775FA7722904F322BC5 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll
19:13:19.0176 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileLoader.dll - ok
19:13:19.0191 0x0fcc [ C7C30B24C8C57078654BA9574CE70E3D, 2951E16734E98D8825E3CBDB1B312E605A67167CE2DE0B8F4ADDBFCB179E2B69 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll
19:13:19.0191 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonObjects.dll - ok
19:13:19.0191 0x0fcc [ 429E3EFAFCAE6C89A57CD5D8E3442CAE, 56BD6A4C32DBF4165DBF65C1B2A37B4DF3D916C20D1A1BB167579BA5F0278D39 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll
19:13:19.0191 0x0fcc C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorwks.dll - ok
19:13:19.0207 0x0fcc [ C671FD912E050D53E58AAF2E0A0D3418, 95A5164910332E3B3AD5D3EF365082AD5EDE77F767678154D7175B071ACA4419 ] C:\Windows\System32\drmv2clt.dll
19:13:19.0207 0x0fcc C:\Windows\System32\drmv2clt.dll - ok
19:13:19.0207 0x0fcc [ 219F279E9A34C94538647191AB76C735, 0AC8171F2E0C4F01EBB49263A40F21C277CA4B7E747C21F90C0AA527F5AADEE2 ] C:\Windows\System32\esent.dll
19:13:19.0207 0x0fcc C:\Windows\System32\esent.dll - ok
19:13:19.0207 0x0fcc [ 41857DA3EA7A2568E1AAE8FEDC8D8939, A28AA20B33E583325151F5CAB76B9564DD0D90C170FCE550B604ADBCB95CDBE2 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll
19:13:19.0207 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSCommonEnglish.dll - ok
19:13:19.0223 0x0fcc [ 09DEF3ABB6A196749299359AC5578DD8, 056D88D5A6E7C3D0C5EB1CB0C3EF3B03AB5E34D48E53121B674040804620A6FB ] C:\Windows\System32\msxml4.dll
19:13:19.0223 0x0fcc C:\Windows\System32\msxml4.dll - ok
19:13:19.0223 0x0fcc [ 90A3935D05B494A5A39D37E71F09A677, F72733A69BC6E1A2BB91D7632FF3463C12563F60FDCC00A2CDD67FF20D479952 ] C:\Windows\System32\drivers\secdrv.sys
19:13:19.0223 0x0fcc C:\Windows\System32\drivers\secdrv.sys - ok
19:13:19.0223 0x0fcc [ D1AA18D4C77734A04FF19C34CAD414B9, 003B2C7A7C8AD315E16EC477F1E220D8696AE68A2DDE0C60F9FE0206F825338A ] C:\Windows\System32\idndl.dll
19:13:19.0223 0x0fcc C:\Windows\System32\idndl.dll - ok
19:13:19.0238 0x0fcc [ 50D9949020E02B847CD48F1243FCB895, 5BDAD5E44DE5B412645142810C5FCE4B2D9685F928FF4A6B836A9DCE7725BD78 ] C:\Program Files\Skype\Updater\Updater.exe
19:13:19.0238 0x0fcc C:\Program Files\Skype\Updater\Updater.exe - ok
19:13:19.0238 0x0fcc [ BE01E566D1F569AAB32D0335613E1EEA, 997B248BFBDB290206A8496722D6102903634EC0D397694569BC237A681C088F ] C:\Windows\System32\dllhost.exe
19:13:19.0238 0x0fcc C:\Windows\System32\dllhost.exe - ok
19:13:19.0238 0x0fcc [ 1DACD1530C6E58AEAE9F6DE7DA851935, 923C936B935BDCCBE7DD0D6F2921CFA5980FC15F950E29B72E649AC0B9867EB2 ] C:\Windows\System32\shimeng.dll
19:13:19.0238 0x0fcc C:\Windows\System32\shimeng.dll - ok
19:13:19.0254 0x0fcc [ 3CD1B69551236977918E60F9543C89A2, 75468494E37A0C0CF3F182C49A5B45C92661E2C64491418714B9F347138F8492 ] C:\Windows\System32\AtBroker.exe
19:13:19.0254 0x0fcc C:\Windows\System32\AtBroker.exe - ok
19:13:19.0254 0x0fcc [ 799AA3E04879B3FED31ECEA02B1CAA9A, EECEE3F666EE3722B5655E596CF4128303AD6CA3C5B45C3501B4D1D2CEC9FD75 ] C:\Windows\System32\stacsv.exe
19:13:19.0254 0x0fcc C:\Windows\System32\stacsv.exe - ok
19:13:19.0254 0x0fcc [ 8A7B8DA5CA558D2DE47086BB23556543, 092E5DE6E7C1D31040150EB2B3071DC783C26C6A413785C3316F5D8EC5CEABD9 ] C:\Windows\System32\dsound.dll
19:13:19.0254 0x0fcc C:\Windows\System32\dsound.dll - ok
19:13:19.0269 0x0fcc [ 0E135526E9785D085BCD9AEDE6FBCBF9, 75EEA7E5AE90D857B777361A0166F9A82E354F229FD5250AF8738364E6FB45DB ] C:\Windows\System32\userinit.exe
19:13:19.0269 0x0fcc C:\Windows\System32\userinit.exe - ok
19:13:19.0269 0x0fcc [ 9B96F6952186336CC6E3D4E08BE2E0AF, B7DFB14DB60D84062B7E2A2293A4F3F5EF986108EF3C9C1E1CDC284F61981731 ] C:\Windows\System32\dwmapi.dll
19:13:19.0269 0x0fcc C:\Windows\System32\dwmapi.dll - ok
19:13:19.0269 0x0fcc [ D80C6539C00CB4F5D59066865479C308, 53AC27856FC65361FEA6FDF97A94ABEC530AB81113A64428E9F9F8618DCE6D4B ] C:\Windows\System32\dwmredir.dll
19:13:19.0285 0x0fcc C:\Windows\System32\dwmredir.dll - ok
19:13:19.0285 0x0fcc [ 1633289ED1E512D53B7D60FE806600D7, 0269F673BD95860A8B5204E26F54903D7EDBA72E9EF0AF45B3B028F0A3EA13F0 ] C:\Windows\System32\milcore.dll
19:13:19.0285 0x0fcc C:\Windows\System32\milcore.dll - ok
19:13:19.0285 0x0fcc [ 4F554999D7D5F05DAAEBBA7B5BA1089D, 178D20AAECBD408DFFDA71AE4D70AD61C278229B4CD7DCD7B854A9A8404CA657 ] C:\Windows\explorer.exe
19:13:19.0285 0x0fcc C:\Windows\explorer.exe - ok
19:13:19.0301 0x0fcc [ FC4954D8CCDBE5C469F7737525B3300E, 0DCF1219AB9B2D843E7A2393D0CD7F2C0585FD99170CA3AFDE4E3ACFE5D3BC42 ] C:\Windows\System32\cryptnet.dll
19:13:19.0301 0x0fcc C:\Windows\System32\cryptnet.dll - ok
19:13:19.0301 0x0fcc [ 900A9D261859EC999C9C7243410C3203, 9E94AABA792A6E7FEFB745C78C480F74E122EE6E3A6055C7D5DBDDE83FD2AB75 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll
19:13:19.0301 0x0fcc C:\Program Files\Common Files\Roxio Shared\DLLShared\HomeUtils9.dll - ok
19:13:19.0301 0x0fcc [ 743E556A998074ED7EEB99CA495B2E5D, A0DC2ACA6A033906DDA8D7B9790FAD281ABDF2841234ADE46C186F5692758E0B ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll
19:13:19.0301 0x0fcc C:\Program Files\Common Files\Roxio Shared\DLLShared\rsl.dll - ok
19:13:19.0316 0x0fcc [ 74F26FC01B180D4A99A168ED69C30A53, D2FD623D70340F650BFAC8C31102E1B9168FE1750C141A23ACCC1A21F9F93A94 ] C:\Windows\System32\cmd.exe
19:13:19.0316 0x0fcc C:\Windows\System32\cmd.exe - ok
19:13:19.0316 0x0fcc [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\Windows\System32\MFC71.DLL
19:13:19.0316 0x0fcc C:\Windows\System32\MFC71.DLL - ok
19:13:19.0316 0x0fcc [ FCCB019D7E7DFC722F4CF36BDBFE32D0, 3CC14DA907B4EE75EDAF2C9EA1523E7DD581A04E8D8FAC8E9C028B7359B9FC98 ] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000UIP.dll
19:13:19.0316 0x0fcc C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000UIP.dll - ok
19:13:19.0332 0x0fcc [ FAB8F08EC64A54917C07BDB6DC811C95, F586C4A47180FDCFF9849F97CA2DBC4600D3CCEECF3609D8E97A4C2A412122AE ] C:\Windows\System32\d3d9.dll
19:13:19.0332 0x0fcc C:\Windows\System32\d3d9.dll - ok
19:13:19.0332 0x0fcc [ A1AAC0D6828D2A69A952321AA9950A47, 9096A336171A0AB786F509E8AB7DDC39A473CCF92E930E658342AC03D76453B7 ] C:\Windows\System32\netsh.exe
19:13:19.0332 0x0fcc C:\Windows\System32\netsh.exe - ok
19:13:19.0347 0x0fcc [ 3DBFEBE4DDF9CE3D647FAAFC1D15F3C6, 90978B81E7C6488E06C9AEA65CFD594FF9B55F41EE17BF20FB34EBD31B3D24BE ] C:\Windows\System32\mprapi.dll
19:13:19.0347 0x0fcc C:\Windows\System32\mprapi.dll - ok
19:13:19.0347 0x0fcc [ AF2CAAAF1E82C14F37F5BD7D1E6E18E1, 55B3675E074FAC0D6FA9ACAB98D6A49A5EC01846AA970EE2813F8A85CD137533 ] C:\Windows\System32\compstui.dll
19:13:19.0347 0x0fcc C:\Windows\System32\compstui.dll - ok
19:13:19.0347 0x0fcc [ 782C8019C89920A77B1907AD3B4C8FF9, B38C1B9C022B2B2CCC860845ABC7CE2803A251477D07F1DE7B7F7AAB02376EDB ] C:\Windows\System32\HotStartUserAgent.dll
19:13:19.0347 0x0fcc C:\Windows\System32\HotStartUserAgent.dll - ok
19:13:19.0363 0x0fcc [ D4A2E4A4B011F3A883AF77315A5AE76B, 29E18087236A592638570F76691BC5C64CCA383F43EE22DF122413860E2D882C ] C:\Windows\System32\drivers\tcpipreg.sys
19:13:19.0363 0x0fcc C:\Windows\System32\drivers\tcpipreg.sys - ok
19:13:19.0363 0x0fcc [ BAF751E7061FF626AA60F56D1D5D1FDC, 177B0BAC987E7882449BD7C5900406F61A997F97EA1797614C8D86F40F03648B ] C:\Windows\System32\MFC71ENU.DLL
19:13:19.0363 0x0fcc C:\Windows\System32\MFC71ENU.DLL - ok
19:13:19.0363 0x0fcc [ BF47ED87EADBF5E31F7E95D7CD2369D7, F09548AA7379D5924352223A097CA6B4023BE2FBC078753D652D2E987B36CF23 ] C:\Windows\System32\stapi32.dll
19:13:19.0363 0x0fcc C:\Windows\System32\stapi32.dll - ok
19:13:19.0379 0x0fcc [ 254AC97C9AF4DDF3F5F57855198527B7, 3F78B76BEC50B333ED9A4C0064EBCB573FFF885813A212407E32126F2167B5DE ] C:\Windows\System32\wermgr.exe
19:13:19.0379 0x0fcc C:\Windows\System32\wermgr.exe - ok
19:13:19.0379 0x0fcc [ 6B08495EA542B1DACB6B6A853FE21D44, 4CF55C9F37E64DEE863A062C43F0D319D439028970681863BEBF21C38BFCB2A6 ] C:\Windows\System32\MsCtfMonitor.dll
19:13:19.0379 0x0fcc C:\Windows\System32\MsCtfMonitor.dll - ok
19:13:19.0379 0x0fcc [ 57125869A7B9638A5D11DD685AA65EB4, ADDEA7198DD1586D1D4E4DC1091369BC5702CED5E4FF8A0B42A06626D8DA28D7 ] C:\Windows\System32\PlaySndSrv.dll
19:13:19.0379 0x0fcc C:\Windows\System32\PlaySndSrv.dll - ok
19:13:19.0394 0x0fcc [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll
19:13:19.0394 0x0fcc C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok
19:13:19.0394 0x0fcc [ 428FF21418ADCD6FAD6189CD9520A67B, E9021A9B74AC6C4F7317704DF6A66B1A5C3D05DD2535989942005D638340010D ] C:\Windows\System32\wiatrace.dll
19:13:19.0394 0x0fcc C:\Windows\System32\wiatrace.dll - ok
19:13:19.0394 0x0fcc [ 0C84B6AFFA7486422235584110D7176F, 28B4E83884442D19CFA60FD727FB8A7BD9273E048B324D1A31F3CABF7D6054D3 ] C:\Windows\System32\icaapi.dll
19:13:19.0394 0x0fcc C:\Windows\System32\icaapi.dll - ok
19:13:19.0410 0x0fcc [ 68A11EB85D8BEC7329FEF4C7F6612972, 882C05AC2DD3338654BFFB936211015C61D319E4820143804AFB88291F839311 ] C:\Windows\System32\msutb.dll
19:13:19.0410 0x0fcc C:\Windows\System32\msutb.dll - ok
19:13:19.0410 0x0fcc [ EEF8941ABBD675AE84D016B4BDF9A6B4, 811C602EEDCD94EE995B69467B2D6A2DDFE469CB5A82745B9C35F22E3300CD35 ] C:\Windows\System32\wer.dll
19:13:19.0410 0x0fcc C:\Windows\System32\wer.dll - ok
19:13:19.0410 0x0fcc [ 1F18B9EA1BBFF033413414C3BEA13AD6, EC549203DD16A70F3275500CF1754198FDD4F619A0EC973FF8D4A9934DAACE6B ] C:\Windows\System32\wbem\WinMgmtR.dll
19:13:19.0410 0x0fcc C:\Windows\System32\wbem\WinMgmtR.dll - ok
19:13:19.0425 0x0fcc [ 2722DF0EAA13B4B363DA9753D16D2106, 473FA1113FBFC3C70C88456002F46EFE20AAE27394991CA4D4C73B7C32481B68 ] C:\Windows\System32\PortableDeviceApi.dll
19:13:19.0425 0x0fcc C:\Windows\System32\PortableDeviceApi.dll - ok
19:13:19.0425 0x0fcc [ CCAF246004F719F858E841A2BA12C308, FB565657FBE4F1A65761D772976992C3AB250E65DA12C03F4B9C8545EE37E662 ] C:\Windows\System32\wsdchngr.dll
19:13:19.0425 0x0fcc C:\Windows\System32\wsdchngr.dll - ok
19:13:19.0425 0x0fcc [ 3C84FCA13C4EB607478A45F2D7E16DB3, 0C5F8A7A129C0440059FA17F6F876AC22989B96D9A34212B670B8504D9207857 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll
19:13:19.0425 0x0fcc C:\Program Files\Common Files\Roxio Shared\DLLShared\SonicHTTPClient9.dll - ok
19:13:19.0441 0x0fcc [ 293C5CCD99D332ECC94637FEDA38D1F2, A220C2F2F2C2075B724EFBD15A3F354824859AE28C3A548E76306DD6AE1FB723 ] C:\Windows\System32\TMM.dll
19:13:19.0441 0x0fcc C:\Windows\System32\TMM.dll - ok
19:13:19.0441 0x0fcc [ 4934241CD20AC87D78121352E3BA8318, DACD7A7E0A41B011AD306972876568F27CDCF064EDFF71024BC0D4B595B666A7 ] C:\Windows\System32\dbghelp.dll
19:13:19.0441 0x0fcc C:\Windows\System32\dbghelp.dll - ok
19:13:19.0441 0x0fcc [ CD6DA5770CAE9D5E6E86722E17B442E0, 9F0EE70460FFA43E869C3821F0AF6646D97E0F463A87B50B167ECAD44DF2E523 ] C:\Windows\System32\d3d8thk.dll
19:13:19.0441 0x0fcc C:\Windows\System32\d3d8thk.dll - ok
19:13:19.0457 0x0fcc [ 7BE97F43723DC53B65A6DE5FCA76E4C2, C34CB6C2AEF87B76A775C04FD6FB067781DE2E486F497197754237F36B6EA184 ] C:\Windows\System32\igdumd32.dll
19:13:19.0457 0x0fcc C:\Windows\System32\igdumd32.dll - ok
19:13:19.0457 0x0fcc [ A3C1B75B0156D5B68B271C6FE0A5FDE7, 646D5A33EA101F72B95DE7922F796A0E10CEA935A5CB4CF336D6581F6B2AAFC4 ] C:\Windows\System32\browseui.dll
19:13:19.0457 0x0fcc C:\Windows\System32\browseui.dll - ok
19:13:19.0457 0x0fcc [ C150FF2F2085D60E5060EECA1D2CCB8A, 35AA83D31FAF4253E04E071626DD39CA9BBD60C8CE1B637CE1FD0111412BDE81 ] C:\Windows\System32\kodak\kds_aio5000\EKAiOWia2Drv.dll
19:13:19.0457 0x0fcc C:\Windows\System32\kodak\kds_aio5000\EKAiOWia2Drv.dll - ok
19:13:19.0472 0x0fcc [ 0CBD1906F74BEB539FCEF6493095B933, 0ED57053DB07F2C0892F785AA65FE634FC9EC8187D45193D6899EA26B7C9B274 ] C:\Windows\System32\tquery.dll
19:13:19.0472 0x0fcc C:\Windows\System32\tquery.dll - ok
19:13:19.0472 0x0fcc [ DCA3FA9F9DD103DC39C24C85EF073DB1, 6BB256E69F32DACA7BB0A78AF175D8F824D8E8F29191B1266AD709B4CEA503A3 ] C:\Windows\System32\icmp.dll
19:13:19.0472 0x0fcc C:\Windows\System32\icmp.dll - ok
19:13:19.0472 0x0fcc [ 214ABDCD522ED606C63F13DD886D862A, BBC9DA63832C36CC7616812307E93E5D8316F917F848B950361D8EC058EEEE63 ] C:\Windows\System32\dhcpcmonitor.dll
19:13:19.0472 0x0fcc C:\Windows\System32\dhcpcmonitor.dll - ok
19:13:19.0488 0x0fcc [ DE81240BD5476BB8AA2261349AB32FF8, 216D034B2566D52B04C823518D01D4802BF2978F3218BAA26808F145D4AFFD46 ] C:\Program Files\AVG\AVG10\avgamnot.dll
19:13:19.0488 0x0fcc C:\Program Files\AVG\AVG10\avgamnot.dll - ok
19:13:19.0488 0x0fcc [ 617FB85504F7BE3D0231B5C67724B1BA, F1EDFBA407E2F9D6FD14192E6DDC55EC34835A540B5DA71CC85258633FDC8377 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll
19:13:19.0488 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\mscorlib\0309936a8e1672d39b9cf14463ce69f9\mscorlib.ni.dll - ok
19:13:19.0503 0x0fcc [ BDE89AB6F15F0093A2A7861D1FC413ED, CDD703B147DD2B49FB4DD3EF8E8E97A9496782462AF8D65AC70D3075E4E0514A ] C:\Windows\System32\QAGENT.DLL
19:13:19.0503 0x0fcc C:\Windows\System32\QAGENT.DLL - ok
19:13:19.0503 0x0fcc [ 8BEB91025512C439B4B8624A0CFBD2C3, E069CCAF57FCA6C6A351FF622A21B336909F957C9EBC88CC191605A24298D529 ] C:\Windows\System32\wbem\wbemcore.dll
19:13:19.0503 0x0fcc C:\Windows\System32\wbem\wbemcore.dll - ok
19:13:19.0503 0x0fcc [ 769D027B977CED05658C85E698D3C5B1, AD17B98BC2E2CEA59CC603264F171098AE77F16B7E9C61080F7E2DC50EE74637 ] C:\Windows\System32\QUTIL.DLL
19:13:19.0503 0x0fcc C:\Windows\System32\QUTIL.DLL - ok
19:13:19.0519 0x0fcc [ E4C3ADB6FABB7961C6CBAA4D2642A8A5, 6AE12DCA10C1B41CD778617ED8A79CE79CAA907A5D470970BBB4E642641D194D ] C:\Program Files\iolo\System Mechanic\ioloGovernor.exe
19:13:19.0519 0x0fcc C:\Program Files\iolo\System Mechanic\ioloGovernor.exe - ok
19:13:19.0519 0x0fcc [ FAF3D589C7E28315EBFCDFA4EE9C610E, 95A2A89AF889AFEA81C265DD8D1E42D85D99441C24FCD419B700D6596F5F4BE6 ] C:\Windows\System32\DHCPQEC.DLL
19:13:19.0519 0x0fcc C:\Windows\System32\DHCPQEC.DLL - ok
19:13:19.0519 0x0fcc [ 8F2E5F841DF279C41FA011E8F2E945BC, FA3E1921C7193689567A7E0B7AEC0556C661280D62986B9495CE0483D72A13C8 ] C:\Program Files\AVG\AVG10\avgidpsdkx.dll
19:13:19.0519 0x0fcc C:\Program Files\AVG\AVG10\avgidpsdkx.dll - ok
19:13:19.0535 0x0fcc [ 7EDD3CDEFF1004CF15E5C86168FF2D62, 13E35CEC504AD3FA4D365692082F1A0A7BEA9A1A73D539078CC1B740E47F8ADD ] C:\Windows\System32\wbem\esscli.dll
19:13:19.0535 0x0fcc C:\Windows\System32\wbem\esscli.dll - ok
19:13:19.0535 0x0fcc [ 0B14724F4869639B92CEF25F2CF72448, 4A94AAF5815AF29AF61A99ACB9A7E1E9E16C9C54A4DA38F6FEADD116CE4539BC ] C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe
19:13:19.0535 0x0fcc C:\Program Files\Uniblue\DriverScanner\dsmonitor.exe - ok
19:13:19.0535 0x0fcc [ E65C5F612400B39D7AA83E7057D798C2, EB6A3DB47C3973D686A0F0C8DD4291A484D3CCC0C1F21EF6D1E47C5181CACFC8 ] C:\Windows\System32\mssrch.dll
19:13:19.0535 0x0fcc C:\Windows\System32\mssrch.dll - ok
19:13:19.0550 0x0fcc [ 109F6C42B99F746E4963F252768667AC, 6342374A1831F45FD11892401150369BD6D9AC35B2C220B451395B120A626D2D ]
Holsten87
2014-07-24, 20:22
C:\Windows\System32\igfxTMM.dll
19:13:19.0550 0x0fcc C:\Windows\System32\igfxTMM.dll - ok
19:13:19.0550 0x0fcc [ 52A53BCCCF489D4097191B7B78DFFA58, 2DB80A1D1E69397E297BD525EB5CD1BB7EE8B373D378AADFA4F2EE50294272E7 ] C:\Windows\System32\wbem\fastprox.dll
19:13:19.0550 0x0fcc C:\Windows\System32\wbem\fastprox.dll - ok
19:13:19.0550 0x0fcc [ AD0377359602ED04ABC4A06A7959EC14, 9C143F4B1B6FDEDFA6BFE46681E025796E684664D7EB740435D2ED6D4EBDADCB ] C:\Program Files\iolo\System Mechanic\pl_rsrc_english.dll
19:13:19.0566 0x0fcc C:\Program Files\iolo\System Mechanic\pl_rsrc_english.dll - ok
19:13:19.0566 0x0fcc [ 5A7FF9A18FF6D7E0527FE3ABF9204EF8, 3660379AADB6DB56E54D9C680929CD3882CDE4E6A8BB888FC892110D6B50C627 ] C:\Windows\System32\drivers\XAudio.sys
19:13:19.0566 0x0fcc C:\Windows\System32\drivers\XAudio.sys - ok
19:13:19.0566 0x0fcc [ AAB5FEAABF4CB6F76D794203831C8D94, 2E773665AEC22EAE334F4123F1B1D183790FA165E54C126246E32B8DAB4CD67F ] C:\Windows\System32\msidle.dll
19:13:19.0566 0x0fcc C:\Windows\System32\msidle.dll - ok
19:13:19.0581 0x0fcc [ 3A5BDC4FC1F314359CB12B8186E3E107, 0C1A98AC234DC86FE39537DFC626CA71AD852F96E0C05EF65E634E1B50D8FD3A ] C:\Windows\System32\wbem\wbemsvc.dll
19:13:19.0581 0x0fcc C:\Windows\System32\wbem\wbemsvc.dll - ok
19:13:19.0581 0x0fcc [ 28DC5D626E036A75A572556F0A6EB1F6, 9AE635C08B87AD85A552ADE0AF8BA10DC258E0DEFE133A2A74EFCD43B7A38A98 ] C:\Windows\System32\drivers\XAudio.exe
19:13:19.0581 0x0fcc C:\Windows\System32\drivers\XAudio.exe - ok
19:13:19.0581 0x0fcc [ DC30569EAEFAF3455CE765AE8FDAF48B, 956986FE7CBB57E908638E840717B46D6587F4ABB226A4926E72D4AC5925C3C3 ] C:\Windows\System32\wbem\wmiutils.dll
19:13:19.0581 0x0fcc C:\Windows\System32\wbem\wmiutils.dll - ok
19:13:19.0597 0x0fcc [ 60802D34ABEE835CE80CEA4CE04A2140, 137C99535EA521E4C1BD3FC6B45EF8CC07D1202D71E8D8601AD5AD3A44E19C85 ] C:\Windows\System32\Query.dll
19:13:19.0597 0x0fcc C:\Windows\System32\Query.dll - ok
19:13:19.0597 0x0fcc [ 4C39358EBDD2FFCD9132A30E1EC31E16, 06918CF99AD26CD6CF106881C0D5BDB212DC0BAC4549805C9F5906E3D03D152C ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
19:13:19.0597 0x0fcc C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
19:13:19.0597 0x0fcc [ AEBE03598B8E354235701FA881C63123, BA49268BF2FCB1EE247EA3F708D1FA5372AFB22DC6B1CC9278E86B53206F230F ] C:\Windows\System32\rasmontr.dll
19:13:19.0597 0x0fcc C:\Windows\System32\rasmontr.dll - ok
19:13:19.0613 0x0fcc [ 220DB6D951B90C5CEDDB4D3A93C108DF, F995E294740BC02C8B14AE020E0AEDA96A03BF1F38BBF1A22B88A93C7429818D ] C:\Windows\System32\wbem\repdrvfs.dll
19:13:19.0613 0x0fcc C:\Windows\System32\wbem\repdrvfs.dll - ok
19:13:19.0613 0x0fcc [ C5559DE2EC66CEDE15A1664F6D183D8E, D326E2A290F978E1B3D77E4D9020B5CA12FBF80913D6E5D8AB7327A0D543CF24 ] C:\Windows\System32\drivers\AVGIDSFilter.sys
19:13:19.0613 0x0fcc C:\Windows\System32\drivers\AVGIDSFilter.sys - ok
