Rogue Sites after Clicking on links in google search

dpchristi · November 18, 2013

I ran antimalewarebytes and it cleaned an infection I had with a Trojan I had, but now when I click on links in my google search it takes me to rogue web sites. I downloaded the program dds.com and tried to run it, but get an error message stating "prev.dat has stopped working." Help please.

Peggy

Maniac · November 18, 2013

Hello Peggy! My name is Borislav and I will be glad to help you solve your malware problem.

Please note:

If you are a paying customer, you have the privilege to contact the help desk at Consumer Support. If you choose this option to get help, please let me know.
I recommend you to keep the instructions I will be giving you so that they are available to you at any time. You can save them in a text file or print them.
Make sure you read all of the instructions and fixes thoroughly before continuing with them.
Follow my instructions strictly and don’t hesitate to stop and ask me if you have any questions.
Post your log files, don't attach them. Every log file should be copy/pasted in your next reply.
Do not perform any kind of scanning and fixing without my instructions. If you want to proceed on your own, please let me know.

Download OTL to your Desktop

Double click on the icon to run it. Make sure all other windows are closed and to let it run uninterrupted.
Please tick the Scan All users. Next, click the Quick Scan button. The scan wont take long.
- When the scan completes, it will open two notepad windows. OTL.Txt and Extras.Txt. These are saved in the same location as OTL.
- Please copy (Edit->Select All, Edit->Copy) the contents of these files, one at a time and post them in your topic.

dpchristi · November 18, 2013

I can't download OTL. I turned off my virus software and still couldn't download it.

dpchristi · November 18, 2013

OTL logfile created on: 11/18/2013 1:13:14 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peggy\Desktop

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.91 Gb Total Physical Memory | 5.71 Gb Available Physical Memory | 72.14% Memory free

15.83 Gb Paging File | 13.68 Gb Available in Paging File | 86.46% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 913.66 Gb Total Space | 822.44 Gb Free Space | 90.02% Space Free | Partition Type: NTFS

Drive F: | 298.02 Gb Total Space | 93.18 Gb Free Space | 31.27% Space Free | Partition Type: FAT32

Computer Name: PEGGY-DELL | User Name: Peggy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - File not found --

PRC - [2013/11/18 13:11:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peggy\Desktop\OTL (1).exe

PRC - [2013/11/08 00:43:01 | 000,166,352 | ---- | M] (APN LLC.) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe

PRC - [2013/11/08 00:42:52 | 001,707,472 | ---- | M] (APN) -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe

PRC - [2013/09/19 07:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

PRC - [2013/09/15 14:34:06 | 000,059,720 | ---- | M] (Apple Inc.) -- F:\iTunes\ApplePhotoStreams.exe

PRC - [2013/09/14 03:38:54 | 000,059,720 | ---- | M] (Apple Inc.) -- F:\iTunes\iCloudServices.exe

PRC - [2013/05/11 02:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

PRC - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

PRC - [2011/03/08 23:00:00 | 000,856,064 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe

PRC - [2011/03/08 23:00:00 | 000,495,616 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe

PRC - [2010/10/12 12:56:40 | 000,979,328 | ---- | M] (SEIKO EPSON CORPORATION) -- C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe

PRC - [2009/11/25 17:13:24 | 000,939,272 | ---- | M] (ABBYY) -- C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe

PRC - [2009/05/14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

PRC - [2007/02/04 11:02:14 | 000,079,400 | ---- | M] (Nuance Communications, Inc.) -- C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpWareSE4.exe

PRC - [2006/12/22 06:31:50 | 000,108,712 | ---- | M] () -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

PRC - [2006/12/22 06:29:56 | 000,067,752 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe

========== Modules (No Company Name) ==========

MOD - [2013/11/17 15:17:34 | 000,209,920 | ---- | M] () -- C:\Windows\SysWOW64\ctfmicpl.dll

MOD - [2013/09/14 01:51:02 | 000,087,952 | ---- | M] () -- F:\iTunes\zlib1.dll

MOD - [2013/09/14 01:50:36 | 001,242,952 | ---- | M] () -- F:\iTunes\libxml2.dll

MOD - [2012/02/20 20:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll

MOD - [2012/02/20 20:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll

MOD - [2009/07/13 17:15:45 | 000,364,544 | ---- | M] () -- C:\Windows\SysWOW64\msjetoledb40.dll

========== Services (SafeList) ==========

SRV:64bit: - [2013/11/18 09:58:22 | 000,111,616 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\IEEtwCollector.exe -- (IEEtwCollectorService)

SRV:64bit: - [2013/09/24 20:25:24 | 000,182,752 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Windows\SysNative\mfevtps.exe -- (mfevtp)

SRV:64bit: - [2013/09/24 20:21:16 | 000,219,272 | ---- | M] () [Auto | Running] -- C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe -- (mfefire)

SRV:64bit: - [2013/09/24 16:07:30 | 000,178,048 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\McAfee\MSC\McAPExe.exe -- (McAPExe)

SRV:64bit: - [2013/09/20 09:46:36 | 001,017,016 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe -- (mfecore)

SRV:64bit: - [2013/08/02 17:52:58 | 000,602,944 | ---- | M] (McAfee, Inc.) [On_Demand | Stopped] -- C:\Program Files\McAfee\VirusScan\mcods.exe -- (McODS)

SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (MSK80Service)

SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McProxy)

SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (mcpltsvc)

SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McNaiAnn)

SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (McMPFSvc)

SRV:64bit: - [2013/07/30 11:45:02 | 000,328,928 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe -- (HomeNetSvc)

SRV:64bit: - [2013/05/26 21:50:47 | 001,011,712 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)

SRV:64bit: - [2012/10/08 17:39:16 | 000,230,416 | ---- | M] (Nitro PDF Software) [Auto | Running] -- C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe -- (NitroReaderDriverReadSpool3)

SRV:64bit: - [2012/08/31 12:20:06 | 000,201,304 | ---- | M] (McAfee, Inc.) [Auto | Running] -- C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe -- (McAfee SiteAdvisor Service)

SRV:64bit: - [2011/06/09 12:01:00 | 000,555,392 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe -- (EpsonCustomerParticipation)

SRV:64bit: - [2011/04/24 10:00:00 | 000,136,576 | ---- | M] (SEIKO EPSON CORPORATION) [Auto | Running] -- C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE -- (EPSON_PM_RPCV4_05)

SRV:64bit: - [2010/09/22 15:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)

SRV:64bit: - [2009/07/13 17:40:01 | 000,193,536 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\SysNative\appmgmts.dll -- (AppMgmt)

SRV - [2013/11/15 06:54:08 | 000,257,416 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)

SRV - [2013/11/08 00:43:01 | 000,166,352 | ---- | M] (APN LLC.) [Auto | Running] -- C:\Program Files (x86)\AskPartnerNetwork\Toolbar\apnmcp.exe -- (APNMCP)

SRV - [2013/09/30 07:59:32 | 000,013,720 | ---- | M] (Citrix Online, a division of Citrix Systems, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe -- (GoToAssist)

SRV - [2013/09/19 07:46:58 | 000,250,200 | ---- | M] (Garmin Ltd or its subsidiaries) [Auto | Running] -- C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe -- (Garmin Core Update Service)

SRV - [2013/08/21 13:43:00 | 000,117,656 | ---- | M] (Mozilla Foundation) [On_Demand | Stopped] -- C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe -- (MozillaMaintenance)

SRV - [2013/05/11 02:37:26 | 000,065,640 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)

SRV - [2012/12/14 01:42:10 | 000,277,616 | ---- | M] (Intel Corporation) [On_Demand | Stopped] -- C:\Windows\SysWOW64\IntelCpHeciSvc.exe -- (cphs)

SRV - [2012/08/23 12:37:16 | 000,013,672 | ---- | M] (Intuit Inc.) [Auto | Running] -- C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe -- (IntuitUpdateServiceV4)

SRV - [2012/07/13 12:28:36 | 000,160,944 | R--- | M] (Skype Technologies) [Auto | Stopped] -- C:\Program Files (x86)\Skype\Updater\Updater.exe -- (SkypeUpdate)

SRV - [2010/10/12 09:59:12 | 000,206,072 | ---- | M] (WildTangent, Inc.) [On_Demand | Stopped] -- C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe -- (GamesAppService)

SRV - [2010/03/18 13:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)

SRV - [2009/06/10 13:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)

SRV - [2009/05/14 16:07:14 | 000,759,048 | ---- | M] (ABBYY) [Auto | Running] -- C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe -- (ABBYY.Licensing.FineReader.Sprint.9.0)

SRV - [2008/08/13 23:25:24 | 000,367,088 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe -- (Roxio Upnp Server 11)

SRV - [2008/08/13 23:25:20 | 000,313,840 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe -- (Roxio UPnP Renderer 11)

SRV - [2008/08/13 23:24:06 | 000,309,744 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe -- (RoxLiveShare11)

SRV - [2008/08/13 23:24:02 | 000,170,480 | ---- | M] (Sonic Solutions) [Auto | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe -- (RoxWatch11)

SRV - [2008/08/13 23:23:42 | 001,124,848 | ---- | M] (Sonic Solutions) [On_Demand | Stopped] -- C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe -- (RoxMediaDB11)

SRV - [2006/12/22 06:31:50 | 000,108,712 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe -- (AdobeActiveFileMonitor5.0)

========== Driver Services (SafeList) ==========

DRV:64bit: - [2013/11/17 17:30:14 | 000,036,680 | ---- | M] () [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mbamchameleon.sys -- (mbamchameleon)

DRV:64bit: - [2013/09/24 20:29:46 | 000,070,112 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\cfwids.sys -- (cfwids)

DRV:64bit: - [2013/09/24 20:25:40 | 000,343,568 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfewfpk.sys -- (mfewfpk)

DRV:64bit: - [2013/09/24 20:22:48 | 000,781,312 | ---- | M] (McAfee, Inc.) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\mfehidk.sys -- (mfehidk)

DRV:64bit: - [2013/09/24 20:21:32 | 000,519,192 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfefirek.sys -- (mfefirek)

DRV:64bit: - [2013/09/24 20:20:28 | 000,310,224 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeavfk.sys -- (mfeavfk)

DRV:64bit: - [2013/09/24 20:19:56 | 000,179,664 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfeapfk.sys -- (mfeapfk)

DRV:64bit: - [2013/09/23 13:49:22 | 000,197,704 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HipShieldK.sys -- (HipShieldK)

DRV:64bit: - [2013/09/20 09:38:14 | 000,095,984 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\mfencrk.sys -- (mfencrk)

DRV:64bit: - [2013/09/20 09:37:56 | 000,390,552 | ---- | M] (McAfee, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\mfencbdc.sys -- (mfencbdc)

DRV:64bit: - [2012/12/14 01:42:22 | 005,353,888 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)

DRV:64bit: - [2012/12/13 12:50:36 | 000,054,784 | ---- | M] (Apple, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\usbaapl64.sys -- (USBAAPL64)

DRV:64bit: - [2012/08/23 06:10:20 | 000,019,456 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\rdpvideominiport.sys -- (RdpVideoMiniport)

DRV:64bit: - [2012/08/23 06:08:26 | 000,030,208 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)

DRV:64bit: - [2012/08/23 06:07:35 | 000,057,856 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)

DRV:64bit: - [2012/08/21 12:01:20 | 000,033,240 | ---- | M] (GEAR Software Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\GEARAspiWDM.sys -- (GEARAspiWDM)

DRV:64bit: - [2012/05/25 11:27:47 | 000,360,832 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcvmm.sys -- (vpcvmm)

DRV:64bit: - [2012/05/25 11:27:44 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\vpcnfltr.sys -- (vpcnfltr)

DRV:64bit: - [2012/05/25 11:27:41 | 000,194,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpchbus.sys -- (vpcbus)

DRV:64bit: - [2012/05/25 11:27:41 | 000,095,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\vpcusb.sys -- (vpcusb)

DRV:64bit: - [2012/05/25 11:27:31 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)

DRV:64bit: - [2012/05/25 11:27:31 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)

DRV:64bit: - [2012/02/29 22:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)

DRV:64bit: - [2011/08/02 15:38:44 | 000,022,528 | ---- | M] (Apple Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netaapl64.sys -- (Netaapl)

DRV:64bit: - [2011/06/10 14:34:52 | 000,539,240 | ---- | M] (Realtek ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\Rt64win7.sys -- (RTL8167)

DRV:64bit: - [2011/03/10 15:27:32 | 001,576,576 | ---- | M] (Conexant Systems Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\CHDRT64.sys -- (CnxtHdAudService)

DRV:64bit: - [2010/11/20 19:23:48 | 000,168,448 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\netvsc60.sys -- (netvsc)

DRV:64bit: - [2010/11/20 19:23:48 | 000,071,168 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\dmvsc.sys -- (dmvsc)

DRV:64bit: - [2010/11/20 19:23:48 | 000,022,528 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\VMBusVideoM.sys -- (SynthVid)

DRV:64bit: - [2010/11/20 19:23:47 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)

DRV:64bit: - [2010/10/19 16:34:26 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)

DRV:64bit: - [2010/10/15 00:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)

DRV:64bit: - [2010/03/19 00:00:00 | 000,055,856 | ---- | M] (Sonic Solutions) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\PxHlpa64.sys -- (PxHlpa64)

DRV:64bit: - [2009/07/13 17:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)

DRV:64bit: - [2009/07/13 17:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)

DRV:64bit: - [2009/07/13 17:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)

DRV:64bit: - [2009/06/10 12:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)

DRV:64bit: - [2009/06/10 12:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)

DRV:64bit: - [2009/06/10 12:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)

DRV:64bit: - [2009/06/10 12:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)

DRV:64bit: - [2006/11/01 01:51:00 | 000,151,656 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)

DRV - [2009/07/13 17:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)

DRV - [2008/08/11 09:53:16 | 000,065,520 | ---- | M] (Sonic Solutions) [File_System | System | Stopped] -- C:\Windows\SysWOW64\drivers\RxFilter.sys -- (RxFilter)

========== Standard Registry (SafeList) ==========

========== Internet Explorer ==========

IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {F1A98A2C-350F-471A-9D79-43D7809142A8}

IE:64bit: - HKLM\..\SearchScopes\{F1A98A2C-350F-471A-9D79-43D7809142A8}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox

IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm

IE - HKLM\..\SearchScopes,DefaultScope = {F1A98A2C-350F-471A-9D79-43D7809142A8}

IE - HKLM\..\SearchScopes\{F1A98A2C-350F-471A-9D79-43D7809142A8}: "URL" = http://www.bing.com/search?q={searchTerms}&form=DLCDF8&pc=MDDR&src=IE-SearchBox

IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://google.ca/ [binary data]

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://hp-desktop.aol.com/

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://www.msn.com/

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-US

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 9D F5 D4 22 7A E4 CE 01 [binary data]

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\..\SearchScopes,DefaultScope = {80DF3CC0-C934-4F4F-9267-8D1912E054EF}

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\..\SearchScopes\{80DF3CC0-C934-4F4F-9267-8D1912E054EF}: "URL" = http://www.google.com/search?q={searchTerms}&sourceid=ie7&rls=com.microsoft:{language}:{referrer:source}&ie={inputEncoding?}&oe={outputEncoding?}

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.defaultenginename: "Secure Search"

FF - prefs.js..browser.search.order.1: "Secure Search"

FF - prefs.js..browser.search.selectedEngine: "Secure Search"

FF - prefs.js..browser.startup.homepage: "GOOGLE.COM"

FF - prefs.js..extensions.enabledAddons: %7B4ED1F68A-5463-4931-9384-8FFF5ED91D92%7D:3.6.3

FF - prefs.js..extensions.enabledAddons: %7B972ce4c6-7e08-4474-a285-3208198ce6fd%7D:23.0.1

FF - prefs.js..keyword.URL: "http://search.yahoo.com/search?fr=mcafee&p="

FF - prefs.js..network.proxy.no_proxies_on: "*.local"

FF - prefs.js..network.proxy.type: 0

FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_9_900_117.dll File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~1\mcafee\msc\NPMCSN~1.DLL ()

FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_9_900_117.dll ()

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found

FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()

FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.45.2: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)

FF - HKLM\Software\MozillaPlugins\@mcafee.com/MSC,version=10: c:\PROGRA~2\mcafee\msc\NPMCSN~1.DLL ()

FF - HKLM\Software\MozillaPlugins\@mcafee.com/SAFFPlugin: C:\Program Files (x86)\McAfee\SiteAdvisor\npmcffplg32.dll (McAfee, Inc.)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found

FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files (x86)\Microsoft Silverlight\5.1.20913.0\npctrl.dll ( Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3555.0308: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)

FF - HKLM\Software\MozillaPlugins\@nitropdf.com/NitroPDF: C:\Program Files (x86)\Nitro\Reader 3\npnitromozilla.dll (Nitro PDF)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files (x86)\Google\Update\1.3.21.165\npGoogleUpdate3.dll (Google Inc.)

FF - HKLM\Software\MozillaPlugins\@WildTangent.com/GamesAppPresenceDetector,Version=1.0: C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll ()

FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)

FF - HKCU\Software\MozillaPlugins\amazon.com/AmazonMP3DownloaderPlugin: C:\Program Files (x86)\Amazon\MP3 Downloader\npAmazonMP3DownloaderPlugin101721.dll (Amazon.com, Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{4ED1F68A-5463-4931-9384-8FFF5ED91D92}: C:\Program Files (x86)\McAfee\SiteAdvisor [2013/10/17 05:42:32 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Components: C:\Program Files (x86)\Mozilla Firefox\components [2013/08/21 13:42:45 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 23.0.1\extensions\\Plugins: C:\Program Files (x86)\Mozilla Firefox\plugins [2013/10/10 05:43:37 | 000,000,000 | ---D | M]

FF - HKEY_LOCAL_MACHINE\software\mozilla\Thunderbird\Extensions\\msktbird@mcafee.com: C:\Program Files\McAfee\MSK [2013/11/09 10:14:59 | 000,000,000 | ---D | M]

[2012/06/04 10:53:56 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peggy\AppData\Roaming\Mozilla\Extensions

[2013/09/30 06:36:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\x65kwfgz.default\extensions

[2013/08/21 13:42:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\extensions

[2013/08/21 13:42:45 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions

[2013/08/21 13:43:01 | 000,000,000 | ---D | M] (Default) -- C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

[2013/10/17 05:42:32 | 000,000,000 | ---D | M] (McAfee SiteAdvisor) -- C:\PROGRAM FILES (X86)\MCAFEE\SITEADVISOR

[2012/12/12 12:54:30 | 000,466,944 | ---- | M] (Catalina Marketing Corporation) -- C:\Program Files (x86)\mozilla firefox\plugins\NPcol400.dll

[2011/03/18 10:32:12 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npCouponPrinter.dll

[2011/03/18 10:32:14 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files (x86)\mozilla firefox\plugins\npMozCouponPrinter.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)

CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:originalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:bookmarkBarPinned}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:omniboxStartMarginParameter}ie={inputEncoding}

CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}{google:pageClassification}sugkey={google:suggestAPIKeyParameter},

CHR - Extension: Google Docs = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake\0.5_0\

CHR - Extension: Google Drive = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0\

CHR - Extension: YouTube = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0\

CHR - Extension: Google Search = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0\

CHR - Extension: SiteAdvisor = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fheoggkfdfchfphceeifdbepaooicaho\3.6.3.1271_1\

CHR - Extension: PhotoLive - Download Facebook Photos! = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\fpjnpabklnaaifclgealaepelncljadk\3.0.1_0\

CHR - Extension: Google Wallet = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.5.0_0\

CHR - Extension: Cute Christmas Pixel Snowflakes = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\onchgdodaomcncmlbkinhjcbamcpdche\1.1_0\

CHR - Extension: Gmail = C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1\

O1 HOSTS File: ([2013/11/18 11:49:07 | 000,000,797 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts

O2:64bit: - BHO: (Avery Toolbar) - {41565256-3700-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport_x64.dll (APN LLC.)

O2:64bit: - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.

O2 - BHO: (Avery Toolbar) - {41565256-3700-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport.dll (APN LLC.)

O2 - BHO: (Java Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)

O2 - BHO: (McAfee SiteAdvisor BHO) - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)

O3:64bit: - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O3:64bit: - HKLM\..\Toolbar: (Avery Toolbar) - {41565256-3700-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport_x64.dll (APN LLC.)

O3:64bit: - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O3 - HKLM\..\Toolbar: (McAfee SiteAdvisor Toolbar) - {0EBBBE48-BAD4-4B4C-8E5A-516ABECAE064} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O3 - HKLM\..\Toolbar: (Avery Toolbar) - {41565256-3700-A76A-76A7-7A786E7484D7} - C:\Program Files (x86)\AskPartnerNetwork\Toolbar\AVRV7\Passport.dll (APN LLC.)

O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.

O4:64bit: - HKLM..\Run: [CanonSolutionMenu] C:\Program Files (x86)\Canon\SolutionMenu\CNSLMAIN.exe (CANON INC.)

O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [igfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)

O4:64bit: - HKLM..\Run: [WrtMon.exe] C:\Windows\SysNative\spool\drivers\x64\3\WrtMon.exe ()

O4 - HKLM..\Run: [Adobe Photo Downloader] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe (Adobe Systems Incorporated)

O4 - HKLM..\Run: [ApnTBMon] C:\Program Files (x86)\AskPartnerNetwork\Toolbar\Updater\TBNotifier.exe (APN)

O4 - HKLM..\Run: [APSDaemon] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)

O4 - HKLM..\Run: [EEventManager] C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [FUFAXRCV] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [FUFAXSTM] C:\Program Files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe (SEIKO EPSON CORPORATION)

O4 - HKLM..\Run: [LTCM Client] C:\Program Files (x86)\LTCM Client\ltcmClient.exe (Leader Technologies Inc.)

O4 - HKLM..\Run: [mcpltui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [mcui_exe] C:\Program Files\McAfee.com\Agent\mcagent.exe (McAfee, Inc.)

O4 - HKLM..\Run: [OpwareSE4] C:\Program Files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe (Nuance Communications, Inc.)

O4 - HKU\S-1-5-19..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-20..\Run: [sidebar] C:\Program Files (x86)\Windows Sidebar\Sidebar.exe (Microsoft Corporation)

O4 - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000..\Run: [ABBYY Screenshot Reader Bonus] "C:\Program Files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" -autorun File not found

O4 - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000..\Run: [ApplePhotoStreams] F:\iTunes\ApplePhotoStreams.exe (Apple Inc.)

O4 - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000..\Run: [GarminExpressTrayApp] C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe (Garmin Ltd or its subsidiaries)

O4 - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000..\Run: [iCloudServices] F:\iTunes\iCloudServices.exe (Apple Inc.)

O4 - HKU\S-1-5-19..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O4 - HKU\S-1-5-20..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe File not found

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktop = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoActiveDesktopChanges = 1

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoControlPanel = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableLUA = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: EnableVirtualization = 0

O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0

O7 - HKU\S-1-5-21-2821558841-1065553334-1953474543-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145

O10:64bit: - NameSpace_Catalog5\Catalog_Entries64\000000000007 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)

O10 - NameSpace_Catalog5\Catalog_Entries\000000000007 [] - C:\Program Files (x86)\Bonjour\mdnsNSP.dll (Apple Inc.)

O1364bit: - gopher Prefix: missing

O13 - gopher Prefix: missing

O16 - DPF: {02BCC737-B171-4746-94C9-0D8A0B2C0089} http://office.microsoft.com/_layouts/ClientBin/ieawsdc32.cab (Microsoft Office Template and Media Control)

O16 - DPF: Garmin Communicator Plug-In https://static.garmincdn.com/gcp/ie/4.0.4.0/GarminAxControl_32.CAB (Reg Error: Key error.)

O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{07F993A8-9E20-43D6-8FDD-E32E2247AFDA}: DhcpNameServer = 192.168.0.1

O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{7EF54516-A5E2-4E15-A142-30133B286090}: DhcpNameServer = 172.26.38.1 172.26.38.2

O18:64bit: - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\grooveLocalGWS - No CLSID value found

O18:64bit: - Protocol\Handler\livecall - No CLSID value found

O18:64bit: - Protocol\Handler\ms-help - No CLSID value found

O18:64bit: - Protocol\Handler\msnim - No CLSID value found

O18:64bit: - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\x64\McIEPlg.dll (McAfee, Inc.)

O18:64bit: - Protocol\Handler\skype4com - No CLSID value found

O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found

O18:64bit: - Protocol\Handler\wlpg - No CLSID value found

O18 - Protocol\Handler\dssrequest {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\sacore {5513F07E-936B-4E52-9B00-067394E91CC5} - c:\Program Files (x86)\McAfee\SiteAdvisor\McIEPlg.dll (McAfee, Inc.)

O18 - Protocol\Handler\skype4com {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)

O18:64bit: - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files\McAfee\MSC\McSnIePl64.dll (McAfee, Inc.)

O18 - Protocol\Filter\application/x-mfe-ipt {3EF5086B-5478-4598-A054-786C45D75692} - c:\Program Files (x86)\McAfee\MSC\McSnIePl.dll (McAfee, Inc.)

O20:64bit: - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)

O20:64bit: - HKLM Winlogon: UserInit - (C:\ProgramData\3p66vnlp\3p66vnlp.exe -sm) - File not found

O20 - HKLM Winlogon: Shell - (explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)

O20 - HKLM Winlogon: UserInit - (userinit.exe) - C:\Windows\SysWow64\userinit.exe (Microsoft Corporation)

O20:64bit: - Winlogon\Notify\GoToAssist: DllName - (C:\Program Files (x86)\Citrix\GoToAssist\896\G2AWinLogon_x64.dll) - C:\Program Files (x86)\Citrix\GoToAssist\896\g2awinlogon_x64.dll (Citrix Online, a division of Citrix Systems, Inc.)

O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)

O21:64bit: - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.

O32 - HKLM CDRom: AutoRun - 1

O34 - HKLM BootExecute: (autocheck autochk *)

O35:64bit: - HKLM\..comfile [open] -- "%1" %*

O35:64bit: - HKLM\..exefile [open] -- "%1" %*

O35 - HKLM\..comfile [open] -- "%1" %*

O35 - HKLM\..exefile [open] -- "%1" %*

O36 - AppCertDlls: extretup - (C:\Windows\system32\ctfmicpl.dll) - C:\Windows\SysWOW64\ctfmicpl.dll ()

O36 - AppCertDlls: MigArver - (C:\Windows\system32\ctfmicpl64.dll) - File not found

O37:64bit: - HKLM\...com [@ = comfile] -- "%1" %*

O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*

O37 - HKLM\...com [@ = comfile] -- "%1" %*

O37 - HKLM\...exe [@ = exefile] -- "%1" %*

O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)

O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)

O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2013/11/18 13:11:15 | 000,602,112 | ---- | C] (OldTimer Tools) -- C:\Users\Peggy\Desktop\OTL (1).exe

[2013/11/18 13:01:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\McAfee

[2013/11/18 12:24:19 | 004,379,048 | ---- | C] (Piriform Ltd) -- C:\Users\Peggy\ccsetup407.exe

[2013/11/18 11:53:49 | 002,237,968 | ---- | C] (Kaspersky Lab ZAO) -- C:\Users\Peggy\tdsskiller.exe

[2013/11/18 11:09:36 | 000,688,992 | R--- | C] (Swearware) -- C:\Users\Peggy\Desktop\dds.com

[2013/11/17 17:30:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes' Anti-Malware

[2013/11/17 17:30:19 | 000,025,928 | ---- | C] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

[2013/11/17 17:30:19 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Malwarebytes' Anti-Malware

[2013/11/17 15:08:37 | 000,000,000 | ---D | C] -- C:\Users\Peggy\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Antivirus Security Pro

[2013/11/17 15:07:42 | 000,000,000 | ---D | C] -- C:\ProgramData\3p66vnlp

[2013/11/15 06:54:26 | 000,000,000 | ---D | C] -- C:\Program Files\Google

[2013/11/14 22:32:22 | 000,000,000 | ---D | C] -- C:\Users\Peggy\AppData\Local\{1C1238DB-5520-4294-BF04-17F50C31237B}

[2013/11/14 22:27:00 | 000,000,000 | ---D | C] -- C:\Users\Peggy\AppData\Local\{EE65B3D6-A657-4122-85A7-46D8D6A8947E}

[2013/11/14 11:15:39 | 000,000,000 | ---D | C] -- C:\Users\Peggy\Desktop\Black Friday Ads 2013

[2013/11/14 03:01:52 | 000,000,000 | ---D | C] -- C:\ec197903a907dcdbb59f1f6445

[2013/11/09 18:59:56 | 000,000,000 | ---D | C] -- C:\Users\Peggy\Desktop\Deer Hunt 11-13

[2013/11/09 09:13:10 | 000,197,704 | ---- | C] (McAfee, Inc.) -- C:\Windows\SysNative\drivers\HipShieldK.sys

[2013/11/08 07:42:43 | 000,000,000 | ---D | C] -- C:\Users\Peggy\Desktop\Photos

[2013/11/08 07:27:45 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome

[2013/11/08 07:27:11 | 000,000,000 | ---D | C] -- C:\Users\Peggy\AppData\Local\Google

[2013/11/08 07:27:11 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Google

[2013/11/08 07:26:58 | 000,000,000 | ---D | C] -- C:\Users\Peggy\AppData\Local\Deployment

[2013/10/30 13:46:31 | 000,000,000 | ---D | C] -- C:\Users\Peggy\AppData\Local\{411CACE6-6C5B-4DC5-8C33-916410C77147}

[2013/10/30 07:45:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes

[2013/10/30 07:44:42 | 000,000,000 | ---D | C] -- C:\Program Files\iPod

[2013/10/30 07:44:41 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes

[2013/10/30 07:44:41 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\iTunes

[2013/10/30 07:44:41 | 000,000,000 | ---D | C] -- C:\ProgramData\34BE82C4-E596-4e99-A191-52C6199EBF69

[2013/10/28 14:46:56 | 000,000,000 | ---D | C] -- C:\Users\Peggy\AppData\Local\{6E01FB8A-BADB-46D4-B2DB-B68696ADE0AB}

[2013/10/21 06:14:19 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java

[1 C:\Users\Peggy\Documents\*.tmp files -> C:\Users\Peggy\Documents\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2013/11/18 13:11:15 | 000,602,112 | ---- | M] (OldTimer Tools) -- C:\Users\Peggy\Desktop\OTL (1).exe

[2013/11/18 13:04:11 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0

[2013/11/18 13:04:11 | 000,021,312 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0

[2013/11/18 13:01:20 | 000,782,986 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI

[2013/11/18 13:01:20 | 000,664,622 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat

[2013/11/18 13:01:20 | 000,122,480 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat

[2013/11/18 13:01:11 | 000,001,806 | ---- | M] () -- C:\Users\Public\Desktop\McAfee Security Center.lnk

[2013/11/18 12:56:32 | 000,516,640 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/11/18 12:56:22 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/11/18 12:56:05 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat

[2013/11/18 12:55:55 | 2078,769,151 | -HS- | M] () -- C:\hiberfil.sys

[2013/11/18 12:52:06 | 000,117,682 | ---- | M] () -- C:\Users\Peggy\Documents\cc_20131118_125147.reg

[2013/11/18 12:44:01 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job

[2013/11/18 12:37:01 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/11/18 12:24:54 | 000,000,784 | ---- | M] () -- C:\Users\Public\Desktop\CCleaner.lnk

[2013/11/18 12:24:19 | 004,379,048 | ---- | M] (Piriform Ltd) -- C:\Users\Peggy\ccsetup407.exe

[2013/11/18 11:53:50 | 002,237,968 | ---- | M] (Kaspersky Lab ZAO) -- C:\Users\Peggy\tdsskiller.exe

[2013/11/18 11:09:36 | 000,688,992 | R--- | M] (Swearware) -- C:\Users\Peggy\Desktop\dds.com

[2013/11/18 09:58:30 | 000,016,284 | ---- | M] () -- C:\Windows\SysWow64\ieuinit.inf

[2013/11/18 09:58:25 | 000,016,284 | ---- | M] () -- C:\Windows\SysNative\ieuinit.inf

[2013/11/17 17:30:27 | 000,000,958 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/11/17 17:30:14 | 000,036,680 | ---- | M] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys

[2013/11/17 15:17:34 | 000,209,920 | ---- | M] () -- C:\Windows\SysWow64\ctfmicpl.dll

[2013/11/17 15:17:34 | 000,079,872 | ---- | M] () -- C:\Windows\SysNative\ctfmicpl64.dll

[2013/11/14 13:39:44 | 000,002,185 | ---- | M] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013/11/12 11:09:03 | 000,011,883 | ---- | M] () -- C:\Users\Peggy\Desktop\Yarn Hair.jpg

[2013/11/11 12:50:24 | 000,178,289 | ---- | M] () -- C:\Users\Peggy\Desktop\DSC03162.jpg

[2013/11/11 12:48:52 | 000,175,067 | ---- | M] () -- C:\Users\Peggy\Desktop\DSC03159.jpg

[2013/11/09 19:01:36 | 000,210,482 | ---- | M] () -- C:\Users\Peggy\Desktop\IMG_20131108_191217.jpg

[2013/11/08 14:02:26 | 000,002,285 | ---- | M] () -- C:\Users\Peggy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013/11/01 14:08:05 | 000,112,665 | ---- | M] () -- C:\Users\Peggy\Desktop\IMG_9224.JPG

[2013/10/30 07:45:24 | 000,001,785 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/10/24 17:44:34 | 001,671,273 | ---- | M] () -- C:\Users\Peggy\Desktop\12670016.JPG

[2013/10/24 17:44:32 | 001,707,385 | ---- | M] () -- C:\Users\Peggy\Desktop\12670015.JPG

[2013/10/24 17:44:30 | 001,608,825 | ---- | M] () -- C:\Users\Peggy\Desktop\12670014.JPG

[2013/10/24 17:44:28 | 001,803,557 | ---- | M] () -- C:\Users\Peggy\Desktop\12670013.JPG

[2013/10/24 17:44:24 | 001,757,884 | ---- | M] () -- C:\Users\Peggy\Desktop\12670012.JPG

[2013/10/24 17:44:22 | 001,808,226 | ---- | M] () -- C:\Users\Peggy\Desktop\12670011.JPG

[2013/10/24 17:44:18 | 001,858,885 | ---- | M] () -- C:\Users\Peggy\Desktop\12670010.JPG

[2013/10/24 17:44:16 | 002,085,003 | ---- | M] () -- C:\Users\Peggy\Desktop\12670009.JPG

[2013/10/24 17:44:10 | 001,782,545 | ---- | M] () -- C:\Users\Peggy\Desktop\12670008.JPG

[2013/10/24 17:44:08 | 001,725,890 | ---- | M] () -- C:\Users\Peggy\Desktop\12670007.JPG

[2013/10/24 17:44:04 | 001,662,187 | ---- | M] () -- C:\Users\Peggy\Desktop\12670006.JPG

[2013/10/24 17:44:00 | 002,469,925 | ---- | M] () -- C:\Users\Peggy\Desktop\12670005.JPG

[2013/10/24 17:43:54 | 001,636,008 | ---- | M] () -- C:\Users\Peggy\Desktop\12670004.JPG

[2013/10/24 17:43:44 | 001,511,830 | ---- | M] () -- C:\Users\Peggy\Desktop\12670003.JPG

[2013/10/24 17:43:40 | 001,615,054 | ---- | M] () -- C:\Users\Peggy\Desktop\12670002.JPG

[2013/10/24 08:13:01 | 000,055,099 | ---- | M] () -- C:\Users\Peggy\Desktop\sara black's elk 2012.jpg

[1 C:\Users\Peggy\Documents\*.tmp files -> C:\Users\Peggy\Documents\*.tmp -> ]

========== Files Created - No Company Name ==========

[2013/11/18 12:55:58 | 000,516,640 | ---- | C] () -- C:\Windows\SysNative\FNTCACHE.DAT

[2013/11/18 12:51:58 | 000,117,682 | ---- | C] () -- C:\Users\Peggy\Documents\cc_20131118_125147.reg

[2013/11/18 09:58:30 | 000,016,284 | ---- | C] () -- C:\Windows\SysWow64\ieuinit.inf

[2013/11/18 09:58:25 | 000,016,284 | ---- | C] () -- C:\Windows\SysNative\ieuinit.inf

[2013/11/17 17:30:27 | 000,000,958 | ---- | C] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk

[2013/11/17 17:30:14 | 000,036,680 | ---- | C] () -- C:\Windows\SysNative\drivers\mbamchameleon.sys

[2013/11/17 15:17:34 | 000,209,920 | ---- | C] () -- C:\Windows\SysWow64\ctfmicpl.dll

[2013/11/17 15:17:34 | 000,079,872 | ---- | C] () -- C:\Windows\SysNative\ctfmicpl64.dll

[2013/11/12 11:09:22 | 000,011,883 | ---- | C] () -- C:\Users\Peggy\Desktop\Yarn Hair.jpg

[2013/11/11 12:50:24 | 000,178,289 | ---- | C] () -- C:\Users\Peggy\Desktop\DSC03162.jpg

[2013/11/11 12:48:52 | 000,175,067 | ---- | C] () -- C:\Users\Peggy\Desktop\DSC03159.jpg

[2013/11/09 19:01:36 | 000,210,482 | ---- | C] () -- C:\Users\Peggy\Desktop\IMG_20131108_191217.jpg

[2013/11/09 09:12:42 | 000,002,951 | ---- | C] () -- C:\Windows\SysNative\drivers\mfencbdc.inf

[2013/11/09 09:12:42 | 000,002,641 | ---- | C] () -- C:\Windows\SysNative\drivers\mfencrk.inf

[2013/11/08 07:27:45 | 000,002,285 | ---- | C] () -- C:\Users\Peggy\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk

[2013/11/08 07:27:45 | 000,002,185 | ---- | C] () -- C:\Users\Public\Desktop\Google Chrome.lnk

[2013/11/08 07:27:17 | 000,000,896 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

[2013/11/08 07:27:16 | 000,000,892 | ---- | C] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job

[2013/11/01 14:08:05 | 000,112,665 | ---- | C] () -- C:\Users\Peggy\Desktop\IMG_9224.JPG

[2013/10/30 07:45:24 | 000,001,785 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk

[2013/10/25 08:30:23 | 002,469,925 | ---- | C] () -- C:\Users\Peggy\Desktop\12670005.JPG

[2013/10/25 08:30:23 | 002,085,003 | ---- | C] () -- C:\Users\Peggy\Desktop\12670009.JPG

[2013/10/25 08:30:23 | 001,858,885 | ---- | C] () -- C:\Users\Peggy\Desktop\12670010.JPG

[2013/10/25 08:30:23 | 001,808,226 | ---- | C] () -- C:\Users\Peggy\Desktop\12670011.JPG

[2013/10/25 08:30:23 | 001,803,557 | ---- | C] () -- C:\Users\Peggy\Desktop\12670013.JPG

[2013/10/25 08:30:23 | 001,782,545 | ---- | C] () -- C:\Users\Peggy\Desktop\12670008.JPG

[2013/10/25 08:30:23 | 001,757,884 | ---- | C] () -- C:\Users\Peggy\Desktop\12670012.JPG

[2013/10/25 08:30:23 | 001,725,890 | ---- | C] () -- C:\Users\Peggy\Desktop\12670007.JPG

[2013/10/25 08:30:23 | 001,671,273 | ---- | C] () -- C:\Users\Peggy\Desktop\12670016.JPG

[2013/10/25 08:30:23 | 001,662,187 | ---- | C] () -- C:\Users\Peggy\Desktop\12670006.JPG

[2013/10/25 08:30:23 | 001,636,008 | ---- | C] () -- C:\Users\Peggy\Desktop\12670004.JPG

[2013/10/25 08:30:23 | 001,615,054 | ---- | C] () -- C:\Users\Peggy\Desktop\12670002.JPG

[2013/10/25 08:30:23 | 001,608,825 | ---- | C] () -- C:\Users\Peggy\Desktop\12670014.JPG

[2013/10/25 08:30:23 | 001,511,830 | ---- | C] () -- C:\Users\Peggy\Desktop\12670003.JPG

[2013/10/24 18:18:58 | 001,707,385 | ---- | C] () -- C:\Users\Peggy\Desktop\12670015.JPG

[2013/10/24 08:28:08 | 000,055,099 | ---- | C] () -- C:\Users\Peggy\Desktop\sara black's elk 2012.jpg

[2013/09/30 07:16:30 | 000,103,832 | ---- | C] () -- C:\Users\Peggy\GoToAssistDownloadHelper.exe

[2013/05/27 05:57:00 | 000,074,703 | ---- | C] () -- C:\Windows\SysWow64\mfc45.dat

[2013/03/29 14:39:44 | 000,000,088 | ---- | C] () -- C:\Users\Peggy\.java.policy

[2013/02/01 18:04:09 | 000,002,217 | ---- | C] () -- C:\Users\Peggy\Amazon Cloud Player.lnk

[2012/12/29 09:05:22 | 000,216,232 | -H-- | C] () -- C:\Windows\SysWow64\mlfcache.dat

[2012/12/14 01:42:30 | 000,963,452 | ---- | C] () -- C:\Windows\SysWow64\igcodeckrng600.bin

[2012/12/14 01:42:30 | 000,064,512 | ---- | C] () -- C:\Windows\SysWow64\igdde32.dll

[2012/12/14 01:42:28 | 000,272,928 | ---- | C] () -- C:\Windows\SysWow64\igvpkrng600.bin

[2012/08/16 14:16:57 | 000,000,000 | ---- | C] () -- C:\Windows\EEventManager.INI

[2012/08/16 12:26:50 | 000,000,106 | ---- | C] () -- C:\Windows\EWF645.ini

[2012/07/31 05:57:34 | 000,007,605 | ---- | C] () -- C:\Users\Peggy\AppData\Local\Resmon.ResmonCfg

[2012/07/30 08:03:03 | 000,000,209 | ---- | C] () -- C:\Windows\ODBCINST.INI

[2012/07/30 07:53:57 | 000,011,776 | ---- | C] () -- C:\Windows\SysWow64\pmsbfn32.dll

[2012/07/12 20:22:39 | 000,000,774 | ---- | C] () -- C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc

[2012/06/02 21:59:19 | 000,000,424 | ---- | C] () -- C:\Windows\MAXLINK.INI

[2012/06/02 20:33:51 | 000,000,181 | ---- | C] () -- C:\Windows\WININIT.INI

[2012/05/25 11:06:55 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin

[2012/03/19 22:31:16 | 000,963,912 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin

[2012/03/19 22:31:16 | 000,261,208 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin

========== ZeroAccess Check ==========

[2009/07/13 20:55:00 | 000,000,227 | RHS- | M] () -- C:\Windows\assembly\Desktop.ini

[HKEY_CURRENT_USER\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

[HKEY_CURRENT_USER\Software\Classes\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32] /64

[HKEY_CURRENT_USER\Software\Classes\Wow6432node\clsid\{fbeb8a05-beee-4442-804e-409d6c4515e9}\InProcServer32]

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32] /64

"" = C:\Windows\SysNative\shell32.dll -- [2013/07/25 18:24:57 | 014,172,672 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{42aedc87-2188-41fd-b9a3-0c966feabec1}\InProcServer32]

"" = %SystemRoot%\system32\shell32.dll -- [2013/07/25 17:55:59 | 012,872,704 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Apartment

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\fastprox.dll -- [2009/07/13 17:40:51 | 000,909,312 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{5839FCA9-774D-42A1-ACDA-D6A79037F57F}\InProcServer32]

"" = %systemroot%\system32\wbem\fastprox.dll -- [2010/11/20 19:24:25 | 000,606,208 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Free

[HKEY_LOCAL_MACHINE\Software\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32] /64

"" = C:\Windows\SysNative\wbem\wbemess.dll -- [2009/07/13 17:41:56 | 000,505,856 | ---- | M] (Microsoft Corporation)

"ThreadingModel" = Both

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Classes\clsid\{F3130CDB-AA52-4C3A-AB32-85FFC23AF9C1}\InProcServer32]

========== LOP Check ==========

[2012/08/16 13:43:33 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Acer

[2013/02/01 18:05:07 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Amazon

[2013/04/02 10:14:51 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Audacity

[2012/07/01 14:30:57 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Auslogics

[2012/08/09 11:24:11 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Canon

[2012/12/06 09:13:46 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Catalina Marketing Corp

[2012/07/05 12:58:52 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\com.Shutterfly.ExpressUploader

[2012/11/20 12:04:15 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Downloaded Installations

[2012/08/16 14:37:34 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Epson

[2012/11/20 12:05:41 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\FileOpen

[2012/06/04 10:07:27 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Fingertapps

[2013/08/13 13:03:32 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Free YouTube to MP3 Converter Studio

[2013/03/21 11:56:35 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Garmin

[2012/08/16 13:37:29 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Leader Technologies

[2012/08/16 12:56:00 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Leadertech

[2012/11/20 12:05:41 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Nitro

[2013/11/14 11:19:05 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Nitro PDF

[2013/05/24 05:24:40 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Opera

[2013/09/30 06:59:36 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Oracle

[2013/04/05 12:07:50 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\OverDrive

[2012/06/03 16:13:55 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\PCDr

[2012/06/02 21:59:15 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\ScanSoft

[2012/06/04 10:13:45 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\SoftGrid Client

[2012/06/09 16:01:00 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Softland

[2012/06/02 20:40:47 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\TP

[2012/06/02 18:26:23 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\WildTangent

[2012/06/23 17:22:51 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\Windows Live Writer

[2013/04/08 18:04:37 | 000,000,000 | ---D | M] -- C:\Users\Peggy\AppData\Roaming\ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1

========== Purity Check ==========

< End of report >

dpchristi · November 18, 2013

OTL Extras logfile created on: 11/18/2013 1:13:14 PM - Run 1

OTL by OldTimer - Version 3.2.69.0 Folder = C:\Users\Peggy\Desktop

64bit- Professional Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation

Internet Explorer (Version = 9.11.9600.16428)

Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

7.91 Gb Total Physical Memory | 5.71 Gb Available Physical Memory | 72.14% Memory free

15.83 Gb Paging File | 13.68 Gb Available in Paging File | 86.46% Paging File free

Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)

Drive C: | 913.66 Gb Total Space | 822.44 Gb Free Space | 90.02% Space Free | Partition Type: NTFS

Drive F: | 298.02 Gb Total Space | 93.18 Gb Free Space | 31.27% Space Free | Partition Type: FAT32

Computer Name: PEGGY-DELL | User Name: Peggy | Logged in as Administrator.

Boot Mode: Normal | Scan Mode: All users | Quick Scan | Include 64bit Scans

Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========

========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.html[@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]

.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\iexplore.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-2821558841-1065553334-1953474543-1000\SOFTWARE\Classes\<extension>]

.html [@ = ChromeHTML] -- Reg Error: Key error. File not found

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)

InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "C:\Program Files\Internet Explorer\iexplore.exe" (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]

batfile [open] -- "%1" %*

cmdfile [open] -- "%1" %*

comfile [open] -- "%1" %*

cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)

exefile [open] -- "%1" %*

helpfile [open] -- Reg Error: Key error.

htmlfile [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

htmlfile [opennew] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

http [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

https [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)

piffile [open] -- "%1" %*

regfile [merge] -- Reg Error: Key error.

scrfile [config] -- "%1"

scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l

scrfile [open] -- "%1" /S

txtfile [edit] -- Reg Error: Key error.

Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1

Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)

Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Folder [explore] -- Reg Error: Value error.

Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\iexplore.exe" %1 (Microsoft Corporation)

CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- Reg Error: Value error.

