Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

nsisvc.dll causeing system reboot?


  • Please log in to reply
3 replies to this topic

#1 Cernunnos

Cernunnos

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 04 April 2013 - 08:01 AM

Hello

Having a bit of an issue on a friends Windows 7 Home system. He claims to have made no changes which I have little reason to doubt, save the problems we're having.

After logging on the first time, I got an error message saying that 'Windows Live could not be authenticated, and some Windows Live services may not be available.' After confirming, a moment later the system reboots.

Booting into safe mode yielded the same, though after a minute or two. The next time I booted into Safe Mode, I disabled all services via the configuration utility. That allowed be to start up without issues.

First thing I had to do was narrow down what process was causing it. Turns out it was  Network Store Interface Service. After disabling the service, I can boot in normally without the system restarting.

First thing I looked at was the Event Log, but I didn’t see anything pertinent, admittedly I wasn’t as thorough as I should have been though.

Figuring that it was just something the got corrupted, though being clueless as to why it would yield this result,  I ran the windows repair utility. This cleared up the first issue (which is why the error message is not a direct quote). But the second persists.

With nsisvc disabled, I ran Avira's Luke Filewalker and Malwarebytes. Avira came up empty but Malwarebytes found “Trojan.Agent” in “C:\windows\svchost.exe”  After quarantining and removing that, it seemed to have no effect on the issues with nsisvc.

I am really at a loss. Both to the cause and the the symptom. And seeing as he hasn’t backed up anything since Caligula was Emperor of Rome, he would prefer to avoid wiping everything clean are starting fresh. That and I'm a glutton for punishment.

Any help or advice would be much appreciated.

-C


Edited by hamluis, 04 April 2013 - 08:06 AM.
Moved from Win 7 to Am I Infected - Hamluis.


BC AdBot (Login to Remove)

 


#2 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:47 AM

Posted 04 April 2013 - 08:03 AM

  • Please download TDSSKiller from here and save it to your Desktop
  • Doubleclick on TDSSKiller.exe to run the application, then click on Change parameters


    tds2.jpg

  • Check Loaded Modules and Detect TDLFS file system. Do not check Verify file digital signatures (even though it is checked in the example)
  • If you are asked to reboot because an "Extended Monitoring Driver is required" please click Reboot now


    2012081514h0118.png

  • Click Start Scan and allow the scan process to run
  • If threats are detected select Skip for all of them unless I instruct you otherwise
  • Click Continue


    tds6.jpg
  • Click Reboot computer
  • Please post the contents of TDSSKiller.[Version]_[Date]_[Time]_log.txt found in your root directory (typically c:\)in your reply
  • Due to forum upgrade you may face issues posting the TDSSkiller log.Just last few lines of log is sufficient

===================================================

RKILL
  • Please download Rkill by Grinler from one of the 4 links below (if one of them does not work try another.) and save it to your desktop:
  • Link 1
  • Link 2

  • In order for Rkill to run properly you must disable your anti-malware software. Please refer to this page if you are not sure how.
  • Double-click on Rkill. (If you are using Windows Vista, please right-click on it and select Run As Administrator)
  • Note: You may have to run Rkill a few times before it is successful. You may also have to download Rkill from a different link which will save it as a different file name.
  • A black screen will appear and then disappear. Please do not worry, that is normal. This means that the tool has been successfully executed.
  • An Rkill.log will appear. Please copy and paste the contents in your reply (file also located at c:\rkill.log)
  • Do not reboot your computer after running Rkill as the malware programs will start again. If your computer reboots, run Rkill again before continuing on to the next step.
  • If nothing happens or if the tool does not run, please let me know in your next reply.

===================================================

ESET Online Scanner

I'd like us to scan your machine with ESET OnlineScan This process may may take several hours, that is normal
  • Hold down Control and click on this link to open ESET OnlineScan in a new window.
  • Click the esetonlinebtn.png button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

    esetsmartinstaller_enu.png

    • Click on to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the icon on your desktop.

  • Check "YES, I accept the Terms of Use."
  • Click the Start button.
  • Accept any security warnings from your browser.
  • Under scan settings, check "Scan Archives" and "Remove found threats"
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology

  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, click List Threats
  • Copy and paste the information in your next reply. Note: If no malware was found you will not get a log.
  • Click the Back button.
  • Click the Finish button

===================================================

Junkware Removal Tool by thisisu
  • Please download Junkware Removal Tool
  • Disable your AntiVirus and AntiSpyware applications, usually via a right click on the System Tray icon. They may otherwise interfere with our tools. (Click on this link to see a list of programs that should be disabled. The list is not all inclusive.)
  • Right-mouse click JRT.exe and select Run as administrator (Windows XP double click the icon)
  • Please allow the program time to run
  • Once completed a Notepad document will open on your desktop
  • Copy and paste the contents in your reply.

Things I would like to see in your next reply. Please be sure to copy and paste the information rather than send an attachment. :thumbsup2:
  • TDSSKiller log
  • RKILL log
  • ESET log
  • Junkware removal tool log



#3 Cernunnos

Cernunnos
  • Topic Starter

  • Members
  • 3 posts
  • OFFLINE
  •  
  • Local time:05:47 AM

Posted 04 April 2013 - 05:26 PM

Sorry for the delay...

 

I ran TDSSkiller, Rkill, and JRT without issue. But ESET requires an internet connection, which I cannot establish for more than a few seconds if Network Store Interface is enabled.

 