19:13:19.0613 0x0fcc [ BF7E4D6F60A6D9E866432855C6F8C262, 6E99AA4BD3867867C6DE1B37F0EA8A1332190D23CD72752889B7A5C90DDC610F ] C:\Windows\System32\sqmapi.dll
19:13:19.0613 0x0fcc C:\Windows\System32\sqmapi.dll - ok
19:13:19.0628 0x0fcc [ 2EF3BBE22E5A5ACD1428EE387A0D0172, 55DB91EDD0339D2434C06445F8A716A48EA90925B0FF7EBF45BB79D4B54B80BF ] C:\Windows\System32\netprofm.dll
19:13:19.0628 0x0fcc C:\Windows\System32\netprofm.dll - ok
19:13:19.0628 0x0fcc [ E8A6413CE73FD6C7586F27443A3171C8, 9CB02274FF51E98C6E75612D64B2D19B6B29429C0341DEDF9D5BD67CC189706E ] C:\Program Files\AVG\AVG10\avgnsx.exe
19:13:19.0628 0x0fcc C:\Program Files\AVG\AVG10\avgnsx.exe - ok
19:13:19.0628 0x0fcc [ A952D0DED445F26AEFCF593A935AB300, 3A5D7D33D6445B146C9F1ABAE7A705EB53E5C4800CE3F04A9392C42E0D9ECBBD ] C:\Windows\System32\hnetcfg.dll
19:13:19.0628 0x0fcc C:\Windows\System32\hnetcfg.dll - ok
19:13:19.0644 0x0fcc [ 6544320E7BABB601E9D95A1FEFE7FC49, BC21D81FA75D19FC289BDFE48D26D7931019E80E2F470472FA95A922B8604DBC ] C:\Windows\System32\wmpmde.dll
19:13:19.0644 0x0fcc C:\Windows\System32\wmpmde.dll - ok
19:13:19.0644 0x0fcc [ DFCAB29E8FD38F95650CC1E203E8D318, 96B444CF2FA218447A29BC5BF4308E3A5A47203555A460E79056EE6AC4875F9A ] C:\Windows\System32\npmproxy.dll
19:13:19.0644 0x0fcc C:\Windows\System32\npmproxy.dll - ok
19:13:19.0644 0x0fcc [ E3C0A4C317299B53B8099402C9EC61EF, A6EAC5FDDCCA5C85D81C212C4EC3DF25F35ABF07B44B2E18432A9079BA529739 ] C:\Program Files\iolo\System Mechanic\ioloPGE.dll
19:13:19.0644 0x0fcc C:\Program Files\iolo\System Mechanic\ioloPGE.dll - ok
19:13:19.0659 0x0fcc [ 96EC140D8EC76556A3651987B7102F92, 57D3AFED0B8CCBA8C613A7AACAE443C141C23F5B93C5DF4E67E8385EBE5809D0 ] C:\Program Files\AVG\AVG10\avgsched.dll
19:13:19.0659 0x0fcc C:\Program Files\AVG\AVG10\avgsched.dll - ok
19:13:19.0659 0x0fcc [ E9C360649AD4B2DDF744DB71A4A9F832, D0B266C9F0429948F80D8AFBC73E36DFEBD1F1B01D2D43A34DCB0C888734E3F4 ] C:\Windows\System32\mf.dll
19:13:19.0659 0x0fcc C:\Windows\System32\mf.dll - ok
19:13:19.0659 0x0fcc [ 55740F2D627E528F09A1CB1E83CB7AEE, 57678E276D9066F2DECAA5A68FEA84267F75186D49AF2F56263F0C3EEB52FAB0 ] C:\Windows\System32\en-US\tquery.dll.mui
19:13:19.0659 0x0fcc C:\Windows\System32\en-US\tquery.dll.mui - ok
19:13:19.0675 0x0fcc [ 36E71077E1660F81CFDB80FB7272CC00, 44BBD43D4D0EEE51C4F58EC6B3B9D1075871FD1F1479C7CE77F5CBE4366C9DEA ] C:\Program Files\Kodak\AiO\Center\Inkjet.Automation.dll
19:13:19.0675 0x0fcc C:\Program Files\Kodak\AiO\Center\Inkjet.Automation.dll - ok
19:13:19.0675 0x0fcc [ BDF166C4515E4AFAFE285E717B428418, 5CE6B66C38343C8039091236EAB0F7B10ED6B3DC310A76879ADD1F08BE454325 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll
19:13:19.0675 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\System\9dff86a62a525ec8dc827fe9f50298b7\System.ni.dll - ok
19:13:19.0691 0x0fcc [ 08578F3CA5365F896D90CE2BF97FD000, B081E6B39D69141B3AD31E127DA18756EBB68F47E649635D78D45B25EBDC2511 ] C:\Windows\System32\IconCodecService.dll
19:13:19.0691 0x0fcc C:\Windows\System32\IconCodecService.dll - ok
19:13:19.0691 0x0fcc [ 8F580BCC5296ECC9DC8A649D75BE6BA5, 3F4DF0340FE3EF425FA2D88D07FC1CA7D3BF1CF0D044A1C4B0937E687FD29488 ] C:\Windows\System32\msscb.dll
19:13:19.0691 0x0fcc C:\Windows\System32\msscb.dll - ok
19:13:19.0706 0x0fcc [ 853AB2F2A2267FE90D1D4E9B0C8CF314, 11003CE0D4836D5C79AAB3A964FBEABA8A36B8647DD2B33D8F4D4163063A32F1 ] C:\Program Files\AVG\AVG10\avgchsvx.exe
19:13:19.0706 0x0fcc C:\Program Files\AVG\AVG10\avgchsvx.exe - ok
19:13:19.0706 0x0fcc [ E0E0B180CFA3B1A1322AC4AEA5FFBEBF, FC19ADE7FBD47024C9E29069521073FFD3D079B4E2AFED00D0D62E633139720D ] C:\Program Files\AVG\AVG10\avgrsx.exe
19:13:19.0706 0x0fcc C:\Program Files\AVG\AVG10\avgrsx.exe - ok
19:13:19.0706 0x0fcc [ F2B888A05576232F74A07A5724366B33, 7617142036BE9223962110D9E1422829D0BE63489C80B58F35FC15926D649876 ] C:\Windows\System32\evr.dll
19:13:19.0706 0x0fcc C:\Windows\System32\evr.dll - ok
19:13:19.0722 0x0fcc [ 1C8D965BBCAA9EE5DEFDB54743437086, 6B431CA9B20D0E066B71A8CA4430D74C0EA72FF0CB12F0D3A5F4E6A065244A37 ] C:\Windows\System32\drivers\AVGIDSDriver.sys
19:13:19.0722 0x0fcc C:\Windows\System32\drivers\AVGIDSDriver.sys - ok
19:13:19.0722 0x0fcc [ E91A23A9BC6DC56A049EB16096C17D02, 184BD8D3C6C19BC80CED1DFBAD12FD48A36183406B1D904B7A5732E6CD9A6059 ] C:\Windows\System32\wbem\WmiPrvSD.dll
19:13:19.0722 0x0fcc C:\Windows\System32\wbem\WmiPrvSD.dll - ok
19:13:19.0722 0x0fcc [ 1A3579ECEE56C4D4D32204D8C667CA6C, 1290236E50005920C78C10E36A80CDB96BE20A834D63206D13AD6B8EBCBD6004 ] C:\Program Files\AVG\AVG10\avgchjwx.dll
19:13:19.0722 0x0fcc C:\Program Files\AVG\AVG10\avgchjwx.dll - ok
19:13:19.0738 0x0fcc [ 24422E879BAEA2B69C9B131548D16888, 7792638297A80EE4765002EB05D4D66463405D364F9914929DBD431F2B3AA591 ] C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll
19:13:19.0738 0x0fcc C:\Program Files\Common Files\Roxio Shared\DLLShared\rcsl.dll - ok
19:13:19.0738 0x0fcc [ 009758CC06B7F55B4A4D16A66E243C24, B3993D09584736B0FA80839450B1A4F46C6C8FE393CE25ECB0B51EE9545B5E55 ] C:\Windows\System32\wuapi.dll
19:13:19.0738 0x0fcc C:\Windows\System32\wuapi.dll - ok
19:13:19.0753 0x0fcc [ 1D326842006C4BE77ECD848CF89F01AB, D79EBBA1184DDF1C0BE3781AB8490FAF3BACA26D2A062A4C9A6DEBC348F9B827 ]
C:\Windows\System32\wups.dll
19:13:19.0753 0x0fcc C:\Windows\System32\wups.dll - ok
19:13:19.0753 0x0fcc [ 7A0F6A3E0E41425B9BA54616B482668A, 096BE4C9D44CD8BB63E3415DF70035C63B43B43E191C7311DCA05532C0DDF840 ] C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe
19:13:19.0753 0x0fcc C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe - ok
19:13:19.0753 0x0fcc [ F2DC1CE3A91C87E7995500E989A5D2F1, BD3E829AE84C97A16FA8E1C57D62ED4EC4E60F93E26710D446A91562DC959359 ] C:\Windows\System32\mfc42u.dll
19:13:19.0753 0x0fcc C:\Windows\System32\mfc42u.dll - ok
19:13:19.0769 0x0fcc [ D02675B1C7F1EE276248C7EE039F1D63, DD858AFE99D8096547FDF6F9B40D65D236C14872429936BD96B4A54303DE517A ] C:\Windows\System32\wscisvif.dll
19:13:19.0769 0x0fcc C:\Windows\System32\wscisvif.dll - ok
19:13:19.0769 0x0fcc [ FE3702015BE4D214808A2FBC07B8E5FF, D1C9254994D5266F54349A62B5DEB2C989ADFF65ED460D8B65C20F4063CFACD1 ] C:\Windows\System32\wscproxystub.dll
19:13:19.0769 0x0fcc C:\Windows\System32\wscproxystub.dll - ok
19:13:19.0769 0x0fcc [ E175A3A80D3626A3EB01A378D758DF8C, EC483B67000CFC7F134B3BCC33448C5B966EA1FB61DC818E700CEE37CAC75DEE ] C:\Program Files\AVG\AVG10\avgcclix.dll
19:13:19.0769 0x0fcc C:\Program Files\AVG\AVG10\avgcclix.dll - ok
19:13:19.0784 0x0fcc [ 111C47816F39A91EAAA18DA0A54E8E63, 6910253AA5DFD7E2656C65B7227E7D546648D6C55600552D79FA275D0331AA00 ] C:\Windows\System32\imageres.dll
19:13:19.0784 0x0fcc C:\Windows\System32\imageres.dll - ok
19:13:19.0784 0x0fcc [ 80AEC7987F4F315DC8B65FA1A42FF554, 5475939ADA6CB89441A4D9C478D9D189573A3BF7126B36A21DF0BF610964B0DA ] C:\Program Files\AVG\AVG10\avgwdwsc.dll
19:13:19.0784 0x0fcc C:\Program Files\AVG\AVG10\avgwdwsc.dll - ok
19:13:19.0784 0x0fcc [ 2FE694541C5D0D2A874CCC222BBFC7D0, 2D4F09C4A23B30C5F69FC0CE7529804145A8A76419A3D9072011B8306299F88F ] C:\Program Files\AVG\AVG10\avgcsrvx.exe
19:13:19.0784 0x0fcc C:\Program Files\AVG\AVG10\avgcsrvx.exe - ok
19:13:19.0800 0x0fcc [ 7BC1F13C4A5DA1C8755B7FE0B470E87C, F4991E387A82C997CEC4954FBC6EDFC41F07D95CC1DE80A58A081F9E1AF11247 ] C:\Windows\System32\wercon.exe
19:13:19.0800 0x0fcc C:\Windows\System32\wercon.exe - ok
19:13:19.0800 0x0fcc [ F87B323F07BA4FA5ED6FBC7DABDFAF42, 682F9AD4372E26929DB1B165032A8FAC10FE5D43346765885EC09FCE63B0377B ] C:\Program Files\Kodak\AiO\Center\Inkjet.DeviceSettings.dll
19:13:19.0800 0x0fcc C:\Program Files\Kodak\AiO\Center\Inkjet.DeviceSettings.dll - ok
19:13:19.0816 0x0fcc [ 1E9839FD8F51E4836A219ABCBDCBEA6B, B9D364E33D1EE512833EAC404A6AE103DE18F0B333541B91B6FB32BF431640E8 ] C:\Program Files\AVG\AVG10\avgcertx.dll
19:13:19.0816 0x0fcc C:\Program Files\AVG\AVG10\avgcertx.dll - ok
19:13:19.0816 0x0fcc [ FB50C8BAF2334E032DB4885A5D198151, 350CC331F86408863BA432FEE92695ED36F2AE3C0382EBADEFBC5C953F94BAB0 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Localization.dll
19:13:19.0816 0x0fcc C:\Program Files\Kodak\AiO\Center\Inkjet.Localization.dll - ok
19:13:19.0816 0x0fcc [ 2309320E453A7004B65C4D4075C1E7D6, B5753691FFC60F0968ED6F68A7DBF8ADEA607E6C2E3A18CC0CD608F11789E06F ] C:\Windows\System32\igfxdev.dll
19:13:19.0816 0x0fcc C:\Windows\System32\igfxdev.dll - ok
19:13:19.0831 0x0fcc [ DB359D68D8B5D7E1C0A1961916BBA905, BBA59068A02406897A3B7C5A507511D493D5D68B67B57F168CEED575CAD1AA9D ] C:\Program Files\AVG\AVG10\avgchclx.dll
19:13:19.0831 0x0fcc C:\Program Files\AVG\AVG10\avgchclx.dll - ok
19:13:19.0831 0x0fcc [ C3470899CC326070BF482429F3EE1DC7, CEA0FDD1E9EBF290BDFE471AECEE979EDF27D189CF2AFDC6AB0D740717FF5818 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Diagnostics.dll
19:13:19.0831 0x0fcc C:\Program Files\Kodak\AiO\Center\Inkjet.Diagnostics.dll - ok
19:13:19.0831 0x0fcc [ 05BBBBAA52C9E56338EADC9479FD0701, CB2F82BCC1C73638D873AB3DECD338437EFC30FA8B9723F6DE91ED6C5F7BF59F ] C:\Program Files\Kodak\AiO\Center\Inkjet.Utilities.dll
19:13:19.0847 0x0fcc C:\Program Files\Kodak\AiO\Center\Inkjet.Utilities.dll - ok
19:13:19.0847 0x0fcc [ 801027F97983D22AB6F177C658F70C02, 3DD9EBA11CEE62D6B2A2E4F8B3D7F0286DD94976606C66A2516B5E4CB6E41E63 ] C:\Windows\System32\wmp.dll
19:13:19.0847 0x0fcc C:\Windows\System32\wmp.dll - ok
19:13:19.0847 0x0fcc [ 91348B1316E54677ADF12FF3E4B33522, E1EE759C4A88BAD24175ACAAFFDAF7AF47D4C62B1BA079CC38930ED950574C1B ] C:\Program Files\Kodak\AiO\Center\Inkjet.Configuration.dll
19:13:19.0847 0x0fcc C:\Program Files\Kodak\AiO\Center\Inkjet.Configuration.dll - ok
19:13:19.0862 0x0fcc [ 21752EE3EE7C8269220FEC2C6A6C9C6D, AB60C2710E0477A0D5DBBA0BCFBF9FF454A5462B1C8B72F91692BCAA648ACB0E ] C:\Windows\System32\PresentationSettings.exe
19:13:19.0862 0x0fcc C:\Windows\System32\PresentationSettings.exe - ok
19:13:19.0862 0x0fcc [ 2DFEDE497E82D65A4A003FE64A19A98A, 5186BB03C31C8C05208C60D4C7307CD53E99C7671246B9DEE28D69C65899E833 ] C:\Windows\System32\igfxsrvc.exe
19:13:19.0862 0x0fcc C:\Windows\System32\igfxsrvc.exe - ok
19:13:19.0862 0x0fcc [ 79F1A306B8F247261DF16444069BAC8C, 30D8FC6CF95EE9B4B9EDC9406A320C723A2A76EED09947DF6760ECE9E9B912B2 ] C:\Program Files\Kodak\AiO\Center\jabber-net.dll
19:13:19.0862 0x0fcc C:\Program Files\Kodak\AiO\Center\jabber-net.dll - ok
19:13:19.0862 0x0fcc [ CABE68B4AD2FEC8C18E18F73303EB26F, 85EE2EF9BDC3A209740E7124F8A34DC0F5A6286E1FBAC49E0FF994B2542DE7BC ] C:\Windows\System32\odbc32.dll
19:13:19.0862 0x0fcc C:\Windows\System32\odbc32.dll - ok
19:13:19.0878 0x0fcc [ 9A6A653ADF28D9D69670B48F535E6B90, 72351645184693A879CFF7FD171A182F24B7F72EA313E8D42F2744D0421FE188 ] C:\Windows\System32\runonce.exe
19:13:19.0878 0x0fcc C:\Windows\System32\runonce.exe - ok
19:13:19.0878 0x0fcc [ D3E30F36EBE11C59D8A2AB066845A957, 9FBF15BBDE712055BE7F48A38BB7982A992FF1688CCA43562E2580340717332F ] C:\Program Files\Kodak\AiO\Center\Newtonsoft.Json.Net20.dll
19:13:19.0878 0x0fcc C:\Program Files\Kodak\AiO\Center\Newtonsoft.Json.Net20.dll - ok
19:13:19.0878 0x0fcc [ 887F5BE6B03F0B8B5842582804A9CB5B, E8D9A20C8A7BFF0464C063501617511F34AB1436537BA79D2D708754D8771707 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Statistics.dll
19:13:19.0894 0x0fcc C:\Program Files\Kodak\AiO\Center\Inkjet.Statistics.dll - ok
19:13:19.0894 0x0fcc [ BC913F5E83DA1358DE2123F3589E4A75, A0E9A2CB8DC6391D34B630BDD36792EACE76563239B2C1DC6A836E7ED0AA6EC5 ] C:\Program Files\Kodak\AiO\Center\Inkjet.Hardware.dll
19:13:19.0894 0x0fcc C:\Program Files\Kodak\AiO\Center\Inkjet.Hardware.dll - ok
19:13:19.0894 0x0fcc [ 1189F18171C525F291D750342E629CAA, 89E6F3506A268EF8D782986D7868DBFB1428D5223E7E97054463FE9CFCAB4632 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\da13a0d01475bdb012e74edcb06cbd89\Inkjet.Automation.ni.dll
19:13:19.0894 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Automation\da13a0d01475bdb012e74edcb06cbd89\Inkjet.Automation.ni.dll - ok
19:13:19.0894 0x0fcc [ 4E6B2E600AEB7FB2668A41AC4AA5A536, 5DFE276F4ACA970E478D8D0F4966550EA7C798B56DBC011ED2AC91F549734716 ] C:\Windows\System32\msvfw32.dll
19:13:19.0894 0x0fcc C:\Windows\System32\msvfw32.dll - ok
19:13:19.0909 0x0fcc [ 0C47181269A2E16AEDD0FF4B6DBCFBA9, C565C8C65EC31766FF91CC9FE8ED89C450ACC56B012FEACAC776A341C6693BD5 ] C:\Windows\System32\wmploc.DLL
19:13:19.0909 0x0fcc C:\Windows\System32\wmploc.DLL - ok
19:13:19.0909 0x0fcc [ 547AA7795F54452E5EF210E6B2EF2C97, A90DFD832FEC1AE574EBE0B31B63E6934ED2BB56B84177E5E4CBC230D036DA1A ] C:\Program Files\Kodak\AiO\Center\Interop.WIA.dll
19:13:19.0909 0x0fcc C:\Program Files\Kodak\AiO\Center\Interop.WIA.dll - ok
19:13:19.0925 0x0fcc [ 7018F74AED9E00FCFFD510E47813BA40, C3F181F4F265E4F76D7FC496461C99392221174B09923EE773EA2DAC8BD620EB ] C:\Program Files\Kodak\AiO\Center\ShellLib.dll
19:13:19.0925 0x0fcc C:\Program Files\Kodak\AiO\Center\ShellLib.dll - ok
19:13:19.0925 0x0fcc [ B0ACC9862FB90B54F6BE360178DD6969, E6665B37FFAC6657CAC80CD1AFD3D397770377CF0327B57D0695BC23E6A2AE6E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\abc97006465dc33ea06a9045edf58384\Inkjet.Utilities.ni.dll
19:13:19.0925 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Utilities\abc97006465dc33ea06a9045edf58384\Inkjet.Utilities.ni.dll - ok
19:13:19.0940 0x0fcc [ 0DAAF8032546D1B4543D7B101B53FD6C, B8872D5F3ED3F737C4F055E4E54B2107AD87E39960853835208198C75902CEE8 ] C:\Windows\System32\odbcint.dll
19:13:19.0940 0x0fcc C:\Windows\System32\odbcint.dll - ok
19:13:19.0940 0x0fcc [ 8D45F92A14ED2456EE49C6790358E997, AE2793345895A8F6615BB0833263BCAA28746301017B0F3D61739546F1F98257 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\410a4b3c1159f72c6a86b7bb8f626208\Inkjet.Configuration.ni.dll
19:13:19.0940 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Configuration\410a4b3c1159f72c6a86b7bb8f626208\Inkjet.Configuration.ni.dll - ok
19:13:19.0956 0x0fcc [ 20614C9F12A3A09A5015C9EBBD4419D2, CA3717DAB8B9BF3023A195E42A0AE67097753D2505A9222A4BE49B746557519E ] C:\Windows\System32\wshelper.dll
19:13:19.0956 0x0fcc C:\Windows\System32\wshelper.dll - ok
19:13:19.0956 0x0fcc [ 17C0671BF57057108A6D949510EE42C8, FC4D1DF2B4486915DC55BE2A2961607FF3108ED58B4D366E0870BF7A09E8DF13 ] C:\Windows\System32\ws2help.dll
19:13:19.0956 0x0fcc C:\Windows\System32\ws2help.dll - ok
19:13:19.0956 0x0fcc [ E08588A7BB48017B428F474B9A280B33, 70B3E61203FCD20491D871C782586D4BD95D8958D85D420E7941C5697837BCAB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll
19:13:19.0956 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Xml\cfb60f99da570cc494e27e0e8ee747e2\System.Xml.ni.dll - ok
19:13:19.0972 0x0fcc [ D61175F42056E72B8E7809EA661F0A4A, 6A59DA0078A4520B0AB7CE2CF91D726CE1FF8506478CA8A54EDF49A72F68915E ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Localization\f6b4038c91657df6bc4be2ff192a518d\Inkjet.Localization.ni.dll
19:13:19.0972 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Localization\f6b4038c91657df6bc4be2ff192a518d\Inkjet.Localization.ni.dll - ok
19:13:19.0972 0x0fcc [ 0473716011756EC7467AF6342F29A8E7, BCDB905EF0CF016DBE07318EF550EECAB583229DAF8E51084DF88BB3D6F44C3D ] C:\Windows\System32\nshhttp.dll
19:13:19.0972 0x0fcc C:\Windows\System32\nshhttp.dll - ok
19:13:19.0972 0x0fcc [ 2281AE5B138644C94B4B20FED4E4425A, C6B4D50991899917A07C9A7F3A6770A1C6F5313C5780C63CAFDF181A884A35E7 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.DeviceSettin#\97003a84d4260d857bb623b928496017\Inkjet.DeviceSettings.ni.dll
19:13:19.0972 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.DeviceSettin#\97003a84d4260d857bb623b928496017\Inkjet.DeviceSettings.ni.dll - ok
19:13:19.0987 0x0fcc [ 8D78BA30DB4AE040A52EDEE725782715, 15099FC7A90B2E8D718D46E02D56026D56B3F043124C3455E79B7B44A027DD11 ] C:\Windows\System32\actxprxy.dll
19:13:19.0987 0x0fcc C:\Windows\System32\actxprxy.dll - ok
19:13:19.0987 0x0fcc [ 12C30ABBE0C8316CFB7CD38D0D20A9BD, CFA015FF8F18D3B06C5A35082F89B5DB5DFD2270E94B0AAB6352DA6AD6617A18 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll
19:13:19.0987 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Configuration\aa3e053d433c48e1e8c3f436b4de1ed3\System.Configuration.ni.dll - ok
19:13:20.0003 0x0fcc [ 060D77BFD6076EFD7029DB2B3F63B202, 93E6DCF730D4579A44392D5A776C0B9A089BEBD9189FDF0AEF4F394BAF7D4E2A ] C:\Windows\System32\fwcfg.dll
19:13:20.0003 0x0fcc C:\Windows\System32\fwcfg.dll - ok
19:13:20.0003 0x0fcc [ ADDB8015A348D0397703681EC7C610D0, E962D915DC9757D619977F581A9D9D5B4EA7F75BAC585AF95CB3F485C9872C33 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\f917c5129e9596be27129474ebbc8745\Inkjet.Diagnostics.ni.dll
19:13:20.0003 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Diagnostics\f917c5129e9596be27129474ebbc8745\Inkjet.Diagnostics.ni.dll - ok
19:13:20.0003 0x0fcc [ 4D534921D65609114D3F66A27C2D54AA, 83254FDDEF1DBC816C05D7A5C8477A9152C1ECB813DF72C72806D1F1913A80D6 ] C:\Program Files\Kodak\AiO\Center\Logger.dll
19:13:20.0003 0x0fcc C:\Program Files\Kodak\AiO\Center\Logger.dll - ok
19:13:20.0018 0x0fcc [ CE18FBC9756956F7D916D8F43DE4938C, BA1695B9C495E2BF5359EB72B8F94D231FF840A65B7442FF0C850BC4FEABC3BB ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll
19:13:20.0018 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Drawing\f1aa2385c0109f3059e0e6ba8b58ff68\System.Drawing.ni.dll - ok
19:13:20.0018 0x0fcc [ 617F9A5813E69F6E9ED94B811EC75396, F3973DAF4E47A832FECE78AFA7A8C30C5D092E652F073BDFFED30A98E940F591 ] C:\Windows\System32\wmpps.dll
19:13:20.0018 0x0fcc C:\Windows\System32\wmpps.dll - ok
19:13:20.0018 0x0fcc [ 70C6489D56008D75DEDF73226FA63C11, 7AB4C89D7A259BB7DD6F24C5CA181749C3015A06B160B91593F2F1FC1E4AEDCE ] C:\Windows\System32\dimsjob.dll
19:13:20.0018 0x0fcc C:\Windows\System32\dimsjob.dll - ok
19:13:20.0034 0x0fcc [ F530A7B2408A8D95518CC68057504BCA, 699A81044C266A57F18A32BB5B535FB63F0D82097ADF28955A4AAFE4F23814A5 ] C:\Windows\System32\igfxsrvc.dll
19:13:20.0034 0x0fcc C:\Windows\System32\igfxsrvc.dll - ok