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

"cval" = 1

"AntiVirusDisableNotify" = 1

"AntiVirusOverride" = 1

"FirewallDisableNotify" = 1

"FirewallOverride" = 1

"UpdatesDisableNotify" = 1

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]

"AntiVirusOverride" = 0

"AntiSpywareOverride" = 0

"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]

"EnableFirewall" = 1

"DisableNotifications" = 0

========== Authorized Applications List ==========

========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0C65A540-7A62-41E2-8FD0-6F872CA85A92}" = rport=138 | protocol=17 | dir=out | app=system |

"{0EE04047-AAAB-4BDD-99F3-CA1AC816199F}" = rport=2177 | protocol=6 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{34D9FF06-66E7-4595-8838-A0FCAC09DA80}" = lport=rpc-epmap | protocol=6 | dir=in | svc=rpcss | name=@firewallapi.dll,-28539 |

"{3F4FE37C-EC4F-41C7-BD96-E2A129E02419}" = lport=2177 | protocol=17 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{4239E550-BBF9-424C-94CF-23DE88711577}" = lport=2869 | protocol=6 | dir=in | app=system |

"{4AE6299D-AF42-451C-B789-FDECE66CA6B5}" = lport=6004 | protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\outlook.exe |

"{4DC5BF35-DE73-4FBC-9D79-76D79B60ACAE}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |

"{60AD5C91-CAD4-43B6-8F14-498B88AEB891}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdater.exe |

"{632F5CE8-AA7D-490A-8C92-E7536A127A03}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{6C982D88-8DD0-45AD-8A5A-7D7F5FB0B555}" = lport=2177 | protocol=6 | dir=in | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{8CB62B8C-06C1-4D02-8316-BC95F0C21368}" = rport=80 | protocol=6 | dir=out | app=c:\program files (x86)\common files\intuit\update service v4\intuitupdateservice.exe |

"{8DA6283D-35BF-4AB8-AAC9-DAF40C7E49AE}" = rport=137 | protocol=17 | dir=out | app=system |

"{95BB53A1-B7A8-482E-8949-9A2CDBDAC04E}" = rport=10243 | protocol=6 | dir=out | app=system |

"{981D84DF-7A9C-4AFB-9082-886CEF3B5061}" = lport=445 | protocol=6 | dir=in | app=system |

"{98CE27B4-D45B-47C2-BC06-A873CE762297}" = lport=138 | protocol=17 | dir=in | app=system |

"{9E546803-7602-4472-8B91-D92403FDC685}" = lport=57105 | protocol=17 | dir=in | name=pando |

"{9FD3B46D-9899-4D31-8757-91EF48C6AB9A}" = lport=rpc | protocol=6 | dir=in | svc=spooler | app=%systemroot%\system32\spoolsv.exe |

"{A7E8DBE6-A945-44F1-BFA6-6F174A054D26}" = rport=445 | protocol=6 | dir=out | app=system |

"{AA2EF7BC-D929-4629-A3E7-8C10D49DF4F4}" = lport=10243 | protocol=6 | dir=in | app=system |

"{AD6321D3-67CF-4CC0-B7FC-AE5F44645E35}" = lport=1900 | protocol=17 | dir=in | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{B43295EE-3B47-4B9A-A79B-4169EB30FB99}" = rport=139 | protocol=6 | dir=out | app=system |

"{B6D9B8BA-4C57-47D7-8FB7-A3151D636533}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

"{B8270A9A-CA46-42EC-B5F4-786AE7BE769A}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{BC1F7FF4-6042-41FD-AA49-85DEC5877B1E}" = lport=57105 | protocol=6 | dir=in | name=pando |

"{CAFC4B14-596D-49BE-8A00-D6A6354788DF}" = rport=1900 | protocol=17 | dir=out | svc=ssdpsrv | app=%systemroot%\system32\svchost.exe |

"{CBF10DD0-DA9B-479B-9CC1-44BD7810DDCB}" = rport=5355 | protocol=17 | dir=out | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{DED90BA4-1756-4C32-B633-0B728613EA38}" = lport=5355 | protocol=17 | dir=in | svc=dnscache | app=%systemroot%\system32\svchost.exe |

"{E2EA0EE5-CF67-4D0A-8573-88FD74F63BEC}" = lport=139 | protocol=6 | dir=in | app=system |

"{F40C3CEC-EBCB-4F12-A851-8B87582431D9}" = rport=2177 | protocol=17 | dir=out | svc=qwave | app=%systemroot%\system32\svchost.exe |

"{FC6DA9A7-2B81-4014-B7B0-7F0759C74AA3}" = lport=137 | protocol=17 | dir=in | app=system |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]

"{0C199C01-37B1-4919-A4DF-56B85F35538F}" = protocol=17 | dir=in | app=d:\common\epsonnet setup\eneasyapp.exe |

"{0FE9DF04-FC68-4519-B0CF-58F9ED7893DB}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{15F30EA7-70DC-4793-9E57-A8A441F58B7A}" = protocol=1 | dir=in | name=@firewallapi.dll,-28543 |

"{1F1413D9-DD5D-4508-99A5-BD6E9C3D5F26}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |

"{1F42C69C-0772-446E-BC5D-FB509D3830A3}" = protocol=6 | dir=in | app=d:\common\epsonnet setup\eneasyapp.exe |

"{278A0E8D-92B7-406A-ADDA-0EC03EEE7155}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{278F5B0D-B948-4AE8-B5ED-E95C17843926}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{2A8772F4-5AC0-401F-8C2A-D8672C67F742}" = dir=in | app=c:\program files (x86)\itunes\itunes.exe |

"{2B1E75AF-BFD5-4E33-B6AC-D043EAC520F6}" = protocol=6 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{347C5620-548E-4188-823E-CB75557C75F3}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |

"{3E322ECE-6B88-4DE5-86F3-A16DFF1E3B45}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{43DF51D9-FA00-4B59-A59E-C7987FF4E455}" = dir=in | app=c:\program files (x86)\dell\videostage\videostage.exe |

"{4BE2B2C9-4D81-4921-97EC-566AE949D956}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{4CF2E2EB-2470-424A-B55E-FCC8D4706867}" = dir=in | app=c:\program files (x86)\common files\apple\apple application support\webkit2webprocess.exe |

"{5181E95F-2F24-4C79-9F9B-E95A00392559}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |

"{692E885B-C996-47ED-89AB-561D09963101}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |

"{6C8A2CE1-B1B7-432B-819F-8BF4059886F1}" = protocol=6 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{6E5CE738-E0C0-4F52-8B0A-4CAC33BAB18C}" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |

"{714ACB3C-9194-4391-9806-4362438BEEE5}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{7D3C8077-24F1-4FB3-A1D5-9E3E4BB1FE51}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{7D508E9C-E7DE-4156-9CCE-8801BE02593A}" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\ecprintersetup\enpapp.exe |

"{84401C7F-C02D-46C7-9568-A48DC4F3B126}" = protocol=17 | dir=in | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{8E82CBDD-40FF-487C-BACB-4514EF1D6FA3}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |

"{90F6E54A-4245-4EED-804A-4062D7C32292}" = protocol=17 | dir=in | app=%programfiles%\windows media player\wmplayer.exe |

"{94A46B58-3A4A-40E5-9938-4A098A53D7B2}" = protocol=17 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{961A68C8-2CD3-4F78-AE93-56BAF6865A2E}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{96370376-C761-4BA3-805C-D5DAA467F444}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{98193E7F-BD80-49B7-A50D-141873052CF0}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmpnetwk.exe |

"{9912F897-312D-40FE-A988-F1CF4518CC94}" = protocol=6 | dir=in | app=%programfiles%\windows media player\wmpnetwk.exe |

"{9EEFA0A0-E222-4BAC-9E6F-FD466AC6B664}" = protocol=6 | dir=out | app=system |

"{9F2D0619-0449-4255-9F56-B86C17B542DE}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office12\groove.exe |

"{9F63CDD4-B7A4-4423-B819-890AC159B866}" = protocol=6 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |

"{B1DCD846-7482-4AB9-A7EF-65CEA5BDF30B}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office12\onenote.exe |

"{B42EC00A-9152-4AF1-8FF9-CB4A99DD4438}" = protocol=58 | dir=out | name=@firewallapi.dll,-28546 |

"{B79A764D-FAAE-43E7-AC74-4732D1D81F4B}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\platform\mcsvchost\mcsvhost.exe |

"{B8D62AEA-36EF-448A-BD90-0F8AB6F5DA30}" = protocol=17 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{C23F0DD8-F342-470F-9DC0-25B58FE04ED3}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{C4B91E76-8857-4B46-8BDF-9C73127E61EB}" = protocol=17 | dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |

"{C5B9A5BD-CB1C-43F6-8275-E323CACA437B}" = dir=in | app=c:\program files (x86)\skype\phone\skype.exe |

"{C5F039BC-D4E2-48B0-8937-0B510EBA077B}" = protocol=17 | dir=in | app=c:\program files\bonjour\mdnsresponder.exe |

"{D2CB2556-09EA-4912-B1FF-15DCE33341B1}" = protocol=1 | dir=out | name=@firewallapi.dll,-28544 |

"{D883CD7F-51F8-4454-9143-149D5FD5D131}" = protocol=6 | dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |

"{DA4A8679-F8B3-4E32-A661-B4F65418C1C6}" = dir=in | app=c:\program files (x86)\pando networks\pando\pando.exe |

"{E1E1E34C-563B-4BA8-AF77-D9DCF5D85543}" = protocol=6 | dir=out | svc=upnphost | app=%systemroot%\system32\svchost.exe |

"{E76F17BF-4193-4D4A-AB58-7080A789F4EA}" = protocol=17 | dir=in | app=c:\program files (x86)\bonjour\mdnsresponder.exe |

"{E9A44A80-944B-4497-B922-9745D187A3E3}" = protocol=17 | dir=in | app=c:\program files\common files\mcafee\mcsvchost\mcsvhost.exe |

"{EA69BD83-F897-4188-8E7D-905DFFC2829A}" = protocol=6 | dir=out | app=%programfiles(x86)%\windows media player\wmplayer.exe |

"{F754D056-C723-4082-818B-D0B7B9740050}" = protocol=6 | dir=out | app=%programfiles%\windows media player\wmplayer.exe |

"{FF231959-6C3C-4E6B-9F70-625E2B156FA2}" = protocol=58 | dir=in | name=@firewallapi.dll,-28545 |

"TCP Query User{8C20C802-6A38-4983-B6A5-C11BC5DD5512}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=6 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |

"UDP Query User{CB8B8214-5E84-4D81-918A-AC61237E4994}C:\program files (x86)\epson software\event manager\eeventmanager.exe" = protocol=17 | dir=in | app=c:\program files (x86)\epson software\event manager\eeventmanager.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{027E5FAB-1476-4C59-AAB4-32EF28520399}" = Windows Live Language Selector

"{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4805" = CanoScan 8800F

"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant

"{2EF5D87E-B7BD-458F-8428-E4D0B8B4E65C}" = Apple Mobile Device Support

"{550331CC-C34B-494F-BCDA-37CE4EF6E924}" = Garmin Communicator Plugin x64

"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources

"{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}" = Bonjour

"{814FA673-A085-403C-9545-747FC1495069}" = Epson Customer Participation

"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources

"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight

"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended

"{8EBA8727-ADC2-477B-9D9A-1A1836BE4E05}" = Dell Edoc Viewer

"{90120000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2007

"{90120000-002A-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (English) 2007

"{90120000-0116-0409-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007

"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting

"{9CDC73E6-921C-491B-912A-2D1680E78A59}" = Nitro Reader 3

"{A04DCB25-7040-4935-A30D-8E0A893ABF2D}" = iTunes

"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter

"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client

"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service

"{EAFB2AD8-D92B-464C-8D97-B9CB94703C4A}" = iCloud

"{EF79C448-6946-4D71-8134-03407888C054}" = Shared C Run-time for x64

"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile

"98157A226B40B173301B0F53C8E98C47805D5152" = Windows Driver Package - Garmin (grmnusb) GARMIN Devices (04/19/2012 2.3.1.0)

"CCleaner" = CCleaner

"CNXT_AUDIO_HDA" = Conexant HD Audio

"doPDF 7 printer_is1" = doPDF 7.3 printer

"EPSON WorkForce 645 Series" = EPSON WorkForce 645 Series Printer Uninstall

"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile

"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended

"PC-Doctor for Windows" = My Dell

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]

"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer

"{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}" = Epson FAX Utility

"{10F63395-157F-4B93-AB4D-702A2FF11942}" = Epson Download Navigator

"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1

"{196BB40D-1578-3D01-B289-BEFC77A11A1E}" = Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319

"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker

"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update

"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions

"{25569723-DC5A-4467-A639-79535BF01B71}" = Adobe Help Center 2.1

"{26A24AE4-039D-4CA4-87B4-2F83217040FF}" = Java 7 Update 45

"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections

"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger

"{2D428867-5883-449B-86F3-7B7187061033}" = Nero 7 Essentials

"{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" = Update Installer for WildTangent Games App

"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery

"{3383136B-4F86-4F05-8612-DD4BB16A1EAE}" = Roxio Central

"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery

"{3615560A-3601-4727-B44D-853BEF395F5C}" = Elevated Installer

"{36C2CC71-CD92-67CB-CCBE-6060F9D02795}" = Sedona 2013 Official Guide

"{3BD7DD08-991B-4A2F-A165-614ED14EAADD}" = Dell MusicStage

"{3D5D6CFC-3097-425A-8D8F-7EAF5D57641D}" = Garmin USB Drivers

"{3E31400D-274E-4647-916C-2CACC3741799}" = EpsonNet Print

"{41565256-3700-A76A-76A7-A758B70C0700}" = Avery Toolbar

"{46F044A5-CE8B-4196-984E-5BD6525E361D}" = Apple Application Support

"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater

"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml

"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack

"{5AF4B3C4-C393-48D7-AC7E-8E7615579548}" = Adobe AIR

"{63688C0C-441B-B09B-97A3-B059D79A84F7}" = Shutterfly Express Uploader

"{64BA551C-9AF6-495C-93F3-D1270E0045FC}" = Epson Connect

"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE

"{69F56014-2C48-4885-8D72-0E069F89647F}" = Roxio Creator 2009 Special Edition

"{6A02A7A6-0EC5-4CD7-84EB-520546B5CA8D}" = TurboTax 2012 wutiper

"{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-dell" = WildTangent Games App (Dell Games)

"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable

"{712C9875-89BA-44E4-966A-106DF3141740}" = Garmin Express Tray

"{761E061F-FB8E-BBB4-69A4-B1DEF3640DB7}" = Zinio Reader 4

"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update

"{7D3A7C2E-DC30-4726-AF81-9DFCCF88DC1E}" = Garmin Express

"{820B6609-4C97-3A2B-B644-573B06A0F0CC}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729

"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform

"{85309D89-7BE9-4094-BB17-24999C6118FC}" = ArcSoft PhotoStudio 5.5

"{89EC099E-958D-462E-972C-385591946978}" = TurboTax 2012 WinPerFedFormset

"{8BA03AC2-579F-41CD-A250-740137D86F7A}" = PDFBinder

"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime

"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT

"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007

"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007

"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007

"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007

"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007

"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007

"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007

"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{1FF96026-A04A-4C3E-B50A-BB7022654D0F}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007

"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{71F055E8-E2C6-4214-BB3D-BFE03561B89E}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007

"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{2314F9A1-126F-45CC-8A5E-DFAF866F3FBC}" = Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3)

"{90120000-002A-0000-1000-0000000FF1CE}_ENTERPRISE_{664655D8-B9BB-455D-8A58-7EAF7B0B2862}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002A-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007

"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007

"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007

"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007

"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007

"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007

"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007

"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007

"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0116-0409-1000-0000000FF1CE}_ENTERPRISE_{98333358-268C-4164-B6D4-C96DF5153727}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007

"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{AAA19365-932B-49BD-8138-BE28CEE9C4B4}" = Microsoft Office 2007 Service Pack 3 (SP3)

"{90140000-2005-0000-0000-0000000FF1CE}" = Microsoft Office File Validation Add-In

"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker

"{9471d6bd-67a9-40f6-a420-2ae4f08ef003}" = Garmin Express

"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17

"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161

"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail

"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh

"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer

"{A7B609FB-83D8-4FC3-8477-1BC65ECFE85B}" = Adobe Photoshop Elements 5.0

"{A8B1F076-965D-4663-A9D4-C2FB58A42AE4}" = TurboTax 2012 WinPerTaxSupport

"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper

"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common

"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer

"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer

"{AB480DA0-7EE9-465D-9C12-4CDE65BF18FB}" = Pando

"{AC76BA86-7AD7-1033-7B44-AB0000000001}" = Adobe Reader XI (11.0.05)

"{B2F3DBD9-A9D2-4838-B45D-C917DAB32BC3}" = ScanSoft OmniPage SE 4

"{B38E9B55-7136-4E66-A084-320512FF3F6F}" = LTCM Client

"{B67BAFBA-4C9F-48FA-9496-933E3B255044}" = QuickTime

"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail

"{CAF5B770-082F-40C4-853D-3973BB81BDAA}" = TurboTax 2011 WinPerTaxSupport

"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform

"{D07205E7-F6D3-4333-AFCC-782A07685B72}" = OverDrive Media Console

"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64

"{D2D6B9EB-C6DC-4DAA-B4DE-BB7D9735E7DA}" = Presto! PageManager 7.15.16

"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common

"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform

"{D9B1D51B-EB56-410D-AEB5-1CCFAC4B6C8C}" = Epson Connect Printer Setup

"{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources

"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh

"{DF6A13C0-77DF-41FE-BD05-6D5201EB0CE7}_is1" = Auslogics Disk Defrag

"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10

"{E4335E82-17B3-460F-9E70-39D9BC269DB3}" = Dell PhotoStage

"{E463E171-4082-4744-A466-F7CBE8502789}" = TurboTax 2011 WinPerReleaseEngine

"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger

"{E83F5F27-43F3-4163-ABE5-F68C989286ED}" = TurboTax 2012 wrapper

"{EE556A3E-EB37-4392-9637-BAA8EC2F47FA}" = TurboTax 2011 wrapper

"{EE7257A2-39A2-4D2F-9DAC-F9F25B8AE1D8}" = Skype™ 5.10

"{F014B696-28C5-4554-802F-A15380418F53}" = TurboTax 2012 WinPerReleaseEngine

"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]

"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics

"{F47C37A4-7189-430A-B81D-739FF8A7A554}" = Consumer In-Home Service Agreement

"{F4DA4C73-026F-4D38-8C6B-85F0193E4B56}" = Garmin WebUpdater

"{F9000000-0018-0000-0000-074957833700}" = ABBYY FineReader 9.0 Sprint

"{FA9D303D-0FB2-49C7-9397-8E6B11EA892D}" = Epson Event Manager

"{FAD3D68B-2F9C-459B-AA79-C04B9090FD72}" = TurboTax 2011 WinPerFedFormset

"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials

"674f21577a64ed3ab2d5d156e08c0155" = Sedona 2013 Official Guide

"ABBYY FineReader 9.0 Sprint" = ABBYY FineReader 9.0 Sprint

"Adobe AIR" = Adobe AIR

"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX

"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin

"Adobe Photoshop Elements 5" = Adobe Photoshop Elements 5.0

"ALUpdate_is1" = ALTools Update

"ALZip_is1" = ALZip 8.51

"Amazon MP3 Downloader" = Amazon MP3 Downloader 1.0.17

"Audacity_is1" = Audacity 2.0.3

"Bejeweled 3" = Bejeweled 3

"Canon CanoScan 8800F User Registration" = Canon CanoScan 8800F User Registration

"CanonSolutionMenu" = Canon Utilities Solution Menu

"com.Shutterfly.ExpressUploader" = Shutterfly Express Uploader

"Coupon Printer for Windows5.0.0.1" = Coupon Printer for Windows

"ENTERPRISE" = Microsoft Office Enterprise 2007

"EPSON Scanner" = EPSON Scan

"Free YouTube to MP3 Converter Studio_is1" = Free YouTube to MP3 Converter Studio 8.1

"Google Chrome" = Google Chrome

"GoToAssist" = GoToAssist Corporate

"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin

"InstallShield_{DCE0E79A-B9AC-41AC-98C1-7EF0538BCA7F}" = Dell VideoStage

"LAME_is1" = LAME v3.99.3 (for Windows)

"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware version 1.75.0.1300

"Mozilla Firefox 23.0.1 (x86 en-US)" = Mozilla Firefox 23.0.1 (x86 en-US)

"MozillaMaintenanceService" = Mozilla Maintenance Service

"MP Navigator EX 1.0" = Canon MP Navigator EX 1.0

"MSC" = McAfee SecurityCenter

"TurboTax 2011" = TurboTax 2011

"TurboTax 2012" = TurboTax 2012

"WildTangent dell Master Uninstall" = WildTangent Games

"WinLiveSuite" = Windows Live Essentials

"WT089409" = Bejeweled 2 Deluxe

"WT089410" = Blackhawk Striker 2

"WT089411" = Build-a-lot 2

"WT089412" = Cake Mania

"WT089413" = Chuzzle Deluxe

"WT089414" = Diner Dash 2 Restaurant Rescue

"WT089415" = Dora's World Adventure

"WT089418" = FATE

"WT089420" = Jewel Quest

"WT089422" = Jewel Quest Solitaire 2

"WT089426" = Poker Superstars III

"WT089430" = Virtual Villagers 4 - The Tree of Life

"WT089433" = Polar Golfer

"WT089434" = Escape Whisper Valley

"WT089440" = Namco All-Stars PAC-MAN

"WT089443" = Bounce Symphony

"WT089444" = Final Drive Nitro

"WT089445" = Penguins!

"WT089446" = Wedding Dash - Ready, Aim, Love!

"WT089448" = Zuma Deluxe

"WT089450" = Farm Frenzy

"WT089452" = Plants vs. Zombies - Game of the Year

"WT089499" = Final Drive Fury

"WT089503" = Samantha Swift

"WT089507" = Luxor

"WT089508" = Polar Bowler

"ZinioReader4.9310D8F796442B71068C511E15D70529A702D19D.1" = Zinio Reader 4

========== Last 20 Event Log Errors ==========

[ Application Events ]

Error - 11/18/2013 4:56:57 PM | Computer Name = Peggy-Dell | Source = Windows Search Service | ID = 9002

Description =

Error - 11/18/2013 4:56:57 PM | Computer Name = Peggy-Dell | Source = Windows Search Service | ID = 3029

Description =

Error - 11/18/2013 4:56:58 PM | Computer Name = Peggy-Dell | Source = Windows Search Service | ID = 3029

Description =

Error - 11/18/2013 4:56:58 PM | Computer Name = Peggy-Dell | Source = Windows Search Service | ID = 3028

Description =

Error - 11/18/2013 4:56:58 PM | Computer Name = Peggy-Dell | Source = Windows Search Service | ID = 3058

Description =

Error - 11/18/2013 4:56:58 PM | Computer Name = Peggy-Dell | Source = Windows Search Service | ID = 7010

Description =

Error - 11/18/2013 4:57:47 PM | Computer Name = Peggy-Dell | Source = WinMgmt | ID = 10

Description =

Error - 11/18/2013 4:59:55 PM | Computer Name = Peggy-Dell | Source = Application Error | ID = 1000

Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428,

time stamp: 0x525b664c Faulting module name: MSHTML.dll, version: 11.0.9600.16428,

time stamp: 0x525b9a19 Exception code: 0xc0000005 Fault offset: 0x002865b5 Faulting

process id: 0x1524 Faulting application start time: 0x01cee4a0f32452f8 Faulting application

path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:

C:\Windows\system32\MSHTML.dll Report Id: 5fcb9b97-5094-11e3-8d46-d4bed9cf60a4

Error - 11/18/2013 5:00:06 PM | Computer Name = Peggy-Dell | Source = Application Error | ID = 1000

Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428,

time stamp: 0x525b664c Faulting module name: MSHTML.dll, version: 11.0.9600.16428,

time stamp: 0x525b9a19 Exception code: 0xc0000005 Fault offset: 0x002865b5 Faulting

process id: 0x988 Faulting application start time: 0x01cee4a123489cb9 Faulting application

path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:

C:\Windows\system32\MSHTML.dll Report Id: 6673f4db-5094-11e3-8d46-d4bed9cf60a4

Error - 11/18/2013 5:00:13 PM | Computer Name = Peggy-Dell | Source = Application Error | ID = 1000

Description = Faulting application name: IEXPLORE.EXE, version: 11.0.9600.16428,

time stamp: 0x525b664c Faulting module name: MSHTML.dll, version: 11.0.9600.16428,

time stamp: 0x525b9a19 Exception code: 0xc0000005 Fault offset: 0x002865b5 Faulting

process id: 0xc5c Faulting application start time: 0x01cee4a129abee15 Faulting application

path: C:\Program Files (x86)\Internet Explorer\IEXPLORE.EXE Faulting module path:

C:\Windows\system32\MSHTML.dll Report Id: 6ac4735a-5094-11e3-8d46-d4bed9cf60a4

[ System Events ]

Error - 11/18/2013 4:56:56 PM | Computer Name = Peggy-Dell | Source = Service Control Manager | ID = 7026

Description = The following boot-start or system-start driver(s) failed to load:

RxFilter

Error - 11/18/2013 4:56:59 PM | Computer Name = Peggy-Dell | Source = Service Control Manager | ID = 7024

Description = The Windows Search service terminated with service-specific error

%%-1073473535.

Error - 11/18/2013 4:56:59 PM | Computer Name = Peggy-Dell | Source = Service Control Manager | ID = 7031

Description = The Windows Search service terminated unexpectedly. It has done this

1 time(s). The following corrective action will be taken in 30000 milliseconds:

Restart the service.

Error - 11/18/2013 4:57:15 PM | Computer Name = Peggy-Dell | Source = DCOM | ID = 10005

Description =

Error - 11/18/2013 4:57:15 PM | Computer Name = Peggy-Dell | Source = Service Control Manager | ID = 7009

Description = A timeout was reached (30000 milliseconds) while waiting for the Windows

Search service to connect.

Error - 11/18/2013 4:57:15 PM | Computer Name = Peggy-Dell | Source = Service Control Manager | ID = 7000

Description = The Windows Search service failed to start due to the following error:

%%1053

< End of report >

Maniac · November 19, 2013

Step 1

Please uninstall this application: Avery Toolbar

Step 2

Please download Junkware Removal Tool to your desktop.

Shut down your protection software now to avoid potential conflicts.
Run the tool by double-clicking it. If you are using Windows Vista or Seven, right-mouse click it and select Run as Administrator.
The tool will open and start scanning your system.
Please be patient as this can take a while to complete depending on your system's specifications.
On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
Post the contents of JRT.txt into your next message.

Step 3

Please download AdwCleaner by Xplode onto your desktop.

Close all open programs and internet browsers.
Double click on AdwCleaner.exe to run the tool.
Click on Clean.
Confirm each time with Ok.
Your computer will be rebooted automatically. A text file will open after the restart.
Please post the content of that logfile with your next answer.
You can find the logfile at C:\AdwCleaner[s1].txt as well.
Step 4
Note: Please do not run this tool without special supervision and instructions of someone authorized to do so. Otherwise, you could end up with serious problems. For more details, read this article: ComboFix usage, Questions, Help? - Look here
Please visit this webpage and read the ComboFix User's Guide:
- Once you've read the article and are ready to use the program you can download it directly from the link below.
- Important! - Please make sure you save combofix to your desktop and do not run it from your browser
- Direct download link for: ComboFix.exe
- Please make sure you disable your security applications before running ComboFix.
- Once Combofix has completed it will produce and open a log file. Please be patient as it can take some time to load.
- Please copy/paste the contents or attach that log file to your next reply.
- If needed the file can be located here: C:\combofix.txt
- NOTE: If you receive the message "illegal operation has been attempted on a registry key that has been marked for deletion", just reboot the computer.
In your next reply, post the following log files:
- Junkware Removal Tool log
- AdwCleaner log
- ComboFix log

dpchristi · November 19, 2013

How long does Junk Removal Tool take to run? I tried to run it in windows safe mode and it gets hung up in checking startup. It's been doing that for over an hour. I disabled my security too. Help please!

Maniac · November 20, 2013

Did you close all of your browsers? Where did you try into Safe mode or into Safe mode with Networking? I recommend you the first option.

dpchristi · November 20, 2013

Yes I closed all my browsers and tried it in safe mode. (NO NETWORKING) and the program still hangs after "Check Startup".

Maniac · November 20, 2013

Okay, please proceed further.

dpchristi · November 20, 2013

# AdwCleaner v3.012 - Report created 20/11/2013 at 09:29:44

# Updated 11/11/2013 by Xplode

# Operating System : Windows 7 Professional Service Pack 1 (64 bits)

# Username : Peggy - PEGGY-DELL

# Running from : C:\Users\Peggy\Desktop\AdwCleaner.exe

# Option : Clean

***** [ Services ] *****

***** [ Files / Folders ] *****

Folder Deleted : C:\ProgramData\apn

Folder Deleted : C:\Users\Peggy\AppData\Local\PackageAware

Folder Deleted : C:\Users\Peggy\AppData\Local\visi_coupon

Folder Deleted : C:\Users\Peggy\AppData\Local\Temp\apn

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASAPI32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\apnstub_RASMANCS

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasapi32

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\au__rasmancs

Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\BingBar_RASMANCS

Key Deleted : HKLM\SOFTWARE\Classes\AppID\{0A18A436-2A7A-49F3-A488-30538A2F6323}

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{007EFBDF-8A5D-4930-97CC-A4B437CBA777}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{02478D38-C3F9-4EFB-9B51-7695ECA05670}

Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{EF99BD32-C1FB-11D2-892F-0090271D4F88}

Key Deleted : HKLM\Software\Conduit

Key Deleted : HKLM\Software\Freeze.com

***** [ Browsers ] *****

-\\ Internet Explorer v11.0.9600.16428

-\\ Mozilla Firefox v23.0.1 (en-US)

[ File : C:\Users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\x65kwfgz.default\prefs.js ]

-\\ Google Chrome v31.0.1650.57

[ File : C:\Users\Peggy\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [1993 octets] - [20/11/2013 09:27:18]

AdwCleaner[s0].txt - [1954 octets] - [20/11/2013 09:29:44]

########## EOF - C:\AdwCleaner\AdwCleaner[s0].txt - [2014 octets] ##########

dpchristi · November 20, 2013

ComboFix 13-11-19.01 - Peggy 11/20/2013 13:52:41.1.4 - x64

Microsoft Windows 7 Professional 6.1.7601.1.1252.1.1033.18.8105.6649 [GMT -8:00]

Running from: c:\users\Peggy\Desktop\ComboFix.exe

AV: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {ADA629C7-7F48-5689-624A-3B76997E0892}

FW: McAfee Firewall *Enabled* {959DA8E2-3527-57D1-4915-924367AD4FE9}

SP: McAfee Anti-Virus and Anti-Spyware *Disabled/Updated* {16C7C823-5972-5907-58FA-0004E2F9422F}

SP: Windows Defender *Disabled/Outdated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

.

((((((((((((((((((((((((((((((((((((((( Other Deletions )))))))))))))))))))))))))))))))))))))))))))))))))

.

c:\programdata\PCDr\6361\AddOnDownloaded\073fb38f-0e69-479d-bca1-4f81ec9dcbf6.dll

c:\programdata\PCDr\6361\AddOnDownloaded\2a6b5d0b-a2fc-4bdd-b3fe-6bbefb85b7e4.dll

c:\programdata\PCDr\6361\AddOnDownloaded\3cb2cbfc-72a8-4ae7-9061-1a58b1505327.dll

c:\programdata\PCDr\6361\AddOnDownloaded\5c103ca5-8249-401b-a699-41d0a39023f4.dll

c:\programdata\PCDr\6361\AddOnDownloaded\704dfeb5-9129-4d88-8096-7f3bc80eb1ec.dll

c:\programdata\PCDr\6361\AddOnDownloaded\8d529c31-eeb1-4b4d-ab7e-98a38b1abf60.dll

c:\programdata\PCDr\6361\AddOnDownloaded\8fab1a01-d6b6-4640-ac86-c3ddd583c840.dll

c:\programdata\PCDr\6361\AddOnDownloaded\9e7391aa-d9c2-4547-bdb7-737a833083a2.dll

c:\programdata\PCDr\6361\AddOnDownloaded\b347630c-35c1-4199-a3e2-2eea8f11e228.dll

c:\programdata\PCDr\6361\AddOnDownloaded\c4f346c1-09ef-4c0a-846d-8ca41f94690b.dll

c:\programdata\PCDr\6361\AddOnDownloaded\cadaa395-f50b-45c6-81f6-b5aaa3c5efba.dll

c:\programdata\PCDr\6361\AddOnDownloaded\dde43788-ba3c-4b88-bc8a-de8a0eb22c79.dll

c:\programdata\PCDr\6361\AddOnDownloaded\e13c218f-cd37-454b-a187-3381a9945752.dll

c:\programdata\PCDr\6361\AddOnDownloaded\f586fa98-17b8-498c-9c59-24de5750efab.dll

c:\programdata\PCDr\6361\AddOnDownloaded\f73e8868-a1f5-4756-9eae-b4ffc305f35a.dll

c:\users\Peggy\ccsetup407.exe

c:\users\Peggy\Documents\~WRL2357.tmp

c:\users\Peggy\tdsskiller.exe

c:\windows\SysWow64\FlashPlayerApp.exe

c:\windows\wininit.ini

.

((((((((((((((((((((((((( Files Created from 2013-10-20 to 2013-11-20 )))))))))))))))))))))))))))))))

.

2013-11-20 21:57 . 2013-11-20 21:57 -------- d-----w- c:\users\Default\AppData\Local\temp

2013-11-20 17:27 . 2013-11-20 17:29 -------- d-----w- C:\AdwCleaner

2013-11-20 06:15 . 2013-11-20 06:15 -------- d-----w- c:\programdata\FitbitConnect

2013-11-20 06:15 . 2013-11-20 06:15 -------- d-----w- c:\program files (x86)\Fitbit Connect

2013-11-19 18:57 . 2013-11-19 18:57 -------- d-----w- c:\windows\ERUNT

2013-11-18 18:00 . 2013-10-15 02:00 28368 ----a-w- c:\windows\system32\IEUDINIT.EXE

2013-11-18 01:30 . 2013-11-18 01:30 -------- d-----w- c:\program files (x86)\Malwarebytes' Anti-Malware

2013-11-18 01:30 . 2013-04-04 22:50 25928 ----a-w- c:\windows\system32\drivers\mbam.sys

2013-11-18 01:30 . 2013-11-18 01:30 36680 ----a-w- c:\windows\system32\drivers\mbamchameleon.sys

2013-11-17 23:17 . 2013-11-17 23:17 79872 ----a-w- c:\windows\system32\ctfmicpl64.dll

2013-11-17 23:17 . 2013-11-17 23:17 209920 ----a-w- c:\windows\SysWow64\ctfmicpl.dll

2013-11-17 23:07 . 2013-11-18 01:41 -------- d-----w- c:\programdata\3p66vnlp

2013-11-15 14:54 . 2013-11-17 23:16 -------- d-----w- c:\program files\Google

2013-11-14 11:01 . 2013-11-14 11:03 -------- d-----w- C:\ec197903a907dcdbb59f1f6445

2013-11-09 17:13 . 2013-09-23 21:49 197704 ----a-w- c:\windows\system32\drivers\HipShieldK.sys

2013-11-08 15:27 . 2013-11-17 23:16 -------- d-----w- c:\program files (x86)\Google

2013-11-08 15:27 . 2013-11-15 14:55 -------- d-----w- c:\users\Peggy\AppData\Local\Google

2013-11-08 15:26 . 2013-11-08 15:27 -------- d-----w- c:\users\Peggy\AppData\Local\Deployment

2013-10-30 15:44 . 2013-10-30 15:44 -------- d-----w- c:\program files\iPod

2013-10-30 15:44 . 2013-10-30 15:45 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69

2013-10-30 15:44 . 2013-10-30 15:45 -------- d-----w- c:\program files\iTunes

2013-10-30 15:44 . 2013-10-30 15:45 -------- d-----w- c:\program files (x86)\iTunes

.

(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))

.

2013-11-15 14:54 . 2012-05-25 17:39 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl

2013-11-14 11:01 . 2012-06-03 06:26 82896128 ----a-w- c:\windows\system32\MRT.exe

2013-10-08 14:50 . 2013-10-21 14:14 96168 ----a-w- c:\windows\SysWow64\WindowsAccessBridge-32.dll

2013-09-30 15:16 . 2013-09-30 15:16 103832 ----a-w- c:\users\Peggy\GoToAssistDownloadHelper.exe

2013-09-25 04:29 . 2013-09-30 16:50 70112 ----a-w- c:\windows\system32\drivers\cfwids.sys

2013-09-25 04:25 . 2013-02-19 20:56 343568 ----a-w- c:\windows\system32\drivers\mfewfpk.sys

2013-09-25 04:25 . 2013-09-30 16:39 182752 ----a-w- c:\windows\system32\mfevtps.exe

2013-09-25 04:22 . 2013-02-19 20:54 781312 ----a-w- c:\windows\system32\drivers\mfehidk.sys

2013-09-25 04:21 . 2013-09-30 16:50 519192 ----a-w- c:\windows\system32\drivers\mfefirek.sys

2013-09-25 04:20 . 2013-09-30 16:50 310224 ----a-w- c:\windows\system32\drivers\mfeavfk.sys

2013-09-25 04:19 . 2013-02-19 20:52 179664 ----a-w- c:\windows\system32\drivers\mfeapfk.sys

2013-09-20 17:38 . 2013-09-20 17:38 10856 ----a-w- c:\windows\system32\drivers\mfeclnrk.sys

2013-09-20 17:38 . 2013-09-20 17:38 95984 ----a-w- c:\windows\system32\drivers\mfencrk.sys

2013-09-20 17:37 . 2013-09-20 17:37 390552 ----a-w- c:\windows\system32\drivers\mfencbdc.sys

2013-09-08 02:30 . 2013-10-09 05:23 1903552 ----a-w- c:\windows\system32\drivers\tcpip.sys

2013-09-08 02:27 . 2013-10-09 05:23 327168 ----a-w- c:\windows\system32\mswsock.dll

2013-09-08 02:03 . 2013-10-09 05:23 231424 ----a-w- c:\windows\SysWow64\mswsock.dll

2013-09-04 01:37 . 2013-10-09 05:23 343040 ----a-w- c:\windows\system32\drivers\usbhub.sys

2013-09-04 01:37 . 2013-10-09 05:23 99840 ----a-w- c:\windows\system32\drivers\usbccgp.sys

2013-09-04 01:37 . 2013-10-09 05:23 325120 ----a-w- c:\windows\system32\drivers\usbport.sys

2013-09-04 01:37 . 2013-10-09 05:23 52736 ----a-w- c:\windows\system32\drivers\usbehci.sys

2013-09-04 01:37 . 2013-10-09 05:23 30720 ----a-w- c:\windows\system32\drivers\usbuhci.sys

2013-09-04 01:37 . 2013-10-09 05:23 25600 ----a-w- c:\windows\system32\drivers\usbohci.sys

2013-09-04 01:37 . 2013-10-09 05:23 7808 ----a-w- c:\windows\system32\drivers\usbd.sys

2013-08-29 02:17 . 2013-10-09 05:24 5549504 ----a-w- c:\windows\system32\ntoskrnl.exe

2013-08-29 02:16 . 2013-10-09 05:24 1732032 ----a-w- c:\windows\system32\ntdll.dll

2013-08-29 02:16 . 2013-10-09 05:24 243712 ----a-w- c:\windows\system32\wow64.dll

2013-08-29 02:16 . 2013-10-09 05:24 859648 ----a-w- c:\windows\system32\tdh.dll

2013-08-29 02:13 . 2013-10-09 05:24 878080 ----a-w- c:\windows\system32\advapi32.dll

2013-08-29 01:51 . 2013-10-09 05:24 3969472 ----a-w- c:\windows\SysWow64\ntkrnlpa.exe

2013-08-29 01:51 . 2013-10-09 05:24 3914176 ----a-w- c:\windows\SysWow64\ntoskrnl.exe

2013-08-29 01:50 . 2013-10-09 05:23 5120 ----a-w- c:\windows\SysWow64\wow32.dll

2013-08-29 01:50 . 2013-10-09 05:24 1292192 ----a-w- c:\windows\SysWow64\ntdll.dll

2013-08-29 01:50 . 2013-10-09 05:24 619520 ----a-w- c:\windows\SysWow64\tdh.dll

2013-08-29 01:48 . 2013-10-09 05:24 640512 ----a-w- c:\windows\SysWow64\advapi32.dll

2013-08-29 01:48 . 2013-10-09 05:23 44032 ----a-w- c:\windows\apppatch\acwow64.dll

2013-08-29 00:49 . 2013-10-09 05:23 25600 ----a-w- c:\windows\SysWow64\setup16.exe

2013-08-29 00:49 . 2013-10-09 05:23 7680 ----a-w- c:\windows\SysWow64\instnm.exe

2013-08-29 00:49 . 2013-10-09 05:23 14336 ----a-w- c:\windows\SysWow64\ntvdm64.dll

2013-08-29 00:49 . 2013-10-09 05:23 2048 ----a-w- c:\windows\SysWow64\user.exe

2013-08-28 01:21 . 2013-10-09 05:23 3155968 ----a-w- c:\windows\system32\win32k.sys

2013-08-28 01:12 . 2013-10-09 05:23 461312 ----a-w- c:\windows\system32\scavengeui.dll

.

((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))

.

*Note* empty entries & legit default entries are not shown

REGEDIT4

.

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"GarminExpressTrayApp"="c:\program files (x86)\Garmin\Express Tray\ExpressTray.exe" [2013-09-19 1093976]

"ABBYY Screenshot Reader Bonus"="c:\program files (x86)\ABBYY FineReader 9.0 Sprint\Bonus.ScreenshotReader.exe" [2009-11-26 939272]

"Fitbit Connect"="c:\program files (x86)\Fitbit Connect\Fitbit Connect.exe" [2013-10-02 3264544]

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]

"GrooveMonitor"="c:\program files (x86)\Microsoft Office\Office12\GrooveMonitor.exe" [2009-02-27 30040]

"SSBkgdUpdate"="c:\program files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe" [2006-10-25 210472]

"OpwareSE4"="c:\program files (x86)\ScanSoft\OmniPageSE4\OpwareSE4.exe" [2007-02-04 79400]

"Adobe Photo Downloader"="c:\program files (x86)\Adobe\Photoshop Elements 5.0\apdproxy.exe" [2006-12-22 67752]

"EEventManager"="c:\program files (x86)\Epson Software\Event Manager\EEventManager.exe" [2010-10-12 979328]

"FUFAXRCV"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXRCV.exe" [2011-03-09 495616]

"FUFAXSTM"="c:\program files (x86)\Epson Software\FAX Utility\FUFAXSTM.exe" [2011-03-09 856064]

"LTCM Client"="c:\program files (x86)\LTCM Client\ltcmClient.exe" [2011-04-07 2756864]

"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]

"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-05-11 958576]

"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]

"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe" [2013-07-02 254336]

"mcui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-25 537512]

"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-10-24 152392]

"mcpltui_exe"="c:\program files\McAfee.com\Agent\mcagent.exe" [2013-09-25 537512]

"Fitbit Connect"="c:\program files (x86)\Fitbit Connect\Fitbit Connect.exe" [2013-10-02 3264544]

.

[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]

"ConsentPromptBehaviorAdmin"= 0 (0x0)

"ConsentPromptBehaviorUser"= 3 (0x3)

"EnableLUA"= 0 (0x0)

"EnableUIADesktopToggle"= 0 (0x0)

"EnableVirtualization"= 0 (0x0)

"PromptOnSecureDesktop"= 0 (0x0)

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\drivers32]

"aux"=wdmaud.drv

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]

@=""

.

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc]

@=""

.

R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]

R2 Roxio Upnp Server 11;Roxio Upnp Server 11;c:\program files (x86)\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe;c:\program files (x86)\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe [x]

R2 RoxLiveShare11;LiveShare P2P Server 11;c:\program files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe;c:\program files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe [x]

R2 RoxWatch11;Roxio Hard Drive Watcher 11;c:\program files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe;c:\program files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe [x]

R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]

R3 dmvsc;dmvsc;c:\windows\system32\drivers\dmvsc.sys;c:\windows\SYSNATIVE\drivers\dmvsc.sys [x]

R3 GamesAppService;GamesAppService;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe;c:\program files (x86)\WildTangent Games\App\GamesAppService.exe [x]

R3 HipShieldK;McAfee Inc. HipShieldK;c:\windows\system32\drivers\HipShieldK.sys;c:\windows\SYSNATIVE\drivers\HipShieldK.sys [x]

R3 IEEtwCollectorService;Internet Explorer ETW Collector Service;c:\windows\system32\IEEtwCollector.exe;c:\windows\SYSNATIVE\IEEtwCollector.exe [x]

R3 mbamchameleon;mbamchameleon;c:\windows\system32\drivers\mbamchameleon.sys;c:\windows\SYSNATIVE\drivers\mbamchameleon.sys [x]

R3 mfencrk;McAfee Inc. mfencrk;c:\windows\system32\DRIVERS\mfencrk.sys;c:\windows\SYSNATIVE\DRIVERS\mfencrk.sys [x]

R3 Netaapl;Apple Mobile Device Ethernet Service;c:\windows\system32\DRIVERS\netaapl64.sys;c:\windows\SYSNATIVE\DRIVERS\netaapl64.sys [x]

R3 netvsc;netvsc;c:\windows\system32\DRIVERS\netvsc60.sys;c:\windows\SYSNATIVE\DRIVERS\netvsc60.sys [x]

R3 RdpVideoMiniport;Remote Desktop Video Miniport Driver;c:\windows\system32\drivers\rdpvideominiport.sys;c:\windows\SYSNATIVE\drivers\rdpvideominiport.sys [x]

R3 Roxio UPnP Renderer 11;Roxio UPnP Renderer 11;c:\program files (x86)\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe;c:\program files (x86)\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe [x]

R3 RoxMediaDB11;RoxMediaDB11;c:\program files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe;c:\program files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe [x]

R3 SynthVid;SynthVid;c:\windows\system32\DRIVERS\VMBusVideoM.sys;c:\windows\SYSNATIVE\DRIVERS\VMBusVideoM.sys [x]

R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]

R3 TsUsbGD;Remote Desktop Generic USB Device;c:\windows\system32\drivers\TsUsbGD.sys;c:\windows\SYSNATIVE\drivers\TsUsbGD.sys [x]

R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]

R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]

R4 wlcrasvc;Windows Live Mesh remote connections service;c:\program files\Windows Live\Mesh\wlcrasvc.exe;c:\program files\Windows Live\Mesh\wlcrasvc.exe [x]

S0 mfewfpk;McAfee Inc. mfewfpk;c:\windows\system32\drivers\mfewfpk.sys;c:\windows\SYSNATIVE\drivers\mfewfpk.sys [x]

S0 PxHlpa64;PxHlpa64;c:\windows\System32\Drivers\PxHlpa64.sys;c:\windows\SYSNATIVE\Drivers\PxHlpa64.sys [x]

S2 ABBYY.Licensing.FineReader.Sprint.9.0;ABBYY FineReader 9.0 Sprint Licensing Service;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe;c:\program files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe [x]

S2 EPSON_PM_RPCV4_05;EPSON V3 Service4(05);c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE;c:\program files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE [x]

S2 EpsonCustomerParticipation;EpsonCustomerParticipation;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe;c:\program files\EPSON\EpsonCustomerParticipation\EPCP.exe [x]

S2 Fitbit Connect;Fitbit Connect Service;c:\program files (x86)\Fitbit Connect\FitbitConnectService.exe;c:\program files (x86)\Fitbit Connect\FitbitConnectService.exe [x]

S2 Garmin Core Update Service;Garmin Core Update Service;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe;c:\program files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe [x]

S2 HomeNetSvc;McAfee Home Network;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]

S2 IntuitUpdateServiceV4;Intuit Update Service v4;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe;c:\program files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe [x]

S2 McAfee SiteAdvisor Service;McAfee SiteAdvisor Service;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\McSvcHost\McSvHost.exe [x]

S2 McAPExe;McAfee AP Service;c:\program files\McAfee\MSC\McAPExe.exe;c:\program files\McAfee\MSC\McAPExe.exe [x]

S2 McMPFSvc;McAfee Personal Firewall Service;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]

S2 McNaiAnn;McAfee VirusScan Announcer;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]

S2 mcpltsvc;McAfee Platform Services;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe;c:\program files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe [x]

S2 mfecore;McAfee Anti-Malware Core;c:\program files\Common Files\McAfee\AMCore\mcshield.exe;c:\program files\Common Files\McAfee\AMCore\mcshield.exe [x]

S2 mfefire;McAfee Firewall Core Service;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe;c:\program files\Common Files\McAfee\SystemCore\\mfefire.exe [x]

S2 mfevtp;McAfee Validation Trust Protection Service;c:\windows\system32\mfevtps.exe;c:\windows\SYSNATIVE\mfevtps.exe [x]

S2 NitroReaderDriverReadSpool3;NitroPDFReaderDriverCreatorReadSpool3;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe;c:\program files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe [x]

S3 cfwids;McAfee Inc. cfwids;c:\windows\system32\drivers\cfwids.sys;c:\windows\SYSNATIVE\drivers\cfwids.sys [x]

S3 IntcDAud;Intel® Display Audio;c:\windows\system32\DRIVERS\IntcDAud.sys;c:\windows\SYSNATIVE\DRIVERS\IntcDAud.sys [x]

S3 mfefirek;McAfee Inc. mfefirek;c:\windows\system32\drivers\mfefirek.sys;c:\windows\SYSNATIVE\drivers\mfefirek.sys [x]

S3 mfencbdc;McAfee Inc. mfencbdc;c:\windows\system32\DRIVERS\mfencbdc.sys;c:\windows\SYSNATIVE\DRIVERS\mfencbdc.sys [x]

S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]

.

[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]

2013-11-14 21:38 1210320 ----a-w- c:\program files (x86)\Google\Chrome\Application\31.0.1650.57\Installer\chrmstp.exe

.

Contents of the 'Scheduled Tasks' folder

.

2013-11-20 c:\windows\Tasks\Adobe Flash Player Updater.job

- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-05-25 14:54]

.

2013-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08 15:27]

.

2013-11-20 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job

- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2013-11-08 15:27]

.

--------- X64 Entries -----------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]

"CanonSolutionMenu"="c:\program files (x86)\Canon\SolutionMenu\CNSLMAIN.exe" [2007-05-15 644696]

"WrtMon.exe"="c:\windows\system32\spool\drivers\x64\3\WrtMon.exe" [2006-09-20 20480]

"IgfxTray"="c:\windows\system32\igfxtray.exe" [2012-12-14 172144]

"HotKeysCmds"="c:\windows\system32\hkcmd.exe" [2012-12-14 399984]

"Persistence"="c:\windows\system32\igfxpers.exe" [2012-12-14 441968]

.

------- Supplementary Scan -------

.

uLocal Page = c:\windows\system32\blank.htm

mLocal Page = c:\windows\SysWOW64\blank.htm

uInternet Settings,ProxyOverride = *.local

TCP: DhcpNameServer = 192.168.0.1

FF - ProfilePath - c:\users\Peggy\AppData\Roaming\Mozilla\Firefox\Profiles\x65kwfgz.default\

FF - prefs.js: browser.search.selectedEngine - Secure Search

FF - prefs.js: browser.startup.homepage - GOOGLE.COM

FF - prefs.js: network.proxy.type - 0

FF - ExtSQL: 2013-10-04 07:10; {4ED1F68A-5463-4931-9384-8FFF5ED91D92}; c:\program files (x86)\McAfee\SiteAdvisor

.

- - - - ORPHANS REMOVED - - - -

.

Toolbar-Locked - (no file)

Wow6432Node-HKCU-Run-iCloudServices - f:\itunes\iCloudServices.exe

Wow6432Node-HKCU-Run-ApplePhotoStreams - f:\itunes\ApplePhotoStreams.exe

HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start

Toolbar-Locked - (no file)

HKLM-Run-AS2014 - c:\programdata\3p66vnlp\3p66vnlp.exe

AddRemove-WT089446 - c:\program files (x86)\WildTangent\Dell Games\Wedding Dash - Ready

AddRemove-{27310A4F-6A97-43C0-928C-FE5313B9949B} - c:\programdata\{8A97BD76-C9AA-4288-9290-EF7391174F4B}\FFOv2011-8_Setup.exe

.

--------------------- LOCKED REGISTRY KEYS ---------------------

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_9_900_152_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="FlashBroker"

"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe,-101"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]

"Enabled"=dword:00000001

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_9_900_152_ActiveX.exe"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Shockwave Flash Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]

@="0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]

@="ShockwaveFlash.ShockwaveFlash.11"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="ShockwaveFlash.ShockwaveFlash"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]

@Denied: (A 2) (Everyone)

@="Macromedia Flash Factory Object"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx"

"ThreadingModel"="Apartment"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]

@="FlashFactory.FlashFactory.1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]

@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_9_900_152.ocx, 1"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]

@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]

@="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]

@="FlashFactory.FlashFactory"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]

@Denied: (A 2) (Everyone)

@="IFlashBroker5"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]

@="{00020424-0000-0000-C000-000000000046}"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]

@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"

"Version"="1.0"

.

[HKEY_LOCAL_MACHINE\SOFTWARE\McAfee]

"SymbolicLinkValue"=hex(6):5c,00,72,00,65,00,67,00,69,00,73,00,74,00,72,00,79,

00,5c,00,6d,00,61,00,63,00,68,00,69,00,6e,00,65,00,5c,00,53,00,6f,00,66,00,\

.

[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\PCW\Security]

@Denied: (Full) (Everyone)

.

Completion time: 2013-11-20 13:59:29

ComboFix-quarantined-files.txt 2013-11-20 21:59

.

Pre-Run: 878,190,047,232 bytes free

Post-Run: 878,051,352,576 bytes free

.

- - End Of File - - 55E1AFBA624389CEFEF57E29216F766B

5C616939100B85E558DA92B899A0FC36

Maniac · November 20, 2013

Please scan your machine with ESET OnlineScan

Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
Click the button.
For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
- Click on esetsmartinstaller_enu.exe to download the ESET Smart Installer.
  Save it to your Desktop.
- Double click on the to download the ESET Smart Installer. icon on your Desktop.
Check "YES, I accept the Terms of Use."
Click the Start button.
Accept any security warnings from your browser.
Under Scan Settings, check "Scan Archives" and "Remove found threats"
Click Advanced settings and select the following:
- Scan potentially unwanted applications
- Scan for potentially unsafe applications
- Enable Anti-Stealth technology
ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
When the scan completes, click List Threats
Click Export, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
Click the Back button.
Click the Finish button.

dpchristi · November 21, 2013

C:\Windows\SysWOW64\ctfmicpl.dll a variant of Win32/Kryptik.BGXQ trojan

C:\Users\Peggy\Desktop\My Data Backup\Peggy\Downloads\registrybooster.exe a variant of Win32/RegistryBooster application cleaned by deleting - quarantined

C:\Windows\System32\ctfmicpl.dll a variant of Win32/Kryptik.BGXQ trojan cleaned by deleting (after the next restart) - quarantined

F:\Peggy\CDRW Stuff\User Guide\FreeYouTubeToMP3Converter.exe a variant of Win32/Toolbar.Conduit.B application cleaned by deleting - quarantined

Operating memory a variant of Win32/PSW.Papras.CE trojan

Maniac · November 21, 2013

That's bad.

Step 1

Please download Malwarebytes Anti-Rootkit from here

Unzip the contents to a folder in a convenient location.
Open the folder where the contents were unzipped and run mbar.exe
Follow the instructions in the wizard to update and allow the program to scan your computer for threats.
Click on the Cleanup button to remove any threats and reboot if prompted to do so.
Wait while the system shuts down and the cleanup process is performed.
Perform another scan with Malwarebytes Anti-Rootkit to verify that no threats remain. If they do, then click Cleanup once more and repeat the process.
When done, please post the two logs produced they will be in the MBAR folder... mbar-log.txt and system-log.txt

Step 2

Please download the latest version of TDSSKiller from here and save it to your Desktop.

Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters.
Put a checkmark beside loaded modules.
A reboot will be needed to apply the changes. Do it.
TDSSKiller will launch automatically after the reboot. Also your computer may seem very slow and unusable. This is normal. Give it enough time to load your background programs.
Then click on Change parameters in TDSSKiller.
Check all boxes then click OK.
Click the Start Scan button.
The scan should take no longer than 2 minutes.
If a suspicious object is detected, the default action will be Skip, click on Continue.
If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.

Note: If Cure is not available, please choose Skip instead, do not choose Delete unless instructed.
A report will be created in your root directory, (usually C:\ folder) in the form of "TDSSKiller.[Version]_[Date]_[Time]_log.txt". Please copy and paste the contents of that file here.
In your next reply, post the following log files:
- Malwarebytes' Anti-Rootkit log
- TDSSKiller log

dpchristi · November 21, 2013

Malwarebytes Anti-Rootkit BETA 1.07.0.1007

www.malwarebytes.org

Database version: v2013.11.21.06

Windows 7 Service Pack 1 x64 NTFS

Internet Explorer 11.0.9600.16428

Peggy :: PEGGY-DELL [administrator]

11/21/2013 6:59:31 AM

mbar-log-2013-11-21 (06-59-31).txt

Scan type: Quick scan

Scan options disabled:

Objects scanned: 244490

Time elapsed: 11 minute(s), 5 second(s)

Memory Processes Detected: 0

(No malicious items detected)

Memory Modules Detected: 0

(No malicious items detected)

Registry Keys Detected: 0

(No malicious items detected)

Registry Values Detected: 0

(No malicious items detected)

Registry Data Items Detected: 0

(No malicious items detected)

Folders Detected: 0

(No malicious items detected)

Files Detected: 0

(No malicious items detected)

Physical Sectors Detected: 0

(No malicious items detected)

(end)

dpchristi · November 21, 2013

---------------------------------------

Malwarebytes Anti-Rootkit BETA 1.07.0.1007

OS version: 6.1.7601 Windows 7 Service Pack 1 x64

Account is Administrative

Internet Explorer version: 11.0.9600.16428

File system is: NTFS

Disk drives: C:\ DRIVE_FIXED, F:\ DRIVE_FIXED

CPU speed: 2.993000 GHz

Memory total: 8498319360, free: 6965555200

Downloaded database version: v2013.11.21.06

Downloaded database version: v2013.10.11.02

=======================================

Initializing...

------------ Kernel report ------------

11/21/2013 06:59:28

------------ Loaded modules -----------

\SystemRoot\system32\ntoskrnl.exe

\SystemRoot\system32\hal.dll

\SystemRoot\system32\kdcom.dll

\SystemRoot\system32\mcupdate_GenuineIntel.dll

\SystemRoot\system32\PSHED.dll

\SystemRoot\system32\CLFS.SYS

\SystemRoot\system32\CI.dll

\SystemRoot\system32\drivers\Wdf01000.sys

\SystemRoot\system32\drivers\WDFLDR.SYS

\SystemRoot\system32\drivers\ACPI.sys

\SystemRoot\system32\drivers\WMILIB.SYS

\SystemRoot\system32\drivers\msisadrv.sys

\SystemRoot\system32\drivers\pci.sys

\SystemRoot\system32\drivers\vdrvroot.sys

\SystemRoot\System32\drivers\partmgr.sys

\SystemRoot\system32\drivers\volmgr.sys

\SystemRoot\System32\drivers\volmgrx.sys

\SystemRoot\system32\drivers\intelide.sys

\SystemRoot\system32\drivers\PCIIDEX.SYS

\SystemRoot\System32\drivers\mountmgr.sys

\SystemRoot\system32\drivers\atapi.sys

\SystemRoot\system32\drivers\ataport.SYS

\SystemRoot\system32\drivers\amdxata.sys

\SystemRoot\system32\drivers\fltmgr.sys

\SystemRoot\system32\drivers\fileinfo.sys

\SystemRoot\system32\drivers\mfehidk.sys

\SystemRoot\System32\Drivers\PxHlpa64.sys

\SystemRoot\System32\Drivers\Ntfs.sys

\SystemRoot\System32\Drivers\msrpc.sys

\SystemRoot\System32\Drivers\ksecdd.sys

\SystemRoot\System32\Drivers\cng.sys

\SystemRoot\System32\drivers\pcw.sys

\SystemRoot\System32\Drivers\Fs_Rec.sys

\SystemRoot\system32\drivers\ndis.sys

\SystemRoot\system32\drivers\NETIO.SYS

\SystemRoot\System32\Drivers\ksecpkg.sys

\SystemRoot\System32\drivers\tcpip.sys

\SystemRoot\System32\drivers\fwpkclnt.sys

\SystemRoot\system32\drivers\mfewfpk.sys

\SystemRoot\system32\drivers\volsnap.sys

\SystemRoot\System32\Drivers\spldr.sys

\SystemRoot\System32\drivers\rdyboost.sys

\SystemRoot\System32\Drivers\mup.sys

\SystemRoot\System32\drivers\hwpolicy.sys

\SystemRoot\System32\DRIVERS\fvevol.sys

\SystemRoot\system32\drivers\disk.sys

\SystemRoot\system32\drivers\CLASSPNP.SYS

\SystemRoot\system32\DRIVERS\cdrom.sys

\SystemRoot\System32\Drivers\Null.SYS

\SystemRoot\System32\Drivers\Beep.SYS

\SystemRoot\System32\drivers\vga.sys

\SystemRoot\System32\drivers\VIDEOPRT.SYS

\SystemRoot\System32\drivers\watchdog.sys

\SystemRoot\System32\DRIVERS\RDPCDD.sys

\SystemRoot\system32\drivers\rdpencdd.sys

\SystemRoot\system32\drivers\rdprefmp.sys

\SystemRoot\System32\Drivers\Msfs.SYS

\SystemRoot\System32\Drivers\Npfs.SYS

\SystemRoot\system32\DRIVERS\tdx.sys

\SystemRoot\system32\DRIVERS\TDI.SYS

\SystemRoot\System32\DRIVERS\netbt.sys

\SystemRoot\system32\drivers\afd.sys

\SystemRoot\system32\DRIVERS\wfplwf.sys

\SystemRoot\system32\DRIVERS\pacer.sys

\SystemRoot\system32\DRIVERS\vpcnfltr.sys

\SystemRoot\system32\DRIVERS\netbios.sys

\SystemRoot\system32\DRIVERS\wanarp.sys

\SystemRoot\system32\drivers\vpcvmm.sys

\SystemRoot\system32\DRIVERS\termdd.sys

\SystemRoot\system32\DRIVERS\rdbss.sys

\SystemRoot\system32\drivers\nsiproxy.sys

\SystemRoot\system32\DRIVERS\mssmbios.sys

\SystemRoot\System32\drivers\discache.sys

\SystemRoot\system32\drivers\csc.sys

\SystemRoot\System32\Drivers\dfsc.sys

\SystemRoot\system32\DRIVERS\blbdrive.sys

\SystemRoot\system32\DRIVERS\tunnel.sys

\SystemRoot\system32\DRIVERS\igdkmd64.sys

\SystemRoot\System32\drivers\dxgkrnl.sys

\SystemRoot\System32\drivers\dxgmms1.sys

\SystemRoot\system32\DRIVERS\HECIx64.sys

\SystemRoot\system32\drivers\usbehci.sys

\SystemRoot\system32\drivers\USBPORT.SYS

\SystemRoot\system32\DRIVERS\HDAudBus.sys

\SystemRoot\system32\DRIVERS\Rt64win7.sys

\SystemRoot\system32\DRIVERS\GEARAspiWDM.sys

\SystemRoot\system32\DRIVERS\intelppm.sys

\SystemRoot\system32\DRIVERS\CompositeBus.sys

\SystemRoot\system32\DRIVERS\AgileVpn.sys

\SystemRoot\system32\DRIVERS\rasl2tp.sys

\SystemRoot\system32\DRIVERS\ndistapi.sys

\SystemRoot\system32\DRIVERS\ndiswan.sys

\SystemRoot\system32\DRIVERS\raspppoe.sys

\SystemRoot\system32\DRIVERS\raspptp.sys

\SystemRoot\system32\DRIVERS\rassstp.sys

\SystemRoot\system32\DRIVERS\rdpbus.sys

\SystemRoot\system32\DRIVERS\kbdclass.sys

\SystemRoot\system32\DRIVERS\mouclass.sys

\SystemRoot\system32\DRIVERS\swenum.sys

\SystemRoot\system32\DRIVERS\ks.sys

\SystemRoot\system32\DRIVERS\umbus.sys

\SystemRoot\system32\DRIVERS\vpcusb.sys

\SystemRoot\system32\DRIVERS\usbrpm.sys

\SystemRoot\system32\DRIVERS\USBD.SYS

\SystemRoot\system32\DRIVERS\vpchbus.sys

\SystemRoot\system32\DRIVERS\usbhub.sys

\SystemRoot\System32\Drivers\NDProxy.SYS

\SystemRoot\system32\drivers\CHDRT64.sys

\SystemRoot\system32\drivers\portcls.sys

\SystemRoot\system32\drivers\drmk.sys

\SystemRoot\system32\drivers\ksthunk.sys

\SystemRoot\system32\DRIVERS\IntcDAud.sys

\SystemRoot\system32\drivers\mfeavfk.sys

\SystemRoot\system32\drivers\mfefirek.sys

\SystemRoot\system32\DRIVERS\mfencbdc.sys

\SystemRoot\System32\win32k.sys

\SystemRoot\System32\drivers\Dxapi.sys

\SystemRoot\system32\DRIVERS\usbccgp.sys

\SystemRoot\system32\drivers\usbscan.sys

\SystemRoot\system32\DRIVERS\usbprint.sys

\SystemRoot\system32\DRIVERS\USBSTOR.SYS

\SystemRoot\System32\TSDDD.dll

\SystemRoot\System32\Drivers\crashdmp.sys

\SystemRoot\System32\Drivers\dump_dumpata.sys

\SystemRoot\System32\Drivers\dump_atapi.sys

\SystemRoot\System32\Drivers\dump_dumpfve.sys

\SystemRoot\system32\DRIVERS\hidusb.sys

\SystemRoot\system32\DRIVERS\HIDCLASS.SYS

\SystemRoot\system32\DRIVERS\HIDPARSE.SYS

\SystemRoot\system32\DRIVERS\kbdhid.sys

\SystemRoot\System32\cdd.dll

\SystemRoot\system32\DRIVERS\mouhid.sys

\SystemRoot\system32\DRIVERS\dot4usb.sys

\SystemRoot\system32\DRIVERS\Dot4.sys

\SystemRoot\system32\DRIVERS\Dot4Prt.sys

\SystemRoot\System32\Drivers\fastfat.SYS

\SystemRoot\System32\ATMFD.DLL

\SystemRoot\system32\DRIVERS\lltdio.sys

\SystemRoot\system32\DRIVERS\rspndr.sys

\SystemRoot\system32\drivers\HTTP.sys

\SystemRoot\system32\DRIVERS\bowser.sys

\SystemRoot\System32\drivers\mpsdrv.sys

\SystemRoot\system32\DRIVERS\mrxsmb.sys

\SystemRoot\system32\DRIVERS\mrxsmb10.sys

\SystemRoot\system32\DRIVERS\mrxsmb20.sys

\SystemRoot\system32\drivers\mfeapfk.sys

\SystemRoot\system32\drivers\peauth.sys

\SystemRoot\System32\Drivers\secdrv.SYS

\SystemRoot\System32\DRIVERS\srvnet.sys

\SystemRoot\System32\drivers\tcpipreg.sys

\SystemRoot\System32\DRIVERS\srv2.sys

\SystemRoot\System32\DRIVERS\srv.sys

\SystemRoot\system32\drivers\WudfPf.sys

\SystemRoot\system32\DRIVERS\WUDFRd.sys

\SystemRoot\system32\drivers\cfwids.sys

\??\C:\Windows\system32\Drivers\PROCEXP113.SYS

\SystemRoot\system32\DRIVERS\monitor.sys

\??\C:\Windows\system32\drivers\mbamchameleon.sys

\??\C:\Windows\system32\drivers\MBAMSwissArmy.sys

\Windows\System32\ntdll.dll

\Windows\System32\smss.exe

\Windows\System32\apisetschema.dll

\Windows\System32\autochk.exe

\Windows\System32\shell32.dll

\Windows\System32\ole32.dll

\Windows\System32\urlmon.dll

\Windows\System32\msctf.dll

\Windows\System32\user32.dll

\Windows\System32\psapi.dll

\Windows\System32\rpcrt4.dll

\Windows\System32\Wldap32.dll

\Windows\System32\iertutil.dll

\Windows\System32\normaliz.dll

\Windows\System32\oleaut32.dll

\Windows\System32\shlwapi.dll

\Windows\System32\difxapi.dll

\Windows\System32\setupapi.dll

\Windows\System32\lpk.dll

\Windows\System32\ws2_32.dll

\Windows\System32\imagehlp.dll

\Windows\System32\usp10.dll

\Windows\System32\clbcatq.dll

\Windows\System32\kernel32.dll

\Windows\System32\sechost.dll

\Windows\System32\gdi32.dll

\Windows\System32\wininet.dll

\Windows\System32\comdlg32.dll

\Windows\System32\imm32.dll

\Windows\System32\advapi32.dll

\Windows\System32\msvcrt.dll

\Windows\System32\nsi.dll

\Windows\System32\KernelBase.dll

\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

\Windows\System32\devobj.dll

\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

\Windows\System32\comctl32.dll

\Windows\System32\crypt32.dll

\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

\Windows\System32\wintrust.dll

\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

\Windows\System32\cfgmgr32.dll

\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

\Windows\System32\msasn1.dll

\Windows\SysWOW64\normaliz.dll

----------- End -----------

Done!

<<<1>>>

Upper Device Name: \Device\Harddisk3\DR6

Upper Device Object: 0xfffffa800ca5a790

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000087\

Lower Device Object: 0xfffffa800bbcb590

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk2\DR2

Upper Device Object: 0xfffffa8009492790

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000075\

Lower Device Object: 0xfffffa8009480060

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk1\DR1

Upper Device Object: 0xfffffa80092ce060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\00000072\

Lower Device Object: 0xfffffa80092a0b60

Lower Device Driver Name: \Driver\USBSTOR\

<<<1>>>

Upper Device Name: \Device\Harddisk0\DR0

Upper Device Object: 0xfffffa8007e09060

Upper Device Driver Name: \Driver\Disk\

Lower Device Name: \Device\Ide\IdeDeviceP0T0L0-0\

Lower Device Object: 0xfffffa8007817060

Lower Device Driver Name: \Driver\atapi\

<<<2>>>

Physical Sector Size: 512

Drive: 0, DevicePointer: 0xfffffa8007e09060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa8007c34b90, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8007e09060, DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8007815520, DeviceName: Unknown, DriverName: \Driver\ACPI\

DevicePointer: 0xfffffa8007817060, DeviceName: \Device\Ide\IdeDeviceP0T0L0-0\, DriverName: \Driver\atapi\

------------ End ----------

Alternate DeviceName: \Device\Harddisk0\DR0\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Scanning drivers directory: C:\WINDOWS\SYSTEM32\drivers...

<<<2>>>

<<<3>>>

Volume: C:

File system type: NTFS

SectorSize = 512, ClusterSize = 4096, MFTRecordSize = 1024, MFTIndexSize = 4096 bytes

Done!

Drive 0

Scanning MBR on drive 0...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: BA28F2AA

Partition information:

Partition 0 type is Other (0xde)

Partition is NOT ACTIVE.

Partition starts at LBA: 63 Numsec = 80262

Partition 1 type is Primary (0x7)

Partition is ACTIVE.

Partition starts at LBA: 81920 Numsec = 37355520

Partition file system is NTFS

Partition is bootable

Partition 2 type is Primary (0x7)

Partition is NOT ACTIVE.

Partition starts at LBA: 37437440 Numsec = 1916084224

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 1000204886016 bytes

Sector size: 512 bytes

Scanning physical sectors of unpartitioned space on drive 0 (1-62-1953505168-1953525168)...

Done!

Physical Sector Size: 0

Drive: 1, DevicePointer: 0xfffffa80092ce060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa80092d1790, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa80092ce060, DeviceName: \Device\Harddisk1\DR1\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa80092a0b60, DeviceName: \Device\00000072\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 0

Drive: 2, DevicePointer: 0xfffffa8009492790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800949d680, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa8009492790, DeviceName: \Device\Harddisk2\DR2\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa8009480060, DeviceName: \Device\00000075\, DriverName: \Driver\USBSTOR\

------------ End ----------

Physical Sector Size: 512

Drive: 3, DevicePointer: 0xfffffa800ca5a790, DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\

--------- Disk Stack ------

DevicePointer: 0xfffffa800a4a7040, DeviceName: Unknown, DriverName: \Driver\partmgr\

DevicePointer: 0xfffffa800ca5a790, DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\

DevicePointer: 0xfffffa800bbcb590, DeviceName: \Device\00000087\, DriverName: \Driver\USBSTOR\

------------ End ----------

Alternate DeviceName: \Device\Harddisk3\DR6\, DriverName: \Driver\Disk\

Upper DeviceData: 0x0, 0x0, 0x0

Lower DeviceData: 0x0, 0x0, 0x0

Drive 3

Scanning MBR on drive 3...

Inspecting partition table:

MBR Signature: 55AA

Disk Signature: 5B6AC646

Partition information:

Partition 0 type is Other (0xc)

Partition is NOT ACTIVE.

Partition starts at LBA: 63 Numsec = 625137282

Partition 1 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 2 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Partition 3 type is Empty (0x0)

Partition is NOT ACTIVE.

Partition starts at LBA: 0 Numsec = 0

Disk Size: 320072933376 bytes

Sector size: 512 bytes

Done!

Scan finished

=======================================

Removal queue found; removal started

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\Bootstrap_0_1_81920_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_0_r.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_3_i.mbam...

Removing C:\ProgramData\Malwarebytes' Anti-Malware (portable)\MBR_3_r.mbam...

Removal finished

Maniac · November 21, 2013

Good!

Now please post your TDSSKiller log.

dpchristi · November 21, 2013

07:43:00.0750 0x08cc TDSS rootkit removing tool 3.0.0.19 Nov 18 2013 09:27:50

07:43:01.0826 0x08cc ============================================================

07:43:01.0826 0x08cc Current date / time: 2013/11/21 07:43:01.0826

07:43:01.0826 0x08cc SystemInfo:

07:43:01.0826 0x08cc

07:43:01.0826 0x08cc OS Version: 6.1.7601 ServicePack: 1.0

07:43:01.0826 0x08cc Product type: Workstation

07:43:01.0826 0x08cc ComputerName: PEGGY-DELL

07:43:01.0826 0x08cc UserName: Peggy

07:43:01.0826 0x08cc Windows directory: C:\Windows

07:43:01.0826 0x08cc System windows directory: C:\Windows

07:43:01.0826 0x08cc Running under WOW64

07:43:01.0826 0x08cc Processor architecture: Intel x64

07:43:01.0826 0x08cc Number of processors: 4

07:43:01.0826 0x08cc Page size: 0x1000

07:43:01.0826 0x08cc Boot type: Normal boot

07:43:01.0826 0x08cc ============================================================

07:43:01.0826 0x08cc BG loaded

07:43:01.0966 0x08cc System UUID: {D323AA0B-77D4-D37E-2270-9182894EF74A}

07:43:02.0497 0x08cc Drive \Device\Harddisk0\DR0 - Size: 0xE8E0DB6000 (931.51 Gb), SectorSize: 0x200, Cylinders: 0x1DB01, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040

07:43:02.0512 0x08cc Drive \Device\Harddisk3\DR3 - Size: 0x4A85D56000 (298.09 Gb), SectorSize: 0x200, Cylinders: 0x9801, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'

07:43:02.0575 0x08cc ============================================================

07:43:02.0575 0x08cc \Device\Harddisk0\DR0:

07:43:02.0575 0x08cc MBR partitions:

07:43:02.0575 0x08cc \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x14000, BlocksNum 0x23A0000

07:43:02.0575 0x08cc \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x23B4000, BlocksNum 0x72352000

07:43:02.0575 0x08cc \Device\Harddisk3\DR3:

07:43:02.0575 0x08cc MBR partitions:

07:43:02.0575 0x08cc \Device\Harddisk3\DR3\Partition1: MBR, Type 0xC, StartLBA 0x3F, BlocksNum 0x2542D682

07:43:02.0575 0x08cc ============================================================

07:43:02.0606 0x08cc C: <-> \Device\Harddisk0\DR0\Partition2

07:43:02.0606 0x08cc F: <-> \Device\Harddisk3\DR3\Partition1

07:43:02.0606 0x08cc ============================================================

07:43:02.0606 0x08cc Initialize success

07:43:02.0606 0x08cc ============================================================

07:44:53.0502 0x0d74 ============================================================

07:44:53.0502 0x0d74 Scan started

07:44:53.0502 0x0d74 Mode: Manual; SigCheck; TDLFS;

07:44:53.0502 0x0d74 ============================================================

07:44:53.0502 0x0d74 KSN ping started

07:45:04.0266 0x0d74 KSN ping finished: true

07:45:07.0246 0x0d74 ================ Scan system memory ========================

07:45:07.0246 0x0d74 System memory - ok

07:45:07.0246 0x0d74 ================ Scan services =============================

07:45:07.0371 0x0d74 [ A87D604AEA360176311474C87A63BB88, B1507868C382CD5D2DBC0D62114FCFBF7A780904A2E3CA7C7C1DD0844ADA9A8F ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys

07:45:07.0511 0x0d74 1394ohci - ok

07:45:07.0652 0x0d74 [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] ABBYY.Licensing.FineReader.Sprint.9.0 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

07:45:07.0667 0x0d74 ABBYY.Licensing.FineReader.Sprint.9.0 - ok

07:45:07.0714 0x0d74 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2, FDAAB7E23012B4D31537C5BDEF245BB0A12FA060A072C250E21C68E18B22E002 ] ACPI C:\Windows\system32\drivers\ACPI.sys

07:45:07.0745 0x0d74 ACPI - ok

07:45:07.0776 0x0d74 [ 99F8E788246D495CE3794D7E7821D2CA, F91615463270AD2601F882CAED43B88E7EDA115B9FD03FC56320E48119F15F76 ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys

07:45:07.0901 0x0d74 AcpiPmi - ok

07:45:08.0026 0x0d74 [ 63AB43534CBF5D7F3EB81DFDC8161490, 205A6057200D0B14DC9EED71E5D96D7558C9215138EA3D7C73FAEB16074A93A7 ] AdobeActiveFileMonitor5.0 C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

07:45:08.0042 0x0d74 AdobeActiveFileMonitor5.0 - ok

07:45:08.0104 0x0d74 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

07:45:08.0135 0x0d74 AdobeARMservice - ok

07:45:08.0322 0x0d74 [ 438F31336B3DC248ABC632F1C8F34A24, 94C1218E7EC2EC6D4870A6FDC118097D7D3A359DA073DCD3A9770F399F830991 ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe

07:45:08.0338 0x0d74 AdobeFlashPlayerUpdateSvc - ok

07:45:08.0416 0x0d74 [ 2F6B34B83843F0C5118B63AC634F5BF4, 43E3F5FBFB5D33981AC503DEE476868EC029815D459E7C36C4ABC2D2F75B5735 ] adp94xx C:\Windows\system32\drivers\adp94xx.sys

07:45:08.0432 0x0d74 adp94xx - ok

07:45:08.0478 0x0d74 [ 597F78224EE9224EA1A13D6350CED962, DA7FD99BE5E3B7B98605BF5C13BF3F1A286C0DE1240617570B46FE4605E59BDC ] adpahci C:\Windows\system32\drivers\adpahci.sys

07:45:08.0525 0x0d74 adpahci - ok

07:45:08.0541 0x0d74 [ E109549C90F62FB570B9540C4B148E54, E804563735153EA00A00641814244BC8A347B578E7D63A16F43FB17566EE5559 ] adpu320 C:\Windows\system32\drivers\adpu320.sys

07:45:08.0556 0x0d74 adpu320 - ok

07:45:08.0634 0x0d74 [ 4B78B431F225FD8624C5655CB1DE7B61, 198A5AF2125C7C41F531A652D200C083A55A97DC541E3C0B5B253C7329949156 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll

07:45:08.0853 0x0d74 AeLookupSvc - ok

07:45:08.0900 0x0d74 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] AFD C:\Windows\system32\drivers\afd.sys

07:45:08.0993 0x0d74 AFD - ok

07:45:09.0071 0x0d74 [ 608C14DBA7299D8CB6ED035A68A15799, 45360F89640BF1127C82A32393BD76205E4FA067889C40C491602F370C09282A ] agp440 C:\Windows\system32\drivers\agp440.sys

07:45:09.0087 0x0d74 agp440 - ok

07:45:09.0118 0x0d74 [ 3290D6946B5E30E70414990574883DDB, 0E9294E1991572256B3CDA6B031DB9F39CA601385515EE59F1F601725B889663 ] ALG C:\Windows\System32\alg.exe

07:45:09.0212 0x0d74 ALG - ok

07:45:09.0243 0x0d74 [ 5812713A477A3AD7363C7438CA2EE038, A7316299470D2E57A11499C752A711BF4A71EB11C9CBA731ED0945FF6A966721 ] aliide C:\Windows\system32\drivers\aliide.sys

07:45:09.0258 0x0d74 aliide - ok

07:45:09.0305 0x0d74 [ 1FF8B4431C353CE385C875F194924C0C, 3EA3A7F426B0FFC2461EDF4FDB4B58ACC9D0730EDA5B728D1EA1346EA0A02720 ] amdide C:\Windows\system32\drivers\amdide.sys

07:45:09.0336 0x0d74 amdide - ok

07:45:09.0383 0x0d74 [ 7024F087CFF1833A806193EF9D22CDA9, E7F27E488C38338388103D3B7EEDD61D05E14FB140992AEE6F492FFC821BF529 ] AmdK8 C:\Windows\system32\drivers\amdk8.sys

07:45:09.0446 0x0d74 AmdK8 - ok

07:45:09.0461 0x0d74 [ 1E56388B3FE0D031C44144EB8C4D6217, E88CA76FD47BA0EB427D59CB9BE040DE133D89D4E62D03A8D622624531D27487 ] AmdPPM C:\Windows\system32\drivers\amdppm.sys

07:45:09.0539 0x0d74 AmdPPM - ok

07:45:09.0586 0x0d74 [ D4121AE6D0C0E7E13AA221AA57EF2D49, 626F43C099BD197BE56648C367B711143C2BCCE96496BBDEF19F391D52FA01D0 ] amdsata C:\Windows\system32\drivers\amdsata.sys

07:45:09.0633 0x0d74 amdsata - ok

07:45:09.0664 0x0d74 [ F67F933E79241ED32FF46A4F29B5120B, D6EF539058F159CC4DD14CA9B1FD924998FEAC9D325C823C7A2DD21FEF1DC1A8 ] amdsbs C:\Windows\system32\drivers\amdsbs.sys

07:45:09.0695 0x0d74 amdsbs - ok

07:45:09.0711 0x0d74 [ 540DAF1CEA6094886D72126FD7C33048, 296578572A93F5B74E1AD443E000B79DC99D1CBD25082E02704800F886A3065F ] amdxata C:\Windows\system32\drivers\amdxata.sys

07:45:09.0726 0x0d74 amdxata - ok

07:45:09.0758 0x0d74 [ 89A69C3F2F319B43379399547526D952, 8ABDB4B8E106F96EBBA0D4D04C4F432296516E107E7BA5644ED2E50CF9BB491A ] AppID C:\Windows\system32\drivers\appid.sys

07:45:10.0038 0x0d74 AppID - ok

07:45:10.0070 0x0d74 [ 0BC381A15355A3982216F7172F545DE1, C33AF13CB218F7BF52E967452573DF2ADD20A95C6BF99229794FEF07C4BBE725 ] AppIDSvc C:\Windows\System32\appidsvc.dll

07:45:10.0116 0x0d74 AppIDSvc - ok

07:45:10.0148 0x0d74 [ 9D2A2369AB4B08A4905FE72DB104498F, D6FA1705018BABABFA2362E05691A0D6408D14DE7B76129B16D0A1DAD6378E58 ] Appinfo C:\Windows\System32\appinfo.dll

07:45:10.0194 0x0d74 Appinfo - ok

07:45:10.0257 0x0d74 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

07:45:10.0257 0x0d74 Apple Mobile Device - ok

07:45:10.0304 0x0d74 [ 4ABA3E75A76195A3E38ED2766C962899, E2001ACD44DA270B8289DA362D26416676301773AB22616C211F31CF2E7869AA ] AppMgmt C:\Windows\System32\appmgmts.dll

07:45:10.0382 0x0d74 AppMgmt - ok

07:45:10.0413 0x0d74 [ C484F8CEB1717C540242531DB7845C4E, C507CE26716EB923B864ED85E8FA0B24591E2784A2F4F0E78AEED7E9953311F6 ] arc C:\Windows\system32\drivers\arc.sys

07:45:10.0444 0x0d74 arc - ok

07:45:10.0460 0x0d74 [ 019AF6924AEFE7839F61C830227FE79C, 5926B9DDFC9198043CDD6EA0B384C83B001EC225A8125628C4A45A3E6C42C72A ] arcsas C:\Windows\system32\drivers\arcsas.sys

07:45:10.0475 0x0d74 arcsas - ok

07:45:10.0616 0x0d74 [ 9217D874131AE6FF8F642F124F00A555, BE2923D5AA7748FDAAED73AF567D015517B36F1C739C6E5637DD15112EFDF495 ] aspnet_state C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe

07:45:10.0631 0x0d74 aspnet_state - ok

07:45:10.0647 0x0d74 [ 769765CE2CC62867468CEA93969B2242, 0D8F19D49869DF93A3876B4C2E249D12E83F9CE11DAE8917D368E292043D4D26 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys

07:45:10.0709 0x0d74 AsyncMac - ok

07:45:10.0756 0x0d74 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] atapi C:\Windows\system32\drivers\atapi.sys

07:45:10.0772 0x0d74 atapi - ok

07:45:10.0803 0x0d74 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll

07:45:10.0865 0x0d74 AudioEndpointBuilder - ok

07:45:10.0896 0x0d74 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] AudioSrv C:\Windows\System32\Audiosrv.dll

07:45:10.0928 0x0d74 AudioSrv - ok

07:45:10.0943 0x0d74 [ A6BF31A71B409DFA8CAC83159E1E2AFF, CBB83F73FFD3C3FB4F96605067739F8F7A4A40B2B05417FA49E575E95628753F ] AxInstSV C:\Windows\System32\AxInstSV.dll

07:45:11.0146 0x0d74 AxInstSV - ok

07:45:11.0177 0x0d74 [ 3E5B191307609F7514148C6832BB0842, DE011CB7AA4A2405FAF21575182E0793A1D83DFFC44E9A7864D59F3D51D8D580 ] b06bdrv C:\Windows\system32\drivers\bxvbda.sys

07:45:11.0255 0x0d74 b06bdrv - ok

07:45:11.0286 0x0d74 [ B5ACE6968304A3900EEB1EBFD9622DF2, 1DAA118D8CA3F97B34DF3D3CDA1C78EAB2ED225699FEABE89D331AE0CB7679FA ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys

07:45:11.0349 0x0d74 b57nd60a - ok

07:45:11.0380 0x0d74 [ FDE360167101B4E45A96F939F388AEB0, 8D1457E866BBD645C4B9710DFBFF93405CC1193BF9AE42326F2382500B713B82 ] BDESVC C:\Windows\System32\bdesvc.dll

07:45:11.0474 0x0d74 BDESVC - ok

07:45:11.0474 0x0d74 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] Beep C:\Windows\system32\drivers\Beep.sys

07:45:11.0552 0x0d74 Beep - ok

07:45:11.0598 0x0d74 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] BFE C:\Windows\System32\bfe.dll

07:45:11.0676 0x0d74 BFE - ok

07:45:11.0786 0x0d74 [ 1EA7969E3271CBC59E1730697DC74682, D511A34D63A6E0E6E7D1879068E2CD3D87ABEAF4936B2EA8CDDAD9F79D60FA04 ] BITS C:\Windows\system32\qmgr.dll

07:45:11.0848 0x0d74 BITS - ok

07:45:11.0879 0x0d74 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys

07:45:11.0910 0x0d74 blbdrive - ok

07:45:12.0035 0x0d74 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD, 17BFFC5DF609CE3B2F0CAB4BD6C118608C66A3AD86116A47E90B2BB7D8954122 ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe

07:45:12.0066 0x0d74 Bonjour Service - ok

07:45:12.0082 0x0d74 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] bowser C:\Windows\system32\DRIVERS\bowser.sys

07:45:12.0129 0x0d74 bowser - ok

07:45:12.0160 0x0d74 [ F09EEE9EDC320B5E1501F749FDE686C8, 66691114C42E12F4CC6DC4078D4D2FA4029759ACDAF1B59D17383487180E84E3 ] BrFiltLo C:\Windows\system32\drivers\BrFiltLo.sys

07:45:12.0207 0x0d74 BrFiltLo - ok

07:45:12.0222 0x0d74 [ B114D3098E9BDB8BEA8B053685831BE6, 0ED23C1897F35FA00B9C2848DE4ED200E18688AA7825674888054BBC3A3EB92C ] BrFiltUp C:\Windows\system32\drivers\BrFiltUp.sys

07:45:12.0238 0x0d74 BrFiltUp - ok

07:45:12.0316 0x0d74 [ 5C2F352A4E961D72518261257AAE204B, 9EE1001E1D46A414A7A86FE1DBBE232203E26F54D9EF43ED31ED8EACD4D09853 ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys

07:45:12.0378 0x0d74 BridgeMP - ok

07:45:12.0441 0x0d74 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694, 40011138869F5496A3E78D38C9900B466B6F3877526AC22952DCD528173F4645 ] Browser C:\Windows\System32\browser.dll

07:45:12.0519 0x0d74 Browser - ok

07:45:12.0597 0x0d74 [ 43BEA8D483BF1870F018E2D02E06A5BD, 4E6F5A5FD8C796A110B0DC9FF29E31EA78C04518FC1C840EF61BABD58AB10272 ] Brserid C:\Windows\System32\Drivers\Brserid.sys

07:45:12.0675 0x0d74 Brserid - ok

07:45:12.0675 0x0d74 [ A6ECA2151B08A09CACECA35C07F05B42, E2875BB7768ABAF38C3377007AA0A3C281503474D1831E396FB6599721586B0C ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys

07:45:12.0706 0x0d74 BrSerWdm - ok

07:45:12.0737 0x0d74 [ B79968002C277E869CF38BD22CD61524, 50631836502237AF4893ECDCEA43B9031C3DE97433F594D46AF7C3C77F331983 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys

07:45:12.0800 0x0d74 BrUsbMdm - ok

07:45:12.0800 0x0d74 [ A87528880231C54E75EA7A44943B38BF, 4C8BBB29FDA76A96840AA47A8613C15D4466F9273A13941C19507008629709C9 ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys

07:45:12.0815 0x0d74 BrUsbSer - ok

07:45:12.0862 0x0d74 [ 9DA669F11D1F894AB4EB69BF546A42E8, B498B8B6CEF957B73179D1ADAF084BBB57BB3735D810F9BE2C7B1D58A4FD25A4 ] BTHMODEM C:\Windows\system32\drivers\bthmodem.sys

07:45:12.0924 0x0d74 BTHMODEM - ok

07:45:12.0940 0x0d74 [ 95F9C2976059462CBBF227F7AAB10DE9, 2797AE919FF7606B070FB039CECDB0707CD2131DCAC09C5DF14F443D881C9F34 ] bthserv C:\Windows\system32\bthserv.dll

07:45:13.0002 0x0d74 bthserv - ok

07:45:13.0018 0x0d74 catchme - ok

07:45:13.0049 0x0d74 [ B8BD2BB284668C84865658C77574381A, 6C55BA288B626DF172FDFEA0BD7027FAEBA1F44EF20AB55160D7C7DC6E717D65 ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys

07:45:13.0112 0x0d74 cdfs - ok

07:45:13.0158 0x0d74 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys

07:45:13.0190 0x0d74 cdrom - ok

07:45:13.0221 0x0d74 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] CertPropSvc C:\Windows\System32\certprop.dll

07:45:13.0252 0x0d74 CertPropSvc - ok

07:45:13.0299 0x0d74 [ 4211C57BA2D3B714212E7AC63D6A3F1D, 0EB8996F4C9A70624DB7BA35F3426E47E5ED5F5E1A2933E6ED735BEFDB6B6156 ] cfwids C:\Windows\system32\drivers\cfwids.sys

07:45:13.0314 0x0d74 cfwids - ok

07:45:13.0330 0x0d74 [ D7CD5C4E1B71FA62050515314CFB52CF, 513B5A849899F379F0BC6AB3A8A05C3493C2393C95F036612B96EC6E252E1C64 ] circlass C:\Windows\system32\drivers\circlass.sys

07:45:13.0346 0x0d74 circlass - ok

07:45:13.0377 0x0d74 [ FE1EC06F2253F691FE36217C592A0206, B9F122DB5E665ECDF29A5CB8BB6B531236F31A54A95769D6C5C1924C87FE70CE ] CLFS C:\Windows\system32\CLFS.sys

07:45:13.0392 0x0d74 CLFS - ok

07:45:13.0424 0x0d74 [ D88040F816FDA31C3B466F0FA0918F29, 39D3630E623DA25B8444B6D3AAAB16B98E7E289C5619E19A85D47B74C71449F3 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe

07:45:13.0439 0x0d74 clr_optimization_v2.0.50727_32 - ok

07:45:13.0455 0x0d74 [ D1CEEA2B47CB998321C579651CE3E4F8, 654013B8FD229A50017B08DEC6CA19C7DDA8CE0771260E057A92625201D539B1 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe

07:45:13.0470 0x0d74 clr_optimization_v2.0.50727_64 - ok

07:45:13.0517 0x0d74 [ C5A75EB48E2344ABDC162BDA79E16841, 6070A8AAFD38FBC6A68A2B10C20117612354DF21B4492D90CA522BFB6870D726 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe

07:45:13.0626 0x0d74 clr_optimization_v4.0.30319_32 - ok

07:45:13.0642 0x0d74 [ C6F9AF94DCD58122A4D7E89DB6BED29D, CB0E5AE60EC76323585FB86D89E8DB7ADB5EDF6EA3D0B27E9ECE75B8CAA8BFDE ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe

07:45:13.0673 0x0d74 clr_optimization_v4.0.30319_64 - ok

07:45:13.0720 0x0d74 [ 0840155D0BDDF1190F84A663C284BD33, 696039FA63CFEB33487FAA8FD7BBDB220141E9C6E529355D768DFC87999A9C3A ] CmBatt C:\Windows\system32\drivers\CmBatt.sys

07:45:13.0767 0x0d74 CmBatt - ok

07:45:13.0829 0x0d74 [ E19D3F095812725D88F9001985B94EDD, 46243C5CCC4981CAC6FA6452FFCEC33329BF172448F1852D52592C9342E0E18B ] cmdide C:\Windows\system32\drivers\cmdide.sys

07:45:13.0845 0x0d74 cmdide - ok

07:45:13.0954 0x0d74 [ EBF28856F69CF094A902F884CF989706, AD6C9F0BC20AA49EEE5478DA0F856F0EA2B414B63208C5FFB03C9D7F5B59765F ] CNG C:\Windows\system32\Drivers\cng.sys

07:45:13.0985 0x0d74 CNG - ok

07:45:14.0110 0x0d74 [ 5C855932E4DF00B1B6F5F6F57E82B6C5, 6E33BC6E079E883837DA7E625DDFC71A3757B9F15C97A46D405823E1FE45932C ] CnxtHdAudService C:\Windows\system32\drivers\CHDRT64.sys

07:45:14.0141 0x0d74 CnxtHdAudService - ok

07:45:14.0157 0x0d74 [ 102DE219C3F61415F964C88E9085AD14, CD74CB703381F1382C32CF892FF2F908F4C9412E1BC77234F8FEA5D4666E1BF1 ] Compbatt C:\Windows\system32\drivers\compbatt.sys

07:45:14.0188 0x0d74 Compbatt - ok

07:45:14.0250 0x0d74 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] CompositeBus C:\Windows\system32\DRIVERS\CompositeBus.sys

07:45:14.0328 0x0d74 CompositeBus - ok

07:45:14.0328 0x0d74 COMSysApp - ok

07:45:14.0422 0x0d74 [ 815F3180B5117E42E422188E9CCC89C6, 69E539D33F3B9F3562FE4B21D853EEBB15DBD2106509FEBD476D04562F34AC08 ] cphs C:\Windows\SysWow64\IntelCpHeciSvc.exe

07:45:14.0438 0x0d74 cphs - ok

07:45:14.0453 0x0d74 [ 1C827878A998C18847245FE1F34EE597, 41EF7443D8B2733AA35CAC64B4F5F74FAC8BB0DA7D3936B69EC38E2DC3972E60 ] crcdisk C:\Windows\system32\drivers\crcdisk.sys

07:45:14.0469 0x0d74 crcdisk - ok

07:45:14.0484 0x0d74 [ 6B400F211BEE880A37A1ED0368776BF4, 2F27C6FA96A1C8CBDA467846DA57E63949A7EA37DB094B13397DDD30114295BD ] CryptSvc C:\Windows\system32\cryptsvc.dll

07:45:14.0562 0x0d74 CryptSvc - ok

07:45:14.0594 0x0d74 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] CSC C:\Windows\system32\drivers\csc.sys

07:45:14.0656 0x0d74 CSC - ok

07:45:14.0734 0x0d74 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] CscService C:\Windows\System32\cscsvc.dll

07:45:14.0781 0x0d74 CscService - ok

07:45:14.0859 0x0d74 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] DcomLaunch C:\Windows\system32\rpcss.dll

07:45:14.0890 0x0d74 DcomLaunch - ok

07:45:14.0921 0x0d74 [ 3CEC7631A84943677AA8FA8EE5B6B43D, 32061DAC9ED6C1EBA3B367B18D0E965AEEC2DF635DCF794EC39D086D32503AC5 ] defragsvc C:\Windows\System32\defragsvc.dll

07:45:14.0968 0x0d74 defragsvc - ok

07:45:14.0984 0x0d74 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] DfsC C:\Windows\system32\Drivers\dfsc.sys

07:45:15.0046 0x0d74 DfsC - ok

07:45:15.0108 0x0d74 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] Dhcp C:\Windows\system32\dhcpcore.dll

07:45:15.0171 0x0d74 Dhcp - ok

07:45:15.0186 0x0d74 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] discache C:\Windows\system32\drivers\discache.sys

07:45:15.0218 0x0d74 discache - ok

07:45:15.0249 0x0d74 [ 9819EEE8B5EA3784EC4AF3B137A5244C, 571BC886E87C888DA96282E381A746D273B58B9074E84D4CA91275E26056D427 ] Disk C:\Windows\system32\drivers\disk.sys

07:45:15.0264 0x0d74 Disk - ok

07:45:15.0280 0x0d74 [ 5DB085A8A6600BE6401F2B24EECB5415, 5FC5C7C1B4DB7BF6EFD0992E91DB41FD047E90D1ABA0B8F868CB72557F88FB13 ] dmvsc C:\Windows\system32\drivers\dmvsc.sys

07:45:15.0327 0x0d74 dmvsc - ok

07:45:15.0405 0x0d74 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] Dnscache C:\Windows\System32\dnsrslvr.dll

07:45:15.0467 0x0d74 Dnscache - ok

07:45:15.0498 0x0d74 [ B1FB3DDCA0FDF408750D5843591AFBC6, AB6AD9C5E7BA2E3646D0115B67C4800D1CB43B4B12716397657C7ADEEE807304 ] dot3svc C:\Windows\System32\dot3svc.dll

07:45:15.0561 0x0d74 dot3svc - ok

07:45:15.0639 0x0d74 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys

07:45:15.0670 0x0d74 Dot4 - ok

07:45:15.0686 0x0d74 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] Dot4Print C:\Windows\system32\DRIVERS\Dot4Prt.sys

07:45:15.0701 0x0d74 Dot4Print - ok

07:45:15.0717 0x0d74 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys

07:45:15.0748 0x0d74 dot4usb - ok

07:45:15.0764 0x0d74 [ B26F4F737E8F9DF4F31AF6CF31D05820, 394BBBED4EC7FAD4110F62A43BFE0801D4AC56FFAC6C741C69407B26402311C7 ] DPS C:\Windows\system32\dps.dll

07:45:15.0810 0x0d74 DPS - ok

07:45:15.0826 0x0d74 [ 9B19F34400D24DF84C858A421C205754, 967AF267B4124BADA8F507CEBF25F2192D146A4D63BE71B45BFC03C5DA7F21A7 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys

07:45:15.0873 0x0d74 drmkaud - ok

07:45:15.0935 0x0d74 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys

07:45:15.0951 0x0d74 DXGKrnl - ok

07:45:15.0998 0x0d74 [ E2DDA8726DA9CB5B2C4000C9018A9633, 0C967DBC3636A76A696997192A158AA92A1AF19F01E3C66D5BF91818A8FAEA76 ] EapHost C:\Windows\System32\eapsvc.dll

07:45:16.0044 0x0d74 EapHost - ok

07:45:16.0138 0x0d74 [ DC5D737F51BE844D8C82C695EB17372F, 6D4022D9A46EDE89CEF0FAEADCC94C903234DFC460C0180D24FF9E38E8853017 ] ebdrv C:\Windows\system32\drivers\evbda.sys

07:45:16.0263 0x0d74 ebdrv - ok

07:45:16.0310 0x0d74 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] EFS C:\Windows\System32\lsass.exe

07:45:16.0356 0x0d74 EFS - ok

07:45:16.0434 0x0d74 [ C4002B6B41975F057D98C439030CEA07, 3D2484FBB832EFB90504DD406ED1CF3065139B1FE1646471811F3A5679EF75F1 ] ehRecvr C:\Windows\ehome\ehRecvr.exe

07:45:16.0481 0x0d74 ehRecvr - ok

07:45:16.0497 0x0d74 [ 4705E8EF9934482C5BB488CE28AFC681, 359E9EC5693CE0BE89082E1D5D8F5C5439A5B985010FF0CB45C11E3CFE30637D ] ehSched C:\Windows\ehome\ehsched.exe

07:45:16.0512 0x0d74 ehSched - ok

07:45:16.0559 0x0d74 [ 0E5DA5369A0FCAEA12456DD852545184, 9A64AC5396F978C3B92794EDCE84DCA938E4662868250F8C18FA7C2C172233F8 ] elxstor C:\Windows\system32\drivers\elxstor.sys

07:45:16.0590 0x0d74 elxstor - ok

07:45:16.0684 0x0d74 [ 757305C7AD34222F4A46D86FE0BEE241, 94540DC1EA19821EACC796EF4FE247005B02E417B30E91383D1260E9D9A8B747 ] EpsonCustomerParticipation C:\Program Files\EPSON\EpsonCustomerParticipation\EPCP.exe

07:45:16.0715 0x0d74 EpsonCustomerParticipation - ok

07:45:16.0778 0x0d74 [ DFEB7EE15BA8BA03E722C375F7E6A379, 6B73561E91D699576FD28AE36FB194443E3807C3696B435224B9D60808803344 ] EPSON_PM_RPCV4_05 C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_WT50RP.EXE

07:45:16.0793 0x0d74 EPSON_PM_RPCV4_05 - ok

07:45:16.0809 0x0d74 [ 34A3C54752046E79A126E15C51DB409B, 7D5B5E150C7C73666F99CBAFF759029716C86F16B927E0078D77F8A696616D75 ] ErrDev C:\Windows\system32\drivers\errdev.sys

07:45:16.0840 0x0d74 ErrDev - ok

07:45:16.0902 0x0d74 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] EventSystem C:\Windows\system32\es.dll

07:45:16.0949 0x0d74 EventSystem - ok

07:45:16.0996 0x0d74 [ A510C654EC00C1E9BDD91EEB3A59823B, 76CD277730F7B08D375770CD373D786160F34D1481AF0536BA1A5D2727E255F5 ] exfat C:\Windows\system32\drivers\exfat.sys

07:45:17.0027 0x0d74 exfat - ok

07:45:17.0043 0x0d74 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] fastfat C:\Windows\system32\drivers\fastfat.sys

07:45:17.0090 0x0d74 fastfat - ok

07:45:17.0152 0x0d74 [ DBEFD454F8318A0EF691FDD2EAAB44EB, 7F52AE222FF28503B6FC4A5852BD0CAEAF187BE69AF4B577D3DE474C24366099 ] Fax C:\Windows\system32\fxssvc.exe

07:45:17.0199 0x0d74 Fax - ok

07:45:17.0214 0x0d74 [ D765D19CD8EF61F650C384F62FAC00AB, 9F0A483A043D3BA873232AD3BA5F7BF9173832550A27AF3E8BD433905BD2A0EE ] fdc C:\Windows\system32\drivers\fdc.sys

07:45:17.0246 0x0d74 fdc - ok

07:45:17.0277 0x0d74 [ 0438CAB2E03F4FB61455A7956026FE86, 6D4DDC2973DB25CE0C7646BC85EFBCC004EBE35EA683F62162AE317C6F1D8DFE ] fdPHost C:\Windows\system32\fdPHost.dll

07:45:17.0339 0x0d74 fdPHost - ok

07:45:17.0355 0x0d74 [ 802496CB59A30349F9A6DD22D6947644, 52D59D3D628D5661F83F090F33F744F6916E0CC1F76E5A33983E06EB66AE19F8 ] FDResPub C:\Windows\system32\fdrespub.dll

07:45:17.0402 0x0d74 FDResPub - ok

07:45:17.0417 0x0d74 [ 655661BE46B5F5F3FD454E2C3095B930, 549C8E2A2A37757E560D55FFA6BFDD838205F17E40561E67F0124C934272CD1A ] FileInfo C:\Windows\system32\drivers\fileinfo.sys

07:45:17.0433 0x0d74 FileInfo - ok

07:45:17.0448 0x0d74 [ 5F671AB5BC87EEA04EC38A6CD5962A47, 6B61D3363FF3F9C439BD51102C284972EAE96ACC0683B9DC7E12D25D0ADC51B6 ] Filetrace C:\Windows\system32\drivers\filetrace.sys

07:45:17.0495 0x0d74 Filetrace - ok

07:45:17.0636 0x0d74 [ 2EEF003D6E8C32F171C9ECC3BBE208DC, 027DEDCFC56E06FA8D2D9961E82D94A94BDD6BE443364BDB92C8AE4080BA5FBE ] Fitbit Connect C:\Program Files (x86)\Fitbit Connect\FitbitConnectService.exe

07:45:17.0667 0x0d74 Fitbit Connect - ok

07:45:17.0682 0x0d74 [ C172A0F53008EAEB8EA33FE10E177AF5, 9175A95B323696D1B35C9EFEB7790DD64E6EE0B7021E6C18E2F81009B169D77B ] flpydisk C:\Windows\system32\drivers\flpydisk.sys

07:45:17.0682 0x0d74 flpydisk - ok

07:45:17.0714 0x0d74 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys

07:45:17.0729 0x0d74 FltMgr - ok

07:45:17.0760 0x0d74 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] FontCache C:\Windows\system32\FntCache.dll

07:45:17.0807 0x0d74 FontCache - ok

07:45:17.0838 0x0d74 [ A8B7F3818AB65695E3A0BB3279F6DCE6, 89FCF10F599767E67A1E011753E34DA44EAA311F105DBF69549009ED932A60F0 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe

07:45:17.0870 0x0d74 FontCache3.0.0.0 - ok

07:45:17.0885 0x0d74 [ D43703496149971890703B4B1B723EAC, F06397B2EDCA61629249D2EF1CBB7827A8BEAB8488246BD85EF6AE1363C0DA6E ] FsDepends C:\Windows\system32\drivers\FsDepends.sys