14:35:44.0233 0788  TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
14:35:44.0763 0788  ============================================================
14:35:44.0763 0788  Current date / time: 2013/04/04 14:35:44.0763
14:35:44.0763 0788  SystemInfo:
14:35:44.0763 0788  
14:35:44.0763 0788  OS Version: 6.1.7601 ServicePack: 1.0
14:35:44.0763 0788  Product type: Workstation
14:35:44.0763 0788  ComputerName: ISIS
14:35:44.0763 0788  UserName: Mythrender
14:35:44.0763 0788  Windows directory: C:\Windows
14:35:44.0763 0788  System windows directory: C:\Windows
14:35:44.0763 0788  Running under WOW64
14:35:44.0763 0788  Processor architecture: Intel x64
14:35:44.0763 0788  Number of processors: 2
14:35:44.0763 0788  Page size: 0x1000
14:35:44.0763 0788  Boot type: Normal boot
14:35:44.0763 0788  ============================================================
14:35:47.0166 0788  BG loaded
14:35:47.0790 0788  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
14:35:47.0790 0788  Drive \Device\Harddisk5\DR5 - Size: 0x1DEFFFE00 (7.48 Gb), SectorSize: 0x200, Cylinders: 0x3D1, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
14:35:47.0790 0788  ============================================================
14:35:47.0790 0788  \Device\Harddisk0\DR0:
14:35:47.0790 0788  MBR partitions:
14:35:47.0790 0788  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
14:35:47.0790 0788  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x36037800
14:35:47.0821 0788  \Device\Harddisk0\DR0\Partition3: MBR, Type 0x7, StartLBA 0x3606A800, BlocksNum 0x2B6F800
14:35:47.0821 0788  \Device\Harddisk0\DR0\Partition4: MBR, Type 0x7, StartLBA 0x38BDA000, BlocksNum 0x17AB800
14:35:47.0821 0788  \Device\Harddisk5\DR5:
14:35:47.0821 0788  MBR partitions:
14:35:47.0821 0788  \Device\Harddisk5\DR5\Partition1: MBR, Type 0xB, StartLBA 0x2C, BlocksNum 0xEF3FA4
14:35:47.0821 0788  ============================================================
14:35:47.0868 0788  C: <-> \Device\Harddisk0\DR0\Partition2
14:35:47.0914 0788  D: <-> \Device\Harddisk0\DR0\Partition4
14:35:47.0946 0788  Z: <-> \Device\Harddisk0\DR0\Partition3
14:35:47.0946 0788  ============================================================
14:35:47.0946 0788  Initialize success
14:35:47.0946 0788  ============================================================
14:36:57.0039 1744  ============================================================
14:36:57.0039 1744  Scan started
14:36:57.0039 1744  Mode: Manual; TDLFS;
14:36:57.0039 1744  ============================================================
14:36:58.0537 1744  ================ Scan system memory ========================
14:36:58.0537 1744  System memory - ok
14:36:58.0537 1744  ================ Scan services =============================
14:36:58.0771 1744  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
14:36:58.0771 1744  1394ohci - ok
14:36:58.0833 1744  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
14:36:58.0833 1744  ACPI - ok
14:36:58.0864 1744  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
14:36:58.0864 1744  AcpiPmi - ok
14:36:58.0911 1744  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
14:36:58.0927 1744  adp94xx - ok
14:36:58.0942 1744  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
14:36:58.0942 1744  adpahci - ok
14:36:58.0958 1744  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
14:36:58.0958 1744  adpu320 - ok
14:36:59.0020 1744  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
14:36:59.0020 1744  AeLookupSvc - ok
14:36:59.0067 1744  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
14:36:59.0067 1744  AFD - ok
14:36:59.0130 1744  [ 98022774D9930ECBB292E70DB7601DF6 ] AGERESoftModem  C:\Windows\system32\DRIVERS\agrsm64.sys
14:36:59.0130 1744  AGERESoftModem - ok
14:36:59.0161 1744  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
14:36:59.0161 1744  agp440 - ok
14:36:59.0192 1744  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
14:36:59.0192 1744  ALG - ok
14:36:59.0208 1744  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
14:36:59.0208 1744  aliide - ok
14:36:59.0223 1744  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
14:36:59.0223 1744  amdide - ok
14:36:59.0286 1744  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
14:36:59.0286 1744  AmdK8 - ok
14:36:59.0301 1744  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
14:36:59.0301 1744  AmdPPM - ok
14:36:59.0332 1744  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
14:36:59.0332 1744  amdsata - ok
14:36:59.0348 1744  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
14:36:59.0348 1744  amdsbs - ok
14:36:59.0364 1744  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
14:36:59.0364 1744  amdxata - ok
14:36:59.0535 1744  [ B4837FE56D76B2E9EA90E5365CF6A2BE ] AntiVirSchedulerService C:\Program Files (x86)\Avira\AntiVir Desktop\sched.exe
14:36:59.0535 1744  AntiVirSchedulerService - ok
14:36:59.0551 1744  [ DF5A3016052755C910A206058B4A1729 ] AntiVirService  C:\Program Files (x86)\Avira\AntiVir Desktop\avguard.exe
14:36:59.0551 1744  AntiVirService - ok
14:36:59.0598 1744  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
14:36:59.0598 1744  AppID - ok
14:36:59.0629 1744  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
14:36:59.0629 1744  AppIDSvc - ok
14:36:59.0676 1744  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
14:36:59.0676 1744  Appinfo - ok
14:36:59.0769 1744  [ 5234837DFEC4092E235594B25CF02865 ] Application Updater C:\Program Files (x86)\Application Updater\ApplicationUpdater.exe
14:36:59.0785 1744  Application Updater - ok
14:36:59.0832 1744  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
14:36:59.0847 1744  arc - ok
14:36:59.0847 1744  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
14:36:59.0847 1744  arcsas - ok
14:36:59.0988 1744  [ 9217D874131AE6FF8F642F124F00A555 ] aspnet_state    C:\Windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe
14:37:00.0019 1744  aspnet_state - ok
14:37:00.0019 1744  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
14:37:00.0019 1744  AsyncMac - ok
14:37:00.0066 1744  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
14:37:00.0066 1744  atapi - ok
14:37:00.0112 1744  [ 54494B93BB5AD74C807100144EC30D64 ] atksgt          C:\Windows\system32\DRIVERS\atksgt.sys
14:37:00.0128 1744  atksgt - ok
14:37:00.0190 1744  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
14:37:00.0190 1744  AudioEndpointBuilder - ok
14:37:00.0206 1744  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
14:37:00.0206 1744  AudioSrv - ok
14:37:00.0268 1744  [ B1224E6B086CD6548315B04AB575A23E ] avgntflt        C:\Windows\system32\DRIVERS\avgntflt.sys
14:37:00.0268 1744  avgntflt - ok
14:37:00.0300 1744  [ ED45F12CFA62B83765C9C1496758CC87 ] avipbb          C:\Windows\system32\DRIVERS\avipbb.sys
14:37:00.0300 1744  avipbb - ok
14:37:00.0346 1744  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
14:37:00.0346 1744  AxInstSV - ok
14:37:00.0393 1744  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
14:37:00.0393 1744  b06bdrv - ok
14:37:00.0424 1744  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
14:37:00.0424 1744  b57nd60a - ok
14:37:00.0487 1744  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
14:37:00.0487 1744  BDESVC - ok
14:37:00.0502 1744  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
14:37:00.0518 1744  Beep - ok
14:37:00.0565 1744  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
14:37:00.0580 1744  BFE - ok
14:37:00.0643 1744  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
14:37:00.0643 1744  BITS - ok
14:37:00.0658 1744  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
14:37:00.0658 1744  blbdrive - ok
14:37:00.0705 1744  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
14:37:00.0705 1744  bowser - ok
14:37:00.0721 1744  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
14:37:00.0721 1744  BrFiltLo - ok
14:37:00.0768 1744  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
14:37:00.0768 1744  BrFiltUp - ok
14:37:00.0814 1744  [ 8EF0D5C41EC907751B8429162B1239ED ] Browser         C:\Windows\System32\browser.dll
14:37:00.0814 1744  Browser - ok
14:37:00.0846 1744  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
14:37:00.0846 1744  Brserid - ok
14:37:00.0861 1744  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
14:37:00.0892 1744  BrSerWdm - ok
14:37:00.0908 1744  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
14:37:00.0908 1744  BrUsbMdm - ok
14:37:00.0924 1744  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
14:37:00.0924 1744  BrUsbSer - ok
14:37:00.0955 1744  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
14:37:00.0955 1744  BTHMODEM - ok
14:37:01.0002 1744  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
14:37:01.0002 1744  bthserv - ok
14:37:01.0048 1744  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
14:37:01.0048 1744  cdfs - ok
14:37:01.0095 1744  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\DRIVERS\cdrom.sys
14:37:01.0095 1744  cdrom - ok
14:37:01.0126 1744  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
14:37:01.0142 1744  CertPropSvc - ok
14:37:01.0173 1744  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
14:37:01.0173 1744  circlass - ok
14:37:01.0236 1744  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
14:37:01.0251 1744  CLFS - ok
14:37:01.0360 1744  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
14:37:01.0360 1744  clr_optimization_v2.0.50727_32 - ok
14:37:01.0438 1744  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
14:37:01.0438 1744  clr_optimization_v2.0.50727_64 - ok
14:37:01.0485 1744  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
14:37:01.0548 1744  clr_optimization_v4.0.30319_32 - ok
14:37:01.0563 1744  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
14:37:01.0594 1744  clr_optimization_v4.0.30319_64 - ok
14:37:01.0641 1744  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
14:37:01.0657 1744  CmBatt - ok
14:37:01.0688 1744  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
14:37:01.0704 1744  cmdide - ok
14:37:01.0750 1744  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
14:37:01.0766 1744  CNG - ok
14:37:01.0766 1744  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
14:37:01.0766 1744  Compbatt - ok
14:37:01.0828 1744  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
14:37:01.0828 1744  CompositeBus - ok
14:37:01.0828 1744  COMSysApp - ok
14:37:01.0844 1744  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
14:37:01.0844 1744  crcdisk - ok
14:37:01.0891 1744  [ 4F5414602E2544A4554D95517948B705 ] CryptSvc        C:\Windows\system32\cryptsvc.dll
14:37:01.0891 1744  CryptSvc - ok
14:37:01.0969 1744  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
14:37:01.0969 1744  DcomLaunch - ok
14:37:02.0016 1744  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
14:37:02.0016 1744  defragsvc - ok
14:37:02.0078 1744  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
14:37:02.0078 1744  DfsC - ok
14:37:02.0094 1744  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
14:37:02.0109 1744  Dhcp - ok
14:37:02.0156 1744  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
14:37:02.0156 1744  discache - ok
14:37:02.0172 1744  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
14:37:02.0172 1744  Disk - ok
14:37:02.0187 1744  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
14:37:02.0203 1744  Dnscache - ok
14:37:02.0250 1744  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
14:37:02.0250 1744  dot3svc - ok
14:37:02.0296 1744  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
14:37:02.0312 1744  DPS - ok
14:37:02.0359 1744  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
14:37:02.0359 1744  drmkaud - ok
14:37:02.0437 1744  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
14:37:02.0452 1744  DXGKrnl - ok
14:37:02.0468 1744  EagleX64 - ok
14:37:02.0530 1744  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
14:37:02.0530 1744  EapHost - ok
14:37:02.0624 1744  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
14:37:02.0655 1744  ebdrv - ok
14:37:02.0686 1744  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
14:37:02.0686 1744  EFS - ok
14:37:02.0780 1744  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
14:37:02.0796 1744  ehRecvr - ok
14:37:02.0842 1744  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
14:37:02.0842 1744  ehSched - ok
14:37:02.0889 1744  [ A05FC7ECA0966EBB70E4D17B855A853B ] ElbyCDIO        C:\Windows\system32\Drivers\ElbyCDIO.sys
14:37:02.0889 1744  ElbyCDIO - ok
14:37:02.0952 1744  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
14:37:02.0967 1744  elxstor - ok
14:37:03.0014 1744  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
14:37:03.0014 1744  ErrDev - ok
14:37:03.0076 1744  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
14:37:03.0092 1744  EventSystem - ok
14:37:03.0108 1744  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
14:37:03.0123 1744  exfat - ok
14:37:03.0139 1744  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
14:37:03.0139 1744  fastfat - ok
14:37:03.0201 1744  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
14:37:03.0201 1744  Fax - ok
14:37:03.0217 1744  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
14:37:03.0217 1744  fdc - ok
14:37:03.0248 1744  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
14:37:03.0248 1744  fdPHost - ok
14:37:03.0264 1744  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
14:37:03.0279 1744  FDResPub - ok
14:37:03.0342 1744  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
14:37:03.0342 1744  FileInfo - ok
14:37:03.0373 1744  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
14:37:03.0373 1744  Filetrace - ok
14:37:03.0388 1744  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
14:37:03.0404 1744  flpydisk - ok
14:37:03.0420 1744  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
14:37:03.0420 1744  FltMgr - ok
14:37:03.0451 1744  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
14:37:03.0466 1744  FontCache - ok
14:37:03.0560 1744  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
14:37:03.0560 1744  FontCache3.0.0.0 - ok
14:37:03.0576 1744  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
14:37:03.0576 1744  FsDepends - ok
14:37:03.0622 1744  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
14:37:03.0622 1744  Fs_Rec - ok
14:37:03.0685 1744  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
14:37:03.0685 1744  fvevol - ok
14:37:03.0732 1744  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
14:37:03.0732 1744  gagp30kx - ok
14:37:03.0778 1744  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
14:37:03.0794 1744  gpsvc - ok
14:37:03.0841 1744  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] hamachi         C:\Windows\system32\DRIVERS\hamachi.sys
14:37:03.0841 1744  hamachi - ok
14:37:03.0950 1744  [ 785FD63B74B30986A9F2C7D965CA509F ] Hamachi2Svc     C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
14:37:03.0966 1744  Hamachi2Svc - ok
14:37:03.0997 1744  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
14:37:04.0012 1744  hcw85cir - ok
14:37:04.0090 1744  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
14:37:04.0090 1744  HdAudAddService - ok
14:37:04.0106 1744  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
14:37:04.0106 1744  HDAudBus - ok
14:37:04.0106 1744  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
14:37:04.0106 1744  HidBatt - ok
14:37:04.0122 1744  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
14:37:04.0137 1744  HidBth - ok
14:37:04.0153 1744  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
14:37:04.0153 1744  HidIr - ok
14:37:04.0184 1744  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
14:37:04.0200 1744  hidserv - ok
14:37:04.0200 1744  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
14:37:04.0200 1744  HidUsb - ok
14:37:04.0246 1744  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
14:37:04.0246 1744  hkmsvc - ok
14:37:04.0278 1744  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
14:37:04.0293 1744  HomeGroupListener - ok
14:37:04.0340 1744  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
14:37:04.0340 1744  HomeGroupProvider - ok
14:37:04.0356 1744  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
14:37:04.0371 1744  HpSAMD - ok
14:37:04.0449 1744  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
14:37:04.0449 1744  HTTP - ok
14:37:04.0465 1744  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
14:37:04.0465 1744  hwpolicy - ok
14:37:04.0512 1744  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\DRIVERS\i8042prt.sys
14:37:04.0512 1744  i8042prt - ok
14:37:04.0543 1744  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
14:37:04.0543 1744  iaStorV - ok
14:37:04.0668 1744  [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT        C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
14:37:04.0683 1744  IDriverT - ok
14:37:04.0746 1744  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
14:37:04.0761 1744  idsvc - ok
14:37:04.0792 1744  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
14:37:04.0792 1744  iirsp - ok
14:37:04.0855 1744  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
14:37:04.0870 1744  IKEEXT - ok
14:37:04.0886 1744  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
14:37:04.0886 1744  intelide - ok
14:37:04.0902 1744  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
14:37:04.0902 1744  intelppm - ok
14:37:04.0948 1744  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
14:37:04.0948 1744  IPBusEnum - ok
14:37:05.0011 1744  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
14:37:05.0011 1744  IpFilterDriver - ok
14:37:05.0058 1744  [ A34A587FFFD45FA649FBA6D03784D257 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
14:37:05.0058 1744  iphlpsvc - ok
14:37:05.0104 1744  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
14:37:05.0104 1744  IPMIDRV - ok
14:37:05.0136 1744  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
14:37:05.0136 1744  IPNAT - ok
14:37:05.0151 1744  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
14:37:05.0151 1744  IRENUM - ok
14:37:05.0198 1744  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
14:37:05.0198 1744  isapnp - ok
14:37:05.0229 1744  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
14:37:05.0229 1744  iScsiPrt - ok
14:37:05.0276 1744  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\DRIVERS\kbdclass.sys
14:37:05.0276 1744  kbdclass - ok
14:37:05.0276 1744  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\DRIVERS\kbdhid.sys
14:37:05.0292 1744  kbdhid - ok
14:37:05.0292 1744  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
14:37:05.0307 1744  KeyIso - ok
14:37:05.0354 1744  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
14:37:05.0354 1744  KSecDD - ok
14:37:05.0416 1744  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
14:37:05.0432 1744  KSecPkg - ok
14:37:05.0479 1744  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
14:37:05.0479 1744  ksthunk - ok
14:37:05.0526 1744  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
14:37:05.0526 1744  KtmRm - ok
14:37:05.0588 1744  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
14:37:05.0604 1744  LanmanServer - ok
14:37:05.0650 1744  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
14:37:05.0650 1744  LanmanWorkstation - ok
14:37:05.0682 1744  [ 5EA407821BB3104C31A705175AB4F309 ] lirsgt          C:\Windows\system32\DRIVERS\lirsgt.sys
14:37:05.0682 1744  lirsgt - ok
14:37:05.0713 1744  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
14:37:05.0713 1744  lltdio - ok
14:37:05.0775 1744  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
14:37:05.0775 1744  lltdsvc - ok
14:37:05.0791 1744  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
14:37:05.0791 1744  lmhosts - ok
14:37:05.0822 1744  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
14:37:05.0822 1744  LSI_FC - ok
14:37:05.0822 1744  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
14:37:05.0838 1744  LSI_SAS - ok
14:37:05.0838 1744  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
14:37:05.0838 1744  LSI_SAS2 - ok
14:37:05.0853 1744  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
14:37:05.0853 1744  LSI_SCSI - ok
14:37:05.0884 1744  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
14:37:05.0884 1744  luafv - ok
14:37:05.0916 1744  [ DC8490812A3B72811AE534F423B4C206 ] MBAMProtector   C:\Windows\system32\drivers\mbam.sys
14:37:05.0916 1744  MBAMProtector - ok
14:37:06.0025 1744  [ 43683E970F008C93C9429EF428147A54 ] MBAMService     C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
14:37:06.0025 1744  MBAMService - ok
14:37:06.0072 1744  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
14:37:06.0072 1744  Mcx2Svc - ok
14:37:06.0087 1744  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
14:37:06.0087 1744  megasas - ok
14:37:06.0087 1744  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
14:37:06.0103 1744  MegaSR - ok
14:37:06.0134 1744  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
14:37:06.0134 1744  MMCSS - ok
14:37:06.0150 1744  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
14:37:06.0150 1744  Modem - ok
14:37:06.0181 1744  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
14:37:06.0181 1744  monitor - ok
14:37:06.0212 1744  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
14:37:06.0212 1744  mouclass - ok
14:37:06.0228 1744  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
14:37:06.0228 1744  mouhid - ok
14:37:06.0274 1744  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
14:37:06.0290 1744  mountmgr - ok
14:37:06.0368 1744  [ 8A7C8F4C713E70D73946833D76B77035 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
14:37:06.0368 1744  MozillaMaintenance - ok
14:37:06.0415 1744  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
14:37:06.0415 1744  mpio - ok
14:37:06.0430 1744  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
14:37:06.0430 1744  mpsdrv - ok
14:37:06.0493 1744  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
14:37:06.0493 1744  MpsSvc - ok
14:37:06.0540 1744  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
14:37:06.0555 1744  MRxDAV - ok
14:37:06.0586 1744  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
14:37:06.0586 1744  mrxsmb - ok
14:37:06.0649 1744  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
14:37:06.0649 1744  mrxsmb10 - ok
14:37:06.0680 1744  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
14:37:06.0680 1744  mrxsmb20 - ok
14:37:06.0727 1744  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
14:37:06.0727 1744  msahci - ok
14:37:06.0758 1744  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
14:37:06.0758 1744  msdsm - ok
14:37:06.0805 1744  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
14:37:06.0820 1744  MSDTC - ok
14:37:06.0867 1744  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
14:37:06.0867 1744  Msfs - ok
14:37:06.0883 1744  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
14:37:06.0883 1744  mshidkmdf - ok