19:13:20.0034 0x0fcc [ 454BD137915CB4A6E26880873D8B2191, 56B06625DDFB81F6EEBFD4AB652325894876DBC5D804FC62570F2BCD2D901FE2 ] C:\Windows\System32\ieframe.dll
19:13:20.0034 0x0fcc C:\Windows\System32\ieframe.dll - ok
19:13:20.0034 0x0fcc [ 98638A4CA187245C469DA0DEC4F04A45, AE352C68D11888AA27109F366BFFA308CA8EE8E222599C74E2C0B1A1AA9B60A3 ] C:\Windows\System32\pautoenr.dll
19:13:20.0034 0x0fcc C:\Windows\System32\pautoenr.dll - ok
19:13:20.0050 0x0fcc [ 57F8E9FFE823CBC3EEE0A63451700B08, 6456BE0B350D06FEEB8B076ECF358DE9D0578C662115B61AA36099EC1829ACAF ] C:\Windows\System32\certcli.dll
19:13:20.0050 0x0fcc C:\Windows\System32\certcli.dll - ok
19:13:20.0050 0x0fcc [ D2E1A0A64A0748C6E6A4E3F93DB7A027, 6DB67FDD94AABC5D7F80B6C65EA44BE71779B4870A4E099832E7A662BC3B2EBD ] C:\Windows\System32\CertEnroll.dll
19:13:20.0050 0x0fcc C:\Windows\System32\CertEnroll.dll - ok
19:13:20.0065 0x0fcc [ 50E1787A622650B0A4D6409889DEE659, 2183FA48A65F1D8DBCBDCC79818938BE57DF4DA9BA2A059969F11C4BDF7D4A3D ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll
19:13:20.0065 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Windows.Forms\381fb23cb39e1a61e13b8770eb9800ba\System.Windows.Forms.ni.dll - ok
19:13:20.0065 0x0fcc [ F35D79E64E1D38AFD0FF5C123B979F15, 9722AF48CEBB74F965E2DAD3CE8B7AA2761093DE396AE4AFD34FB723D6F8B95E ] C:\Windows\System32\authfwcfg.dll
19:13:20.0065 0x0fcc C:\Windows\System32\authfwcfg.dll - ok
19:13:20.0065 0x0fcc [ CFF3F66119D13EC1065CACDBCE6D6F2D, 227667CFAD7D3E42E5417755EE4DF969817E8209CD2CB2D4A76528DA77614D79 ] C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\avgcslex.dll
19:13:20.0065 0x0fcc C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\avgcslex.dll - ok
19:13:20.0081 0x0fcc [ CAA1B5B3F7A20C93EBF71879B2C92FA1, F29A2BEE03F6F5297040B8BBCB9E8BDC4F8EC9E1368F0CC75088BF671732F3C4 ] C:\Windows\System32\ifmon.dll
19:13:20.0081 0x0fcc C:\Windows\System32\ifmon.dll - ok
19:13:20.0081 0x0fcc [ 3606CE1AC3D6A9A9CB7DB35D7F5C54EC, 220911A88EF333BAC01062CC9E83566DBC12B1564D5B58C3A8A039DFDFDB7C6C ] C:\Windows\System32\shfolder.dll
19:13:20.0081 0x0fcc C:\Windows\System32\shfolder.dll - ok
19:13:20.0081 0x0fcc [ 24F90AEFEBE601D427CB4511E74CDCB6, 0FEBBE1F81E6A48DA0D8967E256259B6F92F6E79804DF9CAC9422FEC47CB9BF2 ] C:\Windows\System32\linkinfo.dll
19:13:20.0081 0x0fcc C:\Windows\System32\linkinfo.dll - ok
19:13:20.0096 0x0fcc [ 219AF0F9A54EBEEB3E7E20025D801034, B1E5607C27A7475FFF843428F2FBFA85ACA9829D8AA218CB1AB7B8E108F74DD7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll
19:13:20.0096 0x0fcc C:\Windows\Microsoft.NET\Framework\v2.0.50727\Culture.dll - ok
19:13:20.0096 0x0fcc [ C8DBFEF835FF54467425C8F3ABCF7046, F9F20D4AD8144B17F53927AF4D901092B2047E1C4300620B6B31232703304356 ] C:\Windows\System32\dssenh.dll
19:13:20.0096 0x0fcc C:\Windows\System32\dssenh.dll - ok
19:13:20.0096 0x0fcc [ 860FAD57B4668A9F5F350A9D5444AE89, 841D463DC71F4B9D511CE8335BDABE59FD4631D6FE6FF946CB4F286602338BE4 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll
19:13:20.0096 0x0fcc C:\Windows\Microsoft.NET\Framework\v2.0.50727\diasymreader.dll - ok
19:13:20.0112 0x0fcc [ 1289C97AE8D5EEA1C197BED8F94B3C25, 8E94AFE3484A56596732EFE1E73C8DBD8B3B2A1913B73C621A2D6956F8C45F43 ] C:\Windows\System32\nci.dll
19:13:20.0112 0x0fcc C:\Windows\System32\nci.dll - ok
19:13:20.0112 0x0fcc [ D40E7B5FBB8E0EAA7C5C294389AF95AB, 8EFD521DF1F335AF416DEC15D5C0C6538903803AA1A8ED93AA704B384A29876B ] C:\Users\Holly Chapman\AppData\Local\Temp\{BA8A5E0A-006B-4EAB-8A02-17B46EBE6D34}.exe
19:13:20.0112 0x0fcc C:\Users\Holly Chapman\AppData\Local\Temp\{BA8A5E0A-006B-4EAB-8A02-17B46EBE6D34}.exe - ok
19:13:20.0112 0x0fcc [ 12BCF4DAD8E5A1B3D5FA7AB4A79DA105, 613F0D184E08CBE1FFEEB8F845ADCA79577FB3CF59EA1FEE6B2346D9930763AB ] C:\Windows\System32\sfc_os.dll
19:13:20.0128 0x0fcc C:\Windows\System32\sfc_os.dll - ok
19:13:20.0128 0x0fcc [ F35D72BAEB8FE912637C77C07B7B8337, 3C11364B93897C6EDBA77C350A3CBB828AA975DEA07DD49A690BB7ED28F63C7A ] C:\Windows\System32\timedate.cpl
19:13:20.0128 0x0fcc C:\Windows\System32\timedate.cpl - ok
19:13:20.0128 0x0fcc [ 27115A53347FD0E36229C4DB532DD43E, 91E282E1779D1BE12AC551FC306BFDFD57E1C0B1DA1681F32321B19F4FA38E43 ] C:\Program Files\AVG\AVG10\avgxpl.dll
19:13:20.0128 0x0fcc C:\Program Files\AVG\AVG10\avgxpl.dll - ok
19:13:20.0143 0x0fcc [ 365FEF29B22F626C5756AC0DEE91C249, 3C8938DBF670E34E8D402B317C2F98310993188F56E63A3A4CA455C82988BF18 ] C:\Windows\System32\msshsq.dll
19:13:20.0143 0x0fcc C:\Windows\System32\msshsq.dll - ok
19:13:20.0143 0x0fcc [ 9DD06F00898AA5CA7E24186EFC8E5E25, 51141D0D07DBC955B63281351D3F17163ACE9A5B08628EA1C82F33FD2913970E ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{20FCDD80-90ED-4E26-B84B-EC5D473BFA6C}.tmp
19:13:20.0143 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{20FCDD80-90ED-4E26-B84B-EC5D473BFA6C}.tmp - ok
19:13:20.0143 0x0fcc [ 91A7771934C0D9D2DA7699D25BB5B348, 154A6EB866AF22B38AEE8DB5A864653FEB15DED69DE26E5B602B7C5056CDDF72 ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{74073078-8BB5-417F-94E7-AC9B4E3C97BC}.tmp
19:13:20.0143 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{74073078-8BB5-417F-94E7-AC9B4E3C97BC}.tmp - ok
19:13:20.0159 0x0fcc [ 80808656078CFCC32CF8BFEB0DD66279, 383F37599ABF16EEDEB2A60242DB7EDCC3D210A2A59DD61169047059F7041C5C ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{7B4277D0-9B8D-4C7F-B952-CEE140078CDC}.tmp
19:13:20.0159 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{7B4277D0-9B8D-4C7F-B952-CEE140078CDC}.tmp - ok
19:13:20.0159 0x0fcc [ B66ED8A3D5F38BD4DCA5E76F69FBC9BD, 61E6FCC666047AF2F13649C029D5D320674B0F2BA545719AD7D17048F57C750A ] C:\Windows\System32\netiohlp.dll
19:13:20.0159 0x0fcc C:\Windows\System32\netiohlp.dll - ok
19:13:20.0159 0x0fcc [ 0796CD68FFD919AEC03AE8F7F3FC538B, 22A7E8EACAF5E35DE8891E275F0494228E2B8DFFB42B2D6633653706AFF3D3C0 ] C:\Windows\System32\NaturalLanguage6.dll
19:13:20.0159 0x0fcc C:\Windows\System32\NaturalLanguage6.dll - ok
19:13:20.0174 0x0fcc [ DF471F11CC78BE02FE6BA15F2D94F65B, 9AC230DE58CE40E78AE6872BCF4778B69EEBF17E0E41B1301FF364ABD4737A78 ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{2614EC0F-B365-4818-93DC-34D5817E033E}.tmp
19:13:20.0174 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{2614EC0F-B365-4818-93DC-34D5817E033E}.tmp - ok
19:13:20.0174 0x0fcc [ 0FD19BDDD2513874FF6903F717367795, DFAF9C33F993BA26FC84EF66ABC7C483E62762F7E1FC763605A75ACC2E8AA4EE ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{AE8935F6-2E0E-4730-9E2C-F07DD1FB52D3}.tmp
19:13:20.0174 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{AE8935F6-2E0E-4730-9E2C-F07DD1FB52D3}.tmp - ok
19:13:20.0174 0x0fcc [ AA111488C03C58A2BF66509ABB4FDE60, E7E0E3305DB8ECE1E4312D8C664BE0C25B62236C97ABB19ABF5B4FD1E75C83E2 ] C:\Windows\System32\NlsData0009.dll
19:13:20.0174 0x0fcc C:\Windows\System32\NlsData0009.dll - ok
19:13:20.0190 0x0fcc [ DD88BBF87A43331A4E99E37F7BF59FDB, 872190F559FA0DD1F711E9FA101BA1AB6E6DE5ED0CCCE1AB7AFE45BC3B78A0F1 ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{72814924-5B56-44DA-B3BE-CE974BE0A07D}.tmp
19:13:20.0190 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{72814924-5B56-44DA-B3BE-CE974BE0A07D}.tmp - ok
19:13:20.0190 0x0fcc [ 4261449C1CADA6B007E5C27522946D2B, 11E79D1C529E816CCCAC9266089C77A4DB44676CAEEE25C66D6DB420B18D3ACB ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{9FBFE563-9AE2-493D-9BC1-319F436D4DD8}.tmp
19:13:20.0190 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{9FBFE563-9AE2-493D-9BC1-319F436D4DD8}.tmp - ok
19:13:20.0190 0x0fcc [ 6627AA675A5C1B0330487A02E23F0560, 256AE9BA4273D4247FFAD6099D5A4FC8E98EDB27293AC8CAF7A571EB3890FAA7 ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{1E4AF99C-D141-4DD6-8E1C-FC1D3D588B60}.tmp
19:13:20.0190 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{1E4AF99C-D141-4DD6-8E1C-FC1D3D588B60}.tmp - ok
19:13:20.0206 0x0fcc [ 723B834A07F7DF7DE4CEB637D57ACEA3, B42867045DD3FB7682CDBD133970421010F0F14125E4992C73657CABA4659250 ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{E5436AD1-AFB5-4326-968E-092DE86F9856}.tmp
19:13:20.0206 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{E5436AD1-AFB5-4326-968E-092DE86F9856}.tmp - ok
19:13:20.0206 0x0fcc [ C1DE893FAF6D7F6CFB479A1F61835482, AD5FA3CE73777704C67C933691F1F068E1A7FF545F728B97574F9C33AC4BBC01 ] C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{46288A6E-1CE5-4844-9668-916C59F575EF}.tmp
19:13:20.0206 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\{3D43E01E-C69C-45CC-A4D4-91821D40035A}\{46288A6E-1CE5-4844-9668-916C59F575EF}.tmp - ok
19:13:20.0206 0x0fcc [ 9A120D6EEB7FA55DABF7731DA892972C, 98212AE936F80187201747FD6C5806636065309CE785D9E9A15DA280AE85BE75 ] C:\Windows\System32\riched20.dll
19:13:20.0221 0x0fcc C:\Windows\System32\riched20.dll - ok
19:13:20.0221 0x0fcc [ 978ABB8547246E1963708EEA895FB502, B53E0320903D8F57B36834F9B877D32A3A0781B591A87AB10BF59E5D72919B2A ] C:\Windows\System32\whhelper.dll
19:13:20.0221 0x0fcc C:\Windows\System32\whhelper.dll - ok
19:13:20.0221 0x0fcc [ 5A0B0235899EC846FC914458D5CB5332, 66DFF89A24BB52E2D844C3C54BC5646818D0C2A4CEC3548944AF2A5E802DFD88 ] C:\Windows\System32\NlsLexicons0009.dll
19:13:20.0221 0x0fcc C:\Windows\System32\NlsLexicons0009.dll - ok
19:13:20.0237 0x0fcc [ 8F58544719E1C435BC36A8B207096581, 8C228AA8EAE056B7E149C520D636F6B2AC2144F23211E2F2634148264484F150 ] C:\Windows\System32\verclsid.exe
19:13:20.0237 0x0fcc C:\Windows\System32\verclsid.exe - ok
19:13:20.0237 0x0fcc [ 9D6196134EF28C11CA48FB06171BCFC3, EB0772B697FD91C9676F09D1038AEFDEE2DBB12D4C9F1C24F7791005BB7AA2FB ] C:\Windows\System32\hnetmon.dll
19:13:20.0237 0x0fcc C:\Windows\System32\hnetmon.dll - ok
19:13:20.0237 0x0fcc [ E3C52CD56F4CB2D9736C75EFAA62A07F, 1FD3EE5BFABF2F6CE2DF471B178D7A57B9238C1A9A7A62A88504D5D9E9D5FE25 ] C:\Windows\System32\networkexplorer.dll
19:13:20.0237 0x0fcc C:\Windows\System32\networkexplorer.dll - ok
19:13:20.0252 0x0fcc [ 4397F0A0C9FCFC6F0EC8B71FDD3EFFC6, 158BD8627961E9AFEA37D33B5400ACF8F29B05B428C817DD8BFA052117F0919C ] C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll
19:13:20.0252 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\System.Runtime.Remo#\1ba19f8efcff8ad7f972aa38ab9a15f5\System.Runtime.Remoting.ni.dll - ok
19:13:20.0252 0x0fcc [ 12B3B8C71F611A7FC9D1155A4A2A7F1E, 0FD91C45542333DFC5E2BF9CFCA690F14B3F1F48FAB34BCF8A6DD080D58C68F0 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Statistics\b244b1950863f93f9383c432501538c3\Inkjet.Statistics.ni.dll
19:13:20.0252 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Statistics\b244b1950863f93f9383c432501538c3\Inkjet.Statistics.ni.dll - ok
19:13:20.0252 0x0fcc [ 84A99FDCE9B5C7457E503C7C47DD5F4F, AF6C596F3DABAD50AA896C89F5A2FE25C2079C90AAB4FF0C4FE065AFCD46909B ] C:\Program Files\Kodak\AiO\Center\Interop.EKAiO2SDKLib.dll
19:13:20.0268 0x0fcc C:\Program Files\Kodak\AiO\Center\Interop.EKAiO2SDKLib.dll - ok
19:13:20.0268 0x0fcc [ 32D6DF5419543A7E4651A7EFCEE256EE, C15A3E7397EBFEFAB457C464A9C5CD087F38BBAF3E29FCC251B7BE9CB89F8319 ] C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Hardware\cbb380f5919d8bc781ea62455231b1a7\Inkjet.Hardware.ni.dll
19:13:20.0268 0x0fcc C:\Windows\assembly\NativeImages_v2.0.50727_32\Inkjet.Hardware\cbb380f5919d8bc781ea62455231b1a7\Inkjet.Hardware.ni.dll - ok
19:13:20.0268 0x0fcc [ 027E5E14C9CFF810377701BDEAD8210F, 053BE912C3F536DFA8734603B9BDFB314B61934404C84B368ABC8CA8C68F2CE5 ] C:\Windows\System32\control.exe
19:13:20.0268 0x0fcc C:\Windows\System32\control.exe - ok
19:13:20.0284 0x0fcc [ 89D583FC41D48328128A974C25AFAEB7, C5204DA8487D4872A479C81149CAD928A9DD85500FDB9AD5B94AC4BB241F68F2 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
19:13:20.0284 0x0fcc C:\Program Files\Common Files\Real\Update_OB\realsched.exe - ok
19:13:20.0284 0x0fcc [ 49BACF955ED0DD7E3C6B957F568A5D3E, 4EC83437F75FF94D6881D510D086AA87059F7EC9A6225FCB3E1F3A2302A5841A ] C:\Program Files\Kodak\AiO\Center\EKIJ5000SDK.dll
19:13:20.0284 0x0fcc C:\Program Files\Kodak\AiO\Center\EKIJ5000SDK.dll - ok
19:13:20.0284 0x0fcc [ D8B83790F45403B83D24FC63310E3BC7, 627245DC56B55EC3851DC6BA594175841EA38D67C27A53B020C9C97859257AA4 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
19:13:20.0284 0x0fcc C:\Program Files\Synaptics\SynTP\SynTPEnh.exe - ok
19:13:20.0299 0x0fcc [ 1AAD451CCBECE62987591B35AE8037A8, 5B94F0493CDC62B275A27BE4948A82EAC9D7EB6610CBE4362E018B87759692E5 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
19:13:20.0299 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe - ok
19:13:20.0299 0x0fcc [ 437998C48C72778A70C42293EE055F2B, A75D8CA8B21B6DAA042DC83A0EB85B68C8BA4BA4AD6E05AAEB5341510398EC92 ] C:\Program Files\iolo\System Mechanic\SysMech.exe
19:13:20.0299 0x0fcc C:\Program Files\iolo\System Mechanic\SysMech.exe - ok
19:13:20.0299 0x0fcc [ 27BD1461ED8E7F84BFBA1A34F51F5CCF, 8C51769C922989EF28B6C42C6C0FFCFE6F3BD5131118CBBD0D8F68C610EEB174 ] C:\Windows\System32\igfxpers.exe
19:13:20.0299 0x0fcc C:\Windows\System32\igfxpers.exe - ok
19:13:20.0315 0x0fcc [ 39877CE56747FEA382175CD57D3BBA10, CFB3205430318EB60153735DF9213092B1CC91048CE4501810600CCC0877BF27 ] C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll
19:13:20.0315 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\DLLShared\LayoutDll9.dll - ok
19:13:20.0315 0x0fcc [ 3EB6D30D82F0E300FCFBAD0498F654FD, 12A9CA74619AE147FC097A8A2142B6DF9318AE8ED0ADAF04A783BC0995039071 ] C:\Windows\System32\mlang.dll
19:13:20.0315 0x0fcc C:\Windows\System32\mlang.dll - ok
19:13:20.0315 0x0fcc [ B6687CA43A44F0D8732A22191028912F, 0B6B43143D3B750880884D7E561359467B786A3788BD6FBA105EC24B14A52F79 ] C:\Program Files\Dell\MediaDirect\PCMService.exe
19:13:20.0330 0x0fcc C:\Program Files\Dell\MediaDirect\PCMService.exe - ok
19:13:20.0330 0x0fcc [ 23242FD6C7D4C61807E84FD3A79248C4, 6E53D0815B4552A05A0EC28871E5E9F0D14815FB52FCDD612C96050B7093493C ] C:\Windows\OEM02Mon.exe
19:13:20.0330 0x0fcc C:\Windows\OEM02Mon.exe - ok
19:13:20.0330 0x0fcc [ 5AA18E7840E880E10789DE414BF3131A, A6DEAFA9A7D7C73CEDB54BE6DF546A66AEF7BDF2DA0B24A9A17441CC4D021F6D ] C:\Windows\System32\netshell.dll
19:13:20.0330 0x0fcc C:\Windows\System32\netshell.dll - ok
19:13:20.0346 0x0fcc [ DBBB53A3E10141AD220C97C3F9AD1F85, 8887701E8A45844A3E80F1A0C6CCDA5FFF5CC206310B7510702C0F4AA10AF1D0 ] C:\Windows\System32\SynCOM.dll
19:13:20.0346 0x0fcc C:\Windows\System32\SynCOM.dll - ok
19:13:20.0346 0x0fcc [ 21221CD7C7C844F6F0E0B7BC69CBA36B, E279C8FBC0233F74E76AFBF857D39176711A4738091D5F1C6BE33185B21DCFCB ] C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE
19:13:20.0346 0x0fcc C:\Program Files\Microsoft Office\PowerPoint Viewer\PPTVIEW.EXE - ok
19:13:20.0346 0x0fcc [ BADC359C9A0D9C217B7E8DA17BF3F5BB, F3DAD07D80FFF1631AE21C66362757263BD9D6D2D6DE692A618191F84EE46827 ] C:\Windows\System32\ntshrui.dll
19:13:20.0346 0x0fcc C:\Windows\System32\ntshrui.dll - ok
19:13:20.0362 0x0fcc [ FF3BF05021BFECC92DB81B8257EEB026, E09DF383DCFF34B8B9491AF258220117A1CDFBA544F90A70E954BF54E4A0521D ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
19:13:20.0362 0x0fcc C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe - ok
19:13:20.0362 0x0fcc [ FA2A3AFADC4FB47DBC234A4E57F92CDB, D8394B8BD8919D3CACA73ECB23B156B460D18E463FCF7436E4856208F17434AF ] C:\Windows\System32\ddraw.dll
19:13:20.0362 0x0fcc C:\Windows\System32\ddraw.dll - ok
19:13:20.0377 0x0fcc [ 861797D3C83A6EBA05FB2C63B1A45E82, 838C814F2E0F545F81164186063E9DEE88C64332E44278E95BB0F984435D82AB ] C:\Windows\System32\ksproxy.ax
19:13:20.0377 0x0fcc C:\Windows\System32\ksproxy.ax - ok
19:13:20.0377 0x0fcc [ 45BB1885C53833F7C462D6BB0F84582C, 5694270E5F7E768DC58C18AC4F6A2E844A12919B55F5332644386A0947A4278A ] C:\Windows\System32\rpcnsh.dll
19:13:20.0377 0x0fcc C:\Windows\System32\rpcnsh.dll - ok
19:13:20.0377 0x0fcc [ BEE0BE84DDF62C77355DB55C7F0846A7, 6AB9566C3DFBEE334354F7AC408A5BF93751E868B81924ECD623198615AC1E9B ] C:\Windows\System32\SynTPAPI.dll
19:13:20.0377 0x0fcc C:\Windows\System32\SynTPAPI.dll - ok
19:13:20.0393 0x0fcc [ 94A92ADE4BB64E24C668645F5B9A6FCA, CD1301EAD954D64A0797633C31E7AB8B2CDE552E78EEB0407CEE0C935E11A05F ] C:\Windows\System32\gameux.dll
19:13:20.0393 0x0fcc C:\Windows\System32\gameux.dll - ok
19:13:20.0393 0x0fcc [ 6CE4E67A31214337BB4381419228613B, 59652BA8E373ADA481EED76766E55D45BA6EED5681F4AAF4230494EFADBA737F ] C:\Windows\System32\stobject.dll
19:13:20.0393 0x0fcc C:\Windows\System32\stobject.dll - ok
19:13:20.0393 0x0fcc [ EC69B16644C613F41A57169F8D068F1D, 400CD49D44643CC72129A918B2E2B4FEDB5DD26A9709D7A686B01432F73F0474 ] C:\Windows\System32\batmeter.dll
19:13:20.0393 0x0fcc C:\Windows\System32\batmeter.dll - ok
19:13:20.0409 0x0fcc [ B43DC259D9D66075D0E1BCB8A235CBBD, 9D1842BB5B4F5C97C8367CC1DD30D0AEA80025ECDFBD39A09E3C179481BE343A ] C:\Windows\System32\ExplorerFrame.dll
19:13:20.0409 0x0fcc C:\Windows\System32\ExplorerFrame.dll - ok
19:13:20.0409 0x0fcc [ A9662BCF218BC76869A8D91635D5F93A, 7DD1AFFD3F897798F734EEA22305EBC92E41434B938ABA06CCBA3AD2CF55DE4F ] C:\Windows\System32\Wpc.dll
19:13:20.0409 0x0fcc C:\Windows\System32\Wpc.dll - ok
19:13:20.0409 0x0fcc [ 3A2EEE8444A8E5C1A454C57B2198F5FC, 6B21A65BBCF9E86193BD8ABC3FAE897B4EB55758E52BE4B9F24BE1C98C73A333 ] C:\Windows\System32\ntlanman.dll
19:13:20.0409 0x0fcc C:\Windows\System32\ntlanman.dll - ok
19:13:20.0424 0x0fcc [ 582EFE56FC0858E58A6CEBA2A64B02C7, 569F05DC50651165FD734C19767C10E7C9DFF03157B8222C59544A35A38E1C75 ] C:\Windows\System32\drprov.dll
19:13:20.0424 0x0fcc C:\Windows\System32\drprov.dll - ok
19:13:20.0424 0x0fcc [ D306EA7436AC1587463A89BE29B456FB, 6969444DFE8E7C6E6D92F42A6225B36580EAFBDBF89CB296C3DC81A3A5391610 ] C:\Windows\System32\davclnt.dll
19:13:20.0424 0x0fcc C:\Windows\System32\davclnt.dll - ok
19:13:20.0424 0x0fcc [ FF850C34ECDD73EB989D3B0CAA36229E, E7F54E33E0CE20BD14F098476A1D34BD8E0D651974FAD984F2A5AA9AF8CAA405 ] C:\Windows\System32\igfxtray.exe