07:45:17.0885 0x0d74 FsDepends - ok

07:45:17.0916 0x0d74 [ 6BD9295CC032DD3077C671FCCF579A7B, 83622FBB0CB923798E7E584BF53CAAF75B8C016E3FF7F0FA35880FF34D1DFE33 ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys

07:45:17.0932 0x0d74 Fs_Rec - ok

07:45:17.0948 0x0d74 [ 8F6322049018354F45F05A2FD2D4E5E0, 73BF0FB4EBD7887E992DDEBB79E906958D6678F8D1107E8C368F5A0514D80359 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys

07:45:17.0963 0x0d74 fvevol - ok

07:45:17.0979 0x0d74 [ 8C778D335C9D272CFD3298AB02ABE3B6, 85F0B13926B0F693FA9E70AA58DE47100E4B6F893772EBE4300C37D9A36E6005 ] gagp30kx C:\Windows\system32\drivers\gagp30kx.sys

07:45:18.0010 0x0d74 gagp30kx - ok

07:45:18.0072 0x0d74 [ C403C5DB49A0F9AAF4F2128EDC0106D8, 3C6948B63278022D8182F773C5FA15784514F76C1546118DDBADBA322B962D12 ] GamesAppService C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe

07:45:18.0088 0x0d74 GamesAppService - ok

07:45:18.0166 0x0d74 [ E99CF7AD8704278B7C8A8FB84BE4B3B6, F269C385513903385FDADC0E57325234062CF790484ADEFF206B20DEAFC69952 ] Garmin Core Update Service C:\Program Files (x86)\Garmin\Core Update Service\Garmin.Cartography.MapUpdate.CoreService.exe

07:45:18.0197 0x0d74 Garmin Core Update Service - ok

07:45:18.0228 0x0d74 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys

07:45:18.0228 0x0d74 GEARAspiWDM - ok

07:45:18.0260 0x0d74 [ C6B9F48D46C13389EA2AF2065AE66612, BFB2CFF1B9BFE55E027F01C3714DF9BF8E0C5CFD0EF0BF6B8DA029D98C1288D7 ] GoToAssist C:\Program Files (x86)\Citrix\GoToAssist\896\g2aservice.exe

07:45:18.0275 0x0d74 GoToAssist - ok

07:45:18.0306 0x0d74 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] gpsvc C:\Windows\System32\gpsvc.dll

07:45:18.0338 0x0d74 gpsvc - ok

07:45:18.0431 0x0d74 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

07:45:18.0447 0x0d74 gupdate - ok

07:45:18.0478 0x0d74 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

07:45:18.0478 0x0d74 gupdatem - ok

07:45:18.0494 0x0d74 [ F2523EF6460FC42405B12248338AB2F0, B2F3DE8DE1F512D871BC2BC2E8D0E33AB03335BFBC07627C5F88B65024928E19 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys

07:45:18.0525 0x0d74 hcw85cir - ok

07:45:18.0556 0x0d74 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] HDAudBus C:\Windows\system32\DRIVERS\HDAudBus.sys

07:45:18.0587 0x0d74 HDAudBus - ok

07:45:18.0603 0x0d74 [ 78E86380454A7B10A5EB255DC44A355F, 11F3ED7ACFFA3024B9BD504F81AC39F5B4CED5A8A425E8BADF7132EFEDB9BD64 ] HidBatt C:\Windows\system32\drivers\HidBatt.sys

07:45:18.0634 0x0d74 HidBatt - ok

07:45:18.0650 0x0d74 [ 7FD2A313F7AFE5C4DAB14798C48DD104, 94CBFD4506CBDE4162CEB3367BAB042D19ACA6785954DC0B554D4164B9FCD0D4 ] HidBth C:\Windows\system32\drivers\hidbth.sys

07:45:18.0681 0x0d74 HidBth - ok

07:45:18.0712 0x0d74 [ 0A77D29F311B88CFAE3B13F9C1A73825, 8615DC6CEFB591505CE16E054A71A4F371B827DDFD5E980777AB4233DCFDA01D ] HidIr C:\Windows\system32\drivers\hidir.sys

07:45:18.0743 0x0d74 HidIr - ok

07:45:18.0743 0x0d74 [ BD9EB3958F213F96B97B1D897DEE006D, 4D01CBF898B528B3A4E5A683DF2177300AFABD7D4CB51F1A7891B1B545499631 ] hidserv C:\Windows\System32\hidserv.dll

07:45:18.0806 0x0d74 hidserv - ok

07:45:18.0837 0x0d74 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys

07:45:18.0884 0x0d74 HidUsb - ok

07:45:18.0946 0x0d74 [ 29F981739E50305128022CBE10B3659C, 25060937145B0DCA8CD088E78993BFEF1430CDDFF433E606AFC93993CBBF4B3E ] HipShieldK C:\Windows\system32\drivers\HipShieldK.sys

07:45:18.0977 0x0d74 HipShieldK - ok

07:45:18.0993 0x0d74 [ 387E72E739E15E3D37907A86D9FF98E2, 9935BE2E58788E79328293AF2F202CB0F6042441B176F75ACC5AEA93C8E05531 ] hkmsvc C:\Windows\system32\kmsvc.dll

07:45:19.0055 0x0d74 hkmsvc - ok

07:45:19.0071 0x0d74 [ EFDFB3DD38A4376F93E7985173813ABD, 70402FA73A5A2A8BB557AAC8F531E373077D28DE5F40A1F3F14B940BE01CD2E1 ] HomeGroupListener C:\Windows\system32\ListSvc.dll

07:45:19.0102 0x0d74 HomeGroupListener - ok

07:45:19.0149 0x0d74 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] HomeGroupProvider C:\Windows\system32\provsvc.dll

07:45:19.0180 0x0d74 HomeGroupProvider - ok

07:45:19.0258 0x0d74 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] HomeNetSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

07:45:19.0289 0x0d74 HomeNetSvc - ok

07:45:19.0305 0x0d74 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC, E9E6A1665740CFBC2DD321010007EF42ABA2102AEB9772EE8AA3354664B1E205 ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys

07:45:19.0320 0x0d74 HpSAMD - ok

07:45:19.0383 0x0d74 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] HTTP C:\Windows\system32\drivers\HTTP.sys

07:45:19.0430 0x0d74 HTTP - ok

07:45:19.0445 0x0d74 [ A5462BD6884960C9DC85ED49D34FF392, 53E65841AF5B06A2844D0BB6FC4DD3923A323FFA0E4BFC89B3B5CAFB592A3D53 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys

07:45:19.0461 0x0d74 hwpolicy - ok

07:45:19.0508 0x0d74 [ FA55C73D4AFFA7EE23AC4BE53B4592D3, 65CDDC62B89A60E942C5642C9D8B539EFB69DA8069B4A2E54978154B314531CD ] i8042prt C:\Windows\system32\drivers\i8042prt.sys

07:45:19.0523 0x0d74 i8042prt - ok

07:45:19.0570 0x0d74 [ AAAF44DB3BD0B9D1FB6969B23ECC8366, 805AA4A9464002D1AB3832E4106B2AAA1331F4281367E75956062AAE99699385 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys

07:45:19.0601 0x0d74 iaStorV - ok

07:45:19.0679 0x0d74 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD, 2B9512324DBA4A97F6AC34E8067EE08E3B6874CD60F6CB4209AFC22A34D2BE99 ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe

07:45:19.0695 0x0d74 idsvc - ok

07:45:19.0726 0x0d74 IEEtwCollectorService - ok

07:45:19.0882 0x0d74 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] igfx C:\Windows\system32\DRIVERS\igdkmd64.sys

07:45:20.0038 0x0d74 igfx - ok

07:45:20.0069 0x0d74 [ 5C18831C61933628F5BB0EA2675B9D21, 5CD9DE2F8C0256623A417B5C55BF55BB2562BD7AB2C3C83BB3D9886C2FBDA4E4 ] iirsp C:\Windows\system32\drivers\iirsp.sys

07:45:20.0085 0x0d74 iirsp - ok

07:45:20.0132 0x0d74 [ 344789398EC3EE5A4E00C52B31847946, 3DA5F08E4B46F4E63456AA588D49E39A6A09A97D0509880C00F327623DB6122D ] IKEEXT C:\Windows\System32\ikeext.dll

07:45:20.0194 0x0d74 IKEEXT - ok

07:45:20.0225 0x0d74 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] IntcDAud C:\Windows\system32\DRIVERS\IntcDAud.sys

07:45:20.0241 0x0d74 IntcDAud - ok

07:45:20.0256 0x0d74 [ F00F20E70C6EC3AA366910083A0518AA, E2F3E9FFD82C802C8BAC309893A3664ACF16A279959C0FDECCA64C3D3C60FD22 ] intelide C:\Windows\system32\drivers\intelide.sys

07:45:20.0272 0x0d74 intelide - ok

07:45:20.0288 0x0d74 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys

07:45:20.0319 0x0d74 intelppm - ok

07:45:20.0412 0x0d74 [ D9DA7B3117BF5EFF921C0CDED4D58050, D51A2AFC0E310C5A0EE1540A9E6353F5F7C9E76711187FAD91EEB0B3254EE935 ] IntuitUpdateServiceV4 C:\Program Files (x86)\Common Files\Intuit\Update Service v4\IntuitUpdateService.exe

07:45:20.0428 0x0d74 IntuitUpdateServiceV4 - ok

07:45:20.0490 0x0d74 [ 098A91C54546A3B878DAD6A7E90A455B, 044CCE2A0DF56EBE1EFD99B4F6F0A5B9EE12498CA358CF4B2E3A1CFD872823AA ] IPBusEnum C:\Windows\system32\ipbusenum.dll

07:45:20.0553 0x0d74 IPBusEnum - ok

07:45:20.0568 0x0d74 [ C9F0E1BD74365A8771590E9008D22AB6, 728BC5A6AAE499FDC50EB01577AF16D83C2A9F3B09936DD2A89C01E074BA8E51 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys

07:45:20.0584 0x0d74 IpFilterDriver - ok

07:45:20.0631 0x0d74 [ 08C2957BB30058E663720C5606885653, E13EDF6701512E2A9977A531454932CA5023087CB50E1D2F416B8BCDD92B67BE ] iphlpsvc C:\Windows\System32\iphlpsvc.dll

07:45:20.0693 0x0d74 iphlpsvc - ok

07:45:20.0709 0x0d74 [ 0FC1AEA580957AA8817B8F305D18CA3A, 7161E4DE91AAFC3FA8BF24FAE4636390C2627DB931505247C0D52C75A31473D9 ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys

07:45:20.0740 0x0d74 IPMIDRV - ok

07:45:20.0771 0x0d74 [ AF9B39A7E7B6CAA203B3862582E9F2D0, 67128BE7EADBE6BD0205B050F96E268948E8660C4BAB259FB0BE03935153D04E ] IPNAT C:\Windows\system32\drivers\ipnat.sys

07:45:20.0818 0x0d74 IPNAT - ok

07:45:20.0880 0x0d74 [ B6E8B931EFEF4112C6A401931627DC6B, 89A0745360928F7DD0A522FF5FBFEED4FC831F37D6CF88D5E66FA91FD6F0A1DF ] iPod Service C:\Program Files\iPod\bin\iPodService.exe

07:45:20.0912 0x0d74 iPod Service - ok

07:45:20.0927 0x0d74 [ 3ABF5E7213EB28966D55D58B515D5CE9, A352BCC5B6B9A28805B15CAFB235676F1FAFF0D2394F88C03089EB157D6188AE ] IRENUM C:\Windows\system32\drivers\irenum.sys

07:45:20.0943 0x0d74 IRENUM - ok

07:45:20.0958 0x0d74 [ 2F7B28DC3E1183E5EB418DF55C204F38, D40410A760965925D6F10959B2043F7BD4F68EAFCF5E743AF11AD860BD136548 ] isapnp C:\Windows\system32\drivers\isapnp.sys

07:45:20.0974 0x0d74 isapnp - ok

07:45:20.0990 0x0d74 [ D931D7309DEB2317035B07C9F9E6B0BD, 13AD84172ED8C6153F8A98499C01733B74E48464CE07D099508E38D409913ED3 ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys

07:45:21.0005 0x0d74 iScsiPrt - ok

07:45:21.0021 0x0d74 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys

07:45:21.0036 0x0d74 kbdclass - ok

07:45:21.0052 0x0d74 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys

07:45:21.0083 0x0d74 kbdhid - ok

07:45:21.0099 0x0d74 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] KeyIso C:\Windows\system32\lsass.exe

07:45:21.0130 0x0d74 KeyIso - ok

07:45:21.0161 0x0d74 [ 8F489706472F7E9A06BAAA198703FA64, F020406690FB38EABD82D63B91D33039CC93ED52A5497AE12BAF475F22D0B08A ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys

07:45:21.0177 0x0d74 KSecDD - ok

07:45:21.0208 0x0d74 [ 868A2CAAB12EFC7A021682BCA0EEC54C, 12C4925B5B3D6EA7B6410C01F33158C6EAB50CBD6AF445F8B04ED9899720C2DD ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys

07:45:21.0224 0x0d74 KSecPkg - ok

07:45:21.0255 0x0d74 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] ksthunk C:\Windows\system32\drivers\ksthunk.sys

07:45:21.0302 0x0d74 ksthunk - ok

07:45:21.0333 0x0d74 [ 6AB66E16AA859232F64DEB66887A8C9C, 5F2B579BEA8098A2994B0DECECDAE7B396E7B5DC5F09645737B9F28BEEA77FFF ] KtmRm C:\Windows\system32\msdtckrm.dll

07:45:21.0395 0x0d74 KtmRm - ok

07:45:21.0426 0x0d74 [ D9F42719019740BAA6D1C6D536CBDAA6, 8757599D0AE5302C4CE50861BEBA3A8DD14D7B0DBD916FD5404133688CDFCC40 ] LanmanServer C:\Windows\System32\srvsvc.dll

07:45:21.0504 0x0d74 LanmanServer - ok

07:45:21.0520 0x0d74 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] LanmanWorkstation C:\Windows\System32\wkssvc.dll

07:45:21.0598 0x0d74 LanmanWorkstation - ok

07:45:21.0629 0x0d74 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys

07:45:21.0692 0x0d74 lltdio - ok

dpchristi · November 21, 2013

07:45:21.0707 0x0d74 [ C1185803384AB3FEED115F79F109427F, 0414FE73532DCAB17E906438A14711E928CECCD5F579255410C62984DD652700 ] lltdsvc C:\Windows\System32\lltdsvc.dll

07:45:21.0785 0x0d74 lltdsvc - ok

07:45:21.0801 0x0d74 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] lmhosts C:\Windows\System32\lmhsvc.dll

07:45:21.0863 0x0d74 lmhosts - ok

07:45:21.0894 0x0d74 [ 1A93E54EB0ECE102495A51266DCDB6A6, DB6AA86AA36C3A7988BE96E87B5D3251BE7617C54EE8F894D9DC2E267FE3255B ] LSI_FC C:\Windows\system32\drivers\lsi_fc.sys

07:45:21.0910 0x0d74 LSI_FC - ok

07:45:21.0926 0x0d74 [ 1047184A9FDC8BDBFF857175875EE810, F2251EDB7736A26D388A0C5CC2FE5FB9C5E109CBB1E3800993554CB21D81AE4B ] LSI_SAS C:\Windows\system32\drivers\lsi_sas.sys

07:45:21.0941 0x0d74 LSI_SAS - ok

07:45:21.0957 0x0d74 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93, 88D5740A4E9CC3FA80FA18035DAB441BDC5A039622D666BFDAA525CC9686BD06 ] LSI_SAS2 C:\Windows\system32\drivers\lsi_sas2.sys

07:45:21.0972 0x0d74 LSI_SAS2 - ok

07:45:21.0972 0x0d74 [ 0504EACAFF0D3C8AED161C4B0D369D4A, 4D272237C189646F5C80822FD3CBA7C2728E482E2DAAF7A09C8AEF811C89C54D ] LSI_SCSI C:\Windows\system32\drivers\lsi_scsi.sys

07:45:21.0988 0x0d74 LSI_SCSI - ok

07:45:22.0004 0x0d74 [ 43D0F98E1D56CCDDB0D5254CFF7B356E, 5BA498183B5C4996C694CB0A9A6B66CE6C7A460F6C91BEB9F305486FCC3B7B22 ] luafv C:\Windows\system32\drivers\luafv.sys

07:45:22.0050 0x0d74 luafv - ok

07:45:22.0097 0x0d74 [ F928E5E72BBA15DD0CE9A26E0413D236, D63EFA1408084F524464729C2F3BE16550E07ACE2BF8A00699A8438079AD381B ] McAfee SiteAdvisor Service C:\Program Files\Common Files\McAfee\McSvcHost\McSvHost.exe

07:45:22.0113 0x0d74 McAfee SiteAdvisor Service - ok

07:45:22.0175 0x0d74 [ 34FCA19FE407A7B9996DB5B4CCEC5C8C, B43AE1B6F9821BCC2CE0DD1D12F3716941487791237C7129CA9C961CBBFC1EEB ] McAPExe C:\Program Files\McAfee\MSC\McAPExe.exe

07:45:22.0191 0x0d74 McAPExe - ok

07:45:22.0206 0x0d74 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McMPFSvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

07:45:22.0222 0x0d74 McMPFSvc - ok

07:45:22.0238 0x0d74 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McNaiAnn C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

07:45:22.0253 0x0d74 McNaiAnn - ok

07:45:22.0316 0x0d74 [ 63D93A440E7AC015D85B9A3DA0C1BBAF, 849A13E91B041DEC2A47F5BE65ADBA6CAC8AF01675D0D8E13730724B54B4DD15 ] McODS C:\Program Files\McAfee\VirusScan\mcods.exe

07:45:22.0331 0x0d74 McODS - ok

07:45:22.0331 0x0d74 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] mcpltsvc C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

07:45:22.0347 0x0d74 mcpltsvc - ok

07:45:22.0394 0x0d74 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] McProxy C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

07:45:22.0409 0x0d74 McProxy - ok

07:45:22.0440 0x0d74 [ 0BE09CD858ABF9DF6ED259D57A1A1663, 2FD28889B93C8E801F74C1D0769673A461671E0189D0A22C94509E3F0EEB7428 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll

07:45:22.0456 0x0d74 Mcx2Svc - ok

07:45:22.0487 0x0d74 [ A55805F747C6EDB6A9080D7C633BD0F4, 2DA0E83BF3C8ADEF6F551B6CC1C0A3F6149CDBE6EC60413BA1767C4DE425A728 ] megasas C:\Windows\system32\drivers\megasas.sys

07:45:22.0503 0x0d74 megasas - ok

07:45:22.0518 0x0d74 [ BAF74CE0072480C3B6B7C13B2A94D6B3, 85CBB4949C090A904464F79713A3418338753D20D7FB811E68F287FDAC1DD834 ] MegaSR C:\Windows\system32\drivers\MegaSR.sys

07:45:22.0534 0x0d74 MegaSR - ok

07:45:22.0565 0x0d74 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] MEIx64 C:\Windows\system32\DRIVERS\HECIx64.sys

07:45:22.0581 0x0d74 MEIx64 - ok

07:45:22.0612 0x0d74 [ 3D7E3F388680F1F854599C73D8AAF535, A459C50A40CD16FFB3ADFA0D56DDB79895CCD25F96C53F64F494745D58C3DA06 ] mfeapfk C:\Windows\system32\drivers\mfeapfk.sys

07:45:22.0643 0x0d74 mfeapfk - ok

07:45:22.0674 0x0d74 [ 486D22007426F10779C6351D305E9E43, 4796A017092DBDBCC8E282B36F89219944321B5279C88E369C0CFFF8CDC97742 ] mfeavfk C:\Windows\system32\drivers\mfeavfk.sys

07:45:22.0690 0x0d74 mfeavfk - ok

07:45:22.0784 0x0d74 [ 8036004F016125C907FC9351141F95AA, 10DE20FCB2D33E25E443C10EED4551CBAE9C16CD6D08B69BF91868A2F27DAF53 ] mfecore C:\Program Files\Common Files\McAfee\AMCore\mcshield.exe

07:45:22.0815 0x0d74 mfecore - ok

07:45:22.0862 0x0d74 [ B4B4FAB730F3392E2F7FF0F7BD59CFF9, 99237F6ACA1968154CF2621FC8364A28351F045690939216BAA6C4CDB3889B9A ] mfefire C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe

07:45:22.0893 0x0d74 mfefire - ok

07:45:22.0908 0x0d74 [ DFDDC10E9666DBFDB8F2E827B7C2DCE4, 7CCE610BAE3C8BBA59A90B840782C0F9DFDC82AFABA9E9AB5F78C02F7CADB8FA ] mfefirek C:\Windows\system32\drivers\mfefirek.sys

07:45:22.0940 0x0d74 mfefirek - ok

07:45:22.0986 0x0d74 [ 514EC1C14BA51CE6B8F60AEFE390CA3E, 187E8539F4B97F0E1B9DF6717C80AD2A6C3C33210255DB927DE511991EC175DB ] mfehidk C:\Windows\system32\drivers\mfehidk.sys

07:45:23.0002 0x0d74 mfehidk - ok

07:45:23.0033 0x0d74 [ 73A92690FF5CFFE5A741912311AA1A6C, 52B6DACF023A704785D2F346F61D5896DF1E06C1ED37540741227333C4BE921A ] mfencbdc C:\Windows\system32\DRIVERS\mfencbdc.sys

07:45:23.0049 0x0d74 mfencbdc - ok

07:45:23.0080 0x0d74 [ CB987596EE0964958AFA677360B6174B, 2852B8DC0F160ED6B2EE310FEC1BB19B93D619688C25C6296F7214959996FA6B ] mfencrk C:\Windows\system32\DRIVERS\mfencrk.sys

07:45:23.0080 0x0d74 mfencrk - ok

07:45:23.0111 0x0d74 [ 9E18496715CF1BF8400DB120E69090E4, 3A24A7E5920FA7EC67FB078C23F7C403D74B7EDDA4817C6A55CAE1ADBC521BF1 ] mfevtp C:\Windows\system32\mfevtps.exe

07:45:23.0127 0x0d74 mfevtp - ok

07:45:23.0158 0x0d74 [ 4DC3D77F2BBC1EFFB08E8D25D7E6B4D6, 7F3A81FD0A45B67EC330EB1C611F0B36196A51E9209D02016CFE82BD267DA14A ] mfewfpk C:\Windows\system32\drivers\mfewfpk.sys

07:45:23.0174 0x0d74 mfewfpk - ok

07:45:23.0236 0x0d74 [ 123271BD5237AB991DC5C21FDF8835EB, 004F8F9228EE291A0E36CE33078D572D61733516F9AA5CFC832AF204C6869E89 ] Microsoft Office Groove Audit Service C:\Program Files (x86)\Microsoft Office\Office12\GrooveAuditService.exe

07:45:23.0252 0x0d74 Microsoft Office Groove Audit Service - ok

07:45:23.0298 0x0d74 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] MMCSS C:\Windows\system32\mmcss.dll

07:45:23.0361 0x0d74 MMCSS - ok

07:45:23.0392 0x0d74 [ 800BA92F7010378B09F9ED9270F07137, 94F9AF9E1BE80AE6AC39A2A74EF9FAB115DCAACC011D07DFA8D6A1DDC8A93342 ] Modem C:\Windows\system32\drivers\modem.sys

07:45:23.0454 0x0d74 Modem - ok

07:45:23.0470 0x0d74 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] monitor C:\Windows\system32\DRIVERS\monitor.sys

07:45:23.0501 0x0d74 monitor - ok

07:45:23.0532 0x0d74 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys

07:45:23.0548 0x0d74 mouclass - ok

07:45:23.0564 0x0d74 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys

07:45:23.0595 0x0d74 mouhid - ok

07:45:23.0626 0x0d74 [ 32E7A3D591D671A6DF2DB515A5CBE0FA, 47CED0B9067AE8BF5EEF60B17ADEE5906BEDCC56E4CB460B7BFBC12BB9A69E63 ] mountmgr C:\Windows\system32\drivers\mountmgr.sys

07:45:23.0642 0x0d74 mountmgr - ok

07:45:23.0704 0x0d74 [ A35576A433F4AEB0D48976A004657CB6, F820A759119785C3FB10B0EDCF8EF9985886A9B0767ABD45B2ACAC03498B321E ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe

07:45:23.0720 0x0d74 MozillaMaintenance - ok

07:45:23.0735 0x0d74 [ A44B420D30BD56E145D6A2BC8768EC58, B1E4DCA5A1008FA7A0492DC091FB2B820406AE13FD3D44F124E89B1037AF09B8 ] mpio C:\Windows\system32\drivers\mpio.sys

07:45:23.0751 0x0d74 mpio - ok

07:45:23.0766 0x0d74 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys

07:45:23.0798 0x0d74 mpsdrv - ok

07:45:23.0829 0x0d74 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] MpsSvc C:\Windows\system32\mpssvc.dll

07:45:23.0876 0x0d74 MpsSvc - ok

07:45:23.0891 0x0d74 [ 1A4F75E63C9FB84B85DFFC6B63FD5404, 01AFA6DBB4CDE55FE4EA05BBE8F753A4266F8D072EA1EE01DB79F5126780C21F ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys

07:45:23.0938 0x0d74 MRxDAV - ok

07:45:23.0954 0x0d74 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys

07:45:24.0000 0x0d74 mrxsmb - ok

07:45:24.0047 0x0d74 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys

07:45:24.0063 0x0d74 mrxsmb10 - ok

07:45:24.0078 0x0d74 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys

07:45:24.0094 0x0d74 mrxsmb20 - ok

07:45:24.0125 0x0d74 [ C25F0BAFA182CBCA2DD3C851C2E75796, 643E158A0948DF331807AEAA391F23960362E46C0A0CF6D22A99020EAE7B10F8 ] msahci C:\Windows\system32\drivers\msahci.sys

07:45:24.0141 0x0d74 msahci - ok

07:45:24.0156 0x0d74 [ DB801A638D011B9633829EB6F663C900, B34FD33A215ACCF2905F4B7D061686CDB1CB9C652147AF56AE14686C1F6E3C74 ] msdsm C:\Windows\system32\drivers\msdsm.sys

07:45:24.0172 0x0d74 msdsm - ok

07:45:24.0188 0x0d74 [ DE0ECE52236CFA3ED2DBFC03F28253A8, 2FBBEC4CACB5161F68D7C2935852A5888945CA0F107CF8A1C01F4528CE407DE3 ] MSDTC C:\Windows\System32\msdtc.exe

07:45:24.0203 0x0d74 MSDTC - ok

07:45:24.0234 0x0d74 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] Msfs C:\Windows\system32\drivers\Msfs.sys

07:45:24.0266 0x0d74 Msfs - ok

07:45:24.0281 0x0d74 [ F9D215A46A8B9753F61767FA72A20326, 6F76642B45E0A7EF6BCAB8B37D55CCE2EAA310ED07B76D43FCB88987C2174141 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys

07:45:24.0328 0x0d74 mshidkmdf - ok

07:45:24.0359 0x0d74 [ D916874BBD4F8B07BFB7FA9B3CCAE29D, B229DA150713DEDBC4F05386C9D9DC3BC095A74F44F3081E88311AB73BC992A1 ] msisadrv C:\Windows\system32\drivers\msisadrv.sys

07:45:24.0359 0x0d74 msisadrv - ok

07:45:24.0375 0x0d74 [ 808E98FF49B155C522E6400953177B08, F873F5BFF0984C5165DF67E92874D3F6EB8D86F9B5AD17013A0091CA33A1A3D5 ] MSiSCSI C:\Windows\system32\iscsiexe.dll

07:45:24.0406 0x0d74 MSiSCSI - ok

07:45:24.0422 0x0d74 msiserver - ok

07:45:24.0453 0x0d74 [ FB11715EEB23D0999C2295177EBBA5C0, 533754A3591B5852253C793CE08ADA6CAD0545E3A11F42430EFA9D959B6BF4F7 ] MSK80Service C:\Program Files\Common Files\McAfee\Platform\McSvcHost\McSvHost.exe

07:45:24.0484 0x0d74 MSK80Service - ok

07:45:24.0500 0x0d74 [ 49CCF2C4FEA34FFAD8B1B59D49439366, E5752EA57C7BDAD5F53E3BC441A415E909AC602CAE56234684FB8789A20396C7 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys

07:45:24.0546 0x0d74 MSKSSRV - ok

07:45:24.0562 0x0d74 [ BDD71ACE35A232104DDD349EE70E1AB3, 27464A66868513BE6A01B75D7FC5B0D6B71842E4E20CE3F76B15C071A0618BBB ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys

07:45:24.0593 0x0d74 MSPCLOCK - ok

07:45:24.0593 0x0d74 [ 4ED981241DB27C3383D72092B618A1D0, E12F121E641249DB3491141851B59E1496F4413EDF58E863388F1C229838DFCC ] MSPQM C:\Windows\system32\drivers\MSPQM.sys

07:45:24.0656 0x0d74 MSPQM - ok

07:45:24.0687 0x0d74 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D, 64E3BC613EC4872B1B344CBF71EE15BE195592E3244C1EE099C6F8B95A40F133 ] MsRPC C:\Windows\system32\drivers\MsRPC.sys

07:45:24.0702 0x0d74 MsRPC - ok

07:45:24.0702 0x0d74 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] mssmbios C:\Windows\system32\DRIVERS\mssmbios.sys

07:45:24.0718 0x0d74 mssmbios - ok

07:45:24.0734 0x0d74 [ 2E66F9ECB30B4221A318C92AC2250779, DF175E1AB6962303E57F26DAE5C5C1E40B8640333F3E352A64F6A5F1301586CD ] MSTEE C:\Windows\system32\drivers\MSTEE.sys

07:45:24.0765 0x0d74 MSTEE - ok

07:45:24.0780 0x0d74 [ 7EA404308934E675BFFDE8EDF0757BCD, 306CD02D89CFCFE576242360ED5F9EEEDCAFC43CD43B7D2977AE960F9AEC3232 ] MTConfig C:\Windows\system32\drivers\MTConfig.sys

07:45:24.0796 0x0d74 MTConfig - ok

07:45:24.0812 0x0d74 [ F9A18612FD3526FE473C1BDA678D61C8, 32F7975B5BAA447917F832D9E3499B4B6D3E90D73F478375D0B70B36C524693A ] Mup C:\Windows\system32\Drivers\mup.sys

07:45:24.0827 0x0d74 Mup - ok

07:45:24.0843 0x0d74 [ 582AC6D9873E31DFA28A4547270862DD, BD540499F74E8F59A020D935D18E36A3A97C1A6EC59C8208436469A31B16B260 ] napagent C:\Windows\system32\qagentRT.dll

07:45:24.0890 0x0d74 napagent - ok

07:45:24.0936 0x0d74 [ 1EA3749C4114DB3E3161156FFFFA6B33, 54C2E77BCE1037711A11313AC25B8706109098C10A31AA03AEB7A185E97800D7 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys

07:45:24.0968 0x0d74 NativeWifiP - ok

07:45:25.0030 0x0d74 [ 760E38053BF56E501D562B70AD796B88, F856E81A975D44F8684A6F2466549CEEDFAEB3950191698555A93A1206E0A42D ] NDIS C:\Windows\system32\drivers\ndis.sys

07:45:25.0061 0x0d74 NDIS - ok

07:45:25.0077 0x0d74 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC, D7E5446E83909AE25506BB98FBDD878A529C87963E3C1125C4ABAB25823572BC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys

07:45:25.0108 0x0d74 NdisCap - ok

07:45:25.0124 0x0d74 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys

07:45:25.0170 0x0d74 NdisTapi - ok

07:45:25.0186 0x0d74 [ 136185F9FB2CC61E573E676AA5402356, BA3AD0A33416DA913B4242C6BE8C3E5812AD2B20BA6C11DD3094F2E8EB56E683 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys

07:45:25.0217 0x0d74 Ndisuio - ok

07:45:25.0233 0x0d74 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys

07:45:25.0295 0x0d74 NdisWan - ok

07:45:25.0311 0x0d74 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys

07:45:25.0342 0x0d74 NDProxy - ok

07:45:25.0373 0x0d74 [ 6F4607E2333FE21E9E3FF8133A88B35B, F7B7B262D85D03552A8D0F3F91E795B31E3D09020DDA1E3D62A4A3209D916BB6 ] Netaapl C:\Windows\system32\DRIVERS\netaapl64.sys

07:45:25.0389 0x0d74 Netaapl - detected UnsignedFile.Multi.Generic ( 1 )

07:45:37.0214 0x0d74 Netaapl ( UnsignedFile.Multi.Generic ) - warning

07:45:57.0260 0x0d74 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys

07:45:57.0306 0x0d74 NetBIOS - ok

07:45:57.0322 0x0d74 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys

07:45:57.0353 0x0d74 NetBT - ok

07:45:57.0369 0x0d74 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] Netlogon C:\Windows\system32\lsass.exe

07:45:57.0384 0x0d74 Netlogon - ok

07:45:57.0416 0x0d74 [ 847D3AE376C0817161A14A82C8922A9E, 37AE692B3481323134125EF58F2C3CBC20177371AF2F5874F53DD32A827CB936 ] Netman C:\Windows\System32\netman.dll

07:45:57.0462 0x0d74 Netman - ok

07:45:57.0540 0x0d74 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetMsmqActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

07:45:57.0556 0x0d74 NetMsmqActivator - ok

07:45:57.0572 0x0d74 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetPipeActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

07:45:57.0572 0x0d74 NetPipeActivator - ok

07:45:57.0603 0x0d74 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] netprofm C:\Windows\System32\netprofm.dll

07:45:57.0650 0x0d74 netprofm - ok

07:45:57.0650 0x0d74 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpActivator C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

07:45:57.0665 0x0d74 NetTcpActivator - ok

07:45:57.0665 0x0d74 [ D22CD77D4F0D63D1169BB35911BFF12D, 85B1FDFA02E1B8EA4FCB9B7EEB687C5C448697FC7EC9D178C5A2F64D2C9CFEE8 ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe

07:45:57.0681 0x0d74 NetTcpPortSharing - ok

07:45:57.0696 0x0d74 [ 73CE12B8BDD747B0063CB0A7EF44CEA7, F570BB52BE460DBA6203698CC96FFD9674E1903D0E0F5C49375BE3F8D8E89582 ] netvsc C:\Windows\system32\DRIVERS\netvsc60.sys

07:45:57.0712 0x0d74 netvsc - ok

07:45:57.0743 0x0d74 [ 77889813BE4D166CDAB78DDBA990DA92, 2EF531AE502B943632EEC66A309A8BFCDD36120A5E1473F4AAF3C2393AD0E6A3 ] nfrd960 C:\Windows\system32\drivers\nfrd960.sys

07:45:57.0759 0x0d74 nfrd960 - ok

07:45:57.0852 0x0d74 [ E56F0A508571CFAA2896BD2F93966337, 9FA1D7968EF056EA761CF8CDDCA38EAB0C4E285BC1407E77E69DAD863A1B76E1 ] NitroReaderDriverReadSpool3 C:\Program Files\Common Files\Nitro\Reader\3.0\NitroPDFReaderDriverService3x64.exe

07:45:57.0868 0x0d74 NitroReaderDriverReadSpool3 - ok

07:45:57.0884 0x0d74 [ 8AD77806D336673F270DB31645267293, E23F324913554A23CD043DD27D4305AF62F48C0561A0FC7B7811E55B74B1BE79 ] NlaSvc C:\Windows\System32\nlasvc.dll

07:45:57.0915 0x0d74 NlaSvc - ok

07:45:57.0993 0x0d74 [ 433049770B810D7C83C5C94CDB3E09D2, C629831E34C0FE873A6B4887DBB4C50A4CFA1E86A8B27A8A3F1A3407DE21A27F ] NMIndexingService C:\Program Files (x86)\Common Files\Ahead\Lib\NMIndexingService.exe

07:45:59.0522 0x0d74 NMIndexingService - ok

07:45:59.0537 0x0d74 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] Npfs C:\Windows\system32\drivers\Npfs.sys

07:45:59.0568 0x0d74 Npfs - ok

07:45:59.0662 0x0d74 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] nsi C:\Windows\system32\nsisvc.dll

07:45:59.0756 0x0d74 nsi - ok

07:45:59.0787 0x0d74 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys

07:45:59.0849 0x0d74 nsiproxy - ok

07:46:00.0114 0x0d74 [ B98F8C6E31CD07B2E6F71F7F648E38C0, 2FEA100B80680FBBF644CB6763738804155DF1E94A6542CAE2B2786D770D554E ] Ntfs C:\Windows\system32\drivers\Ntfs.sys

07:46:00.0192 0x0d74 Ntfs - ok

07:46:00.0208 0x0d74 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] Null C:\Windows\system32\drivers\Null.sys

07:46:00.0224 0x0d74 Null - ok

07:46:00.0302 0x0d74 [ 0A92CB65770442ED0DC44834632F66AD, 581327F07A68DBD5CC749214BE5F1211FC2CE41C7A4F0656B680AFB51A35ACE7 ] nvraid C:\Windows\system32\drivers\nvraid.sys

07:46:00.0317 0x0d74 nvraid - ok

07:46:00.0380 0x0d74 [ DAB0E87525C10052BF65F06152F37E4A, AD9BFF0D5FD3FFB95C758B478E1F6A9FE45E7B37AEC71EB5070D292FEAAEDF37 ] nvstor C:\Windows\system32\drivers\nvstor.sys

07:46:00.0426 0x0d74 nvstor - ok

07:46:00.0458 0x0d74 [ 270D7CD42D6E3979F6DD0146650F0E05, 752489E54C9004EDCBE1F1F208FFD864DA5C83E59A2DDE6B3E0D63ECA996F76F ] nv_agp C:\Windows\system32\drivers\nv_agp.sys

07:46:00.0489 0x0d74 nv_agp - ok

07:46:00.0723 0x0d74 [ 785F487A64950F3CB8E9F16253BA3B7B, 02445344BD214370A6D48B1CA04921D8EFCB13E676B5648266DD0E076C0822B6 ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE

07:46:00.0785 0x0d74 odserv - ok

07:46:00.0816 0x0d74 [ 3589478E4B22CE21B41FA1BFC0B8B8A0, AD2469FC753FE552CB809FF405A9AB23E7561292FE89117E3B3B62057EFF0203 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys

07:46:00.0863 0x0d74 ohci1394 - ok

07:46:00.0957 0x0d74 [ 5A432A042DAE460ABE7199B758E8606C, 6E5D1F477D290905BE27CEBF9572BAC6B05FFEF2FAD901D3C8E11F665F8B9A71 ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE

07:46:00.0988 0x0d74 ose - ok

07:46:01.0066 0x0d74 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] p2pimsvc C:\Windows\system32\pnrpsvc.dll

07:46:01.0128 0x0d74 p2pimsvc - ok

07:46:01.0175 0x0d74 [ 927463ECB02179F88E4B9A17568C63C3, FEFD3447692C277D59EEC7BF218552C8BB6B8C98C26E973675549628408B94CE ] p2psvc C:\Windows\system32\p2psvc.dll

07:46:01.0191 0x0d74 p2psvc - ok

07:46:01.0238 0x0d74 [ 0086431C29C35BE1DBC43F52CC273887, 0D116D49EF9ABB57DA005764F25E692622210627FC2048F06A989B12FA8D0A80 ] Parport C:\Windows\system32\drivers\parport.sys

07:46:01.0253 0x0d74 Parport - ok

07:46:01.0269 0x0d74 [ E9766131EEADE40A27DC27D2D68FBA9C, 63C295EC96DBD25F1A8B908295CCB86B54F2A77A02AAA11E5D9160C2C1A492B6 ] partmgr C:\Windows\system32\drivers\partmgr.sys

07:46:01.0284 0x0d74 partmgr - ok

07:46:01.0331 0x0d74 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] PcaSvc C:\Windows\System32\pcasvc.dll

07:46:01.0362 0x0d74 PcaSvc - ok

07:46:01.0425 0x0d74 [ 94575C0571D1462A0F70BDE6BD6EE6B3, 7139BAC653EA94A3DD3821CAB35FC5E22F4CCA5ACC2BAABDAA27E4C3C8B27FC9 ] pci C:\Windows\system32\drivers\pci.sys

07:46:01.0472 0x0d74 pci - ok

07:46:01.0518 0x0d74 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA, F2A7CC645B96946CC65BF60E14E70DC09C848D27C7943CE5DEA0C01A6B863480 ] pciide C:\Windows\system32\drivers\pciide.sys

07:46:01.0534 0x0d74 pciide - ok

07:46:01.0628 0x0d74 [ B2E81D4E87CE48589F98CB8C05B01F2F, 6763BEE7270A4873B3E131BFB92313E2750FCBD0AD73C23D1C4F98F7DF73DE14 ] pcmcia C:\Windows\system32\drivers\pcmcia.sys

07:46:01.0659 0x0d74 pcmcia - ok

07:46:01.0674 0x0d74 [ D6B9C2E1A11A3A4B26A182FFEF18F603, BBA5FE08B1DDD6243118E11358FD61B10E850F090F061711C3CB207CE5FBBD36 ] pcw C:\Windows\system32\drivers\pcw.sys

07:46:01.0706 0x0d74 pcw - ok

07:46:01.0784 0x0d74 [ 68769C3356B3BE5D1C732C97B9A80D6E, FB2D61145980A2899D1B7729184C54070315B0E63C9A22400A76CCD39E00029C ] PEAUTH C:\Windows\system32\drivers\peauth.sys

07:46:01.0846 0x0d74 PEAUTH - ok

07:46:02.0002 0x0d74 [ B9B0A4299DD2D76A4243F75FD54DC680, BBF62E9628131FA396EB08D63B76D2D5FBDD61339E92B759125A066470D1C039 ] PeerDistSvc C:\Windows\system32\peerdistsvc.dll

07:46:02.0096 0x0d74 PeerDistSvc - ok

07:46:03.0219 0x0d74 [ E495E408C93141E8FC72DC0C6046DDFA, 489B957DADA0DC128A09468F1AD082DCC657E86053208EA06A12937BE86FB919 ] PerfHost C:\Windows\SysWow64\perfhost.exe

07:46:03.0266 0x0d74 PerfHost - ok

07:46:03.0484 0x0d74 [ C7CF6A6E137463219E1259E3F0F0DD6C, 08D7244F52AA17DD669AA6F77C291DAC88E7B2D1887DE422509C1F83EC85F3DD ] pla C:\Windows\system32\pla.dll

07:46:03.0593 0x0d74 pla - ok

07:46:03.0656 0x0d74 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] PlugPlay C:\Windows\system32\umpnpmgr.dll

07:46:03.0734 0x0d74 PlugPlay - ok

07:46:03.0827 0x0d74 [ 64CA1485214340CACC315FFDFDED73EF, 3FFF06E313622D3633B4235C1E1B8857DBA8DFA19A6A1E5C3D6D88AE6C6DDCC5 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll

07:46:03.0921 0x0d74 Pml Driver HPZ12 - ok

07:46:03.0952 0x0d74 [ 7195581CEC9BB7D12ABE54036ACC2E38, 9C4E5D6EA984148F2663DC529083408B2248DFF6DAAC85D9195F80A722782315 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll

07:46:03.0983 0x0d74 PNRPAutoReg - ok

07:46:04.0014 0x0d74 [ 3EAC4455472CC2C97107B5291E0DCAFE, E51F373F2DBEAEE516B42BAE8C1B5BB68D00B881323E842CB6EDEC0A183CFFC3 ] PNRPsvc C:\Windows\system32\pnrpsvc.dll

07:46:04.0046 0x0d74 PNRPsvc - ok

07:46:04.0139 0x0d74 [ 4F15D75ADF6156BF56ECED6D4A55C389, 2ADA3EA69A5D7EC2A4D2DD89178DB94EAFDDF95F07B0070D654D9F7A5C12A044 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll

07:46:04.0202 0x0d74 PolicyAgent - ok

07:46:04.0248 0x0d74 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] Power C:\Windows\system32\umpo.dll

07:46:04.0295 0x0d74 Power - ok

07:46:04.0342 0x0d74 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys

07:46:04.0420 0x0d74 PptpMiniport - ok

07:46:04.0436 0x0d74 [ 0D922E23C041EFB1C3FAC2A6F943C9BF, 855418A6A58DCAFB181A1A68613B3E203AFB0A9B3D9D26D0C521F9F613B4EAD5 ] Processor C:\Windows\system32\drivers\processr.sys

07:46:04.0467 0x0d74 Processor - ok

07:46:04.0514 0x0d74 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] ProfSvc C:\Windows\system32\profsvc.dll

07:46:04.0592 0x0d74 ProfSvc - ok

07:46:04.0607 0x0d74 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] ProtectedStorage C:\Windows\system32\lsass.exe

07:46:04.0623 0x0d74 ProtectedStorage - ok

07:46:04.0654 0x0d74 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] Psched C:\Windows\system32\DRIVERS\pacer.sys

07:46:04.0716 0x0d74 Psched - ok

07:46:04.0748 0x0d74 [ 87B04878A6D59D6C79251DC960C674C1, 3EB8DB0624E646F0A65D0381408D35CF9FDC5ABFC30DF6431F4070A8EB68447C ] PxHlpa64 C:\Windows\system32\Drivers\PxHlpa64.sys

07:46:04.0794 0x0d74 PxHlpa64 - ok

07:46:05.0075 0x0d74 [ A53A15A11EBFD21077463EE2C7AFEEF0, 6002B012A75045DEA62640A864A8721EADE2F8B65BEB5F5BA76D8CD819774489 ] ql2300 C:\Windows\system32\drivers\ql2300.sys

07:46:05.0138 0x0d74 ql2300 - ok

07:46:05.0184 0x0d74 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8, FB6ABAB741CED66A79E31A45111649F2FA3E26CEE77209B5296F789F6F7D08DE ] ql40xx C:\Windows\system32\drivers\ql40xx.sys

07:46:05.0216 0x0d74 ql40xx - ok

07:46:05.0278 0x0d74 [ 906191634E99AEA92C4816150BDA3732, A0305436384104C3B559F9C73902DA19B96B518413379E397C5CDAB0B2B9418F ] QWAVE C:\Windows\system32\qwave.dll

07:46:05.0340 0x0d74 QWAVE - ok

07:46:05.0356 0x0d74 [ 76707BB36430888D9CE9D705398ADB6C, 35C1D1D05F98AC29A33D3781F497A0B40A3CB9CDF25FE1F28F574E40DDF70535 ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys

07:46:05.0403 0x0d74 QWAVEdrv - ok

07:46:05.0418 0x0d74 [ 5A0DA8AD5762FA2D91678A8A01311704, 8A64EB5DBAB7048A9E42A21CEB62CCD5B007A80C199892D7F8C69B48E8A255EF ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys

07:46:05.0481 0x0d74 RasAcd - ok

07:46:05.0543 0x0d74 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys

07:46:05.0590 0x0d74 RasAgileVpn - ok

07:46:05.0606 0x0d74 [ 8F26510C5383B8DBE976DE1CD00FC8C7, 60E618C010E8A723960636415573FA17EA0BBEF79647196B3BC0B8DEE680E090 ] RasAuto C:\Windows\System32\rasauto.dll

07:46:05.0684 0x0d74 RasAuto - ok

07:46:05.0715 0x0d74 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys

07:46:05.0777 0x0d74 Rasl2tp - ok

07:46:05.0840 0x0d74 [ EE867A0870FC9E4972BA9EAAD35651E2, 1B848D81705081FD2E18AC762DA7F51455657DAF860BF363DC15925A148BCADA ] RasMan C:\Windows\System32\rasmans.dll

07:46:05.0886 0x0d74 RasMan - ok

07:46:05.0902 0x0d74 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys

07:46:05.0964 0x0d74 RasPppoe - ok

07:46:06.0011 0x0d74 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys

07:46:06.0089 0x0d74 RasSstp - ok

07:46:06.0136 0x0d74 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys

07:46:06.0198 0x0d74 rdbss - ok

07:46:06.0214 0x0d74 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys

07:46:06.0261 0x0d74 rdpbus - ok

07:46:06.0308 0x0d74 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys

07:46:06.0354 0x0d74 RDPCDD - ok

07:46:06.0417 0x0d74 [ 1B6163C503398B23FF8B939C67747683, 339A5AA7970FF34FAAB213B655860C5B0DEC5F983A4A11A088017D849F320ACE ] RDPDR C:\Windows\system32\drivers\rdpdr.sys

07:46:06.0464 0x0d74 RDPDR - ok

07:46:06.0526 0x0d74 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys

07:46:06.0588 0x0d74 RDPENCDD - ok

07:46:06.0635 0x0d74 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys

07:46:06.0666 0x0d74 RDPREFMP - ok

07:46:06.0729 0x0d74 [ 313F68E1A3E6345A4F47A36B07062F34, B8318A0AE06BDE278931CA52F960B9FE226FD9894B076858DDB755AE26E1E66F ] RdpVideoMiniport C:\Windows\system32\drivers\rdpvideominiport.sys

07:46:06.0822 0x0d74 RdpVideoMiniport - ok

07:46:06.0869 0x0d74 [ E61608AA35E98999AF9AAEEEA6114B0A, F754CDE89DC96786D2A3C4D19EE2AEF1008E634E4DE3C0CBF927436DE90C04A6 ] RDPWD C:\Windows\system32\drivers\RDPWD.sys

07:46:06.0916 0x0d74 RDPWD - ok

07:46:07.0041 0x0d74 [ 34ED295FA0121C241BFEF24764FC4520, AAEE5F00CAA763A5BA51CF56BD7262C03409CD72BD5601490E3EC3FFF929BB5F ] rdyboost C:\Windows\system32\drivers\rdyboost.sys

07:46:07.0072 0x0d74 rdyboost - ok

07:46:07.0088 0x0d74 [ 254FB7A22D74E5511C73A3F6D802F192, 3D0FB5840364200DE394F8CC28DA0E334C2B5FA8FF28A41656EE72287F3D3836 ] RemoteAccess C:\Windows\System32\mprdim.dll

07:46:07.0150 0x0d74 RemoteAccess - ok

07:46:07.0197 0x0d74 [ E4D94F24081440B5FC5AA556C7C62702, 147CAA03568DC480F9506E30B84891AB7E433B5EBC05F34FF10F72B00E1C6B22 ] RemoteRegistry C:\Windows\system32\regsvc.dll

07:46:07.0259 0x0d74 RemoteRegistry - ok

07:46:07.0415 0x0d74 [ 805393D80291C53085BCE10868E54AD5, 3F6A036B9A2A4AEDD18D1C036B8C4B4A81F99BF60EEF447EB8EFD4C1347553E3 ] Roxio UPnP Renderer 11 C:\Program Files (x86)\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUPnPRenderer11.exe

07:46:07.0446 0x0d74 Roxio UPnP Renderer 11 - ok

07:46:07.0493 0x0d74 [ 96A3D9197F4D8A7E456018B809BF2AC1, 09A3360B3B2635009833B5326086254BFAD9106999C654873989055FD3FD34AC ] Roxio Upnp Server 11 C:\Program Files (x86)\Roxio Creator 2009 Special Edition\Digital Home 11\RoxioUpnpService11.exe

07:46:07.0524 0x0d74 Roxio Upnp Server 11 - ok

07:46:07.0696 0x0d74 [ 8AF842F4C84BDAA882216A01F8825402, 35FA5E3AA8BFA06CE5AE1091EB2C735E5EAE3729D8EAA0A54F82B90AFB1EF513 ] RoxLiveShare11 C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxLiveShare11.exe

07:46:07.0743 0x0d74 RoxLiveShare11 - ok

07:46:07.0914 0x0d74 [ DB6FB620B9538981A4745C1472AFEFED, E101EAE7C024980F36B7E3F0CCFCF3E11F08622EBEB48B46E2D54C49E9390D2C ] RoxMediaDB11 C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxMediaDB11.exe