14:37:06.0914 1744  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
14:37:06.0914 1744  msisadrv - ok
14:37:06.0961 1744  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
14:37:06.0961 1744  MSiSCSI - ok
14:37:06.0961 1744  msiserver - ok
14:37:07.0008 1744  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
14:37:07.0008 1744  MSKSSRV - ok
14:37:07.0039 1744  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
14:37:07.0054 1744  MSPCLOCK - ok
14:37:07.0054 1744  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
14:37:07.0054 1744  MSPQM - ok
14:37:07.0117 1744  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
14:37:07.0117 1744  MsRPC - ok
14:37:07.0179 1744  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
14:37:07.0179 1744  mssmbios - ok
14:37:07.0195 1744  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
14:37:07.0210 1744  MSTEE - ok
14:37:07.0226 1744  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
14:37:07.0226 1744  MTConfig - ok
14:37:07.0257 1744  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
14:37:07.0257 1744  Mup - ok
14:37:07.0304 1744  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
14:37:07.0320 1744  napagent - ok
14:37:07.0351 1744  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
14:37:07.0366 1744  NativeWifiP - ok
14:37:07.0398 1744  [ 79B47FD40D9A817E932F9D26FAC0A81C ] NDIS            C:\Windows\system32\drivers\ndis.sys
14:37:07.0398 1744  NDIS - ok
14:37:07.0444 1744  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
14:37:07.0444 1744  NdisCap - ok
14:37:07.0460 1744  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
14:37:07.0476 1744  NdisTapi - ok
14:37:07.0507 1744  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
14:37:07.0507 1744  Ndisuio - ok
14:37:07.0554 1744  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
14:37:07.0554 1744  NdisWan - ok
14:37:07.0616 1744  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
14:37:07.0616 1744  NDProxy - ok
14:37:07.0632 1744  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
14:37:07.0632 1744  NetBIOS - ok
14:37:07.0678 1744  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
14:37:07.0678 1744  NetBT - ok
14:37:07.0694 1744  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
14:37:07.0694 1744  Netlogon - ok
14:37:07.0741 1744  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
14:37:07.0741 1744  Netman - ok
14:37:07.0788 1744  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetMsmqActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:07.0803 1744  NetMsmqActivator - ok
14:37:07.0803 1744  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetPipeActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:07.0819 1744  NetPipeActivator - ok
14:37:07.0819 1744  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
14:37:07.0819 1744  netprofm - ok
14:37:07.0834 1744  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpActivator c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:07.0834 1744  NetTcpActivator - ok
14:37:07.0834 1744  [ D22CD77D4F0D63D1169BB35911BFF12D ] NetTcpPortSharing c:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
14:37:07.0834 1744  NetTcpPortSharing - ok
14:37:07.0866 1744  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
14:37:07.0866 1744  nfrd960 - ok
14:37:07.0897 1744  [ 1EE99A89CC788ADA662441D1E9830529 ] NlaSvc          C:\Windows\System32\nlasvc.dll
14:37:07.0897 1744  NlaSvc - ok
14:37:07.0912 1744  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
14:37:07.0912 1744  Npfs - ok
14:37:07.0975 1744  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
14:37:07.0975 1744  nsi - ok
14:37:07.0975 1744  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
14:37:07.0975 1744  nsiproxy - ok
14:37:08.0022 1744  [ A2F74975097F52A00745F9637451FDD8 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
14:37:08.0037 1744  Ntfs - ok
14:37:08.0068 1744  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
14:37:08.0068 1744  Null - ok
14:37:08.0318 1744  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] nvlddmkm        C:\Windows\system32\DRIVERS\nvlddmkm.sys
14:37:08.0396 1744  nvlddmkm - ok
14:37:08.0443 1744  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
14:37:08.0443 1744  nvraid - ok
14:37:08.0458 1744  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
14:37:08.0474 1744  nvstor - ok
14:37:08.0521 1744  [ DDFAFCE89A5C93D04712B86F94E9FCBA ] NVSvc           C:\Windows\system32\nvvsvc.exe
14:37:08.0521 1744  NVSvc - ok
14:37:08.0614 1744  [ 84E035225474E48CD3A6A3CE52332095 ] nvUpdatusService C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Update Core\daemonu.exe
14:37:08.0630 1744  nvUpdatusService - ok
14:37:08.0661 1744  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
14:37:08.0661 1744  nv_agp - ok
14:37:08.0692 1744  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
14:37:08.0692 1744  ohci1394 - ok
14:37:08.0739 1744  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
14:37:08.0739 1744  p2pimsvc - ok
14:37:08.0755 1744  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
14:37:08.0770 1744  p2psvc - ok
14:37:08.0817 1744  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
14:37:08.0817 1744  Parport - ok
14:37:08.0864 1744  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
14:37:08.0864 1744  partmgr - ok
14:37:08.0880 1744  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
14:37:08.0880 1744  PcaSvc - ok
14:37:08.0958 1744  [ 51209FBDB13A46E05C1B0077A9310264 ] PCDSRVC{34AE0CE0-2556444B-06000000}_0 d:\hp\pcdrwinpe\pc-doctor for win pe\pcdsrvc_x64.pkms
14:37:09.0004 1744  PCDSRVC{34AE0CE0-2556444B-06000000}_0 - ok
14:37:09.0036 1744  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
14:37:09.0036 1744  pci - ok
14:37:09.0082 1744  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
14:37:09.0082 1744  pciide - ok
14:37:09.0114 1744  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
14:37:09.0114 1744  pcmcia - ok
14:37:09.0129 1744  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
14:37:09.0129 1744  pcw - ok
14:37:09.0160 1744  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
14:37:09.0160 1744  PEAUTH - ok
14:37:09.0301 1744  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
14:37:09.0301 1744  PerfHost - ok
14:37:09.0379 1744  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
14:37:09.0394 1744  pla - ok
14:37:09.0426 1744  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
14:37:09.0426 1744  PlugPlay - ok
14:37:09.0472 1744  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
14:37:09.0472 1744  PNRPAutoReg - ok
14:37:09.0504 1744  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
14:37:09.0504 1744  PNRPsvc - ok
14:37:09.0535 1744  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
14:37:09.0535 1744  PolicyAgent - ok
14:37:09.0597 1744  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
14:37:09.0597 1744  Power - ok
14:37:09.0644 1744  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
14:37:09.0644 1744  PptpMiniport - ok
14:37:09.0691 1744  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
14:37:09.0691 1744  Processor - ok
14:37:09.0753 1744  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
14:37:09.0753 1744  ProfSvc - ok
14:37:09.0753 1744  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
14:37:09.0753 1744  ProtectedStorage - ok
14:37:09.0816 1744  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
14:37:09.0816 1744  Psched - ok
14:37:09.0862 1744  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
14:37:09.0878 1744  ql2300 - ok
14:37:09.0878 1744  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
14:37:09.0878 1744  ql40xx - ok
14:37:09.0925 1744  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
14:37:09.0940 1744  QWAVE - ok
14:37:09.0956 1744  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
14:37:09.0956 1744  QWAVEdrv - ok
14:37:09.0972 1744  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
14:37:09.0972 1744  RasAcd - ok
14:37:10.0018 1744  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
14:37:10.0018 1744  RasAgileVpn - ok
14:37:10.0034 1744  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
14:37:10.0050 1744  RasAuto - ok
14:37:10.0081 1744  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
14:37:10.0081 1744  Rasl2tp - ok
14:37:10.0112 1744  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
14:37:10.0112 1744  RasMan - ok
14:37:10.0143 1744  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
14:37:10.0143 1744  RasPppoe - ok
14:37:10.0174 1744  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
14:37:10.0174 1744  RasSstp - ok
14:37:10.0252 1744  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
14:37:10.0252 1744  rdbss - ok
14:37:10.0268 1744  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
14:37:10.0268 1744  rdpbus - ok
14:37:10.0299 1744  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
14:37:10.0299 1744  RDPCDD - ok
14:37:10.0299 1744  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
14:37:10.0299 1744  RDPENCDD - ok
14:37:10.0315 1744  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
14:37:10.0315 1744  RDPREFMP - ok
14:37:10.0377 1744  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
14:37:10.0377 1744  RDPWD - ok
14:37:10.0424 1744  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
14:37:10.0424 1744  rdyboost - ok
14:37:10.0471 1744  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
14:37:10.0471 1744  RemoteAccess - ok
14:37:10.0502 1744  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
14:37:10.0518 1744  RemoteRegistry - ok
14:37:10.0533 1744  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
14:37:10.0533 1744  RpcEptMapper - ok
14:37:10.0564 1744  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
14:37:10.0564 1744  RpcLocator - ok
14:37:10.0627 1744  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
14:37:10.0627 1744  RpcSs - ok
14:37:10.0689 1744  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
14:37:10.0689 1744  rspndr - ok
14:37:10.0720 1744  [ BAEFEE35D27A5440D35092CE10267BEC ] RTL8167         C:\Windows\system32\DRIVERS\Rt64win7.sys
14:37:10.0736 1744  RTL8167 - ok
14:37:10.0752 1744  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
14:37:10.0752 1744  SamSs - ok
14:37:10.0814 1744  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
14:37:10.0814 1744  sbp2port - ok
14:37:10.0876 1744  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
14:37:10.0876 1744  SCardSvr - ok
14:37:10.0908 1744  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
14:37:10.0923 1744  scfilter - ok
14:37:10.0970 1744  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
14:37:10.0986 1744  Schedule - ok
14:37:11.0032 1744  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
14:37:11.0032 1744  SCPolicySvc - ok
14:37:11.0064 1744  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
14:37:11.0064 1744  SDRSVC - ok
14:37:11.0110 1744  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
14:37:11.0110 1744  secdrv - ok
14:37:11.0142 1744  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
14:37:11.0142 1744  seclogon - ok
14:37:11.0173 1744  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
14:37:11.0173 1744  SENS - ok
14:37:11.0220 1744  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
14:37:11.0235 1744  SensrSvc - ok
14:37:11.0266 1744  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
14:37:11.0266 1744  Serenum - ok
14:37:11.0266 1744  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
14:37:11.0266 1744  Serial - ok
14:37:11.0313 1744  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
14:37:11.0313 1744  sermouse - ok
14:37:11.0360 1744  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
14:37:11.0360 1744  SessionEnv - ok
14:37:11.0391 1744  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
14:37:11.0391 1744  sffdisk - ok
14:37:11.0422 1744  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
14:37:11.0422 1744  sffp_mmc - ok
14:37:11.0422 1744  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
14:37:11.0422 1744  sffp_sd - ok
14:37:11.0454 1744  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
14:37:11.0469 1744  sfloppy - ok
14:37:11.0500 1744  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
14:37:11.0500 1744  SharedAccess - ok
14:37:11.0578 1744  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
14:37:11.0578 1744  ShellHWDetection - ok
14:37:11.0594 1744  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
14:37:11.0594 1744  SiSRaid2 - ok
14:37:11.0610 1744  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
14:37:11.0610 1744  SiSRaid4 - ok
14:37:11.0688 1744  [ 65F9539E506D43FCD7CB59F8FD5CCABC ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
14:37:11.0688 1744  SkypeUpdate - ok
14:37:11.0719 1744  [ DD0443BC6CC78A19FD399817F8C51401 ] SmartDefragDriver C:\Windows\system32\Drivers\SmartDefragDriver.sys
14:37:11.0719 1744  SmartDefragDriver - ok
14:37:11.0750 1744  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
14:37:11.0750 1744  Smb - ok
14:37:11.0797 1744  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
14:37:11.0797 1744  SNMPTRAP - ok
14:37:11.0844 1744  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
14:37:11.0844 1744  speedfan - ok
14:37:11.0906 1744  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
14:37:11.0906 1744  spldr - ok
14:37:11.0968 1744  [ B96C17B5DC1424D56EEA3A99E97428CD ] Spooler         C:\Windows\System32\spoolsv.exe
14:37:11.0968 1744  Spooler - ok
14:37:12.0062 1744  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
14:37:12.0109 1744  sppsvc - ok
14:37:12.0187 1744  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
14:37:12.0187 1744  sppuinotify - ok
14:37:12.0234 1744  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
14:37:12.0234 1744  srv - ok
14:37:12.0249 1744  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
14:37:12.0249 1744  srv2 - ok
14:37:12.0265 1744  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
14:37:12.0280 1744  srvnet - ok
14:37:12.0327 1744  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
14:37:12.0327 1744  SSDPSRV - ok
14:37:12.0343 1744  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
14:37:12.0343 1744  SstpSvc - ok
14:37:12.0390 1744  Steam Client Service - ok
14:37:12.0452 1744  [ F0359F7CE712D69ACEF0886BDB4792ED ] Stereo Service  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPISvr.exe
14:37:12.0452 1744  Stereo Service - ok
14:37:12.0499 1744  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
14:37:12.0499 1744  stexstor - ok
14:37:12.0577 1744  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
14:37:12.0577 1744  stisvc - ok
14:37:12.0624 1744  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
14:37:12.0624 1744  swenum - ok
14:37:12.0686 1744  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
14:37:12.0686 1744  swprv - ok
14:37:12.0780 1744  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
14:37:12.0795 1744  SysMain - ok
14:37:12.0842 1744  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
14:37:12.0858 1744  TabletInputService - ok
14:37:12.0873 1744  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
14:37:12.0889 1744  TapiSrv - ok
14:37:12.0904 1744  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
14:37:12.0904 1744  TBS - ok
14:37:12.0982 1744  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
14:37:12.0998 1744  Tcpip - ok
14:37:13.0029 1744  [ ACB82BDA8F46C84F465C1AFA517DC4B9 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
14:37:13.0029 1744  TCPIP6 - ok
14:37:13.0107 1744  [ DF687E3D8836BFB04FCC0615BF15A519 ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
14:37:13.0107 1744  tcpipreg - ok
14:37:13.0154 1744  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
14:37:13.0154 1744  TDPIPE - ok
14:37:13.0201 1744  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
14:37:13.0201 1744  TDTCP - ok
14:37:13.0263 1744  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
14:37:13.0263 1744  tdx - ok
14:37:13.0326 1744  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
14:37:13.0326 1744  TermDD - ok
14:37:13.0372 1744  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
14:37:13.0372 1744  TermService - ok
14:37:13.0404 1744  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
14:37:13.0419 1744  Themes - ok
14:37:13.0466 1744  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
14:37:13.0466 1744  THREADORDER - ok
14:37:13.0497 1744  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
14:37:13.0497 1744  TrkWks - ok
14:37:13.0606 1744  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
14:37:13.0622 1744  TrustedInstaller - ok
14:37:13.0669 1744  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
14:37:13.0669 1744  tssecsrv - ok
14:37:13.0731 1744  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
14:37:13.0731 1744  TsUsbFlt - ok
14:37:13.0762 1744  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
14:37:13.0762 1744  tunnel - ok
14:37:13.0794 1744  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
14:37:13.0794 1744  uagp35 - ok
14:37:13.0840 1744  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
14:37:13.0856 1744  udfs - ok
14:37:13.0872 1744  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
14:37:13.0872 1744  UI0Detect - ok
14:37:13.0903 1744  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
14:37:13.0903 1744  uliagpkx - ok
14:37:13.0950 1744  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
14:37:13.0950 1744  umbus - ok
14:37:13.0965 1744  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
14:37:13.0965 1744  UmPass - ok
14:37:14.0012 1744  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
14:37:14.0028 1744  upnphost - ok
14:37:14.0074 1744  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio        C:\Windows\system32\drivers\usbaudio.sys
14:37:14.0074 1744  usbaudio - ok
14:37:14.0121 1744  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
14:37:14.0121 1744  usbccgp - ok
14:37:14.0152 1744  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
14:37:14.0168 1744  usbcir - ok
14:37:14.0199 1744  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\DRIVERS\usbehci.sys
14:37:14.0199 1744  usbehci - ok
14:37:14.0215 1744  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
14:37:14.0215 1744  usbhub - ok
14:37:14.0246 1744  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
14:37:14.0246 1744  usbohci - ok
14:37:14.0277 1744  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
14:37:14.0277 1744  usbprint - ok
14:37:14.0308 1744  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
14:37:14.0308 1744  USBSTOR - ok
14:37:14.0324 1744  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\DRIVERS\usbuhci.sys
14:37:14.0324 1744  usbuhci - ok
14:37:14.0355 1744  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
14:37:14.0355 1744  UxSms - ok
14:37:14.0371 1744  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
14:37:14.0371 1744  VaultSvc - ok
14:37:14.0433 1744  [ FD911873C0BB6945FA38C16E9A2B58F9 ] VClone          C:\Windows\system32\DRIVERS\VClone.sys
14:37:14.0433 1744  VClone - ok
14:37:14.0480 1744  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
14:37:14.0480 1744  vdrvroot - ok
14:37:14.0527 1744  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
14:37:14.0542 1744  vds - ok
14:37:14.0542 1744  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
14:37:14.0558 1744  vga - ok
14:37:14.0574 1744  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
14:37:14.0574 1744  VgaSave - ok
14:37:14.0605 1744  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
14:37:14.0605 1744  vhdmp - ok
14:37:14.0652 1744  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
14:37:14.0652 1744  viaide - ok
14:37:14.0652 1744  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
14:37:14.0667 1744  volmgr - ok
14:37:14.0714 1744  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
14:37:14.0730 1744  volmgrx - ok
14:37:14.0745 1744  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
14:37:14.0745 1744  volsnap - ok
14:37:14.0776 1744  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
14:37:14.0776 1744  vsmraid - ok
14:37:14.0839 1744  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
14:37:14.0854 1744  VSS - ok
14:37:14.0917 1744  [ 93132C69394A99D992095D8CFE464801 ] VST64HWBS2      C:\Windows\system32\DRIVERS\VSTBS26.SYS
14:37:14.0917 1744  VST64HWBS2 - ok
14:37:14.0964 1744  [ 02071D207A9858FBE3A48CBFD59C4A04 ] VST64_DPV       C:\Windows\system32\DRIVERS\VSTDPV6.SYS
14:37:14.0964 1744  VST64_DPV - ok
14:37:14.0995 1744  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\System32\drivers\vwifibus.sys
14:37:14.0995 1744  vwifibus - ok
14:37:15.0042 1744  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
14:37:15.0042 1744  W32Time - ok
14:37:15.0088 1744  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
14:37:15.0088 1744  WacomPen - ok
14:37:15.0120 1744  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
14:37:15.0120 1744  WANARP - ok
14:37:15.0120 1744  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
14:37:15.0120 1744  Wanarpv6 - ok
14:37:15.0182 1744  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
14:37:15.0198 1744  WatAdminSvc - ok
14:37:15.0291 1744  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
14:37:15.0307 1744  wbengine - ok
14:37:15.0354 1744  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
14:37:15.0354 1744  WbioSrvc - ok
14:37:15.0400 1744  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
14:37:15.0416 1744  wcncsvc - ok
14:37:15.0432 1744  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
14:37:15.0432 1744  WcsPlugInService - ok
14:37:15.0478 1744  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
14:37:15.0478 1744  Wd - ok
14:37:15.0494 1744  [ 441BD2D7B4F98134C3A4F9FA570FD250 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
14:37:15.0510 1744  Wdf01000 - ok
14:37:15.0525 1744  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
14:37:15.0525 1744  WdiServiceHost - ok
14:37:15.0525 1744  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
14:37:15.0525 1744  WdiSystemHost - ok
14:37:15.0556 1744  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
14:37:15.0556 1744  WebClient - ok
14:37:15.0588 1744  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
14:37:15.0588 1744  Wecsvc - ok
14:37:15.0619 1744  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
14:37:15.0619 1744  wercplsupport - ok
14:37:15.0634 1744  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
14:37:15.0634 1744  WerSvc - ok
14:37:15.0666 1744  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
14:37:15.0666 1744  WfpLwf - ok
14:37:15.0697 1744  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
14:37:15.0697 1744  WIMMount - ok
14:37:15.0728 1744  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] winachsf        C:\Windows\system32\DRIVERS\VSTCNXT6.SYS
14:37:15.0728 1744  winachsf - ok