19:13:20.0424 0x0fcc C:\Windows\System32\igfxtray.exe - ok
19:13:20.0440 0x0fcc [ 26DE50A7F668F541B8130A0E26EFF3D8, 1E1BE454E71D03A0490B203F58B0641B5D3B62189045D176DFECCF816F5FBFC2 ] C:\Program Files\Microsoft Works\MSWorks.exe
19:13:20.0440 0x0fcc C:\Program Files\Microsoft Works\MSWorks.exe - ok
19:13:20.0440 0x0fcc [ E23BF454E2B9049B3093033E0735E39C, 2701E102CB3E1590284542A04F8C4BC27830662F038E1E09F3E2911FA03878B6 ] C:\Windows\System32\hkcmd.exe
19:13:20.0440 0x0fcc C:\Windows\System32\hkcmd.exe - ok
19:13:20.0440 0x0fcc [ 30F02D9C55053367E26A11482F51E255, A1CE545DBB8983BD71C82FAC1C3F2633E571FAC7EFDDD8E99E73C7A308A31861 ] C:\Windows\System32\SndVolSSO.dll
19:13:20.0440 0x0fcc C:\Windows\System32\SndVolSSO.dll - ok
19:13:20.0455 0x0fcc [ C37571F7C79C3972D641804F1DF7C0F5, 8F1A1E7654A6A68B21F856A46C9ED549CCA606B3FCA02289E4123DB18208F748 ] C:\Program Files\Microsoft Works\wksdb.exe
19:13:20.0455 0x0fcc C:\Program Files\Microsoft Works\wksdb.exe - ok
19:13:20.0455 0x0fcc [ 5C59E612AA95F10DBD29F6249EA379D3, CC1B5D70960C49DAEBD0BBFA908A1F6D823FCF5030AEBEEA646A04DAC338579B ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
19:13:20.0455 0x0fcc C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe - ok
19:13:20.0455 0x0fcc [ BB87F0D17A6E0C54918F488E1C68A55A, 2974B8E441628B8203438D6D94CDA88E2B24DD85BE5C4585524EEC41B99E5AEC ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileProtocolHandler.dll
19:13:20.0455 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFileProtocolHandler.dll - ok
19:13:20.0471 0x0fcc [ 2C0871B3464674E132EF8D04780366A7, 5F17F621620733FAAD1457FEDB8AD54C7109869E71473464E6607F2E08223E52 ] C:\Program Files\Windows Calendar\WinCal.exe
19:13:20.0471 0x0fcc C:\Program Files\Windows Calendar\WinCal.exe - ok
19:13:20.0471 0x0fcc [ F41857E440A9DF3FD5A543C8B2A53048, 72BF120C6E9DF344D6B794F8FD84FFF1EECDC37B9E548B93BF5C51DA095BB6AD ] C:\Windows\System32\zipfldr.dll
19:13:20.0471 0x0fcc C:\Windows\System32\zipfldr.dll - ok
19:13:20.0471 0x0fcc [ CD06EB1E4269EE1A00AEA6FC25A8FF08, BA48D54C4ABC2EC0F83F2C390142195E66401741749FBBD521E23581DECFF761 ] C:\Windows\System32\hccutils.dll
19:13:20.0471 0x0fcc C:\Windows\System32\hccutils.dll - ok
19:13:20.0487 0x0fcc [ BB3B08157FA22769B7ED9D2C44081D5A, 0653EA6D992A9FA09BB1756F6671C8FD9D518C60471B0F6420A7FC1DA2D3B6FA ] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe
19:13:20.0487 0x0fcc C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.exe - ok
19:13:20.0487 0x0fcc [ EDD0D2F81A06F2E8696F27AE5341A0F0, 01A9981AE9B2D31290B7488D4EB5151EC81974B729C92FE86CCA2BDFF575D555 ] C:\Program Files\Synaptics\SynTP\DellTpad.exe
19:13:20.0487 0x0fcc C:\Program Files\Synaptics\SynTP\DellTpad.exe - ok
19:13:20.0502 0x0fcc [ AA83361E1505A5AEC46FA0A2AAF18181, 4D0D5B53D40509175EDD96DEF5F7904CDFB48791A921A5B9C8CC5112C3C21490 ] C:\Windows\ehome\ehSSO.dll
19:13:20.0502 0x0fcc C:\Windows\ehome\ehSSO.dll - ok
19:13:20.0502 0x0fcc [ 5C570B80C8283AB9F866FCC61C8D1C13, 4BA73112915B6D6C02B2A9F5FBABF8A95ADC819AFE0A03D5EBF244FA8D29C433 ] C:\Windows\System32\dciman32.dll
19:13:20.0502 0x0fcc C:\Windows\System32\dciman32.dll - ok
19:13:20.0502 0x0fcc [ B285D9B68B8E012DCDE74794A8097739, DAFAF575A34AA5D98AEBCAD1AF81194D1EF28321F52BF74933235B5C83607462 ] C:\Windows\System32\dot3cfg.dll
19:13:20.0502 0x0fcc C:\Windows\System32\dot3cfg.dll - ok
19:13:20.0518 0x0fcc [ 267B3A856E9F4DB1CABD4E6DB71E07D2, E384B0204375A8E9DCAFB3FD6E72442F3E9418812637F4EFA2653F946EBE8E26 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
19:13:20.0518 0x0fcc C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe - ok
19:13:20.0518 0x0fcc [ 80BD4B26E2CBC0D65445D0463DFF6FC2, 3C36ACAABF7D0EE528424599E151DC9D19A1D2D50E97CAA141E427774F11076D ] C:\Windows\System32\oledlg.dll
19:13:20.0518 0x0fcc C:\Windows\System32\oledlg.dll - ok
19:13:20.0518 0x0fcc [ EC70A90028E4B9C33D47854DC219C0B8, 87E8327CDA0A3F20FE49F1430AC74CB0B6EB1720CFCC36D6477E11EE45B1EFB6 ] C:\Windows\System32\pnidui.dll
19:13:20.0518 0x0fcc C:\Windows\System32\pnidui.dll - ok
19:13:20.0533 0x0fcc [ 6EA4A41E5087A7927E7BBB28441CF4F9, 45D08E37AAA3F740933E2728A46D39373833E16CE67A129DE56FC859F2CF727C ] C:\Windows\System32\igfxres.dll
19:13:20.0533 0x0fcc C:\Windows\System32\igfxres.dll - ok
19:13:20.0533 0x0fcc [ BF2156D8D9866983B55D95382131DC4A, 51C0D5038A23BC81829B63505D5E2DCC304C1AEFA0443C7F0B4D65B734D544DB ] C:\Windows\System32\lsmproxy.dll
19:13:20.0533 0x0fcc C:\Windows\System32\lsmproxy.dll - ok
19:13:20.0533 0x0fcc [ 21322832C99E8DE85BD047689A2A69DB, EDEA0659E65AD8C081BDF82A8AFF0999E7DD3B31F2AB0FBCEDDAEE893E90B9EB ] C:\Windows\System32\pnpts.dll
19:13:20.0533 0x0fcc C:\Windows\System32\pnpts.dll - ok
19:13:20.0549 0x0fcc [ 8BEAF2B4BCDE405AF7EC46A9E03B2D65, 2A7785E6B6DBFF8D9313555DB0018F508B1B053A726DB67DB6D2A2EBA66CFBCD ] C:\Windows\System32\mssprxy.dll
19:13:20.0549 0x0fcc C:\Windows\System32\mssprxy.dll - ok
19:13:20.0549 0x0fcc [ DAC9B43BBFA0359E252DDB0CB91DEA6D, 2A109ABECF757567735C439663ED618B49EF7749ABEE6AEF8A100B2028C31A38 ] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
19:13:20.0549 0x0fcc C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe - ok
19:13:20.0549 0x0fcc [ F0062778F50838145AC46B384FFB4FA3, 7EC4509AB87062D2BA00E3B7AD59F3D6D2F01AF66E4AEFB70BFAFD1B89E7BFEF ] C:\Windows\System32\pcadm.dll
19:13:20.0549 0x0fcc C:\Windows\System32\pcadm.dll - ok
19:13:20.0565 0x0fcc [ C4CB65A8E06F84F14D693B37BBA8745B, FA87243338F37C3ECC032BB5A5B94FFF23E8BE1D2C7249527DB1BB0B2CED99B2 ] C:\Windows\System32\regapi.dll
19:13:20.0565 0x0fcc C:\Windows\System32\regapi.dll - ok
19:13:20.0565 0x0fcc [ 86947F0A12A04408467305A8437140A6, CA7E51D9FC5593F430A6A2C0D32F07187FD7547178866CA4C8A423E9B516190F ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSAlbumObjects.dll
19:13:20.0565 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSAlbumObjects.dll - ok
19:13:20.0580 0x0fcc [ 61F47F05D5811A50EA298FF061803C2E, 45A25C0F05FA71083993FE114473CE68EEAFE762A98EEDE364819671F693E68A ] C:\Program Files\Windows Mail\wab.exe
19:13:20.0580 0x0fcc C:\Program Files\Windows Mail\wab.exe - ok
19:13:20.0580 0x0fcc [ 071E6CC74765B4258EE5249FAD5ACADE, 7CA1AA55596A8B762864AB94F063813806A83AF51E09CFF1A9DC810BD124C4F0 ] C:\Windows\System32\rdpwsx.dll
19:13:20.0580 0x0fcc C:\Windows\System32\rdpwsx.dll - ok
19:13:20.0580 0x0fcc [ F3C74862035D9645E2C08731F43AEA3F, A0D362A24F59E271BBCAB4F8544F3ACCF3A80E13F7DF5642C2C0115C50FD9E96 ] C:\Windows\System32\rastapi.dll
19:13:20.0580 0x0fcc C:\Windows\System32\rastapi.dll - ok
19:13:20.0596 0x0fcc [ EBCDE8B48FADC6479D96A56D0A432160, 2F73D8656A929321D8B651FCFF55DFF5F90489CE9BEB7BB7DC3C7444D9A3C0FD ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe
19:13:20.0596 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe - ok
19:13:20.0596 0x0fcc [ B605E755CD6DB2BEEFDE86A00B7819CE, 801890667677CD331D748A72C6C036DBA95976BDB5A02DE8BB214ECEE7B902DC ] C:\Windows\System32\mstlsapi.dll
19:13:20.0596 0x0fcc C:\Windows\System32\mstlsapi.dll - ok
19:13:20.0596 0x0fcc [ 6CDD310172BCC9F5A2FAC445B20B3D5E, 3700BEB6F684FA880F631EC5BD0AFC5DF85AB50EFBE90901FC37FBA7A7036BD5 ] C:\Windows\System32\unimdm.tsp
19:13:20.0596 0x0fcc C:\Windows\System32\unimdm.tsp - ok
19:13:20.0611 0x0fcc [ 2128568EB5A6D10C3873AC653D9F8FBB, 3EB3FBBF30E7966A33E5DC5A538EFC6865714417139FF5E285D7A62BDF22CFE3 ] C:\Program Files\Movie Maker\DVDMaker.exe
19:13:20.0611 0x0fcc C:\Program Files\Movie Maker\DVDMaker.exe - ok
19:13:20.0611 0x0fcc [ DFBAADF1B624DC71E88D34D86B3595BE, AFEEA1CF788DC67833C4FA14CCE681B5E30F480A8D9059B9192D636359F8D8DD ] C:\Windows\System32\uniplat.dll
19:13:20.0611 0x0fcc C:\Windows\System32\uniplat.dll - ok
19:13:20.0611 0x0fcc [ 06105D08927E3498B3D380CBF0688E78, 76CEBECFBEC01C75A94E0A3E04B5AEDB5ECA0C19EBCDC8F30009B09678510D73 ] C:\Program Files\AVG\AVG10\avgtray.exe
19:13:20.0611 0x0fcc C:\Program Files\AVG\AVG10\avgtray.exe - ok
19:13:20.0627 0x0fcc [ 8B9145D229D4E89D15ACB820D4A3A90F, F3831D9AE752B6AFBD3380E0BC849E4B051D6E06A88C1F61293A6DE4F66794E1 ] C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe
19:13:20.0627 0x0fcc C:\Program Files\Adobe\Reader 8.0\Reader\reader_sl.exe - ok
19:13:20.0627 0x0fcc [ B7ED332A57FC78CA29E40D3619550225, 6C04CFAE566E8979DBC495F1B9D4FAFCFDF1F061278B5D9794CD6E5FDC7406D7 ] C:\Windows\ehome\ehshell.exe
19:13:20.0627 0x0fcc C:\Windows\ehome\ehshell.exe - ok
19:13:20.0627 0x0fcc [ 389C63E32B3CEFED425B61ED92D3F021, E4718E290678F00995E754AE66F1027D227BFAB9E1A1D2AC8E4EAD27DC50CB17 ] C:\Windows\System32\drivers\tdtcp.sys
19:13:20.0627 0x0fcc C:\Windows\System32\drivers\tdtcp.sys - ok
19:13:20.0643 0x0fcc [ 98D7C3F58884D89D1F16F4F77BCD00EE, 0C97B2D85205D0F573B2D0C3E61C9EB42B43786252F0B86761FAD1F361EDEFED ] C:\Program Files\Uniblue\DriverScanner\Launcher.exe
19:13:20.0643 0x0fcc C:\Program Files\Uniblue\DriverScanner\Launcher.exe - ok
19:13:20.0643 0x0fcc [ 774208DBD1AB499CB2923C8D37E173E3, 5DFD50273B06A53BCDFB4DAFA612B99D727BCADED89A26DEB5F657FB397FD518 ] C:\Program Files\Windows Collaboration\WinCollab.exe
19:13:20.0643 0x0fcc C:\Program Files\Windows Collaboration\WinCollab.exe - ok
19:13:20.0643 0x0fcc [ 6D9E1356A9C1B5F36698FAFF9205E34A, A7E37C2C0F1F35F5434144D5F1D282858D6B3CE995BE6612BA22FB7E83793F77 ] C:\Program Files\Xvid\CheckUpdate.exe
19:13:20.0643 0x0fcc C:\Program Files\Xvid\CheckUpdate.exe - ok
19:13:20.0658 0x0fcc [ EC519C56AF56AFB128EC1E04747AC867, BFA9DB28B6C120355D86622AA62782D98E702B1078135B2EB44316C2B7EA0D7D ] C:\Program Files\Movie Maker\MOVIEMK.exe
19:13:20.0658 0x0fcc C:\Program Files\Movie Maker\MOVIEMK.exe - ok
19:13:20.0658 0x0fcc [ D55F27F176CC687AAE438E0907F5A6D3, 2E856C7E917B97EC19C94D14AB5F5DF3012AA80F055498378D5DD8FC31ADC5E1 ] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
19:13:20.0658 0x0fcc C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe - ok
19:13:20.0674 0x0fcc [ C03AC1FBCD625F93D2C245D97E06F270, C8B29DA440C32B305FDC734DFA02DBB50B6FD47BC94582A8FAF86B4674534B35 ] C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe
19:13:20.0674 0x0fcc C:\Program Files\Windows Photo Gallery\WindowsPhotoGallery.exe - ok
19:13:20.0674 0x0fcc [ 544A9045E48A7A1F1F5DC6689AD6C8D0, EF42BC7D3F6B6FC3653F426A2276481E4C1B5AB43D9D54446565C190A969BC1C ] C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe
19:13:20.0674 0x0fcc C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe - ok
19:13:20.0689 0x0fcc [ 50B0FCA896AD8584B35C81B9BF98C393, EA1C6376B0CB78138302C231CFC4F42F2E8292CF9A90B6E2CC18F393D95A0373 ] C:\Users\Holly Chapman\AppData\Roaming\Search Protection\SearchProtection.exe
19:13:20.0689 0x0fcc C:\Users\Holly Chapman\AppData\Roaming\Search Protection\SearchProtection.exe - ok
19:13:20.0689 0x0fcc [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehtray.exe
19:13:20.0689 0x0fcc C:\Windows\ehome\ehtray.exe - ok
19:13:20.0689 0x0fcc [ F03FFC962E18F36A922E61F96BE09925, D9C063D7634D357E8ADFEC23DB036470770EFFF18F00F591158F9CB83AA8BDCF ] C:\Program Files\Digital Line Detect\DLG.exe
19:13:20.0689 0x0fcc C:\Program Files\Digital Line Detect\DLG.exe - ok
19:13:20.0705 0x0fcc [ E00DE20F0F6BED5CD2160247DDC9443B, DBE12149FA6558C23F0D5280C54224C3AEE25F7FD30074021524C2F1FA3C27ED ] C:\Program Files\ERUNT\AUTOBACK.EXE
19:13:20.0705 0x0fcc C:\Program Files\ERUNT\AUTOBACK.EXE - ok
19:13:20.0705 0x0fcc [ DCF0F056A2E4F52287264F5AB29CF206, D9F770BD65AE4320A8C130DEA1D093AA4E37FCA573BBE6A59D6D045452EA711D ] C:\Windows\System32\drivers\tssecsrv.sys
19:13:20.0705 0x0fcc C:\Windows\System32\drivers\tssecsrv.sys - ok
19:13:20.0721 0x0fcc [ 0B71899E60D1265229BF3D080EAB573D, 84CF5A6316DDCF5811CB8CE4C6EC647E2FB2286C852B0D2970DBF17C9CAC3F06 ] C:\Windows\System32\unimdmat.dll
19:13:20.0721 0x0fcc C:\Windows\System32\unimdmat.dll - ok
19:13:20.0721 0x0fcc [ 8870208FCB90E11960D45ECC994D268F, F5D291ADC30716B5C75A248762EC7BFBFC7ABC4358025F5A5295EC856D0AF3E7 ] C:\Windows\System32\wuapp.exe
19:13:20.0721 0x0fcc C:\Windows\System32\wuapp.exe - ok
19:13:20.0721 0x0fcc [ 5BBC45E19BCFB982C946429B9369DEE4, EBEA3EC3723C7E4D872699B54EFD06E7319FF9FDA9A95BA38B112F1AF11A1D0B ] C:\Windows\System32\modemui.dll
19:13:20.0721 0x0fcc C:\Windows\System32\modemui.dll - ok
19:13:20.0736 0x0fcc [ DE7F813217EC88C0A6D4D8F2F39D7949, F749DA3DC87DDA8579B02F27951CC3BBEADFC25362D892E9484146616A0ACF47 ] C:\Windows\System32\msiltcfg.dll
19:13:20.0736 0x0fcc C:\Windows\System32\msiltcfg.dll - ok
19:13:20.0736 0x0fcc [ 0F4195B9B348DE5CF9B822F81704B20E, D84AFEE1DBA144C4D7CBEE3F7F903F93EB4C2E16AB7AAF32D0192343C572E2B9 ] C:\Windows\ehome\ehmsas.exe
19:13:20.0736 0x0fcc C:\Windows\ehome\ehmsas.exe - ok
19:13:20.0752 0x0fcc [ E1C18F4097A5ABCEC941DC4B2F99DB7E, B38AC355042F18A41F83BF088FE7EB867184C7FE37820365314419BD3810BB68 ] C:\Windows\System32\drivers\rdpwd.sys
19:13:20.0752 0x0fcc C:\Windows\System32\drivers\rdpwd.sys - ok
19:13:20.0752 0x0fcc [ 953193A9DEA40348C1086D171F6440AE, D09D2A3238A56C823010F7AB5A92C88D315F7A01093C3EB0CF70C0F058055C93 ] C:\Windows\System32\kmddsp.tsp
19:13:20.0752 0x0fcc C:\Windows\System32\kmddsp.tsp - ok
19:13:20.0752 0x0fcc [ 2F6776ACEFE41EE889C464EA407918F2, 67401F5B8B6DBA6E7478D1D05D1ED91680C8623E66CA66AFB44377D63DD5F13C ] C:\Windows\System32\ndptsp.tsp
19:13:20.0752 0x0fcc C:\Windows\System32\ndptsp.tsp - ok
19:13:20.0767 0x0fcc [ B4B59AC042EE3733A862F26CBC0B17FC, 4EB571061FF1C0CEF66C450FBB266D81A583B7EA2AFD4A32F3ED7079969D7949 ] C:\Windows\System32\hidphone.tsp
19:13:20.0767 0x0fcc C:\Windows\System32\hidphone.tsp - ok
19:13:20.0767 0x0fcc [ FF672EC108883FE90C8BEC3E8E1D503F, 5B317C3ACFEB33E2F71FC038CFC40D538E203F9A30690448F4E0CDE6A1289031 ] C:\Windows\System32\rasppp.dll
19:13:20.0767 0x0fcc C:\Windows\System32\rasppp.dll - ok
19:13:20.0767 0x0fcc [ 898ABECCD5F0B9A8E8F1318DDB234685, CD9B0AE2FDF22B694FD2E3FD92C751AAECDDD85779D6F8CCD7EFCD3CC8C1161B ] C:\Windows\System32\dot3api.dll
19:13:20.0767 0x0fcc C:\Windows\System32\dot3api.dll - ok
19:13:20.0783 0x0fcc [ 88225070DD2F7B0B2ED51E7935078641, 9DC31DE93783EBC7285B8CBEA50E73976AA221B9701C3AE6CED56960F19AB298 ] C:\Windows\System32\rasqec.dll
19:13:20.0783 0x0fcc C:\Windows\System32\rasqec.dll - ok
19:13:20.0783 0x0fcc [ 615A3B1CDA204E8123C5472540D229C0, BCCC73F058B62FADD187D13A9D0CDAB106C8D641D7EDD2DDE7CE5A21F3E496C6 ] C:\Windows\System32\cryptui.dll
19:13:20.0783 0x0fcc C:\Windows\System32\cryptui.dll - ok
19:13:20.0783 0x0fcc [ 4EC96E6A33509E4D7F8F7000BABC5B91, C4E13ABA0CBE78E5CFF4B9378D9CDBF429F5396AC5A8B898EB02C524253BE77E ] C:\Program Files\iolo\System Mechanic\SMTrayNotify.exe
19:13:20.0783 0x0fcc C:\Program Files\iolo\System Mechanic\SMTrayNotify.exe - ok
19:13:20.0799 0x0fcc [ CACB05C27202C3AB5B727867EF57FE32, C846E94041BEF52CC0700A4C8F64449D72880BCB5A85E195030147C3EE8BD319 ] C:\DOSBox-0.72\dosbox.exe
19:13:20.0799 0x0fcc C:\DOSBox-0.72\dosbox.exe - ok
19:13:20.0799 0x0fcc [ F35A584E947A5B401FEB0FE01DB4A0D7, 4DA5EFDC46D126B45DAEEE8BC69C0BA2AA243589046B7DFD12A7E21B9BEE6A32 ] C:\Program Files\Dell\MediaDirect\MFC71.dll
19:13:20.0799 0x0fcc C:\Program Files\Dell\MediaDirect\MFC71.dll - ok
19:13:20.0814 0x0fcc [ CB1135906D951B574F9F2498BE8F11F9, E438E783F9D4D953B65FFD800E5C2F4ACF0377253291304224BDE8FC4AE430E0 ] C:\Program Files\Digital Line Detect\BVRPDiag.dll
19:13:20.0814 0x0fcc C:\Program Files\Digital Line Detect\BVRPDiag.dll - ok
19:13:20.0814 0x0fcc [ 45164CC38900538EEAA192A5E45E1CA8, 4E2964920C362D24D4C1E7D8AEB8478F0BF2EE8927E99ABE1C2B8B75F8FD2A1C ] C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll
19:13:20.0814 0x0fcc C:\Program Files\Veoh Networks\VeohWebPlayer\QtCore4.dll - ok
19:13:20.0814 0x0fcc [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll
19:13:20.0814 0x0fcc C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok
19:13:20.0830 0x0fcc [ 8BAD86529889249CD4A7D5789BE9FE66, 0EEA67D4F7EF8CA94719FBFBF03EA1BBE53FF9303A414D2F36E1DB8F8F762062 ] C:\Windows\System32\NAPMONTR.DLL
19:13:20.0830 0x0fcc C:\Windows\System32\NAPMONTR.DLL - ok
19:13:20.0830 0x0fcc [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files\Dell\MediaDirect\msvcr71.dll
19:13:20.0830 0x0fcc C:\Program Files\Dell\MediaDirect\msvcr71.dll - ok
19:13:20.0830 0x0fcc [ 2BAC92E8AC5E16ED60062E9141B8D5F6, 20FA479A8E465B6CC0C073788472026B87552BC1E165FC1B7D177F8ECADEE5E7 ] C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll
19:13:20.0830 0x0fcc C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorjit.dll - ok
19:13:20.0845 0x0fcc [ B9B5C142C75E7E2A95E7E958CF6EAB3A, A8C7FD5C43E8195EB83CC6B012BEDB7033966836BD25B26D88E0C815DFE8B0D3 ]
Holsten87
2014-07-24, 20:23
C:\Program Files\Xvid\autoupdate-windows.exe
19:13:20.0845 0x0fcc C:\Program Files\Xvid\autoupdate-windows.exe - ok
19:13:20.0845 0x0fcc [ D9963D39F6711E9A1C14C939C3A25605, 24179E85B1751970C17F2FC36B0FBAB56DE699DC3338748BBFF8346E46E39C8F ] C:\Windows\System32\mdmxsdk.dll
19:13:20.0845 0x0fcc C:\Windows\System32\mdmxsdk.dll - ok
19:13:20.0845 0x0fcc [ 6D564D355D1AB55E6C52D985ECD01C7B, 7BEB31EB4A64907532CF651DC316B0AEFB52959A3636E6C878F3E4A026D9F975 ] C:\Windows\System32\mfc42.dll
19:13:20.0845 0x0fcc C:\Windows\System32\mfc42.dll - ok
19:13:20.0861 0x0fcc [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\Program Files\Dell\MediaDirect\msvcp71.dll
19:13:20.0861 0x0fcc C:\Program Files\Dell\MediaDirect\msvcp71.dll - ok
19:13:20.0861 0x0fcc [ 05E3BAC0D6D3BF468754DD9FE8F5E9D2, 2C6158DED14277025BB819C9FD6A042FEEBD019279EC8B8ED74AE4652C803D49 ] C:\Windows\AppPatch\AcLayers.dll
19:13:20.0861 0x0fcc C:\Windows\AppPatch\AcLayers.dll - ok
19:13:20.0861 0x0fcc [ FB767E28F33F26849FA776DA7379E5C1, AC889C2A269543A1E8F33D4D63949B4D62051087ACBE3A718250A1367FF7CCA9 ] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.crl
19:13:20.0861 0x0fcc C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.crl - ok
19:13:20.0877 0x0fcc [ 8C5E15D746A51F52B9F0737F764C9506, CE891FA8155874E9B5BBE6AF6DE899FC44F3250ECEC9ABD2313B2C31F572D07F ] C:\Windows\System32\nshipsec.dll