07:46:08.0008 0x0d74 RoxMediaDB11 - ok

07:46:08.0055 0x0d74 [ 3E8DF3DD655CCE064CF952066DDFF248, 50C81020D99CF8A31984250BA44804FAA615706BC1C3BE78DC02B966AD286E70 ] RoxWatch11 C:\Program Files (x86)\Common Files\Roxio Shared\11.0\SharedCOM\RoxWatch11.exe

07:46:08.0070 0x0d74 RoxWatch11 - ok

07:46:08.0117 0x0d74 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll

07:46:08.0164 0x0d74 RpcEptMapper - ok

07:46:08.0180 0x0d74 [ D5BA242D4CF8E384DB90E6A8ED850B8C, CB4CB2608B5E31B55FB1A2CF4051E6D08A0C2A5FB231B2116F95938D7577334E ] RpcLocator C:\Windows\system32\locator.exe

07:46:08.0211 0x0d74 RpcLocator - ok

07:46:08.0289 0x0d74 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] RpcSs C:\Windows\System32\rpcss.dll

07:46:08.0336 0x0d74 RpcSs - ok

07:46:08.0382 0x0d74 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys

07:46:08.0429 0x0d74 rspndr - ok

07:46:08.0554 0x0d74 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys

07:46:08.0585 0x0d74 RTL8167 - ok

07:46:08.0616 0x0d74 RxFilter - ok

07:46:08.0679 0x0d74 [ E60C0A09F997826C7627B244195AB581, E8630ED74B38B98BF584E353D992C1311BC36AB7F20A1BB66C9CD65CE1E46F8D ] s3cap C:\Windows\system32\drivers\vms3cap.sys

07:46:08.0726 0x0d74 s3cap - ok

07:46:08.0741 0x0d74 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] SamSs C:\Windows\system32\lsass.exe

07:46:08.0757 0x0d74 SamSs - ok

07:46:08.0788 0x0d74 [ AC03AF3329579FFFB455AA2DAABBE22B, 7AD3B62ADFEC166F9E256F9FF8BAA0568B2ED7308142BF8F5269E6EAA5E0A656 ] sbp2port C:\Windows\system32\drivers\sbp2port.sys

07:46:08.0819 0x0d74 sbp2port - ok

07:46:08.0882 0x0d74 [ 9B7395789E3791A3B6D000FE6F8B131E, E5F067F3F212BF5481668BE1779CBEF053F511F8967589BE2E865ACB9A620024 ] SCardSvr C:\Windows\System32\SCardSvr.dll

07:46:08.0928 0x0d74 SCardSvr - ok

07:46:08.0944 0x0d74 [ 253F38D0D7074C02FF8DEB9836C97D2B, CB5CAFCB8628BB22877F74ACF1DED0BBAED8F4573A74DA7FE94BBBA584889116 ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys

07:46:09.0022 0x0d74 scfilter - ok

07:46:09.0147 0x0d74 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] Schedule C:\Windows\system32\schedsvc.dll

07:46:09.0209 0x0d74 Schedule - ok

07:46:09.0272 0x0d74 [ F17D1D393BBC69C5322FBFAFACA28C7F, 62A1A92B3C52ADFD0B808D7F69DD50238B5F202421F1786F7EAEAA63F274B3E8 ] SCPolicySvc C:\Windows\System32\certprop.dll

07:46:09.0303 0x0d74 SCPolicySvc - ok

07:46:09.0334 0x0d74 [ 6EA4234DC55346E0709560FE7C2C1972, 64011E044C16E2F92689E5F7E4666A075E27BBFA61F3264E5D51CE1656C1D5B8 ] SDRSVC C:\Windows\System32\SDRSVC.dll

07:46:09.0396 0x0d74 SDRSVC - ok

07:46:09.0412 0x0d74 [ 3EA8A16169C26AFBEB544E0E48421186, 34BBB0459C96B3DE94CCB0D73461562935C583D7BF93828DA4E20A6BC9B7301D ] secdrv C:\Windows\system32\drivers\secdrv.sys

07:46:09.0474 0x0d74 secdrv - ok

07:46:09.0490 0x0d74 [ BC617A4E1B4FA8DF523A061739A0BD87, 10C4057F6B321EB5237FF619747B74F5401BC17D15A8C7060829E8204A2297F9 ] seclogon C:\Windows\system32\seclogon.dll

07:46:09.0537 0x0d74 seclogon - ok

07:46:09.0552 0x0d74 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] SENS C:\Windows\system32\sens.dll

07:46:09.0599 0x0d74 SENS - ok

07:46:09.0599 0x0d74 [ 0336CFFAFAAB87A11541F1CF1594B2B2, 8B8A6A33E78A12FB05E29B2E2775850626574AFD2EF88748D65E690A07B10B8D ] SensrSvc C:\Windows\system32\sensrsvc.dll

07:46:09.0677 0x0d74 SensrSvc - ok

dpchristi · November 21, 2013

07:46:09.0708 0x0d74 [ CB624C0035412AF0DEBEC78C41F5CA1B, A4D937F11E06CAE914347CA1362F4C98EC5EE0C0C80321E360EA1ABD6726F8D4 ] Serenum C:\Windows\system32\drivers\serenum.sys

07:46:09.0771 0x0d74 Serenum - ok

07:46:09.0833 0x0d74 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6, 8F9776FB84C5D11068EAF1FF1D1A46466C655D64D256A8B1E31DC0C23B5DD22D ] Serial C:\Windows\system32\drivers\serial.sys

07:46:09.0880 0x0d74 Serial - ok

07:46:09.0927 0x0d74 [ 1C545A7D0691CC4A027396535691C3E3, 065C30BE598FF4DC55C37E0BBE0CEDF10A370AE2BF5404B42EBBB867A3FFED6D ] sermouse C:\Windows\system32\drivers\sermouse.sys

07:46:09.0974 0x0d74 sermouse - ok

07:46:10.0036 0x0d74 [ 0B6231BF38174A1628C4AC812CC75804, E569BF1F7F5689E2E917FA6516DB53388A5B8B1C6699DEE030147E853218811D ] SessionEnv C:\Windows\system32\sessenv.dll

07:46:10.0114 0x0d74 SessionEnv - ok

07:46:10.0161 0x0d74 [ A554811BCD09279536440C964AE35BBF, DA8F893722F803E189D7D4D6C6232ED34505B63A64ED3A0132A5BB7A2BABDE55 ] sffdisk C:\Windows\system32\drivers\sffdisk.sys

07:46:10.0192 0x0d74 sffdisk - ok

07:46:10.0192 0x0d74 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF, B81EF5D26AEB572CAB590F7AD7CA8C89F296420089EF5E6148E972F2DBCA1042 ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys

07:46:10.0239 0x0d74 sffp_mmc - ok

07:46:10.0254 0x0d74 [ DD85B78243A19B59F0637DCF284DA63C, 6730D4F2BAE7E24615746ACC41B42D01DB6068D6504982008ADA1890DE900197 ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys

07:46:10.0301 0x0d74 sffp_sd - ok

07:46:10.0317 0x0d74 [ A9D601643A1647211A1EE2EC4E433FF4, 7AC60B4AB48D4BBF1F9681C12EC2A75C72E6E12D30FABC564A24394310E9A5F9 ] sfloppy C:\Windows\system32\drivers\sfloppy.sys

07:46:10.0364 0x0d74 sfloppy - ok

07:46:10.0442 0x0d74 [ B95F6501A2F8B2E78C697FEC401970CE, 758B73A32902299A313348CE7EC189B20EB4CB398D0180E4EE24B84DAD55F291 ] SharedAccess C:\Windows\System32\ipnathlp.dll

07:46:10.0504 0x0d74 SharedAccess - ok

07:46:10.0582 0x0d74 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] ShellHWDetection C:\Windows\System32\shsvcs.dll

07:46:10.0644 0x0d74 ShellHWDetection - ok

07:46:10.0676 0x0d74 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1, 89CA9F516E42A6B905474D738CDA2C121020A07DBD4E66CFE569DD77D79D7820 ] SiSRaid2 C:\Windows\system32\drivers\SiSRaid2.sys

07:46:10.0707 0x0d74 SiSRaid2 - ok

07:46:10.0722 0x0d74 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4, 87B85C66DF7EB6FDB8A2341D05FAA5261FF68A90CCFC63F0E4A03824F1E33E5E ] SiSRaid4 C:\Windows\system32\drivers\sisraid4.sys

07:46:10.0738 0x0d74 SiSRaid4 - ok

07:46:10.0894 0x0d74 [ F07AF60B152221472FBDB2FECEC4896D, A18FDCE8462A48429E249C44F0E49F844F2E3A4B5215349DE104F34D935EF983 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe

07:46:10.0910 0x0d74 SkypeUpdate - ok

07:46:10.0972 0x0d74 [ 548260A7B8654E024DC30BF8A7C5BAA4, 4A7E58331D7765A12F53DC2371739DC9A463940B13E16157CE10DB80E958D740 ] Smb C:\Windows\system32\DRIVERS\smb.sys

07:46:11.0034 0x0d74 Smb - ok

07:46:11.0081 0x0d74 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] SNMPTRAP C:\Windows\System32\snmptrap.exe

07:46:11.0128 0x0d74 SNMPTRAP - ok

07:46:11.0144 0x0d74 [ B9E31E5CACDFE584F34F730A677803F9, 21A5130BD00089C609522A372018A719F8E37103D2DD22C59EACB393BE35A063 ] spldr C:\Windows\system32\drivers\spldr.sys

07:46:11.0175 0x0d74 spldr - ok

07:46:11.0253 0x0d74 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] Spooler C:\Windows\System32\spoolsv.exe

07:46:11.0300 0x0d74 Spooler - ok

07:46:11.0627 0x0d74 [ E17E0188BB90FAE42D83E98707EFA59C, FC075F7B39E86CC8EF6DA4E339FE946917E319C347AC70FB0C50AAF36F97E27F ] sppsvc C:\Windows\system32\sppsvc.exe

07:46:11.0752 0x0d74 sppsvc - ok

07:46:11.0768 0x0d74 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45, 36D48B23B8243BE5229707375FCD11C2DCAC96983199345365F065A0CBF33314 ] sppuinotify C:\Windows\system32\sppuinotify.dll

07:46:11.0799 0x0d74 sppuinotify - ok

07:46:11.0892 0x0d74 [ 441FBA48BFF01FDB9D5969EBC1838F0B, 306128F1AD489F87161A089D1BDC1542A4CB742D91A0C12A7CD1863FDB8932C0 ] srv C:\Windows\system32\DRIVERS\srv.sys

07:46:11.0955 0x0d74 srv - ok

07:46:12.0017 0x0d74 [ B4ADEBBF5E3677CCE9651E0F01F7CC28, 726DB2283113AB2A9681E8E9F61132303D6D86E9CD034C40EE4A8C9DB29E87F7 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys

07:46:12.0064 0x0d74 srv2 - ok

07:46:12.0111 0x0d74 [ 27E461F0BE5BFF5FC737328F749538C3, AFA4704ED8FFC1A0BAB40DFB81D3AE3F3D933A3C9BF54DDAF39FF9AF3646D9E6 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys

07:46:12.0126 0x0d74 srvnet - ok

07:46:12.0158 0x0d74 [ 51B52FBD583CDE8AA9BA62B8B4298F33, 2E2403F8AA39E79D1281CA006B51B43139C32A5FDD64BD34DAA4B935338BD740 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll

07:46:12.0204 0x0d74 SSDPSRV - ok

07:46:12.0251 0x0d74 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] SstpSvc C:\Windows\system32\sstpsvc.dll

07:46:12.0298 0x0d74 SstpSvc - ok

07:46:12.0345 0x0d74 [ F3817967ED533D08327DC73BC4D5542A, 1B204454408A690C0A86447F3E4AA9E7C58A9CFB567C94C17C21920BA648B4D5 ] stexstor C:\Windows\system32\drivers\stexstor.sys

07:46:12.0376 0x0d74 stexstor - ok

07:46:12.0501 0x0d74 [ 8DD52E8E6128F4B2DA92CE27402871C1, 1101C38BE8FC383B5F2F9FA402F9652B23B88A764DE2B584DFE62B88B11DEF92 ] stisvc C:\Windows\System32\wiaservc.dll

07:46:12.0532 0x0d74 stisvc - ok

07:46:12.0548 0x0d74 [ C40841817EF57D491F22EB103DA587CC, 5FAA2DE43BADC16A898C0C290C44C41E4411D919A95FE8C6FF45EA7A34495079 ] StorSvc C:\Windows\system32\storsvc.dll

07:46:12.0610 0x0d74 StorSvc - ok

07:46:12.0672 0x0d74 [ D34E4943D5AC096C8EDEEBFD80D76E23, 1DD7F6F97060B5F763A04ACA1F75E59DAB09EF824FD09B83FC3C192837D006DE ] storvsc C:\Windows\system32\drivers\storvsc.sys

07:46:12.0704 0x0d74 storvsc - ok

07:46:12.0719 0x0d74 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] swenum C:\Windows\system32\DRIVERS\swenum.sys

07:46:12.0735 0x0d74 swenum - ok

07:46:12.0782 0x0d74 [ E08E46FDD841B7184194011CA1955A0B, 9C3725BB1F08F92744C980A22ED5C874007D3B5863C7E1F140F50061052AC418 ] swprv C:\Windows\System32\swprv.dll

07:46:12.0860 0x0d74 swprv - ok

07:46:12.0891 0x0d74 [ 4CDD7DF58730D23BA9CB5829A6E2ECEA, 89A2A1604C2BF985894000F51D9D376B32F1327197866850B5BF8640272DE828 ] SynthVid C:\Windows\system32\DRIVERS\VMBusVideoM.sys

07:46:12.0906 0x0d74 SynthVid - ok

07:46:13.0109 0x0d74 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D, 3C13217548BE61F2BDB8BD41F77345CDDA1F97BF0AE17241C335B9807EB3DBB8 ] SysMain C:\Windows\system32\sysmain.dll

07:46:13.0187 0x0d74 SysMain - ok

07:46:13.0203 0x0d74 [ E3C61FD7B7C2557E1F1B0B4CEC713585, 01F0E116606D185BF93B540868075BFB1A398197F6AABD994983DBFF56B3A8A0 ] TabletInputService C:\Windows\System32\TabSvc.dll

07:46:13.0250 0x0d74 TabletInputService - ok

07:46:13.0312 0x0d74 [ 40F0849F65D13EE87B9A9AE3C1DD6823, E251A7EF3D0FD2973AF33A62FC457A7E8D5E8694208F811F52455F7C2426121F ] TapiSrv C:\Windows\System32\tapisrv.dll

07:46:13.0359 0x0d74 TapiSrv - ok

07:46:13.0390 0x0d74 [ 1BE03AC720F4D302EA01D40F588162F6, AB644862BF1D2E824FD846180DEC4E2C0FAFCC517451486DE5A92E5E78A952E4 ] TBS C:\Windows\System32\tbssvc.dll

07:46:13.0437 0x0d74 TBS - ok

07:46:13.0593 0x0d74 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] Tcpip C:\Windows\system32\drivers\tcpip.sys

07:46:13.0811 0x0d74 Tcpip - ok

07:46:13.0952 0x0d74 [ 40AF23633D197905F03AB5628C558C51, 644656A15236E964E4BE57B42225EAA5643C4CF1FFF6D306813A000716F9D72C ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys

07:46:13.0998 0x0d74 TCPIP6 - ok

07:46:14.0045 0x0d74 [ 1B16D0BD9841794A6E0CDE0CEF744ABC, 7EB8BA97339199EEE7F2B09DA2DA6279DA64A510D4598D42CF86415D67CD674C ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys

07:46:14.0076 0x0d74 tcpipreg - ok

07:46:14.0108 0x0d74 [ 3371D21011695B16333A3934340C4E7C, 7416F9BBFC1BA9D875EA7D1C7A0D912FC6977B49A865D67E3F9C4E18A965082D ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys

07:46:14.0170 0x0d74 TDPIPE - ok

07:46:14.0201 0x0d74 [ 51C5ECEB1CDEE2468A1748BE550CFBC8, 4E8F83877330B421F7B5D8393D34BC44C6450E69209DAA95B29CB298166A5DF9 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys

07:46:14.0232 0x0d74 TDTCP - ok

07:46:14.0279 0x0d74 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] tdx C:\Windows\system32\DRIVERS\tdx.sys

07:46:14.0310 0x0d74 tdx - ok

07:46:14.0357 0x0d74 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] TermDD C:\Windows\system32\DRIVERS\termdd.sys

07:46:14.0373 0x0d74 TermDD - ok

07:46:14.0435 0x0d74 [ 2E648163254233755035B46DD7B89123, 6FA0D07CE18A3A69D82EE49D875F141E39406E92C34EAC76AC4EB052E6EBCBCD ] TermService C:\Windows\System32\termsrv.dll

07:46:14.0482 0x0d74 TermService - ok

07:46:14.0498 0x0d74 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] Themes C:\Windows\system32\themeservice.dll

07:46:14.0529 0x0d74 Themes - ok

07:46:14.0544 0x0d74 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] THREADORDER C:\Windows\system32\mmcss.dll

07:46:14.0576 0x0d74 THREADORDER - ok

07:46:14.0607 0x0d74 [ 7E7AFD841694F6AC397E99D75CEAD49D, DE87F203FD8E6BDCCFCA1860A85F283301A365846FB703D9BB86278D8AC96B07 ] TrkWks C:\Windows\System32\trkwks.dll

07:46:14.0669 0x0d74 TrkWks - ok

07:46:14.0778 0x0d74 [ 773212B2AAA24C1E31F10246B15B276C, F2EF85F5ABA307976D9C649D710B408952089458DDE97D4DEF321DF14E46A046 ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe

07:46:14.0825 0x0d74 TrustedInstaller - ok

07:46:14.0841 0x0d74 [ 4CE278FC9671BA81A138D70823FCAA09, CBE501436696E32A3701B9F377B823AC36647B6626595F76CC63E2396AD7D300 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys

07:46:14.0919 0x0d74 tssecsrv - ok

07:46:14.0981 0x0d74 [ 17C6B51CBCCDED95B3CC14E22791F85E, EE417C19E9B2C258D62A74F1F2421AFFBAC67ACD62481CAA08F5B6A3439C1D7C ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys

07:46:15.0044 0x0d74 TsUsbFlt - ok

07:46:15.0075 0x0d74 [ AD64450A4ABE076F5CB34CC08EEACB07, B5C386635441A19178E7FEEE299BA430C8D72F9110866C13A216B12A1080AD12 ] TsUsbGD C:\Windows\system32\drivers\TsUsbGD.sys

07:46:15.0106 0x0d74 TsUsbGD - ok

07:46:15.0215 0x0d74 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys

07:46:15.0262 0x0d74 tunnel - ok

07:46:15.0293 0x0d74 [ B4DD609BD7E282BFC683CEC7EAAAAD67, EF131DB6F6411CAD36A989A421AF93F89DD61601AC524D2FF11C10FF6E3E9123 ] uagp35 C:\Windows\system32\drivers\uagp35.sys

07:46:15.0324 0x0d74 uagp35 - ok

07:46:15.0371 0x0d74 [ FF4232A1A64012BAA1FD97C7B67DF593, D8591B4EB056899C7B604E4DD852D82D4D9809F508ABCED4A03E1BE6D5D456E3 ] udfs C:\Windows\system32\DRIVERS\udfs.sys

07:46:15.0465 0x0d74 udfs - ok

07:46:15.0496 0x0d74 [ 3CBDEC8D06B9968ABA702EBA076364A1, B8DAB8AA804FC23021BFEBD7AE4D40FBE648D6C6BA21CC008E26D1C084972F9B ] UI0Detect C:\Windows\system32\UI0Detect.exe

07:46:15.0543 0x0d74 UI0Detect - ok

07:46:15.0558 0x0d74 [ 4BFE1BC28391222894CBF1E7D0E42320, 5918B1ED2030600DF77BDACF1C808DF6EADDD8BF3E7003AF1D72050D8B102B3A ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys

07:46:15.0590 0x0d74 uliagpkx - ok

07:46:15.0621 0x0d74 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] umbus C:\Windows\system32\DRIVERS\umbus.sys

07:46:15.0652 0x0d74 umbus - ok

07:46:15.0699 0x0d74 [ B2E8E8CB557B156DA5493BBDDCC1474D, F547509A08C0679ACB843E20C9C0CF51BED1B06530BBC529DFB0944504564A43 ] UmPass C:\Windows\system32\drivers\umpass.sys

07:46:15.0746 0x0d74 UmPass - ok

07:46:15.0792 0x0d74 [ A293DCD756D04D8492A750D03B9A297C, 203600ED0B7F8BA4C6D6F4ED810F4DF5AB70928B06EC4131C5D8ADF628444ED1 ] UmRdpService C:\Windows\System32\umrdp.dll

07:46:15.0839 0x0d74 UmRdpService - ok

07:46:15.0902 0x0d74 [ D47EC6A8E81633DD18D2436B19BAF6DE, 0FB461E2D5E0B75BB5958F6362F4880BFA4C36AD930542609BCAF574941AA7AE ] upnphost C:\Windows\System32\upnphost.dll

07:46:15.0948 0x0d74 upnphost - ok

07:46:15.0980 0x0d74 [ C9E9D59C0099A9FF51697E9306A44240, 78D9A7A5E5742962B6978F475BF06CB32262F1D214699D3D40538476A58012A1 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys

07:46:16.0026 0x0d74 USBAAPL64 - ok

07:46:16.0089 0x0d74 [ 30353DDFC28C4F1EF4464DCEF994D678, FB17DF4013675061AEC0A0E7ADD0B4D07CF509B842095FAFDD7BC8C9BABDA1A5 ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys

07:46:16.0120 0x0d74 usbccgp - ok

07:46:16.0151 0x0d74 [ 80B0F7D5CCF86CEB5D402EAAF61FEC31, 140C62116A425DEAD25FE8D82DE283BC92C482A9F643658D512F9F67061F28AD ] usbcir C:\Windows\system32\drivers\usbcir.sys

07:46:16.0245 0x0d74 usbcir - ok

07:46:16.0260 0x0d74 [ 7B01F9E957AA6D7F8520BB9E229DF0E2, 309295AEF0C8B6AA39503F495297169D5E4B231DD9758D9F40F29B6987C9D212 ] usbehci C:\Windows\system32\drivers\usbehci.sys

07:46:16.0307 0x0d74 usbehci - ok

07:46:16.0401 0x0d74 [ 90C0E5CF8FD5C25B41E7C10473EDB6BD, CDE080D158B2DD689927B2AE752EA3369C39E7764F5592DC34F3C6D9DA51C5D4 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys

07:46:16.0463 0x0d74 usbhub - ok

07:46:16.0510 0x0d74 [ F4A4255E930B6D007A3501C35A3DACC4, E0D0EF801100BE57A199A483330A80FB6C6FF29AEBF3380BEE16BB364A8D7FC7 ] usbohci C:\Windows\system32\drivers\usbohci.sys

07:46:16.0572 0x0d74 usbohci - ok

07:46:16.0619 0x0d74 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys

07:46:16.0666 0x0d74 usbprint - ok

07:46:16.0682 0x0d74 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] usbscan C:\Windows\system32\drivers\usbscan.sys

07:46:16.0744 0x0d74 usbscan - ok

07:46:16.0775 0x0d74 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS

07:46:16.0838 0x0d74 USBSTOR - ok

07:46:16.0869 0x0d74 [ 9462E6B70615C1703D4A95FA61FC54A1, A66E75A42E58E126F575F1AFC3BE47E119CF53431CED511776D878A78F597015 ] usbuhci C:\Windows\system32\drivers\usbuhci.sys

07:46:16.0916 0x0d74 usbuhci - ok

07:46:16.0947 0x0d74 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] UxSms C:\Windows\System32\uxsms.dll

07:46:16.0994 0x0d74 UxSms - ok

07:46:17.0025 0x0d74 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] VaultSvc C:\Windows\system32\lsass.exe

07:46:17.0025 0x0d74 VaultSvc - ok

07:46:17.0040 0x0d74 [ C5C876CCFC083FF3B128F933823E87BD, 6FE0FBB6C3207E09300E0789E2168F76668D87C317FE9F263E733827ADCFBE0D ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys

07:46:21.0908 0x0d74 vdrvroot - ok

07:46:21.0986 0x0d74 [ 8D6B481601D01A456E75C3210F1830BE, A2CEF483F4231367138EEF7E67FD5BE5364FC0780C44CA1368E36CE4AA3D0633 ] vds C:\Windows\System32\vds.exe

07:46:22.0048 0x0d74 vds - ok

07:46:22.0064 0x0d74 [ DA4DA3F5E02943C2DC8C6ED875DE68DD, EDE604536DB78C512D68C92B26DA77C8811AC109D1F0A473673F0A82D15A2838 ] vga C:\Windows\system32\DRIVERS\vgapnp.sys

07:46:22.0079 0x0d74 vga - ok

07:46:22.0095 0x0d74 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] VgaSave C:\Windows\System32\drivers\vga.sys

07:46:22.0142 0x0d74 VgaSave - ok

07:46:22.0189 0x0d74 [ 2CE2DF28C83AEAF30084E1B1EB253CBB, D1946816A1CB89F825CBEA58F94A4C9D0CE7249355CD3915563F54054EE564BF ] vhdmp C:\Windows\system32\drivers\vhdmp.sys

07:46:32.0032 0x0d74 vhdmp - ok

07:46:32.0079 0x0d74 [ E5689D93FFE4E5D66C0178761240DD54, 6D35CED80681B12AAF63BFA0DA1C386E71D3838839B68A686990AA8031949D27 ] viaide C:\Windows\system32\drivers\viaide.sys

07:46:32.0079 0x0d74 viaide - ok

07:46:32.0095 0x0d74 [ 7DE90B48F210D29649380545DB45A187, 09522F84285D62B961868DA98C40B82E746CA4D24A9780905673A2349D6B07F4 ] VMBusHID C:\Windows\system32\drivers\VMBusHID.sys

07:46:32.0126 0x0d74 VMBusHID - ok

07:46:32.0157 0x0d74 [ D2AAFD421940F640B407AEFAAEBD91B0, 31EF342A60AF04F4108759A71F8FB7B8C8819216CF3D16A95B2BA0E33A8A9161 ] volmgr C:\Windows\system32\drivers\volmgr.sys

07:46:32.0173 0x0d74 volmgr - ok

07:46:32.0188 0x0d74 [ A255814907C89BE58B79EF2F189B843B, 463DB771851352185B6AC323BD93B9084D47291E53C1F7B628B65D6918B2E28F ] volmgrx C:\Windows\system32\drivers\volmgrx.sys

07:46:32.0219 0x0d74 volmgrx - ok

07:46:32.0235 0x0d74 [ 0D08D2F3B3FF84E433346669B5E0F639, 3D6716CEC95B8861A7CC5778E91F310528DC6BEE0E57A3C8757FC675154EBDEC ] volsnap C:\Windows\system32\drivers\volsnap.sys

07:46:32.0251 0x0d74 volsnap - ok

07:46:32.0297 0x0d74 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] vpcbus C:\Windows\system32\DRIVERS\vpchbus.sys

07:46:32.0313 0x0d74 vpcbus - ok

07:46:32.0329 0x0d74 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] vpcnfltr C:\Windows\system32\DRIVERS\vpcnfltr.sys

07:46:32.0360 0x0d74 vpcnfltr - ok

07:46:32.0360 0x0d74 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] vpcusb C:\Windows\system32\DRIVERS\vpcusb.sys

07:46:32.0391 0x0d74 vpcusb - ok

07:46:32.0422 0x0d74 [ 30D4243726A15A14F5C5E45898D14394, 0EED69CACCDEC1260C79B187370E420C12654F0F5F777A1FF27F5C5FF3BAE2E1 ] vpcvmm C:\Windows\system32\drivers\vpcvmm.sys

07:46:32.0469 0x0d74 vpcvmm - ok

07:46:32.0500 0x0d74 [ 5E2016EA6EBACA03C04FEAC5F330D997, 53106EB877459FE55A459111F7AB0EE320BB3B4C954D3DB6FA1642396001F2AC ] vsmraid C:\Windows\system32\drivers\vsmraid.sys

07:46:32.0531 0x0d74 vsmraid - ok

07:46:32.0609 0x0d74 [ B60BA0BC31B0CB414593E169F6F21CC2, 47B801E623254CF0202B3591CB5C019CABFB52F123C7D47E29D19B32F1F2B915 ] VSS C:\Windows\system32\vssvc.exe

07:46:32.0687 0x0d74 VSS - ok

07:46:32.0719 0x0d74 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1, 3254523C85C70EBA2DBAC05DB2DBA89EDF8E9195F390F7C21F96458FB6B2E3D7 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys

07:46:32.0765 0x0d74 vwifibus - ok

07:46:32.0797 0x0d74 [ 1C9D80CC3849B3788048078C26486E1A, 34A89F31E53F6B6C209B286F580CC2257AE6D057E4E20741F241C9C167947962 ] W32Time C:\Windows\system32\w32time.dll

07:46:32.0843 0x0d74 W32Time - ok

07:46:32.0859 0x0d74 [ 4E9440F4F152A7B944CB1663D3935A3E, 8FE04EBD3BC612EE943A21A3E56F37E5C9B578CDACA6044048181DAD81816D53 ] WacomPen C:\Windows\system32\drivers\wacompen.sys

07:46:32.0875 0x0d74 WacomPen - ok

07:46:32.0890 0x0d74 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys

07:46:32.0937 0x0d74 WANARP - ok

07:46:32.0937 0x0d74 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys

07:46:32.0968 0x0d74 Wanarpv6 - ok

07:46:33.0062 0x0d74 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C, 4150DAB33E8D61076F1D4767BCAFC9B4ECCCCBD58FD4FB3CFE5B8D27DCDCAB61 ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe

07:46:33.0109 0x0d74 WatAdminSvc - ok

07:46:33.0155 0x0d74 [ 78F4E7F5C56CB9716238EB57DA4B6A75, 46A4E78CE5F2A4B26F4E9C3FF04A99D9B727A82AC2E390A82A1611C3F6E0C9AF ] wbengine C:\Windows\system32\wbengine.exe

07:46:33.0265 0x0d74 wbengine - ok

07:46:33.0280 0x0d74 [ 3AA101E8EDAB2DB4131333F4325C76A3, 4F7BD3DA5E58B18BFF106CFF7B45E75FD13EE556D433C695BA23EC80827E49DE ] WbioSrvc C:\Windows\System32\wbiosrvc.dll

07:46:33.0311 0x0d74 WbioSrvc - ok

07:46:33.0327 0x0d74 [ 7368A2AFD46E5A4481D1DE9D14848EDD, 8039C478FC2D9F095F5883A4FA47F9E6EDF57CC88A4AA74F07C88445F90DED57 ] wcncsvc C:\Windows\System32\wcncsvc.dll

07:46:33.0374 0x0d74 wcncsvc - ok

07:46:33.0389 0x0d74 [ 20F7441334B18CEE52027661DF4A6129, 7B8E0247234B740FED2BE9B833E9CE8DD7453340123AB43F6B495A7E6A27B0DD ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll

07:46:33.0421 0x0d74 WcsPlugInService - ok

07:46:33.0452 0x0d74 [ 72889E16FF12BA0F235467D6091B17DC, F2FD0BBD075E33608D93F350D216F97442AB89ABD540513C2D568C78096E12A8 ] Wd C:\Windows\system32\drivers\wd.sys

07:46:33.0483 0x0d74 Wd - ok

07:46:33.0514 0x0d74 [ E2C933EDBC389386EBE6D2BA953F43D8, AF1DEADD5F1267CCEBD226E8EEB971D1946EA6A5A9645A36F5D111F758AF2F07 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys

07:46:33.0545 0x0d74 Wdf01000 - ok

07:46:33.0561 0x0d74 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiServiceHost C:\Windows\system32\wdi.dll

07:46:33.0639 0x0d74 WdiServiceHost - ok

07:46:33.0639 0x0d74 [ BF1FC3F79B863C914687A737C2F3D681, B2DF47AC4931ACFB243775767B77065CC0D98778FC0243C793A3E219EB961209 ] WdiSystemHost C:\Windows\system32\wdi.dll

07:46:33.0655 0x0d74 WdiSystemHost - ok

07:46:33.0670 0x0d74 [ 0EB0E5D22B1760F2DBCE632F2DD7A54D, B8A4CC62F88768947FB0A161CF9564DB28FD9C1C037B5475DF192982DE035C22 ] WebClient C:\Windows\System32\webclnt.dll

07:46:33.0717 0x0d74 WebClient - ok

07:46:33.0733 0x0d74 [ C749025A679C5103E575E3B48E092C43, B71171D07EE7AB085A24BF3A1072FF2CE7EA021AAE695F6A90640E6EE8EB55C1 ] Wecsvc C:\Windows\system32\wecsvc.dll

07:46:33.0779 0x0d74 Wecsvc - ok

07:46:33.0811 0x0d74 [ 7E591867422DC788B9E5BD337A669A08, 484E6BCCDF7ADCE9A1AACAD1BC7C7D7694B9E40FA90D94B14D80C607784F6C75 ] wercplsupport C:\Windows\System32\wercplsupport.dll

07:46:33.0842 0x0d74 wercplsupport - ok

07:46:33.0857 0x0d74 [ 6D137963730144698CBD10F202E9F251, A9F522A125158D94F540544CCD4DBF47B9DCE2EA878C33675AFE40F80E8F4979 ] WerSvc C:\Windows\System32\WerSvc.dll

07:46:33.0904 0x0d74 WerSvc - ok

07:46:33.0951 0x0d74 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys

07:46:33.0982 0x0d74 WfpLwf - ok

07:46:34.0060 0x0d74 [ B14EF15BD757FA488F9C970EEE9C0D35, F27DF2D47E7076786AE7C396583D7A1C56B93E766711066C900964FC7313E794 ] WimFltr C:\Windows\system32\DRIVERS\wimfltr.sys

07:46:34.0091 0x0d74 WimFltr - ok

07:46:34.0091 0x0d74 [ 05ECAEC3E4529A7153B3136CEB49F0EC, 9995CB2CEC70A633EA33CBB0DEAD2BB28CB67132B41E9444BDAB9E75744C9A50 ] WIMMount C:\Windows\system32\drivers\wimmount.sys

07:46:34.0123 0x0d74 WIMMount - ok

07:46:34.0169 0x0d74 WinDefend - ok

07:46:34.0185 0x0d74 WinHttpAutoProxySvc - ok

07:46:34.0232 0x0d74 [ 19B07E7E8915D701225DA41CB3877306, D6555E8D276DBB11358246E0FE215F76F1FB358791C76B88D82C2A66A42DA19F ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll

07:46:34.0263 0x0d74 Winmgmt - ok

07:46:34.0325 0x0d74 [ BCB1310604AA415C4508708975B3931E, 9D943F086D454345153A0DD426B4432532A44FD87950386B186E1CAD2AC70565 ] WinRM C:\Windows\system32\WsmSvc.dll

07:46:34.0419 0x0d74 WinRM - ok

07:46:34.0450 0x0d74 [ FE88B288356E7B47B74B13372ADD906D, A16B166F6BB32EF9D2A142F27B9EC54CBC7B3AC915799783CF4C40E525BC9E03 ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys

07:46:34.0481 0x0d74 WinUsb - ok

07:46:34.0513 0x0d74 [ 4FADA86E62F18A1B2F42BA18AE24E6AA, CE1683386886BF34862681A46199EA7E7FB4232A186047DA7FBD8EC240AF6726 ] Wlansvc C:\Windows\System32\wlansvc.dll

07:46:34.0575 0x0d74 Wlansvc - ok

07:46:34.0637 0x0d74 [ 06C8FA1CF39DE6A735B54D906BA791C6, D8FEC7DE227781CDA876904701B2AA995268F74DCD6CB34AA0296C557FC283B6 ] wlcrasvc C:\Program Files\Windows Live\Mesh\wlcrasvc.exe

07:46:34.0669 0x0d74 wlcrasvc - ok

07:46:34.0762 0x0d74 [ 2BACD71123F42CEA603F4E205E1AE337, 1FEF20554110371D738F462ECFFA999158EFEED02062414C58C1B61C422BF0B9 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE

07:46:34.0809 0x0d74 wlidsvc - ok

07:46:34.0825 0x0d74 [ F6FF8944478594D0E414D3F048F0D778, 6F75E0AE6127B33A92A88E59D4B048FD4C15F997807BE7BF0EFE76F95235B1D9 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys

07:46:34.0856 0x0d74 WmiAcpi - ok

07:46:34.0918 0x0d74 [ 38B84C94C5A8AF291ADFEA478AE54F93, 1AC267AC73670BEA5F3785C9AD9DB146F8E993A862C843742B21FDB90D102B2A ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe

07:46:34.0981 0x0d74 wmiApSrv - ok

07:46:35.0012 0x0d74 WMPNetworkSvc - ok

07:46:35.0027 0x0d74 [ 96C6E7100D724C69FCF9E7BF590D1DCA, 2E63C9B0893B4FC03B7A71BAEA6202D3D3DB1B52F3643467829B5A573FD7655B ] WPCSvc C:\Windows\System32\wpcsvc.dll

07:46:35.0074 0x0d74 WPCSvc - ok

07:46:35.0090 0x0d74 [ 93221146D4EBBF314C29B23CD6CC391D, C0750858A65BF51E210CD244C825C121D67E025CD2D2455139991AAC289A90FE ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll

07:46:35.0105 0x0d74 WPDBusEnum - ok

07:46:35.0152 0x0d74 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys

07:46:35.0215 0x0d74 ws2ifsl - ok

07:46:35.0246 0x0d74 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] wscsvc C:\Windows\system32\wscsvc.dll

07:46:35.0293 0x0d74 wscsvc - ok

07:46:35.0293 0x0d74 WSearch - ok

07:46:35.0371 0x0d74 [ D9EF901DCA379CFE914E9FA13B73B4C4, 3BE9693B7B2AFEE23D72AF5DA211379724D752F0EC18ACB7D3DE3DDFC5AE0004 ] wuauserv C:\Windows\system32\wuaueng.dll

07:46:35.0433 0x0d74 wuauserv - ok

07:46:35.0449 0x0d74 [ AB886378EEB55C6C75B4F2D14B6C869F, D6C4602EB8F291DADEDF3CD211013D4AC752DDE7E799C2D8D74AA4F5477CAED6 ] WudfPf C:\Windows\system32\drivers\WudfPf.sys

07:46:35.0495 0x0d74 WudfPf - ok

07:46:35.0542 0x0d74 [ DDA4CAF29D8C0A297F886BFE561E6659, 94E5DD649B5D86FA1A7C7D30FCF9644D0EE048D312E626111458ADF66BFBE978 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys

07:46:35.0573 0x0d74 WUDFRd - ok

07:46:35.0589 0x0d74 [ B20F051B03A966392364C83F009F7D17, 88ECEB55AE91F58F592B96EBC10B572747D5A2F9B7629E8F371761E4F7408A65 ] wudfsvc C:\Windows\System32\WUDFSvc.dll

07:46:35.0636 0x0d74 wudfsvc - ok

07:46:35.0651 0x0d74 [ FE90B750AB808FB9DD8FBB428B5FF83B, 3F8F592EC813BE292D305A87C5BA852F8BC3D7CE610612D9871F209A17326AA8 ] WwanSvc C:\Windows\System32\wwansvc.dll

07:46:35.0698 0x0d74 WwanSvc - ok

07:46:35.0698 0x0d74 ================ Scan global ===============================

07:46:35.0729 0x0d74 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\system32\basesrv.dll

07:46:35.0761 0x0d74 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

07:46:35.0776 0x0d74 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\system32\winsrv.dll

07:46:35.0792 0x0d74 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\system32\sxssrv.dll

07:46:35.0807 0x0d74 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\system32\services.exe

07:46:35.0823 0x0d74 [ Global ] - ok

07:46:35.0823 0x0d74 ================ Scan MBR ==================================

07:46:35.0839 0x0d74 [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0

07:46:36.0057 0x0d74 \Device\Harddisk0\DR0 - ok

07:46:36.0431 0x0d74 [ 8464D19686910A2E5D0E5C28C70A95AB ] \Device\Harddisk3\DR3

07:46:36.0556 0x0d74 \Device\Harddisk3\DR3 - ok

07:46:36.0556 0x0d74 ================ Scan VBR ==================================

07:46:36.0572 0x0d74 [ ADEA64EC80A3786CFD77174A11D000F9 ] \Device\Harddisk0\DR0\Partition1

07:46:36.0572 0x0d74 \Device\Harddisk0\DR0\Partition1 - ok

07:46:36.0587 0x0d74 [ B3A5CC4365BD786CFC78539D03484A71 ] \Device\Harddisk0\DR0\Partition2

07:46:36.0587 0x0d74 \Device\Harddisk0\DR0\Partition2 - ok

07:46:36.0603 0x0d74 [ 7CDB719F6432151FA9B41532530BD68F ] \Device\Harddisk3\DR3\Partition1

07:46:36.0603 0x0d74 \Device\Harddisk3\DR3\Partition1 - ok

07:46:36.0603 0x0d74 ================ Scan active images ========================

07:46:36.0603 0x0d74 [ 02062C0B390B7729EDC9E69C680A6F3C, 0261683C6DC2706DCE491A1CDC954AC9C9E649376EC30760BB4E225E18DC5273 ] C:\Windows\System32\drivers\atapi.sys

07:46:36.0603 0x0d74 C:\Windows\System32\drivers\atapi.sys - ok

07:46:36.0603 0x0d74 [ 3E588B60EC061686BA05D33574A344C6, 19D2D863F95CCC4493A2328B6BEB04248B6A80F957532E58C1D1D868C19FDCCB ] C:\Windows\System32\drivers\crashdmp.sys

07:46:36.0603 0x0d74 C:\Windows\System32\drivers\crashdmp.sys - ok

07:46:36.0603 0x0d74 [ 839B5FE3D48E9F35B22C21A3D5103F6C, A9CEA695E43092B72B0E988063E00A7C0BCE90095344E9A2F380218482BCE77F ] C:\Windows\System32\drivers\Dumpata.sys

07:46:36.0603 0x0d74 C:\Windows\System32\drivers\Dumpata.sys - ok

07:46:36.0603 0x0d74 [ 814DB88F2641691575A455CF25354098, 79C50F0CD72612733217A0316BEFEA0B6D819C3159D9452EAB89AC26A18A0F89 ] C:\Windows\System32\drivers\dumpfve.sys

07:46:36.0603 0x0d74 C:\Windows\System32\drivers\dumpfve.sys - ok

07:46:36.0603 0x0d74 [ 16A47CE2DECC9B099349A5F840654746, 77C008AEDB07FAC66413841D65C952DDB56FE7DCA5E9EF9C8F4130336B838024 ] C:\Windows\System32\drivers\beep.sys

07:46:36.0603 0x0d74 C:\Windows\System32\drivers\beep.sys - ok

07:46:36.0603 0x0d74 [ F036CE71586E93D94DAB220D7BDF4416, BD07AAD9E20CEAF9FC84E4977C55EA2C45604A2C682AC70B9B9A2199B6713D5B ] C:\Windows\System32\drivers\cdrom.sys

07:46:36.0603 0x0d74 C:\Windows\System32\drivers\cdrom.sys - ok

07:46:36.0603 0x0d74 [ 9899284589F75FA8724FF3D16AED75C1, 181188599FD5D4DE33B97010D9E0CAEABAB9A3EF50712FE7F9AA0735CD0666D6 ] C:\Windows\System32\drivers\null.sys

07:46:36.0603 0x0d74 C:\Windows\System32\drivers\null.sys - ok

07:46:36.0619 0x0d74 [ AA3FB40E17CE1388FA1BEDAB50EA8F96, 69F93E15536644C8FD679A20190CFE577F4985D3B1B4A4AA250A168615AE1E99 ] C:\Windows\System32\drivers\msfs.sys

07:46:36.0619 0x0d74 C:\Windows\System32\drivers\msfs.sys - ok

07:46:36.0619 0x0d74 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7, D8957EF7060A69DBB3CD6B2C45B1E4143592AB8D018471E17AC04668157DC67F ] C:\Windows\System32\drivers\npfs.sys

07:46:36.0619 0x0d74 C:\Windows\System32\drivers\npfs.sys - ok

07:46:36.0619 0x0d74 [ CEA6CC257FC9B7715F1C2B4849286D24, A78144D18352EA802C39D9D42921CF97A3E0211766B2169B6755C6FC2D77A804 ] C:\Windows\System32\drivers\RDPCDD.sys

07:46:36.0619 0x0d74 C:\Windows\System32\drivers\RDPCDD.sys - ok

07:46:36.0619 0x0d74 [ BB5971A4F00659529A5C44831AF22365, 9AAA5C0D448E821FD85589505D99DF7749715A046BBD211F139E4E652ADDE41F ] C:\Windows\System32\drivers\RDPENCDD.sys

07:46:36.0619 0x0d74 C:\Windows\System32\drivers\RDPENCDD.sys - ok

07:46:36.0619 0x0d74 [ 216F3FA57533D98E1F74DED70113177A, 60C126A1409D1E9C39F1C9E95F70115BF4AF07780AB499F6E10A612540F173F4 ] C:\Windows\System32\drivers\RDPREFMP.sys

07:46:36.0619 0x0d74 C:\Windows\System32\drivers\RDPREFMP.sys - ok

07:46:36.0619 0x0d74 [ 6F020A220388ECA0AB6062DC27BD16B6, 48655230E482DEB7B4B50EF05818EBB29CA61E780AEFCD9D31B02DE4DF9D9540 ] C:\Windows\System32\drivers\tdi.sys

07:46:36.0619 0x0d74 C:\Windows\System32\drivers\tdi.sys - ok

07:46:36.0619 0x0d74 [ DDAD5A7AB24D8B65F8D724F5C20FD806, B71F2967A4EE7395E4416C1526CB85368AEA988BDD1F2C9719C48B08FAFA9661 ] C:\Windows\System32\drivers\tdx.sys

07:46:36.0619 0x0d74 C:\Windows\System32\drivers\tdx.sys - ok

07:46:36.0619 0x0d74 [ 53E92A310193CB3C03BEA963DE7D9CFC, 45898604375B42EB1246C17A22D91C2440F11C746FF6459AD38027C1BC2E3125 ] C:\Windows\System32\drivers\vga.sys

07:46:36.0619 0x0d74 C:\Windows\System32\drivers\vga.sys - ok

07:46:36.0634 0x0d74 [ E7353D59C9842BC7299FAEB7E7E09340, C37ED1025E07BAC2F535DCFED6C6C509515D95722EADE5AF94F1FC5D8B1DC783 ] C:\Windows\System32\drivers\videoprt.sys

07:46:36.0634 0x0d74 C:\Windows\System32\drivers\videoprt.sys - ok

07:46:36.0634 0x0d74 [ FC438D1430B28618E2D0C7C332A710AD, 873957B202E454E2C8F625E5799F278CAC16EC5EEAEE2C33E2FE5D1FF0408CB2 ] C:\Windows\System32\drivers\watchdog.sys

07:46:36.0634 0x0d74 C:\Windows\System32\drivers\watchdog.sys - ok

07:46:36.0634 0x0d74 [ 79059559E89D06E8B80CE2944BE20228, 6E041D2FED2D0C3D8E16E56CB61D3245F9144EA92F5BDC9A4AA30598D1C8E6EE ] C:\Windows\System32\drivers\afd.sys

07:46:36.0634 0x0d74 C:\Windows\System32\drivers\afd.sys - ok

07:46:36.0634 0x0d74 [ 09594D1089C523423B32A4229263F068, 7426A9B8BA27D3225928DDEFBD399650ABB90798212F56B7D12158AC22CCCE37 ] C:\Windows\System32\drivers\netbt.sys

07:46:36.0634 0x0d74 C:\Windows\System32\drivers\netbt.sys - ok

07:46:36.0634 0x0d74 [ 611B23304BF067451A9FDEE01FBDD725, 0AF2734B978165FC6FD22B64862132CCE32528A21C698A49D176129446E099C8 ] C:\Windows\System32\drivers\wfplwf.sys

07:46:36.0634 0x0d74 C:\Windows\System32\drivers\wfplwf.sys - ok

07:46:36.0634 0x0d74 [ 6BCC1D7D2FD2453957C5479A32364E52, E48554D31FBDCF8F985C1C72524CAA9106F5B7CC2B79064F8F5E2562D517F090 ] C:\Windows\System32\drivers\ws2ifsl.sys

07:46:36.0634 0x0d74 C:\Windows\System32\drivers\ws2ifsl.sys - ok

07:46:36.0634 0x0d74 [ 86743D9F5D2B1048062B14B1D84501C4, DBF6D6A60AB774FCB0F464FF2D285A7521D0A24006687B243AB46B17D8032062 ] C:\Windows\System32\drivers\netbios.sys

07:46:36.0634 0x0d74 C:\Windows\System32\drivers\netbios.sys - ok

07:46:36.0634 0x0d74 [ 0557CF5A2556BD58E26384169D72438D, F6F83A616B1F1C6C0DF6D2EC2513E6C23FD4FAA6D36518B8676C619AB74957B4 ] C:\Windows\System32\drivers\pacer.sys

07:46:36.0634 0x0d74 C:\Windows\System32\drivers\pacer.sys - ok

07:46:36.0650 0x0d74 [ E675FB2B48C54F09895482E2253B289C, 68BBFBF2356C849722E429CA753CC309A3CCE8CF00EBDBBD2695ECD292324DF2 ] C:\Windows\System32\drivers\vpcnfltr.sys

07:46:36.0650 0x0d74 C:\Windows\System32\drivers\vpcnfltr.sys - ok

07:46:36.0650 0x0d74 [ 30D4243726A15A14F5C5E45898D14394, 0EED69CACCDEC1260C79B187370E420C12654F0F5F777A1FF27F5C5FF3BAE2E1 ] C:\Windows\System32\drivers\vpcvmm.sys

07:46:36.0650 0x0d74 C:\Windows\System32\drivers\vpcvmm.sys - ok

07:46:36.0650 0x0d74 [ 356AFD78A6ED4457169241AC3965230C, CE4D1EE3525C10AC658B20776C3E444DE44874C837713DC5311386EDFCB18399 ] C:\Windows\System32\drivers\wanarp.sys

07:46:36.0650 0x0d74 C:\Windows\System32\drivers\wanarp.sys - ok

07:46:36.0650 0x0d74 [ 561E7E1F06895D78DE991E01DD0FB6E5, 83BFA50A528762EC52A011302AC3874636FB7E26628CD7ACFBF2BDC9FAA8110D ] C:\Windows\System32\drivers\termdd.sys

07:46:36.0650 0x0d74 C:\Windows\System32\drivers\termdd.sys - ok

07:46:36.0650 0x0d74 [ 13096B05847EC78F0977F2C0F79E9AB3, 1E44981B684F3E56F5D2439BB7FA78BD1BC876BB2265AE089AEC68F241B05B26 ] C:\Windows\System32\drivers\discache.sys

07:46:36.0650 0x0d74 C:\Windows\System32\drivers\discache.sys - ok

07:46:36.0650 0x0d74 [ 0EED230E37515A0EAEE3C2E1BC97B288, B1D8F8A75006B6E99214CA36D27A8594EF8D952F315BEB201E9BAC9DE3E64D42 ] C:\Windows\System32\drivers\mssmbios.sys

07:46:36.0650 0x0d74 C:\Windows\System32\drivers\mssmbios.sys - ok

07:46:36.0650 0x0d74 [ E7F5AE18AF4168178A642A9247C63001, 133023B7E4BA8049C4CAED3282BDD25571D1CC25FAC3B820C7F981D292689D76 ] C:\Windows\System32\drivers\nsiproxy.sys

07:46:36.0650 0x0d74 C:\Windows\System32\drivers\nsiproxy.sys - ok

07:46:36.0665 0x0d74 [ 77F665941019A1594D887A74F301FA2F, 1FDC6F6853400190C086042933F157814D915C54F26793CAD36CD2607D8810DA ] C:\Windows\System32\drivers\rdbss.sys