14:37:15.0744 1744  WinDefend - ok
14:37:15.0775 1744  WinHttpAutoProxySvc - ok
14:37:15.0884 1744  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
14:37:15.0884 1744  Winmgmt - ok
14:37:15.0978 1744  [ 0C0195C48B6B8582FA6F6373032118DA ] WinRing0_1_2_0  C:\Program Files (x86)\IObit\Game Booster\Driver\WinRing0x64.sys
14:37:15.0978 1744  WinRing0_1_2_0 - ok
14:37:16.0040 1744  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
14:37:16.0056 1744  WinRM - ok
14:37:16.0118 1744  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
14:37:16.0118 1744  Wlansvc - ok
14:37:16.0290 1744  [ 98F138897EF4246381D197CB81846D62 ] wlidsvc         c:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
14:37:16.0305 1744  wlidsvc - ok
14:37:16.0352 1744  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
14:37:16.0352 1744  WmiAcpi - ok
14:37:16.0399 1744  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
14:37:16.0414 1744  wmiApSrv - ok
14:37:16.0461 1744  WMPNetworkSvc - ok
14:37:16.0508 1744  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
14:37:16.0508 1744  WPCSvc - ok
14:37:16.0555 1744  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
14:37:16.0555 1744  WPDBusEnum - ok
14:37:16.0602 1744  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
14:37:16.0602 1744  ws2ifsl - ok
14:37:16.0617 1744  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
14:37:16.0633 1744  wscsvc - ok
14:37:16.0633 1744  WSearch - ok
14:37:16.0726 1744  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
14:37:16.0742 1744  wuauserv - ok
14:37:16.0789 1744  [ D3381DC54C34D79B22CEE0D65BA91B7C ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
14:37:16.0804 1744  WudfPf - ok
14:37:16.0820 1744  [ CF8D590BE3373029D57AF80914190682 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
14:37:16.0820 1744  WUDFRd - ok
14:37:16.0867 1744  [ 7A95C95B6C4CF292D689106BCAE49543 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
14:37:16.0867 1744  wudfsvc - ok
14:37:16.0914 1744  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
14:37:16.0929 1744  WwanSvc - ok
14:37:16.0976 1744  [ 2EE48CFCE7CA8E0DB4C44C7476C0943B ] xusb21          C:\Windows\system32\DRIVERS\xusb21.sys
14:37:16.0976 1744  xusb21 - ok
14:37:17.0023 1744  ================ Scan global ===============================
14:37:17.0070 1744  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
14:37:17.0116 1744  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:37:17.0132 1744  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\system32\winsrv.dll
14:37:17.0179 1744  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
14:37:17.0194 1744  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
14:37:17.0194 1744  [Global] - ok
14:37:17.0194 1744  ================ Scan MBR ==================================
14:37:17.0210 1744  [ C0DCF0AC171DB02DB8B0014C5D767CF1 ] \Device\Harddisk0\DR0
14:37:17.0210 1744  Suspicious mbr (Forged): \Device\Harddisk0\DR0
14:37:17.0272 1744  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - infected
14:37:17.0272 1744  \Device\Harddisk0\DR0 - detected Rootkit.Boot.Pihar.b (0)
14:37:17.0319 1744  \Device\Harddisk0\DR0 ( TDSS File System ) - warning
14:37:17.0319 1744  \Device\Harddisk0\DR0 - detected TDSS File System (1)
14:37:17.0319 1744  [ 5FB38429D5D77768867C76DCBDB35194 ] \Device\Harddisk5\DR5
14:37:17.0428 1744  \Device\Harddisk5\DR5 - ok
14:37:17.0428 1744  ================ Scan VBR ==================================
14:37:17.0428 1744  [ 3C7D995567C6930647913F0310AA90FD ] \Device\Harddisk0\DR0\Partition1
14:37:17.0428 1744  \Device\Harddisk0\DR0\Partition1 - ok
14:37:17.0460 1744  [ 4945893DD9038C3C2F6E047ECF7DC459 ] \Device\Harddisk0\DR0\Partition2
14:37:17.0460 1744  \Device\Harddisk0\DR0\Partition2 - ok
14:37:17.0491 1744  [ 5A35E6EE9D958F46AA0576DBEA21E31E ] \Device\Harddisk0\DR0\Partition3
14:37:17.0491 1744  \Device\Harddisk0\DR0\Partition3 - ok
14:37:17.0506 1744  [ 4E6FE8EFF37D1A065847898ED201A48F ] \Device\Harddisk0\DR0\Partition4
14:37:17.0506 1744  \Device\Harddisk0\DR0\Partition4 - ok
14:37:17.0506 1744  [ E82D9169105B8296BD792B39BB08B748 ] \Device\Harddisk5\DR5\Partition1
14:37:17.0506 1744  \Device\Harddisk5\DR5\Partition1 - ok
14:37:17.0506 1744  ================ Scan active images ========================
14:37:17.0522 1744  [ 3E588B60EC061686BA05D33574A344C6 ] C:\Windows\System32\drivers\crashdmp.sys
14:37:17.0522 1744  C:\Windows\System32\drivers\crashdmp.sys - ok
14:37:17.0522 1744  [ 814DB88F2641691575A455CF25354098 ] C:\Windows\System32\drivers\dumpfve.sys
14:37:17.0522 1744  C:\Windows\System32\drivers\dumpfve.sys - ok
14:37:17.0522 1744  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] C:\Windows\System32\drivers\iaStorV.sys
14:37:17.0522 1744  C:\Windows\System32\drivers\iaStorV.sys - ok
14:37:17.0538 1744  [ F036CE71586E93D94DAB220D7BDF4416 ] C:\Windows\System32\drivers\cdrom.sys
14:37:17.0538 1744  C:\Windows\System32\drivers\cdrom.sys - ok
14:37:17.0538 1744  [ 16A47CE2DECC9B099349A5F840654746 ] C:\Windows\System32\drivers\beep.sys
14:37:17.0538 1744  C:\Windows\System32\drivers\beep.sys - ok
14:37:17.0553 1744  [ 9899284589F75FA8724FF3D16AED75C1 ] C:\Windows\System32\drivers\null.sys
14:37:17.0553 1744  C:\Windows\System32\drivers\null.sys - ok
14:37:17.0553 1744  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] C:\Windows\System32\drivers\msfs.sys
14:37:17.0553 1744  C:\Windows\System32\drivers\msfs.sys - ok
14:37:17.0553 1744  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] C:\Windows\System32\drivers\npfs.sys
14:37:17.0553 1744  C:\Windows\System32\drivers\npfs.sys - ok
14:37:17.0569 1744  [ CEA6CC257FC9B7715F1C2B4849286D24 ] C:\Windows\System32\drivers\RDPCDD.sys
14:37:17.0569 1744  C:\Windows\System32\drivers\RDPCDD.sys - ok
14:37:17.0569 1744  [ BB5971A4F00659529A5C44831AF22365 ] C:\Windows\System32\drivers\RDPENCDD.sys
14:37:17.0569 1744  C:\Windows\System32\drivers\RDPENCDD.sys - ok
14:37:17.0569 1744  [ 216F3FA57533D98E1F74DED70113177A ] C:\Windows\System32\drivers\RDPREFMP.sys
14:37:17.0569 1744  C:\Windows\System32\drivers\RDPREFMP.sys - ok
14:37:17.0584 1744  [ 6F020A220388ECA0AB6062DC27BD16B6 ] C:\Windows\System32\drivers\tdi.sys
14:37:17.0584 1744  C:\Windows\System32\drivers\tdi.sys - ok
14:37:17.0584 1744  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] C:\Windows\System32\drivers\tdx.sys
14:37:17.0584 1744  C:\Windows\System32\drivers\tdx.sys - ok
14:37:17.0584 1744  [ 53E92A310193CB3C03BEA963DE7D9CFC ] C:\Windows\System32\drivers\vga.sys
14:37:17.0584 1744  C:\Windows\System32\drivers\vga.sys - ok
14:37:17.0600 1744  [ E7353D59C9842BC7299FAEB7E7E09340 ] C:\Windows\System32\drivers\videoprt.sys
14:37:17.0600 1744  C:\Windows\System32\drivers\videoprt.sys - ok
14:37:17.0600 1744  [ FC438D1430B28618E2D0C7C332A710AD ] C:\Windows\System32\drivers\watchdog.sys
14:37:17.0600 1744  C:\Windows\System32\drivers\watchdog.sys - ok
14:37:17.0616 1744  [ 1C7857B62DE5994A75B054A9FD4C3825 ] C:\Windows\System32\drivers\afd.sys
14:37:17.0616 1744  C:\Windows\System32\drivers\afd.sys - ok
14:37:17.0616 1744  [ 86743D9F5D2B1048062B14B1D84501C4 ] C:\Windows\System32\drivers\netbios.sys
14:37:17.0616 1744  C:\Windows\System32\drivers\netbios.sys - ok
14:37:17.0616 1744  [ 09594D1089C523423B32A4229263F068 ] C:\Windows\System32\drivers\netbt.sys
14:37:17.0616 1744  C:\Windows\System32\drivers\netbt.sys - ok
14:37:17.0631 1744  [ 0557CF5A2556BD58E26384169D72438D ] C:\Windows\System32\drivers\pacer.sys
14:37:17.0631 1744  C:\Windows\System32\drivers\pacer.sys - ok
14:37:17.0631 1744  [ 611B23304BF067451A9FDEE01FBDD725 ] C:\Windows\System32\drivers\wfplwf.sys
14:37:17.0631 1744  C:\Windows\System32\drivers\wfplwf.sys - ok
14:37:17.0631 1744  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] C:\Windows\System32\drivers\mssmbios.sys
14:37:17.0631 1744  C:\Windows\System32\drivers\mssmbios.sys - ok
14:37:17.0647 1744  [ E7F5AE18AF4168178A642A9247C63001 ] C:\Windows\System32\drivers\nsiproxy.sys
14:37:17.0647 1744  C:\Windows\System32\drivers\nsiproxy.sys - ok
14:37:17.0647 1744  [ 77F665941019A1594D887A74F301FA2F ] C:\Windows\System32\drivers\rdbss.sys
14:37:17.0647 1744  C:\Windows\System32\drivers\rdbss.sys - ok
14:37:17.0647 1744  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] C:\Windows\System32\drivers\termdd.sys
14:37:17.0647 1744  C:\Windows\System32\drivers\termdd.sys - ok
14:37:17.0662 1744  [ 356AFD78A6ED4457169241AC3965230C ] C:\Windows\System32\drivers\wanarp.sys
14:37:17.0662 1744  C:\Windows\System32\drivers\wanarp.sys - ok
14:37:17.0662 1744  [ 61583EE3C3A17003C4ACD0475646B4D3 ] C:\Windows\System32\drivers\blbdrive.sys
14:37:17.0662 1744  C:\Windows\System32\drivers\blbdrive.sys - ok
14:37:17.0662 1744  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] C:\Windows\System32\drivers\dfsc.sys
14:37:17.0662 1744  C:\Windows\System32\drivers\dfsc.sys - ok
14:37:17.0678 1744  [ 13096B05847EC78F0977F2C0F79E9AB3 ] C:\Windows\System32\drivers\discache.sys
14:37:17.0678 1744  C:\Windows\System32\drivers\discache.sys - ok
14:37:17.0678 1744  [ A05FC7ECA0966EBB70E4D17B855A853B ] C:\Windows\System32\drivers\ElbyCDIO.sys
14:37:17.0678 1744  C:\Windows\System32\drivers\ElbyCDIO.sys - ok
14:37:17.0694 1744  [ ED45F12CFA62B83765C9C1496758CC87 ] C:\Windows\System32\drivers\avipbb.sys
14:37:17.0694 1744  C:\Windows\System32\drivers\avipbb.sys - ok
14:37:17.0694 1744  [ ADA036632C664CAA754079041CF1F8C1 ] C:\Windows\System32\drivers\intelppm.sys
14:37:17.0694 1744  C:\Windows\System32\drivers\intelppm.sys - ok
14:37:17.0694 1744  [ 3566A8DAAFA27AF944F5D705EAA64894 ] C:\Windows\System32\drivers\tunnel.sys
14:37:17.0694 1744  C:\Windows\System32\drivers\tunnel.sys - ok
14:37:17.0709 1744  [ 5104BAC2DA2A5BDD86AC6B0708B00F06 ] C:\Windows\System32\drivers\nvlddmkm.sys
14:37:17.0709 1744  C:\Windows\System32\drivers\nvlddmkm.sys - ok
14:37:17.0709 1744  [ F5BEE30450E18E6B83A5012C100616FD ] C:\Windows\System32\drivers\dxgkrnl.sys
14:37:17.0709 1744  C:\Windows\System32\drivers\dxgkrnl.sys - ok
14:37:17.0709 1744  [ C287E70B414D6CC8D5102F7769164C48 ] C:\Windows\System32\drivers\nvBridge.kmd
14:37:17.0709 1744  C:\Windows\System32\drivers\nvBridge.kmd - ok
14:37:17.0725 1744  [ 9CD68BDDF322535C02ADC8331013D13D ] C:\Windows\System32\drivers\dxgmms1.sys
14:37:17.0725 1744  C:\Windows\System32\drivers\dxgmms1.sys - ok
14:37:17.0725 1744  [ 1911A3356FA3F77CCC825CCBAC038C2A ] C:\Windows\System32\smss.exe
14:37:17.0725 1744  C:\Windows\System32\smss.exe - ok
14:37:17.0725 1744  [ CF95B85FF8D128385ABD411C8CA74DED ] C:\Windows\System32\ntdll.dll
14:37:17.0725 1744  C:\Windows\System32\ntdll.dll - ok
14:37:17.0740 1744  [ AE259C75F9A0B057B6BF9E9695632B09 ] C:\Windows\System32\drivers\usbport.sys
14:37:17.0740 1744  C:\Windows\System32\drivers\usbport.sys - ok
14:37:17.0740 1744  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] C:\Windows\System32\drivers\usbuhci.sys
14:37:17.0740 1744  C:\Windows\System32\drivers\usbuhci.sys - ok
14:37:17.0740 1744  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] C:\Windows\System32\drivers\hdaudbus.sys
14:37:17.0740 1744  C:\Windows\System32\drivers\hdaudbus.sys - ok
14:37:17.0756 1744  [ C025055FE7B87701EB042095DF1A2D7B ] C:\Windows\System32\drivers\usbehci.sys
14:37:17.0756 1744  C:\Windows\System32\drivers\usbehci.sys - ok
14:37:17.0756 1744  [ CCA2AB1752A61F29C3C941CD79D78CEA ] C:\Windows\System32\drivers\usbd.sys
14:37:17.0756 1744  C:\Windows\System32\drivers\usbd.sys - ok
14:37:17.0772 1744  [ 98022774D9930ECBB292E70DB7601DF6 ] C:\Windows\System32\drivers\agrsm64.sys
14:37:17.0772 1744  C:\Windows\System32\drivers\agrsm64.sys - ok
14:37:17.0772 1744  [ 800BA92F7010378B09F9ED9270F07137 ] C:\Windows\System32\drivers\modem.sys
14:37:17.0772 1744  C:\Windows\System32\drivers\modem.sys - ok
14:37:17.0772 1744  [ BAEFEE35D27A5440D35092CE10267BEC ] C:\Windows\System32\drivers\Rt64win7.sys
14:37:17.0772 1744  C:\Windows\System32\drivers\Rt64win7.sys - ok
14:37:17.0787 1744  [ 3B536A8BEC3B4F23FFDFD78B11A2AB93 ] C:\Windows\System32\autochk.exe
14:37:17.0787 1744  C:\Windows\System32\autochk.exe - ok
14:37:17.0787 1744  [ 24FBF5CC5C04150073C315A7C83521EE ] C:\Windows\System32\drivers\ks.sys
14:37:17.0787 1744  C:\Windows\System32\drivers\ks.sys - ok
14:37:17.0787 1744  [ 93132C69394A99D992095D8CFE464801 ] C:\Windows\System32\drivers\VSTBS26.SYS
14:37:17.0787 1744  C:\Windows\System32\drivers\VSTBS26.SYS - ok
14:37:17.0803 1744  [ 02071D207A9858FBE3A48CBFD59C4A04 ] C:\Windows\System32\drivers\VSTDPV6.SYS
14:37:17.0803 1744  C:\Windows\System32\drivers\VSTDPV6.SYS - ok
14:37:17.0803 1744  [ A87D604AEA360176311474C87A63BB88 ] C:\Windows\System32\drivers\1394ohci.sys
14:37:17.0803 1744  C:\Windows\System32\drivers\1394ohci.sys - ok
14:37:17.0803 1744  [ 18E40C245DBFAF36FD0134A7EF2DF396 ] C:\Windows\System32\drivers\VSTCNXT6.SYS
14:37:17.0803 1744  C:\Windows\System32\drivers\VSTCNXT6.SYS - ok
14:37:17.0818 1744  [ 7ECFF9B22276B73F43A99A15A6094E90 ] C:\Windows\System32\drivers\agilevpn.sys
14:37:17.0818 1744  C:\Windows\System32\drivers\agilevpn.sys - ok
14:37:17.0818 1744  [ 03EDB043586CCEBA243D689BDDA370A8 ] C:\Windows\System32\drivers\CompositeBus.sys
14:37:17.0818 1744  C:\Windows\System32\drivers\CompositeBus.sys - ok
14:37:17.0834 1744  [ 471815800AE33E6F1C32FB1B97C490CA ] C:\Windows\System32\drivers\rasl2tp.sys
14:37:17.0834 1744  C:\Windows\System32\drivers\rasl2tp.sys - ok
14:37:17.0834 1744  [ 30639C932D9FEF22B31268FE25A1B6E5 ] C:\Windows\System32\drivers\ndistapi.sys
14:37:17.0834 1744  C:\Windows\System32\drivers\ndistapi.sys - ok
14:37:17.0834 1744  [ 53F7305169863F0A2BDDC49E116C2E11 ] C:\Windows\System32\drivers\ndiswan.sys
14:37:17.0834 1744  C:\Windows\System32\drivers\ndiswan.sys - ok
14:37:17.0850 1744  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] C:\Windows\System32\drivers\raspppoe.sys
14:37:17.0850 1744  C:\Windows\System32\drivers\raspppoe.sys - ok
14:37:17.0850 1744  [ 1E6438D4EA6E1174A3B3B1EDC4DE660B ] C:\Windows\System32\drivers\hamachi.sys
14:37:17.0850 1744  C:\Windows\System32\drivers\hamachi.sys - ok
14:37:17.0850 1744  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] C:\Windows\System32\drivers\kbdclass.sys
14:37:17.0850 1744  C:\Windows\System32\drivers\kbdclass.sys - ok
14:37:17.0865 1744  [ 7D27EA49F3C1F687D357E77A470AEA99 ] C:\Windows\System32\drivers\mouclass.sys
14:37:17.0865 1744  C:\Windows\System32\drivers\mouclass.sys - ok
14:37:17.0865 1744  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] C:\Windows\System32\drivers\raspptp.sys
14:37:17.0865 1744  C:\Windows\System32\drivers\raspptp.sys - ok
14:37:17.0865 1744  [ E8B1E447B008D07FF47D016C2B0EEECB ] C:\Windows\System32\drivers\rassstp.sys
14:37:17.0865 1744  C:\Windows\System32\drivers\rassstp.sys - ok
14:37:17.0881 1744  [ 1B1E264203D4EF9D3DA1987AD70355AB ] C:\Windows\System32\drivers\scsiport.sys
14:37:17.0881 1744  C:\Windows\System32\drivers\scsiport.sys - ok
14:37:17.0881 1744  [ FD911873C0BB6945FA38C16E9A2B58F9 ] C:\Windows\System32\drivers\VClone.sys
14:37:17.0881 1744  C:\Windows\System32\drivers\VClone.sys - ok
14:37:17.0881 1744  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] C:\Windows\System32\drivers\swenum.sys
14:37:17.0881 1744  C:\Windows\System32\drivers\swenum.sys - ok
14:37:17.0896 1744  [ C6689007B3A749C49A5438DCF36E0CE4 ] C:\Windows\System32\shell32.dll
14:37:17.0896 1744  C:\Windows\System32\shell32.dll - ok
14:37:17.0896 1744  [ DC54A574663A895C8763AF0FA1FF7561 ] C:\Windows\System32\drivers\umbus.sys
14:37:17.0896 1744  C:\Windows\System32\drivers\umbus.sys - ok
14:37:17.0912 1744  [ 287C6C9410B111B68B52CA298F7B8C24 ] C:\Windows\System32\drivers\usbhub.sys
14:37:17.0912 1744  C:\Windows\System32\drivers\usbhub.sys - ok
14:37:17.0912 1744  [ 044FE45FFD6AD40E3BBBE60B7F41BABE ] C:\Windows\System32\nsi.dll
14:37:17.0912 1744  C:\Windows\System32\nsi.dll - ok
14:37:17.0912 1744  [ 25983DE69B57142039AC8D95E71CD9C9 ] C:\Windows\System32\clbcatq.dll
14:37:17.0912 1744  C:\Windows\System32\clbcatq.dll - ok
14:37:17.0928 1744  [ 1084AA52CCC324EA54C7121FA24C2221 ] C:\Windows\System32\gdi32.dll
14:37:17.0928 1744  C:\Windows\System32\gdi32.dll - ok
14:37:17.0928 1744  [ 4E4FFB09D895AA000DD56D1404F69A7E ] C:\Windows\System32\Wldap32.dll
14:37:17.0928 1744  C:\Windows\System32\Wldap32.dll - ok
14:37:17.0928 1744  [ 2DCA688631F71722B0B5E57F526BB2EB ] C:\Windows\System32\wininet.dll
14:37:17.0928 1744  C:\Windows\System32\wininet.dll - ok
14:37:17.0943 1744  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] C:\Windows\System32\drivers\ndproxy.sys
14:37:17.0943 1744  C:\Windows\System32\drivers\ndproxy.sys - ok
14:37:17.0943 1744  [ 21D26064AEDB4988F785BB4A3A2C051E ] C:\Windows\System32\drivers\drmk.sys
14:37:17.0943 1744  C:\Windows\System32\drivers\drmk.sys - ok
14:37:17.0943 1744  [ 975761C778E33CD22498059B91E7373A ] C:\Windows\System32\drivers\HdAudio.sys
14:37:17.0943 1744  C:\Windows\System32\drivers\HdAudio.sys - ok
14:37:17.0959 1744  [ 32E11315B5126921FFD9074840EF13D3 ] C:\Windows\System32\drivers\portcls.sys
14:37:17.0959 1744  C:\Windows\System32\drivers\portcls.sys - ok
14:37:17.0959 1744  [ 6869281E78CB31A43E969F06B57347C4 ] C:\Windows\System32\drivers\ksthunk.sys
14:37:17.0959 1744  C:\Windows\System32\drivers\ksthunk.sys - ok
14:37:17.0959 1744  [ C431EAF5CAA1C82CAC2534A2EAB348A3 ] C:\Windows\System32\msctf.dll
14:37:17.0959 1744  C:\Windows\System32\msctf.dll - ok
14:37:17.0974 1744  [ B9B42A302325537D7B9DC52D47F33A73 ] C:\Windows\System32\kernel32.dll
14:37:17.0974 1744  C:\Windows\System32\kernel32.dll - ok
14:37:17.0974 1744  [ 6F1A3157A1C89435352CEB543CDB359C ] C:\Windows\System32\drivers\usbccgp.sys
14:37:17.0974 1744  C:\Windows\System32\drivers\usbccgp.sys - ok
14:37:17.0990 1744  [ 8B0E40E7E8BBF5ACF390465609D89FF1 ] C:\Windows\System32\drivers\hidclass.sys
14:37:17.0990 1744  C:\Windows\System32\drivers\hidclass.sys - ok
14:37:17.0990 1744  [ 49EE2E52E6CD03947DAD72F65367BE06 ] C:\Windows\System32\drivers\hidparse.sys
14:37:17.0990 1744  C:\Windows\System32\drivers\hidparse.sys - ok
14:37:17.0990 1744  [ 9592090A7E2B61CD582B612B6DF70536 ] C:\Windows\System32\drivers\hidusb.sys
14:37:17.0990 1744  C:\Windows\System32\drivers\hidusb.sys - ok
14:37:18.0006 1744  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] C:\Windows\System32\drivers\kbdhid.sys
14:37:18.0006 1744  C:\Windows\System32\drivers\kbdhid.sys - ok
14:37:18.0006 1744  [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] C:\Windows\System32\drivers\USBAUDIO.sys
14:37:18.0006 1744  C:\Windows\System32\drivers\USBAUDIO.sys - ok
14:37:18.0006 1744  [ 2F8B1E3EE3545D3B5A8D56FA1AE07B65 ] C:\Windows\System32\usp10.dll
14:37:18.0006 1744  C:\Windows\System32\usp10.dll - ok
14:37:18.0021 1744  [ 4BBFA57F594F7E8A8EDC8F377184C3F0 ] C:\Windows\System32\ws2_32.dll
14:37:18.0021 1744  C:\Windows\System32\ws2_32.dll - ok
14:37:18.0021 1744  [ FED648B01349A3C8395A5169DB5FB7D6 ] C:\Windows\System32\drivers\USBSTOR.SYS
14:37:18.0021 1744  C:\Windows\System32\drivers\USBSTOR.SYS - ok
14:37:18.0021 1744  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] C:\Windows\System32\drivers\mouhid.sys
14:37:18.0021 1744  C:\Windows\System32\drivers\mouhid.sys - ok
14:37:18.0037 1744  [ 5D8E6C95156ED1F79A63D1EADE6F9ED5 ] C:\Windows\System32\setupapi.dll
14:37:18.0037 1744  C:\Windows\System32\setupapi.dll - ok
14:37:18.0037 1744  [ C06B32165E23A72A898B7A89679AD754 ] C:\Windows\System32\oleaut32.dll
14:37:18.0037 1744  C:\Windows\System32\oleaut32.dll - ok
14:37:18.0052 1744  [ 83404DCBCE4925B6A5A77C5170F46D86 ] C:\Windows\System32\sechost.dll
14:37:18.0052 1744  C:\Windows\System32\sechost.dll - ok
14:37:18.0052 1744  [ D202223587518B13D72D68937B7E3F70 ] C:\Windows\System32\lpk.dll
14:37:18.0052 1744  C:\Windows\System32\lpk.dll - ok
14:37:18.0052 1744  [ 28C0B5024F5C5A438E78B188CFC81B7F ] C:\Windows\System32\normaliz.dll
14:37:18.0052 1744  C:\Windows\System32\normaliz.dll - ok
14:37:18.0068 1744  [ D87E1E59C73C1F98D5DED5B3850C40F5 ] C:\Windows\System32\psapi.dll
14:37:18.0068 1744  C:\Windows\System32\psapi.dll - ok
14:37:18.0068 1744  [ 0611473C1AD9E2D991CD9482068417F7 ] C:\Windows\System32\rpcrt4.dll
14:37:18.0068 1744  C:\Windows\System32\rpcrt4.dll - ok
14:37:18.0068 1744  [ 6C60B5ACA7442EFB794082CDACFC001C ] C:\Windows\System32\ole32.dll
14:37:18.0068 1744  C:\Windows\System32\ole32.dll - ok
14:37:18.0084 1744  [ FE70103391A64039A921DBFFF9C7AB1B ] C:\Windows\System32\user32.dll
14:37:18.0084 1744  C:\Windows\System32\user32.dll - ok
14:37:18.0084 1744  [ 6DF46D2BD74E3DA1B45F08F10D172732 ] C:\Windows\System32\advapi32.dll
14:37:18.0084 1744  C:\Windows\System32\advapi32.dll - ok
14:37:18.0084 1744  [ A1BE6A720D02E37F72E9CD89AE9CB3CF ] C:\Windows\System32\imagehlp.dll
14:37:18.0084 1744  C:\Windows\System32\imagehlp.dll - ok
14:37:18.0099 1744  [ 9835E63E09F824D22B689D2BB789BAB9 ] C:\Windows\System32\comdlg32.dll
14:37:18.0099 1744  C:\Windows\System32\comdlg32.dll - ok
14:37:18.0099 1744  [ EAF32CB8C1F810E4715B4DFBE785C7FF ] C:\Windows\System32\shlwapi.dll
14:37:18.0099 1744  C:\Windows\System32\shlwapi.dll - ok
14:37:18.0115 1744  [ 214338D755D4C1E0050D213AFA2A05E8 ] C:\Windows\System32\iertutil.dll
14:37:18.0115 1744  C:\Windows\System32\iertutil.dll - ok
14:37:18.0115 1744  [ F7CE0C81C545364020ED8203CF0A633E ] C:\Windows\System32\difxapi.dll
14:37:18.0115 1744  C:\Windows\System32\difxapi.dll - ok
14:37:18.0115 1744  [ C391FC68282A000CDF953F8B6B55D2EF ] C:\Windows\System32\msvcrt.dll
14:37:18.0115 1744  C:\Windows\System32\msvcrt.dll - ok
14:37:18.0130 1744  [ AA2C08CE85653B1A0D2E4AB407FA176C ] C:\Windows\System32\imm32.dll
14:37:18.0130 1744  C:\Windows\System32\imm32.dll - ok
14:37:18.0130 1744  [ 5D15EB93AAC0074C2EFB13866B353DBB ] C:\Windows\System32\urlmon.dll
14:37:18.0130 1744  C:\Windows\System32\urlmon.dll - ok
14:37:18.0130 1744  [ 2477A28081BDAEE622CF045ACF8EE124 ] C:\Windows\System32\cfgmgr32.dll
14:37:18.0130 1744  C:\Windows\System32\cfgmgr32.dll - ok
14:37:18.0146 1744  [ 6B5174702343BD955E174FDFEFA2A1A3 ] C:\Windows\System32\KernelBase.dll
14:37:18.0146 1744  C:\Windows\System32\KernelBase.dll - ok
14:37:18.0146 1744  [ 53238D99636BBA85F491C3E8FD22AB00 ] C:\Windows\System32\wintrust.dll
14:37:18.0146 1744  C:\Windows\System32\wintrust.dll - ok
14:37:18.0146 1744  [ FAF1BA660F84789CCCE747CE6F9D055A ] C:\Windows\System32\crypt32.dll
14:37:18.0146 1744  C:\Windows\System32\crypt32.dll - ok
14:37:18.0162 1744  [ 06FEC9E8117103BB1141A560E98077DA ] C:\Windows\System32\devobj.dll
14:37:18.0162 1744  C:\Windows\System32\devobj.dll - ok
14:37:18.0162 1744  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\System32\comctl32.dll
14:37:18.0162 1744  C:\Windows\System32\comctl32.dll - ok
14:37:18.0177 1744  [ 884415BD4269C02EAF8E2613BF85500D ] C:\Windows\System32\msasn1.dll
14:37:18.0177 1744  C:\Windows\System32\msasn1.dll - ok
14:37:18.0177 1744  [ 9C278785347BCC991F8EA2999D90F58D ] C:\Windows\SysWOW64\normaliz.dll
14:37:18.0177 1744  C:\Windows\SysWOW64\normaliz.dll - ok
14:37:18.0177 1744  [ BF24D6F2ED97FE830BFD52B246F98E67 ] C:\Windows\System32\drivers\dxapi.sys
14:37:18.0177 1744  C:\Windows\System32\drivers\dxapi.sys - ok