19:13:20.0877 0x0fcc C:\Windows\System32\nshipsec.dll - ok
19:13:20.0877 0x0fcc [ 2C112E09680F7691783154D2C59CCE63, 578FC66ADB4237715933ACD44D7690CB24FFE6441196B96B2FA14CA82BC99014 ] C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.dll
19:13:20.0877 0x0fcc C:\Windows\System32\spool\drivers\w32x86\3\EKIJ5000MUI.dll - ok
19:13:20.0892 0x0fcc [ 4A938E44BEB41641B70175DACAB1BBB0, 297C54833063E73010CCE2869F2566323F167C2AD8C2DFE0F290FE4469DA902A ] C:\Windows\ehome\ehProxy.dll
19:13:20.0892 0x0fcc C:\Windows\ehome\ehProxy.dll - ok
19:13:20.0892 0x0fcc [ 2A4A70EA7630BE93758A5A328102D139, 62740DA9AEF23ACDBEB2296AA17E5416BB508BB35FFEF79837C13C73295A6CF2 ] C:\Program Files\Uniblue\DriverScanner\driverscanner.exe
19:13:20.0892 0x0fcc C:\Program Files\Uniblue\DriverScanner\driverscanner.exe - ok
19:13:20.0892 0x0fcc [ 83A54618958DAA59F2F7312D6897D3E8, 46F0C4F7E1969CBF136879ED9ECDE929F9C32643992C23DC95C90DD47BE659EE ] C:\Windows\System32\rasdlg.dll
19:13:20.0892 0x0fcc C:\Windows\System32\rasdlg.dll - ok
19:13:20.0908 0x0fcc [ F28F5E62EEA67807AD4D4449F29BE2BD, EFC17560781C4884AFA331B50A77F5D793B1C4D8D8ED7345558648F4C03A9619 ] C:\Windows\System32\wlanapi.dll
19:13:20.0908 0x0fcc C:\Windows\System32\wlanapi.dll - ok
19:13:20.0908 0x0fcc [ 4A839160ED1963F9A1526DDA2D1233B2, 1586B0D89994C37DF8DC045AEA91BA6A26B59DBDF9FB57C4BB7482922CC5B0F2 ] C:\Windows\System32\AltTab.dll
19:13:20.0908 0x0fcc C:\Windows\System32\AltTab.dll - ok
19:13:20.0908 0x0fcc [ A216F1C708CA4CBB7E1EB096C3A7EC5F, 1E1D30495D4D5FEC7B2F68737FA31105A335B01986D28D96911D3D62F1EBBC9F ] C:\Windows\System32\WPDShServiceObj.dll
19:13:20.0908 0x0fcc C:\Windows\System32\WPDShServiceObj.dll - ok
19:13:20.0923 0x0fcc [ 234CB691FBA69E8C1BE489A341586252, E857E8F036DDBDB2EE1485D546977713724E968B36B76F9FD6B2560677E420B6 ] C:\Windows\System32\srchadmin.dll
19:13:20.0923 0x0fcc C:\Windows\System32\srchadmin.dll - ok
19:13:20.0923 0x0fcc [ 4F4889A9D680714BE11B31BD01A0411A, AC2B72F00F6F07EB47F11D2913CD9701A6C9CE8E6DE3B8DC29CB900589D405DE ] C:\Windows\System32\webcheck.dll
19:13:20.0923 0x0fcc C:\Windows\System32\webcheck.dll - ok
19:13:20.0923 0x0fcc [ 1F65F79C66D3F7172AA9C9D5FA8D1635, C3D4025EFD655DE3A769CFB468757E24CAA3A87B2B168C0C20978EFAD0ECCDF9 ] C:\Windows\System32\winipsec.dll
19:13:20.0923 0x0fcc C:\Windows\System32\winipsec.dll - ok
19:13:20.0939 0x0fcc [ C8527AB1BC08E6BB57EA545DA8C6569F, 713005BD261D994BB4BFC2A34EDA9A88AC1FAA9EE256DD0F1C9A42326F2222F7 ] C:\Windows\System32\SyncCenter.dll
19:13:20.0939 0x0fcc C:\Windows\System32\SyncCenter.dll - ok
19:13:20.0939 0x0fcc [ C6061829D943C9579BD620464ACEFE1F, 266CDD69A5E11AA1F4F776E047B0EF08D0D7EA8163AE68DFB9742B6C4590EBE9 ] C:\Windows\System32\wscntfy.dll
19:13:20.0939 0x0fcc C:\Windows\System32\wscntfy.dll - ok
19:13:20.0955 0x0fcc [ 7ADD03E75BEB9E6DD102C3081D29840A, 0CA14A77CE990B5AA32C0725C22CA190ECBC73B75064DD959CABAD79B8846F1D ] C:\Windows\System32\drivers\cdfs.sys
19:13:20.0955 0x0fcc C:\Windows\System32\drivers\cdfs.sys - ok
19:13:20.0955 0x0fcc [ 8AB292E01E668A92B147B823E6E9E85B, 552A6F9A4D1B99F81A516867A5F855EEBFAE231DE32E1BAD80B60AFA21A56CFB ] C:\Windows\System32\bthprops.cpl
19:13:20.0955 0x0fcc C:\Windows\System32\bthprops.cpl - ok
19:13:20.0955 0x0fcc [ A5BFB7EA350091649F7F1B2B6C2A67C2, D2629DEB46F26F71356E3F2F47921F352E2362752C3E9992F2085973C028A257 ] C:\Windows\System32\imapi2.dll
19:13:20.0955 0x0fcc C:\Windows\System32\imapi2.dll - ok
19:13:20.0970 0x0fcc [ F79FA009F7F34388CD850C62E9BEBB00, 68996906CB934319E9A31F34C74A298D676825765AA188875E11C6B6E0592464 ] C:\Windows\System32\BTNCopy.dll
19:13:20.0970 0x0fcc C:\Windows\System32\BTNCopy.dll - ok
19:13:20.0970 0x0fcc [ 9FB61C3FFC2BD247DFFABAD9B4322609, FCCA1955433535369844639A3785F922034FD437E624C27D6072A0EC932F7663 ] C:\Windows\System32\PortableDeviceTypes.dll
19:13:20.0970 0x0fcc C:\Windows\System32\PortableDeviceTypes.dll - ok
19:13:20.0970 0x0fcc [ D8D98FF46419DD13C83F657FBF03B9A8, 16C7E7BE558F17DEC7E367628D003A0F3DF4247CCB2D6FC37E28F5F25B2D8CE2 ] C:\Windows\System32\wlancfg.dll
19:13:20.0970 0x0fcc C:\Windows\System32\wlancfg.dll - ok
19:13:20.0986 0x0fcc [ 4B8BE68C1F19509BC62E6A2846D429C1, 9077B5C65C1AD9285D023B899D04BA87E709832EC4F614C2DE9E104EEA6EEF0B ] C:\Windows\System32\wlanhlp.dll
19:13:20.0986 0x0fcc C:\Windows\System32\wlanhlp.dll - ok
19:13:20.0986 0x0fcc [ 9BA168728E8ED3A436C68621D83AD3BD, B239411B239E78E933D0439DB45A9A14E2358DA6834FC51E9DD303056FF657B4 ] C:\Program Files\Common Files\System\wab32.dll
19:13:20.0986 0x0fcc C:\Program Files\Common Files\System\wab32.dll - ok
19:13:20.0986 0x0fcc [ CA6ADE4F7761BB15B3325356DC3B82BB, 0EA4CD410DA764916EA201C0C1E16752E0D3DC9D8571510782AF4AAE62509AF7 ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
19:13:20.0986 0x0fcc C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
19:13:21.0001 0x0fcc [ D10945BEADD847DD760744478372CBCE, B56046198B5BDF78655A88D4200059360D0F03267F69A8845CD0C32655E9C801 ] C:\Windows\System32\p2pnetsh.dll
19:13:21.0001 0x0fcc C:\Windows\System32\p2pnetsh.dll - ok
19:13:21.0001 0x0fcc [ 8F1B3B9D135E724B94922BF15B07102D, 098C14CF85FC3DDF2614D6751078F44361066C9D49C422E9597E706D2D2EB760 ] C:\Windows\System32\P2P.dll
19:13:21.0001 0x0fcc C:\Windows\System32\P2P.dll - ok
19:13:21.0001 0x0fcc [ 498961DEAAC558A5D85F7596CBCA6DC3, B3503A6CC9DA9A190A835E3F96493403EF759F37F74D79B1038149C7086D2CB0 ] C:\Windows\System32\cryptdlg.dll
19:13:21.0001 0x0fcc C:\Windows\System32\cryptdlg.dll - ok
19:13:21.0017 0x0fcc [ 214460565D2AC0BC124D14B785ADAE06, C506292678F96AE5188EBCAB9EA7AE4EFA2E0A993D47B516AD10484EB602E733 ] C:\Windows\System32\msoert2.dll
19:13:21.0017 0x0fcc C:\Windows\System32\msoert2.dll - ok
19:13:21.0017 0x0fcc [ 8EFD9C0EF8A4AF468B112EBD2D4BC258, 88DBAF6727DFDCD9D53329D11D621C9F1EB2CB4361892296DBBBE5CAF0834907 ] C:\Program Files\Uniblue\DriverScanner\locale\en\en.dll
19:13:21.0017 0x0fcc C:\Program Files\Uniblue\DriverScanner\locale\en\en.dll - ok
19:13:21.0033 0x0fcc [ EF5A686DC00A9C60E3E7C02E1411DE96, F767842714B9EA47BB8373F2964BC6EF5FA5B1DCAD33E3AEFA077F1971BF9E19 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderPNG.dll
19:13:21.0033 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSFormatLoaderPNG.dll - ok
19:13:21.0033 0x0fcc [ C4894B3B448B647BEDC9E916D181BDBE, 03736539FEDC2367E00BF1CCC46C1EDCF9506AC2F34D2B007903F7C8CD298099 ] C:\Windows\System32\SearchProtocolHost.exe
19:13:21.0033 0x0fcc C:\Windows\System32\SearchProtocolHost.exe - ok
19:13:21.0033 0x0fcc [ 4774D83BE60B7F47C612E25D6FE0F010, 1071E5859B1D452A3BCEE3DC1413BDCD125796B7479E69D1154ED76A7A7E00CB ] C:\Windows\System32\msshooks.dll
19:13:21.0033 0x0fcc C:\Windows\System32\msshooks.dll - ok
19:13:21.0048 0x0fcc [ AC32DC4D4552151D6842B678D52EB9B7, 7970D467DF0D1FB9008D5B4029F7EB922A1DB06845B0B1907A3DA2B9B803A41B ] C:\Windows\System32\mssvp.dll
19:13:21.0048 0x0fcc C:\Windows\System32\mssvp.dll - ok
19:13:21.0048 0x0fcc [ 98C77FD99F3DB37B2C03F32B8F837B65, F336058CD255F672E89B8680B114CC1C0AEDD685D49DE38BCE1B76484BAE931B ] C:\Windows\System32\mapi32.dll
19:13:21.0048 0x0fcc C:\Windows\System32\mapi32.dll - ok
19:13:21.0048 0x0fcc [ CD5D53DFE552074D5553E1089961EA6F, 22B104340FACC4AA9D7C9B308B399841C28EF7BCA706ADC8DA802DCA3912746C ] C:\Windows\System32\mssph.dll
19:13:21.0048 0x0fcc C:\Windows\System32\mssph.dll - ok
19:13:21.0064 0x0fcc [ 87889A983C015080FA813D7E32910D1E, 7CDB618AB145CB0E2B2AB3C87542E56624C6FB075C7806494936BF52A9467AAB ] C:\Windows\System32\SearchFilterHost.exe
19:13:21.0064 0x0fcc C:\Windows\System32\SearchFilterHost.exe - ok
19:13:21.0064 0x0fcc [ 0E34CFF4B801CD104D3F35F8D992BF17, 0DACCDA2F92D062A24845358A553B8C496E0D2EC5D204A91178612CE3353DBBB ] C:\Windows\System32\msftedit.dll
19:13:21.0064 0x0fcc C:\Windows\System32\msftedit.dll - ok
19:13:21.0064 0x0fcc [ CE5BA334A73B4529AFFD84DD0A12DB88, 9767FA2FE6A507F200853B9C999C65ED91FBA49BADC55264E025AA2DA1BDA935 ] C:\Windows\System32\napipsec.dll
19:13:21.0064 0x0fcc C:\Windows\System32\napipsec.dll - ok
19:13:21.0079 0x0fcc [ FBFCA1A574D47EE575448B719CBBF2E4, B7CAB2D0D95679B05EFC8E1303BAA65C9B3B80527C3FD3AECDC0D2E59919D36E ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
19:13:21.0079 0x0fcc C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
19:13:21.0079 0x0fcc [ 4C82943919A83183B49CC1A59CBA3B0C, BF5104416FCA5CE524E85604A7A040A791C21D735DDCDBFCF25621D58523ACF7 ] C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll
19:13:21.0079 0x0fcc C:\Program Files\Veoh Networks\VeohWebPlayer\QtGui4.dll - ok
19:13:21.0079 0x0fcc [ 6C149F7B1D79224C87D2D0F87C533B37, AD8D771F95610E543828096D372BAB74879513D2B942A087BEA683825DD39CC2 ] C:\Program Files\Common Files\System\wab32res.dll
19:13:21.0079 0x0fcc C:\Program Files\Common Files\System\wab32res.dll - ok
19:13:21.0095 0x0fcc [ 36D909A1AD98FFE32BB1CB6B6C6620E8, 20BEA9444D35EB060EC2D7C41EABC457AC20394C3B176100B0D7F7E83DD50388 ] C:\Windows\System32\tsgqec.dll
19:13:21.0095 0x0fcc C:\Windows\System32\tsgqec.dll - ok
19:13:21.0095 0x0fcc [ AC6DEE732F35B75387815FCE6A7F8A1B, 085DFE4CC948E09381B81DBA77037531CC537C8AB872A662923D9074B3955172 ] C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.key
19:13:21.0095 0x0fcc C:\ProgramData\Microsoft\Windows\DRM\Cache\Indiv01.key - ok
19:13:21.0111 0x0fcc [ 199F9ADDB1C1E633169B9F6CB40D7724, BF1AA06F229CB2D474E4B20C602A8F329ED4E67A04166D270C4A873A1DA9A7BA ] C:\Program Files\AVG\AVG10\avglngx.dll
19:13:21.0111 0x0fcc C:\Program Files\AVG\AVG10\avglngx.dll - ok
19:13:21.0111 0x0fcc [ BF1C2147FBB0B9DE0CEC968F709F40BD, B187618DB51DA54027ABF32D23D4D69F340E8B836A7187D82F9D11C68A9F9616 ] C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll
19:13:21.0111 0x0fcc C:\Program Files\Veoh Networks\VeohWebPlayer\QtNetwork4.dll - ok
19:13:21.0111 0x0fcc [ 066B1558B0286677D4CCE0A20F01F0FE, 7D30A15791DACAAFEE2921D64697F98D6F32F9D0E0AC98BC72C6F1BEE8A0DE2D ] C:\Program Files\Dell\MediaDirect\Kernel\common\CLRCEngine3.dll
19:13:21.0111 0x0fcc C:\Program Files\Dell\MediaDirect\Kernel\common\CLRCEngine3.dll - ok
19:13:21.0126 0x0fcc [ F68E07F8AA19D60DF2E7467D75448B3D, EC3B79262CE299F71A093D19DE359C5CFE82C29B87206CEFBE2B92A0212D14F4 ] C:\Windows\System32\pdh.dll
19:13:21.0126 0x0fcc C:\Windows\System32\pdh.dll - ok
19:13:21.0126 0x0fcc [ 7D7960C85E4259F3B90EB4B742616BFF, EA8EFDB038D7F033EB155EDEC71A857E4BFA4435BAF17BCB439F43C8BCD65F95 ] C:\Windows\System32\EAPQEC.DLL
19:13:21.0126 0x0fcc C:\Windows\System32\EAPQEC.DLL - ok
19:13:21.0126 0x0fcc [ 50A0A49F1901B56FC940B7A8076A8AD3, B832A00C2D563804AD8EAB10C5C1B33EE0E1C568EA0A2397C36B7C6BF521321F ] C:\Program Files\Veoh Networks\VeohWebPlayer\BugSplat.dll
19:13:21.0126 0x0fcc C:\Program Files\Veoh Networks\VeohWebPlayer\BugSplat.dll - ok
19:13:21.0142 0x0fcc [ C551D15D5D0F875D7BF0BC4FBB6EB2D9, 07F0A63079A01391BA056BB652CE48B432FCDBB37E0FE4673A30FD3B2182ED04 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
19:13:21.0142 0x0fcc C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe - ok
19:13:21.0142 0x0fcc [ 09EFB6439C76E94059C5E22409926B48, BA48BEE7F09C7831F9CE518BEB79778AFF2F96D4BB32C13F05DC7BABAC5B6B2E ] C:\Users\Holly Chapman\AppData\Local\Temp\BRADDB.tmp
19:13:21.0142 0x0fcc C:\Users\Holly Chapman\AppData\Local\Temp\BRADDB.tmp - ok
19:13:21.0158 0x0fcc [ 83C2F5076E1B4A63C04F2B14EE7CAD47, 2A12EB65731DE984615050836BD122BCBC3AE5494D43921BB2BE14C143EEDA83 ] C:\Windows\System32\wbem\wbemdisp.dll
19:13:21.0158 0x0fcc C:\Windows\System32\wbem\wbemdisp.dll - ok
19:13:21.0158 0x0fcc [ 05B6A5CE1C7767C32DF35966107CB1EC, DECC08418A2F6B887268B6C35B11F5C00523D291AD8C6F792CD6DF801FCACBFD ] C:\Windows\System32\hhctrl.ocx
19:13:21.0158 0x0fcc C:\Windows\System32\hhctrl.ocx - ok
19:13:21.0158 0x0fcc [ 08AD4CD2A940379F1DCDBDB9884A1375, 78827E2B1EF0AAD4F8B1B42D0964064819AA22BFCD537EBAACB30D817EDC06D8 ] C:\Users\HOLLYC~1\AppData\Local\Temp\BRCB4A.tmp
19:13:21.0158 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\BRCB4A.tmp - ok
19:13:21.0173 0x0fcc [ 79FB455A4AA3662742845D9F43B7F908, 784110F31D9C02F12B59C56AC88947D032C4AB3E0CA01114E29EFD090CE3C89A ] C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll
19:13:21.0173 0x0fcc C:\Program Files\Veoh Networks\VeohWebPlayer\imageformats\qjpeg4.dll - ok
19:13:21.0173 0x0fcc [ AF4DC6348884A5636F439FC6CE93A8DC, 7FDE501F758FAE3EE1A401BAA151B83163F7571D02254451585595AA10C02C66 ] C:\Program Files\AVG\AVG10\avgabout.dll
19:13:21.0173 0x0fcc C:\Program Files\AVG\AVG10\avgabout.dll - ok
19:13:21.0173 0x0fcc [ E35514FC402F6268333529384CFD7B20, B8E3BD0FCC687A287588F8350508C4A858B208F6A178ED9866773FD0E63A381B ] C:\Users\HOLLYC~1\AppData\Local\Temp\BRD911.tmp
19:13:21.0173 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\BRD911.tmp - ok
19:13:21.0189 0x0fcc [ 61B12427CCBF5512E3439664C00D5FCD, F635220912DC7DF9584B1C1C0FE0360DDA2A577F1A2245ACE5E2B976EFA7C6AE ] C:\Program Files\AVG\AVG10\avguires.dll
19:13:21.0189 0x0fcc C:\Program Files\AVG\AVG10\avguires.dll - ok
19:13:21.0189 0x0fcc [ 350A0C2CC411A6B0982604C8893C3E93, FB8FFA15460E7E46B4DB6ED3CA7BE8EA9922D33C8E501C3B71A9CC9C4309FA0C ] C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
19:13:21.0189 0x0fcc C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe - ok
19:13:21.0204 0x0fcc [ 98BC9EB05782F536F2A655F848735CB7, 3F955DB2FE70471FDAA3BD7F994BAA16853361C1AA4B4F809C672BC6BFC3DB28 ] C:\Program Files\Veoh Networks\VeohWebPlayer\ssleay32.dll
19:13:21.0204 0x0fcc C:\Program Files\Veoh Networks\VeohWebPlayer\ssleay32.dll - ok
19:13:21.0204 0x0fcc [ A6C11586A851CC9AEE3472C796ED1531, 4F47860295AC7D2E9340AC366FD05D2E44A648928F831B127E958809C475F56F ] C:\Program Files\Veoh Networks\VeohWebPlayer\libeay32.dll
19:13:21.0204 0x0fcc C:\Program Files\Veoh Networks\VeohWebPlayer\libeay32.dll - ok
19:13:21.0204 0x0fcc [ BA7C3E9DD6B1A632124C8659E8014028, CA9DAFA9C5A03606ECFA48A0690F671CBB6374E451BCEDA8C82F902FEC2AC2FB ] C:\Windows\System32\perfctrs.dll
19:13:21.0204 0x0fcc C:\Windows\System32\perfctrs.dll - ok
19:13:21.0220 0x0fcc [ 027491B39A7B16B116E780F55ABC288E, EEF69D005BF1C0B715C8D6205400D4755C261DD38DDFBBFE918E6EE91F21F1F0 ] C:\Users\HOLLYC~1\AppData\Local\Temp\BRF5C6.tmp
19:13:21.0220 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\BRF5C6.tmp - ok
19:13:21.0220 0x0fcc [ A210F1AC135E5331C314CE5F394FB5A5, 65B32EA2982078FB9A18E88FEEC238CB76ED2AE6C2BB4DDB0F6A9C4F57B1D62B ] C:\Users\HOLLYC~1\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll
19:13:21.0220 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\be29e7f1-71ae-4703-50cb-1d52be512f51\twapi-be29e7f1-71ae-4703-50cb-1d52be512f51.dll - ok
19:13:21.0236 0x0fcc [ 72FAB2C90296330ECA3787DC4093E208, 6251F51D616CDCB4256D73A67819A3419E5B59158BE358CF387B90E39C05C260 ] C:\Users\HOLLYC~1\AppData\Local\Temp\BR2BC4.tmp
19:13:21.0236 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\BR2BC4.tmp - ok
19:13:21.0236 0x0fcc [ B4EB1E7438DC099078CE8FE6E5A2C99D, F9AB62A357A9D964CEE9E078EF5C6A66D3AFE9B27C57D01D8B4FE1D7930C630B ] C:\Users\HOLLYC~1\AppData\Local\Temp\BR3BBD.tmp
19:13:21.0236 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\BR3BBD.tmp - ok
19:13:21.0236 0x0fcc [ B24BF80927D3D0A391CB8426F7CB290D, 822E525424E613ED87823F1E2446F7094DF2EA2B992FA259696A0444F8B70227 ] C:\Users\HOLLYC~1\AppData\Local\Temp\BR3D05.tmp
19:13:21.0236 0x0fcc C:\Users\HOLLYC~1\AppData\Local\Temp\BR3D05.tmp - ok
19:13:21.0251 0x0fcc [ 10F36FB8CD6218CD7F818268E0F3F9C6, BF4D880A2E3A2EC0EAADA95CC87C25916D36D50D3C4C0ED4F89F4E295A62B58F ] C:\Program Files\Mozilla Firefox\firefox.exe
19:13:21.0251 0x0fcc C:\Program Files\Mozilla Firefox\firefox.exe - ok
19:13:21.0251 0x0fcc [ 2C7BE4D7EA270C4D2D49390F20E23222, 92899055E4915AF1A1F8CFA4A5E8B917BCEAB3B9B6E6577A14DDDD73D5FB99AD ] C:\Program Files\Java\jre1.6.0\bin\jpinscp.dll
19:13:21.0251 0x0fcc C:\Program Files\Java\jre1.6.0\bin\jpinscp.dll - ok
19:13:21.0251 0x0fcc [ 67EC459E42D3081DD8FD34356F7CAFC1, 1221A09484964A6F38AF5E34EE292B9AFEFCCB3DC6E55435FD3AAF7C235D9067 ] C:\Program Files\Mozilla Firefox\msvcr100.dll
19:13:21.0251 0x0fcc C:\Program Files\Mozilla Firefox\msvcr100.dll - ok
19:13:21.0267 0x0fcc [ 51CA79683B3140ACD6A91F3704D51454, 6B8DDED4CB83B12D07797B261DCE39907C39ECB23ADE81F892F423599F9A2521 ] C:\Program Files\Mozilla Firefox\mozglue.dll
19:13:21.0267 0x0fcc C:\Program Files\Mozilla Firefox\mozglue.dll - ok
19:13:21.0267 0x0fcc [ 03E9314004F504A14A61C3D364B62F66, A3BA6421991241BEA9C8334B62C3088F8F131AB906C3CC52113945D05016A35F ] C:\Program Files\Mozilla Firefox\msvcp100.dll
19:13:21.0267 0x0fcc C:\Program Files\Mozilla Firefox\msvcp100.dll - ok
19:13:21.0267 0x0fcc [ 530D9DC68000B7A3AD00210D270925B5, 40996CEAFDFDBAE0C0928C396B5F4DC8C2B76F2184AEE0C0ADEF1BDAAAD1F5DC ] C:\Program Files\Mozilla Firefox\nss3.dll
19:13:21.0267 0x0fcc C:\Program Files\Mozilla Firefox\nss3.dll - ok
19:13:21.0282 0x0fcc [ 5E2DEFD1229B914CB06EC14CA718DA05, 629538B0ABE03A95E0C0DF5339AC17ECD2FE6D5992AD37703D6E7EE384980B73 ] C:\Program Files\Mozilla Firefox\mozjs.dll
19:13:21.0282 0x0fcc C:\Program Files\Mozilla Firefox\mozjs.dll - ok
19:13:21.0282 0x0fcc [ 8D6947D64263FE10DE773433FBDE7A1D, AFAD11807765309DC105ECC4AB50239BFD019229FF51D4755B6AFF2A98BEE4A6 ] C:\Program Files\Mozilla Firefox\icuin52.dll
19:13:21.0282 0x0fcc C:\Program Files\Mozilla Firefox\icuin52.dll - ok
19:13:21.0298 0x0fcc [ 87BB82DF2F05C86982F52C47C812A546, 237781A5C7C0C021B894846C2294EDB7619AD15F4C13DE029DFBCAB43580E7CE ] C:\Windows\WindowsMobile\INetRepl.dll
19:13:21.0298 0x0fcc C:\Windows\WindowsMobile\INetRepl.dll - ok
19:13:21.0298 0x0fcc [ 1D3E15E599BEB9B4833D65D403C3C6AC, D2F70C8867A121CEB11849C61058911EA9059CD63CFA155B4CA958A9345364D0 ] C:\Windows\System32\btrez.dll
19:13:21.0298 0x0fcc C:\Windows\System32\btrez.dll - ok
19:13:21.0298 0x0fcc [ 4E0582BE451CAD39F8CBC0C101E94213, 22235BD9426DB1E4C8D8EBBD14BF45CE3FC07181722DE76804D18E344E6402B5 ] C:\Program Files\Mozilla Firefox\icuuc52.dll