07:46:36.0665 0x0d74 C:\Windows\System32\drivers\rdbss.sys - ok

07:46:36.0665 0x0d74 [ 61583EE3C3A17003C4ACD0475646B4D3, 17E4BECC309C450E7E44F59A9C0BBC24D21BDC66DFBA65B8F198A00BB47A9811 ] C:\Windows\System32\drivers\blbdrive.sys

07:46:36.0665 0x0d74 C:\Windows\System32\drivers\blbdrive.sys - ok

07:46:36.0665 0x0d74 [ 54DA3DFD29ED9F1619B6F53F3CE55E49, 9177C6907A983296BF188892A894B668A09FFA058FD56B50FE12940D54B0FA5E ] C:\Windows\System32\drivers\csc.sys

07:46:36.0665 0x0d74 C:\Windows\System32\drivers\csc.sys - ok

07:46:36.0665 0x0d74 [ 9BB2EF44EAA163B29C4A4587887A0FE4, 03667BC3EA5003F4236929C10F23D8F108AFCB29DB5559E751FB26DFB318636F ] C:\Windows\System32\drivers\dfsc.sys

07:46:36.0665 0x0d74 C:\Windows\System32\drivers\dfsc.sys - ok

07:46:36.0665 0x0d74 [ 3566A8DAAFA27AF944F5D705EAA64894, AE9D8B648DA08AF667B9456C3FE315489859C157510A258559F18238F2CC92B8 ] C:\Windows\System32\drivers\tunnel.sys

07:46:36.0665 0x0d74 C:\Windows\System32\drivers\tunnel.sys - ok

07:46:36.0665 0x0d74 [ CAAAC014C5C56A69F710B5F1B836DE22, DA98EF2EBF9A7F180344A88CC2C74F69101E17BBAB58B1C46176FD6EE7AA2E6A ] C:\Windows\System32\ntdll.dll

07:46:36.0665 0x0d74 C:\Windows\System32\ntdll.dll - ok

07:46:36.0665 0x0d74 [ F0970A4BC8395659C22BF53D0FADF16F, 23BE3066D89A5ACBF8130899640D377476E78B6C3D19E2D13C32238464A83E21 ] C:\Windows\System32\smss.exe

07:46:36.0665 0x0d74 C:\Windows\System32\smss.exe - ok

07:46:36.0665 0x0d74 [ 3B536A8BEC3B4F23FFDFD78B11A2AB93, 7BC847CE6C2D29C334F0D1600BBBDE3933FF45F6BEE5186F442E6270A3F9EC4E ] C:\Windows\System32\autochk.exe

07:46:36.0665 0x0d74 C:\Windows\System32\autochk.exe - ok

07:46:36.0681 0x0d74 [ 348214F96642FD4FEF630DE021BA3540, B6A7D2EA41F6866F5AFF5022BB459E5AFF683FF2FF470B84F3E911C8AEC47C30 ] C:\Windows\System32\drivers\igdkmd64.sys

07:46:36.0681 0x0d74 C:\Windows\System32\drivers\igdkmd64.sys - ok

07:46:36.0681 0x0d74 [ 88612F1CE3BF42256913BF6E61C70D52, 7CF190F83FA8F15C33008EB381D3E345CEF37CBC046227DED26B36799EF4D9A7 ] C:\Windows\System32\drivers\dxgkrnl.sys

07:46:36.0681 0x0d74 C:\Windows\System32\drivers\dxgkrnl.sys - ok

07:46:36.0681 0x0d74 [ 1F04CFB79DD5FB7694468CE3FB3DCC31, A40C0BF6D1EC6C4281611A830EA7B22FEF523A3E197E5A8F59332D64E90376B6 ] C:\Windows\System32\drivers\dxgmms1.sys

07:46:36.0681 0x0d74 C:\Windows\System32\drivers\dxgmms1.sys - ok

07:46:36.0681 0x0d74 [ A6518DCC42F7A6E999BB3BEA8FD87567, 8A9AE992F93F37E0723761EA271A7E1AA8172702C471041A17324474FC96B9BC ] C:\Windows\System32\drivers\HECIx64.sys

07:46:36.0681 0x0d74 C:\Windows\System32\drivers\HECIx64.sys - ok

07:46:36.0681 0x0d74 [ 7B01F9E957AA6D7F8520BB9E229DF0E2, 309295AEF0C8B6AA39503F495297169D5E4B231DD9758D9F40F29B6987C9D212 ] C:\Windows\System32\drivers\usbehci.sys

07:46:36.0681 0x0d74 C:\Windows\System32\drivers\usbehci.sys - ok

07:46:36.0681 0x0d74 [ 4CFD8C18A0AC9C448263C6B8F12159D5, 9E8BE950F6B3D89E53CE10CF6A2D8CCB4E5270CCACA97DF8F4F7D84338D2503C ] C:\Windows\System32\drivers\usbport.sys

07:46:36.0681 0x0d74 C:\Windows\System32\drivers\usbport.sys - ok

07:46:36.0681 0x0d74 [ 97BFED39B6B79EB12CDDBFEED51F56BB, 3CF981D668FB2381E52AF2E51E296C6CFB47B0D62249645278479D0111A47955 ] C:\Windows\System32\drivers\hdaudbus.sys

07:46:36.0681 0x0d74 C:\Windows\System32\drivers\hdaudbus.sys - ok

07:46:36.0681 0x0d74 [ EE082E06A82FF630351D1E0EBBD3D8D0, 537F1A4108BDA72E8DD271466E7B7FCF39D4D55E4129AB35A409AB7AF2E7D219 ] C:\Windows\System32\drivers\Rt64win7.sys

07:46:36.0681 0x0d74 C:\Windows\System32\drivers\Rt64win7.sys - ok

07:46:36.0697 0x0d74 [ 7ECFF9B22276B73F43A99A15A6094E90, 62C70DA127F48F796F8897BBFA23AB6EB080CC923F0F091DFA384A93F5C90CA1 ] C:\Windows\System32\drivers\agilevpn.sys

07:46:36.0697 0x0d74 C:\Windows\System32\drivers\agilevpn.sys - ok

07:46:36.0697 0x0d74 [ 03EDB043586CCEBA243D689BDDA370A8, 0E4523AA332E242D5C2C61C5717DBA5AB6E42DADB5A7E512505FC2B6CC224959 ] C:\Windows\System32\drivers\CompositeBus.sys

07:46:36.0697 0x0d74 C:\Windows\System32\drivers\CompositeBus.sys - ok

07:46:36.0697 0x0d74 [ 8E98D21EE06192492A5671A6144D092F, B8F656B34D361EA5AFB47F3A67AB2221580DADA59C8CD0CB83181E4AD8B562B4 ] C:\Windows\System32\drivers\GEARAspiWDM.sys

07:46:36.0697 0x0d74 C:\Windows\System32\drivers\GEARAspiWDM.sys - ok

07:46:36.0697 0x0d74 [ ADA036632C664CAA754079041CF1F8C1, F2386CC09AC6DE4C54189154F7D91C1DB7AA120B13FAE8BA5B579ACF99FCC610 ] C:\Windows\System32\drivers\intelppm.sys

07:46:36.0697 0x0d74 C:\Windows\System32\drivers\intelppm.sys - ok

07:46:36.0697 0x0d74 [ 30639C932D9FEF22B31268FE25A1B6E5, 32873D95339600F6EEFA51847D12C563FF01F320DC59055B242FA2887C99F9D6 ] C:\Windows\System32\drivers\ndistapi.sys

07:46:36.0697 0x0d74 C:\Windows\System32\drivers\ndistapi.sys - ok

07:46:36.0697 0x0d74 [ 53F7305169863F0A2BDDC49E116C2E11, 881E9346D3C02405B7850ADC37E720990712EC9C666A0CE96E252A487FD2CE77 ] C:\Windows\System32\drivers\ndiswan.sys

07:46:36.0697 0x0d74 C:\Windows\System32\drivers\ndiswan.sys - ok

07:46:36.0697 0x0d74 [ 471815800AE33E6F1C32FB1B97C490CA, 27307265F743DE3A3A3EC1B2C472A3D85FDD0AEC458E0B1177593141EE072698 ] C:\Windows\System32\drivers\rasl2tp.sys

07:46:36.0697 0x0d74 C:\Windows\System32\drivers\rasl2tp.sys - ok

07:46:36.0697 0x0d74 [ 855C9B1CD4756C5E9A2AA58A15F58C25, A514F8A9C304D54BDA8DC60F5A64259B057EC83A1CAAF6D2B58CFD55E9561F72 ] C:\Windows\System32\drivers\raspppoe.sys

07:46:36.0697 0x0d74 C:\Windows\System32\drivers\raspppoe.sys - ok

07:46:36.0712 0x0d74 [ BC02336F1CBA7DCC7D1213BB588A68A5, 450C5BAD54CCE2AFCDFF1B6E7F8E1A8446D9D3255DF9D36C29A8F848048AAD93 ] C:\Windows\System32\drivers\kbdclass.sys

07:46:36.0712 0x0d74 C:\Windows\System32\drivers\kbdclass.sys - ok

07:46:36.0712 0x0d74 [ 7D27EA49F3C1F687D357E77A470AEA99, 7FE7CAF95959F127C6D932C01D539C06D80273C49A09761F6E8331C05B1A7EE7 ] C:\Windows\System32\drivers\mouclass.sys

07:46:36.0712 0x0d74 C:\Windows\System32\drivers\mouclass.sys - ok

07:46:36.0712 0x0d74 [ F92A2C41117A11A00BE01CA01A7FCDE9, 38ADC6052696D110CA5F393BC586791920663F5DA66934C2A824DDA9CD89C763 ] C:\Windows\System32\drivers\raspptp.sys

07:46:36.0712 0x0d74 C:\Windows\System32\drivers\raspptp.sys - ok

07:46:36.0712 0x0d74 [ E8B1E447B008D07FF47D016C2B0EEECB, FEC789F82B912F3E14E49524D40FEAA4373B221156F14045E645D7C37859258C ] C:\Windows\System32\drivers\rassstp.sys

07:46:36.0712 0x0d74 C:\Windows\System32\drivers\rassstp.sys - ok

07:46:36.0712 0x0d74 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D, 1DF3501BBFFB56C3ECC39DBCC4287D3302216C2208CE22428B8C4967E5DE9D17 ] C:\Windows\System32\drivers\rdpbus.sys

07:46:36.0712 0x0d74 C:\Windows\System32\drivers\rdpbus.sys - ok

07:46:36.0712 0x0d74 [ 24FBF5CC5C04150073C315A7C83521EE, 581BD5F15B5E57B3BAA762E421FFD859FDA46DDB8515C2A7AAFF208D784E906C ] C:\Windows\System32\drivers\ks.sys

07:46:36.0712 0x0d74 C:\Windows\System32\drivers\ks.sys - ok

07:46:36.0712 0x0d74 [ D01EC09B6711A5F8E7E6564A4D0FBC90, 3CB922291DBADC92B46B9E28CCB6810CD8CCDA3E74518EC9522B58B998E1F969 ] C:\Windows\System32\drivers\swenum.sys

07:46:36.0712 0x0d74 C:\Windows\System32\drivers\swenum.sys - ok

07:46:36.0728 0x0d74 [ DC54A574663A895C8763AF0FA1FF7561, 09A3F3597E91CBEB2F38E96E75134312B60CAE5574B2AD4606C2D3E992AEDDFE ] C:\Windows\System32\drivers\umbus.sys

07:46:36.0728 0x0d74 C:\Windows\System32\drivers\umbus.sys - ok

07:46:36.0728 0x0d74 [ 32D0297FB5B0D9EEB20ED5E7CF825725, 5A5881F4597909AE9D055FCD122FE4F5A301F84C5B46DAE704B688CCD2032618 ] C:\Windows\System32\drivers\usbd.sys

07:46:36.0728 0x0d74 C:\Windows\System32\drivers\usbd.sys - ok

07:46:36.0728 0x0d74 [ C3EC945DEC43C00E2AD4C98DDDD064C7, 4EEED3E6C35044D2614902041B15EC2C94FD16403B96D88B91FE87666FA754B8 ] C:\Windows\System32\drivers\usbrpm.sys

07:46:36.0728 0x0d74 C:\Windows\System32\drivers\usbrpm.sys - ok

dpchristi · November 21, 2013

07:46:36.0728 0x0d74 [ B4A73CA4EF9A02B9738CEA9AD5FE5917, B6A8086189FE2F1C3FE5B3F484FBA3DB2E5E1836F3154D30090F136C27D16166 ] C:\Windows\System32\drivers\vpchbus.sys

07:46:36.0728 0x0d74 C:\Windows\System32\drivers\vpchbus.sys - ok

07:46:36.0728 0x0d74 [ 5FB42082B0D19A0268705F1DD343DF20, 62F8EEE6A507CE6A8BD638020118D71B78332F79BA82654AB702AE46B04767D9 ] C:\Windows\System32\drivers\vpcusb.sys

07:46:36.0728 0x0d74 C:\Windows\System32\drivers\vpcusb.sys - ok

07:46:36.0728 0x0d74 [ 90C0E5CF8FD5C25B41E7C10473EDB6BD, CDE080D158B2DD689927B2AE752EA3369C39E7764F5592DC34F3C6D9DA51C5D4 ] C:\Windows\System32\drivers\usbhub.sys

07:46:36.0728 0x0d74 C:\Windows\System32\drivers\usbhub.sys - ok

07:46:36.0728 0x0d74 [ D8973E71F1B35CD3F3DEA7C12D49D0F0, 23CAE14BF9D7208CD2A0B2691B1A64313A24A23E6D70F40AA0572ED37E8B542C ] C:\Windows\System32\kernel32.dll

07:46:36.0728 0x0d74 C:\Windows\System32\kernel32.dll - ok

07:46:36.0728 0x0d74 [ 044FE45FFD6AD40E3BBBE60B7F41BABE, A1688A5E6E0F7037C850699462C2655006A7D873C97F9AB406C59D81749B6F09 ] C:\Windows\System32\nsi.dll

07:46:36.0728 0x0d74 C:\Windows\System32\nsi.dll - ok

07:46:36.0743 0x0d74 [ 4E4FFB09D895AA000DD56D1404F69A7E, D999E04BB35780088480EAB322176570591A21E311D204BDCAB010A63B34D24C ] C:\Windows\System32\Wldap32.dll

07:46:36.0743 0x0d74 C:\Windows\System32\Wldap32.dll - ok

07:46:36.0743 0x0d74 [ C431EAF5CAA1C82CAC2534A2EAB348A3, ADDF850128DC675E67FABA9A3D0D27E684F01F733962CA22927BB94503549E44 ] C:\Windows\System32\msctf.dll

07:46:36.0743 0x0d74 C:\Windows\System32\msctf.dll - ok

07:46:36.0743 0x0d74 [ 796B47A4B82EF1C39F13435B88834C48, AFC3E89476BAAD8A71663F0DB8D15E00FF9D131F1306A2F69D728E3AD1184602 ] C:\Windows\System32\lpk.dll

07:46:36.0743 0x0d74 C:\Windows\System32\lpk.dll - ok

07:46:36.0743 0x0d74 [ C06B32165E23A72A898B7A89679AD754, 721405158F6E9F1A7FE7BB33EF642D91332726629D0D3B07DF3CF3152A91C85D ] C:\Windows\System32\oleaut32.dll

07:46:36.0743 0x0d74 C:\Windows\System32\oleaut32.dll - ok

07:46:36.0743 0x0d74 [ EAF32CB8C1F810E4715B4DFBE785C7FF, DB6AD07FDED42433E669508AB73FAFF6DAFF04575D6F1D016FE3EB6ECEC4DD5D ] C:\Windows\System32\shlwapi.dll

07:46:36.0743 0x0d74 C:\Windows\System32\shlwapi.dll - ok

07:46:36.0743 0x0d74 [ AD662B34B161198B9D66A564EDDA7D43, 335807AA4E88234BF2C639781E92D0DBC41D973754D61AB1DA6C8BA4E108AEBD ] C:\Windows\System32\shell32.dll

07:46:36.0743 0x0d74 C:\Windows\System32\shell32.dll - ok

07:46:36.0743 0x0d74 [ 015C0D8E0E0421B4CFD48CFFE2825879, 4242E2D42CCFC859B2C0275C5331798BC0BDA68E51CF4650B6E64B1332071023 ] C:\Windows\System32\drivers\ndproxy.sys

07:46:36.0743 0x0d74 C:\Windows\System32\drivers\ndproxy.sys - ok

07:46:36.0743 0x0d74 [ E6CB36B85BE59095337427E853A5B65A, 5E02299FE1805CF79330971C59F116DD560244DE9A0BED4A2DB8791C8C1E93DF ] C:\Windows\System32\wininet.dll

07:46:36.0743 0x0d74 C:\Windows\System32\wininet.dll - ok

07:46:36.0759 0x0d74 [ 9835E63E09F824D22B689D2BB789BAB9, 5BCFFAFB894D69FBCDDB91E64D30A356F4BD57098E8B4C51B98AFAF6581BDB63 ] C:\Windows\System32\comdlg32.dll

07:46:36.0759 0x0d74 C:\Windows\System32\comdlg32.dll - ok

07:46:36.0759 0x0d74 [ 5D8E6C95156ED1F79A63D1EADE6F9ED5, 12130837D7F89A2C7E9D25747A8E5B9001E0A38D545178B49B450C23AE62664A ] C:\Windows\System32\setupapi.dll

07:46:36.0759 0x0d74 C:\Windows\System32\setupapi.dll - ok

07:46:36.0759 0x0d74 [ 56325BB1FF19F2A5AC8713756AC41140, B2124E57783312EE37D2621E689D8FB4C43A04BDBD4F481225C21038605A28CE ] C:\Windows\System32\gdi32.dll

07:46:36.0759 0x0d74 C:\Windows\System32\gdi32.dll - ok

07:46:36.0759 0x0d74 [ 5C855932E4DF00B1B6F5F6F57E82B6C5, 6E33BC6E079E883837DA7E625DDFC71A3757B9F15C97A46D405823E1FE45932C ] C:\Windows\System32\drivers\CHDRT64.sys

07:46:36.0759 0x0d74 C:\Windows\System32\drivers\CHDRT64.sys - ok

07:46:36.0759 0x0d74 [ 21D26064AEDB4988F785BB4A3A2C051E, F6FA2CA351B24DA19645EB542596C82F9A68D84CC7CCFE6F9FC15CE2CE4D1961 ] C:\Windows\System32\drivers\drmk.sys

07:46:36.0759 0x0d74 C:\Windows\System32\drivers\drmk.sys - ok

07:46:36.0759 0x0d74 [ 32E11315B5126921FFD9074840EF13D3, FC7C0E1CC447FDD89C0FA5EBFD04CCEABFB27751AB57A7176F12BD0D35306E1C ] C:\Windows\System32\drivers\portcls.sys

07:46:36.0759 0x0d74 C:\Windows\System32\drivers\portcls.sys - ok

07:46:36.0759 0x0d74 [ FC727061C0F47C8059E88E05D5C8E381, C7A3782F5D86C7FDE57AA1F2EE81638C5FC3072ACC6E572BA2EC7B3CFF389800 ] C:\Windows\System32\drivers\IntcDAud.sys

07:46:36.0759 0x0d74 C:\Windows\System32\drivers\IntcDAud.sys - ok

07:46:36.0759 0x0d74 [ 6869281E78CB31A43E969F06B57347C4, 866A23E69B32A78D378D6CB3B3DA3695FFDFF0FEC3C9F68C8C3F988DF417044B ] C:\Windows\System32\drivers\ksthunk.sys

07:46:36.0759 0x0d74 C:\Windows\System32\drivers\ksthunk.sys - ok

07:46:36.0775 0x0d74 [ 092F3E7D054FDF779054E29A0A0D4267, 55E249042D824D3D2F3801814881928EDA03F0091E7EEF579FF664CD9D2D483C ] C:\Windows\System32\iertutil.dll

07:46:36.0775 0x0d74 C:\Windows\System32\iertutil.dll - ok

07:46:36.0775 0x0d74 [ 43D9CE875F8FC8370C6BA2F74D50D01C, 331381A17331EE56F22E3E535068F95CDBC2EB8C1FFD2D3C9FF43F24A54CC2E4 ] C:\Windows\System32\urlmon.dll

07:46:36.0775 0x0d74 C:\Windows\System32\urlmon.dll - ok

07:46:36.0775 0x0d74 [ 83404DCBCE4925B6A5A77C5170F46D86, D669614D0B4461DB244AD99FBE1BA92CEB9B4ED5EC8E987E23764E77D9AC7074 ] C:\Windows\System32\sechost.dll

07:46:36.0775 0x0d74 C:\Windows\System32\sechost.dll - ok

07:46:36.0775 0x0d74 [ 6C60B5ACA7442EFB794082CDACFC001C, FC1D9124856A70FF232EF3057D66BEE803295847624CE23B4D0217F23AF52C75 ] C:\Windows\System32\ole32.dll

07:46:36.0775 0x0d74 C:\Windows\System32\ole32.dll - ok

07:46:36.0775 0x0d74 [ C391FC68282A000CDF953F8B6B55D2EF, 1CB0DAB84545D9FDEA5A7865A1E7132CEAC91DECF8B100285B63098D7B09E584 ] C:\Windows\System32\msvcrt.dll

07:46:36.0775 0x0d74 C:\Windows\System32\msvcrt.dll - ok

07:46:36.0775 0x0d74 [ DBF99FD9CAF75CA66D042BD8D050FF71, D11A863EAEDE80A731FD7A63F744E518D3921043CC3982BAA87992F9E82F044F ] C:\Windows\System32\usp10.dll

07:46:36.0775 0x0d74 C:\Windows\System32\usp10.dll - ok

07:46:36.0775 0x0d74 [ AA2C08CE85653B1A0D2E4AB407FA176C, 83DFD0C119B20AEDB07114C9D1CF9CE2DFA938D0F1070256B0591A9E2C3997FA ] C:\Windows\System32\imm32.dll

07:46:36.0775 0x0d74 C:\Windows\System32\imm32.dll - ok

07:46:36.0775 0x0d74 [ D87E1E59C73C1F98D5DED5B3850C40F5, 536419BFF9F877D4314B5D0C045D9A6E729489C389863FADF07E382050BC84FD ] C:\Windows\System32\psapi.dll

07:46:36.0775 0x0d74 C:\Windows\System32\psapi.dll - ok

07:46:36.0790 0x0d74 [ 26036E228D2467DE6975AD819C22C043, B4A30EC7ABAEFFF55DE662F4A17415F2BD737BD563215638C86C580B8F3EA907 ] C:\Windows\System32\rpcrt4.dll

07:46:36.0790 0x0d74 C:\Windows\System32\rpcrt4.dll - ok

07:46:36.0790 0x0d74 [ 4BBFA57F594F7E8A8EDC8F377184C3F0, 9F3AC5DEA5A6250C3DBB97AF79C81C0A48429486521F807355A1D7D3D861B75F ] C:\Windows\System32\ws2_32.dll

07:46:36.0790 0x0d74 C:\Windows\System32\ws2_32.dll - ok

07:46:36.0790 0x0d74 [ 25983DE69B57142039AC8D95E71CD9C9, A677DA7EBCBCB6073D27E8A38809F51E971E83ED379BC599AAAD6EF4216348DA ] C:\Windows\System32\clbcatq.dll

07:46:36.0790 0x0d74 C:\Windows\System32\clbcatq.dll - ok

07:46:36.0790 0x0d74 [ 63A580C88CFAF72A92550940054569EF, A66C89123D1833446ACC31D5CF536B0D0EC24D2F805C022A637596CF98429D9F ] C:\Windows\System32\advapi32.dll

07:46:36.0790 0x0d74 C:\Windows\System32\advapi32.dll - ok

07:46:36.0790 0x0d74 [ FE70103391A64039A921DBFFF9C7AB1B, F7D219D75037BC98F6C69143B00AB6000A31F8B5E211E0AF514F4F4B681522A0 ] C:\Windows\System32\user32.dll

07:46:36.0790 0x0d74 C:\Windows\System32\user32.dll - ok

07:46:36.0790 0x0d74 [ F7CE0C81C545364020ED8203CF0A633E, 24B47A7492B7048096AF87E26786E8108455ADBD1A374B6A0466DE008505B8A9 ] C:\Windows\System32\difxapi.dll

07:46:36.0790 0x0d74 C:\Windows\System32\difxapi.dll - ok

07:46:36.0790 0x0d74 [ A1BE6A720D02E37F72E9CD89AE9CB3CF, 80721B622AC1EEF1F534B9C8948E2226B733123B14ABE63894D5788E4F0D6B8B ] C:\Windows\System32\imagehlp.dll

07:46:36.0790 0x0d74 C:\Windows\System32\imagehlp.dll - ok

07:46:36.0790 0x0d74 [ 28C0B5024F5C5A438E78B188CFC81B7F, AB81FB63F2908CE316B45609077ACBD85F4B2AAD1606B1E9030F06DB82EDDFAD ] C:\Windows\System32\normaliz.dll

07:46:36.0790 0x0d74 C:\Windows\System32\normaliz.dll - ok

07:46:36.0806 0x0d74 [ 64A4AB126E24FD3F58EBE64852773DB5, ED425BBC91EB8BEF54C363036A770C551C97EF324F1AE31049CA750D0E2D6776 ] C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll

07:46:36.0806 0x0d74 C:\Windows\System32\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok

07:46:36.0806 0x0d74 [ B22C00ED0491FD7B8803D7DDE2849F4C, 11AB01BF17A4130A3C4EF493A42406DF106B0923DD6DCBFF5958F5C886B9DA93 ] C:\Windows\System32\KernelBase.dll

07:46:36.0806 0x0d74 C:\Windows\System32\KernelBase.dll - ok

07:46:36.0806 0x0d74 [ F49E92B50CED5C9F1725D3C0329FD933, 6155FA4D8242F07FC578FF746890C2EE19FC3D6A20ED8AE4C6F021DB2DAC184F ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll

07:46:36.0806 0x0d74 C:\Windows\System32\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok

07:46:36.0806 0x0d74 [ 780F6ECC4F55D76C9730E6B6C9B31913, 1AEA642AFA210A672A92AAA49CFDE52D9E48ED41248F7644FAADE760E8A0E72E ] C:\Windows\System32\crypt32.dll

07:46:36.0806 0x0d74 C:\Windows\System32\crypt32.dll - ok

07:46:36.0806 0x0d74 [ 486D22007426F10779C6351D305E9E43, 4796A017092DBDBCC8E282B36F89219944321B5279C88E369C0CFFF8CDC97742 ] C:\Windows\System32\drivers\mfeavfk.sys

07:46:36.0806 0x0d74 C:\Windows\System32\drivers\mfeavfk.sys - ok

07:46:36.0806 0x0d74 [ AFC3DB5C6EB8CA8017DDB81D6C0AD02A, 445C2857398252756FD25BB94DAFCCEFF573DE55F1F8BF9094C191F409FE6437 ] C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll

07:46:36.0806 0x0d74 C:\Windows\System32\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok

07:46:36.0806 0x0d74 [ 72723D3E4781BADC62C3180C137E7B23, 0BDA5292928578C5DA79C761E15B8A892B9D4A3DA26D3635E714797C653CF492 ] C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll

07:46:36.0806 0x0d74 C:\Windows\System32\api-ms-win-downlevel-user32-l1-1-0.dll - ok

07:46:36.0821 0x0d74 [ 9094039A00485F71C4DE64BF51F64C46, 4ACFEF4C747ADF806A4FDEDDFD9CC48168DFB05075306C77D3F3927749DD7484 ] C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll

07:46:36.0821 0x0d74 C:\Windows\System32\api-ms-win-downlevel-version-l1-1-0.dll - ok

07:46:36.0821 0x0d74 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\System32\comctl32.dll

07:46:36.0821 0x0d74 C:\Windows\System32\comctl32.dll - ok

07:46:36.0821 0x0d74 [ 06FEC9E8117103BB1141A560E98077DA, C5E61B11DDBBBBBA3D9488970524F0975EA5FBDF16E2FA31F579F8BFA48353B1 ] C:\Windows\System32\devobj.dll

07:46:36.0821 0x0d74 C:\Windows\System32\devobj.dll - ok

07:46:36.0821 0x0d74 [ 959041D7014C97133D859B45BCA0FC58, 282D34828DA7404470949483CB9789A8B4861D188093F0FBD07138A37F60B94B ] C:\Windows\System32\wintrust.dll

07:46:36.0821 0x0d74 C:\Windows\System32\wintrust.dll - ok

07:46:36.0821 0x0d74 [ 0E6FBF19D9DFBB77316C23DF91F8A101, 680F88E1BC55EA3342AACE6F2E3511BF877AC8F03276D028FEE84EEFE8B5611A ] C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll

07:46:36.0821 0x0d74 C:\Windows\System32\api-ms-win-downlevel-ole32-l1-1-0.dll - ok

07:46:36.0821 0x0d74 [ 2477A28081BDAEE622CF045ACF8EE124, 00A09CAF9129E84FEEA98FA03CE9012C9F961B64FEE15C4F268822C0F82ACC3C ] C:\Windows\System32\cfgmgr32.dll

07:46:36.0821 0x0d74 C:\Windows\System32\cfgmgr32.dll - ok

07:46:36.0821 0x0d74 [ 884415BD4269C02EAF8E2613BF85500D, EFE771709EC942694FD206AC8D0A48ED7DCD35036F074268E4AECD68AC982CEA ] C:\Windows\System32\msasn1.dll

07:46:36.0821 0x0d74 C:\Windows\System32\msasn1.dll - ok

07:46:36.0821 0x0d74 [ 9C278785347BCC991F8EA2999D90F58D, EA680C3642A6ABF627415AEE019956FAC702DC6A8F4B4D0FC8A4FB21EADD3896 ] C:\Windows\SysWOW64\normaliz.dll

07:46:36.0821 0x0d74 C:\Windows\SysWOW64\normaliz.dll - ok

07:46:36.0837 0x0d74 [ DFDDC10E9666DBFDB8F2E827B7C2DCE4, 7CCE610BAE3C8BBA59A90B840782C0F9DFDC82AFABA9E9AB5F78C02F7CADB8FA ] C:\Windows\System32\drivers\mfefirek.sys

07:46:36.0837 0x0d74 C:\Windows\System32\drivers\mfefirek.sys - ok

07:46:36.0837 0x0d74 [ 73A92690FF5CFFE5A741912311AA1A6C, 52B6DACF023A704785D2F346F61D5896DF1E06C1ED37540741227333C4BE921A ] C:\Windows\System32\drivers\mfencbdc.sys

07:46:36.0837 0x0d74 C:\Windows\System32\drivers\mfencbdc.sys - ok

07:46:36.0837 0x0d74 [ BF24D6F2ED97FE830BFD52B246F98E67, 6BBF4C4221A245462EF653798F6B416EEB12594AD1CB4E8BC8908A8CB2F53384 ] C:\Windows\System32\drivers\dxapi.sys

07:46:36.0837 0x0d74 C:\Windows\System32\drivers\dxapi.sys - ok

07:46:36.0837 0x0d74 [ 19320B121BFE7462EADD50A42C81AFD0, 410C34396C52DD3D915915DF49664AAE11090CE85A840E1853EBDB101A9ED745 ] C:\Windows\System32\win32k.sys

07:46:36.0837 0x0d74 C:\Windows\System32\win32k.sys - ok

07:46:36.0837 0x0d74 [ 216BABD555BC550952320EEA89C25DDF, 1BBB92415280032CD18F361382A69D0D91266AAD56FC88A99C804B0053743D72 ] C:\Windows\System32\csrsrv.dll

07:46:36.0837 0x0d74 C:\Windows\System32\csrsrv.dll - ok

07:46:36.0837 0x0d74 [ 60C2862B4BF0FD9F582EF344C2B1EC72, CB1C6018FC5C15483AC5BB96E5C2E2E115BB0C0E1314837D77201BAB37E8C03A ] C:\Windows\System32\csrss.exe

07:46:36.0837 0x0d74 C:\Windows\System32\csrss.exe - ok

07:46:36.0837 0x0d74 [ BA0CD8C393E8C9F83354106093832C7B, 18D8A4780A2BAA6CEF7FBBBDA0EF6BF2DADF146E1E578A618DD5859E8ADBF1A8 ] C:\Windows\System32\basesrv.dll

07:46:36.0837 0x0d74 C:\Windows\System32\basesrv.dll - ok

07:46:36.0837 0x0d74 [ 88EDD0B34EED542745931E581AD21A32, DC2B93E1CEF5B0BCEE08D72669BB0F3AD0E8E6E75BDC08858407ED92F6FFA031 ] C:\Windows\System32\winsrv.dll

07:46:36.0837 0x0d74 C:\Windows\System32\winsrv.dll - ok

07:46:36.0853 0x0d74 [ B03D591DC7DA45ECE20B3B467E6AADAA, 701FB0CAD8138C58507BE28845D3E24CE269A040737C29885944A0D851238732 ] C:\Windows\System32\drivers\monitor.sys

07:46:36.0853 0x0d74 C:\Windows\System32\drivers\monitor.sys - ok

07:46:36.0853 0x0d74 [ 30353DDFC28C4F1EF4464DCEF994D678, FB17DF4013675061AEC0A0E7ADD0B4D07CF509B842095FAFDD7BC8C9BABDA1A5 ] C:\Windows\System32\drivers\usbccgp.sys

07:46:36.0853 0x0d74 C:\Windows\System32\drivers\usbccgp.sys - ok

07:46:36.0853 0x0d74 [ 73188F58FB384E75C4063D29413CEE3D, B485463933306036B1D490722CB1674DC85670753D79FA0EF7EBCA7BBAAD9F7C ] C:\Windows\System32\drivers\usbprint.sys

07:46:36.0853 0x0d74 C:\Windows\System32\drivers\usbprint.sys - ok

07:46:36.0853 0x0d74 [ 9661DA76B4531B2DA272ECCE25A8AF24, FEA93254A21E71A7EB8AD35FCCAD2C1E41F7329EC33B1734F5B41307A34D8637 ] C:\Windows\System32\drivers\usbscan.sys

07:46:36.0853 0x0d74 C:\Windows\System32\drivers\usbscan.sys - ok

07:46:36.0853 0x0d74 [ FED648B01349A3C8395A5169DB5FB7D6, DC4D7594C24ADD076927B9347F1B50B91CF03A4ABDB284248D5711D9C19DEB96 ] C:\Windows\System32\drivers\USBSTOR.SYS

07:46:36.0853 0x0d74 C:\Windows\System32\drivers\USBSTOR.SYS - ok

07:46:36.0853 0x0d74 [ 597C3699384E53CC59587ED50CCE5CA2, 4F61E9B5BEB3BD1634D733983381E516664BD7E250DF4B0150B168E05EFD652A ] C:\Windows\System32\drivers\hidclass.sys

07:46:36.0853 0x0d74 C:\Windows\System32\drivers\hidclass.sys - ok

07:46:36.0853 0x0d74 [ 856E76B3641746ABBC2946BED1372098, FD93CC7F72560F72CA49AD5609C079E25B8A3A4802E72B127B63A9E7B4884710 ] C:\Windows\System32\drivers\hidparse.sys

07:46:36.0853 0x0d74 C:\Windows\System32\drivers\hidparse.sys - ok

07:46:36.0853 0x0d74 [ 9592090A7E2B61CD582B612B6DF70536, FD11D5E02C32D658B28FCC35688AB66CCB5D3A0A0D74C82AE0F0B6C67B568A0F ] C:\Windows\System32\drivers\hidusb.sys

07:46:36.0853 0x0d74 C:\Windows\System32\drivers\hidusb.sys - ok

07:46:36.0868 0x0d74 [ 0705EFF5B42A9DB58548EEC3B26BB484, 86C6824ED7ED6FA8F306DB6319A0FD688AA91295AE571262F9D8E96A32225E99 ] C:\Windows\System32\drivers\kbdhid.sys

07:46:36.0868 0x0d74 C:\Windows\System32\drivers\kbdhid.sys - ok

07:46:36.0868 0x0d74 [ F29FE765E1448EF371CFE05BFAC74ADB, F251581222D78543272FD4B14A6A59F4B0E0CC44A5FCBCF56DE4CA5783F78A75 ] C:\Windows\System32\tsddd.dll

07:46:36.0868 0x0d74 C:\Windows\System32\tsddd.dll - ok

07:46:36.0868 0x0d74 [ 2C942733A5983DD4502219FF37C7EBC7, 34B20B6B0D7274E4B5B783F1D2345BC3DD9888964D5C2C65712F041A00CF5B45 ] C:\Windows\System32\profapi.dll

07:46:36.0868 0x0d74 C:\Windows\System32\profapi.dll - ok

07:46:36.0868 0x0d74 [ D6160F9D869BA3AF0B787F971DB56368, 0033E6212DD8683E4EE611B290931FDB227B4795F0B17C309DC686C696790529 ] C:\Windows\System32\sxssrv.dll

07:46:36.0868 0x0d74 C:\Windows\System32\sxssrv.dll - ok

07:46:36.0868 0x0d74 [ 94355C28C1970635A31B3FE52EB7CEBA, C4E98F07170CEC69CACDD5CEDB8927E48A2A299CB1B8CDA87526E768AF6174F0 ] C:\Windows\System32\wininit.exe

07:46:36.0868 0x0d74 C:\Windows\System32\wininit.exe - ok

07:46:36.0868 0x0d74 [ 78523A26F5604C0568FE9D1CE86E36F4, 534A7228BF69719106F581616A32EAEF0B770DDB36DCE94F84E7D52FDB1382B5 ] C:\Windows\System32\KBDUS.DLL

07:46:36.0868 0x0d74 C:\Windows\System32\KBDUS.DLL - ok

07:46:36.0868 0x0d74 [ C2A8CB1275ECB85D246A9ECC02A728E3, 3603FADCA0060BD201148F9D59E4E2627F024609A6463AB525B5D1AD17BDCD10 ] C:\Windows\System32\RpcRtRemote.dll

07:46:36.0868 0x0d74 C:\Windows\System32\RpcRtRemote.dll - ok

07:46:36.0868 0x0d74 [ 943F527DF79E6B400104341AA7023C75, 53C7B9426181D3D172E6B1A07E6DF8A0CB8FCA27D3A03CE5F544D3209B5F4651 ] C:\Windows\System32\cdd.dll

07:46:36.0868 0x0d74 C:\Windows\System32\cdd.dll - ok

07:46:36.0884 0x0d74 [ 9CEAD32E79A62150FE9F8557E58E008B, AFE4C1725EE94D7DE0749AE1495A4E5CC33C369F29B2A589DA66FFE27FF9777E ] C:\Windows\System32\sxs.dll

07:46:36.0884 0x0d74 C:\Windows\System32\sxs.dll - ok

07:46:36.0884 0x0d74 [ B26B1801356760841C3BC69F9F91537F, 83B9DF333E36C09E81D44E12AE5BE14650126FDA0CF4A0EA853BF40C5780EF81 ] C:\Windows\System32\WlS0WndH.dll

07:46:36.0884 0x0d74 C:\Windows\System32\WlS0WndH.dll - ok

07:46:36.0884 0x0d74 [ 784FA3DF338E2E8F5F0389D6FAC428AF, 9C8AA0CFDEB9E38AAF8EB08626070E0F0364F4F8A793CFE3532EC6C007980C34 ] C:\Windows\System32\cryptbase.dll

07:46:36.0884 0x0d74 C:\Windows\System32\cryptbase.dll - ok

07:46:36.0884 0x0d74 [ 90499F3163A9F815CF196A205EA3CD5D, 29B4ED3795CEC1177EB367132914CE21C194CDEC5DB9DC923FD928C85E94D821 ] C:\Windows\System32\apphelp.dll

07:46:36.0884 0x0d74 C:\Windows\System32\apphelp.dll - ok

07:46:36.0884 0x0d74 [ 086F906B1D30C0A5D35FE0F6362DAB21, C4C8CD9C60C6426E0402A4BE1D30CE30792D0A5FE1057266467E0C143DD1050C ] C:\Windows\System32\lsasrv.dll

07:46:36.0884 0x0d74 C:\Windows\System32\lsasrv.dll - ok

07:46:36.0884 0x0d74 [ 4D71227301DD8D09097B9E4CC6527E5A, 193D47ADCB722B581CC0F29B794AB3E455B6E9BEA367CE9A5216A09E055B7F1E ] C:\Windows\System32\lsass.exe

07:46:36.0884 0x0d74 C:\Windows\System32\lsass.exe - ok

07:46:36.0884 0x0d74 [ 9662EE182644511439F1C53745DC1C88, D205B2C163E78AB42A5D67D7664EF6B75EA0374FF0924467D624F9DB0611F0AD ] C:\Windows\System32\lsm.exe

07:46:36.0884 0x0d74 C:\Windows\System32\lsm.exe - ok

07:46:36.0884 0x0d74 [ E914A50A151DFFE63D3935226DB5E2C1, 7DCCE4060344E1C771679F1C20378A0BEB3C1F06DB684072F07B98921A62A299 ] C:\Windows\System32\scext.dll

07:46:36.0884 0x0d74 C:\Windows\System32\scext.dll - ok

07:46:36.0899 0x0d74 [ 208EAAFF40DA400190AA0605C797BEA2, 24C349881E7102267D1648F9CA6A9AF871F1CAA3290AC96CEABCC3724D833C5B ] C:\Windows\System32\secur32.dll

07:46:36.0899 0x0d74 C:\Windows\System32\secur32.dll - ok

07:46:36.0899 0x0d74 [ 24ACB7E5BE595468E3B9AA488B9B4FCB, 63541E3432FCE953F266AE553E7A394978D6EE3DB52388D885F668CF42C5E7E2 ] C:\Windows\System32\services.exe

07:46:36.0899 0x0d74 C:\Windows\System32\services.exe - ok

07:46:36.0899 0x0d74 [ B08EA91C774AA734E0B9881F85CD9F42, C0757F98D190D426EBF5B0B6C151BFFD0A128344BAA4A1BA36DB28C16BB4A0F2 ] C:\Windows\System32\sspicli.dll

07:46:36.0899 0x0d74 C:\Windows\System32\sspicli.dll - ok

07:46:36.0899 0x0d74 [ 7C46EC9CCDE6E793713FA01DB2EB918E, 36647EF5E68B39A972AE2EDBE446F4CCC59ADAC5C4C172F2A66D79139E66BB30 ] C:\Windows\System32\sspisrv.dll

07:46:36.0899 0x0d74 C:\Windows\System32\sspisrv.dll - ok

07:46:36.0899 0x0d74 [ BBCDF350817BA86416C0F06B6981BE8D, D064438F97852B9BD6015C8B19377C61C671E0969E09506B8359FE7B1F373A61 ] C:\Windows\System32\scesrv.dll

07:46:36.0899 0x0d74 C:\Windows\System32\scesrv.dll - ok

07:46:36.0899 0x0d74 [ 68083118797CAF30FB2EA3E71494D67E, 5F1BCDFCB00A20CD60CBC70A2FD97405EF0F7173DD0E404BBA7B06D39DB37364 ] C:\Windows\System32\sysntfy.dll

07:46:36.0899 0x0d74 C:\Windows\System32\sysntfy.dll - ok

07:46:36.0899 0x0d74 [ 1151B1BAA6F350B1DB6598E0FEA7C457, B1506E0A7E826EFF0F5252EF5026070C46E2235438403A9A24D73EE69C0B8A49 ] C:\Windows\System32\winlogon.exe

07:46:36.0899 0x0d74 C:\Windows\System32\winlogon.exe - ok

07:46:36.0899 0x0d74 [ DEE7267C5D232A3B816866872CE199E6, A1994FD37667C52E7CBF873514C190DA61A3D1349786D187BFAE0006F61799AE ] C:\Windows\System32\wmsgapi.dll

07:46:36.0899 0x0d74 C:\Windows\System32\wmsgapi.dll - ok

07:46:36.0915 0x0d74 [ 0D9764D58C5EFD672B7184854B152E5E, 9827B43DABBEC39AB2E2294408D9C5304EF27A684903C5234C6070387723D49E ] C:\Windows\System32\winsta.dll

07:46:36.0915 0x0d74 C:\Windows\System32\winsta.dll - ok

07:46:36.0915 0x0d74 [ D3BF052C40B0C4166D9FD86A4288C1E6, 5E65264354CD94E844BF1838CA1B8E49080EFA34605A32CF2F6A47A2B97FC183 ] C:\Windows\System32\drivers\mouhid.sys

07:46:36.0915 0x0d74 C:\Windows\System32\drivers\mouhid.sys - ok

07:46:36.0915 0x0d74 [ A744BA6E04C8AA4592818178DBF89521, 9E7C85D842DF16F9B8FED7B06AF309B5ECCBFD465F5552347D4C3F1FEFDC6F7A ] C:\Windows\System32\samsrv.dll

07:46:36.0915 0x0d74 C:\Windows\System32\samsrv.dll - ok

07:46:36.0915 0x0d74 [ 3A9C9BAF610B0DD4967086040B3B62A9, E8E9A0F42B1EE7806EDCEED08AA024D037215D06CA317E3678BD5364AD513D23 ] C:\Windows\System32\srvcli.dll

07:46:36.0915 0x0d74 C:\Windows\System32\srvcli.dll - ok

07:46:36.0915 0x0d74 [ 2D066FBE63F7026C43C662C094B98076, CDAB0E3F24A0AEC4FBFA68EB3E6F80AA86C15AC9080F27216E386CE829C3DF10 ] C:\Windows\System32\bridgeres.dll

07:46:36.0915 0x0d74 C:\Windows\System32\bridgeres.dll - ok

07:46:36.0915 0x0d74 [ 3A061472B38233BAFF9CFEFF2E49C46B, DF29B14C8D22A8A16AA336A09A6152E2C7FCA6CAF4E76F0C5DCB55BEF9D00515 ] C:\Windows\System32\cryptdll.dll

07:46:36.0915 0x0d74 C:\Windows\System32\cryptdll.dll - ok

07:46:36.0915 0x0d74 [ 3C073B0C596A0AF84933E7406766B040, 4698BBA678F553E15AD4B07AD7FB236281F872DEFEE97BFD637114476C8F97B3 ] C:\Windows\System32\wevtapi.dll

07:46:36.0915 0x0d74 C:\Windows\System32\wevtapi.dll - ok

07:46:36.0931 0x0d74 [ 7FBEBD2229EA5FD48D41B199EC2D541C, A465975D445A8D50CAF3EF29BD33354B320D11173C127BE30D5EBBFF7008CDCE ] C:\Windows\System32\authz.dll

07:46:36.0931 0x0d74 C:\Windows\System32\authz.dll - ok

07:46:36.0931 0x0d74 [ 86FE1B1F8FD42CD0DB641AB1CDB13093, 8C4BB4415105CE82FFFE658879EAE9D259A24C0F6DFC7D25507352DC99241BE2 ] C:\Windows\System32\cngaudit.dll

07:46:36.0931 0x0d74 C:\Windows\System32\cngaudit.dll - ok

07:46:36.0931 0x0d74 [ B9A95365E52F421A20E1501935FADDA5, DDB4CB575139233EFAF2C59B7E9B04AF36BBCCC63190181F3B2A7E6BFC86E77E ] C:\Windows\System32\bcrypt.dll

07:46:36.0931 0x0d74 C:\Windows\System32\bcrypt.dll - ok

07:46:36.0931 0x0d74 [ 747B9BA5412422F27934CB21131F0A3E, 2441F925C3B46A15141A0A1E1AA9DFCCA2891D823D55C6E6DA0E30C2DE3A7341 ] C:\Windows\System32\ncrypt.dll

07:46:36.0931 0x0d74 C:\Windows\System32\ncrypt.dll - ok

07:46:36.0931 0x0d74 [ E8B1FE6669397D1772D8196DF0E57A9E, 39FE0819360719F756BD31A1884A0508A1E2371ACC723E25E005CBEC0A7B02FA ] C:\Windows\System32\wscsvc.dll

07:46:36.0931 0x0d74 C:\Windows\System32\wscsvc.dll - ok

07:46:36.0931 0x0d74 [ 02B64609F865A39365FF88580DF11738, 2F676B93898E1B6131AF6227BB7AB731EB9C29477F9BD4C2C60F0FC1E35CD968 ] C:\Windows\System32\msprivs.dll

07:46:36.0931 0x0d74 C:\Windows\System32\msprivs.dll - ok

07:46:36.0931 0x0d74 [ C6505DE3561537BA1004D638C2F93F2F, 3E4FDF374B1A9E43A8F61FD2D79E0515390ECABFDAF72C4BD44A7B6429039AF6 ] C:\Windows\System32\netjoin.dll

07:46:36.0931 0x0d74 C:\Windows\System32\netjoin.dll - ok

07:46:36.0931 0x0d74 [ 50532FCD7ECF02DD169CE5C485F02534, 8EE5D9D0EA53DC72BCC300692E521ACADD56AB09BFA3E78149D8B5A90648512C ] C:\Windows\System32\negoexts.dll

07:46:36.0931 0x0d74 C:\Windows\System32\negoexts.dll - ok

07:46:36.0946 0x0d74 [ 44E1A196DFCB53B01FE4B855C3B56A15, EDC31276EC325B642D07EE79F6E9021CBB7F8AFC32F9A408C91844175BF6B6E2 ] C:\Windows\System32\kerberos.dll

07:46:36.0946 0x0d74 C:\Windows\System32\kerberos.dll - ok

07:46:36.0946 0x0d74 [ D0C2FBB6D97416B0166478FC7AE2B212, 7EAB6C37F0A845E645CA44CC060AC6C56E386C7EF7A64716C6786C9602AD8C9D ] C:\Windows\System32\cryptsp.dll

07:46:36.0946 0x0d74 C:\Windows\System32\cryptsp.dll - ok

07:46:36.0946 0x0d74 [ 9A9F9F1A77D6A80EE28B57664F00013E, 0D441638E086EF1342FCDC43E826BF9E9CC6B2E8AE100D89BFC70163F987DE91 ] C:\Windows\System32\mswsock.dll

07:46:36.0946 0x0d74 C:\Windows\System32\mswsock.dll - ok

07:46:36.0946 0x0d74 [ EF12B8385AA2849999008A977918F96B, ADEF9F5D2B0C2A30CB1B395C774E7FE75437135A09D3D4E6F97EE8656CE139B4 ] C:\Windows\System32\msv1_0.dll

07:46:36.0946 0x0d74 C:\Windows\System32\msv1_0.dll - ok

07:46:36.0946 0x0d74 [ EC7CBFF96B05ECF3D366355B3C64ADCF, F69ED45EBEDCA9CF000AC03281F0EC2C351F98513FBA90E63394E4E561D6C7A2 ] C:\Windows\System32\wship6.dll

07:46:36.0946 0x0d74 C:\Windows\System32\wship6.dll - ok

07:46:36.0946 0x0d74 [ AA339DD8BB128EF66660DFBBB59043D3, 76D9F849AFDDA38E04549EB67B4163478776F1B6EF46434168278F84FEB8FC5C ] C:\Windows\System32\netlogon.dll

07:46:36.0946 0x0d74 C:\Windows\System32\netlogon.dll - ok

07:46:36.0946 0x0d74 [ 492D07D79E7024CA310867B526D9636D, F2FE647AB85C6C3C1AA3DF4BCE6E4D42B9676C9D837E11388C235AE8DB20044F ] C:\Windows\System32\dnsapi.dll

07:46:36.0946 0x0d74 C:\Windows\System32\dnsapi.dll - ok

07:46:36.0946 0x0d74 [ 8FFE297B8449386E7B6851458B6E474E, E149B37E11091D69D926242517E5655596594A6F01FEF06EB65D6BA5B354E326 ] C:\Windows\System32\logoncli.dll

07:46:36.0946 0x0d74 C:\Windows\System32\logoncli.dll - ok

07:46:36.0946 0x0d74 [ 31FFED18C7B836CEC1B559347E32E151, 80BA8E74EC60BF50240D95FC526485FD6A18F2316A4C4E2804C451164676EDEE ] C:\Windows\System32\schannel.dll