14:37:18.0193 1744  [ 511166D3F5D7EBA36DE48C4F5E195886 ] C:\Windows\System32\win32k.sys
14:37:18.0193 1744  C:\Windows\System32\win32k.sys - ok
14:37:18.0193 1744  [ 96F587CA26A6AA894BD8CACE4540CFFC ] C:\Windows\System32\csrsrv.dll
14:37:18.0193 1744  C:\Windows\System32\csrsrv.dll - ok
14:37:18.0193 1744  [ 60C2862B4BF0FD9F582EF344C2B1EC72 ] C:\Windows\System32\csrss.exe
14:37:18.0193 1744  C:\Windows\System32\csrss.exe - ok
14:37:18.0208 1744  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\System32\basesrv.dll
14:37:18.0208 1744  C:\Windows\System32\basesrv.dll - ok
14:37:18.0208 1744  [ EB6A48CC998E1090E44E8E7F1009A640 ] C:\Windows\System32\winsrv.dll
14:37:18.0208 1744  C:\Windows\System32\winsrv.dll - ok
14:37:18.0208 1744  [ B03D591DC7DA45ECE20B3B467E6AADAA ] C:\Windows\System32\drivers\monitor.sys
14:37:18.0208 1744  C:\Windows\System32\drivers\monitor.sys - ok
14:37:18.0224 1744  [ F29FE765E1448EF371CFE05BFAC74ADB ] C:\Windows\System32\tsddd.dll
14:37:18.0224 1744  C:\Windows\System32\tsddd.dll - ok
14:37:18.0224 1744  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\System32\sxssrv.dll
14:37:18.0224 1744  C:\Windows\System32\sxssrv.dll - ok
14:37:18.0224 1744  [ 94355C28C1970635A31B3FE52EB7CEBA ] C:\Windows\System32\wininit.exe
14:37:18.0224 1744  C:\Windows\System32\wininit.exe - ok
14:37:18.0240 1744  [ 78523A26F5604C0568FE9D1CE86E36F4 ] C:\Windows\System32\KBDUS.DLL
14:37:18.0240 1744  C:\Windows\System32\KBDUS.DLL - ok
14:37:18.0240 1744  [ 2C942733A5983DD4502219FF37C7EBC7 ] C:\Windows\System32\profapi.dll
14:37:18.0240 1744  C:\Windows\System32\profapi.dll - ok
14:37:18.0255 1744  [ C2A8CB1275ECB85D246A9ECC02A728E3 ] C:\Windows\System32\RpcRtRemote.dll
14:37:18.0255 1744  C:\Windows\System32\RpcRtRemote.dll - ok
14:37:18.0255 1744  [ 05569A79BF4693670B709144382D02D4 ] C:\Windows\System32\cdd.dll
14:37:18.0255 1744  C:\Windows\System32\cdd.dll - ok
14:37:18.0255 1744  [ 9CEAD32E79A62150FE9F8557E58E008B ] C:\Windows\System32\sxs.dll
14:37:18.0255 1744  C:\Windows\System32\sxs.dll - ok
14:37:18.0271 1744  [ B26B1801356760841C3BC69F9F91537F ] C:\Windows\System32\WlS0WndH.dll
14:37:18.0271 1744  C:\Windows\System32\WlS0WndH.dll - ok
14:37:18.0271 1744  [ 784FA3DF338E2E8F5F0389D6FAC428AF ] C:\Windows\System32\cryptbase.dll
14:37:18.0271 1744  C:\Windows\System32\cryptbase.dll - ok
14:37:18.0271 1744  [ 90499F3163A9F815CF196A205EA3CD5D ] C:\Windows\System32\apphelp.dll
14:37:18.0271 1744  C:\Windows\System32\apphelp.dll - ok
14:37:18.0286 1744  [ C118A82CD78818C29AB228366EBF81C3 ] C:\Windows\System32\lsass.exe
14:37:18.0286 1744  C:\Windows\System32\lsass.exe - ok
14:37:18.0286 1744  [ 9662EE182644511439F1C53745DC1C88 ] C:\Windows\System32\lsm.exe
14:37:18.0286 1744  C:\Windows\System32\lsm.exe - ok
14:37:18.0286 1744  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\System32\services.exe
14:37:18.0286 1744  C:\Windows\System32\services.exe - ok
14:37:18.0302 1744  [ 1151B1BAA6F350B1DB6598E0FEA7C457 ] C:\Windows\System32\winlogon.exe
14:37:18.0302 1744  C:\Windows\System32\winlogon.exe - ok
14:37:18.0302 1744  [ B66BC8B20B7F33975865B1DF99783FD8 ] C:\Windows\System32\sspicli.dll
14:37:18.0302 1744  C:\Windows\System32\sspicli.dll - ok
14:37:18.0302 1744  [ 66A6063D0BAAD3F7B2B9868859E0743B ] C:\Windows\System32\lsasrv.dll
14:37:18.0302 1744  C:\Windows\System32\lsasrv.dll - ok
14:37:18.0318 1744  [ BBCDF350817BA86416C0F06B6981BE8D ] C:\Windows\System32\scesrv.dll
14:37:18.0318 1744  C:\Windows\System32\scesrv.dll - ok
14:37:18.0318 1744  [ E914A50A151DFFE63D3935226DB5E2C1 ] C:\Windows\System32\scext.dll
14:37:18.0318 1744  C:\Windows\System32\scext.dll - ok
14:37:18.0333 1744  [ 0144D8D75A0B12938AEEE859E3310A46 ] C:\Windows\System32\secur32.dll
14:37:18.0333 1744  C:\Windows\System32\secur32.dll - ok
14:37:18.0333 1744  [ 3A0CE5FE781708CD6ABD55313607EC8B ] C:\Windows\System32\sspisrv.dll
14:37:18.0333 1744  C:\Windows\System32\sspisrv.dll - ok
14:37:18.0333 1744  [ 68083118797CAF30FB2EA3E71494D67E ] C:\Windows\System32\sysntfy.dll
14:37:18.0333 1744  C:\Windows\System32\sysntfy.dll - ok
14:37:18.0349 1744  [ 0D9764D58C5EFD672B7184854B152E5E ] C:\Windows\System32\winsta.dll
14:37:18.0349 1744  C:\Windows\System32\winsta.dll - ok
14:37:18.0349 1744  [ DEE7267C5D232A3B816866872CE199E6 ] C:\Windows\System32\wmsgapi.dll
14:37:18.0349 1744  C:\Windows\System32\wmsgapi.dll - ok
14:37:18.0349 1744  [ A744BA6E04C8AA4592818178DBF89521 ] C:\Windows\System32\samsrv.dll
14:37:18.0349 1744  C:\Windows\System32\samsrv.dll - ok
14:37:18.0364 1744  [ 3A9C9BAF610B0DD4967086040B3B62A9 ] C:\Windows\System32\srvcli.dll
14:37:18.0364 1744  C:\Windows\System32\srvcli.dll - ok
14:37:18.0364 1744  [ 3A061472B38233BAFF9CFEFF2E49C46B ] C:\Windows\System32\cryptdll.dll
14:37:18.0364 1744  C:\Windows\System32\cryptdll.dll - ok
14:37:18.0364 1744  [ 3C073B0C596A0AF84933E7406766B040 ] C:\Windows\System32\wevtapi.dll
14:37:18.0364 1744  C:\Windows\System32\wevtapi.dll - ok
14:37:18.0380 1744  [ 7FBEBD2229EA5FD48D41B199EC2D541C ] C:\Windows\System32\authz.dll
14:37:18.0380 1744  C:\Windows\System32\authz.dll - ok
14:37:18.0380 1744  [ 86FE1B1F8FD42CD0DB641AB1CDB13093 ] C:\Windows\System32\cngaudit.dll
14:37:18.0380 1744  C:\Windows\System32\cngaudit.dll - ok
14:37:18.0380 1744  [ B9A95365E52F421A20E1501935FADDA5 ] C:\Windows\System32\bcrypt.dll
14:37:18.0380 1744  C:\Windows\System32\bcrypt.dll - ok
14:37:18.0396 1744  [ 400645085A91BF3EB0271329B95AE0BE ] C:\Windows\System32\ncrypt.dll
14:37:18.0396 1744  C:\Windows\System32\ncrypt.dll - ok
14:37:18.0396 1744  [ 02B64609F865A39365FF88580DF11738 ] C:\Windows\System32\msprivs.dll
14:37:18.0396 1744  C:\Windows\System32\msprivs.dll - ok
14:37:18.0411 1744  [ C6505DE3561537BA1004D638C2F93F2F ] C:\Windows\System32\netjoin.dll
14:37:18.0411 1744  C:\Windows\System32\netjoin.dll - ok
14:37:18.0411 1744  [ 50532FCD7ECF02DD169CE5C485F02534 ] C:\Windows\System32\negoexts.dll
14:37:18.0411 1744  C:\Windows\System32\negoexts.dll - ok
14:37:18.0411 1744  [ 16ECE8BD6734CC170B9AE74176E89A9B ] C:\Windows\System32\kerberos.dll
14:37:18.0411 1744  C:\Windows\System32\kerberos.dll - ok
14:37:18.0427 1744  [ D0C2FBB6D97416B0166478FC7AE2B212 ] C:\Windows\System32\cryptsp.dll
14:37:18.0427 1744  C:\Windows\System32\cryptsp.dll - ok
14:37:18.0427 1744  [ 1D5185A4C7E6695431AE4B55C3D7D333 ] C:\Windows\System32\mswsock.dll
14:37:18.0427 1744  C:\Windows\System32\mswsock.dll - ok
14:37:18.0427 1744  [ EF12B8385AA2849999008A977918F96B ] C:\Windows\System32\msv1_0.dll
14:37:18.0427 1744  C:\Windows\System32\msv1_0.dll - ok
14:37:18.0442 1744  [ EC7CBFF96B05ECF3D366355B3C64ADCF ] C:\Windows\System32\wship6.dll
14:37:18.0442 1744  C:\Windows\System32\wship6.dll - ok
14:37:18.0442 1744  [ AA339DD8BB128EF66660DFBBB59043D3 ] C:\Windows\System32\netlogon.dll
14:37:18.0442 1744  C:\Windows\System32\netlogon.dll - ok
14:37:18.0442 1744  [ 492D07D79E7024CA310867B526D9636D ] C:\Windows\System32\dnsapi.dll
14:37:18.0442 1744  C:\Windows\System32\dnsapi.dll - ok
14:37:18.0458 1744  [ 8FFE297B8449386E7B6851458B6E474E ] C:\Windows\System32\logoncli.dll
14:37:18.0458 1744  C:\Windows\System32\logoncli.dll - ok
14:37:18.0458 1744  [ 1573C45E65DE32B1BC3572634F8F1E8E ] C:\Windows\System32\schannel.dll
14:37:18.0458 1744  C:\Windows\System32\schannel.dll - ok
14:37:18.0458 1744  [ 5D8874A8C11DDDDE29E12DE0E2013493 ] C:\Windows\System32\rsaenh.dll
14:37:18.0458 1744  C:\Windows\System32\rsaenh.dll - ok
14:37:18.0474 1744  [ 95FB6CA4374E343DDD653FCC43F9D26B ] C:\Windows\System32\wdigest.dll
14:37:18.0474 1744  C:\Windows\System32\wdigest.dll - ok
14:37:18.0474 1744  [ E08088A97F95345E181C3DFCE2C615EF ] C:\Windows\System32\pku2u.dll
14:37:18.0474 1744  C:\Windows\System32\pku2u.dll - ok
14:37:18.0489 1744  [ 8A25506B6948EFBD5A7F37E53CCD36D9 ] C:\Windows\System32\TSpkg.dll
14:37:18.0489 1744  C:\Windows\System32\TSpkg.dll - ok
14:37:18.0489 1744  [ D6C7780A364C6BBACFA796BAB9F1B374 ] C:\Windows\System32\bcryptprimitives.dll
14:37:18.0489 1744  C:\Windows\System32\bcryptprimitives.dll - ok
14:37:18.0489 1744  [ 918434C02A5A8ED1DD1B16A2FF16409C ] C:\Windows\System32\LIVESSP.DLL
14:37:18.0489 1744  C:\Windows\System32\LIVESSP.DLL - ok
14:37:18.0505 1744  [ 52D3D5E3586988D4D9E34ACAAC33105C ] C:\Windows\System32\credssp.dll
14:37:18.0505 1744  C:\Windows\System32\credssp.dll - ok
14:37:18.0505 1744  [ 90BDEFC5DF334E5100EAA781D798DE1A ] C:\Windows\System32\efslsaext.dll
14:37:18.0505 1744  C:\Windows\System32\efslsaext.dll - ok
14:37:18.0505 1744  [ ED78427259134C63ED69804D2132B86C ] C:\Windows\System32\scecli.dll
14:37:18.0505 1744  C:\Windows\System32\scecli.dll - ok
14:37:18.0520 1744  [ 7CC7DF5B654DA579613F811D8C637E29 ] C:\Windows\System32\ubpm.dll
14:37:18.0520 1744  C:\Windows\System32\ubpm.dll - ok
14:37:18.0520 1744  [ C78655BC80301D76ED4FEF1C1EA40A7D ] C:\Windows\System32\svchost.exe
14:37:18.0520 1744  C:\Windows\System32\svchost.exe - ok
14:37:18.0520 1744  [ 25FBDEF06C4D92815B353F6E792C8129 ] C:\Windows\System32\umpnpmgr.dll
14:37:18.0520 1744  C:\Windows\System32\umpnpmgr.dll - ok
14:37:18.0536 1744  [ E6EB44ABAAF1F330119F854856C53EBE ] C:\Windows\System32\SPInf.dll
14:37:18.0536 1744  C:\Windows\System32\SPInf.dll - ok
14:37:18.0536 1744  [ CD1B5AD07E5F7FEF30E055DCC9E96180 ] C:\Windows\System32\devrtl.dll
14:37:18.0536 1744  C:\Windows\System32\devrtl.dll - ok
14:37:18.0536 1744  [ 7A17485DC7D8A7AC81321A42CD034519 ] C:\Windows\System32\userenv.dll
14:37:18.0536 1744  C:\Windows\System32\userenv.dll - ok
14:37:18.0552 1744  [ 9C9307C95671AC962F3D6EB3A4A89BAE ] C:\Windows\System32\gpapi.dll
14:37:18.0552 1744  C:\Windows\System32\gpapi.dll - ok
14:37:18.0552 1744  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] C:\Windows\System32\drivers\luafv.sys
14:37:18.0552 1744  C:\Windows\System32\drivers\luafv.sys - ok
14:37:18.0567 1744  [ B1224E6B086CD6548315B04AB575A23E ] C:\Windows\System32\drivers\avgntflt.sys
14:37:18.0567 1744  C:\Windows\System32\drivers\avgntflt.sys - ok
14:37:18.0567 1744  [ 5C627D1B1138676C0A7AB2C2C190D123 ] C:\Windows\System32\rpcss.dll
14:37:18.0567 1744  C:\Windows\System32\rpcss.dll - ok
14:37:18.0567 1744  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] C:\Windows\System32\RpcEpMap.dll
14:37:18.0567 1744  C:\Windows\System32\RpcEpMap.dll - ok
14:37:18.0583 1744  [ 31559F3244C6BC00A52030CAA83B6B91 ] C:\Windows\System32\WSHTCPIP.DLL
14:37:18.0583 1744  C:\Windows\System32\WSHTCPIP.DLL - ok
14:37:18.0583 1744  [ 9AD9E06F8656F296D91FAE8EE5B95A27 ] C:\Windows\System32\FirewallAPI.dll
14:37:18.0583 1744  C:\Windows\System32\FirewallAPI.dll - ok
14:37:18.0583 1744  [ F6C011B46FAEEF33536B2E80F48B5CBE ] C:\Windows\System32\pcwum.dll
14:37:18.0583 1744  C:\Windows\System32\pcwum.dll - ok
14:37:18.0598 1744  [ 16E964ABF6D1E0F0CC7822FCA9BA754D ] C:\Windows\System32\wshqos.dll
14:37:18.0598 1744  C:\Windows\System32\wshqos.dll - ok
14:37:18.0598 1744  [ 94E026870A55AAEAFF7853C1754091E9 ] C:\Windows\System32\version.dll
14:37:18.0598 1744  C:\Windows\System32\version.dll - ok
14:37:18.0598 1744  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] C:\Windows\System32\gpsvc.dll
14:37:18.0598 1744  C:\Windows\System32\gpsvc.dll - ok
14:37:18.0614 1744  [ 715F03B4C7223349768013EA95D9E5B7 ] C:\Windows\System32\LogonUI.exe
14:37:18.0614 1744  C:\Windows\System32\LogonUI.exe - ok
14:37:18.0614 1744  [ 2DF36F15B2BC1571A6A542A3C2107920 ] C:\Windows\System32\nlaapi.dll
14:37:18.0614 1744  C:\Windows\System32\nlaapi.dll - ok
14:37:18.0614 1744  [ 0BEE002C68E28CE6DA161DCF1376D7D7 ] C:\Windows\System32\authui.dll
14:37:18.0614 1744  C:\Windows\System32\authui.dll - ok
14:37:18.0630 1744  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] C:\Windows\System32\profsvc.dll
14:37:18.0630 1744  C:\Windows\System32\profsvc.dll - ok
14:37:18.0630 1744  [ 58775492FFD419248B08325E583C527F ] C:\Windows\System32\atl.dll
14:37:18.0630 1744  C:\Windows\System32\atl.dll - ok
14:37:18.0630 1744  [ 1538831CF8AD2979A04C423779465827 ] C:\Windows\System32\drivers\lltdio.sys
14:37:18.0630 1744  C:\Windows\System32\drivers\lltdio.sys - ok
14:37:18.0645 1744  [ DDC86E4F8E7456261E637E3552E804FF ] C:\Windows\System32\drivers\rspndr.sys
14:37:18.0645 1744  C:\Windows\System32\drivers\rspndr.sys - ok
14:37:18.0645 1744  [ A77BE7CB3222B4FB0AC6C71D1C2698D4 ] C:\Windows\System32\dsrole.dll
14:37:18.0645 1744  C:\Windows\System32\dsrole.dll - ok
14:37:18.0661 1744  [ BE097F5BB10F9079FCEB2DC4E7E20F02 ] C:\Windows\System32\slc.dll
14:37:18.0661 1744  C:\Windows\System32\slc.dll - ok
14:37:18.0661 1744  [ B3BFBD758506ECB50C5804AAA76318F9 ] C:\Windows\System32\cryptui.dll
14:37:18.0661 1744  C:\Windows\System32\cryptui.dll - ok
14:37:18.0661 1744  [ 7FA8FDC2C2A27817FD0F624E78D3B50C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll
14:37:18.0661 1744  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_fa396087175ac9ac\comctl32.dll - ok
14:37:18.0676 1744  [ 4E9C2DB10F7E6AE91BF761139D4B745B ] C:\Windows\System32\shacct.dll
14:37:18.0676 1744  C:\Windows\System32\shacct.dll - ok
14:37:18.0676 1744  [ 5B3EBFC3DA142324B388DDCC4465E1FF ] C:\Windows\System32\samlib.dll
14:37:18.0676 1744  C:\Windows\System32\samlib.dll - ok
14:37:18.0676 1744  [ F06BB4E336EA57511FDBAFAFCC47DE62 ] C:\Windows\System32\propsys.dll
14:37:18.0676 1744  C:\Windows\System32\propsys.dll - ok
14:37:18.0692 1744  [ D29E998E8277666982B4F0303BF4E7AF ] C:\Windows\System32\uxtheme.dll
14:37:18.0692 1744  C:\Windows\System32\uxtheme.dll - ok
14:37:18.0692 1744  [ 179E8401224D557ECFF3695F2016EA5B ] C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll
14:37:18.0692 1744  C:\Windows\winsxs\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_2b253c8271ec7765\GdiPlus.dll - ok
14:37:18.0692 1744  [ 3CB6A7286422C72C34DAB54A5DFF1A34 ] C:\Windows\System32\dui70.dll
14:37:18.0708 1744  C:\Windows\System32\dui70.dll - ok
14:37:18.0708 1744  [ 8CCDE014A4CDF84564E03ACE064CA753 ] C:\Windows\System32\duser.dll
14:37:18.0708 1744  C:\Windows\System32\duser.dll - ok
14:37:18.0708 1744  [ D7F1EF374A90709B31591823B002F918 ] C:\Windows\System32\SndVolSSO.dll
14:37:18.0708 1744  C:\Windows\System32\SndVolSSO.dll - ok
14:37:18.0723 1744  [ 896F15A6434D93EDB42519D5E18E6B50 ] C:\Windows\System32\hid.dll
14:37:18.0723 1744  C:\Windows\System32\hid.dll - ok
14:37:18.0723 1744  [ 227E2C382A1E02F8D4965E664D3BBE43 ] C:\Windows\System32\MMDevAPI.dll
14:37:18.0723 1744  C:\Windows\System32\MMDevAPI.dll - ok
14:37:18.0723 1744  [ DA1B7075260F3872585BFCDD668C648B ] C:\Windows\System32\dwmapi.dll
14:37:18.0723 1744  C:\Windows\System32\dwmapi.dll - ok
14:37:18.0739 1744  [ 6F8B48F3D343E4B186AB6A9E302B7E16 ] C:\Windows\System32\xmllite.dll
14:37:18.0739 1744  C:\Windows\System32\xmllite.dll - ok
14:37:18.0739 1744  [ 26B73A85855681500BCC25C7CD9FF5B1 ] C:\Windows\System32\WindowsCodecs.dll
14:37:18.0739 1744  C:\Windows\System32\WindowsCodecs.dll - ok
14:37:18.0739 1744  [ C2762A57DF0EE85E63CE4893C5215313 ] C:\Windows\System32\VaultCredProvider.dll
14:37:18.0739 1744  C:\Windows\System32\VaultCredProvider.dll - ok
14:37:18.0754 1744  [ 9F2BACD5E1776A4BB7CC0EC3C3A4F96D ] C:\Windows\System32\winbrand.dll
14:37:18.0754 1744  C:\Windows\System32\winbrand.dll - ok
14:37:18.0754 1744  [ BD3674BE7FC9D8D3732C83E8499576ED ] C:\Windows\System32\wtsapi32.dll
14:37:18.0754 1744  C:\Windows\System32\wtsapi32.dll - ok
14:37:18.0754 1744  [ BF352E73615F5461AA6884472435A544 ] C:\Windows\System32\BioCredProv.dll
14:37:18.0754 1744  C:\Windows\System32\BioCredProv.dll - ok
14:37:18.0770 1744  [ CA2985996BB49924B677113DF95CFEA7 ] C:\Windows\System32\SmartcardCredentialProvider.dll
14:37:18.0770 1744  C:\Windows\System32\SmartcardCredentialProvider.dll - ok
14:37:18.0770 1744  [ CC0AB40F02D2C2A12209715A3C1B07B8 ] C:\Windows\System32\credui.dll
14:37:18.0770 1744  C:\Windows\System32\credui.dll - ok
14:37:18.0770 1744  [ 796B8123A7859AFD3A4AE10514DBAEB5 ] C:\Windows\System32\winbio.dll
14:37:18.0770 1744  C:\Windows\System32\winbio.dll - ok
14:37:18.0786 1744  [ 764908FE1FA96F93C95B1B67A0FCED29 ] C:\Windows\System32\netapi32.dll
14:37:18.0786 1744  C:\Windows\System32\netapi32.dll - ok
14:37:18.0786 1744  [ 6CECA4C6A489C9B2E6073AFDAAE3F607 ] C:\Windows\System32\netutils.dll
14:37:18.0786 1744  C:\Windows\System32\netutils.dll - ok
14:37:18.0786 1744  [ FC51229C7D4AFA0D6F186133728B95AB ] C:\Windows\System32\samcli.dll
14:37:18.0786 1744  C:\Windows\System32\samcli.dll - ok
14:37:18.0801 1744  [ 44B9C66177651F3F53C87B665D58D17A ] C:\Windows\System32\vaultcli.dll
14:37:18.0801 1744  C:\Windows\System32\vaultcli.dll - ok
14:37:18.0801 1744  [ 3C91392D448F6E5D525A85B7550D8BA9 ] C:\Windows\System32\wkscli.dll
14:37:18.0801 1744  C:\Windows\System32\wkscli.dll - ok
14:37:18.0801 1744  [ 972C3301DB3DA91AE06A95F6B4160B1B ] C:\Windows\System32\certCredProvider.dll
14:37:18.0801 1744  C:\Windows\System32\certCredProvider.dll - ok
14:37:18.0817 1744  [ FB25067C233B686B50F29ABD688B2A6D ] C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL
14:37:18.0817 1744  C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDCREDPROV.DLL - ok
14:37:18.0817 1744  [ 87FA0C48C3B2E9FEE518818FE26B15B5 ] C:\Windows\System32\rasplap.dll
14:37:18.0817 1744  C:\Windows\System32\rasplap.dll - ok
14:37:18.0832 1744  [ 019CD868461B646E09BDF04474C19341 ] C:\Windows\System32\rasapi32.dll
14:37:18.0832 1744  C:\Windows\System32\rasapi32.dll - ok
14:37:18.0832 1744  [ B28DEEC597C8DEB70C744C7CF9210E3E ] C:\Windows\System32\rasman.dll
14:37:18.0832 1744  C:\Windows\System32\rasman.dll - ok
14:37:18.0832 1744  [ B53C4B69B695EDA1B7E41D35CA4244E2 ] C:\Windows\System32\rtutils.dll
14:37:18.0832 1744  C:\Windows\System32\rtutils.dll - ok
14:37:18.0848 1744  [ 9BC8610C32C96A2983A65DC21CAFA921 ] C:\Windows\System32\UXInit.dll
14:37:18.0848 1744  C:\Windows\System32\UXInit.dll - ok
14:37:18.0848 1744  [ 5AA945234E9D4CCE4F715276B9AA712C ] C:\Windows\System32\imageres.dll
14:37:18.0848 1744  C:\Windows\System32\imageres.dll - ok
14:37:18.0848 1744  [ 716175021BDA290504CE434273F666BC ] C:\Windows\System32\powrprof.dll
14:37:18.0848 1744  C:\Windows\System32\powrprof.dll - ok
14:37:18.0864 1744  [ 54494B93BB5AD74C807100144EC30D64 ] C:\Windows\System32\drivers\atksgt.sys
14:37:18.0864 1744  C:\Windows\System32\drivers\atksgt.sys - ok
14:37:18.0864 1744  [ 5EA407821BB3104C31A705175AB4F309 ] C:\Windows\System32\drivers\lirsgt.sys
14:37:18.0864 1744  C:\Windows\System32\drivers\lirsgt.sys - ok
14:37:18.0864 1744  [ 68769C3356B3BE5D1C732C97B9A80D6E ] C:\Windows\System32\drivers\PEAuth.sys
14:37:18.0864 1744  C:\Windows\System32\drivers\PEAuth.sys - ok
14:37:18.0879 1744  [ 3EA8A16169C26AFBEB544E0E48421186 ] C:\Windows\System32\drivers\secdrv.sys
14:37:18.0879 1744  C:\Windows\System32\drivers\secdrv.sys - ok
14:37:18.0879 1744  [ DF687E3D8836BFB04FCC0615BF15A519 ] C:\Windows\System32\drivers\tcpipreg.sys
14:37:18.0879 1744  C:\Windows\System32\drivers\tcpipreg.sys - ok
14:37:18.0895 1744  [ 2B81776DA02017A37FE26C662827470E ] C:\Windows\System32\IPHLPAPI.DLL
14:37:18.0895 1744  C:\Windows\System32\IPHLPAPI.DLL - ok
14:37:18.0895 1744  [ 4C9210E8F4E052F6A4EB87716DA0C24C ] C:\Windows\System32\winnsi.dll
14:37:18.0895 1744  C:\Windows\System32\winnsi.dll - ok
14:37:18.0895 1744  [ 1F4492FE41767CDB8B89D17655847CDD ] C:\Windows\System32\ntmarta.dll
14:37:18.0895 1744  C:\Windows\System32\ntmarta.dll - ok
14:37:18.0910 1744  [ A8EDB86FC2A4D6D1285E4C70384AC35A ] C:\Windows\System32\dllhost.exe
14:37:18.0910 1744  C:\Windows\System32\dllhost.exe - ok
14:37:18.0910 1744  [ 14DFDEAF4E589ED3F1FF187A86B9408C ] C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll
14:37:18.0910 1744  C:\Windows\winsxs\amd64_microsoft.windows.common-controls_6595b64144ccf1df_5.82.7601.17514_none_a4d6a923711520a9\comctl32.dll - ok
14:37:18.0910 1744  [ A0A2C1D812C231C9BFE119FDC68E341B ] C:\Windows\System32\IDStore.dll
14:37:18.0910 1744  C:\Windows\System32\IDStore.dll - ok
14:37:18.0926 1744  [ 23566F9723771108D2E6CD768AC27407 ] C:\Windows\System32\AtBroker.exe
14:37:18.0926 1744  C:\Windows\System32\AtBroker.exe - ok
14:37:18.0926 1744  [ 674B9AD48FB33A39D2550B2874BB768F ] C:\Windows\System32\hotplug.dll
14:37:18.0926 1744  C:\Windows\System32\hotplug.dll - ok
14:37:18.0926 1744  [ 6CEF7856A3EFAC59470F6208F0F585CE ] C:\Windows\System32\mpr.dll
14:37:18.0926 1744  C:\Windows\System32\mpr.dll - ok
14:37:18.0942 1744  [ DD81D91FF3B0763C392422865C9AC12E ] C:\Windows\System32\rundll32.exe
14:37:18.0942 1744  C:\Windows\System32\rundll32.exe - ok
14:37:18.0942 1744  [ BAFE84E637BF7388C96EF48D4D3FDD53 ] C:\Windows\System32\userinit.exe
14:37:18.0942 1744  C:\Windows\System32\userinit.exe - ok
14:37:18.0942 1744  [ 2110CE8CB4C6937200A973AD0B70F33D ] C:\Windows\AppPatch\AcRes.dll
14:37:18.0942 1744  C:\Windows\AppPatch\AcRes.dll - ok
14:37:18.0957 1744  [ 332FEAB1435662FC6C672E25BEB37BE3 ] C:\Windows\explorer.exe
14:37:18.0957 1744  C:\Windows\explorer.exe - ok
14:37:18.0957 1744  [ EED05D42D91835064703E2318552ED25 ] C:\Windows\System32\ExplorerFrame.dll
14:37:18.0957 1744  C:\Windows\System32\ExplorerFrame.dll - ok
14:37:18.0973 1744  [ 024352FEEC9042260BB4CFB4D79A206B ] C:\Windows\System32\EhStorShell.dll
14:37:18.0973 1744  C:\Windows\System32\EhStorShell.dll - ok
14:37:18.0973 1744  [ 037A719DAD50603202C978CD802623E4 ] C:\Windows\System32\ntshrui.dll
14:37:18.0973 1744  C:\Windows\System32\ntshrui.dll - ok
14:37:18.0973 1744  [ 1BF0CB861A48FEB1638228760750F3CB ] C:\Windows\System32\cscapi.dll
14:37:18.0973 1744  C:\Windows\System32\cscapi.dll - ok
14:37:18.0988 1744  [ 1D63F4366288B8A7595397E27010FD44 ] C:\Windows\System32\IconCodecService.dll
14:37:18.0988 1744  C:\Windows\System32\IconCodecService.dll - ok
14:37:18.0988 1744  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] C:\Windows\System32\appinfo.dll
14:37:18.0988 1744  C:\Windows\System32\appinfo.dll - ok
14:37:18.0988 1744  [ 025E7DBDB98866ED3CB2D4DDA70B364D ] C:\Windows\System32\runonce.exe
14:37:18.0988 1744  C:\Windows\System32\runonce.exe - ok
14:37:19.0004 1744  [ E73B0F1819602CB6EF176FB78D76A47B ] C:\Windows\SysWOW64\ntdll.dll
14:37:19.0004 1744  C:\Windows\SysWOW64\ntdll.dll - ok
14:37:19.0004 1744  [ D44741F65A1D71F65814A12CF6E2400A ] C:\Windows\SysWOW64\runonce.exe
14:37:19.0004 1744  C:\Windows\SysWOW64\runonce.exe - ok
14:37:19.0004 1744  [ B1E3772FFA96AC5AEE89BF202AF8E348 ] C:\Windows\System32\wow64.dll
14:37:19.0004 1744  C:\Windows\System32\wow64.dll - ok
14:37:19.0020 1744  [ FC5A43FA257F546F8F2B96B5529857E1 ] C:\Windows\System32\wow64win.dll
14:37:19.0020 1744  C:\Windows\System32\wow64win.dll - ok
14:37:19.0020 1744  [ AA0D2571A4348838B8DD49FD0043826A ] C:\Windows\System32\wow64cpu.dll
14:37:19.0020 1744  C:\Windows\System32\wow64cpu.dll - ok
14:37:19.0020 1744  [ 99C3F8E9CC59D95666EB8D8A8B4C2BEB ] C:\Windows\SysWOW64\kernel32.dll
14:37:19.0020 1744  C:\Windows\SysWOW64\kernel32.dll - ok
14:37:19.0035 1744  [ 95E2376B3323F062EB562B8586D0F14A ] C:\Windows\SysWOW64\advapi32.dll
14:37:19.0035 1744  C:\Windows\SysWOW64\advapi32.dll - ok
14:37:19.0035 1744  [ 5C2D21C9B6B6175B89BC5D7E3CB979E1 ] C:\Windows\SysWOW64\KernelBase.dll
14:37:19.0035 1744  C:\Windows\SysWOW64\KernelBase.dll - ok