19:13:21.0298 0x0fcc C:\Program Files\Mozilla Firefox\icuuc52.dll - ok
19:13:21.0314 0x0fcc [ 605BECCDDC18A93335172CA97214458C, 429F4EB4F3EC9DC7E8C2D839653DE5E42606633D6CBC55827BDAEBF6210E1E15 ] C:\Program Files\Mozilla Firefox\icudt52.dll
19:13:21.0314 0x0fcc C:\Program Files\Mozilla Firefox\icudt52.dll - ok
19:13:21.0314 0x0fcc [ F6FEC373F3BC60E0F58C1A59254ACBD8, B7E829EAA6D2ECEC64B9055CA944DBB72021D6467FB53F9E239A640172D2AFC0 ] C:\Windows\System32\mshtml.dll
19:13:21.0314 0x0fcc C:\Windows\System32\mshtml.dll - ok
19:13:21.0314 0x0fcc [ 9869A4DD5F6699B794047A74D2891304, A11261B5835B85252556F2D59109C9BF08E874D9FC90BD9AE4BF80D236575D4E ] C:\Program Files\Mozilla Firefox\mozalloc.dll
19:13:21.0314 0x0fcc C:\Program Files\Mozilla Firefox\mozalloc.dll - ok
19:13:21.0329 0x0fcc [ C5A72042F0D571F774D9011BFF71F1CF, 2C1A0FF180059FABC8DE5F0069D51C7BB690D9DF2081102D07C28F6BA179D000 ] C:\Program Files\Mozilla Firefox\gkmedias.dll
19:13:21.0329 0x0fcc C:\Program Files\Mozilla Firefox\gkmedias.dll - ok
19:13:21.0329 0x0fcc [ F3EBDA850CC141768498DECAAD513299, 9C2705FCA4EC4C7EF522F9115960A61F34986C95E931FCF5C3C12A5115F85DC4 ] C:\Windows\System32\msls31.dll
19:13:21.0329 0x0fcc C:\Windows\System32\msls31.dll - ok
19:13:21.0329 0x0fcc [ F461B95F07F8307B973F811B6FE71A4D, 99F6864D730E8EDE550B69737BD1D6775D30DA50B8491A77BCEDDED4A6B091E6 ] C:\Program Files\Microsoft Office\OFFICE11\OUTLLIB.DLL
19:13:21.0329 0x0fcc C:\Program Files\Microsoft Office\OFFICE11\OUTLLIB.DLL - ok
19:13:21.0345 0x0fcc [ A3A66ACAC11248BA2E55141DC67C7EC3, A0D62A10C12CEBFB9ED6EF9E64E52099AAAF80C780B193C1F598E88D379393E3 ] C:\Program Files\Mozilla Firefox\xul.dll
19:13:21.0345 0x0fcc C:\Program Files\Mozilla Firefox\xul.dll - ok
19:13:21.0345 0x0fcc [ 2FA6CB0AEFD7D659668BDBC65CA0780D, A8FE6CA0248576A2429BC9DADD88274209A20545F838F7030E926983445CC464 ] C:\Windows\System32\msimtf.dll
19:13:21.0345 0x0fcc C:\Windows\System32\msimtf.dll - ok
19:13:21.0345 0x0fcc [ 43884E42D858BE983526D53661F3C879, E5F1F004F96EC02F9CCFA0D2590E5BC1E50B958711C1F232C00394245B8C1A19 ] C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll
19:13:21.0345 0x0fcc C:\Program Files\Mozilla Firefox\browser\components\browsercomps.dll - ok
19:13:21.0360 0x0fcc [ DCB288183CF77605110944232C6A2665, 21DB326B154FB681B62EFC011E3739C05CA0D8CC7035479B85ECC3A01368F186 ] C:\Windows\System32\jscript.dll
19:13:21.0360 0x0fcc C:\Windows\System32\jscript.dll - ok
19:13:21.0360 0x0fcc [ 6145D4EC919E4C7C818DC3C172100EBC, 5C28CD256522BCC0DF4A6AAA55F0B3E3BB1B325E9DAB67145A17DA590106634D ] C:\Windows\System32\wbem\WMIADAP.exe
19:13:21.0360 0x0fcc C:\Windows\System32\wbem\WMIADAP.exe - ok
19:13:21.0376 0x0fcc [ 8B2D61CA83825CEAD423228ACD40CFBC, 31E45FC797DDAD5D929DFF2EBCEA5CB3DA41D56DCDBAF916110B81AC36625F63 ] C:\Windows\System32\loadperf.dll
19:13:21.0376 0x0fcc C:\Windows\System32\loadperf.dll - ok
19:13:21.0376 0x0fcc [ 5A005676A0252FBAFEC8F68162EB9F88, 60B85E983492AD2AF28696AFF807B0FC95B14BC542236D950D77A9E6430B45DB ] C:\Windows\System32\imgutil.dll
19:13:21.0376 0x0fcc C:\Windows\System32\imgutil.dll - ok
19:13:21.0376 0x0fcc [ B8D3BF818DEFE1DA9A754F214E528221, 092C547C31CF10666E5992F05AFDEAA87E0A10E544AF51A407DD76A1D23B48FC ] C:\Windows\System32\pngfilt.dll
19:13:21.0376 0x0fcc C:\Windows\System32\pngfilt.dll - ok
19:13:21.0392 0x0fcc [ D12FEB0E3EA6063A65A5498ED90FD790, CAD7DB2165492081C5D336D7C94876DDFD0CDC06E5C5BE867296A9B2B0168CAF ] C:\Windows\System32\dxtrans.dll
19:13:21.0392 0x0fcc C:\Windows\System32\dxtrans.dll - ok
19:13:21.0392 0x0fcc [ 734DAA4FEAC6905BCFB30410D6C7E003, 885BDA2C8836EEDE2205E080E642BA547E4EC5F408E4BE9DEF2E6F958F6ECD7E ] C:\Windows\System32\ddrawex.dll
19:13:21.0392 0x0fcc C:\Windows\System32\ddrawex.dll - ok
19:13:21.0392 0x0fcc [ 340ED5896775872139CC702625A2A349, 206FA916031D053FDA4EFA67F29EDB543DB99C9A0AA38747CF36497D45F67515 ] C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\extensions\zoteroWinWordIntegration@zotero.org\components-31.0\zoteroWinWordIntegration.dll
19:13:21.0392 0x0fcc C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\extensions\zoteroWinWordIntegration@zotero.org\components-31.0\zoteroWinWordIntegration.dll - ok
19:13:21.0407 0x0fcc [ B68FCC1F8684AB3EC4BE4D0A2537D26D, A87B27F551A1B2D32529E8F997BE22E24DA220B3C3FC6435F3E22972F43AE188 ] C:\Windows\System32\dxtmsft.dll
19:13:21.0407 0x0fcc C:\Windows\System32\dxtmsft.dll - ok
19:13:21.0407 0x0fcc [ 80660C611B596FFE8AF4074B31AA6FB7, DFEF8ED182D687EF223821BF8A3BF27A803A385C19C2D9EED3CB93C8D5F96617 ] C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe
19:13:21.0407 0x0fcc C:\Program Files\Adobe\Reader 8.0\Reader\AcroRd32.exe - ok
19:13:21.0423 0x0fcc [ B5D2610D34142F287DF13130665F0B94, 4B64351AB9AC0B0B466959668E71EA05FE6AA307DBA2D13C3A050C810BC9DB37 ] C:\Program Files\Windows Media Player\wmplayer.exe
19:13:21.0423 0x0fcc C:\Program Files\Windows Media Player\wmplayer.exe - ok
19:13:21.0423 0x0fcc [ C0B86087107AF863F2D39A604FB53BEC, 2820ED607AC58374D1D66E371D9333D2A345E33CC60882689BD8E3F071CEF059 ] C:\Program Files\Mozilla Firefox\softokn3.dll
19:13:21.0423 0x0fcc C:\Program Files\Mozilla Firefox\softokn3.dll - ok
19:13:21.0423 0x0fcc [ 91012AF713DC587607EF7A5A3D0B995A, 77B8210EDA73402C07E41C0D39E7B059C4A97EE1743C1387238701FB5DEE868B ] C:\Program Files\Mozilla Firefox\nssdbm3.dll
19:13:21.0423 0x0fcc C:\Program Files\Mozilla Firefox\nssdbm3.dll - ok
19:13:21.0438 0x0fcc [ A20AE283691ED0538C2CD7E79F65792E, 4EBEC72447211F26F0A455ABA693DF7041306866377932ECE1DD010A6C5B660C ] C:\Program Files\Mozilla Firefox\freebl3.dll
19:13:21.0438 0x0fcc C:\Program Files\Mozilla Firefox\freebl3.dll - ok
19:13:21.0438 0x0fcc [ 816269864C56D84C88F818379EA00DB1, C5D25C9235A5D4E4B9A52291AB4AA7C488D52CBDA8E66ABFC48B047560C3C096 ] C:\Program Files\Mozilla Firefox\nssckbi.dll
19:13:21.0438 0x0fcc C:\Program Files\Mozilla Firefox\nssckbi.dll - ok
19:13:21.0438 0x0fcc [ F21F255B91CA4F04E4250DECD2067CBB, F2EDAFA1C4CDF9608F16DD14C3D053A4E63673C6D16736E3F9691CA313D8C0D2 ] C:\Windows\System32\bitsperf.dll
19:13:21.0438 0x0fcc C:\Windows\System32\bitsperf.dll - ok
19:13:21.0454 0x0fcc [ C1DB5285D572FFD741FDE14DF3E51F97, 5C8DD34D647160FB3E247C9A6481EEB5C76C962F7EB92333627DA28444FAB5F6 ] C:\Windows\System32\bitsigd.dll
19:13:21.0454 0x0fcc C:\Windows\System32\bitsigd.dll - ok
19:13:21.0454 0x0fcc [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
19:13:21.0454 0x0fcc C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe - ok
19:13:21.0454 0x0fcc [ E5F7C30EDF0892667933BE879F067D67, E4BA45F4C6C74A0CDE9B12A00C91E2F5EF83536C89C9053DEC507CBB4F130A12 ] C:\Windows\System32\msvcr100_clr0400.dll
19:13:21.0454 0x0fcc C:\Windows\System32\msvcr100_clr0400.dll - ok
19:13:21.0470 0x0fcc [ B0B4C590C0CAE7741DA17E3DC86CC828, B0FD9C7D34B5EEA1346E98AC499E503AB67672FBD3A48CB482E139F1BC05D55E ] C:\Windows\System32\ceutil.dll
19:13:21.0470 0x0fcc C:\Windows\System32\ceutil.dll - ok
19:13:21.0470 0x0fcc [ 6298277B73C77FA99106B271A7525163, 9E076697F025167B57D8D66ED0862B184D70324E058BFA36E42D0C6728720B31 ] C:\Windows\System32\wuaueng.dll
19:13:21.0470 0x0fcc C:\Windows\System32\wuaueng.dll - ok
19:13:21.0470 0x0fcc [ 5E41139EC6EFBCAFFD96D46925E544AB, 1A3C469A29D35CC0D66150B739EBF0BD551E8AF613E58270E0BB12B65D249090 ] C:\Windows\System32\mspatcha.dll
19:13:21.0470 0x0fcc C:\Windows\System32\mspatcha.dll - ok
19:13:21.0485 0x0fcc [ 5BD1234E11B39C63BBA87022AF6D43C2, 4306B6F88BB42CDACB6BF691B94DD4E621EE856D4A5D3A95499BCC951686D626 ] C:\Windows\System32\wups2.dll
19:13:21.0485 0x0fcc C:\Windows\System32\wups2.dll - ok
19:13:21.0485 0x0fcc [ E5A905BDD0007868FB87007C13324479, 6E6C3D986DDAA573D2D4729E0B4DBC2AFCBA13ABA7927996230E24BBA962EC72 ] C:\Windows\System32\winusb.dll
19:13:21.0485 0x0fcc C:\Windows\System32\winusb.dll - ok
19:13:21.0485 0x0fcc [ 8C8C82633A7E90A33E8D7D9617B2B46C, 9EF4D24B904D773FC22D0C47E0CC9A30C6163BAB194A972D0570805763F7E866 ] C:\Windows\WindowsMobile\tcp2udp.dll
19:13:21.0485 0x0fcc C:\Windows\WindowsMobile\tcp2udp.dll - ok
19:13:21.0501 0x0fcc [ 3379989F06B31347792836DCF028A325, D1689EF16BF6419CD131FBA7683926608AAEBAA540302DCB067F8A60F37ABAF3 ] C:\Windows\System32\rapiproxystub.dll
19:13:21.0501 0x0fcc C:\Windows\System32\rapiproxystub.dll - ok
19:13:21.0501 0x0fcc [ D5D7C7CBDD63C5938C83846B313FCF3B, 710826FEA6E5DD61756F91CA430FC98DFDA661141786D615B11E064E4FCB140D ] C:\Windows\WindowsMobile\BthASPlugin.dll
19:13:21.0501 0x0fcc C:\Windows\WindowsMobile\BthASPlugin.dll - ok
19:13:21.0501 0x0fcc [ 523DF3B590D8A353A49235B1B7C571AD, C615305AD3863479DBA95F90BD3F3164F09C437CD2BB747A885599DCC154D98F ] C:\Windows\WindowsMobile\dtptdns.dll
19:13:21.0501 0x0fcc C:\Windows\WindowsMobile\dtptdns.dll - ok
19:13:21.0516 0x0fcc [ 9B89B3BB79EA1ACF041F40A7B6FC5827, B84A1F43C19D596BC0AE11D3E2ADF0B70172648CB4A488BF3F2AB371E819632F ] C:\Windows\System32\mobsync.exe
19:13:21.0516 0x0fcc C:\Windows\System32\mobsync.exe - ok
19:13:21.0516 0x0fcc [ E270B78C30A4795978B8067E6A2252A2, AC5DC04D4980562F539CB21619172EB5AA3C7C5EBABC1C001E9BF11C88CAAADA ] C:\Windows\WindowsMobile\wmdsyncman.dll
19:13:21.0516 0x0fcc C:\Windows\WindowsMobile\wmdsyncman.dll - ok
19:13:21.0516 0x0fcc [ 7599E425947A595448DA778B610923BC, AA9D3DE8BC0BD8757F87B12B31EF74A1C7828F1686F79D2C2411D8A0939A301E ] C:\Program Files\Windows Media Player\wmpsyncmgr.dll
19:13:21.0516 0x0fcc C:\Program Files\Windows Media Player\wmpsyncmgr.dll - ok
19:13:21.0532 0x0fcc [ 3C52645ACB77D85FC22DA05E20E57DEE, 4D97E794B13FB21DA8D4C85595BC337E149C0A6F1001D6F4AB1C0D9FB8CA5287 ] C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm
19:13:21.0532 0x0fcc C:\ProgramData\Microsoft\Windows Defender\Definition Updates\Updates\mpasdlta.vdm - ok
19:13:21.0532 0x0fcc [ 10F13FFF542FEC4A2C4FA734EEBE56B9, 97D6F3009DAC29AABEC6063FE0AD676BFF92775602135B24D050E9E5D34807E0 ] C:\Windows\System32\qmgrprxy.dll
19:13:21.0532 0x0fcc C:\Windows\System32\qmgrprxy.dll - ok
19:13:21.0532 0x0fcc [ 62BB79160F86CD962F312C68C6239BFD, 2FA2506B5C8B4469D2B36C803CCEAC15E831C3F8A4AF065ACA72DA8F385F24C0 ] C:\Windows\System32\wuauclt.exe
19:13:21.0532 0x0fcc C:\Windows\System32\wuauclt.exe - ok
19:13:21.0548 0x0fcc [ 5B56A7A5AE0C118CF6413A6E99170BF8, DA2F2922C5A5C77084CEEF9D1BF12A7678B2FCAC6CA37A7BDD454EBEBB1E725A ] C:\Windows\System32\wucltux.dll
19:13:21.0548 0x0fcc C:\Windows\System32\wucltux.dll - ok
19:13:21.0548 0x0fcc [ 7629E9BB2FF06EACA62580A2C1D4FE6A, 7D6DE55767F98644BF6695752FA70BE7E62009D4D6CD4B32D66E4517756AF5BE ] C:\Windows\System32\msconfig.exe
19:13:21.0548 0x0fcc C:\Windows\System32\msconfig.exe - ok
19:13:21.0548 0x0fcc [ DAF60E13E96ECB67F0EDAA89C6B01B8D, A1190C24D4AF26E130104C4F1293683EED466752DC22BF4B62AA3AA1C7856AFC ] C:\Windows\System32\notepad.exe
19:13:21.0548 0x0fcc C:\Windows\System32\notepad.exe - ok
19:13:21.0563 0x0fcc ================ Scan generic autorun ======================
19:13:21.0688 0x0fcc [ 96B3C4E20F02CA16AA1E3E425BFFCC8B, F94A548244071D406BDD6F770D4705B92F5485CA509B699A33472DFE7563BA39 ] C:\Windows\WindowsMobile\wmdc.exe
19:13:21.0766 0x0fcc Windows Mobile Device Center - ok
19:13:21.0953 0x0fcc [ 89D583FC41D48328128A974C25AFAEB7, C5204DA8487D4872A479C81149CAD928A9DD85500FDB9AD5B94AC4BB241F68F2 ] C:\Program Files\Common Files\Real\Update_OB\realsched.exe
19:13:21.0953 0x0fcc TkBellExe - ok
19:13:22.0187 0x0fcc [ D8B83790F45403B83D24FC63310E3BC7, 627245DC56B55EC3851DC6BA594175841EA38D67C27A53B020C9C97859257AA4 ] C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
19:13:22.0265 0x0fcc SynTPEnh - ok
19:13:22.0468 0x0fcc [ 485A4912B2D639694F836451A2B30435, B913073813BD933D882AC9ABC5CE84F96D3238622FFA97BDE8EDED629454F778 ] C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe
19:13:22.0546 0x0fcc SigmatelSysTrayApp - ok
19:13:22.0578 0x0fcc [ 1AAD451CCBECE62987591B35AE8037A8, 5B94F0493CDC62B275A27BE4948A82EAC9D7EB6610CBE4362E018B87759692E5 ] C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
19:13:22.0812 0x0fcc RoxWatchTray - detected UnsignedFile.Multi.Generic ( 1 )
19:13:22.0905 0x0fcc Detect skipped due to KSN trusted
19:13:22.0905 0x0fcc RoxWatchTray - ok
19:13:22.0968 0x0fcc [ 27BD1461ED8E7F84BFBA1A34F51F5CCF, 8C51769C922989EF28B6C42C6C0FFCFE6F3BD5131118CBBD0D8F68C610EEB174 ] C:\Windows\system32\igfxpers.exe
19:13:22.0983 0x0fcc Persistence - ok
19:13:23.0233 0x0fcc [ B6687CA43A44F0D8732A22191028912F, 0B6B43143D3B750880884D7E561359467B786A3788BD6FBA105EC24B14A52F79 ] C:\Program Files\Dell\MediaDirect\PCMService.exe
19:13:23.0249 0x0fcc PCMService - ok
19:13:23.0311 0x0fcc [ 23242FD6C7D4C61807E84FD3A79248C4, 6E53D0815B4552A05A0EC28871E5E9F0D14815FB52FCDD612C96050B7093493C ] C:\Windows\OEM02Mon.exe
19:13:23.0342 0x0fcc OEM02Mon.exe - ok
19:13:23.0498 0x0fcc [ FF3BF05021BFECC92DB81B8257EEB026, E09DF383DCFF34B8B9491AF258220117A1CDFBA544F90A70E954BF54E4A0521D ] C:\Program Files\Common Files\InstallShield\UpdateService\issch.exe
19:13:23.0514 0x0fcc ISUSScheduler - detected UnsignedFile.Multi.Generic ( 1 )
19:13:23.0717 0x0fcc Detect skipped due to KSN trusted
19:13:23.0717 0x0fcc ISUSScheduler - ok
19:13:23.0795 0x0fcc [ FF850C34ECDD73EB989D3B0CAA36229E, E7F54E33E0CE20BD14F098476A1D34BD8E0D651974FAD984F2A5AA9AF8CAA405 ] C:\Windows\system32\igfxtray.exe
19:13:23.0795 0x0fcc IgfxTray - ok
19:13:23.0841 0x0fcc [ E23BF454E2B9049B3093033E0735E39C, 2701E102CB3E1590284542A04F8C4BC27830662F038E1E09F3E2911FA03878B6 ] C:\Windows\system32\hkcmd.exe
19:13:23.0857 0x0fcc HotKeysCmds - ok
19:13:24.0356 0x0fcc [ 5C59E612AA95F10DBD29F6249EA379D3, CC1B5D70960C49DAEBD0BBFA908A1F6D823FCF5030AEBEEA646A04DAC338579B ] C:\Program Files\Kodak\AiO\StatusMonitor\EKStatusMonitor.exe
19:13:24.0497 0x0fcc EKStatusMonitor - ok
19:13:24.0887 0x0fcc [ BB3B08157FA22769B7ED9D2C44081D5A, 0653EA6D992A9FA09BB1756F6671C8FD9D518C60471B0F6420A7FC1DA2D3B6FA ] C:\Windows\system32\spool\DRIVERS\W32X86\3\EKIJ5000MUI.exe
19:13:25.0090 0x0fcc EKIJ5000StatusMonitor - ok
19:13:25.0199 0x0fcc [ 267B3A856E9F4DB1CABD4E6DB71E07D2, E384B0204375A8E9DCAFB3FD6E72442F3E9418812637F4EFA2653F946EBE8E26 ] C:\Program Files\Dell Support Center\gs_agent\custom\dsca.exe
19:13:25.0199 0x0fcc dscactivate - detected UnsignedFile.Multi.Generic ( 1 )
19:13:25.0574 0x0fcc Detect skipped due to KSN trusted
19:13:25.0574 0x0fcc dscactivate - ok
19:13:26.0682 0x0fcc [ DAC9B43BBFA0359E252DDB0CB91DEA6D, 2A109ABECF757567735C439663ED618B49EF7749ABEE6AEF8A100B2028C31A38 ] C:\Program Files\Dell\Dell Webcam Manager\DellWMgr.exe
19:13:26.0682 0x0fcc DELL Webcam Manager - detected UnsignedFile.Multi.Generic ( 1 )
19:13:27.0009 0x0fcc Detect skipped due to KSN trusted
19:13:27.0009 0x0fcc DELL Webcam Manager - ok
19:13:27.0087 0x0fcc [ F96EBC5A624349D81DCC7600A3C5DC43, 7812184AFC24F7A245D3D140EB0C1A4A23E73B34BC0A8C1556715368086F0376 ] C:\Windows\system32\conime.exe
19:13:27.0134 0x0fcc Conime - ok
19:13:27.0368 0x0fcc [ 06105D08927E3498B3D380CBF0688E78, 76CEBECFBEC01C75A94E0A3E04B5AEDB5ECA0C19EBCDC8F30009B09678510D73 ] C:\Program Files\AVG\AVG10\avgtray.exe
19:13:27.0477 0x0fcc AVG_TRAY - ok
19:13:27.0618 0x0fcc [ 8B9145D229D4E89D15ACB820D4A3A90F, F3831D9AE752B6AFBD3380E0BC849E4B051D6E06A88C1F61293A6DE4F66794E1 ] C:\Program Files\Adobe\Reader 8.0\Reader\Reader_sl.exe
19:13:27.0633 0x0fcc Adobe Reader Speed Launcher - ok
19:13:27.0743 0x0fcc [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:13:27.0914 0x0fcc Sidebar - ok
19:13:27.0930 0x0fcc WindowsWelcomeCenter - ok
19:13:28.0039 0x0fcc [ FD278E51A7D6F52D22FCE6C67E037AD6, F0FF20E00AD3EE17A2E46B1B6D099E87330BBE57941F6DB1D8159D70EFD2CFEB ] C:\Program Files\Windows Sidebar\Sidebar.exe
19:13:28.0117 0x0fcc Sidebar - ok
19:13:28.0117 0x0fcc WindowsWelcomeCenter - ok
19:13:28.0289 0x0fcc [ 98D7C3F58884D89D1F16F4F77BCD00EE, 0C97B2D85205D0F573B2D0C3E61C9EB42B43786252F0B86761FAD1F361EDEFED ] C:\Program Files\Uniblue\DriverScanner\launcher.exe
19:13:28.0320 0x0fcc DriverScanner - ok
19:13:28.0382 0x0fcc [ 6D9E1356A9C1B5F36698FAFF9205E34A, A7E37C2C0F1F35F5434144D5F1D282858D6B3CE995BE6612BA22FB7E83793F77 ] C:\Program Files\Xvid\CheckUpdate.exe
19:13:28.0382 0x0fcc Xvid - detected UnsignedFile.Multi.Generic ( 1 )
19:13:28.0601 0x0fcc Detect skipped due to KSN trusted
19:13:28.0601 0x0fcc Xvid - ok
19:13:28.0835 0x0fcc [ D55F27F176CC687AAE438E0907F5A6D3, 2E856C7E917B97EC19C94D14AB5F5DF3012AA80F055498378D5DD8FC31ADC5E1 ] C:\Program Files\Veoh Networks\VeohWebPlayer\veohwebplayer.exe
19:13:28.0960 0x0fcc VeohPlugin - ok
19:13:29.0209 0x0fcc [ 544A9045E48A7A1F1F5DC6689AD6C8D0, EF42BC7D3F6B6FC3653F426A2276481E4C1B5AB43D9D54446565C190A969BC1C ] C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe
19:13:29.0303 0x0fcc uTorrent - ok
19:13:29.0397 0x0fcc [ 50B0FCA896AD8584B35C81B9BF98C393, EA1C6376B0CB78138302C231CFC4F42F2E8292CF9A90B6E2CC18F393D95A0373 ] C:\Users\Holly Chapman\AppData\Roaming\Search Protection\SearchProtection.EXE
19:13:29.0428 0x0fcc SearchProtection - ok
19:13:29.0490 0x0fcc [ BF08674925F151BD4537B89A493E3E0C, 6A97562E998A2B90649FF7986313AD33823053FF98BBE163AD39AAA5E01FC545 ] C:\Windows\ehome\ehTray.exe
19:13:29.0537 0x0fcc ehTray.exe - ok
19:13:29.0537 0x0fcc Waiting for KSN requests completion. In queue: 21
19:13:30.0567 0x0fcc Win FW state via NFP2: enabled
19:13:30.0739 0x0fcc ============================================================
19:13:30.0739 0x0fcc Scan finished
19:13:30.0739 0x0fcc ============================================================
19:13:30.0739 0x0b9c Detected object count: 0
19:13:30.0739 0x0b9c Actual detected object count: 0
19:15:04.0999 0x0ae4 Deinitialize success
Hi Holsten87,
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye2_zpse2245433.png.html) Disable FireFox plug-in
At the top of the Firefox window, click on the Firefox button (Tools menu in Windows XP), and then click Add-ons. The Add-ons Manager tab will open.