07:46:36.0946 0x0d74 C:\Windows\System32\schannel.dll - ok

07:46:36.0962 0x0d74 [ 95FB6CA4374E343DDD653FCC43F9D26B, 911A240F9C1DD155C2B1CD85FE4A8044EB2816AF166CD8CB66EEB905CA352881 ] C:\Windows\System32\wdigest.dll

07:46:36.0962 0x0d74 C:\Windows\System32\wdigest.dll - ok

07:46:36.0962 0x0d74 [ E1BB958681BE311E7CFF06CFEC5F1F2B, C2FDFC6C7350788A07DCB99A6A54FB9A96A6A578013DF46D0E5094A3CBF6E862 ] C:\Windows\System32\atmfd.dll

07:46:36.0962 0x0d74 C:\Windows\System32\atmfd.dll - ok

07:46:36.0962 0x0d74 [ 5D8874A8C11DDDDE29E12DE0E2013493, 3E9A57137BF622AF83E3E4D58971E2C0200559CCA7545D16CF263AA03EE9C7D2 ] C:\Windows\System32\rsaenh.dll

07:46:36.0962 0x0d74 C:\Windows\System32\rsaenh.dll - ok

07:46:36.0962 0x0d74 [ 8A25506B6948EFBD5A7F37E53CCD36D9, 2A20562ED33ABD1D15C7BE9F4F1E623E3604BCC0F7214D067CD8C3D16B9EC6A7 ] C:\Windows\System32\TSpkg.dll

07:46:36.0962 0x0d74 C:\Windows\System32\TSpkg.dll - ok

07:46:36.0962 0x0d74 [ E08088A97F95345E181C3DFCE2C615EF, DEF3B087DF5E10E4F8418029DB6E82546E62FEFA39694B7BD6A48CE8AAFD1B96 ] C:\Windows\System32\pku2u.dll

07:46:36.0962 0x0d74 C:\Windows\System32\pku2u.dll - ok

07:46:36.0962 0x0d74 [ 7DBA64AD70C2E2481C68D9E0F7CD7840, 52EE57E9A8D3C28336BB8E7536ECE77A9FB4BAF93B9651F9A897F79F873D66BE ] C:\Windows\System32\LIVESSP.DLL

07:46:36.0962 0x0d74 C:\Windows\System32\LIVESSP.DLL - ok

07:46:36.0962 0x0d74 [ D6C7780A364C6BBACFA796BAB9F1B374, 3B5ED1A030BFD0BB73D4FFCD67A6A0B8501EF70293F223EFAA12F430ADF270F9 ] C:\Windows\System32\bcryptprimitives.dll

07:46:36.0962 0x0d74 C:\Windows\System32\bcryptprimitives.dll - ok

07:46:36.0962 0x0d74 [ 52D3D5E3586988D4D9E34ACAAC33105C, C61B60BA962B25B8334F0941C3535EA4ACA1CC060B8A196E396CA3E11CEEF8A1 ] C:\Windows\System32\credssp.dll

07:46:36.0962 0x0d74 C:\Windows\System32\credssp.dll - ok

07:46:36.0977 0x0d74 [ 90BDEFC5DF334E5100EAA781D798DE1A, F48B650D811B6D57D2252E326C0C9CC74534BE9D510E7D3403F91D1C5C36281E ] C:\Windows\System32\efslsaext.dll

07:46:36.0977 0x0d74 C:\Windows\System32\efslsaext.dll - ok

07:46:36.0977 0x0d74 [ ED78427259134C63ED69804D2132B86C, F6F51B8B35881ABCA5580ED111AAC80E466E6474ABAE31EC8BE46C23EDCA77B2 ] C:\Windows\System32\scecli.dll

07:46:36.0977 0x0d74 C:\Windows\System32\scecli.dll - ok

07:46:36.0977 0x0d74 [ 7CC7DF5B654DA579613F811D8C637E29, 70EAC059C1ED814810C75DBB9F4D188428CB942FFD8869D692158D384EB6BB35 ] C:\Windows\System32\ubpm.dll

07:46:36.0977 0x0d74 C:\Windows\System32\ubpm.dll - ok

07:46:36.0977 0x0d74 [ C78655BC80301D76ED4FEF1C1EA40A7D, 93B2ED4004ED5F7F3039DD7ECBD22C7E4E24B6373B4D9EF8D6E45A179B13A5E8 ] C:\Windows\System32\svchost.exe

07:46:36.0977 0x0d74 C:\Windows\System32\svchost.exe - ok

07:46:36.0977 0x0d74 [ 25FBDEF06C4D92815B353F6E792C8129, 57D9764AE6BCE33B242C399CDFC10DD405975BD6411CA8C75FBCD06EEB8442A9 ] C:\Windows\System32\umpnpmgr.dll

07:46:36.0977 0x0d74 C:\Windows\System32\umpnpmgr.dll - ok

07:46:36.0977 0x0d74 [ E6EB44ABAAF1F330119F854856C53EBE, 77279972FFBFA984578DD4F17EB615F5D2D93590AF3A9FEFEFDB9128206C9887 ] C:\Windows\System32\SPInf.dll

07:46:36.0977 0x0d74 C:\Windows\System32\SPInf.dll - ok

07:46:36.0977 0x0d74 [ CD1B5AD07E5F7FEF30E055DCC9E96180, 63C58551F32B0B09377F64A6AE1FA81AF93B8A707A57A8C18722086906AD3046 ] C:\Windows\System32\devrtl.dll

07:46:36.0977 0x0d74 C:\Windows\System32\devrtl.dll - ok

07:46:36.0977 0x0d74 [ 9C9307C95671AC962F3D6EB3A4A89BAE, D1433791C9B8BCEEAD8937EC18D33E89E4E2012B5975228A8500FD141BC30078 ] C:\Windows\System32\gpapi.dll

07:46:36.0977 0x0d74 C:\Windows\System32\gpapi.dll - ok

07:46:36.0993 0x0d74 [ 7A17485DC7D8A7AC81321A42CD034519, 88D8705FA901793FC8C1CFD0175E49A6502BF0FC94A066BA573D2FD13AA5F04A ] C:\Windows\System32\userenv.dll

07:46:36.0993 0x0d74 C:\Windows\System32\userenv.dll - ok

07:46:36.0993 0x0d74 [ A2CCA4FB273E6050F17A0A416CFF2FCD, C42BA18DF0C8E3F7358669A784E51E4DC7A4112096345EA699EDC95F561E0255 ] C:\Windows\System32\umpo.dll

07:46:36.0993 0x0d74 C:\Windows\System32\umpo.dll - ok

07:46:36.0993 0x0d74 [ F6C011B46FAEEF33536B2E80F48B5CBE, BDD149D3D6F9F6C8F6F34C311219BE5618CEEFBC7D35E37473A47F1D5D015067 ] C:\Windows\System32\pcwum.dll

07:46:36.0993 0x0d74 C:\Windows\System32\pcwum.dll - ok

07:46:36.0993 0x0d74 [ 716175021BDA290504CE434273F666BC, FA18CA2D8A5F4335E051E2933147D3C1E7308F7D446E2AEB6596CDEF6E2AFC88 ] C:\Windows\System32\powrprof.dll

07:46:36.0993 0x0d74 C:\Windows\System32\powrprof.dll - ok

07:46:36.0993 0x0d74 [ 5C627D1B1138676C0A7AB2C2C190D123, C5003F2C912C5CA990E634818D3B4FD72F871900AF2948BD6C4D6400B354B401 ] C:\Windows\System32\rpcss.dll

07:46:36.0993 0x0d74 C:\Windows\System32\rpcss.dll - ok

07:46:36.0993 0x0d74 [ B42ED0320C6E41102FDE0005154849BB, 4DB872E23AD049C3C9FDC0759FC58BFA60DA91B18BC82B611BFA300D26DDFC7A ] C:\Windows\System32\drivers\Dot4.sys

07:46:36.0993 0x0d74 C:\Windows\System32\drivers\Dot4.sys - ok

07:46:36.0993 0x0d74 [ E9F5969233C5D89F3C35E3A66A52A361, C4BD35795C78FB11E6022372CB25DEB570730EFDAD3DC1584368235FF622638C ] C:\Windows\System32\drivers\Dot4Prt.sys

07:46:36.0993 0x0d74 C:\Windows\System32\drivers\Dot4Prt.sys - ok

07:46:36.0993 0x0d74 [ FD05A02B0370BC3000F402E543CA5814, 089B1113E640F495F470E8F57060B89546270481B309DC8ED3C3D13A849076A3 ] C:\Windows\System32\drivers\Dot4usb.sys

07:46:36.0993 0x0d74 C:\Windows\System32\drivers\Dot4usb.sys - ok

07:46:37.0009 0x0d74 [ E4DC58CF7B3EA515AE917FF0D402A7BB, 665B5CD9FE905B0EE3F59A7B1A94760F5393EBEE729877D8584349754C2867E8 ] C:\Windows\System32\RpcEpMap.dll

07:46:37.0009 0x0d74 C:\Windows\System32\RpcEpMap.dll - ok

07:46:37.0009 0x0d74 [ 16E964ABF6D1E0F0CC7822FCA9BA754D, 0E461387ACFD641DA22EE542A3C68AF5F7D3A7F967D974E3B198143D461ABE39 ] C:\Windows\System32\wshqos.dll

07:46:37.0009 0x0d74 C:\Windows\System32\wshqos.dll - ok

07:46:37.0009 0x0d74 [ 31559F3244C6BC00A52030CAA83B6B91, B2025742B5F0025ACE9821D5722DE3F997EEEAB21D2F381C9E307882DF422579 ] C:\Windows\System32\WSHTCPIP.DLL

07:46:37.0009 0x0d74 C:\Windows\System32\WSHTCPIP.DLL - ok

07:46:37.0009 0x0d74 [ 9AD9E06F8656F296D91FAE8EE5B95A27, 53384747D5864D699BCC4F48E0A5E656430EDAA65DCDAB4B11EA68FC7106459E ] C:\Windows\System32\FirewallAPI.dll

07:46:37.0009 0x0d74 C:\Windows\System32\FirewallAPI.dll - ok

07:46:37.0009 0x0d74 [ 715F03B4C7223349768013EA95D9E5B7, 09AB0535A54C2E2962F0FD06988D99060F8CECA39B07AC00A63204C773B95893 ] C:\Windows\System32\LogonUI.exe

07:46:37.0009 0x0d74 C:\Windows\System32\LogonUI.exe - ok

07:46:37.0009 0x0d74 [ 0ADC83218B66A6DB380C330836F3E36D, 798D6F83B5DBCC1656595E0A96CF12087FCCBE19D1982890D0CE5F629B328B29 ] C:\Windows\System32\drivers\fastfat.sys

07:46:37.0009 0x0d74 C:\Windows\System32\drivers\fastfat.sys - ok

07:46:37.0009 0x0d74 [ 34152997FB906895290E0199AC94B85F, 6AEEB989FA6E4354F96F70D0169CC6CAAA56EEE3056F1CD20F5FE846EAC058C1 ] C:\Windows\System32\authui.dll

07:46:37.0009 0x0d74 C:\Windows\System32\authui.dll - ok

07:46:37.0009 0x0d74 [ 94E026870A55AAEAFF7853C1754091E9, B2F5D5629D12BDFA98DBED3898368F37D9009C7531B6909C7285A2C11C9A0F93 ] C:\Windows\System32\version.dll

07:46:37.0009 0x0d74 C:\Windows\System32\version.dll - ok

07:46:37.0024 0x0d74 [ 6011714C8C5C55CBFFAD24D61E879FBD, 75D615082A1C71C6ED3ABB49EDAF660EE538D112CF79B9C8AF0A583D1CE1BBB0 ] C:\Windows\System32\wevtsvc.dll

07:46:37.0024 0x0d74 C:\Windows\System32\wevtsvc.dll - ok

07:46:37.0024 0x0d74 [ B3BFBD758506ECB50C5804AAA76318F9, 34E079A6AB2D41D1E0B3887B6AE31C43941061B7176FFF2801C3F465C2C89578 ] C:\Windows\System32\cryptui.dll

07:46:37.0024 0x0d74 C:\Windows\System32\cryptui.dll - ok

07:46:37.0024 0x0d74 [ 5F28111C648F1E24F7DBC87CDEB091B8, 2E8645285921EDB98BB2173E11E57459C888D52E80D85791D169C869DE8813B9 ] C:\Windows\System32\netprofm.dll

07:46:37.0024 0x0d74 C:\Windows\System32\netprofm.dll - ok

07:46:37.0024 0x0d74 [ F23FEF6D569FCE88671949894A8BECF1, FCE7B156ED663471CF9A736915F00302E93B50FC647563D235313A37FCE8F0F6 ] C:\Windows\System32\audiosrv.dll

07:46:37.0024 0x0d74 C:\Windows\System32\audiosrv.dll - ok

07:46:37.0024 0x0d74 [ C4C183E6551084039EC862DA1C945E3D, 0874A2ACDD24D64965AA9A76E9C818E216880AE4C9A2E07ED932EE404585CEE6 ] C:\Windows\System32\FntCache.dll

07:46:37.0024 0x0d74 C:\Windows\System32\FntCache.dll - ok

07:46:37.0024 0x0d74 [ 78A1E65207484B7F8D3217507745F47C, 35F413ADB9D157F3666DD15DD58104D629CD9143198A1AB914B73A4A3C9903DD ] C:\Windows\System32\avrt.dll

07:46:37.0024 0x0d74 C:\Windows\System32\avrt.dll - ok

07:46:37.0024 0x0d74 [ E40E80D0304A73E8D269F7141D77250B, 0DB4AC13A264F19A84DC0BCED54E8E404014CC09C993B172002B1561EC7E265A ] C:\Windows\System32\mmcss.dll

07:46:37.0024 0x0d74 C:\Windows\System32\mmcss.dll - ok

07:46:37.0040 0x0d74 [ 588CD0C78A7FAAE4186B5EEA0AF3ED67, E957E4463D318A44BA5109EE3428624DE901C5FF2BA358986DF6C6F059DDBCC2 ] C:\Windows\System32\adtschema.dll

07:46:37.0040 0x0d74 C:\Windows\System32\adtschema.dll - ok

07:46:37.0040 0x0d74 [ 227E2C382A1E02F8D4965E664D3BBE43, 1CFF20A8BF87ACE4FA4935EBEED72BFB1A1FE902A754899E2F50798D67DF5642 ] C:\Windows\System32\MMDevAPI.dll

07:46:37.0040 0x0d74 C:\Windows\System32\MMDevAPI.dll - ok

07:46:37.0040 0x0d74 [ F06BB4E336EA57511FDBAFAFCC47DE62, BE43EC62548E9FF89A9495A1722E22DBB76EEC3764F86E64057B636F27D15765 ] C:\Windows\System32\propsys.dll

07:46:37.0040 0x0d74 C:\Windows\System32\propsys.dll - ok

07:46:37.0040 0x0d74 [ 50544D04AD845C43130B70212EC05CCD, B2E6B558DE7D273512226685FF53ED17C9B4BF81B739FBCA5D3FC82DF8D2BCF7 ] C:\Windows\System32\microsoft-windows-kernel-power-events.dll

07:46:37.0040 0x0d74 C:\Windows\System32\microsoft-windows-kernel-power-events.dll - ok

07:46:37.0040 0x0d74 [ B1DF2D87DC8BF6072699AC8301B37796, D5A6FD1EDB627324DFA1A0555F1777A3313EF29DDE29982C3CE59DAF1ED0D105 ] C:\Windows\System32\WUDFPlatform.dll

07:46:37.0040 0x0d74 C:\Windows\System32\WUDFPlatform.dll - ok

07:46:37.0040 0x0d74 [ 54FFC9C8898113ACE189D4AA7199D2C1, 65F585C87F3F710FD5793FDFA96B740AD8D4317B0C120F4435CCF777300EA4F2 ] C:\Windows\System32\MPSSVC.dll

07:46:37.0040 0x0d74 C:\Windows\System32\MPSSVC.dll - ok

07:46:37.0040 0x0d74 [ 7FA8FDC2C2A27817FD0F624E78D3B50C, 7B63F6AA2CD6D4D07EA3C595B868B1A0749BB11620027A2BD9B935E3055481E4 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll

07:46:37.0040 0x0d74 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok

07:46:37.0040 0x0d74 [ DA6B67270FD9DB3697B20FCE94950741, F621A4462C9F2904063578C427FAF22D7D66AE9967605C11C798099817CE5331 ] C:\Windows\System32\drivers\fltMgr.sys

07:46:37.0040 0x0d74 C:\Windows\System32\drivers\fltMgr.sys - ok

07:46:37.0055 0x0d74 [ A3DB3C17EE6CAE65D53602B4E80BCCBC, D802A7C6161F937DC42A6E45FE1BB2C8272819F92C294C180EBCDF8FF72CBFDC ] C:\Windows\System32\PSHED.DLL

07:46:37.0055 0x0d74 C:\Windows\System32\PSHED.DLL - ok

07:46:37.0055 0x0d74 [ 53E83F1F6CF9D62F32801CF66D8352A8, 1225FED810BE8E0729EEAE5B340035CCBB9BACD3EF247834400F9B72D05ACE48 ] C:\Windows\System32\profsvc.dll

07:46:37.0055 0x0d74 C:\Windows\System32\profsvc.dll - ok

07:46:37.0055 0x0d74 [ 5B3EBFC3DA142324B388DDCC4465E1FF, 5D58642305311F9BC9B779C9598BFC4E7433B3EA58404BF1FF9466838A2328C7 ] C:\Windows\System32\samlib.dll

07:46:37.0055 0x0d74 C:\Windows\System32\samlib.dll - ok

07:46:37.0055 0x0d74 [ 4E9C2DB10F7E6AE91BF761139D4B745B, 8F63F78294F5585D599A114AF449DCC447CCB239D0F0B490BFE6B34A2146E730 ] C:\Windows\System32\shacct.dll

07:46:37.0055 0x0d74 C:\Windows\System32\shacct.dll - ok

07:46:37.0055 0x0d74 [ B0945E538CF906BBDDC5A11C8EE868CC, 5F3459F6512918835F7C9400905EC7C1FAEAA7114E0D28C522040C359E3B93F7 ] C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll

07:46:37.0055 0x0d74 C:\Windows\System32\microsoft-windows-kernel-processor-power-events.dll - ok

07:46:37.0055 0x0d74 [ D29E998E8277666982B4F0303BF4E7AF, 4F19AB5DC173E278EBE45832F6CEAA40E2DF6A2EDDC81B2828122442FE5D376C ] C:\Windows\System32\uxtheme.dll

07:46:37.0055 0x0d74 C:\Windows\System32\uxtheme.dll - ok

07:46:37.0055 0x0d74 [ D5CCA1453B98A5801E6D5FF0FF89DC6C, 85F2C2480AAC31B6092187B431A562D79D4CFB1324F925C85055ABAB2483264B ] C:\Windows\System32\audiodg.exe

07:46:37.0055 0x0d74 C:\Windows\System32\audiodg.exe - ok

07:46:37.0055 0x0d74 [ 3AB183AB4D2C79DCF459CD2C1266B043, 72B0187EBA9DC74E61EC5CB3DC24058DDB768843E865801894AAEAA211610C56 ] C:\Windows\System32\cscsvc.dll

07:46:37.0055 0x0d74 C:\Windows\System32\cscsvc.dll - ok

07:46:37.0071 0x0d74 [ 1F4492FE41767CDB8B89D17655847CDD, 184547FAC0C3D7148FAA3F601929A7089DE393BD19929A137DAD743331DD3F77 ] C:\Windows\System32\ntmarta.dll

07:46:37.0071 0x0d74 C:\Windows\System32\ntmarta.dll - ok

07:46:37.0071 0x0d74 [ 18CAAF21CBA3EAEE17BBA5D3807F29B8, 59C4FE015CCBE922F7AB3838D7F34CACC08DD437B2BAD62926BF4A9C416F7C19 ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll

07:46:37.0071 0x0d74 C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.18120_none_2b25b14c71ebf230\GdiPlus.dll - ok

07:46:37.0071 0x0d74 [ 58775492FFD419248B08325E583C527F, DBB013971F5894F25C222C2D4D50A29DB6DF3C413792EE9CCC1A9E6D85469093 ] C:\Windows\System32\atl.dll

07:46:37.0071 0x0d74 C:\Windows\System32\atl.dll - ok

07:46:37.0071 0x0d74 [ 277BBC7E1AA1EE957F573A10ECA7EF3A, 2EE60B924E583E847CC24E78B401EF95C69DB777A5B74E1EC963E18D47B94D24 ] C:\Windows\System32\gpsvc.dll

07:46:37.0071 0x0d74 C:\Windows\System32\gpsvc.dll - ok

07:46:37.0071 0x0d74 [ 4166F82BE4D24938977DD1746BE9B8A0, 24121751B7306225AD1C808442D7B030DEF377E9316AA0A3C5C7460E87317881 ] C:\Windows\System32\es.dll

07:46:37.0071 0x0d74 C:\Windows\System32\es.dll - ok

07:46:37.0071 0x0d74 [ F0344071948D1A1FA732231785A0664C, DB9886C2C858FAF45AEA15F8E42860343F73EB8685C53EC2E8CCC10586CB0832 ] C:\Windows\System32\themeservice.dll

07:46:37.0071 0x0d74 C:\Windows\System32\themeservice.dll - ok

07:46:37.0071 0x0d74 [ 1A47D52E303B7543E4E6026595B95422, C577CD3837546A7CED5D2E8E97FA2EDACA133B4A8595770EF96CAE519BFE280F ] C:\Windows\System32\comres.dll

07:46:37.0071 0x0d74 C:\Windows\System32\comres.dll - ok

07:46:37.0071 0x0d74 [ C32AB8FA018EF34C0F113BD501436D21, E0EB8E80B51E45CA7EB061E705DA0BC07878759418A8519AE6E12326FE79E7C7 ] C:\Windows\System32\Sens.dll

07:46:37.0071 0x0d74 C:\Windows\System32\Sens.dll - ok

07:46:37.0087 0x0d74 [ A77BE7CB3222B4FB0AC6C71D1C2698D4, 73566223914BF670DF6B5931FA213E546713531B10391ED65B5256BBD7ABDE7F ] C:\Windows\System32\dsrole.dll

07:46:37.0087 0x0d74 C:\Windows\System32\dsrole.dll - ok

07:46:37.0087 0x0d74 [ 46BB91A169B9B31FF44EB04C48EC1D41, 8115B533D3A5BE07633FA54FA8847E3DEC00C5BEB193CF2FBE88428D23E2B3D6 ] C:\Windows\System32\nlaapi.dll

07:46:37.0087 0x0d74 C:\Windows\System32\nlaapi.dll - ok

07:46:37.0087 0x0d74 [ BE097F5BB10F9079FCEB2DC4E7E20F02, 90A88986C8C5F30FB153EC803FEDA6572B2C2630A6C9578FCC017800692694D5 ] C:\Windows\System32\slc.dll

07:46:37.0087 0x0d74 C:\Windows\System32\slc.dll - ok

07:46:37.0087 0x0d74 [ 29910D50542B1AA0F162EF3339C61B6D, 018F0922384A5757390652865BB2DF876E9DA08B0858BC619B41D2CD14533ED4 ] C:\Windows\System32\PeerDist.dll

07:46:37.0087 0x0d74 C:\Windows\System32\PeerDist.dll - ok

07:46:37.0087 0x0d74 [ BAAFAF9CEAEC0B73C2A3550A01F6CECB, 018CB95A43CEA2063EA24691C71D51EF60D522C21502ABA8AD93876363D4B857 ] C:\Windows\System32\taskschd.dll

07:46:37.0087 0x0d74 C:\Windows\System32\taskschd.dll - ok

07:46:37.0087 0x0d74 [ 3CB6A7286422C72C34DAB54A5DFF1A34, 98D21EFFF511E407336A226420701E82554DA01FA05661303836B6860D63749D ] C:\Windows\System32\dui70.dll

07:46:37.0087 0x0d74 C:\Windows\System32\dui70.dll - ok

07:46:37.0087 0x0d74 [ 8CCDE014A4CDF84564E03ACE064CA753, DD663029B2EB7B12FDB00FCE403D8326141E540E3B9CE84CD5871473D3E2E2CF ] C:\Windows\System32\duser.dll

07:46:37.0087 0x0d74 C:\Windows\System32\duser.dll - ok

07:46:37.0087 0x0d74 [ 862596399AAFD2A21DB2AF9270CD4F70, 24CAA19EE791FB3440CE742C9064FCE0CB755EF0789D3CE62058A2CFEF0FF6D2 ] C:\Windows\System32\mstask.dll

07:46:37.0087 0x0d74 C:\Windows\System32\mstask.dll - ok

07:46:37.0102 0x0d74 [ D7F1EF374A90709B31591823B002F918, 05FD2837C9B03D14BB2A969C1AD77CAEF047D93DC5D0F6C2ACBF0888E8F7B359 ] C:\Windows\System32\SndVolSSO.dll

07:46:37.0102 0x0d74 C:\Windows\System32\SndVolSSO.dll - ok

07:46:37.0102 0x0d74 [ EDBB23CBCF2CDF727D64FF9B51A6070E, 7202484C8E1BFB2AFD64D8C81668F3EDE0E3BF5EB27572877A0A7B337AE5AE42 ] C:\Windows\System32\uxsms.dll

07:46:37.0102 0x0d74 C:\Windows\System32\uxsms.dll - ok

07:46:37.0102 0x0d74 [ BD3674BE7FC9D8D3732C83E8499576ED, E6716A5895D629263A4D21959F48840429AB6F4B55A5FA2663EE5E86C9CA2BF1 ] C:\Windows\System32\wtsapi32.dll

07:46:37.0102 0x0d74 C:\Windows\System32\wtsapi32.dll - ok

07:46:37.0102 0x0d74 [ 1538831CF8AD2979A04C423779465827, E1729B0CC4CEEE494A0B8817A8E98FF232E3A32FB023566EF0BC71A090262C0C ] C:\Windows\System32\drivers\lltdio.sys

07:46:37.0102 0x0d74 C:\Windows\System32\drivers\lltdio.sys - ok

07:46:37.0102 0x0d74 [ DDC86E4F8E7456261E637E3552E804FF, D250C69CCC75F2D88E7E624FCC51300E75637333317D53908CCA7E0F117173DD ] C:\Windows\System32\drivers\rspndr.sys

07:46:37.0102 0x0d74 C:\Windows\System32\drivers\rspndr.sys - ok

07:46:37.0102 0x0d74 [ 896F15A6434D93EDB42519D5E18E6B50, 9263F0CEC58D45EBE3FB9C3061FB9392C55A7933B84B4592E6EE13CFC86D5A50 ] C:\Windows\System32\hid.dll

07:46:37.0102 0x0d74 C:\Windows\System32\hid.dll - ok

07:46:37.0102 0x0d74 [ 2B81776DA02017A37FE26C662827470E, A656353C50EE08422145D00DB9CFD9F6D3E664753B3C454B171E2A56A8AA94DC ] C:\Windows\System32\IPHLPAPI.DLL

07:46:37.0102 0x0d74 C:\Windows\System32\IPHLPAPI.DLL - ok

07:46:37.0102 0x0d74 [ F993A32249B66C9D622EA5592A8B76B8, EE64672A990C6145DC5601E2B8CDBE089272A72732F59AF9865DCBA8B1717E70 ] C:\Windows\System32\lmhsvc.dll

07:46:37.0102 0x0d74 C:\Windows\System32\lmhsvc.dll - ok

07:46:37.0118 0x0d74 [ D54BFDF3E0C953F823B3D0BFE4732528, 497A1DCC5646EC22119273216DF10D5442D16F83E4363770F507518CF6EAA53A ] C:\Windows\System32\nsisvc.dll

07:46:37.0118 0x0d74 C:\Windows\System32\nsisvc.dll - ok

07:46:37.0118 0x0d74 [ 4C9210E8F4E052F6A4EB87716DA0C24C, 460F7990BDADB7D58D6DC95B094D30A2EFDC4CEED444B18A2F36E8D9076FB8B9 ] C:\Windows\System32\winnsi.dll

07:46:37.0118 0x0d74 C:\Windows\System32\winnsi.dll - ok

07:46:37.0118 0x0d74 [ 43D808F5D9E1A18E5EEB5EBC83969E4E, C10D1155D71EABE4ED44C656A8F13078A8A4E850C4A8FBB92D52D173430972B8 ] C:\Windows\System32\dhcpcore.dll

07:46:37.0118 0x0d74 C:\Windows\System32\dhcpcore.dll - ok

07:46:37.0118 0x0d74 [ 16835866AAA693C7D7FCEBA8FFF706E4, 15891558F7C1F2BB57A98769601D447ED0D952354A8BB347312D034DC03E0242 ] C:\Windows\System32\dnsrslvr.dll

07:46:37.0118 0x0d74 C:\Windows\System32\dnsrslvr.dll - ok

07:46:37.0118 0x0d74 [ B73A6E4B319AFFE64582AC5C1801BB3F, 274EEA0743DC659180E691654CBB17136E9E9D83B07E302B47EA5B103EA57710 ] C:\Windows\System32\nrpsrv.dll

07:46:37.0118 0x0d74 C:\Windows\System32\nrpsrv.dll - ok

07:46:37.0118 0x0d74 [ 3CC16A849E6092E43909F48EF0E60306, 610B576654A69415E4F2FEDB6BA384C77715944E4F89BD2821B311968CA8D810 ] C:\Windows\System32\dhcpcore6.dll

07:46:37.0118 0x0d74 C:\Windows\System32\dhcpcore6.dll - ok

07:46:37.0118 0x0d74 [ DA1B7075260F3872585BFCDD668C648B, 3E10EF6E1A5C341B478322CB78A0AB7BFC70AD8023779B8B4542A7CB4CA756AB ] C:\Windows\System32\dwmapi.dll

07:46:37.0118 0x0d74 C:\Windows\System32\dwmapi.dll - ok

07:46:37.0118 0x0d74 [ D07EB640618F96490DB88C3CE58DB608, 0C553971259632031E6856A94EEB937D571627FC7CF061CCFC040F4BF0CFF259 ] C:\Windows\System32\FWPUCLNT.DLL

07:46:37.0118 0x0d74 C:\Windows\System32\FWPUCLNT.DLL - ok

dpchristi · November 21, 2013

07:46:37.0133 0x0d74 [ 6F8B48F3D343E4B186AB6A9E302B7E16, 54DB52FC56509E61DF68BD251B3286E6CBE1A91D9BC4D950940A61FE2DA04DF8 ] C:\Windows\System32\xmllite.dll

07:46:37.0133 0x0d74 C:\Windows\System32\xmllite.dll - ok

07:46:37.0133 0x0d74 [ F568F7C08458D69E4FCD8675BBB107E4, A5FA25ECF248999A68CCECFBB508BFA1ADD18A23E20A9A9081A87C41CAAA36C0 ] C:\Windows\System32\dhcpcsvc.dll

07:46:37.0133 0x0d74 C:\Windows\System32\dhcpcsvc.dll - ok

07:46:37.0133 0x0d74 [ 3C06D5A929B798D0B13F6481242A0FD2, CE6127A31AB09E21A912CA16E4BDF663E9D05C254CCF9090A8B5A9A2E055EFF3 ] C:\Windows\System32\dhcpcsvc6.dll

07:46:37.0133 0x0d74 C:\Windows\System32\dhcpcsvc6.dll - ok

07:46:37.0133 0x0d74 [ 885D0942E0F28DB90919BE3129ECF279, 5A10D90EE656ECE3DCA174D6F924641509819FC20CB6EF46B5E1723E52DE85BE ] C:\Windows\System32\dnsext.dll

07:46:37.0133 0x0d74 C:\Windows\System32\dnsext.dll - ok

07:46:37.0133 0x0d74 [ AAF932B4011D14052955D4B212A4DA8D, 2A3BFD0FA9569288E91AE3E72CA1EC39E1450D01E6473CE51157E0F138257923 ] C:\Windows\System32\shsvcs.dll

07:46:37.0133 0x0d74 C:\Windows\System32\shsvcs.dll - ok

07:46:37.0133 0x0d74 [ 3D7BB6DD7A87B3E36E44CA94444247A8, 8EC25387910A85624A76C0312A7A8C2A4624E9B7A546FD071F70FE3C2F7F7333 ] C:\Windows\System32\WindowsCodecs.dll

07:46:37.0133 0x0d74 C:\Windows\System32\WindowsCodecs.dll - ok

07:46:37.0133 0x0d74 [ 262F6592C3299C005FD6BEC90FC4463A, 54095E37F0B6CC677A3E9BDD40F4647C713273D197DB341063AA7F342A60C4A7 ] C:\Windows\System32\schedsvc.dll

07:46:37.0133 0x0d74 C:\Windows\System32\schedsvc.dll - ok

07:46:37.0133 0x0d74 [ EEEA40F0EDB0A6E5359E539E15D0BC77, BFCBF777239C29C6AC4BC5B59591308571647B7C7FDB5571903F7403DD241E8E ] C:\Windows\System32\netapi32.dll

07:46:37.0133 0x0d74 C:\Windows\System32\netapi32.dll - ok

07:46:37.0149 0x0d74 [ 6CECA4C6A489C9B2E6073AFDAAE3F607, 127506D1DB38275614CBEB047C133718EF9D03266BA9C98BE55EC7847CFC9C3D ] C:\Windows\System32\netutils.dll

07:46:37.0149 0x0d74 C:\Windows\System32\netutils.dll - ok

07:46:37.0149 0x0d74 [ 3C91392D448F6E5D525A85B7550D8BA9, 6FD0DC73DBE7519E2C643554C2A7F8FBE4F9A678C4241BB54B3C6E65D2ABCF3A ] C:\Windows\System32\wkscli.dll

07:46:37.0149 0x0d74 C:\Windows\System32\wkscli.dll - ok

07:46:37.0149 0x0d74 [ BC414631876B2F28B8DAB08E849C12C5, 5973654AA3E90E6B699B0A43F645B893D95BAA803129B6967D746C8239AB26E3 ] C:\Windows\System32\ktmw32.dll

07:46:37.0149 0x0d74 C:\Windows\System32\ktmw32.dll - ok

07:46:37.0149 0x0d74 [ C2762A57DF0EE85E63CE4893C5215313, DDE22212D78353633CEDE27D7210469DE674563991105563CF64CCCE2D0743BD ] C:\Windows\System32\VaultCredProvider.dll

07:46:37.0149 0x0d74 C:\Windows\System32\VaultCredProvider.dll - ok

07:46:37.0149 0x0d74 [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D, 19959D18601712901F03B83150D15E34EBCAB355BB4692C9A28511A72F57FC66 ] C:\Windows\System32\winbrand.dll

07:46:37.0149 0x0d74 C:\Windows\System32\winbrand.dll - ok

07:46:37.0149 0x0d74 [ 8563BA40DF4F1E93A61B70E2C8B60CF8, E5CAA520CBE61FAF3EAA784A51ED30E0CB2FD78EFD8AE1D5C6B0FE43A1009F39 ] C:\Windows\System32\SmartcardCredentialProvider.dll

07:46:37.0149 0x0d74 C:\Windows\System32\SmartcardCredentialProvider.dll - ok

07:46:37.0149 0x0d74 [ BF352E73615F5461AA6884472435A544, 4B059E79325C5F08CD6FBBE6352E17ADB64B9608CC9EDB36A2DF4D148060C309 ] C:\Windows\System32\BioCredProv.dll

07:46:37.0149 0x0d74 C:\Windows\System32\BioCredProv.dll - ok

07:46:37.0165 0x0d74 [ 4403D5ECE7D8323CAF1207D1AA38FA01, BD0B34DCF658D3CB91C1B55E9E730C5F7C571AFC2BFA09270C377B72B6830D48 ] C:\Windows\System32\credui.dll

07:46:37.0165 0x0d74 C:\Windows\System32\credui.dll - ok

07:46:37.0165 0x0d74 [ 796B8123A7859AFD3A4AE10514DBAEB5, E76F69FAFEC3D66263ED95F3FA9EE309BDDACB287E30583A147DC97F6EEB8844 ] C:\Windows\System32\winbio.dll

07:46:37.0165 0x0d74 C:\Windows\System32\winbio.dll - ok

07:46:37.0165 0x0d74 [ 972C3301DB3DA91AE06A95F6B4160B1B, 678B533A06C306295FE97DC26CE9BAFFC8EAF1FB7405ACB040719099717744D5 ] C:\Windows\System32\certCredProvider.dll

07:46:37.0165 0x0d74 C:\Windows\System32\certCredProvider.dll - ok

07:46:37.0165 0x0d74 [ FC51229C7D4AFA0D6F186133728B95AB, 37E58C8E1C8437D1981725A5DCDACA7316CEFBB570370CEFC8D122F523B96AC0 ] C:\Windows\System32\samcli.dll

07:46:37.0165 0x0d74 C:\Windows\System32\samcli.dll - ok

07:46:37.0165 0x0d74 [ 44B9C66177651F3F53C87B665D58D17A, 3FC426115FF87570889DB28D71970B82B525D2A4B9A00EDD273BF083B77A05CE ] C:\Windows\System32\vaultcli.dll

07:46:37.0165 0x0d74 C:\Windows\System32\vaultcli.dll - ok

07:46:37.0165 0x0d74 [ 032229246107C5C7211E6D1498B52D3D, 8B492A0621BA88EBF3ABFC072C9023B2162C59AA6E9C61DA6D4762DB6C6C7B4A ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL

07:46:37.0165 0x0d74 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok

07:46:37.0165 0x0d74 [ 87FA0C48C3B2E9FEE518818FE26B15B5, DA4042DE9897397AEDCEFF9F69746726237305DDE64464309B6DCC45E05E42F4 ] C:\Windows\System32\rasplap.dll

07:46:37.0165 0x0d74 C:\Windows\System32\rasplap.dll - ok

07:46:37.0165 0x0d74 [ 019CD868461B646E09BDF04474C19341, 01837EFACB02E52BC6E90C90C4CB01B11D56E449A37EA4FC2695507FF85EA9FE ] C:\Windows\System32\rasapi32.dll

07:46:37.0165 0x0d74 C:\Windows\System32\rasapi32.dll - ok

07:46:37.0180 0x0d74 [ 6DC4A7242F565C9E9C9CCC7BB0FA75C7, 4BC5A1279885EEFBEB27333AF719622A5FCDD9606697692C1978E434CE264D80 ] C:\Windows\System32\taskcomp.dll

07:46:37.0180 0x0d74 C:\Windows\System32\taskcomp.dll - ok

07:46:37.0180 0x0d74 [ 945E54F23C72D37B8CD1987AF0DB63BF, C2B217C94DBCA0A31ED834B9D492B53B25B235DDD02B1D1200E76609D32772EA ] C:\Windows\System32\fveapi.dll

07:46:37.0180 0x0d74 C:\Windows\System32\fveapi.dll - ok

07:46:37.0180 0x0d74 [ B28DEEC597C8DEB70C744C7CF9210E3E, E777F192D822990CA6301B3FEA2AEA213FA7901438EB3328914ADF02B6C39DB9 ] C:\Windows\System32\rasman.dll

07:46:37.0180 0x0d74 C:\Windows\System32\rasman.dll - ok

07:46:37.0180 0x0d74 [ B53C4B69B695EDA1B7E41D35CA4244E2, 3D98E9B263CADA576E4057E059AFC867F6E3F1001F3B73C8BCF9066763A45D9D ] C:\Windows\System32\rtutils.dll

07:46:37.0180 0x0d74 C:\Windows\System32\rtutils.dll - ok

07:46:37.0180 0x0d74 [ 891ECFD08E2C538B7948CBC45106D697, 628D0D618FF3A70E9FBE3B2C7206C9365ED2297784A5F10FFA05BD2C56657013 ] C:\Windows\System32\fvecerts.dll

07:46:37.0180 0x0d74 C:\Windows\System32\fvecerts.dll - ok

07:46:37.0180 0x0d74 [ 694865362F0965779F92BCFE97712323, 825EB75E37AFE9B738869FB5D95020D4F44AD419C2F6C5A658F82A5242FDEF6C ] C:\Windows\System32\tbs.dll

07:46:37.0180 0x0d74 C:\Windows\System32\tbs.dll - ok

07:46:37.0180 0x0d74 [ 9BC8610C32C96A2983A65DC21CAFA921, 2A4195F663C9D55939E3D8FEAA208090FDB0B8801A60164A7325B53104797CBC ] C:\Windows\System32\UXInit.dll

07:46:37.0180 0x0d74 C:\Windows\System32\UXInit.dll - ok

07:46:37.0196 0x0d74 [ CF636C92B762B26F0B39B38E92380A09, F7B8B0EA4536CE3BA33EE1BD0783F6AAD8C0EF69714E874D4A30B720A04C7A18 ] C:\Windows\System32\oleacc.dll

07:46:37.0196 0x0d74 C:\Windows\System32\oleacc.dll - ok

07:46:37.0196 0x0d74 [ 0EA7DE1ACB728DD5A369FD742D6EEE28, 21C489412EB33A12B22290EB701C19BA57006E8702E76F730954F0784DDE9779 ] C:\Windows\System32\drivers\http.sys

07:46:37.0196 0x0d74 C:\Windows\System32\drivers\http.sys - ok

07:46:37.0196 0x0d74 [ 85DAA09A98C9286D4EA2BA8D0E644377, F9C324E2EF81193FE831C7EECC44A100CA06F82FA731BF555D9EA4D91DA13329 ] C:\Windows\System32\spoolsv.exe

07:46:37.0196 0x0d74 C:\Windows\System32\spoolsv.exe - ok

07:46:37.0196 0x0d74 [ 019BDD35DE269CB98B22DE8923C2AA3B, 68B216D5331B128CF1BCB3A3F82FD85B119FFDBCB796C907461CDD6248995817 ] C:\Windows\System32\UIAutomationCore.dll

07:46:37.0196 0x0d74 C:\Windows\System32\UIAutomationCore.dll - ok

07:46:37.0196 0x0d74 [ 82974D6A2FD19445CC5171FC378668A4, 075D25F47C0D2277E40AF8615571DAA5EB16B1824563632A9A7EC62505C29A4A ] C:\Windows\System32\BFE.DLL

07:46:37.0196 0x0d74 C:\Windows\System32\BFE.DLL - ok

07:46:37.0196 0x0d74 [ 5AA945234E9D4CCE4F715276B9AA712C, 65165BD131056816F009D987FC78AC86FFE0C3C38A27E73F873586B7FF4D59CF ] C:\Windows\System32\imageres.dll

07:46:37.0196 0x0d74 C:\Windows\System32\imageres.dll - ok

07:46:37.0196 0x0d74 [ 6C02A83164F5CC0A262F4199F0871CF5, AD4632A6A203CB40970D848315D8ADB9C898349E20D8DF4107C2AE2703A2CF28 ] C:\Windows\System32\drivers\bowser.sys

07:46:37.0196 0x0d74 C:\Windows\System32\drivers\bowser.sys - ok

07:46:37.0196 0x0d74 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F, 5A3FA2F110029CB4CC4384998EDB59203FDD65EC45E01B897FB684F8956EAD20 ] C:\Windows\System32\drivers\mpsdrv.sys

07:46:37.0196 0x0d74 C:\Windows\System32\drivers\mpsdrv.sys - ok

07:46:37.0211 0x0d74 [ A5D9106A73DC88564C825D317CAC68AC, 0457B2AEA4E05A91D0E43F317894A614434D8CEBE35020785387F307E231FBE4 ] C:\Windows\System32\drivers\mrxsmb.sys

07:46:37.0211 0x0d74 C:\Windows\System32\drivers\mrxsmb.sys - ok

07:46:37.0211 0x0d74 [ D711B3C1D5F42C0C2415687BE09FC163, 9B3013AC60BD2D0FF52086658BA5FF486ADE15954A552D7DD590580E8BAE3EFF ] C:\Windows\System32\drivers\mrxsmb10.sys

07:46:37.0211 0x0d74 C:\Windows\System32\drivers\mrxsmb10.sys - ok

07:46:37.0211 0x0d74 [ 9423E9D355C8D303E76B8CFBD8A5C30C, 220B33F120C2DD937FE4D5664F4B581DC0ACF78D62EB56B7720888F67B9644CC ] C:\Windows\System32\drivers\mrxsmb20.sys

07:46:37.0211 0x0d74 C:\Windows\System32\drivers\mrxsmb20.sys - ok

07:46:37.0211 0x0d74 [ C67F8A962B2534224D5908D16D2AD3CE, CAC1821F5E867285638AEE7AE33CE574BCCF16277AC5AD805650B48F7759B4B4 ] C:\Windows\System32\wfapigp.dll

07:46:37.0211 0x0d74 C:\Windows\System32\wfapigp.dll - ok

07:46:37.0211 0x0d74 [ 851A1382EED3E3A7476DB004F4EE3E1A, B1C67F47DD594D092E6E258F01DF5E7150227CE3131A908A244DEE9F8A1FABF9 ] C:\Windows\System32\wkssvc.dll

07:46:37.0211 0x0d74 C:\Windows\System32\wkssvc.dll - ok

07:46:37.0211 0x0d74 [ B33CF4DE909A5B30F526D82053A63C8E, ABF5BB962C038E545C18B96E686E072D780C907096C7BB341297AF31D3703ABD ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe

07:46:37.0211 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\NetworkLicenseServer.exe - ok

07:46:37.0211 0x0d74 [ 1834B31C749B86DAC233BBBA1C03BC48, 27FCA9196842C0BB53CCAD895870A0EB10D2F8ED67E5486A4437067BD4BC4448 ] C:\Windows\System32\mscms.dll

07:46:37.0211 0x0d74 C:\Windows\System32\mscms.dll - ok

07:46:37.0211 0x0d74 [ A2B0924D50F4435FD389499047CE553A, 8D16D5CAAD71AAAAA1479F8477D2928B66581C79932A49A21EDF93DB2803AB9C ] C:\Windows\SysWOW64\ntdll.dll

07:46:37.0211 0x0d74 C:\Windows\SysWOW64\ntdll.dll - ok

07:46:37.0227 0x0d74 [ 3AEAA8B561E63452C655DC0584922257, 04C072969B58657602EB0C21CEDF24FCEE14E61B90A0F758F93925EF2C9FC32D ] C:\Windows\System32\pcasvc.dll

07:46:37.0227 0x0d74 C:\Windows\System32\pcasvc.dll - ok

07:46:37.0227 0x0d74 [ 6313F223E817CC09AA41811DAA7F541D, D787061043BEEDB9386B048CB9E680E6A88A1CBAE9BD4A8C0209155BFB76C630 ] C:\Windows\System32\snmptrap.exe

07:46:37.0227 0x0d74 C:\Windows\System32\snmptrap.exe - ok

07:46:37.0227 0x0d74 [ 70833F5A59F65908698093889C34BCA2, 25777B910664827FC5C8258E4956CC936E0A1E42A9C7F2F390A83025E685D728 ] C:\Windows\System32\wow64.dll

07:46:37.0227 0x0d74 C:\Windows\System32\wow64.dll - ok

07:46:37.0227 0x0d74 [ 5674E21E82CFBEA36DDAD5DB285D6DBC, FBD2AC69D3E66E39651C5F2C88C0087EDC3CD1FD999FC2A574C97E9DDF2C1441 ] C:\Windows\System32\wow64win.dll

07:46:37.0227 0x0d74 C:\Windows\System32\wow64win.dll - ok

07:46:37.0227 0x0d74 [ 10EAB90C1AE8271B5FE5A8930987EE5C, 53E72964AA75526B161F859A509CB046809AE47C65DC998F0E49AC8AED9066EA ] C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll

07:46:37.0227 0x0d74 C:\Program Files\Windows Live\Mesh\WLRemoteServiceResource.dll - ok

07:46:37.0227 0x0d74 [ 3EE3AA76D8AB6D5644C4C8F34471CEB3, FCF173B0A324FA4780824CBD8C8FE4E402F27EACF1A41AAFEA636FA0B3AE7B35 ] C:\Windows\System32\wow64cpu.dll

07:46:37.0227 0x0d74 C:\Windows\System32\wow64cpu.dll - ok

07:46:37.0227 0x0d74 [ 365A5034093AD9E04F433046C4CDF6AB, 5D5B30A883B273D59C6C64286E0BA79DA0BDF1B7EBC791278248A9196701DDDF ] C:\Windows\SysWOW64\kernel32.dll

07:46:37.0227 0x0d74 C:\Windows\SysWOW64\kernel32.dll - ok

07:46:37.0227 0x0d74 [ E9A0777DCA9148157E0EF9B71D7DE353, 954A9A1BC2EF83705AFF479DAFD51C18752AEEB2DE7A7DADD1A0E5A1971868DB ] C:\Windows\System32\RdpGroupPolicyExtension.dll

07:46:37.0227 0x0d74 C:\Windows\System32\RdpGroupPolicyExtension.dll - ok

07:46:37.0243 0x0d74 [ 1B7343C3765638D4D17CB925F84F8ABE, FDD4F8B409A6C6870C56BBCDCD07902D825FCB13ABB316FD804B6AAAF996600B ] C:\Windows\SysWOW64\KernelBase.dll

07:46:37.0243 0x0d74 C:\Windows\SysWOW64\KernelBase.dll - ok

07:46:37.0243 0x0d74 [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3, 01EB95FA3943CF3C6B1A21E473A5C3CB9FCBCE46913B15C96CAC14E4F04075B4 ] C:\Windows\SysWOW64\user32.dll

07:46:37.0243 0x0d74 C:\Windows\SysWOW64\user32.dll - ok

07:46:37.0243 0x0d74 [ 0BA4D8CE0C214F7208E72B3B8F8B7895, 5F64CB63541BB1F325E3152A9154E38AEADB7C9EFCBDEED7A1346A0B839B713A ] C:\Windows\System32\vpc.exe

07:46:37.0243 0x0d74 C:\Windows\System32\vpc.exe - ok

07:46:37.0243 0x0d74 [ 56E3313690866F99CD17AA1342F64AE1, 4AD4E105C1A6E9BAB9568CA21B15A38C59702EF605AA9058490C56DA070CF846 ] C:\Windows\SysWOW64\gdi32.dll

07:46:37.0243 0x0d74 C:\Windows\SysWOW64\gdi32.dll - ok

07:46:37.0243 0x0d74 [ CC23295DA8F7B5C53F93804D2F5D30EB, B290D96C40FBA934DE6CFF82D9BBA6780922CC5012C61599BD5006DAEDC82DDB ] C:\Windows\SysWOW64\lpk.dll

07:46:37.0243 0x0d74 C:\Windows\SysWOW64\lpk.dll - ok

07:46:37.0243 0x0d74 [ B7230010D97787AF3D25E4C82F2B06B9, C795E9811CD461F8E98D1738667EB0C265A57065EA3420CE596D5038E7430C1E ] C:\Windows\SysWOW64\usp10.dll

07:46:37.0243 0x0d74 C:\Windows\SysWOW64\usp10.dll - ok

07:46:37.0243 0x0d74 [ 9DC80A8AAAAAC397BDAB3C67165A824E, 051636BFDFF7AB0E4191354E846BD0DACCA1A01FCC13C1AFED91D8DBFE17127A ] C:\Windows\SysWOW64\msvcrt.dll

07:46:37.0243 0x0d74 C:\Windows\SysWOW64\msvcrt.dll - ok

07:46:37.0243 0x0d74 [ D67472125471784DE7147946EDA25FEB, F41960118F412B6CA5E80AE5E8DB9AECDD043A7DB34388FF57C6F9C5A0056F91 ] C:\Windows\SysWOW64\advapi32.dll

07:46:37.0243 0x0d74 C:\Windows\SysWOW64\advapi32.dll - ok

07:46:37.0258 0x0d74 [ 4DC999CED9429939D75682EBD7D48901, 4E2DB6E4C500980488010AF1125A73D0F958889379F05DB304A220B4BB2D1834 ] C:\Windows\SysWOW64\rpcrt4.dll