14:37:19.0051 1744  [ 9DC80A8AAAAAC397BDAB3C67165A824E ] C:\Windows\SysWOW64\msvcrt.dll
14:37:19.0051 1744  C:\Windows\SysWOW64\msvcrt.dll - ok
14:37:19.0051 1744  [ C5AD8083CF94201F1F8084ECC696A8B7 ] C:\Windows\SysWOW64\rpcrt4.dll
14:37:19.0051 1744  C:\Windows\SysWOW64\rpcrt4.dll - ok
14:37:19.0051 1744  [ CFC97F07904067A1E5FAE195D534DA3A ] C:\Windows\SysWOW64\sechost.dll
14:37:19.0051 1744  C:\Windows\SysWOW64\sechost.dll - ok
14:37:19.0051 1744  [ F08F6FCD09F9BE94C37ACC1B344685FF ] C:\Windows\SysWOW64\cryptbase.dll
14:37:19.0051 1744  C:\Windows\SysWOW64\cryptbase.dll - ok
14:37:19.0066 1744  [ D6D3AD7BF1D6F6CE9547613ED5E170A2 ] C:\Windows\SysWOW64\gdi32.dll
14:37:19.0066 1744  C:\Windows\SysWOW64\gdi32.dll - ok
14:37:19.0066 1744  [ EDA7AD21DF8945528F01F0A86D69E524 ] C:\Windows\SysWOW64\sspicli.dll
14:37:19.0066 1744  C:\Windows\SysWOW64\sspicli.dll - ok
14:37:19.0082 1744  [ 5E0DB2D8B2750543CD2EBB9EA8E6CDD3 ] C:\Windows\SysWOW64\user32.dll
14:37:19.0082 1744  C:\Windows\SysWOW64\user32.dll - ok
14:37:19.0082 1744  [ 384721EF4024890092625E20CADFAF85 ] C:\Windows\SysWOW64\lpk.dll
14:37:19.0082 1744  C:\Windows\SysWOW64\lpk.dll - ok
14:37:19.0082 1744  [ 928CF7268086631F54C3D8E17238C6DD ] C:\Windows\SysWOW64\ole32.dll
14:37:19.0082 1744  C:\Windows\SysWOW64\ole32.dll - ok
14:37:19.0098 1744  [ 8CC3C111D653E96F3EA1590891491D71 ] C:\Windows\SysWOW64\shlwapi.dll
14:37:19.0098 1744  C:\Windows\SysWOW64\shlwapi.dll - ok
14:37:19.0098 1744  [ 804AAAFEBB3AD5F49334DD906BCB1DE5 ] C:\Windows\SysWOW64\usp10.dll
14:37:19.0098 1744  C:\Windows\SysWOW64\usp10.dll - ok
14:37:19.0098 1744  [ 352B3DC62A0D259A82A052238425C872 ] C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll
14:37:19.0098 1744  C:\Windows\winsxs\x86_microsoft.windows.common-controls_6595b64144ccf1df_6.0.7601.17514_none_41e6975e2bd6f2b2\comctl32.dll - ok
14:37:19.0113 1744  [ 29E9794708DF51DB5DC89FB2E903A0F6 ] C:\Windows\SysWOW64\shell32.dll
14:37:19.0113 1744  C:\Windows\SysWOW64\shell32.dll - ok
14:37:19.0113 1744  [ A6F09E5669D9A19035F6D942CAA15882 ] C:\Windows\SysWOW64\imm32.dll
14:37:19.0113 1744  C:\Windows\SysWOW64\imm32.dll - ok
14:37:19.0113 1744  [ C9618BC9B2B0FD7C1138D8774795A79B ] C:\Windows\SysWOW64\msctf.dll
14:37:19.0113 1744  C:\Windows\SysWOW64\msctf.dll - ok
14:37:19.0129 1744  [ 7FF15A4F092CD4A96055BA69F903E3E9 ] C:\Windows\SysWOW64\ws2_32.dll
14:37:19.0129 1744  C:\Windows\SysWOW64\ws2_32.dll - ok
14:37:19.0129 1744  [ F10E5311E5093FA3C00FF88C54C32FCA ] C:\Windows\SysWOW64\atl.dll
14:37:19.0129 1744  C:\Windows\SysWOW64\atl.dll - ok
14:37:19.0129 1744  [ 6377051C63D5552A311935C67E9FDFDC ] C:\Windows\SysWOW64\nsi.dll
14:37:19.0129 1744  C:\Windows\SysWOW64\nsi.dll - ok
14:37:19.0144 1744  [ 2CA020EACDC6DDB2BEA89FEA02C90945 ] C:\Windows\SysWOW64\wininet.dll
14:37:19.0144 1744  C:\Windows\SysWOW64\wininet.dll - ok
14:37:19.0144 1744  [ 1973A8AC903115B3B60E1A53C1B014E6 ] C:\Windows\SysWOW64\urlmon.dll
14:37:19.0144 1744  C:\Windows\SysWOW64\urlmon.dll - ok
14:37:19.0160 1744  [ 6C765E82B57F2E66CE9C54AC238471D9 ] C:\Windows\SysWOW64\oleaut32.dll
14:37:19.0160 1744  C:\Windows\SysWOW64\oleaut32.dll - ok
14:37:19.0160 1744  [ 1295338CFE6F249823EF9BC8D4368A84 ] C:\Windows\SysWOW64\crypt32.dll
14:37:19.0160 1744  C:\Windows\SysWOW64\crypt32.dll - ok
14:37:19.0160 1744  [ 3B10CE9257F58352B555FADD898C5F12 ] C:\Windows\SysWOW64\iertutil.dll
14:37:19.0160 1744  C:\Windows\SysWOW64\iertutil.dll - ok
14:37:19.0176 1744  [ 938F39B50BAFE13D6F58C7790682C010 ] C:\Windows\SysWOW64\msasn1.dll
14:37:19.0176 1744  C:\Windows\SysWOW64\msasn1.dll - ok
14:37:19.0176 1744  [ D5AEFAD57C08349A4393D987DF7C715D ] C:\Windows\SysWOW64\winmm.dll
14:37:19.0176 1744  C:\Windows\SysWOW64\winmm.dll - ok
14:37:19.0176 1744  [ 10FB16B50AFFDA6D44588F3C445DC273 ] C:\Windows\SysWOW64\setupapi.dll
14:37:19.0176 1744  C:\Windows\SysWOW64\setupapi.dll - ok
14:37:19.0191 1744  [ F436E847FA799ECD75AD8C313673F450 ] C:\Windows\SysWOW64\cfgmgr32.dll
14:37:19.0191 1744  C:\Windows\SysWOW64\cfgmgr32.dll - ok
14:37:19.0191 1744  [ 2EEFF4502F5E13B1BED4A04CCAD64C08 ] C:\Windows\SysWOW64\devobj.dll
14:37:19.0191 1744  C:\Windows\SysWOW64\devobj.dll - ok
14:37:19.0191 1744  [ FF5688D309347F2720911D8796912834 ] C:\Windows\SysWOW64\clbcatq.dll
14:37:19.0191 1744  C:\Windows\SysWOW64\clbcatq.dll - ok
14:37:19.0207 1744  [ 12C45E3CB6D65F73209549E2D02ECA7A ] C:\Windows\SysWOW64\propsys.dll
14:37:19.0207 1744  C:\Windows\SysWOW64\propsys.dll - ok
14:37:19.0207 1744  [ 3FD15B4611D9BDA3F8013548C0ECAECA ] C:\Windows\SysWOW64\ntmarta.dll
14:37:19.0207 1744  C:\Windows\SysWOW64\ntmarta.dll - ok
14:37:19.0207 1744  [ A8BB45F9ECAD993461E0FEF8E2A99152 ] C:\Windows\SysWOW64\Wldap32.dll
14:37:19.0207 1744  C:\Windows\SysWOW64\Wldap32.dll - ok
14:37:19.0222 1744  [ C733D233B623B7FFCE5031E4B756EE26 ] C:\Windows\SysWOW64\profapi.dll
14:37:19.0222 1744  C:\Windows\SysWOW64\profapi.dll - ok
14:37:19.0222 1744  [ 702254574E7E52052DE39408457B7149 ] C:\Windows\SysWOW64\version.dll
14:37:19.0222 1744  C:\Windows\SysWOW64\version.dll - ok
14:37:19.0238 1744  [ 863F793D15B4026B1A5FDECA873D4D84 ] C:\Windows\SysWOW64\apphelp.dll
14:37:19.0238 1744  C:\Windows\SysWOW64\apphelp.dll - ok
14:37:19.0238 1744  [ AD7B9C14083B52BC532FBA5948342B98 ] C:\Windows\SysWOW64\cmd.exe
14:37:19.0238 1744  C:\Windows\SysWOW64\cmd.exe - ok
14:37:19.0238 1744  [ 448BF22538F1DFCB3412AE2B1CF123A9 ] C:\Windows\System32\conhost.exe
14:37:19.0238 1744  C:\Windows\System32\conhost.exe - ok
14:37:19.0254 1744  [ 326C7F76A29897A892AA7726E91C1C67 ] C:\Windows\SysWOW64\winbrand.dll
14:37:19.0254 1744  C:\Windows\SysWOW64\winbrand.dll - ok
14:37:19.0254 1744  [ 2DFB999E4052060173EF60121931BC83 ] C:\Windows\SysWOW64\ieframe.dll
14:37:19.0254 1744  C:\Windows\SysWOW64\ieframe.dll - ok
14:37:19.0254 1744  [ 8E01332CC4B68BC6B5B7EFFE374442AA ] C:\Windows\SysWOW64\oleacc.dll
14:37:19.0254 1744  C:\Windows\SysWOW64\oleacc.dll - ok
14:37:19.0269 1744  [ A543AC1F7138376D778D630A35FCBC4C ] C:\Windows\SysWOW64\psapi.dll
14:37:19.0269 1744  C:\Windows\SysWOW64\psapi.dll - ok
14:37:19.0269 1744  [ 178A34E5554DCE485E1262DDF027960C ] Z:\Mythrender\AppData\Local\Temp\9F3A54A8-C3D7-4070-9B2B-8B5181A6CACC.exe
14:37:19.0269 1744  Z:\Mythrender\AppData\Local\Temp\9F3A54A8-C3D7-4070-9B2B-8B5181A6CACC.exe - ok
14:37:19.0269 1744  [ 40CAEEE0EAF1B8569F7C8DF6420F2CB9 ] C:\Windows\SysWOW64\sfc.dll
14:37:19.0269 1744  C:\Windows\SysWOW64\sfc.dll - ok
14:37:19.0285 1744  [ 84799328D87B3091A3BDD251E1AD31F9 ] C:\Windows\SysWOW64\sfc_os.dll
14:37:19.0285 1744  C:\Windows\SysWOW64\sfc_os.dll - ok
14:37:19.0285 1744  [ 162D247E995EAEBF3EF4289069E1111C ] C:\Windows\SysWOW64\devrtl.dll
14:37:19.0285 1744  C:\Windows\SysWOW64\devrtl.dll - ok
14:37:19.0285 1744  [ B9A8CBCFCD3EC9D2EA4740AF347BF108 ] C:\Windows\SysWOW64\mpr.dll
14:37:19.0285 1744  C:\Windows\SysWOW64\mpr.dll - ok
14:37:19.0300 1744  [ D56C13F26ADCB3BC0455DB42883F6E7D ] C:\Windows\System32\iedkcs32.dll
14:37:19.0300 1744  C:\Windows\System32\iedkcs32.dll - ok
14:37:19.0300 1744  [ 6D220604AA4240303DD8DEAEAB428377 ] C:\Windows\System32\ie4uinit.exe
14:37:19.0300 1744  C:\Windows\System32\ie4uinit.exe - ok
14:37:19.0316 1744  [ FB10715E4099AF9FA389C71873245226 ] C:\Windows\System32\timedate.cpl
14:37:19.0316 1744  C:\Windows\System32\timedate.cpl - ok
14:37:19.0316 1744  [ CA9F7888B524D8100B977C81F44C3234 ] C:\Windows\SysWOW64\winhttp.dll
14:37:19.0316 1744  C:\Windows\SysWOW64\winhttp.dll - ok
14:37:19.0316 1744  [ FB19FC5951A88F3C523E35C2C98D23C0 ] C:\Windows\SysWOW64\webio.dll
14:37:19.0316 1744  C:\Windows\SysWOW64\webio.dll - ok
14:37:19.0332 1744  [ A7D79E9F660340AB20CD73F12910985F ] C:\Windows\SysWOW64\wintrust.dll
14:37:19.0332 1744  C:\Windows\SysWOW64\wintrust.dll - ok
14:37:19.0332 1744  [ C4F40F6CACD796A8E16671D0E9A2F319 ] C:\Windows\System32\shdocvw.dll
14:37:19.0332 1744  C:\Windows\System32\shdocvw.dll - ok
14:37:19.0332 1744  [ A0A65D306A5490D2EB8E7DE66898ECFD ] C:\Windows\System32\linkinfo.dll
14:37:19.0332 1744  C:\Windows\System32\linkinfo.dll - ok
14:37:19.0347 1744  [ 3504B34CD2DE00BA3CC1A195F1B739BD ] C:\Windows\System32\gameux.dll
14:37:19.0347 1744  C:\Windows\System32\gameux.dll - ok
14:37:19.0347 1744  [ 9689A9C7F7C2A1A423CDA2C3B43FFF65 ] C:\Windows\System32\wer.dll
14:37:19.0347 1744  C:\Windows\System32\wer.dll - ok
14:37:19.0347 1744  [ 1EAC1A8CA6874BF5B15E2EFB9A9A7B86 ] C:\Windows\System32\msftedit.dll
14:37:19.0347 1744  C:\Windows\System32\msftedit.dll - ok
14:37:19.0363 1744  [ 7CB3ACB163DE051169095DC6507B8977 ] C:\Windows\System32\msls31.dll
14:37:19.0363 1744  C:\Windows\System32\msls31.dll - ok
14:37:19.0363 1744  [ 7DBA84667DC18877AEF693E3543DFAD7 ] C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll
14:37:19.0363 1744  C:\Program Files\Common Files\Microsoft Shared\ink\tiptsf.dll - ok
14:37:19.0363 1744  [ 43964FA89CCF97BA6BE34D69455AC65F ] C:\Windows\SysWOW64\uxtheme.dll
14:37:19.0363 1744  C:\Windows\SysWOW64\uxtheme.dll - ok
14:37:19.0378 1744  [ 4C2C4640BF23AAFCF90519E0F34436CE ] C:\Windows\System32\DeviceCenter.dll
14:37:19.0378 1744  C:\Windows\System32\DeviceCenter.dll - ok
14:37:19.0378 1744  [ 7321F18D1F820612ED0E9F2D4B578A7E ] C:\Windows\SysWOW64\cryptsp.dll
14:37:19.0378 1744  C:\Windows\SysWOW64\cryptsp.dll - ok
14:37:19.0394 1744  [ 4E5FE39C1076D115EC8BFCFE14D75B80 ] C:\Windows\SysWOW64\credssp.dll
14:37:19.0394 1744  C:\Windows\SysWOW64\credssp.dll - ok
14:37:19.0394 1744  [ 8999B8631C7FD9F7F9EC3CAFD953BA24 ] C:\Windows\SysWOW64\mswsock.dll
14:37:19.0394 1744  C:\Windows\SysWOW64\mswsock.dll - ok
14:37:19.0394 1744  [ EE5C8E27C37B79CB54A2FCEEED2DC262 ] C:\Windows\SysWOW64\WSHTCPIP.DLL
14:37:19.0394 1744  C:\Windows\SysWOW64\WSHTCPIP.DLL - ok
14:37:19.0410 1744  [ 05145106194C6C95FD0482CD1AD779AD ] C:\Windows\System32\ieframe.dll
14:37:19.0410 1744  C:\Windows\System32\ieframe.dll - ok
14:37:19.0410 1744  [ B40420876B9288E0A1C8CCA8A84E5DC9 ] C:\Windows\SysWOW64\dnsapi.dll
14:37:19.0410 1744  C:\Windows\SysWOW64\dnsapi.dll - ok
14:37:19.0410 1744  [ 73E8667A19FEEDD856DF2695E9E511D4 ] C:\Windows\SysWOW64\wship6.dll
14:37:19.0410 1744  C:\Windows\SysWOW64\wship6.dll - ok
14:37:19.0425 1744  [ 835BFF67EBD89BCE0B13460B2A56C53E ] C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL
14:37:19.0425 1744  C:\Program Files (x86)\Common Files\microsoft shared\Windows Live\WLIDNSP.DLL - ok
14:37:19.0425 1744  [ A90DC9ABD65DB1A8902F361103029952 ] C:\Windows\SysWOW64\IPHLPAPI.DLL
14:37:19.0425 1744  C:\Windows\SysWOW64\IPHLPAPI.DLL - ok
14:37:19.0425 1744  [ CFF35B879D1618D42C86644C717BA947 ] C:\Windows\SysWOW64\winnsi.dll
14:37:19.0425 1744  C:\Windows\SysWOW64\winnsi.dll - ok
14:37:19.0441 1744  [ 9A85ABCE0FDD1AF8E79E731EB0B679F3 ] C:\Windows\SysWOW64\dhcpcsvc.dll
14:37:19.0441 1744  C:\Windows\SysWOW64\dhcpcsvc.dll - ok
14:37:19.0441 1744  [ 29CA5974FAB0E8AE4AA7814FE05CF832 ] C:\Windows\SysWOW64\dhcpcsvc6.dll
14:37:19.0441 1744  C:\Windows\SysWOW64\dhcpcsvc6.dll - ok
14:37:19.0456 1744  [ ED6EE83D61EBC683C2CD8E899EA6FEBE ] C:\Windows\SysWOW64\rasadhlp.dll
14:37:19.0456 1744  C:\Windows\SysWOW64\rasadhlp.dll - ok
14:37:19.0456 1744  [ 84DB35F319E5B67838A4877C11748866 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
14:37:19.0456 1744  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe - ok
14:37:19.0456 1744  [ C983E62B6FB74457D173BA93F66F6068 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe
14:37:19.0456 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\avgnt.exe - ok
14:37:19.0472 1744  [ CA6ADE4F7761BB15B3325356DC3B82BB ] C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll
14:37:19.0472 1744  C:\Windows\winsxs\x86_microsoft.vc90.mfc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_4bf7e3e2bf9ada4c\mfc90u.dll - ok
14:37:19.0472 1744  [ FB665485B6C8EE16FED0619ADFF8B27A ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll
14:37:19.0472 1744  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbam.dll - ok
14:37:19.0472 1744  [ CDBE9690CF2B8409FACAD94FAC9479C9 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll
14:37:19.0472 1744  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcr90.dll - ok
14:37:19.0488 1744  [ 24744F14E76174927AA2BD4600709192 ] C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll
14:37:19.0488 1744  C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamnet.dll - ok
14:37:19.0488 1744  [ 18AB2E5A40064ED5F7791AC5946A90F3 ] C:\Windows\SysWOW64\msimg32.dll
14:37:19.0488 1744  C:\Windows\SysWOW64\msimg32.dll - ok
14:37:19.0488 1744  [ 4C39358EBDD2FFCD9132A30E1EC31E16 ] C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll
14:37:19.0488 1744  C:\Windows\winsxs\x86_microsoft.vc90.crt_1fc8b3b9a1e18e3b_9.0.30729.6161_none_50934f2ebcb7eb57\msvcp90.dll - ok
14:37:19.0503 1744  [ 7717F84F483002815490033BF069DABD ] C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll
14:37:19.0503 1744  C:\Windows\winsxs\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.7601.17825_none_72d273598668a06b\GdiPlus.dll - ok
14:37:19.0503 1744  [ CF636C92B762B26F0B39B38E92380A09 ] C:\Windows\System32\oleacc.dll
14:37:19.0503 1744  C:\Windows\System32\oleacc.dll - ok
14:37:19.0519 1744  [ 405F4D32D2185F1F1BD753D8EEAFFB3A ] C:\Windows\System32\networkexplorer.dll
14:37:19.0519 1744  C:\Windows\System32\networkexplorer.dll - ok
14:37:19.0519 1744  [ 39C5F32747B3414D1BB216FDB1DEFC58 ] C:\Windows\SysWOW64\dwmapi.dll
14:37:19.0519 1744  C:\Windows\SysWOW64\dwmapi.dll - ok
14:37:19.0519 1744  [ FBFCA1A574D47EE575448B719CBBF2E4 ] C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL
14:37:19.0519 1744  C:\Windows\winsxs\x86_microsoft.vc90.mfcloc_1fc8b3b9a1e18e3b_9.0.30729.6161_none_49768ef57548175e\MFC90ENU.DLL - ok
14:37:19.0534 1744  [ 47766F6B79A25AF04ED3F6F2B02AA4CB ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll
14:37:19.0534 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwkrlib.dll - ok
14:37:19.0534 1744  [ 01936B92434B6AB994D9BB2139729CFB ] C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll
14:37:19.0534 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\cfglib.dll - ok
14:37:19.0534 1744  [ 6A6B2EE4565A178035BE2A4FF6F2C968 ] C:\Windows\SysWOW64\wtsapi32.dll
14:37:19.0534 1744  C:\Windows\SysWOW64\wtsapi32.dll - ok
14:37:19.0550 1744  [ ED8EC63F7522DF4852147C84EC62C36A ] C:\Windows\SysWOW64\rsaenh.dll
14:37:19.0550 1744  C:\Windows\SysWOW64\rsaenh.dll - ok
14:37:19.0550 1744  [ 15DFB3CAF377FC93440BA5756637D37F ] C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll
14:37:19.0550 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\scewxmlw.dll - ok
14:37:19.0566 1744  [ F7263B4E58E0346178CAD70EAC7F35E6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll
14:37:19.0566 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgen.dll - ok
14:37:19.0566 1744  [ F05A5753C308425749B37ACD39A5F760 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll
14:37:19.0566 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgenrc.dll - ok
14:37:19.0566 1744  [ 8CE1A6D16B9077E91E192499EB611C5F ] C:\Windows\SysWOW64\netapi32.dll
14:37:19.0566 1744  C:\Windows\SysWOW64\netapi32.dll - ok
14:37:19.0581 1744  [ 20B3934DB73EABA2B49B7177873CB81F ] C:\Windows\SysWOW64\netutils.dll
14:37:19.0581 1744  C:\Windows\SysWOW64\netutils.dll - ok
14:37:19.0581 1744  [ 68ECCA523ED760AAFC03C5D587569859 ] C:\Windows\SysWOW64\samcli.dll
14:37:19.0581 1744  C:\Windows\SysWOW64\samcli.dll - ok
14:37:19.0581 1744  [ 5CCDCD40E732D54E0F7451AC66AC1C87 ] C:\Windows\SysWOW64\srvcli.dll
14:37:19.0581 1744  C:\Windows\SysWOW64\srvcli.dll - ok
14:37:19.0597 1744  [ E5A4A1326A02F8E7B59E6C3270CE7202 ] C:\Windows\SysWOW64\wkscli.dll
14:37:19.0597 1744  C:\Windows\SysWOW64\wkscli.dll - ok
14:37:19.0597 1744  [ ACFEC9B963B04268856823051D08251C ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccprofil.dll
14:37:19.0597 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccprofil.dll - ok
14:37:19.0597 1744  [ AD676891B172562C0B19EDD0BE701940 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccscanrc.dll
14:37:19.0597 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccscanrc.dll - ok
14:37:19.0612 1744  [ 4B3A4639DD281B709162A2120B3DAEFC ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll
14:37:19.0612 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccguard.dll - ok
14:37:19.0612 1744  [ 298B49E02025ADD1D12AAF27937A3549 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll
14:37:19.0612 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdrc.dll - ok
14:37:19.0612 1744  [ 41303E032613D2C4E29BE8B8EB5F027B ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll
14:37:19.0612 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccgrdw.dll - ok
14:37:19.0628 1744  [ 06990855177B4AB5366864738C43D459 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll
14:37:19.0628 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\avipc.dll - ok
14:37:19.0628 1744  [ 84F045A39B6DCFA6018F7D8F68E1F80C ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccquamgr.dll
14:37:19.0628 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccquamgr.dll - ok
14:37:19.0644 1744  [ 48620181236476EC845CB96D453EDF54 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccquarc.dll
14:37:19.0644 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccquarc.dll - ok
14:37:19.0644 1744  [ EEBB9A28B06BFFF6B801A7B3B0263194 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccsched.dll
14:37:19.0644 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccsched.dll - ok
14:37:19.0644 1744  [ C2C9BE593D6FF85C236667A754248210 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccreport.dll
14:37:19.0644 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccreport.dll - ok
14:37:19.0659 1744  [ 0CA0530BDA80A75A63EF95D7DDFD6B4C ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccscherc.dll
14:37:19.0659 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccscherc.dll - ok
14:37:19.0659 1744  [ 5757FD95F10D5307292BF2F874F06CE9 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccreporc.dll
14:37:19.0659 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccreporc.dll - ok
14:37:19.0659 1744  [ 18C6ABB238E53B513391E9B22EC015F7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccev.dll
14:37:19.0659 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccev.dll - ok
14:37:19.0675 1744  [ 5EB6E9C8BE1ACC5830780E0F9A846255 ] C:\Windows\System32\msi.dll
14:37:19.0675 1744  C:\Windows\System32\msi.dll - ok
14:37:19.0675 1744  [ 69754747274B76E7FAF287239333D7E6 ] C:\Windows\System32\msiltcfg.dll
14:37:19.0675 1744  C:\Windows\System32\msiltcfg.dll - ok
14:37:19.0675 1744  [ 1C8244C24F208591D7BDECFFE5856D44 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccevrc.dll
14:37:19.0675 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccevrc.dll - ok
14:37:19.0690 1744  [ BD655A8ECAF694C48684B89C745F52FA ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll
14:37:19.0690 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdate.dll - ok
14:37:19.0690 1744  [ A93A23D1D8922FE1E625D9884C275FF5 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll
14:37:19.0690 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccupdrc.dll - ok
14:37:19.0706 1744  [ C0245ED1F48397D41632CAB0AFA842CE ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll
14:37:19.0706 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\cclic.dll - ok
14:37:19.0706 1744  [ 939286B2D5177E88D1FA804413AC8862 ] C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll
14:37:19.0706 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\cclicrc.dll - ok
14:37:19.0706 1744  [ 98D551A16398529F181570A001843231 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll
14:37:19.0706 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsg.dll - ok
14:37:19.0722 1744  [ 76D19B395001F884EEED44D582FD5658 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll
14:37:19.0722 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmsgrc.dll - ok
14:37:19.0722 1744  [ A285373EAB723D7F3FCFDB70ACCB60A1 ] C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll
14:37:19.0722 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\rcimage.dll - ok
14:37:19.0722 1744  [ 1DB71A41DAEE6B3F8CD0DDA8209FA2D5 ] C:\Windows\SysWOW64\WindowsCodecs.dll
14:37:19.0722 1744  C:\Windows\SysWOW64\WindowsCodecs.dll - ok
14:37:19.0737 1744  [ 0014339814C89ABF148F49976146941C ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll
14:37:19.0737 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrd.dll - ok
14:37:19.0737 1744  [ E679BFACA916613BDFBF0844DE248EF0 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll
14:37:19.0737 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdrc.dll - ok
14:37:19.0737 1744  [ D41A02871F992A2C47B84A95C2A78B40 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll
14:37:19.0737 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccwgrdw.dll - ok
14:37:19.0753 1744  [ FB29E986F789B6A104022525589B3866 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccavscanex.dll
14:37:19.0753 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccavscanex.dll - ok
14:37:19.0753 1744  [ 6F6E35D1EBAF6A2F7F1F6AB6B1CA42B8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccavscanexrc.dll
14:37:19.0753 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccavscanexrc.dll - ok
14:37:19.0768 1744  [ F146E2BA475893DD77B2370DC1211FC6 ] C:\Windows\System32\drivers\63469063.sys
14:37:19.0768 1744  C:\Windows\System32\drivers\63469063.sys - ok
14:37:19.0768 1744  [ 24F4B480F335A6C724AF352253C5D98B ] C:\Windows\System32\thumbcache.dll
14:37:19.0768 1744  C:\Windows\System32\thumbcache.dll - ok
14:37:19.0768 1744  [ 418E881201583A3039D81F43E39E6C78 ] C:\Windows\SysWOW64\winsta.dll
14:37:19.0768 1744  C:\Windows\SysWOW64\winsta.dll - ok
14:37:19.0784 1744  [ DCD62C40142DF3B41F64AC837FEB5716 ] C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll
14:37:19.0784 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\ccmainrc.dll - ok
14:37:19.0784 1744  [ A6C29DB53ECA94FA8591C5388D604B82 ] C:\Windows\SysWOW64\msi.dll
14:37:19.0784 1744  C:\Windows\SysWOW64\msi.dll - ok
14:37:19.0784 1744  [ EF2AE43BCD46ABB13FC3E5B2B1935C73 ] C:\Windows\System32\winmm.dll
14:37:19.0784 1744  C:\Windows\System32\winmm.dll - ok
14:37:19.0800 1744  [ 1473768973453DE50DC738C2955FC4DD ] C:\Windows\System32\wdmaud.drv
14:37:19.0800 1744  C:\Windows\System32\wdmaud.drv - ok
14:37:19.0800 1744  [ 78A1E65207484B7F8D3217507745F47C ] C:\Windows\System32\avrt.dll
14:37:19.0800 1744  C:\Windows\System32\avrt.dll - ok
14:37:19.0800 1744  [ 8560FFFC8EB3A806DCD4F82252CFC8C6 ] C:\Windows\System32\ksuser.dll
14:37:19.0800 1744  C:\Windows\System32\ksuser.dll - ok
14:37:19.0815 1744  [ D15618A0FF8DBC2C5BF3726BACC75A0B ] C:\Windows\SysWOW64\userenv.dll
14:37:19.0815 1744  C:\Windows\SysWOW64\userenv.dll - ok
14:37:19.0815 1744  [ 102CF6879887BBE846A00C459E6D4ABC ] C:\Windows\SysWOW64\riched20.dll
14:37:19.0815 1744  C:\Windows\SysWOW64\riched20.dll - ok
14:37:19.0815 1744  [ E2A17BCC08D92F42E08AF6BA2F93ABA7 ] C:\Windows\SysWOW64\ExplorerFrame.dll
14:37:19.0831 1744  C:\Windows\SysWOW64\ExplorerFrame.dll - ok