In the Add-ons Manager tab, select the Extensions or Appearance panel.
Select the add-on you wish to disable.
2YourFace
Click the Disable button.
Click Restart now if it pops up. Your tabs will be saved and restored after the restart.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [uTorrent] => C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe [1329744 2014-07-21] (BitTorrent Inc.)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [SearchProtection] => C:\Users\Holly Chapman\AppData\Roaming\Search Protection\SearchProtection.EXE [873832 2014-07-17] (Spigot, Inc.)
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - {C0197584-7E91-4454-8177-07E01E8098A6} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4d4acdad&v=6.11.25.1&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
SearchScopes: HKCU - {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKCU - {E72EEF90-4393-4B8E-9DCF-9FDFDB659A30} URL = http://internetsearchservice.com/search?q={searchTerms}
BHO: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO: No Name -> {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - No File
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MBAEA6744-D857-4CE3-8A2A-712EF60CAE3F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP7D9A60B4-EE90-48AB-ABC1-F7FAB62519F6
FF Extension: 2YourFace - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\support@2yourface.com [2011-08-15]
CHR Extension: (AVG Safe Search) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2011-07-10]
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Reboot
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) AdwCleaner v3: Scan & Clean (http://www.bleepingcomputer.com/download/adwcleaner/)
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Click on the Scan button.
AdwCleaner will begin to scan your computer like it did before.
After the scan has finished...
Click on the Clean button.
Press OK when asked to close all programs and follow the onscreen prompts.
Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
After rebooting, a log file report (AdwCleaner[S0].txt) will open automatically.
Copy and paste the contents of that log file in your next reply.
A copy of that log file will also be saved in the C:\AdwCleaner folder.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Junkware Removal Tool
Download Junkware Removal Tool (http://thisisudax.org/downloads/JRT.exe) to your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Shut down your protection software now to avoid potential conflicts.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Re-run Farbar Recovery Scan Tool it should be on your desktop.
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
When the tool opens click Yes to disclaimer.
Press Scan button.
It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
=========================
In your next post please provide the following:
Fixlog.txt
AdwCleaner[S0].txt
JRT.txt
New FRST.txt
Holsten87
2014-07-26, 17:06
Hi OCD,
I couldn't find 2yourface on the addons list, I did a search for it as well but no luck. Shall I continue with the other steps in your previous post?
Hi Holsten87,
Yes, please do. :bigthumb:
Holsten87
2014-07-27, 13:19
Hi OCD,
I've run the scans and have noticed an increase in speed on Mozilla which is nice. Here are the logs:
Fixlog:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:25-07-2014
Ran by Holly Chapman at 2014-07-27 11:40:26 Run:1
Running from C:\Users\Holly Chapman\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
HKLM\...\InprocServer32: [Default-wbemess] ATTENTION! ====> ZeroAccess?
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [uTorrent] => C:\Users\Holly Chapman\AppData\Roaming\uTorrent\uTorrent.exe [1329744 2014-07-21] (BitTorrent Inc.)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [SearchProtection] => C:\Users\Holly Chapman\AppData\Roaming\Search Protection\SearchProtection.EXE [873832 2014-07-17] (Spigot, Inc.)
URLSearchHook: HKCU - (No Name) - {A3BC75A2-1F87-4686-AA43-5347D756017C} - No File
SearchScopes: HKLM - DefaultScope {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKLM - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
SearchScopes: HKCU - {afdbddaa-5d3f-42ee-b79c-185a7020515b} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT2786678
SearchScopes: HKCU - {C0197584-7E91-4454-8177-07E01E8098A6} URL = http://de.search.yahoo.com/search?p={searchTerms}&fr=vc_trans_8140&type=horus
SearchScopes: HKCU - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} URL = http://search.avg.com/route/?d=4d4acdad&v=6.11.25.1&i=26&tp=chrome&q={searchTerms}&lng={language}&iy=&ychte=us
SearchScopes: HKCU - {DCDBBF03-BC10-457D-911F-EFB0321D22BE} URL = ${SRCH_SCP_URL}
SearchScopes: HKCU - {E72EEF90-4393-4B8E-9DCF-9FDFDB659A30} URL = http://internetsearchservice.com/search?q={searchTerms}
BHO: No Name -> {A3BC75A2-1F87-4686-AA43-5347D756017C} -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO: No Name -> {FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C} -> No File
Toolbar: HKLM - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {CCC7A320-B3CA-4199-B1A6-9F516DD69829} - No File
Toolbar: HKCU - No Name - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No File
Handler: avgsecuritytoolbar - {F2DDE6B2-9684-4A55-86D4-E255E237B77C} - No File
FF NewTab: hxxp://search.conduit.com/?gd=&ctid=CT3324790&octid=EB_ORIGINAL_CTID&ISID=MBAEA6744-D857-4CE3-8A2A-712EF60CAE3F&SearchSource=69&CUI=&SSPV=&Lay=1&UM=5&UP=SP7D9A60B4-EE90-48AB-ABC1-F7FAB62519F6
FF Extension: 2YourFace - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\support@2yourface.com [2011-08-15]
CHR Extension: (AVG Safe Search) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla [2011-07-10]
*****************
HKLM\Software\Classes\CLSID\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InprocServer32\\Default => Value was restored successfully.
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value deleted successfully.
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\Software\Microsoft\Windows\CurrentVersion\Run\\SearchProtection => value deleted successfully.
HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks\\{A3BC75A2-1F87-4686-AA43-5347D756017C} => value deleted successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
"HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key deleted successfully.
"HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key deleted successfully.
"HKCR\CLSID\{afdbddaa-5d3f-42ee-b79c-185a7020515b}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{C0197584-7E91-4454-8177-07E01E8098A6}" => Key deleted successfully.
"HKCR\CLSID\{C0197584-7E91-4454-8177-07E01E8098A6}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key deleted successfully.
"HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{DCDBBF03-BC10-457D-911F-EFB0321D22BE}" => Key deleted successfully.
"HKCR\CLSID\{DCDBBF03-BC10-457D-911F-EFB0321D22BE}" => Key not found.
"HKCU\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{E72EEF90-4393-4B8E-9DCF-9FDFDB659A30}" => Key deleted successfully.
"HKCR\CLSID\{E72EEF90-4393-4B8E-9DCF-9FDFDB659A30}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{A3BC75A2-1F87-4686-AA43-5347D756017C}" => Key deleted successfully.
"HKCR\CLSID\{A3BC75A2-1F87-4686-AA43-5347D756017C}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key deleted successfully.
"HKCR\CLSID\{DBC80044-A445-435b-BC74-9C25C1C588A9}" => Key not found.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}" => Key deleted successfully.
"HKCR\CLSID\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}" => Key not found.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value deleted successfully.
"HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{CCC7A320-B3CA-4199-B1A6-9F516DD69829} => value deleted successfully.
"HKCR\CLSID\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}" => Key not found.
HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{21FA44EF-376D-4D53-9B0F-8A89D3229068} => value deleted successfully.
"HKCR\CLSID\{21FA44EF-376D-4D53-9B0F-8A89D3229068}" => Key not found.
"HKCR\PROTOCOLS\Handler\avgsecuritytoolbar" => Key deleted successfully.
"HKCR\CLSID\{F2DDE6B2-9684-4A55-86D4-E255E237B77C}" => Key not found.
Firefox newtab deleted successfully.
C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\support@2yourface.com => Moved successfully.
C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla => Moved successfully.
==== End of Fixlog ====
ADW Cleaner:
# AdwCleaner v3.216 - Report created 27/07/2014 at 11:53:12
# Updated 17/07/2014 by Xplode
# Operating System : Windows Vista (TM) Home Premium Service Pack 1 (32 bits)
# Username : Holly Chapman - THE-BEAST
# Running from : C:\Users\Holly Chapman\Downloads\AdwCleaner.exe
# Option : Clean
***** [ Services ] *****
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\apn
Folder Deleted : C:\ProgramData\AVG Security Toolbar
Folder Deleted : C:\ProgramData\Premium
Folder Deleted : C:\ProgramData\Tarma Installer
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Uniblue
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Widestream6
Folder Deleted : C:\Program Files\002
Folder Deleted : C:\Program Files\1ClickDownload
Folder Deleted : C:\Program Files\Mobogenie
Folder Deleted : C:\Program Files\MyPC Backup
Folder Deleted : C:\Program Files\Softonic
Folder Deleted : C:\Program Files\Uniblue
Folder Deleted : C:\Program Files\widestream
Folder Deleted : C:\Program Files\Widestream6
Folder Deleted : C:\Program Files\uTorrentBar
Folder Deleted : C:\Program Files\Common Files\Software Update Utility
[x] Not Deleted : C:\Users\Holly Chapman\AppData\Local\AVG Security Toolbar
Folder Deleted : C:\Users\Holly Chapman\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Holly Chapman\AppData\Local\OpenCandy
Folder Deleted : C:\Users\Holly Chapman\AppData\LocalLow\Conduit
Folder Deleted : C:\Users\Holly Chapman\AppData\LocalLow\PriceGong
Folder Deleted : C:\Users\Holly Chapman\AppData\LocalLow\uTorrentBar
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\DriverCure
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\OfferBox
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Search Protection
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Uniblue
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\widestream
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Windows Net Data
Folder Deleted : C:\Users\Holly Chapman\Documents\Mobogenie
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Conduit
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\ConduitCommon
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\WinampToolbarData
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\vniiz455.default-1362613817493\Extensions\staged\EFGLQA@78ETGYN-0W7FN789T87.COM
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\plugin@yontoo.com
Folder Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\Extensions\support@2yourface.com
Folder Deleted : C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\fmlgoencnlndpglbocajlimaikjohmab
Folder Deleted : C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
File Deleted : C:\Users\Holly Chapman\daemonprocess.txt
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnu.dll
File Deleted : C:\Program Files\Mozilla Firefox\plugins\npdnupdater2.dll
File Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\searchplugins\softonic.xml
File Deleted : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\user.js
File Deleted : C:\Windows\Tasks\driverscanner.job
File Deleted : C:\Windows\System32\Tasks\driverscanner
***** [ Shortcuts ] *****
***** [ Registry ] *****
Value Deleted : HKCU\Software\Mozilla\Firefox\Extensions [offerboxffx@offerbox.com]
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\bjeikeheijdjdfjbmknpefojickbkmom
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\lmblfngognklgemafekefcdjcnkdhmdm
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C9A5EA02-0D05-4380-B418-912FAF380D8E}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C9A5EA02-0D05-4380-B418-912FAF380D8E}
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\New Windows\Allow [*.crossrider.com]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [DriverScanner]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\dnu.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escort.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortApp.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escortEng.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\escorTlbr.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\esrv.EXE
Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdate
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUIBrowser.1
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController
Key Deleted : HKLM\SOFTWARE\Classes\dnUpdater.DownloadUpdController.1
Key Deleted : HKLM\SOFTWARE\Classes\driverscanner
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Value Deleted : HKLM\SOFTWARE\mozilla\Firefox\Extensions [crossriderapp435@crossrider.com]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{09C554C3-109B-483C-A06B-F14172F1A947}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{4E1E9D45-8BF9-4139-915C-9F83CC3D5921}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{7ABBFE1C-E485-44AA-8F36-353751B4124D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{B12E99ED-69BD-437C-86BE-C862B9E5444D}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{D7EE8177-D51E-4F89-92B6-83EA2EC40800}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13086CD4-88B6-45E3-9182-3BC2664199F7}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{1FCD7139-C2A3-49AD-8B9E-E82E48AE5DF6}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{319FCB76-1568-4EFA-863B-B03A2B16EB5C}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4796719D-2B92-47BC-920B-77BCDBDBCB6A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{64A66B25-A70F-4373-95EF-3A1DB6040B3A}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6DDA37BA-0553-499A-AE0D-BEBA67204548}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{6FC5F7E0-D65A-465C-B8EE-A5F8E008D6DF}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{731D436C-464C-4F29-BFB2-DE9C458535AE}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7C89C8A6-991C-4626-9E26-B12EB4D89C04}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{EEF00686-CAB8-4885-9CCB-78FF483041AA}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FDA55C78-736E-4E8A-996C-4A80FC0396FB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{087CDC12-0A11-4D1D-8DCF-44185D7C3496}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{088BF3A9-6AE8-47B9-A3FB-26262F236C79}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2AC7B9EB-3881-4EB9-8DEE-0A731A309FDE}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{349C0469-ACDD-49DF-9B3E-0D82E7C7DC4D}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{41226591-6F7A-4082-B63A-67FE4A0CF7A6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{55D69CD1-6715-4C40-BF05-9519AC4DC6E6}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6427058B-217C-4C7F-A6CE-C7934C0BDCEB}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6612AFDD-34AD-4B89-A236-7E6D07C3FDCD}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66C8FD57-54C4-4D4F-BC95-DCCC763B410A}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{717BAE33-7061-4279-8AE5-6C13BC8AF3F9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{84F06F7A-F811-48D7-8B34-3F4145183D8F}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{88F6D55F-AA3F-4003-BE69-4AC1998D6492}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{8DBCDED5-08AD-41A2-9BBC-235D84F4FE06}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{A0F66203-1A86-4812-9603-A57E09A4D7A3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{BC39D1B3-4471-41C1-AACA-E097FAF4B7AA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DEB85542-1311-4EC6-8A32-5372EB27FC94}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{25CEE8EC-5730-41BC-8B58-22DDC8AB8C20}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{EBF2BA02-9094-4C5A-858B-BB198F3D8DE2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FC0D62C2-9640-4AEB-A5D5-CF25DF11FA8C}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{37F4A335-D085-423E-A425-0370799166FB}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{4250488A-CB24-0893-C066-B1AEA57BCFF2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{9CF034EA-7B46-48D3-8895-8A14B32AE445}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{90B1E92A-ED89-4748-930C-CDF66EA0238A}
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}
Key Deleted : HKCU\Software\Offerbox
Key Deleted : HKCU\Software\Uniblue
Key Deleted : HKCU\Software\WideStream
Key Deleted : HKCU\Software\YahooPartnerToolbar
Key Deleted : HKCU\Software\AppDataLow\Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\AVG Security Toolbar
Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\Search Protection
Key Deleted : HKCU\Software\AppDataLow\Software\uTorrentBar
Key Deleted : HKLM\Software\AVG Security Toolbar
Key Deleted : HKLM\Software\Conduit
Key Deleted : HKLM\Software\GoforFiles
Key Deleted : HKLM\Software\LevelQualityWatcher
Key Deleted : HKLM\Software\Tarma Installer
Key Deleted : HKLM\Software\Uniblue
Key Deleted : HKLM\Software\WideStream
Key Deleted : HKLM\Software\uTorrentBar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Search Protection
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{835525BE-63BD-4EC4-9425-00CEAD4849C2}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Crossrider
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\VIS
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\uTorrentBar Toolbar
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{2C8574B5-6935-4FCE-860E-F4E8602378FF}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{835525BE-63BD-4EC4-9425-00CEAD4849C2}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{C2F8CA82-2BD9-4513-B2D1-08A47914C1DA}_is1
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\Crossrider
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\SoftwareUpdUtility
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\VIS
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\App Management\ARPCache\uTorrentBar Toolbar
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\48A0552292E14244E8F3980FD3D01541
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\503398D5204CBDD48A5EE476D0CFCFEC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\5BDF578D2C71DDC4997692F83B0A5C75
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\67909B00FA069BE4E80548738FE558FB
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\698B1BCDAEA97B945AE4001A96F1E755
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7E6611210321F8640B41F98B10A8BD0A
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\88ADFBDCA3E069A47B07ECC2CED1E2B2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9ED6CAB2F119182EB7D8CE7156DC0915
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A3D6A80A87E22324A91C14AEBDF78525
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B2F30BE10C5A9DD43A593262265CA298
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\EB525538DB364CE4495200ECDA84942C
Key Deleted : HKLM\Software\Classes\Installer\Features\EB525538DB364CE4495200ECDA84942C
Key Deleted : HKLM\Software\Classes\Installer\Products\EB525538DB364CE4495200ECDA84942C
***** [ Browsers ] *****
-\\ Internet Explorer v7.0.6001.18470
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\AboutURls [Tabs]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Search [SearchAssistant]
-\\ Mozilla Firefox v18.0 (en-US)
[ File : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\prefs.js ]
Line Deleted : user_pref("extensions.Softonic.admin", false);
Line Deleted : user_pref("extensions.Softonic.aflt", "SD");
Line Deleted : user_pref("extensions.Softonic.appId", "{7ABBFE1C-E485-44AA-8F36-353751B4124D}");
Line Deleted : user_pref("extensions.Softonic.autoRvrt", "false");
Line Deleted : user_pref("extensions.Softonic.dfltLng", "");
Line Deleted : user_pref("extensions.Softonic.dfltSrch", true);
Line Deleted : user_pref("extensions.Softonic.dnsErr", true);
Line Deleted : user_pref("extensions.Softonic.excTlbr", false);
Line Deleted : user_pref("extensions.Softonic.ffxUnstlRst", false);
Line Deleted : user_pref("extensions.Softonic.hmpg", true);
Line Deleted : user_pref("extensions.Softonic.hmpgUrl", "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=13&cc=&mi=74965616000000000000001cbf915686&toi=16085");
Line Deleted : user_pref("extensions.Softonic.hpOld0", "hxxp://en-GB.start3.mozilla.com/firefox?client=firefox-a&rls=org.mozilla:en-GB:official");
Line Deleted : user_pref("extensions.Softonic.id", "74965616000000000000001cbf915686");
Line Deleted : user_pref("extensions.Softonic.instlDay", "16085");
Line Deleted : user_pref("extensions.Softonic.instlRef", "MOY00002");
Line Deleted : user_pref("extensions.Softonic.kw_url", "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=2&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=");
Line Deleted : user_pref("extensions.Softonic.newTab", true);
Line Deleted : user_pref("extensions.Softonic.newTabUrl", "hxxp://search.softonic.com/MOY00002/tb_v1/?SearchSource=15&cc=&mi=74965616000000000000001cbf915686&toi=16085");
Line Deleted : user_pref("extensions.Softonic.prdct", "Softonic");
Line Deleted : user_pref("extensions.Softonic.prtnrId", "softonic");
Line Deleted : user_pref("extensions.Softonic.rvrt", "false");
Line Deleted : user_pref("extensions.Softonic.smplGrp", "none");
Line Deleted : user_pref("extensions.Softonic.srchPrvdr", "Search the web (Softonic)");
Line Deleted : user_pref("extensions.Softonic.tlbrId", "2013desingbrand");
Line Deleted : user_pref("extensions.Softonic.tlbrSrchUrl", "hxxp://search.softonic.com/MOY00002/tb_v1?SearchSource=1&cc=&mi=74965616000000000000001cbf915686&toi=16085&q=");
Line Deleted : user_pref("extensions.Softonic.vrsn", "1.8.29.3");
Line Deleted : user_pref("extensions.Softonic.vrsnTs", "1.8.29.320:41:43");
Line Deleted : user_pref("extensions.Softonic.vrsni", "1.8.29.3");
[ File : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\extensions\prefs.js ]
[ File : C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\vniiz455.default-1362613817493\prefs.js ]
-\\ Google Chrome v
[ File : C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=74965616000000000000001cbf915686&toi=16085
Deleted [Search Provider] : hxxp://uk.ask.com/web?q={searchTerms}
*************************
AdwCleaner[R0].txt - [19368 octets] - [27/07/2014 11:51:03]
AdwCleaner[S0].txt - [19199 octets] - [27/07/2014 11:53:12]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19260 octets] ##########
JRT:
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows Vista (TM) Home Premium x86
Ran by Holly Chapman on 27/07/2014 at 12:01:07.62
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\veohplugin
~~~ Registry Keys
~~~ Files
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\codeccheck"
Successfully deleted: [Folder] "C:\Users\Holly Chapman\appdata\locallow\boost_interprocess"
Successfully deleted: [Folder] "C:\Program Files\crossriderwebapps"
~~~ FireFox
Emptied folder: C:\Users\Holly Chapman\AppData\Roaming\mozilla\firefox\profiles\7lqvfta1.default\minidumps [213 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 27/07/2014 at 12:03:41.61
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:25-07-2014
Ran by Holly Chapman (administrator) on THE-BEAST on 27-07-2014 12:05:26
Running from C:\Users\Holly Chapman\Desktop
Platform: Windows Vista (TM) Home Premium Service Pack 1 (X86) OS Language: English (United States)
Internet Explorer Version 7
Boot Mode: Normal
The only official download link for FRST:
Download link for 32-Bit version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/81/
Download link for 64-Bit Version: http://www.bleepingcomputer.com/download/farbar-recovery-scan-tool/dl/82/
Download link from any site other than Bleeping Computer is unpermitted or outdated.
See tutorial for FRST: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Microsoft Corporation) C:\Windows\System32\SLsvc.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgwdsvc.exe
(Microsoft Corporation.) C:\Program Files\Microsoft\BingBar\BBSvc.EXE
(Microsoft Corporation) C:\Program Files\Microsoft\BingBar\SeaPort.EXE
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Microsoft Corporation) C:\Windows\ehome\ehrecvr.exe
(Microsoft Corporation) C:\Windows\ehome\ehsched.exe
(iolo technologies, LLC) C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe
(Eastman Kodak Company) C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe
(IDT, Inc.) C:\Windows\System32\stacsv.exe
(Conexant Systems, Inc.) C:\Windows\System32\drivers\XAudio.exe
(iolo technologies, LLC) C:\Program Files\iolo\System Mechanic\ioloGovernor.exe
(RealNetworks, Inc.) C:\Program Files\Common Files\Real\Update_OB\realsched.exe
(Synaptics, Inc.) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatchTray9.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(CyberLink Corp.) C:\Program Files\Dell\MediaDirect\PCMService.exe
(Creative Technology Ltd.) C:\Windows\OEM02Mon.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgtray.exe
(Microsoft Corporation) C:\Windows\ehome\ehtray.exe
(Avanquest Software ) C:\Program Files\Digital Line Detect\DLG.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
() C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSMonitor.exe
(Sonic Solutions) C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\CPSHelpRunner.exe
(Microsoft Corporation) C:\Windows\System32\wuauclt.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgscanx.exe
(AVG Technologies CZ, s.r.o.) C:\Program Files\AVG\AVG10\avgcsrvx.exe
==================== Registry (Whitelisted) ==================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Policies\Explorer: [NoCDBurning] 0
HKU\.DEFAULT\...\Run: [msnmsgr] => C:\Program Files\Windows Live\Messenger\msnmsgr.exe [3872080 2010-04-16] (Microsoft Corporation)
HKU\S-1-5-19\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-20\...\Run: [WindowsWelcomeCenter] => rundll32.exe oobefldr.dll,ShowWelcomeCenter
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [Xvid] => C:\Program Files\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [125952 2008-01-18] (Microsoft Corporation)
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideLegacyLogonScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideLogoffScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [RunLogonScriptSync] 1
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [RunStartupScriptSync] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\Policies\system: [HideStartupScripts] 0
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {1e30d2f0-96c3-11dd-83db-001e4cdc4ef0} - F:\setupSNK.exe
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {bea08218-13f7-11df-a7dd-001e4cdc4ef0} - G:\LaunchU3.exe -a
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {c03f2a25-14b1-11df-bab4-001e4cdc4ef0} - wd_windows_tools\setup.exe
HKU\S-1-5-21-1025113376-2626304966-3518894149-1000\...\MountPoints2: {cbf9d7f6-b1bb-11dd-9902-001e4cdc4ef0} - F:\setupSNK.exe
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Digital Line Detect.lnk
ShortcutTarget: Digital Line Detect.lnk -> C:\Program Files\Digital Line Detect\DLG.exe (Avanquest Software )
Startup: C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\ERUNT AutoBackup.lnk
ShortcutTarget: ERUNT AutoBackup.lnk -> C:\Program Files\ERUNT\AUTOBACK.EXE ()
BootExecute:
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://uk.search.yahoo.com/?type=282369&fr=spigot-yhp-ie
HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://www.microsoft.com/isapi/redir.dll?prd=ie&ar=iesearch
HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
HKCU\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.google.co.uk/ig/dell?hl=en&client=dell-usuk&channel=uk&ibd=2080117
SearchScopes: HKLM - DefaultScope value is missing.
SearchScopes: HKCU - {105E99FF-8B9A-4492-B155-06194B9056D2} URL = http://www.bing.com/search?FORM=IEFM1&q={searchTerms}&src={referrer:source?}
SearchScopes: HKCU - {FD36FFE4-BFE5-485E-8954-BF293DDC790E} URL = https://uk.search.yahoo.com/search?fr=chr-greentree_ie&ei=utf-8&ilc=12&type=282369&p={searchTerms}
BHO: Adobe PDF Reader Link Helper -> {06849E9F-C8D7-4D59-B87D-784B7D6BE0B3} -> C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelper.dll (Adobe Systems Incorporated)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> c:\Program Files\Java\jre1.6.0\bin\ssv.dll (Sun Microsystems, Inc.)
BHO: Bing Bar Helper -> {d2ce3e00-f94a-4740-988e-03dc2f38c34f} -> C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
Toolbar: HKLM - Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - C:\Program Files\Microsoft\BingBar\BingExt.dll (Microsoft Corporation.)
DPF: {67DABFBF-D0AB-41FA-9C46-CC0F21721616} http://download.divx.com/player/DivXBrowserPlugin.cab
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/ultrashim.cab
DPF: {CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0-windows-i586.cab
Handler: linkscanner - {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG10\avgpp.dll (AVG Technologies CZ, s.r.o.)