07:46:37.0258 0x0d74 C:\Windows\SysWOW64\rpcrt4.dll - ok

07:46:37.0258 0x0d74 [ CFC97F07904067A1E5FAE195D534DA3A, EB4D2D127312EB09E2ACCA3276779E80F90FAF77322684BABF72B8EC6E1F906C ] C:\Windows\SysWOW64\sechost.dll

07:46:37.0258 0x0d74 C:\Windows\SysWOW64\sechost.dll - ok

07:46:37.0258 0x0d74 [ F08F6FCD09F9BE94C37ACC1B344685FF, DE48D766258B46EFEAB16579421C4BD97ACC6883F782D00E9857F4A0CE7E8A34 ] C:\Windows\SysWOW64\cryptbase.dll

07:46:37.0258 0x0d74 C:\Windows\SysWOW64\cryptbase.dll - ok

07:46:37.0258 0x0d74 [ 928CF7268086631F54C3D8E17238C6DD, F058FAFB04E7EBD5CADE9B48195B7AA7C3508F332A89F5E6E5F3F071E8CADD4A ] C:\Windows\SysWOW64\ole32.dll

07:46:37.0258 0x0d74 C:\Windows\SysWOW64\ole32.dll - ok

07:46:37.0258 0x0d74 [ 42B924C5F3924C1EB2539F22C10D7DF1, 5C922A6B9F4B5320ECEF67E81B37E6736BF01AF964A6966E24C8B29D0DDDDA3B ] C:\Windows\SysWOW64\sspicli.dll

07:46:37.0258 0x0d74 C:\Windows\SysWOW64\sspicli.dll - ok

07:46:37.0258 0x0d74 [ BE8BD75FD8BE17B95365619D0B34CDBC, 7FE6C35DBEF62F173B4ACBE76B66264F223A9B128B95849B4E42B5EDF1790A0A ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\FineObj.dll

07:46:37.0258 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\FineObj.dll - ok

07:46:37.0258 0x0d74 [ 6C765E82B57F2E66CE9C54AC238471D9, 97F410023F5C08B4BC5DBF89A642200E76F4025ADD9707C24FD89D673675BB43 ] C:\Windows\SysWOW64\oleaut32.dll

07:46:37.0258 0x0d74 C:\Windows\SysWOW64\oleaut32.dll - ok

07:46:37.0274 0x0d74 [ E02781D4871844DCD30DF1D69A650F78, DC77302F06CD6CF7FC2C3B0F433A4AE41DF869B9F342C0656CCD8A125B3D3318 ] C:\Windows\SysWOW64\shell32.dll

07:46:37.0274 0x0d74 C:\Windows\SysWOW64\shell32.dll - ok

07:46:37.0274 0x0d74 [ 7C00C608FE4C8EDE9E30940837B9AC8B, 3F85DE6487722960E8ED71B23EE0535FA2C07B2FA7ABFE4DEB1B35DCE5E44642 ] C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll

07:46:37.0274 0x0d74 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\ServiceModelEvents.dll - ok

07:46:37.0274 0x0d74 [ 91A8E32B00BF7899EDAB6783287DDDA6, 49451722317AB42B3DE407EFCB9CC560C1455217AC3E2F11F74D08C1708473C5 ] C:\Windows\System32\PeerDistSh.dll

07:46:37.0274 0x0d74 C:\Windows\System32\PeerDistSh.dll - ok

07:46:37.0274 0x0d74 [ 908ACB1F594274965A53926B10C81E89, 7D34A742AC486294D82676F8465A3EF26C8AC3317C32B63F62031CB007CFC208 ] C:\Windows\System32\provsvc.dll

07:46:37.0274 0x0d74 C:\Windows\System32\provsvc.dll - ok

07:46:37.0274 0x0d74 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB, D21CDBC4C2AA0DB5B4455D5108B0CAF4282A2E664B9035708F212CC094569D9D ] C:\Windows\System32\sstpsvc.dll

07:46:37.0274 0x0d74 C:\Windows\System32\sstpsvc.dll - ok

07:46:37.0274 0x0d74 [ 8CC3C111D653E96F3EA1590891491D71, 1D326D7D116D76876EE2B14A5BFB7B4328E21DB9B5AAAB9CB67F8EFB93924230 ] C:\Windows\SysWOW64\shlwapi.dll

07:46:37.0274 0x0d74 C:\Windows\SysWOW64\shlwapi.dll - ok

07:46:37.0274 0x0d74 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\msvcr71.dll

07:46:37.0274 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\msvcr71.dll - ok

07:46:37.0274 0x0d74 [ 39D3E26AC0C684BCBEA6D2EA99035440, E859AE5FD497F456A2910FFD27A3DF3DB2A76B5D2CA24A77650A481ACCF66602 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\FineNet.dll

07:46:37.0274 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\FineNet.dll - ok

07:46:37.0289 0x0d74 [ 2FCA0D2C59A855C54BAFA22AA329DF0F, ED9D26F539065D62FCCEDEEC8E509B30F4D15F8DA586C1F657ACEFE9DABAACD0 ] C:\Windows\SysWOW64\netapi32.dll

07:46:37.0289 0x0d74 C:\Windows\SysWOW64\netapi32.dll - ok

07:46:37.0289 0x0d74 [ 20B3934DB73EABA2B49B7177873CB81F, 492EAC5C51472B43DE11825358AEC4B9E3A081DACFD7513C696D6FE40F302EE5 ] C:\Windows\SysWOW64\netutils.dll

07:46:37.0289 0x0d74 C:\Windows\SysWOW64\netutils.dll - ok

07:46:37.0289 0x0d74 [ 5CCDCD40E732D54E0F7451AC66AC1C87, 66F4DA105BD72E41250CD59E2B3CD931B47AC9FDB6C784B9E33C5EE1AC29841F ] C:\Windows\SysWOW64\srvcli.dll

07:46:37.0289 0x0d74 C:\Windows\SysWOW64\srvcli.dll - ok

07:46:37.0289 0x0d74 [ E5A4A1326A02F8E7B59E6C3270CE7202, DCB76016F9AC47E631540874DA208A089F9D529DA9628705A2869B954526BFE0 ] C:\Windows\SysWOW64\wkscli.dll

07:46:37.0289 0x0d74 C:\Windows\SysWOW64\wkscli.dll - ok

07:46:37.0289 0x0d74 [ 68ECCA523ED760AAFC03C5D587569859, CDD734279C8F9F24EA2538BAD8E91EB8C3DD74C33032DB6B2D85C19576B42707 ] C:\Windows\SysWOW64\samcli.dll

07:46:37.0289 0x0d74 C:\Windows\SysWOW64\samcli.dll - ok

07:46:37.0289 0x0d74 [ B5EB5BD3066959611E1F7A80FD6CC172, 1FFB68A66F28F604ADCAE9C135F8DCF301316AB7FDA8EBD294583C56DD26F7CC ] C:\Windows\SysWOW64\wininet.dll

07:46:37.0289 0x0d74 C:\Windows\SysWOW64\wininet.dll - ok

07:46:37.0289 0x0d74 [ 2E33DFD10F28F86C3FC40EE123CC3904, 57C65671A04EFCA437A69E8E97B2FCA17897EE4608C7DB69F77D44FBD3490B50 ] C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll

07:46:37.0289 0x0d74 C:\Windows\SysWOW64\api-ms-win-downlevel-normaliz-l1-1-0.dll - ok

07:46:37.0289 0x0d74 [ 6951562DC4625EEFC6EACD52AD165866, 44A0B3EA0232D613A5B4115492DF2A7CEF25B35300E6A3E3E50C9544C5D1049E ] C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll

07:46:37.0289 0x0d74 C:\Windows\SysWOW64\api-ms-win-downlevel-shlwapi-l1-1-0.dll - ok

07:46:37.0305 0x0d74 [ 589CBC4989F750E1DA35625AB481CF43, B93E1B8C3775F9C995FD5451C685A06DEFD24AE1DF0DD99D19D5E4B9AC0010F9 ] C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll

07:46:37.0305 0x0d74 C:\Windows\SysWOW64\api-ms-win-downlevel-user32-l1-1-0.dll - ok

07:46:37.0305 0x0d74 [ 3BE0D923AA45A4DBE091C2D84F0B4FE7, 603EEC55D6F646150FC3F0F2C939CFE434C02FC7A7AB23B1FEC8B5C77E4C8381 ] C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll

07:46:37.0305 0x0d74 C:\Windows\SysWOW64\api-ms-win-downlevel-version-l1-1-0.dll - ok

07:46:37.0305 0x0d74 [ B68750104FBA545C633B7E9AEA660208, 7D07BD6C3B2907B3B181B14DBC0F8C0B40690EA9FF5A51253400BDE83C4272C7 ] C:\Windows\SysWOW64\iertutil.dll

07:46:37.0305 0x0d74 C:\Windows\SysWOW64\iertutil.dll - ok

07:46:37.0305 0x0d74 [ 702254574E7E52052DE39408457B7149, 645CA9E88DA21C63710A04A0F54421018DF415A3D612112C71A255C49325C082 ] C:\Windows\SysWOW64\version.dll

07:46:37.0305 0x0d74 C:\Windows\SysWOW64\version.dll - ok

07:46:37.0305 0x0d74 [ DB8AA8CCA66DBD641C2B942ED5C15CE5, 8922DDE1EE1D04AE91BA461DDCD167E4BDDB31DA51486244F30226ECDF18063D ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\AbbyyZlib.dll

07:46:37.0305 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\AbbyyZlib.dll - ok

07:46:37.0305 0x0d74 [ 6A13B4F3B3F575F1E24B877B9359AABA, 676AD5F8F709D4A9DCE9938D82DEEE329C9A385A6969C169B3DF37AA75F1E4C7 ] C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll

07:46:37.0305 0x0d74 C:\Windows\SysWOW64\api-ms-win-downlevel-advapi32-l1-1-0.dll - ok

07:46:37.0305 0x0d74 [ A6F09E5669D9A19035F6D942CAA15882, 68C8AF0CC1923E3A7245392F2480EE665D265DF300A609D2540BF7C6D9C1A1BE ] C:\Windows\SysWOW64\imm32.dll

07:46:37.0305 0x0d74 C:\Windows\SysWOW64\imm32.dll - ok

07:46:37.0321 0x0d74 [ C9618BC9B2B0FD7C1138D8774795A79B, 0AC170669C2626519FA7A745C56BFBA6B83B8537488F5B9EB7BA72448E5E7A43 ] C:\Windows\SysWOW64\msctf.dll

07:46:37.0321 0x0d74 C:\Windows\SysWOW64\msctf.dll - ok

07:46:37.0321 0x0d74 [ FD50B596A5C2FC595AAE0D5A791B939A, 07F4AA2A585F2C52B1917C456A8ABBF9CB5BB192DCF4E0D249CC2286917AB9CE ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensingShared.dll

07:46:37.0321 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensingShared.dll - ok

07:46:37.0321 0x0d74 [ 539C49CEBB3C50957AC8A09D95ECD880, 49E75CDB556FBCE72C44648F8930CF2209C1360F9311C5B4CEB19E13B11E6B75 ] C:\Windows\SysWOW64\shfolder.dll

07:46:37.0321 0x0d74 C:\Windows\SysWOW64\shfolder.dll - ok

07:46:37.0321 0x0d74 [ C733D233B623B7FFCE5031E4B756EE26, 33CC8B140B0E4A9B702E3468BE2646AEE4273F20C6EA5BAC6C3D8FC8EDEF0881 ] C:\Windows\SysWOW64\profapi.dll

07:46:37.0321 0x0d74 C:\Windows\SysWOW64\profapi.dll - ok

07:46:37.0321 0x0d74 [ 2DE87B444AA507D6DD2BA2FE739B047C, 016957AFA9CFE3622CDFD21AA2B1376E8EA763D07BCF3793763FABF0D3691E5C ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing0.dll

07:46:37.0321 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing0.dll - ok

07:46:37.0321 0x0d74 [ 803260C5EE2EE9289C6D53087EC50017, D8A604098A8020FE888BB9C841D368A310367B6D27BCE86CE8DD2DFB33F7F544 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing1.dll

07:46:37.0321 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing1.dll - ok

07:46:37.0321 0x0d74 [ BEDE8BC1F0FE794829269C115C1A588E, CFE332C3CBD3ECAC370E371C239F6BADD733E345C8BFFC4E1FBD53A64E322E16 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing13.dll

07:46:37.0321 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing13.dll - ok

07:46:37.0336 0x0d74 [ AEFD4172AAC818D987D26EDAF4A3B7C5, E254BBB26504960160C75DBF890A4A110336343F56744E10A9E33030166A3376 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing14.dll

07:46:37.0336 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing14.dll - ok

07:46:37.0336 0x0d74 [ 81DA9DF8C65BBB4CA871B5E2728674D5, 340FC2FE5957FFE2BD18B6CD376CD1F615C059D5C0303F23CD50578054F81455 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing15.dll

07:46:37.0336 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing15.dll - ok

07:46:37.0336 0x0d74 [ 08E688BEE5FEF9214B9BB15CFB36E23A, 939060266F6895521B0DC9224C8D43B59D7C66DB57FD0BA0A8363E86DE621876 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing16.dll

07:46:37.0336 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing16.dll - ok

07:46:37.0336 0x0d74 [ F5E2D6E3FF6238893215585A04192AD7, 6D942DB3983786A64216B23B80F6BFD6D408376EF5BDBC703D7F820A25294309 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing17.dll

07:46:37.0336 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing17.dll - ok

07:46:37.0336 0x0d74 [ 9EF03D654D3AE8DA10F2D089B859337E, 1DE424FB7C512E89DBB14B3B83A0D39CE07C122FA015873F2526A4ECC517BFAA ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing2.dll

07:46:37.0336 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing2.dll - ok

07:46:37.0336 0x0d74 [ D7EE31A22CA2781FC6EBD12C831F6B59, 5802E60AB5117F63CBAB47D6A9601B68987D04251B2436F6F70BB33A5E391546 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing23.dll

07:46:37.0336 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing23.dll - ok

07:46:37.0352 0x0d74 [ 74BAF2D00BD902B80D69BE42A61F83DD, 84240BB1DF05BB890B7F290EF41837B4CE8C24D9A49EEED329DA48AF6690F87B ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing24.dll

07:46:37.0352 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing24.dll - ok

07:46:37.0352 0x0d74 [ 8269210DAF3B12BC8300631B28A2A442, EABEB792C2EA8D4A1A7B13281CF557C194D5667AE0BA2A2D5664908D8269113D ] C:\Windows\System32\wiarpc.dll

07:46:37.0352 0x0d74 C:\Windows\System32\wiarpc.dll - ok

07:46:37.0352 0x0d74 [ 42E2F8798B445F76671C88C155C1F18D, AD08870CEC54F3D9F0C853B93A9276798FA9F7934ADF153D5121B652686B6C63 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing26.dll

07:46:37.0352 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing26.dll - ok

07:46:37.0352 0x0d74 [ E6F0F82788E8BD0F7A616350EFA0761C, 13091DCB3E3F4F52C3FF210E93AAF1DCE142CFC09F671AEAC5B922393B23E67B ] C:\Windows\System32\actxprxy.dll

07:46:37.0352 0x0d74 C:\Windows\System32\actxprxy.dll - ok

07:46:37.0352 0x0d74 [ 239935CF6E2A2D464AB66E51EB067D66, 30EABB84709C69E28262C5EB3DEC38292DEA30A9458FB156C23C90D39BC0E1EC ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing3.dll

07:46:37.0352 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing3.dll - ok

07:46:37.0352 0x0d74 [ 1AA94A15B0CE226341F4D731225D924C, 1AEBDAED1C5F411DE2301EEE9122DE230A014B19464BD52580F8B0AF74D4E112 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing5.dll

07:46:37.0352 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing5.dll - ok

07:46:37.0352 0x0d74 [ F85AF7D697A2E3C9E69380C7AABA8F69, F95A7C2745BA15180875283D5019B80B1CA7FD90562011E8060A1FE359F5E13A ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing6.dll

07:46:37.0352 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing6.dll - ok

07:46:37.0367 0x0d74 [ 7E13358593468500BDE154C5C497EC1A, F9E839E5DFBAD545DE192F8EA6BFA2565C718193E2A870991F30495536A92826 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing63.dll

07:46:37.0367 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing63.dll - ok

07:46:37.0367 0x0d74 [ 80D7A6E0EA9845F8D20E932DAFA4AC60, E9757543168145F7726BF8134A17F4D93AFD2DB68B32D0E2F471C4641DCF9145 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing64.dll

07:46:37.0367 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing64.dll - ok

07:46:37.0367 0x0d74 [ 28A3EED9BB0A781677E8F28BA4040FF6, 6B9519E8D063B0CED3E298745AAEFE59DB3B3950316233602E2A3426C88F0BA6 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing65.dll

07:46:37.0367 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing65.dll - ok

07:46:37.0367 0x0d74 [ C70FDA0C297D51B0A42E7AA322856541, B3AC4534E7FEF9A9210DA5D722FDC5BC216E75E3BCDE2F91729358DEE953BFEB ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing69.dll

07:46:37.0367 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing69.dll - ok

07:46:37.0367 0x0d74 [ F1B54578D13C99842EC23238284162F9, A6C1CB0B2FC8E97E5C605492155D3276C0924DAE5FA9BAD8B53F805CB7EE27B7 ] C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing7.dll

07:46:37.0367 0x0d74 C:\Program Files (x86)\Common Files\ABBYY\FineReaderSprint\9.00\Licensing\ProductLicensing7.dll - ok

07:46:37.0367 0x0d74 [ A8EDB86FC2A4D6D1285E4C70384AC35A, 61B8955CE0A2AA9D0719920B30216717B349B6FBE11C697C31CFA84F859CC1AE ] C:\Windows\System32\dllhost.exe

07:46:37.0367 0x0d74 C:\Windows\System32\dllhost.exe - ok

07:46:37.0367 0x0d74 [ 63AB43534CBF5D7F3EB81DFDC8161490, 205A6057200D0B14DC9EED71E5D96D7558C9215138EA3D7C73FAEB16074A93A7 ] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe

07:46:37.0367 0x0d74 C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\PhotoshopElementsFileAgent.exe - ok

07:46:37.0383 0x0d74 [ 9028D1621C43DF8DFBD1C76860412A11, A1D48D9B33180BDE50D2FA9BB07E9520B7B7788C39B3AABB4A06AE4B1AACA755 ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll

07:46:37.0383 0x0d74 C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.18201_none_a4d3b9377117c3df\comctl32.dll - ok

07:46:37.0383 0x0d74 [ BFE015272A8A81ECE1E79952DB49BBCE, 06C01ACC00E17235E7F41DB40947D4494FA2D2379FD4D2D915B87E6D5986D7AB ] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\platform.DLL

07:46:37.0383 0x0d74 C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\platform.DLL - ok

07:46:37.0383 0x0d74 [ A0A2C1D812C231C9BFE119FDC68E341B, F94446594EE17505956A715DFB28B51D09F00A7A65E56950661B889A57DE8FA8 ] C:\Windows\System32\IDStore.dll

07:46:37.0383 0x0d74 C:\Windows\System32\IDStore.dll - ok

07:46:37.0383 0x0d74 [ 639774C9ACD063F028F6084ABF5593AD, 9DFD80610CBBC9188F6C6BC85C87016B0AE42254FC289C2B578E85282BDD9C23 ] C:\Windows\System32\taskhost.exe

07:46:37.0383 0x0d74 C:\Windows\System32\taskhost.exe - ok

07:46:37.0383 0x0d74 [ E94C583CDE2348950155F2AF2876F34D, D00C7E0D665E467B712C68A446CC5BE14FDA743A2301878B3CEB72CDD0A8B8E7 ] C:\Windows\SysWOW64\mswsock.dll

07:46:37.0383 0x0d74 C:\Windows\SysWOW64\mswsock.dll - ok

07:46:37.0383 0x0d74 [ 7FF15A4F092CD4A96055BA69F903E3E9, 1B594E6D057C632ABB3A8CF838157369024BD6B9F515CA8E774B22FE71A11627 ] C:\Windows\SysWOW64\ws2_32.dll

07:46:37.0383 0x0d74 C:\Windows\SysWOW64\ws2_32.dll - ok

07:46:37.0383 0x0d74 [ 6CEF7856A3EFAC59470F6208F0F585CE, 0F7A80DB821FDE6580E9481B6DA44844F717DDB4983B0E3D562BE43726153951 ] C:\Windows\System32\mpr.dll

07:46:37.0383 0x0d74 C:\Windows\System32\mpr.dll - ok

07:46:37.0399 0x0d74 [ 65EA57712340C09B1B0C427B4848AE05, 5FDCF73191BFF9DBB03886755FFCF0BC15849F0E216884A5A8B9BB375FA7C1A5 ] C:\Windows\System32\taskeng.exe

07:46:37.0399 0x0d74 C:\Windows\System32\taskeng.exe - ok

07:46:37.0399 0x0d74 [ F9D908DE6B166DAC9B89BF62FA291CE8, D0A918AD60221623BB0278EA94CD6938744617FDBB2054968AFAFC2940648F02 ] C:\Program Files\Bonjour\mdnsNSP.dll

07:46:37.0399 0x0d74 C:\Program Files\Bonjour\mdnsNSP.dll - ok

07:46:37.0399 0x0d74 [ 94EEAC26F57811BD1AEFC164412F7FCE, 7390BCD7709D48DE75D7D6E06AA7356D1C58EE63F3CC2E07ABCD2E2FF6CC81CF ] C:\Windows\System32\PlaySndSrv.dll

07:46:37.0399 0x0d74 C:\Windows\System32\PlaySndSrv.dll - ok

07:46:37.0399 0x0d74 [ 6377051C63D5552A311935C67E9FDFDC, 3FB82988AAB66813567E8DB951D4EE87F156201070F005FDBF52EF998A323E65 ] C:\Windows\SysWOW64\nsi.dll

07:46:37.0399 0x0d74 C:\Windows\SysWOW64\nsi.dll - ok

07:46:37.0399 0x0d74 [ 561FA2ABB31DFA8FAB762145F81667C2, DF96156F6A548FD6FE5672918DE5AE4509D3C810A57BFFD2A91DE45A3ED5B23B ] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\MSVCP71.dll

07:46:37.0399 0x0d74 C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\MSVCP71.dll - ok

07:46:37.0399 0x0d74 [ BAFE84E637BF7388C96EF48D4D3FDD53, 11C194D9ADCE90027272C627D7FBF3BA5025FF0F7B26A8333F764E11E1382CF9 ] C:\Windows\System32\userinit.exe

07:46:37.0399 0x0d74 C:\Windows\System32\userinit.exe - ok

07:46:37.0399 0x0d74 [ 5997D769CDB108390DCFAEBF442BF816, 0E25CA984C0EEB629184423FAA9BC6D4356DF9A93F281E06DC83B4AC638AEC4A ] C:\Windows\SysWOW64\RpcRtRemote.dll

07:46:37.0399 0x0d74 C:\Windows\SysWOW64\RpcRtRemote.dll - ok

07:46:37.0399 0x0d74 [ AFB5B500AD69E24ED1BC15D1161641EF, C8EE01224FA8020DAE6F9BCE2FD88EDC2441164393ED6E68DAA1EA0B8190276F ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL

07:46:37.0399 0x0d74 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL - ok

07:46:37.0414 0x0d74 [ F162D5F5E845B9DC352DD1BAD8CEF1BC, 8A7B7528DB30AB123B060D8E41954D95913C07BB40CDAE32E97F9EDB0BAF79C7 ] C:\Windows\System32\dwm.exe

07:46:37.0414 0x0d74 C:\Windows\System32\dwm.exe - ok

07:46:37.0414 0x0d74 [ 88351B29B622B30962D2FEB6CA8D860B, A16CAD7D94C1C9807083BB36E9B4C3C14E6482C4CA2BDFACBCC86E737DDCE42E ] C:\Windows\System32\rasadhlp.dll

07:46:37.0414 0x0d74 C:\Windows\System32\rasadhlp.dll - ok

07:46:37.0414 0x0d74 [ 86F1895AE8C5E8B17D99ECE768A70732, 8094AF5EE310714CAEBCCAEEE7769FFB08048503BA478B879EDFEF5F1A24FEFE ] C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\MSVCR71.dll

07:46:37.0414 0x0d74 C:\Program Files (x86)\Adobe\Photoshop Elements 5.0\MSVCR71.dll - ok

07:46:37.0414 0x0d74 [ FCFCD1101C5DA23B4B95F93D02B2C169, 040A086875B6C5475490A2F8B0CF4FF20DDB4FEDFE5FCABBA49692AA05F40527 ] C:\Windows\System32\dwmredir.dll

07:46:37.0414 0x0d74 C:\Windows\System32\dwmredir.dll - ok

07:46:37.0414 0x0d74 [ 9FCA3A84338ADEF2AFF67CDA46EF8539, 087DF72096852AE98C56990EE6E68835BE95E7E49ECDDE8B54DAC11C9E07FE94 ] C:\Windows\System32\umb.dll

07:46:37.0414 0x0d74 C:\Windows\System32\umb.dll - ok

07:46:37.0414 0x0d74 [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA, 8A6ACEFAB95E5275CBFBE6CCB5A6C3A6A471260B279B9063E86B9C7765E18656 ] C:\Windows\System32\MsCtfMonitor.dll

07:46:37.0414 0x0d74 C:\Windows\System32\MsCtfMonitor.dll - ok

07:46:37.0414 0x0d74 [ F09A9A1AD21FE618C4C8B0A0D830C886, 29831DDAB2AB105358FBC067CDF96428220B6743CD6019F6FE74BAC7AF325E7E ] C:\Windows\System32\msutb.dll

07:46:37.0414 0x0d74 C:\Windows\System32\msutb.dll - ok

07:46:37.0414 0x0d74 [ 4BA77A5EF71C14C764B0ED4701683E3E, 066A064CDBE09BF8BE1DF5B259F30FF6C124A1C3D637800D3E19E8E25EDB950E ] C:\Windows\System32\dwmcore.dll

07:46:37.0414 0x0d74 C:\Windows\System32\dwmcore.dll - ok

07:46:37.0430 0x0d74 [ 45CFBFA8EDC3DF4E2B7FB0D0260FE051, 8EFD0A6DE6F4E335D342782190008FB5AC84A6ADE49170B310DEC9AC48E623E8 ] C:\Windows\System32\localspl.dll

07:46:37.0430 0x0d74 C:\Windows\System32\localspl.dll - ok

07:46:37.0430 0x0d74 [ F5CEF064C7E6D95DA86B9D064A56A969, F118CD4364690F37A07AE458E043E8CFBA98F332DC9E7228C83409CF26F6EF6D ] C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll

07:46:37.0430 0x0d74 C:\Windows\System32\api-ms-win-downlevel-advapi32-l2-1-0.dll - ok

07:46:37.0430 0x0d74 [ 9BB99503D6A4DD62569EDE9E5E2672A5, 6F4EA5BC50B1F929735246485263078BEF1B3BEB33F78CB1F483F13AA226C27E ] C:\Windows\System32\HotStartUserAgent.dll

07:46:37.0430 0x0d74 C:\Windows\System32\HotStartUserAgent.dll - ok

07:46:37.0430 0x0d74 [ 522B0466ED967A0762E9AF5B37D8F40A, B14C62D059BC7CF430E1B0F6E18E31EFD1959EFB3025A2B0EBB11751F38DD6D4 ] C:\Windows\System32\esent.dll

07:46:37.0430 0x0d74 C:\Windows\System32\esent.dll - ok

07:46:37.0430 0x0d74 [ BF95EA5809E3BBF55370F7CB309FEBD0, 62ADBA6E1A7DDDEFA971580161F30896DFFC27EB4EB82E3CC72062D57DA66500 ] C:\Windows\System32\conhost.exe

07:46:37.0430 0x0d74 C:\Windows\System32\conhost.exe - ok

07:46:37.0430 0x0d74 [ 805A52C5AE26C28E88FDD9BCCFE6F312, 4FF28D3658C31722B7DD036DED9D544B14841C0E0B94D31A8EC5AB92128DA020 ] C:\Windows\System32\TSChannel.dll

07:46:37.0430 0x0d74 C:\Windows\System32\TSChannel.dll - ok

07:46:37.0430 0x0d74 [ 506708142BC63DABA64F2D3AD1DCD5BF, 9C36A08D9E7932FF4DA7B5F24E6B42C92F28685B8ABE964C870E8D7670FD531A ] C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

07:46:37.0430 0x0d74 C:\Program Files (x86)\Google\Update\GoogleUpdate.exe - ok

07:46:37.0445 0x0d74 [ 3285481F5C12305CA104A6C493CA5A0B, ADB39B15D26A954B0F347C7BAFCC76DE5E3CF3CF05736E8987E0832AA7F8563C ] C:\Windows\System32\spoolss.dll

07:46:37.0445 0x0d74 C:\Windows\System32\spoolss.dll - ok

07:46:37.0445 0x0d74 [ 0015ACFBBDD164A8A730009908868CA7, E1FF243AD2CF959FAB81EFE701592414991C03416FF296ADC93906E76B707C4D ] C:\Windows\System32\winspool.drv

07:46:37.0445 0x0d74 C:\Windows\System32\winspool.drv - ok

07:46:37.0445 0x0d74 [ 332FEAB1435662FC6C672E25BEB37BE3, 6BED1A3A956A859EF4420FEB2466C040800EAF01EF53214EF9DAB53AEFF1CFF0 ] C:\Windows\explorer.exe

07:46:37.0445 0x0d74 C:\Windows\explorer.exe - ok

07:46:37.0445 0x0d74 [ 6D6B5D52BB81F82F5D0103E6175D1F4F, 14DE1E4C28FC5F8CFFA7D925561DC1F237D55DD663836E20AA4D7485B01C261D ] C:\Program Files (x86)\Google\Update\1.3.21.165\goopdate.dll

07:46:37.0445 0x0d74 C:\Program Files (x86)\Google\Update\1.3.21.165\goopdate.dll - ok

07:46:37.0445 0x0d74 [ 3FD15B4611D9BDA3F8013548C0ECAECA, B47A8D9985D9B71EB870816A0AB2B6403D394CCBDF7DE5378D5721D58D68D28D ] C:\Windows\SysWOW64\ntmarta.dll

07:46:37.0445 0x0d74 C:\Windows\SysWOW64\ntmarta.dll - ok

07:46:37.0445 0x0d74 [ ADDA5E1951B90D3D23C56D3CF0622ADC, E85E7BFD29F00ED34BF5BE8BD4DA93CBB14278E16809BB55406875F0DA88551E ] C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe

07:46:37.0445 0x0d74 C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe - ok

07:46:37.0445 0x0d74 [ A8BB45F9ECAD993461E0FEF8E2A99152, ACB756EA54E71F124D928829666B5B439785593877FF7C0C76ADCF954F4E6C94 ] C:\Windows\SysWOW64\Wldap32.dll

07:46:37.0445 0x0d74 C:\Windows\SysWOW64\Wldap32.dll - ok

07:46:37.0445 0x0d74 [ 9AE80F6A66B30E3ED8CDF858CF28B11B, A93E470DC54E3C74C10979D49CABB9A34893F9E847F88491F935DB44EEC3541A ] C:\Windows\System32\d3d10_1.dll

07:46:37.0445 0x0d74 C:\Windows\System32\d3d10_1.dll - ok

07:46:37.0461 0x0d74 [ CC09E0C9A2D89C6E71D093DC8BD121B7, 5F92457E27D817541EBA92FED984D2E6C1E35AD4E4E4CAE0F0778B795C260FAA ] C:\Windows\SysWOW64\crypt32.dll

07:46:37.0461 0x0d74 C:\Windows\SysWOW64\crypt32.dll - ok

07:46:37.0461 0x0d74 [ C5AC93CF3BA30D367FB49148A2B673B9, 07B556039BBA841BC9F28979C3AD5D238B55391F921C9C805F3AFC9EFB437766 ] C:\Windows\System32\PrintIsolationProxy.dll

07:46:37.0461 0x0d74 C:\Windows\System32\PrintIsolationProxy.dll - ok

07:46:37.0461 0x0d74 [ 857B9C9DBFD9B9B1C0D24B5FBE6FEE8D, D9E08E38DC1D56B1860635E6F1B07417E969F691EBE735A78CEE386DE2436597 ] C:\Windows\System32\dopdfmn7.dll

07:46:37.0461 0x0d74 C:\Windows\System32\dopdfmn7.dll - ok

07:46:37.0461 0x0d74 [ 63F72417CA38D8FC8F53709649B589E3, 39AE8AFFCFB8A9E345FC4C6F11926F25552C464380F88CDECD299FD27AF7866B ] C:\Windows\System32\d3d10_1core.dll

07:46:37.0461 0x0d74 C:\Windows\System32\d3d10_1core.dll - ok

07:46:37.0461 0x0d74 [ 6FE91BDE1F8B9FD1A49D434643DE1370, 4D11CB8527C1CA34FF4B1A30DEDC70B7476A95665D4C098E2FE6AB141CBC11D8 ] C:\Windows\System32\E_YLMHVA.DLL

07:46:37.0461 0x0d74 C:\Windows\System32\E_YLMHVA.DLL - ok

07:46:37.0461 0x0d74 [ A90DC9ABD65DB1A8902F361103029952, 26798758976CE53251AC342B966BE0363AE1794BD965C452F5DEBC33E18969F0 ] C:\Windows\SysWOW64\IPHLPAPI.DLL

07:46:37.0461 0x0d74 C:\Windows\SysWOW64\IPHLPAPI.DLL - ok

07:46:37.0461 0x0d74 [ 9C9FC1683DCE4F3FE24FDE04518E138D, AC77C47CB7270DC09C049D7849FE8C35A07DDAE851D8E3B2D73A925064633342 ] C:\Windows\System32\enppmon.dll

07:46:37.0461 0x0d74 C:\Windows\System32\enppmon.dll - ok

07:46:37.0461 0x0d74 [ CFF35B879D1618D42C86644C717BA947, 1837275202628D3320867A3BF8CFDA15491730C4B74215F7C0D7E140BF01AC3C ] C:\Windows\SysWOW64\winnsi.dll

07:46:37.0461 0x0d74 C:\Windows\SysWOW64\winnsi.dll - ok

07:46:37.0477 0x0d74 [ 8DFB5752FCE145A6B295093C0A8BE131, F38029C8B36EFD46B1F6CCA0089FF4EFB0AB246497E38EDFF6A67FAC804D4A97 ] C:\Windows\System32\dxgi.dll

07:46:37.0477 0x0d74 C:\Windows\System32\dxgi.dll - ok

07:46:37.0477 0x0d74 [ 938F39B50BAFE13D6F58C7790682C010, 902000EE51EFEABAF6A4B30F880AA37083D2232C6FC622CA513C4A823390FEDA ] C:\Windows\SysWOW64\msasn1.dll

07:46:37.0477 0x0d74 C:\Windows\SysWOW64\msasn1.dll - ok

07:46:37.0477 0x0d74 [ 68EAAEDF0365168B804E8728368FA946, 1FA25087E8B247B099B729F780DBF24F77FD34F58186A1C94329261CF3D18B8E ] C:\Windows\SysWOW64\wintrust.dll

07:46:37.0477 0x0d74 C:\Windows\SysWOW64\wintrust.dll - ok

07:46:37.0477 0x0d74 [ 352B3DC62A0D259A82A052238425C872, 393B24E0D6007C74AEE2FB2EE2C18623D37DF64E279B6767952DCFEE0EACBB10 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll

07:46:37.0477 0x0d74 C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok

07:46:37.0477 0x0d74 [ CDBE9690CF2B8409FACAD94FAC9479C9, 8E7FE1A1F3550C479FFD86A77BC9D10686D47F8727025BB891D8F4F0259354C8 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll

07:46:37.0477 0x0d74 C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok

07:46:37.0477 0x0d74 [ 4C92EB7535CAA1681A77D928FBF9771F, 7D02B2357CA02393CA711C3C499AAD86B792EEFFDC67F2CE52F7F7BB8A28DE79 ] C:\Windows\System32\d3d11.dll

07:46:37.0477 0x0d74 C:\Windows\System32\d3d11.dll - ok

07:46:37.0477 0x0d74 [ 1658E808E4D4889C66DE47EC87F1DED1, 53A97CEC6391444A4C8C5A057C6238C20AE29669F21A27EBF1E66DA5918A4979 ] C:\Windows\System32\msvcp60.dll

07:46:37.0477 0x0d74 C:\Windows\System32\msvcp60.dll - ok

07:46:37.0477 0x0d74 [ 30E3850F303EAE5C364782EA78579CC9, 8C94E5A9052F6E794685194EEACB31A174A947D60246908B6A0DEFA081A747A3 ] C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe

07:46:37.0477 0x0d74 C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe - ok

07:46:37.0492 0x0d74 [ 544482D396F1A0C0337879847032FBB3, 8391E3DD7937A75FF72D951880B1BB4588BD5F3BCE087364C4B974292F6D38D0 ] C:\Windows\System32\enpres.dll

07:46:37.0492 0x0d74 C:\Windows\System32\enpres.dll - ok

07:46:37.0492 0x0d74 [ 19E41CCCEE697CC9465396B370929792, A9FC4C33C71C3677FE57779380E55FDE2AC0B0C70A9DBCBA0D0B6FA92C709A7F ] C:\Windows\System32\FXSMON.dll

07:46:37.0492 0x0d74 C:\Windows\System32\FXSMON.dll - ok

07:46:37.0492 0x0d74 [ AF1094AA7B76EE4560DFFCC5F269EF79, 539A79149E85C282B7D400972EE1678FF56076BA5F57F18AFCB9F11AAE8294C8 ] C:\Windows\System32\nitrolocalmon2.dll

07:46:37.0492 0x0d74 C:\Windows\System32\nitrolocalmon2.dll - ok

07:46:37.0492 0x0d74 [ 0B3595A4FF0B36D68E5FC67FD7D70FDC, 372AF797353F9335915CD06D4076BAB8410775DCAF2DAC0593197D7C41BBFFB2 ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll

07:46:37.0492 0x0d74 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcp80.dll - ok

07:46:37.0492 0x0d74 [ 62A0ED06E9FF55EEF51B27EC4839EE0B, C206495B66EC9CBCDE0D7D9A2F420ADEF750B81BBD75A578F0A15F66864A0C98 ] C:\Windows\System32\hpz3lw71.dll

07:46:37.0492 0x0d74 C:\Windows\System32\hpz3lw71.dll - ok

07:46:37.0492 0x0d74 [ B2DB6ABA2E292235749B80A9C3DFA867, 92BCB678E2D0A7A9C15A74B41846D8723B96E37181407C0E8A56C7105659AAF3 ] C:\Windows\SysWOW64\imagehlp.dll

07:46:37.0492 0x0d74 C:\Windows\SysWOW64\imagehlp.dll - ok

07:46:37.0492 0x0d74 [ EED05D42D91835064703E2318552ED25, E9EE1E2253445B207B76F5D3073C612ED979A982522C1515E0FE8FA9641AE568 ] C:\Windows\System32\ExplorerFrame.dll

07:46:37.0492 0x0d74 C:\Windows\System32\ExplorerFrame.dll - ok

07:46:37.0508 0x0d74 [ 32A3C8600AF124CBAAD845F13CFAE3CB, F36FE9E57D5C509FEECE890F9F8717F9CC6F762E32AE0B7DB7E0153370CE0B9D ] C:\Windows\System32\tcpmon.dll

07:46:37.0508 0x0d74 C:\Windows\System32\tcpmon.dll - ok

07:46:37.0508 0x0d74 [ 93518C6EDE0B61BCBD02BDB02BD05FEE, 3637F5E5F15093AFB501EE910368CF900B422AC22669391FFA4198BBAE6F8FCB ] C:\Windows\System32\snmpapi.dll

07:46:37.0508 0x0d74 C:\Windows\System32\snmpapi.dll - ok

07:46:37.0508 0x0d74 [ A6C29DB53ECA94FA8591C5388D604B82, F25E95BA669422286A8FA3A68E0C639A2F06319B6DC8FA641C965CFB27A50BD6 ] C:\Windows\SysWOW64\msi.dll

07:46:37.0508 0x0d74 C:\Windows\SysWOW64\msi.dll - ok

07:46:37.0508 0x0d74 [ C9564CF4976E7E96B4052737AA2492B4, C3AC989C8489A23BB96400B1856F5325FFC67E844F04651EA5D61BC20A991C6D ] C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll

07:46:37.0508 0x0d74 C:\Windows\winsxs\x86_microsoft.vc80.crt_1fc8b3b9a1e18e3b_8.0.50727.6195_none_d09154e044272b9a\msvcr80.dll - ok

07:46:37.0508 0x0d74 [ FFF9D00CF16397C64317F213484F94BD, 94D0584E14BDB27F61F59A7BCEA529A1594261BE0CE74502C13E8865843BA414 ] C:\Windows\System32\wsnmp32.dll

07:46:37.0508 0x0d74 C:\Windows\System32\wsnmp32.dll - ok

07:46:37.0508 0x0d74 [ EF2AE43BCD46ABB13FC3E5B2B1935C73, 81FC06F306F620845D7DD8D06E706309E70BC89B589C81F3478302A3F5F73431 ] C:\Windows\System32\winmm.dll

07:46:37.0508 0x0d74 C:\Windows\System32\winmm.dll - ok

07:46:37.0508 0x0d74 [ 99B91C5D2FCEF218CAD3600ECB62A799, E28F2903F86D39C5A69B5F89CCD6594E93A1BF1E4ACD613A0F2E2348DFA88D65 ] C:\Windows\System32\msxml6.dll

07:46:37.0508 0x0d74 C:\Windows\System32\msxml6.dll - ok

07:46:37.0508 0x0d74 [ A5BD2A901B11C3B0C47E7C7488CBC1D8, 507FEF6FB47D69F232EA9C3F5DBD60F4A10FF60F005B78B7C367B54FFE87BB3B ] C:\Windows\System32\igd10umd64.dll

07:46:37.0508 0x0d74 C:\Windows\System32\igd10umd64.dll - ok

07:46:37.0523 0x0d74 [ 8C22C6088057A00EAE7D963600F26EEB, 36314C0EFCF15806C0CD658A7DF53BF13D05AD76CB1BC3DBAB7A5F1F631C53ED ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll

07:46:37.0523 0x0d74 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\AppleVersions.dll - ok

07:46:37.0523 0x0d74 [ 6D41F6AA35220E7A54543075B27E8F83, 3350373F3443954B4DABE39955FD9B3C7FC223B73CC1429793A920ED17FB8A06 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll

07:46:37.0523 0x0d74 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\YSCrashDump.dll - ok

07:46:37.0523 0x0d74 [ EF8CD3C64EE9C08980D6D06CCCE46C68, 7DC061E0552BE776DC79662364DA1D90A4FF6D795002865DD1B1C3DEB77E4B98 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll

07:46:37.0523 0x0d74 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\CoreFoundation.dll - ok

07:46:37.0523 0x0d74 [ 62169BDD927A67C360A35F4526429B01, B93BBEBB49864E6CA3C03B1088DAAD4F872AD32B80D79D9C9011FAE490D37127 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll

07:46:37.0523 0x0d74 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\pthreadVC2.dll - ok

07:46:37.0523 0x0d74 [ 78865ABC5F5D13190F8B35BD9044714A, A16E0158129AE76AE459D9424D246C01ECECCC87A27C40D8DB0232330D2F5458 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll

07:46:37.0523 0x0d74 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\objc.dll - ok

07:46:37.0523 0x0d74 [ DF13A51A5C591887D2EC6AE64CEED0FA, DFD503AEBCAA056B2B0E669ACA52F6D26F4E6892F2DCFCCD902752C23A621653 ] C:\Windows\SysWOW64\wsock32.dll

07:46:37.0523 0x0d74 C:\Windows\SysWOW64\wsock32.dll - ok

07:46:37.0523 0x0d74 [ DF72A9936D0C3F517083119648814B09, 6BA4DCAC2F55A393A266ED0B2AF92B38141654D1666E3E143D85BBAF21663E1E ] C:\Windows\System32\usbmon.dll

07:46:37.0523 0x0d74 C:\Windows\System32\usbmon.dll - ok

07:46:37.0539 0x0d74 [ FF9831030678C7B6D70BAC00F68F8976, BFA9DA98F93910B8FE09EA06F917AB1F5435FCE9F786EABDF1970E19B2C63FDC ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll

07:46:37.0539 0x0d74 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libdispatch.dll - ok

07:46:37.0539 0x0d74 [ A1D7E3ADCDB07DDB6F423862DCB1A52B, 6191C33D2AE090F6F055D6AE211096CE8F003EC5518A5333EE1E376052176BAB ] C:\Windows\System32\WSDMon.dll

07:46:37.0539 0x0d74 C:\Windows\System32\WSDMon.dll - ok

07:46:37.0539 0x0d74 [ 18AB2E5A40064ED5F7791AC5946A90F3, B7536CE56702C23B1CEC3E1B6C78866E0A76808B85A92AF3733D9ED9429E004C ] C:\Windows\SysWOW64\msimg32.dll

07:46:37.0539 0x0d74 C:\Windows\SysWOW64\msimg32.dll - ok

07:46:37.0539 0x0d74 [ 024352FEEC9042260BB4CFB4D79A206B, 60CB39086E10C5B66EBC15E4DF219620B344B4358D2918AB6BB3448A0AC8BE36 ] C:\Windows\System32\EhStorShell.dll

07:46:37.0539 0x0d74 C:\Windows\System32\EhStorShell.dll - ok

07:46:37.0539 0x0d74 [ 43964FA89CCF97BA6BE34D69455AC65F, 10E3B89A5470E1BB6F73382135DD2352F5073C1EE8485D7476CFB5122D4AAA2F ] C:\Windows\SysWOW64\uxtheme.dll

07:46:37.0539 0x0d74 C:\Windows\SysWOW64\uxtheme.dll - ok

07:46:37.0539 0x0d74 [ F1B205F932F62F94506A5F332C895DAF, F02F01F20F655DD919C71AE814E4C3DD43330AAD1425FC5B1497F1613917CCDE ] C:\Windows\System32\WSDApi.dll

07:46:37.0539 0x0d74 C:\Windows\System32\WSDApi.dll - ok

07:46:37.0539 0x0d74 [ D5AEFAD57C08349A4393D987DF7C715D, C36A45BC2448DF30CD17BD2F8A17FC196FAFB685612CACCEB22DC7B58515C201 ] C:\Windows\SysWOW64\winmm.dll

07:46:37.0539 0x0d74 C:\Windows\SysWOW64\winmm.dll - ok

07:46:37.0539 0x0d74 [ 32802C0F6FC7C8F561B9D91F52A46421, EE02CF54FC3626D85849EF14D9B7B57419F12D1DD0735C25ECBD987EE53F634B ] C:\Windows\System32\cscui.dll

07:46:37.0539 0x0d74 C:\Windows\System32\cscui.dll - ok

07:46:37.0555 0x0d74 [ 465BEA35F7ED4A4A57686DEA7EA10F47, 7F1B3CA09AB045F805DA5765BE7DD270F5DDACE3073017F7386FF1E2FA82D6FB ] C:\Windows\SysWOW64\cscapi.dll

07:46:37.0555 0x0d74 C:\Windows\SysWOW64\cscapi.dll - ok

07:46:37.0555 0x0d74 [ 9ABB7CDAC0914579C86990048771B1B4, D2BDF9B4F3AB295CA9FA684B7AE120DD4CC468E4F690C6A15845188A3611BD2F ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll

07:46:37.0555 0x0d74 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuin.dll - ok

07:46:37.0555 0x0d74 [ 53223B673A3FA2F9A4D1C31C8D3F6CD8, B07A12E3ECD5E418A3F99F00C56E7F482F68CADE330E7C079DCCDFFAD2E21299 ] C:\Windows\SysWOW64\dbghelp.dll

07:46:37.0555 0x0d74 C:\Windows\SysWOW64\dbghelp.dll - ok

07:46:37.0555 0x0d74 [ 7EE5F17A21D9A9101207DF4BC37B085D, C07A56D52449B9F126B617FB4EFDC22EFE043C9B257B01967EA2FCCCA6216763 ] C:\Windows\System32\cscdll.dll

07:46:37.0555 0x0d74 C:\Windows\System32\cscdll.dll - ok

07:46:37.0555 0x0d74 [ C55516D98DD5D8F0153C2A9B4227DA86, DBC62B776CF06D0873A4C7CFCDF5B6F5C6E6C41917C326C090BCE58DC66EE09C ] C:\Windows\System32\webservices.dll

07:46:37.0555 0x0d74 C:\Windows\System32\webservices.dll - ok

07:46:37.0555 0x0d74 [ 1BF0CB861A48FEB1638228760750F3CB, 37C781A8C546EAD8B4D28BD7D730B9AC78EB799599AD69DAD9054B6F9F1DD6BD ] C:\Windows\System32\cscapi.dll

07:46:37.0555 0x0d74 C:\Windows\System32\cscapi.dll - ok

07:46:37.0555 0x0d74 [ 037A719DAD50603202C978CD802623E4, BD4C222913D32D7CF5FE0201FEBE7BD67FC39DF47A7A672C2D6C228A6E13B5DE ] C:\Windows\System32\ntshrui.dll

07:46:37.0555 0x0d74 C:\Windows\System32\ntshrui.dll - ok

07:46:37.0555 0x0d74 [ 1D63F4366288B8A7595397E27010FD44, 99EA4DDD88D9C4A4CC9B238F533CB4D2C062D46239173997E8594D8A75811A01 ] C:\Windows\System32\IconCodecService.dll

07:46:37.0555 0x0d74 C:\Windows\System32\IconCodecService.dll - ok

07:46:37.0570 0x0d74 [ 863F793D15B4026B1A5FDECA873D4D84, AF7ABD95BB5467551562F129F03C7AC9D52A021F7E547609F40A80E66932C942 ] C:\Windows\SysWOW64\apphelp.dll

07:46:37.0570 0x0d74 C:\Windows\SysWOW64\apphelp.dll - ok

07:46:37.0570 0x0d74 [ 025E7DBDB98866ED3CB2D4DDA70B364D, 78962F23F066E362AF1A4B98FA7D5E30AF30C561307438503031D30C944B6A6E ] C:\Windows\System32\runonce.exe

07:46:37.0570 0x0d74 C:\Windows\System32\runonce.exe - ok

07:46:37.0570 0x0d74 [ D47913F993A0E3A0C9F1E88FD02E98C6, 292AC2E38E76E74BCC92E583546C6E7571E68078E30BAB2042A29DD1E18D4D11 ] C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll

07:46:37.0570 0x0d74 C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libicuuc.dll - ok

07:46:37.0570 0x0d74 [ CF7B0E597C1F34E528285495721DEEE9, 59D8590D487F31DF38E389DF41D96951D14FC759E14F683465C17C0CAABD568F ] C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe

07:46:37.0570 0x0d74 C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler.exe - ok

07:46:37.0570 0x0d74 [ B5055B51BAA0FD0A736A88653DA3C1C0, A3BD057C7E8C926930BA7E9D11427D26FB37267026A0B72AB4021101EE424F74 ] C:\Windows\System32\fundisc.dll

07:46:37.0570 0x0d74 C:\Windows\System32\fundisc.dll - ok

07:46:37.0570 0x0d74 [ 4581716B4BF76ACFD8E167EB0B26D82A, 39D822527114EEED68044CCE4D542767F53978D9E0A7F72638F1CA9A016DE13B ] C:\Windows\System32\fdPnp.dll

07:46:37.0570 0x0d74 C:\Windows\System32\fdPnp.dll - ok

07:46:37.0570 0x0d74 [ 0DC0DE2966A6DBA4CFBF6639DF44F5BA, 815055681F21099CC227124E5A2F971F0E3C2FD0917DC40E78283F139766F25F ] C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe

07:46:37.0570 0x0d74 C:\Program Files (x86)\Google\Update\1.3.21.165\GoogleCrashHandler64.exe - ok

Rogue Sites after Clicking on links in google search

Recommended Posts

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites

Link to post

Share on other sites