14:37:19.0831 1744  [ 6E1F8165C365D35C8E3C045AF0CDD481 ] C:\Windows\SysWOW64\duser.dll
14:37:19.0831 1744  C:\Windows\SysWOW64\duser.dll - ok
14:37:19.0831 1744  [ EE06B85BC69F18826302348A2AD089E0 ] C:\Windows\SysWOW64\dui70.dll
14:37:19.0831 1744  C:\Windows\SysWOW64\dui70.dll - ok
14:37:19.0846 1744  [ 3819AD4329303EAC88480CA16A650735 ] C:\Windows\System32\UIAnimation.dll
14:37:19.0846 1744  C:\Windows\System32\UIAnimation.dll - ok
14:37:19.0846 1744  [ F832EEEA97CDDA1AF577E721F652A0D1 ] C:\Windows\System32\batmeter.dll
14:37:19.0846 1744  C:\Windows\System32\batmeter.dll - ok
14:37:19.0846 1744  [ C3761661C17C2248A9379A8FB89E3DE1 ] C:\Windows\System32\stobject.dll
14:37:19.0846 1744  C:\Windows\System32\stobject.dll - ok
14:37:19.0862 1744  [ 4166F82BE4D24938977DD1746BE9B8A0 ] C:\Windows\System32\es.dll
14:37:19.0862 1744  C:\Windows\System32\es.dll - ok
14:37:19.0862 1744  [ 2D2A6EC8EAD30EC3ACE2FD6FB1B3E122 ] C:\Windows\System32\prnfldr.dll
14:37:19.0862 1744  C:\Windows\System32\prnfldr.dll - ok
14:37:19.0862 1744  [ 0015ACFBBDD164A8A730009908868CA7 ] C:\Windows\System32\winspool.drv
14:37:19.0862 1744  C:\Windows\System32\winspool.drv - ok
14:37:19.0878 1744  [ 42A9CB6906D9A8BEDC83B57163E62924 ] C:\Windows\System32\DXP.dll
14:37:19.0878 1744  C:\Windows\System32\DXP.dll - ok
14:37:19.0878 1744  [ 2BC7C9FD0A9F2C9AFC373F3AD1EE3891 ] C:\Windows\System32\Syncreg.dll
14:37:19.0878 1744  C:\Windows\System32\Syncreg.dll - ok
14:37:19.0878 1744  [ C836175870E00ACC546066632E15BD10 ] C:\Windows\ehome\ehSSO.dll
14:37:19.0878 1744  C:\Windows\ehome\ehSSO.dll - ok
14:37:19.0893 1744  [ A42F2C1EB3B66C54FB3C7B79D30C1A6D ] C:\Windows\System32\netshell.dll
14:37:19.0893 1744  C:\Windows\System32\netshell.dll - ok
14:37:19.0893 1744  [ E7368F0A8D19445EAF5C5D0DBB8B8DAB ] C:\Windows\System32\AltTab.dll
14:37:19.0893 1744  C:\Windows\System32\AltTab.dll - ok
14:37:19.0909 1744  [ 4F3CD1C59EA71401E155C432BCECE180 ] C:\Windows\System32\PortableDeviceTypes.dll
14:37:19.0909 1744  C:\Windows\System32\PortableDeviceTypes.dll - ok
14:37:19.0909 1744  [ C8FDF0FA9E97E2FAAF3F814716AAA881 ] C:\Windows\System32\WPDShServiceObj.dll
14:37:19.0909 1744  C:\Windows\System32\WPDShServiceObj.dll - ok
14:37:19.0909 1744  [ E64D9EC8018C55873B40FDEE9DBEF5B3 ] C:\Windows\System32\PortableDeviceApi.dll
14:37:19.0909 1744  C:\Windows\System32\PortableDeviceApi.dll - ok
14:37:19.0924 1744  [ BAAFAF9CEAEC0B73C2A3550A01F6CECB ] C:\Windows\System32\taskschd.dll
14:37:19.0924 1744  C:\Windows\System32\taskschd.dll - ok
14:37:19.0924 1744  [ 10F815BE90A66AAFC6C713D1BD626064 ] C:\Windows\System32\pnidui.dll
14:37:19.0924 1744  C:\Windows\System32\pnidui.dll - ok
14:37:19.0924 1744  [ B9F0A4020AA98B7A20287BF7FE99A1FD ] C:\Windows\System32\QUTIL.DLL
14:37:19.0924 1744  C:\Windows\System32\QUTIL.DLL - ok
14:37:19.0940 1744  [ 862596399AAFD2A21DB2AF9270CD4F70 ] C:\Windows\System32\mstask.dll
14:37:19.0940 1744  C:\Windows\System32\mstask.dll - ok
14:37:19.0940 1744  [ 8569E35D00F45972E506502EEE622BA4 ] C:\Windows\System32\srchadmin.dll
14:37:19.0940 1744  C:\Windows\System32\srchadmin.dll - ok
14:37:19.0956 1744  [ 8494E126F0B10180F3293AF861CE1F7A ] C:\Windows\System32\mlang.dll
14:37:19.0956 1744  C:\Windows\System32\mlang.dll - ok
14:37:19.0956 1744  [ 47B8DEBEC68FACCD026F99CAE8698C93 ] C:\Windows\System32\webcheck.dll
14:37:19.0956 1744  C:\Windows\System32\webcheck.dll - ok
14:37:19.0956 1744  [ F7A256EC899C72B4ECDD2C02CB592EFD ] C:\Windows\System32\bthprops.cpl
14:37:19.0956 1744  C:\Windows\System32\bthprops.cpl - ok
14:37:19.0971 1744  [ 101797BA603D227946B4B5109867EB19 ] C:\Windows\System32\SyncCenter.dll
14:37:19.0971 1744  C:\Windows\System32\SyncCenter.dll - ok
14:37:19.0971 1744  [ 92DBF0A4C9239169010FC6E07859C82E ] C:\Windows\System32\ActionCenter.dll
14:37:19.0971 1744  C:\Windows\System32\ActionCenter.dll - ok
14:37:19.0971 1744  [ 8130391F82D52D36C0441F714136957F ] C:\Windows\System32\imapi2.dll
14:37:19.0971 1744  C:\Windows\System32\imapi2.dll - ok
14:37:19.0987 1744  [ 6A5C1A8AC0B572679361026D0E900420 ] C:\Windows\System32\hgcpl.dll
14:37:19.0987 1744  C:\Windows\System32\hgcpl.dll - ok
14:37:19.0987 1744  [ E6F0F82788E8BD0F7A616350EFA0761C ] C:\Windows\System32\actxprxy.dll
14:37:19.0987 1744  C:\Windows\System32\actxprxy.dll - ok
14:37:19.0987 1744  [ 908ACB1F594274965A53926B10C81E89 ] C:\Windows\System32\provsvc.dll
14:37:19.0987 1744  C:\Windows\System32\provsvc.dll - ok
14:37:20.0002 1744  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] C:\Windows\System32\netprofm.dll
14:37:20.0002 1744  C:\Windows\System32\netprofm.dll - ok
14:37:20.0002 1744  [ 9E3BFBB4B4596BF17B1B39F66CEF79E6 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll
14:37:20.0002 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aecore.dll - ok
14:37:20.0002 1744  [ E75A782A8C218D03A0AF54325132BC70 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll
14:37:20.0018 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aevdf.dll - ok
14:37:20.0018 1744  [ 64605B72B605DEDE66D38E3D7094E73B ] C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll
14:37:20.0018 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aesbx.dll - ok
14:37:20.0018 1744  [ C4A8EE0AE033F01515240B1F5476410A ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll
14:37:20.0018 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aescn.dll - ok
14:37:20.0034 1744  [ 5B8F608C06BC325D9BE25B7AD760D1FF ] C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll
14:37:20.0034 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aescript.dll - ok
14:37:20.0034 1744  [ DFA5E18FE9BF059ABA5F4E9B4B2B67F8 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll
14:37:20.0034 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aerdl.dll - ok
14:37:20.0034 1744  [ 8D4CC7ED1EF309487345757C7A9B2C9F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll
14:37:20.0034 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aeoffice.dll - ok
14:37:20.0049 1744  [ 0C30D46737628D4970CD6CFE32024CDF ] C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll
14:37:20.0049 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aepack.dll - ok
14:37:20.0049 1744  [ 795283DC6F12BBF762ADF46F344C335F ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll
14:37:20.0049 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aeheur.dll - ok
14:37:20.0049 1744  [ F48A8B07192462465FFCFEFBDC0BBE3C ] C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll
14:37:20.0049 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aegen.dll - ok
14:37:20.0065 1744  [ 900ACDAD5D357BB26A571DCA1FD6AD36 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll
14:37:20.0065 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aehelp.dll - ok
14:37:20.0065 1744  [ CD7B65E600B8EBC91B292C1AC9EC1215 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll
14:37:20.0065 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aeemu.dll - ok
14:37:20.0080 1744  [ C396EE39659EDED9EAF8A2BC9B0EDBDC ] C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll
14:37:20.0080 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aeexp.dll - ok
14:37:20.0080 1744  [ 434049E557861645FA160F3035025F51 ] C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll
14:37:20.0080 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\aebb.dll - ok
14:37:20.0080 1744  [ C746F3BF98E92FB137B5BD2B8B5925BD ] C:\Windows\System32\FXSST.dll
14:37:20.0080 1744  C:\Windows\System32\FXSST.dll - ok
14:37:20.0096 1744  [ 650CAEA856943E29F25A25D31E004B18 ] C:\Windows\System32\FXSAPI.dll
14:37:20.0096 1744  C:\Windows\System32\FXSAPI.dll - ok
14:37:20.0096 1744  [ C8E8B8239FCF17BEA10E751BE5854631 ] C:\Windows\System32\FXSRESM.dll
14:37:20.0096 1744  C:\Windows\System32\FXSRESM.dll - ok
14:37:20.0096 1744  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] C:\Windows\System32\FXSSVC.exe
14:37:20.0096 1744  C:\Windows\System32\FXSSVC.exe - ok
14:37:20.0112 1744  [ 58EBC8A7261EA36A359EF701E9B049D1 ] C:\Program Files\Internet Explorer\ieproxy.dll
14:37:20.0112 1744  C:\Program Files\Internet Explorer\ieproxy.dll - ok
14:37:20.0112 1744  [ B3A33600DCDFB84D7FBE09ADEB1C9B8A ] C:\Windows\System32\davclnt.dll
14:37:20.0112 1744  C:\Windows\System32\davclnt.dll - ok
14:37:20.0112 1744  [ 5F639198C4137075DA50E61C23963C11 ] C:\Windows\System32\drprov.dll
14:37:20.0112 1744  C:\Windows\System32\drprov.dll - ok
14:37:20.0127 1744  [ BC566D17914B07ABAAB3A5A385CC3300 ] C:\Windows\System32\ntlanman.dll
14:37:20.0127 1744  C:\Windows\System32\ntlanman.dll - ok
14:37:20.0127 1744  [ 45B24A357C801CE62052FE0CDC8BD4D2 ] C:\Windows\System32\davhlpr.dll
14:37:20.0127 1744  C:\Windows\System32\davhlpr.dll - ok
14:37:20.0127 1744  [ 4715F8F8CDBFFF2728BA38B789A1D7C7 ] C:\Windows\System32\wpdshext.dll
14:37:20.0127 1744  C:\Windows\System32\wpdshext.dll - ok
14:37:20.0143 1744  [ 03AB2A2E426C2AD400AC8315226347F8 ] C:\Windows\System32\EhStorAPI.dll
14:37:20.0143 1744  C:\Windows\System32\EhStorAPI.dll - ok
14:37:20.0143 1744  [ 2A436796758BF2555A26C770FE8A6FEE ] C:\Windows\System32\fdProxy.dll
14:37:20.0143 1744  C:\Windows\System32\fdProxy.dll - ok
14:37:20.0143 1744  [ B5055B51BAA0FD0A736A88653DA3C1C0 ] C:\Windows\System32\fundisc.dll
14:37:20.0143 1744  C:\Windows\System32\fundisc.dll - ok
14:37:20.0158 1744  [ ADE059F2599D02D8A627357D410BF713 ] C:\Windows\System32\networkitemfactory.dll
14:37:20.0158 1744  C:\Windows\System32\networkitemfactory.dll - ok
14:37:20.0158 1744  [ BBDF608C1D964C6C4B8E8CF71059F09E ] C:\Windows\System32\dtsh.dll
14:37:20.0158 1744  C:\Windows\System32\dtsh.dll - ok
14:37:20.0158 1744  [ 7DB5AA22A8A8E5C2D335F44853C1F6DE ] C:\Windows\System32\wbemcomn.dll
14:37:20.0158 1744  C:\Windows\System32\wbemcomn.dll - ok
14:37:20.0174 1744  [ 666A60F6F5E719856FF6254E0966EFF7 ] C:\Windows\System32\wbem\wbemprox.dll
14:37:20.0174 1744  C:\Windows\System32\wbem\wbemprox.dll - ok
14:37:20.0174 1744  [ 4E81439902079C348B61D7FF027FE147 ] C:\Windows\System32\StructuredQuery.dll
14:37:20.0174 1744  C:\Windows\System32\StructuredQuery.dll - ok
14:37:20.0190 1744  [ 0ADC83218B66A6DB380C330836F3E36D ] C:\Windows\System32\drivers\fastfat.sys
14:37:20.0190 1744  C:\Windows\System32\drivers\fastfat.sys - ok
14:37:20.0190 1744  [ 05D568D158B2AAA4FF1549B157D0E994 ] C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll
14:37:20.0190 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\avwinll.dll - ok
14:37:20.0190 1744  [ 2D9E95CCEECD474BF14FF45F8BC5A3A7 ] C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll
14:37:20.0190 1744  C:\Program Files (x86)\Avira\AntiVir Desktop\msgclient.dll - ok
14:37:20.0205 1744  [ B0F69B9DE0AEBFD7E4CEADE6758DF627 ] C:\Windows\System32\SearchFolder.dll
14:37:20.0205 1744  C:\Windows\System32\SearchFolder.dll - ok
14:37:20.0205 1744  [ 01E2855FB06C422E721D890AF201C2D7 ] C:\Windows\System32\NaturalLanguage6.dll
14:37:20.0205 1744  C:\Windows\System32\NaturalLanguage6.dll - ok
14:37:20.0205 1744  [ 701D9F5F3F21580936638D5C5F86B460 ] C:\Windows\System32\NlsData0009.dll
14:37:20.0205 1744  C:\Windows\System32\NlsData0009.dll - ok
14:37:20.0221 1744  [ 148A733B93A2AC104280495DA09D3CC2 ] C:\Windows\System32\NlsLexicons0009.dll
14:37:20.0221 1744  C:\Windows\System32\NlsLexicons0009.dll - ok
14:37:20.0221 1744  [ BF2F2717C13A4BD4FD73F2788534E86B ] C:\Program Files (x86)\Mozilla Firefox\firefox.exe
14:37:20.0221 1744  C:\Program Files (x86)\Mozilla Firefox\firefox.exe - ok
14:37:20.0236 1744  [ 0B5511674394666E9D221F8681B2C2E6 ] C:\Windows\System32\consent.exe
14:37:20.0236 1744  C:\Windows\System32\consent.exe - ok
14:37:20.0236 1744  [ 1F1CA9E99DD5BF918BE0BF30B5A42FDA ] C:\Windows\System32\MsCtfMonitor.dll
14:37:20.0236 1744  C:\Windows\System32\MsCtfMonitor.dll - ok
14:37:20.0236 1744  [ E424B3EF666B184CEE0B6871AAA8C9F6 ] C:\Windows\System32\msimg32.dll
14:37:20.0236 1744  C:\Windows\System32\msimg32.dll - ok
14:37:20.0252 1744  [ F09A9A1AD21FE618C4C8B0A0D830C886 ] C:\Windows\System32\msutb.dll
14:37:20.0252 1744  C:\Windows\System32\msutb.dll - ok
14:37:20.0252 1744  [ 1D817D77C8EB600AB311AAC8E68B5A1A ] C:\Windows\System32\cryptnet.dll
14:37:20.0252 1744  C:\Windows\System32\cryptnet.dll - ok
14:37:20.0252 1744  [ C6DCD1D11ED6827F05C00773C3E7053C ] C:\Windows\System32\sfc.dll
14:37:20.0252 1744  C:\Windows\System32\sfc.dll - ok
14:37:20.0268 1744  [ 895C9AB0A855547445C4181195230757 ] C:\Windows\System32\sfc_os.dll
14:37:20.0268 1744  C:\Windows\System32\sfc_os.dll - ok
14:37:20.0268 1744  [ 67EC459E42D3081DD8FD34356F7CAFC1 ] C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll
14:37:20.0268 1744  C:\Program Files (x86)\Mozilla Firefox\msvcr100.dll - ok
14:37:20.0268 1744  [ 0A98F5D9F6552FDF3682240714E33F9F ] C:\Program Files (x86)\Mozilla Firefox\mozglue.dll
14:37:20.0268 1744  C:\Program Files (x86)\Mozilla Firefox\mozglue.dll - ok
14:37:20.0283 1744  [ ABBC87352226A6AFFFE5D6B9DBE40F7F ] C:\Program Files (x86)\Mozilla Firefox\nspr4.dll
14:37:20.0283 1744  C:\Program Files (x86)\Mozilla Firefox\nspr4.dll - ok
14:37:20.0283 1744  [ DF13A51A5C591887D2EC6AE64CEED0FA ] C:\Windows\SysWOW64\wsock32.dll
14:37:20.0283 1744  C:\Windows\SysWOW64\wsock32.dll - ok
14:37:20.0299 1744  [ 03E9314004F504A14A61C3D364B62F66 ] C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll
14:37:20.0299 1744  C:\Program Files (x86)\Mozilla Firefox\msvcp100.dll - ok
14:37:20.0299 1744  [ 8C23D9AB3A680DEF91A35E655C4FCFF3 ] C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
14:37:20.0299 1744  C:\Program Files (x86)\Mozilla Firefox\mozjs.dll - ok
14:37:20.0299 1744  [ BD79E872C8CD7098E8D4C7613D01437C ] C:\Program Files (x86)\Mozilla Firefox\plc4.dll
14:37:20.0299 1744  C:\Program Files (x86)\Mozilla Firefox\plc4.dll - ok
14:37:20.0314 1744  [ E4F52AB15A3A077B2A3AD96EC892568A ] C:\Program Files (x86)\Mozilla Firefox\plds4.dll
14:37:20.0314 1744  C:\Program Files (x86)\Mozilla Firefox\plds4.dll - ok
14:37:20.0314 1744  [ 048081D7089297474681385B8E7CADDA ] C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll
14:37:20.0314 1744  C:\Program Files (x86)\Mozilla Firefox\nssutil3.dll - ok
14:37:20.0314 1744  [ 4AD8996AB41B575E2B3AF80972AAB989 ] C:\Program Files (x86)\Mozilla Firefox\nss3.dll
14:37:20.0314 1744  C:\Program Files (x86)\Mozilla Firefox\nss3.dll - ok
14:37:20.0330 1744  [ A7BE481FE1396AD5658044BAAD6A5824 ] C:\Program Files (x86)\Mozilla Firefox\smime3.dll
14:37:20.0330 1744  C:\Program Files (x86)\Mozilla Firefox\smime3.dll - ok
14:37:20.0330 1744  [ 0A002104133543F74C83ABB455D86E85 ] C:\Program Files (x86)\Mozilla Firefox\ssl3.dll
14:37:20.0330 1744  C:\Program Files (x86)\Mozilla Firefox\ssl3.dll - ok
14:37:20.0330 1744  [ DE2AF12F6DD62F9C25F00F72CD7776C8 ] C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll
14:37:20.0330 1744  C:\Program Files (x86)\Mozilla Firefox\mozsqlite3.dll - ok
14:37:20.0346 1744  [ A7E1F254D94C4568ADE17E6A727ED649 ] C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll
14:37:20.0346 1744  C:\Program Files (x86)\Mozilla Firefox\mozalloc.dll - ok
14:37:20.0346 1744  [ 03932120E012BF53FF588EC0410A601E ] C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll
14:37:20.0346 1744  C:\Program Files (x86)\Mozilla Firefox\gkmedias.dll - ok
14:37:20.0361 1744  [ 9FA46E0424CDAB6EE85C92271D02FAA1 ] C:\Program Files (x86)\Mozilla Firefox\xul.dll
14:37:20.0361 1744  C:\Program Files (x86)\Mozilla Firefox\xul.dll - ok
14:37:20.0361 1744  [ 7069AAB8536F29ED7323140973A2894B ] C:\Windows\SysWOW64\msdmo.dll
14:37:20.0361 1744  C:\Windows\SysWOW64\msdmo.dll - ok
14:37:20.0361 1744  [ 1B96E5EC91BAA3AB68ECC47174CFFBE4 ] C:\Program Files (x86)\Mozilla Firefox\xpcom.dll
14:37:20.0361 1744  C:\Program Files (x86)\Mozilla Firefox\xpcom.dll - ok
14:37:20.0377 1744  [ A29D734F650F958424743BE3BAA052C8 ] C:\Windows\SysWOW64\DWrite.dll
14:37:20.0377 1744  C:\Windows\SysWOW64\DWrite.dll - ok
14:37:20.0377 1744  [ 53223B673A3FA2F9A4D1C31C8D3F6CD8 ] C:\Windows\SysWOW64\dbghelp.dll
14:37:20.0377 1744  C:\Windows\SysWOW64\dbghelp.dll - ok
14:37:20.0377 1744  [ 47841291844818781ACF852A53827668 ] C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll
14:37:20.0377 1744  C:\Program Files (x86)\Mozilla Firefox\components\browsercomps.dll - ok
14:37:20.0392 1744  [ 81F08948A0F1475894C99D4D19A158A8 ] C:\Windows\SysWOW64\wshqos.dll
14:37:20.0392 1744  C:\Windows\SysWOW64\wshqos.dll - ok
14:37:20.0392 1744  [ 5997D769CDB108390DCFAEBF442BF816 ] C:\Windows\SysWOW64\RpcRtRemote.dll
14:37:20.0392 1744  C:\Windows\SysWOW64\RpcRtRemote.dll - ok
14:37:20.0392 1744  [ 8D5CACEAF10F3A2E35F6D7FFA28515F8 ] C:\Program Files (x86)\Foxit Reader\Foxit Reader.exe
14:37:20.0392 1744  C:\Program Files (x86)\Foxit Reader\Foxit Reader.exe - ok
14:37:20.0408 1744  [ 243974EC02F7AE49E4179C54624143AB ] C:\Windows\SysWOW64\MMDevAPI.dll
14:37:20.0408 1744  C:\Windows\SysWOW64\MMDevAPI.dll - ok
14:37:20.0408 1744  [ A2631C4465BBCE72B7E371DFB924A9D3 ] C:\Windows\SysWOW64\feclient.dll
14:37:20.0408 1744  C:\Windows\SysWOW64\feclient.dll - ok
14:37:20.0408 1744  [ 2DE90400A63818FA38C4C5C9ADB166BF ] C:\Windows\SysWOW64\d3d10_1.dll
14:37:20.0408 1744  C:\Windows\SysWOW64\d3d10_1.dll - ok
14:37:20.0424 1744  [ 9C36A3CA80F9B204C670336D344F5DF8 ] C:\Windows\SysWOW64\d3d10_1core.dll
14:37:20.0424 1744  C:\Windows\SysWOW64\d3d10_1core.dll - ok
14:37:20.0424 1744  [ 0411B7958C524BB2E91EE1B3035FE321 ] C:\Windows\SysWOW64\dxgi.dll
14:37:20.0424 1744  C:\Windows\SysWOW64\dxgi.dll - ok
14:37:20.0424 1744  [ 38A8A45A82340D1383E260AC36D67EB0 ] C:\Windows\SysWOW64\nvwgf2um.dll
14:37:20.0424 1744  C:\Windows\SysWOW64\nvwgf2um.dll - ok
14:37:20.0439 1744  [ 35CEDE6439FF0D8903223A0817FFE46C ] C:\Windows\SysWOW64\d2d1.dll
14:37:20.0439 1744  C:\Windows\SysWOW64\d2d1.dll - ok
14:37:20.0439 1744  [ 2572E1F0254E2267E97DE1B15D099EC4 ] C:\Windows\SysWOW64\d3d10.dll
14:37:20.0439 1744  C:\Windows\SysWOW64\d3d10.dll - ok
14:37:20.0455 1744  [ 547F78746F20901C770E8653B242217C ] C:\Windows\SysWOW64\d3d10core.dll
14:37:20.0455 1744  C:\Windows\SysWOW64\d3d10core.dll - ok
14:37:20.0455 1744  [ 104A1070E90F1C530328E69B49718841 ] C:\Windows\SysWOW64\nlaapi.dll
14:37:20.0455 1744  C:\Windows\SysWOW64\nlaapi.dll - ok
14:37:20.0455 1744  [ 0B7E85364CB878E2AD531DB7B601A9E5 ] C:\Windows\SysWOW64\NapiNSP.dll
14:37:20.0455 1744  C:\Windows\SysWOW64\NapiNSP.dll - ok
14:37:20.0470 1744  [ 5CF640EDDB1E40A5AB1BB743BCDEC610 ] C:\Windows\SysWOW64\pnrpnsp.dll
14:37:20.0470 1744  C:\Windows\SysWOW64\pnrpnsp.dll - ok
14:37:20.0470 1744  [ 5DF5D8CFD9B9573FA3B2C89D9061A240 ] C:\Windows\SysWOW64\winrnr.dll
14:37:20.0470 1744  C:\Windows\SysWOW64\winrnr.dll - ok
14:37:20.0470 1744  [ 839F96DBAAFD3353E0B248A5E0BD2A51 ] C:\Windows\SysWOW64\rasapi32.dll
14:37:20.0470 1744  C:\Windows\SysWOW64\rasapi32.dll - ok
14:37:20.0486 1744  [ FFA7172354B9256DBB2CDD75F16F33FE ] C:\Windows\SysWOW64\rasman.dll
14:37:20.0486 1744  C:\Windows\SysWOW64\rasman.dll - ok
14:37:20.0486 1744  [ 0915C4DB6DBC3BB9E11B7ECBBE4B7159 ] C:\Windows\SysWOW64\rtutils.dll
14:37:20.0486 1744  C:\Windows\SysWOW64\rtutils.dll - ok
14:37:20.0486 1744  [ 7F8678C59F188528D60104E697C2361E ] C:\Windows\SysWOW64\mscms.dll
14:37:20.0486 1744  C:\Windows\SysWOW64\mscms.dll - ok
14:37:20.0502 1744  [ 14DB9DF4E9CD05327F829ED1BA57A0FC ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll
14:37:20.0502 1744  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\Nv3DVStreaming.dll - ok
14:37:20.0502 1744  [ 3FDC5B918B767DAB2963B1AA60ECF1AE ] C:\Windows\SysWOW64\nvapi.dll
14:37:20.0502 1744  C:\Windows\SysWOW64\nvapi.dll - ok
14:37:20.0517 1744  [ 408416EB4F50DAB83625481C0B4E6692 ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll
14:37:20.0517 1744  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvSCPAPI.dll - ok
14:37:20.0517 1744  [ 342BA8FF963A9DD748FA492BBC0AC4EB ] C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll
14:37:20.0517 1744  C:\Program Files (x86)\NVIDIA Corporation\3D Vision\nvStereoApiI.dll - ok
14:37:20.0517 1744  [ 365E96584583C9FAE85953BD1A2D9850 ] C:\Windows\SysWOW64\nvd3dum.dll
14:37:20.0517 1744  C:\Windows\SysWOW64\nvd3dum.dll - ok
14:37:20.0533 1744  [ AF151D874F509D63FC5715BFBB0C729F ] C:\Users\Mythrender\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll
14:37:20.0533 1744  C:\Users\Mythrender\AppData\Roaming\Mozilla\plugins\npgtpo3dautoplugin.dll - ok
14:37:20.0533 1744  [ 633B86B60B92125297709DC90B563EFA ] C:\Users\Mythrender\AppData\Roaming\Mozilla\plugins\npo1d.dll
14:37:20.0533 1744  C:\Users\Mythrender\AppData\Roaming\Mozilla\plugins\npo1d.dll - ok
14:37:20.0533 1744  [ 94791A6A73CA71597D67118B5298F653 ] C:\Users\Mythrender\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll
14:37:20.0533 1744  C:\Users\Mythrender\AppData\Roaming\Mozilla\plugins\npgoogletalk.dll - ok
14:37:20.0548 1744  [ A80C173AC5C75706BB74AE4D78F2A53D ] C:\Program Files (x86)\Windows Media Player\wmplayer.exe
14:37:20.0548 1744  C:\Program Files (x86)\Windows Media Player\wmplayer.exe - ok
14:37:20.0548 1744  [ 6F89C374CC912745AFEDDD4B88CBDBA5 ] C:\Program Files (x86)\Mozilla Firefox\softokn3.dll
14:37:20.0548 1744  C:\Program Files (x86)\Mozilla Firefox\softokn3.dll - ok
14:37:20.0548 1744  [ BE89DC812651D88552A9587F70F63DD3 ] C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll
14:37:20.0548 1744  C:\Program Files (x86)\Mozilla Firefox\nssdbm3.dll - ok
14:37:20.0564 1744  [ D308812A7E0CA64E03F1C2C13339F984 ] C:\Program Files (x86)\Mozilla Firefox\freebl3.dll
14:37:20.0564 1744  C:\Program Files (x86)\Mozilla Firefox\freebl3.dll - ok
14:37:20.0564 1744  [ 04A40046F2F711C830D915DC33EC2A7D ] C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll
14:37:20.0564 1744  C:\Program Files (x86)\Mozilla Firefox\nssckbi.dll - ok
14:37:20.0580 1744  [ 2CEFF13ACE25A40BD8D97654944297CD ] C:\Windows\svchost.exe
14:37:20.0580 1744  C:\Windows\svchost.exe - ok
14:37:20.0580 1744  [ 0E85C11F8850D524B02181C6E02BA9AE ] C:\Windows\SysWOW64\dsound.dll
14:37:20.0580 1744  C:\Windows\SysWOW64\dsound.dll - ok
14:37:20.0580 1744  [ 08DFDBD2FD4EA951DC46B1C7661ED35A ] C:\Windows\SysWOW64\powrprof.dll
14:37:20.0580 1744  C:\Windows\SysWOW64\powrprof.dll - ok
14:37:20.0595 1744  [ BE247AE996A9FDE007A27B51413A6C79 ] C:\Windows\SysWOW64\shdocvw.dll
14:37:20.0595 1744  C:\Windows\SysWOW64\shdocvw.dll - ok
14:37:20.0595 1744  [ 919001D2BB17DF06CA3F8AC16AD039F6 ] C:\Windows\SysWOW64\sxs.dll
14:37:20.0595 1744  C:\Windows\SysWOW64\sxs.dll - ok
14:37:20.0595 1744  [ 03A03A453F1AAAE0C73AAAF895321C7A ] C:\Windows\SysWOW64\FWPUCLNT.DLL
14:37:20.0595 1744  C:\Windows\SysWOW64\FWPUCLNT.DLL - ok
14:37:20.0611 1744  ============================================================
14:37:20.0611 1744  Scan finished
14:37:20.0611 1744  ============================================================
14:37:20.0611 1736  Detected object count: 2
14:37:20.0611 1736  Actual detected object count: 2
14:38:31.0263 1736  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - skipped by user
14:38:31.0263 1736  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - User select action: Skip
14:38:31.0263 1736  \Device\Harddisk0\DR0 ( TDSS File System ) - skipped by user
14:38:31.0263 1736  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