Handler: livecall - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - C:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll (Microsoft Corporation)
Handler: msnim - {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8117.0416.dll (Microsoft Corporation)
Handler: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\skypeieplugin.dll (Skype Technologies S.A.)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Common Files\Skype\Skype4COM.dll (Skype Technologies)
Filter: application/x-internet-signup - {A173B69A-1F9B-4823-9FDA-412F641E65D6} - C:\Program Files\Tiscali\Tiscali Internet\dlls\tiscalifilter.dll ()
Winsock: Catalog5 05 C:\Program Files\Bonjour\mdnsNSP.dll [147456] (Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
FireFox:
========
FF ProfilePath: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default
FF Keyword.URL: https://uk.search.yahoo.com/search?fr=greentree_ff1&ei=utf-8&ilc=12&type=282369&p=
FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF32_14_0_0_145.dll ()
FF Plugin: @adobe.com/ShockwavePlayer - C:\Windows\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin: @divx.com/DivX Browser Plugin,version=1.0.0 - C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF Plugin: @divx.com/DivX VOD Helper,version=1.0.0 - C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF Plugin: @java.com/DTPlugin,version=10.45.2 - C:\Program Files\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
FF Plugin: @microsoft.com/WPF,version=3.5 - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF Plugin: @real.com/nppl3260;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprjplug;version=1.0.3.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF Plugin: @real.com/nprpjplug;version=6.0.12.46 - C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin: @veoh.com/VeohTVPlugin - C:\Program Files\Veoh Networks\VeohWebPlayer\NPVeohTVPlugin.dll (Veoh Networks )
FF Plugin: @veoh.com/VeohWebPlayer - C:\Program Files\Veoh Networks\VeohWebPlayer\npWebPlayerVideoPluginATL.dll (Veoh)
FF Plugin: @videolan.org/vlc,version=2.1.2 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 - C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np-mswmp.dll (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\np32dsw.dll (Adobe Systems, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npDivxPlayerPlugin.dll (DivX, Inc)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\NPOFFICE.DLL (Microsoft Corporation)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nppl3260.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF Plugin ProgramFiles/Appdata: C:\Program Files\mozilla firefox\plugins\npwachk.dll (Nullsoft, Inc.)
FF SearchPlugin: C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\searchplugins\yahoo_ff.xml
FF Extension: No Name - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\extensions [2011-08-15]
FF Extension: No Name - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\profiles\extensions\searchplugins [2014-07-21]
FF Extension: Zotero Word for Windows Integration - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\zoteroWinWordIntegration@zotero.org [2014-04-30]
FF Extension: Ghostery - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\firefox@ghostery.com.xpi [2013-08-18]
FF Extension: MEGA - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\firefox@mega.co.nz.xpi [2013-12-29]
FF Extension: Zotero - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\zotero@chnm.gmu.edu.xpi [2013-08-12]
FF Extension: Adblock Plus - C:\Users\Holly Chapman\AppData\Roaming\Mozilla\Firefox\Profiles\7lqvfta1.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2013-08-06]
FF Extension: No Name - C:\Program Files\Mozilla Firefox\extensions\sotfone-tracker@sotfone.ru [2013-11-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-07]
FF Extension: Skype Click to Call - C:\Program Files\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A} [2013-11-07]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: Microsoft .NET Framework Assistant - C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2009-09-03]
FF HKLM\...\Firefox\Extensions: [{1E73965B-8B48-48be-9C8D-68B920ABC1C4}] - C:\Program Files\AVG\AVG10\Firefox4
FF Extension: AVG Safe Search - C:\Program Files\AVG\AVG10\Firefox4 [2011-07-07]
FF HKLM\...\Firefox\Extensions: [{23fcfd51-4958-4f00-80a3-ae97e717ed8b}] - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5
FF Extension: DivX Plus Web Player HTML5 <video> - C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2012-06-04]
FF HKCU\...\Firefox\Extensions: [web@veoh.com] - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder
FF Extension: Veoh Web Player Video Finder - C:\Program Files\Veoh Networks\VeohWebPlayer\FFVideoFinder [2008-11-26]
Chrome:
=======
CHR HomePage:
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: http://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=74965616000000000000001cbf915686&toi=16085
CHR Extension: (Codec-V) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\jpnbdefcbnoefmmcpelplabbkfmfhlho [2012-03-24]
CHR Extension: (DivX Plus Web Player HTML5 video) - C:\Users\Holly Chapman\AppData\Local\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm [2011-01-24]
CHR HKLM\...\Chrome\Extension: [nneajnkjbffgblleaoojgaacokifdkhm] - C:\Program Files\DivX\DivX Plus Web Player\chrome\DivXHTML5\DivXHTML5.crx [2011-12-12]
========================== Services (Whitelisted) =================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
S2 AVGIDSAgent; C:\Program Files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe [7391072 2012-01-31] (AVG Technologies CZ, s.r.o.)
R2 avgwd; C:\Program Files\AVG\AVG10\avgwdsvc.exe [269520 2011-02-08] (AVG Technologies CZ, s.r.o.)
R2 Bonjour Service; C:\Program Files\Bonjour\mDNSResponder.exe [229376 2007-07-24] (Apple Inc.) [File not signed]
S3 IDriverT; C:\Program Files\Common Files\InstallShield\Driver\1050\Intel 32\IDriverT.exe [73728 2004-10-22] (Macrovision Corporation) [File not signed]
R2 ioloSystemService; C:\Program Files\iolo\Common\Lib\ioloServiceManager.exe [1168960 2013-12-03] (iolo technologies, LLC)
R2 Kodak AiO Network Discovery Service; C:\Program Files\Kodak\AiO\Center\EKAiOHostService.exe [395200 2012-10-19] (Eastman Kodak Company)
R2 Kodak AiO Status Monitor Service; C:\Program Files\Kodak\AiO\StatusMonitor\EKPrinterSDK.exe [779200 2012-10-15] (Eastman Kodak Company)
S3 RoxMediaDB9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxMediaDB9.exe [880640 2006-11-05] (Sonic Solutions) [File not signed]
S2 RoxWatch9; C:\Program Files\Common Files\Roxio Shared\9.0\SharedCOM\RoxWatch9.exe [159744 2006-11-05] (Sonic Solutions) [File not signed]
S4 Skype C2C Service; C:\ProgramData\Skype\Toolbars\Skype C2C Service\c2c_service.exe [3291008 2013-08-14] (Skype Technologies S.A.)
S4 stllssvr; C:\Program Files\Common Files\SureThing Shared\stllssvr.exe [73728 2006-09-14] (MicroVision Development, Inc.) [File not signed]
==================== Drivers (Whitelisted) ====================
(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)
R3 AVGIDSDriver; C:\Windows\System32\DRIVERS\AVGIDSDriver.Sys [134480 2011-05-27] (AVG Technologies CZ, s.r.o. )
R0 AVGIDSEH; C:\Windows\System32\DRIVERS\AVGIDSEH.Sys [22992 2011-02-22] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSFilter; C:\Windows\System32\DRIVERS\AVGIDSFilter.Sys [24144 2011-02-10] (AVG Technologies CZ, s.r.o. )
R3 AVGIDSShim; C:\Windows\System32\DRIVERS\AVGIDSShim.Sys [28624 2011-02-10] (AVG Technologies CZ, s.r.o. )
R1 Avgldx86; C:\Windows\System32\DRIVERS\avgldx86.sys [255968 2012-11-12] (AVG Technologies CZ, s.r.o.)
R1 Avgmfx86; C:\Windows\System32\DRIVERS\avgmfx86.sys [34896 2011-03-01] (AVG Technologies CZ, s.r.o.)
R0 Avgrkx86; C:\Windows\System32\DRIVERS\avgrkx86.sys [32592 2011-03-16] (AVG Technologies CZ, s.r.o.)
R1 Avgtdix; C:\Windows\System32\DRIVERS\avgtdix.sys [297168 2011-04-05] (AVG Technologies CZ, s.r.o.)
R1 ElRawDisk; C:\Windows\system32\drivers\ElRawDsk.sys [26248 2013-03-18] (EldoS Corporation)
R3 OXSDIDRV_x32; C:\Windows\System32\DRIVERS\OXSDIDRV_x32.sys [52656 2009-09-28] ()
S3 OXUDIDRV; C:\Windows\system32\Drivers\OXUDIDRV_X32.sys [24880 2010-05-25] ()
R2 PDFsFilter; C:\Windows\System32\DRIVERS\PDFsFilter.sys [68464 2013-03-18] (Raxco Software, Inc.)
U5 AppMgmt; C:\Windows\system32\svchost.exe [21504 2008-01-18] (Microsoft Corporation)
S4 blbdrive; \SystemRoot\system32\drivers\blbdrive.sys [X]
S3 catchme; \??\C:\ComboFix\catchme.sys [X]
S3 IpInIp; system32\DRIVERS\ipinip.sys [X]
S3 mcdbus; system32\DRIVERS\mcdbus.sys [X]
S3 NwlnkFlt; system32\DRIVERS\nwlnkflt.sys [X]
S3 NwlnkFwd; system32\DRIVERS\nwlnkfwd.sys [X]
S3 uafilter; System32\DRIVERS\uafilter.sys [X]
S3 USBAAPL; System32\Drivers\usbaapl.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)
==================== One Month Created Files and Folders ========
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-27 12:03 - 2014-07-27 12:03 - 00001125 _____ () C:\Users\Holly Chapman\Desktop\JRT.txt
2014-07-27 12:01 - 2014-07-27 12:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-27 11:58 - 2014-07-27 11:59 - 01016261 _____ (Thisisu) C:\Users\Holly Chapman\Downloads\JRT.exe
2014-07-27 11:56 - 2014-07-27 11:56 - 00019341 _____ () C:\Users\Holly Chapman\Desktop\AdwCleaner[S0].txt
2014-07-27 11:51 - 2010-08-30 08:34 - 00536576 _____ (SQLite Development Team) C:\Windows\system32\sqlite3.dll
2014-07-27 11:50 - 2014-07-27 11:53 - 00000000 ____D () C:\AdwCleaner
2014-07-27 11:50 - 2014-07-27 11:50 - 01354223 _____ () C:\Users\Holly Chapman\Downloads\AdwCleaner.exe
2014-07-27 11:39 - 2014-07-27 11:39 - 00000000 ____D () C:\Users\Holly Chapman\Desktop\FRST-OlderVersion
2014-07-24 19:01 - 2014-07-24 19:01 - 04161313 _____ () C:\Users\Holly Chapman\Downloads\tdsskiller.zip
2014-07-24 19:01 - 2014-07-10 12:38 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Holly Chapman\Desktop\TDSSKiller.exe
2014-07-23 22:16 - 2014-07-27 12:05 - 00018642 _____ () C:\Users\Holly Chapman\Desktop\FRST.txt
2014-07-23 22:14 - 2014-07-27 11:39 - 01084416 _____ (Farbar) C:\Users\Holly Chapman\Desktop\FRST.exe
2014-07-22 21:17 - 2014-07-22 21:17 - 00854390 _____ () C:\Users\Holly Chapman\Downloads\SecurityCheck.exe
2014-07-22 17:39 - 2014-07-22 18:00 - 00000000 ____D () C:\Windows\pss
2014-07-20 16:32 - 2014-07-20 16:38 - 365230920 _____ (Microsoft Corporation) C:\Users\Holly Chapman\Downloads\Windows6.0-KB948465-X86.exe
2014-07-15 17:21 - 2014-07-15 17:21 - 00000000 ____D () C:\ProgramData\Auslogics
2014-07-15 17:20 - 2014-07-15 17:20 - 00000924 _____ () C:\Users\Holly Chapman\Desktop\Auslogics DiskDefrag.lnk
2014-07-15 17:20 - 2014-07-15 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-15 17:20 - 2014-07-15 17:20 - 00000000 ____D () C:\Program Files\Auslogics
2014-07-06 10:38 - 2014-07-06 10:38 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-THE-BEAST--(32-bit).dat
2014-07-06 10:36 - 2014-07-06 10:36 - 00000000 ____D () C:\RegBackup
2014-07-06 10:34 - 2014-07-12 13:15 - 00001914 _____ () C:\Users\Holly Chapman\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-07-06 10:34 - 2014-07-06 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-06 10:33 - 2014-07-06 10:33 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-06-28 20:39 - 2014-06-28 20:43 - 00000000 ____D () C:\b8b2c6ec9b2f9a90d7
2014-06-27 19:50 - 2014-07-27 12:05 - 00000000 ____D () C:\FRST
==================== One Month Modified Files and Folders =======
(If an entry is included in the fixlist, the file\folder will be moved.)
2014-07-27 12:06 - 2014-07-23 22:16 - 00018642 _____ () C:\Users\Holly Chapman\Desktop\FRST.txt
2014-07-27 12:05 - 2014-06-27 19:50 - 00000000 ____D () C:\FRST
2014-07-27 12:03 - 2014-07-27 12:03 - 00001125 _____ () C:\Users\Holly Chapman\Desktop\JRT.txt
2014-07-27 12:02 - 2008-01-16 23:18 - 01851550 _____ () C:\Windows\WindowsUpdate.log
2014-07-27 12:01 - 2014-07-27 12:01 - 00000000 ____D () C:\Windows\ERUNT
2014-07-27 11:59 - 2014-07-27 11:58 - 01016261 _____ (Thisisu) C:\Users\Holly Chapman\Downloads\JRT.exe
2014-07-27 11:56 - 2014-07-27 11:56 - 00019341 _____ () C:\Users\Holly Chapman\Desktop\AdwCleaner[S0].txt
2014-07-27 11:55 - 2013-01-16 18:12 - 00000000 ____D () C:\ProgramData\Kodak
2014-07-27 11:55 - 2008-01-16 23:54 - 00144048 _____ () C:\Windows\PFRO.log
2014-07-27 11:55 - 2006-11-02 14:01 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2014-07-27 11:55 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
2014-07-27 11:55 - 2006-11-02 13:47 - 00003568 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
2014-07-27 11:55 - 2006-11-02 13:37 - 00000000 ___RD () C:\Users\Public\Recorded TV
2014-07-27 11:54 - 2008-01-16 23:19 - 00000012 _____ () C:\Windows\bthservsdp.dat
2014-07-27 11:54 - 2006-11-02 14:01 - 00032644 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2014-07-27 11:53 - 2014-07-27 11:50 - 00000000 ____D () C:\AdwCleaner
2014-07-27 11:53 - 2008-01-21 12:31 - 00000000 ____D () C:\Users\Holly Chapman
2014-07-27 11:50 - 2014-07-27 11:50 - 01354223 _____ () C:\Users\Holly Chapman\Downloads\AdwCleaner.exe
2014-07-27 11:39 - 2014-07-27 11:39 - 00000000 ____D () C:\Users\Holly Chapman\Desktop\FRST-OlderVersion
2014-07-27 11:39 - 2014-07-23 22:14 - 01084416 _____ (Farbar) C:\Users\Holly Chapman\Desktop\FRST.exe
2014-07-27 11:34 - 2013-08-04 19:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\uTorrent
2014-07-27 11:32 - 2012-04-30 19:04 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2014-07-27 11:32 - 2011-02-03 16:40 - 00000000 ____D () C:\Windows\system32\Drivers\AVG
2014-07-24 22:35 - 2009-03-16 21:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\vlc
2014-07-24 19:01 - 2014-07-24 19:01 - 04161313 _____ () C:\Users\Holly Chapman\Downloads\tdsskiller.zip
2014-07-23 16:58 - 2012-04-26 19:09 - 00000000 ____D () C:\Program Files\Mozilla Maintenance Service
2014-07-22 22:36 - 2013-11-07 11:06 - 00000000 ____D () C:\Program Files\Mozilla Firefox
2014-07-22 21:17 - 2014-07-22 21:17 - 00854390 _____ () C:\Users\Holly Chapman\Downloads\SecurityCheck.exe
2014-07-22 18:00 - 2014-07-22 17:39 - 00000000 ____D () C:\Windows\pss
2014-07-21 18:13 - 2013-09-05 14:21 - 00000788 _____ () C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
2014-07-20 17:53 - 2010-12-04 12:27 - 00000490 ____H () C:\Windows\Tasks\Norton Security Scan for Holly Chapman.job
2014-07-20 16:38 - 2014-07-20 16:32 - 365230920 _____ (Microsoft Corporation) C:\Users\Holly Chapman\Downloads\Windows6.0-KB948465-X86.exe
2014-07-20 16:33 - 2013-10-26 18:06 - 00000000 ____D () C:\Users\Holly Chapman\Desktop\Philosophy
2014-07-15 17:21 - 2014-07-15 17:21 - 00000000 ____D () C:\ProgramData\Auslogics
2014-07-15 17:20 - 2014-07-15 17:20 - 00000924 _____ () C:\Users\Holly Chapman\Desktop\Auslogics DiskDefrag.lnk
2014-07-15 17:20 - 2014-07-15 17:20 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Auslogics
2014-07-15 17:20 - 2014-07-15 17:20 - 00000000 ____D () C:\Program Files\Auslogics
2014-07-12 14:09 - 2011-01-07 14:02 - 00000000 ____D () C:\Program Files\Malwarebytes' Anti-Malware
2014-07-12 13:15 - 2014-07-06 10:34 - 00001914 _____ () C:\Users\Holly Chapman\Desktop\Tweaking.com - Windows Repair (All in One).lnk
2014-07-10 16:31 - 2012-04-30 19:04 - 00699056 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2014-07-10 16:31 - 2011-12-13 19:31 - 00071344 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2014-07-10 16:05 - 2008-01-21 12:40 - 00000000 ____D () C:\Program Files\Windows Live
2014-07-10 12:38 - 2014-07-24 19:01 - 04181856 _____ (Kaspersky Lab ZAO) C:\Users\Holly Chapman\Desktop\TDSSKiller.exe
2014-07-07 19:31 - 2006-11-02 11:23 - 00000240 _____ () C:\Windows\win.ini
2014-07-07 19:28 - 2013-02-18 21:07 - 00000000 ___RD () C:\Program Files\Skype
2014-07-07 19:28 - 2013-02-18 21:07 - 00000000 ____D () C:\ProgramData\Skype
2014-07-07 19:23 - 2006-11-02 13:42 - 00000000 ____D () C:\Windows\WindowsMobile
2014-07-06 18:59 - 2011-06-29 19:30 - 00000000 ____D () C:\a29765fcbd92a1918a2ed2
2014-07-06 12:44 - 2008-01-21 12:32 - 00085416 _____ () C:\Users\Holly Chapman\AppData\Local\GDIPFONTCACHEV1.DAT
2014-07-06 11:17 - 2006-11-02 13:47 - 00332584 _____ () C:\Windows\system32\FNTCACHE.DAT
2014-07-06 11:08 - 2006-11-02 11:33 - 00707392 _____ () C:\Windows\system32\PerfStringBackup.INI
2014-07-06 10:38 - 2014-07-06 10:38 - 00000207 _____ () C:\Windows\tweaking.com-regbackup-THE-BEAST--(32-bit).dat
2014-07-06 10:36 - 2014-07-06 10:36 - 00000000 ____D () C:\RegBackup
2014-07-06 10:34 - 2014-07-06 10:34 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Tweaking.com
2014-07-06 10:33 - 2014-07-06 10:33 - 00000000 ____D () C:\Program Files\Tweaking.com
2014-06-28 20:43 - 2014-06-28 20:39 - 00000000 ____D () C:\b8b2c6ec9b2f9a90d7
Some content of TEMP:
====================
C:\Users\Holly Chapman\AppData\Local\Temp\Quarantine.exe
==================== Bamital & volsnap Check =================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2014-07-27 12:03
==================== End Of Log ============================
Hi Holsten87,
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) FRST Fix Script
Open notepad. Please copy the contents of the code box below. To do this highlight the contents of the box and right click on it. Paste this into the open notepad. Save it on the desktop as fixlist.txt
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: http://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=74965616000000000000001cbf915686&toi=16085
2014-07-27 11:34 - 2013-08-04 19:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\uTorrent
2014-07-21 18:13 - 2013-09-05 14:21 - 00000788 _____ () C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
Run FRST and press the Fix button just once and wait.
The tool will make a log (Fixlog.txt) please post it to your reply.
=========================
In your next post please provide the following:
Fixlog.txt
How is the computer running, any remaining issues?
Holsten87
2014-07-28, 19:47
Hi OCD,
Here's the FRST log:
Fix result of Farbar Recovery Tool (FRST written by Farbar) (x86) Version:25-07-2014
Ran by Holly Chapman at 2014-07-28 18:41:37 Run:2
Running from C:\Users\Holly Chapman\Desktop
Boot Mode: Normal
==============================================
Content of fixlist:
*****************
CHR DefaultSearchProvider: Search the web (Softonic)
CHR DefaultSearchURL: http://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=74965616000000000000001cbf915686&toi=16085
2014-07-27 11:34 - 2013-08-04 19:42 - 00000000 ____D () C:\Users\Holly Chapman\AppData\Roaming\uTorrent
2014-07-21 18:13 - 2013-09-05 14:21 - 00000788 _____ () C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk
*****************
CHR DefaultSearchProvider: Search the web (Softonic) ==> The Chrome "Settings" can be used to fix the entry.
CHR DefaultSearchURL: http://search.softonic.com/MOY00002/tb_v1?q={searchTerms}&SearchSource=49&cc=&mi=74965616000000000000001cbf915686&toi=16085 ==> The Chrome "Settings" can be used to fix the entry.
C:\Users\Holly Chapman\AppData\Roaming\uTorrent => Moved successfully.
C:\Users\Holly Chapman\AppData\Roaming\Microsoft\Windows\Start Menu\µTorrent.lnk => Moved successfully.
==== End of Fixlog ====
My laptop is functioning fine, AVG hasn't found any viruses since the 14th, so I'm hoping its sorted, but not sure, just as this virus popped up on one scan, wasn't fixed and then didn't appear on the next one which is odd. But if you are confident that the steps I've done now would have solved the issue then I'm happy.
Hi Holsten87,
After you complete this next step, if you are satisfied with the way your computer is performing we will do a little housekeeping and send you on your way.
Set your default search engine in Chrome
Click the Chrome menu http://i1269.photobucket.com/albums/jj590/OCD-WTT/chromebrowsertoolbar.png on the browser toolbar.
Select Settings
In the "Search" section, select the search engine you want to use from the menu. If the search engine you want to use doesn't appear in the menu, click Manage search engines.
In the Search Engines dialog that appears, select the search engine that you'd like to use from the list.
Click the Make Default button that appears in the row.
If the search engine you want to use isn't on this list, you can first add it as a new search engine option. (http://support.google.com/chrome/bin/answer.py?answer=95653)
If the "Make Default" button doesn't appear for the search engine you've selected, you may need to edit its URL (http://support.google.com/chrome/bin/answer.py?answer=95653&expand=sc1).
Holsten87
2014-07-31, 21:07
Hi OCD,
I don't use Chrome, just Mozilla. My default is google and I'm happy with that.
Hi Holsten87,
I don't use Chrome, just Mozilla. My default is google and I'm happy with that.
Even though you don't use Google Chrome those entries are still there and should be changed.
Google Chrome is a browser
Mozilla Firefox is also a browser
Google is a search engine
It is your option to make the outlined changes (or not), I just thought I would clarify the point.
Let me know when you are ready to proceed.
Holsten87
2014-08-01, 22:44
Hi OCD,
I'm happy to make any changes you suggest but I don't have Chrome installed, so I'm unsure as to where these entries are coming from. I've searched through add/remove programs to be sure and it doesn't appear on my list.
I have opened 'Manage Search Engines' on Mozilla (from the drop down list to the left of the search field) and have selected Google and deleted all other search engine options. I could not find a 'set default' option here and also looked for it in tools->options and I have not found it.
Please let me know if there is anything else I should try.
Hi Holsten87,
I don't have Chrome installed
OK. If it's not installed then we can't make changes to it's setting, so we can continue. :bigthumb:
And your Mozilla sounds like it's set properly.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) Malwarebytes' Anti-Malware
Download Malwarebytes' Anti-Malware (http://www.malwarebytes.org/mbam-download.php) (save it to your desktop).
Windows XP : Double click on the icon to run it.
Windows Vista, Windows 7 & 8 : Right click and select "Run as Administrator"
Select Scan tab.
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMDashboard_zpsddef9b5f.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMDashboard_zpsddef9b5f.gif.html)
Select type of scan to perform:
http://i1269.photobucket.com/albums/jj590/OCD-WTT/MBAMScanTab_zps2c5e74bd.gif (http://s1269.photobucket.com/user/OCD-WTT/media/MBAMScanTab_zps2c5e74bd.gif.html)
Threat Scan < --- Select this type of scan
Custom Scan
Hyper Scan
Next click the Scan button.
When the scan is complete, if no malicious items are found you can close the program.
If malicious items are found be sure that everything is checked, and click Quarantine .
When completed, a log will open in Notepad. Please save it to a convenient location and post the results.
Note: If you receive a notice that some of the items couldn't be removed, that they have been added to the delete on reboot list, please reboot.
=========================
http://i1269.photobucket.com/albums/jj590/OCD-WTT/bullseye_zpse9eaf36e.gif (http://s1269.photobucket.com/user/OCD-WTT/media/bullseye_zpse9eaf36e.gif.html) ESET Online Scanner
*Note:
It is recommended to disable on-board antivirus program and anti-spyware programs while performing scans so there are no conflicts and it will speed up scan time.
Please don't go surfing while your resident protection is disabled!
Once the scan is finished remember to re-enable your antivirus along with your anti-spyware programs.
** You need to run your browser with Administrator Rights, to do so right click your browsers short cut and select "Run as Administrator".
= = = = = = = = = = = = = = = = = = = =
Go here to run ESET Online Scanner (http://www.eset.eu/online-scanner)
(Note: You can use Internet Explorer or FireFox for this scan. If you use FireFox you will be asked to install an additional component. Please allow this.)
Tick the box next to YES, I accept the Terms of Use.
Click Start
When asked, allow the activex control to install
Disable your Antivirus software. You can usually do this with its Notification Tray icon near the clock
Click Start
Make sure that the option "Remove found threats" is Checked, and the option "Scan unwanted applications" is Checked.
Click Scan.
Wait for the scan to finish.
When the scan completes, click List of found threats
click Export to Text file and save the file to your desktop using a unique name, such as ESETScan.
Include the contents of this report in your next reply
Note - when ESET doesn't find any threats, no report will be created.
Push the back button.
Push Finish
Re-enable your Antivirus software.
=========================
In your next post please provide the following:
MBAM log
ESET's log.txt
How's the computer running, any symptoms?
Hi Holsten87,
Just checking in to see if you still need help?
This thread has been closed due to inactivity. If it has been three days or more since your last post it will not be re-opened.
If you still require help, please start a new topic and include fresh DDS and aswMBR logs, along with a link to your previous thread.
Please do not add any logs that might have been requested previously, you would be starting fresh.
Applies only to the original poster, anyone else with similar problems please start your own topic.
------------------------------------------------
Admin Edit
Page six. Thank you OCD. :)