 

Rkill 2.4.7 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
 http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 04/04/2013 02:44:58 PM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

 * No malware services found to stop.

Checking for processes to terminate:

 * No malware processes found to kill.

Checking Registry for malware related settings:

 * Explorer Policy Removed:  NoActiveDesktopChanges [HKLM]

Backup Registry file created at:
 C:\Users\Mythrender\Desktop\rkill\rkill-04-04-2013-02-45-27.reg

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

 * Windows Firewall Disabled

   [HKLM\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
   "EnableFirewall" = dword:00000000

Checking Windows Service Integrity:

 * Base Filtering Engine (BFE) is not Running.
   Startup Type set to: Disabled

 * DHCP Client (Dhcp) is not Running.
   Startup Type set to: Disabled

 * DNS Client (Dnscache) is not Running.
   Startup Type set to: Disabled

 * COM+ Event System (EventSystem) is not Running.
   Startup Type set to: Disabled

 * Windows Firewall (MpsSvc) is not Running.
   Startup Type set to: Disabled

 * Network Connections (Netman) is not Running.
   Startup Type set to: Disabled

 * Network Store Interface Service (nsi) is not Running.
   Startup Type set to: Disabled

 * Windows Defender (WinDefend) is not Running.
   Startup Type set to: Disabled

 * Windows Management Instrumentation (Winmgmt) is not Running.
   Startup Type set to: Disabled

 * Security Center (wscsvc) is not Running.
   Startup Type set to: Disabled

 * Windows Update (wuauserv) is not Running.
   Startup Type set to: Disabled

 * Windows Firewall Authorization Driver (mpsdrv) is not Running.
   Startup Type set to: Manual

Searching for Missing Digital Signatures:

 * No issues found.

Checking HOSTS File:

 * No issues found.

Program finished at: 04/04/2013 02:45:39 PM
Execution time: 0 hours(s), 0 minute(s), and 41 seconds(s)

 

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.8.1 (04.03.2013:1)
OS: Windows 7 Home Premium x64
Ran by Mythrender on Thu 04/04/2013 at 14:54:50.98
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] application updater
Successfully deleted: [Service] application updater



~~~ Registry Values

Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{88c7f2aa-f93f-432c-8f0e-b7d85967a527}



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\application updater
Successfully deleted: [Registry Key] hkey_local_machine\software\bittorrentbar
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduitengine
Successfully deleted: [Registry Key] hkey_local_machine\software\freeze.com
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\startsearch
Successfully deleted: [Registry Key] hkey_current_user\software\yourfiledownloader
Successfully deleted: [Registry Key] hkey_local_machine\software\yourfiledownloader
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\bittorrentbar
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduitengine
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\search settings
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\toolbar
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\dnu.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\genericasktoolbar.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\tbcommonutils.dll
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\appid\tbhelper.exe
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\comobject.deskbarenabler
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\comobject.deskbarenabler.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\conduit.engine
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdate
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbcommonutils.commonutils
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbcommonutils.commonutils.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.tbdownloadmanager
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.tbdownloadmanager.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.tbpropertymanager
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.tbpropertymanager.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.tbrequest
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.tbrequest.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.tbtask
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.tbtask.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.toolbarhelper
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\tbhelper.toolbarhelper.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\toolbar3.contextmenunotifier
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\toolbar3.contextmenunotifier.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\toolbar3.custominternetsecurityimpl
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\toolbar3.custominternetsecurityimpl.1
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\urlsearchhook.toolbarurlsearchhook
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\urlsearchhook.toolbarurlsearchhook.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2790392
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{338b4dfe-2e2c-4338-9e41-e176d497299e}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{57cadc46-58ff-4105-b733-5a9f3fc9783c}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ca3eb689-8f09-4026-aa10-b9534c691ce0}



~~~ Files

Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnu.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnu.xpt"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.dll"
Successfully deleted: [File] "C:\Program Files (x86)\mozilla firefox\plugins\npdnupdater2.xpt"
Failed to delete [File] C:\Windows\svchost.exe  [Check for TDL4 Rootkit!]



~~~ Folders

Successfully deleted: [Folder] "C:\Users\Mythrender\AppData\Roaming\yourfiledownloader"
Successfully deleted: [Folder] "C:\Users\Mythrender\appdata\locallow\search settings"
Successfully deleted: [Folder] "C:\Program Files (x86)\application updater"
Successfully deleted: [Folder] "C:\Program Files (x86)\bittorrentbar"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduitengine"
Successfully deleted: [Folder] "C:\Program Files (x86)\smartdl"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\software update utility"
Successfully deleted: [Folder] "C:\Program Files (x86)\Common Files\spigot"



~~~ FireFox

Failed to delete: [Folder] C:\Users\Mythrender\AppData\Roaming\mozilla\firefox\profiles\sou236dw.default\extensions\iobit@mybrowserbar.com
Emptied folder: C:\Users\Mythrender\AppData\Roaming\mozilla\firefox\profiles\sou236dw.default\minidumps [218 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Thu 04/04/2013 at 15:05:30.80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




 



#4 narenxp

narenxp

  • BC Advisor
  • 16,371 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:India
  • Local time:05:47 AM

Posted 05 April 2013 - 12:23 AM

14:38:31.0263 1736  \Device\Harddisk0\DR0 ( Rootkit.Boot.Pihar.b ) - skipped by user
14:38:31.0263 1736  \Device\Harddisk0\DR0 ( TDSS File System ) - User select action: Skip

 

Run TDSSkiller again and select Cure for Rootkit.Boot.Pihar.b and skip for TDSS File System

 

Restart the PC ,run TDSSkiller again and make sure pihar is not detected by TDSSkiller and then select DELETE for  TDSS File System






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users